Prosím o kontrolu logu

Místo pro vaše HiJackThis logy a logy z dalších programů…

Moderátoři: Mods_senior, Security team

Odpovědět
nermitus
Level 2
Level 2
Příspěvky: 207
Registrován: prosinec 14
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu

Příspěvekod nermitus » 26 led 2022 08:23

C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-272c-1b58-3a7222.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-272c-1b58-3a7224.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-272c-1b58-3a7236.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-272c-1b58-3a7238.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-272c-1b58-3a723a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-272c-1b58-3a724c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-272c-1b58-3a724e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-272c-1b58-3a725f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-272c-1b58-3a7261.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-272c-1b58-3a7273.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-272c-1b58-3a7275.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-272c-1b58-3a7286.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-272c-1b58-3a7288.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2740-22dc-c43e84.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2740-22dc-c43e86.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2740-22dc-c43e88.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2740-22dc-c43e9a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2740-22dc-c43e9c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2740-22dc-c43e9e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2740-22dc-c43eaf.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2740-22dc-c43eb1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2740-22dc-c43ec3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2740-22dc-c43ec5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2740-22dc-c43ec7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2740-22dc-c43ed8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2740-22dc-c43eea.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2740-22dc-c43efc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2740-22dc-c43efe.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2740-22dc-c43f0f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2740-22dc-c43f11.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2740-22dc-c43f13.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2740-22dc-c43f25.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2850-fa0-1a1711.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2850-fa0-1a1713.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2850-fa0-1a1725.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2850-fa0-1a1727.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2850-fa0-1a1729.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2850-fa0-1a173a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2850-fa0-1a173c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2850-fa0-1a174e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2850-fa0-1a1750.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2850-fa0-1a1752.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2850-fa0-1a1764.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2850-fa0-1a1766.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2850-fa0-1a1768.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2850-fa0-1a1779.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2850-fa0-1a177b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2850-fa0-1a177d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2850-fa0-1a178f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2850-fa0-1a1791.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2850-fa0-1a1793.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2900-28e8-4aa780.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2900-28e8-4aa782.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2900-28e8-4aa784.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2900-28e8-4aa796.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2900-28e8-4aa7a8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2900-28e8-4aa7aa.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2900-28e8-4aa7ac.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2900-28e8-4aa7ae.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2900-28e8-4aa7bf.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2900-28e8-4aa7d1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2900-28e8-4aa7e2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2900-28e8-4aa7f4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2900-28e8-4aa806.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2900-28e8-4aa817.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2900-28e8-4aa819.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2900-28e8-4aa81b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2900-28e8-4aa82d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2900-28e8-4aa83f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2900-28e8-4aa850.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2b8c-2d20-96c58.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2b8c-2d20-96c98.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2b8c-2d20-96cc9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2b8c-2d20-96cfa.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2b8c-2d20-96cfc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2b8c-2d20-96d0e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2b8c-2d20-96d10.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2b8c-2d20-96d21.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2b8c-2d20-96d23.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2b8c-2d20-96d35.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2b8c-2d20-96d37.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2b8c-2d20-96d49.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2b8c-2d20-96d5a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2b8c-2d20-96d5c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2b8c-2d20-96d6e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2b8c-2d20-96d70.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2b8c-2d20-96d82.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2b8c-2d20-96d84.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2b8c-2d20-96d95.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2cac-200c-79c082.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2cac-200c-79c094.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2cac-200c-79c0a5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2cac-200c-79c0b7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2cac-200c-79c0d8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2cac-200c-79c109.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2cac-200c-79c14a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2cac-200c-79c14c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2cac-200c-79c15d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2cac-200c-79c15f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2cac-200c-79c171.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2cac-200c-79c192.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2cac-200c-79c1b3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2cac-200c-79c1b5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2cac-200c-79c1d7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2cac-200c-79c1d9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2cac-200c-79c1ea.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2cac-200c-79c1fc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2cac-200c-79c22d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2cec-2d10-6a9218.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2cec-2d10-6a9239.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2cec-2d10-6a925b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2cec-2d10-6a926c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2cec-2d10-6a926e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2cec-2d10-6a929f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2cec-2d10-6a92a1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2cec-2d10-6a92c2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2cec-2d10-6a92d4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2cec-2d10-6a92f5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2cec-2d10-6a92f7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2cec-2d10-6a92f9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2cec-2d10-6a930b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2cec-2d10-6a930d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2cec-2d10-6a931f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2cec-2d10-6a9321.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2cec-2d10-6a9323.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2cec-2d10-6a9334.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2cec-2d10-6a9336.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2d00-2218-2639b28.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2d00-2218-2639b59.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2d00-2218-2639b6b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2d00-2218-2639b7c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2d00-2218-2639b9e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2d00-2218-2639bbf.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2d00-2218-2639bff.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2d00-2218-2639c30.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2d00-2218-2639c32.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2d00-2218-2639c44.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2d00-2218-2639c65.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2d00-2218-2639c67.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2d00-2218-2639c79.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2d00-2218-2639c7b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2d00-2218-2639c8c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2d00-2218-2639c9e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2d00-2218-2639cb0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2d00-2218-2639cc1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2d00-2218-2639cc3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e14-252c-32859db.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e14-252c-3285b45.