VIRY.CZ

Zdravím. Prosím o kontrolu logu. Díky moc.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 26-11-2021
Ran by Stiburek (administrator) on RUDASUPPORT81 (HP HP ProBook 470 G3) (29-11-2021 11:04:15)
Running from C:\Users\Stiburek\Desktop
Loaded Profiles: Stiburek
Platform: Microsoft Windows 10 Pro Version 21H1 19043.1348 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\cncmd.exe
(Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
(DigitalPersona, Inc. -> DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpCardEngine.exe
(DigitalPersona, Inc. -> DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
(eM Client, s.r.o. -> eM Client s.r.o.) C:\Program Files (x86)\eM Client\MailClient.exe <2>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <11>
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_ddd78e0f8226b40b\HotKeyServiceUWP.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_ddd78e0f8226b40b\HPHotkeyNotification.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_ddd78e0f8226b40b\LanWlanWwanSwitchingServiceUWP.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation - Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation - Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation -> Intel(R) Corporation) C:\Windows\SysWOW64\XtuService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10_50.DUEL\MSSQL\Binn\sqlservr.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\NisSrv.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322472 2015-08-18] (Intel Corporation - Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [MicTray] => C:\Program Files\Conexant\MicTray\MicTray64.exe [2728024 2015-09-15] (Conexant Systems, Inc. -> Conexant)
HKLM\...\Run: [SmartAudio] => C:\Program Files\Conexant\SA3\HP-NB-AIO\SACpl.exe [1830616 2014-04-10] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508240 2015-08-05] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412736 2021-09-07] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
HKLM-x32\...\Run: [AdobeCS5.5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [1523360 2011-01-12] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [41360 2015-09-24] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [840592 2015-09-24] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
HKU\S-1-5-21-3736271558-2664885646-4274364148-1001\...\Run: [Privacy Eraser] => C:\Program Files\Cybertron\Privacy Eraser\PrivacyEraser64.exe [8774792 2020-01-15] (Cybertron Software Co., Ltd -> Cybertron Software, Co., Ltd.)
HKU\S-1-5-21-3736271558-2664885646-4274364148-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35144320 2021-08-16] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-3736271558-2664885646-4274364148-1001\...\Run: [Opera Browser Assistant] => C:\Users\Stiburek\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [4105424 2021-10-14] (Opera Software AS -> Opera Software)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\WINDOWS\system32\AdobePDF.dll [55872 2015-09-24] (Adobe Systems, Incorporated -> Adobe Systems Inc)
HKLM\...\Print\Monitors\HP Universal Port Monitor: C:\WINDOWS\system32\hpbprtmon.dll [432648 2015-07-11] (Microsoft Windows Hardware Compatibility Publisher -> HP)
HKLM\...\Print\Monitors\PDF Print Monitor BZ101: C:\Program Files\Common Files\STORMWARE\PDF Printer\Ports\STORMWARE\bzpdf.dll [210944 2013-10-04] (Bullzip) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\96.0.4664.45\Installer\chrmstp.exe [2021-11-19] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
HKLM\Software\...\Authentication\Credential Providers: [{722DEFE8-78AF-4E12-86A1-A8B21B509C52}] -> C:\WINDOWS\system32\DPCrProv2.dll [2015-07-28] (DigitalPersona, Inc. -> DigitalPersona, Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{77B7ED10-A641-4766-A428-8B9EE42E830A}] -> C:\WINDOWS\system32\DPCrProv2.dll [2015-07-28] (DigitalPersona, Inc. -> DigitalPersona, Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{B7724AE5-1135-4889-8A5F-CA98BE6CA1ED}] -> C:\Program Files\McAfee\TrueKey\McAfee.TrueKey.CredentialProvider.dll [2019-03-09] (McAfee, Inc. -> McAfee, LLC.)
HKLM\Software\...\Authentication\Credential Providers: [{E85E7D14-653B-4E51-9BC5-E5F9EC9BC51D}] -> C:\WINDOWS\system32\DPCrProv2.dll [2015-07-28] (DigitalPersona, Inc. -> DigitalPersona, Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{F0C31759-99A6-493E-AD7D-7F69126CDFBC}] -> C:\WINDOWS\system32\DPCrProv2.dll [2015-07-28] (DigitalPersona, Inc. -> DigitalPersona, Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{F731030D-3272-4D8B-A21A-3940EF268453}] -> C:\WINDOWS\system32\DPCrProv2.dll [2015-07-28] (DigitalPersona, Inc. -> DigitalPersona, Inc.)
HKLM\Software\...\Authentication\Credential Provider Filters: [{DCFB2A33-814B-4236-BFBD-FFEA3F528385}] -> C:\WINDOWS\system32\DPCrProv2.dll [2015-07-28] (DigitalPersona, Inc. -> DigitalPersona, Inc.)
HKLM\Software\...\Winlogon\GPExtensions: [{8D90E7E9-6F48-4e24-85E0-596C8E6C4639}] -> c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPCmsGPOClient.dll [2015-07-28] (DigitalPersona, Inc. -> DigitalPersona, Inc.)
Lsa: [Notification Packages] DPPassFilter scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter "C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter" "C:\Program Files\McAfee\TrueKey\McAfeeTrueKeyPasswordFilter"
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0095F8CC-597D-4067-B2E0-921CF90433B0} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0) (No File)
Task: {04F6D31D-9EC1-462E-BA94-6C2F138C20F8} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {07CC4AC4-0794-47A4-B7E9-2302D228E891} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -SqlLiteRecoveryTask (No File)
Task: {0AFE1F6B-9A96-403B-BCC1-7325774FE86A} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {0FA35699-E8DB-4426-920A-870E862F1177} - System32\Tasks\IntelWiDi-Upgrade-91ba0caa-28a7-4f47-8d08-f71b4b10fbec => C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [19088 2015-06-17] (Intel(R) Software Asset Manager -> Intel Corporation)
Task: {11C87A8F-F4A9-42EF-A8B3-A1E7BA5A59DD} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe /DoConfigureInternetTimeService (No File)
Task: {14CAC4AB-5A0A-4D89-A8F9-370E7AC7156E} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe /OCURActivate (No File)
Task: {1964340B-7D71-4B83-84F6-D851983A0C31} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {1AE83F14-EC89-4438-BB1E-FF0DE83060B6} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\MpCmdRun.exe Scan -ScheduleJob -RestrictPrivileges (No File)
Task: {1D2D8A11-B65E-4E8A-A2B8-E6DA529EE2E5} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {2682C0CF-B3FF-4C76-86A1-DB891528E79F} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {2A5DABA4-ECE8-4C22-9D8C-A4A63AC2ED1F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {2A9AC33A-9E38-4A10-AD6B-17D1D3E2C7E8} - System32\Tasks\CCleanerSkipUAC - Stiburek => C:\Program Files\CCleaner\CCleaner.exe [29211264 2021-08-16] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {2B237057-7542-45B5-96E7-1B970E9CAF88} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412736 2021-09-07] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {2B892DCC-1BA4-48FD-911F-13EA21AE52BF} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe -crl -hms -pscn 15 (No File)
Task: {30BE8161-419D-4E20-96EE-402C41C26C38} - System32\Tasks\eM Client Database Backup => C:\Program Files (x86)\eM Client\DbBackup.exe [139752 2020-05-12] (eM Client, s.r.o. -> ) -> -backup -databasedir "C:\Users\Stiburek\AppData\Roaming\eM Client" -backupdir "C:\Users\Stiburek\Documents\eM Client" -preserve 1 -instanceString "eM_Client_C__Users_Stiburek_AppData_Roaming_eM_Client_" -silence
Task: {33433B27-7384-4AF0-BDEF-17F30FF88DB2} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe --automatic (No File)
Task: {35F6558F-A1E5-4CFE-9061-973C2AA7EA12} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery (No File)
Task: {3890816F-D0BC-4BC6-871C-D52AD537F30A} - System32\Tasks\Bosch - start LockService => sc.exe start LockService
Task: {3A1C3F02-35C2-497E-943A-0C7094A30AFB} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe /DoActivateWindowsSearch (No File)
Task: {3B327D91-538C-452B-8516-95D1A74FEDC1} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee VirusScan\upgrade.exe [4639280 2018-12-02] (McAfee, Inc. -> McAfee, Inc.)
Task: {3D12740C-A789-49D8-83EA-7CAE7D9A2EFA} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1562376 2021-08-16] (Adobe Inc. -> Adobe Inc.)
Task: {3D2B259B-FB70-4F98-85D6-37B898F6F0B6} - System32\Tasks\Cybertron\Privacy Eraser\SkipUAC_Stiburek => C:\Program Files\Cybertron\Privacy Eraser\PrivacyEraser64.exe [8774792 2020-01-15] (Cybertron Software Co., Ltd -> Cybertron Software, Co., Ltd.)
Task: {3E93F79D-DAF8-45D4-B365-5B227451378D} - System32\Tasks\IntelWiDi-Upgrade-91ba0caa-28a7-4f47-8d08-f71b4b10fbec-Logon => C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [19088 2015-06-17] (Intel(R) Software Asset Manager -> Intel Corporation)
Task: {419D12E5-3C36-4ADF-AE81-B1144151BC44} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {42CA1D39-2678-4645-9BB4-4B1D415A343B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [29211264 2021-08-16] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47C2-B62A-B7C4CED925CB}
Task: {51099DF2-3158-42C3-97C1-B834DC8EF33E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-04-18] (Google Inc -> Google Inc.)
Task: {52448A38-D1CB-4996-955B-2E500925A147} - System32\Tasks\Intel\Intel Telemetry 2 => C:\Program Files\Intel\Telemetry 2.0\lrio.exe [1698000 2015-06-05] (Intel(R) Software -> Intel Corporation)
Task: {52569505-D199-4E42-ABE0-D5808F2E7A08} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {59BD86B4-F0F3-47B2-93D4-054A661D3CF5} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A}
Task: {5F213692-A43D-4F04-955E-189B874739B9} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {66CE1E71-71E1-4F7E-AE9F-219EDCDF753F} - System32\Tasks\Opera scheduled Autoupdate 1590389663 => C:\Users\Stiburek\AppData\Local\Programs\Opera\launcher.exe [2265296 2021-11-23] (Opera Software AS -> Opera Software)
Task: {6A5C50EF-4779-4D1F-901D-BEC7E3D34938} - System32\Tasks\HP\HP Hotkey Support\Start QLBController Process => C:\Program Files (x86)\HP\HP Hotkey Support\QLBController.exe (No File)
Task: {6C9410A6-3437-4F9B-93F6-6F5044F8F7F4} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [63448 2021-07-19] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {736C487B-A29B-4400-8C76-9710549EE3DF} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0) (No File)
Task: {872178AE-C5EA-4E0E-9B69-564C37DE9090} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe /DRMInit (No File)
Task: {878024CE-B440-4533-8737-4F40C954EEA2} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe -PvrSchedule (No File)
Task: {92122549-A354-469E-A05C-1365B1C6283B} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0) (No File)
Task: {95650CF9-F4ED-433B-B8AC-66881851B70F} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe -task -source HPSA (No File)
Task: {994A0889-8817-4A66-81CB-6D885D774155} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe /PBDADiscovery (No File)
Task: {9B3F4D5F-A9A6-426B-BA90-E4648FD63715} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe $(Arg0) (No File)
Task: {9B714069-35A9-4A59-9C38-20B8549268A9} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe /RestartRecording (No File)
Task: {9CD6CAD8-B1B0-4511-922E-C6B0302287A3} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {9EA4D557-5788-4B2F-A78D-C5374D670EF8} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {A625326F-ACFA-46FC-86B9-E3A132B73532} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {A668DB62-6CCE-46C9-A952-939BECD4A6D0} - System32\Tasks\Opera scheduled assistant Autoupdate 1590389668 => C:\Users\Stiburek\AppData\Local\Programs\Opera\launcher.exe [2265296 2021-11-23] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\Stiburek\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {A7C1E587-8E49-40DD-9D14-27FF720CFBC1} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [564536 2015-06-24] (Hewlett-Packard Company -> Hewlett-Packard)
Task: {AD6D4334-4535-4E19-AC82-0E81CEE233C5} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {AF059B35-F9EB-4D4C-B7CC-962574041A67} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe /DoReindexSearchRoot (No File)
Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {B134C361-C500-4FA3-8C66-897CB1691C8B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B1C1D097-0AC6-415F-B167-1130737D7829} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {B6A2C0F4-FB8A-467A-A654-287C6B3831E5} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Active Health Launcher => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe -source HPSA (No File)
Task: {BB51BD1C-6531-440B-AD51-0657E38AE6B6} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-08-16] (Piriform Software Ltd -> Piriform)
Task: {BEC01B03-08F0-41A6-99B7-15D0BA8DF17D} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe -pscn 0 (No File)
Task: {C309CEB3-2262-4B4C-BC93-FFA3204B1AF5} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {C47CC823-8907-4F1F-AB90-0FFD94D7E8A8} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-info@cyklosportsr.cz => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508240 2015-08-05] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {CE4AA155-BBBF-4A75-9FEF-55C07962C548} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-04-18] (Google Inc -> Google Inc.)
Task: {CF946A60-001C-4751-AD20-8E0966F9BCFF} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe /L Analysis (No File)
Task: {D28B8AA1-AE52-4CFF-B3D7-B7E9A328F872} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0) (No File)
Task: {DA33A6E9-916F-4D23-B63B-FD4BAADDC319} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1790184 2021-04-30] (Avast Software s.r.o. -> Avast Software)
Task: {DC990DDD-188C-4C8B-BFEB-18A00AB65C07} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {DDB4F745-30BD-4E01-A98E-E509AC6EF240} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0) (No File)
Task: {DEBBC39D-B056-4323-B44D-C551065865FE} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {DF21125F-0536-409C-BDE1-2C98319F9624} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -PvrRecoveryTask (No File)
Task: {E0370386-9F58-4CAC-8A38-696C6E8D61CC} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {E6823AB9-645E-43AE-BECE-1FBA1D49A97B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe /taskrestart (No File)
Task: {E7A3616E-A209-4F0A-9E8E-B05E08747428} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery (No File)
Task: {EAED1FB7-E468-45A9-9872-49D64C6E464D} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {EC3D94A3-935F-4295-9CFD-83690F821649} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {EF2E43E9-ED35-482C-AF44-0331FB1D9384} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -MediaCenterRecoveryTask (No File)
Task: {F21D4D7D-9DE8-4AAD-B5A8-41DCCE92D012} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [694256 2021-03-17] (Mozilla Corporation -> Mozilla Foundation)
Task: {F81CA0EE-6BE5-403A-AEC2-9D09ACDF9146} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F95B1EDF-820A-4683-86BB-0263407DABB8} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -ObjectStoreRecoveryTask (No File)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: 127.0.0.1 activate.adobe.com
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{b5ec9f8b-5e91-48e7-80c1-49e5936df0ef}: [DhcpNameServer] 192.168.1.1

