Zřejmně vir

[PredyP]

Dobrý večer, kamarád mě poprosil o pomoc.
Windows neustále hlásí viry, že se má zapnout anivirová ocrana a firewall.
Prosím o kontrolu, Děkuji.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17-11-2025
Ran by ASUS (administrator) on LAPTOP-5VB34SR3 (ASUSTeK COMPUTER INC. VivoBook 15_ASUS Laptop X540UAR) (18-11-2025 18:19:34)
Running from C:\Users\ASUS\Desktop\FRST64.exe
Loaded Profiles: ASUS
Platform: Microsoft Windows 10 Home Version 22H2 19045.6466 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(38BC0208-0916-4E44-909B-E6832F47CDE7 -> ASUS) C:\Program Files\WindowsApps\B9ECED6F.Splendid_1.0.15.0_x64__qmba6cd70vzyy\ACMON.exe
(6B081F61-C764-4F21-995F-B463D0640577 -> Screenovate Technologies Ltd.) C:\Program Files\WindowsApps\ScreenovateTechnologies.AsusVirtoo_2.4.8064.0_x64__0vhbc3ng4wbp0\app\ASUSSyncClient.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe ->) (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(C:\Program Files\Avast Software\Avast\AvastSvc.exe ->) (Gen Digital Inc. -> Gen Digital Inc.) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(C:\Users\ASUS\AppData\Local\Temp\TeamViewer\TeamViewer.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Users\ASUS\AppData\Local\Temp\TeamViewer\TeamViewer_Desktop.exe
(C:\Users\ASUS\AppData\Local\Temp\TeamViewer\TeamViewer.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Users\ASUS\AppData\Local\Temp\TeamViewer\tv_w32.exe
(C:\Users\ASUS\AppData\Local\Temp\TeamViewer\TeamViewer.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Users\ASUS\AppData\Local\Temp\TeamViewer\tv_x64.exe
(DriverStore\FileRepository\igdlh64.inf_amd64_fb9939a7d714d646\igfxCUIService.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_fb9939a7d714d646\igfxEM.exe
(explorer.exe ->) (38BC0208-0916-4E44-909B-E6832F47CDE7 -> ASUSTek Computer Inc.) C:\Program Files\WindowsApps\b9eced6f.asusbatteryhealthcharging_1.0.7.0_x86__qmba6cd70vzyy\ASUS Battery Health Charging\BhcMgr.exe
(Gen Digital Inc. -> Gen Digital Inc.) C:\Program Files\Avast Software\Avast\AvastUI.exe <5>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <6>
(services.exe ->) (ASUSTek Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS GiftBox Service\GiftBoxService.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(services.exe ->) (Gen Digital Inc. -> Gen Digital Inc.) C:\Program Files\Avast Software\Avast\aswidsagent.exe
(services.exe ->) (Gen Digital Inc. -> Gen Digital Inc.) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(services.exe ->) (Gen Digital Inc. -> Gen Digital Inc.) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (ICEpower a/s -> ICEpower A/S) C:\Windows\System32\DriverStore\FileRepository\icesoundapo64.inf_amd64_a5d3270da26fb113\ICEsoundService64.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_f75fa513cf0ccec1\esif_uf.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_a55aa2cd52a3429d\LMS.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_fb9939a7d714d646\igfxCUIService.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_fb9939a7d714d646\IntelCpHDCPSvc.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_fb9939a7d714d646\IntelCpHeciSvc.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(svchost.exe ->) (ASUSTek Computer Inc. -> ) C:\Program Files (x86)\ASUS\ASUS Hello\ASUSHelloBG.exe
(svchost.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_fb9939a7d714d646\igfxext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Users\ASUS\AppData\Local\Temp\TeamViewer\TeamViewer.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [1140456 2020-08-19] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [860840 2025-10-26] (Gen Digital Inc. -> Gen Digital Inc.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-26] (Microsoft Corporation -> Microsoft Corporation)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKU\S-1-5-21-1345540238-2797583472-3703127654-1002\...\Run: [MicrosoftEdgeAutoLaunch_74301B2884F50560207D3A8AEF963FB6] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4254248 2025-11-13] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1345540238-2797583472-3703127654-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [45724528 2025-06-23] (Gen Digital Inc. -> Gen Digital Inc.)
HKU\S-1-5-21-1345540238-2797583472-3703127654-1002\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [41604056 2025-10-31] (Adobe Inc. -> Adobe Systems Incorporated)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\142.0.7444.163\Installer\chrmstp.exe [2025-11-17] (Google LLC -> Google LLC)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {ACE1629B-8362-4370-ACCE-232601217321} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1581568 2025-08-24] (Adobe Inc. -> Adobe Inc.)
Task: {4735F86A-04D4-4203-8C3A-97EE19D3EBBA} - System32\Tasks\ASUS Hello => C:\Program Files (x86)\ASUS\ASUS Hello\ASUSHelloBG.exe [609592 2018-07-10] (ASUSTek Computer Inc. -> )
Task: {9D364740-DD2B-4558-88B8-E101EDA0CF5B} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [124304 2017-11-24] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {5E2F2222-E60D-4C63-A04F-A3F0E30B7CEF} - System32\Tasks\ATK Package A22126881260 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [124304 2017-11-24] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {1E0C63AE-4699-431E-96E5-D6AD886CFF8E} - System32\Tasks\Avast Software\Avast Antivirus Patcher => C:\Program Files\Common Files\Avast Software\Icarus\avast-av\icarus.exe [9146080 2025-10-07] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {6FBE4588-19C2-4C0D-B2E4-D4B6C135E2EA} - System32\Tasks\Avast Software\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [5612712 2025-10-26] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {41A36603-6473-456D-AE3B-C06606CD3D5A} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2977504 2025-10-13] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {1F72947A-B175-4244-ADE4-5F9E9F54849B} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [3480504 2025-06-23] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {D7642527-E9AC-4A77-9879-7AE1F8273CB5} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [6140640 2025-06-23] (Gen Digital Inc. -> Gen Digital Inc.) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "0a2f8ade-0093-411e-b1bf-65688f1820b0" --version "6.37.0.11523" --silent
Task: {26ACBC3A-82E2-42EB-9467-734EAE2552DC} - System32\Tasks\CCleanerSkipUAC - ASUS => C:\Program Files\CCleaner\CCleaner.exe [39562464 2025-06-23] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {D0123B8B-74E8-4731-B6B9-037A64224E15} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem143.0.7482.0{9962907A-F29B-4F80-A75A-EB993672C9B2} => C:\Program Files (x86)\Google\GoogleUpdater\143.0.7482.0\updater.exe [6933656 2025-10-19] (Google LLC -> Google LLC)
Task: {2B744085-34B0-49C9-A3D2-34666BA8E3FB} - System32\Tasks\Microsoft\Windows\PI\SecureBootEncodeUEFI => %WINDIR%\system32\SecureBootEncodeUEFI.exe (No File)
Task: {A9F67FF9-7B63-48C7-AE5D-7DBAD9852A18} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1345540238-2797583472-3703127654-1001 => %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (No File) <==== ATTENTION
Task: {3D05F511-30BC-4FC7-A13D-1A7A59348079} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-529439204-3625963303-702397246-500 => %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (No File) <==== ATTENTION
Task: {3F952A9A-B5BF-4A0E-AB00-C55594EF0AF9} - System32\Tasks\RtkAudUService64_BG => C:\WINDOWS\System32\RtkAudUService64.exe [1140456 2020-08-19] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {FE0E3D6C-71DE-4706-AD2D-CE03054174CF} - System32\Tasks\SplendidTask => C:\ProgramData\ASUS\ASUS -> Splendid\SplendidStartUp.exe <==== ATTENTION
Task: {C88C062B-2581-4519-9636-3D696B645ECC} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [143160 2019-03-12] (ASUSTek Computer Inc. -> ASUSTek Computer Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.8.1
Tcpip\..\Interfaces\{55eb8f87-06f2-45fa-a7d7-3aa7ccbe6bf8}: [DhcpNameServer] 192.168.8.1

