prosím o kontrolu logu - nejspíš havěť HackToolWin32/AutoKMS

[Antusek]

Dobrý večer,
právě se mi asi dostala do PC nějaká havět. Začalo to tak, že se aktualizoval antivirus Avira. Pak se smrštil deštník v ikonce a oznámil program Windows Defender, že ochrana je vypnutá. Po zapnutí to ohlásilo hrozbu

Defender ohlásil hrozbu 12.07.2022.jpg (49.09 KiB) Zobrazeno 992 x

a po odstranění to ohlásilo, že se hrozba nepodařila úplně odstranit. V Aviře nejde rozvinout deštník (ochrana v reálném čase nejde zapnout). ještě předtím než se objevila hrozba jsem restartoval PC, jestli se ochrana v Aviře zapne. Nezapne. Defender hlásí hrozbu či pochvíli, že žádná není.
Prosím o kontrolu, zdali tam není nějaká havěť či i něco jiného. Také mě při vkládání příspěvků na net do jedné diskuze zlobí obrázková kapča a nechce mě pustit, že se odesílá z mého PC mnoho dotazů (již se tu dříve řešilo, že to není u mě). Když ty stránky pustím přes online proxy, tak tam mě kapča pustí.
Moc děkuji za vyřešení a odstranění havěti, než to něco napáchá. Posílám logy s FRST a díky za další rady.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 11-07-2022
Ran by Admin (administrator) on DESKTOP-1U0LM3C (12-07-2022 21:36:58)
Running from D:\Aviry
Loaded Profiles: Admin
Platform: Microsoft Windows 10 Home Version 21H1 19043.1766 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe <2>
(C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe ->) (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe ->) (Hewlett Packard -> Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCopyAccelerator.exe
(D:\Aviry\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) D:\Aviry\Malwarebytes\Anti-Malware\mbamtray.exe
(explorer.exe ->) (Corel Corporation -> WinZip Computing) D:\Archivace\WinZip\WzPreloader.exe
(explorer.exe ->) (Hewlett Packard -> Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Office14\ONENOTEM.EXE
(Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) D:\Aviry\CheckPoint\ZoneAlarm\zatray.exe
(Piriform Software Ltd -> Piriform Software Ltd) D:\Aviry\CCleaner\CCleaner64.exe
(RealNetworks, Inc. -> RealNetworks, Inc.) D:\Prográmky\RealPlayer\Update\realsched.exe
(services.exe ->) (ABBYY Production LLC -> ABBYY Production LLC) C:\Program Files (x86)\Common Files\ABBYY\FineReader\15\Licensing\NetworkLicenseServer.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(services.exe ->) (Adobe Systems Incorporated -> Adobe Systems Incorporated) D:\Fotoeditory\Adobe Photoshop Elements 11\Elements 10 Organizer\PhotoshopElementsFileAgent.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ) C:\Windows\System32\AsusUpdateCheck.exe
(services.exe ->) (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe
(services.exe ->) (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe
(services.exe ->) (Avira Operations GmbH -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe
(services.exe ->) (geek software GmbH -> geek software GmbH) D:\Prográmky\PDF24\pdf24.exe <2>
(services.exe ->) (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ICM\ICM-Service-NET.exe
(services.exe ->) (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) D:\Aviry\CheckPoint\ZoneAlarm\vsmon.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) D:\Aviry\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\NisSrv.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe <2>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (pdfforge GmbH -> pdfforge GmbH) C:\Program Files\PDF Architect 7\updater-ws.exe
(services.exe ->) (pdfforge GmbH -> pdfforge GmbH) C:\Program Files\PDF Architect 7\ws.exe
(services.exe ->) (RealNetworks, Inc. -> RealNetworks, Inc.) D:\Prográmky\UpdateService\RealPlayerUpdateSvc.exe
(services.exe ->) (Softland SRL -> Microsoft) C:\Program Files\Softland\novaPDF 10\Server\novapdfs.exe
(svchost.exe ->) (Avira Operations GmbH -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Systray.Application.exe
(svchost.exe ->) (Hewlett Packard -> Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(svchost.exe ->) (Hewlett Packard -> Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_4.2204.13303.0_x64__8wekyb3d8bbwe\Cortana.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
Failed to access process -> SearchFilterHost.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3427104 2022-04-13] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3831808 2021-08-30] (Microsoft Windows Hardware Compatibility Publisher -> Logitech)
HKLM\...\Run: [PDF24] => D:\Prográmky\PDF24\pdf24.exe [587000 2022-01-05] (geek software GmbH -> geek software GmbH)
HKLM\...\Run: [] => [X]
HKLM-x32\...\Run: [ZoneAlarm] => D:\Aviry\CheckPoint\ZoneAlarm\zatray.exe [325856 2020-01-23] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2623032 2019-07-26] (Adobe Inc. -> Adobe Inc.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Office14\BCSSync.exe [91520 2010-01-21] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [TkBellExe] => d:\prográmky\realplayer\Update\realsched.exe [347560 2021-12-26] (RealNetworks, Inc. -> RealNetworks, Inc.)
HKLM-x32\...\Run: [Opera Browser Assistant] => C:\Program Files (x86)\Opera\assistant\browser_assistant.exe [4124416 2022-05-17] (Opera Software AS -> Opera Software)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-722231672-965411127-3486821242-1001\...\Run: [CCleaner Smart Cleaning] => D:\Aviry\CCleaner\CCleaner64.exe [36976728 2022-06-14] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-722231672-965411127-3486821242-1001\...\Run: [] => [X]
HKU\S-1-5-21-722231672-965411127-3486821242-1001\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-722231672-965411127-3486821242-1001\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Admin\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-722231672-965411127-3486821242-1001\...\RunOnce: [Uninstall 22.121.0605.0002] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Admin\AppData\Local\Microsoft\OneDrive\22.121.0605.0002" (No File)
HKLM\...\Windows x64\Print Processors\hpzppw71: C:\Windows\System32\spool\prtprocs\x64\hpzppw71.dll [239704 2017-12-18] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\novaPDF 10 Port Monitor: C:\WINDOWS\system32\novamn10.dll [18944 2020-10-19] (Softland) [File not signed]
HKLM\...\Print\Monitors\PCL hpz3lw71: C:\WINDOWS\system32\hpz3lw71.dll [55392 2017-12-18] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\PDF Architect 7 Monitor: C:\Windows\system32\spool\DRIVERS\x64\pdf architect_pdfpmon_v.4.12.26.3.dll [932984 2019-11-26] (PDF Tools AG -> PDF Tools AG (hxxp://www.pdf-tools.com))
HKLM\...\Print\Monitors\PDF-XChange5-ABBYY: C:\Windows\system32\pxc50pma.dll [58936 2014-11-13] (Tracker Software Products (Canada) Ltd -> Tracker Software Products (Canada) Ltd.)
HKLM\...\Print\Monitors\PDF-XChange5-ABBYY-FR15: C:\WINDOWS\system32\pxc50pmaf15.dll [57328 2018-12-04] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\103.0.5060.114\Installer\chrmstp.exe [2022-07-05] (Google LLC -> Google LLC)
Startup: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Avira.lnk [2020-02-02]
ShortcutTarget: Avira.lnk -> C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe (Avira Operations GmbH -> Avira Operations GmbH & Co. KG)
Startup: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk [2022-05-13]
ShortcutTarget: Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk -> C:\Program Files (x86)\Office14\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Acrobat Assistant.lnk [2020-01-31]
ShortcutTarget: Acrobat Assistant.lnk -> D:\Programy\Adobe\Adobe Acrobat Distiller 5.0\Distillr\AcroTray.exe (Adobe Systems Inc.) [File not signed]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2019-11-26]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett Packard -> Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Preloader.lnk [2020-08-11]
ShortcutTarget: WinZip Preloader.lnk -> D:\Archivace\WinZip\WzPreloader.exe (Corel Corporation -> WinZip Computing)
GroupPolicy-Firefox-x32: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {03F66930-921F-40EC-BA4E-3C1562247B55} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-07-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {0A523097-1FE5-4E21-A46F-8CEF940D2FD3} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe do-task "E7CF176E110C211B"
Task: {0C3F0ED1-2C1F-42EA-AECE-130E4BEA6A04} - System32\Tasks\doPDF 10 Telemetry => C:\Program Files\Softland\novaPDF 10\Driver\GoogleAnalytics.exe [51504 2020-10-19] (Softland SRL -> )
Task: {17547B1C-0FF7-4276-9950-7093AF26FEEC} - System32\Tasks\Mozilla\Firefox Background Update E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E7CF176E110C211B\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {1767C569-45CE-4407-9244-E7425723C769} - System32\Tasks\Avira_Security_Systray => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Systray.Application.exe [1642080 2022-07-11] (Avira Operations GmbH -> Avira Operations GmbH & Co. KG)
Task: {2DA4E14C-06DD-498D-8217-4755502737E1} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-722231672-965411127-3486821242-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe [128240 2016-02-03] (RealNetworks, Inc. -> RealNetworks, Inc.)
Task: {30515FA6-F9ED-44C5-8EFA-8506DAE5A0F2} - System32\Tasks\AdobeAAMUpdater-1.0-DESKTOP-1U0LM3C-Admin => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {511EA8A4-F686-4EB2-BDE1-889A1A750FBF} - System32\Tasks\AviraSystemSpeedupVerify => C:\Program Files (x86)\Avira\System Speedup\setup\avira_speedup_setup.exe [32819448 2022-07-10] (Avira Operations GmbH -> Avira Operations GmbH & Co. KG)
Task: {5C7D46B2-904D-45BE-B1F4-EB846B4E9264} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-18] (Adobe Inc. -> Adobe Inc.)
Task: {67A9F288-EB9B-4B09-886C-2DE3B1B1701B} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-722231672-965411127-3486821242-1001 => D:\prográmky\realplayer\RealUpgrade.exe [129960 2021-12-26] (RealNetworks, Inc. -> RealNetworks, Inc.)
Task: {6E2CF984-2BBD-462A-B1A6-B86BD1DBBC32} - \WinZip Update Notifier 3 -> No File <==== ATTENTION
Task: {6EDF3FF7-6C4F-4B3D-AF10-6422F4969E33} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-07-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {73D6DECF-82F9-4D6A-9866-C7FD33DD1FD9} - System32\Tasks\Avira_Security_Update => C:\WINDOWS\system32\net.exe [59904 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
Task: {8535C168-1B7B-4928-8996-AF503FDD848C} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3427104 2022-04-13] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {9038B369-BC18-4750-915A-B3397AABABBB} - System32\Tasks\GoogleUpdateTaskMachineUA{33399356-FF1B-407B-B2C7-9039A1A671CC} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2019-11-26] (Google Inc -> Google Inc.)
Task: {90527A75-5A94-4DE8-B113-61468F2FE640} - System32\Tasks\Avira_Security_Service_SCM_Watchdog => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe [258472 2022-07-11] (Avira Operations GmbH -> Avira Operations GmbH & Co. KG)
Task: {92497EB4-6737-48B2-95AD-E156D36299A7} - \Opera scheduled assistant Autoupdate 1580117963 -> No File <==== ATTENTION
Task: {9D9147FE-E3A9-4DA6-9467-97B7F4A01A0B} - \WinZip Update Notifier 2 -> No File <==== ATTENTION
Task: {A9B5C750-A8A6-46C0-887B-D224DD94FD74} - \WinZip Update Notifier 1 -> No File <==== ATTENTION
Task: {AA1FA4E2-3217-4122-A7F7-D670ADBDE0EC} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-722231672-965411127-3486821242-1001 => D:\prográmky\realplayer\RealUpgrade.exe [129960 2021-12-26] (RealNetworks, Inc. -> RealNetworks, Inc.)
Task: {AB4BA52F-AA88-4525-B03B-3961F55DA06B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-07-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {AE81ECE4-B75D-4D6A-A35C-13A9145C60FA} - System32\Tasks\CCleaner Update => D:\Aviry\CCleaner\CCUpdate.exe [619416 2022-06-20] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {BB9C4A9E-8903-42A2-9BCF-77E08E69BE01} - System32\Tasks\klcp_update => D:\Prográmky\K-Lite Codec Pack\Tools\CodecTweakTool.exe [1907712 2021-04-12] () [File not signed]
Task: {C058F360-D1E7-4B0B-817D-F6E7783E7B0F} - System32\Tasks\RealDownloader Update Check => d:\prográmky\realplayer\downloader2.exe [1167784 2021-12-26] (RealNetworks, Inc. -> )
Task: {D2C135A4-E491-469B-9EE5-8BBB500E2731} - System32\Tasks\CCleanerSkipUAC - Admin => D:\Aviry\CCleaner\CCleaner.exe [31027800 2022-06-14] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {DD4DDD5E-C15D-41A6-BFE2-8EBFC70439DC} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-722231672-965411127-3486821242-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe [128240 2016-02-03] (RealNetworks, Inc. -> RealNetworks, Inc.)
Task: {E1B24382-9B57-4CF1-A9FC-35640CD458F6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-07-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E948ECFF-5A89-46DA-AE8D-EFA7EF4E35F1} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {EB2B61BF-C3A2-4F58-B725-387972CD7149} - System32\Tasks\doPDF 10 Update => C:\Program Files\Softland\novaPDF 10\Driver\UpdateApplication.exe [98096 2020-10-19] (Softland SRL -> )
Task: {F5EE3308-2C52-4889-8A23-7E05F950FFF5} - System32\Tasks\GoogleUpdateTaskMachineCore{97283C65-2A48-44CD-A7A1-B696E3021AB5} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2019-11-26] (Google Inc -> Google Inc.)
Task: {FF448796-7A7C-4542-85B6-2F9FEA8EE654} - System32\Tasks\Opera scheduled Autoupdate 1574800406 => C:\Program Files (x86)\Opera\launcher.exe [1888240 2022-07-05] (Opera Norway AS -> Opera Software)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: [S-1-5-21-722231672-965411127-3486821242-1001] => http=;ftp=;https=;
Tcpip\Parameters: [DhcpNameServer] 31.30.90.11 31.30.90.12
Tcpip\..\Interfaces\{2344692f-c41b-4ac7-9c50-43b9fc907f50}: [DhcpNameServer] 31.30.90.11 31.30.90.12

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default [2022-07-12]
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-07-06]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

FireFox:
========
FF DefaultProfile: 2i1040qs.default-1582311638745
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\u4mgi7h5.default-release [2022-07-12]
FF Homepage: Mozilla\Firefox\Profiles\u4mgi7h5.default-release -> about:home
FF NewTab: Mozilla\Firefox\Profiles\u4mgi7h5.default-release -> about:newtab
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2i1040qs.default-1582311638745 [2022-07-12]
FF NewTab: Mozilla\Firefox\Profiles\2i1040qs.default-1582311638745 -> about:newtab
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.10 -> D:\Prográmky\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> D:\Prográmky\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> D:\Prográmky\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.14 -> D:\Prográmky\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> D:\Prográmky\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> D:\Prográmky\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2022-07-05] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2019-07-26] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\Office14\NPSPWRAP.DLL [2010-01-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=20.0.7.309 -> d:\prográmky\realplayer\Netscape6\nppl3260.dll [2021-12-26] (RealNetworks, Inc. -> RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=20.0.7.309 -> d:\prográmky\realplayer\Netscape6\nprpplugin.dll [2021-12-26] (RealNetworks, Inc. -> RealPlayer)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2019-07-26] (Adobe Inc. -> Adobe Systems)

Chrome:
=======
CHR DefaultProfile: Profile 6
CHR Profile: C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Guest Profile [2022-07-12]
CHR Profile: C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 6 [2022-07-12]
CHR Extension: (uBlock Origin) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2022-06-22]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-06-03]
CHR Profile: C:\Users\Admin\AppData\Local\Google\Chrome\User Data\System Profile [2022-07-12]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

Opera:
=======
OPR Profile: C:\Users\Admin\AppData\Roaming\Opera Software\Opera Stable [2022-07-12]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=o ... utEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\Admin\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2022-07-01]
OPR Extension: (Opera Crypto Wallet) - C:\Users\Admin\AppData\Roaming\Opera Software\Opera Stable\Extensions\gojhcdgcpbpfigcaejpfhfegekdgiblk [2022-07-12]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\Admin\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2021-08-15]
OPR Extension: (uBlock Origin) - C:\Users\Admin\AppData\Roaming\Opera Software\Opera Stable\Extensions\kccohkcpppjjkkjppopfnflnebibpida [2022-07-01]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ABBYY.Licensing.FineReader.15.0; C:\Program Files (x86)\Common Files\ABBYY\FineReader\15\Licensing\NetworkLicenseServer.exe [1058032 2019-07-29] (ABBYY Production LLC -> ABBYY Production LLC)
S2 ABBYY.Licensing.PDFTransformer.Classic.4.0; D:\Programy\ABBYY PDF Transformer+\NetworkLicenseServer.exe [962256 2014-12-02] (ABBYY Production LLC -> ABBYY Production LLC)
R2 AdobeActiveFileMonitor10.0; D:\Fotoeditory\Adobe Photoshop Elements 11\Elements 10 Organizer\PhotoshopElementsFileAgent.exe [169624 2011-09-14] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-18] (Adobe Inc. -> Adobe Inc.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [816184 2019-07-26] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3815712 2022-04-13] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3580200 2022-04-13] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AsusUpdateCheck; C:\WINDOWS\System32\AsusUpdateCheck.exe [768408 2022-07-12] (ASUSTeK Computer Inc. -> )
R2 AviraOptimizerHost; C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe [3000608 2022-03-25] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraPhantomVPN; C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe [386864 2022-03-30] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraSecurity; C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe [264400 2022-07-11] (Avira Operations GmbH -> Avira Operations GmbH & Co. KG)
S2 AviraSecurityUpdater; C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Common.Updater.exe [284136 2022-07-11] (Avira Operations GmbH -> Avira Operations GmbH & Co. KG)
S3 CCleanerPerformanceOptimizerService; D:\Aviry\CCleaner\CCleanerPerformanceOptimizerService.exe [1081432 2022-06-14] (Piriform Software Ltd -> )
S2 EndpointProtectionService; C:\Program Files\Avira\Endpoint Protection SDK\endpointprotection.exe [8445968 2022-06-30] (Avira Operations GmbH -> Avira Operations GmbH)
S3 EndpointProtectionService2; C:\Program Files\Avira\Endpoint Protection SDK\endpointprotection.exe [8445968 2022-06-30] (Avira Operations GmbH -> Avira Operations GmbH)
R2 MBAMService; D:\Aviry\Malwarebytes\Anti-Malware\MBAMService.exe [8677120 2022-06-21] (Malwarebytes Inc. -> Malwarebytes)
S3 Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Office14\GROOVE.EXE [30963576 2010-01-21] (Microsoft Corporation -> Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 NovaPdf10Server; C:\Program Files\Softland\novaPDF 10\Server\novapdfs.exe [52528 2020-10-19] (Softland SRL -> Microsoft)
R3 PDF Architect 7; C:\Program Files\PDF Architect 7\ws.exe [2579752 2019-10-07] (pdfforge GmbH -> pdfforge GmbH)
S3 PDF Architect 7 Creator; C:\Program Files\PDF Architect 7\creator\common\creator-ws.exe [692008 2019-10-07] (pdfforge GmbH -> pdfforge GmbH)
R2 PDF Architect 7 Update Service; C:\Program Files\PDF Architect 7\updater-ws.exe [1832232 2019-10-07] (pdfforge GmbH -> pdfforge GmbH)
R2 PDF24; D:\Prográmky\PDF24\pdf24.exe [587000 2022-01-05] (geek software GmbH -> geek software GmbH)
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 RealPlayerUpdateSvc; D:\prográmky\UpdateService\RealPlayerUpdateSvc.exe [38856 2021-12-04] (RealNetworks, Inc. -> RealNetworks, Inc.)
S2 RealTimes Desktop Service; d:\prográmky\realplayer\RPDS\Bin\rpdsvc.exe [991176 2021-12-26] (RealNetworks, Inc. -> RealNetworks, Inc.)
R2 vsmon; D:\Aviry\CheckPoint\ZoneAlarm\vsmon.exe [4528344 2020-01-21] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2205.7-0\NisSrv.exe [3120992 2022-07-12] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2205.7-0\MsMpEng.exe [133544 2022-07-12] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 ZA NET ICM Service; C:\Program Files (x86)\CheckPoint\ICM\ICM-Service-NET.exe [42208 2020-03-13] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
S3 ZAPrivacyService; D:\Aviry\CheckPoint\ZoneAlarm\ZaPrivacyService.exe [114936 2020-01-21] (Check Point Software Technologies Ltd. -> Check Point Software Technologies, Ltd.)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 BdSentry; C:\WINDOWS\System32\DRIVERS\BdSentry.sys [230520 2022-06-21] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [160376 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223176 2022-07-12] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2022-05-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2022-07-12] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R1 netprotection_network_filter; C:\WINDOWS\System32\drivers\netprotection_network_filter.sys [100128 2022-06-15] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S0 rtp_elam; C:\WINDOWS\System32\DRIVERS\rtp_elam.sys [24024 2022-06-30] (Microsoft Windows Early Launch Anti-malware Publisher -> Avira Operations GmbH)
R2 rtp_filesystem_filter; C:\WINDOWS\System32\DRIVERS\rtp_filesystem_filter.sys [202584 2022-06-30] (Avira Operations GmbH -> Avira Operations GmbH)
R1 rtp_process_monitor; C:\WINDOWS\system32\DRIVERS\rtp_process_monitor.sys [193304 2022-06-30] (Avira Operations GmbH -> Avira Operations GmbH)
R1 rtp_traverse; C:\WINDOWS\system32\DRIVERS\rtp_traverse.sys [47560 2022-06-30] (Avira Operations GmbH -> Avira Operations GmbH)
R1 Vsdatant; C:\WINDOWS\system32\DRIVERS\vsdatant.sys [461240 2019-07-25] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49576 2022-07-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [452856 2022-07-12] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [91384 2022-07-12] (Microsoft Windows -> Microsoft Corporation)
U3 iswSvc; no ImagePath
S3 netprotection_network_filter2; System32\drivers\netprotection_network_filter2.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-07-12 21:25 - 2022-07-12 21:25 - 000239544 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2022-07-12 21:25 - 2022-07-12 21:25 - 000223176 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2022-07-12 19:05 - 2022-07-12 21:11 - 001299432 _____ C:\WINDOWS\system32\rtp.db
2022-07-12 19:05 - 2022-07-12 19:05 - 000000000 ____D C:\Program Files\Avira
2022-07-12 19:05 - 2022-06-30 11:17 - 000202584 _____ (Avira Operations GmbH) C:\WINDOWS\system32\Drivers\rtp_filesystem_filter.sys
2022-07-12 19:05 - 2022-06-30 11:17 - 000193304 _____ (Avira Operations GmbH) C:\WINDOWS\system32\Drivers\rtp_process_monitor.sys
2022-07-12 19:05 - 2022-06-30 11:17 - 000047560 _____ (Avira Operations GmbH) C:\WINDOWS\system32\Drivers\rtp_traverse.sys
2022-07-12 19:05 - 2022-06-30 11:17 - 000024024 _____ (Avira Operations GmbH) C:\WINDOWS\system32\Drivers\rtp_elam.sys
2022-07-12 19:05 - 2022-06-21 17:57 - 000230520 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\BdSentry.sys
2022-07-12 19:05 - 2022-06-15 09:28 - 000100128 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\netprotection_network_filter.sys
2022-07-12 19:04 - 2022-07-12 19:04 - 000003428 _____ C:\WINDOWS\system32\Tasks\Avira_Security_Service_SCM_Watchdog
2022-07-12 19:04 - 2022-07-12 19:04 - 000000000 ____D C:\WINDOWS\SysWOW64\ncp
2022-07-10 15:00 - 2022-07-10 15:00 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avira
2022-07-10 01:02 - 2022-07-12 21:14 - 000000000 ____D C:\Users\Public\Security Sessions
2022-07-10 01:02 - 2022-07-10 15:01 - 000000000 ____D C:\Users\Admin\AppData\Local\Avira
2022-07-10 01:01 - 2022-07-10 01:01 - 000002818 _____ C:\WINDOWS\system32\Tasks\Avira_Security_Systray
2022-07-10 01:01 - 2022-07-10 01:01 - 000000000 ____D C:\WINDOWS\SysWOW64\statReporter
2022-07-10 01:00 - 2022-07-12 21:12 - 000000000 ____D C:\Users\Public\Speedup Sessions
2022-07-10 01:00 - 2022-07-12 19:04 - 000003474 _____ C:\WINDOWS\system32\Tasks\Avira_Security_Update
2022-07-10 01:00 - 2022-07-10 01:00 - 000003788 _____ C:\WINDOWS\system32\Tasks\AviraSystemSpeedupVerify
2022-07-09 23:05 - 2022-07-12 19:04 - 000001078 _____ C:\Users\Public\Desktop\Avira_.lnk
2022-07-06 20:24 - 2022-07-12 21:12 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2022-07-03 14:15 - 2022-07-12 21:12 - 000078848 _____ C:\WINDOWS\KMSEmulator.exe
2022-06-29 19:48 - 2022-06-29 19:48 - 000000000 ____D C:\Users\Admin\.ms-ad
2022-06-22 00:02 - 2022-06-22 00:02 - 000012371 _____ C:\Users\Admin\Documents\Zakončení cvičebního roku v T.J. Sokol Pražský 21.06.2022.wlmp
2022-06-21 16:38 - 2022-06-21 16:38 - 000104448 _____ C:\WINDOWS\system32\nettraceex.dll
2022-06-21 16:37 - 2022-06-21 16:37 - 002260480 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2022-06-21 16:37 - 2022-06-21 16:37 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2022-06-21 16:37 - 2022-06-21 16:37 - 000232288 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2022-06-21 16:37 - 2022-06-21 16:37 - 000011787 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-06-21 16:30 - 2022-06-21 16:30 - 000000000 ___HD C:\$WinREAgent
2022-06-19 13:04 - 2022-06-19 13:04 - 000695079 _____ C:\Users\Admin\Downloads\Léčivé ovoce a zelenina jp.pdf
2022-06-13 11:05 - 2022-06-13 13:09 - 000121946 _____ C:\Users\Admin\Documents\Sokolské Brno 2022.wlmp