Edge:
=======
DownloadDir: C:\Users\Stiburek\Downloads
Edge HomeButtonPage: HKU\S-1-5-21-3736271558-2664885646-4274364148-1001 -> hxxp://www.cyklosportsr.cz/
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\Stiburek\AppData\Local\Microsoft\Edge\User Data\Default [2021-11-26]
Edge DownloadDir: Default -> C:\Users\Stiburek\Downloads
Edge HomePage: Default -> hxxp://www.cyklosportsr.cz/

FireFox:
========
FF DefaultProfile: 4liywnbz.default
FF ProfilePath: C:\Users\Stiburek\AppData\Roaming\Mozilla\Firefox\Profiles\4liywnbz.default [2021-11-24]
FF NetworkProxy: Mozilla\Firefox\Profiles\4liywnbz.default -> http", "89.248.244.182"
FF HKLM-x32\...\Firefox\Extensions: [dpmaxz_ng@jetpack] - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\dpchrome
FF Extension: (HP Client Security Manager) - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\dpchrome [2015-11-10] [Legacy] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2017-10-07] [Legacy] [not signed]
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-08-06] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-08-24] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-08-24] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll [2015-09-24] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-10-05] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-08-06] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: digitalpersona.com/ChromeDPAgent -> c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\components\npChromeDPAgent.dll [2015-07-22] (DigitalPersona, Inc. -> DigitalPersona, Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Stiburek\AppData\Local\Google\Chrome\User Data\Default [2021-11-29]
CHR Notifications: Default -> hxxps://app.plus500.com; hxxps://calendar.google.com; hxxps://cs.duolingo.com; hxxps://phocs.ru; hxxps://talk.youradio.cz; hxxps://www.duolingo.com; hxxps://www.hanziwork.cz; hxxps://www.instagram.com; hxxps://www.seduo.cz
CHR HomePage: Default -> hxxp://www.cyklosportsr.cz/
CHR StartupUrls: Default -> "hxxp://www.cyklosportsr.cz/"
CHR NewTab: Default -> Not-active:"chrome-extension://bhloflhklmhfpedakmangadcdofhnnoh/index.html", Not-active:"chrome-extension://cocjcidknhpoeipkjfkhfjbhicgdmhaj/newtab/newtab.html"
CHR Extension: (Learn English - Beelingo.com) - C:\Users\Stiburek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aeefohgoiafgjjpihnoeofgijggpbmmf [2016-04-18]
CHR Extension: (Duolingo on the Web) - C:\Users\Stiburek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiahmijlpehemcpleichkcokhegllfjl [2016-04-18]
CHR Extension: (Dokumenty) - C:\Users\Stiburek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-12]
CHR Extension: (Disk Google) - C:\Users\Stiburek\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-26]
CHR Extension: (Earth View from Google Earth) - C:\Users\Stiburek\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhloflhklmhfpedakmangadcdofhnnoh [2020-09-18]
CHR Extension: (YouTube) - C:\Users\Stiburek\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-04-18]
CHR Extension: (Vocabla - budovat svou slovní zásobu) - C:\Users\Stiburek\AppData\Local\Google\Chrome\User Data\Default\Extensions\cdnfmoippfkddcakmbeaglgjcfcfcfmk [2016-04-18]
CHR Extension: (uBlock Origin) - C:\Users\Stiburek\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2021-10-17]
CHR Extension: (Alexa Traffic Rank) - C:\Users\Stiburek\AppData\Local\Google\Chrome\User Data\Default\Extensions\cknebhggccemgcnbidipinkifmmegdel [2021-11-29]
CHR Extension: (MagicScroll Web Reader) - C:\Users\Stiburek\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecldhagehndokdmaiaigoaecbmbnmfkc [2021-03-14]
CHR Extension: (I don't care about cookies) - C:\Users\Stiburek\AppData\Local\Google\Chrome\User Data\Default\Extensions\fihnjjcciajhdojfnbdddfaoknhalnja [2021-10-31]
CHR Extension: (Dokumenty Google offline) - C:\Users\Stiburek\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-10-22]
CHR Extension: (Open SEO Stats(Formerly: PageRank Status)) - C:\Users\Stiburek\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbdkkfheckcdppiaiabobmennhijkknn [2021-03-10]
CHR Extension: (AB Blocker) - C:\Users\Stiburek\AppData\Local\Google\Chrome\User Data\Default\Extensions\hneamlikkijedhidoagchnpcnibffhac [2017-05-19]
CHR Extension: (Webcam Toy) - C:\Users\Stiburek\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfbgimoladefibpklnfmkpknadbklade [2018-06-18]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Stiburek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-04]
CHR Extension: (Prohlížeč dokumentů ve formátu PDF/PowerPoint (od společnosti Google)) - C:\Users\Stiburek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnbmlagghjjcbdhgmkedmbmedengocbn [2016-10-13]
CHR Extension: (Learn English) - C:\Users\Stiburek\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogeblbgokjljbcoipfmbphbmcdbbnfjc [2016-04-18]
CHR Extension: (Gmail) - C:\Users\Stiburek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-26]
CHR Profile: C:\Users\Stiburek\AppData\Local\Google\Chrome\User Data\Guest Profile [2021-08-18]
CHR Profile: C:\Users\Stiburek\AppData\Local\Google\Chrome\User Data\System Profile [2021-08-18]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [ncffjdbbodifgldkcbhmiiljfcnbgjab] - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\dpchrome.crx [2015-07-22]

