VIRY.CZ

NTB je zpomalený , seká se i prohlížeč občas i videa.
Prosím o kontrolu logu.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 25-04-2023
Ran by david (administrator) on DESKTOP-57398S1 (LENOVO 80M3) (25-04-2023 15:41:53)
Running from C:\Users\david\Desktop\FRST64.exe
Loaded Profiles: david
Platform: Microsoft Windows 10 Home Version 22H2 19045.2846 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(C:\Program Files (x86)\IObit\Driver Booster\8.7.0\DriverBooster.exe ->) (IObit CO., LTD -> IObit) C:\Program Files (x86)\IObit\Driver Booster\8.7.0\ScanWinUpd.exe
(C:\Program Files\Elantech\ETDCtrl.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(C:\Program Files\Elantech\ETDCtrl.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe
(C:\Program Files\Elantech\ETDService.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(C:\Program Files\ESET\ESET Security\ekrn.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(explorer.exe ->) (Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(explorer.exe ->) (Fortemedia Inc -> ) C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(Hewlett-Packard) [File not signed] C:\Program Files (x86)\Hewlett-Packard\OrderReminder\OrderReminder.exe
(Intel(R) pGFX -> ) C:\Windows\System32\igfxTray.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(IObit CO., LTD -> IObit) C:\Program Files (x86)\IObit\Driver Booster\8.7.0\DriverBooster.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(services.exe ->) (Conexant Systems, Inc. -> Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(services.exe ->) (Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
(services.exe ->) (Conexant Systems, Inc.) [File not signed] C:\Windows\SysWOW64\UIUSrv.exe
(services.exe ->) (Disc Soft Ltd -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Ultra\DiscSoftBusService.exe
(services.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(services.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(services.exe ->) (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2303.8-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2303.8-0\NisSrv.exe
(svchost.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_4.2204.13303.0_x64__8wekyb3d8bbwe\Cortana.exe
(svchost.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.823.3261.0_x64__8wekyb3d8bbwe\GameBar.exe
(svchost.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.823.3261.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(svchost.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.23032.186.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] (Fortemedia Inc -> )
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [916184 2014-07-02] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830616 2014-04-10] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [168064 2022-03-15] (ESET, spol. s r.o. -> ESET)
HKLM-x32\...\Run: [OrderReminder] => C:\Program Files (x86)\Hewlett-Packard\OrderReminder\OrderReminder.exe [98304 2006-07-30] (Hewlett-Packard) [File not signed]
HKU\S-1-5-21-3476297074-517369176-1764710931-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\david\AppData\Local\Microsoft\Teams\Update.exe [2459304 2022-01-12] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-3476297074-517369176-1764710931-1001\...\Run: [DAEMON Tools Ultra Agent] => C:\Program Files\DAEMON Tools Ultra\DTAgent.exe [4338880 2016-02-02] (Disc Soft Ltd -> Disc Soft Ltd) [File not signed]
HKU\S-1-5-21-3476297074-517369176-1764710931-1001\...\MountPoints2: I - "I:\Install.exe"
HKU\S-1-5-21-3476297074-517369176-1764710931-1001\...\MountPoints2: {8fc14a63-829d-11ec-b698-b46d83ba83d9} - "G:\Setup.exe"
HKU\S-1-5-21-3476297074-517369176-1764710931-1001\...\MountPoints2: {8fc14a9d-829d-11ec-b698-b46d83ba83d9} - "I:\Install.exe"
HKU\S-1-5-21-3476297074-517369176-1764710931-1001\...\MountPoints2: {8fc14c8a-829d-11ec-b698-b46d83ba83d9} - "I:\Install.exe"
HKU\S-1-5-21-3476297074-517369176-1764710931-1001\...\MountPoints2: {8fc14dab-829d-11ec-b698-b46d83ba83d9} - "J:\Setup.exe"
HKU\S-1-5-21-3476297074-517369176-1764710931-1001\...\MountPoints2: {c0b04164-35ae-11ec-b690-507b9d329ba3} - "E:\HiSuiteDownLoader.exe"
HKLM\...\Windows x64\Print Processors\Canon MP250 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPD9W.DLL [28672 2010-04-24] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Windows x64\Print Processors\HP1020PrintProc: C:\Windows\System32\spool\prtprocs\x64\pphp1020.dll [65024 2012-09-18] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\Canon BJ Language Monitor MP250 series: C:\Windows\system32\CNMLM9W.DLL [336896 2010-04-24] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\HPLJ1020LM: C:\Windows\system32\zlhp1020.dll [192512 2012-09-18] (Microsoft Windows Hardware Compatibility Publisher -> )

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {08257850-F2D0-4F0E-9987-974E67665DED} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23709664 2023-04-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {105BC3E5-814E-45D6-A8D3-146A9732E60F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2303.8-0\MpCmdRun.exe [1645864 2023-04-20] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {1BE7CC90-9E4F-4365-BE8B-E424B306A25A} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [142272 2023-04-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {21F48AFA-3B21-471B-8538-4E6D9E21B798} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [718752 2023-04-20] (Mozilla Corporation -> Mozilla Foundation)
Task: {266314D3-AA18-4C69-88A3-D6A5EC196407} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23709664 2023-04-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {4461C2FA-823F-4D38-A1B1-88DAC8615942} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8522672 2023-04-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {5C3FA62F-EA6F-48FC-882E-19DB098898A6} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [64408 2023-02-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {61EE689E-5C27-4257-83FD-766686AB69C8} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [676768 2023-04-20] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {73EB0D44-17A9-4997-99B1-088568D37269} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8522672 2023-04-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {88CC84D8-3487-4F5A-AF1F-76FDED4512CD} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2303.8-0\MpCmdRun.exe [1645864 2023-04-20] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D7D49EB0-2A5F-4A58-AF30-FFF97E70A41A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2303.8-0\MpCmdRun.exe [1645864 2023-04-20] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D9E74B24-E794-40E9-9A87-FE60C1B4421A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2303.8-0\MpCmdRun.exe [1645864 2023-04-20] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F240F192-B69F-4154-9D3C-68F70CB4C085} - System32\Tasks\Microsoft\Office\Office Serviceability Manager => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\officesvcmgr.exe [3854464 2023-02-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {F548359C-8D91-4438-B78B-4E295F771E5A} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [142272 2023-04-23] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{65237ec6-51a7-455c-a40a-96b45a6ca434}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{7e008ce8-e8c5-44f1-8bf0-9af172295d08}: [DhcpNameServer] 10.0.0.138

Edge:
=======
Edge Profile: C:\Users\david\AppData\Local\Microsoft\Edge\User Data\Default [2023-04-06]

