Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Prosím o preventivní kontrolu, pomalé načítání webu

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
bluemanik
Návštěvník
Návštěvník
Příspěvky: 20
Registrován: 29 kvě 2009 08:11

Prosím o preventivní kontrolu, pomalé načítání webu

#1 Příspěvek od bluemanik »

Prosím o preventivní kontrolu ntb. Webove stránky se načítají velmi pomalu ve všech prohlížečích (4 a více sekund). Jinak internet funguje svižně a stabilně. Děkuji

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 05-01-2021
Ran by Admin (administrator) on NTB0037 (HP HP ZBook 17 G6) (06-01-2021 12:13:13)
Running from C:\Users\modracekp\Desktop
Loaded Profiles: Admin & modracekp & SQLTELEMETRY$SQLEXPRESS & MSSQL$SQLEXPRESS & MSSQLLaunchpad$SQLEXPRESS & MSSQLFDLauncher$SQLEXPRESS
Platform: Windows 10 Pro Version 1909 18363.1256 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(ALPS ALPINE CO., LTD. -> ALPSALPINE CO., LTD.) C:\Windows\System32\Alps\GlidePoint\HidMonitorSvc.exe
(Bromium, Inc. -> HP) C:\Program Files\HP\Sure Click\servers\BrConsole.exe
(Cisco Systems, Inc. -> Cisco Systems, Inc.) C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
(Cisco Systems, Inc. -> Cisco Systems, Inc.) C:\Program Files (x86)\Cisco Systems\VPN Client\vpngui.exe
(Deep Instinct Ltd -> Deep Instinct Ltd.) C:\Program Files\HP Sure Sense\DeepETPService.exe
(Deep Instinct Ltd -> Deep Instinct Ltd.) C:\Program Files\HP Sure Sense\DeepMgmtService.exe
(Deep Instinct Ltd -> Deep Instinct Ltd.) C:\Program Files\HP Sure Sense\DeepNetworkService.exe
(Deep Instinct Ltd -> Deep Instinct Ltd.) C:\Program Files\HP Sure Sense\DeepRpcServer.exe
(Deep Instinct Ltd -> Deep Instinct Ltd.) C:\Program Files\HP Sure Sense\DeepStaticService.exe
(DigitalPersona, Inc. -> Crossmatch, Inc.) C:\Program Files (x86)\HP\HP ProtectTools Security Manager\Bin\DPAgent.exe
(DigitalPersona, Inc. -> Crossmatch, Inc.) C:\Program Files\HP\HP ProtectTools Security Manager\Bin\DpCardEngine.exe
(DigitalPersona, Inc. -> Crossmatch, Inc.) C:\Program Files\HP\HP ProtectTools Security Manager\Bin\DpHostW.exe
(DigitalPersona, Inc. -> DigitalPersona, Inc.) C:\Program Files\HP\HP ProtectTools Security Manager\Bin\DpAgent.exe
(EPLAN Software & Service GmbH & Co. KG -> EPLAN Software & Service GmbH & Co. KG) C:\Program Files\EPLAN\Common\EClientService.exe
(Fortemedia Inc. -> Fortemedia) C:\Windows\System32\FMUSBService64.exe
(FOXIT SOFTWARE INC. -> Foxit Software Inc.) D:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitReaderUpdateService.exe
(Ghisler Software GmbH -> Ghisler Software GmbH) C:\totalcmd\TOTALCMD64.EXE
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <12>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler64.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP Collaboration Keyboard\HPCollaborationKeyboard.exe
(HP Inc. -> HP Inc.) C:\Program Files\HPCommRecovery\HPCommRecovery.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_f37ada3b81da51b7\x64\TouchpointAnalyticsClientService.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_523e0ef1e49d1c25\x64\AppHelperCap.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_523e0ef1e49d1c25\x64\BridgeCommunication.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_523e0ef1e49d1c25\x64\NetworkCap.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_523e0ef1e49d1c25\x64\SysInfoCap.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_7c4f80d815ff4ebd\HotKeyServiceUWP.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_7c4f80d815ff4ebd\HPHotkeyNotification.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_7c4f80d815ff4ebd\LanWlanWwanSwitchingServiceUWP.exe
(HP Inc. -> HP) C:\Program Files (x86)\HP\HP Collaboration Keyboard\CollaborationKeysController.exe
(HP Inc. -> HP) C:\Program Files (x86)\HP\HP MAC Address Manager\hpMAMSrv.exe
(HP Inc. -> HP) C:\Program Files (x86)\HP\HP Notifications\HPNotifications.exe
(HP Inc. -> HP) C:\Program Files (x86)\HP\Shared\hpqwmiex.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_9196e89091d8bdbb\esif_uf.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_0b214be229a13e84\jhi_service.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_c0fd909ca6e7d672\LMS.exe
(Intel(R) pGFX 2020 -> ) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_26b207b939eae50e\OneApp.IGCC.WinService.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_e67d3946e6cd0335\igfxCUIService.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_e67d3946e6cd0335\igfxEM.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_97abf3bd13eb713d\IntelCpHDCPSvc.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_97abf3bd13eb713d\IntelCpHeciSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_724e05bd98458fe4\RstMwService.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Kilonova LLC -> Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.5.0.4\Lightshot.exe
(Logitech Inc -> Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(Logitech Inc -> Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub.exe <3>
(Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_agent.exe
(Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_updater.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\EXCEL.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\OUTLOOK.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\modracekp\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\modracekp\AppData\Local\Microsoft\Teams\current\Teams.exe <9>
(Microsoft Corporation -> Microsoft Corporation) D:\Program Files\Microsoft SQL Server\MSSQL14.SQLEXPRESS\MSSQL\Binn\fdhost.exe
(Microsoft Corporation -> Microsoft Corporation) D:\Program Files\Microsoft SQL Server\MSSQL14.SQLEXPRESS\MSSQL\Binn\fdlauncher.exe
(Microsoft Corporation -> Microsoft Corporation) D:\Program Files\Microsoft SQL Server\MSSQL14.SQLEXPRESS\MSSQL\Binn\Launchpad.exe
(Microsoft Corporation -> Microsoft Corporation) D:\Program Files\Microsoft SQL Server\MSSQL14.SQLEXPRESS\MSSQL\Binn\sqlceip.exe
(Microsoft Corporation -> Microsoft Corporation) D:\Program Files\Microsoft SQL Server\MSSQL14.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Microsoft Update Health Tools\uhssvc.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender Advanced Threat Protection\Classification\SenseCE.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <4>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows Hardware Compatibility Publisher -> Fortemedia) C:\Windows\System32\FMService64.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\Program Files\Windows Defender Advanced Threat Protection\SenseCncProxy.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\NisSrv.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\nview\nviewMain.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\nview\nviewMain64.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvblwi.inf_amd64_c99e86ba982355d8\Display.NvContainer\NVDisplay.Container.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvwmi64.exe <2>
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <3>
(Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe
(Shrew Soft Inc -> ) C:\Program Files\ShrewSoft\VPN Client\iked.exe
(Shrew Soft Inc -> ) C:\Program Files\ShrewSoft\VPN Client\ipsecd.exe
(Sound Research Corporation -> Sound Research, Corp.) C:\Windows\System32\SECOMN64.exe
(TBT_DCH_DRV_PROD -> Intel Corporation) C:\Windows\ThunderboltService.exe
(TEFINCOM S.A. -> TEFINCOM S.A.) D:\Program Files\NordVPN\nordvpn-service.exe
(VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
(VMware, Inc. -> VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(VMware, Inc. -> VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(VMware, Inc. -> VMware, Inc.) D:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
0 C:\Program Files\WindowsApps\AD2F1837.HPJumpStarts_1.9.1548.0_x64__v10z8vjag6ke6\HP.JumpStarts.exe
0 C:\Program Files\WindowsApps\Microsoft.MicrosoftStickyNotes_3.8.7.0_x64__8wekyb3d8bbwe\Microsoft.Notes.exe
0 C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2011.16.0_x64__8wekyb3d8bbwe\Calculator.exe
0 C:\Program Files\WindowsApps\Microsoft.WindowsStore_12011.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
0 C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20112.68.0_x64__8wekyb3d8bbwe\YourPhone.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\windows\System32\RtkAudUService64.exe [1140000 2020-07-30] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3942864 2016-10-13] (Logitech -> Logitech, Inc.)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [15642744 2016-03-30] (Logitech Inc -> Logitech Inc.)
HKLM-x32\...\Run: [HPNotifications] => C:\Program Files (x86)\HP\HP Notifications\HPNotifications.exe [1582632 2019-11-20] (HP Inc. -> HP)
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [226728 2019-07-21] (Kilonova LLC -> )
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,c:\Program Files (x86)\HP\HP ProtectTools Security Manager\Bin\DPAgent.exe, <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-2808055777-1964107174-1078247012-1001\...\Run: [LGHUB] => C:\Program Files\LGHUB\lghub.exe [104449672 2020-09-02] (Logitech Inc -> Logitech, Inc.)
HKU\S-1-5-21-3335587309-3254080361-1999049365-1211\...\Run: [LGHUB] => C:\Program Files\LGHUB\lghub.exe [104449672 2020-09-02] (Logitech Inc -> Logitech, Inc.)
HKU\S-1-5-21-3335587309-3254080361-1999049365-1211\...\Run: [com.squirrel.Teams.Teams] => C:\Users\modracekp\AppData\Local\Microsoft\Teams\Update.exe [2453688 2020-11-22] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-3335587309-3254080361-1999049365-1211\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [32414392 2020-12-08] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-3335587309-3254080361-1999049365-1211\...\Policies\Explorer\Run: [1] => \\Ads\sysvol\jhv.local\scripts\elektro-eplan,cmd
HKU\S-1-5-21-3335587309-3254080361-1999049365-1211\Software\Policies\...\system: [GroupPolicyRefreshTime] 30
HKU\S-1-5-21-3335587309-3254080361-1999049365-1211\Software\Policies\...\system: [GroupPolicyRefreshTimeOffset] 10
HKLM\...\Windows x64\Print Processors\XeroxV5Print: C:\Windows\System32\spool\prtprocs\x64\x5print.dll [90112 2018-09-27] (Microsoft Windows Hardware Compatibility Publisher -> Xerox Corporation)
HKLM\...\Print\Monitors\Port pro virtualizaci Xerox: C:\windows\system32\x5lrsl.dll [129024 2019-01-23] (Microsoft Windows Hardware Compatibility Publisher -> Xerox Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\87.0.4280.88\Installer\chrmstp.exe [2020-12-08] (Google LLC -> Google LLC)
Lsa: [Notification Packages] DPPassFilter scecli
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\vpngui.exe.lnk [2020-11-13]
ShortcutTarget: vpngui.exe.lnk -> C:\Windows\Installer\{5FDC06BF-3D3D-4367-8FFB-4FAFCB61972D}\Icon09DB8A851.exe () [File not signed]
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0C11B761-13CC-48BE-B1FE-7CE56E7F1EAE} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-05-07] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {19D481D7-335F-4223-8B5E-5F02C28D4D3C} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [693456 2020-12-27] (Mozilla Corporation -> Mozilla Foundation)
Task: {25C07CF0-8E0D-45EE-9CD8-5857298976B5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-07-09] (Google LLC -> Google LLC)
Task: {292ED018-7F77-4F6F-9BAA-16D9D83EFCCA} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [647656 2020-06-23] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2945D3C3-B22E-4589-B1CD-AF37A8F236A8} - System32\Tasks\nWizard_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [1537952 2020-09-23] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2C668222-9A48-4261-B87A-A9CF459158D0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {2F078C5C-822A-498E-B6EC-12B7B6560DC4} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-06-23] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3A5D1AB4-D696-43BB-8800-6A7E727AFA62} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-06-23] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3B95977E-810B-47FB-9297-E3EE314DA3DB} - System32\Tasks\HP\HP Collaboration Keyboard\Start Collaboration Keyboard Process => C:\Program Files (x86)\HP\HP Collaboration Keyboard\HPCollaborationKeyboard.exe [609320 2020-02-14] (HP Inc. -> HP Inc.)
Task: {3C3031E5-418E-4541-B500-5308FB92699A} - System32\Tasks\HP\HP Collaboration Keyboard\HP Collaboration Keyboard Controller => C:\Program Files (x86)\HP\HP Collaboration Keyboard\CollaborationKeysController.exe [722984 2019-09-17] (HP Inc. -> HP)
Task: {46B56024-EC32-4680-80E7-CDD36722EF0C} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-06-23] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {46EE7878-B8BE-42F4-A8FF-4C5003FA3F00} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-12-08] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {4AB05872-9B0B-4258-A2D8-810CEC825627} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22855048 2020-09-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {4C028657-0CD7-4837-9319-509D9CEC6FCA} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144744 2020-10-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {4F53AA59-053F-4D2F-9CB5-B142E74552E6} - System32\Tasks\HP\Sure Click\Tray icon 4.1.8.2387 => C:\Program Files\HP\Sure Click\servers\BrConsole.exe [265560 2019-09-06] (Bromium, Inc. -> HP)
Task: {558B4349-9ADA-4D80-A2D9-3080273B321A} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3292984 2020-06-25] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {60C8AF39-21FB-4701-B868-83E442F25CBA} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-05-07] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {62528EE8-CCE1-4F69-B1EA-DDBC7F612E2D} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22855048 2020-09-25] (Microsoft Corporation -> Microsoft Corporation)
"C:\Windows\System32\Tasks\Microsoft\Windows\GroupPolicy\{3E0A038B-D834-4930-9981-E89C9BFF83AA}" was unlocked. <==== ATTENTION
Task: {625DCF4F-878D-4837-B0FC-483EF8E2D06F} - System32\Tasks\Microsoft\Windows\GroupPolicy\{3E0A038B-D834-4930-9981-E89C9BFF83AA} => C:\windows\system32\gpupdate.exe [30208 2020-10-14] (Microsoft Windows -> Microsoft Corporation)
Task: {65BC2E89-D8FA-448E-A56D-5547422F0153} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1349200 2020-11-03] (Adobe Inc. -> Adobe Inc.)
Task: {6CE280B0-38CF-4BAF-ADEB-B3328580B8D5} - System32\Tasks\HP\Consent Manager Launcher => sc start hptouchpointanalyticsservice
Task: {777BE5FB-2812-4CE2-85BA-9218991DF5FB} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [26896568 2020-12-08] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {77AB14C5-4AAB-4497-9EC2-C8C706A65499} - System32\Tasks\HP\Sure Click\Sure Click 4.1.8.2387 => C:\Program Files\HP\Sure Click\servers\BrLauncher.exe [2671448 2019-09-06] (Bromium, Inc. -> HP)
Task: {77AF8658-41C5-45E6-8705-8B0B3DD7A7CD} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\VirtulizationBasedIsolation\Virtualization based Isolation master policy change => C:\windows\system32\hvsievaluator.exe [163640 2020-03-24] (Microsoft Windows -> Microsoft Corporation)
Task: {A2EE2173-1A43-42AB-903D-1BA2C02E2EEB} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144744 2020-10-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {A57EC69F-9BB1-4D5C-8AEE-FBEDBA93D538} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [414872 2017-04-12] (OOO Lightshot -> TODO: <Company name>)
Task: {AE54E86F-91A4-40A4-9781-8B4CE58CE27F} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-06-23] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {BCAC836B-2463-44FF-9D35-77098F123EBA} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {C0AEE357-4345-4F67-BC58-9315805FF6E2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-07-09] (Google LLC -> Google LLC)
Task: {C54DB51D-33C3-4D78-B585-EA58F524F10C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D18CAF5A-518E-4C9B-845C-6D6CE76617FD} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-06-23] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D2DC759E-F8E5-45EB-A03E-7B1E40B72BFF} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSFReport.exe [135000 2020-10-01] (HP Inc. -> HP Inc.)
"C:\Windows\System32\Tasks\Microsoft\Windows\GroupPolicy\{A7719E0F-10DB-4640-AD8C-490CC6AD5202}" was unlocked. <==== ATTENTION
Task: {EDA596A9-CBF0-4316-82B4-1370A434EA8F} - System32\Tasks\Microsoft\Windows\GroupPolicy\{A7719E0F-10DB-4640-AD8C-490CC6AD5202} => C:\windows\system32\gpupdate.exe [30208 2020-10-14] (Microsoft Windows -> Microsoft Corporation)
Task: {F9E3305D-262D-489B-87E2-623743129A21} - System32\Tasks\update-S-1-5-21-2808055777-1964107174-1078247012-1001 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [414872 2017-04-12] (OOO Lightshot -> TODO: <Company name>)
Task: {FC5F6ADA-A87D-448D-B82C-6D977C5EB390} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-06-23] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {FEF30BA5-93ED-456C-B096-EC186BD7275A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\windows\Tasks\update-S-1-5-21-2808055777-1964107174-1078247012-1001.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\windows\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: [S-1-5-21-3335587309-3254080361-1999049365-1211] => 170.84.85.214:8080
Winsock: Catalog9 15 C:\windows\SysWOW64\vsocklib.dll [42296 2019-08-14] (VMware, Inc. -> VMware, Inc.)
Winsock: Catalog9 16 C:\windows\SysWOW64\vsocklib.dll [42296 2019-08-14] (VMware, Inc. -> VMware, Inc.)
Winsock: Catalog9-x64 15 C:\Windows\system32\vsocklib.dll [46392 2019-08-14] (VMware, Inc. -> VMware, Inc.)
Winsock: Catalog9-x64 16 C:\Windows\system32\vsocklib.dll [46392 2019-08-14] (VMware, Inc. -> VMware, Inc.)
Tcpip\..\Interfaces\{4e6746f0-11de-4b18-8c52-0d60b66ae3ed}: [NameServer] 10.1.2.1,10.1.2.11
Tcpip\..\Interfaces\{5beee45a-f1aa-4e09-ade9-6d6ac337580f}: [DhcpNameServer] 192.168.0.1 0.0.0.0
Tcpip\..\Interfaces\{840fc382-babc-4c1e-9e0e-62eddeb999be}: [DhcpNameServer] 10.1.2.11 10.1.2.1
Tcpip\..\Interfaces\{8e01016b-2471-4e0f-a676-d21309522498}: [NameServer] 10.1.2.1,10.1.2.11
Tcpip\..\Interfaces\{cb41b0dc-6165-4932-8f82-ca70e9c9e1a2}: [DhcpNameServer] 10.1.2.11 10.1.2.1
Tcpip\..\Interfaces\{d79162e5-1bdd-4ef6-9d82-e32f1fdbb324}: [DhcpNameServer] 192.168.0.1 0.0.0.0

FireFox:
========
FF HKLM-x32\...\Firefox\Extensions: [dpmaxz_ng@jetpack] - c:\Program Files (x86)\HP\HP ProtectTools Security Manager\Bin\BrowserExt\dpchrome => not found
FF Plugin: @java.com/DTPlugin,version=11.261.2 -> C:\Program Files\Java\jre1.8.0_261\bin\dtplugin\npDeployJava1.dll [2020-10-07] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.261.2 -> C:\Program Files\Java\jre1.8.0_261\bin\plugin2\npjp2.dll [2020-10-07] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-09-15] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> d:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @bromium.com/BroFox,version=1.0 -> C:\Program Files\HP\Sure Click\servers\npBromiumPlugin.dll [2019-09-06] (Bromium, Inc. -> HP)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> d:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-07-08] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.cpdf -> d:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-07-08] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> d:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-07-08] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> d:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-07-08] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> d:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-07-08] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.261.2 -> C:\Program Files (x86)\Java\jre1.8.0_261\bin\dtplugin\npDeployJava1.dll [2020-08-04] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.261.2 -> C:\Program Files (x86)\Java\jre1.8.0_261\bin\plugin2\npjp2.dll [2020-08-04] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2020-09-15] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @ptc.com/IsoView -> C:\Program Files (x86)\Common Files\PTC\npisoview.dll [2018-05-17] (PTC Inc. -> PTC Inc.)
FF Plugin-x32: @ptc.com/ProductViewLite -> C:\Program Files (x86)\Common Files\PTC\np6_pvapplite9.dll [2018-05-17] (PTC Inc. -> PTC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-12-07] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3335587309-3254080361-1999049365-1211: SkypeForBusinessPlugin-15.8 -> C:\Users\modracekp\AppData\Local\Microsoft\SkypeForBusinessPlugin\15.8.20020.369\npGatewayNpapi.dll [2015-04-20] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin HKU\S-1-5-21-3335587309-3254080361-1999049365-1211: SkypeForBusinessPlugin64-15.8 -> C:\Users\modracekp\AppData\Local\Microsoft\SkypeForBusinessPlugin\15.8.20020.369\npGatewayNpapi-x64.dll [2015-04-20] (Microsoft Corporation -> Microsoft Corporation)