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-07-12 21:37 - 2020-02-14 19:00 - 000000000 ____D C:\FRST
2022-07-12 21:31 - 2022-02-08 18:57 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2022-07-12 21:31 - 2019-11-27 02:56 - 000000000 ____D C:\Users\Admin\AppData\LocalLow\Mozilla
2022-07-12 21:25 - 2021-12-12 14:10 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2022-07-12 21:25 - 2021-12-12 14:10 - 000002061 _____ C:\Users\Public\Desktop\Adobe Acrobat DC.lnk
2022-07-12 21:25 - 2020-11-06 00:16 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2022-07-12 21:24 - 2019-11-20 20:04 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2022-07-12 21:19 - 2020-11-06 00:18 - 001693136 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-07-12 21:19 - 2019-12-07 16:41 - 000716764 _____ C:\WINDOWS\system32\perfh005.dat
2022-07-12 21:19 - 2019-12-07 16:41 - 000144942 _____ C:\WINDOWS\system32\perfc005.dat
2022-07-12 21:19 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2022-07-12 21:18 - 2020-04-28 22:25 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2022-07-12 21:15 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-07-12 21:15 - 2019-11-26 22:30 - 000000000 ____D C:\Program Files (x86)\Google
2022-07-12 21:15 - 2019-11-26 21:07 - 000803176 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2022-07-12 21:13 - 2021-12-11 00:41 - 000003584 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-722231672-965411127-3486821242-1001
2022-07-12 21:13 - 2020-11-06 00:16 - 000003376 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-722231672-965411127-3486821242-1001
2022-07-12 21:13 - 2020-11-06 00:10 - 000002377 _____ C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-07-12 21:13 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-07-12 21:12 - 2021-12-26 19:07 - 000003556 _____ C:\WINDOWS\system32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-722231672-965411127-3486821242-1001
2022-07-12 21:12 - 2021-12-26 19:07 - 000003492 _____ C:\WINDOWS\system32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-722231672-965411127-3486821242-1001
2022-07-12 21:12 - 2020-11-06 00:16 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-07-12 21:12 - 2020-11-06 00:09 - 000783584 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-07-12 21:12 - 2020-11-06 00:09 - 000008192 ___SH C:\DumpStack.log.tmp
2022-07-12 21:12 - 2019-11-26 22:34 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-07-12 21:12 - 2019-11-26 22:33 - 000000000 ____D C:\Program Files (x86)\Opera
2022-07-12 21:12 - 2019-11-20 20:04 - 000807280 _____ C:\WINDOWS\system32\wpbbin.exe
2022-07-12 21:12 - 2019-11-20 20:04 - 000768408 _____ C:\WINDOWS\system32\AsusUpdateCheck.exe
2022-07-12 21:12 - 2019-11-20 13:12 - 000000000 ____D C:\ProgramData\NVIDIA
2022-07-12 21:11 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2022-07-12 20:12 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2022-07-12 20:12 - 2019-11-26 21:17 - 000000000 ____D C:\ProgramData\Avira
2022-07-12 19:04 - 2019-11-26 21:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2022-07-12 16:44 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-07-12 15:50 - 2020-02-05 20:20 - 000000000 ____D C:\Users\Admin\AppData\Roaming\vlc
2022-07-12 00:48 - 2019-11-27 02:03 - 000000000 ____D C:\Users\Admin\AppData\Local\CrashDumps
2022-07-10 19:25 - 2019-11-26 22:47 - 000000000 ____D C:\Users\Admin\AppData\Local\Adobe
2022-07-10 01:00 - 2019-11-26 21:17 - 000000000 ____D C:\Program Files (x86)\Avira
2022-07-09 23:05 - 2022-02-01 16:51 - 000000000 ____D C:\ProgramData\Package Cache
2022-07-09 20:42 - 2020-11-06 00:09 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-07-08 14:34 - 2020-06-14 19:30 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-07-08 14:34 - 2020-06-14 19:30 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2022-07-07 18:59 - 2020-11-06 00:16 - 000003970 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1574800406
2022-07-07 18:59 - 2019-11-26 22:33 - 000001155 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2022-07-06 22:05 - 2021-10-10 21:31 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2022-07-06 22:04 - 2019-11-26 22:34 - 000001228 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2022-07-05 21:15 - 2019-11-26 22:30 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-07-05 21:15 - 2019-11-26 22:30 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-07-03 14:15 - 2020-08-25 00:24 - 000000184 _____ C:\WINDOWS\AutoKMS.ini
2022-07-03 13:44 - 2020-11-06 00:16 - 000004194 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2022-07-01 19:15 - 2021-12-27 22:19 - 000000000 ____D C:\Users\Admin\.cache
2022-06-30 19:34 - 2021-12-19 02:46 - 000000000 ____D C:\WINDOWS\SystemTemp
2022-06-29 19:48 - 2020-11-06 00:10 - 000000000 ____D C:\Users\Admin
2022-06-22 23:13 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-06-22 23:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2022-06-22 23:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2022-06-22 23:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2022-06-22 23:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2022-06-22 23:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-06-22 23:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-06-22 23:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2022-06-22 23:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-06-22 23:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2022-06-22 23:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2022-06-22 23:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2022-06-22 23:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2022-06-22 23:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-06-22 23:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\DDFs
2022-06-22 23:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-06-22 23:13 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\servicing
2022-06-21 23:37 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-06-21 16:37 - 2020-11-06 00:11 - 002877952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-06-21 16:30 - 2019-11-26 21:09 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-06-21 16:28 - 2019-11-26 21:09 - 145918784 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-06-19 16:36 - 2020-06-07 14:04 - 000158640 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys

==================== Files in the root of some directories ========

2022-05-22 12:37 - 2022-05-22 12:38 - 000004608 _____ () C:\Users\Admin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2022-01-29 16:59 - 2022-01-29 16:59 - 000000000 _____ () C:\Users\Admin\AppData\Local\oobelibMkey.log

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-07-2022
Ran by Admin (12-07-2022 21:39:34)
Running from D:\Aviry
Microsoft Windows 10 Home Version 21H1 19043.1766 (X64) (2020-11-05 22:16:13)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Admin (S-1-5-21-722231672-965411127-3486821242-1001 - Administrator - Enabled) => C:\Users\Admin
Administrator (S-1-5-21-722231672-965411127-3486821242-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-722231672-965411127-3486821242-503 - Limited - Disabled)
Guest (S-1-5-21-722231672-965411127-3486821242-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-722231672-965411127-3486821242-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avira Security (Enabled - Up to date) {76C0BF9F-9FD3-D249-DE2F-7A33A59B9258}
FW: ZoneAlarm Free Firewall Firewall (Enabled) {217C3BCF-3FBD-7C30-A427-2D11E16F3BEB}
FW: ZoneAlarm Free Firewall Firewall (Disabled) {8D637332-9C08-995E-98D7-8237936B0E9F}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (HKLM\...\{FF21C3E6-97FD-474F-9518-8DCBE94C2854}) (Version: 7.2.8 - Hewlett-Packard) Hidden
7-Zip 19.01 alpha (x64) (HKLM\...\7-Zip) (Version: 19.01 alpha - Igor Pavlov)
A Sharper Scaling version 1.2 (HKLM-x32\...\{7CFADE53-9599-48C5-9FE3-689E56C1D96B}_is1) (Version: 1.2 - )
ABBYY FineReader 15 (HKLM\...\{F15000FE-0001-6400-0000-074957833700}) (Version: 15.0.1496 - ABBYY Production LLC)
ABBYY PDF Transformer+ (HKLM\...\{FA400000-0001-6400-0000-074957833700}) (Version: 4.2.186 - ABBYY Production LLC)
Adobe Acrobat 5.0 (HKLM-x32\...\Adobe Acrobat 5.0) (Version: 5.0 - Adobe Systems, Inc.)
Adobe Acrobat DC (64-bit) (HKLM\...\{AC76BA86-1029-1033-7760-BC15014EA700}) (Version: 22.001.20169 - Adobe)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.9.0.515 - Adobe Systems Incorporated)
Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version: 7.7.0.35 - Adobe Inc.)
Adobe PageMaker 7.0 (HKLM-x32\...\Adobe PageMaker 7.0) (Version: 7.0 - Adobe Systems, Inc.)
Adobe Photoshop Elements 10 (HKLM-x32\...\Adobe Photoshop Elements 10) (Version: 10.0 - Adobe Systems Incorporated)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-001824458876}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Avira (HKLM-x32\...\{0A659D39-DDCC-4793-BEA2-8D205284272B}) (Version: 1.2.162.7474 - Avira Operations GmbH & Co. KG) Hidden
Avira (HKLM-x32\...\{8ea07ae2-acd9-459e-8fc2-6f31ef667c9c}) (Version: 1.2.162.7474 - Avira Operations GmbH & Co. KG)
Avira Phantom VPN (HKLM-x32\...\Avira Phantom VPN) (Version: 2.41.1.25731 - Avira Operations GmbH & Co. KG)
Avira Security (HKLM-x32\...\Avira Security_is1) (Version: 1.1.69.29981 - Avira Operations GmbH & Co. KG)
Avira Security (HKLM-x32\...\AviraSecurityUninstaller) (Version: - Avira Operations GmbH & Co. KG)
Avira System Speedup (HKLM-x32\...\Avira System Speedup_is1) (Version: 6.19.0.11413 - Avira Operations GmbH & Co. KG)
BAHN 3.81r1 (HKLM-x32\...\BAHN381r1_is1) (Version: 3.81 - JBSS Chemnitz/Dresden)
calibre 64bit (HKLM\...\{6DB760DC-BEC5-4727-AA50-722D2881725E}) (Version: 5.9.0 - Kovid Goyal)
CameraHelperMsi (HKLM-x32\...\{15634701-BACE-4449-8B25-1567DA8C9FD3}) (Version: 13.51.815.0 - Logitech) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 6.01 - Piriform)
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
doPDF (HKLM\...\{3A2B5138-BDC2-4905-8683-0F416835A4FD}) (Version: 10.9.132 - Softland) Hidden
doPDF 10 add-in for Microsoft Office (x64) (HKLM\...\{064F8223-4848-4562-B77E-997C3E74E749}) (Version: 10.6.122 - Softland)
doPDF 10 add-in for Microsoft Office (x86) (HKLM-x32\...\{705BC7F6-DE19-4764-A8C2-0162DC824AB9}) (Version: 10.6.122 - Softland)
doPDF 10 Printer Driver (HKLM\...\{786E2F7E-E97D-46B7-A9B1-FDEF161F9FE0}) (Version: 10.9.132 - Softland)
Endpoint Protection SDK (HKLM\...\{68E1CCB4-4965-4713-BDEB-77F6D6C9BF9D}_is1) (Version: 1.0.2206.3019 - Avira Operations GmbH & Co. KG) Hidden
erLT (HKLM-x32\...\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}) (Version: 1.20.138.34 - Logitech, Inc.) Hidden
Fotogalerie (HKLM-x32\...\{F37D360D-9308-4BB1-8515-DC6B637B9486}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
FOTOLAB CEWE fotosvet (HKLM-x32\...\FOTOLAB CEWE fotosvet) (Version: 6.3.7 - CEWE Stiftung u Co. KGaA)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 103.0.5060.114 - Google LLC)
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Deskjet F4200 All-In-One Driver Software 14.0 Rel. 6 (HKLM\...\{8C925017-72A8-4C4A-AF21-84901E26638F}) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
K-Lite Mega Codec Pack 16.4.5 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 16.4.5 - KLCP)
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
LibreOffice 6.3.3.2 (HKLM\...\{4DACF7A7-C851-4943-A63D-3CAE495C48E0}) (Version: 6.3.3.2 - The Document Foundation)
Logitech Webcam Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.80 - Logitech Inc.)
LWS Facebook (HKLM-x32\...\{FF167195-9EE4-46C0-8CD7-FBA3457E88AB}) (Version: 13.50.854.0 - Logitech) Hidden
LWS Gallery (HKLM-x32\...\{6F76EC3C-34B1-436E-97FB-48C58D7BEDCD}) (Version: 13.51.827.0 - Logitech) Hidden
LWS Help_main (HKLM-x32\...\{1651216E-E7AD-4250-92A1-FB8ED61391C9}) (Version: 13.51.828.0 - Logitech) Hidden
LWS Launcher (HKLM-x32\...\{83C8FA3C-F4EA-46C4-8392-D3CE353738D6}) (Version: 13.51.828.0 - Logitech) Hidden
LWS Motion Detection (HKLM-x32\...\{71E66D3F-A009-44AB-8784-75E2819BA4BA}) (Version: 13.51.815.0 - Logitech) Hidden
LWS Pictures And Video (HKLM-x32\...\{08610298-29AE-445B-B37D-EFBE05802967}) (Version: 13.51.815.0 - Logitech) Hidden
LWS Twitter (HKLM-x32\...\{174A3B31-4C43-43DD-866F-73C9DB887B48}) (Version: 13.30.1346.0 - Logitech) Hidden
LWS Webcam Software (HKLM-x32\...\{8937D274-C281-42E4-8CDB-A0B2DF979189}) (Version: 13.51.815.0 - Logitech) Hidden
LWS WLM Plugin (HKLM-x32\...\{9DAEA76B-E50F-4272-A595-0124E826553D}) (Version: 1.30.1201.0 - Logitech) Hidden
LWS YouTube Plugin (HKLM-x32\...\{21DF0294-6B9D-4741-AB6F-B2ABFBD2387E}) (Version: 13.31.1038.0 - Logitech) Hidden
Malwarebytes version 4.5.10.200 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.10.200 - Malwarebytes)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 103.0.1264.49 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 103.0.1264.49 - Microsoft Corporation)
Microsoft Office Access MUI (Czech) 2010 (HKLM-x32\...\{90140000-0015-0405-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (English) 2010 (HKLM-x32\...\{90140000-0015-0409-0000-0000000FF1CE}) (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (HKLM-x32\...\{90140000-0117-0409-0000-0000000FF1CE}) (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (Czech) 2010 (HKLM-x32\...\{90140000-0016-0405-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (HKLM-x32\...\{90140000-0016-0409-0000-0000000FF1CE}) (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (Czech) 2010 (HKLM-x32\...\{90140000-00BA-0405-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (English) 2010 (HKLM-x32\...\{90140000-00BA-0409-0000-0000000FF1CE}) (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (Czech) 2010 (HKLM-x32\...\{90140000-0044-0405-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2010 (HKLM-x32\...\{90140000-0044-0409-0000-0000000FF1CE}) (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Language Pack 2010 - Czech/èeština (HKLM-x32\...\Office14.OMUI.cs-cz) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office O MUI (Czech) 2010 (HKLM-x32\...\{90140000-0100-0405-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (HKLM\...\{90140000-002A-0000-1000-0000000FF1CE}) (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (Czech) 2010 (HKLM-x32\...\{90140000-00A1-0405-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2010 (HKLM-x32\...\{90140000-00A1-0409-0000-0000000FF1CE}) (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0409-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook MUI (Czech) 2010 (HKLM-x32\...\{90140000-001A-0405-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2010 (HKLM-x32\...\{90140000-001A-0409-0000-0000000FF1CE}) (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (Czech) 2010 (HKLM-x32\...\{90140000-0018-0405-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (HKLM-x32\...\{90140000-0018-0409-0000-0000000FF1CE}) (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Edition 2003 (HKLM-x32\...\{90110405-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}) (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4734.1000 - Microsoft Corporation)
Microsoft Office Proof (Czech) 2010 (HKLM-x32\...\{90140000-001F-0405-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}) (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}) (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Slovak) 2010 (HKLM-x32\...\{90140000-001F-041B-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (HKLM-x32\...\{90140000-001F-0C0A-0000-0000000FF1CE}) (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Czech) 2010 (HKLM-x32\...\{90140000-002C-0405-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (HKLM-x32\...\{90140000-002C-0409-0000-0000000FF1CE}) (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (Czech) 2010 (HKLM-x32\...\{90140000-0019-0405-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (HKLM-x32\...\{90140000-0019-0409-0000-0000000FF1CE}) (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (Czech) 2010 (HKLM\...\{90140000-002A-0405-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2010 (HKLM\...\{90140000-002A-0409-1000-0000000FF1CE}) (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (HKLM\...\{90140000-0116-0409-1000-0000000FF1CE}) (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Czech) 2010 (HKLM-x32\...\{90140000-006E-0405-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (HKLM-x32\...\{90140000-006E-0409-0000-0000000FF1CE}) (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (HKLM-x32\...\{90140000-0115-0409-0000-0000000FF1CE}) (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office SharePoint Designer MUI (Czech) 2010 (HKLM-x32\...\{90140000-0017-0405-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (Czech) 2010 (HKLM-x32\...\{90140000-001B-0405-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2010 (HKLM-x32\...\{90140000-001B-0409-0000-0000000FF1CE}) (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office X MUI (Czech) 2010 (HKLM-x32\...\{90140000-0101-0405-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKU\S-1-5-21-722231672-965411127-3486821242-1001\...\OneDriveSetup.exe) (Version: 22.131.0619.0001 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{7B1FCD52-8F6B-4F12-A143-361EA39F5E7C}) (Version: 3.67.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40660 (HKLM\...\{5740BD44-B58D-321A-AFC0-6D3D4556DD6C}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40660 (HKLM\...\{CB0836EC-B072-368D-82B2-D3470BF95707}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40660 (HKLM-x32\...\{7DAD0258-515C-3DD4-8964-BD714199E0F7}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40660 (HKLM-x32\...\{E30D8B21-D82D-3211-82CC-0F0A5D1495E8}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2017 x64 Additional Runtime - 14.15.26706 (HKLM\...\{F106B700-BFF8-3065-B305-14D36AD40539}) (Version: 14.15.26706 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2017 x64 Minimum Runtime - 14.15.26706 (HKLM\...\{C77195A4-CEB8-38EE-BDD6-C46CB459EF6E}) (Version: 14.15.26706 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2017 x86 Additional Runtime - 14.15.26706 (HKLM-x32\...\{2757496A-3E74-320A-B007-36120A9F126D}) (Version: 14.15.26706 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2017 x86 Minimum Runtime - 14.15.26706 (HKLM-x32\...\{39E15475-23F2-345D-8977-B5DC47A94E26}) (Version: 14.15.26706 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\{9495AEB4-AB97-39DE-8C42-806EEF75ECA7}) (Version: 10.0.50908 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{3D2CF65C-B544-4308-B996-700D3E5F6C4C}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 102.0.1 (x64 cs)) (Version: 102.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 73.0 - Mozilla)
MSVCRT (HKLM-x32\...\{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}) (Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (HKLM-x32\...\{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}) (Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (HKLM\...\{E9FA781F-3E80-4399-825A-AD3E11C28C77}) (Version: 16.4.1109.0912 - Microsoft) Hidden
NVIDIA Ovladač HD audia 1.3.38.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.35 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 456.71 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 456.71 - NVIDIA Corporation)
OCR Software by I.R.I.S. 14.0 (HKLM\...\HPOCR) (Version: 14.0 - HP)
Opera Stable 88.0.4412.74 (HKLM-x32\...\Opera 88.0.4412.74) (Version: 88.0.4412.74 - Opera Software)
PDF Architect 7 (HKLM-x32\...\PDF Architect 7) (Version: 7.1.13.1755 - pdfforge GmbH)
PDF Architect 7 Create Module (HKLM\...\{B600CC13-8F68-4D44-8867-93490894FAE5}) (Version: 7.1.14.4969 - pdfforge GmbH) Hidden
PDF Architect 7 Edit Module (HKLM\...\{BA2C2671-B379-4101-A21C-4C549671FC8D}) (Version: 7.1.14.4969 - pdfforge GmbH) Hidden
PDF Architect 7 View Module (HKLM\...\{E947A304-6110-4CFE-98AD-E6909072E87D}) (Version: 7.1.14.4969 - pdfforge GmbH) Hidden
PDF24 Creator 10.7.1 (HKLM\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: 10.7.1 - PDF24.org)
Photo Common (HKLM-x32\...\{15BFD731-A10E-43E9-9D18-0F682BC0480F}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Photo Gallery (HKLM-x32\...\{07AAB66E-4718-422D-9218-4AFB3C922A71}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
PSE10 STI Installer (HKLM-x32\...\{11D08055-939C-432b-98C3-E072478A0CD7}) (Version: 10.0 - Adobe Systems Incorporated) Hidden
Rajče verze 2.5.9 sestavení 290 (HKLM-x32\...\Rajče.net_is1) (Version: - rajče.net)
RealDownloader (HKLM-x32\...\{48D18738-099C-4FAA-AFD9-80B592A25478}) (Version: 18.1.3.103 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (HKLM-x32\...\{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}) (Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (HKLM-x32\...\{AAECF7BA-E83B-4A10-87EA-DE0B333F8734}) (Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM-x32\...\RealPlayer 20.0) (Version: 20.0.7 - RealNetworks)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0015-0405-0000-0000000FF1CE}_Office14.OMUI.cs-cz_{DAB3EE22-FB0E-401F-9418-E9F0B08AEB39}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0016-0405-0000-0000000FF1CE}_Office14.OMUI.cs-cz_{DAB3EE22-FB0E-401F-9418-E9F0B08AEB39}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0017-0405-0000-0000000FF1CE}_Office14.OMUI.cs-cz_{2554816C-7768-46D5-A527-DAE1EED850CC}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0405-0000-0000000FF1CE}_Office14.OMUI.cs-cz_{DAB3EE22-FB0E-401F-9418-E9F0B08AEB39}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0019-0405-0000-0000000FF1CE}_Office14.OMUI.cs-cz_{DAB3EE22-FB0E-401F-9418-E9F0B08AEB39}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0405-0000-0000000FF1CE}_Office14.OMUI.cs-cz_{DAB3EE22-FB0E-401F-9418-E9F0B08AEB39}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001B-0405-0000-0000000FF1CE}_Office14.OMUI.cs-cz_{DAB3EE22-FB0E-401F-9418-E9F0B08AEB39}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0405-0000-0000000FF1CE}_Office14.OMUI.cs-cz_{A71E3AD4-5545-4D59-9F11-75F363563C6A}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.OMUI.cs-cz_{8925227F-C7B5-4C95-AB58-4FCF2433DAEE}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001F-041B-0000-0000000FF1CE}_Office14.OMUI.cs-cz_{0C337AF5-E6A7-4B6B-8F8E-08F9C6F956B4}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0405-1000-0000000FF1CE}_Office14.OMUI.cs-cz_{7F5CE17A-23B9-4EED-B017-A7EF4547476C}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-002C-0405-0000-0000000FF1CE}_Office14.OMUI.cs-cz_{EA82267F-4AAB-46BA-AD6A-9EBB544D0EF7}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0044-0405-0000-0000000FF1CE}_Office14.OMUI.cs-cz_{DAB3EE22-FB0E-401F-9418-E9F0B08AEB39}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-006E-0405-0000-0000000FF1CE}_Office14.OMUI.cs-cz_{2C911571-C8B6-400B-B323-417C1806E866}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-00A1-0405-0000-0000000FF1CE}_Office14.OMUI.cs-cz_{DAB3EE22-FB0E-401F-9418-E9F0B08AEB39}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-00BA-0405-0000-0000000FF1CE}_Office14.OMUI.cs-cz_{DAB3EE22-FB0E-401F-9418-E9F0B08AEB39}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 Language Pack (KB2687449) 32-Bit Edition (HKLM-x32\...\{90140000-0100-0405-0000-0000000FF1CE}_Office14.OMUI.cs-cz_{1FCBAAF2-0321-4986-8DAE-5F2891EC6E8E}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 Language Pack (KB2687449) 32-Bit Edition (HKLM-x32\...\{90140000-0101-0405-0000-0000000FF1CE}_Office14.OMUI.cs-cz_{3AC03A87-33F2-41DC-8BA3-EA4B3EC5E4AA}) (Version: - Microsoft) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
Skype verze 8.79 (HKLM-x32\...\Skype_is1) (Version: 8.79 - Skype Technologies S.A.)
UpdateService (HKLM-x32\...\{E3AE96D6-E196-45B4-AF62-2B41998B9E37}) (Version: 1.0.0 - RealNetworks, Inc.) Hidden
vc2012_redist (HKLM-x32\...\{9402AEF2-5981-4097-8BE2-6501DAC4DBFD}) (Version: 1.0.0.0 - Realnetworks) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 3.0.16 - VideoLAN)
vs2015_redist x86 (HKLM-x32\...\{BD46163A-0331-4A61-B65A-7B66D7C93F8E}) (Version: 1.0.0.0 - Realnetworks) Hidden
VSO Inspector 2.0.2 (HKLM-x32\...\VSO Inspector_is1) (Version: - VSO-Software SARL)
Windows Live Communications Platform (HKLM-x32\...\{41C61308-6CFD-4D54-AB6A-7136ED08A18E}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\{66B5819D-DE70-42BE-B40F-978FBA12452E}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\{9A470EA9-FF86-4C0E-992C-572BF2B9D6FF}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Live Installer (HKLM-x32\...\{659CB81C-B54E-4DF1-B618-F35777393A54}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Photo Common (HKLM-x32\...\{1D6432B4-E24D-405E-A4AB-D7E6D088CBC9}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (HKLM-x32\...\{B2611F8A-EFE7-4E88-875D-19F0EFAE87E4}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE (HKLM-x32\...\{CDC1AB00-01FF-4FC7-816A-16C67F0923C0}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (HKLM-x32\...\{D1893000-EA77-493C-8DDD-E262436E959B}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform (HKLM-x32\...\{00F9DB8C-65D7-4D47-AB5F-F698EE38580D}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (HKLM-x32\...\{6522F5F9-411B-4513-A75B-CEA00395F032}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (HKLM-x32\...\{E100E2B5-F2EF-4955-AB7A-C3F2125A3BCD}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
WinRAR 5.91 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.91.0 - win.rar GmbH)
WinZip (HKLM-x32\...\WinZip) (Version: 10.0 (6667) - WinZip Computing LP)
WinZip 24.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C24127}) (Version: 24.0.14033 - Corel Corporation)
XMedia Recode 64bit verze 3.5.3.7 (HKLM\...\{D31E6E69-4C6A-42CC-926F-CC7B186864EB}_is1) (Version: 3.5.3.7 - XMedia Recode 64bit)
ZoneAlarm Firewall (HKLM-x32\...\{2F77A309-CAB9-4C8A-8ED0-8C8DA3FF0744}) (Version: 15.8.038.18284 - Check Point Software Technologies Ltd.) Hidden
ZoneAlarm Free Firewall (HKLM-x32\...\ZoneAlarm Free Firewall) (Version: 15.8.038.18284 - Check Point)
ZoneAlarm Security (HKLM-x32\...\{DA17D180-7193-4070-B085-9827DB80C2F8}) (Version: 15.8.038.18284 - Check Point Software Technologies Ltd.) Hidden
Zoner Photo Studio 8 (HKLM-x32\...\Zoner Photo Studio 8_is1) (Version: - ZONER software)