Opera:
=======
OPR Profile: C:\Users\Stiburek\AppData\Roaming\Opera Software\Opera Stable [2021-10-26]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=o ... utEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\Stiburek\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2021-10-26]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\Stiburek\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2021-10-26]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-08-16] (Adobe Inc. -> Adobe Inc.)
S2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3833088 2021-09-07] (Adobe Inc. -> Adobe Systems, Incorporated)
S2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3603200 2021-09-07] (Adobe Inc. -> Adobe Systems, Incorporated)
S2 BoschDevNodeService; C:\Program Files (x86)\Bosch eBike Diagnostic Software\BoschDevNodeCleanService64.exe [350720 2020-10-05] (Robert Bosch GmbH) [File not signed]
R2 DpHost; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [502232 2015-07-28] (DigitalPersona, Inc. -> DigitalPersona, Inc.)
S2 fpCsEvtSvc; C:\WINDOWS\System32\fpCSEvtSvc.exe [22424 2019-05-05] (Microsoft Windows Hardware Compatibility Publisher -> )
R2 HotKeyServiceUWP; C:\WINDOWS\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_ddd78e0f8226b40b\HotKeyServiceUWP.exe [1596504 2021-06-16] (HP Inc. -> HP Inc.)
R2 HPSupportSolutionsFrameworkService; c:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [24888 2015-07-11] (Hewlett-Packard Company -> Hewlett-Packard Company)
S3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-07-06] (Intel Corporation) [File not signed]
S3 Intel(R) WiDi SAM; C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [19088 2015-06-17] (Intel(R) Software Asset Manager -> Intel Corporation)
S2 IntelUSBoverIP; C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe [395744 2015-01-14] (Intel(R) Wireless Display -> Intel)
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-07-06] () [File not signed]
R2 LanWlanWwanSwitchingServiceUWP; C:\WINDOWS\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_ddd78e0f8226b40b\LanWlanWwanSwitchingServiceUWP.exe [788576 2021-06-16] (HP Inc. -> HP Inc.)
S2 LockService; C:\Program Files (x86)\Bosch eBike Diagnostic Software\prunsrv\amd64\prunsrv.exe [109696 2020-10-05] (CodeSigning for The Apache Software Foundation -> Apache Software Foundation)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6562472 2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
R2 MSSQL$DUEL; c:\Program Files\Microsoft SQL Server\MSSQL10_50.DUEL\MSSQL\Binn\sqlservr.exe [62382256 2015-03-30] (Microsoft Corporation -> Microsoft Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6103464 2021-11-11] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 SQLAgent$DUEL; c:\Program Files\Microsoft SQL Server\MSSQL10_50.DUEL\MSSQL\Binn\SQLAGENT.EXE [442536 2015-03-30] (Microsoft Corporation -> Microsoft Corporation)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
S2 TrueKey; C:\Program Files\McAfee\TrueKey\McAfee.TrueKey.Service.exe [421432 2019-03-09] (McAfee, Inc. -> McAfee, LLC.)
S2 TrueKeyScheduler; C:\Program Files\McAfee\TrueKey\McTkSchedulerService.exe [421432 2019-03-09] (McAfee, Inc. -> McAfee, LLC.)
S2 TrueKeyServiceHelper; C:\Program Files\McAfee\TrueKey\McAfee.TrueKey.ServiceHelper.exe [194168 2019-03-09] (McAfee, Inc. -> McAfee, LLC.)
S2 valWBFPolicyService; C:\WINDOWS\System32\valWBFPolicyService.exe [91032 2019-05-05] (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\NisSrv.exe [2872024 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MsMpEng.exe [128376 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 hidemi; C:\WINDOWS\system32\drivers\hidemi.sys [29024 2015-07-06] (Microchip Technology Inc. -> Microchip)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2019-02-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 mchpemi; C:\WINDOWS\system32\drivers\mchpemi.sys [37728 2015-07-06] (Microchip Technology Inc. -> Microchip)
S3 MosIrUsb; C:\WINDOWS\System32\drivers\MosIrUsb.sys [27648 2007-10-11] (Microsoft Windows Hardware Compatibility Publisher -> )
S4 RsFx0153; C:\WINDOWS\System32\DRIVERS\RsFx0153.sys [322736 2015-03-30] (Microsoft Corporation -> Microsoft Corporation)
S3 SPUVCbv; C:\WINDOWS\System32\Drivers\SPUVCbv64.sys [1063520 2017-02-23] (SUNPLUS INNOVATION TECHNOLOGY INC. -> Sunplus Innovation Technology Inc.)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 usb3Hub; C:\WINDOWS\System32\drivers\usb3Hub.sys [212056 2015-01-14] (Intel(R) Wireless Display -> Windows (R) Win 7 DDK provider)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48520 2021-11-03] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [435424 2021-11-03] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [86240 2021-11-03] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [35392 2020-06-08] (HP Inc. -> HP)
U3 idsvc; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-11-29 11:04 - 2021-11-29 11:04 - 000038415 _____ C:\Users\Stiburek\Desktop\FRST.txt
2021-11-29 11:03 - 2021-11-29 11:04 - 000000000 ____D C:\FRST
2021-11-29 10:59 - 2021-11-29 10:59 - 002311680 _____ (Farbar) C:\Users\Stiburek\Desktop\FRST64.exe
2021-11-29 10:30 - 2021-11-29 10:30 - 103022592 _____ C:\WINDOWS\system32\config\SOFTWARE
2021-11-29 09:40 - 2021-11-29 09:40 - 008540344 _____ (Malwarebytes) C:\Users\Stiburek\Desktop\adwcleaner_8.3.1.exe
2021-11-27 06:29 - 2021-11-27 06:29 - 000000000 ____D C:\Users\Stiburek\AppData\Local\AMD_Common
2021-11-26 21:48 - 2021-11-26 21:48 - 000146850 _____ C:\Users\Stiburek\Desktop\OckovaciCertifikat.pdf
2021-11-11 19:55 - 2021-11-11 19:55 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2021-11-11 19:55 - 2021-11-11 19:55 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2021-11-11 19:55 - 2021-11-11 19:55 - 000011363 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-11-11 19:54 - 2021-11-11 19:54 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe
2021-11-11 19:46 - 2021-11-11 19:46 - 000000000 ___HD C:\$WinREAgent
2021-11-03 09:32 - 2021-11-03 09:32 - 000003160 _____ C:\WINDOWS\system32\Tasks\StartCN
2021-11-03 09:32 - 2021-11-03 09:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Settings
2021-11-03 09:29 - 2021-11-03 09:29 - 000000000 ____D C:\WINDOWS\system32\AMD
2021-11-03 09:28 - 2021-07-29 06:13 - 001857920 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2021-11-03 09:28 - 2021-07-29 06:13 - 001857920 _____ C:\WINDOWS\system32\vulkaninfo.exe
2021-11-03 09:28 - 2021-07-29 06:13 - 001438608 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2021-11-03 09:28 - 2021-07-29 06:13 - 001438608 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2021-11-03 09:28 - 2021-07-29 06:13 - 001093168 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2021-11-03 09:28 - 2021-07-29 06:13 - 001093168 _____ C:\WINDOWS\system32\vulkan-1.dll
2021-11-03 09:28 - 2021-07-29 06:13 - 000946328 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2021-11-03 09:28 - 2021-07-29 06:13 - 000946328 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2021-11-03 09:28 - 2021-07-29 06:12 - 001593240 _____ (AMD) C:\WINDOWS\system32\coinst_21.09.dll
2021-11-03 09:28 - 2021-07-29 06:12 - 001331600 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll
2021-11-03 09:28 - 2021-07-29 06:12 - 000019312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\detoured.dll
2021-11-03 09:28 - 2021-07-29 06:12 - 000019312 _____ (Microsoft Corporation) C:\WINDOWS\system32\detoured.dll
2021-11-03 09:28 - 2021-07-29 06:11 - 001536920 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiacm64.dll
2021-11-03 09:28 - 2021-07-29 06:11 - 000130968 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2021-11-03 09:28 - 2021-07-29 05:19 - 000128048 _____ C:\WINDOWS\system32\kapp_ci.sbin
2021-11-03 09:28 - 2021-07-29 05:19 - 000076237 _____ C:\WINDOWS\system32\AMDKernelEvents.man
2021-11-03 09:28 - 2021-07-29 05:19 - 000012344 _____ C:\WINDOWS\system32\brandingWS_RSX.bmp
2021-11-03 09:28 - 2021-07-29 05:19 - 000012344 _____ C:\WINDOWS\system32\brandingRSX.bmp
2021-11-03 09:28 - 2021-07-29 05:19 - 000011014 _____ C:\WINDOWS\system32\atiacmLocalisation.ini
2021-11-03 09:28 - 2021-07-29 05:19 - 000000822 _____ C:\WINDOWS\system32\branding.bmp
2021-11-02 08:18 - 2021-11-02 08:18 - 002399916 _____ C:\Users\Stiburek\Downloads\catalog_2019_11_cs.pdf

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-11-29 11:00 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-11-29 10:55 - 2016-05-03 06:03 - 000000000 ____D C:\Users\Stiburek\AppData\Roaming\eM Client
2021-11-29 10:37 - 2020-08-25 19:10 - 001876258 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-11-29 10:37 - 2019-12-07 15:43 - 000783122 _____ C:\WINDOWS\system32\perfh005.dat
2021-11-29 10:37 - 2019-12-07 15:43 - 000172820 _____ C:\WINDOWS\system32\perfc005.dat
2021-11-29 10:37 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-11-29 10:33 - 2016-04-18 16:20 - 000000000 ____D C:\Program Files (x86)\Google
2021-11-29 10:32 - 2019-01-14 10:43 - 000000000 ____D C:\Program Files\CCleaner
2021-11-29 10:31 - 2016-04-15 11:51 - 000000000 __SHD C:\Users\Stiburek\IntelGraphicsProfiles
2021-11-29 10:30 - 2020-08-25 19:07 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-11-29 10:30 - 2020-08-25 18:56 - 000008192 ___SH C:\DumpStack.log.tmp
2021-11-29 10:30 - 2020-08-23 07:36 - 000000000 ____D C:\ProgramData\ssh
2021-11-29 10:30 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-11-29 10:30 - 2018-04-02 05:38 - 000000000 ____D C:\WINDOWS\Microsoft Antimalware
2021-11-29 10:30 - 2017-06-14 05:23 - 000000000 ____D C:\ProgramData\Synaptics
2021-11-29 10:30 - 2015-11-10 07:11 - 000000000 ____D C:\Intel
2021-11-29 10:25 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-11-29 10:01 - 2019-10-03 17:33 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2021-11-29 09:59 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-11-29 09:30 - 2020-08-25 18:57 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-11-29 06:16 - 2016-06-18 23:03 - 000000000 ____D C:\Users\Stiburek\AppData\Local\Adobe
2021-11-27 19:01 - 2019-09-06 07:23 - 000000000 ____D C:\twitter
2021-11-25 21:16 - 2020-08-25 19:07 - 000004218 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1590389663
2021-11-25 21:16 - 2020-05-25 07:54 - 000001469 _____ C:\Users\Stiburek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2021-11-25 06:00 - 2020-06-12 21:08 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-11-25 06:00 - 2020-06-12 21:08 - 000002281 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-11-25 06:00 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-11-22 09:27 - 2019-09-13 07:59 - 000000000 ____D C:\motorky
2021-11-19 17:31 - 2018-07-10 20:43 - 000000000 ____D C:\ProgramData\Packages
2021-11-19 11:12 - 2016-04-18 16:21 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-11-19 11:12 - 2016-04-18 16:21 - 000002267 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-11-18 08:48 - 2020-08-25 19:07 - 000003382 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3736271558-2664885646-4274364148-1001
2021-11-18 08:48 - 2020-08-23 07:48 - 000002441 _____ C:\Users\Stiburek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-11-18 06:16 - 2020-10-30 20:06 - 000003490 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6aeef8b3f177f
2021-11-18 06:16 - 2020-08-25 19:07 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-11-13 06:09 - 2021-01-15 05:59 - 000000000 ____D C:\Users\Stiburek\AppData\Local\cache
2021-11-13 06:02 - 2020-08-25 18:56 - 005068928 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-11-13 06:00 - 2019-12-07 15:47 - 000000000 ___SD C:\WINDOWS\system32\AppV
2021-11-13 06:00 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-11-13 06:00 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-11-13 06:00 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-11-13 06:00 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-11-13 06:00 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-11-13 06:00 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-11-13 06:00 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-11-13 06:00 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-11-13 06:00 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-11-13 06:00 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2021-11-13 06:00 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-11-13 06:00 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-11-13 06:00 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2021-11-11 19:58 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-11-11 19:44 - 2016-04-15 16:15 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-11-11 19:41 - 2016-04-15 16:15 - 141529560 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-11-10 18:47 - 2016-10-23 19:18 - 000000000 ____D C:\Users\Stiburek\AppData\Local\PokerStars.CZ
2021-11-07 12:58 - 2019-06-08 11:09 - 000515816 _____ C:\UkLog.dat
2021-11-07 11:43 - 2017-11-03 06:16 - 000000000 ____D C:\Photoshop
2021-11-03 23:57 - 2018-05-29 08:29 - 000000000 ____D C:\Users\Stiburek\AppData\Local\D3DSCache
2021-11-03 20:19 - 2016-05-19 06:29 - 000000000 ____D C:\Users\Stiburek\Documents\eM Client
2021-11-03 09:32 - 2017-06-14 05:23 - 000000000 ____D C:\Program Files\AMD
2021-11-03 09:16 - 2018-02-24 23:02 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-11-02 19:05 - 2016-04-20 21:28 - 000000128 _____ C:\Users\Stiburek\AppData\Roaming\winscp.rnd