Chrome:
=======
CHR Profile: C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default [2021-01-06]
CHR Extension: (Slides) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-07-09]
CHR Extension: (Docs) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-07-09]
CHR Extension: (Google Drive) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-11-16]
CHR Extension: (YouTube) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-07-09]
CHR Extension: (Sheets) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-07-09]
CHR Extension: (Google Docs Offline) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-12-27]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-07-09]
CHR Extension: (Gmail) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-11-16]
CHR Extension: (Chrome Media Router) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-12-27]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [170056 2020-11-03] (Adobe Inc. -> Adobe Inc.)
R2 ApHidMonitorService; C:\windows\system32\Alps\GlidePoint\HidMonitorSvc.exe [573520 2019-09-19] (ALPS ALPINE CO., LTD. -> ALPSALPINE CO., LTD.)
S3 BrAXService; C:\Program Files\HP\Sure Click\4.1.8.2387\servers\BrAXService.exe [2754392 2019-09-06] (Bromium, Inc. -> HP)
S3 BrRmService; C:\Program Files\HP\Sure Click\servers\BrRemoteMgmtSvc.exe [5692760 2019-09-06] (Bromium, Inc. -> HP)
S3 BrService; C:\Program Files\HP\Sure Click\servers\BrService.exe [9472856 2019-09-06] (Bromium, Inc. -> HP)
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2013-09-25] (Brother Industries, Ltd.) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8943496 2020-09-24] (Microsoft Corporation -> Microsoft Corporation)
R3 DeepETPService; C:\Program Files\HP Sure Sense\DeepETPService.exe [1891640 2020-12-27] (Deep Instinct Ltd -> Deep Instinct Ltd.)
R2 DeepMgmtService; C:\Program Files\HP Sure Sense\DeepMgmtService.exe [1105720 2020-12-27] (Deep Instinct Ltd -> Deep Instinct Ltd.)
R3 DeepNetworkService; C:\Program Files\HP Sure Sense\DeepNetworkService.exe [1184568 2020-12-27] (Deep Instinct Ltd -> Deep Instinct Ltd.)
R3 DeepStaticService; C:\Program Files\HP Sure Sense\DeepStaticService.exe [1729848 2020-12-27] (Deep Instinct Ltd -> Deep Instinct Ltd.)
R2 DpHost; c:\Program Files\HP\HP ProtectTools Security Manager\Bin\DpHostW.exe [529072 2019-08-15] (DigitalPersona, Inc. -> Crossmatch, Inc.)
R3 EPLAN Client Service; C:\Program Files\EPLAN\Common\EClientService.exe [7715336 2020-10-12] (EPLAN Software & Service GmbH & Co. KG -> EPLAN Software & Service GmbH & Co. KG)
R2 FMAPOService; C:\windows\System32\FMService64.exe [345904 2020-06-28] (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia)
R2 FMUSBAPOService; C:\windows\system32\FMUSBService64.exe [145496 2019-02-22] (Fortemedia Inc. -> Fortemedia)
R2 FoxitReaderUpdateService; d:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitReaderUpdateService.exe [1995184 2020-07-08] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
R2 HotKeyServiceUWP; C:\windows\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_7c4f80d815ff4ebd\HotKeyServiceUWP.exe [1527208 2020-10-20] (HP Inc. -> HP Inc.)
R2 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [1321096 2018-09-28] (HP Inc. -> HP Inc.)
R2 HPAppHelperCap; C:\windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_523e0ef1e49d1c25\x64\AppHelperCap.exe [689912 2020-11-05] (HP Inc. -> HP Inc.)
R2 HPMAMSrv; C:\Program Files (x86)\HP\HP MAC Address Manager\hpMAMSrv.exe [542248 2019-04-22] (HP Inc. -> HP)
R2 HPNetworkCap; C:\windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_523e0ef1e49d1c25\x64\NetworkCap.exe [688888 2020-11-05] (HP Inc. -> HP Inc.)
R3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1149480 2019-04-12] (HP Inc. -> HP)
R2 HPSysInfoCap; C:\windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_523e0ef1e49d1c25\x64\SysInfoCap.exe [689400 2020-11-05] (HP Inc. -> HP Inc.)
R2 HpTouchpointAnalyticsService; C:\windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_f37ada3b81da51b7\x64\TouchpointAnalyticsClientService.exe [476424 2020-11-04] (HP Inc. -> HP Inc.)
R2 iked; C:\Program Files\ShrewSoft\VPN Client\iked.exe [1127736 2013-07-01] (Shrew Soft Inc -> )
R2 ipsecd; C:\Program Files\ShrewSoft\VPN Client\ipsecd.exe [810808 2013-07-01] (Shrew Soft Inc -> )
R2 LanWlanWwanSwitchingServiceUWP; C:\windows\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_7c4f80d815ff4ebd\LanWlanWwanSwitchingServiceUWP.exe [788904 2020-10-20] (HP Inc. -> HP Inc.)
R2 LGHUBUpdaterService; C:\Program Files\LGHUB\lghub_updater.exe [11134088 2020-09-02] (Logitech Inc -> Logitech, Inc.)
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [193656 2016-03-30] (Logitech Inc -> Logitech Inc.)
S3 MsMpiLaunchSvc; C:\Program Files\Microsoft MPI\Bin\msmpilaunchsvc.exe [23040 2016-03-04] () [File not signed]
R2 MSSQL$SQLEXPRESS; D:\Program Files\Microsoft SQL Server\MSSQL14.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [484944 2019-06-15] (Microsoft Corporation -> Microsoft Corporation)
R3 MSSQLFDLauncher$SQLEXPRESS; D:\Program Files\Microsoft SQL Server\MSSQL14.SQLEXPRESS\MSSQL\Binn\fdlauncher.exe [60488 2019-06-15] (Microsoft Corporation -> Microsoft Corporation)
R2 MSSQLLaunchpad$SQLEXPRESS; D:\Program Files\Microsoft SQL Server\MSSQL14.SQLEXPRESS\MSSQL\Binn\launchpad.exe [1121360 2019-06-15] (Microsoft Corporation -> Microsoft Corporation)
R2 nordvpn-service; d:\Program Files\NordVPN\nordvpn-service.exe [275200 2020-10-16] (TEFINCOM S.A. -> TEFINCOM S.A.)
R2 NVWMI; C:\windows\system32\nvwmi64.exe [4786920 2020-09-23] (NVIDIA Corporation -> NVIDIA Corporation)
R2 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6264152 2020-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 SQLAgent$SQLEXPRESS; D:\Program Files\Microsoft SQL Server\MSSQL14.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [578640 2019-06-15] (Microsoft Corporation -> Microsoft Corporation)
R2 SQLTELEMETRY$SQLEXPRESS; D:\Program Files\Microsoft SQL Server\MSSQL14.SQLEXPRESS\MSSQL\Binn\sqlceip.exe [252704 2019-06-15] (Microsoft Corporation -> Microsoft Corporation)
S3 ss_conn_launcher_service; C:\windows\System32\Samsung\EasySetup\ss_conn_launcher.exe [182128 2020-06-26] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2020-06-26] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
R2 ss_conn_service2; C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe [935352 2020-06-26] (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.)
R2 VMAuthdService; D:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe [100272 2019-11-04] (VMware, Inc. -> VMware, Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\NisSrv.exe [2491880 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MsMpEng.exe [128376 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\windows\System32\DriverStore\FileRepository\nvblwi.inf_amd64_c99e86ba982355d8\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\windows\System32\DriverStore\FileRepository\nvblwi.inf_amd64_c99e86ba982355d8\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 ApHidfiltrService; C:\windows\System32\drivers\ApHidFiltr.sys [350432 2019-09-19] (ALPS ALPINE CO., LTD. -> ALPSALPINE CO., LTD.)
S3 ApPTPFilterService; C:\windows\System32\drivers\ApPtpFiltr.sys [339440 2019-07-27] (ALPS ALPINE CO., LTD. -> ALPSALPINE CO., LTD.)
S4 BrCow_4_1_8_2387; C:\windows\System32\DRIVERS\BrCow_4_1_8_2387.sys [64872 2019-09-06] (Bromium, Inc. -> Windows (R) Win 7 DDK provider)
S4 BrFilter_4_1_8_2387; C:\windows\System32\DRIVERS\BrFilter_4_1_8_2387.sys [223080 2019-09-06] (Bromium, Inc. -> HP)
R2 BrHostDrv; C:\windows\system32\Drivers\BrHostDrv.sys [45584 2020-03-24] (Bromium, Inc. -> HP)
S3 CH341SER_A64; C:\windows\System32\Drivers\CH341S64.SYS [58368 2011-11-04] (Microsoft Windows Hardware Compatibility Publisher -> www.winchiphead.com)
R3 CVPNDRVA; C:\windows\system32\Drivers\CVPNDRVA.sys [306536 2011-03-04] (Cisco Systems, Inc. -> )
R0 DeepMgmtDriver; C:\windows\System32\drivers\DeepMgmtDriver.sys [67304 2020-12-27] (Deep Instinct Ltd -> )
R3 DeepRansomDriver; C:\windows\System32\drivers\DeepRansomDriver.sys [71400 2020-12-27] (Deep Instinct Ltd -> )
R3 DeepStaticDriver; C:\windows\System32\drivers\DeepStaticDriver.sys [52968 2020-12-27] (Deep Instinct Ltd -> )
R1 DNE; C:\windows\system32\DRIVERS\dnelwf64.sys [133456 2013-10-03] (Citrix Systems -> Citrix Systems, Inc.)
R3 HPCustomCapDriver; C:\windows\System32\DriverStore\FileRepository\hpcustomcapdriver.inf_amd64_1f5602eb8a12ac4c\x64\hpcustomcapdriver.sys [25024 2019-05-03] (Microsoft Windows Hardware Compatibility Publisher -> HP Inc.)
R3 LGBusEnum; C:\windows\system32\drivers\LGBusEnum.sys [37408 2015-06-11] (Microsoft Windows Hardware Compatibility Publisher -> Logitech Inc.)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech -> Logitech)
R2 LGHUBTemperatureService; C:\ProgramData\LGHUB\depots\64641\driver_cpu_temperature\logi_core_temp.sys [25448 2020-09-02] (Logitech Inc. -> Logitech)
R3 LGJoyXlCore; C:\windows\system32\drivers\LGJoyXlCore.sys [68384 2015-06-11] (Microsoft Windows Hardware Compatibility Publisher -> Logitech Inc.)
R3 LGSHidFilt; C:\windows\system32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech -> Logitech Inc.)
R3 LGVirHid; C:\windows\system32\drivers\LGVirHid.sys [26912 2015-06-11] (Microsoft Windows Hardware Compatibility Publisher -> Logitech Inc.)
R3 logi_joy_bus_enum; C:\windows\system32\drivers\logi_joy_bus_enum.sys [38136 2020-09-02] (Logitech Inc -> Logitech)
R3 logi_joy_vir_hid; C:\windows\system32\drivers\logi_joy_vir_hid.sys [26672 2020-09-02] (Logitech Inc -> Logitech)
R3 logi_joy_xlcore; C:\windows\system32\drivers\logi_joy_xlcore.sys [66808 2020-09-02] (Logitech Inc -> Logitech)
R3 nlwt; C:\windows\system32\DRIVERS\nlwt.sys [39360 2020-12-27] (TEFINCOM S.A. -> WireGuard LLC)
R1 nordlwf; C:\windows\system32\DRIVERS\nordlwf.sys [38608 2020-10-14] (TEFINCOM S.A. -> TEFINCOM S.A.)
S4 RsFx0501; C:\windows\System32\DRIVERS\RsFx0501.sys [261784 2019-06-15] (Microsoft Corporation -> Microsoft Corporation)
S3 RtkUsbAD_03F00269; C:\windows\system32\drivers\RtUsbA64_03F00269.sys [428840 2020-06-16] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
S3 ssudmdm; C:\windows\system32\DRIVERS\ssudmdm.sys [166768 2020-06-26] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:\windows\System32\Drivers\ss_conn_usb_driver2.sys [43376 2020-06-26] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 tap0901; C:\windows\System32\drivers\tap0901.sys [39920 2019-10-23] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
R3 tapnordvpn; C:\windows\System32\drivers\tapnordvpn.sys [44896 2020-06-09] (TEFINCOM S.A. -> The OpenVPN Project)
R1 vflt; C:\windows\system32\DRIVERS\vfilter.sys [24064 2013-07-01] (Microsoft Windows Hardware Compatibility Publisher -> Shrew Soft Inc)
R2 VMnetBridge; C:\windows\system32\DRIVERS\vmnetbridge.sys [66368 2019-11-04] (VMware, Inc. -> VMware, Inc.)
S3 vnet; C:\windows\System32\drivers\virtualnet.sys [17408 2013-07-01] (Microsoft Windows Hardware Compatibility Publisher -> Shrew Soft Inc)
R0 vsock; C:\windows\System32\DRIVERS\vsock.sys [103224 2019-08-14] (VMware, Inc. -> VMware, Inc.)
S0 WdBoot; C:\windows\System32\drivers\wd\WdBoot.sys [48536 2020-12-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\windows\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
R0 WdFilter; C:\windows\System32\drivers\wd\WdFilter.sys [429296 2020-12-04] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\windows\System32\drivers\wd\WdNisDrv.sys [70896 2020-12-04] (Microsoft Windows -> Microsoft Corporation)
R3 WiMan; C:\windows\System32\DriverStore\FileRepository\wiman.inf_amd64_4b0336d95f188e47\WiMan\WiMan.sys [162136 2020-07-02] (Intel Wireless Driver -> )
R3 WirelessButtonDriver64; C:\windows\System32\drivers\WirelessButtonDriver64.sys [35392 2020-06-08] (HP Inc. -> HP)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-01-06 12:13 - 2021-01-06 12:13 - 000043494 _____ C:\Users\modracekp\Desktop\FRST.txt
2021-01-06 12:12 - 2021-01-06 12:13 - 000000000 ____D C:\FRST
2021-01-06 12:12 - 2021-01-06 12:11 - 002282496 _____ (Farbar) C:\Users\modracekp\Desktop\FRST64.exe
2021-01-06 11:38 - 2021-01-06 11:38 - 000065612 _____ C:\Users\Admin\Documents\cc_20210106_113826.reg
2021-01-05 18:09 - 2011-11-04 23:00 - 000058368 _____ (www.winchiphead.com) C:\windows\system32\Drivers\CH341S64.SYS
2021-01-05 18:09 - 2005-07-30 00:00 - 000006712 _____ (www.winchiphead.com) C:\windows\SysWOW64\CH341PT.DLL
2021-01-05 17:59 - 2021-01-05 17:59 - 000000000 ____D C:\Users\modracekp\Documents\Arduino
2021-01-05 17:58 - 2021-01-05 18:00 - 000000000 ____D C:\Users\modracekp\Documents\ArduinoData
2020-12-27 18:08 - 2020-12-27 18:08 - 000000000 ____D C:\Users\modracekp\AppData\Local\NordVPN
2020-12-27 18:07 - 2020-12-27 18:07 - 000039360 ____T (WireGuard LLC) C:\windows\system32\Drivers\nlwt.sys
2020-12-27 18:07 - 2020-12-27 18:07 - 000000894 _____ C:\Users\Admin\Desktop\NordVPN.lnk
2020-12-27 18:07 - 2020-12-27 18:07 - 000000000 ____D C:\Users\Admin\AppData\Local\NordVPN
2020-12-27 18:07 - 2020-12-27 18:07 - 000000000 ____D C:\ProgramData\NordVPN
2020-12-27 18:07 - 2020-12-27 18:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NordSec
2020-12-27 18:07 - 2020-12-27 18:07 - 000000000 ____D C:\Program Files\NordVPN network TUN
2020-12-27 18:07 - 2020-12-27 18:07 - 000000000 ____D C:\Program Files (x86)\NordVPN network TAP
2020-12-27 18:07 - 2020-10-14 14:00 - 000038608 _____ (TEFINCOM S.A.) C:\windows\system32\Drivers\nordlwf.sys
2020-12-27 18:02 - 2020-12-27 18:02 - 000000000 ____D C:\ProgramData\UrbanVPN
2020-12-27 17:18 - 2020-12-27 17:18 - 000000000 ____D C:\windows\system32\Tasks\Mozilla
2020-12-27 17:03 - 2020-12-27 17:03 - 000000000 ____D C:\Program Files (x86)\Hewlett-Packard
2020-12-27 17:03 - 2020-12-27 17:03 - 000000000 ____D C:\hpswsetup
2020-12-27 17:02 - 2020-12-27 17:02 - 000000000 ____D C:\Users\modracekp\UrbanVPN
2020-12-15 08:35 - 2020-12-15 08:35 - 000000000 ____D C:\Users\modracekp\AppData\Roaming\IrfanView
2020-12-15 07:19 - 2020-07-30 01:42 - 001145464 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RtCOM64.dll
2020-12-15 07:19 - 2020-07-30 01:42 - 000854104 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RtkApi64U.dll
2020-12-15 07:19 - 2020-07-30 01:42 - 000468776 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RtDataProc64.dll
2020-12-14 10:51 - 2020-12-14 10:51 - 000001929 _____ C:\Users\Admin\Desktop\IrfanView 64 Thumbnails.lnk
2020-12-14 10:51 - 2020-12-14 10:51 - 000001055 _____ C:\Users\Admin\Desktop\IrfanView 64.lnk
2020-12-14 10:51 - 2020-12-14 10:51 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView
2020-12-14 10:51 - 2020-12-14 10:51 - 000000000 ____D C:\Users\Admin\AppData\Roaming\IrfanView
2020-12-14 10:51 - 2020-12-14 10:51 - 000000000 ____D C:\Program Files\IrfanView
2020-12-09 12:58 - 2020-12-09 12:58 - 002045952 _____ C:\windows\system32\rdpnano.dll
2020-12-09 12:58 - 2020-12-09 12:58 - 001756600 _____ (Microsoft Corporation) C:\windows\system32\winload.efi
2020-12-09 12:58 - 2020-12-09 12:58 - 001366144 _____ (Microsoft Corporation) C:\windows\system32\winresume.efi
2020-12-09 12:58 - 2020-12-09 12:58 - 000171008 _____ C:\windows\system32\FsNVSDeviceSource.dll
2020-12-09 12:58 - 2020-12-09 12:58 - 000102912 _____ (Microsoft Corporation) C:\windows\system32\ncpa.cpl
2020-12-09 12:58 - 2020-12-09 12:58 - 000100864 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncpa.cpl
2020-12-09 12:58 - 2020-12-09 12:58 - 000059392 _____ C:\windows\system32\runexehelper.exe
2020-12-09 12:58 - 2020-12-09 12:58 - 000001370 _____ C:\windows\system32\ThirdPartyNoticesBySHS.txt
2020-12-09 12:58 - 2020-12-09 12:58 - 000000357 _____ C:\windows\system32\DrtmAuth14.bin
2020-12-09 12:58 - 2020-12-09 12:58 - 000000357 _____ C:\windows\system32\DrtmAuth13.bin
2020-12-09 12:58 - 2020-12-09 12:58 - 000000315 _____ C:\windows\system32\DrtmAuth9.bin
2020-12-09 12:58 - 2020-12-09 12:58 - 000000315 _____ C:\windows\system32\DrtmAuth8.bin
2020-12-09 12:58 - 2020-12-09 12:58 - 000000315 _____ C:\windows\system32\DrtmAuth7.bin
2020-12-09 12:58 - 2020-12-09 12:58 - 000000315 _____ C:\windows\system32\DrtmAuth6.bin
2020-12-09 12:58 - 2020-12-09 12:58 - 000000315 _____ C:\windows\system32\DrtmAuth5.bin
2020-12-09 12:58 - 2020-12-09 12:58 - 000000315 _____ C:\windows\system32\DrtmAuth4.bin
2020-12-09 12:58 - 2020-12-09 12:58 - 000000315 _____ C:\windows\system32\DrtmAuth3.bin
2020-12-09 12:58 - 2020-12-09 12:58 - 000000315 _____ C:\windows\system32\DrtmAuth2.bin
2020-12-09 12:58 - 2020-12-09 12:58 - 000000315 _____ C:\windows\system32\DrtmAuth18.bin
2020-12-09 12:58 - 2020-12-09 12:58 - 000000315 _____ C:\windows\system32\DrtmAuth17.bin
2020-12-09 12:58 - 2020-12-09 12:58 - 000000315 _____ C:\windows\system32\DrtmAuth16.bin
2020-12-09 12:58 - 2020-12-09 12:58 - 000000315 _____ C:\windows\system32\DrtmAuth15.bin
2020-12-09 12:58 - 2020-12-09 12:58 - 000000315 _____ C:\windows\system32\DrtmAuth12.bin
2020-12-09 12:58 - 2020-12-09 12:58 - 000000315 _____ C:\windows\system32\DrtmAuth11.bin
2020-12-09 12:58 - 2020-12-09 12:58 - 000000315 _____ C:\windows\system32\DrtmAuth10.bin
2020-12-09 12:58 - 2020-12-09 12:58 - 000000315 _____ C:\windows\system32\DrtmAuth1.bin

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-01-06 12:13 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-01-06 11:49 - 2020-03-24 11:17 - 001945354 _____ C:\windows\system32\PerfStringBackup.INI
2021-01-06 11:49 - 2019-09-28 16:06 - 000802996 _____ C:\windows\system32\perfh005.dat
2021-01-06 11:49 - 2019-09-28 16:06 - 000186416 _____ C:\windows\system32\perfc005.dat
2021-01-06 11:49 - 2019-03-19 05:50 - 000000000 ____D C:\windows\INF
2021-01-06 11:46 - 2020-07-09 14:17 - 000000000 ____D C:\Program Files\CCleaner
2021-01-06 11:46 - 2020-06-11 11:32 - 000000000 ____D C:\Users\modracekp\AppData\Local\Packages
2021-01-06 11:45 - 2020-03-24 11:16 - 000000000 ____D C:\ProgramData\NVIDIA
2021-01-06 11:44 - 2020-09-02 10:51 - 000000000 ____D C:\Users\modracekp\AppData\Local\LGHUB
2021-01-06 11:44 - 2020-06-10 15:03 - 000000112 _____ C:\windows\system32\config\netlogon.ftl
2021-01-06 11:43 - 2020-10-13 08:59 - 000000000 ___RD C:\Users\modracekp\OneDrive - JHV engineering s.r.o
2021-01-06 11:43 - 2020-09-02 10:51 - 000000000 ____D C:\Users\modracekp\AppData\Roaming\LGHUB
2021-01-06 11:43 - 2020-06-11 11:32 - 000000000 __SHD C:\Users\modracekp\IntelGraphicsProfiles
2021-01-06 11:42 - 2020-09-22 20:19 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-01-06 11:42 - 2020-07-10 11:52 - 000000000 ____D C:\ProgramData\VMware
2021-01-06 11:42 - 2020-06-11 05:50 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-01-06 11:42 - 2020-03-24 11:10 - 000000000 ___HD C:\Intel
2021-01-06 11:42 - 2019-04-19 19:26 - 000000006 ____H C:\windows\Tasks\SA.DAT
2021-01-06 11:42 - 2019-03-19 05:37 - 001310720 _____ C:\windows\system32\config\BBI
2021-01-06 11:37 - 2020-06-10 17:42 - 000000000 ____D C:\Users\Admin\AppData\Local\CrashDumps
2021-01-06 11:37 - 2019-04-19 20:25 - 000000000 ____D C:\windows\Panther
2021-01-06 11:37 - 2019-03-19 05:52 - 000000000 ____D C:\windows\LiveKernelReports
2021-01-06 11:26 - 2020-07-09 14:17 - 000003936 _____ C:\windows\system32\Tasks\CCleaner Update
2021-01-06 11:26 - 2020-07-09 14:17 - 000000871 _____ C:\Users\Public\Desktop\CCleaner.lnk
2021-01-06 11:26 - 2020-07-09 14:17 - 000000871 _____ C:\ProgramData\Desktop\CCleaner.lnk
2021-01-06 10:25 - 2019-03-19 05:52 - 000000000 ____D C:\windows\AppReadiness
2021-01-05 21:51 - 2019-04-19 19:26 - 000000000 ____D C:\windows\system32\SleepStudy
2021-01-05 19:32 - 2020-06-11 05:50 - 000000000 ____D C:\ProgramData\Mozilla
2021-01-05 19:31 - 2020-06-11 11:33 - 000000000 ____D C:\Users\modracekp\AppData\LocalLow\Mozilla
2021-01-05 17:57 - 2020-10-13 19:03 - 000000000 ____D C:\Users\modracekp\AppData\Local\PlaceholderTileLogoFolder
2021-01-05 17:57 - 2019-04-19 19:32 - 000000000 ____D C:\ProgramData\Packages
2021-01-05 17:55 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps
2021-01-05 17:22 - 2020-06-30 08:10 - 000000000 ____D C:\Users\Public\EPLAN
2021-01-05 10:26 - 2020-07-13 12:36 - 000000000 ____D C:\Users\modracekp\AppData\Local\RizeniProjektu
2021-01-04 08:14 - 2020-11-13 07:56 - 000018960 _____ (Logitech, Inc.) C:\windows\system32\Drivers\LNonPnP.sys
2020-12-27 17:18 - 2020-08-04 06:35 - 000001013 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-12-27 17:04 - 2020-03-24 11:24 - 000071400 _____ C:\windows\system32\Drivers\DeepRansomDriver.sys
2020-12-27 17:04 - 2020-03-24 11:24 - 000067304 _____ C:\windows\system32\Drivers\DeepMgmtDriver.sys
2020-12-27 17:04 - 2020-03-24 11:24 - 000052968 _____ C:\windows\system32\Drivers\DeepStaticDriver.sys
2020-12-27 17:04 - 2020-03-24 11:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2020-12-27 17:04 - 2020-03-24 11:24 - 000000000 ____D C:\ProgramData\HP Sure Sense
2020-12-27 17:04 - 2020-03-24 11:24 - 000000000 ____D C:\Program Files\HP Sure Sense
2020-12-27 17:02 - 2020-06-11 11:32 - 000000000 ____D C:\Users\modracekp
2020-12-27 12:25 - 2020-07-09 14:33 - 000000000 ____D C:\Users\modracekp\AppData\Roaming\vlc
2020-12-22 09:38 - 2020-07-09 13:14 - 000037417 _____ C:\windows\system32\SEAPODATUR.USB.VID_03F0&PID_0269&MI_00.zip
2020-12-22 09:38 - 2020-06-26 10:57 - 000000000 ____D C:\Users\modracekp\AppData\Local\CrashDumps
2020-12-20 19:50 - 2020-09-04 06:01 - 000002444 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-12-15 07:09 - 2020-10-13 08:53 - 000003364 _____ C:\windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3335587309-3254080361-1999049365-1211
2020-12-15 07:09 - 2020-10-13 08:53 - 000002385 _____ C:\Users\modracekp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-12-14 10:07 - 2020-07-10 11:47 - 000000000 ____D C:\Users\modracekp\AppData\Local\CoJeVKardexu
2020-12-10 08:17 - 2020-07-09 13:46 - 000012498 _____ C:\Users\modracekp\Desktop\platby.xlsx
2020-12-10 07:05 - 2020-06-11 05:48 - 000002144 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-12-10 07:02 - 2020-06-11 11:32 - 000000000 ___RD C:\Users\modracekp\3D Objects
2020-12-10 07:02 - 2019-04-19 19:29 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-12-10 07:02 - 2019-04-19 19:26 - 000544584 _____ C:\windows\system32\FNTCACHE.DAT
2020-12-09 15:55 - 2020-03-24 20:05 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2020-12-09 15:55 - 2019-03-19 05:52 - 000000000 ___RD C:\windows\ImmersiveControlPanel
2020-12-09 15:55 - 2019-03-19 05:52 - 000000000 ____D C:\windows\SysWOW64\Dism
2020-12-09 15:55 - 2019-03-19 05:52 - 000000000 ____D C:\windows\SystemResources
2020-12-09 15:55 - 2019-03-19 05:52 - 000000000 ____D C:\windows\system32\oobe
2020-12-09 15:55 - 2019-03-19 05:52 - 000000000 ____D C:\windows\system32\Dism
2020-12-09 15:55 - 2019-03-19 05:52 - 000000000 ____D C:\windows\ShellExperiences
2020-12-09 15:55 - 2019-03-19 05:52 - 000000000 ____D C:\windows\PolicyDefinitions
2020-12-09 15:55 - 2019-03-19 05:52 - 000000000 ____D C:\windows\bcastdvr
2020-12-09 15:55 - 2019-03-19 05:52 - 000000000 ____D C:\Program Files\Windows Defender
2020-12-09 15:55 - 2019-03-19 05:52 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2020-12-09 15:49 - 2020-06-11 11:32 - 000000000 ____D C:\Users\modracekp\AppData\Roaming\Adobe
2020-12-09 13:00 - 2019-03-19 05:37 - 000000000 ____D C:\windows\CbsTemp
2020-12-08 19:23 - 2020-06-11 12:56 - 000000000 ____D C:\Users\modracekp\AppData\Local\HP_Inc
2020-12-08 11:58 - 2020-07-09 13:04 - 000002309 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-12-08 11:58 - 2020-07-09 13:04 - 000002268 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-12-08 11:58 - 2020-07-09 13:04 - 000002268 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-12-08 06:34 - 2020-06-10 15:04 - 000064114 __RSH C:\ProgramData\ntuser.pol

==================== Files in the root of some directories ========

2020-10-07 09:13 - 2020-10-08 13:07 - 000007621 _____ () C:\Users\Admin\AppData\Local\Resmon.ResmonCfg
2020-07-10 07:44 - 2020-07-10 07:44 - 000000003 _____ () C:\Users\Admin\AppData\Local\updater.log
2020-07-10 07:44 - 2020-07-10 07:44 - 000000424 _____ () C:\Users\Admin\AppData\Local\UserProducts.xml

