VIRY.CZ

Dobrý den prosím o kontrolu, stále mi vyskakuje okno "přihlaste se pomocí účtu google", při spuštění programu Thunderbird ,CHrome i jiných.


Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 13-04-2022 01
Ran by Petr (administrator) on PETR (HP HP Pavilion Gaming Desktop TG01-1xxx) (14-04-2022 07:06:41)
Running from C:\Users\fugat\OneDrive\Plocha
Loaded Profiles: Petr
Platform: Microsoft Windows 11 Home Version 21H2 22000.613 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(C:\Program Files (x86)\ExpressVPN\bootstrap\amd64\nssm.exe ->) (Express Vpn LLC -> ExpressVPN) C:\Program Files (x86)\ExpressVPN\expressvpnd\expressvpnd.exe
(C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_421.20070.95.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.39\msedgewebview2.exe <6>
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCopyAccelerator.exe
(DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_86d9ab8950580d2e\x64\SysInfoCap.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_86d9ab8950580d2e\x64\BridgeCommunication.exe
(explorer.exe ->) (Google LLC -> ) C:\Program Files\Google\Drive File Stream\56.0.11.0\crashpad_handler.exe <2>
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <14>
(explorer.exe ->) (Google LLC -> Google, Inc.) C:\Program Files\Google\Drive File Stream\56.0.11.0\GoogleDriveFS.exe <7>
(explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(explorer.exe ->) (My.Com B.V. -> ) C:\Users\fugat\AppData\Local\GameCenter\GameCenter.exe <4>
(Express Vpn LLC -> ExpressVPN) C:\Program Files (x86)\ExpressVPN\expressvpn-ui\ExpressVPNNotificationService.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler64.exe
(HP Inc.) C:\Program Files\WindowsApps\ad2f1837.hpsystemeventutility_1.2.15.0_x64__v10z8vjag6ke6\SystemEventUtility\HPSystemEventUtilityHost.exe
(HP Inc.) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2203.4.0_x64__v10z8vjag6ke6\win32\OmenCommandCenterBackground.exe
(SECOMN64.exe ->) (Sound Research Corporation -> Sound Research, Corp.) C:\Windows\System32\SECOCL64.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(services.exe ->) (Express Vpn LLC -> ExpressVPN) C:\Program Files (x86)\ExpressVPN\bootstrap\amd64\nssm.exe
(services.exe ->) (HON HAI PRECISION INDUSTRY CO.LTD. -> ) C:\Program Files\FanControlApp\FanControlApp.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPCommRecovery\HPCommRecovery.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_54a828a51f6769c8\x64\TouchpointAnalyticsClientService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_86d9ab8950580d2e\x64\AppHelperCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_86d9ab8950580d2e\x64\DiagsCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_86d9ab8950580d2e\x64\NetworkCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_86d9ab8950580d2e\x64\SysInfoCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpomencustomcapcomp.inf_amd64_7ea79942c83947c1\x64\OmenCap\OmenCap.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_897ea327b3fe52f7\esif_uf.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_3cbddcc68b1c0da2\RstMwService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
(services.exe ->) (Intel Corporation -> Intel(R) Corporation) C:\Windows\SysWOW64\XtuService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_3.63.31001.0_x64__8wekyb3d8bbwe\gamingservices.exe
(services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_3.63.31001.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\NisSrv.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvhdci.inf_amd64_f6ce41c41f173600\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) C:\Windows\RtkBtAudioServ.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_d92d7bec4b020758\RtkAudUService64.exe <2>
(services.exe ->) (Sound Research Corporation -> Sound Research, Corp.) C:\Windows\System32\SECOMN64.exe
(sihost.exe ->) (HP Inc.) C:\Program Files\WindowsApps\AD2F1837.myHP_1.10.53228.0_x64__v10z8vjag6ke6\win32\HPBackgroundProcess.exe
(svchost.exe ->) (HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe
(svchost.exe ->) (HP Inc.) C:\Program Files\WindowsApps\AD2F1837.myHP_1.10.53228.0_x64__v10z8vjag6ke6\HP.myHP.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_421.20070.95.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3426560 2021-11-23] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557768 2015-02-03] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [ExpressVPNNotificationService] => C:\Program Files (x86)\ExpressVPN\expressvpn-ui\ExpressVPNNotificationServiceStarter.exe [465120 2020-08-20] (Express Vpn LLC -> ExpressVPN)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [1851040 2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\56.0.11.0\GoogleDriveFS.exe [53664656 2022-03-30] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\56.0.11.0\GoogleDriveFS.exe [53664656 2022-03-30] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-518073881-1826240890-1261379532-1001\...\Run: [HPSEU_Host_Launcher] => C:\System.sav\util\HPSEU\HpseuHostLauncher.exe [525312 2021-08-03] (HP Inc.) [File not signed]
HKU\S-1-5-21-518073881-1826240890-1261379532-1001\...\Run: [GameCenter] => C:\Users\fugat\AppData\Local\GameCenter\GameCenter.exe [11413256 2022-04-05] (My.Com B.V. -> )
HKU\S-1-5-21-518073881-1826240890-1261379532-1001\...\Run: [GarminExpress] => C:\Program Files (x86)\Garmin\Express\express.exe [31193432 2022-01-12] (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-518073881-1826240890-1261379532-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\56.0.11.0\GoogleDriveFS.exe [53664656 2022-03-30] (Google LLC -> Google, Inc.)
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\56.0.11.0\GoogleDriveFS.exe [53664656 2022-03-30] (Google LLC -> Google, Inc.)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\WINDOWS\system32\AdobePDF.dll [54944 2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Inc)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\100.0.4896.88\Installer\chrmstp.exe [2022-04-13] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
Startup: C:\Users\fugat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sledování výstrah kazety - HP Smart Tank 510 series.lnk [2022-04-14]
ShortcutAndArgument: Sledování výstrah kazety - HP Smart Tank 510 series.lnk -> C:\WINDOWS\system32\RunDll32.exe => "C:\Program Files\HP\HP Smart Tank 510 series\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN14G440GV;CONNECTION=USB;MONITOR=1;

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0D888005-962A-4BF6-AEB4-6B21DBBA9711} - \HPAudioSwitch -> No File <==== ATTENTION
Task: {10151963-BE95-4337-8CEE-85562735DEB9} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {12DF3F8A-9612-48CA-AE38-2818FA70CA73} - \Microsoft\Windows\HelloFace\FODCleanupTask -> No File <==== ATTENTION
Task: {1B916C1A-59FD-4974-BE42-7F6B0C6D8D19} - \NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {1EC52D6A-2D8B-431E-8C80-138F2522B008} - System32\Tasks\McAfeeTsk\OOBEUpgrader => C:\Program Files\McAfee\MSC\OOBE_Upgrader.exe /Run (No File)
Task: {21BBE4C0-9F42-47BF-9A33-E9A9C47C8EFF} - \NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {22A6730C-0DF9-486A-ABB4-1194C0715A47} - \NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {2B39A18A-4466-4239-A58A-9EA8FECC3551} - System32\Tasks\RtkAudUService64_BG => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_d92d7bec4b020758\RtkAudUService64.exe [1372264 2021-10-14] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {364F5A20-4D48-4EE2-BF11-E6D166A366B2} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {382C7E0C-B502-45F6-A07E-6B6055B869B1} - \NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {38463ED2-5B0A-41B9-ADE1-D9D3FF72511F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {3FD04BD4-AA3B-4D74-A69E-7FD5CBB1B9F9} - \NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {4B75AF71-A6A7-42E8-8B72-EB9E9B529621} - System32\Tasks\GoogleUpdateTaskMachineCore{7AE1C9F1-9540-418C-921D-FD4FDE5E1410} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2022-02-07] (Google LLC -> Google LLC)
Task: {4D33C652-2C7C-4B8A-84B8-40EAF1EBFD31} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {526B2F57-B0FE-4A92-86BE-E9FD053DBEC8} - \NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {686C1045-5107-4099-9DD2-3FE7226A3C3A} - \NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {6C353243-8DF9-420D-8450-E8D9C632262D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {6CBEF361-EE00-46F9-B3B8-D803788F07C8} - \Microsoft\Windows\Management\Provisioning\PostResetBoot -> No File <==== ATTENTION
Task: {6CC18422-BAE7-4D28-AAAC-B8BBBC8A4CE9} - System32\Tasks\HP\Consent Manager Launcher => sc start hptouchpointanalyticsservice
Task: {6E4FE5B4-C9CA-4601-9FE8-66DE3BFC287D} - \NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {80A120DA-29C6-4F45-9599-6A520F2C007B} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [26968 2022-01-12] (Garmin International, Inc. -> )
Task: {956C0A3F-0F09-4C50-BE25-E3E18A046B9C} - \NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {A491907D-D74D-4B82-95B1-AD59C912F71E} - \NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {C04E5708-FE69-48FC-93F6-0881FAC8ECE5} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3426560 2021-11-23] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {C4CB05B8-C2FE-41E2-82B7-E3B00A830AAE} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-18] (Adobe Inc. -> Adobe Inc.)
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - \Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser -> No File <==== ATTENTION
Task: {D36CAA0A-4052-4E2E-A75B-7FAEEAFCB9AD} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSFReport.exe [138328 2022-03-28] (HP Inc. -> HP Inc.)
Task: {D6289842-C650-49EA-A997-EBDAA99BA741} - System32\Tasks\GoogleUpdateTaskMachineUA{20B3175A-8648-4988-A471-F17AD8C33B26} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2022-02-07] (Google LLC -> Google LLC)
Task: {D6EDDE36-EC6B-40EE-8224-F8665F53331A} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {E718D044-8F6E-48E7-953D-85D8F0FF19E2} - \OneDrive Standalone Update Task-S-1-5-21-3720538851-2503694541-3756166602-500 -> No File <==== ATTENTION
Task: {EAB9192F-4332-4405-9ADF-98BC88B5DBD4} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{6937863e-c9ac-48bb-9f25-4c37672829ce}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{fd2bec96-b3e5-4cbd-bd2d-45992acf282d}: [DhcpNameServer] 192.168.0.1

Edge:
=======
Edge Profile: C:\Users\fugat\AppData\Local\Microsoft\Edge\User Data\Default [2022-04-05]
Edge HomePage: Default -> hxxp://www.google.cz/
Edge StartupUrls: Default -> "hxxps://www.google.cz/"
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

FireFox:
========
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat DC - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn [2022-02-07] [Legacy] [not signed]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-01-23] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-01-23] (Adobe Systems Incorporated -> Adobe Systems)

Chrome:
=======
CHR Profile: C:\Users\fugat\AppData\Local\Google\Chrome\User Data\Default [2022-04-14]
CHR HomePage: Default -> hxxp://www.google.cz/
CHR StartupUrls: Default -> "hxxps://www.google.cz/"
CHR Extension: (Prezentace) - C:\Users\fugat\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2022-02-07]
CHR Extension: (Podepisovací komponenta Signer) - C:\Users\fugat\AppData\Local\Google\Chrome\User Data\Default\Extensions\alldahcdhngmcjagmefklhhecboiigni [2022-02-07]
CHR Extension: (Dokumenty) - C:\Users\fugat\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2022-02-07]
CHR Extension: (Disk Google) - C:\Users\fugat\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2022-02-07]
CHR Extension: (YouTube) - C:\Users\fugat\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2022-02-07]
CHR Extension: (uBlock Origin) - C:\Users\fugat\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2022-04-08]
CHR Extension: (Adobe Acrobat: nástroje pro úpravu, převod a podpis souborů PDF) - C:\Users\fugat\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2022-03-22]
CHR Extension: (Tabulky) - C:\Users\fugat\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2022-02-07]
CHR Extension: (Dokumenty Google offline) - C:\Users\fugat\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-03-10]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\fugat\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-04-13]
CHR Extension: (Spouštěč aplikací pro Disk (od Googlu)) - C:\Users\fugat\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2022-02-07]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\fugat\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-02-07]
CHR Extension: (Gmail) - C:\Users\fugat\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2022-02-07]
CHR Profile: C:\Users\fugat\AppData\Local\Google\Chrome\User Data\System Profile [2022-04-14]
CHR HKU\S-1-5-21-518073881-1826240890-1261379532-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-18] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3849472 2021-11-23] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3617024 2021-11-23] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 ExpressVPNService; C:\Program Files (x86)\ExpressVPN\bootstrap\amd64\nssm.exe [437472 2020-08-20] (Express Vpn LLC -> ExpressVPN)
R2 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [891256 2020-07-30] (HP Inc. -> HP Inc.)
R2 HPAppHelperCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_86d9ab8950580d2e\x64\AppHelperCap.exe [762888 2022-02-27] (HP Inc. -> HP Inc.)
R2 HPDiagsCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_86d9ab8950580d2e\x64\DiagsCap.exe [760312 2022-02-27] (HP Inc. -> HP Inc.)
R2 HPNetworkCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_86d9ab8950580d2e\x64\NetworkCap.exe [758280 2022-02-27] (HP Inc. -> HP Inc.)
R2 HPOmenCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpomencustomcapcomp.inf_amd64_7ea79942c83947c1\x64\OmenCap\OmenCap.exe [698760 2022-02-14] (HP Inc. -> HP Inc.)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [218272 2022-03-22] (HP Inc. -> HP Inc.)
R2 HPSysInfoCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_86d9ab8950580d2e\x64\SysInfoCap.exe [761376 2022-02-27] (HP Inc. -> HP Inc.)
R2 HpTouchpointAnalyticsService; C:\WINDOWS\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_54a828a51f6769c8\x64\TouchpointAnalyticsClientService.exe [494672 2021-11-22] (HP Inc. -> HP Inc.)
R2 ID19 HP Fan Control Service; C:\Program Files\FanControlApp\FanControlApp.exe [283168 2020-04-29] (HON HAI PRECISION INDUSTRY CO.LTD. -> )
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8348856 2022-04-13] (Malwarebytes Inc -> Malwarebytes)
S3 mracsvc; C:\WINDOWS\System32\mracsvc.exe [24538344 2022-04-06] (My.Com B.V. -> My.com B.V.)
R2 RtkBtAudioServ; C:\WINDOWS\RtkBtAudioServ.exe [234064 2020-12-21] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\NisSrv.exe [3116848 2022-04-08] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe [133544 2022-04-08] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvhdci.inf_amd64_f6ce41c41f173600\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvhdci.inf_amd64_f6ce41c41f173600\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 expressvpnsplittunnel; C:\Program Files (x86)\ExpressVPN\splittunnel\expressvpnsplittunnel.sys [37024 2020-08-20] (ExprsVPN LLC -> ExpressVPN)
R1 googledrivefs3758; C:\WINDOWS\System32\DRIVERS\googledrivefs3758.sys [384584 2022-03-24] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
R3 HPCustomCapDriver; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapdriver.inf_amd64_a955fa431e522f5e\x64\hpcustomcapdriver.sys [25592 2021-09-16] (HP Inc. -> HP Inc.)
R3 HPOmenCustomCapDriver; C:\WINDOWS\System32\DriverStore\FileRepository\hpomencustomcapdriver.inf_amd64_326f2e1d16385daf\x64\hpomencustomcapdriver.sys [23888 2020-04-21] (HP Inc. -> HP Inc.)
S3 Hsp; C:\WINDOWS\System32\drivers\Hsp.sys [110904 2022-02-06] (Microsoft Windows -> Microsoft Corporation)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223688 2022-04-13] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2022-04-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2022-04-13] (Malwarebytes Inc -> Malwarebytes)
R3 MpKsl3bc1c927; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{F1CC5776-17EE-4DCA-B75A-07F8F6EB85EF}\MpKslDrv.sys [139536 2022-04-13] (Microsoft Windows -> Microsoft Corporation)
S3 mracdrv; C:\WINDOWS\System32\drivers\mracdrv1.sys [23774760 2022-04-06] (My.Com B.V. -> My.com B.V.)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48552 2021-11-01] (Microsoft Windows Hardware Compatibility Publisher -> NVIDIA Corporation)
R1 rtf64; C:\WINDOWS\system32\DRIVERS\rtf64x64.sys [70560 2020-12-22] (Realtek Semiconductor Corp. -> Realtek)
R3 tapexpressvpn; C:\WINDOWS\System32\drivers\tapexpressvpn.sys [52904 2020-08-20] (ExprsVPN LLC -> The OpenVPN Project)
R3 trufos; C:\WINDOWS\System32\drivers\trufos.sys [641736 2022-04-13] (Bitdefender SRL -> Bitdefender)
R3 ViGEmBus; C:\WINDOWS\System32\DriverStore\FileRepository\vigembus.inf_amd64_8a927fc43d8a7838\x64\ViGEmBus.sys [91432 2020-04-21] (HP Inc. -> Benjamin Hoeglinger-Stelzer)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49600 2022-04-08] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [443664 2022-04-08] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [90384 2022-04-08] (Microsoft Windows -> Microsoft Corporation)
U3 aspnet_state; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-04-14 07:06 - 2022-04-14 07:06 - 000000000 ____D C:\FRST
2022-04-13 19:13 - 2022-04-13 19:22 - 000000054 _____ C:\WINDOWS\Lic.xxx
2022-04-13 19:13 - 2022-04-13 19:13 - 000000000 ____D C:\PUB
2022-04-13 19:13 - 2022-04-13 19:12 - 000641736 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\trufos.sys
2022-04-13 19:12 - 2022-04-13 19:12 - 000632064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr80.dll
2022-04-13 19:12 - 2022-04-13 19:12 - 000554240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp80.dll
2022-04-13 19:12 - 2022-04-13 19:12 - 000176760 _____ (MicroWorld Technologies Inc.) C:\WINDOWS\SysWOW64\eEmpty.exe
2022-04-13 19:12 - 2022-04-13 19:12 - 000000000 ____D C:\ProgramData\MicroWorld
2022-04-13 18:59 - 2022-04-13 18:59 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2022-04-13 18:59 - 2022-04-13 18:59 - 000223688 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2022-04-13 18:59 - 2022-04-13 18:59 - 000002040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2022-04-13 18:59 - 2022-04-13 18:58 - 000160176 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2022-04-13 18:59 - 2022-04-13 18:58 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2022-04-13 18:58 - 2022-04-13 18:58 - 000000000 ____D C:\ProgramData\Malwarebytes
2022-04-13 18:58 - 2022-04-13 18:58 - 000000000 ____D C:\Program Files\Malwarebytes
2022-04-13 11:02 - 2022-04-13 11:02 - 002550832 _____ (The ICU Project) C:\WINDOWS\system32\icu.dll
2022-04-13 11:02 - 2022-04-13 11:02 - 002080992 _____ (The ICU Project) C:\WINDOWS\SysWOW64\icu.dll
2022-04-13 11:02 - 2022-04-13 11:02 - 000372736 _____ C:\WINDOWS\system32\hwreqchk.dll
2022-04-13 11:02 - 2022-04-13 11:02 - 000069632 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2022-04-13 11:02 - 2022-04-13 11:02 - 000015192 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-04-13 11:01 - 2022-04-13 11:01 - 000032768 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe
2022-04-13 11:00 - 2022-04-13 11:00 - 000000000 ___HD C:\$WinREAgent
2022-04-13 07:03 - 2022-04-13 14:36 - 000000000 ____D C:\Program Files\Mozilla Thunderbird
2022-04-03 09:20 - 2022-04-03 09:20 - 000000000 ____D C:\Users\fugat\OneDrive\Dokumenty\TotalAV
2022-04-03 09:19 - 2022-04-03 09:19 - 000000000 ____D C:\Users\fugat\AppData\Local\GUI
2022-04-03 09:19 - 2022-04-03 09:19 - 000000000 ____D C:\ProgramData\TotalAV
2022-04-03 09:19 - 2022-04-03 09:19 - 000000000 ____D C:\ProgramData\SecuritySuite
2022-03-31 16:39 - 2022-03-24 07:54 - 000384584 _____ (Google, Inc.) C:\WINDOWS\system32\Drivers\googledrivefs3758.sys

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-04-14 07:00 - 2022-02-07 13:07 - 000000000 ____D C:\Users\fugat\AppData\LocalLow\Mozilla
2022-04-14 06:59 - 2022-02-07 13:07 - 000000000 ____D C:\ProgramData\Mozilla
2022-04-14 06:45 - 2022-02-07 11:40 - 000000000 ____D C:\Program Files (x86)\Google
2022-04-14 06:44 - 2022-02-07 10:50 - 000000000 ____D C:\ProgramData\NVIDIA
2022-04-14 06:42 - 2022-02-07 12:39 - 000000000 ____D C:\Users\fugat\AppData\Local\GameCenter
2022-04-14 06:42 - 2022-02-07 10:41 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-04-13 19:20 - 2022-02-07 10:41 - 000000000 ____D C:\WINDOWS\SystemTemp
2022-04-13 19:13 - 2019-12-07 11:14 - 000000652 _____ C:\WINDOWS\win.ini
2022-04-13 18:59 - 2022-02-07 10:41 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2022-04-13 17:38 - 2022-02-07 10:50 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-04-13 17:38 - 2022-02-07 10:41 - 000000000 ___HD C:\Program Files\WindowsApps
2022-04-13 17:38 - 2022-02-07 10:41 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-04-13 14:43 - 2022-02-07 11:00 - 001715074 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-04-13 14:43 - 2022-02-07 10:43 - 000724594 _____ C:\WINDOWS\system32\perfh005.dat
2022-04-13 14:43 - 2022-02-07 10:43 - 000150556 _____ C:\WINDOWS\system32\perfc005.dat
2022-04-13 14:43 - 2022-02-07 10:41 - 000000000 ____D C:\WINDOWS\INF
2022-04-13 14:37 - 2022-02-07 10:50 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-04-13 14:37 - 2022-02-07 10:49 - 000624032 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-04-13 14:37 - 2022-02-07 10:49 - 000012288 ___SH C:\DumpStack.log.tmp
2022-04-13 14:37 - 2022-02-07 10:41 - 000000000 ____D C:\WINDOWS\ServiceState
2022-04-13 14:36 - 2022-02-07 13:07 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-04-13 14:36 - 2022-02-07 10:41 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-04-13 14:36 - 2022-02-07 10:41 - 000000000 ____D C:\WINDOWS\SysWOW64\vi-VN
2022-04-13 14:36 - 2022-02-07 10:41 - 000000000 ____D C:\WINDOWS\SysWOW64\eu-ES
2022-04-13 14:36 - 2022-02-07 10:41 - 000000000 ____D C:\WINDOWS\SystemResources
2022-04-13 14:36 - 2022-02-07 10:41 - 000000000 ____D C:\WINDOWS\system32\vi-VN
2022-04-13 14:36 - 2022-02-07 10:41 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-04-13 14:36 - 2022-02-07 10:41 - 000000000 ____D C:\WINDOWS\system32\eu-ES
2022-04-13 14:36 - 2022-02-07 10:41 - 000000000 ____D C:\WINDOWS\system32\appraiser
2022-04-13 14:36 - 2022-02-07 10:41 - 000000000 ____D C:\WINDOWS\ShellExperiences
2022-04-13 14:36 - 2022-02-07 10:41 - 000000000 ____D C:\WINDOWS\DiagTrack
2022-04-13 14:36 - 2022-02-07 10:41 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-04-13 14:36 - 2022-02-07 10:38 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2022-04-13 11:24 - 2022-02-09 10:33 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-04-13 11:23 - 2022-02-09 10:33 - 143823848 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-04-13 11:23 - 2022-02-07 10:50 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-04-13 11:04 - 2022-02-07 10:39 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-04-13 11:01 - 2022-02-07 10:52 - 003102208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-04-13 07:03 - 2022-02-07 11:41 - 000002254 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-04-12 06:14 - 2022-02-07 10:50 - 000003366 _____ C:\WINDOWS\system32\Tasks\RtkAudUService64_BG
2022-04-10 11:41 - 2022-02-07 11:27 - 000000000 ____D C:\Users\fugat\AppData\Local\D3DSCache
2022-04-08 07:37 - 2022-02-07 11:44 - 002262504 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll
2022-04-08 07:37 - 2022-02-07 11:44 - 000353760 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll
2022-04-08 07:37 - 2022-02-07 11:44 - 000218600 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy.dll
2022-04-08 07:37 - 2022-02-07 11:44 - 000198112 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll
2022-04-08 07:37 - 2022-02-07 11:44 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll
2022-04-08 07:37 - 2022-02-07 11:44 - 000120296 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamelaunchhelper.dll
2022-04-08 07:37 - 2022-02-07 11:44 - 000062952 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamemodcontrol.exe
2022-04-08 07:04 - 2022-02-07 10:50 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2022-04-08 06:14 - 2022-02-07 19:06 - 000002071 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk
2022-04-07 17:02 - 2022-02-07 11:29 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-518073881-1826240890-1261379532-1001
2022-04-07 17:02 - 2022-02-07 11:29 - 000003354 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-518073881-1826240890-1261379532-1001
2022-04-07 17:02 - 2022-02-07 11:29 - 000002384 _____ C:\Users\fugat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-04-07 08:01 - 2022-02-09 10:33 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2022-04-06 19:20 - 2022-02-07 11:44 - 000000000 ____D C:\WINDOWS\system32\Tasks\Hewlett-Packard
2022-04-06 18:07 - 2022-02-07 15:00 - 024538344 _____ (My.com B.V.) C:\WINDOWS\system32\mracsvc.exe
2022-04-06 18:07 - 2022-02-07 15:00 - 023774760 _____ (My.com B.V.) C:\WINDOWS\system32\Drivers\mracdrv1.sys
2022-04-06 06:32 - 2022-02-07 10:50 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-04-06 06:32 - 2022-02-07 10:50 - 000003460 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-04-03 09:25 - 2022-02-08 18:51 - 000000000 ____D C:\Users\fugat\AppData\Local\CrashDumps
2022-04-03 09:05 - 2022-02-07 12:04 - 000000000 ____D C:\Program Files\Common Files\AV
2022-04-03 09:05 - 2022-02-07 12:03 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2022-04-03 09:05 - 2022-02-07 10:38 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2022-03-28 06:53 - 2022-02-08 07:19 - 000000000 ____D C:\Users\fugat\AppData\Local\HP_Inc
2022-03-23 20:56 - 2022-02-09 10:33 - 000509296 _____ (Microsoft Corporation) C:\WINDOWS\system32\QualityUpdateAssistant.dll
2022-03-23 20:56 - 2022-02-09 10:33 - 000492912 _____ (Microsoft Corporation) C:\WINDOWS\system32\sedplugins.dll
2022-03-22 15:15 - 2022-02-07 20:15 - 000000000 ____D C:\Program Files\HPPrintScanDoctor
2022-03-22 15:13 - 2022-02-07 11:27 - 000000000 ____D C:\WINDOWS\system32\Tasks\HP
2022-03-20 20:30 - 2022-02-07 11:19 - 000000000 ____D C:\Users\fugat

==================== Files in the root of some directories ========

2022-02-07 18:12 - 2022-02-07 18:12 - 000058111 _____ () C:\Program Files (x86)\CMS Setup Log.txt
2022-02-07 16:11 - 2022-02-07 16:11 - 000000410 _____ () C:\Users\fugat\AppData\Local\oobelibMkey.log

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-04-2022 01
Ran by Petr (14-04-2022 07:08:14)
Running from C:\Users\fugat\OneDrive\Plocha
Microsoft Windows 11 Home Version 21H2 22000.613 (X64) (2022-02-07 08:57:03)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-518073881-1826240890-1261379532-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-518073881-1826240890-1261379532-503 - Limited - Disabled)
Guest (S-1-5-21-518073881-1826240890-1261379532-501 - Limited - Disabled)
Petr (S-1-5-21-518073881-1826240890-1261379532-1001 - Administrator - Enabled) => C:\Users\fugat
WDAGUtilityAccount (S-1-5-21-518073881-1826240890-1261379532-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Kaspersky Internet Security (Enabled - Up to date) {4F76F112-43EB-40E8-11D8-F7BD1853EA23}
AV: Malwarebytes (Disabled - Out of date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
FW: Kaspersky Internet Security (Disabled) {774D7037-0984-41B0-3A87-5E88E680AD58}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 15.007.20033 - Adobe Systems Incorporated)
Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version: 7.6.0.52 - Adobe Inc.)
ANT Drivers Installer x64 (HKLM\...\{AB7F8484-10C7-430B-8062-BA4D840BC328}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Balíček ovladače systému Windows - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Balíček ovladače systému Windows - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
CMS (HKLM-x32\...\CMS) (Version: - )
Elevated Installer (HKLM-x32\...\{917F39C7-FBD3-45F2-99DF-3A97EB981D5D}) (Version: 7.11.0.0 - Garmin Ltd or its subsidiaries) Hidden
ExpressVPN (HKLM-x32\...\{E5B9C3E5-889C-4F22-A959-F4B8468D8835}) (Version: 7.12.1.4 - ExpressVPN) Hidden
ExpressVPN (HKLM-x32\...\{ebd248cd-b3ef-4e14-b91a-d626fa5c392a}) (Version: 7.12.1.4 - ExpressVPN)
FastStone Image Viewer 7.5 (HKLM-x32\...\FastStone Image Viewer) (Version: 7.5 - FastStone Soft)
Garmin Express (HKLM-x32\...\{3e2be2c6-99a0-4538-8f40-231106165750}) (Version: 7.11.0.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{A0D75BFE-F68C-450A-8353-C42A3F264BED}) (Version: 7.11.0.0 - Garmin Ltd or its subsidiaries) Hidden
Google Drive (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 56.0.11.0 - Google LLC)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 100.0.4896.88 - Google LLC)
HP Audio Switch (HKLM-x32\...\{0B1DA73D-0562-4DE1-B942-CEF286CF2EDD}) (Version: 1.0.211.0 - HP Inc.)
HP Connection Optimizer (HKLM-x32\...\{6468C4A5-E47E-405F-B675-A70A70983EA6}) (Version: 2.0.19.0 - HP)
HP Documentation (HKLM\...\HP_Documentation) (Version: 1.0.0.1 - HP Inc.)
Malwarebytes version 4.5.7.186 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.7.186 - Malwarebytes)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 100.0.1185.39 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 100.0.1185.39 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-518073881-1826240890-1261379532-1001\...\OneDriveSetup.exe) (Version: 22.055.0313.0001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{6A2A8076-135F-4F55-BB02-DED67C8C6934}) (Version: 4.67.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.29.30133 (HKLM-x32\...\{295d1583-fdb9-414b-a4c8-da539362a26b}) (Version: 14.29.30133.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.23.27820 (HKLM-x32\...\{45231ab4-69fd-486a-859d-7a59fcd11013}) (Version: 14.23.27820.0 - Microsoft Corporation)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 91.5.1 - Mozilla)
Mozilla Thunderbird (x64 cs) (HKLM\...\Mozilla Thunderbird 91.8.0 (x64 cs)) (Version: 91.8.0 - Mozilla)
MY.GAMES GameCenter (HKU\S-1-5-21-518073881-1826240890-1261379532-1001\...\GameCenter) (Version: 4.1659 - MY.COM B.V.)
Nástroje kontroly pravopisu pro Microsoft Office 2016 – čeština (HKLM\...\{90160000-001F-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2016 - slovenčina (HKLM\...\{90160000-001F-041B-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
NVIDIA FrameView SDK 1.1.4923.29214634 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29214634 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.20.5.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.5.70 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.38.40 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.40 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 460.93 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 460.93 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
RTS Stavitel+ 2016 (HKLM-x32\...\RTS Stavitel +_is1) (Version: 2016 - RTS, a.s.)
Total Commander 64+32-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.51 - Ghisler Software GmbH)
Warface My.Com (HKU\S-1-5-21-518073881-1826240890-1261379532-1001\...\Warface My.Com) (Version: 1.229 - MY.GAMES)
Základní software zařízení HP Smart Tank 510 series (HKLM\...\{798379C9-F589-45AA-9E80-633506245FD1}) (Version: 48.6.4634.2224 - HP Inc.)