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\ASUS\AppData\Local\Microsoft\Edge\User Data\Default [2025-11-18]
Edge DownloadDir: Default -> C:\Users\ASUS\Desktop
Edge Notifications: Default -> hxxps://d4e9opqnaffc73dp9ie0.xgv-adguard.co.in; hxxps://ramissio.com
Edge HomePage: Default -> hxxp://seznam.cz/
Edge Extension: (Dokumenty Google offline) - C:\Users\ASUS\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-10-28]
Edge Extension: (Edge relevant text changes) - C:\Users\ASUS\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-02-04]

FireFox:
========
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2025-10-31] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR Profile: C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default [2025-10-16]
CHR StartupUrls: Default -> "hxxps://www.google.com/"
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2025-10-13]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-12-20]
CHR HKU\S-1-5-21-1345540238-2797583472-3703127654-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [174584 2025-08-24] (Adobe Inc. -> Adobe Inc.)
R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [7812264 2025-10-26] (Gen Digital Inc. -> Gen Digital Inc.)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [1035944 2025-10-26] (Gen Digital Inc. -> Gen Digital Inc.)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [1089192 2025-10-26] (Gen Digital Inc. -> Gen Digital Inc.)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2022-05-13] (Avast Software s.r.o. -> AVAST Software)
S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1080544 2025-06-23] (Gen Digital Inc. -> Gen Digital Inc.)
S2 DevActSvc; C:\Program Files (x86)\ASUS\ASUS Device Activation\DevActSvc.exe [325456 2018-06-12] (ASUSTek Computer Inc. -> )
R2 GiftBox.Service; C:\Program Files (x86)\ASUS\ASUS GiftBox Service\GiftBoxService.exe [302416 2018-06-28] (ASUSTek Computer Inc. -> ASUSTeK Computer Inc.)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [243720 2025-08-29] (HP Inc. -> HP Inc.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2203.5-0\NisSrv.exe [3116848 2022-05-12] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2203.5-0\MsMpEng.exe [133544 2022-05-12] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AsusPTPDrv; C:\WINDOWS\System32\drivers\AsusPTPFilter.sys [112856 2020-05-18] (ASUSTek Computer Inc. -> ASUSTek COMPUTER INC.)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [21048 2025-10-26] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [245816 2025-10-26] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [390712 2025-10-26] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [302648 2025-10-26] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [85560 2025-10-26] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [29144 2025-08-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Gen Digital Inc.)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [31288 2025-10-26] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [285240 2025-10-26] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [92216 2025-10-26] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [71224 2025-10-26] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [878136 2025-10-26] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [1283640 2025-10-26] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R3 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [213560 2025-10-26] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [391736 2025-10-26] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 ATKWMIACPIIO; C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [20096 2015-05-08] (Microsoft Windows Hardware Compatibility Publisher -> ASUSTek Computer Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BTHMODEM; C:\WINDOWS\System32\drivers\bthmodem.sys [76800 2019-12-07] (Microsoft Corporation) [File not signed]
R3 HIDSwitch; C:\WINDOWS\System32\drivers\AsRadioControl.sys [32696 2020-11-18] (ASUSTek Computer Inc. -> ASUS)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49600 2022-05-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [443664 2022-05-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [90384 2022-05-12] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2025-11-18 18:19 - 2025-11-18 18:20 - 000018840 _____ C:\Users\ASUS\Desktop\FRST.txt
2025-11-18 18:18 - 2025-11-18 18:19 - 000000000 ____D C:\FRST
2025-11-18 18:17 - 2025-11-18 18:18 - 002444288 _____ (Farbar) C:\Users\ASUS\Desktop\FRST64.exe
2025-11-18 18:11 - 2025-11-18 18:11 - 033852664 _____ (TeamViewer) C:\Users\ASUS\Desktop\TeamViewerQS_x64.exe
2025-10-26 16:38 - 2025-10-26 16:37 - 000323240 _____ (Gen Digital Inc.) C:\WINDOWS\system32\aswBoot.exe