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-01-2021
Ran by Admin (06-01-2021 12:14:35)
Running from C:\Users\modracekp\Desktop
Windows 10 Pro Version 1909 18363.1256 (X64) (2020-06-10 12:59:08)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Admin (S-1-5-21-2808055777-1964107174-1078247012-1001 - Administrator - Enabled) => C:\Users\Admin
Administrator (S-1-5-21-2808055777-1964107174-1078247012-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2808055777-1964107174-1078247012-503 - Limited - Disabled)
Guest (S-1-5-21-2808055777-1964107174-1078247012-501 - Limited - Disabled)
SQLEXPRESS00 (S-1-5-21-2808055777-1964107174-1078247012-1027 - Limited - Enabled)
SQLEXPRESS01 (S-1-5-21-2808055777-1964107174-1078247012-1028 - Limited - Enabled)
SQLEXPRESS02 (S-1-5-21-2808055777-1964107174-1078247012-1029 - Limited - Enabled)
SQLEXPRESS03 (S-1-5-21-2808055777-1964107174-1078247012-1030 - Limited - Enabled)
SQLEXPRESS04 (S-1-5-21-2808055777-1964107174-1078247012-1031 - Limited - Enabled)
SQLEXPRESS05 (S-1-5-21-2808055777-1964107174-1078247012-1032 - Limited - Enabled)
SQLEXPRESS06 (S-1-5-21-2808055777-1964107174-1078247012-1033 - Limited - Enabled)
SQLEXPRESS07 (S-1-5-21-2808055777-1964107174-1078247012-1034 - Limited - Enabled)
SQLEXPRESS08 (S-1-5-21-2808055777-1964107174-1078247012-1035 - Limited - Enabled)
SQLEXPRESS09 (S-1-5-21-2808055777-1964107174-1078247012-1036 - Limited - Enabled)
SQLEXPRESS10 (S-1-5-21-2808055777-1964107174-1078247012-1037 - Limited - Enabled)
SQLEXPRESS11 (S-1-5-21-2808055777-1964107174-1078247012-1038 - Limited - Enabled)
SQLEXPRESS12 (S-1-5-21-2808055777-1964107174-1078247012-1039 - Limited - Enabled)
SQLEXPRESS13 (S-1-5-21-2808055777-1964107174-1078247012-1040 - Limited - Enabled)
SQLEXPRESS14 (S-1-5-21-2808055777-1964107174-1078247012-1041 - Limited - Enabled)
SQLEXPRESS15 (S-1-5-21-2808055777-1964107174-1078247012-1042 - Limited - Enabled)
SQLEXPRESS16 (S-1-5-21-2808055777-1964107174-1078247012-1043 - Limited - Enabled)
SQLEXPRESS17 (S-1-5-21-2808055777-1964107174-1078247012-1044 - Limited - Enabled)
SQLEXPRESS18 (S-1-5-21-2808055777-1964107174-1078247012-1045 - Limited - Enabled)
SQLEXPRESS19 (S-1-5-21-2808055777-1964107174-1078247012-1046 - Limited - Enabled)
SQLEXPRESS20 (S-1-5-21-2808055777-1964107174-1078247012-1047 - Limited - Enabled)
WDAGUtilityAccount (S-1-5-21-2808055777-1964107174-1078247012-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Active Directory Authentication Library for SQL Server (HKLM\...\{0127E4A9-98FF-430B-A1B3-08763F9C5F92}) (Version: 15.0.1000.16 - Microsoft Corporation)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 20.013.20074 - Adobe Systems Incorporated)
Aktualizace NVIDIA 38.0.5.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 38.0.5.0 - NVIDIA Corporation) Hidden
Brother MFL-Pro Suite DCP-L2520DW series (HKLM-x32\...\{F8ECC2FD-CE2B-4ED4-BDCC-90D0D34206FD}) (Version: 1.0.2.0 - Brother Industries, Ltd.)
Browser for SQL Server 2017 (HKLM-x32\...\{CF8EEB96-E7E7-4EF7-A0A1-559F09953156}) (Version: 14.0.1000.169 - Microsoft Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 5.75 - Piriform)
Cisco Systems VPN Client 5.0.07.0440 (HKLM\...\{5FDC06BF-3D3D-4367-8FFB-4FAFCB61972D}) (Version: 5.0.7 - Cisco Systems, Inc.)
DNE Update (HKLM\...\{FA46416D-1FCB-44A5-B01C-961C29881F1B}) (Version: 4.16.2.18640 - Deterministic Networks, Inc.)
Dynamic Application Loader Host Interface Service (HKLM\...\{044CFD6C-2031-4589-B764-308FB8DDE6EF}) (Version: 1.0.0.0 - Intel Corporation) Hidden
EPLAN Download Manager 2.7 (x64) (HKLM\...\{05D2063F-3CEA-4A4D-9A43-9F04DA8EE5EF}) (Version: 2.7.3.11418 - EPLAN Software & Service GmbH & Co. KG)
EPLAN Download Manager 2.9 SP1 (x64) (HKLM\...\{DB429848-84F2-493F-9C5D-C792A7E4E7B1}) (Version: 2.9.4.14748 - EPLAN Software & Service GmbH & Co. KG)
EPLAN Electric P8 Data 2.7 (x64) (HKLM\...\{E31055D1-DACD-4F64-8F72-00F799A3C95B}) (Version: 2.7.3.11496 - EPLAN Software & Service GmbH & Co. KG) Hidden
EPLAN Electric P8 Data 2.7 (x64) (HKLM\...\{E31055D1-DACD-4F64-8F72-00F799A3C95B}-11496) (Version: 2.7.3.11496 - EPLAN Software & Service GmbH & Co. KG)
EPLAN Electric P8 Data 2.9 SP1 (x64) (HKLM\...\{E310EAE4-791C-47F6-BB7D-CA6D318DFBEC}) (Version: 2.9.4.14642 - EPLAN Software & Service GmbH & Co. KG) Hidden
EPLAN Electric P8 Data 2.9 SP1 (x64) (HKLM\...\{E310EAE4-791C-47F6-BB7D-CA6D318DFBEC}-14642) (Version: 2.9.4.14642 - EPLAN Software & Service GmbH & Co. KG)
EPLAN Engineering Configuration One 2.7 (x64) (HKLM\...\{F5C54DEA-CA09-4339-83B4-2194D289161F}) (Version: 2.7.3.8538 - EPLAN Software & Service GmbH & Co. KG)
EPLAN Engineering Configuration One 2.9 (x64) (HKLM\...\{912FD8B8-5B19-4B88-A99D-A2AF9E61B24A}) (Version: 2.9.3.8818 - EPLAN Software & Service GmbH & Co. KG)
EPLAN Fluid Data 2.7 (x64) (HKLM\...\{E170090C-4226-43F4-8D17-EAA8C061D713}) (Version: 2.7.3.11647 - EPLAN Software & Service GmbH & Co. KG) Hidden
EPLAN Fluid Data 2.7 (x64) (HKLM\...\{E170090C-4226-43F4-8D17-EAA8C061D713}-11647) (Version: 2.7.3.11647 - EPLAN Software & Service GmbH & Co. KG)
EPLAN Gui cs-CZ 2.7 (x64) (HKLM\...\{012EE773-B6FF-4A51-88DC-D2B1BB45B2C1}) (Version: 2.7.3.11955 - EPLAN Software & Service GmbH & Co. KG)
EPLAN Gui cs-CZ 2.9 SP1 (x64) (HKLM\...\{C2D703CE-F802-42B9-82F5-DB0AB4F5B97E}) (Version: 2.9.4.14773 - EPLAN Software & Service GmbH & Co. KG)
EPLAN License Client (HKLM-x32\...\{0100BD88-3990-431F-9175-AB60E31AFFDE}) (Version: 9.1.17.23100 - EPLAN Software & Service GmbH & Co. KG)
EPLAN License Client (x64) (HKLM\...\{06400E16-27C0-412B-AB67-6A677D35C85D}) (Version: 9.1.17.23100 - EPLAN Software & Service GmbH & Co. KG)
EPLAN Platform 2.7 (x64) (HKLM\...\{E3525665-3B56-4B12-8DAC-498C49D9D7F6}) (Version: 2.7.3.11955 - EPLAN Software & Service GmbH & Co. KG) Hidden
EPLAN Platform 2.7 (x64) (HKLM\...\{E3525665-3B56-4B12-8DAC-498C49D9D7F6}-11418) (Version: 2.7.3.11955 - EPLAN Software & Service GmbH & Co. KG)
EPLAN Platform 2.7 (x64) HF10 11955 (HKLM\...\{E3525665-3B56-4B12-8DAC-498C49D9D7F6}+11955) (Version: 2.7.3.11955 - EPLAN Software & Service GmbH & Co. KG)
EPLAN Platform 2.9 SP1 (x64) (HKLM\...\{E305AB6A-C4AE-4DF8-9954-122AE6A2F2D9}) (Version: 2.9.4.14773 - EPLAN Software & Service GmbH & Co. KG) Hidden
EPLAN Platform 2.9 SP1 (x64) (HKLM\...\{E305AB6A-C4AE-4DF8-9954-122AE6A2F2D9}-14642) (Version: 2.9.4.14773 - EPLAN Software & Service GmbH & Co. KG)
EPLAN Platform 2.9 SP1 (x64) Update 3 14734 (HKLM\...\{E305AB6A-C4AE-4DF8-9954-122AE6A2F2D9}+14734) (Version: 2.9.4.14734 - EPLAN Software & Service GmbH & Co. KG) Hidden
EPLAN Platform 2.9 SP1 (x64) Update 4 14773 (HKLM\...\{E305AB6A-C4AE-4DF8-9954-122AE6A2F2D9}+14773) (Version: 2.9.4.14773 - EPLAN Software & Service GmbH & Co. KG)
EPLAN Platform Data 2.7 (x64) (HKLM\...\{E3006C40-346E-4B83-B120-A5FFC4061C6C}) (Version: 2.7.3.11496 - EPLAN Software & Service GmbH & Co. KG) Hidden
EPLAN Platform Data 2.7 (x64) (HKLM\...\{E3006C40-346E-4B83-B120-A5FFC4061C6C}-11496) (Version: 2.7.3.11496 - EPLAN Software & Service GmbH & Co. KG)
EPLAN Platform Data 2.9 SP1 (x64) (HKLM\...\{E3006749-191B-4039-B3B6-02416BDC4663}) (Version: 2.9.4.14642 - EPLAN Software & Service GmbH & Co. KG) Hidden
EPLAN Platform Data 2.9 SP1 (x64) (HKLM\...\{E3006749-191B-4039-B3B6-02416BDC4663}-14642) (Version: 2.9.4.14642 - EPLAN Software & Service GmbH & Co. KG)
EPLAN Pro Panel 2.7 (x64) (HKLM\...\{E40BF17B-E65E-4F38-A050-133CB414D6A3}) (Version: 2.7.3.11418 - EPLAN Software & Service GmbH & Co. KG) Hidden
EPLAN Pro Panel 2.7 (x64) (HKLM\...\{E40BF17B-E65E-4F38-A050-133CB414D6A3}-11418) (Version: 2.7.3.11418 - EPLAN Software & Service GmbH & Co. KG)
EPLAN Pro Panel 2.9 SP1 (x64) (HKLM\...\{E40BF222-DCDD-45D6-9DC0-C06740A714B3}) (Version: 2.9.4.14642 - EPLAN Software & Service GmbH & Co. KG) Hidden
EPLAN Pro Panel 2.9 SP1 (x64) (HKLM\...\{E40BF222-DCDD-45D6-9DC0-C06740A714B3}-14642) (Version: 2.9.4.14642 - EPLAN Software & Service GmbH & Co. KG)
EPLAN Pro Panel Data 2.7 (x64) (HKLM\...\{E130E951-12E3-495C-B1D6-0D59F1514F82}) (Version: 2.7.3.11418 - EPLAN Software & Service GmbH & Co. KG) Hidden
EPLAN Pro Panel Data 2.7 (x64) (HKLM\...\{E130E951-12E3-495C-B1D6-0D59F1514F82}-11418) (Version: 2.7.3.11418 - EPLAN Software & Service GmbH & Co. KG)
EPLAN Pro Panel Data 2.9 SP1 (x64) (HKLM\...\{E13098D2-D94B-4754-BB6E-53F4EC831A76}) (Version: 2.9.4.14642 - EPLAN Software & Service GmbH & Co. KG) Hidden
EPLAN Pro Panel Data 2.9 SP1 (x64) (HKLM\...\{E13098D2-D94B-4754-BB6E-53F4EC831A76}-14642) (Version: 2.9.4.14642 - EPLAN Software & Service GmbH & Co. KG)
EPLAN Setup Manager 2.7 (x64) (HKLM\...\{ACA67CDA-C222-4DB2-88A7-FD08DC3BFFC6}) (Version: 2.7.3.11418 - EPLAN Software & Service GmbH & Co. KG)
EPLAN Setup Manager 2.9 SP1 (x64) (HKLM\...\{2C3304C8-DAF1-4AA1-8656-BEA63DC4BB1C}) (Version: 2.9.4.14642 - EPLAN Software & Service GmbH & Co. KG)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 10.0.1.35811 - Foxit Software Inc.)
GDR 2027 for SQL Server 2017 (KB4505224) (64-bit) (HKLM\...\KB4505224) (Version: 14.0.2027.2 - Microsoft Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 87.0.4280.88 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.51 - Google LLC) Hidden
HP Client Security Manager (HKLM\...\HPProtectTools) (Version: 9.4.2.2839 - HP Inc.)
HP Collaboration Keyboard (HKLM-x32\...\{3FF0ED81-EE68-4075-BB62-945D6C785CE1}) (Version: 1.0.37.1 - HP)
HP Collaboration Keyboard For Cisco UCC (HKLM-x32\...\{9E7DCA29-89CB-4F9D-8216-B5569C1EABC3}) (Version: 1.0.19.1 - HP)
HP Collaboration Keyboard for Skype for Business (HKLM-x32\...\{3DCC2744-79C2-472E-8C53-4DF60EA672C7}) (Version: 2.0.3.1 - HP Inc.)
HP Connection Optimizer (HKLM-x32\...\{6468C4A5-E47E-405F-B675-A70A70983EA6}) (Version: 2.0.15.0 - HP Inc.)
HP Dock Audio (HKLM\...\HP_DOCKING) (Version: 1.31.36.35 - Synaptics)
HP Documentation (HKLM\...\HP_Documentation) (Version: 1.0.0.1 - HP Inc.)
HP MAC Address Manager (HKLM-x32\...\{21FA165F-905C-4DDA-B00A-00C3A5D17BBA}) (Version: 1.1.19.1 - HP Inc.)
HP Notifications (HKLM-x32\...\{FDBB153D-8F11-4C93-BC0A-9BBF95B26427}) (Version: 1.1.23.1 - HP)
HP Sure Click (HKLM\...\{BE1606B0-D0EA-11E9-B34D-10604B96B11C}) (Version: 4.1.8.2387 - HP Inc.)
HP Sure Recover (HKLM\...\{EBF9A3F5-C495-4A8D-91BF-7C23C67F72D0}) (Version: 2.2.5.1 - HP Inc.)
HP Sure Run (HKLM\...\{E84148C6-6E8D-40C5-832D-68EB369ACDE1}) (Version: 2.0.11.1 - HP Inc.)
HP Sure Sense Installer (HKLM\...\{7F433DEB-EE46-41C2-8723-11CBFFD1803B}) (Version: 1.2.36.0 - HP Inc.)
Integration Services (HKLM-x32\...\{99D2F72B-3293-4419-B351-4ADAD9C1DEF9}) (Version: 15.0.900.30 - Microsoft Corporation) Hidden
Intel(R) Dynamic Tuning (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.6.10400.9366 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 2009.14.0.1496 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 26.20.100.7756 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1915.1 - Intel Corporation)
Intel® Chipset Device Software (HKLM-x32\...\{37942a92-9e3f-4d70-9b5c-5955cbc54505}) (Version: 10.1.18121.8164 - Intel(R) Corporation)
Intel® Integrated Sensor Solution (HKLM-x32\...\{1c4f7bdc-8eac-4c3a-8cdd-5fac9b1518c3}) (Version: 3.10.100.3923 - Intel Corporation)
IrfanView 4.56 (64-bit) (HKLM\...\IrfanView64) (Version: 4.56 - Irfan Skiljan)
ISS_Drivers_x64 (HKLM\...\{9BB867B4-2C76-4273-8919-76770DD4A53D}) (Version: 3.10.100.3923 - Intel Corporation) Hidden
Java 8 Update 261 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180261F0}) (Version: 8.0.2610.12 - Oracle Corporation)
Java 8 Update 261 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180261F0}) (Version: 8.0.2610.12 - Oracle Corporation)
Kodi (HKU\S-1-5-21-2808055777-1964107174-1078247012-1001\...\Kodi) (Version: - XBMC Foundation)
Lightshot-5.5.0.4 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.5.0.4 - Skillbrains)
Logitech G HUB (HKLM\...\{521c89be-637f-4274-a840-baaf7460c2b2}) (Version: - Logitech)
Logitech Gaming Software 8.82 (HKLM\...\Logitech Gaming Software) (Version: 8.82.151 - Logitech Inc.)
Microsoft 365 - cs-cz (HKLM\...\O365HomePremRetail - cs-cz) (Version: 16.0.13231.20262 - Microsoft Corporation)
Microsoft 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.13231.20262 - Microsoft Corporation)
Microsoft 365 - sk-sk (HKLM\...\O365HomePremRetail - sk-sk) (Version: 16.0.13231.20262 - Microsoft Corporation)
Microsoft Access database engine 2010 (English) (HKLM\...\{90140000-00D1-0409-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 87.0.664.66 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.139.59 - )
Microsoft Help Viewer 2.3 (HKLM-x32\...\Microsoft Help Viewer 2.3) (Version: 2.3.27412 - Microsoft Corporation)
Microsoft MPI (7.0.12437.8) (HKLM\...\{8499ACD3-C1E3-45AB-BF96-DA491727EBE1}) (Version: 7.0.12437.8 - Microsoft Corporation)
Microsoft ODBC Driver 13 for SQL Server (HKLM\...\{3B280D1C-02F2-4965-8731-C1614E213D25}) (Version: 14.0.2027.2 - Microsoft Corporation)
Microsoft ODBC Driver 17 for SQL Server (HKLM\...\{3DB82642-89B9-4002-9C35-B369199AC5BD}) (Version: 17.2.0.2 - Microsoft Corporation)
Microsoft Office 2019 pro domácnosti a podnikatele - cs-cz (HKLM\...\HomeBusiness2019Retail - cs-cz) (Version: 16.0.13231.20262 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2808055777-1964107174-1078247012-1001\...\OneDriveSetup.exe) (Version: 20.084.0426.0007 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3335587309-3254080361-1999049365-1211\...\OneDriveSetup.exe) (Version: 20.201.1005.0009 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{9D93D367-A2CC-4378-BD63-79EF3FE76C78}) (Version: 11.4.7462.6 - Microsoft Corporation)
Microsoft SQL Server 2017 (64-bit) (HKLM\...\Microsoft SQL Server SQL2017) (Version: - Microsoft Corporation)
Microsoft SQL Server 2017 Setup (English) (HKLM\...\{05C0EF32-CDE2-4E38-92A1-D82CECECFB39}) (Version: 14.0.2027.2 - Microsoft Corporation)
Microsoft SQL Server 2017 T-SQL Language Service (HKLM\...\{C8A51693-98B9-4AB1-91B8-9A1B86729D5F}) (Version: 14.0.1000.169 - Microsoft Corporation)
Microsoft SQL Server Management Studio - 18.0 Preview 4 (HKLM-x32\...\{9c4b87d5-f13e-443d-b9b9-9930043a5be8}) (Version: 15.0.18040.0 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-3335587309-3254080361-1999049365-1211\...\Teams) (Version: 1.3.00.30866 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{0BCA8FBE-0C1C-4C65-98A3-5D34AAF41737}) (Version: 2.70.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.24.28127 (HKLM-x32\...\{282975d8-55fe-4991-bbbb-06a72581ce58}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.24.28127 (HKLM-x32\...\{e31cb1a4-76b5-46a5-a084-3fa419e82201}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2017 (HKLM-x32\...\{f895a2f1-ae3f-4212-8af1-7fa1f8c212ea}) (Version: 15.0.27520 - Microsoft Corporation)
Microsoft VSS Writer for SQL Server 2017 (HKLM\...\{20B328C9-C6BB-434A-928A-00F05CD820B8}) (Version: 14.0.1000.169 - Microsoft Corporation)
Mozilla Firefox 84.0.1 (x64 cs) (HKLM\...\Mozilla Firefox 84.0.1 (x64 cs)) (Version: 84.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 79.0 - Mozilla)
Mozilla Thunderbird 78.5.0 (x86 cs) (HKLM-x32\...\Mozilla Thunderbird 78.5.0 (x86 cs)) (Version: 78.5.0 - Mozilla)
NordVPN (HKLM\...\{19465C24-3D5D-4327-B99F-3CC0A1D38151}_is1) (Version: 6.32.25.0 - TEFINCOM S.A.)
NordVPN network TAP (HKLM-x32\...\{97DEC5D6-2BE9-45BB-BFC5-274B851B486B}) (Version: 1.0.1 - NordVPN)
NordVPN network TUN (HKLM\...\{BD0E4F38-D3F6-452D-A32E-B14D721839AC}) (Version: 1.0.1 - NordVPN)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.27 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.20.4.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.4.14 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.38.34 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.34 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 452.39 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 452.39 - NVIDIA Corporation)
NVIDIA Quadro View 200.93 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView) (Version: 200.93 - NVIDIA Corporation)
NVIDIA WMI 2.35.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVWMI) (Version: 2.35.0 - NVIDIA Corporation)
NvModuleTracker (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvModuleTracker.Driver) (Version: 6.14.24033.38719 - NVIDIA Corporation) Hidden
Odinstalovat ovladač tiskárny UFR II (HKLM\...\Canon UFR II Printer Driver) (Version: 6, 6, 1, 0 - Canon Inc.)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.13231.20126 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.13231.20200 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.13231.20126 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.13231.20126 - Microsoft Corporation) Hidden
PTC Creo View 5.0 (HKLM\...\{B1AF021D-6379-452D-AB07-2F0FC5531216}) (Version: 12.0.0.26 - PTC)
Raspberry Pi Imager (HKU\S-1-5-21-2808055777-1964107174-1078247012-1001\...\Raspberry Pi Imager) (Version: 1.4 - Raspberry Pi)
Realtek USB Audio (HKLM-x32\...\{0A46A65D-89AC-464C-8026-3CD44960BD04}) (Version: 6.3.9600.208 - Realtek Semiconductor Corp.)
Samsung DeX (HKLM-x32\...\{011B9130-F4CA-4245-8BDE-8D6CE4149F92}) (Version: 1.0.2.23 - Samsung Electronics Co., Ltd.) Hidden
Samsung DeX (HKLM-x32\...\{0dd3314d-90c2-4482-b6d3-f9f7a5427b3e}) (Version: 1.0.2.23 - Samsung Electronics Co., Ltd.)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.7.31.0 - Samsung Electronics Co., Ltd.)
Shrew Soft VPN Client (HKLM\...\Shrew Soft VPN Client) (Version: - )
Skype for Business Web App Plug-in (HKLM-x32\...\{5EEFC600-CE9E-4DCE-862A-E7D4A9C7B568}) (Version: 15.8.20020.369 - Microsoft Corporation)
SQL Server 2017 Advanced Analytics (HKLM\...\{826DA700-7B76-49BA-8A83-E55F5FA1301E}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Batch Parser (HKLM\...\{2C6E8311-28BD-4615-9545-6E39E8E83A4B}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Client Tools (HKLM\...\{A6A9EFA1-AFEB-4209-B25D-3CFF2E6FAE2C}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Client Tools (HKLM\...\{BD1502B1-778B-44B6-B2B4-0B77BD0366A1}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Client Tools Extensions (HKLM\...\{06324A5D-66BB-4FAC-8D0B-9FEC1B230FFF}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Client Tools Extensions (HKLM\...\{200F38B2-1492-4576-B08C-78F2C2C953FC}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Common Files (HKLM\...\{9D1C0509-D490-4E9E-ACF5-A73E5C53742D}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Common Files (HKLM\...\{B777C4C0-A1CD-4AB9-99B1-AD5FBED6F8E5}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Connection Info (HKLM\...\{89A7644F-E056-4EC1-BFDE-9D1A531D6855}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Connection Info (HKLM\...\{A9A443F5-56E1-4FC6-937C-5F481345A843}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Database Engine Services (HKLM\...\{28EEF6BA-A23A-42D2-86BA-A6BEE723B969}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Database Engine Services (HKLM\...\{DED314CA-0EFE-4593-9D66-EF75E5289A4C}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Database Engine Shared (HKLM\...\{0E22DBB4-691B-400C-B52D-8DFE8EC421AA}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Database Engine Shared (HKLM\...\{793F1C1E-5C83-4E33-A29B-6EAA7C1E791C}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 DMF (HKLM\...\{B9998A13-5563-496C-B95E-597FFC70B670}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 DMF (HKLM\...\{D7D28BBF-3B0E-43F0-A457-331F1CD9E9EB}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Full text search (HKLM\...\{C37AD300-12CF-4911-9019-A05D66055EB4}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Shared Management Objects (HKLM\...\{10855B1A-F7F2-4D8A-A725-9287C73BED5A}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Shared Management Objects (HKLM\...\{6CBBF624-696C-499E-948D-ADBAFFA2F548}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Shared Management Objects Extensions (HKLM\...\{8C515C22-BE07-4908-985C-0AA9349E1ED4}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Shared Management Objects Extensions (HKLM\...\{C6D92730-3EC0-47B1-8F6C-6F5635D1EFAC}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 SQL Diagnostics (HKLM\...\{DFA6A906-3024-49DE-87AD-750EAED2FA49}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 sql_inst_mpy (HKLM\...\{86DE7941-F5F3-48DF-A45F-82FA91217B45}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 sql_inst_mr (HKLM\...\{8868BCE1-8084-4035-AE2A-13765BE09D93}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 XEvent (HKLM\...\{12D2DB8D-80FF-4152-8F51-EDB3BD3C6976}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 XEvent (HKLM\...\{AA2A015C-C210-413B-95F6-BF9D3CDD6E0D}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server Management Studio (HKLM\...\{6553B343-9437-4355-AD67-C9DEA513B3CD}) (Version: 15.0.18040.0 - Microsoft Corporation) Hidden
SQL Server Management Studio (HKLM\...\{E3FD687D-6757-474B-8D83-5AA944B02C58}) (Version: 15.0.18040.0 - Microsoft Corporation) Hidden
SQL Server Management Studio for Analysis Services (HKLM\...\{D7B8CAB1-8F1A-4F5E-BC1A-A666C7BC6958}) (Version: 15.0.18040.0 - Microsoft Corporation) Hidden
SQL Server Management Studio for Reporting Services (HKLM\...\{8FC6B4CA-A96F-4F3D-9A03-94AD6A407C03}) (Version: 15.0.18040.0 - Microsoft Corporation) Hidden
SSMS Post Install Tasks (HKLM\...\{52AC1373-8F0D-4C4F-8A2A-4ED0623480FC}) (Version: 15.0.18040.0 - Microsoft Corporation) Hidden
Therm 6.6 (HKLM-x32\...\{86F71E3E-7C33-4829-8E53-B38F766E94F9}) (Version: 6.6 - Rittal)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.0 release candidate 3 - Ghisler Software GmbH)
VdhCoApp 1.5.0 (HKLM\...\weh-iss-net.downloadhelper.coapp_is1) (Version: - DownloadHelper)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.11 - VideoLAN)
VMware Player (HKLM\...\{32B21D71-91B2-45D5-90E7-CE3B470BCA8A}) (Version: 15.5.1 - VMware, Inc.)
Winamp (HKLM-x32\...\Winamp) (Version: 5.8 - Winamp SA)
Zoom (HKU\S-1-5-21-3335587309-3254080361-1999049365-1211\...\ZoomUMX) (Version: 5.1 - Zoom Video Communications, Inc.)

Packages:
=========
AlpsAlpine Touchpad Settings Manager - Commercial -> C:\Program Files\WindowsApps\C1E561A0.AlpsGlidePointTouchpad_1.1.24.0_x64__ay1pycd334gd6 [2020-03-24] (ALPS Comm. Devices Tech. (SH) Co., Ltd)
Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_6.10.5.0_x86__kgqvnymyfvs32 [2020-07-01] (king.com)
Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_1.39.4.0_x86__kgqvnymyfvs32 [2020-07-01] (king.com)
HP Power Manager -> C:\Program Files\WindowsApps\AD2F1837.HPPowerManager_2.1.11.0_x64__v10z8vjag6ke6 [2020-07-10] (HP Inc.)
HP Sure Sense -> C:\Program Files\WindowsApps\AD2F1837.HPSureShieldAI_1.2.31.0_x64__v10z8vjag6ke6 [2020-06-10] (HP Inc.)
Intel® Graphics Control Panel -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsControlPanel_3.3.0.0_x64__8j3eq9eme6ctt [2020-06-10] (INTEL CORP)
LinkedIn -> C:\Program Files\WindowsApps\7EE7776C.LinkedInforWindows_2.0.1.0_neutral__w1wdnht996qgy [2020-03-24] (LinkedIn)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-06-10] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-06-10] (Microsoft Corporation) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe [2020-06-10] (Microsoft Corporation) [MS Ad]
Thunderbolt Control Center -> C:\Program Files\WindowsApps\AppUp.ThunderboltControlCenter_1.0.25.0_x64__8j3eq9eme6ctt [2020-06-26] (INTEL CORP)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2808055777-1964107174-1078247012-1001_Classes\CLSID\{004B49B7-11B9-5058-AA22-08DD0A3ADC4B}\InprocServer32 -> {1F9B35C4-9468-D082-92A5-EAEE85889A47} => No File
CustomCLSID: HKU\S-1-5-21-2808055777-1964107174-1078247012-1001_Classes\CLSID\{DD0822AA-3A0A-4BDC-B749-4B00B9115850}\InprocServer32 -> {52DEBA41-9468-D082-172A-AFA385889A47} => No File
CustomCLSID: HKU\S-1-5-21-3335587309-3254080361-1999049365-1211_Classes\CLSID\{04271989-C4D2-3290-6D74-92CF74C0B057} -> [OneDrive - JHV engineering s.r.o] => C:\Users\modracekp\OneDrive - JHV engineering s.r.o [2020-10-13 08:59]
CustomCLSID: HKU\S-1-5-21-3335587309-3254080361-1999049365-1211_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\modracekp\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20275.4\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3335587309-3254080361-1999049365-1211_Classes\CLSID\{7ECF6F97-B4F3-4168-9835-F59C06D7875F}\InprocServer32 -> C:\Users\modracekp\AppData\Local\Microsoft\SkypeForBusinessPlugin\15.8.20020.369\GatewayActiveX-x64.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3335587309-3254080361-1999049365-1211_Classes\CLSID\{81843de1-cd70-4c5e-bdb6-316862e1d82f}\localserver32 -> hp-sure-sense: => No File
ShellIconOverlayIdentifiers: [ BromiumOverlay_4_1_8_2387] -> {6CDCC3E8-D8FF-46EF-B8BE-63A05C2E7272} => C:\Program Files\HP\Sure Click\4.1.8.2387\servers\HostShellExtension.dll [2019-09-06] (Bromium, Inc. -> HP)
ShellIconOverlayIdentifiers-x32: [ BromiumOverlay_4_1_8_2387] -> {6CDCC3E8-D8FF-46EF-B8BE-63A05C2E7272} => C:\Program Files\HP\Sure Click\4.1.8.2387\servers\HostShellExtension.dll [2019-09-06] (Bromium, Inc. -> HP)
ContextMenuHandlers2: [Bromium TrustDrive Context Menu_4_1_8_2387] -> {5F4F5529-DD35-4B9F-812F-A5B0B6ED58AE} => C:\Program Files\HP\Sure Click\4.1.8.2387\servers\HostShellExtension.dll [2019-09-06] (Bromium, Inc. -> HP)
ContextMenuHandlers2-x32: [VMDiskMenuHandler] -> {271DC252-6FE1-4D59-9053-E4CF50AB99DE} => D:\Program Files (x86)\VMware\VMware Player\vmdkShellExt.dll [2019-11-04] (VMware, Inc. -> VMware, Inc.)
ContextMenuHandlers2: [VMDiskMenuHandler64] -> {E4D28EDC-8C0B-43EE-9E7D-C8A8682334DC} => D:\Program Files (x86)\VMware\VMware Player\x64\vmdkShellExt64.dll [2019-11-04] (VMware, Inc. -> VMware, Inc.)
ContextMenuHandlers3: [vSentry_TrustFile_4_1_8_2387] -> {833378FE-1986-46BA-9B4E-F8F1DCA0913C} => C:\Program Files\HP\Sure Click\4.1.8.2387\servers\HostShellExtension.dll [2019-09-06] (Bromium, Inc. -> HP)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\windows\System32\DriverStore\FileRepository\nvblwi.inf_amd64_c99e86ba982355d8\nvshext.dll [2020-09-23] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers5: [NvQuadroView] -> {1E9B04FB-F9E5-4718-997B-B8DA88302A48} => C:\Program Files\NVIDIA Corporation\nview\nvshell.dll [2020-09-23] (NVIDIA Corporation -> NVIDIA Corporation)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2005-09-21 03:57 - 2005-09-21 03:57 - 004325376 _____ () [File not signed] C:\Program Files (x86)\Cisco Systems\VPN Client\qt-mt335.dll
2013-07-01 00:17 - 2013-07-01 00:17 - 000017920 _____ () [File not signed] C:\Program Files\ShrewSoft\VPN Client\libdtp.dll
2013-07-01 00:15 - 2013-07-01 00:15 - 000022016 _____ () [File not signed] C:\Program Files\ShrewSoft\VPN Client\libidb.dll
2013-07-01 00:16 - 2013-07-01 00:16 - 000628224 _____ () [File not signed] C:\Program Files\ShrewSoft\VPN Client\libike.dll
2013-07-01 00:16 - 2013-07-01 00:16 - 000116736 _____ () [File not signed] C:\Program Files\ShrewSoft\VPN Client\libip.dll
2013-07-01 00:15 - 2013-07-01 00:15 - 000018432 _____ () [File not signed] C:\Program Files\ShrewSoft\VPN Client\libith.dll
2013-07-01 00:16 - 2013-07-01 00:16 - 000013312 _____ () [File not signed] C:\Program Files\ShrewSoft\VPN Client\liblog.dll
2013-07-01 00:17 - 2013-07-01 00:17 - 000029184 _____ () [File not signed] C:\Program Files\ShrewSoft\VPN Client\libpfk.dll
2013-07-01 00:17 - 2013-07-01 00:17 - 000035840 _____ () [File not signed] C:\Program Files\ShrewSoft\VPN Client\libvflt.dll
2013-07-01 00:16 - 2013-07-01 00:16 - 000039936 _____ () [File not signed] C:\Program Files\ShrewSoft\VPN Client\libvnet.dll
2020-10-12 11:03 - 2017-08-24 02:13 - 000954368 _____ () [File not signed] D:\Program Files\Microsoft SQL Server\MSSQL14.SQLEXPRESS\MSSQL\Binn\Pythonlauncher.dll
2020-10-12 10:59 - 2017-08-24 02:12 - 000954368 _____ () [File not signed] D:\Program Files\Microsoft SQL Server\MSSQL14.SQLEXPRESS\MSSQL\Binn\RLauncher.dll
2019-08-15 15:37 - 2019-08-15 15:37 - 000382464 _____ (Crossmatch, Inc.) [File not signed] c:\Program Files\HP\HP ProtectTools Security Manager\Bin\DPCPFelica.dll
2019-08-15 15:38 - 2019-08-15 15:38 - 000338432 _____ (Crossmatch, Inc.) [File not signed] c:\Program Files\HP\HP ProtectTools Security Manager\Bin\DPDevice2.dll
2019-08-15 15:36 - 2019-08-15 15:36 - 000456192 _____ (Crossmatch, Inc.) [File not signed] c:\Program Files\HP\HP ProtectTools Security Manager\Bin\DPDevice5.dll
2020-03-24 11:19 - 2020-03-24 11:19 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Microsoft Office\root\Client\AppVIsvSubsystems64.dll
2020-03-24 11:19 - 2020-03-24 11:19 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\AppVIsvSubsystems64.dll
2020-03-24 11:19 - 2020-03-24 11:19 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\c2r64.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp17win10.msn.com/?pc=HCTE
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp17win10.msn.com/?pc=HCTE
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\S-1-5-21-2808055777-1964107174-1078247012-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\S-1-5-21-2808055777-1964107174-1078247012-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\S-1-5-21-3335587309-3254080361-1999049365-1211\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\S-1-5-21-3335587309-3254080361-1999049365-1211\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\S-1-5-80-1985561900-798682989-2213159822-1904180398-3434236965\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\S-1-5-80-1985561900-798682989-2213159822-1904180398-3434236965\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\S-1-5-80-3880006512-4290199581-1648723128-3569869737-3631323133\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\S-1-5-80-3880006512-4290199581-1648723128-3569869737-3631323133\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\S-1-5-80-3919359670-3540430778-4246408611-3681914861-206046543\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\S-1-5-80-3919359670-3540430778-4246408611-3681914861-206046543\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\S-1-5-80-997390408-2153310517-3119169589-2253446180-2226563786\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\S-1-5-80-997390408-2153310517-3119169589-2253446180-2226563786\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: HP Sure Click Plugin_4_1_8_2387 -> {26B469ED-0C6C-4BC2-8F30-D18369A10D36} -> C:\Program Files\HP\Sure Click\4.1.8.2387\servers\BromiumPlugin64.dll [2019-09-06] (Bromium, Inc. -> HP)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_261\bin\ssv.dll [2020-10-07] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_261\bin\jp2ssv.dll [2020-10-07] (Oracle America, Inc. -> Oracle Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2020-06-10] (HP Inc. -> HP Inc.)
BHO-x32: HP Sure Click Plugin_4_1_8_2387 -> {26B469ED-0C6C-4BC2-8F30-D18369A10D36} -> C:\Program Files\HP\Sure Click\4.1.8.2387\servers\BromiumPlugin32.dll [2019-09-06] (Bromium, Inc. -> HP)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2020-09-15] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_261\bin\ssv.dll [2020-08-04] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_261\bin\jp2ssv.dll [2020-08-04] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2020-06-10] (HP Inc. -> HP Inc.)
Handler: bromium - {EFF88B17-05AA-4736-BBCA-6A03421733F0} - C:\Program Files\HP\Sure Click\4.1.8.2387\servers\BromiumPlugin64.dll [2019-09-06] (Bromium, Inc. -> HP)
Handler-x32: bromium - {EFF88B17-05AA-4736-BBCA-6A03421733F0} - C:\Program Files\HP\Sure Click\4.1.8.2387\servers\BromiumPlugin32.dll [2019-09-06] (Bromium, Inc. -> HP)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-10-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-10-06] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-10-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-10-06] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-10-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-10-06] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-10-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-10-06] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-3335587309-3254080361-1999049365-1211\...\sharepoint.com -> hxxps://jhvengcz-files.sharepoint.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-03-19 05:49 - 2020-07-09 14:14 - 000000845 _____ C:\windows\system32\drivers\etc\hosts
127.0.0.1 localhost

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Microsoft MPI\Bin\;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\windows\system32;C:\windows;C:\windows\System32\Wbem;C:\windows\System32\WindowsPowerShell\v1.0\;C:\windows\System32\OpenSSH\;C:\ptc\Creo 5\Creo 5.0.1.0\Parametric\bin;;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files (x86)\Microsoft SQL Server\140\Tools\Binn\;C:\Program Files\Microsoft SQL Server\140\Tools\Binn\;C:\Program Files (x86)\Microsoft SQL Server\140\DTS\Binn\;C:\Program Files\Microsoft SQL Server\140\DTS\Binn\;C:\Program Files\Microsoft SQL Server\Client SDK\ODBC\130\Tools\Binn\;C:\Program Files (x86)\Microsoft SQL Server\150\DTS\Binn\
HKU\S-1-5-21-2808055777-1964107174-1078247012-1001\Control Panel\Desktop\\Wallpaper -> C:\windows\web\wallpaper\HP\HP_SNOW_3840x2160.jpg
HKU\S-1-5-21-3335587309-3254080361-1999049365-1211\Control Panel\Desktop\\Wallpaper ->
HKU\S-1-5-80-1985561900-798682989-2213159822-1904180398-3434236965\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-80-3880006512-4290199581-1648723128-3569869737-3631323133\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-80-3919359670-3540430778-4246408611-3681914861-206046543\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-80-997390408-2153310517-3119169589-2253446180-2226563786\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
DNS Servers: 10.1.2.1 - 10.1.2.11
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.