Packages:
=========
ASUS Grid (Beta) -> C:\Program Files\WindowsApps\B9ECED6F.133F79A42C6_1.0.14.0_x64__qmba6cd70vzyy [2020-07-12] (ASUSTeK COMPUTER INC.)
Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_7.20.89.0_x64__kgqvnymyfvs32 [2022-06-30] (king.com)
Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_1.84.4.0_x64__kgqvnymyfvs32 [2022-07-06] (king.com)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-07-12] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-07-12] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-07-12] (Microsoft Corporation) [MS Ad]
Microsoft Mahjong -> C:\Program Files\WindowsApps\Microsoft.MicrosoftMahjong_4.2.3180.0_x64__8wekyb3d8bbwe [2022-04-08] (Microsoft Studios) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.13.7040.0_x64__8wekyb3d8bbwe [2022-07-12] (Microsoft Studios) [MS Ad]
Microsoft To Do -> C:\Program Files\WindowsApps\Microsoft.Todos_2.73.51701.0_x64__8wekyb3d8bbwe [2022-06-29] (Microsoft Corporation) [Startup Task]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.98.1805.0_x64__mcm4njqhnhss8 [2022-02-15] (Netflix, Inc.)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.189.862.0_x86__zpdnekdrzrea0 [2022-07-12] (Spotify AB) [Startup Task]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-722231672-965411127-3486821242-1001_Classes\CLSID\{CB2B673F-D441-4CD4-AFBE-DC4037CA4220}\InprocServer32 -> D:\Archivace\WinZip\adxloader64.WinZipExpressForOffice.dll (Corel Corporation -> )
CustomCLSID: HKU\S-1-5-21-722231672-965411127-3486821242-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems)
ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [6723984 2010-01-21] (Microsoft Corporation -> Microsoft Corporation)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Office14\GROOVEEX.DLL [4222864 2010-01-21] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => D:\Archivace\7-Zip\7-zip.dll [2019-09-05] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [FineReader15ContextMenu] -> {53339754-4DD1-438B-8D24-0D0730F1A591} => C:\Program Files (x86)\ABBYY FineReader 15\x64\FRIntegration.x64.dll [2019-08-22] (ABBYY Production LLC -> ABBYY Production LLC.)
ContextMenuHandlers1: [PDFArchitect7_ManagerExt] -> {21989F59-B260-4302-90C3-E51740E03639} => C:\Program Files\PDF Architect 7\context-menu.dll [2019-10-07] (pdfforge GmbH -> pdfforge GmbH)
ContextMenuHandlers1: [SystemSpeedupFilesMenu] -> {14cb2bd0-2375-3d10-9b5d-5e18865c8959} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2022-05-09] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers1-x32: [Transformer4ContextMenu] -> {558BA64F-C7A8-4B96-BCDD-B46E9D00756A} => D:\Programy\ABBYY PDF Transformer+\TRIntegration.dll [2015-01-28] (ABBYY Production LLC -> ABBYY Production LLC.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\ Archivace\WinRar 5.91\rarext.dll [2020-08-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\ Archivace\WinRar 5.91\rarext32.dll [2020-08-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => D:\Archivace\WinZip\wzshls64.dll [2020-02-25] (Corel Corporation -> WinZip Computing)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => D:\Aviry\Malwarebytes\Anti-Malware\mbshlext.dll [2022-05-21] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => d:\prográmky\realplayer\RPDS\Bin64\rpcontextmenu.dll [2021-12-26] (RealNetworks, Inc. -> RealNetworks, Inc.)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => D:\Archivace\7-Zip\7-zip.dll [2019-09-05] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => D:\Aviry\Recuva\RecuvaShell64.dll [2022-04-06] (Piriform Software Ltd -> Piriform Software Ltd)
ContextMenuHandlers4: [SystemSpeedupFoldersMenu] -> {700866bb-c8e9-3e71-b359-abb28baed0e8} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2022-05-09] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers4: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => D:\Archivace\WinZip\wzshls64.dll [2020-02-25] (Corel Corporation -> WinZip Computing)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2020-10-01] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers5: [SystemSpeedupDesktopMenu] -> {0cab5786-30e8-3185-9b3b-ccefbf1b8afe} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2022-05-09] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => D:\Archivace\7-Zip\7-zip.dll [2019-09-05] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [FineReader15ContextMenu] -> {53339754-4DD1-438B-8D24-0D0730F1A591} => C:\Program Files (x86)\ABBYY FineReader 15\x64\FRIntegration.x64.dll [2019-08-22] (ABBYY Production LLC -> ABBYY Production LLC.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => D:\Aviry\Malwarebytes\Anti-Malware\mbshlext.dll [2022-05-21] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => D:\Aviry\Recuva\RecuvaShell64.dll [2022-04-06] (Piriform Software Ltd -> Piriform Software Ltd)
ContextMenuHandlers6-x32: [Transformer4ContextMenu] -> {558BA64F-C7A8-4B96-BCDD-B46E9D00756A} => D:\Programy\ABBYY PDF Transformer+\TRIntegration.dll [2015-01-28] (ABBYY Production LLC -> ABBYY Production LLC.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\ Archivace\WinRar 5.91\rarext.dll [2020-08-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\ Archivace\WinRar 5.91\rarext32.dll [2020-08-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => D:\Archivace\WinZip\wzshls64.dll [2020-02-25] (Corel Corporation -> WinZip Computing)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [VIDC.X264] => C:\WINDOWS\system32\x264vfw64.dll [3799552 2017-07-30] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.HFYU] => C:\WINDOWS\system32\huffyuv.dll [55296 2005-01-22] () [File not signed]
HKLM\...\Drivers32: [VIDC.LAGS] => C:\WINDOWS\system32\lagarith.dll [148992 2011-12-07] () [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\WINDOWS\system32\xvidvfw.dll [310784 2019-12-28] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\WINDOWS\system32\ac3acm.acm [180736 2012-07-21] (fccHandler) [File not signed]
HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\SysWOW64\x264vfw.dll [3850240 2017-07-30] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.HFYU] => C:\Windows\SysWOW64\huffyuv.dll [39936 2004-05-18] (Disappearing Inc.) [File not signed]
HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\SysWOW64\lagarith.dll [216064 2011-12-07] () [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\SysWOW64\xvidvfw.dll [284160 2019-12-28] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\SysWOW64\ac3acm.acm [122880 2012-07-21] (fccHandler) [File not signed]
HKLM\...\Drivers32: [msacm.lameacm] => C:\Windows\SysWOW64\lameACM.acm [473088 2015-02-25] (hxxp://www.mp3dev.org/) [File not signed]
HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\SysWOW64\ff_vfw.dll [112128 2015-10-24] () [File not signed]

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Network Shortcuts\My Web Sites on MSN\target.lnk -> hxxp://www.msnusers.co

==================== Loaded Modules (Whitelisted) =============

2009-11-17 23:58 - 2009-11-17 23:58 - 000342656 _____ (Hewlett Packard -> Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqmif08.dll
2009-11-17 23:58 - 2009-11-17 23:58 - 000559232 _____ (Hewlett Packard -> Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusg.dll
2012-05-27 17:44 - 2012-05-27 17:44 - 000032256 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpotra08.rsc
2011-04-29 12:34 - 2011-04-29 12:34 - 000934400 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqsem08.rsc
2011-04-29 12:34 - 2011-04-29 12:34 - 000012288 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqstp08.rsc
2011-04-29 20:08 - 2011-04-29 20:08 - 000048128 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.rsc
2010-08-06 12:15 - 2010-08-06 12:15 - 000071680 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzinw12.dll
2010-08-06 12:15 - 2010-08-06 12:15 - 000089600 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzipm12.dll
2010-08-06 12:15 - 2010-08-06 12:15 - 000054784 _____ (Hewlett-Packard) [File not signed] C:\WINDOWS\SYSTEM32\hpzipr12.dll
2020-01-20 22:16 - 2020-01-20 22:16 - 000986112 _____ (Microsoft Corporation) [File not signed] D:\Aviry\CheckPoint\ZoneAlarm\dbghelp.dll
2022-07-10 01:00 - 2022-07-10 01:00 - 003091456 _____ (Newtonsoft) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Newtonsoft.Json\fbd91d0b0c038bc0466e585075b1f989\Newtonsoft.Json.ni.dll
2020-10-19 15:04 - 2020-10-19 15:04 - 000018944 _____ (Softland) [File not signed] C:\WINDOWS\System32\novamn10.dll
2018-12-10 11:29 - 2018-12-10 11:29 - 000438272 _____ (The curl library, hxxps://curl.haxx.se/) [File not signed] C:\Program Files\PDF Architect 7\libcurl.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO: PDF Architect 7 Helper -> {2B035CAB-1F3D-4DE6-A32D-39B9E5F456D0} -> C:\Program Files\PDF Architect 7\creator\plugins\IEAddin\creator-ie-helper.dll [2019-10-07] (pdfforge GmbH -> pdfforge GmbH)
BHO: RealPlayer Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> d:\prográmky\realplayer\BrowserRecordPlugin\IE\rndlbrowserrecordplugin64.dll [2021-12-26] (RealNetworks, Inc. -> RealPlayer)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-21] (Microsoft Corporation -> Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: RealPlayer Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> d:\prográmky\realplayer\BrowserRecordPlugin\IE\rndlbrowserrecordplugin.dll [2021-12-26] (RealNetworks, Inc. -> RealPlayer)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Office14\GROOVEEX.DLL [2010-01-21] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-722231672-965411127-3486821242-1001\...\localhost -> localhost

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2022-01-29 14:29 - 2022-01-29 14:29 - 000000000 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-722231672-965411127-3486821242-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Admin\Pictures\Saved Pictures\m104 - sombrero.bmp
DNS Servers: 31.30.90.11 - 31.30.90.12
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is disabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{F1C3FD45-225F-4248-BB58-CC07D80EA9B9}] => (Allow) D:\Aviry\CheckPoint\ZoneAlarm\vsmon.exe (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
FirewallRules: [{7FE0D65D-4851-4F77-BD27-FF9EE5C9BCAA}] => (Allow) D:\Aviry\CheckPoint\ZoneAlarm\vsmon.exe (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
FirewallRules: [{98E55126-E08E-4283-BC9F-1CD4487C5376}] => (Allow) D:\Aviry\CheckPoint\ZoneAlarm\vsmon.exe (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
FirewallRules: [{463A6C42-0E1B-4675-8A95-5E8E0F425848}] => (Allow) D:\Aviry\CheckPoint\ZoneAlarm\vsmon.exe (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
FirewallRules: [{7059C7E5-30C1-4084-A8C6-CA7C0AB13286}] => (Allow) LPort=8501
FirewallRules: [{D9603B5C-325E-4237-BC4E-91DCA55B90A1}] => (Allow) LPort=8501
FirewallRules: [{D33BCFB3-EA54-4BD5-954B-45F544174DFE}] => (Allow) C:\Program Files (x86)\Office14\ONENOTE.EXE (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{87F08FF4-AAB0-4911-9194-EB67A27D0ED3}] => (Allow) C:\Program Files (x86)\Office14\ONENOTE.EXE (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{63FD2332-F2D6-45A0-8793-C7410883EF3D}] => (Allow) LPort=1900
FirewallRules: [{09D0FD54-F9E5-4E9B-B5EC-8C5985AB222F}] => (Allow) LPort=2869
FirewallRules: [{13FD4DA9-5757-49F9-987F-7641F63CD5D5}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D53AC4E9-924B-48B4-A6E6-95AF36DAFFDE}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{3F60A5E6-326B-4D15-A51D-52B43BF1ABC4}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{CA0013FD-B126-4C46-BEE0-597F4DDB0B80}] => (Allow) C:\Program Files (x86)\Office14\GROOVE.EXE (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{0BBCD6C0-2206-46C3-A2BD-0348B1897A4D}] => (Allow) C:\Program Files (x86)\Office14\GROOVE.EXE (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6C8F3AE3-4336-4D9E-BA25-A3671EE747A8}] => (Allow) C:\Program Files (x86)\Office14\ONENOTE.EXE (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{9B5E2AB7-51AF-4ED3-B069-4EB883C9A166}] => (Allow) C:\Program Files (x86)\Office14\ONENOTE.EXE (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{91181CAB-8ADE-439A-8631-8327892A308B}] => (Allow) C:\Program Files (x86)\Office14\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{0CE445A5-21BB-467A-A270-7065480A7DB2}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{9A0EB60E-5410-48B5-85F9-1C9B71271994}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E6EC08C9-BC65-4D7B-B033-5092276B64F8}] => (Allow) d:\prográmky\realplayer\RPDS\Bin\rpdsvc.exe (RealNetworks, Inc. -> RealNetworks, Inc.)
FirewallRules: [{EEBDC094-AAA2-4871-AD93-AEBBD357AF94}] => (Allow) d:\prográmky\realplayer\RealPlay.exe (RealNetworks, Inc. -> RealNetworks, Inc.)
FirewallRules: [{C50EABFE-71A2-4F77-8CE5-99AEFA6BDBB3}] => (Allow) C:\Program Files (x86)\Opera\88.0.4412.53\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [{37CFD4AC-3F87-4B99-87A2-CA934C9B5559}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.85.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{ACDEEE04-7CAC-43D3-9ADD-8AA20CF60944}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.85.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{6715F821-E244-4A7C-B3F2-60DB679AEDFD}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.85.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{3E00C8B9-A0E7-430D-9AFF-7BD2ADB9787A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.85.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{7062FC98-41DE-4448-80FB-6D82340BE6B3}C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe => No File
FirewallRules: [UDP Query User{1442EBD7-00DA-425F-ACFD-F90D9F096E3D}C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe => No File
FirewallRules: [{185E82BB-7023-4EAE-B343-B77E8BB93C84}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{5E2E4C4F-8346-43D0-82E7-89E431BF6E83}] => (Allow) C:\Program Files (x86)\Opera\88.0.4412.74\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [{329949B6-825D-429B-B7D3-1814F4CD35D3}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\103.0.1264.49\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8E35B60A-50D6-49F4-9E1A-E347D51D1393}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.189.862.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{B757D56B-F20C-428D-AB3A-5A4FDB9A4216}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.189.862.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{4DF3F62E-9DED-4946-A33C-DEF6F5747F77}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.189.862.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{61E003C8-7A09-453A-9C44-4C8FCB9CDBBE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.189.862.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{A2080A66-3222-4146-8061-0E02BAB08A81}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.189.862.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{E99F3D0F-14E7-4040-98CB-F25537E9477F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.189.862.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{C921261B-B7BA-4711-9D41-4BDBD4B98A39}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.189.862.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{05E3F73D-BA17-47D9-AEF4-C98FE24920C7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.189.862.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)

==================== Restore Points =========================

21-06-2022 16:31:50 Instalační služba modulů systému Windows
05-07-2022 12:10:11 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (07/12/2022 09:13:35 PM) (Source: SecurityCenter) (EventID: 18) (User: )
Description: Službě Centrum zabezpečení Windows se nepodařilo načíst instance objektu FirewallProduct z úložiště dat.

Error: (07/12/2022 09:12:32 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: NT AUTHORITY)
Description: Systém Windows nemůže načíst knihovnu DLL rozšiřitelných čítačů C:\WINDOWS\system32\sysmain.dll (kód chyby Win32 126).

Error: (07/12/2022 06:52:59 PM) (Source: COM) (EventID: 10035) (User: )
Description: Řadič standardu COM nebyl schopen opravit nesoulad mezi IID {618736E0-3C3D-11CF-810C-00AA00389B71} poskytovaným serverem a IID {00020400-0000-0000-C000-000000000046}, které požaduje klient, s CLSID identifikátorem ovladače {00000002-F044-0445-E042-9104C8531B01}. Kód chybového hlášení byl 0x80010114.

Error: (07/12/2022 12:14:01 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: PM70.EXE, verze: 0.7.0.0, časové razítko: 0x3b2d4092
Název chybujícího modulu: ntdll.dll, verze: 10.0.19041.1741, časové razítko: 0x221456c9
Kód výjimky: 0xc0000374
Posun chyby: 0x000e6cf3
ID chybujícího procesu: 0x2cb0
Čas spuštění chybující aplikace: 0x01d8955621fd5ecf
Cesta k chybující aplikaci: d:\programy\adobe\pagemaker 7.0\PM70.EXE
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: 5e798ed5-dee0-47dd-b280-1203bbd70b2d
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (07/11/2022 06:26:51 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: NT AUTHORITY)
Description: Systém Windows nemůže načíst knihovnu DLL rozšiřitelných čítačů C:\WINDOWS\system32\sysmain.dll (kód chyby Win32 126).

Error: (07/10/2022 03:00:11 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: NT AUTHORITY)
Description: Systém Windows nemůže načíst knihovnu DLL rozšiřitelných čítačů C:\WINDOWS\system32\sysmain.dll (kód chyby Win32 126).

Error: (07/09/2022 10:39:27 AM) (Source: COM) (EventID: 10035) (User: )
Description: Řadič standardu COM nebyl schopen opravit nesoulad mezi IID {618736E0-3C3D-11CF-810C-00AA00389B71} poskytovaným serverem a IID {00020400-0000-0000-C000-000000000046}, které požaduje klient, s CLSID identifikátorem ovladače {76B8ADFF-F280-0475-00E4-B876A69E0B4B}. Kód chybového hlášení byl 0x80010114.

Error: (07/07/2022 06:12:30 PM) (Source: COM) (EventID: 10035) (User: )
Description: Řadič standardu COM nebyl schopen opravit nesoulad mezi IID {618736E0-3C3D-11CF-810C-00AA00389B71} poskytovaným serverem a IID {00020400-0000-0000-C000-000000000046}, které požaduje klient, s CLSID identifikátorem ovladače {00000002-EC9C-042B-882E-0F01F8E81101}. Kód chybového hlášení byl 0x80010114.