Packages:
=========
AV1 Video Extension -> C:\Program Files\WindowsApps\Microsoft.AV1VideoExtension_1.1.50332.0_x64__8wekyb3d8bbwe [2022-03-08] (Microsoft Corporation)
Booking.com EMEA: Big savings on hotels in 96,000 destinations worldwide -> C:\Program Files\WindowsApps\PricelinePartnerNetwork.Booking.comEMEABigsavingso_2.0.5.0_x64__mgae2k3ys4ra0 [2022-02-07] (Priceline Partner Network)
Dropbox promotion -> C:\Program Files\WindowsApps\C27EB4BA.DropboxOEM_20.4.4.0_x64__xbfy0k16fey96 [2022-02-07] (Dropbox Inc.)
HP Audio Center -> C:\Program Files\WindowsApps\AD2F1837.HPAudioCenter_1.29.257.0_x64__v10z8vjag6ke6 [2022-04-12] (HP Inc.)
HP Privacy Settings -> C:\Program Files\WindowsApps\AD2F1837.HPPrivacySettings_1.0.42.0_x64__v10z8vjag6ke6 [2022-02-07] (HP Inc.)
HP QuickDrop -> C:\Program Files\WindowsApps\AD2F1837.HPQuickDrop_2.5.9180.0_x64__v10z8vjag6ke6 [2022-03-03] (HP Inc.)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_135.1.385.0_x64__v10z8vjag6ke6 [2022-03-22] (HP Inc.)
HP Support Assistant -> C:\Program Files\WindowsApps\AD2F1837.HPSupportAssistant_9.15.66.0_x64__v10z8vjag6ke6 [2022-04-06] (HP Inc.)
HP System Event Utility -> C:\Program Files\WindowsApps\ad2f1837.hpsystemeventutility_1.2.15.0_x64__v10z8vjag6ke6 [2022-02-07] (HP Inc.)
Intel® Optane™ Memory and Storage Management -> C:\Program Files\WindowsApps\AppUp.IntelOptaneMemoryandStorageManagement_18.1.1026.0_x64__8j3eq9eme6ctt [2022-04-02] (INTEL CORP)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.12.3171.0_x64__8wekyb3d8bbwe [2022-03-27] (Microsoft Studios) [MS Ad]
Microsoft Whiteboard -> C:\Program Files\WindowsApps\Microsoft.Whiteboard_52.10404.374.0_x64__8wekyb3d8bbwe [2022-04-05] (Microsoft Corporation)
myHP -> C:\Program Files\WindowsApps\AD2F1837.myHP_1.10.53228.0_x64__v10z8vjag6ke6 [2022-02-11] (HP Inc.) [Startup Task]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.962.0_x64__56jybvy8sckqj [2022-02-07] (NVIDIA Corp.)
OMEN Gaming Hub -> C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2203.4.0_x64__v10z8vjag6ke6 [2022-03-28] (HP Inc.) [Startup Task]
Simple Solitaire -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.SimpleSolitaire_7.4.4.0_x64__kx24dqmazqk8j [2022-02-07] (Random Salad Games LLC)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0 [2022-03-19] (Spotify AB) [Startup Task]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\56.0.11.0\drivefsext.dll [2022-03-30] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\56.0.11.0\drivefsext.dll [2022-03-30] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\56.0.11.0\drivefsext.dll [2022-03-30] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\56.0.11.0\drivefsext.dll [2022-03-30] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => C:\WINDOWS\System32\DriverStore\FileRepository\iastorpinningcomponent.inf_amd64_21802104c9b3e45d\OptaneShellExt.dll [2021-04-01] (Intel(R) Rapid Storage Technology -> )
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\56.0.11.0\drivefsext.dll [2022-03-30] (Google LLC -> Google, Inc.)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-04-13] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\WINDOWS\System32\DriverStore\FileRepository\iastorpinningcomponent.inf_amd64_21802104c9b3e45d\OptaneShellExt.dll [2021-04-01] (Intel(R) Rapid Storage Technology -> )
ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\56.0.11.0\drivefsext.dll [2022-03-30] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\56.0.11.0\drivefsext.dll [2022-03-30] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvhdci.inf_amd64_f6ce41c41f173600\nvshext.dll [2022-01-29] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-04-13] (Malwarebytes Corporation -> Malwarebytes)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LastPass.lnk -> C:\Program Files (x86)\Online Services\LastPass\WizLink.exe () -> hxxp://js.redirect.hp.com/jumpstation?bd=lastpass&c=*&locale=*&pf=*&s=*&tp=edge

==================== Loaded Modules (Whitelisted) =============

2021-10-16 09:31 - 2021-10-16 09:31 - 000009216 _____ () [File not signed] C:\Program Files\WindowsApps\AD2F1837.myHP_1.10.53228.0_x64__v10z8vjag6ke6\ImagePipelineNative.dll
2022-03-30 13:06 - 2022-03-30 13:06 - 147344896 _____ () [File not signed] C:\Users\fugat\AppData\Local\GameCenter\Chrome\99.4844.2526\libcef.dll
2022-03-29 21:01 - 2022-03-29 21:01 - 000345088 _____ () [File not signed] C:\Users\fugat\AppData\Local\GameCenter\Chrome\99.4844.2526\libegl.dll
2022-03-29 20:59 - 2022-03-29 20:59 - 005478400 _____ () [File not signed] C:\Users\fugat\AppData\Local\GameCenter\Chrome\99.4844.2526\libglesv2.dll
2022-03-29 20:54 - 2022-03-29 20:54 - 003425792 _____ () [File not signed] C:\Users\fugat\AppData\Local\GameCenter\Chrome\99.4844.2526\vk_swiftshader.dll
2022-03-29 20:54 - 2022-03-29 20:54 - 000702976 _____ () [File not signed] C:\Users\fugat\AppData\Local\GameCenter\Chrome\99.4844.2526\vulkan-1.dll
2022-02-07 12:39 - 2022-02-07 12:39 - 000144896 _____ () [File not signed] C:\Users\fugat\AppData\Local\GameCenter\zlib1.dll
2022-02-10 11:30 - 2022-02-10 11:30 - 000138240 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Interop.IWs06dcaa36#\f90e72b12d0aa935d781e317202c1f9b\Interop.IWshRuntimeLibrary.ni.dll
2022-02-10 10:32 - 2022-02-10 10:33 - 000107008 _____ (Facebook, Inc.) [File not signed] C:\Program Files\WindowsApps\AD2F1837.myHP_1.10.53228.0_x64__v10z8vjag6ke6\yoga.dll
2022-02-18 11:26 - 2022-02-18 11:26 - 000139776 _____ (hardcodet.net) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Hardcodet.W6cab32f3#\07cc04e050bf3a2b713a6738ca1e8d65\Hardcodet.Wpf.TaskbarNotification.ni.dll
2022-01-19 20:05 - 2022-01-19 20:05 - 000014336 _____ (HP Inc.) [File not signed] C:\Program Files\WindowsApps\ad2f1837.hpsystemeventutility_1.2.15.0_x64__v10z8vjag6ke6\SystemEventUtility\NativeRpcClient.DLL
2021-10-16 09:31 - 2021-10-16 09:31 - 000014848 _____ (HP Inc.) [File not signed] C:\Program Files\WindowsApps\AD2F1837.myHP_1.10.53228.0_x64__v10z8vjag6ke6\NativeRpcClient.dll
2022-03-27 10:39 - 2022-03-27 10:39 - 008441344 _____ (HP Inc.) [File not signed] C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2203.4.0_x64__v10z8vjag6ke6\OmenCommandCenterApp_UWP.dll
2021-05-24 11:11 - 2021-05-24 11:11 - 000014848 _____ (HP Inc.) [File not signed] C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2203.4.0_x64__v10z8vjag6ke6\win32\NativeRpcClient.DLL
2022-02-07 12:39 - 2022-02-24 11:21 - 000163840 _____ (Igor Pavlov) [File not signed] C:\Users\fugat\AppData\Local\GameCenter\7zxa.dll
2022-02-18 11:26 - 2022-02-18 11:26 - 001716736 _____ (Mark Heath & Contributors) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\NAudio\343277c8ff5a08dd62ebb4ad5af2f83a\NAudio.ni.dll
2019-12-07 11:07 - 2019-12-07 11:52 - 000285184 ____N (Microsoft Corporation) [File not signed] c:\windows\system32\drivers\umdf\wpdfs.dll
2022-02-15 11:08 - 2022-02-15 11:08 - 000137168 _____ (Microsoft Windows -> Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_421.20070.95.0_x64__cw5n1h2txyewy\Dashboard\WebView2Loader.dll
2022-02-18 11:26 - 2022-02-18 11:26 - 003087360 _____ (Newtonsoft) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Newtonsoft.Json\ec86693079e180f87ce3d207adb00ef8\Newtonsoft.Json.ni.dll
2022-02-10 10:32 - 2022-02-10 10:32 - 001662976 _____ (Robert Simpson, et al.) [File not signed] C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2203.4.0_x64__v10z8vjag6ke6\win32\SQLite.Interop.dll
2022-02-07 12:39 - 2022-02-07 12:39 - 000694272 _____ (The curl library, hxxps://curl.se/) [File not signed] C:\Users\fugat\AppData\Local\GameCenter\libcurl.dll
2022-03-29 21:52 - 2022-03-29 21:52 - 000985600 _____ (The Chromium Authors) [File not signed] C:\Users\fugat\AppData\Local\GameCenter\Chrome\99.4844.2526\chrome_elf.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
SearchScopes: HKLM -> {7F1D1264-302B-4934-9B46-54974BA74E53} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKLM-x32 -> {7F1D1264-302B-4934-9B46-54974BA74E53} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKU\S-1-5-21-518073881-1826240890-1261379532-1001 -> {7F1D1264-302B-4934-9B46-54974BA74E53} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2022-03-28] (HP Inc. -> HP Inc.)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2022-03-28] (HP Inc. -> HP Inc.)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-12-07 11:14 - 2022-04-03 09:41 - 000001024 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 lm.licenses.adobe.com
127.0.0.1 na1r.services.adobe.com
127.0.0.1 hlrcv.stage.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 activate.adobe.com

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-518073881-1826240890-1261379532-1001\Control Panel\Desktop\\Wallpaper -> D:\Fotky\Travní\SAM_0203.JPG
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

Network Binding:
=============
Wi-Fi: Realtek LightWeight Filter (NDIS6.40) -> nt_rtf64 (enabled)
Ethernet 2: Realtek LightWeight Filter (NDIS6.40) -> nt_rtf64 (enabled)
Ethernet: Realtek LightWeight Filter (NDIS6.40) -> nt_rtf64 (enabled)

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKU\S-1-5-21-518073881-1826240890-1261379532-1001\...\StartupApproved\Run: => "GarminExpress"
HKU\S-1-5-21-518073881-1826240890-1261379532-1001\...\StartupApproved\Run: => "kpm.exe"
HKU\S-1-5-21-518073881-1826240890-1261379532-1001\...\StartupApproved\Run: => "OneDrive"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{D80B0C0B-A25F-4A2A-BB79-F3B7C92AB425}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\OmenCommandCenterBackground.exe => No File
FirewallRules: [{EA83AD5B-B1A4-4F3F-AF04-7C26A358F123}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\OmenCommandCenterBackground.exe => No File
FirewallRules: [{5A3DBFD2-833C-4941-86AE-E7BC44F9AA4B}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{3E297E5E-DE55-4183-AD2E-66CBCE749264}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{5EC9A46B-2F02-4F64-8CE4-BEF3863FA0B6}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{2A59CC16-E873-4C8C-BD7B-EA61E6E12E67}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{5C4737C2-FADE-4538-8C3B-5E3DA5703DA1}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{8FD8035D-4BEB-4198-B167-4C8F28BBA373}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{7821FE05-2A8A-411C-88A0-2174A84AB3E0}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{52F7F5D3-E779-4A2B-A85F-AA07348102FF}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{6F71E2F2-CFB4-46B3-B5BE-5744159AD78A}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{190D567E-6283-40C4-9D5A-99AFC821F647}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{2F096256-71A5-4597-81A7-AA454CA53F65}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{A71F5CA9-B890-4782-8C2F-F9C6C172571E}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{4C32CB2D-2FAC-4FB3-ADEA-BE3A450A5AB0}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{5638441E-590A-4F48-9E01-6A22612A5145}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{EEFCEBAE-20F3-4B3E-8AD6-D1775C2746B7}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\StreamerV2\Omen.exe => No File
FirewallRules: [{847A4F88-7CE4-4AFB-9BDE-6F19EB75B675}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\StreamerV2\Omen.exe => No File
FirewallRules: [{BC945135-FBF5-48C5-8B4A-7179A3B8F851}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\StreamerV2\Omen.exe => No File
FirewallRules: [{A2FDC62D-ACC5-4951-BEB0-F96E71DB98E8}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\StreamerV2\Omen.exe => No File
FirewallRules: [{4DC86DAD-AC33-4F36-8503-FEFFA8FB79D7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{D906161A-D92F-443F-9AD3-FF488C5E43F6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1A911F33-32BE-4EE2-865A-9C7E47903571}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{7ACFB8BE-00A8-4C05-8CE6-F6A1A698CDB7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{9A2AA857-3393-4590-A2BA-DD72A4660FE5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{0E8DE388-50AB-4CBE-B7AF-8616B07CFD97}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{DC463D39-ADC3-4149-8239-7D6359FB587A}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5F1B2B05-DEDB-40BE-A214-170A39CF165E}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{84D7C2D1-576F-47BB-AD3E-A7CB412F6AE8}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{897668EC-48BD-43E3-8B06-D7A4A4CB8D3E}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{AB855F71-A716-4170-B080-53A17D1AE906}C:\users\fugat\appdata\local\gamecenter\gamecenter.exe] => (Block) C:\users\fugat\appdata\local\gamecenter\gamecenter.exe (My.Com B.V. -> )
FirewallRules: [UDP Query User{0BC0E3C0-48FC-4289-ABEB-0DEFE029084C}C:\users\fugat\appdata\local\gamecenter\gamecenter.exe] => (Block) C:\users\fugat\appdata\local\gamecenter\gamecenter.exe (My.Com B.V. -> )
FirewallRules: [{9CF2EDEC-DBB0-4136-B1A0-114938E3F956}] => (Allow) C:\Program Files\HP\HP Smart Tank 510 series\Bin\DeviceSetup.exe (HP Inc. -> HP Inc.)
FirewallRules: [{4D3A6033-BF6B-4A06-BC7B-AEAD4AA8D783}] => (Allow) LPort=5357
FirewallRules: [{D577065D-E862-4D34-ACC4-02A33C41AC86}] => (Allow) C:\Program Files\HP\HP Smart Tank 510 series\Bin\HPNetworkCommunicatorCom.exe (HP Inc. -> HP Inc.)
FirewallRules: [{C4E1CC3D-3F9A-49CC-9F14-2F93553B57D5}] => (Allow) C:\Users\fugat\AppData\Local\Temp\7zS2A86\HP.EasyStart.exe => No File
FirewallRules: [{B0895AEE-2E7B-49B9-B437-D8E41F311DD5}] => (Allow) C:\hp\Diagnostics\PSDR\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [{9BCF3230-0361-4FE4-A13A-E41B7E43E9B2}] => (Allow) C:\hp\Diagnostics\PSDR\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [{2AFCBF79-CB0D-4170-AFDF-28873D913CEF}] => (Allow) C:\Users\fugat\AppData\Local\Temp\7zS6D10\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{9F40D925-4B23-4DBA-9112-BBB30853193B}] => (Allow) C:\Users\fugat\AppData\Local\Temp\7zS6D10\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{DB14CBEB-D258-4F30-ADD8-6F7A1930AC03}] => (Allow) C:\Users\fugat\AppData\Local\Temp\7zS0FA2\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{FE377442-314A-4695-9A42-6787DE2199B7}] => (Allow) C:\Users\fugat\AppData\Local\Temp\7zS0FA2\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{3D475C93-D466-487E-BDFF-1462FE15FD0A}] => (Allow) C:\Users\fugat\AppData\Local\Temp\7zS790D\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{7D3E42A3-52A9-4BD6-A678-7CEF1488C8E3}] => (Allow) C:\Users\fugat\AppData\Local\Temp\7zS790D\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{C6EF4CF2-DC49-430A-B757-7179898E3648}] => (Allow) C:\Users\fugat\AppData\Local\Temp\7zS1B0D\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{6EFC1CC4-4123-4B57-B1D6-9A755ECD3DF3}] => (Allow) C:\Users\fugat\AppData\Local\Temp\7zS1B0D\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{844B9B28-1E44-40F3-B885-B908D82A92D6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{3631F8A4-341D-45F1-96B5-D1C204FFEB5A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1E6CE3DC-F2EF-40E0-B21C-96D11528D48F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{F15769B6-B1E9-4E88-B97F-41E27CB5CCC8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{93980BE1-9E91-43D4-8BB5-32217BF8B6A2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{86C2ACBD-E7C5-4053-982D-A704D2898F0A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1BA1E742-FEED-4084-8AB9-34841749A8EB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{3D01A360-069C-437E-B887-3E497BF5BBD0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{9EF0735C-F61B-4676-9E53-90573B2083AE}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.82.404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{59BBBB29-241A-476B-9254-1FE1E5BECD40}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.82.404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{CEAE313F-CD64-416E-8BAC-2F90CBFCE9BB}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.82.404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{34A4E71C-CA50-47EF-A217-22D360EDE655}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.82.404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{94366A55-8246-4C68-80C7-057E295E2DBB}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2203.4.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{35AB9466-6480-449D-AD82-E96B771A9916}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2203.4.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{32AE380D-196A-4EF2-9562-EAE1E58C1159}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2203.4.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{57BF1688-38DE-4E35-8CBD-F528F2E71059}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2203.4.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{3C7A2A73-30D1-4CF3-8E85-69F97E7BF1A0}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2203.4.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{956727E3-7076-4D5E-AC0D-1736BAD1D433}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2203.4.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{5C1A709B-DAFD-440D-8320-C87A23385C79}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2203.4.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{38671937-DC87-4218-B2EB-0386549805B8}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2203.4.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{894AABB7-5933-4CF8-A156-822D817F94CA}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2203.4.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{5D00E702-B8F1-441D-96D5-E5CE52170410}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2203.4.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{5334F5A4-84A2-4876-B602-FC12C95B861F}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2203.4.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{02C5509C-D445-40DF-9649-1DFED68729F6}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2203.4.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{071F42C8-C5CC-4CBF-96D0-A100155999C6}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2203.4.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{5B0CA116-8A4E-4803-B398-2EFD98EEAC39}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2203.4.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{4D9C58F8-3C75-4D76-9545-0BEC0F19E23C}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2203.4.0_x64__v10z8vjag6ke6\win32\OmenCommandCenterBackground.exe (HP Inc. -> HP Inc.)
FirewallRules: [{8D1410FF-1E5A-4F36-A2A2-C4176E36C53B}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2203.4.0_x64__v10z8vjag6ke6\win32\OmenCommandCenterBackground.exe (HP Inc. -> HP Inc.)
FirewallRules: [TCP Query User{5F8E448C-4526-4705-BE9B-C6CC7F171621}C:\mygames\warface my.com\bin64release\game.exe] => (Allow) C:\mygames\warface my.com\bin64release\game.exe (MRAC Warface -> MY.GAMES)
FirewallRules: [UDP Query User{483A7862-B8EC-462A-9A9B-D22DE80F3722}C:\mygames\warface my.com\bin64release\game.exe] => (Allow) C:\mygames\warface my.com\bin64release\game.exe (MRAC Warface -> MY.GAMES)
FirewallRules: [{C01CC65D-EAC3-4DE0-8DFF-B942897A49D2}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_22070.202.1253.1497_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{944C1370-D62D-477C-95FD-42FB44B4BCE0}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_22070.202.1253.1497_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{02C42165-0DCE-4A79-9C8D-D06A3CB46B49}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{5184FAAF-1B23-4CEE-8E21-D90678D3B515}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.39\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================

03-04-2022 09:00:55 Removed Kaspersky Password Manager
11-04-2022 07:49:46 Naplánovaný kontrolní bod
13-04-2022 10:59:36 Instalační služba modulů systému Windows

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (04/14/2022 06:52:54 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (04/13/2022 07:24:20 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrobat.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.22000.120_none_9d947278b86cc467.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.22000.120_none_e541a94fcce8ed6d.manifest.

Error: (04/13/2022 07:24:20 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrobat.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.22000.120_none_9d947278b86cc467.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.22000.120_none_e541a94fcce8ed6d.manifest.

Error: (04/13/2022 06:59:27 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrobat.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.22000.120_none_9d947278b86cc467.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.22000.120_none_e541a94fcce8ed6d.manifest.

Error: (04/13/2022 02:43:26 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (04/13/2022 09:14:04 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrobat.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.22000.120_none_9d947278b86cc467.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.22000.120_none_e541a94fcce8ed6d.manifest.

Error: (04/10/2022 07:36:17 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (04/09/2022 06:36:20 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0


System errors:
=============
Error: (04/14/2022 06:42:30 AM) (Source: Server) (EventID: 2505) (User: )
Description: Server nemohl vytvořit vazbu na přenos \Device\NetBT_Tcpip_{6937863E-C9AC-48BB-9F25-4C37672829CE}, protože jiný počítač v síti má stejný název. Server nelze spustit.

Error: (04/13/2022 07:02:08 AM) (Source: Server) (EventID: 2505) (User: )
Description: Server nemohl vytvořit vazbu na přenos \Device\NetBT_Tcpip_{FD2BEC96-B3E5-4CBD-BD2D-45992ACF282D}, protože jiný počítač v síti má stejný název. Server nelze spustit.

Error: (04/13/2022 07:02:07 AM) (Source: Server) (EventID: 2505) (User: )
Description: Server nemohl vytvořit vazbu na přenos \Device\NetBT_Tcpip_{6937863E-C9AC-48BB-9F25-4C37672829CE}, protože jiný počítač v síti má stejný název. Server nelze spustit.

Error: (04/12/2022 02:25:41 PM) (Source: Server) (EventID: 2505) (User: )
Description: Server nemohl vytvořit vazbu na přenos \Device\NetBT_Tcpip_{6937863E-C9AC-48BB-9F25-4C37672829CE}, protože jiný počítač v síti má stejný název. Server nelze spustit.

Error: (04/12/2022 06:14:04 AM) (Source: Server) (EventID: 2505) (User: )
Description: Server nemohl vytvořit vazbu na přenos \Device\NetBT_Tcpip_{6937863E-C9AC-48BB-9F25-4C37672829CE}, protože jiný počítač v síti má stejný název. Server nelze spustit.

Error: (04/11/2022 06:42:19 PM) (Source: DCOM) (EventID: 10010) (User: Petr)
Description: Server Microsoft.Windows.ContentDeliveryManager_10.0.22000.1_neutral_neutral_cw5n1h2txyewy!App.AppXyvyv4mghdjas8j88defq0w1hc410kvzt.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (04/11/2022 05:36:17 PM) (Source: Server) (EventID: 2505) (User: )
Description: Server nemohl vytvořit vazbu na přenos \Device\NetBT_Tcpip_{6937863E-C9AC-48BB-9F25-4C37672829CE}, protože jiný počítač v síti má stejný název. Server nelze spustit.

Error: (04/11/2022 05:58:21 AM) (Source: Server) (EventID: 2505) (User: )
Description: Server nemohl vytvořit vazbu na přenos \Device\NetBT_Tcpip_{FD2BEC96-B3E5-4CBD-BD2D-45992ACF282D}, protože jiný počítač v síti má stejný název. Server nelze spustit.