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e14-252c-3285b75.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e14-252c-3285be5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e14-252c-3285d8d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e14-252c-3285e79.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e14-252c-3285fb4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e14-252c-32862a4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e14-252c-3286323.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e14-252c-32863f0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e14-252c-328647e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e14-252c-32866a3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e14-252c-3286741.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e14-252c-328685d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e14-252c-3286939.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e14-252c-3286b9d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e14-252c-3287033.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e14-252c-3287390.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e14-252c-32874cb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e64-43d0-22467e6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e64-43d0-22467f7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e64-43d0-2246818.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e64-43d0-224683a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e64-43d0-224686b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e64-43d0-224688c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e64-43d0-22468bd.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e64-43d0-22468ce.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e64-43d0-22468e0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e64-43d0-22468f2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e64-43d0-2246913.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e64-43d0-2246924.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e64-43d0-2246936.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e64-43d0-2246948.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e64-43d0-2246969.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e64-43d0-224698a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e64-43d0-22469ab.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e64-43d0-22469bd.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e64-43d0-22469ee.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e84-2c24-ed29b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e84-2c24-ed2ad.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e84-2c24-ed474.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e84-2c24-ed486.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e84-2c24-ed4b7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e84-2c24-ed4b9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e84-2c24-ed4ca.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e84-2c24-ed4cc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e84-2c24-ed4ed.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e84-2c24-ed50f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e84-2c24-ed520.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e84-2c24-ed532.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e84-2c24-ed544.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e84-2c24-ed5f1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e84-2c24-ed613.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e84-2c24-ed624.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e84-2c24-ed636.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e84-2c24-ed648.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2e84-2c24-ed659.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-303c-30b0-416aa2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-303c-30b0-416ab4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-303c-30b0-416ac5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-303c-30b0-416ae7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-303c-30b0-416af8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-303c-30b0-416b0a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-303c-30b0-416b3b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-303c-30b0-416b4c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-303c-30b0-416b6e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-303c-30b0-416b9e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-303c-30b0-416bcf.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-303c-30b0-416bf1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-303c-30b0-416c21.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-303c-30b0-416c43.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-303c-30b0-416c54.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-303c-30b0-416c66.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-303c-30b0-416c78.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-303c-30b0-416c99.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-303c-30b0-416cba.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3084-2f70-946501.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3084-2f70-946503.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3084-2f70-946515.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3084-2f70-946517.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3084-2f70-946528.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3084-2f70-94653a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3084-2f70-94653c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3084-2f70-94654d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3084-2f70-94655f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3084-2f70-946571.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3084-2f70-946582.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3084-2f70-946594.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3084-2f70-9465a6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3084-2f70-9465b7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3084-2f70-9465b9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3084-2f70-9465bb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3084-2f70-9465dc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3084-2f70-9465ee.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3084-2f70-9465f0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3130-36cc-cd41c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3130-36cc-cd41e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3130-36cc-cd420.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3130-36cc-cd441.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3130-36cc-cd453.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3130-36cc-cd484.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3130-36cc-cd495.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3130-36cc-cd4a7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3130-36cc-cd4a9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3130-36cc-cd4e9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3130-36cc-cd51a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3130-36cc-cd52c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3130-36cc-cd52e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3130-36cc-cd53f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3130-36cc-cd551.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3130-36cc-cd572.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3130-36cc-cd5e2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3130-36cc-cd632.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3130-36cc-cd653.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-328c-1a40-983f7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-328c-1a40-983f9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-328c-1a40-9840a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-328c-1a40-9840c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-328c-1a40-9840e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-328c-1a40-98420.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-328c-1a40-98422.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-328c-1a40-98424.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-328c-1a40-98436.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-328c-1a40-98438.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-328c-1a40-9843a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-328c-1a40-9844b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-328c-1a40-9844d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-328c-1a40-9844f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-328c-1a40-98461.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-328c-1a40-98463.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-328c-1a40-98475.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-328c-1a40-98477.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-328c-1a40-98479.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3300-1d68-21a41d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3300-1d68-21a43e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3300-1d68-21a49e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3300-1d68-21a4ce.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3300-1d68-21a4e0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3300-1d68-21a4e2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3300-1d68-21a4f4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3300-1d68-21a505.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3300-1d68-21a527.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3300-1d68-21a548.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3300-1d68-21a579.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3300-1d68-21a58a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3300-1d68-21a5ac.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3300-1d68-21a5bd.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3300-1d68-21a5de.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3300-1d68-21a600.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3300-1d68-21a621.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3300-1d68-21a633.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3300-1d68-21a635.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3334-3344-21a13e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3334-3344-21a15f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3334-3344-21a190.