System errors:
=============
Error: (07/12/2022 09:32:15 PM) (Source: DCOM) (EventID: 10000) (User: DESKTOP-1U0LM3C)
Description: Nelze spustit server DCOM: {0358B920-0AC7-461F-98F4-58E32CD89148}. Došlo k chybě:
2147942767
při provádění příkazu:
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}

Error: (07/12/2022 09:14:14 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Služba Endpoint Protection Service skončila s následující chybou specifickou pro službu:
%%40007

Error: (07/12/2022 09:13:21 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba RealTimes Desktop Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (07/12/2022 09:13:21 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby ABBYY PDF Transformer+ - Licensing Service bylo dosaženo časového limitu (60000 ms).

Error: (07/12/2022 09:11:44 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Služba AsusUpdateCheck se po přijetí pokynu pro vypnutí neukončila správně.

Error: (07/12/2022 12:48:03 AM) (Source: DCOM) (EventID: 10000) (User: DESKTOP-1U0LM3C)
Description: Nelze spustit server DCOM: {0358B920-0AC7-461F-98F4-58E32CD89148}. Došlo k chybě:
2147942767
při provádění příkazu:
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}

Error: (07/11/2022 12:30:12 AM) (Source: DCOM) (EventID: 10000) (User: DESKTOP-1U0LM3C)
Description: Nelze spustit server DCOM: {0358B920-0AC7-461F-98F4-58E32CD89148}. Došlo k chybě:
2147942767
při provádění příkazu:
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}

Error: (07/10/2022 01:05:50 AM) (Source: DCOM) (EventID: 10000) (User: DESKTOP-1U0LM3C)
Description: Nelze spustit server DCOM: {0358B920-0AC7-461F-98F4-58E32CD89148}. Došlo k chybě:
2147942767
při provádění příkazu:
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}


Windows Defender:
================
Date: 2022-07-12 21:38:39
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:Win32/AutoKMS
Závažnost: Vysoké
Kategorie: Nástroj
Cesta: file:_C:\Windows\KMSEmulator.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-1U0LM3C\Admin
Název procesu: D:\Aviry\FRST64.exe
Verze bezpečnostních informací: AV: 1.371.60.0, AS: 1.371.60.0, NIS: 1.371.60.0
Verze modulu: AM: 1.1.19400.3, NIS: 1.1.19400.3

Date: 2022-07-12 21:24:52
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {024625CF-2308-44B4-8CA2-30DAEBF98E64}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: DESKTOP-1U0LM3C\Admin

Date: 2022-07-12 21:15:27
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:Win32/AutoKMS
Závažnost: Vysoké
Kategorie: Nástroj
Cesta: containerfile:_C:\Windows\AutoKMS.exe; file:_C:\Windows\AutoKMS.exe->[MSILRES:AutoKMS.Properties.Resources.resources]; file:_C:\WINDOWS\System32\Tasks\AutoKMS->(UTF-16LE); file:_C:\WINDOWS\System32\Tasks\AutoKMSDaily->(UTF-16LE); file:_C:\WINDOWS\Tasks\AutoKMS.job; file:_C:\WINDOWS\Tasks\AutoKMSDaily.job; regkey:_HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B681C9D8-A6EB-4592-95E5-7130E7641EAD}; regkey:_HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DA4D9638-EC04-441E-9325-9F21AB7036CE}; regkey:_HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoKMS; regkey:_HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoKMSDaily; taskscheduler:_C:\WINDOWS\System32\Tasks\AutoKMS; taskscheduler:_C:\WINDOWS\System32\Tasks\AutoKMSDaily; taskscheduler:_C:\WINDOWS\Tasks\AutoKMS.job; taskscheduler:_C:\WINDOWS\Tasks\AutoKMSDaily.job
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.305.2858.0, AS: 1.305.2858.0, NIS: 1.305.2858.0
Verze modulu: AM: 1.1.16500.1, NIS: 1.1.16500.1

Date: 2022-07-12 21:15:23
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:Win32/AutoKMS
Závažnost: Vysoké
Kategorie: Nástroj
Cesta: containerfile:_C:\Windows\AutoKMS.exe; file:_C:\Windows\AutoKMS.exe->[MSILRES:AutoKMS.Properties.Resources.resources]; file:_C:\WINDOWS\System32\Tasks\AutoKMS->(UTF-16LE); file:_C:\WINDOWS\System32\Tasks\AutoKMSDaily->(UTF-16LE); file:_C:\WINDOWS\Tasks\AutoKMS.job; file:_C:\WINDOWS\Tasks\AutoKMSDaily.job; regkey:_HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B681C9D8-A6EB-4592-95E5-7130E7641EAD}; regkey:_HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DA4D9638-EC04-441E-9325-9F21AB7036CE}; regkey:_HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoKMS; regkey:_HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoKMSDaily; taskscheduler:_C:\WINDOWS\System32\Tasks\AutoKMS; taskscheduler:_C:\WINDOWS\System32\Tasks\AutoKMSDaily; taskscheduler:_C:\WINDOWS\Tasks\AutoKMS.job; taskscheduler:_C:\WINDOWS\Tasks\AutoKMSDaily.job
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.305.2858.0, AS: 1.305.2858.0, NIS: 1.305.2858.0
Verze modulu: AM: 1.1.16500.1, NIS: 1.1.16500.1

Date: 2022-07-12 21:15:02
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:Win32/AutoKMS
Závažnost: Vysoké
Kategorie: Nástroj
Cesta: containerfile:_C:\Windows\AutoKMS.exe; file:_C:\Windows\AutoKMS.exe->[MSILRES:AutoKMS.Properties.Resources.resources]; file:_C:\WINDOWS\System32\Tasks\AutoKMS->(UTF-16LE); file:_C:\WINDOWS\System32\Tasks\AutoKMSDaily->(UTF-16LE); file:_C:\WINDOWS\Tasks\AutoKMS.job; file:_C:\WINDOWS\Tasks\AutoKMSDaily.job; regkey:_HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B681C9D8-A6EB-4592-95E5-7130E7641EAD}; regkey:_HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DA4D9638-EC04-441E-9325-9F21AB7036CE}; regkey:_HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoKMS; regkey:_HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoKMSDaily; taskscheduler:_C:\WINDOWS\System32\Tasks\AutoKMS; taskscheduler:_C:\WINDOWS\System32\Tasks\AutoKMSDaily; taskscheduler:_C:\WINDOWS\Tasks\AutoKMS.job; taskscheduler:_C:\WINDOWS\Tasks\AutoKMSDaily.job
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.305.2858.0, AS: 1.305.2858.0, NIS: 1.305.2858.0
Verze modulu: AM: 1.1.16500.1, NIS: 1.1.16500.1

CodeIntegrity:
===============
Date: 2022-07-12 21:39:08
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Avira\Endpoint Protection SDK\amsi\x64\avamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

BIOS: American Megatrends Inc. 2901 10/16/2019
Motherboard: ASUSTeK COMPUTER INC. ROG STRIX B450-F GAMING
Processor: AMD Ryzen 5 2600 Six-Core Processor
Percentage of memory in use: 49%
Total physical RAM: 8124.13 MB
Available physical RAM: 4134.84 MB
Total Virtual: 9404.13 MB
Available Virtual: 4902.53 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:237.84 GB) (Free:150.83 GB) (Model: ADATA SX8200PNP) NTFS
Drive d: (Místní disk) (Fixed) (Total:931.5 GB) (Free:389.86 GB) (Model: WDC WD10EZEX-60WN4A1) NTFS

\\?\Volume{d6458fe6-83f6-4935-9c1d-28a7f72e381b}\ () (Fixed) (Total:0.52 GB) (Free:0.09 GB) NTFS
\\?\Volume{b5a6f67e-0283-4ca7-8508-df1d94760cbf}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 1 (Size: 238.5 GB) (Disk ID: 39AE08EB)

Partition: GPT.

==================== End of Addition.txt =======================

[Antusek]

Podruhé jsem restartoval PC a deštník v Aviře se rozevřel a ochrana zapnula.
Díky za další rady.

[Rudy]

Zdravím!
Proč jste si jí stahoval? Tento šmejd vám do PC sám nevleze. Spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

[Antusek]

Díky za radu. provedu.

[Antusek]

Tak jsem provedl, ale nebylo tam po skenování čištění a opravy. Jen to spadlo rovnou do karantény, kde jsem to odstranil. Restart PC nebyl. A co jsem zjistil, odstranilo to pouze zástupce na ploše do e-mailu, kterého jsem si tam vytvořil.. Posílám Log. Díky za další radu je-li to o.k.

# -------------------------------
# Malwarebytes AdwCleaner 8.3.2.0
# -------------------------------
# Build: 03-23-2022
# Database: 2022-06-24.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 07-13-2022
# Duration: 00:00:00
# OS: Windows 10 Home
# Cleaned: 1
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

Deleted C:\Users\Admin\Desktop\Mail.Ru.url

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1560 octets] - [28/01/2022 18:42:57]
AdwCleaner[C00].txt - [1692 octets] - [28/01/2022 18:43:25]
AdwCleaner[S01].txt - [1569 octets] - [13/07/2022 18:46:04]
AdwCleaner[C01].txt - [1739 octets] - [13/07/2022 18:46:34]
AdwCleaner[S02].txt - [1691 octets] - [13/07/2022 18:50:07]
AdwCleaner[S03].txt - [1752 octets] - [13/07/2022 18:50:55]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C03].txt ##########

[Rudy]

OK. Dejte nové logy FRST+Addition.

[Antusek]

Díky. Je to již o.k?


Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 11-07-2022
Ran by Admin (administrator) on DESKTOP-1U0LM3C (13-07-2022 20:25:36)
Running from D:\Aviry
Loaded Profiles: Admin
Platform: Microsoft Windows 10 Home Version 21H1 19043.1766 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe <2>
(C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe ->) (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe ->) (Hewlett Packard -> Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
(C:\Program Files\Avira\Endpoint Protection SDK\endpointprotection.exe ->) (Avira Operations GmbH & Co. KG -> Avira Operations GmbH) C:\Program Files\Avira\Endpoint Protection SDK\SentryEye.exe
(D:\Aviry\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) D:\Aviry\Malwarebytes\Anti-Malware\mbamtray.exe
(explorer.exe ->) (Adobe Systems Inc.) [File not signed] D:\Programy\Adobe\Adobe Acrobat Distiller 5.0\Distillr\AcroTray.exe
(explorer.exe ->) (Corel Corporation -> WinZip Computing) D:\Archivace\WinZip\WzPreloader.exe
(explorer.exe ->) (Hewlett Packard -> Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <7>
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Office14\ONENOTEM.EXE
(Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) D:\Aviry\CheckPoint\ZoneAlarm\zatray.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MusNotifyIcon.exe
(Piriform Software Ltd -> Piriform Software Ltd) D:\Aviry\CCleaner\CCleaner64.exe
(RealNetworks, Inc. -> RealNetworks, Inc.) D:\Prográmky\RealPlayer\Update\realsched.exe
(services.exe ->) (ABBYY Production LLC -> ABBYY Production LLC) C:\Program Files (x86)\Common Files\ABBYY\FineReader\15\Licensing\NetworkLicenseServer.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(services.exe ->) (Adobe Systems Incorporated -> Adobe Systems Incorporated) D:\Fotoeditory\Adobe Photoshop Elements 11\Elements 10 Organizer\PhotoshopElementsFileAgent.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ) C:\Windows\System32\AsusUpdateCheck.exe
(services.exe ->) (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe
(services.exe ->) (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe
(services.exe ->) (Avira Operations GmbH -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe
(services.exe ->) (Avira Operations GmbH -> Avira Operations GmbH) C:\Program Files\Avira\Endpoint Protection SDK\endpointprotection.exe
(services.exe ->) (geek software GmbH -> geek software GmbH) D:\Prográmky\PDF24\pdf24.exe <2>
(services.exe ->) (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ICM\ICM-Service-NET.exe
(services.exe ->) (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) D:\Aviry\CheckPoint\ZoneAlarm\vsmon.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) D:\Aviry\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe <2>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (pdfforge GmbH -> pdfforge GmbH) C:\Program Files\PDF Architect 7\updater-ws.exe
(services.exe ->) (pdfforge GmbH -> pdfforge GmbH) C:\Program Files\PDF Architect 7\ws.exe
(services.exe ->) (RealNetworks, Inc. -> RealNetworks, Inc.) D:\Prográmky\UpdateService\RealPlayerUpdateSvc.exe
(services.exe ->) (Softland SRL -> Microsoft) C:\Program Files\Softland\novaPDF 10\Server\novapdfs.exe
(svchost.exe ->) (Avira Operations GmbH -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Systray.Application.exe
(svchost.exe ->) (Hewlett Packard -> Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(svchost.exe ->) (Hewlett Packard -> Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_4.2204.13303.0_x64__8wekyb3d8bbwe\Cortana.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (RealNetworks, Inc. -> ) D:\Prográmky\RealPlayer\downloader2.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3427104 2022-04-13] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3831808 2021-08-30] (Microsoft Windows Hardware Compatibility Publisher -> Logitech)
HKLM\...\Run: [PDF24] => D:\Prográmky\PDF24\pdf24.exe [587000 2022-01-05] (geek software GmbH -> geek software GmbH)
HKLM\...\Run: [] => [X]
HKLM-x32\...\Run: [ZoneAlarm] => D:\Aviry\CheckPoint\ZoneAlarm\zatray.exe [325856 2020-01-23] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2623032 2019-07-26] (Adobe Inc. -> Adobe Inc.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Office14\BCSSync.exe [91520 2010-01-21] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [TkBellExe] => d:\prográmky\realplayer\Update\realsched.exe [347560 2021-12-26] (RealNetworks, Inc. -> RealNetworks, Inc.)
HKLM-x32\...\Run: [Opera Browser Assistant] => C:\Program Files (x86)\Opera\assistant\browser_assistant.exe [4124416 2022-05-17] (Opera Software AS -> Opera Software)
HKLM-x32\...\Run: [] => [X]
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-722231672-965411127-3486821242-1001\...\Run: [CCleaner Smart Cleaning] => D:\Aviry\CCleaner\CCleaner64.exe [36976728 2022-06-14] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-722231672-965411127-3486821242-1001\...\Run: [] => [X]
HKU\S-1-5-21-722231672-965411127-3486821242-1001\...\Run: [MicrosoftEdgeAutoLaunch_5EFC0ECB77A7585FE9DCDD0B2E946A2B] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3601824 2022-07-06] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Windows x64\Print Processors\hpzppw71: C:\Windows\System32\spool\prtprocs\x64\hpzppw71.dll [239704 2017-12-18] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\novaPDF 10 Port Monitor: C:\WINDOWS\system32\novamn10.dll [18944 2020-10-19] (Softland) [File not signed]
HKLM\...\Print\Monitors\PCL hpz3lw71: C:\WINDOWS\system32\hpz3lw71.dll [55392 2017-12-18] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\PDF Architect 7 Monitor: C:\Windows\system32\spool\DRIVERS\x64\pdf architect_pdfpmon_v.4.12.26.3.dll [932984 2019-11-26] (PDF Tools AG -> PDF Tools AG (hxxp://www.pdf-tools.com))
HKLM\...\Print\Monitors\PDF-XChange5-ABBYY: C:\Windows\system32\pxc50pma.dll [58936 2014-11-13] (Tracker Software Products (Canada) Ltd -> Tracker Software Products (Canada) Ltd.)
HKLM\...\Print\Monitors\PDF-XChange5-ABBYY-FR15: C:\WINDOWS\system32\pxc50pmaf15.dll [57328 2018-12-04] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\103.0.5060.114\Installer\chrmstp.exe [2022-07-05] (Google LLC -> Google LLC)
Startup: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Avira.lnk [2020-02-02]
ShortcutTarget: Avira.lnk -> C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe (Avira Operations GmbH -> Avira Operations GmbH & Co. KG)
Startup: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk [2022-05-13]
ShortcutTarget: Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk -> C:\Program Files (x86)\Office14\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Acrobat Assistant.lnk [2020-01-31]
ShortcutTarget: Acrobat Assistant.lnk -> D:\Programy\Adobe\Adobe Acrobat Distiller 5.0\Distillr\AcroTray.exe (Adobe Systems Inc.) [File not signed]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2019-11-26]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett Packard -> Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Preloader.lnk [2020-08-11]
ShortcutTarget: WinZip Preloader.lnk -> D:\Archivace\WinZip\WzPreloader.exe (Corel Corporation -> WinZip Computing)
GroupPolicy-Firefox-x32: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0A523097-1FE5-4E21-A46F-8CEF940D2FD3} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe do-task "E7CF176E110C211B"
Task: {0C3F0ED1-2C1F-42EA-AECE-130E4BEA6A04} - System32\Tasks\doPDF 10 Telemetry => C:\Program Files\Softland\novaPDF 10\Driver\GoogleAnalytics.exe [51504 2020-10-19] (Softland SRL -> )
Task: {14DACDF0-2353-4A04-BF4C-E6A0466B90CA} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-722231672-965411127-3486821242-1001 => D:\prográmky\realplayer\RealUpgrade.exe [129960 2021-12-26] (RealNetworks, Inc. -> RealNetworks, Inc.)
Task: {17547B1C-0FF7-4276-9950-7093AF26FEEC} - System32\Tasks\Mozilla\Firefox Background Update E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E7CF176E110C211B\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {1767C569-45CE-4407-9244-E7425723C769} - System32\Tasks\Avira_Security_Systray => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Systray.Application.exe [1642080 2022-07-11] (Avira Operations GmbH -> Avira Operations GmbH & Co. KG)
Task: {2DA4E14C-06DD-498D-8217-4755502737E1} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-722231672-965411127-3486821242-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe [128240 2016-02-03] (RealNetworks, Inc. -> RealNetworks, Inc.)
Task: {30515FA6-F9ED-44C5-8EFA-8506DAE5A0F2} - System32\Tasks\AdobeAAMUpdater-1.0-DESKTOP-1U0LM3C-Admin => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {511EA8A4-F686-4EB2-BDE1-889A1A750FBF} - System32\Tasks\AviraSystemSpeedupVerify => C:\Program Files (x86)\Avira\System Speedup\setup\avira_speedup_setup.exe [32819448 2022-07-10] (Avira Operations GmbH -> Avira Operations GmbH & Co. KG)
Task: {599583C5-907C-4600-B865-B53FAC184057} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-722231672-965411127-3486821242-1001 => D:\prográmky\realplayer\RealUpgrade.exe [129960 2021-12-26] (RealNetworks, Inc. -> RealNetworks, Inc.)
Task: {5C7D46B2-904D-45BE-B1F4-EB846B4E9264} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-18] (Adobe Inc. -> Adobe Inc.)
Task: {6E2CF984-2BBD-462A-B1A6-B86BD1DBBC32} - \WinZip Update Notifier 3 -> No File <==== ATTENTION
Task: {73D6DECF-82F9-4D6A-9866-C7FD33DD1FD9} - System32\Tasks\Avira_Security_Update => C:\WINDOWS\system32\net.exe [59904 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
Task: {8535C168-1B7B-4928-8996-AF503FDD848C} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3427104 2022-04-13] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {9038B369-BC18-4750-915A-B3397AABABBB} - System32\Tasks\GoogleUpdateTaskMachineUA{33399356-FF1B-407B-B2C7-9039A1A671CC} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2019-11-26] (Google Inc -> Google Inc.)
Task: {90527A75-5A94-4DE8-B113-61468F2FE640} - System32\Tasks\Avira_Security_Service_SCM_Watchdog => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe [258472 2022-07-11] (Avira Operations GmbH -> Avira Operations GmbH & Co. KG)
Task: {92497EB4-6737-48B2-95AD-E156D36299A7} - \Opera scheduled assistant Autoupdate 1580117963 -> No File <==== ATTENTION
Task: {9D9147FE-E3A9-4DA6-9467-97B7F4A01A0B} - \WinZip Update Notifier 2 -> No File <==== ATTENTION
Task: {A9B5C750-A8A6-46C0-887B-D224DD94FD74} - \WinZip Update Notifier 1 -> No File <==== ATTENTION
Task: {AE81ECE4-B75D-4D6A-A35C-13A9145C60FA} - System32\Tasks\CCleaner Update => D:\Aviry\CCleaner\CCUpdate.exe [619416 2022-06-20] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {BB9C4A9E-8903-42A2-9BCF-77E08E69BE01} - System32\Tasks\klcp_update => D:\Prográmky\K-Lite Codec Pack\Tools\CodecTweakTool.exe [1907712 2021-04-12] () [File not signed]
Task: {C058F360-D1E7-4B0B-817D-F6E7783E7B0F} - System32\Tasks\RealDownloader Update Check => d:\prográmky\realplayer\downloader2.exe [1167784 2021-12-26] (RealNetworks, Inc. -> )
Task: {D2C135A4-E491-469B-9EE5-8BBB500E2731} - System32\Tasks\CCleanerSkipUAC - Admin => D:\Aviry\CCleaner\CCleaner.exe [31027800 2022-06-14] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {DD4DDD5E-C15D-41A6-BFE2-8EBFC70439DC} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-722231672-965411127-3486821242-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe [128240 2016-02-03] (RealNetworks, Inc. -> RealNetworks, Inc.)
Task: {E948ECFF-5A89-46DA-AE8D-EFA7EF4E35F1} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {EB2B61BF-C3A2-4F58-B725-387972CD7149} - System32\Tasks\doPDF 10 Update => C:\Program Files\Softland\novaPDF 10\Driver\UpdateApplication.exe [98096 2020-10-19] (Softland SRL -> )
Task: {F5EE3308-2C52-4889-8A23-7E05F950FFF5} - System32\Tasks\GoogleUpdateTaskMachineCore{97283C65-2A48-44CD-A7A1-B696E3021AB5} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2019-11-26] (Google Inc -> Google Inc.)
Task: {FF448796-7A7C-4542-85B6-2F9FEA8EE654} - System32\Tasks\Opera scheduled Autoupdate 1574800406 => C:\Program Files (x86)\Opera\launcher.exe [1888240 2022-07-05] (Opera Norway AS -> Opera Software)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: [S-1-5-21-722231672-965411127-3486821242-1001] => http=;ftp=;https=;
Tcpip\Parameters: [DhcpNameServer] 31.30.90.11 31.30.90.12
Tcpip\..\Interfaces\{2344692f-c41b-4ac7-9c50-43b9fc907f50}: [DhcpNameServer] 31.30.90.11 31.30.90.12

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default [2022-07-13]
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-07-06]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

FireFox:
========
FF DefaultProfile: 2i1040qs.default-1582311638745
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\u4mgi7h5.default-release [2022-07-12]
FF Homepage: Mozilla\Firefox\Profiles\u4mgi7h5.default-release -> about:home
FF NewTab: Mozilla\Firefox\Profiles\u4mgi7h5.default-release -> about:newtab
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2i1040qs.default-1582311638745 [2022-07-13]
FF NewTab: Mozilla\Firefox\Profiles\2i1040qs.default-1582311638745 -> about:newtab
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.10 -> D:\Prográmky\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> D:\Prográmky\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> D:\Prográmky\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.14 -> D:\Prográmky\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> D:\Prográmky\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> D:\Prográmky\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2022-07-05] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2019-07-26] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\Office14\NPSPWRAP.DLL [2010-01-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=20.0.7.309 -> d:\prográmky\realplayer\Netscape6\nppl3260.dll [2021-12-26] (RealNetworks, Inc. -> RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=20.0.7.309 -> d:\prográmky\realplayer\Netscape6\nprpplugin.dll [2021-12-26] (RealNetworks, Inc. -> RealPlayer)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2019-07-26] (Adobe Inc. -> Adobe Systems)

Chrome:
=======
CHR DefaultProfile: Profile 6
CHR Profile: C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Guest Profile [2022-07-12]
CHR Profile: C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 6 [2022-07-13]
CHR Notifications: Profile 6 -> hxxps://www.youtube.com
CHR Extension: (uBlock Origin) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2022-06-22]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-06-03]
CHR Profile: C:\Users\Admin\AppData\Local\Google\Chrome\User Data\System Profile [2022-07-12]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