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2025-11-18 18:06 - 2025-04-29 19:02 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2025-11-18 18:02 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2025-11-18 17:37 - 2025-04-29 19:09 - 001605602 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2025-11-18 17:37 - 2019-12-07 15:41 - 000684862 _____ C:\WINDOWS\system32\perfh005.dat
2025-11-18 17:37 - 2019-12-07 15:41 - 000137626 _____ C:\WINDOWS\system32\perfc005.dat
2025-11-18 17:37 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2025-11-18 17:36 - 2025-04-29 10:15 - 000000000 ____D C:\WINDOWS\SystemTemp
2025-11-18 17:33 - 2025-04-29 19:12 - 000003326 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2025-11-18 17:33 - 2022-09-20 17:38 - 000000670 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2025-11-18 17:32 - 2019-07-16 13:51 - 000000000 __SHD C:\Users\ASUS\IntelGraphicsProfiles
2025-11-18 17:31 - 2025-04-29 19:12 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2025-11-18 17:31 - 2022-05-13 18:50 - 000000000 ____D C:\ProgramData\Avast Software
2025-11-18 17:31 - 2022-05-13 17:40 - 000008192 ___SH C:\DumpStack.log.tmp
2025-11-18 17:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2025-11-18 17:31 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2025-11-18 17:31 - 2019-07-17 13:26 - 000000000 ___HD C:\Intel
2025-11-18 17:18 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2025-11-18 17:18 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2025-11-17 18:16 - 2022-09-28 15:01 - 000002249 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2025-11-17 18:16 - 2022-09-28 15:01 - 000002208 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2025-11-17 18:09 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2025-11-16 22:06 - 2025-05-04 20:29 - 000000000 ____D C:\Users\ASUS\AppData\Local\Deployment
2025-11-15 17:33 - 2023-01-17 19:32 - 000002276 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2025-11-15 17:33 - 2022-05-13 17:40 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2025-11-11 20:43 - 2019-07-16 14:03 - 000000000 ____D C:\WINDOWS\system32\MRT
2025-11-11 20:40 - 2019-07-16 14:03 - 215625816 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2025-11-11 19:57 - 2022-10-17 18:56 - 000002075 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2025-11-11 19:57 - 2022-10-17 18:56 - 000002063 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk
2025-11-10 22:17 - 2022-05-12 08:51 - 000000000 ____D C:\Program Files\ruxim
2025-11-03 15:08 - 2019-07-17 08:07 - 000000000 ____D C:\Users\ASUS\AppData\Roaming\Microsoft\Šablony
2025-11-02 21:01 - 2025-04-29 19:12 - 000003638 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2025-11-02 21:01 - 2025-04-29 19:12 - 000003542 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d866e8dfc87e21
2025-10-30 08:11 - 2019-07-17 08:07 - 000000000 ____D C:\Users\ASUS\AppData\Roaming\Microsoft\Word
2025-10-30 08:08 - 2025-04-29 19:12 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2025-10-29 07:25 - 2019-07-16 13:51 - 000000000 ____D C:\Users\ASUS\AppData\Local\Packages
2025-10-26 19:44 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2025-10-26 16:38 - 2025-04-29 19:12 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2025-10-26 16:37 - 2022-05-13 18:52 - 001283640 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswSP.sys
2025-10-26 16:37 - 2022-05-13 18:52 - 000878136 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswSnx.sys
2025-10-26 16:37 - 2022-05-13 18:52 - 000391736 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswVmm.sys
2025-10-26 16:37 - 2022-05-13 18:52 - 000390712 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2025-10-26 16:37 - 2022-05-13 18:52 - 000302648 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2025-10-26 16:37 - 2022-05-13 18:52 - 000285240 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2025-10-26 16:37 - 2022-05-13 18:52 - 000245816 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswArPot.sys
2025-10-26 16:37 - 2022-05-13 18:52 - 000092216 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2025-10-26 16:37 - 2022-05-13 18:52 - 000085560 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2025-10-26 16:37 - 2022-05-13 18:52 - 000071224 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2025-10-26 16:37 - 2022-05-13 18:52 - 000031288 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswKbd.sys
2025-10-26 16:37 - 2022-05-13 18:52 - 000021048 _____ (Gen Digital Inc.) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2025-10-21 19:19 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-11-2025
Ran by ASUS (18-11-2025 18:21:27)
Running from C:\Users\ASUS\Desktop
Microsoft Windows 10 Home Version 22H2 19045.6466 (X64) (2025-04-29 19:17:08)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-1345540238-2797583472-3703127654-500 - Administrator - Disabled)
ASUS (S-1-5-21-1345540238-2797583472-3703127654-1002 - Administrator - Enabled) => C:\Users\ASUS
DefaultAccount (S-1-5-21-1345540238-2797583472-3703127654-503 - Limited - Disabled)
Guest (S-1-5-21-1345540238-2797583472-3703127654-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-1345540238-2797583472-3703127654-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1029-1033-7760-BC15014EA700}) (Version: 25.001.20844 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601120}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
ASUS Device Activation (HKLM-x32\...\{9C4B0706-9F9A-47BF-B417-0A111FC52B04}) (Version: 1.0.5.0 - ASUSTeK COMPUTER INC.)
ASUS GiftBox Service (HKLM-x32\...\{4701E5AB-AF91-4D40-8F18-358CC80E4E5B}) (Version: 3.2.3.0 - ASUSTeK COMPUTER INC.)
ASUS Hello (HKLM-x32\...\{D8CE1923-92A9-4036-817E-9E0D8AA2169B}) (Version: 1.1.11.0 - ASUSTeK COMPUTER INC.)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.6.8 - ASUSTeK COMPUTER INC.)
ASUS Sync Drivers (HKLM\...\{EC1454B0-F2A3-4665-A26C-E68F5B272D00}) (Version: 2.3.6748 - Screenovate Technologies Ltd.)
ATK Package (ASUS Keyboard Hotkeys) (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0060 - ASUSTeK COMPUTER INC.)
AudioWizard (HKLM-x32\...\{57E770A2-2BAF-4CAA-BAA3-BD896E2254D3}) (Version: 1.0.9.7 - ICEpower a/s)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 25.10.10528.3189 - Gen Digital Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 6.37 - Piriform)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 142.0.7444.163 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.13 - Google LLC) Hidden
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.3.10207.5567 - Intel Corporation)
Intel(R) Chipset Device Software (HKLM\...\{7FB35D08-C75C-4A18-B593-1D7C3E8970AD}) (Version: 10.1.1.45 - Intel Corporation) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{44ded3eb-1686-46a6-9770-fd79096c29f7}) (Version: 10.1.1.45 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1061 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{5E21AB91-2EF8-4E8A-BA33-515E667CDC4B}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{EB67ED3E-E5CA-4F35-8D2D-F0EF10802DBF}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Driver (HKLM\...\{42625EDB-9CF1-421C-8540-0E66F1402DEC}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) ME UninstallLegacy (HKLM\...\{E9B9A1A5-6398-4C99-8FDE-10794F6505C5}) (Version: 1.0.1.0 - Intel Corporation) Hidden
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.9.1.1020 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{82B8C0DF-94E9-4E42-B132-47F13CD5EE3C}) (Version: 15.9.1.1020 - Intel Corporation) Hidden
Intel(R) Trusted Connect Service Client x64 (HKLM\...\{C9552825-7BF2-4344-BA91-D3CD46F4C442}) (Version: 1.48.197.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.48.197.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{66129f84-d3f0-4884-ac54-369ae6fc2cf6}) (Version: 1.48.197.0 - Intel Corporation) Hidden
ISE (HKU\S-1-5-21-1345540238-2797583472-3703127654-1002\...\a613cb1387739f83) (Version: 2.3.1.20 - Energy)
K-Lite Codec Pack 12.9.0 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 12.9.0 - KLCP)
Known Issue Rollback Policy Definitions (HKLM-x32\...\{F3D7F58E-F6FD-4140-BDE8-F0EB8F1AEBD4}) (Version: 1.0.0.0 - Microsoft Corp)
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 142.0.3595.80 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 142.0.3595.80 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (Czech) 2007 (HKLM-x32\...\{90120000-0015-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Excel MUI (Czech) 2007 (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (Czech) 2007 (HKLM-x32\...\{90120000-00BA-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (Czech) 2007 (HKLM-x32\...\{90120000-0044-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (HKLM\...\{90120000-002A-0000-1000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (Czech) 2007 (HKLM-x32\...\{90120000-00A1-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (Czech) 2007 (HKLM-x32\...\{90120000-001A-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (Czech) 2007 (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Proof (Czech) 2007 (HKLM-x32\...\{90120000-001F-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (HKLM-x32\...\{90120000-001F-0409-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (HKLM-x32\...\{90120000-001F-0407-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (Slovak) 2007 (HKLM-x32\...\{90120000-001F-041B-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Czech) 2007 (HKLM-x32\...\{90120000-002C-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (Czech) 2007 (HKLM-x32\...\{90120000-0019-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (Czech) 2007 (HKLM\...\{90120000-002A-0405-1000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Czech) 2007 (HKLM-x32\...\{90120000-006E-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (Czech) 2007 (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Microsoft VC++ redistributables repacked. (HKLM\...\{ED4D7D2E-A64D-4C3A-A8B9-B27CE153A2A6}) (Version: 12.0.0.0 - Intel Corporation) Hidden
Microsoft VC++ redistributables repacked. (HKLM-x32\...\{599ED608-BADF-4C3D-9172-EA5E06386EF6}) (Version: 12.0.0.0 - Intel Corporation) Hidden
Pomocník s aktualizací Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22807 - Microsoft Corporation)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.50 - Ghisler Software GmbH)
Update for x64-based Windows Systems (KB5001716) (HKLM\...\{B8D93870-98D1-4980-AFCA-E26563CDFB79}) (Version: 8.94.0.0 - Microsoft Corporation)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 3.2.10.0 - ASUSTeK COMPUTER INC.)
WinRAR (HKLM-x32\...\WinRAR archiver) (Version: - )