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3334-3344-21a1b2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3334-3344-21a1d3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3334-3344-21a1f4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3334-3344-21a206.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3334-3344-21a285.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3334-3344-21a296.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3334-3344-21a2b8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3334-3344-21a2c9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3334-3344-21a2ea.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3334-3344-21a2fc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3334-3344-21a32d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3334-3344-21a33f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3334-3344-21a341.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3334-3344-21a352.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3334-3344-21a354.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3334-3344-21a366.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-338c-3bac-2ae2fdf.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-338c-3bac-2ae2ff0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-338c-3bac-2ae3021.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-338c-3bac-2ae3042.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-338c-3bac-2ae3064.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-338c-3bac-2ae3085.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-338c-3bac-2ae30a6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-338c-3bac-2ae30c7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-338c-3bac-2ae30d9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-338c-3bac-2ae30db.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-338c-3bac-2ae30ed.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-338c-3bac-2ae311d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-338c-3bac-2ae313f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-338c-3bac-2ae3160.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-338c-3bac-2ae3181.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-338c-3bac-2ae3193.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-338c-3bac-2ae31a4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-338c-3bac-2ae31b6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-338c-3bac-2ae31c8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-341c-1e44-271983.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-341c-1e44-271995.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-341c-1e44-271997.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-341c-1e44-271999.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-341c-1e44-2719aa.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-341c-1e44-2719ac.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-341c-1e44-2719ae.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-341c-1e44-2719c0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-341c-1e44-2719c2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-341c-1e44-2719c4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-341c-1e44-2719d5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-341c-1e44-2719d7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-341c-1e44-2719d9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-341c-1e44-2719eb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-341c-1e44-2719ed.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-341c-1e44-2719ef.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-341c-1e44-271a01.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-341c-1e44-271a03.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-341c-1e44-271a05.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3450-1c50-5afc1b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3450-1c50-5afce8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3450-1c50-5afd09.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3450-1c50-5afd2a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3450-1c50-5afd5b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3450-1c50-5afd7c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3450-1c50-5afd8e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3450-1c50-5afda0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3450-1c50-5afdc1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3450-1c50-5afdf2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3450-1c50-5afe03.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3450-1c50-5afe15.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3450-1c50-5afe27.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3450-1c50-5afe38.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3450-1c50-5afe4a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3450-1c50-5afe6b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3450-1c50-5afe9c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3450-1c50-5afebd.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3450-1c50-5afedf.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3488-3498-19d8a1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3488-3498-19d8a3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3488-3498-19d8b4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3488-3498-19d8c6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3488-3498-19d8d8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3488-3498-19d8e9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3488-3498-19d8fb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3488-3498-19d8fd.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3488-3498-19d90f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3488-3498-19d920.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3488-3498-19d932.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3488-3498-19d934.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3488-3498-19d945.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3488-3498-19d957.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3488-3498-19d988.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3488-3498-19d9b9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3488-3498-19d9ea.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3488-3498-19da59.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3488-3498-19da5b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-34c4-2484-3589fc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-34c4-2484-3589fe.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-34c4-2484-358a0f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-34c4-2484-358a11.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-34c4-2484-358a33.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-34c4-2484-358a54.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-34c4-2484-358a56.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-34c4-2484-358a77.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-34c4-2484-358a98.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-34c4-2484-358a9a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-34c4-2484-358aac.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-34c4-2484-358aae.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-34c4-2484-358ac0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-34c4-2484-358ac2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-34c4-2484-358ac4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-34c4-2484-358ad5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-34c4-2484-358ae7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-34c4-2484-358ae9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-34c4-2484-358b0a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-35c8-359c-13c0b1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-35c8-359c-13c0c3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-35c8-359c-13c0c5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-35c8-359c-13c0c7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-35c8-359c-13c0d8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-35c8-359c-13c0da.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-35c8-359c-13c0ec.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-35c8-359c-13c0ee.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-35c8-359c-13c0f0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-35c8-359c-13c102.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-35c8-359c-13c104.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-35c8-359c-13c106.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-35c8-359c-13c117.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-35c8-359c-13c119.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-35c8-359c-13c12b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-35c8-359c-13c12d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-35c8-359c-13c13e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-35c8-359c-13c140.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-35c8-359c-13c152.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3728-35b4-5b4086.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3728-35b4-5b40a8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3728-35b4-5b40b9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3728-35b4-5b40bb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3728-35b4-5b40cd.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3728-35b4-5b40cf.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3728-35b4-5b40d1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3728-35b4-5b40f2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3728-35b4-5b4113.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3728-35b4-5b4135.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3728-35b4-5b4146.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3728-35b4-5b4148.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3728-35b4-5b415a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3728-35b4-5b415c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3728-35b4-5b415e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3728-35b4-5b416f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3728-35b4-5b4171.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3728-35b4-5b4173.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3728-35b4-5b4185.tmp deleted
Nahoru
Reklama
Top
nermitus
Level 2
Level 2
Příspěvky: 207
Registrován: prosinec 14
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu

Příspěvekod nermitus » 26 led 2022 08:24

C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3730-4a4-ab217.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3730-4a4-ab247.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3730-4a4-ab259.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3730-4a4-ab26b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3730-4a4-ab27c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3730-4a4-ab27e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3730-4a4-ab2ce.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3730-4a4-ab30f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3730-4a4-ab340.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3730-4a4-ab351.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3730-4a4-ab373.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3730-4a4-ab394.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3730-4a4-ab3a6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3730-4a4-ab3a8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3730-4a4-ab417.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3730-4a4-ab419.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3730-4a4-ab42b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3730-4a4-ab42d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3730-4a4-ab43e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-37f4-3460-465750.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-37f4-3460-465772.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-37f4-3460-465783.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-37f4-3460-4657a5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-37f4-3460-4657b6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-37f4-3460-4657c8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-37f4-3460-4657d9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-37f4-3460-4657fb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-37f4-3460-46581c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-37f4-3460-46582e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-37f4-3460-46583f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-37f4-3460-465851.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-37f4-3460-465872.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-37f4-3460-465884.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-37f4-3460-4658a5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-37f4-3460-4658b7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-37f4-3460-4658d8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-37f4-3460-4658f9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-37f4-3460-46591a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3828-2114-75a26e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3828-2114-75a290.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3828-2114-75a2b1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3828-2114-75a2c2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3828-2114-75a341.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3828-2114-75a372.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3828-2114-75a384.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3828-2114-75a386.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3828-2114-75a398.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3828-2114-75a3a9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3828-2114-75a3f9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3828-2114-75a42a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3828-2114-75a46b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3828-2114-75a48c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3828-2114-75a49e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3828-2114-75a4bf.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3828-2114-75a4e0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3828-2114-75a4f2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3828-2114-75a513.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3894-3a3c-a11fe.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3894-3a3c-a121f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3894-3a3c-a1231.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3894-3a3c-a1233.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3894-3a3c-a1254.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3894-3a3c-a1256.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3894-3a3c-a1258.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3894-3a3c-a127a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3894-3a3c-a127c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3894-3a3c-a127e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3894-3a3c-a128f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3894-3a3c-a12a1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3894-3a3c-a12a3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3894-3a3c-a12b4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3894-3a3c-a12b6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3894-3a3c-a12c8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3894-3a3c-a12ca.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3894-3a3c-a12cc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3894-3a3c-a12de.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3980-2288-12ae0cf.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3980-2288-12ae11f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3980-2288-12ae130.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3980-2288-12ae152.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3980-2288-12ae1b1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3980-2288-12ae1c3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3980-2288-12ae1e4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3980-2288-12ae206.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3980-2288-12ae217.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3980-2288-12ae248.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3980-2288-12ae25a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3980-2288-12ae28b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3980-2288-12ae2ac.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3980-2288-12ae2bd.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3980-2288-12ae2df.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3980-2288-12ae310.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3980-2288-12ae36f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3980-2288-12ae391.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3980-2288-12ae3d1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3b34-22b0-c6f28.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3b34-22b0-c6f3a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3b34-22b0-c6f3c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3b34-22b0-c6f3e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3b34-22b0-c6f4f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3b34-22b0-c6f51.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3b34-22b0-c6f63.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3b34-22b0-c6f65.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3b34-22b0-c6f67.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3b34-22b0-c6f79.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3b34-22b0-c6f7b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3b34-22b0-c6f7d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3b34-22b0-c6f8e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3b34-22b0-c6f90.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3b34-22b0-c6fa2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3b34-22b0-c6fa4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3b34-22b0-c6fa6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3b34-22b0-c6fb7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3b34-22b0-c6fb9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3b84-1c40-3722db3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3b84-1c40-3722dc4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3b84-1c40-3722de5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3b84-1c40-3722df7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3b84-1c40-3722e18.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3b84-1c40-3722e49.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3b84-1c40-3722e5b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3b84-1c40-3722e6c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3b84-1c40-3722e8e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3b84-1c40-3722e9f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3b84-1c40-3722eb1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3b84-1c40-3722ed2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3b84-1c40-3722ef3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3b84-1c40-3722f05.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3b84-1c40-3722f17.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3b84-1c40-3722f19.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3b84-1c40-3722f2a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3b84-1c40-3722f2c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3b84-1c40-3722f3e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3c9c-37e8-14b61d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3c9c-37e8-14b6ac.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3c9c-37e8-14b6ae.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3c9c-37e8-14b6bf.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3c9c-37e8-14b6c1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3c9c-37e8-14b712.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3c9c-37e8-14b781.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3c9c-37e8-14b783.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3c9c-37e8-14b795.