FireFox:
========
FF DefaultProfile: mkwa0ay5.default
FF ProfilePath: C:\Users\david\AppData\Roaming\Mozilla\Firefox\Profiles\mkwa0ay5.default [2022-02-15]
FF user.js: detected! => C:\Users\david\AppData\Roaming\Mozilla\Firefox\Profiles\mkwa0ay5.default\user.js [2022-02-15]
FF ProfilePath: C:\Users\david\AppData\Roaming\Mozilla\Firefox\Profiles\4nli3p9u.default-release-1644957994668 [2023-04-25]
FF Homepage: Mozilla\Firefox\Profiles\4nli3p9u.default-release-1644957994668 -> www.seznam.cz
FF Extension: (Simple Translate) - C:\Users\david\AppData\Roaming\Mozilla\Firefox\Profiles\4nli3p9u.default-release-1644957994668\Extensions\simple-translate@sienori.xpi [2023-03-27]
FF Extension: (No Name) - C:\Users\david\AppData\Roaming\Mozilla\Firefox\Profiles\4nli3p9u.default-release-1644957994668\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2023-03-27]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2023-02-04] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2022-08-15] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2023-02-04] (Microsoft Corporation -> Microsoft Corporation)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\eset_security_config_overlay.js [2023-04-25]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [96056 2020-05-20] (Apple Inc. -> Apple Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12126112 2023-02-23] (Microsoft Corporation -> Microsoft Corporation)
R3 Disc Soft Ultra Bus Service; C:\Program Files\DAEMON Tools Ultra\DiscSoftBusService.exe [1439424 2016-02-02] (Disc Soft Ltd -> Disc Soft Ltd)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [3210720 2022-03-15] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [3210720 2022-03-15] (ESET, spol. s r.o. -> ESET)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [11950544 2022-05-26] (INCA Internet Co.,Ltd. -> INCA Internet Co., Ltd.)
S3 OfficeSvcManagerAddons; C:\Windows\system32\dllhost.exe /Processid:{2CA2E202-932F-4BA2-8771-195BB86398F5} [21312 2021-04-09] (Microsoft Windows -> Microsoft Corporation)
R2 UIUService; C:\Windows\SysWOW64\UIUSrv.exe [105984 2022-02-27] (Conexant Systems, Inc.) [File not signed]
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2303.8-0\NisSrv.exe [3228400 2023-04-20] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2303.8-0\MsMpEng.exe [133536 2023-04-20] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 dtultrascsibus; C:\Windows\System32\drivers\dtultrascsibus.sys [30264 2022-02-02] (Disc Soft Ltd -> Disc Soft Ltd)
R3 dtultrausbbus; C:\Windows\System32\drivers\dtultrausbbus.sys [47672 2022-02-02] (Disc Soft Ltd -> Disc Soft Ltd)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [183888 2022-03-15] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\Windows\System32\DRIVERS\eelam.sys [15824 2022-03-11] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [226264 2022-03-15] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [111624 2022-03-15] (ESET, spol. s r.o. -> ESET)
S3 ew_usbccgpfilter; C:\Windows\System32\drivers\ew_usbccgpfilter.sys [18816 2021-10-25] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2021-10-25] (Martin Malik - REALiX -> REALiX(tm))
S2 SecDrv; C:\Windows\SysWOW64\drivers\SECDRV.SYS [28400 2022-02-02] () [File not signed]
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [49600 2023-04-20] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [497920 2023-04-20] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [99608 2023-04-20] (Microsoft Windows -> Microsoft Corporation)
S3 MpKsl4a8fc08e; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{96F416EE-FF6C-42EA-A491-CC838A391A6C}\MpKslDrv.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-04-25 15:41 - 2023-04-25 15:45 - 000017493 _____ C:\Users\david\Desktop\FRST.txt
2023-04-25 15:41 - 2023-04-25 15:41 - 002382336 _____ (Farbar) C:\Users\david\Desktop\FRST64.exe
2023-04-25 15:41 - 2023-04-25 15:41 - 000000000 ____D C:\Users\david\Desktop\FRST-OlderVersion
2023-04-25 15:40 - 2023-04-25 15:43 - 000000000 ____D C:\FRST
2023-04-25 15:37 - 2023-04-25 15:38 - 000000000 ____D C:\rsit
2023-04-25 15:32 - 2023-04-25 15:32 - 001185640 _____ (Realtek ) C:\Windows\system32\Drivers\rt640x64.sys
2023-04-25 15:26 - 2023-04-25 15:26 - 017388440 _____ C:\Windows\system32\RsEyeContactCorrection_Assets.dll
2023-04-25 15:26 - 2023-04-25 15:26 - 015824792 _____ C:\Windows\system32\RsDMFT_Assets.dll
2023-04-25 15:26 - 2023-04-25 15:26 - 013414320 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RsDMFT64.dll
2023-04-25 15:23 - 2021-01-17 22:06 - 008447152 _____ (Malwarebytes) C:\Users\david\Desktop\AdwCleaner.exe
2023-04-25 15:22 - 2021-08-28 21:01 - 001053600 _____ (ESET) C:\Users\david\Desktop\esetuninstaller.exe
2023-04-25 15:22 - 2019-04-13 10:13 - 001663040 _____ (Malwarebytes) C:\Users\david\Desktop\JRT.exe
2023-04-25 15:14 - 2023-04-25 15:15 - 000000000 ____D C:\Users\david\Desktop\FILMY
2023-04-25 14:59 - 2023-04-25 14:59 - 000000180 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2023-04-25 14:26 - 2023-04-25 14:26 - 000000000 ___HD C:\$WinREAgent
2023-04-23 20:01 - 2023-04-25 14:58 - 000008192 ___SH C:\DumpStack.log.tmp
2023-04-23 20:01 - 2023-04-23 20:02 - 000911876 _____ C:\Windows\Minidump\042323-50031-01.dmp
2023-04-23 14:07 - 2023-04-23 15:42 - 1748916153 _____ C:\Users\david\Downloads\Nejdrsnější věznice světa_S05E03_Grónsko_ Ledové vězení.mkv
2023-04-23 12:10 - 2023-04-23 12:47 - 672190999 _____ C:\Users\david\Downloads\Nejdrsnější věznice světa S04E02 Německo Vězeňská terapie.mkv
2023-04-20 17:08 - 2023-04-23 20:01 - 000000000 ____D C:\Program Files\Mozilla Firefox
2023-04-20 16:52 - 2023-04-20 16:52 - 000003378 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3476297074-517369176-1764710931-1001
2023-04-20 16:52 - 2023-04-20 16:52 - 000002383 _____ C:\Users\david\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-03-29 18:30 - 2023-03-29 18:30 - 000002048 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Star Stable Online.lnk
2023-03-29 18:30 - 2023-03-29 18:30 - 000002036 _____ C:\Users\Public\Desktop\Star Stable Online.lnk
2023-03-29 18:29 - 2023-03-29 19:45 - 000000000 ____D C:\Program Files\Star Stable Online
2023-03-29 18:21 - 2023-04-23 20:01 - 727716806 _____ C:\Windows\MEMORY.DMP
2023-03-29 18:21 - 2023-03-29 18:55 - 001810612 _____ C:\Windows\Minidump\032923-66281-01.dmp

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-04-25 15:37 - 2022-01-21 21:18 - 000000000 ____D C:\Program Files\trend micro
2023-04-25 15:36 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-04-25 15:35 - 2021-10-25 22:05 - 000000000 ____D C:\ProgramData\IObit
2023-04-25 15:34 - 2019-12-07 11:13 - 000000000 ____D C:\Windows\INF
2023-04-25 15:24 - 2022-02-15 21:23 - 000000000 ____D C:\ProgramData\ProductData
2023-04-25 15:18 - 2022-02-15 21:33 - 000002284 _____ C:\Users\david\Desktop\Loader-IDB.lnk
2023-04-25 15:06 - 2021-09-28 16:15 - 001605602 _____ C:\Windows\system32\PerfStringBackup.INI
2023-04-25 15:06 - 2019-12-07 16:41 - 000683426 _____ C:\Windows\system32\perfh005.dat
2023-04-25 15:06 - 2019-12-07 16:41 - 000137206 _____ C:\Windows\system32\perfc005.dat
2023-04-25 15:03 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-04-25 15:03 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\AppReadiness
2023-04-25 15:02 - 2023-01-26 19:41 - 000002280 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2023-04-25 15:02 - 2021-09-28 16:02 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-04-25 14:59 - 2021-09-28 16:27 - 000000000 __SHD C:\Users\david\IntelGraphicsProfiles
2023-04-25 14:58 - 2021-09-28 16:00 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2023-04-25 14:57 - 2019-12-07 11:03 - 000786432 _____ C:\Windows\system32\config\BBI
2023-04-25 14:55 - 2021-09-28 16:00 - 000000000 ____D C:\Windows\system32\SleepStudy
2023-04-25 14:54 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\CbsTemp
2023-04-25 14:19 - 2021-12-30 17:17 - 000000000 ____D C:\Program Files (x86)\EaseUS
2023-04-23 20:07 - 2021-09-28 15:59 - 000441584 _____ C:\Windows\system32\FNTCACHE.DAT
2023-04-23 20:03 - 2019-12-07 11:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2023-04-23 20:03 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata
2023-04-23 20:03 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\Dism
2023-04-23 20:03 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SystemResources
2023-04-23 20:03 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\WinMetadata
2023-04-23 20:03 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\oobe
2023-04-23 20:03 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\es-MX
2023-04-23 20:03 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\Dism
2023-04-23 20:03 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\DDFs
2023-04-23 20:03 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\PolicyDefinitions
2023-04-23 20:03 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\bcastdvr
2023-04-23 20:01 - 2021-11-21 18:57 - 000000000 ____D C:\Windows\Minidump
2023-04-23 20:01 - 2021-09-28 16:35 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2023-04-23 19:50 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\LiveKernelReports
2023-04-23 12:14 - 2021-10-05 21:23 - 000000000 ____D C:\Program Files\Microsoft Office
2023-04-23 12:00 - 2022-02-13 18:21 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-04-21 21:37 - 2021-09-28 16:03 - 003015680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2023-04-21 19:17 - 2021-09-28 16:35 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2023-04-21 18:05 - 2021-09-28 16:44 - 000000000 ____D C:\Users\david\AppData\Roaming\Kodi
2023-04-20 20:34 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\oobe
2023-04-20 20:34 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\setup
2023-04-20 20:31 - 2021-09-28 16:35 - 000000000 ____D C:\Users\david\AppData\LocalLow\Mozilla
2023-04-20 20:00 - 2021-09-28 17:57 - 000000000 ____D C:\Windows\system32\MRT
2023-04-20 19:49 - 2021-09-28 17:57 - 156112424 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2023-04-20 19:42 - 2021-10-05 23:53 - 000000000 ____D C:\Users\david\AppData\Roaming\Microsoft\Teams
2023-04-20 19:41 - 2022-05-16 20:36 - 000000000 ____D C:\Splines
2023-04-20 19:41 - 2022-05-16 20:35 - 000000000 ____D C:\Sceneryobjects
2023-04-20 19:38 - 2021-12-23 18:25 - 000000000 ____D C:\Users\david\AppData\Local\Roblox
2023-04-20 17:09 - 2021-10-18 20:06 - 000000000 ____D C:\Users\david\AppData\Roaming\Microsoft\Word
2023-04-20 16:59 - 2021-09-28 16:00 - 000000000 ____D C:\Windows\system32\Drivers\wd
2023-04-20 16:52 - 2021-12-23 18:19 - 000003588 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3476297074-517369176-1764710931-1001
2023-04-07 23:32 - 2021-09-28 16:23 - 000000000 ____D C:\Users\david\AppData\Local\Packages
2023-04-07 19:51 - 2021-09-28 16:02 - 000003640 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-04-07 19:51 - 2021-09-28 16:02 - 000003516 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-03-29 19:45 - 2022-03-18 17:58 - 000000000 ____D C:\Users\david\AppData\Roaming\Star Stable Online
2023-03-29 19:43 - 2021-10-20 17:21 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2023-03-29 18:35 - 2021-09-28 16:42 - 000000000 ____D C:\ProgramData\Package Cache
2023-03-29 18:29 - 2022-03-18 17:57 - 000000000 ____D C:\Program Files (x86)\Star Stable Online