Packages:
=========
Adobe Acrobat Reader -> C:\Program Files\Adobe\Acrobat DC [2025-10-03] ()
ASUS Battery Health Charging -> C:\Program Files\WindowsApps\B9ECED6F.ASUSBatteryHealthCharging_1.0.7.0_x86__qmba6cd70vzyy [2019-07-17] (ASUSTeK COMPUTER INC.) [Startup Task]
ASUS Sync -> C:\Program Files\WindowsApps\ScreenovateTechnologies.AsusVirtoo_2.4.8064.0_x64__0vhbc3ng4wbp0 [2024-05-29] (Screenovate Technologies.) [Startup Task]
AudioWizard -> C:\Program Files\WindowsApps\ICEpower.AudioWizard_1.5.28.0_x64__dxp88312j1fgj [2022-05-13] (ICEpower)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2023-01-16] (Microsoft Corporation)
eManual -> C:\Program Files\WindowsApps\B9ECED6F.eManual_2.0.3.0_x86__qmba6cd70vzyy [2019-07-17] (ASUSTeK COMPUTER INC.)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_161.1.1087.0_x64__v10z8vjag6ke6 [2025-09-01] (HP Inc.)
Microsoft Access -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Access_16051.19127.20358.0_x86__8wekyb3d8bbwe [2025-11-15] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2025-04-29] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2025-04-29] (Microsoft Corporation) [MS Ad]
Microsoft Excel -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Excel_16051.19127.20358.0_x86__8wekyb3d8bbwe [2025-11-15] (Microsoft Corporation)
Microsoft Office Desktop Apps -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop_16051.19127.20358.0_x86__8wekyb3d8bbwe [2025-11-15] (Microsoft Corporation)
Microsoft Outlook -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.19127.20358.0_x86__8wekyb3d8bbwe [2025-11-15] (Microsoft Corporation)
Microsoft PowerPoint -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.PowerPoint_16051.19127.20358.0_x86__8wekyb3d8bbwe [2025-11-15] (Microsoft Corporation)
Microsoft Publisher -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Publisher_16051.19127.20358.0_x86__8wekyb3d8bbwe [2025-11-15] (Microsoft Corporation)
Microsoft Word -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Word_16051.19127.20358.0_x86__8wekyb3d8bbwe [2025-11-15] (Microsoft Corporation)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.15.227.0_x64__dt26b99r8h8gj [2022-05-13] (Realtek Semiconductor Corp)
Splendid -> C:\Program Files\WindowsApps\B9ECED6F.Splendid_1.0.15.0_x64__qmba6cd70vzyy [2022-05-16] (ASUSTeK COMPUTER INC.) [Startup Task]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1345540238-2797583472-3703127654-1002_Classes\CLSID\{13357088-9834-0409-1600-134951500000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-1345540238-2797583472-3703127654-1002_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2210608 2006-10-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2025-10-26] (Gen Digital Inc. -> Gen Digital Inc.)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2025-10-26] (Gen Digital Inc. -> Gen Digital Inc.)
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2025-09-08] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2025-10-26] (Gen Digital Inc. -> Gen Digital Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2005-06-07] () [File not signed]
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2025-10-26] (Gen Digital Inc. -> Gen Digital Inc.)
ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2005-06-07] () [File not signed]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_fb9939a7d714d646\igfxDTCM.dll [2020-09-15] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2025-10-26] (Gen Digital Inc. -> Gen Digital Inc.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2005-06-07] () [File not signed]

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2025-08-15 03:15 - 2025-08-15 03:15 - 000030720 _____ (Adobe Systems Inc.) [File not signed] C:\Program Files\Adobe\Acrobat DC\Acrobat\locale\cs_cz\Acrobat Elements\ContextMenuShim64.cze

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) =============

HKU\S-1-5-21-1345540238-2797583472-3703127654-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/
HKU\S-1-5-21-1345540238-2797583472-3703127654-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus17win10.msn.com/?pc=ASTE
SearchScopes: HKU\S-1-5-21-1345540238-2797583472-3703127654-1002 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1345540238-2797583472-3703127654-1002 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-26] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-09-15 08:31 - 2018-09-15 08:31 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Network ===========================

(Currently there is no automatic fix for this section.)

DNS Servers: 192.168.8.1
Windows Firewall is enabled.

Network Binding:
=============
Wi-Fi: Realtek 8821CE Wireless LAN 802.11ac PCI-E NIC -> rtwlane.sys

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\iCLS\;C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT
HKU\S-1-5-21-1345540238-2797583472-3703127654-1002\Control Panel\Desktop\\Wallpaper ->
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows Defender\Features => (TamperProtection: 5) (TamperProtectionSource: )
HKLM\SOFTWARE\Microsoft\Windows Defender\Real-Time Protection => (DpaDisabled: 0)


==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKU\S-1-5-21-1345540238-2797583472-3703127654-1002\...\StartupApproved\Run: => "BingWallpaperApp"
HKU\S-1-5-21-1345540238-2797583472-3703127654-1002\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_74301B2884F50560207D3A8AEF963FB6"
HKU\S-1-5-21-1345540238-2797583472-3703127654-1002\...\StartupApproved\Run: => "CCleaner Smart Cleaning"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{1D0DBBD6-0095-4AA1-8CF6-6E8B850A718A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.89.3403.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{3093C716-5252-4F70-91FD-F5B46E9E79DB}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.89.3403.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{1C42E25D-77AC-41A8-A656-D798081D2385}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.89.3403.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{B80E7033-EC37-4D60-AAAE-BE6C5A13FF88}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.89.3403.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{DE618DAE-5CE1-4CBC-814D-1920FE8242B1}] => (Allow) C:\Program Files\Avast Software\Avast\AvastUI.exe (Gen Digital Inc. -> Gen Digital Inc.)
FirewallRules: [{BD74F6D0-D0C6-4998-BDC2-0980118B89F4}] => (Allow) C:\Program Files\Avast Software\Avast\AvastUI.exe (Gen Digital Inc. -> Gen Digital Inc.)
FirewallRules: [{CADEE93D-332B-4393-94C1-E74BC50BFA09}] => (Allow) C:\Program Files\WindowsApps\ScreenovateTechnologies.AsusVirtoo_2.4.8064.0_x64__0vhbc3ng4wbp0\app\ASUSSyncClient.exe (6B081F61-C764-4F21-995F-B463D0640577 -> Screenovate Technologies Ltd.)
FirewallRules: [{17EC034F-0C30-43E7-957B-AB324B87015E}] => (Allow) C:\Program Files\WindowsApps\ScreenovateTechnologies.AsusVirtoo_2.4.8064.0_x64__0vhbc3ng4wbp0\app\ASUSSyncClient.exe (6B081F61-C764-4F21-995F-B463D0640577 -> Screenovate Technologies Ltd.)
FirewallRules: [{834382BE-0505-43C2-BD82-D3D09EEF8F27}] => (Allow) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.19127.20358.0_x86__8wekyb3d8bbwe\Office16\OUTLOOK.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{7830A7C2-9974-4295-9FDF-0E126F35A2A8}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

10-11-2025 20:07:10 Naplánovaný kontrolní bod
11-11-2025 20:31:58 Instalační služba modulů systému Windows
11-11-2025 20:34:17 Instalační služba modulů systému Windows

==================== Faulty Device Manager Devices ============

==================== Event log errors: ========================

Application errors:
==================
Error: (09/10/2025 06:59:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: lpksetup.exe, verze: 10.0.19041.6033, časové razítko: 0x95939210
Název chybujícího modulu: msvcrt.dll, verze: 7.0.19041.3636, časové razítko: 0x9bf60e04
Kód výjimky: 0x40000015
Posun chyby: 0x000000000000ae22
ID chybujícího procesu: 0x1150
Čas spuštění chybující aplikace: 0x01dc227cb4317d7f
Cesta k chybující aplikaci: C:\WINDOWS\system32\lpksetup.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\msvcrt.dll
ID zprávy: 99ebd1dd-8399-4162-a650-6316752b0e52
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (07/09/2025 08:07:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: explorer.exe, verze: 10.0.19041.5915, časové razítko: 0xe3e22698
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x727981f0
ID chybujícího procesu: 0x8bc
Čas spuštění chybující aplikace: 0x01dbf104b54e8b1c
Cesta k chybující aplikaci: C:\WINDOWS\SysWOW64\explorer.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: b26bb3ce-9e87-4295-8413-9b5f5e648be0
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (06/08/2025 09:07:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: explorer.exe, verze: 10.0.19041.5848, časové razítko: 0xca00cd10
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x731781f0
ID chybujícího procesu: 0x2b08
Čas spuštění chybující aplikace: 0x01dbd8b102a6a076
Cesta k chybující aplikaci: C:\WINDOWS\SysWOW64\explorer.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 7960d9be-59c8-4d75-8c9a-c6f3b0c62d0b
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:


System errors:
=============
Error: (11/18/2025 05:36:49 PM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1801) (User: NT AUTHORITY)
Description: Secure Boot CA/keys need to be updated. This device signature information is included here.
DeviceAttributes: BaseBoardManufacturer:ASUSTeK COMPUTER INC.;FirmwareManufacturer:American Megatrends Inc.;FirmwareVersion:X540UAR.305;OEMModelBaseBoard:X540UAR;OEMManufacturerName:ASUSTeK COMPUTER INC.;OSArchitecture:amd64;
BucketId: 278daffdf07b7654db541705f1157574f77a592bf740f5bdef92884ecdb63c3d
BucketConfidenceLevel:
UpdateType: 0
HResult: 0

Error: (11/18/2025 05:33:59 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba Aktualizace Google (gupdate) neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (11/18/2025 05:33:59 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Služba Aktualizace Google (gupdate) bylo dosaženo časového limitu (30000 ms).

Error: (11/18/2025 05:31:20 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-5VB34SR3)
Description: Server {628ACE20-B77A-456F-A88D-547DB6CEEDD5} se v daném časovém limitu neregistroval u služby DCOM.

Error: (11/14/2025 01:27:14 PM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1801) (User: NT AUTHORITY)
Description: Secure Boot CA/keys need to be updated. This device signature information is included here.
DeviceAttributes: BaseBoardManufacturer:ASUSTeK COMPUTER INC.;FirmwareManufacturer:American Megatrends Inc.;FirmwareVersion:X540UAR.305;OEMModelBaseBoard:X540UAR;OEMManufacturerName:ASUSTeK COMPUTER INC.;OSArchitecture:amd64;
BucketId: 278daffdf07b7654db541705f1157574f77a592bf740f5bdef92884ecdb63c3d
BucketConfidenceLevel:
UpdateType: 0
HResult: 0

Error: (11/14/2025 01:24:25 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba Aktualizace Google (gupdate) neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (11/14/2025 01:24:25 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Služba Aktualizace Google (gupdate) bylo dosaženo časového limitu (30000 ms).

Error: (11/02/2025 11:47:15 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-5VB34SR3)
Description: Server {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} se v daném časovém limitu neregistroval u služby DCOM.


CodeIntegrity:
===============
Date: 2025-11-14 13:23:16
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Avast Software\Avast\AvastSvc.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

BIOS: American Megatrends Inc. X540UAR.305 06/21/2019
Motherboard: ASUSTeK COMPUTER INC. X540UAR
Processor: Intel(R) Core(TM) i3-7020U CPU @ 2.30GHz
Percentage of memory in use: 84%
Total physical RAM: 3979.06 MB
Available physical RAM: 627.1 MB
Total Virtual: 5771.06 MB
Available Virtual: 1548.98 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:237.37 GB) (Free:161.91 GB) (Model: SanDisk SD9SB8W256G1002) NTFS

\\?\Volume{2d81b3f9-1e81-469c-8b05-f647f89177c5}\ (RECOVERY) (Fixed) (Total:0.83 GB) (Free:0.28 GB) NTFS
\\?\Volume{a28dafb6-d689-473c-ac59-a4aa7cf269b0}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: 3D992711)

Partition: GPT.

==================== End of Addition.txt =======================

[Rudy]

Zdravím!
Spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

[PredyP]

# -------------------------------
# Malwarebytes AdwCleaner 8.6.0.613
# -------------------------------
# Build: 08-19-2025
# Database: 2025-08-19.3 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 11-18-2025
# Duration: 00:00:05
# OS: Windows 10 (Build 19045.6466)
# Cleaned: 15
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

Deleted Preinstalled.ASUSDeviceActivation Folder C:\Program Files (x86)\ASUS\ASUS DEVICE ACTIVATION
Deleted Preinstalled.ASUSDeviceActivation Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{9C4B0706-9F9A-47BF-B417-0A111FC52B04}
Deleted Preinstalled.ASUSGiftBox Folder C:\Program Files (x86)\ASUS\ASUS GIFTBOX SERVICE
Deleted Preinstalled.ASUSGiftBox Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{4701E5AB-AF91-4D40-8F18-358CC80E4E5B}
Deleted Preinstalled.ASUSHello Folder C:\Program Files (x86)\ASUS\ASUS HELLO
Deleted Preinstalled.ASUSHello Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4735F86A-04D4-4203-8C3A-97EE19D3EBBA}
Deleted Preinstalled.ASUSHello Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ASUS Hello
Deleted Preinstalled.ASUSHello Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{D8CE1923-92A9-4036-817E-9E0D8AA2169B}
Deleted Preinstalled.ASUSHello Task C:\Windows\System32\Tasks\ASUS HELLO
Deleted Preinstalled.ASUSLiveUpdate Folder C:\Program Files (x86)\ASUS\ASUS LIVE UPDATE
Deleted Preinstalled.ASUSLiveUpdate Folder C:\ProgramData\ASUS\ASUS LIVE UPDATE
Deleted Preinstalled.ASUSLiveUpdate Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C88C062B-2581-4519-9636-3D696B645ECC}
Deleted Preinstalled.ASUSLiveUpdate Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Update Checker
Deleted Preinstalled.ASUSLiveUpdate Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}
Deleted Preinstalled.ASUSLiveUpdate Task C:\Windows\System32\Tasks\UPDATE CHECKER


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [3137 octets] - [18/11/2025 18:55:24]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

[Rudy]

Ty prinstalled mazat nemusel, jsou to neškodné utility od ASUSu. Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {2B744085-34B0-49C9-A3D2-34666BA8E3FB} - System32\Tasks\Microsoft\Windows\PI\SecureBootEncodeUEFI => %WINDIR%\system32\SecureBootEncodeUEFI.exe (No File)
Task: {A9F67FF9-7B63-48C7-AE5D-7DBAD9852A18} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1345540238-2797583472-3703127654-1001 => %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (No File) <==== ATTENTION
Task: {3D05F511-30BC-4FC7-A13D-1A7A59348079} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-529439204-3625963303-702397246-500 => %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (No File) <==== ATTENTION
Task: {FE0E3D6C-71DE-4706-AD2D-CE03054174CF} - System32\Tasks\SplendidTask => C:\ProgramData\ASUS\ASUS -> Splendid\SplendidStartUp.exe <==== ATTENTION
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
SearchScopes: HKU\S-1-5-21-1345540238-2797583472-3703127654-1002 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1345540238-2797583472-3703127654-1002 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
HKU\S-1-5-21-1345540238-2797583472-3703127654-1002\Control Panel\Desktop\\Wallpaper ->
FirewallRules: [{1D0DBBD6-0095-4AA1-8CF6-6E8B850A718A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.89.3403.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{3093C716-5252-4F70-91FD-F5B46E9E79DB}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.89.3403.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{1C42E25D-77AC-41A8-A656-D798081D2385}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.89.3403.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{B80E7033-EC37-4D60-AAAE-BE6C5A13FF88}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.89.3403.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