Windows Defender:
================
Date: 2022-04-13 08:15:25
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {F6150783-DEAC-479C-9D5D-26FA2D7C036C}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2022-04-12 07:16:12
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {FDF5DA38-214B-46DE-89F1-7D3041E19915}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2022-04-11 07:48:44
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {1CBE6393-6111-48B0-A992-5EB7AA8C8535}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2022-04-10 10:52:34
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {101F0B8A-DEA4-4969-93CE-F97F5F349159}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2022-04-07 09:58:13
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {189E886C-DD73-4D03-9376-740EC845B6CE}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Event[0]

Date: 2022-02-09 07:57:48
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.357.332.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18900.2
Kód chyby: 0x80240022
Popis chyby: V daném programu nelze zkontrolovat aktualizace definic.

Date: 2022-02-09 07:56:34
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.321.69.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17300.4
Kód chyby: 0x80240022
Popis chyby: V daném programu nelze zkontrolovat aktualizace definic.

Date: 2022-02-09 07:56:34
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.321.69.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17300.4
Kód chyby: 0x80240022
Popis chyby: V daném programu nelze zkontrolovat aktualizace definic.

CodeIntegrity:
===============
Date: 2022-04-09 08:55:43
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2022-04-06 12:28:59
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2022-04-03 09:19:55
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\protected_elam.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2022-04-03 09:05:02
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.


==================== Memory info ===========================

BIOS: AMI F.40 07/29/2021
Motherboard: HP 8767
Processor: Intel(R) Core(TM) i5-10400 CPU @ 2.90GHz
Percentage of memory in use: 34%
Total physical RAM: 16249.75 MB
Available physical RAM: 10600.13 MB
Total Virtual: 18681.75 MB
Available Virtual: 10827.55 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:476.13 GB) (Free:358.01 GB) NTFS
Drive d: (DATA) (Fixed) (Total:931.51 GB) (Free:760.91 GB) NTFS
Drive e: (Verbatim HDD) (Fixed) (Total:931.51 GB) (Free:171.2 GB) NTFS
Drive g: (Google Drive) (Fixed) (Total:15 GB) (Free:5.69 GB) FAT32

\\?\Volume{75a0fa6b-d1f9-4b47-ab8e-75e621a387d3}\ () (Fixed) (Total:0.54 GB) (Free:0.05 GB) NTFS
\\?\Volume{578c12f2-64de-443e-9267-de2bbf3feb75}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.16 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: 5FD808C6)

Partition: GPT.

==========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 69EA6628)

Partition: GPT.

==========================================================
Disk: 2 (Size: 931.5 GB) (Disk ID: D8A924DA)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================

Zdravím!
Spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

Posílám log

# -------------------------------
# Malwarebytes AdwCleaner 8.3.2.0
# -------------------------------
# Build: 03-23-2022
# Database: 2022-03-15.3 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 04-14-2022
# Duration: 00:00:01
# OS: Windows 10 Home
# Cleaned: 9
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\ProgramData\SecuritySuite
Deleted C:\ProgramData\TotalAV
Deleted C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\TotalAV

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\SSProtect
Deleted HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\com.totalav.passwordvaultassistant
Deleted HKLM\SOFTWARE\Microsoft\Edge\NativeMessagingHosts\com.totalav.passwordvaultassistant
Deleted HKLM\SOFTWARE\Mozilla\NativeMessagingHosts\com.totalav.passwordvaultassistant
Deleted HKLM\Software\Classes\totalav
Deleted HKLM\System\CurrentControlSet\Services\EventLog\Application\SecurityService

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [4018 octets] - [14/04/2022 12:39:05]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

OK. Dejte nové logy FRST+Addition.

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-04-2022 01
Ran by Petr (14-04-2022 13:18:54)
Running from C:\Users\fugat\OneDrive\Plocha
Microsoft Windows 11 Home Version 21H2 22000.613 (X64) (2022-02-07 08:57:03)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-518073881-1826240890-1261379532-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-518073881-1826240890-1261379532-503 - Limited - Disabled)
Guest (S-1-5-21-518073881-1826240890-1261379532-501 - Limited - Disabled)
Petr (S-1-5-21-518073881-1826240890-1261379532-1001 - Administrator - Enabled) => C:\Users\fugat
WDAGUtilityAccount (S-1-5-21-518073881-1826240890-1261379532-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Kaspersky Internet Security (Enabled - Up to date) {4F76F112-43EB-40E8-11D8-F7BD1853EA23}
AV: Malwarebytes (Disabled - Out of date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
FW: Kaspersky Internet Security (Disabled) {774D7037-0984-41B0-3A87-5E88E680AD58}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 15.007.20033 - Adobe Systems Incorporated)
Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version: 7.6.0.52 - Adobe Inc.)
ANT Drivers Installer x64 (HKLM\...\{AB7F8484-10C7-430B-8062-BA4D840BC328}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Balíček ovladače systému Windows - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Balíček ovladače systému Windows - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
CMS (HKLM-x32\...\CMS) (Version: - )
Elevated Installer (HKLM-x32\...\{917F39C7-FBD3-45F2-99DF-3A97EB981D5D}) (Version: 7.11.0.0 - Garmin Ltd or its subsidiaries) Hidden
ExpressVPN (HKLM-x32\...\{E5B9C3E5-889C-4F22-A959-F4B8468D8835}) (Version: 7.12.1.4 - ExpressVPN) Hidden
ExpressVPN (HKLM-x32\...\{ebd248cd-b3ef-4e14-b91a-d626fa5c392a}) (Version: 7.12.1.4 - ExpressVPN)
FastStone Image Viewer 7.5 (HKLM-x32\...\FastStone Image Viewer) (Version: 7.5 - FastStone Soft)
Garmin Express (HKLM-x32\...\{3e2be2c6-99a0-4538-8f40-231106165750}) (Version: 7.11.0.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{A0D75BFE-F68C-450A-8353-C42A3F264BED}) (Version: 7.11.0.0 - Garmin Ltd or its subsidiaries) Hidden
Google Drive (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 56.0.11.0 - Google LLC)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 100.0.4896.88 - Google LLC)
HP Audio Switch (HKLM-x32\...\{0B1DA73D-0562-4DE1-B942-CEF286CF2EDD}) (Version: 1.0.211.0 - HP Inc.)
HP Connection Optimizer (HKLM-x32\...\{6468C4A5-E47E-405F-B675-A70A70983EA6}) (Version: 2.0.19.0 - HP)
HP Documentation (HKLM\...\HP_Documentation) (Version: 1.0.0.1 - HP Inc.)
Malwarebytes version 4.5.7.186 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.7.186 - Malwarebytes)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 100.0.1185.39 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 100.0.1185.39 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-518073881-1826240890-1261379532-1001\...\OneDriveSetup.exe) (Version: 22.055.0313.0001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{6A2A8076-135F-4F55-BB02-DED67C8C6934}) (Version: 4.67.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.29.30133 (HKLM-x32\...\{295d1583-fdb9-414b-a4c8-da539362a26b}) (Version: 14.29.30133.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.23.27820 (HKLM-x32\...\{45231ab4-69fd-486a-859d-7a59fcd11013}) (Version: 14.23.27820.0 - Microsoft Corporation)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 91.5.1 - Mozilla)
Mozilla Thunderbird (x64 cs) (HKLM\...\Mozilla Thunderbird 91.8.0 (x64 cs)) (Version: 91.8.0 - Mozilla)
MY.GAMES GameCenter (HKU\S-1-5-21-518073881-1826240890-1261379532-1001\...\GameCenter) (Version: 4.1659 - MY.COM B.V.)
Nástroje kontroly pravopisu pro Microsoft Office 2016 – čeština (HKLM\...\{90160000-001F-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2016 - slovenčina (HKLM\...\{90160000-001F-041B-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
NVIDIA FrameView SDK 1.1.4923.29214634 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29214634 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.20.5.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.5.70 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.38.40 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.40 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 460.93 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 460.93 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
RTS Stavitel+ 2016 (HKLM-x32\...\RTS Stavitel +_is1) (Version: 2016 - RTS, a.s.)
Total Commander 64+32-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.51 - Ghisler Software GmbH)
Warface My.Com (HKU\S-1-5-21-518073881-1826240890-1261379532-1001\...\Warface My.Com) (Version: 1.229 - MY.GAMES)
Základní software zařízení HP Smart Tank 510 series (HKLM\...\{798379C9-F589-45AA-9E80-633506245FD1}) (Version: 48.6.4634.2224 - HP Inc.)

Packages:
=========
AV1 Video Extension -> C:\Program Files\WindowsApps\Microsoft.AV1VideoExtension_1.1.50332.0_x64__8wekyb3d8bbwe [2022-03-08] (Microsoft Corporation)
Booking.com EMEA: Big savings on hotels in 96,000 destinations worldwide -> C:\Program Files\WindowsApps\PricelinePartnerNetwork.Booking.comEMEABigsavingso_2.0.5.0_x64__mgae2k3ys4ra0 [2022-02-07] (Priceline Partner Network)
Dropbox promotion -> C:\Program Files\WindowsApps\C27EB4BA.DropboxOEM_20.4.4.0_x64__xbfy0k16fey96 [2022-02-07] (Dropbox Inc.)
HP Audio Center -> C:\Program Files\WindowsApps\AD2F1837.HPAudioCenter_1.29.257.0_x64__v10z8vjag6ke6 [2022-04-12] (HP Inc.)
HP Privacy Settings -> C:\Program Files\WindowsApps\AD2F1837.HPPrivacySettings_1.0.42.0_x64__v10z8vjag6ke6 [2022-02-07] (HP Inc.)
HP QuickDrop -> C:\Program Files\WindowsApps\AD2F1837.HPQuickDrop_2.5.9180.0_x64__v10z8vjag6ke6 [2022-03-03] (HP Inc.)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_135.1.385.0_x64__v10z8vjag6ke6 [2022-03-22] (HP Inc.)
HP Support Assistant -> C:\Program Files\WindowsApps\AD2F1837.HPSupportAssistant_9.15.66.0_x64__v10z8vjag6ke6 [2022-04-06] (HP Inc.)
HP System Event Utility -> C:\Program Files\WindowsApps\ad2f1837.hpsystemeventutility_1.2.15.0_x64__v10z8vjag6ke6 [2022-02-07] (HP Inc.)
Intel® Optane™ Memory and Storage Management -> C:\Program Files\WindowsApps\AppUp.IntelOptaneMemoryandStorageManagement_18.1.1026.0_x64__8j3eq9eme6ctt [2022-04-02] (INTEL CORP)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.12.3171.0_x64__8wekyb3d8bbwe [2022-03-27] (Microsoft Studios) [MS Ad]
Microsoft Whiteboard -> C:\Program Files\WindowsApps\Microsoft.Whiteboard_52.10404.374.0_x64__8wekyb3d8bbwe [2022-04-05] (Microsoft Corporation)
myHP -> C:\Program Files\WindowsApps\AD2F1837.myHP_1.10.53228.0_x64__v10z8vjag6ke6 [2022-02-11] (HP Inc.) [Startup Task]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.962.0_x64__56jybvy8sckqj [2022-02-07] (NVIDIA Corp.)
OMEN Gaming Hub -> C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2203.4.0_x64__v10z8vjag6ke6 [2022-03-28] (HP Inc.) [Startup Task]
Simple Solitaire -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.SimpleSolitaire_7.4.4.0_x64__kx24dqmazqk8j [2022-02-07] (Random Salad Games LLC)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0 [2022-03-19] (Spotify AB) [Startup Task]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\56.0.11.0\drivefsext.dll [2022-03-30] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\56.0.11.0\drivefsext.dll [2022-03-30] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\56.0.11.0\drivefsext.dll [2022-03-30] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\56.0.11.0\drivefsext.dll [2022-03-30] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => C:\WINDOWS\System32\DriverStore\FileRepository\iastorpinningcomponent.inf_amd64_21802104c9b3e45d\OptaneShellExt.dll [2021-04-01] (Intel(R) Rapid Storage Technology -> )
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\56.0.11.0\drivefsext.dll [2022-03-30] (Google LLC -> Google, Inc.)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-04-13] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\WINDOWS\System32\DriverStore\FileRepository\iastorpinningcomponent.inf_amd64_21802104c9b3e45d\OptaneShellExt.dll [2021-04-01] (Intel(R) Rapid Storage Technology -> )
ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\56.0.11.0\drivefsext.dll [2022-03-30] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\56.0.11.0\drivefsext.dll [2022-03-30] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvhdci.inf_amd64_f6ce41c41f173600\nvshext.dll [2022-01-29] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-04-13] (Malwarebytes Corporation -> Malwarebytes)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LastPass.lnk -> C:\Program Files (x86)\Online Services\LastPass\WizLink.exe () -> hxxp://js.redirect.hp.com/jumpstation?bd=lastpass&c=*&locale=*&pf=*&s=*&tp=edge

==================== Loaded Modules (Whitelisted) =============

2015-03-17 02:34 - 2015-03-17 02:34 - 000013312 _____ (Adobe Systems Inc.) [File not signed] C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\locale\cs_cz\Acrobat Elements\ContextMenuShim64.cze
2019-12-07 11:07 - 2019-12-07 11:52 - 000285184 ____N (Microsoft Corporation) [File not signed] c:\windows\system32\drivers\umdf\wpdfs.dll
2022-02-18 11:26 - 2022-02-18 11:26 - 003087360 _____ (Newtonsoft) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Newtonsoft.Json\ec86693079e180f87ce3d207adb00ef8\Newtonsoft.Json.ni.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
SearchScopes: HKLM -> {7F1D1264-302B-4934-9B46-54974BA74E53} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKLM-x32 -> {7F1D1264-302B-4934-9B46-54974BA74E53} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKU\S-1-5-21-518073881-1826240890-1261379532-1001 -> {7F1D1264-302B-4934-9B46-54974BA74E53} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2022-03-28] (HP Inc. -> HP Inc.)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2022-03-28] (HP Inc. -> HP Inc.)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-12-07 11:14 - 2022-04-03 09:41 - 000001024 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 lm.licenses.adobe.com
127.0.0.1 na1r.services.adobe.com
127.0.0.1 hlrcv.stage.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 activate.adobe.com

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-518073881-1826240890-1261379532-1001\Control Panel\Desktop\\Wallpaper -> D:\Fotky\Travní\SAM_0203.JPG
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

Network Binding:
=============
Wi-Fi: Realtek LightWeight Filter (NDIS6.40) -> nt_rtf64 (enabled)
Ethernet 2: Realtek LightWeight Filter (NDIS6.40) -> nt_rtf64 (enabled)
Ethernet: Realtek LightWeight Filter (NDIS6.40) -> nt_rtf64 (enabled)

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKU\S-1-5-21-518073881-1826240890-1261379532-1001\...\StartupApproved\Run: => "GarminExpress"
HKU\S-1-5-21-518073881-1826240890-1261379532-1001\...\StartupApproved\Run: => "kpm.exe"
HKU\S-1-5-21-518073881-1826240890-1261379532-1001\...\StartupApproved\Run: => "OneDrive"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{D80B0C0B-A25F-4A2A-BB79-F3B7C92AB425}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\OmenCommandCenterBackground.exe => No File
FirewallRules: [{EA83AD5B-B1A4-4F3F-AF04-7C26A358F123}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\OmenCommandCenterBackground.exe => No File
FirewallRules: [{5A3DBFD2-833C-4941-86AE-E7BC44F9AA4B}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{3E297E5E-DE55-4183-AD2E-66CBCE749264}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{5EC9A46B-2F02-4F64-8CE4-BEF3863FA0B6}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{2A59CC16-E873-4C8C-BD7B-EA61E6E12E67}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{5C4737C2-FADE-4538-8C3B-5E3DA5703DA1}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{8FD8035D-4BEB-4198-B167-4C8F28BBA373}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{7821FE05-2A8A-411C-88A0-2174A84AB3E0}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{52F7F5D3-E779-4A2B-A85F-AA07348102FF}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{6F71E2F2-CFB4-46B3-B5BE-5744159AD78A}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{190D567E-6283-40C4-9D5A-99AFC821F647}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{2F096256-71A5-4597-81A7-AA454CA53F65}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{A71F5CA9-B890-4782-8C2F-F9C6C172571E}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{4C32CB2D-2FAC-4FB3-ADEA-BE3A450A5AB0}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{5638441E-590A-4F48-9E01-6A22612A5145}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{EEFCEBAE-20F3-4B3E-8AD6-D1775C2746B7}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\StreamerV2\Omen.exe => No File
FirewallRules: [{847A4F88-7CE4-4AFB-9BDE-6F19EB75B675}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\StreamerV2\Omen.exe => No File
FirewallRules: [{BC945135-FBF5-48C5-8B4A-7179A3B8F851}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\StreamerV2\Omen.exe => No File
FirewallRules: [{A2FDC62D-ACC5-4951-BEB0-F96E71DB98E8}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\StreamerV2\Omen.exe => No File
FirewallRules: [{4DC86DAD-AC33-4F36-8503-FEFFA8FB79D7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{D906161A-D92F-443F-9AD3-FF488C5E43F6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1A911F33-32BE-4EE2-865A-9C7E47903571}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{7ACFB8BE-00A8-4C05-8CE6-F6A1A698CDB7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{9A2AA857-3393-4590-A2BA-DD72A4660FE5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{0E8DE388-50AB-4CBE-B7AF-8616B07CFD97}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{DC463D39-ADC3-4149-8239-7D6359FB587A}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5F1B2B05-DEDB-40BE-A214-170A39CF165E}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{84D7C2D1-576F-47BB-AD3E-A7CB412F6AE8}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{897668EC-48BD-43E3-8B06-D7A4A4CB8D3E}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{AB855F71-A716-4170-B080-53A17D1AE906}C:\users\fugat\appdata\local\gamecenter\gamecenter.exe] => (Block) C:\users\fugat\appdata\local\gamecenter\gamecenter.exe (My.Com B.V. -> )
FirewallRules: [UDP Query User{0BC0E3C0-48FC-4289-ABEB-0DEFE029084C}C:\users\fugat\appdata\local\gamecenter\gamecenter.exe] => (Block) C:\users\fugat\appdata\local\gamecenter\gamecenter.exe (My.Com B.V. -> )
FirewallRules: [{9CF2EDEC-DBB0-4136-B1A0-114938E3F956}] => (Allow) C:\Program Files\HP\HP Smart Tank 510 series\Bin\DeviceSetup.exe (HP Inc. -> HP Inc.)
FirewallRules: [{4D3A6033-BF6B-4A06-BC7B-AEAD4AA8D783}] => (Allow) LPort=5357
FirewallRules: [{D577065D-E862-4D34-ACC4-02A33C41AC86}] => (Allow) C:\Program Files\HP\HP Smart Tank 510 series\Bin\HPNetworkCommunicatorCom.exe (HP Inc. -> HP Inc.)
FirewallRules: [{C4E1CC3D-3F9A-49CC-9F14-2F93553B57D5}] => (Allow) C:\Users\fugat\AppData\Local\Temp\7zS2A86\HP.EasyStart.exe => No File
FirewallRules: [{B0895AEE-2E7B-49B9-B437-D8E41F311DD5}] => (Allow) C:\hp\Diagnostics\PSDR\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [{9BCF3230-0361-4FE4-A13A-E41B7E43E9B2}] => (Allow) C:\hp\Diagnostics\PSDR\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [{2AFCBF79-CB0D-4170-AFDF-28873D913CEF}] => (Allow) C:\Users\fugat\AppData\Local\Temp\7zS6D10\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{9F40D925-4B23-4DBA-9112-BBB30853193B}] => (Allow) C:\Users\fugat\AppData\Local\Temp\7zS6D10\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{DB14CBEB-D258-4F30-ADD8-6F7A1930AC03}] => (Allow) C:\Users\fugat\AppData\Local\Temp\7zS0FA2\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{FE377442-314A-4695-9A42-6787DE2199B7}] => (Allow) C:\Users\fugat\AppData\Local\Temp\7zS0FA2\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{3D475C93-D466-487E-BDFF-1462FE15FD0A}] => (Allow) C:\Users\fugat\AppData\Local\Temp\7zS790D\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{7D3E42A3-52A9-4BD6-A678-7CEF1488C8E3}] => (Allow) C:\Users\fugat\AppData\Local\Temp\7zS790D\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{C6EF4CF2-DC49-430A-B757-7179898E3648}] => (Allow) C:\Users\fugat\AppData\Local\Temp\7zS1B0D\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{6EFC1CC4-4123-4B57-B1D6-9A755ECD3DF3}] => (Allow) C:\Users\fugat\AppData\Local\Temp\7zS1B0D\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{844B9B28-1E44-40F3-B885-B908D82A92D6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{3631F8A4-341D-45F1-96B5-D1C204FFEB5A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1E6CE3DC-F2EF-40E0-B21C-96D11528D48F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{F15769B6-B1E9-4E88-B97F-41E27CB5CCC8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{93980BE1-9E91-43D4-8BB5-32217BF8B6A2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{86C2ACBD-E7C5-4053-982D-A704D2898F0A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1BA1E742-FEED-4084-8AB9-34841749A8EB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{3D01A360-069C-437E-B887-3E497BF5BBD0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{9EF0735C-F61B-4676-9E53-90573B2083AE}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.82.404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{59BBBB29-241A-476B-9254-1FE1E5BECD40}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.82.404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{CEAE313F-CD64-416E-8BAC-2F90CBFCE9BB}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.82.404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{34A4E71C-CA50-47EF-A217-22D360EDE655}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.82.404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{94366A55-8246-4C68-80C7-057E295E2DBB}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2203.4.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{35AB9466-6480-449D-AD82-E96B771A9916}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2203.4.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{32AE380D-196A-4EF2-9562-EAE1E58C1159}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2203.4.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{57BF1688-38DE-4E35-8CBD-F528F2E71059}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2203.4.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{3C7A2A73-30D1-4CF3-8E85-69F97E7BF1A0}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2203.4.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{956727E3-7076-4D5E-AC0D-1736BAD1D433}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2203.4.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{5C1A709B-DAFD-440D-8320-C87A23385C79}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2203.4.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{38671937-DC87-4218-B2EB-0386549805B8}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2203.4.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{894AABB7-5933-4CF8-A156-822D817F94CA}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2203.4.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{5D00E702-B8F1-441D-96D5-E5CE52170410}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2203.4.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{5334F5A4-84A2-4876-B602-FC12C95B861F}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2203.4.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{02C5509C-D445-40DF-9649-1DFED68729F6}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2203.4.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{071F42C8-C5CC-4CBF-96D0-A100155999C6}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2203.4.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{5B0CA116-8A4E-4803-B398-2EFD98EEAC39}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2203.4.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{4D9C58F8-3C75-4D76-9545-0BEC0F19E23C}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2203.4.0_x64__v10z8vjag6ke6\win32\OmenCommandCenterBackground.exe (HP Inc. -> HP Inc.)
FirewallRules: [{8D1410FF-1E5A-4F36-A2A2-C4176E36C53B}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2203.4.0_x64__v10z8vjag6ke6\win32\OmenCommandCenterBackground.exe (HP Inc. -> HP Inc.)
FirewallRules: [TCP Query User{5F8E448C-4526-4705-BE9B-C6CC7F171621}C:\mygames\warface my.com\bin64release\game.exe] => (Allow) C:\mygames\warface my.com\bin64release\game.exe (MRAC Warface -> MY.GAMES)
FirewallRules: [UDP Query User{483A7862-B8EC-462A-9A9B-D22DE80F3722}C:\mygames\warface my.com\bin64release\game.exe] => (Allow) C:\mygames\warface my.com\bin64release\game.exe (MRAC Warface -> MY.GAMES)
FirewallRules: [{C01CC65D-EAC3-4DE0-8DFF-B942897A49D2}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_22070.202.1253.1497_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{944C1370-D62D-477C-95FD-42FB44B4BCE0}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_22070.202.1253.1497_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{02C42165-0DCE-4A79-9C8D-D06A3CB46B49}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{5184FAAF-1B23-4CEE-8E21-D90678D3B515}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.39\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================

03-04-2022 09:00:55 Removed Kaspersky Password Manager
11-04-2022 07:49:46 Naplánovaný kontrolní bod
13-04-2022 10:59:36 Instalační služba modulů systému Windows

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (04/14/2022 06:52:54 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (04/13/2022 07:24:20 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrobat.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.22000.120_none_9d947278b86cc467.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.22000.120_none_e541a94fcce8ed6d.manifest.

Error: (04/13/2022 07:24:20 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrobat.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.22000.120_none_9d947278b86cc467.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.22000.120_none_e541a94fcce8ed6d.manifest.

Error: (04/13/2022 06:59:27 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrobat.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.22000.120_none_9d947278b86cc467.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.22000.120_none_e541a94fcce8ed6d.manifest.

Error: (04/13/2022 02:43:26 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (04/13/2022 09:14:04 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrobat.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.22000.120_none_9d947278b86cc467.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.22000.120_none_e541a94fcce8ed6d.manifest.

Error: (04/10/2022 07:36:17 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (04/09/2022 06:36:20 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0


System errors:
=============
Error: (04/14/2022 12:42:42 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba HP Analytics service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error: (04/14/2022 12:42:42 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA Display Container LS byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.

Error: (04/14/2022 12:42:42 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba HP System Info HSA Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 5000 milisekund: Restartovat službu.

Error: (04/14/2022 12:42:42 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Realtek Audio Universal Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.

Error: (04/14/2022 12:42:42 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba HP Print Scan Doctor Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 5000 milisekund: Restartovat službu.

Error: (04/14/2022 12:42:42 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba HP App Helper HSA Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 5000 milisekund: Restartovat službu.

Error: (04/14/2022 12:42:42 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba HP Comm Recovery byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (04/14/2022 12:42:42 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Sound Research SECOMN Service byla neočekávaně ukončena. Tento stav nastal již 1krát.


Windows Defender:
================
Date: 2022-04-13 08:15:25
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {F6150783-DEAC-479C-9D5D-26FA2D7C036C}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2022-04-12 07:16:12
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {FDF5DA38-214B-46DE-89F1-7D3041E19915}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2022-04-11 07:48:44
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {1CBE6393-6111-48B0-A992-5EB7AA8C8535}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2022-04-10 10:52:34
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {101F0B8A-DEA4-4969-93CE-F97F5F349159}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2022-04-07 09:58:13
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {189E886C-DD73-4D03-9376-740EC845B6CE}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Event[0]

Date: 2022-02-09 07:57:48
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.357.332.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18900.2
Kód chyby: 0x80240022
Popis chyby: V daném programu nelze zkontrolovat aktualizace definic.

Date: 2022-02-09 07:56:34
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.321.69.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17300.4
Kód chyby: 0x80240022
Popis chyby: V daném programu nelze zkontrolovat aktualizace definic.

Date: 2022-02-09 07:56:34
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.321.69.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17300.4
Kód chyby: 0x80240022
Popis chyby: V daném programu nelze zkontrolovat aktualizace definic.

CodeIntegrity:
===============
Date: 2022-04-14 08:05:41
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2022-04-06 12:28:59
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2022-04-03 09:19:55
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\protected_elam.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2022-04-03 09:05:02
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.


==================== Memory info ===========================

BIOS: AMI F.40 07/29/2021
Motherboard: HP 8767
Processor: Intel(R) Core(TM) i5-10400 CPU @ 2.90GHz
Percentage of memory in use: 24%
Total physical RAM: 16249.75 MB
Available physical RAM: 12221.82 MB
Total Virtual: 18681.75 MB
Available Virtual: 13433.51 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:476.13 GB) (Free:357.16 GB) NTFS
Drive d: (DATA) (Fixed) (Total:931.51 GB) (Free:760.91 GB) NTFS
Drive e: (Verbatim HDD) (Fixed) (Total:931.51 GB) (Free:171.2 GB) NTFS

\\?\Volume{75a0fa6b-d1f9-4b47-ab8e-75e621a387d3}\ () (Fixed) (Total:0.54 GB) (Free:0.05 GB) NTFS
\\?\Volume{578c12f2-64de-443e-9267-de2bbf3feb75}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.16 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: 5FD808C6)

Partition: GPT.