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-04-2023
Ran by david (25-04-2023 15:50:55)
Running from C:\Users\david\Desktop
Microsoft Windows 10 Home Version 22H2 19045.2846 (X64) (2021-09-28 14:11:04)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-3476297074-517369176-1764710931-500 - Administrator - Disabled)
david (S-1-5-21-3476297074-517369176-1764710931-1001 - Administrator - Enabled) => C:\Users\david
DefaultAccount (S-1-5-21-3476297074-517369176-1764710931-503 - Limited - Disabled)
Guest (S-1-5-21-3476297074-517369176-1764710931-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-3476297074-517369176-1764710931-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET Security (Disabled - Out of date) {DF8BEACB-94C9-218A-73AD-A78362A8C516}
AV: ESET Security (Enabled - Up to date) {89B55CC4-3881-78B2-11E2-479AE0371896}
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Firewall (Enabled) {B18EDDE1-72EE-79EA-3ABD-EEAF1EE45FED}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Apple Mobile Device Support (HKLM\...\{C788AE25-3D4E-4D18-811B-3219F778487E}) (Version: 13.5.1.2 - Apple Inc.)
Canon MP Navigator EX 3.0 (HKLM-x32\...\MP Navigator EX 3.0) (Version: - )
Canon MP250 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP250_series) (Version: - Canon Inc.)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.29.53 - Conexant)
DAEMON Tools Ultra (HKLM\...\DAEMON Tools Ultra) (Version: 4.1.0.0489 - Disc Soft Ltd)
Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.6.5.1 - Dolby Laboratories Inc)
Driver Booster 8 (HKLM-x32\...\Driver Booster_is1) (Version: 8.7.0 - IObit)
ESET Security (HKLM\...\{7640EC0A-921E-44D1-9165-DE31D473EAE3}) (Version: 15.1.12.0 - ESET, spol. s r.o.)
Grand Theft Auto Vice City (HKLM-x32\...\{4B35F00C-E63D-40DC-9839-DF15A33EAC46}) (Version: 1.00.000 - )
GTA San Andreas (HKLM-x32\...\{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}) (Version: 1.00.00001 - Rockstar Games)
HitFilm Express (HKLM\...\{BF30DBDE-7EDE-4DEC-8940-10E54FB24DB7}) (Version: 18.0.12110.52955 - FXHOME)
HP OrderReminder (HKLM-x32\...\HP OrderReminder) (Version: 2.1 - )
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.5171 - Intel Corporation)
IrfanView 4.58 (64-bit) (HKLM\...\IrfanView64) (Version: 4.58 - Irfan Skiljan)
Kodi (HKU\S-1-5-21-3476297074-517369176-1764710931-1001\...\Kodi) (Version: - XBMC Foundation)
LaserJet 1018 (HKLM-x32\...\HP-LaserJet 1018) (Version: - )
Microsoft 365 Apps pro velké organizace - cs-cz (HKLM\...\O365ProPlusRetail - cs-cz) (Version: 16.0.15601.20626 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 112.0.1722.58 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 112.0.1722.58 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3476297074-517369176-1764710931-1001\...\OneDriveSetup.exe) (Version: 23.076.0409.0001 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{89581302-705F-42C5-99B0-E368A845DAD5}) (Version: 3.70.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40660 (HKLM\...\{5740BD44-B58D-321A-AFC0-6D3D4556DD6C}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40660 (HKLM\...\{CB0836EC-B072-368D-82B2-D3470BF95707}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40660 (HKLM-x32\...\{7DAD0258-515C-3DD4-8964-BD714199E0F7}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40660 (HKLM-x32\...\{E30D8B21-D82D-3211-82CC-0F0A5D1495E8}) (Version: 12.0.40660 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.29.30040 (HKLM-x32\...\{a8968509-65be-4c09-a460-fd1584b1cdbf}) (Version: 14.29.30040.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.34.31931 (HKLM-x32\...\{d4cecf3b-b68f-4995-8840-52ea0fab646e}) (Version: 14.34.31931.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.29.30040 (HKLM-x32\...\{EFC21A37-5640-4BE1-981A-2FD3EDA1D893}) (Version: 14.29.30040 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.29.30040 (HKLM-x32\...\{3093CC12-EF27-4036-AD72-A759500271E9}) (Version: 14.29.30040 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.34.31931 (HKLM\...\{EAE242B1-0A26-485A-BFEB-0292EE9F03CB}) (Version: 14.34.31931 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.34.31931 (HKLM\...\{CF4C347D-954E-4543-88D2-EC17F07F466F}) (Version: 14.34.31931 - Microsoft Corporation) Hidden
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 112.0.1 (x64 cs)) (Version: 112.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 92.0.1 - Mozilla)
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.15 - F.J. Wechselberger)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.15601.20626 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.15601.20538 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.13801.20638 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Podpora aplikací Apple (32bitová) (HKLM-x32\...\{11C4575B-4B32-44D2-A097-D59A00BA60DE}) (Version: 8.5 - Apple Inc.)
Podpora aplikací Apple (64bitová) (HKLM\...\{D39B163A-9E12-442C-95E9-33FA5746AB21}) (Version: 8.5 - Apple Inc.)
Star Stable Online 2.17.0 (HKLM\...\8c663ade-0de5-52b6-812d-f5cd25f943ac) (Version: 2.17.0 - Star Stable Entertainment AB)
Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.4.0.2781 - Microsoft Corporation)
WinRAR 6.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.01.0 - win.rar GmbH)

Packages:
=========
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-10-20] (Microsoft Corporation)
Doplněk pro Fotky -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2022-03-19] (Microsoft Corporation)
Kate -> C:\Program Files\WindowsApps\KDEe.V.Kate_22.801.1797.0_x64__7vt06qxq7ptv8 [2022-10-01] (KDE e.V.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-09-28] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-09-28] (Microsoft Corporation) [MS Ad]
Microsoft To Do -> C:\Program Files\WindowsApps\Microsoft.Todos_2.94.6962.0_x64__8wekyb3d8bbwe [2023-04-20] (Microsoft Corporation) [Startup Task]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3476297074-517369176-1764710931-1001_Classes\CLSID\{d1b22d3d-8585-53a6-acb3-0e803c7e8d2a}\localserver32 -> C:\Users\david\AppData\Local\Microsoft\Teams\current\Teams.exe (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2022-03-15] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1-x32: [MyPhoneExplorer] -> {A372C6DF-7A85-41B1-B3B0-D1E24073DCBF} => C:\Program Files (x86)\MyPhoneExplorer\DLL\ShellMgr.dll [2010-03-30] (F.J. Wechselberger) [File not signed]
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-04-07] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-04-07] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2022-03-15] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2017-12-01] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2022-03-15] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-04-07] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-04-07] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [vidc.tscc] => C:\Windows\SysWOW64\tsccvid.dll [102400 2005-06-15] (TechSmith Corporation) [File not signed]

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============


==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2023-02-04] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2023-02-04] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-02-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-02-04] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-02-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-02-04] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-02-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-02-04] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-02-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-02-04] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-3476297074-517369176-1764710931-1001\...\sharepoint.com -> hxxps://ecentral-files.sharepoint.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-12-07 11:14 - 2019-12-07 11:12 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3476297074-517369176-1764710931-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKU\S-1-5-21-3476297074-517369176-1764710931-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{59F550CA-8808-47F5-9619-669C19DB1608}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{73DE9F9A-4356-403B-BB2A-43910FC56C7C}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{3A8F4FB9-C219-4D3C-81B9-1E2422D210F9}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> )
FirewallRules: [{5A6F3C43-F42D-449B-9DD2-8F5000BEB05C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> )
FirewallRules: [{DCB70056-D45A-44D2-8FB6-03F8EC22DDC3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> )
FirewallRules: [{5E59D8D3-FB38-4F69-A4F6-6A9310FDC6B3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> )
FirewallRules: [{0E5D8A4D-2A2A-4CB6-855E-8387EEFD8601}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8269C672-56C0-4134-93AA-592182DD83E0}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5AD409BE-E8EB-4D6A-8552-B4C3876A701D}] => (Allow) C:\HP\Diagnostics\PSDR\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [{8BDB7C2A-1285-40D1-85F2-580B529055C5}] => (Allow) C:\HP\Diagnostics\PSDR\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [{AC7DB12E-AF47-4A7C-8689-D893ACCC0BC3}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{BFB73091-A12D-4C6A-81EF-CDFB72B4E43C}C:\users\david\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\david\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{C6C27096-92A6-4977-9EBE-47D689A409E2}C:\users\david\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\david\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{F24C52FF-DE08-4CDC-B8A3-6C7803E97E64}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{D8954C37-1732-45FA-898B-6F282F75C058}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{8A174389-A0D7-4313-AB83-952C561ED705}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{3DD6A171-72E4-4109-88E0-5CE6E38A9FAF}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{825F31DF-B141-4AB6-B75D-01B4286EB81B}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{1151EBCB-4F44-48B7-90ED-8CC401D676CD}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\112.0.1722.58\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================