Network Binding:
=============
Wi-Fi: VMware Bridge Protocol -> vmware_bridge (enabled)
Wi-Fi: DNE LightWeight Filter -> dni_dne (enabled)
Wi-Fi: NordVPN LightWeight Firewall -> NordLwf (enabled)
Wi-Fi: Shrew Soft Lightweight Filter -> vflt (enabled)
VMware Network Adapter VMnet8: VMware Bridge Protocol -> vmware_bridge (disabled)
NordLynx: VMware Bridge Protocol -> vmware_bridge (enabled)
Ethernet: VMware Bridge Protocol -> vmware_bridge (enabled)
Ethernet: DNE LightWeight Filter -> dni_dne (enabled)
Ethernet: NordVPN LightWeight Firewall -> NordLwf (enabled)
Ethernet: Shrew Soft Lightweight Filter -> vflt (enabled)
Ethernet 5: VMware Bridge Protocol -> vmware_bridge (enabled)
Ethernet 5: DNE LightWeight Filter -> dni_dne (enabled)
Ethernet 5: NordVPN LightWeight Firewall -> NordLwf (enabled)
Ethernet 5: Shrew Soft Lightweight Filter -> vflt (enabled)
Ethernet 4: VMware Bridge Protocol -> vmware_bridge (enabled)
Ethernet 4: DNE LightWeight Filter -> dni_dne (enabled)
Ethernet 4: Shrew Soft Lightweight Filter -> vflt (enabled)
Ethernet 4: NordVPN LightWeight Firewall -> NordLwf (enabled)
VMware Network Adapter VMnet1: VMware Bridge Protocol -> vmware_bridge (disabled)

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{597A51DC-DD89-4C87-925E-2A7394F943AC}] => (Allow) C:\Program Files\HP\Sure Click\4.1.8.2387\servers\manifests\chrome\brchromium\74.0.3729.186\BrChrome.exe (Bromium, Inc. -> HP)
FirewallRules: [TCP Query User{55FB54D3-27C1-4172-A6C6-B8A516CF618B}C:\ptc\creo elements64\pro5.0\x86e_win64\nms\nmsd.exe] => (Allow) C:\ptc\creo elements64\pro5.0\x86e_win64\nms\nmsd.exe () [File not signed]
FirewallRules: [UDP Query User{823E27D3-58BA-4EBD-A10A-A8344F67C27A}C:\ptc\creo elements64\pro5.0\x86e_win64\nms\nmsd.exe] => (Allow) C:\ptc\creo elements64\pro5.0\x86e_win64\nms\nmsd.exe () [File not signed]
FirewallRules: [TCP Query User{EEEE9234-3799-4065-B540-092D7D4C714F}C:\ptc\creo elements64\pro5.0\x86e_win64\obj\xtop.exe] => (Allow) C:\ptc\creo elements64\pro5.0\x86e_win64\obj\xtop.exe (PTC Inc.) [File not signed]
FirewallRules: [UDP Query User{C1CB1736-3B38-404E-9E8B-98B9E2D03539}C:\ptc\creo elements64\pro5.0\x86e_win64\obj\xtop.exe] => (Allow) C:\ptc\creo elements64\pro5.0\x86e_win64\obj\xtop.exe (PTC Inc.) [File not signed]
FirewallRules: [TCP Query User{E69B1060-FBEE-4EB7-869E-CE398529D27F}C:\ptc\creo elements64\pro5.0\x86e_win64\obj\pro_comm_msg.exe] => (Allow) C:\ptc\creo elements64\pro5.0\x86e_win64\obj\pro_comm_msg.exe (PTC Inc. -> )
FirewallRules: [UDP Query User{14D3098B-91DC-4F04-A066-81DC12B828E9}C:\ptc\creo elements64\pro5.0\x86e_win64\obj\pro_comm_msg.exe] => (Allow) C:\ptc\creo elements64\pro5.0\x86e_win64\obj\pro_comm_msg.exe (PTC Inc. -> )
FirewallRules: [TCP Query User{C74B40F5-B63E-4A30-BE80-1AA9E75161DF}C:\ptc\creo 5\creo 5.0.1.0\common files\x86e_win64\obj\xtop.exe] => (Allow) C:\ptc\creo 5\creo 5.0.1.0\common files\x86e_win64\obj\xtop.exe (PTC Inc. -> PTC Inc.)
FirewallRules: [UDP Query User{0B476F3E-B1C8-4B74-AD86-9D098FEADC63}C:\ptc\creo 5\creo 5.0.1.0\common files\x86e_win64\obj\xtop.exe] => (Allow) C:\ptc\creo 5\creo 5.0.1.0\common files\x86e_win64\obj\xtop.exe (PTC Inc. -> PTC Inc.)
FirewallRules: [TCP Query User{79E428F8-231D-422F-BE1F-A3C26B762541}C:\ptc\creo 5\creo 5.0.1.0\common files\x86e_win64\obj\pro_comm_msg.exe] => (Allow) C:\ptc\creo 5\creo 5.0.1.0\common files\x86e_win64\obj\pro_comm_msg.exe (PTC Inc. -> PTC Inc.)
FirewallRules: [UDP Query User{BDCC60D3-02FC-40CB-9A70-5716107647B9}C:\ptc\creo 5\creo 5.0.1.0\common files\x86e_win64\obj\pro_comm_msg.exe] => (Allow) C:\ptc\creo 5\creo 5.0.1.0\common files\x86e_win64\obj\pro_comm_msg.exe (PTC Inc. -> PTC Inc.)
FirewallRules: [TCP Query User{D26F3B49-4DCF-462E-B0B3-CC79ABB3C11A}C:\ptc\creo 5\creo 5.0.1.0\common files\x86e_win64\nms\nmsd.exe] => (Allow) C:\ptc\creo 5\creo 5.0.1.0\common files\x86e_win64\nms\nmsd.exe (PTC Inc.) [File not signed]
FirewallRules: [UDP Query User{A4964359-4463-4656-8E03-C904445B3B58}C:\ptc\creo 5\creo 5.0.1.0\common files\x86e_win64\nms\nmsd.exe] => (Allow) C:\ptc\creo 5\creo 5.0.1.0\common files\x86e_win64\nms\nmsd.exe (PTC Inc.) [File not signed]
FirewallRules: [TCP Query User{2EFD5A89-A2AB-460E-A539-300B2C11DA46}C:\ptc\creo elements64\pro5.0\x86e_win64\obj\pfclscom.exe] => (Allow) C:\ptc\creo elements64\pro5.0\x86e_win64\obj\pfclscom.exe () [File not signed]
FirewallRules: [UDP Query User{3AC6913C-3C98-457F-B975-49469B56B717}C:\ptc\creo elements64\pro5.0\x86e_win64\obj\pfclscom.exe] => (Allow) C:\ptc\creo elements64\pro5.0\x86e_win64\obj\pfclscom.exe () [File not signed]
FirewallRules: [{ACD49391-381E-4FB0-8319-0DD7A75AC5EC}] => (Allow) d:\Program Files (x86)\Winamp\winamp.exe (Winamp SA -> Winamp SA)
FirewallRules: [{63E196E8-9277-4410-B6BB-2273A33B6897}] => (Allow) d:\Program Files (x86)\Winamp\winamp.exe (Winamp SA -> Winamp SA)
FirewallRules: [TCP Query User{EB4E340A-F69E-461A-A33E-20B04FC824E8}D:\program files (x86)\winamp\winamp.exe] => (Allow) D:\program files (x86)\winamp\winamp.exe (Winamp SA -> Winamp SA)
FirewallRules: [UDP Query User{0FFC2658-4787-41FF-A4FB-0ADB37C65769}D:\program files (x86)\winamp\winamp.exe] => (Allow) D:\program files (x86)\winamp\winamp.exe (Winamp SA -> Winamp SA)
FirewallRules: [{D6E1C6A9-B0A6-4614-AA8E-71EF5518A8B6}] => (Allow) C:\Program Files\PTC\Creo 5.0\View\i486_nt\obj\productview.exe (PTC Inc. -> PTC Inc.)
FirewallRules: [{5A653A81-873C-4EF2-9149-9692197DC5C1}] => (Allow) C:\Program Files\PTC\Creo 5.0\View\i486_nt\obj\nms_svc_pv.exe (PTC Inc. -> )
FirewallRules: [{909CA23C-585B-4C9B-9E40-B3350DC82A58}] => (Allow) C:\Program Files\PTC\Creo 5.0\View\i486_nt\obj\comm_brk_svc_pv.exe (PTC Inc. -> )
FirewallRules: [{44B73529-71A9-423D-A616-5D2FED5276A3}] => (Allow) C:\Program Files\PTC\Creo 5.0\View\i486_nt\obj\pvagent.exe (PTC Inc. -> PTC Inc.)
FirewallRules: [{FDE2B2B3-6941-482C-8DF4-DDCDE4E0A956}] => (Allow) C:\Program Files\PTC\Creo 5.0\View\x86e_win64\obj\productview.exe (PTC Inc. -> PTC Inc.)
FirewallRules: [{0BCAEE2A-9770-4C32-9E27-62EF856AF40C}] => (Allow) C:\Program Files\PTC\Creo 5.0\View\x86e_win64\obj\comm_brk_svc_pv.exe (PTC Inc. -> )
FirewallRules: [{86045225-4D62-42DC-830C-B780E94456CD}] => (Allow) C:\Program Files\PTC\Creo 5.0\View\x86e_win64\obj\nms_svc_pv.exe (PTC Inc. -> )
FirewallRules: [{FDCB7DA5-341A-49CE-9B73-41636DA587A0}] => (Allow) C:\Program Files\PTC\Creo 5.0\View\x86e_win64\obj\pvagent.exe (PTC Inc. -> PTC Inc.)
FirewallRules: [{61FE1545-6464-4C84-B238-20F69473BC34}] => (Allow) C:\Program Files\PTC\Creo 5.0\View\i486_nt\obj\JtToPro_pv.exe (PTC Inc. -> PTC Inc.)
FirewallRules: [{037EE220-8FEC-4541-B1A6-573CCC06DD6D}] => (Allow) C:\Program Files\PTC\Creo 5.0\View\x86e_win64\obj\JtToPro_pv.exe (PTC Inc. -> PTC Inc.)
FirewallRules: [{27A35C22-D6C8-4D03-BC85-9D4CE1EC042D}] => (Allow) D:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe (VMware, Inc. -> VMware, Inc.)
FirewallRules: [{7B2B3913-38D3-443F-91EA-2D53DCF6129D}] => (Allow) D:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe (VMware, Inc. -> VMware, Inc.)
FirewallRules: [TCP Query User{6E064880-44B2-4A8F-866C-D5561ACC21A1}D:\torrent\qbittorrent\qbittorrent.exe] => (Allow) D:\torrent\qbittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [UDP Query User{5ECDD1D2-1160-483E-87B1-7335AD3EE687}D:\torrent\qbittorrent\qbittorrent.exe] => (Allow) D:\torrent\qbittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [TCP Query User{34338A06-BBD4-4A92-9087-796319D6AB03}C:\program files (x86)\samsung dex\samsungdex.exe] => (Allow) C:\program files (x86)\samsung dex\samsungdex.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
FirewallRules: [UDP Query User{0BA66355-C36F-4505-9D2E-0F494A9B9D46}C:\program files (x86)\samsung dex\samsungdex.exe] => (Allow) C:\program files (x86)\samsung dex\samsungdex.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
FirewallRules: [{41B96E69-061C-4AC3-A0C2-7AFB393D5930}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{4225AB04-71B0-46D4-83DA-FBF2A83AB418}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{A9DC6FFD-9F8E-4682-AC41-779869DD81CC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{2F6A0F5C-7868-4F10-8DC4-72AC109D9F3C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{CA74B626-2F7A-4104-8177-6DC0342BE7BF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{024B1442-32E9-4608-931F-7DB03E59E332}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{3CF2B05D-CAB1-448D-8C3F-EAE4EBC99F05}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{AD60FD55-7B9D-445E-87BE-5F4432FD8164}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{5C07F3ED-5CEA-43E7-974F-1DBA874661E0}C:\program files\lghub\lghub_agent.exe] => (Allow) C:\program files\lghub\lghub_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [UDP Query User{B0F1DB1E-8E50-4AF4-AFC4-511FA92D0A0D}C:\program files\lghub\lghub_agent.exe] => (Allow) C:\program files\lghub\lghub_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [{BB702DF6-087C-43BA-A64E-A281841515D2}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4D5CBF82-A248-4449-A652-E15A68F3DEA5}] => (Allow) C:\Program Files\Microsoft MPI\Bin\msmpilaunchsvc.exe () [File not signed]
FirewallRules: [{B0F0BE89-11B2-4F23-B3CB-A4CBC939B28C}] => (Allow) C:\Program Files\Microsoft MPI\Bin\msmpilaunchsvc.exe () [File not signed]
FirewallRules: [{41EF4E96-E319-4EA7-B681-57D9317E25B4}] => (Allow) C:\Program Files\Microsoft MPI\Bin\mpiexec.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{3626DF03-7E27-40C5-8C51-631194DDE8DE}] => (Allow) C:\Program Files\Microsoft MPI\Bin\mpiexec.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{40554061-5D7F-445F-8114-8058745E251B}] => (Allow) C:\Program Files\Microsoft MPI\Bin\smpd.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{58B171C3-0DCD-4B54-821E-74E921D8A630}] => (Allow) C:\Program Files\Microsoft MPI\Bin\smpd.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{040BC2C4-B9F2-4927-842A-CE06FCA1FC8F}C:\program files\eplan\platform\2.9.4\bin\eplan.exe] => (Block) C:\program files\eplan\platform\2.9.4\bin\eplan.exe (EPLAN Software & Service GmbH & Co. KG -> EPLAN Software & Service GmbH & Co. KG)
FirewallRules: [UDP Query User{2D25F8CF-E74C-4BEC-B920-BFC08CD7DD15}C:\program files\eplan\platform\2.9.4\bin\eplan.exe] => (Block) C:\program files\eplan\platform\2.9.4\bin\eplan.exe (EPLAN Software & Service GmbH & Co. KG -> EPLAN Software & Service GmbH & Co. KG)
FirewallRules: [TCP Query User{1366E453-8EDA-46A9-AA0C-087A71AE3030}C:\users\modracekp\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\modracekp\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{E466D515-D9C2-40BA-A3BE-7E769C011506}C:\users\modracekp\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\modracekp\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{C54E98C3-94B1-4C5D-AEDE-D6A5EEB1DAEC}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.)
FirewallRules: [UDP Query User{8E23AE17-36D0-49DA-A0BA-63685C50645D}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.)
FirewallRules: [{A1459923-EF87-4028-8BDB-540C53BD35B0}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{EDD88697-8AF0-4CB3-9B7C-C8AC45E99BD0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{DFCDB269-9DE4-4FE6-93D8-D9100F33AF72}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{A79759EB-5502-48DD-AC50-2540681DDDE5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{368A1CE9-3528-427E-9867-B6B20742FD49}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{36251D6F-0DF8-4B4B-9965-AA0944C346CC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{B223B173-C5C2-4470-88CA-51E8E6A84247}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{4347DB77-44CE-4C93-A3C5-3750D0726D06}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{B46E95D3-7445-4351-ACDB-81E5DBC3A226}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{E5FF1815-51F3-48B3-8889-3041A17AB194}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{969FAB08-127E-4A64-817F-29A1301DB216}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{13EC68F6-A759-4393-9C87-40273B37C025}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{33CE175A-E8DC-4B49-9B0B-5935E6C0D84B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{6205ABA2-90BB-4559-B30C-6140286C5F44}C:\program files\windowsapps\arduinollc.arduinoide_1.8.42.0_x86__mdqgnx93n4wtt\java\bin\javaw.exe] => (Allow) C:\program files\windowsapps\arduinollc.arduinoide_1.8.42.0_x86__mdqgnx93n4wtt\java\bin\javaw.exe
FirewallRules: [UDP Query User{F1088174-F34B-4E71-8C33-AFF610A78B1D}C:\program files\windowsapps\arduinollc.arduinoide_1.8.42.0_x86__mdqgnx93n4wtt\java\bin\javaw.exe] => (Allow) C:\program files\windowsapps\arduinollc.arduinoide_1.8.42.0_x86__mdqgnx93n4wtt\java\bin\javaw.exe

==================== Restore Points =========================

21-12-2020 09:03:58 Naplánovaný kontrolní bod
27-12-2020 17:01:13 Installed UrbanVPN
04-01-2021 09:05:59 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices ============

Name: Shrew Soft Virtual Adapter
Description: Shrew Soft Virtual Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Shrew Soft
Service: vnet
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: ========================

Application errors:
==================
Error: (01/05/2021 06:42:21 PM) (Source: Group Policy Printers) (EventID: 8194) (User: NT AUTHORITY)
Description: Rozšíření na straně klienta nemohlo použít uživatel nastavení zásad pro 'USR_Pce_PRN_Ekonomicke-HP {316687ED-EE2F-46C2-BB70-9A0E46E6BBF4}', protože u něj došlo k chybě s kódem '0x80070035 Cesta v síti nebyla nalezena.'%použít00790275.

Error: (01/05/2021 06:42:20 PM) (Source: Group Policy Registry) (EventID: 8194) (User: NT AUTHORITY)
Description: Rozšíření na straně klienta nemohlo použít uživatel nastavení zásad pro 'Zakázání chráněného režimu v Acrobat Reader DC {E65AA987-008F-476A-A4CD-A37C629FFCB4}', protože u něj došlo k chybě s kódem '0x80070035 Cesta v síti nebyla nalezena.'%použít00790275.

Error: (01/05/2021 06:42:20 PM) (Source: Group Policy Drive Maps) (EventID: 8194) (User: NT AUTHORITY)
Description: Rozšíření na straně klienta nemohlo použít uživatel nastavení zásad pro 'USR_Pce_Share_Dokumenty_Plany_hodiny-J {8DBDE85E-6E82-47C9-AEFC-700CC8ABB487}', protože u něj došlo k chybě s kódem '0x80070035 Cesta v síti nebyla nalezena.'%použít00790275.

Error: (01/05/2021 05:45:24 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program RizeniProjektu.exe verze 2020.12.10.4105 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: b1c

Čas spuštění: 01d6e38036a4b732

Čas ukončení: 10

Cesta k aplikaci: C:\Users\modracekp\AppData\Local\RizeniProjektu\RizeniProjektu.exe

ID hlášení: 4d6c3b52-1d39-418a-9c5b-0cff7813ff38

Úplný název balíčku s chybou:

ID aplikace relativní podle balíčku s chybou:

Typ zablokování: Cross-thread

Error: (01/05/2021 05:30:29 PM) (Source: nview) (EventID: 1) (User: )
Description: No thumb found

Error: (01/05/2021 05:30:29 PM) (Source: nview) (EventID: 1) (User: )
Description: No thumb found

Error: (01/05/2021 05:30:29 PM) (Source: nview) (EventID: 1) (User: )
Description: No thumb found

Error: (01/05/2021 05:30:29 PM) (Source: nview) (EventID: 1) (User: )
Description: No thumb found


System errors:
=============
Error: (01/06/2021 12:13:35 PM) (Source: DCOM) (EventID: 10010) (User: JHV)
Description: Server Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (01/06/2021 11:45:52 AM) (Source: DCOM) (EventID: 10010) (User: JHV)
Description: Server Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (01/06/2021 11:43:53 AM) (Source: DCOM) (EventID: 10028) (User: JHV)
Description: Služba DCOM nemohla komunikovat s počítačem app.jhv.local pomocí žádného z nakonfigurovaných protokolů; požadováno na základě identifikátoru PID 3444 (C:\Program Files\EPLAN\Platform\2.9.4\Bin\Eplan.exe) při aktivaci identifikátoru CLSID {1D0C9566-9408-4FE0-A42E-162ABDC7171C}.

Error: (01/06/2021 11:43:42 AM) (Source: DCOM) (EventID: 10010) (User: JHV)
Description: Server Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (01/06/2021 11:43:40 AM) (Source: Microsoft-Windows-GroupPolicy) (EventID: 1130) (User: JHV)
Description: Selhání 1.
Název objektu zásad skupiny: Konfigurace software
Cesta k objektu zásad skupiny: \\jhv.local\SysVol\jhv.local\Policies\{52846779-2ADD-4063-8689-630FF085AAF5}\User
Název skriptu: \\ads\netlogon\Konfigurace software.ps1

Error: (01/06/2021 11:43:33 AM) (Source: Microsoft-Windows-GroupPolicy) (EventID: 1129) (User: JHV)
Description: Zpracování zásad skupiny selhalo v důsledku toho, že se nebylo v síti možné připojit k řadiči domény. Může se jednat o přechodný stav. Po připojení počítače k řadiči domény a úspěšném zpracování zásad skupiny bude odeslána zpráva o úspěšném provedení těchto akcí. Pokud se tato zpráva nezobrazí během několika hodin, obraťte se na správce.

Error: (01/06/2021 11:42:55 AM) (Source: Microsoft-Windows-GroupPolicy) (EventID: 1129) (User: NT AUTHORITY)
Description: Zpracování zásad skupiny selhalo v důsledku toho, že se nebylo v síti možné připojit k řadiči domény. Může se jednat o přechodný stav. Po připojení počítače k řadiči domény a úspěšném zpracování zásad skupiny bude odeslána zpráva o úspěšném provedení těchto akcí. Pokud se tato zpráva nezobrazí během několika hodin, obraťte se na správce.

Error: (01/06/2021 11:42:55 AM) (Source: NETLOGON) (EventID: 5719) (User: )
Description: Tento počítač nemohl nastavit zabezpečenou relaci s řadičem
domény v doméně JHV z následujícího důvodu:
Nemůžeme vás přihlásit s těmito přihlašovacími údaji, protože vaše doména není k dispozici. Ujistěte se, že je vaše zařízení připojeno k vaší podnikové síti, a zkuste to znovu. Pokud jste se na tomto zařízení dříve přihlásili s jinými přihlašovacími údaji, můžete se přihlásit s jejich pomocí.


To může vést k potížím při ověřování. Přesvědčte se, zda je tento
počítač připojen k síti. Pokud potíže trvají,
obraťte se na správce domény.



DALŠÍ INFORMACE

Pokud je tento počítač řadičem domény pro určenou doménu,
nastaví zabezpečenou relaci s emulátorem primárního řadiče domény v určené
doméně. V opačném případě tento počítač nastaví zabezpečenou relaci s libovolným řadičem domény
v určené doméně.


Windows Defender:
===================================
Date: 2020-12-28 15:47:07.763
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {FDEBE1B1-096E-4119-A1C6-CF2517130DED}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2020-12-27 15:49:46.869
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {96C353BE-126D-40BD-9789-CB87DD741EBD}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2020-12-22 09:43:20.450
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {96AA6B28-CDF6-445F-876F-94BAF22EEED0}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2020-12-21 08:06:47.857
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {2828E248-CFA8-41E6-9E04-0D547AB673DF}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2020-12-21 07:24:52.043
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {07F26DD5-7B5F-4311-A93C-5A67983D59C5}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2020-12-29 04:58:47.891
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.329.1241.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17700.4
Kód chyby: 0x80240438
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

Date: 2020-12-29 03:58:11.557
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.329.1241.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17700.4
Kód chyby: 0x80240438
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

Date: 2020-12-29 02:58:23.896
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.329.1241.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17700.4
Kód chyby: 0x80240438
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

Date: 2020-12-29 02:09:11.579
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.329.1241.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17700.4
Kód chyby: 0x80240438
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

Date: 2020-12-29 01:58:24.074
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.329.1241.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17700.4
Kód chyby: 0x80240438
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

CodeIntegrity:
===================================

Date: 2020-12-27 17:04:25.408
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\DeepMgmtDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-12-27 17:04:25.405
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\DeepMgmtDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-12-21 10:06:07.836
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\DriverStore\FileRepository\e1d68x64.inf_amd64_f6c146a8872514f7\e1d68x64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-12-21 10:06:07.036
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\SoftwareDistribution\Download\Install\e1dmsg.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-12-21 10:06:07.032
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\SoftwareDistribution\Download\Install\e1d68x64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-12-20 19:50:02.040
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\Microsoft\Edge\Temp\source19152_1253091751\87.0.664.66\dual_engine_adapter_x64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-12-14 07:03:31.675
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\Microsoft\Edge\Temp\source16608_785967709\87.0.664.60\dual_engine_adapter_x64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2020-12-09 07:28:19.422
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\Microsoft\Edge\Temp\source16964_672129505\87.0.664.57\dual_engine_adapter_x64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

BIOS: HP R92 Ver. 01.06.00 08/03/2020
Motherboard: HP 860C
Processor: Intel(R) Core(TM) i7-9750H CPU @ 2.60GHz
Percentage of memory in use: 23%
Total physical RAM: 32094.16 MB
Available physical RAM: 24553.5 MB
Total Virtual: 36958.16 MB
Available Virtual: 27155.61 MB

==================== Drives ================================

Drive c: (Windows ) (Fixed) (Total:237.51 GB) (Free:110.27 GB) NTFS
Drive d: (Data) (Fixed) (Total:931.5 GB) (Free:336.82 GB) NTFS
Drive e: (Data) (Fixed) (Total:465.76 GB) (Free:25.97 GB) NTFS

\\?\Volume{732e56ac-7147-4dbf-b2b7-4ca48eba9fac}\ (Windows RE Tools) (Fixed) (Total:0.69 GB) (Free:0.11 GB) NTFS
\\?\Volume{9124229c-7a74-45d5-b2ad-d0ecb840f478}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.13 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: DB545D23)

Partition: GPT.

==========================================================
Disk: 1 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 2 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 650546CE)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119320
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Prosím o preventivní kontrolu, pomalé načítání webu

#2 Příspěvek od Rudy »

Zdravím!
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
bluemanik
Návštěvník
Návštěvník
Příspěvky: 20
Registrován: 29 kvě 2009 08:11

Re: Prosím o preventivní kontrolu, pomalé načítání webu

#3 Příspěvek od bluemanik »

Použil jsem software z druhého odkazu. Vytvořily se dva soubory. Kopíruji obsah z obou.

# -------------------------------
# Malwarebytes AdwCleaner 8.0.8.0
# -------------------------------
# Build: 10-08-2020
# Database: 2021-01-06.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 01-08-2021
# Duration: 00:00:04
# OS: Windows 10 Pro
# Cleaned: 1
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon|Userinit

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [3979 octets] - [08/01/2021 11:07:54]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########


# -------------------------------
# Malwarebytes AdwCleaner 8.0.8.0
# -------------------------------
# Build: 10-08-2020
# Database: 2021-01-06.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 01-08-2021
# Duration: 00:00:32
# OS: Windows 10 Pro
# Scanned: 31955
# Detected: 21


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

PUP.Winlogon.Heuristic HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon|Userinit

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

Preinstalled.HPNotifications Folder C:\Program Files (x86)\HP\HP NOTIFICATIONS
Preinstalled.HPNotifications Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|HPNotifications
Preinstalled.HPNotifications Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|HPNotifications
Preinstalled.HPRegistrationService Folder C:\ProgramData\HP\HP REGISTRATION SERVICE
Preinstalled.HPSupportAssistant Folder C:\HP\SUPPORT
Preinstalled.HPSupportAssistant Folder C:\Program Files (x86)\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Preinstalled.HPSupportAssistant Folder C:\ProgramData\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Preinstalled.HPSupportAssistant Folder C:\Users\Admin\AppData\Roaming\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Preinstalled.HPSupportAssistant Registry HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Preinstalled.HPSupportAssistant Registry HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Preinstalled.HPSupportAssistant Registry HKLM\Software\Classes\CLSID\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Preinstalled.HPSupportAssistant Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Preinstalled.HPSupportAssistant Registry HKLM\Software\Wow6432Node\\Classes\CLSID\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Preinstalled.HPSupportAssistant Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Preinstalled.HPSupportAssistant Registry HKU\S-1-5-21-3335587309-3254080361-1999049365-1211\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Preinstalled.HPSupportAssistant Registry HKU\S-1-5-21-3335587309-3254080361-1999049365-1211\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Preinstalled.HPSureConnect Folder C:\Program Files\HPCOMMRECOVERY
Preinstalled.HPSureConnect Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{6468C4A5-E47E-405F-B675-A70A70983EA6}
Preinstalled.HPTouchpointAnalyticsClient Folder C:\ProgramData\HP\HP TOUCHPOINT ANALYTICS CLIENT
Preinstalled.HPTouchpointAnalyticsClient Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{E5FB98E0-0784-44F0-8CEC-95CD4690C43F}



########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########
Nahoru
bluemanik
Návštěvník
Návštěvník
Příspěvky: 20
Registrován: 29 kvě 2009 08:11

Re: Prosím o preventivní kontrolu, pomalé načítání webu

#4 Příspěvek od bluemanik »

Jinak pomalé načítání stránek jsem asi vyřešil. V konfiguraci wifi adaptéru jsem přepnul na upřednostňované pásmo 2,4GHz. Teď už je načítání podstatně svižnější.
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119320
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Prosím o preventivní kontrolu, pomalé načítání webu

#5 Příspěvek od Rudy »

OK. Vyšší pásmo je zřejmě ve vašem okolí více využívané. Chcete-li, dočistíme. Nejprve smažte tuto položku:
PUP.Winlogon.Heuristic HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon|Userinit
Pak restartujte a dejte nové logy FRST+Addition.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
bluemanik
Návštěvník
Návštěvník
Příspěvky: 20
Registrován: 29 kvě 2009 08:11