==========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 69EA6628)

Partition: GPT.

==========================================================
Disk: 2 (Size: 931.5 GB) (Disk ID: D8A924DA)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================


Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 13-04-2022 01
Ran by Petr (administrator) on PETR (HP HP Pavilion Gaming Desktop TG01-1xxx) (14-04-2022 13:18:08)
Running from C:\Users\fugat\OneDrive\Plocha
Loaded Profiles: Petr
Platform: Microsoft Windows 11 Home Version 21H2 22000.613 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCopyAccelerator.exe
(Express Vpn LLC -> ExpressVPN) C:\Program Files (x86)\ExpressVPN\expressvpn-ui\ExpressVPNNotificationService.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler64.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_54a828a51f6769c8\x64\TouchpointAnalyticsClientService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_86d9ab8950580d2e\x64\AppHelperCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_86d9ab8950580d2e\x64\DiagsCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_86d9ab8950580d2e\x64\NetworkCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_86d9ab8950580d2e\x64\SysInfoCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpomencustomcapcomp.inf_amd64_7ea79942c83947c1\x64\OmenCap\OmenCap.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_897ea327b3fe52f7\esif_uf.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
(services.exe ->) (Intel Corporation -> Intel(R) Corporation) C:\Windows\SysWOW64\XtuService.exe
(services.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_3.63.31001.0_x64__8wekyb3d8bbwe\gamingservices.exe
(services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_3.63.31001.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\NisSrv.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvhdci.inf_amd64_f6ce41c41f173600\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_d92d7bec4b020758\RtkAudUService64.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3426560 2021-11-23] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557768 2015-02-03] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [ExpressVPNNotificationService] => C:\Program Files (x86)\ExpressVPN\expressvpn-ui\ExpressVPNNotificationServiceStarter.exe [465120 2020-08-20] (Express Vpn LLC -> ExpressVPN)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [1851040 2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\56.0.11.0\GoogleDriveFS.exe [53664656 2022-03-30] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\56.0.11.0\GoogleDriveFS.exe [53664656 2022-03-30] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-518073881-1826240890-1261379532-1001\...\Run: [HPSEU_Host_Launcher] => C:\System.sav\util\HPSEU\HpseuHostLauncher.exe [525312 2021-08-03] (HP Inc.) [File not signed]
HKU\S-1-5-21-518073881-1826240890-1261379532-1001\...\Run: [GameCenter] => C:\Users\fugat\AppData\Local\GameCenter\GameCenter.exe [11413256 2022-04-05] (My.Com B.V. -> )
HKU\S-1-5-21-518073881-1826240890-1261379532-1001\...\Run: [GarminExpress] => C:\Program Files (x86)\Garmin\Express\express.exe [31193432 2022-01-12] (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-518073881-1826240890-1261379532-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\56.0.11.0\GoogleDriveFS.exe [53664656 2022-03-30] (Google LLC -> Google, Inc.)
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\56.0.11.0\GoogleDriveFS.exe [53664656 2022-03-30] (Google LLC -> Google, Inc.)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\WINDOWS\system32\AdobePDF.dll [54944 2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Inc)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\100.0.4896.88\Installer\chrmstp.exe [2022-04-13] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
Startup: C:\Users\fugat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sledování výstrah kazety - HP Smart Tank 510 series.lnk [2022-04-14]
ShortcutAndArgument: Sledování výstrah kazety - HP Smart Tank 510 series.lnk -> C:\WINDOWS\system32\RunDll32.exe => "C:\Program Files\HP\HP Smart Tank 510 series\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN14G440GV;CONNECTION=USB;MONITOR=1;

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0D888005-962A-4BF6-AEB4-6B21DBBA9711} - \HPAudioSwitch -> No File <==== ATTENTION
Task: {10151963-BE95-4337-8CEE-85562735DEB9} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {12DF3F8A-9612-48CA-AE38-2818FA70CA73} - \Microsoft\Windows\HelloFace\FODCleanupTask -> No File <==== ATTENTION
Task: {1B916C1A-59FD-4974-BE42-7F6B0C6D8D19} - \NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {1EC52D6A-2D8B-431E-8C80-138F2522B008} - System32\Tasks\McAfeeTsk\OOBEUpgrader => C:\Program Files\McAfee\MSC\OOBE_Upgrader.exe /Run (No File)
Task: {21BBE4C0-9F42-47BF-9A33-E9A9C47C8EFF} - \NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {22A6730C-0DF9-486A-ABB4-1194C0715A47} - \NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {2B39A18A-4466-4239-A58A-9EA8FECC3551} - System32\Tasks\RtkAudUService64_BG => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_d92d7bec4b020758\RtkAudUService64.exe [1372264 2021-10-14] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {364F5A20-4D48-4EE2-BF11-E6D166A366B2} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {382C7E0C-B502-45F6-A07E-6B6055B869B1} - \NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {38463ED2-5B0A-41B9-ADE1-D9D3FF72511F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {3FD04BD4-AA3B-4D74-A69E-7FD5CBB1B9F9} - \NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {4B75AF71-A6A7-42E8-8B72-EB9E9B529621} - System32\Tasks\GoogleUpdateTaskMachineCore{7AE1C9F1-9540-418C-921D-FD4FDE5E1410} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2022-02-07] (Google LLC -> Google LLC)
Task: {4D33C652-2C7C-4B8A-84B8-40EAF1EBFD31} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {526B2F57-B0FE-4A92-86BE-E9FD053DBEC8} - \NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {686C1045-5107-4099-9DD2-3FE7226A3C3A} - \NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {6C353243-8DF9-420D-8450-E8D9C632262D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {6CBEF361-EE00-46F9-B3B8-D803788F07C8} - \Microsoft\Windows\Management\Provisioning\PostResetBoot -> No File <==== ATTENTION
Task: {6CC18422-BAE7-4D28-AAAC-B8BBBC8A4CE9} - System32\Tasks\HP\Consent Manager Launcher => sc start hptouchpointanalyticsservice
Task: {6E4FE5B4-C9CA-4601-9FE8-66DE3BFC287D} - \NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {80A120DA-29C6-4F45-9599-6A520F2C007B} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [26968 2022-01-12] (Garmin International, Inc. -> )
Task: {956C0A3F-0F09-4C50-BE25-E3E18A046B9C} - \NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {A491907D-D74D-4B82-95B1-AD59C912F71E} - \NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {C04E5708-FE69-48FC-93F6-0881FAC8ECE5} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3426560 2021-11-23] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {C4CB05B8-C2FE-41E2-82B7-E3B00A830AAE} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-18] (Adobe Inc. -> Adobe Inc.)
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - \Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser -> No File <==== ATTENTION
Task: {D36CAA0A-4052-4E2E-A75B-7FAEEAFCB9AD} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSFReport.exe [138328 2022-03-28] (HP Inc. -> HP Inc.)
Task: {D6289842-C650-49EA-A997-EBDAA99BA741} - System32\Tasks\GoogleUpdateTaskMachineUA{20B3175A-8648-4988-A471-F17AD8C33B26} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2022-02-07] (Google LLC -> Google LLC)
Task: {D6EDDE36-EC6B-40EE-8224-F8665F53331A} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {E718D044-8F6E-48E7-953D-85D8F0FF19E2} - \OneDrive Standalone Update Task-S-1-5-21-3720538851-2503694541-3756166602-500 -> No File <==== ATTENTION
Task: {EAB9192F-4332-4405-9ADF-98BC88B5DBD4} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{6937863e-c9ac-48bb-9f25-4c37672829ce}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{fd2bec96-b3e5-4cbd-bd2d-45992acf282d}: [DhcpNameServer] 192.168.0.1

Edge:
=======
Edge Profile: C:\Users\fugat\AppData\Local\Microsoft\Edge\User Data\Default [2022-04-05]
Edge HomePage: Default -> hxxp://www.google.cz/
Edge StartupUrls: Default -> "hxxps://www.google.cz/"
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

FireFox:
========
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat DC - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn [2022-02-07] [Legacy] [not signed]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-01-23] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-01-23] (Adobe Systems Incorporated -> Adobe Systems)

Chrome:
=======
CHR Profile: C:\Users\fugat\AppData\Local\Google\Chrome\User Data\Default [2022-04-14]
CHR HomePage: Default -> hxxp://www.google.cz/
CHR StartupUrls: Default -> "hxxps://www.google.cz/"
CHR Extension: (Prezentace) - C:\Users\fugat\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2022-02-07]
CHR Extension: (Podepisovací komponenta Signer) - C:\Users\fugat\AppData\Local\Google\Chrome\User Data\Default\Extensions\alldahcdhngmcjagmefklhhecboiigni [2022-02-07]
CHR Extension: (Dokumenty) - C:\Users\fugat\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2022-02-07]
CHR Extension: (Disk Google) - C:\Users\fugat\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2022-02-07]
CHR Extension: (YouTube) - C:\Users\fugat\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2022-02-07]
CHR Extension: (uBlock Origin) - C:\Users\fugat\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2022-04-08]
CHR Extension: (Adobe Acrobat: nástroje pro úpravu, převod a podpis souborů PDF) - C:\Users\fugat\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2022-03-22]
CHR Extension: (Tabulky) - C:\Users\fugat\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2022-02-07]
CHR Extension: (Dokumenty Google offline) - C:\Users\fugat\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-03-10]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\fugat\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-04-13]
CHR Extension: (Spouštěč aplikací pro Disk (od Googlu)) - C:\Users\fugat\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2022-02-07]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\fugat\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-02-07]
CHR Extension: (Gmail) - C:\Users\fugat\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2022-02-07]
CHR Profile: C:\Users\fugat\AppData\Local\Google\Chrome\User Data\System Profile [2022-04-14]
CHR HKU\S-1-5-21-518073881-1826240890-1261379532-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-18] (Adobe Inc. -> Adobe Inc.)
S2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3849472 2021-11-23] (Adobe Inc. -> Adobe Systems, Incorporated)
S2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3617024 2021-11-23] (Adobe Inc. -> Adobe Systems, Incorporated)
S2 ExpressVPNService; C:\Program Files (x86)\ExpressVPN\bootstrap\amd64\nssm.exe [437472 2020-08-20] (Express Vpn LLC -> ExpressVPN)
S2 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [891256 2020-07-30] (HP Inc. -> HP Inc.)
R2 HPAppHelperCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_86d9ab8950580d2e\x64\AppHelperCap.exe [762888 2022-02-27] (HP Inc. -> HP Inc.)
R2 HPDiagsCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_86d9ab8950580d2e\x64\DiagsCap.exe [760312 2022-02-27] (HP Inc. -> HP Inc.)
R2 HPNetworkCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_86d9ab8950580d2e\x64\NetworkCap.exe [758280 2022-02-27] (HP Inc. -> HP Inc.)
R2 HPOmenCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpomencustomcapcomp.inf_amd64_7ea79942c83947c1\x64\OmenCap\OmenCap.exe [698760 2022-02-14] (HP Inc. -> HP Inc.)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [218272 2022-03-22] (HP Inc. -> HP Inc.)
R2 HPSysInfoCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_86d9ab8950580d2e\x64\SysInfoCap.exe [761376 2022-02-27] (HP Inc. -> HP Inc.)
R2 HpTouchpointAnalyticsService; C:\WINDOWS\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_54a828a51f6769c8\x64\TouchpointAnalyticsClientService.exe [494672 2021-11-22] (HP Inc. -> HP Inc.)
S2 ID19 HP Fan Control Service; C:\Program Files\FanControlApp\FanControlApp.exe [283168 2020-04-29] (HON HAI PRECISION INDUSTRY CO.LTD. -> )
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8348856 2022-04-13] (Malwarebytes Inc -> Malwarebytes)
S3 mracsvc; C:\WINDOWS\System32\mracsvc.exe [24538344 2022-04-06] (My.Com B.V. -> My.com B.V.)
S2 RtkBtAudioServ; C:\WINDOWS\RtkBtAudioServ.exe [234064 2020-12-21] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\NisSrv.exe [3116848 2022-04-08] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe [133544 2022-04-08] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvhdci.inf_amd64_f6ce41c41f173600\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvhdci.inf_amd64_f6ce41c41f173600\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 expressvpnsplittunnel; C:\Program Files (x86)\ExpressVPN\splittunnel\expressvpnsplittunnel.sys [37024 2020-08-20] (ExprsVPN LLC -> ExpressVPN)
R1 googledrivefs3758; C:\WINDOWS\System32\DRIVERS\googledrivefs3758.sys [384584 2022-03-24] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
R3 HPCustomCapDriver; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapdriver.inf_amd64_a955fa431e522f5e\x64\hpcustomcapdriver.sys [25592 2021-09-16] (HP Inc. -> HP Inc.)
R3 HPOmenCustomCapDriver; C:\WINDOWS\System32\DriverStore\FileRepository\hpomencustomcapdriver.inf_amd64_326f2e1d16385daf\x64\hpomencustomcapdriver.sys [23888 2020-04-21] (HP Inc. -> HP Inc.)
S3 Hsp; C:\WINDOWS\System32\drivers\Hsp.sys [110904 2022-02-06] (Microsoft Windows -> Microsoft Corporation)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223688 2022-04-13] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2022-04-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2022-04-13] (Malwarebytes Inc -> Malwarebytes)
R3 MpKsld0a022a0; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{3846AE5D-383E-4CCA-B7AC-3850CE2FD58B}\MpKslDrv.sys [139536 2022-04-14] (Microsoft Windows -> Microsoft Corporation)
S3 mracdrv; C:\WINDOWS\System32\drivers\mracdrv1.sys [23774760 2022-04-06] (My.Com B.V. -> My.com B.V.)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48552 2021-11-01] (Microsoft Windows Hardware Compatibility Publisher -> NVIDIA Corporation)
R1 rtf64; C:\WINDOWS\system32\DRIVERS\rtf64x64.sys [70560 2020-12-22] (Realtek Semiconductor Corp. -> Realtek)
R3 tapexpressvpn; C:\WINDOWS\System32\drivers\tapexpressvpn.sys [52904 2020-08-20] (ExprsVPN LLC -> The OpenVPN Project)
R3 trufos; C:\WINDOWS\System32\drivers\trufos.sys [641736 2022-04-13] (Bitdefender SRL -> Bitdefender)
R3 ViGEmBus; C:\WINDOWS\System32\DriverStore\FileRepository\vigembus.inf_amd64_8a927fc43d8a7838\x64\ViGEmBus.sys [91432 2020-04-21] (HP Inc. -> Benjamin Hoeglinger-Stelzer)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49600 2022-04-08] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [443664 2022-04-08] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [90384 2022-04-08] (Microsoft Windows -> Microsoft Corporation)
U3 aspnet_state; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-04-14 12:36 - 2022-04-14 12:42 - 000000000 ____D C:\AdwCleaner
2022-04-14 07:06 - 2022-04-14 13:18 - 000000000 ____D C:\FRST
2022-04-13 19:13 - 2022-04-13 19:22 - 000000054 _____ C:\WINDOWS\Lic.xxx
2022-04-13 19:13 - 2022-04-13 19:13 - 000000000 ____D C:\PUB
2022-04-13 19:13 - 2022-04-13 19:12 - 000641736 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\trufos.sys
2022-04-13 19:12 - 2022-04-13 19:12 - 000632064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr80.dll
2022-04-13 19:12 - 2022-04-13 19:12 - 000554240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp80.dll
2022-04-13 19:12 - 2022-04-13 19:12 - 000176760 _____ (MicroWorld Technologies Inc.) C:\WINDOWS\SysWOW64\eEmpty.exe
2022-04-13 19:12 - 2022-04-13 19:12 - 000000000 ____D C:\ProgramData\MicroWorld
2022-04-13 18:59 - 2022-04-13 18:59 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2022-04-13 18:59 - 2022-04-13 18:59 - 000223688 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2022-04-13 18:59 - 2022-04-13 18:59 - 000002040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2022-04-13 18:59 - 2022-04-13 18:58 - 000160176 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2022-04-13 18:59 - 2022-04-13 18:58 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2022-04-13 18:58 - 2022-04-13 18:58 - 000000000 ____D C:\ProgramData\Malwarebytes
2022-04-13 18:58 - 2022-04-13 18:58 - 000000000 ____D C:\Program Files\Malwarebytes
2022-04-13 11:02 - 2022-04-13 11:02 - 002550832 _____ (The ICU Project) C:\WINDOWS\system32\icu.dll
2022-04-13 11:02 - 2022-04-13 11:02 - 002080992 _____ (The ICU Project) C:\WINDOWS\SysWOW64\icu.dll
2022-04-13 11:02 - 2022-04-13 11:02 - 000372736 _____ C:\WINDOWS\system32\hwreqchk.dll
2022-04-13 11:02 - 2022-04-13 11:02 - 000069632 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2022-04-13 11:02 - 2022-04-13 11:02 - 000015192 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-04-13 11:01 - 2022-04-13 11:01 - 000032768 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe
2022-04-13 11:00 - 2022-04-13 11:00 - 000000000 ___HD C:\$WinREAgent
2022-04-13 07:03 - 2022-04-13 14:36 - 000000000 ____D C:\Program Files\Mozilla Thunderbird
2022-04-03 09:20 - 2022-04-03 09:20 - 000000000 ____D C:\Users\fugat\OneDrive\Dokumenty\TotalAV
2022-04-03 09:19 - 2022-04-03 09:19 - 000000000 ____D C:\Users\fugat\AppData\Local\GUI
2022-03-31 16:39 - 2022-03-24 07:54 - 000384584 _____ (Google, Inc.) C:\WINDOWS\system32\Drivers\googledrivefs3758.sys

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-04-14 12:53 - 2022-02-07 13:07 - 000000000 ____D C:\Users\fugat\AppData\LocalLow\Mozilla
2022-04-14 12:53 - 2022-02-07 13:07 - 000000000 ____D C:\ProgramData\Mozilla
2022-04-14 12:48 - 2022-02-07 10:41 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-04-14 12:45 - 2022-02-07 11:40 - 000000000 ____D C:\Program Files (x86)\Google
2022-04-14 12:42 - 2022-02-07 10:50 - 000000000 ____D C:\ProgramData\NVIDIA
2022-04-14 12:24 - 2022-02-07 12:39 - 000000000 ____D C:\Users\fugat\AppData\Local\GameCenter
2022-04-14 08:06 - 2022-02-07 10:41 - 000000000 ____D C:\WINDOWS\SystemTemp
2022-04-13 19:13 - 2019-12-07 11:14 - 000000652 _____ C:\WINDOWS\win.ini
2022-04-13 18:59 - 2022-02-07 10:41 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2022-04-13 17:38 - 2022-02-07 10:50 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-04-13 17:38 - 2022-02-07 10:41 - 000000000 ___HD C:\Program Files\WindowsApps
2022-04-13 17:38 - 2022-02-07 10:41 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-04-13 14:43 - 2022-02-07 11:00 - 001715074 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-04-13 14:43 - 2022-02-07 10:43 - 000724594 _____ C:\WINDOWS\system32\perfh005.dat
2022-04-13 14:43 - 2022-02-07 10:43 - 000150556 _____ C:\WINDOWS\system32\perfc005.dat
2022-04-13 14:43 - 2022-02-07 10:41 - 000000000 ____D C:\WINDOWS\INF
2022-04-13 14:37 - 2022-02-07 10:50 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-04-13 14:37 - 2022-02-07 10:49 - 000624032 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-04-13 14:37 - 2022-02-07 10:49 - 000012288 ___SH C:\DumpStack.log.tmp
2022-04-13 14:37 - 2022-02-07 10:41 - 000000000 ____D C:\WINDOWS\ServiceState
2022-04-13 14:36 - 2022-02-07 13:07 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-04-13 14:36 - 2022-02-07 10:41 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-04-13 14:36 - 2022-02-07 10:41 - 000000000 ____D C:\WINDOWS\SysWOW64\vi-VN
2022-04-13 14:36 - 2022-02-07 10:41 - 000000000 ____D C:\WINDOWS\SysWOW64\eu-ES
2022-04-13 14:36 - 2022-02-07 10:41 - 000000000 ____D C:\WINDOWS\SystemResources
2022-04-13 14:36 - 2022-02-07 10:41 - 000000000 ____D C:\WINDOWS\system32\vi-VN
2022-04-13 14:36 - 2022-02-07 10:41 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-04-13 14:36 - 2022-02-07 10:41 - 000000000 ____D C:\WINDOWS\system32\eu-ES
2022-04-13 14:36 - 2022-02-07 10:41 - 000000000 ____D C:\WINDOWS\system32\appraiser
2022-04-13 14:36 - 2022-02-07 10:41 - 000000000 ____D C:\WINDOWS\ShellExperiences
2022-04-13 14:36 - 2022-02-07 10:41 - 000000000 ____D C:\WINDOWS\DiagTrack
2022-04-13 14:36 - 2022-02-07 10:41 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-04-13 14:36 - 2022-02-07 10:38 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2022-04-13 11:24 - 2022-02-09 10:33 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-04-13 11:23 - 2022-02-09 10:33 - 143823848 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-04-13 11:23 - 2022-02-07 10:50 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-04-13 11:04 - 2022-02-07 10:39 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-04-13 11:01 - 2022-02-07 10:52 - 003102208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-04-13 07:03 - 2022-02-07 11:41 - 000002254 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-04-12 06:14 - 2022-02-07 10:50 - 000003366 _____ C:\WINDOWS\system32\Tasks\RtkAudUService64_BG
2022-04-10 11:41 - 2022-02-07 11:27 - 000000000 ____D C:\Users\fugat\AppData\Local\D3DSCache
2022-04-08 07:37 - 2022-02-07 11:44 - 002262504 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll
2022-04-08 07:37 - 2022-02-07 11:44 - 000353760 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll
2022-04-08 07:37 - 2022-02-07 11:44 - 000218600 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy.dll
2022-04-08 07:37 - 2022-02-07 11:44 - 000198112 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll
2022-04-08 07:37 - 2022-02-07 11:44 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll
2022-04-08 07:37 - 2022-02-07 11:44 - 000120296 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamelaunchhelper.dll
2022-04-08 07:37 - 2022-02-07 11:44 - 000062952 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamemodcontrol.exe
2022-04-08 07:04 - 2022-02-07 10:50 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2022-04-08 06:14 - 2022-02-07 19:06 - 000002071 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk
2022-04-07 17:02 - 2022-02-07 11:29 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-518073881-1826240890-1261379532-1001
2022-04-07 17:02 - 2022-02-07 11:29 - 000003354 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-518073881-1826240890-1261379532-1001
2022-04-07 17:02 - 2022-02-07 11:29 - 000002384 _____ C:\Users\fugat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-04-07 08:01 - 2022-02-09 10:33 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2022-04-06 19:20 - 2022-02-07 11:44 - 000000000 ____D C:\WINDOWS\system32\Tasks\Hewlett-Packard
2022-04-06 18:07 - 2022-02-07 15:00 - 024538344 _____ (My.com B.V.) C:\WINDOWS\system32\mracsvc.exe
2022-04-06 18:07 - 2022-02-07 15:00 - 023774760 _____ (My.com B.V.) C:\WINDOWS\system32\Drivers\mracdrv1.sys
2022-04-06 06:32 - 2022-02-07 10:50 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-04-06 06:32 - 2022-02-07 10:50 - 000003460 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-04-03 09:25 - 2022-02-08 18:51 - 000000000 ____D C:\Users\fugat\AppData\Local\CrashDumps
2022-04-03 09:05 - 2022-02-07 12:04 - 000000000 ____D C:\Program Files\Common Files\AV
2022-04-03 09:05 - 2022-02-07 12:03 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2022-04-03 09:05 - 2022-02-07 10:38 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2022-03-28 06:53 - 2022-02-08 07:19 - 000000000 ____D C:\Users\fugat\AppData\Local\HP_Inc
2022-03-23 20:56 - 2022-02-09 10:33 - 000509296 _____ (Microsoft Corporation) C:\WINDOWS\system32\QualityUpdateAssistant.dll
2022-03-23 20:56 - 2022-02-09 10:33 - 000492912 _____ (Microsoft Corporation) C:\WINDOWS\system32\sedplugins.dll
2022-03-22 15:15 - 2022-02-07 20:15 - 000000000 ____D C:\Program Files\HPPrintScanDoctor
2022-03-22 15:13 - 2022-02-07 11:27 - 000000000 ____D C:\WINDOWS\system32\Tasks\HP
2022-03-20 20:30 - 2022-02-07 11:19 - 000000000 ____D C:\Users\fugat

==================== Files in the root of some directories ========

2022-02-07 18:12 - 2022-02-07 18:12 - 000058111 _____ () C:\Program Files (x86)\CMS Setup Log.txt
2022-02-07 16:11 - 2022-02-07 16:11 - 000000410 _____ () C:\Users\fugat\AppData\Local\oobelibMkey.log

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
FirewallRules: [{D80B0C0B-A25F-4A2A-BB79-F3B7C92AB425}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\OmenCommandCenterBackground.exe => No File
FirewallRules: [{EA83AD5B-B1A4-4F3F-AF04-7C26A358F123}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\OmenCommandCenterBackground.exe => No File
FirewallRules: [{5A3DBFD2-833C-4941-86AE-E7BC44F9AA4B}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{3E297E5E-DE55-4183-AD2E-66CBCE749264}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{5EC9A46B-2F02-4F64-8CE4-BEF3863FA0B6}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{2A59CC16-E873-4C8C-BD7B-EA61E6E12E67}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{5C4737C2-FADE-4538-8C3B-5E3DA5703DA1}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{8FD8035D-4BEB-4198-B167-4C8F28BBA373}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{7821FE05-2A8A-411C-88A0-2174A84AB3E0}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{52F7F5D3-E779-4A2B-A85F-AA07348102FF}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{6F71E2F2-CFB4-46B3-B5BE-5744159AD78A}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{190D567E-6283-40C4-9D5A-99AFC821F647}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{2F096256-71A5-4597-81A7-AA454CA53F65}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{A71F5CA9-B890-4782-8C2F-F9C6C172571E}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{4C32CB2D-2FAC-4FB3-ADEA-BE3A450A5AB0}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{5638441E-590A-4F48-9E01-6A22612A5145}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{EEFCEBAE-20F3-4B3E-8AD6-D1775C2746B7}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\StreamerV2\Omen.exe => No File
FirewallRules: [{847A4F88-7CE4-4AFB-9BDE-6F19EB75B675}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\StreamerV2\Omen.exe => No File
FirewallRules: [{BC945135-FBF5-48C5-8B4A-7179A3B8F851}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\StreamerV2\Omen.exe => No File
FirewallRules: [{A2FDC62D-ACC5-4951-BEB0-F96E71DB98E8}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\StreamerV2\Omen.exe => No File
FirewallRules: [{C4E1CC3D-3F9A-49CC-9F14-2F93553B57D5}] => (Allow) C:\Users\fugat\AppData\Local\Temp\7zS2A86\HP.EasyStart.exe => No File
FirewallRules: [{2AFCBF79-CB0D-4170-AFDF-28873D913CEF}] => (Allow) C:\Users\fugat\AppData\Local\Temp\7zS6D10\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{9F40D925-4B23-4DBA-9112-BBB30853193B}] => (Allow) C:\Users\fugat\AppData\Local\Temp\7zS6D10\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{DB14CBEB-D258-4F30-ADD8-6F7A1930AC03}] => (Allow) C:\Users\fugat\AppData\Local\Temp\7zS0FA2\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{FE377442-314A-4695-9A42-6787DE2199B7}] => (Allow) C:\Users\fugat\AppData\Local\Temp\7zS0FA2\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{3D475C93-D466-487E-BDFF-1462FE15FD0A}] => (Allow) C:\Users\fugat\AppData\Local\Temp\7zS790D\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{7D3E42A3-52A9-4BD6-A678-7CEF1488C8E3}] => (Allow) C:\Users\fugat\AppData\Local\Temp\7zS790D\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{C6EF4CF2-DC49-430A-B757-7179898E3648}] => (Allow) C:\Users\fugat\AppData\Local\Temp\7zS1B0D\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{6EFC1CC4-4123-4B57-B1D6-9A755ECD3DF3}] => (Allow) C:\Users\fugat\AppData\Local\Temp\7zS1B0D\HPDiagnosticCoreUI.exe => No File
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
ask: {0D888005-962A-4BF6-AEB4-6B21DBBA9711} - \HPAudioSwitch -> No File <==== ATTENTION
Task: {12DF3F8A-9612-48CA-AE38-2818FA70CA73} - \Microsoft\Windows\HelloFace\FODCleanupTask -> No File <==== ATTENTION
Task: {1B916C1A-59FD-4974-BE42-7F6B0C6D8D19} - \NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {1EC52D6A-2D8B-431E-8C80-138F2522B008} - System32\Tasks\McAfeeTsk\OOBEUpgrader => C:\Program Files\McAfee\MSC\OOBE_Upgrader.exe /Run (No File)
Task: {21BBE4C0-9F42-47BF-9A33-E9A9C47C8EFF} - \NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {22A6730C-0DF9-486A-ABB4-1194C0715A47} - \NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {382C7E0C-B502-45F6-A07E-6B6055B869B1} - \NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {3FD04BD4-AA3B-4D74-A69E-7FD5CBB1B9F9} - \NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {526B2F57-B0FE-4A92-86BE-E9FD053DBEC8} - \NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {686C1045-5107-4099-9DD2-3FE7226A3C3A} - \NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {6CBEF361-EE00-46F9-B3B8-D803788F07C8} - \Microsoft\Windows\Management\Provisioning\PostResetBoot -> No File <==== ATTENTION
Task: {6E4FE5B4-C9CA-4601-9FE8-66DE3BFC287D} - \NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - \Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser -> No File <==== ATTENTION
Task: {E718D044-8F6E-48E7-953D-85D8F0FF19E2} - \OneDrive Standalone Update Task-S-1-5-21-3720538851-2503694541-3756166602-500 -> No File <==== ATTENTION
U3 aspnet_state; no ImagePath