31-03-2023 22:12:10 Instalační služba modulů systému Windows
21-04-2023 20:37:51 Instalační služba modulů systému Windows
21-04-2023 20:54:50 Instalační služba modulů systému Windows
25-04-2023 14:26:51 Removed Kontrola stavu osobního počítače s Windows
25-04-2023 14:51:50 Instalační služba modulů systému Windows
25-04-2023 15:24:54 Driver Booster : Lenovo EasyCamera

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (04/25/2023 03:19:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Patch.exe, verze: 0.0.0.0, časové razítko: 0x50d4cdc2
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xe0464645
Posun chyby: 0x21a4b600
ID chybujícího procesu: 0xeb0
Čas spuštění chybující aplikace: 0x01d9777880dce5f3
Cesta k chybující aplikaci: C:\Program Files (x86)\IObit\Driver Booster\8.7.0\Patch.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 006d022a-315b-4f70-a0d4-58404cac0004
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (04/25/2023 03:18:43 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Loader-IDB.exe, verze: 0.0.0.0, časové razítko: 0x5d5410c1
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.2846, časové razítko: 0xb9bbdd8b
Kód výjimky: 0x0eedfade
Posun chyby: 0x00138fc2
ID chybujícího procesu: 0x227c
Čas spuštění chybující aplikace: 0x01d97778744c092e
Cesta k chybující aplikaci: C:\Program Files (x86)\IObit\Driver Booster\8.7.0\Loader-IDB.exe
Cesta k chybujícímu modulu: C:\Windows\System32\KERNELBASE.dll
ID zprávy: 8309b0db-48c1-4da4-9eb6-9f099bbc88a0
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (04/25/2023 02:57:16 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.

Error: (04/25/2023 02:57:16 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]

Error: (04/25/2023 02:57:16 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.

Error: (04/25/2023 02:57:16 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]

Error: (04/25/2023 02:04:06 PM) (Source: Firefox Default Browser Agent) (EventID: 12029) (User: )
Description: Event-ID 12029

Error: (04/25/2023 02:04:01 PM) (Source: Firefox Default Browser Agent) (EventID: 0) (User: )
Description: Event-ID 0


System errors:
=============
Error: (04/25/2023 02:58:42 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba SecDrv neuspěla při spuštění v důsledku následující chyby:
Načtení tohoto ovladače je blokováno.

Error: (04/25/2023 02:58:42 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Windows\SysWow64\drivers\SECDRV.SYS

Error: (04/25/2023 02:43:52 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9WZDNCRFJBH4-Microsoft.Windows.Photos.

Error: (04/23/2023 08:06:46 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba SecDrv neuspěla při spuštění v důsledku následující chyby:
Načtení tohoto ovladače je blokováno.

Error: (04/23/2023 08:05:26 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba ClickToRunSvc neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (04/23/2023 08:04:50 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (19:36:45, ‎23.‎04.‎2023) bylo neočekávané.

Error: (04/23/2023 07:36:34 PM) (Source: Ntfs) (EventID: 55) (User: NT AUTHORITY)
Description: Ve struktuře systému souborů na svazku G: bylo zjištěno poškození.

Přesná povaha poškození není známa. Je potřeba zkontrolovat a opravit struktury systému souborů v online režimu.

Error: (04/23/2023 07:36:34 PM) (Source: Ntfs) (EventID: 55) (User: NT AUTHORITY)
Description: Ve struktuře systému souborů na svazku G: bylo zjištěno poškození.

Přesná povaha poškození není známa. Je potřeba zkontrolovat a opravit struktury systému souborů v offline režimu.


Windows Defender:
================
Date: 2023-04-25 15:19:09
Description:
Antivirová ochrana v programu Microsoft Defender zjistil podezřelé chování.
Název: Behavior:Win32/DroppedKnownMalware
Závažnost: Nízké
Kategorie: Podezřelé chování
Nalezená cesta: file:_C:\Program Files (x86)\IObit\Driver Booster\8.7.0\Patch.exe; process:_3760
Původ detekce: Místní počítač
Typ detekce: Podezřelý
Zdroj detekce: Ochrana v reálném čase
Stav: Provádění
Uživatel: DESKTOP-57398S1\david
Název procesu: C:\Program Files (x86)\IObit\Driver Booster\8.7.0\Patch.exe
ID bezpečnostních informací: 41453692543830
Verze bezpečnostních informací: AV: 1.387.2175.0, AS: 1.387.2175.0
Verze modulu: 1.1.20200.4
Štítek věrnosti: Nízké
Název cílového souboru: C:\Users\david\AppData\Local\Temp\dup2patcher.dll

Date: 2023-04-25 15:13:03
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {10EDC41F-335E-46B8-8EBD-4E1E1A3712D7}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2023-04-23 19:22:13
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {5FE42485-A1DD-4797-B942-701C2620D3B4}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2023-04-22 00:04:06
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {6C819AD4-0037-4EEE-9230-06E4FBD5C330}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2023-04-20 20:02:20
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {15280C13-C224-4BBF-9552-031E78FDE059}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Event[0]:

Date: 2023-04-23 12:13:01
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.387.1781.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.20200.4
Kód chyby: 0x80070020
Popis chyby: Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.

Date: 2023-04-23 12:13:01
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.387.1781.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.20200.4
Kód chyby: 0x80070020
Popis chyby: Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.

Date: 2023-04-23 12:13:01
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.387.1781.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.20200.4
Kód chyby: 0x80070020
Popis chyby: Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.

Date: 2023-03-31 21:38:32
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.385.1482.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.20100.6
Kód chyby: 0x80070020
Popis chyby: Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.

Date: 2023-03-31 21:38:32
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.385.1482.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.20100.6
Kód chyby: 0x80070020
Popis chyby: Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.

CodeIntegrity:
===============
Date: 2023-04-25 15:11:43
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2303.8-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\vcruntime140_1.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2023-04-25 15:11:43
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2303.8-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2023-04-25 15:03:03
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2023-04-23 20:10:36
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\ESET\ESET Security\ecmds.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

BIOS: LENOVO C9CN33WW 08/26/2015
Motherboard: LENOVO Paris G 5A6
Processor: Intel(R) Celeron(R) CPU N3050 @ 1.60GHz
Percentage of memory in use: 72%
Total physical RAM: 4008.27 MB
Available physical RAM: 1092.06 MB
Total Virtual: 5672.27 MB
Available Virtual: 2443.97 MB

==================== Drives ================================

Drive c: (SYSTÉM) (Fixed) (Total:280.35 GB) (Free:185.31 GB) (Model: ST500LT012-1DG142) NTFS
Drive d: (ZÁLOŽNÍ ) (Fixed) (Total:164.13 GB) (Free:152.3 GB) (Model: ST500LT012-1DG142) NTFS
Drive e: (Vice_City_Play) (CDROM) (Total:0.64 GB) (Free:0 GB) CDFS
Drive i: (GTA_SAN_ANDREAS) (CDROM) (Total:3.94 GB) (Free:0 GB) UDF

\\?\Volume{f23e42ef-65b9-45b8-8527-935fd114e162}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.63 GB) NTFS
\\?\Volume{f9b1f2ec-d035-4230-8fb9-d2c2bbbd94f6}\ (LENOVO_PART) (Fixed) (Total:19.05 GB) (Free:5 GB) NTFS
\\?\Volume{45d871ad-6fee-4297-b557-d3e4a9e89924}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: B9926270)

Partition: GPT.

==================== End of Addition.txt =======================

Projel jsem to i AdwCleaner

# -------------------------------
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build: 08-30-2022
# Database: 2022-10-10.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 04-25-2023
# Duration: 00:00:05
# OS: Windows 10 (Build 19045.2846)
# Cleaned: 1
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Users\david\AppData\Roaming\IObit\Advanced SystemCare

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1481 octets] - [25/04/2023 16:07:58]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Chtěl jsem to projet i Junkware Removal Tool ,ale spustí se mě a po chvilce procesu se sám vypne.