Opera:
=======
OPR Profile: C:\Users\Admin\AppData\Roaming\Opera Software\Opera Stable [2022-07-13]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=o ... utEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\Admin\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2022-07-01]
OPR Extension: (Opera Crypto Wallet) - C:\Users\Admin\AppData\Roaming\Opera Software\Opera Stable\Extensions\gojhcdgcpbpfigcaejpfhfegekdgiblk [2022-07-12]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\Admin\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2021-08-15]
OPR Extension: (uBlock Origin) - C:\Users\Admin\AppData\Roaming\Opera Software\Opera Stable\Extensions\kccohkcpppjjkkjppopfnflnebibpida [2022-07-01]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ABBYY.Licensing.FineReader.15.0; C:\Program Files (x86)\Common Files\ABBYY\FineReader\15\Licensing\NetworkLicenseServer.exe [1058032 2019-07-29] (ABBYY Production LLC -> ABBYY Production LLC)
S2 ABBYY.Licensing.PDFTransformer.Classic.4.0; D:\Programy\ABBYY PDF Transformer+\NetworkLicenseServer.exe [962256 2014-12-02] (ABBYY Production LLC -> ABBYY Production LLC)
R2 AdobeActiveFileMonitor10.0; D:\Fotoeditory\Adobe Photoshop Elements 11\Elements 10 Organizer\PhotoshopElementsFileAgent.exe [169624 2011-09-14] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-18] (Adobe Inc. -> Adobe Inc.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [816184 2019-07-26] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3815712 2022-04-13] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3580200 2022-04-13] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AsusUpdateCheck; C:\WINDOWS\System32\AsusUpdateCheck.exe [768408 2022-07-13] (ASUSTeK Computer Inc. -> )
R2 AviraOptimizerHost; C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe [3000608 2022-03-25] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraPhantomVPN; C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe [386864 2022-03-30] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraSecurity; C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe [264400 2022-07-11] (Avira Operations GmbH -> Avira Operations GmbH & Co. KG)
S2 AviraSecurityUpdater; C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Common.Updater.exe [284136 2022-07-11] (Avira Operations GmbH -> Avira Operations GmbH & Co. KG)
S3 CCleanerPerformanceOptimizerService; D:\Aviry\CCleaner\CCleanerPerformanceOptimizerService.exe [1081432 2022-06-14] (Piriform Software Ltd -> )
R2 EndpointProtectionService; C:\Program Files\Avira\Endpoint Protection SDK\endpointprotection.exe [8445968 2022-06-30] (Avira Operations GmbH -> Avira Operations GmbH)
S3 EndpointProtectionService2; C:\Program Files\Avira\Endpoint Protection SDK\endpointprotection.exe [8445968 2022-06-30] (Avira Operations GmbH -> Avira Operations GmbH)
R2 MBAMService; D:\Aviry\Malwarebytes\Anti-Malware\MBAMService.exe [8677120 2022-06-21] (Malwarebytes Inc. -> Malwarebytes)
S3 Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Office14\GROOVE.EXE [30963576 2010-01-21] (Microsoft Corporation -> Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 NovaPdf10Server; C:\Program Files\Softland\novaPDF 10\Server\novapdfs.exe [52528 2020-10-19] (Softland SRL -> Microsoft)
R3 PDF Architect 7; C:\Program Files\PDF Architect 7\ws.exe [2579752 2019-10-07] (pdfforge GmbH -> pdfforge GmbH)
S3 PDF Architect 7 Creator; C:\Program Files\PDF Architect 7\creator\common\creator-ws.exe [692008 2019-10-07] (pdfforge GmbH -> pdfforge GmbH)
R2 PDF Architect 7 Update Service; C:\Program Files\PDF Architect 7\updater-ws.exe [1832232 2019-10-07] (pdfforge GmbH -> pdfforge GmbH)
R2 PDF24; D:\Prográmky\PDF24\pdf24.exe [587000 2022-01-05] (geek software GmbH -> geek software GmbH)
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 RealPlayerUpdateSvc; D:\prográmky\UpdateService\RealPlayerUpdateSvc.exe [38856 2021-12-04] (RealNetworks, Inc. -> RealNetworks, Inc.)
S2 RealTimes Desktop Service; d:\prográmky\realplayer\RPDS\Bin\rpdsvc.exe [991176 2021-12-26] (RealNetworks, Inc. -> RealNetworks, Inc.)
R2 vsmon; D:\Aviry\CheckPoint\ZoneAlarm\vsmon.exe [4528344 2020-01-21] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2205.7-0\NisSrv.exe [3120992 2022-07-12] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2205.7-0\MsMpEng.exe [133544 2022-07-12] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 ZA NET ICM Service; C:\Program Files (x86)\CheckPoint\ICM\ICM-Service-NET.exe [42208 2020-03-13] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
S3 ZAPrivacyService; D:\Aviry\CheckPoint\ZoneAlarm\ZaPrivacyService.exe [114936 2020-01-21] (Check Point Software Technologies Ltd. -> Check Point Software Technologies, Ltd.)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 BdSentry; C:\WINDOWS\System32\DRIVERS\BdSentry.sys [230520 2022-06-21] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [160376 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223176 2022-07-13] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2022-05-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2022-07-12] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R1 netprotection_network_filter; C:\WINDOWS\System32\drivers\netprotection_network_filter.sys [100128 2022-06-15] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S0 rtp_elam; C:\WINDOWS\System32\DRIVERS\rtp_elam.sys [24024 2022-06-30] (Microsoft Windows Early Launch Anti-malware Publisher -> Avira Operations GmbH)
R2 rtp_filesystem_filter; C:\WINDOWS\System32\DRIVERS\rtp_filesystem_filter.sys [202584 2022-06-30] (Avira Operations GmbH -> Avira Operations GmbH)
R1 rtp_process_monitor; C:\WINDOWS\system32\DRIVERS\rtp_process_monitor.sys [193304 2022-06-30] (Avira Operations GmbH -> Avira Operations GmbH)
R1 rtp_traverse; C:\WINDOWS\system32\DRIVERS\rtp_traverse.sys [47560 2022-06-30] (Avira Operations GmbH -> Avira Operations GmbH)
R1 Vsdatant; C:\WINDOWS\system32\DRIVERS\vsdatant.sys [461240 2019-07-25] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49576 2022-07-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [452856 2022-07-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [91384 2022-07-12] (Microsoft Windows -> Microsoft Corporation)
U3 iswSvc; no ImagePath
S3 netprotection_network_filter2; System32\drivers\netprotection_network_filter2.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-07-13 20:08 - 2022-07-13 20:08 - 000000000 ___HD C:\$WinREAgent
2022-07-13 19:02 - 2022-07-13 19:02 - 000223176 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2022-07-13 18:52 - 2022-07-13 18:52 - 000000108 _____ C:\Users\Admin\Desktop\Mail.ru.url
2022-07-12 21:25 - 2022-07-12 21:25 - 000239544 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2022-07-12 19:05 - 2022-07-13 19:02 - 002808432 _____ C:\WINDOWS\system32\rtp.db
2022-07-12 19:05 - 2022-07-12 19:05 - 000000000 ____D C:\Program Files\Avira
2022-07-12 19:05 - 2022-06-30 11:17 - 000202584 _____ (Avira Operations GmbH) C:\WINDOWS\system32\Drivers\rtp_filesystem_filter.sys
2022-07-12 19:05 - 2022-06-30 11:17 - 000193304 _____ (Avira Operations GmbH) C:\WINDOWS\system32\Drivers\rtp_process_monitor.sys
2022-07-12 19:05 - 2022-06-30 11:17 - 000047560 _____ (Avira Operations GmbH) C:\WINDOWS\system32\Drivers\rtp_traverse.sys
2022-07-12 19:05 - 2022-06-30 11:17 - 000024024 _____ (Avira Operations GmbH) C:\WINDOWS\system32\Drivers\rtp_elam.sys
2022-07-12 19:05 - 2022-06-21 17:57 - 000230520 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\BdSentry.sys
2022-07-12 19:05 - 2022-06-15 09:28 - 000100128 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\netprotection_network_filter.sys
2022-07-12 19:04 - 2022-07-12 19:04 - 000003428 _____ C:\WINDOWS\system32\Tasks\Avira_Security_Service_SCM_Watchdog
2022-07-12 19:04 - 2022-07-12 19:04 - 000000000 ____D C:\WINDOWS\SysWOW64\ncp
2022-07-10 15:00 - 2022-07-10 15:00 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avira
2022-07-10 01:02 - 2022-07-12 21:14 - 000000000 ____D C:\Users\Public\Security Sessions
2022-07-10 01:02 - 2022-07-10 15:01 - 000000000 ____D C:\Users\Admin\AppData\Local\Avira
2022-07-10 01:01 - 2022-07-10 01:01 - 000002818 _____ C:\WINDOWS\system32\Tasks\Avira_Security_Systray
2022-07-10 01:01 - 2022-07-10 01:01 - 000000000 ____D C:\WINDOWS\SysWOW64\statReporter
2022-07-10 01:00 - 2022-07-13 18:38 - 000000000 ____D C:\Users\Public\Speedup Sessions
2022-07-10 01:00 - 2022-07-12 19:04 - 000003474 _____ C:\WINDOWS\system32\Tasks\Avira_Security_Update
2022-07-10 01:00 - 2022-07-10 01:00 - 000003788 _____ C:\WINDOWS\system32\Tasks\AviraSystemSpeedupVerify
2022-07-09 23:05 - 2022-07-12 19:04 - 000001078 _____ C:\Users\Public\Desktop\Avira_.lnk
2022-07-06 20:24 - 2022-07-12 21:12 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2022-06-29 19:48 - 2022-06-29 19:48 - 000000000 ____D C:\Users\Admin\.ms-ad
2022-06-22 00:02 - 2022-06-22 00:02 - 000012371 _____ C:\Users\Admin\Documents\Zakončení cvičebního roku v T.J. Sokol Pražský 21.06.2022.wlmp
2022-06-21 16:38 - 2022-06-21 16:38 - 000104448 _____ C:\WINDOWS\system32\nettraceex.dll
2022-06-21 16:37 - 2022-06-21 16:37 - 002260480 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2022-06-21 16:37 - 2022-06-21 16:37 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2022-06-21 16:37 - 2022-06-21 16:37 - 000232288 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2022-06-21 16:37 - 2022-06-21 16:37 - 000011787 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-06-19 13:04 - 2022-06-19 13:04 - 000695079 _____ C:\Users\Admin\Downloads\Léčivé ovoce a zelenina jp.pdf
2022-06-13 11:05 - 2022-06-13 13:09 - 000121946 _____ C:\Users\Admin\Documents\Sokolské Brno 2022.wlmp

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-07-13 20:25 - 2020-02-14 19:00 - 000000000 ____D C:\FRST
2022-07-13 20:24 - 2020-11-06 00:09 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-07-13 20:18 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-07-13 20:14 - 2019-11-26 22:30 - 000000000 ____D C:\Program Files (x86)\Google
2022-07-13 20:05 - 2019-11-26 21:09 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-07-13 20:03 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-07-13 20:03 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-07-13 20:03 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-07-13 20:03 - 2019-11-26 21:09 - 146546848 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-07-13 19:07 - 2020-11-06 00:18 - 001693136 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-07-13 19:07 - 2019-12-07 16:41 - 000716764 _____ C:\WINDOWS\system32\perfh005.dat
2022-07-13 19:07 - 2019-12-07 16:41 - 000144942 _____ C:\WINDOWS\system32\perfc005.dat
2022-07-13 19:07 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2022-07-13 19:05 - 2022-02-08 18:57 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2022-07-13 19:05 - 2019-11-27 02:56 - 000000000 ____D C:\Users\Admin\AppData\LocalLow\Mozilla
2022-07-13 19:02 - 2021-12-26 19:07 - 000003556 _____ C:\WINDOWS\system32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-722231672-965411127-3486821242-1001
2022-07-13 19:02 - 2021-12-26 19:07 - 000003492 _____ C:\WINDOWS\system32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-722231672-965411127-3486821242-1001
2022-07-13 19:02 - 2020-11-06 00:16 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-07-13 19:02 - 2020-11-06 00:09 - 000008192 ___SH C:\DumpStack.log.tmp
2022-07-13 19:02 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2022-07-13 19:02 - 2019-11-20 20:04 - 000807280 _____ C:\WINDOWS\system32\wpbbin.exe
2022-07-13 19:02 - 2019-11-20 20:04 - 000768408 _____ C:\WINDOWS\system32\AsusUpdateCheck.exe
2022-07-13 19:02 - 2019-11-20 13:12 - 000000000 ____D C:\ProgramData\NVIDIA
2022-07-12 22:04 - 2020-02-05 20:20 - 000000000 ____D C:\Users\Admin\AppData\Roaming\vlc
2022-07-12 21:25 - 2021-12-12 14:10 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2022-07-12 21:25 - 2021-12-12 14:10 - 000002061 _____ C:\Users\Public\Desktop\Adobe Acrobat DC.lnk
2022-07-12 21:25 - 2020-11-06 00:16 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2022-07-12 21:24 - 2019-11-20 20:04 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2022-07-12 21:18 - 2020-04-28 22:25 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2022-07-12 21:15 - 2019-11-26 21:07 - 000803176 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2022-07-12 21:13 - 2021-12-11 00:41 - 000003584 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-722231672-965411127-3486821242-1001
2022-07-12 21:13 - 2020-11-06 00:16 - 000003376 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-722231672-965411127-3486821242-1001
2022-07-12 21:13 - 2020-11-06 00:10 - 000002377 _____ C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-07-12 21:12 - 2020-11-06 00:09 - 000783584 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-07-12 21:12 - 2019-11-26 22:34 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-07-12 21:12 - 2019-11-26 22:33 - 000000000 ____D C:\Program Files (x86)\Opera
2022-07-12 20:12 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2022-07-12 20:12 - 2019-11-26 21:17 - 000000000 ____D C:\ProgramData\Avira
2022-07-12 19:04 - 2019-11-26 21:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2022-07-12 00:48 - 2019-11-27 02:03 - 000000000 ____D C:\Users\Admin\AppData\Local\CrashDumps
2022-07-10 19:25 - 2019-11-26 22:47 - 000000000 ____D C:\Users\Admin\AppData\Local\Adobe
2022-07-10 01:00 - 2019-11-26 21:17 - 000000000 ____D C:\Program Files (x86)\Avira
2022-07-09 23:05 - 2022-02-01 16:51 - 000000000 ____D C:\ProgramData\Package Cache
2022-07-08 14:34 - 2020-06-14 19:30 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-07-08 14:34 - 2020-06-14 19:30 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2022-07-07 18:59 - 2020-11-06 00:16 - 000003970 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1574800406
2022-07-07 18:59 - 2019-11-26 22:33 - 000001155 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2022-07-06 22:05 - 2021-10-10 21:31 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2022-07-06 22:04 - 2019-11-26 22:34 - 000001228 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2022-07-05 21:15 - 2019-11-26 22:30 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-07-05 21:15 - 2019-11-26 22:30 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-07-03 14:15 - 2020-08-25 00:24 - 000000184 _____ C:\WINDOWS\AutoKMS.ini
2022-07-03 13:44 - 2020-11-06 00:16 - 000004194 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2022-07-01 19:15 - 2021-12-27 22:19 - 000000000 ____D C:\Users\Admin\.cache
2022-06-30 19:34 - 2021-12-19 02:46 - 000000000 ____D C:\WINDOWS\SystemTemp
2022-06-29 19:48 - 2020-11-06 00:10 - 000000000 ____D C:\Users\Admin
2022-06-22 23:13 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-06-22 23:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2022-06-22 23:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2022-06-22 23:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2022-06-22 23:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2022-06-22 23:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-06-22 23:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-06-22 23:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2022-06-22 23:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-06-22 23:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2022-06-22 23:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2022-06-22 23:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2022-06-22 23:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2022-06-22 23:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-06-22 23:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\DDFs
2022-06-22 23:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-06-22 23:13 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\servicing
2022-06-21 16:37 - 2020-11-06 00:11 - 002877952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-06-19 16:36 - 2020-06-07 14:04 - 000158640 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys

==================== Files in the root of some directories ========

2022-05-22 12:37 - 2022-05-22 12:38 - 000004608 _____ () C:\Users\Admin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2022-01-29 16:59 - 2022-01-29 16:59 - 000000000 _____ () C:\Users\Admin\AppData\Local\oobelibMkey.log