EmptyTemp:
End

Uložte do C:\Users\fugat\OneDrive\Plocha jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Fix result of Farbar Recovery Scan Tool (x64) Version: 13-04-2022 01
Ran by Petr (14-04-2022 14:52:30) Run:1
Running from C:\Users\fugat\OneDrive\Plocha
Loaded Profiles: Petr
Boot Mode: Normal
==============================================

fixlist content:
*****************
CloseProcesses:
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
FirewallRules: [{D80B0C0B-A25F-4A2A-BB79-F3B7C92AB425}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\OmenCommandCenterBackground.exe => No File
FirewallRules: [{EA83AD5B-B1A4-4F3F-AF04-7C26A358F123}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\OmenCommandCenterBackground.exe => No File
FirewallRules: [{5A3DBFD2-833C-4941-86AE-E7BC44F9AA4B}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{3E297E5E-DE55-4183-AD2E-66CBCE749264}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{5EC9A46B-2F02-4F64-8CE4-BEF3863FA0B6}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{2A59CC16-E873-4C8C-BD7B-EA61E6E12E67}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{5C4737C2-FADE-4538-8C3B-5E3DA5703DA1}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{8FD8035D-4BEB-4198-B167-4C8F28BBA373}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{7821FE05-2A8A-411C-88A0-2174A84AB3E0}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{52F7F5D3-E779-4A2B-A85F-AA07348102FF}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{6F71E2F2-CFB4-46B3-B5BE-5744159AD78A}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{190D567E-6283-40C4-9D5A-99AFC821F647}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{2F096256-71A5-4597-81A7-AA454CA53F65}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{A71F5CA9-B890-4782-8C2F-F9C6C172571E}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{4C32CB2D-2FAC-4FB3-ADEA-BE3A450A5AB0}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{5638441E-590A-4F48-9E01-6A22612A5145}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe => No File
FirewallRules: [{EEFCEBAE-20F3-4B3E-8AD6-D1775C2746B7}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\StreamerV2\Omen.exe => No File
FirewallRules: [{847A4F88-7CE4-4AFB-9BDE-6F19EB75B675}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\StreamerV2\Omen.exe => No File
FirewallRules: [{BC945135-FBF5-48C5-8B4A-7179A3B8F851}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\StreamerV2\Omen.exe => No File
FirewallRules: [{A2FDC62D-ACC5-4951-BEB0-F96E71DB98E8}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_11.1.2.0_x64__v10z8vjag6ke6\win32\StreamerV2\Omen.exe => No File
FirewallRules: [{C4E1CC3D-3F9A-49CC-9F14-2F93553B57D5}] => (Allow) C:\Users\fugat\AppData\Local\Temp\7zS2A86\HP.EasyStart.exe => No File
FirewallRules: [{2AFCBF79-CB0D-4170-AFDF-28873D913CEF}] => (Allow) C:\Users\fugat\AppData\Local\Temp\7zS6D10\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{9F40D925-4B23-4DBA-9112-BBB30853193B}] => (Allow) C:\Users\fugat\AppData\Local\Temp\7zS6D10\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{DB14CBEB-D258-4F30-ADD8-6F7A1930AC03}] => (Allow) C:\Users\fugat\AppData\Local\Temp\7zS0FA2\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{FE377442-314A-4695-9A42-6787DE2199B7}] => (Allow) C:\Users\fugat\AppData\Local\Temp\7zS0FA2\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{3D475C93-D466-487E-BDFF-1462FE15FD0A}] => (Allow) C:\Users\fugat\AppData\Local\Temp\7zS790D\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{7D3E42A3-52A9-4BD6-A678-7CEF1488C8E3}] => (Allow) C:\Users\fugat\AppData\Local\Temp\7zS790D\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{C6EF4CF2-DC49-430A-B757-7179898E3648}] => (Allow) C:\Users\fugat\AppData\Local\Temp\7zS1B0D\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{6EFC1CC4-4123-4B57-B1D6-9A755ECD3DF3}] => (Allow) C:\Users\fugat\AppData\Local\Temp\7zS1B0D\HPDiagnosticCoreUI.exe => No File
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
ask: {0D888005-962A-4BF6-AEB4-6B21DBBA9711} - \HPAudioSwitch -> No File <==== ATTENTION
Task: {12DF3F8A-9612-48CA-AE38-2818FA70CA73} - \Microsoft\Windows\HelloFace\FODCleanupTask -> No File <==== ATTENTION
Task: {1B916C1A-59FD-4974-BE42-7F6B0C6D8D19} - \NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {1EC52D6A-2D8B-431E-8C80-138F2522B008} - System32\Tasks\McAfeeTsk\OOBEUpgrader => C:\Program Files\McAfee\MSC\OOBE_Upgrader.exe /Run (No File)
Task: {21BBE4C0-9F42-47BF-9A33-E9A9C47C8EFF} - \NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {22A6730C-0DF9-486A-ABB4-1194C0715A47} - \NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {382C7E0C-B502-45F6-A07E-6B6055B869B1} - \NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {3FD04BD4-AA3B-4D74-A69E-7FD5CBB1B9F9} - \NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {526B2F57-B0FE-4A92-86BE-E9FD053DBEC8} - \NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {686C1045-5107-4099-9DD2-3FE7226A3C3A} - \NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {6CBEF361-EE00-46F9-B3B8-D803788F07C8} - \Microsoft\Windows\Management\Provisioning\PostResetBoot -> No File <==== ATTENTION
Task: {6E4FE5B4-C9CA-4601-9FE8-66DE3BFC287D} - \NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - \Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser -> No File <==== ATTENTION
Task: {E718D044-8F6E-48E7-953D-85D8F0FF19E2} - \OneDrive Standalone Update Task-S-1-5-21-3720538851-2503694541-3756166602-500 -> No File <==== ATTENTION
U3 aspnet_state; no ImagePath

EmptyTemp:
End
*****************

Processes closed successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\"Local Page"="C:\Windows\SysWOW64\blank.htm" => value restored successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D80B0C0B-A25F-4A2A-BB79-F3B7C92AB425}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{EA83AD5B-B1A4-4F3F-AF04-7C26A358F123}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{5A3DBFD2-833C-4941-86AE-E7BC44F9AA4B}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3E297E5E-DE55-4183-AD2E-66CBCE749264}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{5EC9A46B-2F02-4F64-8CE4-BEF3863FA0B6}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2A59CC16-E873-4C8C-BD7B-EA61E6E12E67}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{5C4737C2-FADE-4538-8C3B-5E3DA5703DA1}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8FD8035D-4BEB-4198-B167-4C8F28BBA373}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7821FE05-2A8A-411C-88A0-2174A84AB3E0}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{52F7F5D3-E779-4A2B-A85F-AA07348102FF}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6F71E2F2-CFB4-46B3-B5BE-5744159AD78A}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{190D567E-6283-40C4-9D5A-99AFC821F647}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2F096256-71A5-4597-81A7-AA454CA53F65}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A71F5CA9-B890-4782-8C2F-F9C6C172571E}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4C32CB2D-2FAC-4FB3-ADEA-BE3A450A5AB0}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{5638441E-590A-4F48-9E01-6A22612A5145}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{EEFCEBAE-20F3-4B3E-8AD6-D1775C2746B7}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{847A4F88-7CE4-4AFB-9BDE-6F19EB75B675}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{BC945135-FBF5-48C5-8B4A-7179A3B8F851}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A2FDC62D-ACC5-4951-BEB0-F96E71DB98E8}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C4E1CC3D-3F9A-49CC-9F14-2F93553B57D5}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2AFCBF79-CB0D-4170-AFDF-28873D913CEF}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9F40D925-4B23-4DBA-9112-BBB30853193B}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{DB14CBEB-D258-4F30-ADD8-6F7A1930AC03}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{FE377442-314A-4695-9A42-6787DE2199B7}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3D475C93-D466-487E-BDFF-1462FE15FD0A}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7D3E42A3-52A9-4BD6-A678-7CEF1488C8E3}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C6EF4CF2-DC49-430A-B757-7179898E3648}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6EFC1CC4-4123-4B57-B1D6-9A755ECD3DF3}" => removed successfully
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers\{C885AA15-1764-4293-B82A-0586ADD46B35} => removed successfully
ask: {0D888005-962A-4BF6-AEB4-6B21DBBA9711} - \HPAudioSwitch -> No File <==== ATTENTION => Error: No automatic fix found for this entry.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{12DF3F8A-9612-48CA-AE38-2818FA70CA73}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{12DF3F8A-9612-48CA-AE38-2818FA70CA73}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\HelloFace\FODCleanupTask" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{1B916C1A-59FD-4974-BE42-7F6B0C6D8D19}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1B916C1A-59FD-4974-BE42-7F6B0C6D8D19}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1EC52D6A-2D8B-431E-8C80-138F2522B008}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1EC52D6A-2D8B-431E-8C80-138F2522B008}" => removed successfully
C:\WINDOWS\System32\Tasks\McAfeeTsk\OOBEUpgrader => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\McAfeeTsk\OOBEUpgrader" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{21BBE4C0-9F42-47BF-9A33-E9A9C47C8EFF}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{21BBE4C0-9F42-47BF-9A33-E9A9C47C8EFF}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{22A6730C-0DF9-486A-ABB4-1194C0715A47}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{22A6730C-0DF9-486A-ABB4-1194C0715A47}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{382C7E0C-B502-45F6-A07E-6B6055B869B1}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{382C7E0C-B502-45F6-A07E-6B6055B869B1}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3FD04BD4-AA3B-4D74-A69E-7FD5CBB1B9F9}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3FD04BD4-AA3B-4D74-A69E-7FD5CBB1B9F9}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{526B2F57-B0FE-4A92-86BE-E9FD053DBEC8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{526B2F57-B0FE-4A92-86BE-E9FD053DBEC8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{686C1045-5107-4099-9DD2-3FE7226A3C3A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{686C1045-5107-4099-9DD2-3FE7226A3C3A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{6CBEF361-EE00-46F9-B3B8-D803788F07C8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6CBEF361-EE00-46F9-B3B8-D803788F07C8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Management\Provisioning\PostResetBoot" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6E4FE5B4-C9CA-4601-9FE8-66DE3BFC287D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6E4FE5B4-C9CA-4601-9FE8-66DE3BFC287D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CCDFC0B8-01A3-4E74-A820-4F13F51D269E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CCDFC0B8-01A3-4E74-A820-4F13F51D269E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E718D044-8F6E-48E7-953D-85D8F0FF19E2}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E718D044-8F6E-48E7-953D-85D8F0FF19E2}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OneDrive Standalone Update Task-S-1-5-21-3720538851-2503694541-3756166602-500" => removed successfully
HKLM\System\CurrentControlSet\Services\aspnet_state => removed successfully
aspnet_state => service removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 1310720 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 32065566 B
Java, Flash, Steam htmlcache => 343 B
Windows/system/drivers => 152503601 B
Edge => 0 B
Chrome => 382273487 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 171578 B
NetworkService => 117149864 B
fugat => 878938239 B

RecycleBin => 171472 B
EmptyTemp: => 1.5 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 14:52:52 ====

Smazáno. Nastala nějaká změna?

Dobrý den,
nic se nezměnilo, stále vyskakuje okno někdy i na ploše, když není nic spuštěno. V příloze posílám snímek.

Zkusíme vyčistit prohlížeče. Spusťte postupně tyto utility:

1. Stahnete Zoek.exe http://download.bleepingcomputer.com/smeenk/zoek.exe , https://www.edisk.cz/stahni/21334/zoek.rar_1.3MB.html/ a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize

autoclean;
resethosts;
emptyclsid;
IEdefaults;
FFdefaults;
CHRdefaults;
emptyIEcache;
emptyFFcache;
emptyCHRcache;
emptyalltemp;
emptyflash;
emptyjava;
emptyrecycle.bin;

Nasledne kliknete na Run Script
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem.

a

2. Junkware removal tool: https://www.stahuj.cz/utility_a_ostatni ... oval-tool/
•Ulozte nejlepe na plochu
•Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
•Probehne vytvoreni zalohy a nasledne prohledavani
•Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte.

Zoek.exe v5.0.0.0 Updated 04-May-2015
Tool run by Petr on 15.04.2022 at 11:55:19,59.
Microsoft Windows 11 Home 10.0.22000 x64
Running in: Normal Mode No Internet Access Detected
Launched: C:\Users\fugat\OneDrive\Plocha\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

15.04.2022 11:57:22 Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost

==== Empty Folders Check ======================

C:\PROGRA~2\Windows Multimedia Platform deleted successfully
C:\PROGRA~2\Windows Portable Devices deleted successfully
C:\PROGRA~2\COMMON~1\MicroWorld deleted successfully
C:\PROGRA~2\COMMON~1\Services deleted successfully
C:\Program Files\Windows Multimedia Platform deleted successfully
C:\Program Files\Windows Portable Devices deleted successfully
C:\Program Files\Common Files\AV deleted successfully
C:\Program Files\Common Files\Services deleted successfully
C:\PROGRA~3\SoftwareDistribution deleted successfully
C:\PROGRA~3\ssh deleted successfully
C:\Users\fugat\AppData\Local\CrashDumps deleted successfully
C:\Users\fugat\AppData\Local\GHISLER deleted successfully
C:\Users\fugat\AppData\Local\VirtualStore deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-518073881-1826240890-1261379532-1001\Software\Microsoft\Internet Explorer\SearchScopes\{7F1D1264-302B-4934-9B46-54974BA74E53} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{7F1D1264-302B-4934-9B46-54974BA74E53} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{7F1D1264-302B-4934-9B46-54974BA74E53} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== FireFox Fix ======================

Deleted from C:\Users\fugat\AppData\Roaming\Thunderbird\Profiles\9spse6l6.default-release\prefs.js:

Added to C:\Users\fugat\AppData\Roaming\Thunderbird\Profiles\9spse6l6.default-release\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Deleting Files \ Folders ======================

C:\PROGRA~3\Package Cache deleted
C:\Users\fugat\AppData\Local\oobelibMkey.log deleted
C:\Users\fugat\AppData\Local\CrashRpt deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\CM21FF5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tpm-12ac-305c-63cc67.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1064-3e60-2c638a8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1064-3e60-2c638cb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1064-3e60-2c638cd.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1064-3e60-2c638cf.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1064-3e60-2c638d1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1064-3e60-2c638e3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1064-3e60-2c638e5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1064-3e60-2c638e7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1064-3e60-2c638e9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1064-3e60-2c638eb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1064-3e60-2c638ed.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1064-3e60-2c638fe.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1064-3e60-2c63900.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1064-3e60-2c63902.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1064-3e60-2c63904.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1064-3e60-2c63906.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1064-3e60-2c63908.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1064-3e60-2c6390a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1064-3e60-2c6391c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1064-3e60-2c6391e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1064-3e60-2c63920.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12ac-305c-63cbda.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12ac-305c-63cbdc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12ac-305c-63cbed.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12ac-305c-63cbef.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12ac-305c-63cbf1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12ac-305c-63cbf3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12ac-305c-63cbf5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12ac-305c-63cc07.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12ac-305c-63cc09.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12ac-305c-63cc0b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12ac-305c-63cc0d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12ac-305c-63cc0f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12ac-305c-63cc20.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12ac-305c-63cc22.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12ac-305c-63cc24.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12ac-305c-63cc26.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12ac-305c-63cc28.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12ac-305c-63cc2a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12ac-305c-63cc3c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12ac-305c-63cc3e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12ac-305c-63cc40.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12ac-305c-63cc42.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12ac-305c-63cc44.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12ac-305c-63cc46.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12ac-305c-63cc48.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12ac-305c-63cc5a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12ac-305c-63cc5c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12ac-305c-63cc5e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12ac-305c-63cc60.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12ac-305c-63cc62.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12ac-305c-63cc64.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12ac-305c-63cc66.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1464-fbc-2db8b8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1464-fbc-2db8eb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1464-fbc-2db8ed.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1464-fbc-2db8fe.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1464-fbc-2db910.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1464-fbc-2db921.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1464-fbc-2db923.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1464-fbc-2db925.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1464-fbc-2db927.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1464-fbc-2db939.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1464-fbc-2db94b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1464-fbc-2db94d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1464-fbc-2db94f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1464-fbc-2db951.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1464-fbc-2db953.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1464-fbc-2db974.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1464-fbc-2db976.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1464-fbc-2db978.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1464-fbc-2db97a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1464-fbc-2db98c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1464-fbc-2db98e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-16d8-3110-299526.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-16d8-3110-299578.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-16d8-3110-299589.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-16d8-3110-2995ab.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-16d8-3110-2995dc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-16d8-3110-29961c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-16d8-3110-29963d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-16d8-3110-29967e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-16d8-3110-29969f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-16d8-3110-2996d0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-16d8-3110-299701.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-16d8-3110-299712.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-16d8-3110-299753.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-16d8-3110-299765.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-16d8-3110-299795.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-16d8-3110-2997b7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-16d8-3110-2997c8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-16d8-3110-2997da.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-16d8-3110-29980b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-16d8-3110-29981c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-16d8-3110-29983e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1dec-1e34-368eed.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1dec-1e34-368f10.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1dec-1e34-368f22.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1dec-1e34-368f24.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1dec-1e34-368f35.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1dec-1e34-368f37.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1dec-1e34-368f49.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1dec-1e34-368f4b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1dec-1e34-368f6c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1dec-1e34-368f8d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1dec-1e34-368f8f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1dec-1e34-368fb1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1dec-1e34-368fd2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1dec-1e34-368fe3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1dec-1e34-368fe5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1dec-1e34-368fe7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1dec-1e34-368fe9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1dec-1e34-368feb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1dec-1e34-368ffd.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1dec-1e34-36900f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1dec-1e34-369020.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1dec-2a3c-251f8c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1dec-2a3c-251faf.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1dec-2a3c-251fc1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1dec-2a3c-251fc3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1dec-2a3c-251fc5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1dec-2a3c-251fc7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1dec-2a3c-251fc9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1dec-2a3c-251fcb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1dec-2a3c-251fdc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1dec-2a3c-251fde.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1dec-2a3c-251fe0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1dec-2a3c-251fe2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1dec-2a3c-251fe4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1dec-2a3c-251fe6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1dec-2a3c-251fe8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1dec-2a3c-251ffa.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1dec-2a3c-251ffc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1dec-2a3c-251ffe.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1dec-2a3c-252000.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1dec-2a3c-252002.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1dec-2a3c-252004.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-21e8-2d7c-14f964.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-21e8-2d7c-14f987.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-21e8-2d7c-14f989.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-21e8-2d7c-14f99b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-21e8-2d7c-14f99d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-21e8-2d7c-14f99f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-21e8-2d7c-14f9a1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-21e8-2d7c-14f9a3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-21e8-2d7c-14f9a5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-21e8-2d7c-14f9a7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-21e8-2d7c-14f9b8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-21e8-2d7c-14f9ba.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-21e8-2d7c-14f9bc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-21e8-2d7c-14f9be.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-21e8-2d7c-14f9c0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-21e8-2d7c-14f9c2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-21e8-2d7c-14f9d4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-21e8-2d7c-14f9d6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-21e8-2d7c-14f9d8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-21e8-2d7c-14f9da.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-21e8-2d7c-14f9dc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2454-1c10-37402a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2454-1c10-37402c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2454-1c10-37403d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2454-1c10-37403f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2454-1c10-374041.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2454-1c10-374043.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2454-1c10-374045.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2454-1c10-374057.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2454-1c10-374059.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2454-1c10-37405b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2454-1c10-37405d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2454-1c10-37406f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2454-1c10-374071.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2454-1c10-374073.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2454-1c10-374084.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2454-1c10-374086.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2454-1c10-374088.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2454-1c10-37408a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2454-1c10-37409c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2454-1c10-37409e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2454-1c10-3740a0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2454-1c10-3740a2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2454-1c10-3740a4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2454-1c10-3740a6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2454-1c10-3740b8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2454-1c10-3740ba.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2454-1c10-3740bc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2454-1c10-3740be.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2454-1c10-3740c0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2454-1c10-3740c2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2454-1c10-3740d3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2454-1c10-3740d5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2454-1c10-3740d7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2454-1c10-3740d9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2454-1c10-3740db.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2454-1c10-3740dd.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2454-1c10-3740ef.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2454-1c10-3740f1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2454-1c10-374122.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2454-1c10-374133.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2844-1cd8-192e5b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2844-1cd8-192e7e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2844-1cd8-192e90.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2844-1cd8-192e92.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2844-1cd8-192e94.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2844-1cd8-192e96.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2844-1cd8-192e98.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2844-1cd8-192e9a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2844-1cd8-192eac.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2844-1cd8-192eae.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2844-1cd8-192eb0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2844-1cd8-192eb2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2844-1cd8-192eb4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2844-1cd8-192eb6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2844-1cd8-192eb8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2844-1cd8-192ec9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2844-1cd8-192ecb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2844-1cd8-192ecd.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2844-1cd8-192ecf.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2844-1cd8-192ed1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2844-1cd8-192ed3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2af4-540-2eea04.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2af4-540-2eeb02.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2af4-540-2eeb04.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2af4-540-2eeb16.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2af4-540-2eeb18.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2af4-540-2eeb1a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2af4-540-2eeb3b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2af4-540-2eeb8b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2af4-540-2eeb9d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2af4-540-2eebae.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2af4-540-2eebcf.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2af4-540-2eebf1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2af4-540-2eec02.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2af4-540-2eec14.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2af4-540-2eec16.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2af4-540-2eec18.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2af4-540-2eec2a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2af4-540-2eec3b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2af4-540-2eec3d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2af4-540-2eec3f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2af4-540-2eec51.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2c80-399c-12823a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2c80-399c-12825d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2c80-399c-12825f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2c80-399c-128271.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2c80-399c-128273.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2c80-399c-128275.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2c80-399c-128277.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2c80-399c-128279.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2c80-399c-12827b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2c80-399c-12828c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2c80-399c-12828e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2c80-399c-128290.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2c80-399c-128292.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2c80-399c-1282a4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2c80-399c-1282a6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2c80-399c-1282a8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2c80-399c-1282ba.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2c80-399c-1282bc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2c80-399c-1282cd.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2c80-399c-1282df.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2c80-399c-12831f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e4-189c-15dccf.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e4-189c-15dcf2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e4-189c-15dcf4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e4-189c-15dd06.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e4-189c-15dd08.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e4-189c-15dd0a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e4-189c-15dd0c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e4-189c-15dd0e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e4-189c-15dd10.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e4-189c-15dd21.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e4-189c-15dd23.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e4-189c-15dd25.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e4-189c-15dd27.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e4-189c-15dd29.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e4-189c-15dd3b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e4-189c-15dd3d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e4-189c-15dd3f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e4-189c-15dd41.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e4-189c-15dd43.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e4-189c-15dd54.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e4-189c-15dd56.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3168-4870-350dd65.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3168-4870-350dd88.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3168-4870-350dd99.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3168-4870-350dd9b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3168-4870-350dd9d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3168-4870-350dd9f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3168-4870-350dda1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3168-4870-350ddb3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3168-4870-350ddb5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3168-4870-350ddb7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3168-4870-350ddb9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3168-4870-350ddbb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3168-4870-350ddcd.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3168-4870-350ddcf.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3168-4870-350ddd1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3168-4870-350ddd3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3168-4870-350ddd5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3168-4870-350dde6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3168-4870-350dde8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3168-4870-350ddea.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3168-4870-350ddec.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3348-1998-3a6a79.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3348-1998-3a6aac.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3348-1998-3a6aae.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3348-1998-3a6ab0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3348-1998-3a6ab2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3348-1998-3a6ab4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3348-1998-3a6ab6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3348-1998-3a6ac8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3348-1998-3a6aca.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3348-1998-3a6adb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3348-1998-3a6aed.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3348-1998-3a6aef.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3348-1998-3a6af1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3348-1998-3a6af3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3348-1998-3a6af5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3348-1998-3a6af7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3348-1998-3a6b09.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3348-1998-3a6b0b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3348-1998-3a6b0d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3348-1998-3a6b0f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3348-1998-3a6b11.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-35f4-290c-273368.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-35f4-290c-27338b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-35f4-290c-27338d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-35f4-290c-27338f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-35f4-290c-273391.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-35f4-290c-2733a3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-35f4-290c-2733a5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-35f4-290c-2733a7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-35f4-290c-2733a9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-35f4-290c-2733ab.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-35f4-290c-2733ad.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-35f4-290c-2733be.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-35f4-290c-2733c0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-35f4-290c-2733c2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-35f4-290c-2733c4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-35f4-290c-2733c6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-35f4-290c-2733c8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-35f4-290c-2733da.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-35f4-290c-2733dc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-35f4-290c-2733de.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-35f4-290c-2733e0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3600-b4c-2cc928.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3600-b4c-2cc95a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3600-b4c-2cc96c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3600-b4c-2cc97e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3600-b4c-2cc980.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3600-b4c-2cc991.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3600-b4c-2cc9a3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3600-b4c-2cc9b5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3600-b4c-2cc9c6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3600-b4c-2cc9d8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3600-b4c-2cc9e9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3600-b4c-2cc9eb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3600-b4c-2cc9ed.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3600-b4c-2cc9ef.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3600-b4c-2cc9f1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3600-b4c-2cc9f3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3600-b4c-2cca05.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3600-b4c-2cca17.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3600-b4c-2cca28.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3600-b4c-2cca3a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3600-b4c-2cca3c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3690-1d70-30c4083.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3690-1d70-30c40d5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3690-1d70-30c40e7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3690-1d70-30c4108.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3690-1d70-30c410a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3690-1d70-30c414b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3690-1d70-30c415c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3690-1d70-30c418d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3690-1d70-30c41fd.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3690-1d70-30c426c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3690-1d70-30c426e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3690-1d70-30c428f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3690-1d70-30c42c0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3690-1d70-30c4301.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3690-1d70-30c439f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3690-1d70-30c43d0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3690-1d70-30c43e1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3690-1d70-30c4403.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3690-1d70-30c4443.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3690-1d70-30c44c2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3690-1d70-30c4512.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3718-2cc0-2b85099.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3718-2cc0-2b850bc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3718-2cc0-2b850ce.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3718-2cc0-2b850d0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3718-2cc0-2b850d2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3718-2cc0-2b850d4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3718-2cc0-2b850d6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3718-2cc0-2b850f7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3718-2cc0-2b850f9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3718-2cc0-2b850fb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3718-2cc0-2b8510d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3718-2cc0-2b8511e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3718-2cc0-2b85120.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3718-2cc0-2b85122.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3718-2cc0-2b85124.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3718-2cc0-2b85126.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3718-2cc0-2b85128.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3718-2cc0-2b8513a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3718-2cc0-2b8513c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3718-2cc0-2b8513e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3718-2cc0-2b85140.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-389c-41ec-ddee9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-389c-41ec-ddf0c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-389c-41ec-ddf0e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-389c-41ec-ddf10.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-389c-41ec-ddf12.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-389c-41ec-ddf24.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-389c-41ec-ddf26.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-389c-41ec-ddf28.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-389c-41ec-ddf2a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-389c-41ec-ddf2c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-389c-41ec-ddf2e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-389c-41ec-ddf30.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-389c-41ec-ddf41.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-389c-41ec-ddf43.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-389c-41ec-ddf45.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-389c-41ec-ddf47.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-389c-41ec-ddf49.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-389c-41ec-ddf4b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-389c-41ec-ddf5d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-389c-41ec-ddf5f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-389c-41ec-ddf61.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3a14-3a18-96075.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3a14-3a18-960a8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3a14-3a18-960aa.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3a14-3a18-960ac.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3a14-3a18-960be.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3a14-3a18-960c0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3a14-3a18-960c2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3a14-3a18-960c4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3a14-3a18-960c6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3a14-3a18-960d7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3a14-3a18-960d9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3a14-3a18-960db.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3a14-3a18-960dd.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3a14-3a18-960df.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3a14-3a18-960f1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3a14-3a18-960f3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3a14-3a18-960f5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3a14-3a18-960f7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3a14-3a18-960f9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3a14-3a18-960fb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3a14-3a18-9610c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ac8-1dc0-18efca.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ac8-1dc0-18efdb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ac8-1dc0-18efdd.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ac8-1dc0-18efdf.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ac8-1dc0-18efe1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ac8-1dc0-18efe3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ac8-1dc0-18eff5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ac8-1dc0-18eff7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ac8-1dc0-18eff9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ac8-1dc0-18effb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ac8-1dc0-18effd.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ac8-1dc0-18efff.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ac8-1dc0-18f010.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ac8-1dc0-18f012.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ac8-1dc0-18f014.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ac8-1dc0-18f016.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ac8-1dc0-18f018.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ac8-1dc0-18f01a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ac8-1dc0-18f02c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ac8-1dc0-18f02e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ac8-1dc0-18f030.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ac8-1dc0-18f032.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ac8-1dc0-18f034.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ac8-1dc0-18f036.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ac8-1dc0-18f048.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ac8-1dc0-18f04a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ac8-1dc0-18f04c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ac8-1dc0-18f04e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ac8-1dc0-18f050.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ac8-1dc0-18f052.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ac8-1dc0-18f054.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ac8-1dc0-18f065.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ac8-1dc0-18f067.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ac8-1dc0-18f069.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ac8-1dc0-18f06b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ac8-1dc0-18f06d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ac8-1dc0-18f06f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ac8-1dc0-18f081.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ac8-1dc0-18f0b2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ac8-1dc0-18f0b4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3b6c-236c-a4b33.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3b6c-236c-a4b56.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3b6c-236c-a4b58.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3b6c-236c-a4b5a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3b6c-236c-a4b6c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3b6c-236c-a4b6e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3b6c-236c-a4b70.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3b6c-236c-a4b72.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3b6c-236c-a4b74.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3b6c-236c-a4b76.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3b6c-236c-a4b87.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3b6c-236c-a4b89.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3b6c-236c-a4b8b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3b6c-236c-a4b8d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3b6c-236c-a4b8f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3b6c-236c-a4b91.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3b6c-236c-a4b93.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3b6c-236c-a4ba5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3b6c-236c-a4ba7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3b6c-236c-a4ba9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3b6c-236c-a4bab.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ca8-2fd4-1768dd.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ca8-2fd4-176910.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ca8-2fd4-176912.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ca8-2fd4-176933.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ca8-2fd4-176955.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ca8-2fd4-176976.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ca8-2fd4-176978.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ca8-2fd4-1769d8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ca8-2fd4-1769da.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ca8-2fd4-1769dc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ca8-2fd4-1769de.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ca8-2fd4-176a1e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ca8-2fd4-176a30.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ca8-2fd4-176a32.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ca8-2fd4-176a34.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ca8-2fd4-176a36.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ca8-2fd4-176a38.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ca8-2fd4-176a49.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ca8-2fd4-176a5b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ca8-2fd4-176a5d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3ca8-2fd4-176a5f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c61e2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c61e4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c61f6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c61f8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c61fa.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c61fc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c61fe.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c6200.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c6212.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c6214.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c6216.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c6218.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c621a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c622b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c622d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c622f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c6231.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c6233.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c6245.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c6247.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c6249.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c624b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c624d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c624f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c6260.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c6272.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c6274.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c6276.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c6278.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c627a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c627c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c627e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c6290.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c6292.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c6294.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c6296.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c6298.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c629a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c62ab.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c62ad.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c62bf.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c643a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c644c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c644e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c6450.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c6452.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c6454.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c6456.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c6467.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c6469.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c646b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c646d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c646f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c6471.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c6483.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c6485.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c6487.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c6489.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c648b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c648d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3e04-1d14-3c649e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3fa4-52c-c35ea7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3fa4-52c-c35ecb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3fa4-52c-c35edc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3fa4-52c-c35ede.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3fa4-52c-c35ee0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3fa4-52c-c35ee2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3fa4-52c-c35ef4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3fa4-52c-c35ef6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3fa4-52c-c35ef8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3fa4-52c-c35f0a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3fa4-52c-c35f0c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3fa4-52c-c35f0e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3fa4-52c-c35f1f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3fa4-52c-c35f21.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3fa4-52c-c35f33.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3fa4-52c-c35f35.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3fa4-52c-c35f37.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3fa4-52c-c35f39.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3fa4-52c-c35f4a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3fa4-52c-c35f4c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3fa4-52c-c35f5e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-624-2a08-12a032.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-624-2a08-12a065.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-624-2a08-12a0e4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-624-2a08-12a153.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-624-2a08-12a1b3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-624-2a08-12a1e4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-624-2a08-12a1f5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-624-2a08-12a236.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-624-2a08-12a247.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-624-2a08-12a269.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-624-2a08-12a27a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-624-2a08-12a29b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-624-2a08-12a2cc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-624-2a08-12a2fd.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-624-2a08-12a30f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-624-2a08-12a320.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-624-2a08-12a332.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-624-2a08-12a344.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-624-2a08-12a346.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-624-2a08-12a348.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-624-2a08-12a359.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-c1c-c34-165ea.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-c1c-c34-1660e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-c1c-c34-1661f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-c1c-c34-16621.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-c1c-c34-16623.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-c1c-c34-16625.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-c1c-c34-16627.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-c1c-c34-16629.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-c1c-c34-1663b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-c1c-c34-1663d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-c1c-c34-1663f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-c1c-c34-16641.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-c1c-c34-16643.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-c1c-c34-16645.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-c1c-c34-16657.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-c1c-c34-16659.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-c1c-c34-1665b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-c1c-c34-1665d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-c1c-c34-1665f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-c1c-c34-16661.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-c1c-c34-16672.tmp deleted
"C:\ProgramData\UpdateLock-D78BF5DD33499EC2" deleted
"C:\DumpStack.log.tmp" not deleted
"C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\oobelibMkey.log" not deleted