==================== Files in the root of some directories ========

2017-09-22 10:21 - 2021-08-06 07:58 - 000000132 _____ () C:\Users\Stiburek\AppData\Roaming\Adobe Formát PNG CS5 – předvolby
2016-04-20 21:28 - 2021-11-02 19:05 - 000000128 _____ () C:\Users\Stiburek\AppData\Roaming\winscp.rnd
2019-03-20 05:48 - 2019-03-20 05:48 - 000000000 _____ () C:\Users\Stiburek\AppData\Local\oobelibMkey.log
2017-09-18 05:01 - 2017-09-18 05:01 - 000013237 _____ () C:\Users\Stiburek\AppData\Local\recently-used.xbel
2019-05-16 17:07 - 2019-05-16 17:07 - 000000017 _____ () C:\Users\Stiburek\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-11-2021
Ran by Stiburek (29-11-2021 11:05:57)
Running from C:\Users\Stiburek\Desktop
Microsoft Windows 10 Pro Version 21H1 19043.1348 (X64) (2020-08-25 18:08:13)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-3736271558-2664885646-4274364148-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3736271558-2664885646-4274364148-503 - Limited - Disabled)
DevToolsUser (S-1-5-21-3736271558-2664885646-4274364148-1010 - Limited - Enabled) => C:\Users\DevToolsUser
Guest (S-1-5-21-3736271558-2664885646-4274364148-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3736271558-2664885646-4274364148-1002 - Limited - Enabled)
sshd (S-1-5-21-3736271558-2664885646-4274364148-1008 - Limited - Enabled)
Stiburek (S-1-5-21-3736271558-2664885646-4274364148-1001 - Administrator - Enabled) => C:\Users\Stiburek
WDAGUtilityAccount (S-1-5-21-3736271558-2664885646-4274364148-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 21.007.20099 - Adobe Systems Incorporated)
Adobe Acrobat X Pro - Eastern European (Group 1) (HKLM-x32\...\{AC76BA86-1029-4770-7760-000000000005}) (Version: 10.1.16 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.5.1.17730 - Adobe Systems Inc.)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.4.980 - Adobe Systems Incorporated.)
Adobe Creative Suite 5.5 Master Collection (HKLM-x32\...\{D57FC112-312E-4D70-860F-2DB8FB6858F0}) (Version: 5.5 - Adobe Systems Incorporated)
Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version: - Adobe)
AMD Catalyst Install Manager (HKLM\...\{57C30EBD-C09A-70DE-F7BE-7227EEAC38EC}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AMD Settings (HKLM\...\WUCCCApp) (Version: 2021.0719.0453.8802 - Advanced Micro Devices, Inc.)
Aplikace Intel® PROSet/Wireless (HKLM-x32\...\{f8c930bd-0a68-425f-8c11-87723d1e2c97}) (Version: 20.90.0 - Intel Corporation)
Apowersoft Online Launcher verze 1.4.5 (HKU\S-1-5-21-3736271558-2664885646-4274364148-1001\...\{20BF67A8-D81A-4489-8225-FABAA0896E2D}_is1) (Version: 1.4.5 - APOWERSOFT LIMITED)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Bosch DiagnosticTool 7.5.1.0.0 (HKLM-x32\...\{5A71D203-4F1E-4D9D-8EB4-0C652328D7FB}_is1) (Version: 7.5.1.0.0 - Robert Bosch GmbH)
Bosch eBike Diagnostic Software Compatibility Layer 1.0 (HKLM-x32\...\Bosch eBike Diagnostic Software Compatibility Layer 1.0) (Version: 1.0.0.0 - Robert Bosch GmbH)
CCleaner (HKLM\...\CCleaner) (Version: 5.84 - Piriform)
eM Client (HKLM-x32\...\{5CD40FFB-B38B-4A95-B277-78387D8DBC6C}) (Version: 7.2.40748.0 - eM Client Inc.)
Energy Star (HKLM\...\{465CA2B6-98AF-4E77-BE22-A908C34BB9EC}) (Version: 1.0.9 - Hewlett-Packard Company)
GDR 4042 for SQL Server 2008 R2 (KB3045313) (64-bit) (HKLM\...\KB3045313) (Version: 10.52.4042.0 - Microsoft Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 96.0.4664.45 - Google LLC)
HP Client Security Manager (HKLM\...\HPProtectTools) (Version: 8.3.15.2026 - Hewlett-Packard Company)
HP Connection Manager (HKLM-x32\...\{DD36B764-6476-4F00-BC61-9BA9BFF76FA6}) (Version: 5.0.6.1 - Hewlett-Packard Company)
HP Documentation (HKLM-x32\...\{FC34BD4D-4FD6-4E43-9879-EB6CC2002A59}) (Version: 1.0.0.1 - Hewlett-Packard)
HP ESU for Microsoft Windows 10 (HKLM-x32\...\{2CDA0D13-ED4D-4E66-B920-9AE696F9992E}) (Version: 1.1.1 - Hewlett-Packard Company)
HP ESU for Microsoft Windows 7 (HKLM-x32\...\{A5760B8B-AC5F-4221-B905-9926DEF26632}) (Version: 2.8.1 - Hewlett-Packard Company)
HP Setup (HKLM-x32\...\{438363A8-F486-4C37-834C-4955773CB3D3}) (Version: 9.1.15453.4066 - Hewlett-Packard Company)
HP SoftPaq Download Manager (HKLM-x32\...\{757cc2cc-5fed-43e4-b813-2bda78353297}) (Version: 4.2.4.0 - HP)
HP Software Setup (HKLM-x32\...\{83421C73-4679-40F0-B590-20846CB893E0}) (Version: 9.0.1 - HP)
HP Support Solutions Framework (HKLM-x32\...\{D7D5F438-26EF-45AB-AB89-C476FBCF8584}) (Version: 12.0.26.62 - Hewlett-Packard Company)
HP System Default Settings (HKLM-x32\...\{FF94262A-A307-4D6A-AD8A-9D814A93E344}) (Version: 3.1.1 - HP)
HP Universal Camera Driver (HKLM-x32\...\{8B204728-0D90-48BE-97C0-BBEDDFDFA83C}) (Version: 3.5.8.10 - SunplusIT)
IconConverter 2.0 (HKLM-x32\...\IconConverter_is1) (Version: - Weissoft)
Intel(R) Chipset Device Software (HKLM-x32\...\{c7f54569-0018-439c-809a-48046a4d4ebc}) (Version: 10.1.1.9 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1177 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.6.1.1030 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 4.0.0.36 - Intel Corporation)
Intel(R) WiDi (HKLM\...\{C7CD6D54-26AF-4D93-B06F-D81ACE8624CB}) (Version: 6.0.40.0 - Intel Corporation)
Intel(R) WiDi Software Asset Manager (HKLM-x32\...\{5B5CD20C-29F0-4857-A4FA-A4F4C716B019}) (Version: 1.1.347 - Intel Corporation) Hidden
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{D5DC1131-9CD2-4DC8-8819-358405827A4B}) (Version: 17.1.1532.1814 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{3D45BD48-F215-4C69-B23F-256C83D1D7F0}) (Version: 1.0.0.534 - Intel Corporation)
Kontrola stavu osobního počítače s Windows (HKLM\...\{88EC8D4A-54AB-4A7F-BDE9-4AD906D9D11F}) (Version: 3.2.2110.14001 - Microsoft Corporation)
Kontrola stavu osobního počítače s Windows (HKLM\...\{D18FE9D2-2F54-4C68-A2DE-A59D4A80A9BC}) (Version: 3.1.2109.29003 - Microsoft Corporation)
LibreOffice 6.2.8.2 (HKLM\...\{27A53987-88CB-4E92-8D62-A5AB458ACD14}) (Version: 6.2.8.2 - The Document Foundation)
Malwarebytes verze 3.7.1.2839 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.7.1.2839 - Malwarebytes)
McAfee True Key (HKLM\...\TrueKey) (Version: 5.3.138.1 - McAfee, LLC)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 96.0.1054.34 - Microsoft Corporation)
Microsoft Office Access database engine 2007 (English) (HKLM-x32\...\{90120000-00D1-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3736271558-2664885646-4274364148-1001\...\OneDriveSetup.exe) (Version: 21.220.1024.0005 - Microsoft Corporation)
Microsoft SQL Server 2005 Backward compatibility (HKLM\...\{8909B8A7-CEAB-4772-BF29-1892C4E6603B}) (Version: 8.05.2309 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 (64-bit) (HKLM\...\Microsoft SQL Server 2008 R2) (Version: - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Native Client (HKLM\...\{49860BCD-24D6-44C1-922E-AC12FE32234E}) (Version: 10.52.4042.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Setup (English) (HKLM\...\{B2213E4E-F502-4D36-BE95-9293C866EF3F}) (Version: 10.52.4042.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files (HKLM\...\{B40EE88B-400A-4266-A17B-E3DE64E94431}) (Version: 10.1.2731.0 - Microsoft Corporation)
Microsoft SQL Server Browser (HKLM-x32\...\{BF9BF038-FE03-429D-9B26-2FA0FD756052}) (Version: 10.52.4000.0 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{288D79EE-A2D1-42AF-9597-B0ADCC23A8ED}) (Version: 10.52.4000.0 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{99AC7F47-A4E0-4706-9C65-8948775C2652}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{29B15818-E79F-4AB0-8938-9410C807AD76}) (Version: 2.84.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.14.26429 (HKLM-x32\...\{80586c77-db42-44bb-bfc8-7aebbb220c00}) (Version: 14.14.26429.4 - Microsoft Corporation)
Movavi Video Editor 15 Business (HKU\S-1-5-21-3736271558-2664885646-4274364148-1001\...\Movavi Video Editor 15 Business) (Version: 15.4.0 - Movavi)
Mozilla Firefox 86.0.1 (x64 cs) (HKLM\...\Mozilla Firefox 86.0.1 (x64 cs)) (Version: 86.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 60.6.1 - Mozilla)
Mozilla Thunderbird 60.6.1 (x86 cs) (HKLM-x32\...\Mozilla Thunderbird 60.6.1 (x86 cs)) (Version: 60.6.1 - Mozilla)
OEM Application Profile (HKLM-x32\...\{D9559CE2-9C58-F414-43EA-F908FEA13BB8}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
opensource (HKLM-x32\...\{3677D4D8-E5E0-49FC-B86E-06541CF00BBE}) (Version: 1.0.14960.3876 - Your Company Name) Hidden
Opera Stable 81.0.4196.60 (HKU\S-1-5-21-3736271558-2664885646-4274364148-1001\...\Opera 81.0.4196.60) (Version: 81.0.4196.60 - Opera Software)
PDF Settings CS5 (HKLM-x32\...\{A78FE97A-C0C8-49CE-89D0-EDD524A17392}) (Version: 10.0 - Adobe Systems Incorporated) Hidden
PokerStars.eu (HKLM-x32\...\PokerStars.eu) (Version: - PokerStars.eu)
Privacy Eraser (HKLM\...\{CB5AC03C-B8AD-980F-998E-51969A6DFC9F}_is1) (Version: 4.58.5.3366 - Cybertron Software Co., Ltd.)
PSPad editor (HKLM-x32\...\PSPad editor_is1) (Version: 4.6.0.2700 - Jan Fiala)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.370.95 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.94.723.2015 - Realtek)
Samsung Data Migration (HKLM-x32\...\{3B304604-0BF5-488E-AB95-F2F2E31206F3}) (Version: 3.0 - Samsung)
Service Pack 2 for SQL Server 2008 R2 (KB2630458) (64-bit) (HKLM\...\KB2630458) (Version: 10.52.4000.0 - Microsoft Corporation)
SQL Server 2008 R2 SP2 Common Files (HKLM\...\{234F6B0D-10AE-4BB7-B2F3-E48D4861952D}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Common Files (HKLM\...\{36F70DEE-1EBF-4707-AFA2-E035EEAEBAA1}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Database Engine Services (HKLM\...\{FA7394B8-CE65-4F9E-AC99-F372AD365424}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Database Engine Services (HKLM\...\{FBD367D1-642F-47CF-B79B-9BE48FB34007}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Database Engine Shared (HKLM\...\{A2122A9C-A699-4365-ADF8-68FEAC125D61}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
SQL Server 2008 R2 SP2 Database Engine Shared (HKLM\...\{C942A025-A840-4BF2-8987-849C0DD44574}) (Version: 10.52.4000.0 - Microsoft Corporation) Hidden
Sql Server Customer Experience Improvement Program (HKLM\...\{F31183CF-E10F-4DE1-BB59-6C0FF38E481E}) (Version: 10.50.1600.1 - Microsoft Corporation) Hidden
STORMWARE PDF Printer 10.1.0.1871 (HKLM\...\STORMWARE PDF Printer_is1) (Version: 10.1.0.1871 - STORMWARE)
STORMWARE POHODA Start CZ (HKLM-x32\...\{6531FE3F-206A-4683-BA0A-3AC2CD746021}) (Version: 11500.110 - STORMWARE)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.19.70 - Synaptics Incorporated)
Synaptics WBF Fingerprint Reader (HKLM\...\{B9151DD5-DAFE-494E-AA1F-C351D5FD9E9B}) (Version: 4.5.321.0 - Synaptics)
Total Commander (Remove or Repair) (HKLM-x32\...\Totalcmd) (Version: 7.56a - Ghisler Software GmbH)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
WinRAR 4.20 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
WinSCP 5.19.2 (HKLM-x32\...\winscp3_is1) (Version: 5.19.2 - Martin Prikryl)