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-07-2022
Ran by Admin (13-07-2022 20:27:00)
Running from D:\Aviry
Microsoft Windows 10 Home Version 21H1 19043.1766 (X64) (2020-11-05 22:16:13)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Admin (S-1-5-21-722231672-965411127-3486821242-1001 - Administrator - Enabled) => C:\Users\Admin
Administrator (S-1-5-21-722231672-965411127-3486821242-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-722231672-965411127-3486821242-503 - Limited - Disabled)
Guest (S-1-5-21-722231672-965411127-3486821242-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-722231672-965411127-3486821242-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avira Security (Enabled - Up to date) {76C0BF9F-9FD3-D249-DE2F-7A33A59B9258}
FW: ZoneAlarm Free Firewall Firewall (Enabled) {217C3BCF-3FBD-7C30-A427-2D11E16F3BEB}
FW: ZoneAlarm Free Firewall Firewall (Disabled) {8D637332-9C08-995E-98D7-8237936B0E9F}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (HKLM\...\{FF21C3E6-97FD-474F-9518-8DCBE94C2854}) (Version: 7.2.8 - Hewlett-Packard) Hidden
7-Zip 19.01 alpha (x64) (HKLM\...\7-Zip) (Version: 19.01 alpha - Igor Pavlov)
A Sharper Scaling version 1.2 (HKLM-x32\...\{7CFADE53-9599-48C5-9FE3-689E56C1D96B}_is1) (Version: 1.2 - )
ABBYY FineReader 15 (HKLM\...\{F15000FE-0001-6400-0000-074957833700}) (Version: 15.0.1496 - ABBYY Production LLC)
ABBYY PDF Transformer+ (HKLM\...\{FA400000-0001-6400-0000-074957833700}) (Version: 4.2.186 - ABBYY Production LLC)
Adobe Acrobat 5.0 (HKLM-x32\...\Adobe Acrobat 5.0) (Version: 5.0 - Adobe Systems, Inc.)
Adobe Acrobat DC (64-bit) (HKLM\...\{AC76BA86-1029-1033-7760-BC15014EA700}) (Version: 22.001.20169 - Adobe)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.9.0.515 - Adobe Systems Incorporated)
Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version: 7.7.0.35 - Adobe Inc.)
Adobe PageMaker 7.0 (HKLM-x32\...\Adobe PageMaker 7.0) (Version: 7.0 - Adobe Systems, Inc.)
Adobe Photoshop Elements 10 (HKLM-x32\...\Adobe Photoshop Elements 10) (Version: 10.0 - Adobe Systems Incorporated)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-001824458876}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Avira (HKLM-x32\...\{0A659D39-DDCC-4793-BEA2-8D205284272B}) (Version: 1.2.162.7474 - Avira Operations GmbH & Co. KG) Hidden
Avira (HKLM-x32\...\{8ea07ae2-acd9-459e-8fc2-6f31ef667c9c}) (Version: 1.2.162.7474 - Avira Operations GmbH & Co. KG)
Avira Phantom VPN (HKLM-x32\...\Avira Phantom VPN) (Version: 2.41.1.25731 - Avira Operations GmbH & Co. KG)
Avira Security (HKLM-x32\...\Avira Security_is1) (Version: 1.1.69.29981 - Avira Operations GmbH & Co. KG)
Avira Security (HKLM-x32\...\AviraSecurityUninstaller) (Version: - Avira Operations GmbH & Co. KG)
Avira System Speedup (HKLM-x32\...\Avira System Speedup_is1) (Version: 6.19.0.11413 - Avira Operations GmbH & Co. KG)
BAHN 3.81r1 (HKLM-x32\...\BAHN381r1_is1) (Version: 3.81 - JBSS Chemnitz/Dresden)
calibre 64bit (HKLM\...\{6DB760DC-BEC5-4727-AA50-722D2881725E}) (Version: 5.9.0 - Kovid Goyal)
CameraHelperMsi (HKLM-x32\...\{15634701-BACE-4449-8B25-1567DA8C9FD3}) (Version: 13.51.815.0 - Logitech) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 6.01 - Piriform)
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
doPDF (HKLM\...\{3A2B5138-BDC2-4905-8683-0F416835A4FD}) (Version: 10.9.132 - Softland) Hidden
doPDF 10 add-in for Microsoft Office (x64) (HKLM\...\{064F8223-4848-4562-B77E-997C3E74E749}) (Version: 10.6.122 - Softland)
doPDF 10 add-in for Microsoft Office (x86) (HKLM-x32\...\{705BC7F6-DE19-4764-A8C2-0162DC824AB9}) (Version: 10.6.122 - Softland)
doPDF 10 Printer Driver (HKLM\...\{786E2F7E-E97D-46B7-A9B1-FDEF161F9FE0}) (Version: 10.9.132 - Softland)
Endpoint Protection SDK (HKLM\...\{68E1CCB4-4965-4713-BDEB-77F6D6C9BF9D}_is1) (Version: 1.0.2206.3019 - Avira Operations GmbH & Co. KG) Hidden
erLT (HKLM-x32\...\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}) (Version: 1.20.138.34 - Logitech, Inc.) Hidden
Fotogalerie (HKLM-x32\...\{F37D360D-9308-4BB1-8515-DC6B637B9486}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
FOTOLAB CEWE fotosvet (HKLM-x32\...\FOTOLAB CEWE fotosvet) (Version: 6.3.7 - CEWE Stiftung u Co. KGaA)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 103.0.5060.114 - Google LLC)
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Deskjet F4200 All-In-One Driver Software 14.0 Rel. 6 (HKLM\...\{8C925017-72A8-4C4A-AF21-84901E26638F}) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
K-Lite Mega Codec Pack 16.4.5 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 16.4.5 - KLCP)
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
LibreOffice 6.3.3.2 (HKLM\...\{4DACF7A7-C851-4943-A63D-3CAE495C48E0}) (Version: 6.3.3.2 - The Document Foundation)
Logitech Webcam Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.80 - Logitech Inc.)
LWS Facebook (HKLM-x32\...\{FF167195-9EE4-46C0-8CD7-FBA3457E88AB}) (Version: 13.50.854.0 - Logitech) Hidden
LWS Gallery (HKLM-x32\...\{6F76EC3C-34B1-436E-97FB-48C58D7BEDCD}) (Version: 13.51.827.0 - Logitech) Hidden
LWS Help_main (HKLM-x32\...\{1651216E-E7AD-4250-92A1-FB8ED61391C9}) (Version: 13.51.828.0 - Logitech) Hidden
LWS Launcher (HKLM-x32\...\{83C8FA3C-F4EA-46C4-8392-D3CE353738D6}) (Version: 13.51.828.0 - Logitech) Hidden
LWS Motion Detection (HKLM-x32\...\{71E66D3F-A009-44AB-8784-75E2819BA4BA}) (Version: 13.51.815.0 - Logitech) Hidden
LWS Pictures And Video (HKLM-x32\...\{08610298-29AE-445B-B37D-EFBE05802967}) (Version: 13.51.815.0 - Logitech) Hidden
LWS Twitter (HKLM-x32\...\{174A3B31-4C43-43DD-866F-73C9DB887B48}) (Version: 13.30.1346.0 - Logitech) Hidden
LWS Webcam Software (HKLM-x32\...\{8937D274-C281-42E4-8CDB-A0B2DF979189}) (Version: 13.51.815.0 - Logitech) Hidden
LWS WLM Plugin (HKLM-x32\...\{9DAEA76B-E50F-4272-A595-0124E826553D}) (Version: 1.30.1201.0 - Logitech) Hidden
LWS YouTube Plugin (HKLM-x32\...\{21DF0294-6B9D-4741-AB6F-B2ABFBD2387E}) (Version: 13.31.1038.0 - Logitech) Hidden
Malwarebytes version 4.5.10.200 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.10.200 - Malwarebytes)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 103.0.1264.49 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 103.0.1264.49 - Microsoft Corporation)
Microsoft Office Access MUI (Czech) 2010 (HKLM-x32\...\{90140000-0015-0405-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (English) 2010 (HKLM-x32\...\{90140000-0015-0409-0000-0000000FF1CE}) (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (HKLM-x32\...\{90140000-0117-0409-0000-0000000FF1CE}) (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (Czech) 2010 (HKLM-x32\...\{90140000-0016-0405-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (HKLM-x32\...\{90140000-0016-0409-0000-0000000FF1CE}) (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (Czech) 2010 (HKLM-x32\...\{90140000-00BA-0405-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (English) 2010 (HKLM-x32\...\{90140000-00BA-0409-0000-0000000FF1CE}) (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (Czech) 2010 (HKLM-x32\...\{90140000-0044-0405-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2010 (HKLM-x32\...\{90140000-0044-0409-0000-0000000FF1CE}) (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Language Pack 2010 - Czech/èeština (HKLM-x32\...\Office14.OMUI.cs-cz) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office O MUI (Czech) 2010 (HKLM-x32\...\{90140000-0100-0405-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (HKLM\...\{90140000-002A-0000-1000-0000000FF1CE}) (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (Czech) 2010 (HKLM-x32\...\{90140000-00A1-0405-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2010 (HKLM-x32\...\{90140000-00A1-0409-0000-0000000FF1CE}) (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0409-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook MUI (Czech) 2010 (HKLM-x32\...\{90140000-001A-0405-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2010 (HKLM-x32\...\{90140000-001A-0409-0000-0000000FF1CE}) (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (Czech) 2010 (HKLM-x32\...\{90140000-0018-0405-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (HKLM-x32\...\{90140000-0018-0409-0000-0000000FF1CE}) (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Edition 2003 (HKLM-x32\...\{90110405-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}) (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4734.1000 - Microsoft Corporation)
Microsoft Office Proof (Czech) 2010 (HKLM-x32\...\{90140000-001F-0405-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}) (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}) (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Slovak) 2010 (HKLM-x32\...\{90140000-001F-041B-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (HKLM-x32\...\{90140000-001F-0C0A-0000-0000000FF1CE}) (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Czech) 2010 (HKLM-x32\...\{90140000-002C-0405-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (HKLM-x32\...\{90140000-002C-0409-0000-0000000FF1CE}) (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (Czech) 2010 (HKLM-x32\...\{90140000-0019-0405-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (HKLM-x32\...\{90140000-0019-0409-0000-0000000FF1CE}) (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (Czech) 2010 (HKLM\...\{90140000-002A-0405-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2010 (HKLM\...\{90140000-002A-0409-1000-0000000FF1CE}) (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (HKLM\...\{90140000-0116-0409-1000-0000000FF1CE}) (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Czech) 2010 (HKLM-x32\...\{90140000-006E-0405-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (HKLM-x32\...\{90140000-006E-0409-0000-0000000FF1CE}) (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (HKLM-x32\...\{90140000-0115-0409-0000-0000000FF1CE}) (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office SharePoint Designer MUI (Czech) 2010 (HKLM-x32\...\{90140000-0017-0405-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (Czech) 2010 (HKLM-x32\...\{90140000-001B-0405-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2010 (HKLM-x32\...\{90140000-001B-0409-0000-0000000FF1CE}) (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office X MUI (Czech) 2010 (HKLM-x32\...\{90140000-0101-0405-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKU\S-1-5-21-722231672-965411127-3486821242-1001\...\OneDriveSetup.exe) (Version: 22.131.0619.0001 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{7B1FCD52-8F6B-4F12-A143-361EA39F5E7C}) (Version: 3.67.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40660 (HKLM\...\{5740BD44-B58D-321A-AFC0-6D3D4556DD6C}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40660 (HKLM\...\{CB0836EC-B072-368D-82B2-D3470BF95707}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40660 (HKLM-x32\...\{7DAD0258-515C-3DD4-8964-BD714199E0F7}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40660 (HKLM-x32\...\{E30D8B21-D82D-3211-82CC-0F0A5D1495E8}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2017 x64 Additional Runtime - 14.15.26706 (HKLM\...\{F106B700-BFF8-3065-B305-14D36AD40539}) (Version: 14.15.26706 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2017 x64 Minimum Runtime - 14.15.26706 (HKLM\...\{C77195A4-CEB8-38EE-BDD6-C46CB459EF6E}) (Version: 14.15.26706 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2017 x86 Additional Runtime - 14.15.26706 (HKLM-x32\...\{2757496A-3E74-320A-B007-36120A9F126D}) (Version: 14.15.26706 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2017 x86 Minimum Runtime - 14.15.26706 (HKLM-x32\...\{39E15475-23F2-345D-8977-B5DC47A94E26}) (Version: 14.15.26706 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\{9495AEB4-AB97-39DE-8C42-806EEF75ECA7}) (Version: 10.0.50908 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{3D2CF65C-B544-4308-B996-700D3E5F6C4C}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 102.0.1 (x64 cs)) (Version: 102.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 73.0 - Mozilla)
MSVCRT (HKLM-x32\...\{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}) (Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (HKLM-x32\...\{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}) (Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (HKLM\...\{E9FA781F-3E80-4399-825A-AD3E11C28C77}) (Version: 16.4.1109.0912 - Microsoft) Hidden
NVIDIA Ovladač HD audia 1.3.38.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.35 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 456.71 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 456.71 - NVIDIA Corporation)
OCR Software by I.R.I.S. 14.0 (HKLM\...\HPOCR) (Version: 14.0 - HP)
Opera Stable 88.0.4412.74 (HKLM-x32\...\Opera 88.0.4412.74) (Version: 88.0.4412.74 - Opera Software)
PDF Architect 7 (HKLM-x32\...\PDF Architect 7) (Version: 7.1.13.1755 - pdfforge GmbH)
PDF Architect 7 Create Module (HKLM\...\{B600CC13-8F68-4D44-8867-93490894FAE5}) (Version: 7.1.14.4969 - pdfforge GmbH) Hidden
PDF Architect 7 Edit Module (HKLM\...\{BA2C2671-B379-4101-A21C-4C549671FC8D}) (Version: 7.1.14.4969 - pdfforge GmbH) Hidden
PDF Architect 7 View Module (HKLM\...\{E947A304-6110-4CFE-98AD-E6909072E87D}) (Version: 7.1.14.4969 - pdfforge GmbH) Hidden
PDF24 Creator 10.7.1 (HKLM\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: 10.7.1 - PDF24.org)
Photo Common (HKLM-x32\...\{15BFD731-A10E-43E9-9D18-0F682BC0480F}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Photo Gallery (HKLM-x32\...\{07AAB66E-4718-422D-9218-4AFB3C922A71}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
PSE10 STI Installer (HKLM-x32\...\{11D08055-939C-432b-98C3-E072478A0CD7}) (Version: 10.0 - Adobe Systems Incorporated) Hidden
Rajče verze 2.5.9 sestavení 290 (HKLM-x32\...\Rajče.net_is1) (Version: - rajče.net)
RealDownloader (HKLM-x32\...\{48D18738-099C-4FAA-AFD9-80B592A25478}) (Version: 18.1.3.103 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (HKLM-x32\...\{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}) (Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (HKLM-x32\...\{AAECF7BA-E83B-4A10-87EA-DE0B333F8734}) (Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM-x32\...\RealPlayer 20.0) (Version: 20.0.7 - RealNetworks)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0015-0405-0000-0000000FF1CE}_Office14.OMUI.cs-cz_{DAB3EE22-FB0E-401F-9418-E9F0B08AEB39}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0016-0405-0000-0000000FF1CE}_Office14.OMUI.cs-cz_{DAB3EE22-FB0E-401F-9418-E9F0B08AEB39}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0017-0405-0000-0000000FF1CE}_Office14.OMUI.cs-cz_{2554816C-7768-46D5-A527-DAE1EED850CC}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0405-0000-0000000FF1CE}_Office14.OMUI.cs-cz_{DAB3EE22-FB0E-401F-9418-E9F0B08AEB39}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0019-0405-0000-0000000FF1CE}_Office14.OMUI.cs-cz_{DAB3EE22-FB0E-401F-9418-E9F0B08AEB39}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0405-0000-0000000FF1CE}_Office14.OMUI.cs-cz_{DAB3EE22-FB0E-401F-9418-E9F0B08AEB39}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001B-0405-0000-0000000FF1CE}_Office14.OMUI.cs-cz_{DAB3EE22-FB0E-401F-9418-E9F0B08AEB39}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0405-0000-0000000FF1CE}_Office14.OMUI.cs-cz_{A71E3AD4-5545-4D59-9F11-75F363563C6A}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.OMUI.cs-cz_{8925227F-C7B5-4C95-AB58-4FCF2433DAEE}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001F-041B-0000-0000000FF1CE}_Office14.OMUI.cs-cz_{0C337AF5-E6A7-4B6B-8F8E-08F9C6F956B4}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0405-1000-0000000FF1CE}_Office14.OMUI.cs-cz_{7F5CE17A-23B9-4EED-B017-A7EF4547476C}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-002C-0405-0000-0000000FF1CE}_Office14.OMUI.cs-cz_{EA82267F-4AAB-46BA-AD6A-9EBB544D0EF7}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0044-0405-0000-0000000FF1CE}_Office14.OMUI.cs-cz_{DAB3EE22-FB0E-401F-9418-E9F0B08AEB39}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-006E-0405-0000-0000000FF1CE}_Office14.OMUI.cs-cz_{2C911571-C8B6-400B-B323-417C1806E866}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-00A1-0405-0000-0000000FF1CE}_Office14.OMUI.cs-cz_{DAB3EE22-FB0E-401F-9418-E9F0B08AEB39}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-00BA-0405-0000-0000000FF1CE}_Office14.OMUI.cs-cz_{DAB3EE22-FB0E-401F-9418-E9F0B08AEB39}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 Language Pack (KB2687449) 32-Bit Edition (HKLM-x32\...\{90140000-0100-0405-0000-0000000FF1CE}_Office14.OMUI.cs-cz_{1FCBAAF2-0321-4986-8DAE-5F2891EC6E8E}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 Language Pack (KB2687449) 32-Bit Edition (HKLM-x32\...\{90140000-0101-0405-0000-0000000FF1CE}_Office14.OMUI.cs-cz_{3AC03A87-33F2-41DC-8BA3-EA4B3EC5E4AA}) (Version: - Microsoft) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
Skype verze 8.79 (HKLM-x32\...\Skype_is1) (Version: 8.79 - Skype Technologies S.A.)
UpdateService (HKLM-x32\...\{E3AE96D6-E196-45B4-AF62-2B41998B9E37}) (Version: 1.0.0 - RealNetworks, Inc.) Hidden
vc2012_redist (HKLM-x32\...\{9402AEF2-5981-4097-8BE2-6501DAC4DBFD}) (Version: 1.0.0.0 - Realnetworks) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 3.0.16 - VideoLAN)
vs2015_redist x86 (HKLM-x32\...\{BD46163A-0331-4A61-B65A-7B66D7C93F8E}) (Version: 1.0.0.0 - Realnetworks) Hidden
VSO Inspector 2.0.2 (HKLM-x32\...\VSO Inspector_is1) (Version: - VSO-Software SARL)
Windows Live Communications Platform (HKLM-x32\...\{41C61308-6CFD-4D54-AB6A-7136ED08A18E}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\{66B5819D-DE70-42BE-B40F-978FBA12452E}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\{9A470EA9-FF86-4C0E-992C-572BF2B9D6FF}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Live Installer (HKLM-x32\...\{659CB81C-B54E-4DF1-B618-F35777393A54}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Photo Common (HKLM-x32\...\{1D6432B4-E24D-405E-A4AB-D7E6D088CBC9}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (HKLM-x32\...\{B2611F8A-EFE7-4E88-875D-19F0EFAE87E4}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE (HKLM-x32\...\{CDC1AB00-01FF-4FC7-816A-16C67F0923C0}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (HKLM-x32\...\{D1893000-EA77-493C-8DDD-E262436E959B}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform (HKLM-x32\...\{00F9DB8C-65D7-4D47-AB5F-F698EE38580D}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (HKLM-x32\...\{6522F5F9-411B-4513-A75B-CEA00395F032}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (HKLM-x32\...\{E100E2B5-F2EF-4955-AB7A-C3F2125A3BCD}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
WinRAR 5.91 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.91.0 - win.rar GmbH)
WinZip (HKLM-x32\...\WinZip) (Version: 10.0 (6667) - WinZip Computing LP)
WinZip 24.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C24127}) (Version: 24.0.14033 - Corel Corporation)
XMedia Recode 64bit verze 3.5.3.7 (HKLM\...\{D31E6E69-4C6A-42CC-926F-CC7B186864EB}_is1) (Version: 3.5.3.7 - XMedia Recode 64bit)
ZoneAlarm Firewall (HKLM-x32\...\{2F77A309-CAB9-4C8A-8ED0-8C8DA3FF0744}) (Version: 15.8.038.18284 - Check Point Software Technologies Ltd.) Hidden
ZoneAlarm Free Firewall (HKLM-x32\...\ZoneAlarm Free Firewall) (Version: 15.8.038.18284 - Check Point)
ZoneAlarm Security (HKLM-x32\...\{DA17D180-7193-4070-B085-9827DB80C2F8}) (Version: 15.8.038.18284 - Check Point Software Technologies Ltd.) Hidden
Zoner Photo Studio 8 (HKLM-x32\...\Zoner Photo Studio 8_is1) (Version: - ZONER software)

Packages:
=========
ASUS Grid (Beta) -> C:\Program Files\WindowsApps\B9ECED6F.133F79A42C6_1.0.14.0_x64__qmba6cd70vzyy [2020-07-12] (ASUSTeK COMPUTER INC.)
Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_7.20.89.0_x64__kgqvnymyfvs32 [2022-06-30] (king.com)
Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_1.84.4.0_x64__kgqvnymyfvs32 [2022-07-06] (king.com)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-07-12] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-07-12] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-07-12] (Microsoft Corporation) [MS Ad]
Microsoft Mahjong -> C:\Program Files\WindowsApps\Microsoft.MicrosoftMahjong_4.2.3180.0_x64__8wekyb3d8bbwe [2022-04-08] (Microsoft Studios) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.13.7040.0_x64__8wekyb3d8bbwe [2022-07-12] (Microsoft Studios) [MS Ad]
Microsoft To Do -> C:\Program Files\WindowsApps\Microsoft.Todos_2.74.51921.0_x64__8wekyb3d8bbwe [2022-07-13] (Microsoft Corporation) [Startup Task]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.98.1805.0_x64__mcm4njqhnhss8 [2022-02-15] (Netflix, Inc.)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.189.862.0_x86__zpdnekdrzrea0 [2022-07-12] (Spotify AB) [Startup Task]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-722231672-965411127-3486821242-1001_Classes\CLSID\{CB2B673F-D441-4CD4-AFBE-DC4037CA4220}\InprocServer32 -> D:\Archivace\WinZip\adxloader64.WinZipExpressForOffice.dll (Corel Corporation -> )
CustomCLSID: HKU\S-1-5-21-722231672-965411127-3486821242-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems)
ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [6723984 2010-01-21] (Microsoft Corporation -> Microsoft Corporation)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Office14\GROOVEEX.DLL [4222864 2010-01-21] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => D:\Archivace\7-Zip\7-zip.dll [2019-09-05] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [FineReader15ContextMenu] -> {53339754-4DD1-438B-8D24-0D0730F1A591} => C:\Program Files (x86)\ABBYY FineReader 15\x64\FRIntegration.x64.dll [2019-08-22] (ABBYY Production LLC -> ABBYY Production LLC.)
ContextMenuHandlers1: [PDFArchitect7_ManagerExt] -> {21989F59-B260-4302-90C3-E51740E03639} => C:\Program Files\PDF Architect 7\context-menu.dll [2019-10-07] (pdfforge GmbH -> pdfforge GmbH)
ContextMenuHandlers1: [SystemSpeedupFilesMenu] -> {14cb2bd0-2375-3d10-9b5d-5e18865c8959} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2022-05-09] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers1-x32: [Transformer4ContextMenu] -> {558BA64F-C7A8-4B96-BCDD-B46E9D00756A} => D:\Programy\ABBYY PDF Transformer+\TRIntegration.dll [2015-01-28] (ABBYY Production LLC -> ABBYY Production LLC.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\ Archivace\WinRar 5.91\rarext.dll [2020-08-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\ Archivace\WinRar 5.91\rarext32.dll [2020-08-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => D:\Archivace\WinZip\wzshls64.dll [2020-02-25] (Corel Corporation -> WinZip Computing)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => D:\Aviry\Malwarebytes\Anti-Malware\mbshlext.dll [2022-05-21] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => d:\prográmky\realplayer\RPDS\Bin64\rpcontextmenu.dll [2021-12-26] (RealNetworks, Inc. -> RealNetworks, Inc.)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => D:\Archivace\7-Zip\7-zip.dll [2019-09-05] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => D:\Aviry\Recuva\RecuvaShell64.dll [2022-04-06] (Piriform Software Ltd -> Piriform Software Ltd)
ContextMenuHandlers4: [SystemSpeedupFoldersMenu] -> {700866bb-c8e9-3e71-b359-abb28baed0e8} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2022-05-09] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers4: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => D:\Archivace\WinZip\wzshls64.dll [2020-02-25] (Corel Corporation -> WinZip Computing)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2020-10-01] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers5: [SystemSpeedupDesktopMenu] -> {0cab5786-30e8-3185-9b3b-ccefbf1b8afe} => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ShellExtension.DLL [2022-05-09] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => D:\Archivace\7-Zip\7-zip.dll [2019-09-05] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [FineReader15ContextMenu] -> {53339754-4DD1-438B-8D24-0D0730F1A591} => C:\Program Files (x86)\ABBYY FineReader 15\x64\FRIntegration.x64.dll [2019-08-22] (ABBYY Production LLC -> ABBYY Production LLC.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => D:\Aviry\Malwarebytes\Anti-Malware\mbshlext.dll [2022-05-21] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => D:\Aviry\Recuva\RecuvaShell64.dll [2022-04-06] (Piriform Software Ltd -> Piriform Software Ltd)
ContextMenuHandlers6-x32: [Transformer4ContextMenu] -> {558BA64F-C7A8-4B96-BCDD-B46E9D00756A} => D:\Programy\ABBYY PDF Transformer+\TRIntegration.dll [2015-01-28] (ABBYY Production LLC -> ABBYY Production LLC.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\ Archivace\WinRar 5.91\rarext.dll [2020-08-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\ Archivace\WinRar 5.91\rarext32.dll [2020-08-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => D:\Archivace\WinZip\wzshls64.dll [2020-02-25] (Corel Corporation -> WinZip Computing)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [VIDC.X264] => C:\WINDOWS\system32\x264vfw64.dll [3799552 2017-07-30] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.HFYU] => C:\WINDOWS\system32\huffyuv.dll [55296 2005-01-22] () [File not signed]
HKLM\...\Drivers32: [VIDC.LAGS] => C:\WINDOWS\system32\lagarith.dll [148992 2011-12-07] () [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\WINDOWS\system32\xvidvfw.dll [310784 2019-12-28] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\WINDOWS\system32\ac3acm.acm [180736 2012-07-21] (fccHandler) [File not signed]
HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\SysWOW64\x264vfw.dll [3850240 2017-07-30] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.HFYU] => C:\Windows\SysWOW64\huffyuv.dll [39936 2004-05-18] (Disappearing Inc.) [File not signed]
HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\SysWOW64\lagarith.dll [216064 2011-12-07] () [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\SysWOW64\xvidvfw.dll [284160 2019-12-28] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\SysWOW64\ac3acm.acm [122880 2012-07-21] (fccHandler) [File not signed]
HKLM\...\Drivers32: [msacm.lameacm] => C:\Windows\SysWOW64\lameACM.acm [473088 2015-02-25] (hxxp://www.mp3dev.org/) [File not signed]
HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\SysWOW64\ff_vfw.dll [112128 2015-10-24] () [File not signed]

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Network Shortcuts\My Web Sites on MSN\target.lnk -> hxxp://www.msnusers.co

==================== Loaded Modules (Whitelisted) =============

2009-11-17 23:58 - 2009-11-17 23:58 - 000342656 _____ (Hewlett Packard -> Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqmif08.dll
2009-11-17 23:58 - 2009-11-17 23:58 - 000559232 _____ (Hewlett Packard -> Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusg.dll
2012-05-27 17:44 - 2012-05-27 17:44 - 000032256 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpotra08.rsc
2011-04-29 12:34 - 2011-04-29 12:34 - 000934400 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqsem08.rsc
2011-04-29 12:34 - 2011-04-29 12:34 - 000012288 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqstp08.rsc
2011-04-29 20:08 - 2011-04-29 20:08 - 000048128 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.rsc
2010-08-06 12:15 - 2010-08-06 12:15 - 000071680 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzinw12.dll
2010-08-06 12:15 - 2010-08-06 12:15 - 000089600 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzipm12.dll
2010-08-06 12:15 - 2010-08-06 12:15 - 000054784 _____ (Hewlett-Packard) [File not signed] C:\WINDOWS\SYSTEM32\hpzipr12.dll
2020-01-20 22:16 - 2020-01-20 22:16 - 000986112 _____ (Microsoft Corporation) [File not signed] D:\Aviry\CheckPoint\ZoneAlarm\dbghelp.dll
2022-07-10 01:00 - 2022-07-10 01:00 - 003091456 _____ (Newtonsoft) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Newtonsoft.Json\fbd91d0b0c038bc0466e585075b1f989\Newtonsoft.Json.ni.dll
2020-10-19 15:04 - 2020-10-19 15:04 - 000018944 _____ (Softland) [File not signed] C:\WINDOWS\System32\novamn10.dll
2018-12-10 11:29 - 2018-12-10 11:29 - 000438272 _____ (The curl library, hxxps://curl.haxx.se/) [File not signed] C:\Program Files\PDF Architect 7\libcurl.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO: PDF Architect 7 Helper -> {2B035CAB-1F3D-4DE6-A32D-39B9E5F456D0} -> C:\Program Files\PDF Architect 7\creator\plugins\IEAddin\creator-ie-helper.dll [2019-10-07] (pdfforge GmbH -> pdfforge GmbH)
BHO: RealPlayer Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> d:\prográmky\realplayer\BrowserRecordPlugin\IE\rndlbrowserrecordplugin64.dll [2021-12-26] (RealNetworks, Inc. -> RealPlayer)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-21] (Microsoft Corporation -> Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: RealPlayer Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> d:\prográmky\realplayer\BrowserRecordPlugin\IE\rndlbrowserrecordplugin.dll [2021-12-26] (RealNetworks, Inc. -> RealPlayer)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Office14\GROOVEEX.DLL [2010-01-21] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-722231672-965411127-3486821242-1001\...\localhost -> localhost