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\fugat\AppData\Roaming\Thunderbird\Profiles\9spse6l6.default-release
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"web2pdfextension@web2pdf.adobedotcom"="C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn" [07.02.2022 17:13]

==== Firefox Extensions ======================

ProfilePath: C:\Users\fugat\AppData\Roaming\Thunderbird\Profiles\9spse6l6.default-release
- Undetermined - %ProfilePath%\extensions\cloud@johannes-endres.de.xpi
- Undetermined - %ProfilePath%\extensions\dav-cloudfile@darktrojan.net.xpi

==== Firefox Plugins ======================


==== Chromium Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
efaidnbmnnnibpcajpcglclefindmkaj - No path found[]
ihcjicgdanjaechkgeegckofjjedodee - No path found[]

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
lmjegmlicamnimmfhcmpkclmigmmcbeh - No path found[]

Podepisovací komponenta Signer - fugat\AppData\Local\Google\Chrome\User Data\Default\Extensions\alldahcdhngmcjagmefklhhecboiigni
uBlock₀ - fugat\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm
Malwarebytes Browser Guard - fugat\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee

==== Chromium Startpages ======================

C:\Users\fugat\AppData\Local\Google\Chrome\User Data\Default\Preferences
022DF274C8DBC7269220C6A7CB","aohghmighlieiainnegkcijnfilokake":"3B16D80CAC856FEF01695472E7E23CC7827C24451E9133AD789A4E31A4ACD257","apdfllckaahabafndbhieahigkjlhalf":"AD679CD54183FF568197B85B7BF9486586C25CB3711BC749A3FC84B44E4C7FAF","blpcfgokakmgnkcojhhkbfbldkacnbeo":"386E26D91724EF8928AB1C7926BE61F2207CDED5A51249E01EB1509A0245FE4C","cjpalhdlnbpafiamejdnhcphjbkeiagm":"E285FAC404600FD1044D20438E3FA9CB2234CA3166E298A7C4A46348D748D493","efaidnbmnnnibpcajpcglclefindmkaj":"39E8337EB03738FC1001D740F83859194423BE624233675E58D7F4C586CF6722","ejbdobdndcjhdmljipngpeoekdinlohe":"8C3855EE3DE2E4E6E85FD340AE6ABC946B3E01DC67E357998B1CCC40598F1AC0","felcaaldnbdncclmgdcncolpebgiejap":"F7586D7865B7DD72AED91FE5F69A24215AF10EEDBB5A2336AE036C71156C6A02","gfdkimpbcpahaombhbimeihdjnejgicl":"D48BB5904C2C5BBA2DD59753AC21241BFF675E5DBA13F9CCBF97065A60A1F937","ghbmnnjooekpmoecnnnilnnbdlolhkhi":"071959CC6AA4ABE42186357295258F1A000968322C0D850F308962F989DAF9FF","ihcjicgdanjaechkgeegckofjjedodee":"558425F9E309833ED607F26DE561FC9B8CDA74BD4354154597F821CC85AA58BB","iikflkcanblccfahdhdonehdalibjnif":"5419C1212CB35D23908B83D46DA26B258D1DB45FDD081255347CD16F1C22B95F","kmendfapggjehodndflmmgagdbamhnfd":"618B92FE112F277BED0A63519371476D97221DCEA479D3AEF1E6B017D3E1F600","lmjegmlicamnimmfhcmpkclmigmmcbeh":"F122E1CCC33FB20388E3D380754C94D1B3B04962A4DAFB864201E5EBB3B7556D","mgndgikekgjfcpckkfioiadnlibdjbkf":"03A181E0A6F44C439F7E2BEB719EF6A7CDA461A51008A3F50330924A7878312B","mhjfbmdgcfjbbpaeojofohoefgiehjai":"18DC0C03374A176B81945052A4EEDA2426A446885414937DFA08704267061C9F","neajdppkdcdipfabeoofebfddakdcjhd":"09877D91C57556E6EF2357ED480E01319C2B1AEC4DD7A3F25CCA85F4CCEB4921","nkeimhogjdpnpccoofpliimaahmaaome":"B9715320975BB6CFA705C30C40BC771B550771371B98E22647C8473329387D94","nmgcfemagnogdodbambjhdcmfcpicngl":"E795ED1D9739A8857CA05753E5EFF1CECFEC4D6E6E99B48142EB634477E64FE4","nmmhkkegccagdldgiimedpiccmgmieda":"BE1F8308554810D8B9CA99483A91939848B44DFF51A5BF824DE0585E5A0CD2A3","pjkljhegncpnkpknbcohdijeoejaedia":"AF95A06E80B4EC1B25AED6DA41DFC2AF5FA44CBD219FB526861601216F8CF89E"}},"google":{"services":{"account_id":"604BD850F3628709A4D5842C3CDFD535AF9F881ADAC77D9925462AE2FD0A2C03","last_account_id":"4F8A7208372321E40059D2ADE79025086B3F0AE67FA95A4E45C84386663BA285","last_username":"55A9567315BEF62C20A1CCD65A31F37E9AAF7AD45331361DBB5087A1F4358E95"}},"homepage":"828FFD637AE3B82746BE1219430FD29D537DF550167FEA310214EEDEAEF0B67F","homepage_is_newtabpage":"70832BC1B7F90192E4100629754BCDE716756FFC80C5CDF55C8783BAC9E6BBB8","media":{"cdm":{"origin_data":"01BCC63FCC690F1F75E7818F93BAB65DDB9754DCD98B655D84FFF94E8CF910E1"},"storage_id_salt":"71F9C6C0E17D1CE568EE0C0A0EEFACB3E78ADC97D29F4AA409309731202EB595"},"module_blocklist_cache_md5_digest":"B17F32085B0C4243981397CF81105E1691D27592D706DE92197F33220A451CE6","pinned_tabs":"1A827502BD7CE8F660D5B497AFA3550F82A7DB3FEB8B5E00992AF122F3D8C840","prefs":{"preference_reset_time":"0E142E5BCF8A67F4E6B6CC1EA4F96BD103809E7A931876AB41B504470A93A769"},"safebrowsing":{"incidents_sent":"829160E777C64DDE43503F43CC1A12384DB7725BC0714312871B9610D5EC96D0"},"search_provider_overrides":"58325FB729E8DB432643D4A5DB666019C0BBA7A7251E97066A05036334ECFE39","session":{"restore_on_startup":"F177007CFD8B50BA5FC660F18BDF21720D8125C6EA08D3DC69B24D2275EE400D","startup_urls":"68477D352D029E21D1ECAF70678842041DC4F067AEB87A66F98DBE6A09A1A7D2"},"settings_reset_prompt":{"last_triggered_for_default_search":"02D1F2F3DC1A345BF9DF0A322422C20BA5D5323BF5937DC96B990B2C37AD87F4","last_triggered_for_homepage":"381DC6CB8DA955E94A809048AE72A5DD48F758905E82B2B6F37AC6B0C651FB87","last_triggered_for_startup_urls":"C0F6BB63CEAC1F653CFFC0FFBD68D28601735A9A67B1A8F7517453DD83A46C26","prompt_wave":"D36EF1A3671882DFCF2974AC989D63A134AE9824C85F5B739909134A92724D20"},"software_reporter":{"prompt_seed":"3073B86D44821E9F30DDE6C01CDD08E78CB9F5053CE03AE8A0D04D45F2C1D1F7","prompt_version":"132CA34074903F1673F98192660FB170C996F2FD00A80CAB133267360B21B7F9","reporting":"81A4FB9B643B40EF8EBB9D4AED801C03C255BF9D001C0D1104DF1D6718EB4600"}},"super_mac":"DFAB551AECE6A8FB0312CFD509F4044D24E4EBF951B402BE498CE42385B3EA20"},"session":{"restore_on_startup":4,"startup_urls":["https://www.google.cz/"]}}

C:\Users\fugat\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
aPlaybacks":0,"visits":2}},"https://ntp.msn.com:443,*":{"expiration":"0","last_modified":"13293473404440805","model":0,"setting":{"hasHighScore":false,"lastMediaPlaybackTime":0.0,"mediaPlaybacks":0,"visits":3}},"https://www.bing.com:443,*":{"expiration":"0","last_modified":"13288861076095604","model":0,"setting":{"hasHighScore":false,"lastMediaPlaybackTime":0.0,"mediaPlaybacks":0,"visits":2}},"https://www.google.com:443,*":{"expiration":"0","last_modified":"13288700481918515","model":0,"setting":{"hasHighScore":false,"lastMediaPlaybackTime":0.0,"mediaPlaybacks":0,"visits":1}},"https://www.msn.com:443,*":{"expiration":"0","last_modified":"13293635299550785","model":0,"setting":{"hasHighScore":false,"lastMediaPlaybackTime":0.0,"mediaPlaybacks":0,"visits":1}}},"media_stream_camera":{},"media_stream_mic":{},"midi_sysex":{},"mixed_script":{},"nfc_devices":{},"notifications":{},"password_protection":{},"payment_handler":{},"permission_autoblocking_data":{},"permission_autorevocation_data":{},"popups":{},"ppapi_broker":{},"protected_media_identifier":{},"protocol_handler":{},"safe_browsing_url_check_data":{},"sensors":{},"serial_chooser_data":{},"serial_guard":{},"site_engagement":{"https://account.adobe.com:443,*":{"expiration":"0","last_modified":"13293635279107064","model":0,"setting":{"decayModifiedScore":3.0,"lastEngagementTime":1.3293518015146508e+16,"lastShortcutLaunchTime":0.0,"pointsAddedToday":3.0,"rawScore":3.0}},"https://microsoftedge.microsoft.com:443,*":{"expiration":"0","last_modified":"13293635279107159","model":0,"setting":{"decayModifiedScore":3.6,"lastEngagementTime":1.3293519974864092e+16,"lastShortcutLaunchTime":0.0,"pointsAddedToday":3.6,"rawScore":3.6}},"https://microsoftedgewelcome.microsoft.com:443,*":{"expiration":"0","last_modified":"13293635279107170","model":0,"setting":{"decayModifiedScore":5.767558099894272,"lastEngagementTime":1.3293577595995716e+16,"lastShortcutLaunchTime":0.0,"pointsAddedToday":3.0,"rawScore":5.81000451730112}},"https://ntp.msn.com:443,*":{"expiration":"0","last_modified":"13293635279107181","model":0,"setting":{"decayModifiedScore":7.7698744293167845,"lastEngagementTime":1.3293606479107032e+16,"lastShortcutLaunchTime":0.0,"pointsAddedToday":3.0,"rawScore":7.872606337294193}},"https://www.bing.com:443,*":{"expiration":"0","last_modified":"13293635279107135","model":0,"setting":{"decayModifiedScore":9.409536,"lastEngagementTime":1.3293548794740644e+16,"lastShortcutLaunchTime":0.0,"pointsAddedToday":3.6,"rawScore":9.445013999999999}},"https://www.google.com:443,*":{"expiration":"0","last_modified":"13293635279107148","model":0,"setting":{"decayModifiedScore":2.1,"lastEngagementTime":1.3293496767570264e+16,"lastShortcutLaunchTime":0.0,"pointsAddedToday":2.1,"rawScore":2.1}},"https://www.google.cz:443,*":{"expiration":"0","last_modified":"13293635279107191","model":0,"setting":{"decayModifiedScore":3.0,"lastEngagementTime":1.329360639631202e+16,"lastShortcutLaunchTime":0.0,"pointsAddedToday":3.0,"rawScore":3.0}},"https://www.msn.com:443,*":{"expiration":"0","last_modified":"13293635279440004","model":0,"setting":{"decayModifiedScore":3.0,"lastEngagementTime":1.3293635279439994e+16,"lastShortcutLaunchTime":0.0,"pointsAddedToday":3.0,"rawScore":3.0}}},"sleeping_tabs":{},"sound":{},"ssl_cert_decisions":{},"storage_access":{},"subresource_filter":{},"subresource_filter_data":{},"token_binding":{},"trackers":{},"trackers_data":{"https://play.google.com:443,*":{"expiration":"0","last_modified":"13293635279851732","model":0,"setting":{"count":1}},"https://www.google-analytics.com:443,*":{"expiration":"0","last_modified":"13288700406022697","model":0,"setting":{"allowed_tracker_count":2}}},"tracking_org_exceptions":{},"tracking_org_relationships":{"https://microsoft.test:443,*":{"expiration":"0","last_modified":"13291967971798248","model":0,"setting":{"https://microsoftedgewelcome|microsoft|com/":true,"https://ntp|msn|com/":true,"https://www|bing|com/":true}}},"usb_chooser_data":{},"usb_guard":{},"vr":{},"webid_active_session":{},"webid_request":{},"webid_share":{},"window_placement":{}},"pref_version":1},"created_by_version":"98.0.1108.43","creation_time":"13288699673027908","default_content_setting_values":{"cookies":4},"edge_profile_id":"e62207c3-9798-4ba4-9482-d4fb6f217a7b","exit_type":"Normal","has_seen_signin_fre":true,"icon_version":15,"is_notice_bubble_shown":true,"last_engagement_time":"13293635279439994","last_time_obsolete_http_credentials_removed":1644226782.321711,"last_time_password_store_metrics_reported":1648999658.13248,"managed_user_id":"","name":"Osoba 1","observed_session_time":{"feedback_rating_in_product_help_observed_session_time_key_100.0.1185.29":91.0,"feedback_rating_in_product_help_observed_session_time_key_98.0.1108.43":274.0,"feedback_rating_in_product_help_observed_session_time_key_99.0.1150.39":6.0},"were_old_google_logins_removed":true},"protocol_handler":{"allowed_origin_protocol_pairs":{"https://support.hp.com":{"hpdevicecheck":true,"hpwebproductsdetection2":true,"hpwebproductsdetection3":true}}},"reset_prepopulated_engines":false,"safebrowsing":{"advanced_protection_last_refresh":"13293635279147623","event_timestamps":{},"metrics_last_log_time":"13293635279"},"session":{"restore_on_startup_urls_add_enabled":false},"sessions":{"event_log":[{"crashed":false,"time":"13288861033595512","type":0},{"did_schedule_command":true,"first_session_service":true,"tab_count":1,"time":"13288861076089730","type":2,"window_count":1},{"crashed":false,"time":"13291921422379859","type":0},{"did_schedule_command":true,"first_session_service":true,"tab_count":1,"time":"13291921426143878","type":2,"window_count":1},{"crashed":false,"time":"13291967970465636","type":0},{"did_schedule_command":true,"first_session_service":true,"tab_count":2,"time":"13291967975208778","type":2,"window_count":1},{"crashed":false,"time":"13293473228129482","type":0},{"crashed":true,"time":"13293473311006547","type":0},{"did_schedule_command":true,"first_session_service":true,"tab_count":1,"time":"13293473404437905","type":2,"window_count":1},{"crashed":false,"time":"13293635279055123","type":0},{"did_schedule_command":true,"first_session_service":true,"tab_count":1,"time":"13293635299547735","type":2,"window_count":1}],"session_data_status":3},"signin":{"allowed":true},"spellcheck":{"dictionaries":["cs"],"dictionary":""},"sync":{"autofill":true,"bag_of_chips":"CgMxMDY=","birthday":"ProductionEnvironmentDefinition","bookmarks":true,"cache_guid":"rFa77mn+emqboBkfGjzTTA==","collections":true,"collections_edge_re_evaluated":true,"collections_edge_supported":true,"edge_account_type":1,"edge_promoted_types":["sync.extensions","sync.typed_urls"],"extensions":true,"extensions_edge_supported":true,"gaia_id":"0003BFFD3A0791EF","has_setup_completed":true,"history_edge_supported":true,"keep_everything_synced":true,"keystore_encryption_key_state":"eyJleHBpcmF0aW9uX3RpbWUiOjE2NDkyNDgwODAuODM4MzQxfQ==","last_poll_time":"13293473233852709","last_synced_time":"13293635283138051","local_device_guids_with_timestamp":[{"cache_guid":"rFa77mn+emqboBkfGjzTTA==","timestamp":153861}],"passwords":true,"preferences":true,"requested":true,"short_poll_interval":"28800000000","tabs":true,"tabs_edge_supported":true,"typed_urls":true},"sync_consent_recorded":true,"translate_site_blacklist":[],"translate_site_blacklist_with_time":{},"unified_consent":{"migration_state":10},"updateclientdata":{"apps":{"ahkjpbeeocnddjkakilopmfdlnjdpcdm":{"cohort":"rrf@0.30","cohortname":"","dlrc":5553,"pf":"b6939e0d-211b-4334-a26a-b6223c8a58f3"}}},"user_experience_metrics":{"personalization_data_consent_enabled_last_known_value":false,"reporting_personalization_enabled":true},"variations":{"state_reset_on_profile_load":{"timestamp":"13288700322317137"}},"web_apps":{"did_migrate_default_chrome_apps":[],"last_preinstall_synchronize_version":"100","system_web_app_failure_count":0,"system_web_app_last_attempted_language":"cs","system_web_app_last_attempted_update":"100.0.1185.29","system_web_app_last_installed_language":"cs","system_web_app_last_update":"100.0.1185.29"}}
oken","preferences":{},"regular_only_preferences":{},"state":1,"was_installed_by_default":false,"was_installed_by_oem":false},"mhjfbmdgcfjbbpaeojofohoefgiehjai":{"active_permissions":{"api":["contentSettings","fileSystem","fileSystem.write","metricsPrivate","tabs","resourcesPrivate","fileSystem.readFullPath","errorReporting","edgeLearningToolsPrivate","fileSystem.getCurrentEntry"],"explicit_host":["edge://resources/*"],"manifest_permissions":[]},"commands":{},"content_settings":[],"creation_flags":1,"from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"install_time":"13288699673058361","location":5,"manifest":{"content_security_policy":"script-src 'self' 'wasm-eval' blob: filesystem: chrome://resources; object-src * blob: externalfile: file: filesystem: data:","description":"","incognito":"split","key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDN6hM0rsDYGbzQPQfOygqlRtQgKUXMfnSjhIBL7LnReAVBEd7ZmKtyN2qmSasMl4HZpMhVe2rPWVVwBDl6iyNE/Kok6E6v6V3vCLGsOpQAuuNVye/3QxzIldzG/jQAdWZiyXReRVapOhZtLjGfywCvlWq7Sl/e3sbc0vWybSDI2QIDAQAB","manifest_version":2,"mime_types":["application/pdf"],"mime_types_handler":"edge_pdf/index.html","name":"Microsoft Edge PDF Viewer","offline_enabled":true,"permissions":["errorReporting","chrome://resources/","contentSettings","metricsPrivate","edgeLearningToolsPrivate","resourcesPrivate","tabs",{"fileSystem":["write","readFullPath","getCurrentEntry"]}],"version":"1"},"path":"C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\98.0.1108.43\\resources\\edge_pdf","preferences":{},"regular_only_preferences":{},"state":1,"was_installed_by_default":false,"was_installed_by_oem":false},"ncbjelpjchkpbikbpkcchkhkblodoama":{"active_permissions":{"api":[],"manifest_permissions":[]},"commands":{},"content_settings":[],"creation_flags":1,"from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"install_time":"13288699673060654","location":5,"manifest":{"background":{"persistent":false,"scripts":["background.js"]},"externally_connectable":{"matches":["https://*.teams.microsoft.com/*","https://*.skype.com/*","https://*.teams.live.com/*"]},"incognito":"split","key":"MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtAdFAR3ckd5c7G8VSzUj4Ltt/QRInUOD00StG95LweksGcLBlFlYL46cHFVgHHj1gmzcpBtgsURdcrAC3V8yiE7GY4wtpOP+9l+adUGR+cyOG0mw9fLjyH+2Il0QqktsNXzkNiE1ogW4l0h4+PJc262j0vtm4hBzMvR0QScFWcAIcAErlUiWTt4jefXCAYqubV99ed5MvVMWBxe97wOa9hYwAhbCminOepA4RRTg9eyi0TiuHpq/bNI8C5qZgKIQNBAjgiFBaIx9hiMBFlK4NHUbFdgY6Qp/hSCMNurctwz1jpsXEnT4eHg1YWXfquoH8s4swIjkFCMBF6Ejc3cUkQIDAQAB","manifest_version":2,"name":"WebRTC Internals Extension","permissions":["webrtcInternalsPrivate"],"version":"2.0.2"},"path":"C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\98.0.1108.43\\resources\\webrtc_internals","preferences":{},"regular_only_preferences":{},"state":1,"was_installed_by_default":false,"was_installed_by_oem":false},"nkeimhogjdpnpccoofpliimaahmaaome":{"active_permissions":{"api":["desktopCapture","processes","webrtcAudioPrivate","webrtcDesktopCapturePrivate","webrtcLoggingPrivate","system.cpu","enterprise.hardwarePlatform"],"manifest_permissions":[]},"commands":{},"content_settings":[],"creation_flags":1,"events":["runtime.onConnectExternal"],"from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"install_time":"13293473228138862","location":5,"manifest":{"background":{"page":"background.html","persistent":false},"externally_connectable":{"matches":["https://*.google.com/*","https://*.microsoft.com/*","https://*.skype.com/*"]},"incognito":"split","key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDAQt2ZDdPfoSe/JI6ID5bgLHRCnCu9T36aYczmhw/tnv6QZB2I6WnOCMZXJZlRdqWc7w9jo4BWhYS50Vb4weMfh/I0On7VcRwJUgfAxW2cHB+EkmtI1v4v/OU24OqIa1Nmv9uRVeX0GjhQukdLNhAE6ACWooaf5kqKlCeK+1GOkQIDAQAB","manifest_version":2,"name":"Google Hangouts","permissions":["desktopCapture","enterprise.hardwarePlatform","processes","system.cpu","webrtcAudioPrivate","webrtcDesktopCapturePrivate","webrtcLoggingPrivate"],"version":"1.3.18"},"path":"C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\100.0.1185.29\\resources\\hangout_services","preferences":{},"regular_only_preferences":{},"service_worker_registration_info":{"version":"1.3.17"},"state":1,"was_installed_by_default":false,"was_installed_by_oem":false}}},"homepage":"http://www.google.cz/","homepage_is_new ... artup_urls":["https://www.google.cz/"]}}