Ovladače jsem již aktualizoval a Windows Update taky

ahoj,
citat:
Tvorba fixlistu pro FRST
•Spustte poznamkovy blok (Start-spustit-notepad)
•Zkopirujte skript >> •Ulozte vytvoreny TXT jako fixlist.txt
•Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe
•Kliknete na Fix
•Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

Fix result of Farbar Recovery Scan Tool (x64) Version: 29-04-2023
Ran by david (29-04-2023 19:37:09) Run:1
Running from C:\Users\david\Desktop
Loaded Profiles: david
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:

(C:\Program Files (x86)\IObit\Driver Booster\8.7.0\DriverBooster.exe ->) (IObit CO., LTD -> IObit) C:\Program Files (x86)\IObit\Driver Booster\8.7.0\ScanWinUpd.exe
(IObit CO., LTD -> IObit) C:\Program Files (x86)\IObit\Driver Booster\8.7.0\DriverBooster.exe
HKU\S-1-5-21-3476297074-517369176-1764710931-1001\...\MountPoints2: I - "I:\Install.exe"
HKU\S-1-5-21-3476297074-517369176-1764710931-1001\...\MountPoints2: {8fc14a63-829d-11ec-b698-b46d83ba83d9} - "G:\Setup.exe"
HKU\S-1-5-21-3476297074-517369176-1764710931-1001\...\MountPoints2: {8fc14a9d-829d-11ec-b698-b46d83ba83d9} - "I:\Install.exe"
HKU\S-1-5-21-3476297074-517369176-1764710931-1001\...\MountPoints2: {8fc14c8a-829d-11ec-b698-b46d83ba83d9} - "I:\Install.exe"
HKU\S-1-5-21-3476297074-517369176-1764710931-1001\...\MountPoints2: {8fc14dab-829d-11ec-b698-b46d83ba83d9} - "J:\Setup.exe"
HKU\S-1-5-21-3476297074-517369176-1764710931-1001\...\MountPoints2: {c0b04164-35ae-11ec-b690-507b9d329ba3} - "E:\HiSuiteDownLoader.exe"
S3 MpKsl4a8fc08e; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{96F416EE-FF6C-42EA-A491-CC838A391A6C}\MpKslDrv.sys [X]
2023-04-25 15:35 - 2021-10-25 22:05 - 000000000 ____D C:\ProgramData\IObit



EmptyTemp:
Reboot:
End

*****************

Processes closed successfully.
(C:\Program Files (x86)\IObit\Driver Booster\8.7.0\DriverBooster.exe ->) (IObit CO., LTD -> IObit) C:\Program Files (x86)\IObit\Driver Booster\8.7.0\ScanWinUpd.exe => Error: No automatic fix found for this entry.
C:\Program Files (x86)\IObit\Driver Booster\8.7.0\DriverBooster.exe => No running process found
HKU\S-1-5-21-3476297074-517369176-1764710931-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\I => removed successfully
HKU\S-1-5-21-3476297074-517369176-1764710931-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8fc14a63-829d-11ec-b698-b46d83ba83d9} => removed successfully
HKU\S-1-5-21-3476297074-517369176-1764710931-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8fc14a9d-829d-11ec-b698-b46d83ba83d9} => removed successfully
HKU\S-1-5-21-3476297074-517369176-1764710931-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8fc14c8a-829d-11ec-b698-b46d83ba83d9} => removed successfully
HKU\S-1-5-21-3476297074-517369176-1764710931-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8fc14dab-829d-11ec-b698-b46d83ba83d9} => removed successfully
HKU\S-1-5-21-3476297074-517369176-1764710931-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c0b04164-35ae-11ec-b690-507b9d329ba3} => removed successfully
MpKsl4a8fc08e => service not found.
C:\ProgramData\IObit => moved successfully

=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 1310720 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 144868464 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 0 B
Windows/system/drivers => 132752041 B
Edge => 0 B
Firefox => 1302058369 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 214248 B
NetworkService => 411835619 B
david => 659194868 B

RecycleBin => 0 B
EmptyTemp: => 2.5 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 19:41:37 ====

Seká se mi i prohližeč firefox (a to jsem ho restaroval - prohlížeč )

Pouzi zoek https://forum.viry.cz/viewtopic.php?p=1 ... k#p1549526

Zoek.exe v5.0.0.0 Updated 04-May-2015
Tool run by david on 30.04.2023 at 10:12:53,80.
Microsoft Windows 10 Home 10.0.19045 x64
Running in: Normal Mode No Internet Access Detected
Launched: C:\Users\david\Desktop\zoek.exe [Scan all users] [Script inserted]

==== Older Logs ======================

C:\zoek-results2023-04-29-214531.log 1524 bytes

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost

==== Empty Folders Check ======================

C:\PROGRA~3\DAEMON Tools Ultra deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-3476297074-517369176-1764710931-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5D6D711E-F697-44E0-8D6F-6E1EDCA55465} deleted successfully
HKEY_USERS\S-1-5-21-3476297074-517369176-1764710931-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{75D8C9AD-AE5B-44CE-A685-0EC0844B7B17} deleted successfully
HKEY_USERS\S-1-5-21-3476297074-517369176-1764710931-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D6B9F6DA-DCBC-4FA8-ADE2-55A81DCE78E6} deleted successfully
HKEY_USERS\S-1-5-21-3476297074-517369176-1764710931-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EE44EC7A-0FEE-4224-924E-6462F8407472} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== FireFox Fix ======================

Deleted from C:\Users\david\AppData\Roaming\Mozilla\Firefox\Profiles\4nli3p9u.default-release-1644957994668\prefs.js:
user_pref("browser.startup.homepage", "www.seznam.cz");

Added to C:\Users\david\AppData\Roaming\Mozilla\Firefox\Profiles\4nli3p9u.default-release-1644957994668\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

Deleted from C:\Users\david\AppData\Roaming\Mozilla\Firefox\Profiles\mkwa0ay5.default\prefs.js:

Added to C:\Users\david\AppData\Roaming\Mozilla\Firefox\Profiles\mkwa0ay5.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Deleting Files \ Folders ======================