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3c9c-37e8-14b7b6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3c9c-37e8-14b7e7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3c9c-37e8-14b7f8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3c9c-37e8-14b80a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3c9c-37e8-14b80c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3c9c-37e8-14b83d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3c9c-37e8-14b85e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3c9c-37e8-14b87f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3c9c-37e8-14b881.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3c9c-37e8-14b893.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3da4-23f0-12f0fd.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3da4-23f0-12f0ff.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3da4-23f0-12f111.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3da4-23f0-12f113.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3da4-23f0-12f124.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3da4-23f0-12f126.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3da4-23f0-12f148.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3da4-23f0-12f14a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3da4-23f0-12f14c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3da4-23f0-12f15d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3da4-23f0-12f17f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3da4-23f0-12f181.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3da4-23f0-12f192.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3da4-23f0-12f194.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3da4-23f0-12f1a6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3da4-23f0-12f1a8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3da4-23f0-12f1b9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3da4-23f0-12f1bb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3da4-23f0-12f1ec.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3f14-2594-242bc1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3f14-2594-242be3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3f14-2594-242c04.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3f14-2594-242c16.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3f14-2594-242c37.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3f14-2594-242c68.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3f14-2594-242c79.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3f14-2594-242c8b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3f14-2594-242cac.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3f14-2594-242ccd.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3f14-2594-242cdf.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3f14-2594-242d6e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3f14-2594-242dcd.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3f14-2594-242e2d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3f14-2594-242e7d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3f14-2594-242e8f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3f14-2594-242ec0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3f14-2594-242ee1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3f14-2594-242ef3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-403c-1668-213b41.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-403c-1668-213b52.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-403c-1668-213b64.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-403c-1668-213b76.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-403c-1668-213b78.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-403c-1668-213b99.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-403c-1668-213bab.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-403c-1668-213bbc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-403c-1668-213bbe.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-403c-1668-213bdf.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-403c-1668-213c01.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-403c-1668-213c41.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-403c-1668-213ca1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-403c-1668-213cb3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-403c-1668-213cc4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-403c-1668-213ce5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-403c-1668-213d07.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-403c-1668-213d18.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-403c-1668-213d2a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4198-2380-437297.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4198-2380-4372a9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4198-2380-4372ca.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4198-2380-43730b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4198-2380-43734b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4198-2380-4373ea.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4198-2380-43740b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4198-2380-43742c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4198-2380-43747c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4198-2380-43750b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4198-2380-43752c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4198-2380-43755d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4198-2380-43756f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4198-2380-4375af.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4198-2380-4375ff.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4198-2380-437620.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4198-2380-437651.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4198-2380-437673.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4198-2380-437694.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4bc-4c8-2afb68.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4bc-4c8-2afb99.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4bc-4c8-2afbab.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4bc-4c8-2afbdc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4bc-4c8-2afbed.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4bc-4c8-2afbef.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4bc-4c8-2afc4f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4bc-4c8-2afc61.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4bc-4c8-2afc92.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4bc-4c8-2afcb3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4bc-4c8-2afcd4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4bc-4c8-2afcf5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4bc-4c8-2afd26.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4bc-4c8-2afd67.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4bc-4c8-2afd78.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4bc-4c8-2afda9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4bc-4c8-2afdbb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4bc-4c8-2afdec.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4bc-4c8-2afdfd.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4e4-1c70-fa27e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4e4-1c70-fa290.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4e4-1c70-fa292.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4e4-1c70-fa2a3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4e4-1c70-fa2a5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4e4-1c70-fa2a7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4e4-1c70-fa2b9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4e4-1c70-fa2bb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4e4-1c70-fa2cd.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4e4-1c70-fa2cf.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4e4-1c70-fa2d1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4e4-1c70-fa2e2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4e4-1c70-fa2e4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4e4-1c70-fa2f6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4e4-1c70-fa2f8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4e4-1c70-fa309.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4e4-1c70-fa30b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4e4-1c70-fa30d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4e4-1c70-fa31f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-504-4b0-248e861.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-504-4b0-248e882.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-504-4b0-248e884.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-504-4b0-248e8a6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-504-4b0-248e8c7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-504-4b0-248e8d8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-504-4b0-248e8fa.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-504-4b0-248e90b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-504-4b0-248e92d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-504-4b0-248e92f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-504-4b0-248e950.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-504-4b0-248e971.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-504-4b0-248e973.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-504-4b0-248e985.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-504-4b0-248e987.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-504-4b0-248e998.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-504-4b0-248e99a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-504-4b0-248e99c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-504-4b0-248e9be.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-534-31ec-188229.