==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.msn.com/?pc=HCTE"
"Search Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.google.com"
"Search Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.google.com"
"Search Page"="http://www.google.com"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://www.msn.com/?pc=HCTE"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... TR&pc=HCTE"

==== Reset Google Chrome ======================

C:\Users\fugat\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\fugat\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\fugat\AppData\Local\Microsoft\Edge\User Data\Default\Preferences was reset successfully
C:\Users\fugat\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences was reset successfully
C:\Users\fugat\AppData\Local\Google\Chrome\User Data\Default\Web Data will be reset at reboot
C:\Users\fugat\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal will be reset at reboot
C:\Users\fugat\AppData\Local\Microsoft\Edge\User Data\Default\Web Data was reset successfully
C:\Users\fugat\AppData\Local\Microsoft\Edge\User Data\Default\Web Data-journal was reset successfully

==== Empty IE Cache ======================

C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\fugat\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\fugat\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\fugat\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\fugat\AppData\Local\Microsoft\Edge\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

No Flash Cache Found

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=48 folders=697 490560166 bytes)

==== Empty Temp Folders ======================

C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\Users\fugat\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\DumpStack.log.tmp" not deleted
"C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\oobelibMkey.log" not found
"C:\Users\fugat\AppData\Local\Google\Chrome\User Data\Default\Web Data" not found
"C:\Users\fugat\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal" not found

==== EOF on 15.04.2022 at 12:07:03,58 ======================

Zoek OK. A Junkware?

nic se nezměnilo

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 10 Home x64
Ran by Petr (Administrator) on 15.04.2022 at 12:17:24,57
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 0




Registry: 2

Successfully deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C} (Registry Key)




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 15.04.2022 at 12:18:25,99
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

To je divné. Dejte ještě jeden log FRST.

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-04-2022
Ran by Petr (15-04-2022 19:24:03)
Running from C:\Users\fugat\OneDrive\Plocha
Microsoft Windows 11 Home Version 21H2 22000.613 (X64) (2022-02-07 08:57:03)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-518073881-1826240890-1261379532-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-518073881-1826240890-1261379532-503 - Limited - Disabled)
Guest (S-1-5-21-518073881-1826240890-1261379532-501 - Limited - Disabled)
Petr (S-1-5-21-518073881-1826240890-1261379532-1001 - Administrator - Enabled) => C:\Users\fugat
WDAGUtilityAccount (S-1-5-21-518073881-1826240890-1261379532-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Kaspersky Internet Security (Enabled - Up to date) {4F76F112-43EB-40E8-11D8-F7BD1853EA23}
FW: Kaspersky Internet Security (Disabled) {774D7037-0984-41B0-3A87-5E88E680AD58}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 15.007.20033 - Adobe Systems Incorporated)
Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version: 7.6.0.52 - Adobe Inc.)
ANT Drivers Installer x64 (HKLM\...\{AB7F8484-10C7-430B-8062-BA4D840BC328}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Balíček ovladače systému Windows - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Balíček ovladače systému Windows - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
CMS (HKLM-x32\...\CMS) (Version: - )
Elevated Installer (HKLM-x32\...\{917F39C7-FBD3-45F2-99DF-3A97EB981D5D}) (Version: 7.11.0.0 - Garmin Ltd or its subsidiaries) Hidden
ExpressVPN (HKLM-x32\...\{E5B9C3E5-889C-4F22-A959-F4B8468D8835}) (Version: 7.12.1.4 - ExpressVPN) Hidden
ExpressVPN (HKLM-x32\...\{ebd248cd-b3ef-4e14-b91a-d626fa5c392a}) (Version: 7.12.1.4 - ExpressVPN)
FastStone Image Viewer 7.5 (HKLM-x32\...\FastStone Image Viewer) (Version: 7.5 - FastStone Soft)
GameCenter (HKU\S-1-5-21-518073881-1826240890-1261379532-1001\...\GameCenter) (Version: 4.1669 - MY.COM B.V.)
Garmin Express (HKLM-x32\...\{3e2be2c6-99a0-4538-8f40-231106165750}) (Version: 7.11.0.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{A0D75BFE-F68C-450A-8353-C42A3F264BED}) (Version: 7.11.0.0 - Garmin Ltd or its subsidiaries) Hidden
Google Drive (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 56.0.11.0 - Google LLC)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 100.0.4896.127 - Google LLC)
HP Audio Switch (HKLM-x32\...\{0B1DA73D-0562-4DE1-B942-CEF286CF2EDD}) (Version: 1.0.211.0 - HP Inc.)
HP Connection Optimizer (HKLM-x32\...\{6468C4A5-E47E-405F-B675-A70A70983EA6}) (Version: 2.0.19.0 - HP)
HP Documentation (HKLM\...\HP_Documentation) (Version: 1.0.0.1 - HP Inc.)
Malwarebytes version 4.5.7.186 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.7.186 - Malwarebytes)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 100.0.1185.39 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 100.0.1185.39 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-518073881-1826240890-1261379532-1001\...\OneDriveSetup.exe) (Version: 22.055.0313.0001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{6A2A8076-135F-4F55-BB02-DED67C8C6934}) (Version: 4.67.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.29.30133 (HKLM-x32\...\{295d1583-fdb9-414b-a4c8-da539362a26b}) (Version: 14.29.30133.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.23.27820 (HKLM-x32\...\{45231ab4-69fd-486a-859d-7a59fcd11013}) (Version: 14.23.27820.0 - Microsoft Corporation)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 91.5.1 - Mozilla)
Mozilla Thunderbird (x64 cs) (HKLM\...\Mozilla Thunderbird 91.8.0 (x64 cs)) (Version: 91.8.0 - Mozilla)
Nástroje kontroly pravopisu pro Microsoft Office 2016 – čeština (HKLM\...\{90160000-001F-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2016 - slovenčina (HKLM\...\{90160000-001F-041B-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
NVIDIA FrameView SDK 1.1.4923.29214634 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29214634 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.20.5.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.5.70 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.38.40 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.40 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 460.93 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 460.93 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
RTS Stavitel+ 2016 (HKLM-x32\...\RTS Stavitel +_is1) (Version: 2016 - RTS, a.s.)
Total Commander 64+32-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.51 - Ghisler Software GmbH)
Warface My.Com (HKU\S-1-5-21-518073881-1826240890-1261379532-1001\...\Warface My.Com) (Version: 1.229 - MY.GAMES)
Základní software zařízení HP Smart Tank 510 series (HKLM\...\{798379C9-F589-45AA-9E80-633506245FD1}) (Version: 48.6.4634.2224 - HP Inc.)

Packages:
=========
AV1 Video Extension -> C:\Program Files\WindowsApps\Microsoft.AV1VideoExtension_1.1.50332.0_x64__8wekyb3d8bbwe [2022-03-08] (Microsoft Corporation)
Booking.com EMEA: Big savings on hotels in 96,000 destinations worldwide -> C:\Program Files\WindowsApps\PricelinePartnerNetwork.Booking.comEMEABigsavingso_2.0.5.0_x64__mgae2k3ys4ra0 [2022-02-07] (Priceline Partner Network)
Dropbox promotion -> C:\Program Files\WindowsApps\C27EB4BA.DropboxOEM_20.4.4.0_x64__xbfy0k16fey96 [2022-02-07] (Dropbox Inc.)
HP Audio Center -> C:\Program Files\WindowsApps\AD2F1837.HPAudioCenter_1.29.257.0_x64__v10z8vjag6ke6 [2022-04-12] (HP Inc.)
HP Privacy Settings -> C:\Program Files\WindowsApps\AD2F1837.HPPrivacySettings_1.0.42.0_x64__v10z8vjag6ke6 [2022-02-07] (HP Inc.)
HP QuickDrop -> C:\Program Files\WindowsApps\AD2F1837.HPQuickDrop_2.5.9180.0_x64__v10z8vjag6ke6 [2022-03-03] (HP Inc.)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_135.1.385.0_x64__v10z8vjag6ke6 [2022-03-22] (HP Inc.)
HP Support Assistant -> C:\Program Files\WindowsApps\AD2F1837.HPSupportAssistant_9.15.66.0_x64__v10z8vjag6ke6 [2022-04-06] (HP Inc.)
HP System Event Utility -> C:\Program Files\WindowsApps\ad2f1837.hpsystemeventutility_1.2.15.0_x64__v10z8vjag6ke6 [2022-02-07] (HP Inc.)
Intel® Optane™ Memory and Storage Management -> C:\Program Files\WindowsApps\AppUp.IntelOptaneMemoryandStorageManagement_18.1.1026.0_x64__8j3eq9eme6ctt [2022-04-02] (INTEL CORP)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.12.3171.0_x64__8wekyb3d8bbwe [2022-03-27] (Microsoft Studios) [MS Ad]
Microsoft Whiteboard -> C:\Program Files\WindowsApps\Microsoft.Whiteboard_52.10404.374.0_x64__8wekyb3d8bbwe [2022-04-05] (Microsoft Corporation)
myHP -> C:\Program Files\WindowsApps\AD2F1837.myHP_1.10.53228.0_x64__v10z8vjag6ke6 [2022-02-11] (HP Inc.) [Startup Task]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.962.0_x64__56jybvy8sckqj [2022-02-07] (NVIDIA Corp.)
OMEN Gaming Hub -> C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2203.4.0_x64__v10z8vjag6ke6 [2022-03-28] (HP Inc.) [Startup Task]
Simple Solitaire -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.SimpleSolitaire_7.4.4.0_x64__kx24dqmazqk8j [2022-02-07] (Random Salad Games LLC)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0 [2022-03-19] (Spotify AB) [Startup Task]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\56.0.11.0\drivefsext.dll [2022-03-30] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\56.0.11.0\drivefsext.dll [2022-03-30] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\56.0.11.0\drivefsext.dll [2022-03-30] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\56.0.11.0\drivefsext.dll [2022-03-30] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => C:\WINDOWS\System32\DriverStore\FileRepository\iastorpinningcomponent.inf_amd64_21802104c9b3e45d\OptaneShellExt.dll [2021-04-01] (Intel(R) Rapid Storage Technology -> )
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\56.0.11.0\drivefsext.dll [2022-03-30] (Google LLC -> Google, Inc.)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-04-13] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\WINDOWS\System32\DriverStore\FileRepository\iastorpinningcomponent.inf_amd64_21802104c9b3e45d\OptaneShellExt.dll [2021-04-01] (Intel(R) Rapid Storage Technology -> )
ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\56.0.11.0\drivefsext.dll [2022-03-30] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\56.0.11.0\drivefsext.dll [2022-03-30] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvhdci.inf_amd64_f6ce41c41f173600\nvshext.dll [2022-01-29] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-04-13] (Malwarebytes Corporation -> Malwarebytes)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LastPass.lnk -> C:\Program Files (x86)\Online Services\LastPass\WizLink.exe () -> hxxp://js.redirect.hp.com/jumpstation?bd=lastpass&c=*&locale=*&pf=*&s=*&tp=edge

==================== Loaded Modules (Whitelisted) =============

2021-10-16 09:31 - 2021-10-16 09:31 - 000009216 _____ () [File not signed] C:\Program Files\WindowsApps\AD2F1837.myHP_1.10.53228.0_x64__v10z8vjag6ke6\ImagePipelineNative.dll
2022-03-30 13:06 - 2022-03-30 13:06 - 147344896 _____ () [File not signed] C:\Users\fugat\AppData\Local\GameCenter\Chrome\99.4844.2526\libcef.dll
2022-03-29 21:01 - 2022-03-29 21:01 - 000345088 _____ () [File not signed] C:\Users\fugat\AppData\Local\GameCenter\Chrome\99.4844.2526\libegl.dll
2022-03-29 20:59 - 2022-03-29 20:59 - 005478400 _____ () [File not signed] C:\Users\fugat\AppData\Local\GameCenter\Chrome\99.4844.2526\libglesv2.dll
2022-03-29 20:54 - 2022-03-29 20:54 - 003425792 _____ () [File not signed] C:\Users\fugat\AppData\Local\GameCenter\Chrome\99.4844.2526\vk_swiftshader.dll
2022-03-29 20:54 - 2022-03-29 20:54 - 000702976 _____ () [File not signed] C:\Users\fugat\AppData\Local\GameCenter\Chrome\99.4844.2526\vulkan-1.dll
2022-02-07 12:39 - 2022-02-07 12:39 - 000144896 _____ () [File not signed] C:\Users\fugat\AppData\Local\GameCenter\zlib1.dll
2022-02-10 11:30 - 2022-02-10 11:30 - 000138240 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Interop.IWs06dcaa36#\f90e72b12d0aa935d781e317202c1f9b\Interop.IWshRuntimeLibrary.ni.dll
2015-03-17 02:34 - 2015-03-17 02:34 - 000013312 _____ (Adobe Systems Inc.) [File not signed] C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\locale\cs_cz\Acrobat Elements\ContextMenuShim64.cze
2022-02-10 10:32 - 2022-02-10 10:33 - 000107008 _____ (Facebook, Inc.) [File not signed] C:\Program Files\WindowsApps\AD2F1837.myHP_1.10.53228.0_x64__v10z8vjag6ke6\yoga.dll
2022-02-18 11:26 - 2022-02-18 11:26 - 000139776 _____ (hardcodet.net) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Hardcodet.W6cab32f3#\07cc04e050bf3a2b713a6738ca1e8d65\Hardcodet.Wpf.TaskbarNotification.ni.dll
2022-01-19 20:05 - 2022-01-19 20:05 - 000014336 _____ (HP Inc.) [File not signed] C:\Program Files\WindowsApps\ad2f1837.hpsystemeventutility_1.2.15.0_x64__v10z8vjag6ke6\SystemEventUtility\NativeRpcClient.DLL
2021-10-16 09:31 - 2021-10-16 09:31 - 000014848 _____ (HP Inc.) [File not signed] C:\Program Files\WindowsApps\AD2F1837.myHP_1.10.53228.0_x64__v10z8vjag6ke6\NativeRpcClient.dll
2022-03-27 10:39 - 2022-03-27 10:39 - 008441344 _____ (HP Inc.) [File not signed] C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2203.4.0_x64__v10z8vjag6ke6\OmenCommandCenterApp_UWP.dll
2021-05-24 11:11 - 2021-05-24 11:11 - 000014848 _____ (HP Inc.) [File not signed] C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2203.4.0_x64__v10z8vjag6ke6\win32\NativeRpcClient.DLL
2022-02-07 12:39 - 2022-02-24 11:21 - 000163840 _____ (Igor Pavlov) [File not signed] C:\Users\fugat\AppData\Local\GameCenter\7zxa.dll
2022-02-18 11:26 - 2022-02-18 11:26 - 001716736 _____ (Mark Heath & Contributors) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\NAudio\343277c8ff5a08dd62ebb4ad5af2f83a\NAudio.ni.dll
2019-12-07 11:07 - 2019-12-07 11:52 - 000285184 ____N (Microsoft Corporation) [File not signed] c:\windows\system32\drivers\umdf\wpdfs.dll
2022-02-15 11:08 - 2022-02-15 11:08 - 000137168 _____ (Microsoft Windows -> Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_421.20070.95.0_x64__cw5n1h2txyewy\Dashboard\WebView2Loader.dll
2022-02-18 11:26 - 2022-02-18 11:26 - 003087360 _____ (Newtonsoft) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Newtonsoft.Json\ec86693079e180f87ce3d207adb00ef8\Newtonsoft.Json.ni.dll
2022-02-10 10:32 - 2022-02-10 10:32 - 001662976 _____ (Robert Simpson, et al.) [File not signed] C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2203.4.0_x64__v10z8vjag6ke6\win32\SQLite.Interop.dll
2022-04-15 08:38 - 2022-04-15 08:38 - 000780288 _____ (The Apache Software Foundation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\log4net\e778c533c97b157a48ab38caf5383865\log4net.ni.dll
2022-02-07 12:39 - 2022-02-07 12:39 - 000694272 _____ (The curl library, hxxps://curl.se/) [File not signed] C:\Users\fugat\AppData\Local\GameCenter\libcurl.dll
2022-03-29 21:52 - 2022-03-29 21:52 - 000985600 _____ (The Chromium Authors) [File not signed] C:\Users\fugat\AppData\Local\GameCenter\Chrome\99.4844.2526\chrome_elf.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2022-03-28] (HP Inc. -> HP Inc.)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2022-03-28] (HP Inc. -> HP Inc.)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-12-07 11:14 - 2022-04-15 11:57 - 000000753 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-518073881-1826240890-1261379532-1001\Control Panel\Desktop\\Wallpaper -> D:\Fotky\Travní\SAM_0203.JPG
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

Network Binding:
=============
Wi-Fi: Realtek LightWeight Filter (NDIS6.40) -> nt_rtf64 (enabled)
Ethernet 2: Realtek LightWeight Filter (NDIS6.40) -> nt_rtf64 (enabled)
Ethernet: Realtek LightWeight Filter (NDIS6.40) -> nt_rtf64 (enabled)

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKU\S-1-5-21-518073881-1826240890-1261379532-1001\...\StartupApproved\Run: => "GarminExpress"
HKU\S-1-5-21-518073881-1826240890-1261379532-1001\...\StartupApproved\Run: => "kpm.exe"
HKU\S-1-5-21-518073881-1826240890-1261379532-1001\...\StartupApproved\Run: => "OneDrive"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{4DC86DAD-AC33-4F36-8503-FEFFA8FB79D7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{D906161A-D92F-443F-9AD3-FF488C5E43F6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1A911F33-32BE-4EE2-865A-9C7E47903571}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{7ACFB8BE-00A8-4C05-8CE6-F6A1A698CDB7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{9A2AA857-3393-4590-A2BA-DD72A4660FE5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{0E8DE388-50AB-4CBE-B7AF-8616B07CFD97}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{DC463D39-ADC3-4149-8239-7D6359FB587A}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5F1B2B05-DEDB-40BE-A214-170A39CF165E}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{84D7C2D1-576F-47BB-AD3E-A7CB412F6AE8}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{897668EC-48BD-43E3-8B06-D7A4A4CB8D3E}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{AB855F71-A716-4170-B080-53A17D1AE906}C:\users\fugat\appdata\local\gamecenter\gamecenter.exe] => (Block) C:\users\fugat\appdata\local\gamecenter\gamecenter.exe (My.Com B.V. -> )
FirewallRules: [UDP Query User{0BC0E3C0-48FC-4289-ABEB-0DEFE029084C}C:\users\fugat\appdata\local\gamecenter\gamecenter.exe] => (Block) C:\users\fugat\appdata\local\gamecenter\gamecenter.exe (My.Com B.V. -> )
FirewallRules: [{9CF2EDEC-DBB0-4136-B1A0-114938E3F956}] => (Allow) C:\Program Files\HP\HP Smart Tank 510 series\Bin\DeviceSetup.exe (HP Inc. -> HP Inc.)
FirewallRules: [{4D3A6033-BF6B-4A06-BC7B-AEAD4AA8D783}] => (Allow) LPort=5357
FirewallRules: [{D577065D-E862-4D34-ACC4-02A33C41AC86}] => (Allow) C:\Program Files\HP\HP Smart Tank 510 series\Bin\HPNetworkCommunicatorCom.exe (HP Inc. -> HP Inc.)
FirewallRules: [{B0895AEE-2E7B-49B9-B437-D8E41F311DD5}] => (Allow) C:\hp\Diagnostics\PSDR\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [{9BCF3230-0361-4FE4-A13A-E41B7E43E9B2}] => (Allow) C:\hp\Diagnostics\PSDR\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [{844B9B28-1E44-40F3-B885-B908D82A92D6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{3631F8A4-341D-45F1-96B5-D1C204FFEB5A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1E6CE3DC-F2EF-40E0-B21C-96D11528D48F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{F15769B6-B1E9-4E88-B97F-41E27CB5CCC8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{93980BE1-9E91-43D4-8BB5-32217BF8B6A2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{86C2ACBD-E7C5-4053-982D-A704D2898F0A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1BA1E742-FEED-4084-8AB9-34841749A8EB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{3D01A360-069C-437E-B887-3E497BF5BBD0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.181.604.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{9EF0735C-F61B-4676-9E53-90573B2083AE}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.82.404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{59BBBB29-241A-476B-9254-1FE1E5BECD40}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.82.404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{CEAE313F-CD64-416E-8BAC-2F90CBFCE9BB}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.82.404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{34A4E71C-CA50-47EF-A217-22D360EDE655}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.82.404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{94366A55-8246-4C68-80C7-057E295E2DBB}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2203.4.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{35AB9466-6480-449D-AD82-E96B771A9916}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2203.4.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{32AE380D-196A-4EF2-9562-EAE1E58C1159}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2203.4.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{57BF1688-38DE-4E35-8CBD-F528F2E71059}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2203.4.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{3C7A2A73-30D1-4CF3-8E85-69F97E7BF1A0}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2203.4.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{956727E3-7076-4D5E-AC0D-1736BAD1D433}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2203.4.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{5C1A709B-DAFD-440D-8320-C87A23385C79}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2203.4.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{38671937-DC87-4218-B2EB-0386549805B8}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2203.4.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{894AABB7-5933-4CF8-A156-822D817F94CA}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2203.4.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{5D00E702-B8F1-441D-96D5-E5CE52170410}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2203.4.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{5334F5A4-84A2-4876-B602-FC12C95B861F}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2203.4.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{02C5509C-D445-40DF-9649-1DFED68729F6}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2203.4.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{071F42C8-C5CC-4CBF-96D0-A100155999C6}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2203.4.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{5B0CA116-8A4E-4803-B398-2EFD98EEAC39}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2203.4.0_x64__v10z8vjag6ke6\win32\HP.Omen.OmenCommandCenter.exe (HP Inc. -> HP Inc.)
FirewallRules: [{4D9C58F8-3C75-4D76-9545-0BEC0F19E23C}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2203.4.0_x64__v10z8vjag6ke6\win32\OmenCommandCenterBackground.exe (HP Inc. -> HP Inc.)
FirewallRules: [{8D1410FF-1E5A-4F36-A2A2-C4176E36C53B}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2203.4.0_x64__v10z8vjag6ke6\win32\OmenCommandCenterBackground.exe (HP Inc. -> HP Inc.)
FirewallRules: [TCP Query User{5F8E448C-4526-4705-BE9B-C6CC7F171621}C:\mygames\warface my.com\bin64release\game.exe] => (Allow) C:\mygames\warface my.com\bin64release\game.exe (MRAC Warface -> MY.GAMES)
FirewallRules: [UDP Query User{483A7862-B8EC-462A-9A9B-D22DE80F3722}C:\mygames\warface my.com\bin64release\game.exe] => (Allow) C:\mygames\warface my.com\bin64release\game.exe (MRAC Warface -> MY.GAMES)
FirewallRules: [{C01CC65D-EAC3-4DE0-8DFF-B942897A49D2}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_22070.202.1253.1497_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{944C1370-D62D-477C-95FD-42FB44B4BCE0}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_22070.202.1253.1497_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5184FAAF-1B23-4CEE-8E21-D90678D3B515}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.39\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{75EF1B27-C17E-41FF-91EB-C1D8819AA66B}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

11-04-2022 07:49:46 Naplánovaný kontrolní bod
13-04-2022 10:59:36 Instalační služba modulů systému Windows
15-04-2022 11:57:15 zoek.exe restore point
15-04-2022 12:17:24 JRT Pre-Junkware Removal

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (04/15/2022 12:14:00 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrobat.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.22000.120_none_9d947278b86cc467.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.22000.120_none_e541a94fcce8ed6d.manifest.

Error: (04/15/2022 06:53:00 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (04/14/2022 02:53:41 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrobat.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.22000.120_none_9d947278b86cc467.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.22000.120_none_e541a94fcce8ed6d.manifest.

Error: (04/14/2022 06:52:54 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (04/13/2022 07:24:20 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrobat.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.22000.120_none_9d947278b86cc467.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.22000.120_none_e541a94fcce8ed6d.manifest.

Error: (04/13/2022 07:24:20 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrobat.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.22000.120_none_9d947278b86cc467.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.22000.120_none_e541a94fcce8ed6d.manifest.

Error: (04/13/2022 06:59:27 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrobat.exe se nezdařilo. Chyba v souboru manifestu nebo zásad na řádku .
Verze součásti požadovaná aplikací je v konfliktu s jinou verzí součásti, která je již aktivní.
Konfliktní součásti:
Součást 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.22000.120_none_9d947278b86cc467.manifest.
Součást 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.22000.120_none_e541a94fcce8ed6d.manifest.

Error: (04/13/2022 02:43:26 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0


System errors:
=============
Error: (04/15/2022 06:07:36 PM) (Source: Server) (EventID: 2505) (User: )
Description: Server nemohl vytvořit vazbu na přenos \Device\NetBT_Tcpip_{6937863E-C9AC-48BB-9F25-4C37672829CE}, protože jiný počítač v síti má stejný název. Server nelze spustit.

Error: (04/15/2022 02:18:15 PM) (Source: Server) (EventID: 2505) (User: )
Description: Server nemohl vytvořit vazbu na přenos \Device\NetBT_Tcpip_{6937863E-C9AC-48BB-9F25-4C37672829CE}, protože jiný počítač v síti má stejný název. Server nelze spustit.