Re: Prosím o preventivní kontrolu, pomalé načítání webu

#6 Příspěvek od bluemanik »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 09-01-2021
Ran by Admin (administrator) on NTB0037 (HP HP ZBook 17 G6) (11-01-2021 10:20:37)
Running from C:\Users\modracekp\Desktop
Loaded Profiles: Admin & modracekp & SQLTELEMETRY$SQLEXPRESS & MSSQL$SQLEXPRESS & MSSQLLaunchpad$SQLEXPRESS & MSSQLFDLauncher$SQLEXPRESS
Platform: Windows 10 Pro Version 1909 18363.1256 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(ALPS ALPINE CO., LTD. -> ALPSALPINE CO., LTD.) C:\Windows\System32\Alps\GlidePoint\HidMonitorSvc.exe
(Bromium, Inc. -> HP) C:\Program Files\HP\Sure Click\servers\BrConsole.exe
(Cisco Systems, Inc. -> Cisco Systems, Inc.) C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
(Deep Instinct Ltd -> Deep Instinct Ltd.) C:\Program Files\HP Sure Sense\DeepETPService.exe
(Deep Instinct Ltd -> Deep Instinct Ltd.) C:\Program Files\HP Sure Sense\DeepMgmtService.exe
(Deep Instinct Ltd -> Deep Instinct Ltd.) C:\Program Files\HP Sure Sense\DeepNetworkService.exe
(Deep Instinct Ltd -> Deep Instinct Ltd.) C:\Program Files\HP Sure Sense\DeepRpcServer.exe
(Deep Instinct Ltd -> Deep Instinct Ltd.) C:\Program Files\HP Sure Sense\DeepStaticService.exe
(Fortemedia Inc. -> Fortemedia) C:\Windows\System32\FMUSBService64.exe
(FOXIT SOFTWARE INC. -> Foxit Software Inc.) D:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitReaderUpdateService.exe
(Ghisler Software GmbH -> Ghisler Software GmbH) C:\totalcmd\TOTALCMD64.EXE
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <12>
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP Collaboration Keyboard\HPCollaborationKeyboard.exe
(HP Inc. -> HP Inc.) C:\Program Files\HPCommRecovery\HPCommRecovery.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_f37ada3b81da51b7\x64\TouchpointAnalyticsClientService.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_523e0ef1e49d1c25\x64\AppHelperCap.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_523e0ef1e49d1c25\x64\BridgeCommunication.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_523e0ef1e49d1c25\x64\NetworkCap.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_523e0ef1e49d1c25\x64\SysInfoCap.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_7c4f80d815ff4ebd\HotKeyServiceUWP.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_7c4f80d815ff4ebd\HPHotkeyNotification.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_7c4f80d815ff4ebd\LanWlanWwanSwitchingServiceUWP.exe
(HP Inc. -> HP) C:\Program Files (x86)\HP\HP Collaboration Keyboard\CollaborationKeysController.exe
(HP Inc. -> HP) C:\Program Files (x86)\HP\HP MAC Address Manager\hpMAMSrv.exe
(HP Inc. -> HP) C:\Program Files (x86)\HP\HP Notifications\HPNotifications.exe
(HP Inc. -> HP) C:\Program Files (x86)\HP\Shared\hpqwmiex.exe
(IDSA Production signing key -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe
(IDSA Production signing key -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe
(IDSA Production signing key -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_9196e89091d8bdbb\esif_uf.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_0b214be229a13e84\jhi_service.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_c0fd909ca6e7d672\LMS.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_28efa2cb508b2ae9\igfxCUIService.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_28efa2cb508b2ae9\igfxEM.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_70e7e4392a76adb3\OneApp.IGCC.WinService.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_e1af50d1bed26d14\IntelCpHDCPSvc.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_e1af50d1bed26d14\IntelCpHeciSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_724e05bd98458fe4\RstMwService.exe
(Intel(R) System Usage Report -> ) C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe
(Intel(R) System Usage Report -> ) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Kilonova LLC -> Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.5.0.4\Lightshot.exe
(Logitech Inc -> Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(Logitech Inc -> Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub.exe <3>
(Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_agent.exe
(Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_updater.exe
(Malwarebytes Inc -> Malwarebytes) D:\temp\AdwCleaner.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\modracekp\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\modracekp\AppData\Local\Microsoft\Teams\current\Teams.exe <6>
(Microsoft Corporation -> Microsoft Corporation) D:\Program Files\Microsoft SQL Server\MSSQL14.SQLEXPRESS\MSSQL\Binn\fdhost.exe
(Microsoft Corporation -> Microsoft Corporation) D:\Program Files\Microsoft SQL Server\MSSQL14.SQLEXPRESS\MSSQL\Binn\fdlauncher.exe
(Microsoft Corporation -> Microsoft Corporation) D:\Program Files\Microsoft SQL Server\MSSQL14.SQLEXPRESS\MSSQL\Binn\Launchpad.exe
(Microsoft Corporation -> Microsoft Corporation) D:\Program Files\Microsoft SQL Server\MSSQL14.SQLEXPRESS\MSSQL\Binn\sqlceip.exe
(Microsoft Corporation -> Microsoft Corporation) D:\Program Files\Microsoft SQL Server\MSSQL14.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Microsoft Update Health Tools\uhssvc.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender Advanced Threat Protection\Classification\SenseCE.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <4>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\usocoreworker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.18362.1190_none_1716e3ef2a15f08c\TiWorker.exe
(Microsoft Windows Hardware Compatibility Publisher -> Fortemedia) C:\Windows\System32\FMService64.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\NisSrv.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\nview\nviewMain.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\nview\nviewMain64.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvblwi.inf_amd64_c99e86ba982355d8\Display.NvContainer\NVDisplay.Container.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvwmi64.exe <2>
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <3>
(Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe
(Shrew Soft Inc -> ) C:\Program Files\ShrewSoft\VPN Client\iked.exe
(Shrew Soft Inc -> ) C:\Program Files\ShrewSoft\VPN Client\ipsecd.exe
(Sound Research Corporation -> Sound Research, Corp.) C:\Windows\System32\SECOMN64.exe
(TBT_DCH_DRV_PROD -> Intel Corporation) C:\Windows\ThunderboltService.exe
(TEFINCOM S.A. -> TEFINCOM S.A.) D:\Program Files\NordVPN\nordvpn-service.exe
(VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
(VMware, Inc. -> VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(VMware, Inc. -> VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(VMware, Inc. -> VMware, Inc.) D:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
0 C:\Program Files\WindowsApps\AD2F1837.HPJumpStarts_1.9.1548.0_x64__v10z8vjag6ke6\HP.JumpStarts.exe
0 C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2011.16.0_x64__8wekyb3d8bbwe\Calculator.exe
0 C:\Program Files\WindowsApps\Microsoft.WindowsStore_12011.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
0 C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20112.72.0_x64__8wekyb3d8bbwe\YourPhone.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\windows\System32\RtkAudUService64.exe [1140000 2020-07-30] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3942864 2016-10-13] (Logitech -> Logitech, Inc.)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [15642744 2016-03-30] (Logitech Inc -> Logitech Inc.)
HKLM-x32\...\Run: [HPNotifications] => C:\Program Files (x86)\HP\HP Notifications\HPNotifications.exe [1582632 2019-11-20] (HP Inc. -> HP)
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [226728 2019-07-21] (Kilonova LLC -> )
HKLM-x32\...\Run: [Intel Driver & Support Assistant] => C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe [285544 2020-12-07] (IDSA Production signing key -> Intel)
HKLM\...\Winlogon: [Userinit] <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-2808055777-1964107174-1078247012-1001\...\Run: [LGHUB] => C:\Program Files\LGHUB\lghub.exe [104449672 2020-09-02] (Logitech Inc -> Logitech, Inc.)
HKU\S-1-5-21-3335587309-3254080361-1999049365-1211\...\Run: [LGHUB] => C:\Program Files\LGHUB\lghub.exe [104449672 2020-09-02] (Logitech Inc -> Logitech, Inc.)
HKU\S-1-5-21-3335587309-3254080361-1999049365-1211\...\Run: [com.squirrel.Teams.Teams] => C:\Users\modracekp\AppData\Local\Microsoft\Teams\Update.exe [2453688 2020-11-22] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-3335587309-3254080361-1999049365-1211\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [32414392 2020-12-08] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-3335587309-3254080361-1999049365-1211\...\Policies\Explorer\Run: [1] => \\Ads\sysvol\jhv.local\scripts\elektro-eplan,cmd
HKU\S-1-5-21-3335587309-3254080361-1999049365-1211\Software\Policies\...\system: [GroupPolicyRefreshTime] 30
HKU\S-1-5-21-3335587309-3254080361-1999049365-1211\Software\Policies\...\system: [GroupPolicyRefreshTimeOffset] 10
HKLM\...\Windows x64\Print Processors\XeroxV5Print: C:\Windows\System32\spool\prtprocs\x64\x5print.dll [90112 2018-09-27] (Microsoft Windows Hardware Compatibility Publisher -> Xerox Corporation)
HKLM\...\Print\Monitors\Port pro virtualizaci Xerox: C:\windows\system32\x5lrsl.dll [129024 2019-01-23] (Microsoft Windows Hardware Compatibility Publisher -> Xerox Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\87.0.4280.88\Installer\chrmstp.exe [2021-01-06] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\vpngui.exe.lnk [2020-11-13]
ShortcutTarget: vpngui.exe.lnk -> C:\Windows\Installer\{5FDC06BF-3D3D-4367-8FFB-4FAFCB61972D}\Icon09DB8A851.exe () [File not signed]
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0C11B761-13CC-48BE-B1FE-7CE56E7F1EAE} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-05-07] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {0C2690B9-C903-4F6B-A857-6DA42C6C7D15} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {14A40B10-00C6-40D2-AC52-D569CC6E8ECB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {19D481D7-335F-4223-8B5E-5F02C28D4D3C} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [693456 2020-12-27] (Mozilla Corporation -> Mozilla Foundation)
Task: {2473456C-32FA-4487-8B07-3258F4488898} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [3098912 2020-11-05] (Intel(R) System Usage Report -> Intel Corporation)
Task: {25C07CF0-8E0D-45EE-9CD8-5857298976B5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-07-09] (Google LLC -> Google LLC)
Task: {292ED018-7F77-4F6F-9BAA-16D9D83EFCCA} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [647656 2020-06-23] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2945D3C3-B22E-4589-B1CD-AF37A8F236A8} - System32\Tasks\nWizard_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [1537952 2020-09-23] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2F078C5C-822A-498E-B6EC-12B7B6560DC4} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-06-23] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3A5D1AB4-D696-43BB-8800-6A7E727AFA62} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-06-23] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3B95977E-810B-47FB-9297-E3EE314DA3DB} - System32\Tasks\HP\HP Collaboration Keyboard\Start Collaboration Keyboard Process => C:\Program Files (x86)\HP\HP Collaboration Keyboard\HPCollaborationKeyboard.exe [609320 2020-02-14] (HP Inc. -> HP Inc.)
Task: {3C3031E5-418E-4541-B500-5308FB92699A} - System32\Tasks\HP\HP Collaboration Keyboard\HP Collaboration Keyboard Controller => C:\Program Files (x86)\HP\HP Collaboration Keyboard\CollaborationKeysController.exe [722984 2019-09-17] (HP Inc. -> HP)
Task: {46B56024-EC32-4680-80E7-CDD36722EF0C} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-06-23] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {46EE7878-B8BE-42F4-A8FF-4C5003FA3F00} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-12-08] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {4AB05872-9B0B-4258-A2D8-810CEC825627} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22855048 2020-09-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {4C028657-0CD7-4837-9319-509D9CEC6FCA} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144744 2020-10-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {4F53AA59-053F-4D2F-9CB5-B142E74552E6} - System32\Tasks\HP\Sure Click\Tray icon 4.1.8.2387 => C:\Program Files\HP\Sure Click\servers\BrConsole.exe [265560 2019-09-06] (Bromium, Inc. -> HP)
Task: {558B4349-9ADA-4D80-A2D9-3080273B321A} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3292984 2020-06-25] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {60C8AF39-21FB-4701-B868-83E442F25CBA} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-05-07] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {62528EE8-CCE1-4F69-B1EA-DDBC7F612E2D} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22855048 2020-09-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {625DCF4F-878D-4837-B0FC-483EF8E2D06F} - System32\Tasks\Microsoft\Windows\GroupPolicy\{3E0A038B-D834-4930-9981-E89C9BFF83AA} => C:\windows\system32\gpupdate.exe [30208 2020-10-14] (Microsoft Windows -> Microsoft Corporation)
Task: {65BC2E89-D8FA-448E-A56D-5547422F0153} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1349200 2020-11-03] (Adobe Inc. -> Adobe Inc.)
Task: {6CE280B0-38CF-4BAF-ADEB-B3328580B8D5} - System32\Tasks\HP\Consent Manager Launcher => sc start hptouchpointanalyticsservice
Task: {6EB15381-5D83-4704-86A8-3E04FB5821A7} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
Task: {777BE5FB-2812-4CE2-85BA-9218991DF5FB} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [26896568 2020-12-08] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {77AB14C5-4AAB-4497-9EC2-C8C706A65499} - System32\Tasks\HP\Sure Click\Sure Click 4.1.8.2387 => C:\Program Files\HP\Sure Click\servers\BrLauncher.exe [2671448 2019-09-06] (Bromium, Inc. -> HP)
Task: {77AF8658-41C5-45E6-8705-8B0B3DD7A7CD} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\VirtulizationBasedIsolation\Virtualization based Isolation master policy change => C:\windows\system32\hvsievaluator.exe [163640 2020-03-24] (Microsoft Windows -> Microsoft Corporation)
Task: {7B46258C-44B8-453A-8208-AA604AB6D9BC} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [3098912 2020-11-05] (Intel(R) System Usage Report -> Intel Corporation)
Task: {8F1FE5C3-025E-40FF-8F12-0CFA508CBA91} - System32\Tasks\AdwCleaner_onReboot => D:\temp\AdwCleaner.exe [8447152 2021-01-08] (Malwarebytes Inc -> Malwarebytes) <==== ATTENTION
Task: {A217719E-627F-4D3C-A0A3-467F25398C6C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A2EE2173-1A43-42AB-903D-1BA2C02E2EEB} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144744 2020-10-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {A57EC69F-9BB1-4D5C-8AEE-FBEDBA93D538} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [414872 2017-04-12] (OOO Lightshot -> TODO: <Company name>)
Task: {AE54E86F-91A4-40A4-9781-8B4CE58CE27F} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-06-23] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C0AEE357-4345-4F67-BC58-9315805FF6E2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-07-09] (Google LLC -> Google LLC)
Task: {C61120FC-A032-4B76-BC6D-4AA3051E23AE} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => "C:\windows\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs"
Task: {CC6AD8FB-AFD3-4B5A-9C68-41603C4F4A12} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D18CAF5A-518E-4C9B-845C-6D6CE76617FD} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-06-23] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D2DC759E-F8E5-45EB-A03E-7B1E40B72BFF} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSFReport.exe [135000 2020-10-01] (HP Inc. -> HP Inc.)
Task: {EDA596A9-CBF0-4316-82B4-1370A434EA8F} - System32\Tasks\Microsoft\Windows\GroupPolicy\{A7719E0F-10DB-4640-AD8C-490CC6AD5202} => C:\windows\system32\gpupdate.exe [30208 2020-10-14] (Microsoft Windows -> Microsoft Corporation)
Task: {F9E3305D-262D-489B-87E2-623743129A21} - System32\Tasks\update-S-1-5-21-2808055777-1964107174-1078247012-1001 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [414872 2017-04-12] (OOO Lightshot -> TODO: <Company name>)
Task: {FC5F6ADA-A87D-448D-B82C-6D977C5EB390} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-06-23] (NVIDIA Corporation -> NVIDIA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\windows\Tasks\update-S-1-5-21-2808055777-1964107174-1078247012-1001.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\windows\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: [S-1-5-21-3335587309-3254080361-1999049365-1211] => 170.84.85.214:8080
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 0.0.0.0
Tcpip\..\Interfaces\{5beee45a-f1aa-4e09-ade9-6d6ac337580f}: [DhcpNameServer] 192.168.0.1 0.0.0.0
Tcpip\..\Interfaces\{840fc382-babc-4c1e-9e0e-62eddeb999be}: [DhcpNameServer] 10.1.2.11 10.1.2.1
Tcpip\..\Interfaces\{8e01016b-2471-4e0f-a676-d21309522498}: [NameServer] 10.1.2.1,10.1.2.11
Tcpip\..\Interfaces\{cb41b0dc-6165-4932-8f82-ca70e9c9e1a2}: [DhcpNameServer] 10.1.2.11 10.1.2.1
Tcpip\..\Interfaces\{d79162e5-1bdd-4ef6-9d82-e32f1fdbb324}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{d79162e5-1bdd-4ef6-9d82-e32f1fdbb324}: [DhcpNameServer] 192.168.0.1 0.0.0.0

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.261.2 -> C:\Program Files\Java\jre1.8.0_261\bin\dtplugin\npDeployJava1.dll [2020-10-07] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.261.2 -> C:\Program Files\Java\jre1.8.0_261\bin\plugin2\npjp2.dll [2020-10-07] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-09-15] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> d:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @bromium.com/BroFox,version=1.0 -> C:\Program Files\HP\Sure Click\servers\npBromiumPlugin.dll [2019-09-06] (Bromium, Inc. -> HP)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> d:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-07-08] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.cpdf -> d:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-07-08] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> d:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-07-08] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> d:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-07-08] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> d:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-07-08] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.261.2 -> C:\Program Files (x86)\Java\jre1.8.0_261\bin\dtplugin\npDeployJava1.dll [2020-08-04] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.261.2 -> C:\Program Files (x86)\Java\jre1.8.0_261\bin\plugin2\npjp2.dll [2020-08-04] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2020-09-15] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @ptc.com/IsoView -> C:\Program Files (x86)\Common Files\PTC\npisoview.dll [2018-05-17] (PTC Inc. -> PTC Inc.)
FF Plugin-x32: @ptc.com/ProductViewLite -> C:\Program Files (x86)\Common Files\PTC\np6_pvapplite9.dll [2018-05-17] (PTC Inc. -> PTC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-12-07] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3335587309-3254080361-1999049365-1211: SkypeForBusinessPlugin-15.8 -> C:\Users\modracekp\AppData\Local\Microsoft\SkypeForBusinessPlugin\15.8.20020.369\npGatewayNpapi.dll [2015-04-20] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin HKU\S-1-5-21-3335587309-3254080361-1999049365-1211: SkypeForBusinessPlugin64-15.8 -> C:\Users\modracekp\AppData\Local\Microsoft\SkypeForBusinessPlugin\15.8.20020.369\npGatewayNpapi-x64.dll [2015-04-20] (Microsoft Corporation -> Microsoft Corporation)

Chrome:
=======
CHR Profile: C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default [2021-01-06]
CHR Extension: (Slides) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-07-09]
CHR Extension: (Docs) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-07-09]
CHR Extension: (Google Drive) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-11-16]
CHR Extension: (YouTube) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-07-09]
CHR Extension: (Sheets) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-07-09]
CHR Extension: (Google Docs Offline) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-12-27]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-07-09]
CHR Extension: (Gmail) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-11-16]
CHR Extension: (Chrome Media Router) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-12-27]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

"MpKslf04abe22" => service could not be unlocked. <==== ATTENTION
HKLM\SYSTEM\ControlSet001\Services\MpKslf04abe22 => \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{E2C82A6E-CA5F-4748-B1B1-961D3A415120}\MpKslDrv.sys <==== ATTENTION (Rootkit!/Locked Service)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [170056 2020-11-03] (Adobe Inc. -> Adobe Inc.)
R2 ApHidMonitorService; C:\windows\system32\Alps\GlidePoint\HidMonitorSvc.exe [573520 2019-09-19] (ALPS ALPINE CO., LTD. -> ALPSALPINE CO., LTD.)
S3 BrAXService; C:\Program Files\HP\Sure Click\4.1.8.2387\servers\BrAXService.exe [2754392 2019-09-06] (Bromium, Inc. -> HP)
S3 BrRmService; C:\Program Files\HP\Sure Click\servers\BrRemoteMgmtSvc.exe [5692760 2019-09-06] (Bromium, Inc. -> HP)
S3 BrService; C:\Program Files\HP\Sure Click\servers\BrService.exe [9472856 2019-09-06] (Bromium, Inc. -> HP)
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2013-09-25] (Brother Industries, Ltd.) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8943496 2020-09-24] (Microsoft Corporation -> Microsoft Corporation)
R3 DeepETPService; C:\Program Files\HP Sure Sense\DeepETPService.exe [1891640 2020-12-27] (Deep Instinct Ltd -> Deep Instinct Ltd.)
R2 DeepMgmtService; C:\Program Files\HP Sure Sense\DeepMgmtService.exe [1105720 2020-12-27] (Deep Instinct Ltd -> Deep Instinct Ltd.)
R3 DeepNetworkService; C:\Program Files\HP Sure Sense\DeepNetworkService.exe [1184568 2020-12-27] (Deep Instinct Ltd -> Deep Instinct Ltd.)
R3 DeepStaticService; C:\Program Files\HP Sure Sense\DeepStaticService.exe [1729848 2020-12-27] (Deep Instinct Ltd -> Deep Instinct Ltd.)
S3 EPLAN Client Service; C:\Program Files\EPLAN\Common\EClientService.exe [7715336 2020-10-12] (EPLAN Software & Service GmbH & Co. KG -> EPLAN Software & Service GmbH & Co. KG)
R2 FMAPOService; C:\windows\System32\FMService64.exe [345904 2020-06-28] (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia)
R2 FMUSBAPOService; C:\windows\system32\FMUSBService64.exe [145496 2019-02-22] (Fortemedia Inc. -> Fortemedia)
R2 FoxitReaderUpdateService; d:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitReaderUpdateService.exe [1995184 2020-07-08] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
R2 HotKeyServiceUWP; C:\windows\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_7c4f80d815ff4ebd\HotKeyServiceUWP.exe [1527208 2020-10-20] (HP Inc. -> HP Inc.)
R2 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [1321096 2018-09-28] (HP Inc. -> HP Inc.)
R2 HPAppHelperCap; C:\windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_523e0ef1e49d1c25\x64\AppHelperCap.exe [689912 2020-11-05] (HP Inc. -> HP Inc.)
R2 HPMAMSrv; C:\Program Files (x86)\HP\HP MAC Address Manager\hpMAMSrv.exe [542248 2019-04-22] (HP Inc. -> HP)
R2 HPNetworkCap; C:\windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_523e0ef1e49d1c25\x64\NetworkCap.exe [688888 2020-11-05] (HP Inc. -> HP Inc.)
R3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1149480 2019-04-12] (HP Inc. -> HP)
R2 HPSysInfoCap; C:\windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_523e0ef1e49d1c25\x64\SysInfoCap.exe [689400 2020-11-05] (HP Inc. -> HP Inc.)
R2 HpTouchpointAnalyticsService; C:\windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_f37ada3b81da51b7\x64\TouchpointAnalyticsClientService.exe [476424 2020-11-04] (HP Inc. -> HP Inc.)
R2 iked; C:\Program Files\ShrewSoft\VPN Client\iked.exe [1127736 2013-07-01] (Shrew Soft Inc -> )
R2 ipsecd; C:\Program Files\ShrewSoft\VPN Client\ipsecd.exe [810808 2013-07-01] (Shrew Soft Inc -> )
R2 LanWlanWwanSwitchingServiceUWP; C:\windows\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_7c4f80d815ff4ebd\LanWlanWwanSwitchingServiceUWP.exe [788904 2020-10-20] (HP Inc. -> HP Inc.)
R2 LGHUBUpdaterService; C:\Program Files\LGHUB\lghub_updater.exe [11134088 2020-09-02] (Logitech Inc -> Logitech, Inc.)
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [193656 2016-03-30] (Logitech Inc -> Logitech Inc.)
S3 MsMpiLaunchSvc; C:\Program Files\Microsoft MPI\Bin\msmpilaunchsvc.exe [23040 2016-03-04] () [File not signed]
R2 MSSQL$SQLEXPRESS; D:\Program Files\Microsoft SQL Server\MSSQL14.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [484944 2019-06-15] (Microsoft Corporation -> Microsoft Corporation)
R3 MSSQLFDLauncher$SQLEXPRESS; D:\Program Files\Microsoft SQL Server\MSSQL14.SQLEXPRESS\MSSQL\Binn\fdlauncher.exe [60488 2019-06-15] (Microsoft Corporation -> Microsoft Corporation)
R2 MSSQLLaunchpad$SQLEXPRESS; D:\Program Files\Microsoft SQL Server\MSSQL14.SQLEXPRESS\MSSQL\Binn\launchpad.exe [1121360 2019-06-15] (Microsoft Corporation -> Microsoft Corporation)
R2 nordvpn-service; d:\Program Files\NordVPN\nordvpn-service.exe [275200 2020-10-16] (TEFINCOM S.A. -> TEFINCOM S.A.)
R2 NVWMI; C:\windows\system32\nvwmi64.exe [4786920 2020-09-23] (NVIDIA Corporation -> NVIDIA Corporation)
R2 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6264152 2020-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 SQLAgent$SQLEXPRESS; D:\Program Files\Microsoft SQL Server\MSSQL14.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [578640 2019-06-15] (Microsoft Corporation -> Microsoft Corporation)
R2 SQLTELEMETRY$SQLEXPRESS; D:\Program Files\Microsoft SQL Server\MSSQL14.SQLEXPRESS\MSSQL\Binn\sqlceip.exe [252704 2019-06-15] (Microsoft Corporation -> Microsoft Corporation)
S3 ss_conn_launcher_service; C:\windows\System32\Samsung\EasySetup\ss_conn_launcher.exe [182128 2020-06-26] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2020-06-26] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
R2 ss_conn_service2; C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe [935352 2020-06-26] (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.)
R2 VMAuthdService; D:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe [100272 2019-11-04] (VMware, Inc. -> VMware, Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\NisSrv.exe [2491880 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MsMpEng.exe [128376 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\windows\System32\DriverStore\FileRepository\nvblwi.inf_amd64_c99e86ba982355d8\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\windows\System32\DriverStore\FileRepository\nvblwi.inf_amd64_c99e86ba982355d8\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 ApHidfiltrService; C:\windows\System32\drivers\ApHidFiltr.sys [350432 2019-09-19] (ALPS ALPINE CO., LTD. -> ALPSALPINE CO., LTD.)
S3 ApPTPFilterService; C:\windows\System32\drivers\ApPtpFiltr.sys [339440 2019-07-27] (ALPS ALPINE CO., LTD. -> ALPSALPINE CO., LTD.)
S4 BrCow_4_1_8_2387; C:\windows\System32\DRIVERS\BrCow_4_1_8_2387.sys [64872 2019-09-06] (Bromium, Inc. -> Windows (R) Win 7 DDK provider)
S4 BrFilter_4_1_8_2387; C:\windows\System32\DRIVERS\BrFilter_4_1_8_2387.sys [223080 2019-09-06] (Bromium, Inc. -> HP)
R2 BrHostDrv; C:\windows\system32\Drivers\BrHostDrv.sys [45584 2020-03-24] (Bromium, Inc. -> HP)
S3 CH341SER_A64; C:\windows\System32\Drivers\CH341S64.SYS [58368 2011-11-04] (Microsoft Windows Hardware Compatibility Publisher -> www.winchiphead.com)
R3 CVPNDRVA; C:\windows\system32\Drivers\CVPNDRVA.sys [306536 2011-03-04] (Cisco Systems, Inc. -> )
R0 DeepMgmtDriver; C:\windows\System32\drivers\DeepMgmtDriver.sys [67304 2020-12-27] (Deep Instinct Ltd -> )
R3 DeepRansomDriver; C:\windows\System32\drivers\DeepRansomDriver.sys [71400 2020-12-27] (Deep Instinct Ltd -> )
R3 DeepStaticDriver; C:\windows\System32\drivers\DeepStaticDriver.sys [52968 2020-12-27] (Deep Instinct Ltd -> )
R1 DNE; C:\windows\system32\DRIVERS\dnelwf64.sys [133456 2013-10-03] (Citrix Systems -> Citrix Systems, Inc.)
R3 HPCustomCapDriver; C:\windows\System32\DriverStore\FileRepository\hpcustomcapdriver.inf_amd64_1f5602eb8a12ac4c\x64\hpcustomcapdriver.sys [25024 2019-05-03] (Microsoft Windows Hardware Compatibility Publisher -> HP Inc.)
R3 LGBusEnum; C:\windows\system32\drivers\LGBusEnum.sys [37408 2015-06-11] (Microsoft Windows Hardware Compatibility Publisher -> Logitech Inc.)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech -> Logitech)
R2 LGHUBTemperatureService; C:\ProgramData\LGHUB\depots\64641\driver_cpu_temperature\logi_core_temp.sys [25448 2020-09-02] (Logitech Inc. -> Logitech)
R3 LGJoyXlCore; C:\windows\system32\drivers\LGJoyXlCore.sys [68384 2015-06-11] (Microsoft Windows Hardware Compatibility Publisher -> Logitech Inc.)
R3 LGSHidFilt; C:\windows\system32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech -> Logitech Inc.)
R3 LGVirHid; C:\windows\system32\drivers\LGVirHid.sys [26912 2015-06-11] (Microsoft Windows Hardware Compatibility Publisher -> Logitech Inc.)
R3 logi_joy_bus_enum; C:\windows\system32\drivers\logi_joy_bus_enum.sys [38136 2020-09-02] (Logitech Inc -> Logitech)
R3 logi_joy_vir_hid; C:\windows\system32\drivers\logi_joy_vir_hid.sys [26672 2020-09-02] (Logitech Inc -> Logitech)
R3 logi_joy_xlcore; C:\windows\system32\drivers\logi_joy_xlcore.sys [66808 2020-09-02] (Logitech Inc -> Logitech)
R3 nlwt; C:\windows\system32\DRIVERS\nlwt.sys [39360 2020-12-27] (TEFINCOM S.A. -> WireGuard LLC)
R1 nordlwf; C:\windows\system32\DRIVERS\nordlwf.sys [38608 2020-10-14] (TEFINCOM S.A. -> TEFINCOM S.A.)
S4 RsFx0501; C:\windows\System32\DRIVERS\RsFx0501.sys [261784 2019-06-15] (Microsoft Corporation -> Microsoft Corporation)
S3 RtkUsbAD_03F00269; C:\windows\system32\drivers\RtUsbA64_03F00269.sys [428840 2020-06-16] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
S3 ssudmdm; C:\windows\system32\DRIVERS\ssudmdm.sys [166768 2020-06-26] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:\windows\System32\Drivers\ss_conn_usb_driver2.sys [43376 2020-06-26] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 tap0901; C:\windows\System32\drivers\tap0901.sys [39920 2019-10-23] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
R3 tapnordvpn; C:\windows\System32\drivers\tapnordvpn.sys [44896 2020-06-09] (TEFINCOM S.A. -> The OpenVPN Project)
R1 vflt; C:\windows\system32\DRIVERS\vfilter.sys [24064 2013-07-01] (Microsoft Windows Hardware Compatibility Publisher -> Shrew Soft Inc)
R2 VMnetBridge; C:\windows\system32\DRIVERS\vmnetbridge.sys [66368 2019-11-04] (VMware, Inc. -> VMware, Inc.)
S3 vnet; C:\windows\System32\drivers\virtualnet.sys [17408 2013-07-01] (Microsoft Windows Hardware Compatibility Publisher -> Shrew Soft Inc)
R0 vsock; C:\windows\System32\DRIVERS\vsock.sys [103224 2019-08-14] (VMware, Inc. -> VMware, Inc.)
S0 WdBoot; C:\windows\System32\drivers\wd\WdBoot.sys [48536 2020-12-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\windows\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
R0 WdFilter; C:\windows\System32\drivers\wd\WdFilter.sys [429296 2020-12-04] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\windows\System32\drivers\wd\WdNisDrv.sys [70896 2020-12-04] (Microsoft Windows -> Microsoft Corporation)
R3 WiMan; C:\windows\System32\DriverStore\FileRepository\wiman.inf_amd64_4b0336d95f188e47\WiMan\WiMan.sys [162136 2020-07-02] (Intel Wireless Driver -> )
R3 WirelessButtonDriver64; C:\windows\System32\drivers\WirelessButtonDriver64.sys [35392 2020-06-08] (HP Inc. -> HP)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-01-11 10:20 - 2021-01-11 10:20 - 000000000 ____D C:\Users\modracekp\Desktop\FRST-OlderVersion
2021-01-11 10:16 - 2021-01-11 10:16 - 000001426 _____ C:\windows\system32\default_error_stack-000000-000000.txt
2021-01-08 13:09 - 2021-01-08 13:09 - 000000000 ____D C:\windows\system32\appmgmt
2021-01-08 13:05 - 2021-01-08 13:05 - 000003834 _____ C:\windows\system32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
2021-01-08 13:04 - 2021-01-08 13:04 - 000000000 ____D C:\windows\LastGood.Tmp
2021-01-08 12:25 - 2021-01-08 12:25 - 000002678 _____ C:\windows\system32\Tasks\USER_ESRV_SVC_QUEENCREEK
2021-01-08 12:25 - 2020-12-15 14:37 - 000041816 _____ C:\windows\system32\Drivers\semav6msr64.sys
2021-01-08 12:22 - 2021-01-08 12:25 - 000003762 _____ C:\windows\system32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132
2021-01-08 12:22 - 2021-01-08 12:25 - 000003528 _____ C:\windows\system32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon
2021-01-08 12:21 - 2021-01-08 12:22 - 000001518 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver & Support Assistant.lnk
2021-01-08 11:09 - 2021-01-08 11:09 - 000003128 _____ C:\windows\system32\Tasks\AdwCleaner_onReboot
2021-01-08 11:06 - 2021-01-08 11:09 - 000000000 ____D C:\AdwCleaner
2021-01-08 11:04 - 2021-01-08 11:04 - 000001667 _____ C:\Users\modracekp\Desktop\vysledek.txt
2021-01-08 09:58 - 2021-01-08 09:58 - 000001893 _____ C:\Users\Admin\Desktop\aaa.txt
2021-01-08 09:48 - 2021-01-08 09:48 - 000000000 ____D C:\Users\Admin\AppData\Local\mbam
2021-01-08 09:39 - 2021-01-08 09:39 - 000000000 ____D C:\Users\modracekp\AppData\Local\mbam
2021-01-08 09:38 - 2021-01-08 09:38 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-01-06 12:14 - 2021-01-06 12:15 - 000074517 _____ C:\Users\modracekp\Desktop\Addition.txt
2021-01-06 12:13 - 2021-01-11 10:21 - 000043391 _____ C:\Users\modracekp\Desktop\FRST.txt
2021-01-06 12:12 - 2021-01-11 10:21 - 000000000 ____D C:\FRST
2021-01-06 12:12 - 2021-01-11 10:20 - 002281472 _____ (Farbar) C:\Users\modracekp\Desktop\FRST64.exe
2021-01-06 11:38 - 2021-01-06 11:38 - 000065612 _____ C:\Users\Admin\Documents\cc_20210106_113826.reg
2021-01-05 18:09 - 2011-11-04 23:00 - 000058368 _____ (www.winchiphead.com) C:\windows\system32\Drivers\CH341S64.SYS
2021-01-05 18:09 - 2005-07-30 00:00 - 000006712 _____ (www.winchiphead.com) C:\windows\SysWOW64\CH341PT.DLL
2021-01-05 17:59 - 2021-01-05 17:59 - 000000000 ____D C:\Users\modracekp\Documents\Arduino
2021-01-05 17:58 - 2021-01-05 18:00 - 000000000 ____D C:\Users\modracekp\Documents\ArduinoData
2020-12-30 13:45 - 2020-12-30 13:45 - 001781088 _____ C:\windows\system32\vulkaninfo-1-999-0-0-0.exe
2020-12-30 13:45 - 2020-12-30 13:45 - 001781088 _____ C:\windows\system32\vulkaninfo.exe
2020-12-30 13:45 - 2020-12-30 13:45 - 001377120 _____ C:\windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2020-12-30 13:45 - 2020-12-30 13:45 - 001377120 _____ C:\windows\SysWOW64\vulkaninfo.exe
2020-12-30 13:45 - 2020-12-30 13:45 - 001087704 _____ C:\windows\system32\vulkan-1-999-0-0-0.dll
2020-12-30 13:45 - 2020-12-30 13:45 - 001087704 _____ C:\windows\system32\vulkan-1.dll
2020-12-30 13:45 - 2020-12-30 13:45 - 000940760 _____ C:\windows\SysWOW64\vulkan-1-999-0-0-0.dll
2020-12-30 13:45 - 2020-12-30 13:45 - 000940760 _____ C:\windows\SysWOW64\vulkan-1.dll
2020-12-30 13:45 - 2020-12-30 13:45 - 000419224 _____ C:\windows\system32\ze_loader.dll
2020-12-30 13:45 - 2020-12-30 13:45 - 000330184 _____ (Intel Corporation) C:\windows\system32\libmfxhw64.dll
2020-12-30 13:45 - 2020-12-30 13:45 - 000272344 _____ (Intel Corporation) C:\windows\SysWOW64\libmfxhw32.dll
2020-12-30 13:45 - 2020-12-30 13:45 - 000161416 _____ (Intel Corporation) C:\windows\system32\intel_gfx_api-x64.dll
2020-12-30 13:45 - 2020-12-30 13:45 - 000140184 _____ C:\windows\system32\ze_validation_layer.dll
2020-12-30 13:45 - 2020-12-30 13:45 - 000136920 _____ (Intel Corporation) C:\windows\SysWOW64\intel_gfx_api-x86.dll
2020-12-30 13:44 - 2020-12-30 13:44 - 026664344 _____ (Intel Corporation) C:\windows\system32\mfxplugin64_hw.dll
2020-12-30 13:44 - 2020-12-30 13:44 - 013509528 _____ (Intel Corporation) C:\windows\SysWOW64\mfxplugin32_hw.dll
2020-12-30 13:44 - 2020-12-30 13:44 - 000499096 _____ (Khronos Group) C:\windows\system32\OpenCL.dll
2020-12-30 13:44 - 2020-12-30 13:44 - 000361880 _____ (Khronos Group) C:\windows\SysWOW64\OpenCL.dll
2020-12-27 18:08 - 2020-12-27 18:08 - 000000000 ____D C:\Users\modracekp\AppData\Local\NordVPN
2020-12-27 18:07 - 2020-12-27 18:07 - 000039360 ____T (WireGuard LLC) C:\windows\system32\Drivers\nlwt.sys
2020-12-27 18:07 - 2020-12-27 18:07 - 000000894 _____ C:\Users\Admin\Desktop\NordVPN.lnk
2020-12-27 18:07 - 2020-12-27 18:07 - 000000000 ____D C:\Users\Admin\AppData\Local\NordVPN
2020-12-27 18:07 - 2020-12-27 18:07 - 000000000 ____D C:\ProgramData\NordVPN
2020-12-27 18:07 - 2020-12-27 18:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NordSec
2020-12-27 18:07 - 2020-12-27 18:07 - 000000000 ____D C:\Program Files\NordVPN network TUN
2020-12-27 18:07 - 2020-12-27 18:07 - 000000000 ____D C:\Program Files (x86)\NordVPN network TAP
2020-12-27 18:07 - 2020-10-14 14:00 - 000038608 _____ (TEFINCOM S.A.) C:\windows\system32\Drivers\nordlwf.sys
2020-12-27 18:02 - 2020-12-27 18:02 - 000000000 ____D C:\ProgramData\UrbanVPN
2020-12-27 17:18 - 2020-12-27 17:18 - 000000000 ____D C:\windows\system32\Tasks\Mozilla
2020-12-27 17:03 - 2020-12-27 17:03 - 000000000 ____D C:\Program Files (x86)\Hewlett-Packard
2020-12-27 17:03 - 2020-12-27 17:03 - 000000000 ____D C:\hpswsetup
2020-12-27 17:02 - 2020-12-27 17:02 - 000000000 ____D C:\Users\modracekp\UrbanVPN
2020-12-15 08:35 - 2020-12-15 08:35 - 000000000 ____D C:\Users\modracekp\AppData\Roaming\IrfanView
2020-12-15 07:19 - 2020-07-30 01:42 - 001145464 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RtCOM64.dll
2020-12-15 07:19 - 2020-07-30 01:42 - 000854104 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RtkApi64U.dll
2020-12-15 07:19 - 2020-07-30 01:42 - 000468776 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RtDataProc64.dll
2020-12-14 10:51 - 2020-12-14 10:51 - 000001929 _____ C:\Users\Admin\Desktop\IrfanView 64 Thumbnails.lnk
2020-12-14 10:51 - 2020-12-14 10:51 - 000001055 _____ C:\Users\Admin\Desktop\IrfanView 64.lnk
2020-12-14 10:51 - 2020-12-14 10:51 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView
2020-12-14 10:51 - 2020-12-14 10:51 - 000000000 ____D C:\Users\Admin\AppData\Roaming\IrfanView
2020-12-14 10:51 - 2020-12-14 10:51 - 000000000 ____D C:\Program Files\IrfanView