[PredyP]

Fix result of Farbar Recovery Scan Tool (x64) Version: 17-11-2025
Ran by ASUS (18-11-2025 20:09:14) Run:1
Running from C:\Users\ASUS\Desktop
Loaded Profiles: ASUS
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {2B744085-34B0-49C9-A3D2-34666BA8E3FB} - System32\Tasks\Microsoft\Windows\PI\SecureBootEncodeUEFI => %WINDIR%\system32\SecureBootEncodeUEFI.exe (No File)
Task: {A9F67FF9-7B63-48C7-AE5D-7DBAD9852A18} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1345540238-2797583472-3703127654-1001 => %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (No File) <==== ATTENTION
Task: {3D05F511-30BC-4FC7-A13D-1A7A59348079} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-529439204-3625963303-702397246-500 => %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (No File) <==== ATTENTION
Task: {FE0E3D6C-71DE-4706-AD2D-CE03054174CF} - System32\Tasks\SplendidTask => C:\ProgramData\ASUS\ASUS -> Splendid\SplendidStartUp.exe <==== ATTENTION
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
SearchScopes: HKU\S-1-5-21-1345540238-2797583472-3703127654-1002 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1345540238-2797583472-3703127654-1002 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
HKU\S-1-5-21-1345540238-2797583472-3703127654-1002\Control Panel\Desktop\\Wallpaper ->
FirewallRules: [{1D0DBBD6-0095-4AA1-8CF6-6E8B850A718A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.89.3403.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{3093C716-5252-4F70-91FD-F5B46E9E79DB}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.89.3403.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{1C42E25D-77AC-41A8-A656-D798081D2385}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.89.3403.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{B80E7033-EC37-4D60-AAAE-BE6C5A13FF88}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.89.3403.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File

EmptyTemp:
End
*****************

Processes closed successfully.
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiSpyware"="0" => value restored successfully
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiVirus"="0" => value restored successfully
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate => removed successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{2B744085-34B0-49C9-A3D2-34666BA8E3FB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2B744085-34B0-49C9-A3D2-34666BA8E3FB}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\PI\SecureBootEncodeUEFI => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\PI\SecureBootEncodeUEFI" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A9F67FF9-7B63-48C7-AE5D-7DBAD9852A18}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A9F67FF9-7B63-48C7-AE5D-7DBAD9852A18}" => removed successfully
C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1345540238-2797583472-3703127654-1001 => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OneDrive Standalone Update Task-S-1-5-21-1345540238-2797583472-3703127654-1001" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3D05F511-30BC-4FC7-A13D-1A7A59348079}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3D05F511-30BC-4FC7-A13D-1A7A59348079}" => removed successfully
C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-529439204-3625963303-702397246-500 => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OneDrive Standalone Update Task-S-1-5-21-529439204-3625963303-702397246-500" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{FE0E3D6C-71DE-4706-AD2D-CE03054174CF}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FE0E3D6C-71DE-4706-AD2D-CE03054174CF}" => removed successfully
C:\WINDOWS\System32\Tasks\SplendidTask => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SplendidTask" => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => removed successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
"HKU\S-1-5-21-1345540238-2797583472-3703127654-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
HKU\S-1-5-21-1345540238-2797583472-3703127654-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => removed successfully
HKU\S-1-5-21-1345540238-2797583472-3703127654-1002\Control Panel\Desktop\\Wallpaper -> => Error: No automatic fix found for this entry.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{1D0DBBD6-0095-4AA1-8CF6-6E8B850A718A}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3093C716-5252-4F70-91FD-F5B46E9E79DB}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{1C42E25D-77AC-41A8-A656-D798081D2385}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B80E7033-EC37-4D60-AAAE-BE6C5A13FF88}" => removed successfully

=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 1048576 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 17943429 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 0 B
Windows/system/drivers => 471423 B
Edge => 0 B
Chrome => 348716108 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 297 B
systemprofile32 => 297 B
LocalService => 75575 B
NetworkService => 75575 B
jspro => 97483 B
ASUS => 112536237 B

RecycleBin => 64503985 B
EmptyTemp: => 520.2 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 20:09:30 ====

[Rudy]

Smazáno. Nastala nějaká změna?

[PredyP]

Je to lepší už to tolik nehlásí, ale pořád Windows upozorňuje na vypnutou antivirovou ochranu a vir.

[Rudy]

Ochrana je zapnutá:

AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}

Ochrana windows musí být tedy pochopitelně vypnuta. Tu hlášku dává systém, antivir, nebo něco jiného? Obvyklé to není, neboť tehdy, pokud je nainstalován AV třetí strany, je systémový AV (Windows Defender) automaticky vypnut.

[PredyP]

Hlásí to Windows defender, a když to chci zavřít křížkem tak to otevře nějaké internetové stránky. No právě že avasat říká chráněno.

[Rudy]

To je divné, vypnutý WinDef by měl zabránit, takovým hláškám. Na 99% je to nesmysl. Spusťte ještě čištění prohlížečů:

Spusťte postupně tyto utility:

1. Stahnete Zoek.exe https://sdilej.cz/29519076/zoek.rar a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize

autoclean;
resethosts;
emptyclsid;
IEdefaults;
FFdefaults;
CHRdefaults;
emptyIEcache;
emptyFFcache;
emptyCHRcache;
emptyalltemp;
emptyflash;
emptyjava;
emptyrecycle.bin;

Nasledne kliknete na Run Script
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem.

a po něm

2. Junkware removal tool: https://www.stahuj.cz/utility_a_ostatni ... oval-tool/
•Ulozte nejlepe na plochu
•Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
•Probehne vytvoreni zalohy a nasledne prohledavani
•Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte.

[PredyP]

Zoek.exe v5.0.0.0 Updated 04-May-2015
Tool run by ASUS on 19.11.2025 at 16:04:30,52.
Microsoft Windows 10 Home 10.0.19045 x64
Running in: Normal Mode No Internet Access Detected
Launched: C:\Users\ASUS\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

19.11.2025 16:06:09 Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost

==== Empty Folders Check ======================

C:\PROGRA~3\SoftwareDistribution deleted successfully
C:\PROGRA~3\ssh deleted successfully
C:\WINDOWS\serviceprofiles\networkservice\AppData\LocalLow deleted successfully
C:\Users\jspro\AppData\Local\DBG deleted successfully
C:\Users\jspro\AppData\Local\GHISLER deleted successfully
C:\Users\jspro\AppData\Local\PlaceholderTileLogoFolder deleted successfully
C:\Users\jspro\AppData\Local\VirtualStore deleted successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Packages deleted successfully

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== Deleting Files \ Folders ======================