C:\Users\david\AppData\Roaming\Star Stable Online deleted
C:\Users\david\.android deleted
C:\PROGRA~3\ProductData deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\david\AppData\Local\cache deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\CM2561E.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\CM28432.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\CM28F4E.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\CM29904.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\CM2D172.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tpm-1700-2730-36bb66.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tpm-37c4-34cc-4bf6b7fe.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1154-900-e9767.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1154-900-e9798.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1154-900-e97d8.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1154-900-e97ea.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1154-900-e98a8.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1154-900-e98e8.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1154-900-e9929.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1154-900-e9959.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1154-900-e997b.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1154-900-e999c.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1154-900-e99bd.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1154-900-e99ee.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1154-900-e9a1f.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1154-900-e9a31.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1154-900-e9a52.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1154-900-e9a83.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1154-900-e9a94.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1154-900-e9ab6.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1154-900-e9af6.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-12cc-160c-b2013.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-12cc-160c-b2044.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-12cc-160c-b2065.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-12cc-160c-b2077.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-12cc-160c-b2098.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-12cc-160c-b20b9.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-12cc-160c-b21f4.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-12cc-160c-b2215.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-12cc-160c-b2246.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-12cc-160c-b2267.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-12cc-160c-b2288.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-12cc-160c-b229a.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-12cc-160c-b22bb.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-12cc-160c-b22cd.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-12cc-160c-b22ee.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-12cc-160c-b230f.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-12cc-160c-b2321.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-12cc-160c-b2342.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-12cc-160c-b2354.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-147c-2090-34220dd5.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-147c-2090-34220e54.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-147c-2090-34220e95.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-147c-2090-34220f04.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-147c-2090-34220f35.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-147c-2090-34220f66.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-147c-2090-34220f97.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-147c-2090-34220fc8.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-147c-2090-34221008.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-147c-2090-34221068.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-147c-2090-34221099.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-147c-2090-342210d9.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-147c-2090-3422110a.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-147c-2090-3422113b.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-147c-2090-3422117c.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-147c-2090-3422120a.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-147c-2090-3422122c.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-147c-2090-3422126c.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-147c-2090-3422129d.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-16f4-2a2c-fa90aee.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-16f4-2a2c-fa90b5e.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-16f4-2a2c-fa90b9e.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-16f4-2a2c-fa90bcf.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-16f4-2a2c-fa90c00.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-16f4-2a2c-fa90c31.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-16f4-2a2c-fa90c62.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-16f4-2a2c-fa90d8d.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-16f4-2a2c-fa90dbe.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-16f4-2a2c-fa90dee.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-16f4-2a2c-fa90e2f.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-16f4-2a2c-fa90edd.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-16f4-2a2c-fa90f0e.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-16f4-2a2c-fa90f3f.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-16f4-2a2c-fa90f6f.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-16f4-2a2c-fa90fa0.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-16f4-2a2c-fa90fd1.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-16f4-2a2c-fa91002.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-16f4-2a2c-fa91033.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1700-2730-36074c.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1700-2730-36124b.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1700-2730-36178c.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1700-2730-361b38.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1700-2730-3621c2.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1700-2730-362648.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1700-2730-362d4f.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1700-2730-3634b3.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1700-2730-363ed7.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1700-2730-364774.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1700-2730-365f83.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1700-2730-36610b.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1700-2730-3677b2.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1700-2730-367dee.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1700-2730-368a44.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1700-2730-3690fd.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1700-2730-3696ac.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1700-2730-3697c7.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1700-2730-369e51.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1700-2730-36a47d.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1700-2730-36b316.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1700-2730-36bb55.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-174-1a7c-2b4dfd.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-174-1a7c-2b4ff3.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-174-1a7c-2b5034.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-174-1a7c-2b50a3.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-174-1a7c-2b5289.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-174-1a7c-2b5337.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-174-1a7c-2b5491.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-174-1a7c-2b5510.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-174-1a7c-2b5550.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-174-1a7c-2b562d.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-174-1a7c-2b567d.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-174-1a7c-2b57c7.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-174-1a7c-2b5808.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-174-1a7c-2b5877.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-174-1a7c-2b5906.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-174-1a7c-2b59d3.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-174-1a7c-2b5b1d.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-174-1a7c-2b5b8d.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-174-1a7c-2b5d73.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-17a8-13c0-695562.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-17a8-13c0-695583.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-17a8-13c0-6955a5.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-17a8-13c0-695624.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-17a8-13c0-695654.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-17a8-13c0-695666.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-17a8-13c0-695687.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-17a8-13c0-695699.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-17a8-13c0-695708.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-17a8-13c0-695739.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-17a8-13c0-69575a.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-17a8-13c0-69576c.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-17a8-13c0-69579d.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-17a8-13c0-6957af.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-17a8-13c0-6957d0.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-17a8-13c0-6957e1.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-17a8-13c0-695803.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-17a8-13c0-695824.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-17a8-13c0-695836.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1824-2930-f86370a.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1824-2930-f86390f.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1824-2930-f863950.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1824-2930-f863981.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1824-2930-f863a4e.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1824-2930-f863b4a.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1824-2930-f863c27.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1824-2930-f863c77.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1824-2930-f863cb7.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1824-2930-f863d07.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1824-2930-f863da6.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1824-2930-f863de6.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1824-2930-f863e36.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1824-2930-f863e77.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1824-2930-f863f63.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1824-2930-f863f94.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1824-2930-f863fb5.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1824-2930-f863fe6.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1824-2930-f864055.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1898-404-3e7a470.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1898-404-3e7a5aa.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1898-404-3e7a687.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1898-404-3e7a6b8.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1898-404-3e7a6e9.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1898-404-3e7a7b6.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1898-404-3e7a835.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1898-404-3e7a8b4.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1898-404-3e7a8f5.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1898-404-3e7a993.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1898-404-3e7aa41.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1898-404-3e7aacf.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1898-404-3e7ab8d.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1898-404-3e7abfc.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1898-404-3e7adc3.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1898-404-3e7aeb0.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1898-404-3e7af3e.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1898-404-3e7b02b.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1898-404-3e7b0d9.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1990-2050-16ca8d8.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-19d0-398-23d9be5f.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-19d0-398-23d9bf0d.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-19d0-398-23d9c018.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-19d0-398-23d9c0e5.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-19d0-398-23d9c136.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-19d0-398-23d9c157.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-19d0-398-23d9c188.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-19d0-398-23d9c1b9.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-19d0-398-23d9c1da.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-19d0-398-23d9c268.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-19d0-398-23d9c28a.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-19d0-398-23d9c2ab.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-19d0-398-23d9c2cc.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-19d0-398-23d9c2fd.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-19d0-398-23d9c31e.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-19d0-398-23d9c36e.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-19d0-398-23d9c4a9.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-19d0-398-23d9c4da.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-19d0-398-23d9c50b.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1b20-1554-bf044.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1b20-1554-bf065.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1b20-1554-bf086.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1b20-1554-bf0a7.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1b20-1554-bf0b9.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1b20-1554-bf0da.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1b20-1554-bf0ec.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1b20-1554-bf10d.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1b20-1554-bf12e.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1b20-1554-bf140.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1b20-1554-bf190.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1b20-1554-bf1a2.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1b20-1554-bf1c3.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1b20-1554-bf1e4.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1b20-1554-bf1f6.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1b20-1554-bf217.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1b20-1554-bf238.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1b20-1554-bf24a.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1b20-1554-bf26b.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1c28-18c0-19bd9567.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1c28-18c0-19bd95c6.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1c28-18c0-19bd9607.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1c28-18c0-19bd9638.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1c28-18c0-19bd96b7.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1c28-18c0-19bd9716.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1c28-18c0-19bd9767.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1c28-18c0-19bd97d6.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1c28-18c0-19bd9816.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1c28-18c0-19bd9857.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1c28-18c0-19bd98a7.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1c28-18c0-19bd98e8.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1c28-18c0-19bd9947.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1c28-18c0-19bd99e6.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1c28-18c0-19bd9a07.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1c28-18c0-19bd9a57.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1c28-18c0-19bd9a97.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1c28-18c0-19bd9af7.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1c28-18c0-19bd9ba5.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1cd8-1558-3116082.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1cd8-1558-311614f.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1cd8-1558-31161ce.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1cd8-1558-31161e0.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1cd8-1558-3116211.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1cd8-1558-3116222.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1cd8-1558-3116244.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1cd8-1558-3116265.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1cd8-1558-3116267.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1cd8-1558-3116288.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1cd8-1558-31162b9.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1cd8-1558-31162fa.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1cd8-1558-311631b.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1cd8-1558-311633c.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1cd8-1558-311635d.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1cd8-1558-311638e.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1cd8-1558-31163bf.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1cd8-1558-31163d1.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1cd8-1558-31163f2.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1de0-219c-1ef9cd0b.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1de0-219c-1ef9cd6b.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1de0-219c-1ef9cd9c.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1de0-219c-1ef9cdcc.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1de0-219c-1ef9cdee.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1de0-219c-1ef9ce1f.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1de0-219c-1ef9ce4f.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1de0-219c-1ef9ce80.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1de0-219c-1ef9ceb1.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1de0-219c-1ef9cf40.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1de0-219c-1ef9cfbf.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1de0-219c-1ef9cfff.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1de0-219c-1ef9d040.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1de0-219c-1ef9d071.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1de0-219c-1ef9d13e.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1de0-219c-1ef9d16f.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1de0-219c-1ef9d1a0.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1de0-219c-1ef9d1e0.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1de0-219c-1ef9d221.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1dec-11b8-315553.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1dec-11b8-3155a3.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1dec-11b8-3155c4.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1dec-11b8-3155f5.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1dec-11b8-315607.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1dec-11b8-315628.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1dec-11b8-315649.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1dec-11b8-31567a.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1dec-11b8-31569b.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1dec-11b8-3156bd.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1dec-11b8-31572c.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1dec-11b8-31576c.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1dec-11b8-3157ad.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1dec-11b8-3157ce.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1dec-11b8-3157ff.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1dec-11b8-315830.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1dec-11b8-315851.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1dec-11b8-315863.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1dec-11b8-315894.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1ebc-2dc-306f29.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1ebc-2dc-306fb8.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1ebc-2dc-306ff8.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1ebc-2dc-307048.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1ebc-2dc-307079.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1ebc-2dc-3070aa.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1ebc-2dc-3070cb.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1ebc-2dc-3070dd.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1ebc-2dc-30715c.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1ebc-2dc-30719c.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1ebc-2dc-3071be.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1ebc-2dc-3071df.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1ebc-2dc-307210.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1ebc-2dc-307231.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1ebc-2dc-307252.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1ebc-2dc-307264.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1ebc-2dc-307285.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1ebc-2dc-3072c6.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1ebc-2dc-307306.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1f24-1824-a3255b8.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1f24-1824-a325627.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1f24-1824-a325658.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1f24-1824-a325679.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1f24-1824-a3256c9.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1f24-1824-a3256fa.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1f24-1824-a32575a.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1f24-1824-a32577b.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1f24-1824-a3257bc.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1f24-1824-a3257fc.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1f24-1824-a3258ba.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1f24-1824-a3258eb.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1f24-1824-a32590c.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1f24-1824-a32595c.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1f24-1824-a32598d.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1f24-1824-a3259be.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1f24-1824-a3259ef.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1f24-1824-a325a1f.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1f24-1824-a325a50.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1f64-b2c-7aee92.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1f64-b2c-7afbc3.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1f64-b2c-7b0913.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1f64-b2c-7b18b5.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1f64-b2c-7b370d.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1f64-b2c-7b595c.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1f64-b2c-7b810b.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1f64-b2c-7ba2cd.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1f64-b2c-7ba427.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1f64-b2c-7ba4c5.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1f64-b2c-7ba5a2.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1f64-b2c-7ba66f.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1f64-b2c-7ba7b9.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1f64-b2c-7ba886.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1f64-b2c-7baa0f.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1f64-b2c-7baacc.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1f64-b2c-7badad.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1f64-b2c-7bae6a.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-1f64-b2c-7bb08f.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2018-20e0-1acfa3.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2018-20e0-1acff3.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2018-20e0-1ad015.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2018-20e0-1ad026.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2018-20e0-1ad057.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2018-20e0-1ad0d6.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2018-20e0-1ad0f7.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2018-20e0-1ad119.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2018-20e0-1ad13a.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2018-20e0-1ad15b.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2018-20e0-1ad17c.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2018-20e0-1ad18e.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2018-20e0-1ad1af.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2018-20e0-1ad1c1.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2018-20e0-1ad1e2.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2018-20e0-1ad1f4.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2018-20e0-1ad215.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2018-20e0-1ad227.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2018-20e0-1ad257.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2104-a0c-47dab2d.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2104-a0c-47dab8d.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2104-a0c-47dabcd.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2104-a0c-47dabfe.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2104-a0c-47dac1f.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2104-a0c-47dac50.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2104-a0c-47dac81.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2104-a0c-47dacb2.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2104-a0c-47dace3.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2104-a0c-47dad04.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2104-a0c-47dad25.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2104-a0c-47dad56.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2104-a0c-47dad87.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2104-a0c-47dadb8.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2104-a0c-47dadca.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2104-a0c-47dadfa.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2104-a0c-47dae1c.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2104-a0c-47dae5c.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2104-a0c-47dae7d.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2134-1288-b73b1.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2134-1288-b73e2.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2134-1288-b7442.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2134-1288-b7b68.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2134-1288-b7fde.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2134-1288-b80fa.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2134-1288-b814a.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2134-1288-b8227.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2134-1288-b8296.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2134-1288-b8305.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2134-1288-b83c3.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2134-1288-b8432.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2134-1288-b85ab.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2134-1288-b862a.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2134-1288-b8774.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2134-1288-b8861.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2134-1288-b891e.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2134-1288-b8a88.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2134-1288-b8b16.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2370-1c78-24050f.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2370-1c78-24055f.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2370-1c78-240581.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2370-1c78-2405c1.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2370-1c78-240640.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2370-1c78-240681.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2370-1c78-2406c1.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2370-1c78-2406e2.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2370-1c78-240713.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2370-1c78-240734.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2370-1c78-240756.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2370-1c78-240777.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2370-1c78-2407a8.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2370-1c78-2407c9.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2370-1c78-240838.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2370-1c78-240879.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2370-1c78-24089a.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2370-1c78-2408db.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2370-1c78-2408fc.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2494-13ec-16e9b10e.