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-01-11 10:21 - 2020-03-24 11:17 - 001945354 _____ C:\windows\system32\PerfStringBackup.INI
2021-01-11 10:21 - 2019-09-28 16:06 - 000802996 _____ C:\windows\system32\perfh005.dat
2021-01-11 10:21 - 2019-09-28 16:06 - 000186416 _____ C:\windows\system32\perfc005.dat
2021-01-11 10:21 - 2019-03-19 05:50 - 000000000 ____D C:\windows\INF
2021-01-11 10:19 - 2020-03-24 11:16 - 000000000 ____D C:\ProgramData\NVIDIA
2021-01-11 10:18 - 2020-07-09 14:17 - 000000000 ____D C:\Program Files\CCleaner
2021-01-11 10:17 - 2020-10-13 08:59 - 000000000 ___RD C:\Users\modracekp\OneDrive - JHV engineering s.r.o
2021-01-11 10:17 - 2020-09-02 10:51 - 000000000 ____D C:\Users\modracekp\AppData\Roaming\LGHUB
2021-01-11 10:17 - 2020-09-02 10:51 - 000000000 ____D C:\Users\modracekp\AppData\Local\LGHUB
2021-01-11 10:17 - 2020-06-11 11:32 - 000000000 __SHD C:\Users\modracekp\IntelGraphicsProfiles
2021-01-11 10:17 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-01-11 10:16 - 2020-07-10 11:52 - 000000000 ____D C:\ProgramData\VMware
2021-01-11 10:16 - 2020-03-24 11:10 - 000000000 ___HD C:\Intel
2021-01-11 10:16 - 2019-04-19 19:26 - 000000006 ____H C:\windows\Tasks\SA.DAT
2021-01-11 10:16 - 2019-03-19 05:37 - 001310720 _____ C:\windows\system32\config\BBI
2021-01-11 09:45 - 2019-04-19 19:26 - 000000000 ____D C:\windows\system32\SleepStudy
2021-01-11 09:12 - 2020-06-30 09:47 - 000000000 ____D C:\Users\modracekp\AppData\Local\D3DSCache
2021-01-10 12:14 - 2020-06-10 15:03 - 000000112 _____ C:\windows\system32\config\netlogon.ftl
2021-01-10 11:24 - 2020-09-04 06:01 - 000002444 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-01-08 13:13 - 2019-03-19 05:52 - 000000000 ____D C:\windows\AppReadiness
2021-01-08 13:12 - 2020-06-11 11:32 - 000000000 ____D C:\Users\modracekp\AppData\Roaming\hpqLog
2021-01-08 13:11 - 2019-09-28 16:07 - 000000000 ____D C:\windows\system32\sk
2021-01-08 13:11 - 2019-09-28 16:06 - 000000000 ____D C:\windows\SysWOW64\cs
2021-01-08 13:11 - 2019-09-28 16:06 - 000000000 ____D C:\windows\system32\cs
2021-01-08 13:11 - 2019-09-28 15:17 - 000000000 ____D C:\Program Files\HP
2021-01-08 13:11 - 2019-09-28 15:17 - 000000000 ____D C:\Program Files (x86)\HP
2021-01-08 13:10 - 2020-06-10 15:00 - 000000000 ____D C:\Users\Admin\AppData\Roaming\hpqLog
2021-01-08 13:10 - 2020-03-24 11:19 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security and Protection
2021-01-08 13:10 - 2019-03-19 05:52 - 000000000 ____D C:\windows\system32\WinBioPlugIns
2021-01-08 13:08 - 2020-03-24 11:19 - 000000000 ____D C:\ProgramData\HPQLOG
2021-01-08 13:04 - 2019-09-28 15:17 - 000000000 ____D C:\Program Files (x86)\Intel
2021-01-08 13:02 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps
2021-01-08 13:00 - 2020-03-24 11:13 - 000000000 ____D C:\ProgramData\Intel
2021-01-08 12:58 - 2020-03-24 11:13 - 000000000 ____D C:\ProgramData\Package Cache
2021-01-08 12:28 - 2019-09-28 15:17 - 000000000 ____D C:\Program Files\Intel
2021-01-08 12:22 - 2020-06-11 11:32 - 000000000 ____D C:\Users\modracekp\AppData\Local\Intel
2021-01-08 11:06 - 2019-03-19 05:52 - 000000000 ___HD C:\windows\ELAMBKUP
2021-01-08 11:06 - 2019-03-19 05:37 - 000032768 _____ C:\windows\system32\config\ELAM
2021-01-08 09:26 - 2020-06-11 11:32 - 000000000 ____D C:\Users\modracekp\AppData\Local\Packages
2021-01-06 13:39 - 2020-07-09 13:04 - 000002385 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-01-06 13:39 - 2020-07-09 13:04 - 000002344 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-01-06 13:39 - 2020-07-09 13:04 - 000002344 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2021-01-06 11:42 - 2020-09-22 20:19 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-01-06 11:42 - 2020-06-11 05:50 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-01-06 11:37 - 2020-06-10 17:42 - 000000000 ____D C:\Users\Admin\AppData\Local\CrashDumps
2021-01-06 11:37 - 2019-04-19 20:25 - 000000000 ____D C:\windows\Panther
2021-01-06 11:37 - 2019-03-19 05:52 - 000000000 ____D C:\windows\LiveKernelReports
2021-01-06 11:26 - 2020-07-09 14:17 - 000003936 _____ C:\windows\system32\Tasks\CCleaner Update
2021-01-06 11:26 - 2020-07-09 14:17 - 000000871 _____ C:\Users\Public\Desktop\CCleaner.lnk
2021-01-06 11:26 - 2020-07-09 14:17 - 000000871 _____ C:\ProgramData\Desktop\CCleaner.lnk
2021-01-05 19:32 - 2020-06-11 05:50 - 000000000 ____D C:\ProgramData\Mozilla
2021-01-05 19:31 - 2020-06-11 11:33 - 000000000 ____D C:\Users\modracekp\AppData\LocalLow\Mozilla
2021-01-05 17:57 - 2020-10-13 19:03 - 000000000 ____D C:\Users\modracekp\AppData\Local\PlaceholderTileLogoFolder
2021-01-05 17:57 - 2019-04-19 19:32 - 000000000 ____D C:\ProgramData\Packages
2021-01-05 17:22 - 2020-06-30 08:10 - 000000000 ____D C:\Users\Public\EPLAN
2021-01-05 10:26 - 2020-07-13 12:36 - 000000000 ____D C:\Users\modracekp\AppData\Local\RizeniProjektu
2021-01-04 08:14 - 2020-11-13 07:56 - 000018960 _____ (Logitech, Inc.) C:\windows\system32\Drivers\LNonPnP.sys
2020-12-27 17:18 - 2020-08-04 06:35 - 000001013 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-12-27 17:04 - 2020-03-24 11:24 - 000071400 _____ C:\windows\system32\Drivers\DeepRansomDriver.sys
2020-12-27 17:04 - 2020-03-24 11:24 - 000067304 _____ C:\windows\system32\Drivers\DeepMgmtDriver.sys
2020-12-27 17:04 - 2020-03-24 11:24 - 000052968 _____ C:\windows\system32\Drivers\DeepStaticDriver.sys
2020-12-27 17:04 - 2020-03-24 11:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2020-12-27 17:04 - 2020-03-24 11:24 - 000000000 ____D C:\ProgramData\HP Sure Sense
2020-12-27 17:04 - 2020-03-24 11:24 - 000000000 ____D C:\Program Files\HP Sure Sense
2020-12-27 17:02 - 2020-06-11 11:32 - 000000000 ____D C:\Users\modracekp
2020-12-27 12:25 - 2020-07-09 14:33 - 000000000 ____D C:\Users\modracekp\AppData\Roaming\vlc
2020-12-22 09:38 - 2020-07-09 13:14 - 000037417 _____ C:\windows\system32\SEAPODATUR.USB.VID_03F0&PID_0269&MI_00.zip
2020-12-22 09:38 - 2020-06-26 10:57 - 000000000 ____D C:\Users\modracekp\AppData\Local\CrashDumps
2020-12-15 07:09 - 2020-10-13 08:53 - 000003364 _____ C:\windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3335587309-3254080361-1999049365-1211
2020-12-15 07:09 - 2020-10-13 08:53 - 000002385 _____ C:\Users\modracekp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-12-14 10:07 - 2020-07-10 11:47 - 000000000 ____D C:\Users\modracekp\AppData\Local\CoJeVKardexu

==================== Files in the root of some directories ========

2020-10-07 09:13 - 2020-10-08 13:07 - 000007621 _____ () C:\Users\Admin\AppData\Local\Resmon.ResmonCfg
2020-07-10 07:44 - 2020-07-10 07:44 - 000000003 _____ () C:\Users\Admin\AppData\Local\updater.log
2020-07-10 07:44 - 2020-07-10 07:44 - 000000424 _____ () C:\Users\Admin\AppData\Local\UserProducts.xml