C:\PROGRA~3\Package Cache deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\CM2C1CC.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-13dc-6f0-a5810.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-13dc-6f0-a58c0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-13dc-6f0-a5910.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-13dc-6f0-a5912.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-13dc-6f0-a5923.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-13dc-6f0-a5945.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-13dc-6f0-a5956.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-13dc-6f0-a59a6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-13dc-6f0-a59b8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-13dc-6f0-a59ba.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-13dc-6f0-a59cc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-13dc-6f0-a5a0c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-13dc-6f0-a5a5c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-13dc-6f0-a5a5e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-13dc-6f0-a5a70.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-13dc-6f0-a5a81.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-13dc-6f0-a5ab2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-13dc-6f0-a5ad4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-13dc-6f0-a5af5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-13dc-6f0-a5b06.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1524-1e48-9fc05.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1524-1e48-9fc38.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1524-1e48-9fc4a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1524-1e48-9fc4c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1524-1e48-9fc7d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1524-1e48-9fc8e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1524-1e48-9fca0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1524-1e48-9fca2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1524-1e48-9fcc3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1524-1e48-9fcc5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1524-1e48-9fce6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1524-1e48-9fd08.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1524-1e48-9fd0a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1524-1e48-9fd1b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1524-1e48-9fd1d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1524-1e48-9fd2f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1524-1e48-9fd40.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1524-1e48-9fd52.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1524-1e48-9fd64.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1524-1e48-9fdc3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-158c-21bc-239df04.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-158c-21bc-239df27.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-158c-21bc-239df29.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-158c-21bc-239df3a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-158c-21bc-239df3c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-158c-21bc-239df4e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-158c-21bc-239df50.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-158c-21bc-239df52.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-158c-21bc-239df64.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-158c-21bc-239df66.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-158c-21bc-239df77.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-158c-21bc-239df79.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-158c-21bc-239df7b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-158c-21bc-239df8d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-158c-21bc-239df8f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-158c-21bc-239df91.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-158c-21bc-239dfa3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-158c-21bc-239dfa5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-158c-21bc-239dfb6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-158c-21bc-239dfb8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-15f8-b0c-28f586.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-15f8-b0c-28f5d8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-15f8-b0c-28f5ea.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-15f8-b0c-28f5ec.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-15f8-b0c-28f61d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-15f8-b0c-28f61f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-15f8-b0c-28f631.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-15f8-b0c-28f642.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-15f8-b0c-28f654.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-15f8-b0c-28f665.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-15f8-b0c-28f687.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-15f8-b0c-28f698.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-15f8-b0c-28f6aa.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-15f8-b0c-28f6bc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-15f8-b0c-28f6be.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-15f8-b0c-28f6cf.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-15f8-b0c-28f6d1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-15f8-b0c-28f6e3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-15f8-b0c-28f6f4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-15f8-b0c-28f716.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-185c-2f38-99b48.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-185c-2f38-99b7a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-185c-2f38-99b8c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-185c-2f38-99b8e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-185c-2f38-99ba0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-185c-2f38-99ba2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-185c-2f38-99bc3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-185c-2f38-99bd5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-185c-2f38-99be6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-185c-2f38-99bf8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-185c-2f38-99bfa.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-185c-2f38-99c1b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-185c-2f38-99c2d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-185c-2f38-99c2f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-185c-2f38-99c40.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-185c-2f38-99c52.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-185c-2f38-99c64.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-185c-2f38-99c85.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-185c-2f38-99ca6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-185c-2f38-99ce7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1c24-1344-2310880.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1c24-1344-23108c3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1c24-1344-23108c5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1c24-1344-23108e6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1c24-1344-23108f8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1c24-1344-23108fa.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1c24-1344-231090b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1c24-1344-231090d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1c24-1344-231091f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1c24-1344-2310921.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1c24-1344-2310933.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1c24-1344-2310935.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1c24-1344-2310937.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1c24-1344-2310958.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1c24-1344-231096a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1c24-1344-231096c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1c24-1344-231097d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1c24-1344-231097f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1c24-1344-23109a0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1c24-1344-23109a2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1cb4-2ae4-16a4dd.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1cb4-2ae4-16a53f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1cb4-2ae4-16a560.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1cb4-2ae4-16a572.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1cb4-2ae4-16a5a3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1cb4-2ae4-16a5a5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1cb4-2ae4-16a5b7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1cb4-2ae4-16a5b9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1cb4-2ae4-16a5ca.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1cb4-2ae4-16a5cc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1cb4-2ae4-16a5de.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1cb4-2ae4-16a5e0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1cb4-2ae4-16a5f1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1cb4-2ae4-16a613.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1cb4-2ae4-16a634.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1cb4-2ae4-16a646.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1cb4-2ae4-16a657.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1cb4-2ae4-16a659.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1cb4-2ae4-16a68a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1cb4-2ae4-16a68c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f14-348-99174.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f14-348-99197.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f14-348-99199.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f14-348-991ab.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f14-348-991ad.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f14-348-991af.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f14-348-991c0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f14-348-991c2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f14-348-991d4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f14-348-991d6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f14-348-991d8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f14-348-991ea.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f14-348-991ec.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f14-348-991ee.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f14-348-991ff.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f14-348-99201.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f14-348-99203.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f14-348-99215.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f14-348-99217.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f14-348-99229.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2178-f84-9ae14.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2178-f84-9ae47.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2178-f84-9ae68.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2178-f84-9ae6a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2178-f84-9ae7c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2178-f84-9ae8d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2178-f84-9ae8f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2178-f84-9ae91.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2178-f84-9aea3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2178-f84-9aea5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2178-f84-9aeb7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2178-f84-9aeb9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2178-f84-9aeca.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2178-f84-9aecc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2178-f84-9aede.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2178-f84-9aef0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2178-f84-9af01.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2178-f84-9af13.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2178-f84-9af15.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2178-f84-9af26.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2184-1acc-458d31c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2184-1acc-458d35e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2184-1acc-458d38f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2184-1acc-458d3b0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2184-1acc-458d3d1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2184-1acc-458d3e3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2184-1acc-458d3f5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2184-1acc-458d3f7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2184-1acc-458d408.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2184-1acc-458d41a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2184-1acc-458d41c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2184-1acc-458d42e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2184-1acc-458d48d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2184-1acc-458d49f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2184-1acc-458d4d0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2184-1acc-458d4d2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2184-1acc-458d4e3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2184-1acc-458d524.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2184-1acc-458d545.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2184-1acc-458d547.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-21c-2b34-ad32274.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-21c-2b34-ad33f56.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-21c-2b34-ad35fd1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-21c-2b34-ad36159.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-21c-2b34-ad36469.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-21c-2b34-ad36853.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-21c-2b34-ad37332.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-21c-2b34-ad37576.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-21c-2b34-ad37818.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-21c-2b34-ad37aaa.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-21c-2b34-ad37fdc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-21c-2b34-ad38472.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-21c-2b34-ad38678.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-21c-2b34-ad388eb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-21c-2b34-ad38cd5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-21c-2b34-ad38f86.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-21c-2b34-ad3939f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-21c-2b34-ad39845.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-21c-2b34-ad3a3d0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-21c-2b34-ad3b612.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-25b8-d64-1282c2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-25b8-d64-1282f5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-25b8-d64-1282f7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-25b8-d64-128309.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-25b8-d64-12830b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-25b8-d64-12831d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-25b8-d64-12832e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-25b8-d64-128330.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-25b8-d64-128342.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-25b8-d64-128344.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-25b8-d64-128355.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-25b8-d64-128367.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-25b8-d64-128379.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-25b8-d64-12837b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-25b8-d64-12838c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-25b8-d64-12839e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-25b8-d64-1283b0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-25b8-d64-1283c1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-25b8-d64-1283c3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-25b8-d64-1283d5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-28f0-a30-f028b4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-28f0-a30-f028d7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-28f0-a30-f028d9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-28f0-a30-f028eb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-28f0-a30-f028ed.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-28f0-a30-f028ef.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-28f0-a30-f02900.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-28f0-a30-f02902.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-28f0-a30-f02904.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-28f0-a30-f02916.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-28f0-a30-f02918.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-28f0-a30-f0292a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-28f0-a30-f0292c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-28f0-a30-f0292e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-28f0-a30-f0293f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-28f0-a30-f02941.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-28f0-a30-f02943.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-28f0-a30-f02955.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-28f0-a30-f02957.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-28f0-a30-f02969.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2bb8-2090-10832a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2bb8-2090-10838b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2bb8-2090-1083ad.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2bb8-2090-1083be.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2bb8-2090-1083d0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2bb8-2090-1083d2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2bb8-2090-1083e4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2bb8-2090-1083e6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2bb8-2090-1083f7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2bb8-2090-108409.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2bb8-2090-10840b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2bb8-2090-10841c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2bb8-2090-10843e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2bb8-2090-108440.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2bb8-2090-108451.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2bb8-2090-108482.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2bb8-2090-108494.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2bb8-2090-108496.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2bb8-2090-1084a7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2bb8-2090-1084b9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2c0c-1328-9659621.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2c0c-1328-965a577.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2c0c-1328-965a5d7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2c0c-1328-965a617.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2c0c-1328-965a6a6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2c0c-1328-965a6f6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2c0c-1328-965a717.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2c0c-1328-965a767.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2c0c-1328-965a7c7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2c0c-1328-965a7f8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2c0c-1328-965a848.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2c0c-1328-965a8f6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2c0c-1328-965a908.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2c0c-1328-965a9a6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2c0c-1328-965aa34.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2c0c-1328-965aa65.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2c0c-1328-965aa77.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2c0c-1328-965aad7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2c0c-1328-965ab36.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2c0c-1328-965ab67.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2d6c-310-1415f5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2d6c-310-141618.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2d6c-310-14161a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2d6c-310-14162c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2d6c-310-14162e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2d6c-310-141630.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2d6c-310-141642.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2d6c-310-141653.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2d6c-310-141655.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2d6c-310-141657.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2d6c-310-141669.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2d6c-310-14166b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2d6c-310-14167d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2d6c-310-14167f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2d6c-310-141681.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2d6c-310-141692.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2d6c-310-141694.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2d6c-310-141696.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2d6c-310-1416a8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2d6c-310-1416aa.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-30c8-34c4-b9834d4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-30c8-34c4-b983517.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-30c8-34c4-b983519.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-30c8-34c4-b98353a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-30c8-34c4-b98354c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-30c8-34c4-b98356d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-30c8-34c4-b98357f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-30c8-34c4-b983590.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-30c8-34c4-b983592.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-30c8-34c4-b9835a4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-30c8-34c4-b9835c5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-30c8-34c4-b9835d7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-30c8-34c4-b9835e8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-30c8-34c4-b9835ea.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-30c8-34c4-b9835fc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-30c8-34c4-b9835fe.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-30c8-34c4-b98361f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-30c8-34c4-b983641.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-30c8-34c4-b983643.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-30c8-34c4-b983654.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-634-638-6b518.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-634-638-6b52b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-634-638-6b53d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-634-638-6b53f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-634-638-6b541.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-634-638-6b552.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-634-638-6b554.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-634-638-6b556.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-634-638-6b568.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-634-638-6b56a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-634-638-6b56c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-634-638-6b56e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-634-638-6b580.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-634-638-6b582.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-634-638-6b593.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-634-638-6b595.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-634-638-6b597.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-634-638-6b599.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-634-638-6b5ab.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-634-638-6b5ad.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-9cc-2b08-bb7af.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-9cc-2b08-bb7d3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-9cc-2b08-bb7d5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-9cc-2b08-bb7e6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-9cc-2b08-bb7e8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-9cc-2b08-bb7fa.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-9cc-2b08-bb85a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-9cc-2b08-bb86b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-9cc-2b08-bb86d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-9cc-2b08-bb89e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-9cc-2b08-bb8a0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-9cc-2b08-bb8b2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-9cc-2b08-bb8e3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-9cc-2b08-bb913.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-9cc-2b08-bb915.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-9cc-2b08-bb927.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-9cc-2b08-bb929.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-9cc-2b08-bb94a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-9cc-2b08-bb94c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-9cc-2b08-bb96e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ea0-1bc4-bb0aa.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ea0-1bc4-bb0ce.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ea0-1bc4-bb0df.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ea0-1bc4-bb0e1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ea0-1bc4-bb103.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ea0-1bc4-bb105.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ea0-1bc4-bb116.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ea0-1bc4-bb128.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ea0-1bc4-bb139.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ea0-1bc4-bb14b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ea0-1bc4-bb15d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ea0-1bc4-bb15f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ea0-1bc4-bb170.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ea0-1bc4-bb182.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ea0-1bc4-bb194.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ea0-1bc4-bb196.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ea0-1bc4-bb1a7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ea0-1bc4-bb1b9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ea0-1bc4-bb1bb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-ea0-1bc4-bb1cc.tmp deleted
"C:\DumpStack.log.tmp" not deleted
"C:\Users\ASUS\AppData\Local\Avast Software\Avast\datascan.json" not deleted
"C:\Users\ASUS\AppData\Local\Avast Software\Avast\ATT\att_results.dat" not deleted
"C:\Users\ASUS\AppData\Local\Avast Software" not deleted
"C:\Users\ASUS\AppData\Local\Avast Software\Avast" not deleted
"C:\Users\ASUS\AppData\Local\Avast Software\Avast\ATT" not deleted