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2494-13ec-16e9b1ac.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2494-13ec-16e9b1ce.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2494-13ec-16e9b1df.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2494-13ec-16e9b201.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2494-13ec-16e9b222.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2494-13ec-16e9b243.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2494-13ec-16e9b255.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2494-13ec-16e9b286.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2494-13ec-16e9b2a7.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2494-13ec-16e9b2b8.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2494-13ec-16e9b2da.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2494-13ec-16e9b2fb.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2494-13ec-16e9b32c.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2494-13ec-16e9b37c.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2494-13ec-16e9b3bc.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2494-13ec-16e9b3ce.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2494-13ec-16e9b3ef.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2494-13ec-16e9b411.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2914-334c-24bdcabe.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2914-334c-24bdce69.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2914-334c-24bdcf36.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2914-334c-24bdd052.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2914-334c-24bdd16d.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2914-334c-24bdd259.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2914-334c-24bdd3a3.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2914-334c-24bdd4ce.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2914-334c-24bdd618.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2914-334c-24bdd947.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2914-334c-24bdda53.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2914-334c-24bddb00.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2914-334c-24bddb8f.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2914-334c-24bddcba.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2914-334c-24bdde81.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2914-334c-24bddf3f.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2914-334c-24bde21f.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2914-334c-24bde9e1.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2914-334c-24bdec64.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-29e4-1e4c-1521cb66.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-29e4-1e4c-1521cc24.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-29e4-1e4c-1521cc45.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-29e4-1e4c-1521cc66.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-29e4-1e4c-1521cc88.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-29e4-1e4c-1521cca9.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-29e4-1e4c-1521ccca.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-29e4-1e4c-1521cceb.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-29e4-1e4c-1521cd0d.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-29e4-1e4c-1521cd1e.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-29e4-1e4c-1521cd6e.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-29e4-1e4c-1521cd9f.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-29e4-1e4c-1521cdc0.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-29e4-1e4c-1521cde2.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-29e4-1e4c-1521ce03.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-29e4-1e4c-1521ce34.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-29e4-1e4c-1521ce55.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-29e4-1e4c-1521ce67.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-29e4-1e4c-1521ce98.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2a14-137c-9bad91.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2a14-137c-9bb237.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2a14-137c-9bb69e.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2a14-137c-9bb9ad.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2a14-137c-9bbf8b.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2a14-137c-9bc50b.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2a14-137c-9bc8d6.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2a14-137c-9bcdaa.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2a14-137c-9bd146.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2a14-137c-9bd494.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2a14-137c-9bdaa1.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2a14-137c-9be040.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2a14-137c-9be1d8.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2a14-137c-9be574.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2a14-137c-9be9bc.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2a14-137c-9bef9a.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2a14-137c-9bf45f.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2a14-137c-9bfcec.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2a14-137c-9c081a.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2d4-1208-11aa2e9.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2d4-1208-11abaa9.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2d4-1208-11ac23c.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2d4-1208-11ad6a1.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2d4-1208-11addd7.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2d4-1208-11aecdd.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2d4-1208-11af616.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2d4-1208-11b00a7.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2d4-1208-11b07be.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2d4-1208-11b10b9.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2d4-1208-11b153f.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2d4-1208-11b18fa.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2d4-1208-11b22df.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2d4-1208-11b263d.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2d4-1208-11b3293.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2d4-1208-11b391d.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2d4-1208-11b3fb6.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2d4-1208-11b4508.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-2d4-1208-11b571b.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3500-1e20-47f7e3dc.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3500-1e20-47f7e45b.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3500-1e20-47f7e4ab.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3500-1e20-47f7e4dc.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3500-1e20-47f7e4fd.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3500-1e20-47f7e51e.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3500-1e20-47f7e540.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3500-1e20-47f7e571.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3500-1e20-47f7e592.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3500-1e20-47f7e5b3.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3500-1e20-47f7e5d4.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3500-1e20-47f7e5f6.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3500-1e20-47f7e617.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3500-1e20-47f7e638.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3500-1e20-47f7e669.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3500-1e20-47f7e6e8.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3500-1e20-47f7e748.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3500-1e20-47f7e798.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3500-1e20-47f7e807.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-37c4-34cc-4bf46496.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-37c4-34cc-4bf4c5e2.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-37c4-34cc-4bf4ecb6.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-37c4-34cc-4bf4ee6d.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-37c4-34cc-4bf50226.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-37c4-34cc-4bf5097b.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-37c4-34cc-4bf521d7.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-37c4-34cc-4bf5310c.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-37c4-34cc-4bf55aae.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-37c4-34cc-4bf56494.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-37c4-34cc-4bf5709c.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-37c4-34cc-4bf577d1.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-37c4-34cc-4bf58512.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-37c4-34cc-4bf5930e.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-37c4-34cc-4bf5a80f.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-37c4-34cc-4bf5b10a.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-37c4-34cc-4bf5c5dc.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-37c4-34cc-4bf5cfe1.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-37c4-34cc-4bf60191.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-37c4-34cc-4bf60fbc.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-37c4-34cc-4bf61a9c.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-37c4-34cc-4bf62126.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-37c4-34cc-4bf63740.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-37c4-34cc-4bf64338.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-37c4-34cc-4bf65309.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-37c4-34cc-4bf65abc.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-37c4-34cc-4bf66184.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-37c4-34cc-4bf67491.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-37c4-34cc-4bf68126.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-37c4-34cc-4bf68eb5.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-37c4-34cc-4bf69752.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-37c4-34cc-4bf6a128.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-37c4-34cc-4bf6b7de.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3d9c-3888-2311874e.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3d9c-3888-2311879e.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3d9c-3888-231187cf.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3d9c-3888-23118800.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3d9c-3888-23118831.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3d9c-3888-23118862.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3d9c-3888-231188a2.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3d9c-3888-231188d3.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3d9c-3888-23118904.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3d9c-3888-23118944.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3d9c-3888-23118985.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3d9c-3888-231189f4.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3d9c-3888-23118a25.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3d9c-3888-23118a66.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3d9c-3888-23118aa6.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3d9c-3888-23118ad7.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3d9c-3888-23118b08.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3d9c-3888-23118b39.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-3d9c-3888-23118b79.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-4b0-14bc-4b3403.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-4b0-14bc-4b3434.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-4b0-14bc-4b34a3.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-4b0-14bc-4b34b5.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-4b0-14bc-4b34e6.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-4b0-14bc-4b34f8.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-4b0-14bc-4b3528.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-4b0-14bc-4b354a.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-4b0-14bc-4b357b.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-4b0-14bc-4b358c.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-4b0-14bc-4b35ad.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-4b0-14bc-4b35bf.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-4b0-14bc-4b362e.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-4b0-14bc-4b3650.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-4b0-14bc-4b3671.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-4b0-14bc-4b3683.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-4b0-14bc-4b3702.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-4b0-14bc-4b3723.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-4b0-14bc-4b3763.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-4b0-14bc-4b3775.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-4b0-14bc-4b37d5.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-4b0-14bc-4b37e6.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-4b0-14bc-4b3836.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-4b0-14bc-4b3896.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-4b0-14bc-4b38e6.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-4b0-14bc-4b3908.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-4b0-14bc-4b3996.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-4b0-14bc-4b3a54.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-4b0-14bc-4b3ac3.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-4b0-14bc-4b3ae4.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-4b0-14bc-4b3b34.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-4b0-14bc-4b3b75.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-4b0-14bc-4b3be4.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-4b0-14bc-4b3c34.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-4b0-14bc-4b3d21.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-4b0-14bc-4b3d42.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-578-1324-f9976.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-578-1324-f99a6.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-578-1324-f99c8.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-578-1324-f99f9.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-578-1324-f9a1a.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-578-1324-f9a4b.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-578-1324-f9a6c.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-578-1324-f9a9d.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-578-1324-f9ace.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-578-1324-f9aef.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-578-1324-f9b20.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-578-1324-f9b41.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-578-1324-f9b62.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-578-1324-f9b84.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-578-1324-f9bb4.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-578-1324-f9bd6.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-578-1324-f9bf7.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-578-1324-f9c66.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-578-1324-f9c97.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-70-20ec-417adae.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-70-20ec-417b14a.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-70-20ec-417b2c3.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-70-20ec-417b881.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-70-20ec-417b9eb.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-70-20ec-417bd0a.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-70-20ec-417be34.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-70-20ec-417c6f1.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-70-20ec-417cef2.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-70-20ec-417d29d.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-70-20ec-417d3d8.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-70-20ec-417d5be.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-70-20ec-417d6f9.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-70-20ec-417d8fe.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-70-20ec-417dad5.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-70-20ec-417dd38.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-70-20ec-417e057.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-70-20ec-417e163.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-70-20ec-417e24f.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-724-fa8-1cc103.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-724-fa8-1cc3d4.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-724-fa8-1cc5e9.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-724-fa8-1ccffd.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-724-fa8-1cdb1b.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-724-fa8-1cdef6.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-724-fa8-1cdf26.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-724-fa8-1ce439.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-724-fa8-1ceae2.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-724-fa8-1ceedc.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-724-fa8-1cf0b3.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-724-fa8-1cf26a.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-724-fa8-1cf606.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-724-fa8-1cfbb5.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-724-fa8-1d0cfd.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-724-fa8-1d16e2.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-724-fa8-1d17cf.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-724-fa8-1d1986.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-724-fa8-1d1a15.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-890-122c-4849063f.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-890-122c-4849074a.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-890-122c-484907d9.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-890-122c-48490819.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-890-122c-48490879.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-890-122c-484908f8.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-890-122c-48490a52.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-890-122c-48490ad1.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-890-122c-48490b60.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-890-122c-48490bfe.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-890-122c-48490c6d.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-890-122c-48490d2b.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-890-122c-48490db9.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-890-122c-48490e19.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-890-122c-48490e69.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-890-122c-48490f84.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-890-122c-48490fe4.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-890-122c-484910f0.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-890-122c-484911bd.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-970-2478-2c96090.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-970-2478-2c960d1.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-970-2478-2c96101.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-970-2478-2c96152.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-970-2478-2c96173.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-970-2478-2c96194.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-970-2478-2c961e4.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-970-2478-2c96254.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-970-2478-2c962c3.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-970-2478-2c96303.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-970-2478-2c96325.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-970-2478-2c96346.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-970-2478-2c96377.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-970-2478-2c963c7.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-970-2478-2c963f8.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-970-2478-2c96438.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-970-2478-2c9645a.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-970-2478-2c9647b.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-970-2478-2c964db.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-a1c-cb0-89d21.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-a1c-cb0-89d33.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-a1c-cb0-89d44.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-a1c-cb0-89d56.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-a1c-cb0-89d68.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-a1c-cb0-89d79.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-a1c-cb0-89d9a.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-a1c-cb0-89dac.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-a1c-cb0-89dbe.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-a1c-cb0-89dcf.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-a1c-cb0-89de1.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-a1c-cb0-89df3.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-a1c-cb0-89e04.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-a1c-cb0-89e16.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-a1c-cb0-89e27.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-a1c-cb0-89e39.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-a1c-cb0-89e4b.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-a1c-cb0-89e5c.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-a1c-cb0-89e6e.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-c28-1fc0-3eab3d82.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-c28-1fc0-3eab3db3.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-c28-1fc0-3eab3dd4.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-c28-1fc0-3eab3df6.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-c28-1fc0-3eab3e17.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-c28-1fc0-3eab3e48.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-c28-1fc0-3eab3e79.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-c28-1fc0-3eab3eb9.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-c28-1fc0-3eab3eea.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-c28-1fc0-3eab3f4a.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-c28-1fc0-3eab3f8a.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-c28-1fc0-3eab3fac.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-c28-1fc0-3eab3fcd.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-c28-1fc0-3eab3fee.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-c28-1fc0-3eab400f.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-c28-1fc0-3eab4031.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-c28-1fc0-3eab4052.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-c28-1fc0-3eab4073.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-c28-1fc0-3eab4094.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-c70-458-b9ca473.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-c70-458-b9cc0d7.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-c70-458-b9cc945.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-c70-458-b9ccb3b.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-c70-458-b9cd09c.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-c70-458-b9cd254.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-c70-458-b9cd757.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-c70-458-b9cd9f9.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-c70-458-b9ce0b1.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-c70-458-b9ce70c.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-c70-458-b9ce857.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-c70-458-b9cf0d4.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-c70-458-b9cf5d8.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-c70-458-b9cf935.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-c70-458-b9cfd6d.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-c70-458-b9d0a21.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-c70-458-b9d0f92.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-c70-458-b9d1291.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-c70-458-b9d18fc.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-db8-2740-3e77a05.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-db8-2740-3e77ae1.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-db8-2740-3e77b22.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-db8-2740-3e77b72.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-db8-2740-3e77ba3.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-db8-2740-3e77c22.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-db8-2740-3e77c53.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-db8-2740-3e77c84.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-db8-2740-3e77cd4.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-db8-2740-3e77d91.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-db8-2740-3e77dc2.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-db8-2740-3e77e03.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-db8-2740-3e77e53.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-db8-2740-3e77ef1.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-db8-2740-3e77f80.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-db8-2740-3e77fb0.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-db8-2740-3e77fe1.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-db8-2740-3e78003.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-db8-2740-3e78237.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-e74-1d80-c1bf7.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-e74-1d80-c1c28.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-e74-1d80-c1c49.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-e74-1d80-c1c6b.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-e74-1d80-c1c8c.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-e74-1d80-c1c9d.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-e74-1d80-c1cbf.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-e74-1d80-c1ce0.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-e74-1d80-c1cf2.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-e74-1d80-c1d13.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-e74-1d80-c1d34.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-e74-1d80-c1d46.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-e74-1d80-c1d67.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-e74-1d80-c1d79.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-e74-1d80-c1da9.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-e74-1d80-c1dcb.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-e74-1d80-c1dec.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-e74-1d80-c1dfe.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-e74-1d80-c1e0f.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-f6c-22bc-1e32c4.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-f6c-22bc-1e33b0.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-f6c-22bc-1e33c2.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-f6c-22bc-1e3412.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-f6c-22bc-1e3433.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-f6c-22bc-1e3464.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-f6c-22bc-1e3485.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-f6c-22bc-1e34a6.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-f6c-22bc-1e34e7.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-f6c-22bc-1e34f8.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-f6c-22bc-1e3529.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-f6c-22bc-1e354b.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-f6c-22bc-1e355c.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-f6c-22bc-1e357d.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-f6c-22bc-1e359f.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-f6c-22bc-1e35df.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-f6c-22bc-1e35f1.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-f6c-22bc-1e3612.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-f6c-22bc-1e3643.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-f70-2318-1edcfe.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-f70-2318-1edd2f.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-f70-2318-1edd50.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-f70-2318-1edd71.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-f70-2318-1edd92.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-f70-2318-1edda4.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-f70-2318-1eddc5.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-f70-2318-1edde6.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-f70-2318-1ede08.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-f70-2318-1ede19.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-f70-2318-1ede3b.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-f70-2318-1ede5c.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-f70-2318-1ede6d.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-f70-2318-1ede8f.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-f70-2318-1edeb0.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-f70-2318-1eded1.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-f70-2318-1edee3.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-f70-2318-1edf04.tmp deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\tw-f70-2318-1edf25.tmp deleted
"C:\DumpStack.log.tmp" not deleted