Packages:
=========
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-06] (Autodesk Inc.)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.10.188.0_x64__rz1tebttyb220 [2021-10-13] (Dolby Laboratories)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-09-07] (Microsoft Corporation)
Doplněk pro Fotky -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-03-13] (Microsoft Corporation)
Facebook -> C:\Program Files\WindowsApps\FACEBOOK.FACEBOOK_2021.927.1.0_neutral__8xx8rvfyw5nnt [2021-09-29] (Facebook Inc)
HP System Information -> C:\Program Files\WindowsApps\AD2F1837.HPSystemInformation_7.0.18.0_x64__v10z8vjag6ke6 [2020-09-19] (HP Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-18] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-18] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.10.10270.0_x64__8wekyb3d8bbwe [2021-10-30] (Microsoft Studios) [MS Ad]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.97.752.0_x64__mcm4njqhnhss8 [2020-07-15] (Netflix, Inc.)
Royal Revolt 2 -> C:\Program Files\WindowsApps\flaregamesGmbH.RoyalRevolt2_7.4.0.0_x86__g0q0z3kw54rap [2021-11-17] (flaregames GmbH)
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.TWITTER_7.0.1.0_neutral__wgeqdkkx372wm [2021-06-11] (Twitter Inc.)
VLC -> C:\Program Files\WindowsApps\VideoLAN.VLC_3.2.1.0_x64__paz6r1rewnh0a [2019-12-26] (VideoLAN)
WindowsDVDPlayer -> C:\Program Files\WindowsApps\Microsoft.WindowsDVDPlayer_3.6.13291.0_x64__8wekyb3d8bbwe [2016-04-17] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3736271558-2664885646-4274364148-1001_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6} -> [OneDrive - Personal] => {a52bba46-e9e1-435f-b3d9-28daa648c0f6}
CustomCLSID: HKU\S-1-5-21-3736271558-2664885646-4274364148-1001_Classes\CLSID\{ED90173A-3B4C-4E7E-B9CF-79714425D4B5}\InprocServer32 -> C:\Program Files (x86)\PSPad editor\pspshellx64.dll () [File not signed]
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat Elements\ContextMenu64.dll [2015-09-24] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2012-06-09] (Alexander Roshal) [File not signed]
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2012-06-09] (Alexander Roshal) [File not signed]
ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => -> No File
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_e6daaea9afe1e6f6\igfxDTCM.dll [2020-11-11] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat Elements\ContextMenu64.dll [2015-09-24] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2012-06-09] (Alexander Roshal) [File not signed]
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2012-06-09] (Alexander Roshal) [File not signed]
ContextMenuHandlers1_S-1-5-21-3736271558-2664885646-4274364148-1001: [EditWithPSPad] -> {ED90173A-3B4C-4E7E-B9CF-79714425D4B5} => C:\Program Files (x86)\PSPad editor\pspshellx64.dll [2014-11-02] () [File not signed]

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2019-09-11 16:34 - 2019-09-11 16:34 - 093837312 _____ () [File not signed] C:\Program Files (x86)\eM Client\libcef\libcef.dll
2016-04-20 23:03 - 2014-11-02 17:45 - 000029184 _____ () [File not signed] C:\Program Files (x86)\PSPad editor\pspshellx64.dll
2020-08-14 17:52 - 2020-08-14 17:52 - 000017920 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.dll
2020-08-14 17:52 - 2020-08-14 17:52 - 003567616 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2021-10-19 22:09 - 2021-10-19 22:09 - 001071104 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\HTMLEditorControl\22eda06af850b248c48eb70836afcb50\HTMLEditorControl.ni.dll
2021-10-19 22:08 - 2021-10-19 22:08 - 000578048 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\LinqBridge\62d6294c413a8114acfcbbd57dc935bb\LinqBridge.ni.dll
2021-10-19 22:09 - 2021-10-19 22:09 - 000167424 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\MailClient.1d52ed9e#\89b1148dabcd95780abb6a72e9153626\MailClient.Collections.ni.dll
2021-10-19 22:09 - 2021-10-19 22:09 - 000663040 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\MailClient.1fd7a4e5#\224f7e2337684f442a2ecf24e43e10c5\MailClient.Storage.Mail.ni.dll
2021-10-19 22:09 - 2021-10-19 22:09 - 000030720 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\MailClient.1fe73d22#\b9e3ab66377d83d17e0ce5ef94b13eaa\MailClient.Storage.Rule.ni.dll
2021-10-19 22:09 - 2021-10-19 22:09 - 000081408 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\MailClient.2d2de33e#\23a4f94c4099dd4cce80e02c4c55aadb\MailClient.HtmlConversion.ni.dll
2021-10-19 22:09 - 2021-10-19 22:09 - 000036864 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\MailClient.319ca19c#\07c514a0892dd2a693df805aead99740\MailClient.Storage.Template.ni.dll
2021-10-19 22:09 - 2021-10-19 22:09 - 000075264 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\MailClient.348c65cc#\49f174023c8cef4000ab1fcdd5bc1737\MailClient.Protocols.Pop3.ni.dll
2021-10-19 22:09 - 2021-10-19 22:09 - 000088064 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\MailClient.348e0a4a#\85a510d720760eebe5603c82aca0d64e\MailClient.Protocols.Smtp.ni.dll
2021-10-19 22:09 - 2021-10-19 22:09 - 001003008 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\MailClient.3497b425#\ff5411593c6e75b139b31bed627da074\MailClient.Protocols.Imap.ni.dll
2021-10-19 22:09 - 2021-10-19 22:09 - 000031744 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\MailClient.4824fbfc#\7fb16b677910859f6e57767e66d6f3fd\MailClient.Storage.Category.ni.dll
2021-10-19 22:09 - 2021-10-19 22:09 - 000162304 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\MailClient.4e7296db#\570f354f9cc4172f92ef7bde4ba8e115\MailClient.Authentication.ni.dll
2021-10-19 22:09 - 2021-10-19 22:09 - 000053248 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\MailClient.5331ec95#\2abdf463f9fe0a7a9762626ff677b140\MailClient.Storage.Attachment.ni.dll
2021-10-19 22:09 - 2021-10-19 22:09 - 000400384 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\MailClient.6df617c9#\a8aa112a5c2073175a5e41dde1453f3a\MailClient.Storage.Schedule.ni.dll
2021-10-19 22:09 - 2021-10-19 22:09 - 000069120 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\MailClient.93969d60#\a54f0276cc25493adda66fc9629454a6\MailClient.HtmlOperations.ni.dll
2021-10-19 22:09 - 2021-10-19 22:09 - 000091136 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\MailClient.9a79bc48#\5b9e707448ada6786f5b404d42b6e46d\MailClient.Storage.IM.ni.dll
2021-10-19 22:09 - 2021-10-19 22:09 - 000027136 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\MailClient.a758b3a0#\75d62b2f687513da397de4862cf49400\MailClient.Storage.Widget.ni.dll
2021-10-19 22:09 - 2021-10-19 22:09 - 002310144 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\MailClient.Accounts\e5f37761da031e7cb3f48a1c5ec56f2e\MailClient.Accounts.ni.dll
2021-10-19 22:09 - 2021-10-19 22:09 - 000606720 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\MailClient.Avatar\2c2d3217a1034d8ef4122fb61aaa016e\MailClient.Avatar.ni.dll
2021-10-19 22:09 - 2021-10-19 22:09 - 000119296 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\MailClient.b2c914c9#\91aa7aa3169573e4e3c80795bb980896\MailClient.Storage.Folders.ni.dll
2021-10-19 22:09 - 2021-10-19 22:09 - 000387584 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\MailClient.bc15bd4c#\6eab3ea71ae4d06213bb02d004008e89\MailClient.Protocols.Jabber.ni.dll
2021-10-19 22:09 - 2021-10-19 22:09 - 000027136 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\MailClient.c3eb0b89#\59190caf154d8398fcace49e40dc9abc\MailClient.Storage.Snippet.ni.dll
2021-10-19 22:09 - 2021-10-19 22:09 - 000048640 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\MailClient.Commands\1638d960093802e2e91b9569c29153ad\MailClient.Commands.ni.dll
2021-10-19 22:09 - 2021-10-19 22:09 - 004545536 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\MailClient.Common.UI\a7c7003e0c6a9bd8b8d67f66bdd5c78f\MailClient.Common.UI.ni.dll
2021-10-19 22:09 - 2021-10-19 22:09 - 000287744 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\MailClient.Contact\adea610bf123816f5190ec76427d3414\MailClient.Contact.ni.dll
2021-10-19 22:09 - 2021-10-19 22:09 - 001059328 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\MailClient.d5b8df6b#\d22557d8e65d409bca9e56f6f6877776\MailClient.Protocols.Exchange.ni.dll
2021-10-19 22:09 - 2021-10-19 22:09 - 000117760 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\MailClient.d7176fba#\959f3b51d4ae7d6fb386569f2f21247c\MailClient.ErrorReporter.ni.dll
2021-10-19 22:09 - 2021-10-19 22:09 - 000041472 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\MailClient.d8481e79#\72b8a4387b7fe0f8f6857c022c69ef7b\MailClient.Storage.Certificate.ni.dll
2021-10-19 22:09 - 2021-10-19 22:09 - 000313344 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\MailClient.f2c61d2c#\7f58781b835e44c992d5e9d84865abea\MailClient.Storage.Contact.ni.dll
2021-10-19 22:09 - 2021-10-19 22:09 - 000020992 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\MailClient.ff7bbfa2#\777ce0305eefab7558e49efa448c631a\MailClient.Attachment.ni.dll
2021-10-19 22:09 - 2021-10-19 22:09 - 000023040 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\MailClient.IM\c3387930b5b94e6e7e16ea5292acae0e\MailClient.IM.ni.dll
2021-10-19 22:09 - 2021-10-19 22:09 - 000266240 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\MailClient.Imap.Base\80539a34e48549ae8ff7741f559e70a0\MailClient.Imap.Base.ni.dll
2021-10-19 22:09 - 2021-10-19 22:09 - 000043520 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\MailClient.Import\6582c45c31631c58e3334049ff7c1d09\MailClient.Import.ni.dll
2021-10-19 22:09 - 2021-10-19 22:09 - 000020480 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\MailClient.Interop\a2e99efa4fc750349deec946d60c7a9d\MailClient.Interop.ni.dll
2021-10-19 22:09 - 2021-10-19 22:09 - 000467968 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\MailClient.Mail\7693c8c13ccd7a90b7c306b87211545c\MailClient.Mail.ni.dll
2021-10-19 22:09 - 2021-10-19 22:09 - 000828416 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\MailClient.Protocols\ededcd48f66aca7967656caa9795966b\MailClient.Protocols.ni.dll
2021-10-19 22:09 - 2021-10-19 22:09 - 000679936 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\MailClient.Schedule\cb4790ff69a215badd399dfbbedae612\MailClient.Schedule.ni.dll
2021-10-19 22:08 - 2021-10-19 22:08 - 000595968 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\MailClient.Storage\71bbdee3972a8298fc1a76d07d711b76\MailClient.Storage.ni.dll
2021-10-19 22:09 - 2021-10-19 22:09 - 000111104 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\MailClient.Streams\65b081daaf48fceb72fab58ae33896e8\MailClient.Streams.ni.dll
2021-10-19 22:09 - 2021-10-19 22:09 - 000070656 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\MailClient.Threading\22a097c0e937980ee83a1ccc7c6ea349\MailClient.Threading.ni.dll
2021-10-19 22:09 - 2021-10-19 22:09 - 000027136 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\MailClient.Widget\29f5679bf1defb78ceaf444093a8b081\MailClient.Widget.ni.dll
2021-10-19 22:09 - 2021-10-19 22:09 - 000168448 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Microsoft.Sd25cd4a4#\97c65eaf431a2999cea81b5a5b72a5a1\Microsoft.Search.Interop.ni.dll
2021-10-19 22:09 - 2021-10-19 22:09 - 000084992 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\SystemCoreTimeZone\398999f578b5df8bc0653cc2c7f5b9e1\SystemCoreTimeZone.ni.dll
2021-10-19 22:09 - 2021-10-19 22:09 - 000228352 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\WinApi\f8f6e36bf2db6301760377db873c5e21\WinApi.ni.dll
2021-10-19 22:09 - 2021-10-19 22:09 - 001635328 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\WindowsAPICodePack\9c2c070dee7db7625b5c2c5440f30e1e\WindowsAPICodePack.ni.dll
2021-10-19 22:09 - 2021-10-19 22:09 - 000079872 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Xilium.CefG0f485e28#\720e934700ae50fdcb820f8b15f24b86\Xilium.CefGlue.WindowsForms.ni.dll
2021-10-19 22:09 - 2021-10-19 22:09 - 002796032 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Xilium.CefGlue\424aac1e39abdcba0651b673932ca7a7\Xilium.CefGlue.ni.dll
2015-09-24 16:41 - 2015-09-24 16:41 - 000334848 _____ (Adobe Systems Inc.) [File not signed] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\locale\cs_cz\Acrobat Elements\ContextMenu64.cze
2021-07-19 04:36 - 2021-07-19 04:36 - 001704960 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\AMD\WVR\OpenVR\bin\win64\driver_amdwvr.dll
2017-02-07 20:20 - 2012-06-09 19:20 - 000196096 _____ (Alexander Roshal) [File not signed] C:\Program Files (x86)\WinRAR\rarext64.dll
2017-02-07 12:45 - 2013-10-04 08:42 - 000210944 _____ (Bullzip) [File not signed] C:\Program Files\Common Files\STORMWARE\PDF Printer\Ports\STORMWARE\bzpdf.dll
2021-10-19 22:09 - 2021-10-19 22:09 - 001761792 _____ (Cursive Systems, Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\jabber-net\49f60b24a5fd8061a3705048344fbd79\jabber-net.ni.dll
2021-10-19 22:08 - 2021-10-19 22:08 - 001121792 _____ (hxxps://system.data.sqlite.org/) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Data.SQLite\b53fb4b918d814497adf5893da0f610a\System.Data.SQLite.ni.dll
2015-08-18 22:20 - 2015-08-18 22:20 - 000285184 _____ (Intel Corporation) [File not signed] [File is in use] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\PsiData.dll
2015-08-18 22:19 - 2015-08-18 22:19 - 000562688 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\ISDI2.dll
2021-10-19 22:09 - 2021-10-19 22:09 - 000340992 _____ (Ivan Akcheurov) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\IvanAkcheur7ace2bcd#\c1d4a53b28b6f809a7fdcb50ff1eb62f\IvanAkcheurov.NTextCat.Lib.ni.dll
2021-10-19 22:09 - 2021-10-19 22:09 - 000331776 _____ (Ivan Akcheurov) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\IvanAkcheurda66b2d7#\ee1768a42b31a95c3adf78e0aaba6e46\IvanAkcheurov.NClassify.ni.dll
2021-10-19 22:09 - 2021-10-19 22:09 - 000249344 _____ (Microsoft) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\SgmlReader\dcb0e8b8c9a970d155218055a8785e4c\SgmlReader.ni.dll
2017-07-14 10:54 - 2017-07-14 10:54 - 000840078 _____ (SQLite Development Team) [File not signed] C:\Program Files (x86)\eM Client\SQLite\x86\sqlite3.dll
2019-09-11 16:34 - 2019-09-11 16:34 - 000729600 _____ (The Chromium Authors) [File not signed] C:\Program Files (x86)\eM Client\libcef\chrome_elf.dll
2021-10-19 22:09 - 2021-10-19 22:09 - 003652608 _____ (The Legion of the Bouncy Castle Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\BouncyCastle.OpenPgp\2bc69219949dd5ee5d52a0cc236152f3\BouncyCastle.OpenPgp.ni.dll
2020-08-14 17:52 - 2020-08-14 17:52 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qgif.dll
2020-08-14 17:52 - 2020-08-14 17:52 - 000039424 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qicns.dll
2020-08-14 17:52 - 2020-08-14 17:52 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qico.dll
2020-08-14 17:52 - 2020-08-14 17:52 - 000414720 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qjpeg.dll
2020-08-14 17:52 - 2020-08-14 17:52 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qsvg.dll
2020-08-14 17:52 - 2020-08-14 17:52 - 000024576 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qtga.dll
2020-08-14 17:52 - 2020-08-14 17:52 - 000023552 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qwbmp.dll
2020-08-14 17:52 - 2020-08-14 17:52 - 000532992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\imageformats\qwebp.dll
2020-08-14 17:52 - 2020-08-14 17:52 - 001441792 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\platforms\qwindows.dll
2020-08-14 17:52 - 2020-08-14 17:52 - 001189888 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\sqldrivers\qsqlite.dll
2020-08-14 17:52 - 2020-08-14 17:52 - 000134656 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\plugins\styles\qwindowsvistastyle.dll
2020-08-14 17:52 - 2020-08-14 17:52 - 006184448 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2020-08-14 17:52 - 2020-08-14 17:52 - 006867456 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2020-08-14 17:52 - 2020-08-14 17:52 - 000735232 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Multimedia.dll
2020-08-14 17:52 - 2020-08-14 17:52 - 001104896 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2020-08-14 17:52 - 2020-08-14 17:52 - 000325120 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Positioning.dll
2020-08-14 17:52 - 2020-08-14 17:52 - 003668480 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2020-08-14 17:52 - 2020-08-14 17:52 - 000517120 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QmlModels.dll
2020-08-14 17:52 - 2020-08-14 17:52 - 000051712 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QmlWorkerScript.dll
2020-08-14 17:52 - 2020-08-14 17:52 - 004228608 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2020-08-14 17:52 - 2020-08-14 17:52 - 000171008 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QuickControls2.dll
2020-08-14 17:52 - 2020-08-14 17:52 - 001085440 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5QuickTemplates2.dll
2020-08-14 17:52 - 2020-08-14 17:52 - 000480256 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5RemoteObjects.dll
2020-08-14 17:52 - 2020-08-14 17:52 - 000205824 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Sql.dll
2020-08-14 17:52 - 2020-08-14 17:52 - 000329728 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2020-08-14 17:52 - 2020-08-14 17:52 - 000390656 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngine.dll
2020-08-14 17:52 - 2020-08-14 17:52 - 095598080 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngineCore.dll
2020-08-14 17:52 - 2020-08-14 17:52 - 000127488 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebChannel.dll
2020-08-14 17:52 - 2020-08-14 17:52 - 005587968 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2020-08-14 17:52 - 2020-08-14 17:52 - 000462848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2020-08-14 17:52 - 2020-08-14 17:52 - 000188928 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
2020-08-14 17:52 - 2020-08-14 17:52 - 002878464 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5XmlPatterns.dll
2020-08-14 17:52 - 2020-08-14 17:52 - 000055808 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2020-08-14 17:52 - 2020-08-14 17:52 - 000059392 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2020-08-14 17:52 - 2020-08-14 17:52 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQml\qmlplugin.dll
2020-08-14 17:52 - 2020-08-14 17:52 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2020-08-14 17:52 - 2020-08-14 17:52 - 000284160 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls.2\qtquickcontrols2plugin.dll
2020-08-14 17:52 - 2020-08-14 17:52 - 000333824 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2020-08-14 17:52 - 2020-08-14 17:52 - 000136704 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2020-08-14 17:52 - 2020-08-14 17:52 - 000090112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2020-08-14 17:52 - 2020-08-14 17:52 - 000313856 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Templates.2\qtquicktemplates2plugin.dll
2020-08-14 17:52 - 2020-08-14 17:52 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2020-08-14 17:52 - 2020-08-14 17:52 - 000091648 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtWebEngine\qtwebengineplugin.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=HRTE
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HRTE
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=HRTE
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HRTE
HKU\S-1-5-21-3736271558-2664885646-4274364148-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/?pc=HRTE
HKU\S-1-5-21-3736271558-2664885646-4274364148-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HRTE
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... TR&pc=HRTS
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... TR&pc=HRTS
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... TR&pc=HRTS
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... TR&pc=HRTS
SearchScopes: HKU\S-1-5-21-3736271558-2664885646-4274364148-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... TR&pc=HRTS
SearchScopes: HKU\S-1-5-21-3736271558-2664885646-4274364148-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... TR&pc=HRTS
BHO: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\McAfee\TrueKey\MSIE\truekey_ie64.dll [2018-04-23] (McAfee, Inc. -> Intel Security)
BHO-x32: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\McAfee\TrueKey\MSIE\truekey_ie.dll [2018-04-23] (McAfee, Inc. -> Intel Security)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2015-09-24] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2015-09-24] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\McAfee\TrueKey\MSIE\truekey_ie64.dll [2018-04-23] (McAfee, Inc. -> Intel Security)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2015-09-24] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\McAfee\TrueKey\MSIE\truekey_ie.dll [2018-04-23] (McAfee, Inc. -> Intel Security)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2017-09-20 17:04 - 000000863 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 activate.adobe.com