==== Chromium Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
efaidnbmnnnibpcajpcglclefindmkaj - No path found[]

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
efaidnbmnnnibpcajpcglclefindmkaj - No path found[]

Edge relevant text changes - ASUS\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha

==== Chromium Startpages ======================

C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Preferences
7F2E482459E7711F4C8","session":{"restore_on_startup":"4941C0B1AD2704B3643061AA807697BE52C909E8F59CDEA76A1427F0A688C6D0","startup_urls":"8542EFDAACFCD139184AFA4682924C8C33219FDA6366AFF15711BF4D3EA6EEDC"}},"super_mac":"94F080E0FBC8D5AF7AA4BD276EF65D87E4777A86CAA048077F5D5615EA232485"},"session":{"restore_on_startup":4,"startup_urls":["https://www.google.com/"]}}


==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.seznam.cz/"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.seznam.cz/"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE8SRC"

==== Reset Google Chrome ======================

C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\ASUS\AppData\Local\Microsoft\Edge\User Data\Default\Preferences was reset successfully
C:\Users\ASUS\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences was reset successfully
C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\ASUS\AppData\Local\Microsoft\Edge\User Data\Default\Web Data was reset successfully
C:\Users\ASUS\AppData\Local\Microsoft\Edge\User Data\Default\Web Data-journal was reset successfully

==== Empty IE Cache ======================

C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\ASUS\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\ASUS\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\ASUS\AppData\Local\Microsoft\Edge\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

No Flash Cache Found

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=11 folders=409 15968381 bytes)

==== Empty Temp Folders ======================

C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\Users\ASUS\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\DumpStack.log.tmp" not deleted
"C:\Users\ASUS\AppData\Local\Avast Software\Avast\datascan.json" not found
"C:\Users\ASUS\AppData\Local\Avast Software\Avast\ATT\att_results.dat" not found
"C:\Users\ASUS\AppData\Local\Avast Software" not found

==== EOF on 19.11.2025 at 16:29:58,19 ======================

[PredyP]

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 10 Home x64
Ran by ASUS (Administrator) on 19.11.2025 at 18:06:23,14
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 0




Registry: 2

Successfully deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C} (Registry Key)




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 19.11.2025 at 18:09:32,83
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

[Rudy]

Smazáno. Změnilo se něco k lepšímu?

[PredyP]

Zdá se to být už v pořádku.
Děkuji za pomoc.

[Rudy]

To jsem rád a nemáte zač!