Error: (04/15/2022 12:17:35 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Realtek Audio Universal Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.

Error: (04/15/2022 12:17:33 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA Display Container LS byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.

Error: (04/15/2022 12:04:29 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (04/15/2022 12:04:28 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (04/15/2022 12:04:28 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (04/15/2022 12:04:28 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.


Windows Defender:
================
Date: 2022-04-13 08:15:25
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {F6150783-DEAC-479C-9D5D-26FA2D7C036C}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2022-04-12 07:16:12
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {FDF5DA38-214B-46DE-89F1-7D3041E19915}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2022-04-11 07:48:44
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {1CBE6393-6111-48B0-A992-5EB7AA8C8535}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2022-04-10 10:52:34
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {101F0B8A-DEA4-4969-93CE-F97F5F349159}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2022-04-07 09:58:13
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {189E886C-DD73-4D03-9376-740EC845B6CE}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Event[0]

Date: 2022-02-09 07:57:48
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.357.332.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18900.2
Kód chyby: 0x80240022
Popis chyby: V daném programu nelze zkontrolovat aktualizace definic.

Date: 2022-02-09 07:56:34
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.321.69.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17300.4
Kód chyby: 0x80240022
Popis chyby: V daném programu nelze zkontrolovat aktualizace definic.

Date: 2022-02-09 07:56:34
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.321.69.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17300.4
Kód chyby: 0x80240022
Popis chyby: V daném programu nelze zkontrolovat aktualizace definic.

CodeIntegrity:
===============
Date: 2022-04-15 08:38:27
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2022-04-14 14:55:40
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2022-04-06 12:28:59
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2022-04-03 09:19:55
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\protected_elam.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

BIOS: AMI F.40 07/29/2021
Motherboard: HP 8767
Processor: Intel(R) Core(TM) i5-10400 CPU @ 2.90GHz
Percentage of memory in use: 27%
Total physical RAM: 16249.75 MB
Available physical RAM: 11830.62 MB
Total Virtual: 18681.75 MB
Available Virtual: 11828.21 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:476.13 GB) (Free:360 GB) NTFS
Drive d: (DATA) (Fixed) (Total:931.51 GB) (Free:760.91 GB) NTFS
Drive e: (Verbatim HDD) (Fixed) (Total:931.51 GB) (Free:171.2 GB) NTFS
Drive g: (Google Drive) (Fixed) (Total:15 GB) (Free:5.68 GB) FAT32

\\?\Volume{75a0fa6b-d1f9-4b47-ab8e-75e621a387d3}\ () (Fixed) (Total:0.54 GB) (Free:0.05 GB) NTFS
\\?\Volume{578c12f2-64de-443e-9267-de2bbf3feb75}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.16 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: 5FD808C6)

Partition: GPT.

==========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 69EA6628)

Partition: GPT.

==========================================================
Disk: 2 (Size: 931.5 GB) (Disk ID: D8A924DA)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-04-2022
Ran by Petr (administrator) on PETR (HP HP Pavilion Gaming Desktop TG01-1xxx) (15-04-2022 19:23:15)
Running from C:\Users\fugat\OneDrive\Plocha
Loaded Profiles: Petr
Platform: Microsoft Windows 11 Home Version 21H2 22000.613 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(C:\Program Files (x86)\ExpressVPN\bootstrap\amd64\nssm.exe ->) (Express Vpn LLC -> ExpressVPN) C:\Program Files (x86)\ExpressVPN\expressvpnd\expressvpnd.exe
(C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_421.20070.95.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\100.0.1185.39\msedgewebview2.exe <6>
(DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_86d9ab8950580d2e\x64\SysInfoCap.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_86d9ab8950580d2e\x64\BridgeCommunication.exe
(explorer.exe ->) (Google LLC -> ) C:\Program Files\Google\Drive File Stream\56.0.11.0\crashpad_handler.exe <2>
(explorer.exe ->) (Google LLC -> Google, Inc.) C:\Program Files\Google\Drive File Stream\56.0.11.0\GoogleDriveFS.exe <7>
(explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(explorer.exe ->) (My.Com B.V. -> ) C:\Users\fugat\AppData\Local\GameCenter\GameCenter.exe <6>
(Express Vpn LLC -> ExpressVPN) C:\Program Files (x86)\ExpressVPN\expressvpn-ui\ExpressVPNNotificationService.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler64.exe
(HP Inc.) C:\Program Files\WindowsApps\ad2f1837.hpsystemeventutility_1.2.15.0_x64__v10z8vjag6ke6\SystemEventUtility\HPSystemEventUtilityHost.exe
(HP Inc.) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2203.4.0_x64__v10z8vjag6ke6\win32\OmenCommandCenterBackground.exe
(SECOMN64.exe ->) (Sound Research Corporation -> Sound Research, Corp.) C:\Windows\System32\SECOCL64.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(services.exe ->) (Express Vpn LLC -> ExpressVPN) C:\Program Files (x86)\ExpressVPN\bootstrap\amd64\nssm.exe
(services.exe ->) (HON HAI PRECISION INDUSTRY CO.LTD. -> ) C:\Program Files\FanControlApp\FanControlApp.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPCommRecovery\HPCommRecovery.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_54a828a51f6769c8\x64\TouchpointAnalyticsClientService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_86d9ab8950580d2e\x64\AppHelperCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_86d9ab8950580d2e\x64\DiagsCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_86d9ab8950580d2e\x64\NetworkCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_86d9ab8950580d2e\x64\SysInfoCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpomencustomcapcomp.inf_amd64_7ea79942c83947c1\x64\OmenCap\OmenCap.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_897ea327b3fe52f7\esif_uf.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_3cbddcc68b1c0da2\RstMwService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
(services.exe ->) (Intel Corporation -> Intel(R) Corporation) C:\Windows\SysWOW64\XtuService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_3.63.31001.0_x64__8wekyb3d8bbwe\gamingservices.exe
(services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_3.63.31001.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\NisSrv.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvhdci.inf_amd64_f6ce41c41f173600\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) C:\Windows\RtkBtAudioServ.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_d92d7bec4b020758\RtkAudUService64.exe <2>
(services.exe ->) (Sound Research Corporation -> Sound Research, Corp.) C:\Windows\System32\SECOMN64.exe
(sihost.exe ->) (HP Inc.) C:\Program Files\WindowsApps\AD2F1837.myHP_1.10.53228.0_x64__v10z8vjag6ke6\win32\HPBackgroundProcess.exe
(svchost.exe ->) (HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe
(svchost.exe ->) (HP Inc.) C:\Program Files\WindowsApps\AD2F1837.myHP_1.10.53228.0_x64__v10z8vjag6ke6\HP.myHP.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_421.20070.95.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3426560 2021-11-23] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557768 2015-02-03] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [ExpressVPNNotificationService] => C:\Program Files (x86)\ExpressVPN\expressvpn-ui\ExpressVPNNotificationServiceStarter.exe [465120 2020-08-20] (Express Vpn LLC -> ExpressVPN)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [1851040 2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\56.0.11.0\GoogleDriveFS.exe [53664656 2022-03-30] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\56.0.11.0\GoogleDriveFS.exe [53664656 2022-03-30] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-518073881-1826240890-1261379532-1001\...\Run: [HPSEU_Host_Launcher] => C:\System.sav\util\HPSEU\HpseuHostLauncher.exe [525312 2021-08-03] (HP Inc.) [File not signed]
HKU\S-1-5-21-518073881-1826240890-1261379532-1001\...\Run: [GameCenter] => C:\Users\fugat\AppData\Local\GameCenter\GameCenter.exe [11402504 2022-04-14] (My.Com B.V. -> )
HKU\S-1-5-21-518073881-1826240890-1261379532-1001\...\Run: [GarminExpress] => C:\Program Files (x86)\Garmin\Express\express.exe [31193432 2022-01-12] (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-518073881-1826240890-1261379532-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\56.0.11.0\GoogleDriveFS.exe [53664656 2022-03-30] (Google LLC -> Google, Inc.)
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\56.0.11.0\GoogleDriveFS.exe [53664656 2022-03-30] (Google LLC -> Google, Inc.)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\WINDOWS\system32\AdobePDF.dll [54944 2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Inc)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\100.0.4896.127\Installer\chrmstp.exe [2022-04-15] (Google LLC -> Google LLC)
Startup: C:\Users\fugat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sledování výstrah kazety - HP Smart Tank 510 series.lnk [2022-04-15]
ShortcutAndArgument: Sledování výstrah kazety - HP Smart Tank 510 series.lnk -> C:\WINDOWS\system32\RunDll32.exe => "C:\Program Files\HP\HP Smart Tank 510 series\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN14G440GV;CONNECTION=USB;MONITOR=1;

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0D888005-962A-4BF6-AEB4-6B21DBBA9711} - \HPAudioSwitch -> No File <==== ATTENTION
Task: {10151963-BE95-4337-8CEE-85562735DEB9} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {2B39A18A-4466-4239-A58A-9EA8FECC3551} - System32\Tasks\RtkAudUService64_BG => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_d92d7bec4b020758\RtkAudUService64.exe [1372264 2021-10-14] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {364F5A20-4D48-4EE2-BF11-E6D166A366B2} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {38463ED2-5B0A-41B9-ADE1-D9D3FF72511F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4B75AF71-A6A7-42E8-8B72-EB9E9B529621} - System32\Tasks\GoogleUpdateTaskMachineCore{7AE1C9F1-9540-418C-921D-FD4FDE5E1410} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2022-02-07] (Google LLC -> Google LLC)
Task: {4D33C652-2C7C-4B8A-84B8-40EAF1EBFD31} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {6C353243-8DF9-420D-8450-E8D9C632262D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {6CC18422-BAE7-4D28-AAAC-B8BBBC8A4CE9} - System32\Tasks\HP\Consent Manager Launcher => sc start hptouchpointanalyticsservice
Task: {80A120DA-29C6-4F45-9599-6A520F2C007B} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [26968 2022-01-12] (Garmin International, Inc. -> )
Task: {956C0A3F-0F09-4C50-BE25-E3E18A046B9C} - \NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {A491907D-D74D-4B82-95B1-AD59C912F71E} - \NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> No File <==== ATTENTION
Task: {C04E5708-FE69-48FC-93F6-0881FAC8ECE5} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3426560 2021-11-23] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {C4CB05B8-C2FE-41E2-82B7-E3B00A830AAE} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-18] (Adobe Inc. -> Adobe Inc.)
Task: {D36CAA0A-4052-4E2E-A75B-7FAEEAFCB9AD} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSFReport.exe [138328 2022-03-28] (HP Inc. -> HP Inc.)
Task: {D6289842-C650-49EA-A997-EBDAA99BA741} - System32\Tasks\GoogleUpdateTaskMachineUA{20B3175A-8648-4988-A471-F17AD8C33B26} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2022-02-07] (Google LLC -> Google LLC)
Task: {D6EDDE36-EC6B-40EE-8224-F8665F53331A} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {EAB9192F-4332-4405-9ADF-98BC88B5DBD4} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{6937863e-c9ac-48bb-9f25-4c37672829ce}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{fd2bec96-b3e5-4cbd-bd2d-45992acf282d}: [DhcpNameServer] 192.168.0.1

Edge:
=======
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

FireFox:
========
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat DC - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn [2022-02-07] [Legacy] [not signed]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-01-23] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-01-23] (Adobe Systems Incorporated -> Adobe Systems)

Chrome:
=======
CHR Profile: C:\Users\fugat\AppData\Local\Google\Chrome\User Data\Default [2022-04-15]
CHR HomePage: Default -> hxxp://www.google.cz/
CHR StartupUrls: Default -> "hxxps://www.google.cz/"
CHR Extension: (Podepisovací komponenta Signer) - C:\Users\fugat\AppData\Local\Google\Chrome\User Data\Default\Extensions\alldahcdhngmcjagmefklhhecboiigni [2022-04-15]
CHR Extension: (uBlock Origin) - C:\Users\fugat\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2022-04-15]
CHR Extension: (Adobe Acrobat: nástroje pro úpravu, převod a podpis souborů PDF) - C:\Users\fugat\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2022-04-15]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\fugat\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-04-15]
CHR Extension: (Spouštěč aplikací pro Disk (od Googlu)) - C:\Users\fugat\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2022-04-15]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\fugat\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-04-15]
CHR Profile: C:\Users\fugat\AppData\Local\Google\Chrome\User Data\System Profile [2022-04-14]
CHR HKU\S-1-5-21-518073881-1826240890-1261379532-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-18] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3849472 2021-11-23] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3617024 2021-11-23] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 ExpressVPNService; C:\Program Files (x86)\ExpressVPN\bootstrap\amd64\nssm.exe [437472 2020-08-20] (Express Vpn LLC -> ExpressVPN)
R2 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [891256 2020-07-30] (HP Inc. -> HP Inc.)
R2 HPAppHelperCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_86d9ab8950580d2e\x64\AppHelperCap.exe [762888 2022-02-27] (HP Inc. -> HP Inc.)
R2 HPDiagsCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_86d9ab8950580d2e\x64\DiagsCap.exe [760312 2022-02-27] (HP Inc. -> HP Inc.)
R2 HPNetworkCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_86d9ab8950580d2e\x64\NetworkCap.exe [758280 2022-02-27] (HP Inc. -> HP Inc.)
R2 HPOmenCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpomencustomcapcomp.inf_amd64_7ea79942c83947c1\x64\OmenCap\OmenCap.exe [698760 2022-02-14] (HP Inc. -> HP Inc.)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [218272 2022-03-22] (HP Inc. -> HP Inc.)
R2 HPSysInfoCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_86d9ab8950580d2e\x64\SysInfoCap.exe [761376 2022-02-27] (HP Inc. -> HP Inc.)
R2 HpTouchpointAnalyticsService; C:\WINDOWS\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_54a828a51f6769c8\x64\TouchpointAnalyticsClientService.exe [494672 2021-11-22] (HP Inc. -> HP Inc.)
R2 ID19 HP Fan Control Service; C:\Program Files\FanControlApp\FanControlApp.exe [283168 2020-04-29] (HON HAI PRECISION INDUSTRY CO.LTD. -> )
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8348856 2022-04-13] (Malwarebytes Inc -> Malwarebytes)
S3 mracsvc; C:\WINDOWS\System32\mracsvc.exe [24538344 2022-04-06] (My.Com B.V. -> My.com B.V.)
R2 RtkBtAudioServ; C:\WINDOWS\RtkBtAudioServ.exe [234064 2020-12-21] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\NisSrv.exe [3116848 2022-04-08] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe [133544 2022-04-08] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvhdci.inf_amd64_f6ce41c41f173600\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvhdci.inf_amd64_f6ce41c41f173600\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 expressvpnsplittunnel; C:\Program Files (x86)\ExpressVPN\splittunnel\expressvpnsplittunnel.sys [37024 2020-08-20] (ExprsVPN LLC -> ExpressVPN)
R1 googledrivefs3758; C:\WINDOWS\System32\DRIVERS\googledrivefs3758.sys [384584 2022-03-24] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
R3 HPCustomCapDriver; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapdriver.inf_amd64_a955fa431e522f5e\x64\hpcustomcapdriver.sys [25592 2021-09-16] (HP Inc. -> HP Inc.)
R3 HPOmenCustomCapDriver; C:\WINDOWS\System32\DriverStore\FileRepository\hpomencustomcapdriver.inf_amd64_326f2e1d16385daf\x64\hpomencustomcapdriver.sys [23888 2020-04-21] (HP Inc. -> HP Inc.)
S3 Hsp; C:\WINDOWS\System32\drivers\Hsp.sys [110904 2022-02-06] (Microsoft Windows -> Microsoft Corporation)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223688 2022-04-15] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2022-04-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2022-04-13] (Malwarebytes Inc -> Malwarebytes)
R3 MpKsl7bd51cd9; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{D833FDE9-6558-4CB4-9610-03F41B094A47}\MpKslDrv.sys [139536 2022-04-15] (Microsoft Windows -> Microsoft Corporation)
S3 mracdrv; C:\WINDOWS\System32\drivers\mracdrv1.sys [23774760 2022-04-06] (My.Com B.V. -> My.com B.V.)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48552 2021-11-01] (Microsoft Windows Hardware Compatibility Publisher -> NVIDIA Corporation)
R1 rtf64; C:\WINDOWS\system32\DRIVERS\rtf64x64.sys [70560 2020-12-22] (Realtek Semiconductor Corp. -> Realtek)
R3 tapexpressvpn; C:\WINDOWS\System32\drivers\tapexpressvpn.sys [52904 2020-08-20] (ExprsVPN LLC -> The OpenVPN Project)
S3 trufos; C:\WINDOWS\System32\drivers\trufos.sys [641736 2022-04-13] (Bitdefender SRL -> Bitdefender)
R3 ViGEmBus; C:\WINDOWS\System32\DriverStore\FileRepository\vigembus.inf_amd64_8a927fc43d8a7838\x64\ViGEmBus.sys [91432 2020-04-21] (HP Inc. -> Benjamin Hoeglinger-Stelzer)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49600 2022-04-08] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [443664 2022-04-08] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [90384 2022-04-08] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-04-15 18:24 - 2022-04-15 18:24 - 000000000 ____D C:\Users\fugat\AppData\Local\CrashRpt
2022-04-15 12:08 - 2022-04-15 12:08 - 000000000 _____ C:\ProgramData\UpdateLock-D78BF5DD33499EC2
2022-04-15 12:07 - 2022-04-15 12:07 - 000223688 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2022-04-15 12:07 - 2022-04-15 12:07 - 000000000 ____D C:\Users\fugat\AppData\Local\VirtualStore
2022-04-15 12:06 - 2022-04-15 11:55 - 000024064 _____ C:\WINDOWS\zoek-delete.exe
2022-04-15 11:55 - 2022-04-15 12:04 - 000000000 ____D C:\zoek_backup
2022-04-14 12:36 - 2022-04-14 12:42 - 000000000 ____D C:\AdwCleaner
2022-04-14 07:06 - 2022-04-15 19:23 - 000000000 ____D C:\FRST
2022-04-13 19:13 - 2022-04-13 19:22 - 000000054 _____ C:\WINDOWS\Lic.xxx
2022-04-13 19:13 - 2022-04-13 19:13 - 000000000 ____D C:\PUB
2022-04-13 19:13 - 2022-04-13 19:12 - 000641736 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\trufos.sys
2022-04-13 19:12 - 2022-04-13 19:12 - 000632064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr80.dll
2022-04-13 19:12 - 2022-04-13 19:12 - 000554240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp80.dll
2022-04-13 19:12 - 2022-04-13 19:12 - 000176760 _____ (MicroWorld Technologies Inc.) C:\WINDOWS\SysWOW64\eEmpty.exe
2022-04-13 19:12 - 2022-04-13 19:12 - 000000000 ____D C:\ProgramData\MicroWorld
2022-04-13 18:59 - 2022-04-13 18:59 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2022-04-13 18:59 - 2022-04-13 18:59 - 000002040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2022-04-13 18:59 - 2022-04-13 18:58 - 000160176 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2022-04-13 18:59 - 2022-04-13 18:58 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2022-04-13 18:58 - 2022-04-13 18:58 - 000000000 ____D C:\ProgramData\Malwarebytes
2022-04-13 18:58 - 2022-04-13 18:58 - 000000000 ____D C:\Program Files\Malwarebytes
2022-04-13 11:02 - 2022-04-13 11:02 - 002550832 _____ (The ICU Project) C:\WINDOWS\system32\icu.dll
2022-04-13 11:02 - 2022-04-13 11:02 - 002080992 _____ (The ICU Project) C:\WINDOWS\SysWOW64\icu.dll
2022-04-13 11:02 - 2022-04-13 11:02 - 000372736 _____ C:\WINDOWS\system32\hwreqchk.dll
2022-04-13 11:02 - 2022-04-13 11:02 - 000069632 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2022-04-13 11:02 - 2022-04-13 11:02 - 000015192 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-04-13 11:01 - 2022-04-13 11:01 - 000032768 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe
2022-04-13 11:00 - 2022-04-13 11:00 - 000000000 ___HD C:\$WinREAgent
2022-04-13 07:03 - 2022-04-13 14:36 - 000000000 ____D C:\Program Files\Mozilla Thunderbird
2022-04-03 09:20 - 2022-04-03 09:20 - 000000000 ____D C:\Users\fugat\OneDrive\Dokumenty\TotalAV
2022-04-03 09:19 - 2022-04-03 09:19 - 000000000 ____D C:\Users\fugat\AppData\Local\GUI
2022-03-31 16:39 - 2022-03-24 07:54 - 000384584 _____ (Google, Inc.) C:\WINDOWS\system32\Drivers\googledrivefs3758.sys

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-04-15 19:21 - 2022-02-07 12:39 - 000000000 ____D C:\Users\fugat\AppData\Local\GameCenter
2022-04-15 19:17 - 2022-02-07 10:41 - 000000000 ____D C:\WINDOWS\SystemTemp
2022-04-15 18:45 - 2022-02-07 11:40 - 000000000 ____D C:\Program Files (x86)\Google
2022-04-15 18:24 - 2022-02-07 10:50 - 000000000 ____D C:\ProgramData\NVIDIA
2022-04-15 18:24 - 2022-02-07 10:41 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-04-15 18:08 - 2022-02-07 13:07 - 000000000 ____D C:\Users\fugat\AppData\LocalLow\Mozilla
2022-04-15 18:08 - 2022-02-07 13:07 - 000000000 ____D C:\ProgramData\Mozilla
2022-04-15 12:13 - 2022-02-07 11:00 - 001715074 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-04-15 12:13 - 2022-02-07 10:43 - 000724594 _____ C:\WINDOWS\system32\perfh005.dat
2022-04-15 12:13 - 2022-02-07 10:43 - 000150556 _____ C:\WINDOWS\system32\perfc005.dat
2022-04-15 12:13 - 2022-02-07 10:41 - 000000000 ____D C:\WINDOWS\INF
2022-04-15 12:11 - 2022-02-07 11:27 - 000000000 ____D C:\Users\fugat\AppData\Local\D3DSCache
2022-04-15 12:07 - 2022-02-07 10:50 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-04-15 12:07 - 2022-02-07 10:41 - 000000000 ____D C:\WINDOWS\ServiceState
2022-04-15 12:06 - 2022-02-07 10:49 - 000012288 ___SH C:\DumpStack.log.tmp
2022-04-15 12:06 - 2022-02-07 10:38 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2022-04-15 11:45 - 2022-02-07 10:50 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-04-15 08:38 - 2022-02-07 10:41 - 000000000 ___HD C:\Program Files\WindowsApps
2022-04-15 08:38 - 2022-02-07 10:41 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-04-15 06:48 - 2022-02-07 11:41 - 000002254 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-04-14 18:24 - 2022-02-07 12:39 - 000000000 ____D C:\Users\fugat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GameCenter
2022-04-14 14:52 - 2022-02-07 11:15 - 000000000 ____D C:\WINDOWS\system32\Tasks\McAfeeTsk
2022-04-13 19:13 - 2019-12-07 11:14 - 000000652 _____ C:\WINDOWS\win.ini
2022-04-13 18:59 - 2022-02-07 10:41 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2022-04-13 17:38 - 2022-02-07 10:50 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-04-13 14:37 - 2022-02-07 10:49 - 000624032 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-04-13 14:36 - 2022-02-07 13:07 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-04-13 14:36 - 2022-02-07 10:41 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-04-13 14:36 - 2022-02-07 10:41 - 000000000 ____D C:\WINDOWS\SysWOW64\vi-VN
2022-04-13 14:36 - 2022-02-07 10:41 - 000000000 ____D C:\WINDOWS\SysWOW64\eu-ES
2022-04-13 14:36 - 2022-02-07 10:41 - 000000000 ____D C:\WINDOWS\SystemResources
2022-04-13 14:36 - 2022-02-07 10:41 - 000000000 ____D C:\WINDOWS\system32\vi-VN
2022-04-13 14:36 - 2022-02-07 10:41 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-04-13 14:36 - 2022-02-07 10:41 - 000000000 ____D C:\WINDOWS\system32\eu-ES
2022-04-13 14:36 - 2022-02-07 10:41 - 000000000 ____D C:\WINDOWS\system32\appraiser
2022-04-13 14:36 - 2022-02-07 10:41 - 000000000 ____D C:\WINDOWS\ShellExperiences
2022-04-13 14:36 - 2022-02-07 10:41 - 000000000 ____D C:\WINDOWS\DiagTrack
2022-04-13 14:36 - 2022-02-07 10:41 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-04-13 11:24 - 2022-02-09 10:33 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-04-13 11:23 - 2022-02-09 10:33 - 143823848 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-04-13 11:04 - 2022-02-07 10:39 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-04-13 11:01 - 2022-02-07 10:52 - 003102208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-04-12 06:14 - 2022-02-07 10:50 - 000003366 _____ C:\WINDOWS\system32\Tasks\RtkAudUService64_BG
2022-04-08 07:37 - 2022-02-07 11:44 - 002262504 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll
2022-04-08 07:37 - 2022-02-07 11:44 - 000353760 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll
2022-04-08 07:37 - 2022-02-07 11:44 - 000218600 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy.dll
2022-04-08 07:37 - 2022-02-07 11:44 - 000198112 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll
2022-04-08 07:37 - 2022-02-07 11:44 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll
2022-04-08 07:37 - 2022-02-07 11:44 - 000120296 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamelaunchhelper.dll
2022-04-08 07:37 - 2022-02-07 11:44 - 000062952 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamemodcontrol.exe
2022-04-08 07:04 - 2022-02-07 10:50 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2022-04-08 06:14 - 2022-02-07 19:06 - 000002071 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk
2022-04-07 17:02 - 2022-02-07 11:29 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-518073881-1826240890-1261379532-1001
2022-04-07 17:02 - 2022-02-07 11:29 - 000003354 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-518073881-1826240890-1261379532-1001
2022-04-07 17:02 - 2022-02-07 11:29 - 000002384 _____ C:\Users\fugat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-04-07 08:01 - 2022-02-09 10:33 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2022-04-06 19:20 - 2022-02-07 11:44 - 000000000 ____D C:\WINDOWS\system32\Tasks\Hewlett-Packard
2022-04-06 18:07 - 2022-02-07 15:00 - 024538344 _____ (My.com B.V.) C:\WINDOWS\system32\mracsvc.exe
2022-04-06 18:07 - 2022-02-07 15:00 - 023774760 _____ (My.com B.V.) C:\WINDOWS\system32\Drivers\mracdrv1.sys
2022-04-06 06:32 - 2022-02-07 10:50 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-04-06 06:32 - 2022-02-07 10:50 - 000003460 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-04-03 09:05 - 2022-02-07 12:03 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2022-04-03 09:05 - 2022-02-07 10:38 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2022-03-28 06:53 - 2022-02-08 07:19 - 000000000 ____D C:\Users\fugat\AppData\Local\HP_Inc
2022-03-23 20:56 - 2022-02-09 10:33 - 000509296 _____ (Microsoft Corporation) C:\WINDOWS\system32\QualityUpdateAssistant.dll
2022-03-23 20:56 - 2022-02-09 10:33 - 000492912 _____ (Microsoft Corporation) C:\WINDOWS\system32\sedplugins.dll
2022-03-22 15:15 - 2022-02-07 20:15 - 000000000 ____D C:\Program Files\HPPrintScanDoctor
2022-03-22 15:13 - 2022-02-07 11:27 - 000000000 ____D C:\WINDOWS\system32\Tasks\HP
2022-03-20 20:30 - 2022-02-07 11:19 - 000000000 ____D C:\Users\fugat

==================== Files in the root of some directories ========

2022-02-07 18:12 - 2022-02-07 18:12 - 000058111 _____ () C:\Program Files (x86)\CMS Setup Log.txt

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================