2017-10-05 12:43 - 2020-10-29 23:36 - 000000446 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;c:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\;c:\Program Files\Microsoft SQL Server\100\Tools\Binn\;c:\Program Files\Microsoft SQL Server\100\DTS\Binn\;C:\Program Files (x86)\Microsoft SQL Server\80\Tools\Binn\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\
HKU\S-1-5-21-3736271558-2664885646-4274364148-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Stiburek\AppData\Roaming\Microsoft\Windows Photo Viewer\Tapeta programu Windows Prohlížeč fotografií.jpg
HKU\S-1-5-21-3736271558-2664885646-4274364148-1010\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "MicTray"
HKLM\...\StartupApproved\Run: => "SmartAudio"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKU\S-1-5-21-3736271558-2664885646-4274364148-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3736271558-2664885646-4274364148-1001\...\StartupApproved\Run: => "Privacy Eraser"
HKU\S-1-5-21-3736271558-2664885646-4274364148-1001\...\StartupApproved\Run: => "eM Client"
HKU\S-1-5-21-3736271558-2664885646-4274364148-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-3736271558-2664885646-4274364148-1001\...\StartupApproved\Run: => "Opera Browser Assistant"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [TCP Query User{597AAB9F-4FD0-44AC-B197-E757802DB308}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{3DA40006-7C28-4EFB-AF4A-20B5E2AC2DD0}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{266E923F-9A64-4B60-AC26-2A7F598688F1}] => (Allow) C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe (Intel(R) Wireless Display -> Intel)
FirewallRules: [TCP Query User{A5E2BC5E-03A4-4736-9F84-8AE2A60F3EF8}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{816113DF-E7F4-4C9A-9ED1-86D838BDD38A}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{B2C7DE58-FFD9-4D54-BC52-C3220D41603F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{A96ECEB1-6EA9-4249-A049-D39C06E236A1}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{1C105157-E94E-4F11-A76A-C0644F810A97}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{01FAA463-B5A1-4606-9C70-7E7A8B63E5AB}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{1DFB26FA-87C3-4289-B3EB-43493172779E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{2AE3B3D8-3B76-45C4-B944-F3492D4B1EEA}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{CB04B17D-1CD5-4D68-90E1-3F15572DB94A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

25-11-2021 21:29:01 Naplánovaný kontrolní bod
29-11-2021 09:46:29 AdwCleaner_BeforeCleaning_29/11/2021_09:46:28

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (11/29/2021 10:30:58 AM) (Source: MSSQL$DUEL) (EventID: 8317) (User: )
Description: Cannot query value 'First Counter' associated with registry key 'HKLM\SYSTEM\CurrentControlSet\Services\MSSQL$DUEL\Performance'. SQL Server performance counters are disabled.

Error: (11/29/2021 10:25:21 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: MailClient.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.Text.EncoderFallbackException
na System.Text.EncoderExceptionFallbackBuffer.Fallback(Char, Int32)
na System.Text.EncoderFallbackBuffer.InternalFallback(Char, Char* ByRef)
na System.Text.UTF8Encoding.GetBytes(Char*, Int32, Byte*, Int32, System.Text.EncoderNLS)
na System.Text.EncoderNLS.GetBytes(Char*, Int32, Byte*, Int32, Boolean)
na System.Text.EncoderNLS.GetBytes(Char[], Int32, Int32, Byte[], Int32, Boolean)
na System.IO.StreamWriter.Flush(Boolean, Boolean)
na System.IO.StreamWriter.Write(Char[], Int32, Int32)
na System.IO.TextWriter.WriteLine(System.String)
na MailClient.Utils.LoggingMessageFilter.LogMessage(HookLib.CWPSTRUCT)
na MailClient.Utils.LoggingMessageFilter.hook_WndProc(System.Object, HookLib.HookEventArgs)
na HookLib.HookLibClass.ProcessMessage(HookLib.SWH_ID, HookEventHandler, Int32, IntPtr, IntPtr)
na HookLib.HookLibClass+<>c__DisplayClass4_0.<SetHook>b__0(Int32, IntPtr, IntPtr)

Error: (11/29/2021 10:25:20 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: atieclxx.exe, verze: 27.20.20904.1004, časové razítko: 0x60f52aeb
Název chybujícího modulu: atieclxx.exe, verze: 27.20.20904.1004, časové razítko: 0x60f52aeb
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000000359c6
ID chybujícího procesu: 0xbd8
Čas spuštění chybující aplikace: 0x01d7e4fdc3dc2177
Cesta k chybující aplikaci: C:\WINDOWS\System32\DriverStore\FileRepository\c0369996.inf_amd64_5b0c5a6efd5e1bc9\B369942\atieclxx.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\DriverStore\FileRepository\c0369996.inf_amd64_5b0c5a6efd5e1bc9\B369942\atieclxx.exe
ID zprávy: 7a086d61-73f2-4a2a-a881-3e78c481f9de
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (11/29/2021 09:47:44 AM) (Source: MSSQL$DUEL) (EventID: 8317) (User: )
Description: Cannot query value 'First Counter' associated with registry key 'HKLM\SYSTEM\CurrentControlSet\Services\MSSQL$DUEL\Performance'. SQL Server performance counters are disabled.