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2022-01-29 14:29 - 2022-01-29 14:29 - 000000000 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-722231672-965411127-3486821242-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Admin\Pictures\Saved Pictures\m104 - sombrero.bmp
DNS Servers: 31.30.90.11 - 31.30.90.12
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is disabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{F1C3FD45-225F-4248-BB58-CC07D80EA9B9}] => (Allow) D:\Aviry\CheckPoint\ZoneAlarm\vsmon.exe (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
FirewallRules: [{7FE0D65D-4851-4F77-BD27-FF9EE5C9BCAA}] => (Allow) D:\Aviry\CheckPoint\ZoneAlarm\vsmon.exe (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
FirewallRules: [{98E55126-E08E-4283-BC9F-1CD4487C5376}] => (Allow) D:\Aviry\CheckPoint\ZoneAlarm\vsmon.exe (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
FirewallRules: [{463A6C42-0E1B-4675-8A95-5E8E0F425848}] => (Allow) D:\Aviry\CheckPoint\ZoneAlarm\vsmon.exe (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
FirewallRules: [{7059C7E5-30C1-4084-A8C6-CA7C0AB13286}] => (Allow) LPort=8501
FirewallRules: [{D9603B5C-325E-4237-BC4E-91DCA55B90A1}] => (Allow) LPort=8501
FirewallRules: [{D33BCFB3-EA54-4BD5-954B-45F544174DFE}] => (Allow) C:\Program Files (x86)\Office14\ONENOTE.EXE (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{87F08FF4-AAB0-4911-9194-EB67A27D0ED3}] => (Allow) C:\Program Files (x86)\Office14\ONENOTE.EXE (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{63FD2332-F2D6-45A0-8793-C7410883EF3D}] => (Allow) LPort=1900
FirewallRules: [{09D0FD54-F9E5-4E9B-B5EC-8C5985AB222F}] => (Allow) LPort=2869
FirewallRules: [{13FD4DA9-5757-49F9-987F-7641F63CD5D5}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D53AC4E9-924B-48B4-A6E6-95AF36DAFFDE}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{3F60A5E6-326B-4D15-A51D-52B43BF1ABC4}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{CA0013FD-B126-4C46-BEE0-597F4DDB0B80}] => (Allow) C:\Program Files (x86)\Office14\GROOVE.EXE (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{0BBCD6C0-2206-46C3-A2BD-0348B1897A4D}] => (Allow) C:\Program Files (x86)\Office14\GROOVE.EXE (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6C8F3AE3-4336-4D9E-BA25-A3671EE747A8}] => (Allow) C:\Program Files (x86)\Office14\ONENOTE.EXE (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{9B5E2AB7-51AF-4ED3-B069-4EB883C9A166}] => (Allow) C:\Program Files (x86)\Office14\ONENOTE.EXE (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{91181CAB-8ADE-439A-8631-8327892A308B}] => (Allow) C:\Program Files (x86)\Office14\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{0CE445A5-21BB-467A-A270-7065480A7DB2}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{9A0EB60E-5410-48B5-85F9-1C9B71271994}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E6EC08C9-BC65-4D7B-B033-5092276B64F8}] => (Allow) d:\prográmky\realplayer\RPDS\Bin\rpdsvc.exe (RealNetworks, Inc. -> RealNetworks, Inc.)
FirewallRules: [{EEBDC094-AAA2-4871-AD93-AEBBD357AF94}] => (Allow) d:\prográmky\realplayer\RealPlay.exe (RealNetworks, Inc. -> RealNetworks, Inc.)
FirewallRules: [{C50EABFE-71A2-4F77-8CE5-99AEFA6BDBB3}] => (Allow) C:\Program Files (x86)\Opera\88.0.4412.53\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [{37CFD4AC-3F87-4B99-87A2-CA934C9B5559}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.85.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{ACDEEE04-7CAC-43D3-9ADD-8AA20CF60944}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.85.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{6715F821-E244-4A7C-B3F2-60DB679AEDFD}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.85.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{3E00C8B9-A0E7-430D-9AFF-7BD2ADB9787A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.85.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{7062FC98-41DE-4448-80FB-6D82340BE6B3}C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe => No File
FirewallRules: [UDP Query User{1442EBD7-00DA-425F-ACFD-F90D9F096E3D}C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe => No File
FirewallRules: [{185E82BB-7023-4EAE-B343-B77E8BB93C84}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{5E2E4C4F-8346-43D0-82E7-89E431BF6E83}] => (Allow) C:\Program Files (x86)\Opera\88.0.4412.74\opera.exe (Opera Norway AS -> Opera Software)
FirewallRules: [{329949B6-825D-429B-B7D3-1814F4CD35D3}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\103.0.1264.49\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8E35B60A-50D6-49F4-9E1A-E347D51D1393}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.189.862.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{B757D56B-F20C-428D-AB3A-5A4FDB9A4216}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.189.862.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{4DF3F62E-9DED-4946-A33C-DEF6F5747F77}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.189.862.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{61E003C8-7A09-453A-9C44-4C8FCB9CDBBE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.189.862.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{A2080A66-3222-4146-8061-0E02BAB08A81}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.189.862.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{E99F3D0F-14E7-4040-98CB-F25537E9477F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.189.862.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{C921261B-B7BA-4711-9D41-4BDBD4B98A39}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.189.862.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{05E3F73D-BA17-47D9-AEF4-C98FE24920C7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.189.862.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)

==================== Restore Points =========================

21-06-2022 16:31:50 Instalační služba modulů systému Windows
05-07-2022 12:10:11 Naplánovaný kontrolní bod
13-07-2022 20:08:15 Instalační služba modulů systému Windows

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (07/13/2022 08:03:40 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Místní disk (D:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (07/13/2022 07:03:02 PM) (Source: SecurityCenter) (EventID: 18) (User: )
Description: Službě Centrum zabezpečení Windows se nepodařilo načíst instance objektu FirewallProduct z úložiště dat.

Error: (07/12/2022 10:39:39 PM) (Source: SecurityCenter) (EventID: 18) (User: )
Description: Službě Centrum zabezpečení Windows se nepodařilo načíst instance objektu FirewallProduct z úložiště dat.

Error: (07/12/2022 10:38:51 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.

Error: (07/12/2022 10:38:51 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]

Error: (07/12/2022 10:38:51 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.

Error: (07/12/2022 10:38:51 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]

Error: (07/12/2022 09:13:35 PM) (Source: SecurityCenter) (EventID: 18) (User: )
Description: Službě Centrum zabezpečení Windows se nepodařilo načíst instance objektu FirewallProduct z úložiště dat.


System errors:
=============
Error: (07/13/2022 07:03:41 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba RealTimes Desktop Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (07/13/2022 07:03:41 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby ABBYY PDF Transformer+ - Licensing Service bylo dosaženo časového limitu (60000 ms).

Error: (07/13/2022 06:51:28 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba novaPDF 10 Server byla nečekaně ukončena. Stalo se to 2 krát. Následující opravná akce bude spuštěna za 60000 milisekund: Restartovat službu.

Error: (07/13/2022 06:51:28 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Avira Phantom VPN byla nečekaně ukončena. Stalo se to 2 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.

Error: (07/13/2022 06:51:28 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA Display Container LS byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.

Error: (07/13/2022 06:51:28 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba PDF24 byla nečekaně ukončena. Stalo se to 2 krát. Následující opravná akce bude spuštěna za 60000 milisekund: Restartovat službu.

Error: (07/13/2022 06:51:28 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Avira Optimizer Host byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.

Error: (07/13/2022 06:46:34 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba novaPDF 10 Server byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 60000 milisekund: Restartovat službu.


Windows Defender:
================
Date: 2022-07-12 21:38:39
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:Win32/AutoKMS
Závažnost: Vysoké
Kategorie: Nástroj
Cesta: file:_C:\Windows\KMSEmulator.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-1U0LM3C\Admin
Název procesu: D:\Aviry\FRST64.exe
Verze bezpečnostních informací: AV: 1.371.60.0, AS: 1.371.60.0, NIS: 1.371.60.0
Verze modulu: AM: 1.1.19400.3, NIS: 1.1.19400.3

Date: 2022-07-12 21:24:52
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {024625CF-2308-44B4-8CA2-30DAEBF98E64}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: DESKTOP-1U0LM3C\Admin

Date: 2022-07-12 21:15:27
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:Win32/AutoKMS
Závažnost: Vysoké
Kategorie: Nástroj
Cesta: containerfile:_C:\Windows\AutoKMS.exe; file:_C:\Windows\AutoKMS.exe->[MSILRES:AutoKMS.Properties.Resources.resources]; file:_C:\WINDOWS\System32\Tasks\AutoKMS->(UTF-16LE); file:_C:\WINDOWS\System32\Tasks\AutoKMSDaily->(UTF-16LE); file:_C:\WINDOWS\Tasks\AutoKMS.job; file:_C:\WINDOWS\Tasks\AutoKMSDaily.job; regkey:_HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B681C9D8-A6EB-4592-95E5-7130E7641EAD}; regkey:_HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DA4D9638-EC04-441E-9325-9F21AB7036CE}; regkey:_HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoKMS; regkey:_HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoKMSDaily; taskscheduler:_C:\WINDOWS\System32\Tasks\AutoKMS; taskscheduler:_C:\WINDOWS\System32\Tasks\AutoKMSDaily; taskscheduler:_C:\WINDOWS\Tasks\AutoKMS.job; taskscheduler:_C:\WINDOWS\Tasks\AutoKMSDaily.job
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.305.2858.0, AS: 1.305.2858.0, NIS: 1.305.2858.0
Verze modulu: AM: 1.1.16500.1, NIS: 1.1.16500.1

Date: 2022-07-12 21:15:23
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:Win32/AutoKMS
Závažnost: Vysoké
Kategorie: Nástroj
Cesta: containerfile:_C:\Windows\AutoKMS.exe; file:_C:\Windows\AutoKMS.exe->[MSILRES:AutoKMS.Properties.Resources.resources]; file:_C:\WINDOWS\System32\Tasks\AutoKMS->(UTF-16LE); file:_C:\WINDOWS\System32\Tasks\AutoKMSDaily->(UTF-16LE); file:_C:\WINDOWS\Tasks\AutoKMS.job; file:_C:\WINDOWS\Tasks\AutoKMSDaily.job; regkey:_HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B681C9D8-A6EB-4592-95E5-7130E7641EAD}; regkey:_HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DA4D9638-EC04-441E-9325-9F21AB7036CE}; regkey:_HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoKMS; regkey:_HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoKMSDaily; taskscheduler:_C:\WINDOWS\System32\Tasks\AutoKMS; taskscheduler:_C:\WINDOWS\System32\Tasks\AutoKMSDaily; taskscheduler:_C:\WINDOWS\Tasks\AutoKMS.job; taskscheduler:_C:\WINDOWS\Tasks\AutoKMSDaily.job
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.305.2858.0, AS: 1.305.2858.0, NIS: 1.305.2858.0
Verze modulu: AM: 1.1.16500.1, NIS: 1.1.16500.1

Date: 2022-07-12 21:15:02
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:Win32/AutoKMS
Závažnost: Vysoké
Kategorie: Nástroj
Cesta: containerfile:_C:\Windows\AutoKMS.exe; file:_C:\Windows\AutoKMS.exe->[MSILRES:AutoKMS.Properties.Resources.resources]; file:_C:\WINDOWS\System32\Tasks\AutoKMS->(UTF-16LE); file:_C:\WINDOWS\System32\Tasks\AutoKMSDaily->(UTF-16LE); file:_C:\WINDOWS\Tasks\AutoKMS.job; file:_C:\WINDOWS\Tasks\AutoKMSDaily.job; regkey:_HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B681C9D8-A6EB-4592-95E5-7130E7641EAD}; regkey:_HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DA4D9638-EC04-441E-9325-9F21AB7036CE}; regkey:_HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoKMS; regkey:_HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoKMSDaily; taskscheduler:_C:\WINDOWS\System32\Tasks\AutoKMS; taskscheduler:_C:\WINDOWS\System32\Tasks\AutoKMSDaily; taskscheduler:_C:\WINDOWS\Tasks\AutoKMS.job; taskscheduler:_C:\WINDOWS\Tasks\AutoKMSDaily.job
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.305.2858.0, AS: 1.305.2858.0, NIS: 1.305.2858.0
Verze modulu: AM: 1.1.16500.1, NIS: 1.1.16500.1

CodeIntegrity:
===============
Date: 2022-07-13 20:04:38
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Avira\Endpoint Protection SDK\amsi\x64\avamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

BIOS: American Megatrends Inc. 2901 10/16/2019
Motherboard: ASUSTeK COMPUTER INC. ROG STRIX B450-F GAMING
Processor: AMD Ryzen 5 2600 Six-Core Processor
Percentage of memory in use: 51%
Total physical RAM: 8124.13 MB
Available physical RAM: 3979.54 MB
Total Virtual: 9404.13 MB
Available Virtual: 4312.96 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:237.84 GB) (Free:147.5 GB) (Model: ADATA SX8200PNP) NTFS
Drive d: (Místní disk) (Fixed) (Total:931.5 GB) (Free:389.85 GB) (Model: WDC WD10EZEX-60WN4A1) NTFS

\\?\Volume{d6458fe6-83f6-4935-9c1d-28a7f72e381b}\ () (Fixed) (Total:0.52 GB) (Free:0.09 GB) NTFS
\\?\Volume{b5a6f67e-0283-4ca7-8508-df1d94760cbf}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 1 (Size: 238.5 GB) (Disk ID: 39AE08EB)

Partition: GPT.

==================== End of Addition.txt =======================

[Rudy]

Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
HKLM\...\Run: [] => [X]
HKLM-x32\...\Run: [] => [X]
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-722231672-965411127-3486821242-1001\...\Run: [] => [X]
GroupPolicy-Firefox-x32: Restriction <==== ATTENTION
Task: {6E2CF984-2BBD-462A-B1A6-B86BD1DBBC32} - \WinZip Update Notifier 3 -> No File <==== ATTENTION
Task: {9038B369-BC18-4750-915A-B3397AABABBB} - System32\Tasks\GoogleUpdateTaskMachineUA{33399356-FF1B-407B-B2C7-9039A1A671CC} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2019-11-26] (Google Inc -> Google Inc.)
Task: {92497EB4-6737-48B2-95AD-E156D36299A7} - \Opera scheduled assistant Autoupdate 1580117963 -> No File <==== ATTENTION
Task: {9D9147FE-E3A9-4DA6-9467-97B7F4A01A0B} - \WinZip Update Notifier 2 -> No File <==== ATTENTION
Task: {A9B5C750-A8A6-46C0-887B-D224DD94FD74} - \WinZip Update Notifier 1 -> No File <==== ATTENTION
Task: {F5EE3308-2C52-4889-8A23-7E05F950FFF5} - System32\Tasks\GoogleUpdateTaskMachineCore{97283C65-2A48-44CD-A7A1-B696E3021AB5} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2019-11-26] (Google Inc -> Google Inc.)
U3 iswSvc; no ImagePath
C:\DumpStack.log.tmp
C:\Users\Admin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
FirewallRules: [TCP Query User{7062FC98-41DE-4448-80FB-6D82340BE6B3}C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe => No File
FirewallRules: [UDP Query User{1442EBD7-00DA-425F-ACFD-F90D9F096E3D}C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe => No File
C:\Windows\KMSEmulator.exe
C:\Windows\AutoKMS.exe
C:\WINDOWS\System32\Tasks\AutoKMS
C:\WINDOWS\System32\Tasks\AutoKMSDaily
C:\WINDOWS\Tasks\AutoKMSDaily.job
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B681C9D8-A6EB-4592-95E5-7130E7641EAD}
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoKMS

EmptyTemp:
End

Uložte do D:\Aviry jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

[Antusek]

Fix result of Farbar Recovery Scan Tool (x64) Version: 11-07-2022
Ran by Admin (13-07-2022 22:15:11) Run:2
Running from D:\Aviry
Loaded Profiles: Admin
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM\...\Run: [] => [X]
HKLM-x32\...\Run: [] => [X]
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-722231672-965411127-3486821242-1001\...\Run: [] => [X]
GroupPolicy-Firefox-x32: Restriction <==== ATTENTION
Task: {6E2CF984-2BBD-462A-B1A6-B86BD1DBBC32} - \WinZip Update Notifier 3 -> No File <==== ATTENTION
Task: {9038B369-BC18-4750-915A-B3397AABABBB} - System32\Tasks\GoogleUpdateTaskMachineUA{33399356-FF1B-407B-B2C7-9039A1A671CC} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2019-11-26] (Google Inc -> Google Inc.)
Task: {92497EB4-6737-48B2-95AD-E156D36299A7} - \Opera scheduled assistant Autoupdate 1580117963 -> No File <==== ATTENTION
Task: {9D9147FE-E3A9-4DA6-9467-97B7F4A01A0B} - \WinZip Update Notifier 2 -> No File <==== ATTENTION
Task: {A9B5C750-A8A6-46C0-887B-D224DD94FD74} - \WinZip Update Notifier 1 -> No File <==== ATTENTION
Task: {F5EE3308-2C52-4889-8A23-7E05F950FFF5} - System32\Tasks\GoogleUpdateTaskMachineCore{97283C65-2A48-44CD-A7A1-B696E3021AB5} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2019-11-26] (Google Inc -> Google Inc.)
U3 iswSvc; no ImagePath
C:\DumpStack.log.tmp
C:\Users\Admin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
FirewallRules: [TCP Query User{7062FC98-41DE-4448-80FB-6D82340BE6B3}C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe => No File
FirewallRules: [UDP Query User{1442EBD7-00DA-425F-ACFD-F90D9F096E3D}C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe => No File
C:\Windows\KMSEmulator.exe
C:\Windows\AutoKMS.exe
C:\WINDOWS\System32\Tasks\AutoKMS
C:\WINDOWS\System32\Tasks\AutoKMSDaily
C:\WINDOWS\Tasks\AutoKMSDaily.job
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B681C9D8-A6EB-4592-95E5-7130E7641EAD}
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoKMS

EmptyTemp:
End
*****************

Processes closed successfully.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\" => removed successfully
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\" => removed successfully
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiSpyware"="0" => value restored successfully
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiVirus"="0" => value restored successfully
"HKU\S-1-5-21-722231672-965411127-3486821242-1001\Software\Microsoft\Windows\CurrentVersion\Run\\" => removed successfully
C:\Program Files (x86)\Mozilla Firefox\distribution\policies.json => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6E2CF984-2BBD-462A-B1A6-B86BD1DBBC32}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6E2CF984-2BBD-462A-B1A6-B86BD1DBBC32}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WinZip Update Notifier 3" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9038B369-BC18-4750-915A-B3397AABABBB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9038B369-BC18-4750-915A-B3397AABABBB}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA{33399356-FF1B-407B-B2C7-9039A1A671CC} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA{33399356-FF1B-407B-B2C7-9039A1A671CC}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{92497EB4-6737-48B2-95AD-E156D36299A7}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{92497EB4-6737-48B2-95AD-E156D36299A7}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Opera scheduled assistant Autoupdate 1580117963" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9D9147FE-E3A9-4DA6-9467-97B7F4A01A0B}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9D9147FE-E3A9-4DA6-9467-97B7F4A01A0B}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WinZip Update Notifier 2" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A9B5C750-A8A6-46C0-887B-D224DD94FD74}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A9B5C750-A8A6-46C0-887B-D224DD94FD74}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WinZip Update Notifier 1" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{F5EE3308-2C52-4889-8A23-7E05F950FFF5}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F5EE3308-2C52-4889-8A23-7E05F950FFF5}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore{97283C65-2A48-44CD-A7A1-B696E3021AB5} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore{97283C65-2A48-44CD-A7A1-B696E3021AB5}" => removed successfully
HKLM\System\CurrentControlSet\Services\iswSvc => removed successfully
iswSvc => service removed successfully
Could not move "C:\DumpStack.log.tmp" => Scheduled to move on reboot.
C:\Users\Admin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => moved successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{7062FC98-41DE-4448-80FB-6D82340BE6B3}C:\windows\kmsemulator.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{1442EBD7-00DA-425F-ACFD-F90D9F096E3D}C:\windows\kmsemulator.exe" => removed successfully
"C:\Windows\KMSEmulator.exe" => not found
"C:\Windows\AutoKMS.exe" => not found
"C:\WINDOWS\System32\Tasks\AutoKMS" => not found
"C:\WINDOWS\System32\Tasks\AutoKMSDaily" => not found
"C:\WINDOWS\Tasks\AutoKMSDaily.job" => not found
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B681C9D8-A6EB-4592-95E5-7130E7641EAD} => Error: No automatic fix found for this entry.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoKMS => Error: No automatic fix found for this entry.

=========== EmptyTemp: ==========

BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 49578640 B
Java, Discord, Steam htmlcache => 0 B
Windows/system/drivers => 347299106 B
Edge => 0 B
Chrome => 118274825 B
Firefox => 63660239 B
Opera => 11994277 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 934420 B
LocalService => 942896 B
NetworkService => 944060 B
Admin => 110537644 B

RecycleBin => 0 B
EmptyTemp: => 671.5 MB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 13-07-2022 22:19:00)

C:\DumpStack.log.tmp => Could not move

==== End of Fixlog 22:19:00 ====

Díky za další postup. Je to již o.k_

[Rudy]

Smazáno. Nastala nějaká změna?

[Antusek]

Avira funguje normálně. Defender nic nehlásí, ale když chci vložit příspěvek do diskuze, kde je potřeba odklikat obrázková kapča, tak to stále nejde a musím použít buď online proxy či tor browser. Tam se mi to povede. Někdy pozdě večer i občas normálně pře normální browser. Stránky jsou https://www.obrazkovysvet.cz/diskuze/in ... 337&r=1251. Minule mi bylo řečeno, že problém není u mě. Ale jiným to tam problém nedělá. Pak to asi za dva měsíce začalo z ničeho nic fungovat normálně a od 1. 7. 2022 zase s obtížemi.
Tak myslím, že kromě problému s kapčou to je vše o.k.
Díky za radu ohledně kapči.
A díky za vyřešení. Pokud se s kapčou nedá na mé straně nic dělat tak děkuji a může se to uzavřít.

[Rudy]

Zkusíme ještě vyčistit prohlížeče.

Stahnete Zoek.exe https://www.edisk.cz/stahni/21334/zoek.rar_1.3MB.html/ a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize

autoclean;
resethosts;
emptyclsid;
IEdefaults;
FFdefaults;
CHRdefaults;
emptyIEcache;
emptyFFcache;
emptyCHRcache;
emptyalltemp;
emptyflash;
emptyjava;
emptyrecycle.bin;

Nasledne kliknete na Run Script
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem.

[Antusek]

Posílám log a díky za další rady.