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\david\AppData\Roaming\Mozilla\Firefox\Profiles\4nli3p9u.default-release-1644957994668
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

ProfilePath: C:\Users\david\AppData\Roaming\Mozilla\Firefox\Profiles\mkwa0ay5.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Firefox Extensions ======================

ProfilePath: C:\Users\david\AppData\Roaming\Mozilla\Firefox\Profiles\4nli3p9u.default-release-1644957994668
- Undetermined - %ProfilePath%\extensions\simple-translate@sienori.xpi
- Undetermined - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

==== Firefox Plugins ======================


==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IESR02"

==== Reset Google Chrome ======================

C:\Users\david\AppData\Local\Microsoft\Edge\User Data\Default\Preferences was reset successfully
C:\Users\david\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences was reset successfully
C:\Users\david\AppData\Local\Microsoft\Edge\User Data\Default\Web Data will be reset at reboot
C:\Users\david\AppData\Local\Microsoft\Edge\User Data\Default\Web Data-journal was reset successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\david\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\david\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

C:\Users\david\AppData\Local\Mozilla\Firefox\Profiles\4nli3p9u.default-release-1644957994668\cache2 emptied successfully

==== Empty Chrome Cache ======================

C:\Users\david\AppData\Local\Microsoft\Edge\User Data\Default\Cache will be emptied at reboot

==== Empty All Flash Cache ======================

No Flash Cache Found

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=219 folders=929 77165326 bytes)

==== Empty Temp Folders ======================

C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\david\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\DumpStack.log.tmp" not deleted
"C:\Users\david\AppData\Local\Microsoft\Edge\User Data\Default\Web Data" not found

==== EOF on 30.04.2023 at 11:28:13,12 ======================

Malo by byt cisto
Pozri este velkost adresara desktop - nemal by presahovat 1GB

souhlasí