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================



Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-01-2021
Ran by Admin (11-01-2021 10:21:53)
Running from C:\Users\modracekp\Desktop
Windows 10 Pro Version 1909 18363.1256 (X64) (2020-06-10 12:59:08)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Admin (S-1-5-21-2808055777-1964107174-1078247012-1001 - Administrator - Enabled) => C:\Users\Admin
Administrator (S-1-5-21-2808055777-1964107174-1078247012-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2808055777-1964107174-1078247012-503 - Limited - Disabled)
Guest (S-1-5-21-2808055777-1964107174-1078247012-501 - Limited - Disabled)
SQLEXPRESS00 (S-1-5-21-2808055777-1964107174-1078247012-1027 - Limited - Enabled)
SQLEXPRESS01 (S-1-5-21-2808055777-1964107174-1078247012-1028 - Limited - Enabled)
SQLEXPRESS02 (S-1-5-21-2808055777-1964107174-1078247012-1029 - Limited - Enabled)
SQLEXPRESS03 (S-1-5-21-2808055777-1964107174-1078247012-1030 - Limited - Enabled)
SQLEXPRESS04 (S-1-5-21-2808055777-1964107174-1078247012-1031 - Limited - Enabled)
SQLEXPRESS05 (S-1-5-21-2808055777-1964107174-1078247012-1032 - Limited - Enabled)
SQLEXPRESS06 (S-1-5-21-2808055777-1964107174-1078247012-1033 - Limited - Enabled)
SQLEXPRESS07 (S-1-5-21-2808055777-1964107174-1078247012-1034 - Limited - Enabled)
SQLEXPRESS08 (S-1-5-21-2808055777-1964107174-1078247012-1035 - Limited - Enabled)
SQLEXPRESS09 (S-1-5-21-2808055777-1964107174-1078247012-1036 - Limited - Enabled)
SQLEXPRESS10 (S-1-5-21-2808055777-1964107174-1078247012-1037 - Limited - Enabled)
SQLEXPRESS11 (S-1-5-21-2808055777-1964107174-1078247012-1038 - Limited - Enabled)
SQLEXPRESS12 (S-1-5-21-2808055777-1964107174-1078247012-1039 - Limited - Enabled)
SQLEXPRESS13 (S-1-5-21-2808055777-1964107174-1078247012-1040 - Limited - Enabled)
SQLEXPRESS14 (S-1-5-21-2808055777-1964107174-1078247012-1041 - Limited - Enabled)
SQLEXPRESS15 (S-1-5-21-2808055777-1964107174-1078247012-1042 - Limited - Enabled)
SQLEXPRESS16 (S-1-5-21-2808055777-1964107174-1078247012-1043 - Limited - Enabled)
SQLEXPRESS17 (S-1-5-21-2808055777-1964107174-1078247012-1044 - Limited - Enabled)
SQLEXPRESS18 (S-1-5-21-2808055777-1964107174-1078247012-1045 - Limited - Enabled)
SQLEXPRESS19 (S-1-5-21-2808055777-1964107174-1078247012-1046 - Limited - Enabled)
SQLEXPRESS20 (S-1-5-21-2808055777-1964107174-1078247012-1047 - Limited - Enabled)
WDAGUtilityAccount (S-1-5-21-2808055777-1964107174-1078247012-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Disabled - Out of date) {23007AD3-69FE-687C-2629-D584AFFAF72B}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Active Directory Authentication Library for SQL Server (HKLM\...\{0127E4A9-98FF-430B-A1B3-08763F9C5F92}) (Version: 15.0.1000.16 - Microsoft Corporation)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 20.013.20074 - Adobe Systems Incorporated)
Aktualizace NVIDIA 38.0.5.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 38.0.5.0 - NVIDIA Corporation) Hidden
Brother MFL-Pro Suite DCP-L2520DW series (HKLM-x32\...\{F8ECC2FD-CE2B-4ED4-BDCC-90D0D34206FD}) (Version: 1.0.2.0 - Brother Industries, Ltd.)
Browser for SQL Server 2017 (HKLM-x32\...\{CF8EEB96-E7E7-4EF7-A0A1-559F09953156}) (Version: 14.0.1000.169 - Microsoft Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 5.75 - Piriform)
Cisco Systems VPN Client 5.0.07.0440 (HKLM\...\{5FDC06BF-3D3D-4367-8FFB-4FAFCB61972D}) (Version: 5.0.7 - Cisco Systems, Inc.)
DNE Update (HKLM\...\{FA46416D-1FCB-44A5-B01C-961C29881F1B}) (Version: 4.16.2.18640 - Deterministic Networks, Inc.)
Documentation Manager (HKLM\...\{903A7EB3-3534-44FC-8E98-43D5050EF04E}) (Version: 22.10.0.7 - Intel Corporation) Hidden
Dynamic Application Loader Host Interface Service (HKLM\...\{044CFD6C-2031-4589-B764-308FB8DDE6EF}) (Version: 1.0.0.0 - Intel Corporation) Hidden
EPLAN Download Manager 2.7 (x64) (HKLM\...\{05D2063F-3CEA-4A4D-9A43-9F04DA8EE5EF}) (Version: 2.7.3.11418 - EPLAN Software & Service GmbH & Co. KG)
EPLAN Download Manager 2.9 SP1 (x64) (HKLM\...\{DB429848-84F2-493F-9C5D-C792A7E4E7B1}) (Version: 2.9.4.14748 - EPLAN Software & Service GmbH & Co. KG)
EPLAN Electric P8 Data 2.7 (x64) (HKLM\...\{E31055D1-DACD-4F64-8F72-00F799A3C95B}) (Version: 2.7.3.11496 - EPLAN Software & Service GmbH & Co. KG) Hidden
EPLAN Electric P8 Data 2.7 (x64) (HKLM\...\{E31055D1-DACD-4F64-8F72-00F799A3C95B}-11496) (Version: 2.7.3.11496 - EPLAN Software & Service GmbH & Co. KG)
EPLAN Electric P8 Data 2.9 SP1 (x64) (HKLM\...\{E310EAE4-791C-47F6-BB7D-CA6D318DFBEC}) (Version: 2.9.4.14642 - EPLAN Software & Service GmbH & Co. KG) Hidden
EPLAN Electric P8 Data 2.9 SP1 (x64) (HKLM\...\{E310EAE4-791C-47F6-BB7D-CA6D318DFBEC}-14642) (Version: 2.9.4.14642 - EPLAN Software & Service GmbH & Co. KG)
EPLAN Engineering Configuration One 2.7 (x64) (HKLM\...\{F5C54DEA-CA09-4339-83B4-2194D289161F}) (Version: 2.7.3.8538 - EPLAN Software & Service GmbH & Co. KG)
EPLAN Engineering Configuration One 2.9 (x64) (HKLM\...\{912FD8B8-5B19-4B88-A99D-A2AF9E61B24A}) (Version: 2.9.3.8818 - EPLAN Software & Service GmbH & Co. KG)
EPLAN Fluid Data 2.7 (x64) (HKLM\...\{E170090C-4226-43F4-8D17-EAA8C061D713}) (Version: 2.7.3.11647 - EPLAN Software & Service GmbH & Co. KG) Hidden
EPLAN Fluid Data 2.7 (x64) (HKLM\...\{E170090C-4226-43F4-8D17-EAA8C061D713}-11647) (Version: 2.7.3.11647 - EPLAN Software & Service GmbH & Co. KG)
EPLAN Gui cs-CZ 2.7 (x64) (HKLM\...\{012EE773-B6FF-4A51-88DC-D2B1BB45B2C1}) (Version: 2.7.3.11955 - EPLAN Software & Service GmbH & Co. KG)
EPLAN Gui cs-CZ 2.9 SP1 (x64) (HKLM\...\{C2D703CE-F802-42B9-82F5-DB0AB4F5B97E}) (Version: 2.9.4.14773 - EPLAN Software & Service GmbH & Co. KG)
EPLAN License Client (HKLM-x32\...\{0100BD88-3990-431F-9175-AB60E31AFFDE}) (Version: 9.1.17.23100 - EPLAN Software & Service GmbH & Co. KG)
EPLAN License Client (x64) (HKLM\...\{06400E16-27C0-412B-AB67-6A677D35C85D}) (Version: 9.1.17.23100 - EPLAN Software & Service GmbH & Co. KG)
EPLAN Platform 2.7 (x64) (HKLM\...\{E3525665-3B56-4B12-8DAC-498C49D9D7F6}) (Version: 2.7.3.11955 - EPLAN Software & Service GmbH & Co. KG) Hidden
EPLAN Platform 2.7 (x64) (HKLM\...\{E3525665-3B56-4B12-8DAC-498C49D9D7F6}-11418) (Version: 2.7.3.11955 - EPLAN Software & Service GmbH & Co. KG)
EPLAN Platform 2.7 (x64) HF10 11955 (HKLM\...\{E3525665-3B56-4B12-8DAC-498C49D9D7F6}+11955) (Version: 2.7.3.11955 - EPLAN Software & Service GmbH & Co. KG)
EPLAN Platform 2.9 SP1 (x64) (HKLM\...\{E305AB6A-C4AE-4DF8-9954-122AE6A2F2D9}) (Version: 2.9.4.14773 - EPLAN Software & Service GmbH & Co. KG) Hidden
EPLAN Platform 2.9 SP1 (x64) (HKLM\...\{E305AB6A-C4AE-4DF8-9954-122AE6A2F2D9}-14642) (Version: 2.9.4.14773 - EPLAN Software & Service GmbH & Co. KG)
EPLAN Platform 2.9 SP1 (x64) Update 3 14734 (HKLM\...\{E305AB6A-C4AE-4DF8-9954-122AE6A2F2D9}+14734) (Version: 2.9.4.14734 - EPLAN Software & Service GmbH & Co. KG) Hidden
EPLAN Platform 2.9 SP1 (x64) Update 4 14773 (HKLM\...\{E305AB6A-C4AE-4DF8-9954-122AE6A2F2D9}+14773) (Version: 2.9.4.14773 - EPLAN Software & Service GmbH & Co. KG)
EPLAN Platform Data 2.7 (x64) (HKLM\...\{E3006C40-346E-4B83-B120-A5FFC4061C6C}) (Version: 2.7.3.11496 - EPLAN Software & Service GmbH & Co. KG) Hidden
EPLAN Platform Data 2.7 (x64) (HKLM\...\{E3006C40-346E-4B83-B120-A5FFC4061C6C}-11496) (Version: 2.7.3.11496 - EPLAN Software & Service GmbH & Co. KG)
EPLAN Platform Data 2.9 SP1 (x64) (HKLM\...\{E3006749-191B-4039-B3B6-02416BDC4663}) (Version: 2.9.4.14642 - EPLAN Software & Service GmbH & Co. KG) Hidden
EPLAN Platform Data 2.9 SP1 (x64) (HKLM\...\{E3006749-191B-4039-B3B6-02416BDC4663}-14642) (Version: 2.9.4.14642 - EPLAN Software & Service GmbH & Co. KG)
EPLAN Pro Panel 2.7 (x64) (HKLM\...\{E40BF17B-E65E-4F38-A050-133CB414D6A3}) (Version: 2.7.3.11418 - EPLAN Software & Service GmbH & Co. KG) Hidden
EPLAN Pro Panel 2.7 (x64) (HKLM\...\{E40BF17B-E65E-4F38-A050-133CB414D6A3}-11418) (Version: 2.7.3.11418 - EPLAN Software & Service GmbH & Co. KG)
EPLAN Pro Panel 2.9 SP1 (x64) (HKLM\...\{E40BF222-DCDD-45D6-9DC0-C06740A714B3}) (Version: 2.9.4.14642 - EPLAN Software & Service GmbH & Co. KG) Hidden
EPLAN Pro Panel 2.9 SP1 (x64) (HKLM\...\{E40BF222-DCDD-45D6-9DC0-C06740A714B3}-14642) (Version: 2.9.4.14642 - EPLAN Software & Service GmbH & Co. KG)
EPLAN Pro Panel Data 2.7 (x64) (HKLM\...\{E130E951-12E3-495C-B1D6-0D59F1514F82}) (Version: 2.7.3.11418 - EPLAN Software & Service GmbH & Co. KG) Hidden
EPLAN Pro Panel Data 2.7 (x64) (HKLM\...\{E130E951-12E3-495C-B1D6-0D59F1514F82}-11418) (Version: 2.7.3.11418 - EPLAN Software & Service GmbH & Co. KG)
EPLAN Pro Panel Data 2.9 SP1 (x64) (HKLM\...\{E13098D2-D94B-4754-BB6E-53F4EC831A76}) (Version: 2.9.4.14642 - EPLAN Software & Service GmbH & Co. KG) Hidden
EPLAN Pro Panel Data 2.9 SP1 (x64) (HKLM\...\{E13098D2-D94B-4754-BB6E-53F4EC831A76}-14642) (Version: 2.9.4.14642 - EPLAN Software & Service GmbH & Co. KG)
EPLAN Setup Manager 2.7 (x64) (HKLM\...\{ACA67CDA-C222-4DB2-88A7-FD08DC3BFFC6}) (Version: 2.7.3.11418 - EPLAN Software & Service GmbH & Co. KG)
EPLAN Setup Manager 2.9 SP1 (x64) (HKLM\...\{2C3304C8-DAF1-4AA1-8656-BEA63DC4BB1C}) (Version: 2.9.4.14642 - EPLAN Software & Service GmbH & Co. KG)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 10.0.1.35811 - Foxit Software Inc.)
GDR 2027 for SQL Server 2017 (KB4505224) (64-bit) (HKLM\...\KB4505224) (Version: 14.0.2027.2 - Microsoft Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 87.0.4280.88 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.51 - Google LLC) Hidden
HP Collaboration Keyboard (HKLM-x32\...\{3FF0ED81-EE68-4075-BB62-945D6C785CE1}) (Version: 1.0.37.1 - HP)
HP Collaboration Keyboard For Cisco UCC (HKLM-x32\...\{9E7DCA29-89CB-4F9D-8216-B5569C1EABC3}) (Version: 1.0.19.1 - HP)
HP Collaboration Keyboard for Skype for Business (HKLM-x32\...\{3DCC2744-79C2-472E-8C53-4DF60EA672C7}) (Version: 2.0.3.1 - HP Inc.)
HP Connection Optimizer (HKLM-x32\...\{6468C4A5-E47E-405F-B675-A70A70983EA6}) (Version: 2.0.15.0 - HP Inc.)
HP Dock Audio (HKLM\...\HP_DOCKING) (Version: 1.31.36.35 - Synaptics)
HP Documentation (HKLM\...\HP_Documentation) (Version: 1.0.0.1 - HP Inc.)
HP MAC Address Manager (HKLM-x32\...\{21FA165F-905C-4DDA-B00A-00C3A5D17BBA}) (Version: 1.1.19.1 - HP Inc.)
HP Notifications (HKLM-x32\...\{FDBB153D-8F11-4C93-BC0A-9BBF95B26427}) (Version: 1.1.23.1 - HP)
HP Sure Click (HKLM\...\{BE1606B0-D0EA-11E9-B34D-10604B96B11C}) (Version: 4.1.8.2387 - HP Inc.)
HP Sure Sense Installer (HKLM\...\{7F433DEB-EE46-41C2-8723-11CBFFD1803B}) (Version: 1.2.36.0 - HP Inc.)
Integration Services (HKLM-x32\...\{99D2F72B-3293-4419-B351-4ADAD9C1DEF9}) (Version: 15.0.900.30 - Microsoft Corporation) Hidden
Intel Driver && Support Assistant (HKLM-x32\...\{513BFF20-438E-4C8B-9C41-DE06B47D3148}) (Version: 20.11.50.9 - Intel) Hidden
Intel(R) Computing Improvement Program (HKLM\...\{848F0123-CF5D-4192-90EC-A6574D8B1796}) (Version: 2.4.06522 - Intel Corporation)
Intel(R) Dynamic Tuning (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.6.10400.9366 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 2009.14.0.1496 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1915.1 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00000010-0220-1029-84C8-B8D95FA3C8C3}) (Version: 22.10.0.2 - Intel Corporation)
Intel® Driver & Support Assistant (HKLM-x32\...\{5b2269cc-2778-46b0-89ef-56ab483efd85}) (Version: 20.11.50.9 - Intel)
Intel® Chipset Device Software (HKLM-x32\...\{37942a92-9e3f-4d70-9b5c-5955cbc54505}) (Version: 10.1.18121.8164 - Intel(R) Corporation)
Intel® Integrated Sensor Solution (HKLM-x32\...\{1c4f7bdc-8eac-4c3a-8cdd-5fac9b1518c3}) (Version: 3.10.100.3923 - Intel Corporation)
Intel® Software Installer (HKLM-x32\...\{ce61813b-9933-4b38-8b0c-1cb8b740f2d1}) (Version: 22.10.0.7 - Intel Corporation) Hidden
IrfanView 4.56 (64-bit) (HKLM\...\IrfanView64) (Version: 4.56 - Irfan Skiljan)
ISS_Drivers_x64 (HKLM\...\{9BB867B4-2C76-4273-8919-76770DD4A53D}) (Version: 3.10.100.3923 - Intel Corporation) Hidden
Java 8 Update 261 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180261F0}) (Version: 8.0.2610.12 - Oracle Corporation)
Java 8 Update 261 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180261F0}) (Version: 8.0.2610.12 - Oracle Corporation)
Kodi (HKU\S-1-5-21-2808055777-1964107174-1078247012-1001\...\Kodi) (Version: - XBMC Foundation)
Lightshot-5.5.0.4 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.5.0.4 - Skillbrains)
Logitech G HUB (HKLM\...\{521c89be-637f-4274-a840-baaf7460c2b2}) (Version: - Logitech)
Logitech Gaming Software 8.82 (HKLM\...\Logitech Gaming Software) (Version: 8.82.151 - Logitech Inc.)
Microsoft 365 - cs-cz (HKLM\...\O365HomePremRetail - cs-cz) (Version: 16.0.13231.20262 - Microsoft Corporation)
Microsoft 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.13231.20262 - Microsoft Corporation)
Microsoft 365 - sk-sk (HKLM\...\O365HomePremRetail - sk-sk) (Version: 16.0.13231.20262 - Microsoft Corporation)
Microsoft Access database engine 2010 (English) (HKLM\...\{90140000-00D1-0409-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 87.0.664.75 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.139.59 - )
Microsoft Help Viewer 2.3 (HKLM-x32\...\Microsoft Help Viewer 2.3) (Version: 2.3.27412 - Microsoft Corporation)
Microsoft MPI (7.0.12437.8) (HKLM\...\{8499ACD3-C1E3-45AB-BF96-DA491727EBE1}) (Version: 7.0.12437.8 - Microsoft Corporation)
Microsoft ODBC Driver 13 for SQL Server (HKLM\...\{3B280D1C-02F2-4965-8731-C1614E213D25}) (Version: 14.0.2027.2 - Microsoft Corporation)
Microsoft ODBC Driver 17 for SQL Server (HKLM\...\{3DB82642-89B9-4002-9C35-B369199AC5BD}) (Version: 17.2.0.2 - Microsoft Corporation)
Microsoft Office 2019 pro domácnosti a podnikatele - cs-cz (HKLM\...\HomeBusiness2019Retail - cs-cz) (Version: 16.0.13231.20262 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2808055777-1964107174-1078247012-1001\...\OneDriveSetup.exe) (Version: 20.084.0426.0007 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3335587309-3254080361-1999049365-1211\...\OneDriveSetup.exe) (Version: 20.201.1005.0009 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{9D93D367-A2CC-4378-BD63-79EF3FE76C78}) (Version: 11.4.7462.6 - Microsoft Corporation)
Microsoft SQL Server 2017 (64-bit) (HKLM\...\Microsoft SQL Server SQL2017) (Version: - Microsoft Corporation)
Microsoft SQL Server 2017 Setup (English) (HKLM\...\{05C0EF32-CDE2-4E38-92A1-D82CECECFB39}) (Version: 14.0.2027.2 - Microsoft Corporation)
Microsoft SQL Server 2017 T-SQL Language Service (HKLM\...\{C8A51693-98B9-4AB1-91B8-9A1B86729D5F}) (Version: 14.0.1000.169 - Microsoft Corporation)
Microsoft SQL Server Management Studio - 18.0 Preview 4 (HKLM-x32\...\{9c4b87d5-f13e-443d-b9b9-9930043a5be8}) (Version: 15.0.18040.0 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-3335587309-3254080361-1999049365-1211\...\Teams) (Version: 1.3.00.30866 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{0BCA8FBE-0C1C-4C65-98A3-5D34AAF41737}) (Version: 2.70.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.24.28127 (HKLM-x32\...\{282975d8-55fe-4991-bbbb-06a72581ce58}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.24.28127 (HKLM-x32\...\{e31cb1a4-76b5-46a5-a084-3fa419e82201}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2017 (HKLM-x32\...\{f895a2f1-ae3f-4212-8af1-7fa1f8c212ea}) (Version: 15.0.27520 - Microsoft Corporation)
Microsoft VSS Writer for SQL Server 2017 (HKLM\...\{20B328C9-C6BB-434A-928A-00F05CD820B8}) (Version: 14.0.1000.169 - Microsoft Corporation)
Mozilla Firefox 84.0.1 (x64 cs) (HKLM\...\Mozilla Firefox 84.0.1 (x64 cs)) (Version: 84.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 79.0 - Mozilla)
Mozilla Thunderbird 78.5.0 (x86 cs) (HKLM-x32\...\Mozilla Thunderbird 78.5.0 (x86 cs)) (Version: 78.5.0 - Mozilla)
NordVPN (HKLM\...\{19465C24-3D5D-4327-B99F-3CC0A1D38151}_is1) (Version: 6.32.25.0 - TEFINCOM S.A.)
NordVPN network TAP (HKLM-x32\...\{97DEC5D6-2BE9-45BB-BFC5-274B851B486B}) (Version: 1.0.1 - NordVPN)
NordVPN network TUN (HKLM\...\{BD0E4F38-D3F6-452D-A32E-B14D721839AC}) (Version: 1.0.1 - NordVPN)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.27 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.20.4.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.4.14 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.38.34 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.34 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 452.39 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 452.39 - NVIDIA Corporation)
NVIDIA Quadro View 200.93 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView) (Version: 200.93 - NVIDIA Corporation)
NVIDIA WMI 2.35.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVWMI) (Version: 2.35.0 - NVIDIA Corporation)
NvModuleTracker (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvModuleTracker.Driver) (Version: 6.14.24033.38719 - NVIDIA Corporation) Hidden
Odinstalovat ovladač tiskárny UFR II (HKLM\...\Canon UFR II Printer Driver) (Version: 6, 6, 1, 0 - Canon Inc.)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.13231.20126 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.13231.20200 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.13231.20126 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.13231.20126 - Microsoft Corporation) Hidden
PTC Creo View 5.0 (HKLM\...\{B1AF021D-6379-452D-AB07-2F0FC5531216}) (Version: 12.0.0.26 - PTC)
Raspberry Pi Imager (HKU\S-1-5-21-2808055777-1964107174-1078247012-1001\...\Raspberry Pi Imager) (Version: 1.4 - Raspberry Pi)
Realtek USB Audio (HKLM-x32\...\{0A46A65D-89AC-464C-8026-3CD44960BD04}) (Version: 6.3.9600.208 - Realtek Semiconductor Corp.)
Samsung DeX (HKLM-x32\...\{011B9130-F4CA-4245-8BDE-8D6CE4149F92}) (Version: 1.0.2.23 - Samsung Electronics Co., Ltd.) Hidden
Samsung DeX (HKLM-x32\...\{0dd3314d-90c2-4482-b6d3-f9f7a5427b3e}) (Version: 1.0.2.23 - Samsung Electronics Co., Ltd.)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.7.31.0 - Samsung Electronics Co., Ltd.)
Shrew Soft VPN Client (HKLM\...\Shrew Soft VPN Client) (Version: - )
Skype for Business Web App Plug-in (HKLM-x32\...\{5EEFC600-CE9E-4DCE-862A-E7D4A9C7B568}) (Version: 15.8.20020.369 - Microsoft Corporation)
SQL Server 2017 Advanced Analytics (HKLM\...\{826DA700-7B76-49BA-8A83-E55F5FA1301E}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Batch Parser (HKLM\...\{2C6E8311-28BD-4615-9545-6E39E8E83A4B}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Client Tools (HKLM\...\{A6A9EFA1-AFEB-4209-B25D-3CFF2E6FAE2C}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Client Tools (HKLM\...\{BD1502B1-778B-44B6-B2B4-0B77BD0366A1}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Client Tools Extensions (HKLM\...\{06324A5D-66BB-4FAC-8D0B-9FEC1B230FFF}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Client Tools Extensions (HKLM\...\{200F38B2-1492-4576-B08C-78F2C2C953FC}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Common Files (HKLM\...\{9D1C0509-D490-4E9E-ACF5-A73E5C53742D}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Common Files (HKLM\...\{B777C4C0-A1CD-4AB9-99B1-AD5FBED6F8E5}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Connection Info (HKLM\...\{89A7644F-E056-4EC1-BFDE-9D1A531D6855}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Connection Info (HKLM\...\{A9A443F5-56E1-4FC6-937C-5F481345A843}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Database Engine Services (HKLM\...\{28EEF6BA-A23A-42D2-86BA-A6BEE723B969}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Database Engine Services (HKLM\...\{DED314CA-0EFE-4593-9D66-EF75E5289A4C}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Database Engine Shared (HKLM\...\{0E22DBB4-691B-400C-B52D-8DFE8EC421AA}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Database Engine Shared (HKLM\...\{793F1C1E-5C83-4E33-A29B-6EAA7C1E791C}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 DMF (HKLM\...\{B9998A13-5563-496C-B95E-597FFC70B670}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 DMF (HKLM\...\{D7D28BBF-3B0E-43F0-A457-331F1CD9E9EB}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Full text search (HKLM\...\{C37AD300-12CF-4911-9019-A05D66055EB4}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Shared Management Objects (HKLM\...\{10855B1A-F7F2-4D8A-A725-9287C73BED5A}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Shared Management Objects (HKLM\...\{6CBBF624-696C-499E-948D-ADBAFFA2F548}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Shared Management Objects Extensions (HKLM\...\{8C515C22-BE07-4908-985C-0AA9349E1ED4}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Shared Management Objects Extensions (HKLM\...\{C6D92730-3EC0-47B1-8F6C-6F5635D1EFAC}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 SQL Diagnostics (HKLM\...\{DFA6A906-3024-49DE-87AD-750EAED2FA49}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 sql_inst_mpy (HKLM\...\{86DE7941-F5F3-48DF-A45F-82FA91217B45}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 sql_inst_mr (HKLM\...\{8868BCE1-8084-4035-AE2A-13765BE09D93}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 XEvent (HKLM\...\{12D2DB8D-80FF-4152-8F51-EDB3BD3C6976}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 XEvent (HKLM\...\{AA2A015C-C210-413B-95F6-BF9D3CDD6E0D}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server Management Studio (HKLM\...\{6553B343-9437-4355-AD67-C9DEA513B3CD}) (Version: 15.0.18040.0 - Microsoft Corporation) Hidden
SQL Server Management Studio (HKLM\...\{E3FD687D-6757-474B-8D83-5AA944B02C58}) (Version: 15.0.18040.0 - Microsoft Corporation) Hidden
SQL Server Management Studio for Analysis Services (HKLM\...\{D7B8CAB1-8F1A-4F5E-BC1A-A666C7BC6958}) (Version: 15.0.18040.0 - Microsoft Corporation) Hidden
SQL Server Management Studio for Reporting Services (HKLM\...\{8FC6B4CA-A96F-4F3D-9A03-94AD6A407C03}) (Version: 15.0.18040.0 - Microsoft Corporation) Hidden
SSMS Post Install Tasks (HKLM\...\{52AC1373-8F0D-4C4F-8A2A-4ED0623480FC}) (Version: 15.0.18040.0 - Microsoft Corporation) Hidden
Therm 6.6 (HKLM-x32\...\{86F71E3E-7C33-4829-8E53-B38F766E94F9}) (Version: 6.6 - Rittal)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.0 release candidate 3 - Ghisler Software GmbH)
VdhCoApp 1.5.0 (HKLM\...\weh-iss-net.downloadhelper.coapp_is1) (Version: - DownloadHelper)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.11 - VideoLAN)
VMware Player (HKLM\...\{32B21D71-91B2-45D5-90E7-CE3B470BCA8A}) (Version: 15.5.1 - VMware, Inc.)
Winamp (HKLM-x32\...\Winamp) (Version: 5.8 - Winamp SA)
Zoom (HKU\S-1-5-21-3335587309-3254080361-1999049365-1211\...\ZoomUMX) (Version: 5.1 - Zoom Video Communications, Inc.)

Packages:
=========
AlpsAlpine Touchpad Settings Manager - Commercial -> C:\Program Files\WindowsApps\C1E561A0.AlpsGlidePointTouchpad_1.1.24.0_x64__ay1pycd334gd6 [2020-03-24] (ALPS Comm. Devices Tech. (SH) Co., Ltd)
Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_6.10.5.0_x86__kgqvnymyfvs32 [2020-07-01] (king.com)
Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_1.39.4.0_x86__kgqvnymyfvs32 [2020-07-01] (king.com)
HP Power Manager -> C:\Program Files\WindowsApps\AD2F1837.HPPowerManager_2.1.11.0_x64__v10z8vjag6ke6 [2020-07-10] (HP Inc.)
HP Sure Sense -> C:\Program Files\WindowsApps\AD2F1837.HPSureShieldAI_1.2.31.0_x64__v10z8vjag6ke6 [2020-06-10] (HP Inc.)
Intel® Graphics Control Panel -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsControlPanel_3.3.0.0_x64__8j3eq9eme6ctt [2020-06-10] (INTEL CORP)
LinkedIn -> C:\Program Files\WindowsApps\7EE7776C.LinkedInforWindows_2.0.1.0_neutral__w1wdnht996qgy [2020-03-24] (LinkedIn)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-06-10] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-06-10] (Microsoft Corporation) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe [2020-06-10] (Microsoft Corporation) [MS Ad]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2808055777-1964107174-1078247012-1001_Classes\CLSID\{004B49B7-11B9-5058-AA22-08DD0A3ADC4B}\InprocServer32 -> {1F9B35C4-9468-D082-92A5-EAEE85889A47} => No File
CustomCLSID: HKU\S-1-5-21-2808055777-1964107174-1078247012-1001_Classes\CLSID\{DD0822AA-3A0A-4BDC-B749-4B00B9115850}\InprocServer32 -> {52DEBA41-9468-D082-172A-AFA385889A47} => No File
CustomCLSID: HKU\S-1-5-21-3335587309-3254080361-1999049365-1211_Classes\CLSID\{04271989-C4D2-3290-6D74-92CF74C0B057} -> [OneDrive - JHV engineering s.r.o] => C:\Users\modracekp\OneDrive - JHV engineering s.r.o [2020-10-13 08:59]
CustomCLSID: HKU\S-1-5-21-3335587309-3254080361-1999049365-1211_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\modracekp\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20275.4\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3335587309-3254080361-1999049365-1211_Classes\CLSID\{233525e0-5434-46ef-b464-fd7e45e2e145}\localserver32 -> C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe (IDSA Production signing key -> Intel)
CustomCLSID: HKU\S-1-5-21-3335587309-3254080361-1999049365-1211_Classes\CLSID\{7ECF6F97-B4F3-4168-9835-F59C06D7875F}\InprocServer32 -> C:\Users\modracekp\AppData\Local\Microsoft\SkypeForBusinessPlugin\15.8.20020.369\GatewayActiveX-x64.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3335587309-3254080361-1999049365-1211_Classes\CLSID\{81843de1-cd70-4c5e-bdb6-316862e1d82f}\localserver32 -> hp-sure-sense: => No File
ShellIconOverlayIdentifiers: [ BromiumOverlay_4_1_8_2387] -> {6CDCC3E8-D8FF-46EF-B8BE-63A05C2E7272} => C:\Program Files\HP\Sure Click\4.1.8.2387\servers\HostShellExtension.dll [2019-09-06] (Bromium, Inc. -> HP)
ShellIconOverlayIdentifiers-x32: [ BromiumOverlay_4_1_8_2387] -> {6CDCC3E8-D8FF-46EF-B8BE-63A05C2E7272} => C:\Program Files\HP\Sure Click\4.1.8.2387\servers\HostShellExtension.dll [2019-09-06] (Bromium, Inc. -> HP)
ContextMenuHandlers2: [Bromium TrustDrive Context Menu_4_1_8_2387] -> {5F4F5529-DD35-4B9F-812F-A5B0B6ED58AE} => C:\Program Files\HP\Sure Click\4.1.8.2387\servers\HostShellExtension.dll [2019-09-06] (Bromium, Inc. -> HP)
ContextMenuHandlers2-x32: [VMDiskMenuHandler] -> {271DC252-6FE1-4D59-9053-E4CF50AB99DE} => D:\Program Files (x86)\VMware\VMware Player\vmdkShellExt.dll [2019-11-04] (VMware, Inc. -> VMware, Inc.)
ContextMenuHandlers2: [VMDiskMenuHandler64] -> {E4D28EDC-8C0B-43EE-9E7D-C8A8682334DC} => D:\Program Files (x86)\VMware\VMware Player\x64\vmdkShellExt64.dll [2019-11-04] (VMware, Inc. -> VMware, Inc.)
ContextMenuHandlers3: [vSentry_TrustFile_4_1_8_2387] -> {833378FE-1986-46BA-9B4E-F8F1DCA0913C} => C:\Program Files\HP\Sure Click\4.1.8.2387\servers\HostShellExtension.dll [2019-09-06] (Bromium, Inc. -> HP)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\windows\System32\DriverStore\FileRepository\nvblwi.inf_amd64_c99e86ba982355d8\nvshext.dll [2020-09-23] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers5: [NvQuadroView] -> {1E9B04FB-F9E5-4718-997B-B8DA88302A48} => C:\Program Files\NVIDIA Corporation\nview\nvshell.dll [2020-09-23] (NVIDIA Corporation -> NVIDIA Corporation)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2020-12-07 11:31 - 2020-12-07 11:31 - 000126464 _____ () [File not signed] [File is in use] C:\Program Files (x86)\Intel\Driver and Support Assistant\DSASsdInterop.dll
2013-07-01 00:17 - 2013-07-01 00:17 - 000017920 _____ () [File not signed] C:\Program Files\ShrewSoft\VPN Client\libdtp.dll
2013-07-01 00:15 - 2013-07-01 00:15 - 000022016 _____ () [File not signed] C:\Program Files\ShrewSoft\VPN Client\libidb.dll
2013-07-01 00:16 - 2013-07-01 00:16 - 000628224 _____ () [File not signed] C:\Program Files\ShrewSoft\VPN Client\libike.dll
2013-07-01 00:16 - 2013-07-01 00:16 - 000116736 _____ () [File not signed] C:\Program Files\ShrewSoft\VPN Client\libip.dll
2013-07-01 00:15 - 2013-07-01 00:15 - 000018432 _____ () [File not signed] C:\Program Files\ShrewSoft\VPN Client\libith.dll
2013-07-01 00:16 - 2013-07-01 00:16 - 000013312 _____ () [File not signed] C:\Program Files\ShrewSoft\VPN Client\liblog.dll
2013-07-01 00:17 - 2013-07-01 00:17 - 000029184 _____ () [File not signed] C:\Program Files\ShrewSoft\VPN Client\libpfk.dll
2013-07-01 00:17 - 2013-07-01 00:17 - 000035840 _____ () [File not signed] C:\Program Files\ShrewSoft\VPN Client\libvflt.dll
2013-07-01 00:16 - 2013-07-01 00:16 - 000039936 _____ () [File not signed] C:\Program Files\ShrewSoft\VPN Client\libvnet.dll
2020-10-12 11:03 - 2017-08-24 02:13 - 000954368 _____ () [File not signed] D:\Program Files\Microsoft SQL Server\MSSQL14.SQLEXPRESS\MSSQL\Binn\Pythonlauncher.dll
2020-10-12 10:59 - 2017-08-24 02:12 - 000954368 _____ () [File not signed] D:\Program Files\Microsoft SQL Server\MSSQL14.SQLEXPRESS\MSSQL\Binn\RLauncher.dll
2020-12-15 14:37 - 2020-12-15 14:37 - 001950208 _____ (SQLite Development Team) [File not signed] C:\Program Files\Intel\SUR\QUEENCREEK\x64\sqlite3.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp17win10.msn.com/?pc=HCTE
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp17win10.msn.com/?pc=HCTE
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\S-1-5-21-2808055777-1964107174-1078247012-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\S-1-5-21-2808055777-1964107174-1078247012-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\S-1-5-21-3335587309-3254080361-1999049365-1211\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\S-1-5-21-3335587309-3254080361-1999049365-1211\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\S-1-5-80-1985561900-798682989-2213159822-1904180398-3434236965\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\S-1-5-80-1985561900-798682989-2213159822-1904180398-3434236965\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\S-1-5-80-3880006512-4290199581-1648723128-3569869737-3631323133\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\S-1-5-80-3880006512-4290199581-1648723128-3569869737-3631323133\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\S-1-5-80-3919359670-3540430778-4246408611-3681914861-206046543\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\S-1-5-80-3919359670-3540430778-4246408611-3681914861-206046543\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\S-1-5-80-997390408-2153310517-3119169589-2253446180-2226563786\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\S-1-5-80-997390408-2153310517-3119169589-2253446180-2226563786\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: HP Sure Click Plugin_4_1_8_2387 -> {26B469ED-0C6C-4BC2-8F30-D18369A10D36} -> C:\Program Files\HP\Sure Click\4.1.8.2387\servers\BromiumPlugin64.dll [2019-09-06] (Bromium, Inc. -> HP)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_261\bin\ssv.dll [2020-10-07] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_261\bin\jp2ssv.dll [2020-10-07] (Oracle America, Inc. -> Oracle Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2020-06-10] (HP Inc. -> HP Inc.)
BHO-x32: HP Sure Click Plugin_4_1_8_2387 -> {26B469ED-0C6C-4BC2-8F30-D18369A10D36} -> C:\Program Files\HP\Sure Click\4.1.8.2387\servers\BromiumPlugin32.dll [2019-09-06] (Bromium, Inc. -> HP)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2020-09-15] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_261\bin\ssv.dll [2020-08-04] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_261\bin\jp2ssv.dll [2020-08-04] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2020-06-10] (HP Inc. -> HP Inc.)
Handler: bromium - {EFF88B17-05AA-4736-BBCA-6A03421733F0} - C:\Program Files\HP\Sure Click\4.1.8.2387\servers\BromiumPlugin64.dll [2019-09-06] (Bromium, Inc. -> HP)
Handler-x32: bromium - {EFF88B17-05AA-4736-BBCA-6A03421733F0} - C:\Program Files\HP\Sure Click\4.1.8.2387\servers\BromiumPlugin32.dll [2019-09-06] (Bromium, Inc. -> HP)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-10-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-10-06] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-10-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-10-06] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-10-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-10-06] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-10-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-10-06] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-3335587309-3254080361-1999049365-1211\...\sharepoint.com -> hxxps://jhvengcz-files.sharepoint.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-03-19 05:49 - 2020-07-09 14:14 - 000000845 _____ C:\windows\system32\drivers\etc\hosts
127.0.0.1 localhost

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Microsoft MPI\Bin\;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\windows\system32;C:\windows;C:\windows\System32\Wbem;C:\windows\System32\WindowsPowerShell\v1.0\;C:\windows\System32\OpenSSH\;C:\ptc\Creo 5\Creo 5.0.1.0\Parametric\bin;;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files (x86)\Microsoft SQL Server\140\Tools\Binn\;C:\Program Files\Microsoft SQL Server\140\Tools\Binn\;C:\Program Files (x86)\Microsoft SQL Server\140\DTS\Binn\;C:\Program Files\Microsoft SQL Server\140\DTS\Binn\;C:\Program Files\Microsoft SQL Server\Client SDK\ODBC\130\Tools\Binn\;C:\Program Files (x86)\Microsoft SQL Server\150\DTS\Binn\
HKU\S-1-5-21-2808055777-1964107174-1078247012-1001\Control Panel\Desktop\\Wallpaper -> C:\windows\web\wallpaper\HP\HP_SNOW_3840x2160.jpg
HKU\S-1-5-21-3335587309-3254080361-1999049365-1211\Control Panel\Desktop\\Wallpaper ->
HKU\S-1-5-80-1985561900-798682989-2213159822-1904180398-3434236965\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-80-3880006512-4290199581-1648723128-3569869737-3631323133\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-80-3919359670-3540430778-4246408611-3681914861-206046543\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-80-997390408-2153310517-3119169589-2253446180-2226563786\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.