Zoek.exe v5.0.0.0 Updated 04-May-2015
Tool run by Admin on 14.07.2022 at 23:22:25,69.
Microsoft Windows 10 Home 10.0.19043 x64
Running in: Normal Mode No Internet Access Detected
Launched: D:\Aviry\zoek.exe [Scan all users] [Script inserted]

==== Older Logs ======================

C:\zoek-results2022-01-29-123015.log 241989 bytes

==== Empty Folders Check ======================

C:\Program Files\ModifiableWindowsApps
C:\Users\Admin\AppData\Local\LogitechR Webcam Software

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\IswSvc deleted successfully

==== FireFox Fix ======================

Deleted from C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2i1040qs.default-1582311638745\prefs.js:
user_pref("browser.newtab.url", "about:newtab");

Added to C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2i1040qs.default-1582311638745\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

Deleted from C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\u4mgi7h5.default-release\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

Added to C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\u4mgi7h5.default-release\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Deleting Files \ Folders ======================

C:\Users\Admin\AppData\Local\oobelibMkey.log deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tpm-18a8-3904-2b10c3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tpm-1b2c-3338-b10433.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2240-310c-24797d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-be0-10cc-60a0d2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12c8-220-c199235.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12c8-220-c199237.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12c8-220-c199249.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12c8-220-c19924b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12c8-220-c19924d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12c8-220-c19924f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12c8-220-c199261.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12c8-220-c199263.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12c8-220-c199265.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12c8-220-c199267.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12c8-220-c199278.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12c8-220-c19927a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-12c8-220-c19927c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-13c-110c-3c8945a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-13c-110c-3c894b9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-13c-110c-3c894ea.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-13c-110c-3c894fc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-13c-110c-3c8950d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-13c-110c-3c8952f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-13c-110c-3c8959e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-13c-110c-3c8961d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-13c-110c-3c8962f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-13c-110c-3c89660.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-13c-110c-3c896df.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-13c-110c-3c8970f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-13c-110c-3c89731.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-13c-110c-3c89771.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-13c-110c-3c897c1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-13c-110c-3c89811.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-13c-110c-3c89842.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-13c-110c-3c89864.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-13c-110c-3c898c3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-16dc-2c10-6c91e45.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-16dc-2c10-6c91e66.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-16dc-2c10-6c91e68.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-16dc-2c10-6c91e6a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-16dc-2c10-6c91e6c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-16dc-2c10-6c91e7e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-16dc-2c10-6c91e80.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-16dc-2c10-6c91e82.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-16dc-2c10-6c91e84.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-16dc-2c10-6c91e95.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-16dc-2c10-6c91ec6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-16dc-2c10-6c91ec8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-16dc-2c10-6c91eca.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-16dc-2c10-6c91ecc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-16dc-2c10-6c91efd.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-16dc-2c10-6c91f0f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-16dc-2c10-6c91f20.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-16dc-2c10-6c91f61.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-16dc-2c10-6c91f63.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-16dc-2c10-6c91f65.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-16dc-2c10-6c91f76.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-16dc-2c10-6c91f88.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-16dc-2c10-6c91f8a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-16dc-2c10-6c91f8c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-16dc-2c10-6c91f9e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-16dc-2c10-6c91fa0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-16dc-2c10-6c91fa2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-16dc-2c10-6c91fb3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-16dc-2c10-6c91fb5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-16dc-2c10-6c91fc7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-16dc-2c10-6c91fc9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-16dc-2c10-6c91fcb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-16dc-2c10-6c91fcd.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-16dc-2c10-6c91fdf.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-16dc-2c10-6c91ff0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-16dc-2c10-6c91ff2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-16dc-2c10-6c91ff4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-16dc-2c10-6c92006.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-16dc-2c10-6c92046.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-16dc-2c10-6c92048.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-16dc-2c10-6c9204a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-16dc-2c10-6c9205c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-16dc-2c10-6c9205e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-16dc-2c10-6c92060.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1704-1d2c-fdf4e0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1704-1d2c-fdf4e2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1704-1d2c-fdf4e4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1704-1d2c-fdf4e6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1704-1d2c-fdf4f8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1704-1d2c-fdf4fa.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1704-1d2c-fdf50c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1704-1d2c-fdf51d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1704-1d2c-fdf51f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1704-1d2c-fdf521.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1704-1d2c-fdf523.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1704-1d2c-fdf535.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1704-1d2c-fdf537.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1704-1d2c-fdf539.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1704-1d2c-fdf53b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1704-1d2c-fdf54d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1704-1d2c-fdf54f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1704-1d2c-fdf551.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1704-1d2c-fdf562.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1704-1d2c-fdf574.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1704-1d2c-fdf576.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1704-1d2c-fdf578.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1704-1d2c-fdf5a9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1704-1d2c-fdf5ba.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1704-1d2c-fdf5bc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1704-1d2c-fdf5be.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1704-1d2c-fdf5d0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1704-1d2c-fdf5d2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1704-1d2c-fdf5d4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1704-1d2c-fdf5e6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1704-1d2c-fdf5e8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1704-1d2c-fdf5ea.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1704-1d2c-fdf5ec.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1704-1d2c-fdf61c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1704-1d2c-fdf61e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1704-1d2c-fdf620.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1704-1d2c-fdf622.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1704-1d2c-fdf634.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1704-1d2c-fdf636.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1704-1d2c-fdf638.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1704-1d2c-fdf64a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1704-1d2c-fdf64c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1704-1d2c-fdf65d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1704-1d2c-fdf65f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1704-1d2c-fdf661.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1704-1d2c-fdf673.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1704-1d2c-fdf675.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1704-1d2c-fdf677.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1704-1d2c-fdf689.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1704-1d2c-fdf68b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1704-1d2c-fdf68d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1704-1d2c-fdf69e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1704-1d2c-fdf6a0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1704-1d2c-fdf6a2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1704-1d2c-fdf6b4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1704-1d2c-fdf6b6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1704-1d2c-fdf6b8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-18a8-3904-2b105a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-18a8-3904-2b105c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-18a8-3904-2b105e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-18a8-3904-2b1070.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-18a8-3904-2b1072.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-18a8-3904-2b1074.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-18a8-3904-2b1076.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-18a8-3904-2b1078.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-18a8-3904-2b1099.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-18a8-3904-2b109b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-18a8-3904-2b109d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-18a8-3904-2b109f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-18a8-3904-2b10b0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-18a8-3904-2b10b2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1b2c-3338-342fae.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1b2c-3338-342ffe.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1b2c-3338-34304e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1b2c-3338-343050.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1b2c-3338-343081.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1b2c-3338-343083.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1b2c-3338-343094.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1b2c-3338-3430a6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1b2c-3338-3430c7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1b2c-3338-3430e9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1b2c-3338-343129.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1b2c-3338-34314a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1b2c-3338-34314c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1b2c-3338-34315e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1b2c-3338-343160.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1b2c-3338-343172.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1b2c-3338-3431b2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1b2c-3338-3431c4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1b2c-3338-3432a0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1b2c-3338-3432f1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1b2c-3338-343370.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1b2c-3338-3433b0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1b2c-3338-b100da.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1b2c-3338-b10263.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1b2c-3338-b102e2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1b2c-3338-b10303.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1b2c-3338-b103a2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1b2c-3338-b103e2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1b2c-3338-b10432.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2134-4014-a61e10d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2240-310c-247909.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2240-310c-24791a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2240-310c-24791c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2240-310c-24791e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2240-310c-247920.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2240-310c-247922.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2240-310c-247934.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2240-310c-247936.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2240-310c-247938.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2240-310c-24793a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2240-310c-24794c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2240-310c-24794e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2240-310c-24795f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2240-310c-247961.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2240-310c-247963.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2240-310c-247965.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2240-310c-247967.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2240-310c-247979.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2240-310c-24797b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-22b4-2a64-514ab8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-22b4-2a64-514aba.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-22b4-2a64-514acc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-22b4-2a64-514ace.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-22b4-2a64-514ad0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-22b4-2a64-514ae2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-22b4-2a64-514ae4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-22b4-2a64-514af5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-22b4-2a64-514af7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-22b4-2a64-514af9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-22b4-2a64-514b0b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-22b4-2a64-514b0d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-22b4-2a64-514b5d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-22b4-2a64-514b7e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-22b4-2a64-514bbf.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-22b4-2a64-514c1e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-22b4-2a64-514c40.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-22b4-2a64-514c71.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-22b4-2a64-514cb1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-23dc-2bf8-ca4987b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-23dc-2bf8-ca4987d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-23dc-2bf8-ca4987f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-23dc-2bf8-ca49890.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-23dc-2bf8-ca49892.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-23dc-2bf8-ca49894.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-23dc-2bf8-ca498a6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-23dc-2bf8-ca498a8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-23dc-2bf8-ca498aa.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-23dc-2bf8-ca498bc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-23dc-2bf8-ca498be.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-23dc-2bf8-ca498c0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-23dc-2bf8-ca498c2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-23dc-2bf8-ca498d3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-23dc-2bf8-ca498d5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-23dc-2bf8-ca498d7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-23dc-2bf8-ca498d9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-23dc-2bf8-ca498eb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-23dc-2bf8-ca498ed.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-23dc-2bf8-ca498ef.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-23dc-2bf8-ca498f1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-23dc-2bf8-ca49903.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-23dc-2bf8-ca49905.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-23dc-2bf8-ca49907.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-23dc-2bf8-ca49909.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-23dc-2bf8-ca4991a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-23dc-2bf8-ca4991c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-23dc-2bf8-ca4991e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-23dc-2bf8-ca49920.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-23dc-2bf8-ca49932.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-23dc-2bf8-ca49934.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-23dc-2bf8-ca49936.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-23dc-2bf8-ca49938.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-23dc-2bf8-ca49949.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-23dc-2bf8-ca4994b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-23dc-2bf8-ca4994d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-23dc-2bf8-ca4994f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-23dc-2bf8-ca49961.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-23dc-2bf8-ca49963.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-23dc-2bf8-ca49965.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-23dc-2bf8-ca49977.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-23dc-2bf8-ca49979.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-23dc-2bf8-ca4998a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-23dc-2bf8-ca4998c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-23dc-2bf8-ca4998e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-23dc-2bf8-ca499a0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-23dc-2bf8-ca499a2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-23dc-2bf8-ca499a4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-23dc-2bf8-ca499b6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-23dc-2bf8-ca499b8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-23dc-2bf8-ca499ba.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-23dc-2bf8-ca499cb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-23dc-2bf8-ca499cd.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-23dc-2bf8-ca499df.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-23dc-2bf8-ca499e1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-23dc-2bf8-ca499f2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-23dc-2bf8-ca49a43.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2510-3224-2549a5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2510-3224-2549a7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2510-3224-2549a9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2510-3224-2549bb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2510-3224-2549bd.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2510-3224-2549bf.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2510-3224-2549d0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2510-3224-2549d2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2510-3224-2549d4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2510-3224-2549e6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2510-3224-2549e8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2510-3224-2549ea.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2510-3224-2549fb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2510-3224-2549fd.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2510-3224-2549ff.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2510-3224-254a11.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2510-3224-254a13.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2510-3224-254a15.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2510-3224-254a27.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2540-28d4-277d469.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2540-28d4-277d47b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2540-28d4-277d47d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2540-28d4-277d47f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2540-28d4-277d491.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2540-28d4-277d493.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2540-28d4-277d495.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2540-28d4-277d497.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2540-28d4-277d4a8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2540-28d4-277d4aa.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2540-28d4-277d4ac.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2540-28d4-277d4ae.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2540-28d4-277d4c0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2540-28d4-277d4c2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2540-28d4-277d4c4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2540-28d4-277d4c6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2540-28d4-277d4d7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2540-28d4-277d4d9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2540-28d4-277d4eb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2540-28d4-277d4ed.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2540-28d4-277d4ef.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2540-28d4-277d4f1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2540-28d4-277d503.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2540-28d4-277d505.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2540-28d4-277d507.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2540-28d4-277d509.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2540-28d4-277d51a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2540-28d4-277d51c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2540-28d4-277d51e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2540-28d4-277d520.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2540-28d4-277d532.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2540-28d4-277d534.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2540-28d4-277d536.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2540-28d4-277d538.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2540-28d4-277d54a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2540-28d4-277d54c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2540-28d4-277d54e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2540-28d4-277d550.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2540-28d4-277d561.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2540-28d4-277d563.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2540-28d4-277d565.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2540-28d4-277d577.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2540-28d4-277d579.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2540-28d4-277d58a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2540-28d4-277d58c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2540-28d4-277d58e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2540-28d4-277d5a0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2540-28d4-277d5b2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2540-28d4-277d5b4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2540-28d4-277d5c5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2540-28d4-277d5c7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2540-28d4-277d5d9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2540-28d4-277d5eb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2540-28d4-277d5fc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2540-28d4-277d5fe.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2540-28d4-277d600.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2540-28d4-277d612.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-27c8-1564-99491.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-27c8-1564-99493.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-27c8-1564-994a4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-27c8-1564-994a6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-27c8-1564-994b8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-27c8-1564-994ba.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-27c8-1564-994cc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-27c8-1564-994ce.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-27c8-1564-994ef.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-27c8-1564-994f1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-27c8-1564-99531.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-27c8-1564-99533.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-27c8-1564-99545.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-27c8-1564-99566.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-27c8-1564-99578.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-27c8-1564-9957a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-27c8-1564-9958c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-27c8-1564-995bc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-27c8-1564-995ce.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2c20-3d0-1025c7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2c20-3d0-1025d9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2c20-3d0-1025db.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2c20-3d0-1025ed.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2c20-3d0-1025fe.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2c20-3d0-102600.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2c20-3d0-102612.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2c20-3d0-102624.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2c20-3d0-102635.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2c20-3d0-102647.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2c20-3d0-102649.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2c20-3d0-10265a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2c20-3d0-10265c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2c20-3d0-10268d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2c20-3d0-10269f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2c20-3d0-1026b1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2c20-3d0-1026b3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2c20-3d0-1026e3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2c20-3d0-1026f5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2c34-243c-e879c73.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2c34-243c-e879c94.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2c34-243c-e879c96.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2c34-243c-e879ca8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2c34-243c-e879caa.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2c34-243c-e879cac.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2c34-243c-e879cbd.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2c34-243c-e879cbf.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2c34-243c-e879cd1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2c34-243c-e879cd3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2c34-243c-e879ce5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2c34-243c-e879ce7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2c34-243c-e879cf8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2c34-243c-e879cfa.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2c34-243c-e879cfc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2c34-243c-e879d0e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2c34-243c-e879d10.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2c34-243c-e879d22.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2c34-243c-e879d24.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2ce8-2bb0-5593032.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2ce8-2bb0-5593034.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2ce8-2bb0-5593036.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2ce8-2bb0-5593048.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2ce8-2bb0-559305a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2ce8-2bb0-559305c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2ce8-2bb0-559307d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2ce8-2bb0-559309e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2ce8-2bb0-55930b0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2ce8-2bb0-55930d1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2ce8-2bb0-55930f2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2ce8-2bb0-5593133.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2ce8-2bb0-5593193.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2ce8-2bb0-55931f2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2ce8-2bb0-5593214.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2ce8-2bb0-5593225.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2ce8-2bb0-5593237.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2ce8-2bb0-5593248.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2ce8-2bb0-559324a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2ed0-3250-4d1a55.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2ed0-3250-4d1a67.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2ed0-3250-4d1a69.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2ed0-3250-4d1a6b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2ed0-3250-4d1a7c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2ed0-3250-4d1a7e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2ed0-3250-4d1a80.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2ed0-3250-4d1a92.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2ed0-3250-4d1a94.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2ed0-3250-4d1a96.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2ed0-3250-4d1aa8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2ed0-3250-4d1aaa.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2ed0-3250-4d1aac.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2ed0-3250-4d1abd.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2ed0-3250-4d1abf.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2ed0-3250-4d1ac1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2ed0-3250-4d1ad3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2ed0-3250-4d1ad5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2ed0-3250-4d1ad7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3b0c-2030-4adcd61.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3b0c-2030-4adcd73.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3b0c-2030-4adcd75.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3b0c-2030-4adcd96.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3b0c-2030-4adcda8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3b0c-2030-4adcdb9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3b0c-2030-4adcdcb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3b0c-2030-4adcdfc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3b0c-2030-4adcdfe.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3b0c-2030-4adce1f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3b0c-2030-4adce21.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3b0c-2030-4adce33.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3b0c-2030-4adce35.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3b0c-2030-4adce56.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3b0c-2030-4adce77.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3b0c-2030-4adce89.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3b0c-2030-4adce8b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3b0c-2030-4adce9d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3b0c-2030-4adceae.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4978-2bc0-1b44d3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4978-2bc0-1b44e5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4978-2bc0-1b44e7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4978-2bc0-1b44e9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4978-2bc0-1b44fa.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4978-2bc0-1b44fc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4978-2bc0-1b44fe.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4978-2bc0-1b4510.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4978-2bc0-1b4512.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4978-2bc0-1b4514.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4978-2bc0-1b4526.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4978-2bc0-1b4528.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4978-2bc0-1b452a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4978-2bc0-1b453b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4978-2bc0-1b453d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4978-2bc0-1b453f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4978-2bc0-1b4541.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4978-2bc0-1b4553.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4978-2bc0-1b4555.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5cc-d4c-5fa018.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5cc-d4c-5fa01a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5cc-d4c-5fa02b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5cc-d4c-5fa02d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5cc-d4c-5fa02f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5cc-d4c-5fa041.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5cc-d4c-5fa043.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5cc-d4c-5fa045.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5cc-d4c-5fa047.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5cc-d4c-5fa059.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5cc-d4c-5fa05b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5cc-d4c-5fa05d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5cc-d4c-5fa06e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5cc-d4c-5fa070.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5cc-d4c-5fa072.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5cc-d4c-5fa084.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5cc-d4c-5fa086.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5cc-d4c-5fa088.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5cc-d4c-5fa08a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5f0-2174-364405.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5f0-2174-364416.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5f0-2174-364418.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5f0-2174-36442a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5f0-2174-36443c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5f0-2174-36443e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5f0-2174-36445f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5f0-2174-364461.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5f0-2174-364473.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5f0-2174-3644f2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5f0-2174-3644f4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5f0-2174-364544.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5f0-2174-364565.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5f0-2174-364596.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5f0-2174-3645c7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5f0-2174-364626.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5f0-2174-364667.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5f0-2174-364782.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5f0-2174-364794.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-610-3780-10e4c22c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-610-3780-10e4c23e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-610-3780-10e4c240.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-610-3780-10e4c242.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-610-3780-10e4c254.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-610-3780-10e4c256.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-610-3780-10e4c258.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-610-3780-10e4c269.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-610-3780-10e4c26b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-610-3780-10e4c27d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-610-3780-10e4c27f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-610-3780-10e4c281.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-610-3780-10e4c293.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-610-3780-10e4c295.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-610-3780-10e4c297.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-610-3780-10e4c2a8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-610-3780-10e4c2aa.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-610-3780-10e4c2ac.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-610-3780-10e4c2be.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-be0-10cc-60a025.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-be0-10cc-60a027.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-be0-10cc-60a038.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-be0-10cc-60a03a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-be0-10cc-60a03c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-be0-10cc-60a03e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-be0-10cc-60a050.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-be0-10cc-60a052.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-be0-10cc-60a054.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-be0-10cc-60a066.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-be0-10cc-60a068.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-be0-10cc-60a06a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-be0-10cc-60a06c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-be0-10cc-60a07d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-be0-10cc-60a07f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-be0-10cc-60a081.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-be0-10cc-60a083.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-be0-10cc-60a095.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-be0-10cc-60a097.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-be0-10cc-60a099.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-be0-10cc-60a09b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-be0-10cc-60a0ac.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-be0-10cc-60a0ae.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-be0-10cc-60a0b0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-d3c-160c-f12a112.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-d3c-160c-f12a114.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-d3c-160c-f12a126.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-d3c-160c-f12a128.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-d3c-160c-f12a13a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-d3c-160c-f12a13c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-d3c-160c-f12a13e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-d3c-160c-f12a14f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-d3c-160c-f12a151.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-d3c-160c-f12a173.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-d3c-160c-f12a184.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-d3c-160c-f12a186.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-d3c-160c-f12a198.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-d3c-160c-f12a1a9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-d3c-160c-f12a1cb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-d3c-160c-f12a1ec.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-d3c-160c-f12a1fe.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-d3c-160c-f12a20f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-d3c-160c-f12a211.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e1c-8b4-19d5d2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e1c-8b4-19d5e4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e1c-8b4-19d5e6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e1c-8b4-19d5e8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e1c-8b4-19d5f9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e1c-8b4-19d5fb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e1c-8b4-19d5fd.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e1c-8b4-19d60f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e1c-8b4-19d611.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e1c-8b4-19d613.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e1c-8b4-19d625.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e1c-8b4-19d627.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e1c-8b4-19d629.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e1c-8b4-19d63a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e1c-8b4-19d63c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e1c-8b4-19d63e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e1c-8b4-19d650.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e1c-8b4-19d652.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e1c-8b4-19d663.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e70-1b04-37636f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e70-1b04-376371.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e70-1b04-376383.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e70-1b04-376385.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e70-1b04-376387.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e70-1b04-376398.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e70-1b04-37639a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e70-1b04-37639c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e70-1b04-3763ae.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e70-1b04-3763b0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e70-1b04-3763b2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e70-1b04-3763c3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e70-1b04-3763c5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e70-1b04-3763c7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e70-1b04-3763d9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e70-1b04-3763db.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e70-1b04-3763ed.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e70-1b04-3763ef.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e70-1b04-3763f1.tmp deleted
"C:\DumpStack.log.tmp" not deleted
"C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\oobelibMkey.log" not deleted
"C:\PROGRA~3\Package Cache\{8ea07ae2-acd9-459e-8fc2-6f31ef667c9c}\Avira.OE.Setup.Bundle.exe" deleted
"C:\PROGRA~3\Package Cache" not deleted
"C:\PROGRA~3\Package Cache\{8ea07ae2-acd9-459e-8fc2-6f31ef667c9c}" not deleted

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\2i1040qs.default-1582311638745
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\u4mgi7h5.default-release
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Firefox Extensions ======================

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================


==== Chromium Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
ihcjicgdanjaechkgeegckofjjedodee - No path found[]

uBlock₀ - Admin\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm
Malwarebytes Browser Guard - Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee

==== Chromium Startpages ======================

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 6\Preferences
s":["craw_background.js"]}},"current_locale":"cs","default_locale":"en","description":"Platby Internetového obchodu Chrome","display_in_launcher":false,"display_in_new_tab_page":false,"icons":{"128":"images/icon_128.png","16":"images/icon_16.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCrKfMnLqViEyokd1wk57FxJtW2XXpGXzIHBzv9vQI/01UsuP0IV5/lj0wx7zJ/xcibUgDeIxobvv9XD+zO1MdjMWuqJFcKuSS4Suqkje6u+pMrTSGOSHq1bmBVh0kpToN8YoJs/P/yrRd7FEtAXTaFTGxQL4C385MeXSjaQfiRiQIDAQAB","manifest_version":2,"minimum_chrome_version":"29","name":"Platby Internetového obchodu Chrome","oauth2":{"auto_approve":true,"client_id":"203784468217.apps.googleusercontent.com","scopes":["https://www.googleapis.com/auth/sierra" ... e.readonly"]},"permissions":["identity","webview","https://www.google.com/","https://www.g ... egrator.js"],"update_url":"https://clients2.google.com/service/upd ... 8B4BC9B123"}}


==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IESR02"

==== Reset Google Chrome ======================

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 6\Preferences was reset successfully
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 6\Secure Preferences was reset successfully
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences was reset successfully
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences was reset successfully
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 6\Web Data was reset successfully
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 6\Web Data-journal was reset successfully
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Web Data will be reset at reboot

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Avira System Speedup_is1 deleted successfully

==== Empty IE Cache ======================

C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\2i1040qs.default-1582311638745\cache2 emptied successfully

==== Empty Chrome Cache ======================

C:\Users\Admin\AppData\Local\Opera Software\Opera Stable\Cache emptied successfully
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 6\Cache emptied successfully
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache will be emptied at reboot

==== Empty All Flash Cache ======================

No Flash Cache Found

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=151 folders=3281 126355509 bytes)

==== Empty Temp Folders ======================

C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Reset Hosts File ======================

Hosts File Reset Successfully

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\Users\Admin\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\DumpStack.log.tmp" not deleted
"C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\oobelibMkey.log" not deleted
"C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Web Data" not found
"C:\PROGRA~3\Package Cache" not found

==== EOF on 14.07.2022 at 23:48:43,33 ======================

[Antusek]

Něco to udělalo neb mě kapča pustila na první dobrou a příspěvek se podařil vložit. Uvidíme, jak to bude fungovat zítra.
Díky za případné další rady.
Bylo tam něco v prohlížečích, abych věděl?

[Rudy]

OK, to jsem rád. Nebylo tam celekm nic (žádné šmejdy), jen spoustu dočasných souborů internetu. Ty to někdy způsobují právě kvůli jejich množství. Ještě je nějaký problém?