Error: (11/13/2021 06:02:03 AM) (Source: MSSQL$DUEL) (EventID: 8317) (User: )
Description: Cannot query value 'First Counter' associated with registry key 'HKLM\SYSTEM\CurrentControlSet\Services\MSSQL$DUEL\Performance'. SQL Server performance counters are disabled.

Error: (11/03/2021 09:31:53 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Vytvoření bodu obnovení se nezdařilo (Proces = C:\Program Files\AMD\WU-CCC2\ccc2_install\VC17RTx64\vcredist_x64.exe Files\AMD\WU-CCC2\ccc2_install\VC17RTx64\vcredist_x64.exe" /q /norestart; Popis = Microsoft Visual C++ 2017 Redistributable (x64) - 14.14.26429; Chyba = 0x80042306).

Error: (11/03/2021 09:31:48 AM) (Source: VSS) (EventID: 12289) (User: )
Description: Chyba služby Stínová kopie svazků: Neočekávaná chyba DeviceIoControl(\\?\Volume{05749f45-0343-11e6-970c-806e6f6e6963} - 0000000000000268,0x0053c008,0000026C30C0A570,0,0000026C30C0C410,4096,[0]). hr = 0x80070005, Přístup byl odepřen.
.


Operace:
Probíhá zpracování události EndPrepareSnapshots

Kontext:
Kontext spuštění: System Provider

Error: (11/03/2021 09:31:34 AM) (Source: VSS) (EventID: 12289) (User: )
Description: Chyba služby Stínová kopie svazků: Neočekávaná chyba DeviceIoControl(\\?\Volume{05749f45-0343-11e6-970c-806e6f6e6963} - 000000000000024C,0x0053c008,0000026C30C0A570,0,0000026C30C0C410,4096,[0]). hr = 0x80070005, Přístup byl odepřen.
.


Operace:
Probíhá zpracování události EndPrepareSnapshots

Kontext:
Kontext spuštění: System Provider


System errors:
=============
Error: (11/29/2021 10:37:08 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba BOSCH Lock Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (11/29/2021 10:37:07 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba McAfee True Key byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 1701604449 milisekund: Restartovat službu.

Error: (11/29/2021 10:37:07 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) PROSet/Wireless Zero Configuration Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (11/29/2021 10:37:07 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba HP Software Framework Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (11/29/2021 10:37:07 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) PROSet/Wireless Event Log byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (11/29/2021 10:37:07 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba HP LAN/WLAN/WWAN Switching UWP Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 120000 milisekund: Restartovat službu.

Error: (11/29/2021 10:37:07 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba HP Hotkey UWP Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 120000 milisekund: Restartovat službu.

Error: (11/29/2021 10:37:07 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Content Protection HECI Service byla neočekávaně ukončena. Tento stav nastal již 1krát.


Windows Defender:
================
Date: 2021-11-29 10:00:22
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {F8153F3E-17A6-42A7-9F06-653B6B761B36}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-11-29 09:49:45
Description:
Řízený přístup ke složkám zablokoval pro C:\Program Files\CCleaner\CCleaner64.exe provádění změn v paměti.
Čas detekce: 2021-11-29T08:49:45.047Z
Uživatel: NT AUTHORITY\SYSTEM
Cesta: \Device\Harddisk0\DR0
Název procesu: C:\Program Files\CCleaner\CCleaner64.exe
Verze bezpečnostních informací: 1.353.1751.0
Verze modulu: 1.1.18700.4
Verze produktu: 4.18.2110.6

Date: 2021-11-29 09:49:45
Description:
Řízený přístup ke složkám zablokoval pro C:\Program Files\CCleaner\CCUpdate.exe provádění změn v paměti.
Čas detekce: 2021-11-29T08:49:45.047Z
Uživatel: (unknown user)
Cesta: \Device\Harddisk0\DR0
Název procesu: C:\Program Files\CCleaner\CCUpdate.exe
Verze bezpečnostních informací: 1.353.1751.0
Verze modulu: 1.1.18700.4
Verze produktu: 4.18.2110.6

Date: 2021-11-28 09:59:27
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {BC23F059-37AB-4D9E-9D84-B8CBF762F7F7}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-11-27 19:23:41
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {FC3FAA62-99E6-495B-9FB8-246F4896E7C4}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

==================== Memory info ===========================

BIOS: HP N78 Ver. 01.06 12/18/2015
Motherboard: HP 8102
Processor: Intel(R) Core(TM) i5-6200U CPU @ 2.30GHz
Percentage of memory in use: 33%
Total physical RAM: 12185.42 MB
Available physical RAM: 8053.25 MB
Total Virtual: 24473.42 MB
Available Virtual: 20109.47 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:217.6 GB) (Free:26.33 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (HP_RECOVERY) (Fixed) (Total:17.87 GB) (Free:1.96 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive e: (HP_TOOLS) (Fixed) (Total:1.99 GB) (Free:1.94 GB) FAT32

\\?\Volume{05749f44-0343-11e6-970c-806e6f6e6963}\ (SYSTEM ) (Fixed) (Total:1 GB) (Free:0.51 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 238.5 GB) (Disk ID: ABEC49DE)
Partition 1: (Active) - (Size=1 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=217.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=17.9 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=2 GB) - (Type=0B)

Zdravím!
Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {04F6D31D-9EC1-462E-BA94-6C2F138C20F8} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {0AFE1F6B-9A96-403B-BCC1-7325774FE86A} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {11C87A8F-F4A9-42EF-A8B3-A1E7BA5A59DD} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe /DoConfigureInternetTimeService (No File)
Task: {14CAC4AB-5A0A-4D89-A8F9-370E7AC7156E} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe /OCURActivate (No File)
ask: {1D2D8A11-B65E-4E8A-A2B8-E6DA529EE2E5} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {2682C0CF-B3FF-4C76-86A1-DB891528E79F} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {2B892DCC-1BA4-48FD-911F-13EA21AE52BF} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe -crl -hms -pscn 15 (No File)
Task: {59BD86B4-F0F3-47B2-93D4-054A661D3CF5} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {5F213692-A43D-4F04-955E-189B874739B9} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {6A5C50EF-4779-4D1F-901D-BEC7E3D34938} - System32\Tasks\HP\HP Hotkey Support\Start QLBController Process => C:\Program Files (x86)\HP\HP Hotkey Support\QLBController.exe (No File)
Task: {736C487B-A29B-4400-8C76-9710549EE3DF} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0) (No File)
Task: {872178AE-C5EA-4E0E-9B69-564C37DE9090} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe /DRMInit (No File)
Task: {878024CE-B440-4533-8737-4F40C954EEA2} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe -PvrSchedule (No File)
Task: {92122549-A354-469E-A05C-1365B1C6283B} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0) (No File)
Task: {95650CF9-F4ED-433B-B8AC-66881851B70F} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe -task -source HPSA (No File)
Task: {994A0889-8817-4A66-81CB-6D885D774155} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe /PBDADiscovery (No File)
Task: {9B3F4D5F-A9A6-426B-BA90-E4648FD63715} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe $(Arg0) (No File)
Task: {9B714069-35A9-4A59-9C38-20B8549268A9} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe /RestartRecording (No File)
Task: {9CD6CAD8-B1B0-4511-922E-C6B0302287A3} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {A625326F-ACFA-46FC-86B9-E3A132B73532} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {AF059B35-F9EB-4D4C-B7CC-962574041A67} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe /DoReindexSearchRoot (No File)
Task: {B1C1D097-0AC6-415F-B167-1130737D7829} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {B6A2C0F4-FB8A-467A-A654-287C6B3831E5} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Active Health Launcher => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe -source HPSA (No File)
Task: {BEC01B03-08F0-41A6-99B7-15D0BA8DF17D} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe -pscn 0 (No File)
Task: {C309CEB3-2262-4B4C-BC93-FFA3204B1AF5} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {CF946A60-001C-4751-AD20-8E0966F9BCFF} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe /L Analysis (No File)
Task: {D28B8AA1-AE52-4CFF-B3D7-B7E9A328F872} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0) (No File)
Task: {D28B8AA1-AE52-4CFF-B3D7-B7E9A328F872} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0) (No File)
Task: {DC990DDD-188C-4C8B-BFEB-18A00AB65C07} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {DC990DDD-188C-4C8B-BFEB-18A00AB65C07} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {DDB4F745-30BD-4E01-A98E-E509AC6EF240} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0) (No File)
Task: {DEBBC39D-B056-4323-B44D-C551065865FE} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {DF21125F-0536-409C-BDE1-2C98319F9624} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -PvrRecoveryTask (No File)
Task: {E0370386-9F58-4CAC-8A38-696C6E8D61CC} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {E6823AB9-645E-43AE-BECE-1FBA1D49A97B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe /taskrestart (No File)
Task: {E7A3616E-A209-4F0A-9E8E-B05E08747428} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery (No File)
Task: {EAED1FB7-E468-45A9-9872-49D64C6E464D} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {EF2E43E9-ED35-482C-AF44-0331FB1D9384} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -MediaCenterRecoveryTask (No File)
Task: {F95B1EDF-820A-4683-86BB-0263407DABB8} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -ObjectStoreRecoveryTask (No File)
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
U3 idsvc; no ImagePath
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => -> No File
ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=HRTE
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HRTE
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=HRTE
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HRTE
HKU\S-1-5-21-3736271558-2664885646-4274364148-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/?pc=HRTE
HKU\S-1-5-21-3736271558-2664885646-4274364148-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HRTE
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... TR&pc=HRTS
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... TR&pc=HRTS
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... TR&pc=HRTS
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... TR&pc=HRTS
SearchScopes: HKU\S-1-5-21-3736271558-2664885646-4274364148-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... TR&pc=HRTS
SearchScopes: HKU\S-1-5-21-3736271558-2664885646-4274364148-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... TR&pc=HRTS
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Fix result of Farbar Recovery Scan Tool (x64) Version: 01-12-2021
Ran by Stiburek (01-12-2021 17:02:46) Run:1
Running from C:\Users\Stiburek\Desktop
Loaded Profiles: Stiburek & DevToolsUser
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {04F6D31D-9EC1-462E-BA94-6C2F138C20F8} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {0AFE1F6B-9A96-403B-BCC1-7325774FE86A} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {11C87A8F-F4A9-42EF-A8B3-A1E7BA5A59DD} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe /DoConfigureInternetTimeService (No File)
Task: {14CAC4AB-5A0A-4D89-A8F9-370E7AC7156E} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe /OCURActivate (No File)
ask: {1D2D8A11-B65E-4E8A-A2B8-E6DA529EE2E5} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {2682C0CF-B3FF-4C76-86A1-DB891528E79F} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {2B892DCC-1BA4-48FD-911F-13EA21AE52BF} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe -crl -hms -pscn 15 (No File)
Task: {59BD86B4-F0F3-47B2-93D4-054A661D3CF5} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {5F213692-A43D-4F04-955E-189B874739B9} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {6A5C50EF-4779-4D1F-901D-BEC7E3D34938} - System32\Tasks\HP\HP Hotkey Support\Start QLBController Process => C:\Program Files (x86)\HP\HP Hotkey Support\QLBController.exe (No File)
Task: {736C487B-A29B-4400-8C76-9710549EE3DF} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0) (No File)
Task: {872178AE-C5EA-4E0E-9B69-564C37DE9090} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe /DRMInit (No File)
Task: {878024CE-B440-4533-8737-4F40C954EEA2} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe -PvrSchedule (No File)
Task: {92122549-A354-469E-A05C-1365B1C6283B} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0) (No File)
Task: {95650CF9-F4ED-433B-B8AC-66881851B70F} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe -task -source HPSA (No File)
Task: {994A0889-8817-4A66-81CB-6D885D774155} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe /PBDADiscovery (No File)
Task: {9B3F4D5F-A9A6-426B-BA90-E4648FD63715} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe $(Arg0) (No File)
Task: {9B714069-35A9-4A59-9C38-20B8549268A9} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe /RestartRecording (No File)
Task: {9CD6CAD8-B1B0-4511-922E-C6B0302287A3} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {A625326F-ACFA-46FC-86B9-E3A132B73532} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {AF059B35-F9EB-4D4C-B7CC-962574041A67} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe /DoReindexSearchRoot (No File)
Task: {B1C1D097-0AC6-415F-B167-1130737D7829} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {B6A2C0F4-FB8A-467A-A654-287C6B3831E5} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Active Health Launcher => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe -source HPSA (No File)
Task: {BEC01B03-08F0-41A6-99B7-15D0BA8DF17D} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe -pscn 0 (No File)
Task: {C309CEB3-2262-4B4C-BC93-FFA3204B1AF5} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {CF946A60-001C-4751-AD20-8E0966F9BCFF} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe /L Analysis (No File)
Task: {D28B8AA1-AE52-4CFF-B3D7-B7E9A328F872} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0) (No File)
Task: {D28B8AA1-AE52-4CFF-B3D7-B7E9A328F872} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0) (No File)
Task: {DC990DDD-188C-4C8B-BFEB-18A00AB65C07} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {DC990DDD-188C-4C8B-BFEB-18A00AB65C07} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {DDB4F745-30BD-4E01-A98E-E509AC6EF240} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0) (No File)
Task: {DEBBC39D-B056-4323-B44D-C551065865FE} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {DF21125F-0536-409C-BDE1-2C98319F9624} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -PvrRecoveryTask (No File)
Task: {E0370386-9F58-4CAC-8A38-696C6E8D61CC} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {E6823AB9-645E-43AE-BECE-1FBA1D49A97B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe /taskrestart (No File)
Task: {E7A3616E-A209-4F0A-9E8E-B05E08747428} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery (No File)
Task: {EAED1FB7-E468-45A9-9872-49D64C6E464D} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {EF2E43E9-ED35-482C-AF44-0331FB1D9384} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -MediaCenterRecoveryTask (No File)
Task: {F95B1EDF-820A-4683-86BB-0263407DABB8} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -ObjectStoreRecoveryTask (No File)
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
U3 idsvc; no ImagePath
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => -> No File
ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=HRTE
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HRTE
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=HRTE
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HRTE
HKU\S-1-5-21-3736271558-2664885646-4274364148-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/?pc=HRTE
HKU\S-1-5-21-3736271558-2664885646-4274364148-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HRTE
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... TR&pc=HRTS
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... TR&pc=HRTS
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... TR&pc=HRTS
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... TR&pc=HRTS
SearchScopes: HKU\S-1-5-21-3736271558-2664885646-4274364148-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... TR&pc=HRTS
SearchScopes: HKU\S-1-5-21-3736271558-2664885646-4274364148-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... TR&pc=HRTS
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)