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-534-31ec-18824a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-534-31ec-18827b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-534-31ec-18828d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-534-31ec-18828f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-534-31ec-1882b0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-534-31ec-18835e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-534-31ec-18842b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-534-31ec-18843d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-534-31ec-18847d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-534-31ec-1884be.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-534-31ec-1884cf.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-534-31ec-1884f0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-534-31ec-188541.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-534-31ec-188562.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-534-31ec-188583.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-534-31ec-188595.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-534-31ec-1885a6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-534-31ec-1885b8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-58-a18-1d6c870.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-58-a18-1d6c891.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-58-a18-1d6c8a3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-58-a18-1d6c8b4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-58-a18-1d6c8d6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-58-a18-1d6c916.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-58-a18-1d6c937.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-58-a18-1d6c959.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-58-a18-1d6c97a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-58-a18-1d6c98b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-58-a18-1d6c9ad.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-58-a18-1d6c9be.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-58-a18-1d6c9d0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-58-a18-1d6c9f1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-58-a18-1d6ca22.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-58-a18-1d6ca43.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-58-a18-1d6ca65.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-58-a18-1d6caa5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-58-a18-1d6cac6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5a8-5ac-3003d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5a8-5ac-3003f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5a8-5ac-30041.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5a8-5ac-30053.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5a8-5ac-30055.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5a8-5ac-30057.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5a8-5ac-30059.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5a8-5ac-3006b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5a8-5ac-3006d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5a8-5ac-3006f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5a8-5ac-30071.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5a8-5ac-30073.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5a8-5ac-30084.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5a8-5ac-30086.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5a8-5ac-30088.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5a8-5ac-3008a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5a8-5ac-3009c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5a8-5ac-3009e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5a8-5ac-300a0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5e0-329c-a56a8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5e0-329c-a56ba.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5e0-329c-a56bc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5e0-329c-a56ce.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5e0-329c-a56d0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5e0-329c-a56d2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5e0-329c-a56e3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5e0-329c-a56e5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5e0-329c-a56e7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5e0-329c-a56f9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5e0-329c-a56fb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5e0-329c-a570c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5e0-329c-a571e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5e0-329c-a5720.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5e0-329c-a5732.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5e0-329c-a5734.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5e0-329c-a5736.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5e0-329c-a5747.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5e0-329c-a5749.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-610-2eec-967f07.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-610-2eec-967f29.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-610-2eec-967f3a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-610-2eec-967f4c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-610-2eec-967f8c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-610-2eec-967f9e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-610-2eec-967fa0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-610-2eec-967fb2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-610-2eec-967fb4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-610-2eec-967fb6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-610-2eec-967fe6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-610-2eec-968008.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-610-2eec-968019.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-610-2eec-96803b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-610-2eec-96805c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-610-2eec-96806d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-610-2eec-96807f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-610-2eec-9680a0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-610-2eec-9680d1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-684-2cd8-9bc4d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-684-2cd8-9bc4f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-684-2cd8-9bc60.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-684-2cd8-9bc72.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-684-2cd8-9bc74.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-684-2cd8-9bc76.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-684-2cd8-9bc97.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-684-2cd8-9bcb8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-684-2cd8-9bcca.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-684-2cd8-9bccc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-684-2cd8-9bcde.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-684-2cd8-9bcef.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-684-2cd8-9bd01.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-684-2cd8-9bd22.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-684-2cd8-9bd34.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-684-2cd8-9bd36.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-684-2cd8-9bd38.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-684-2cd8-9bd59.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-684-2cd8-9bd6b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-748-2210-24ba07.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-748-2210-24ba09.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-748-2210-24ba2b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-748-2210-24ba4c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-748-2210-24ba4e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-748-2210-24ba6f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-748-2210-24ba90.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-748-2210-24ba92.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-748-2210-24bac3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-748-2210-24bad5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-748-2210-24baf6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-748-2210-24baf8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-748-2210-24bafa.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-748-2210-24bb2b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-748-2210-24bb5c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-748-2210-24bb5e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-748-2210-24bb6f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-748-2210-24bb71.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-748-2210-24bb83.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-820-2060-100c0a1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-820-2060-100c0b2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-820-2060-100c0c4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-820-2060-100c0d6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-820-2060-100c0d8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-820-2060-100c0e9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-820-2060-100c0fb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-820-2060-100c11c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-820-2060-100c12e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-820-2060-100c130.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-820-2060-100c141.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-820-2060-100c143.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-820-2060-100c155.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-820-2060-100c167.