Network Binding:
=============
Wi-Fi: VMware Bridge Protocol -> vmware_bridge (disabled)
Wi-Fi: DNE LightWeight Filter -> dni_dne (enabled)
Wi-Fi: NordVPN LightWeight Firewall -> NordLwf (enabled)
Wi-Fi: Shrew Soft Lightweight Filter -> vflt (enabled)
VMware Network Adapter VMnet8: VMware Bridge Protocol -> vmware_bridge (disabled)
NordLynx: VMware Bridge Protocol -> vmware_bridge (enabled)
Ethernet: VMware Bridge Protocol -> vmware_bridge (enabled)
Ethernet: DNE LightWeight Filter -> dni_dne (enabled)
Ethernet: NordVPN LightWeight Firewall -> NordLwf (enabled)
Ethernet: Shrew Soft Lightweight Filter -> vflt (enabled)
Ethernet 5: VMware Bridge Protocol -> vmware_bridge (enabled)
Ethernet 5: DNE LightWeight Filter -> dni_dne (enabled)
Ethernet 5: NordVPN LightWeight Firewall -> NordLwf (enabled)
Ethernet 5: Shrew Soft Lightweight Filter -> vflt (enabled)
Ethernet 4: VMware Bridge Protocol -> vmware_bridge (enabled)
Ethernet 4: DNE LightWeight Filter -> dni_dne (enabled)
Ethernet 4: Shrew Soft Lightweight Filter -> vflt (enabled)
Ethernet 4: NordVPN LightWeight Firewall -> NordLwf (enabled)
VMware Network Adapter VMnet1: VMware Bridge Protocol -> vmware_bridge (disabled)

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{597A51DC-DD89-4C87-925E-2A7394F943AC}] => (Allow) C:\Program Files\HP\Sure Click\4.1.8.2387\servers\manifests\chrome\brchromium\74.0.3729.186\BrChrome.exe (Bromium, Inc. -> HP)
FirewallRules: [TCP Query User{55FB54D3-27C1-4172-A6C6-B8A516CF618B}C:\ptc\creo elements64\pro5.0\x86e_win64\nms\nmsd.exe] => (Allow) C:\ptc\creo elements64\pro5.0\x86e_win64\nms\nmsd.exe () [File not signed]
FirewallRules: [UDP Query User{823E27D3-58BA-4EBD-A10A-A8344F67C27A}C:\ptc\creo elements64\pro5.0\x86e_win64\nms\nmsd.exe] => (Allow) C:\ptc\creo elements64\pro5.0\x86e_win64\nms\nmsd.exe () [File not signed]
FirewallRules: [TCP Query User{EEEE9234-3799-4065-B540-092D7D4C714F}C:\ptc\creo elements64\pro5.0\x86e_win64\obj\xtop.exe] => (Allow) C:\ptc\creo elements64\pro5.0\x86e_win64\obj\xtop.exe (PTC Inc.) [File not signed]
FirewallRules: [UDP Query User{C1CB1736-3B38-404E-9E8B-98B9E2D03539}C:\ptc\creo elements64\pro5.0\x86e_win64\obj\xtop.exe] => (Allow) C:\ptc\creo elements64\pro5.0\x86e_win64\obj\xtop.exe (PTC Inc.) [File not signed]
FirewallRules: [TCP Query User{E69B1060-FBEE-4EB7-869E-CE398529D27F}C:\ptc\creo elements64\pro5.0\x86e_win64\obj\pro_comm_msg.exe] => (Allow) C:\ptc\creo elements64\pro5.0\x86e_win64\obj\pro_comm_msg.exe (PTC Inc. -> )
FirewallRules: [UDP Query User{14D3098B-91DC-4F04-A066-81DC12B828E9}C:\ptc\creo elements64\pro5.0\x86e_win64\obj\pro_comm_msg.exe] => (Allow) C:\ptc\creo elements64\pro5.0\x86e_win64\obj\pro_comm_msg.exe (PTC Inc. -> )
FirewallRules: [TCP Query User{C74B40F5-B63E-4A30-BE80-1AA9E75161DF}C:\ptc\creo 5\creo 5.0.1.0\common files\x86e_win64\obj\xtop.exe] => (Allow) C:\ptc\creo 5\creo 5.0.1.0\common files\x86e_win64\obj\xtop.exe (PTC Inc. -> PTC Inc.)
FirewallRules: [UDP Query User{0B476F3E-B1C8-4B74-AD86-9D098FEADC63}C:\ptc\creo 5\creo 5.0.1.0\common files\x86e_win64\obj\xtop.exe] => (Allow) C:\ptc\creo 5\creo 5.0.1.0\common files\x86e_win64\obj\xtop.exe (PTC Inc. -> PTC Inc.)
FirewallRules: [TCP Query User{79E428F8-231D-422F-BE1F-A3C26B762541}C:\ptc\creo 5\creo 5.0.1.0\common files\x86e_win64\obj\pro_comm_msg.exe] => (Allow) C:\ptc\creo 5\creo 5.0.1.0\common files\x86e_win64\obj\pro_comm_msg.exe (PTC Inc. -> PTC Inc.)
FirewallRules: [UDP Query User{BDCC60D3-02FC-40CB-9A70-5716107647B9}C:\ptc\creo 5\creo 5.0.1.0\common files\x86e_win64\obj\pro_comm_msg.exe] => (Allow) C:\ptc\creo 5\creo 5.0.1.0\common files\x86e_win64\obj\pro_comm_msg.exe (PTC Inc. -> PTC Inc.)
FirewallRules: [TCP Query User{D26F3B49-4DCF-462E-B0B3-CC79ABB3C11A}C:\ptc\creo 5\creo 5.0.1.0\common files\x86e_win64\nms\nmsd.exe] => (Allow) C:\ptc\creo 5\creo 5.0.1.0\common files\x86e_win64\nms\nmsd.exe (PTC Inc.) [File not signed]
FirewallRules: [UDP Query User{A4964359-4463-4656-8E03-C904445B3B58}C:\ptc\creo 5\creo 5.0.1.0\common files\x86e_win64\nms\nmsd.exe] => (Allow) C:\ptc\creo 5\creo 5.0.1.0\common files\x86e_win64\nms\nmsd.exe (PTC Inc.) [File not signed]
FirewallRules: [TCP Query User{2EFD5A89-A2AB-460E-A539-300B2C11DA46}C:\ptc\creo elements64\pro5.0\x86e_win64\obj\pfclscom.exe] => (Allow) C:\ptc\creo elements64\pro5.0\x86e_win64\obj\pfclscom.exe () [File not signed]
FirewallRules: [UDP Query User{3AC6913C-3C98-457F-B975-49469B56B717}C:\ptc\creo elements64\pro5.0\x86e_win64\obj\pfclscom.exe] => (Allow) C:\ptc\creo elements64\pro5.0\x86e_win64\obj\pfclscom.exe () [File not signed]
FirewallRules: [{ACD49391-381E-4FB0-8319-0DD7A75AC5EC}] => (Allow) d:\Program Files (x86)\Winamp\winamp.exe (Winamp SA -> Winamp SA)
FirewallRules: [{63E196E8-9277-4410-B6BB-2273A33B6897}] => (Allow) d:\Program Files (x86)\Winamp\winamp.exe (Winamp SA -> Winamp SA)
FirewallRules: [TCP Query User{EB4E340A-F69E-461A-A33E-20B04FC824E8}D:\program files (x86)\winamp\winamp.exe] => (Allow) D:\program files (x86)\winamp\winamp.exe (Winamp SA -> Winamp SA)
FirewallRules: [UDP Query User{0FFC2658-4787-41FF-A4FB-0ADB37C65769}D:\program files (x86)\winamp\winamp.exe] => (Allow) D:\program files (x86)\winamp\winamp.exe (Winamp SA -> Winamp SA)
FirewallRules: [{D6E1C6A9-B0A6-4614-AA8E-71EF5518A8B6}] => (Allow) C:\Program Files\PTC\Creo 5.0\View\i486_nt\obj\productview.exe (PTC Inc. -> PTC Inc.)
FirewallRules: [{5A653A81-873C-4EF2-9149-9692197DC5C1}] => (Allow) C:\Program Files\PTC\Creo 5.0\View\i486_nt\obj\nms_svc_pv.exe (PTC Inc. -> )
FirewallRules: [{909CA23C-585B-4C9B-9E40-B3350DC82A58}] => (Allow) C:\Program Files\PTC\Creo 5.0\View\i486_nt\obj\comm_brk_svc_pv.exe (PTC Inc. -> )
FirewallRules: [{44B73529-71A9-423D-A616-5D2FED5276A3}] => (Allow) C:\Program Files\PTC\Creo 5.0\View\i486_nt\obj\pvagent.exe (PTC Inc. -> PTC Inc.)
FirewallRules: [{FDE2B2B3-6941-482C-8DF4-DDCDE4E0A956}] => (Allow) C:\Program Files\PTC\Creo 5.0\View\x86e_win64\obj\productview.exe (PTC Inc. -> PTC Inc.)
FirewallRules: [{0BCAEE2A-9770-4C32-9E27-62EF856AF40C}] => (Allow) C:\Program Files\PTC\Creo 5.0\View\x86e_win64\obj\comm_brk_svc_pv.exe (PTC Inc. -> )
FirewallRules: [{86045225-4D62-42DC-830C-B780E94456CD}] => (Allow) C:\Program Files\PTC\Creo 5.0\View\x86e_win64\obj\nms_svc_pv.exe (PTC Inc. -> )
FirewallRules: [{FDCB7DA5-341A-49CE-9B73-41636DA587A0}] => (Allow) C:\Program Files\PTC\Creo 5.0\View\x86e_win64\obj\pvagent.exe (PTC Inc. -> PTC Inc.)
FirewallRules: [{61FE1545-6464-4C84-B238-20F69473BC34}] => (Allow) C:\Program Files\PTC\Creo 5.0\View\i486_nt\obj\JtToPro_pv.exe (PTC Inc. -> PTC Inc.)
FirewallRules: [{037EE220-8FEC-4541-B1A6-573CCC06DD6D}] => (Allow) C:\Program Files\PTC\Creo 5.0\View\x86e_win64\obj\JtToPro_pv.exe (PTC Inc. -> PTC Inc.)
FirewallRules: [{27A35C22-D6C8-4D03-BC85-9D4CE1EC042D}] => (Allow) D:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe (VMware, Inc. -> VMware, Inc.)
FirewallRules: [{7B2B3913-38D3-443F-91EA-2D53DCF6129D}] => (Allow) D:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe (VMware, Inc. -> VMware, Inc.)
FirewallRules: [TCP Query User{6E064880-44B2-4A8F-866C-D5561ACC21A1}D:\torrent\qbittorrent\qbittorrent.exe] => (Allow) D:\torrent\qbittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [UDP Query User{5ECDD1D2-1160-483E-87B1-7335AD3EE687}D:\torrent\qbittorrent\qbittorrent.exe] => (Allow) D:\torrent\qbittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [TCP Query User{34338A06-BBD4-4A92-9087-796319D6AB03}C:\program files (x86)\samsung dex\samsungdex.exe] => (Allow) C:\program files (x86)\samsung dex\samsungdex.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
FirewallRules: [UDP Query User{0BA66355-C36F-4505-9D2E-0F494A9B9D46}C:\program files (x86)\samsung dex\samsungdex.exe] => (Allow) C:\program files (x86)\samsung dex\samsungdex.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
FirewallRules: [{41B96E69-061C-4AC3-A0C2-7AFB393D5930}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{4225AB04-71B0-46D4-83DA-FBF2A83AB418}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{A9DC6FFD-9F8E-4682-AC41-779869DD81CC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{2F6A0F5C-7868-4F10-8DC4-72AC109D9F3C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{CA74B626-2F7A-4104-8177-6DC0342BE7BF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{024B1442-32E9-4608-931F-7DB03E59E332}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{3CF2B05D-CAB1-448D-8C3F-EAE4EBC99F05}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{AD60FD55-7B9D-445E-87BE-5F4432FD8164}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{5C07F3ED-5CEA-43E7-974F-1DBA874661E0}C:\program files\lghub\lghub_agent.exe] => (Allow) C:\program files\lghub\lghub_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [UDP Query User{B0F1DB1E-8E50-4AF4-AFC4-511FA92D0A0D}C:\program files\lghub\lghub_agent.exe] => (Allow) C:\program files\lghub\lghub_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [{BB702DF6-087C-43BA-A64E-A281841515D2}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4D5CBF82-A248-4449-A652-E15A68F3DEA5}] => (Allow) C:\Program Files\Microsoft MPI\Bin\msmpilaunchsvc.exe () [File not signed]
FirewallRules: [{B0F0BE89-11B2-4F23-B3CB-A4CBC939B28C}] => (Allow) C:\Program Files\Microsoft MPI\Bin\msmpilaunchsvc.exe () [File not signed]
FirewallRules: [{41EF4E96-E319-4EA7-B681-57D9317E25B4}] => (Allow) C:\Program Files\Microsoft MPI\Bin\mpiexec.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{3626DF03-7E27-40C5-8C51-631194DDE8DE}] => (Allow) C:\Program Files\Microsoft MPI\Bin\mpiexec.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{40554061-5D7F-445F-8114-8058745E251B}] => (Allow) C:\Program Files\Microsoft MPI\Bin\smpd.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{58B171C3-0DCD-4B54-821E-74E921D8A630}] => (Allow) C:\Program Files\Microsoft MPI\Bin\smpd.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{040BC2C4-B9F2-4927-842A-CE06FCA1FC8F}C:\program files\eplan\platform\2.9.4\bin\eplan.exe] => (Block) C:\program files\eplan\platform\2.9.4\bin\eplan.exe (EPLAN Software & Service GmbH & Co. KG -> EPLAN Software & Service GmbH & Co. KG)
FirewallRules: [UDP Query User{2D25F8CF-E74C-4BEC-B920-BFC08CD7DD15}C:\program files\eplan\platform\2.9.4\bin\eplan.exe] => (Block) C:\program files\eplan\platform\2.9.4\bin\eplan.exe (EPLAN Software & Service GmbH & Co. KG -> EPLAN Software & Service GmbH & Co. KG)
FirewallRules: [TCP Query User{1366E453-8EDA-46A9-AA0C-087A71AE3030}C:\users\modracekp\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\modracekp\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{E466D515-D9C2-40BA-A3BE-7E769C011506}C:\users\modracekp\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\modracekp\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{C54E98C3-94B1-4C5D-AEDE-D6A5EEB1DAEC}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.)
FirewallRules: [UDP Query User{8E23AE17-36D0-49DA-A0BA-63685C50645D}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.)
FirewallRules: [{EDD88697-8AF0-4CB3-9B7C-C8AC45E99BD0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{DFCDB269-9DE4-4FE6-93D8-D9100F33AF72}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{A79759EB-5502-48DD-AC50-2540681DDDE5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{368A1CE9-3528-427E-9867-B6B20742FD49}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{36251D6F-0DF8-4B4B-9965-AA0944C346CC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{B223B173-C5C2-4470-88CA-51E8E6A84247}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{4347DB77-44CE-4C93-A3C5-3750D0726D06}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{B46E95D3-7445-4351-ACDB-81E5DBC3A226}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{E5FF1815-51F3-48B3-8889-3041A17AB194}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{969FAB08-127E-4A64-817F-29A1301DB216}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{13EC68F6-A759-4393-9C87-40273B37C025}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{33CE175A-E8DC-4B49-9B0B-5935E6C0D84B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{6205ABA2-90BB-4559-B30C-6140286C5F44}C:\program files\windowsapps\arduinollc.arduinoide_1.8.42.0_x86__mdqgnx93n4wtt\java\bin\javaw.exe] => (Allow) C:\program files\windowsapps\arduinollc.arduinoide_1.8.42.0_x86__mdqgnx93n4wtt\java\bin\javaw.exe
FirewallRules: [UDP Query User{F1088174-F34B-4E71-8C33-AFF610A78B1D}C:\program files\windowsapps\arduinollc.arduinoide_1.8.42.0_x86__mdqgnx93n4wtt\java\bin\javaw.exe] => (Allow) C:\program files\windowsapps\arduinollc.arduinoide_1.8.42.0_x86__mdqgnx93n4wtt\java\bin\javaw.exe
FirewallRules: [{F724CBAF-1730-454A-B577-DEB246D878EA}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{B5028231-FFE4-422F-BC3F-24ED54ECD3F2}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.)
FirewallRules: [UDP Query User{1E331FCA-A4C0-40B2-BF90-392765134F27}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe (Logitech Inc -> Logitech Inc.)
FirewallRules: [TCP Query User{0A73E115-95E3-4E6C-AD0A-3B824CB6B3C0}C:\program files\eplan\platform\2.9.4\bin\eplan.exe] => (Allow) C:\program files\eplan\platform\2.9.4\bin\eplan.exe (EPLAN Software & Service GmbH & Co. KG -> EPLAN Software & Service GmbH & Co. KG)
FirewallRules: [UDP Query User{60B695B0-3679-438F-BE6D-FE47EF2359C3}C:\program files\eplan\platform\2.9.4\bin\eplan.exe] => (Allow) C:\program files\eplan\platform\2.9.4\bin\eplan.exe (EPLAN Software & Service GmbH & Co. KG -> EPLAN Software & Service GmbH & Co. KG)
FirewallRules: [{8BE6AE85-7046-4B4D-96A2-4A2B8F7B6784}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) System Usage Report -> )
FirewallRules: [{28BA7177-3DCC-44D1-B8E1-1DD956A57F8F}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) System Usage Report -> )
FirewallRules: [{BCB887D4-2E6D-4BC0-9E07-06ABF2121F23}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) System Usage Report -> )
FirewallRules: [{38F3EC2C-2884-42E7-B85E-FDADEB150CF3}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (Intel(R) System Usage Report -> )

==================== Restore Points =========================

27-12-2020 17:01:13 Installed UrbanVPN
04-01-2021 09:05:59 Naplánovaný kontrolní bod
08-01-2021 12:20:36 Intel® Driver & Support Assistant

==================== Faulty Device Manager Devices ============

Name: Shrew Soft Virtual Adapter
Description: Shrew Soft Virtual Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Shrew Soft
Service: vnet
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Cisco Systems VPN Adapter for 64-bit Windows
Description: Cisco Systems VPN Adapter for 64-bit Windows
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: CVirtA
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: ========================

Application errors:
==================
Error: (01/11/2021 10:21:10 AM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: JHV)
Description: Nelze otevřít objekt výkonu služby serveru. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.

Error: (01/11/2021 10:16:21 AM) (Source: Microsoft-Windows-Perflib) (EventID: 1000) (User: NT AUTHORITY)
Description: Přístup k datům o výkonu byl odepřen pro uživatele SYSTEM (hodnota z GetUsera() pro běžící vlákno), když došlo k příslušnému pokusu z modulu D:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe (hodnota z GetModuleFileName() pro binární soubor, který vystavil dotaz).

Error: (01/11/2021 10:16:16 AM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]

Error: (01/11/2021 08:02:36 AM) (Source: Microsoft-Windows-AppModel-State) (EventID: 11) (User: JHV)
Description: Microsoft.WindowsStore_8wekyb3d8bbwe-2147023878

Error: (01/10/2021 11:43:27 AM) (Source: nview) (EventID: 1) (User: )
Description: No thumb found

Error: (01/10/2021 11:39:46 AM) (Source: nview) (EventID: 1) (User: )
Description: No thumb found

Error: (01/10/2021 11:39:42 AM) (Source: nview) (EventID: 1) (User: )
Description: No thumb found

Error: (01/10/2021 11:25:08 AM) (Source: Microsoft-Windows-Perflib) (EventID: 1020) (User: NT AUTHORITY)
Description: Velikost požadované vyrovnávací paměti je větší než velikost vyrovnávací paměti předané do funkce Collect knihovny DLL rozšiřitelných čítačů C:\Windows\System32\perfts.dll pro službu LSM. Velikost dané vyrovnávací paměti: 12784; požadovaná velikost: 49968.


System errors:
=============
Error: (01/11/2021 10:18:55 AM) (Source: DCOM) (EventID: 10010) (User: JHV)
Description: Server Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (01/11/2021 10:17:19 AM) (Source: DCOM) (EventID: 10010) (User: JHV)
Description: Server Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (01/11/2021 10:17:14 AM) (Source: Microsoft-Windows-GroupPolicy) (EventID: 1130) (User: JHV)
Description: Selhání 1.
Název objektu zásad skupiny: Konfigurace software
Cesta k objektu zásad skupiny: \\jhv.local\SysVol\jhv.local\Policies\{52846779-2ADD-4063-8689-630FF085AAF5}\User
Název skriptu: \\ads\netlogon\Konfigurace software.ps1

Error: (01/11/2021 10:17:07 AM) (Source: Microsoft-Windows-GroupPolicy) (EventID: 1129) (User: JHV)
Description: Zpracování zásad skupiny selhalo v důsledku toho, že se nebylo v síti možné připojit k řadiči domény. Může se jednat o přechodný stav. Po připojení počítače k řadiči domény a úspěšném zpracování zásad skupiny bude odeslána zpráva o úspěšném provedení těchto akcí. Pokud se tato zpráva nezobrazí během několika hodin, obraťte se na správce.

Error: (01/11/2021 10:16:58 AM) (Source: Microsoft-Windows-GroupPolicy) (EventID: 1129) (User: NT AUTHORITY)
Description: Zpracování zásad skupiny selhalo v důsledku toho, že se nebylo v síti možné připojit k řadiči domény. Může se jednat o přechodný stav. Po připojení počítače k řadiči domény a úspěšném zpracování zásad skupiny bude odeslána zpráva o úspěšném provedení těchto akcí. Pokud se tato zpráva nezobrazí během několika hodin, obraťte se na správce.

Error: (01/11/2021 10:16:58 AM) (Source: NETLOGON) (EventID: 5719) (User: )
Description: Tento počítač nemohl nastavit zabezpečenou relaci s řadičem
domény v doméně JHV z následujícího důvodu:
Nemůžeme vás přihlásit s těmito přihlašovacími údaji, protože vaše doména není k dispozici. Ujistěte se, že je vaše zařízení připojeno k vaší podnikové síti, a zkuste to znovu. Pokud jste se na tomto zařízení dříve přihlásili s jinými přihlašovacími údaji, můžete se přihlásit s jejich pomocí.


To může vést k potížím při ověřování. Přesvědčte se, zda je tento
počítač připojen k síti. Pokud potíže trvají,
obraťte se na správce domény.



DALŠÍ INFORMACE

Pokud je tento počítač řadičem domény pro určenou doménu,
nastaví zabezpečenou relaci s emulátorem primárního řadiče domény v určené
doméně. V opačném případě tento počítač nastaví zabezpečenou relaci s libovolným řadičem domény
v určené doméně.

Error: (01/11/2021 10:16:16 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba User Energy Server Service queencreek byla ukončena s následující chybou:
Ovladač %2 vrátil neplatné číslo ID pro podřízené zařízení (%3).

Error: (01/11/2021 10:16:15 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba SQL Server Launchpad (SQLEXPRESS) byla neočekávaně ukončena. Tento stav nastal již 1krát.


Windows Defender:
===================================
Date: 2021-01-08 07:30:05.588
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {0F66E616-F828-44EE-BF6C-E3B04F3C0E43}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-01-07 13:43:36.236
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {4F829305-7215-4837-862C-78C23CB63C2F}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2020-12-28 15:47:07.763
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {FDEBE1B1-096E-4119-A1C6-CF2517130DED}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2020-12-27 15:49:46.869
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {96C353BE-126D-40BD-9789-CB87DD741EBD}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2020-12-22 09:43:20.450
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {96AA6B28-CDF6-445F-876F-94BAF22EEED0}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-01-11 10:04:18.612
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.329.2009.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17700.4
Kód chyby: 0x80240438
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

Date: 2020-12-29 04:58:47.891
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.329.1241.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17700.4
Kód chyby: 0x80240438
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

Date: 2020-12-29 03:58:11.557
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.329.1241.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17700.4
Kód chyby: 0x80240438
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

Date: 2020-12-29 02:58:23.896
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.329.1241.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17700.4
Kód chyby: 0x80240438
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

Date: 2020-12-29 02:09:11.579
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.329.1241.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17700.4
Kód chyby: 0x80240438
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

CodeIntegrity:
===================================

Date: 2021-01-10 11:23:55.075
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\Microsoft\Edge\Temp\source20444_1649726439\87.0.664.75\dual_engine_adapter_x64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2021-01-08 13:10:54.054
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Config.Msi\468c2.rbf because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2021-01-08 13:10:54.049
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Config.Msi\468c1.rbf because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2021-01-08 13:10:54.024
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Config.Msi\468ba.rbf because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2021-01-08 13:10:54.019
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Config.Msi\468b9.rbf because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2021-01-08 12:28:06.997
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Users\Admin\AppData\Local\Temp\{101efea7-3b88-e745-8c35-a30f48963d60}\IntelIHVRouter08.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2021-01-08 12:28:03.935
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Users\Admin\AppData\Local\Temp\{81845ddf-b19f-8340-9599-9987680cfb91}\IntelIHVRouter06.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2021-01-08 12:28:01.780
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Users\Admin\AppData\Local\Temp\{787f9eb2-20de-e640-ba3e-8da9bfb0f200}\IntelIHVRouter04.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

BIOS: HP R92 Ver. 01.06.00 08/03/2020
Motherboard: HP 860C
Processor: Intel(R) Core(TM) i7-9750H CPU @ 2.60GHz
Percentage of memory in use: 23%
Total physical RAM: 32094.16 MB
Available physical RAM: 24448.19 MB
Total Virtual: 36958.16 MB
Available Virtual: 27147.23 MB

==================== Drives ================================

Drive c: (Windows ) (Fixed) (Total:237.51 GB) (Free:106.65 GB) NTFS
Drive d: (Data) (Fixed) (Total:931.5 GB) (Free:336.09 GB) NTFS
Drive e: (Data) (Fixed) (Total:465.76 GB) (Free:25.97 GB) NTFS

\\?\Volume{732e56ac-7147-4dbf-b2b7-4ca48eba9fac}\ (Windows RE Tools) (Fixed) (Total:0.69 GB) (Free:0.11 GB) NTFS
\\?\Volume{9124229c-7a74-45d5-b2ad-d0ecb840f478}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.13 GB) FAT32

==================== MBR & Partition Table ====================

==================== End of Addition.txt =======================
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119320
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Prosím o preventivní kontrolu, pomalé načítání webu

#7 Příspěvek od Rudy »

Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
HKLM\...\Winlogon: [Userinit] <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
Task: {25C07CF0-8E0D-45EE-9CD8-5857298976B5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-07-09] (Google LLC -> Google LLC)
Task: {8F1FE5C3-025E-40FF-8F12-0CFA508CBA91} - System32\Tasks\AdwCleaner_onReboot => D:\temp\AdwCleaner.exe [8447152 2021-01-08] (Malwarebytes Inc -> Malwarebytes) <==== ATTENTION
Task: {C0AEE357-4345-4F67-BC58-9315805FF6E2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-07-09] (Google LLC -> Google LLC)
"MpKslf04abe22" => service could not be unlocked. <==== ATTENTION
C:\windows\LastGood.Tmp
CustomCLSID: HKU\S-1-5-21-2808055777-1964107174-1078247012-1001_Classes\CLSID\{004B49B7-11B9-5058-AA22-08DD0A3ADC4B}\InprocServer32 -> {1F9B35C4-9468-D082-92A5-EAEE85889A47} => No File
CustomCLSID: HKU\S-1-5-21-2808055777-1964107174-1078247012-1001_Classes\CLSID\{DD0822AA-3A0A-4BDC-B749-4B00B9115850}\InprocServer32 -> {52DEBA41-9468-D082-172A-AFA385889A47} => No File
CustomCLSID: HKU\S-1-5-21-3335587309-3254080361-1999049365-1211_Classes\CLSID\{81843de1-cd70-4c5e-bdb6-316862e1d82f}\localserver32 -> hp-sure-sense: => No File
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

EmptyTemp:
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
bluemanik
Návštěvník
Návštěvník
Příspěvky: 20
Registrován: 29 kvě 2009 08:11

Re: Prosím o preventivní kontrolu, pomalé načítání webu

#8 Příspěvek od bluemanik »

Fix result of Farbar Recovery Scan Tool (x64) Version: 09-01-2021
Ran by modracekp (11-01-2021 11:41:46) Run:1
Running from C:\Users\modracekp\Desktop
Loaded Profiles: Admin & modracekp & SQLTELEMETRY$SQLEXPRESS & MSSQL$SQLEXPRESS & MSSQLLaunchpad$SQLEXPRESS & MSSQLFDLauncher$SQLEXPRESS
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM\...\Winlogon: [Userinit] <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
Task: {25C07CF0-8E0D-45EE-9CD8-5857298976B5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-07-09] (Google LLC -> Google LLC)
Task: {8F1FE5C3-025E-40FF-8F12-0CFA508CBA91} - System32\Tasks\AdwCleaner_onReboot => D:\temp\AdwCleaner.exe [8447152 2021-01-08] (Malwarebytes Inc -> Malwarebytes) <==== ATTENTION
Task: {C0AEE357-4345-4F67-BC58-9315805FF6E2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-07-09] (Google LLC -> Google LLC)
"MpKslf04abe22" => service could not be unlocked. <==== ATTENTION
C:\windows\LastGood.Tmp
CustomCLSID: HKU\S-1-5-21-2808055777-1964107174-1078247012-1001_Classes\CLSID\{004B49B7-11B9-5058-AA22-08DD0A3ADC4B}\InprocServer32 -> {1F9B35C4-9468-D082-92A5-EAEE85889A47} => No File
CustomCLSID: HKU\S-1-5-21-2808055777-1964107174-1078247012-1001_Classes\CLSID\{DD0822AA-3A0A-4BDC-B749-4B00B9115850}\InprocServer32 -> {52DEBA41-9468-D082-172A-AFA385889A47} => No File
CustomCLSID: HKU\S-1-5-21-3335587309-3254080361-1999049365-1211_Classes\CLSID\{81843de1-cd70-4c5e-bdb6-316862e1d82f}\localserver32 -> hp-sure-sense: => No File
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

EmptyTemp:
End
*****************

Processes closed successfully.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Userinit => Error setting value.
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => could not remove. Access Denied.
Could not move "C:\ProgramData\NTUSER.pol" => Scheduled to move on reboot.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{25C07CF0-8E0D-45EE-9CD8-5857298976B5} => could not remove. Access Denied.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{25C07CF0-8E0D-45EE-9CD8-5857298976B5} => could not remove. Access Denied.
"C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore" => not found
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore => could not remove. Access Denied.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{8F1FE5C3-025E-40FF-8F12-0CFA508CBA91} => could not remove. Access Denied.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8F1FE5C3-025E-40FF-8F12-0CFA508CBA91} => could not remove. Access Denied.
"C:\windows\System32\Tasks\AdwCleaner_onReboot" => not found
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AdwCleaner_onReboot => could not remove. Access Denied.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C0AEE357-4345-4F67-BC58-9315805FF6E2} => could not remove. Access Denied.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C0AEE357-4345-4F67-BC58-9315805FF6E2} => could not remove. Access Denied.
"C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA" => not found
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA => could not remove. Access Denied.
"MpKslf04abe22" => service could not be unlocked. <==== ATTENTION => Error: No automatic fix found for this entry.

"C:\windows\LastGood.Tmp" folder move:

Could not move "C:\windows\LastGood.Tmp" => Scheduled to move on reboot.

HKU\S-1-5-21-2808055777-1964107174-1078247012-1001_Classes\CLSID\{004B49B7-11B9-5058-AA22-08DD0A3ADC4B} => could not remove. Access Denied.
HKU\S-1-5-21-2808055777-1964107174-1078247012-1001_Classes\CLSID\{DD0822AA-3A0A-4BDC-B749-4B00B9115850} => could not remove. Access Denied.
HKU\S-1-5-21-3335587309-3254080361-1999049365-1211_Classes\CLSID\{81843de1-cd70-4c5e-bdb6-316862e1d82f} => removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Error setting value.

=========== EmptyTemp: ==========

BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 104934525 B
Java, Flash, Steam htmlcache => 1488 B
Windows/system/drivers => 0 B
Edge => 36877 B
Chrome => 1292216200 B
Firefox => 192219040 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
LocalService => 0 B
NetworkService => 0 B
Admin => 0 B
modracekp => 650841767 B
poskocilm => 650841767 B
cadmin_kohoutek => 650841767 B
dadmin_kohoutek => 650841767 B
cadmin_linhart => 650841767 B
cadmin_temp => 650841767 B
SQLTELEMETRY$SQLEXPRESS => 650841767 B
MSSQL$SQLEXPRESS => 650841767 B
MSSQLLaunchpad$SQLEXPRESS => 650841767 B
MSSQLFDLauncher$SQLEXPRESS => 650841767 B

RecycleBin => 21477465 B
EmptyTemp: => 7.6 GB temporary data Removed.

================================
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119320
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Prosím o preventivní kontrolu, pomalé načítání webu

#9 Příspěvek od Rudy »

OK. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
bluemanik
Návštěvník
Návštěvník
Příspěvky: 20
Registrován: 29 kvě 2009 08:11

Re: Prosím o preventivní kontrolu, pomalé načítání webu

#10 Příspěvek od bluemanik »

Žádnou změnu nepozoruji. Stránky se někdy načítají ihned a někdy čekám. Asi problém někde jinde. Přesto děkuji za ochotu.
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119320
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Prosím o preventivní kontrolu, pomalé načítání webu

#11 Příspěvek od Rudy »

Pravděpodobně ano Zkuste přes příkazový řádek příkazem např:
ping 77.75.75.176 -t
pingnout na seznam a sledujte při tom odezvu v ms. Pokud bude velmi rozdílna, nebo vyšší, než 50ms trvale, obraťte se na poskytovatele připojení.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
bluemanik
Návštěvník
Návštěvník
Příspěvky: 20
Registrován: 29 kvě 2009 08:11

Re: Prosím o preventivní kontrolu, pomalé načítání webu

#12 Příspěvek od bluemanik »

OK, ještě jednou děkuji za váš čas. Hezký den.
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119320
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Prosím o preventivní kontrolu, pomalé načítání webu

#13 Příspěvek od Rudy »

Rádo se stalo! :)
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Zamčeno

Zpět na „Preventivní kontroly logů“