EmptyTemp:
End
*****************

Processes closed successfully.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers\{503739d0-4c5e-4cfd-b3ba-d881334f0df2}" => removed successfully
HKLM\SOFTWARE\Policies\Google => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{04F6D31D-9EC1-462E-BA94-6C2F138C20F8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{04F6D31D-9EC1-462E-BA94-6C2F138C20F8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{0AFE1F6B-9A96-403B-BCC1-7325774FE86A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0AFE1F6B-9A96-403B-BCC1-7325774FE86A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{11C87A8F-F4A9-42EF-A8B3-A1E7BA5A59DD}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{11C87A8F-F4A9-42EF-A8B3-A1E7BA5A59DD}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\ConfigureInternetTimeService" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{14CAC4AB-5A0A-4D89-A8F9-370E7AC7156E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{14CAC4AB-5A0A-4D89-A8F9-370E7AC7156E}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\OCURActivate" => removed successfully
ask: {1D2D8A11-B65E-4E8A-A2B8-E6DA529EE2E5} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION => Error: No automatic fix found for this entry.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2682C0CF-B3FF-4C76-86A1-DB891528E79F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2682C0CF-B3FF-4C76-86A1-DB891528E79F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2B892DCC-1BA4-48FD-911F-13EA21AE52BF}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2B892DCC-1BA4-48FD-911F-13EA21AE52BF}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\mcupdate_scheduled" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{59BD86B4-F0F3-47B2-93D4-054A661D3CF5}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{59BD86B4-F0F3-47B2-93D4-054A661D3CF5}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5F213692-A43D-4F04-955E-189B874739B9}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5F213692-A43D-4F04-955E-189B874739B9}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{6A5C50EF-4779-4D1F-901D-BEC7E3D34938}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6A5C50EF-4779-4D1F-901D-BEC7E3D34938}" => removed successfully
C:\WINDOWS\System32\Tasks\HP\HP Hotkey Support\Start QLBController Process => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\HP\HP Hotkey Support\Start QLBController Process" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{736C487B-A29B-4400-8C76-9710549EE3DF}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{736C487B-A29B-4400-8C76-9710549EE3DF}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\OCURDiscovery" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{872178AE-C5EA-4E0E-9B69-564C37DE9090}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{872178AE-C5EA-4E0E-9B69-564C37DE9090}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\ehDRMInit" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{878024CE-B440-4533-8737-4F40C954EEA2}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{878024CE-B440-4533-8737-4F40C954EEA2}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\PvrScheduleTask" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{92122549-A354-469E-A05C-1365B1C6283B}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{92122549-A354-469E-A05C-1365B1C6283B}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\UpdateRecordPath" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{95650CF9-F4ED-433B-B8AC-66881851B70F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{95650CF9-F4ED-433B-B8AC-66881851B70F}" => removed successfully
C:\WINDOWS\System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA)" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{994A0889-8817-4A66-81CB-6D885D774155}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{994A0889-8817-4A66-81CB-6D885D774155}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\PBDADiscovery" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9B3F4D5F-A9A6-426B-BA90-E4648FD63715}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9B3F4D5F-A9A6-426B-BA90-E4648FD63715}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\mcupdate => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\mcupdate" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{9B714069-35A9-4A59-9C38-20B8549268A9}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9B714069-35A9-4A59-9C38-20B8549268A9}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\RecordingRestart" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9CD6CAD8-B1B0-4511-922E-C6B0302287A3}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9CD6CAD8-B1B0-4511-922E-C6B0302287A3}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A625326F-ACFA-46FC-86B9-E3A132B73532}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A625326F-ACFA-46FC-86B9-E3A132B73532}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AF059B35-F9EB-4D4C-B7CC-962574041A67}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AF059B35-F9EB-4D4C-B7CC-962574041A67}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\ReindexSearchRoot" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B1C1D097-0AC6-415F-B167-1130737D7829}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B1C1D097-0AC6-415F-B167-1130737D7829}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B6A2C0F4-FB8A-467A-A654-287C6B3831E5}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B6A2C0F4-FB8A-467A-A654-287C6B3831E5}" => removed successfully
C:\WINDOWS\System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Active Health Launcher => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Hewlett-Packard\HP Support Assistant\HP Active Health Launcher" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BEC01B03-08F0-41A6-99B7-15D0BA8DF17D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BEC01B03-08F0-41A6-99B7-15D0BA8DF17D}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\PeriodicScanRetry" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C309CEB3-2262-4B4C-BC93-FFA3204B1AF5}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C309CEB3-2262-4B4C-BC93-FFA3204B1AF5}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CF946A60-001C-4751-AD20-8E0966F9BCFF}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CF946A60-001C-4751-AD20-8E0966F9BCFF}" => removed successfully
C:\WINDOWS\System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Hewlett-Packard\HP Support Assistant\PC Health Analysis" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D28B8AA1-AE52-4CFF-B3D7-B7E9A328F872}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D28B8AA1-AE52-4CFF-B3D7-B7E9A328F872}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\RegisterSearch" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D28B8AA1-AE52-4CFF-B3D7-B7E9A328F872}" => not found
"C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\RegisterSearch" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DC990DDD-188C-4C8B-BFEB-18A00AB65C07}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DC990DDD-188C-4C8B-BFEB-18A00AB65C07}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DC990DDD-188C-4C8B-BFEB-18A00AB65C07}" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DDB4F745-30BD-4E01-A98E-E509AC6EF240}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DDB4F745-30BD-4E01-A98E-E509AC6EF240}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\InstallPlayReady" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DEBBC39D-B056-4323-B44D-C551065865FE}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DEBBC39D-B056-4323-B44D-C551065865FE}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DF21125F-0536-409C-BDE1-2C98319F9624}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DF21125F-0536-409C-BDE1-2C98319F9624}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\PvrRecoveryTask" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E0370386-9F58-4CAC-8A38-696C6E8D61CC}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E0370386-9F58-4CAC-8A38-696C6E8D61CC}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{E6823AB9-645E-43AE-BECE-1FBA1D49A97B}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E6823AB9-645E-43AE-BECE-1FBA1D49A97B}" => removed successfully
C:\WINDOWS\System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E7A3616E-A209-4F0A-9E8E-B05E08747428}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E7A3616E-A209-4F0A-9E8E-B05E08747428}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\PBDADiscoveryW1" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EAED1FB7-E468-45A9-9872-49D64C6E464D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EAED1FB7-E468-45A9-9872-49D64C6E464D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EF2E43E9-ED35-482C-AF44-0331FB1D9384}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EF2E43E9-ED35-482C-AF44-0331FB1D9384}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\MediaCenterRecoveryTask" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F95B1EDF-820A-4683-86BB-0263407DABB8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F95B1EDF-820A-4683-86BB-0263407DABB8}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask" => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\BookReader_B171F20233094AC88D05A8EF7B9763E8 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => removed successfully
HKLM\System\CurrentControlSet\Services\idsvc => removed successfully
idsvc => service removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\CLVDShellExt => removed successfully
HKLM\Software\Classes\Drive\ShellEx\ContextMenuHandlers\CLVDShellExt => removed successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" => value restored successfully
"HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page" => removed successfully
"HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL" => removed successfully
HKU\S-1-5-21-3736271558-2664885646-4274364148-1001\Software\Microsoft\Internet Explorer\Main\\"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" => value restored successfully
HKU\S-1-5-21-3736271558-2664885646-4274364148-1001\Software\Microsoft\Internet Explorer\Main\\"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => value restored successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => removed successfully
"HKU\S-1-5-21-3736271558-2664885646-4274364148-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
HKU\S-1-5-21-3736271558-2664885646-4274364148-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => removed successfully
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File) => Error: No automatic fix found for this entry.

=========== EmptyTemp: ==========

BITS transfer queue => 1572864 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 74949000 B
Java, Flash, Steam htmlcache => 1110 B
Windows/system/drivers => 9228793 B
Edge => 50755 B
Chrome => 662175807 B
Firefox => 11321349 B
Opera => 68397284 B

Temp, IE cache, history, cookies, recent:
Default => 13756 B
ProgramData => 13756 B
Public => 13756 B
systemprofile => 13756 B
systemprofile32 => 13756 B
LocalService => 27512 B
NetworkService => 263782 B
Stiburek => 15928245 B
DevToolsUser => 15942001 B
DefaultAppPool => 15955757 B

RecycleBin => 9980642 B
EmptyTemp: => 844.8 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 17:03:42 ====

Smazáno, log je již OK.

Super. Díky moc. Chtěl jsem teď poslat nějakou drobnou podporu, ale nefunguje platební tlačítko čsob. Zkusím to později. Ještě jednou dík R.S

Nevím, jak vám, ale mně funguje, teď jsem to zkoušel. Rádo se stalo!

Mě to zlobí. Píše to "vyskytla se chyba". Ale neva. Poslal jsem to na ten účet vespod /0100

OK, za příspěvek děkujeme!