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-820-2060-100c178.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-820-2060-100c18a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-820-2060-100c18c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-820-2060-100c19d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-820-2060-100c1bf.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-850-2bb4-393b8a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-850-2bb4-393bbb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-850-2bb4-393c0b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-850-2bb4-393c3c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-850-2bb4-393c5d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-850-2bb4-393c7f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-850-2bb4-393ca0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-850-2bb4-393ca2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-850-2bb4-393cc3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-850-2bb4-393ce4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-850-2bb4-393d06.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-850-2bb4-393d37.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-850-2bb4-393d58.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-850-2bb4-393d79.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-850-2bb4-393dba.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-850-2bb4-393dbc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-850-2bb4-393dcd.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-850-2bb4-393dee.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-850-2bb4-393e10.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-8d4-25c8-5ca46c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-8d4-25c8-5ca46e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-8d4-25c8-5ca4be.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-8d4-25c8-5ca50e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-8d4-25c8-5ca59d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-8d4-25c8-5ca5be.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-8d4-25c8-5ca5cf.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-8d4-25c8-5ca5d1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-8d4-25c8-5ca5e3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-8d4-25c8-5ca5e5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-8d4-25c8-5ca5f7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-8d4-25c8-5ca5f9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-8d4-25c8-5ca62a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-8d4-25c8-5ca63b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-8d4-25c8-5ca65c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-8d4-25c8-5ca66e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-8d4-25c8-5ca68f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-8d4-25c8-5ca691.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-8d4-25c8-5ca6b3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-a70-1448-9aaf7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-a70-1448-9aaf9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-a70-1448-9aafb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-a70-1448-9ab0d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-a70-1448-9ab1e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-a70-1448-9ab20.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-a70-1448-9ab22.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-a70-1448-9ab34.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-a70-1448-9ab36.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-a70-1448-9ab38.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-a70-1448-9ab4a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-a70-1448-9ab4c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-a70-1448-9ab4e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-a70-1448-9ab50.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-a70-1448-9ab61.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-a70-1448-9ab63.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-a70-1448-9ab65.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-a70-1448-9ab77.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-a70-1448-9ab79.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-c1c-1ab4-2f1120.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-c1c-1ab4-2f1131.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-c1c-1ab4-2f1143.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-c1c-1ab4-2f1154.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-c1c-1ab4-2f1166.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-c1c-1ab4-2f1178.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-c1c-1ab4-2f117a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-c1c-1ab4-2f118b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-c1c-1ab4-2f119d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-c1c-1ab4-2f119f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-c1c-1ab4-2f11b1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-c1c-1ab4-2f11b3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-c1c-1ab4-2f11b5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-c1c-1ab4-2f11c6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-c1c-1ab4-2f11c8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-c1c-1ab4-2f11ca.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-c1c-1ab4-2f11dc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-c1c-1ab4-2f11de.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-c1c-1ab4-2f11e0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-cd4-2114-827072.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-cd4-2114-827084.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-cd4-2114-827095.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-cd4-2114-8270a7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-cd4-2114-8270c8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-cd4-2114-8270da.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-cd4-2114-8270ec.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-cd4-2114-8270fd.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-cd4-2114-8270ff.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-cd4-2114-827111.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-cd4-2114-827122.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-cd4-2114-827144.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-cd4-2114-827155.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-cd4-2114-827167.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-cd4-2114-827179.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-cd4-2114-82718a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-cd4-2114-8271ab.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-cd4-2114-8271cd.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-cd4-2114-8271de.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-fc0-24d0-de9a3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-fc0-24d0-de9a5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-fc0-24d0-de9b6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-fc0-24d0-de9b8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-fc0-24d0-de9ba.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-fc0-24d0-de9cc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-fc0-24d0-de9ce.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-fc0-24d0-de9d0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-fc0-24d0-de9e2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-fc0-24d0-de9e4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-fc0-24d0-de9e6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-fc0-24d0-de9f7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-fc0-24d0-de9f9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-fc0-24d0-de9fb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-fc0-24d0-dea0d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-fc0-24d0-dea0f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-fc0-24d0-dea11.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-fc0-24d0-dea22.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-fc0-24d0-dea24.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-fd8-cfc-607ba3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-fd8-cfc-607bb4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-fd8-cfc-607bb6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-fd8-cfc-607bc8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-fd8-cfc-607bca.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-fd8-cfc-607bdc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-fd8-cfc-607bed.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-fd8-cfc-607bef.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-fd8-cfc-607c01.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-fd8-cfc-607c03.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-fd8-cfc-607c15.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-fd8-cfc-607c17.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-fd8-cfc-607c19.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-fd8-cfc-607c2a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-fd8-cfc-607c2c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-fd8-cfc-607c3e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-fd8-cfc-607c40.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-fd8-cfc-607c42.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-fd8-cfc-607c53.tmp deleted
C:\Users\User\AppData\LocalLow\Unity deleted
C:\windows\SysNative\GroupPolicy\Machine deleted
C:\windows\SysNative\GroupPolicy\User deleted
C:\windows\SysNative\GroupPolicy\GPT.INI deleted
C:\WINDOWS\Syswow64\GroupPolicy\gpt.ini deleted
C:\Users\User\FastClicker.exe deleted
C:\Users\User\top100files.exe deleted
"C:\DumpStack.log.tmp" not deleted
"C:\Users\User\AppData\Roaming\epm\userconfig" deleted
"C:\Users\User\AppData\Roaming\epm" deleted

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\kyywts3s.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Firefox Extensions ======================

ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\kyywts3s.default
- Gladiatus Crazy Add On - %ProfilePath%\extensions\{b4badc0e-93d6-4083-b7e7-b66308c99f10}.xpi
- Greasemonkey - %ProfilePath%\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi

==== Firefox Plugins ======================

Profilepath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\kyywts3s.default
E844DCA9A2E757AF9E3EB7BE673C2F59 - C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL - Microsoft Office


==== Chromium Look ======================

Google Chrome Version: 97.0.4692.99

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
efaidnbmnnnibpcajpcglclefindmkaj - No path found[]

BTTV - User\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped
7TV - User\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\ammjkodgmmoknidbanneddgankgfejfh
YouTube Music - User\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\cinhimbnkkaeohfgghhklpknlkffjgod
Tampermonkey - User\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo
AutoTube - YouTube nonstop - User\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\egobelhdffdoidcnhpgkngoghpiebial
Better PathOfExile Trading - User\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\fhlinfpmdlijegjlpgedcmglkakaghnk
BTTV - User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped
Social Blade - User\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfidkbgamfhdgmedldkagjopnbobdmdn
uBlock₀ - User\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm
GCA - User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfbmiedjenagoegiiabjfjpkhfocifkp
Tampermonkey - User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo
2.31.1 - User\AppData\Local\Google\Chrome\User Data\Default\Extensions\fepbnnnkkadjhjahcafoaglimekefifl
No Coin - Block miners on the web - User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gojamcfopckidlocpkbelmpjcgmbgjcl
Arcane Legends - User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibmlkgieigeddcedpbijnpojheoddido

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"

==== All HKLM and HKCU SearchScopes ======================

HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02

==== Reset Google Chrome ======================

C:\Users\User\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Preferences was reset successfully
C:\Users\User\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Secure Preferences was reset successfully
C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\User\AppData\Local\Google\Chrome\User Data\Guest Profile\Preferences was reset successfully
C:\Users\User\AppData\Local\Google\Chrome\User Data\Guest Profile\Secure Preferences was reset successfully
C:\Users\User\AppData\Local\Google\Chrome\User Data\System Profile\Preferences was reset successfully
C:\Users\User\AppData\Local\Google\Chrome\User Data\System Profile\Secure Preferences was reset successfully
C:\Users\User\AppData\Local\Microsoft\Edge\User Data\Default\Preferences was reset successfully
C:\Users\User\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences was reset successfully
C:\Users\User\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Web Data was reset successfully
C:\Users\User\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Web Data-journal was reset successfully
C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully
C:\Users\User\AppData\Local\Google\Chrome\User Data\Guest Profile\Web Data was reset successfully
C:\Users\User\AppData\Local\Google\Chrome\User Data\System Profile\Web Data was reset successfully
C:\Users\User\AppData\Local\Microsoft\Edge\User Data\Default\Web Data was reset successfully
C:\Users\User\AppData\Local\Microsoft\Edge\User Data\Default\Web Data-journal was reset successfully

==== Empty IE Cache ======================

C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\User\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\User\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

No FireFox Cache found

==== Empty Edge Cache ======================

Edge Cache Emptied Successfully

==== Empty Chrome Cache ======================

C:\Users\User\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Cache emptied successfully
C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\User\AppData\Local\Google\Chrome\User Data\Guest Profile\Cache emptied successfully
C:\Users\User\AppData\Local\Google\Chrome\User Data\System Profile\Cache emptied successfully
C:\Users\User\AppData\Local\Microsoft\Edge\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

No Flash Cache Found

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=7930 folders=2578 2217852384 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\User\AppData\Local\Temp will be emptied at reboot
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\Users\User\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\DumpStack.log.tmp" not deleted

==== EOF on st 26. 01. 2022 at 8:06:17,17 ======================
Nahoru
nermitus
Level 2
Level 2
Příspěvky: 207
Registrován: prosinec 14
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu

Příspěvekod nermitus » 26 led 2022 08:25

Informácie o kontroly
Názov produktu    :  Zemana AntiMalware
Stav kontroly    :  Dokončená
Dátum kontroly    :  26. 1. 2022 8:10:02
Typ kontroly    :  Inteligentná kontrola
Čas trvania    :  00:00:17
Skontrolované objekty    :  2107
Zistené objekty    :  5
Vylúčené objekty    :  0
Automatické odosielanie    :  Áno
Operačný systém    :  Windows 10 x64
Procesor    :  8X Intel(R) Core(TM) i7-7700K CPU @ 4.20GHz
Režim systému BIOS    :  UEFI
Informácie o doméne    :  WORKGROUP,False,NetSetupWorkgroupName
CUID    :  1268CE6F8C94CC53E455B0


Odhalenia
MD5    :  
Stav    :  Skontrolované
Objekt    :  c:\users\user\appdata\roaming\mozilla\firefox\profiles\kyywts3s.default\extensions\{b4badc0e-93d6-4083-b7e7-b66308c99f10}.xpi
Vydavatel    :  
Veľkosť    :  0
Odhalenie    :  HijackExt:FirefoxPlugin/{b4badc0e-93d6-4083-b7e7-b66308c99f10}
Akcia    :  Vymazať
-----------------------------------------------------------------------
MD5    :  
Stav    :  Skontrolované
Objekt    :  azet - http://azet.sk
Vydavatel    :  
Veľkosť    :  0
Odhalenie    :  Hijack:Browser/FirefoxSearch
Akcia    :  Vymazať
-----------------------------------------------------------------------
MD5    :  
Stav    :  Skontrolované
Objekt    :  atlas - http://atlas.sk
Vydavatel    :  
Veľkosť    :  0
Odhalenie    :  Hijack:Browser/FirefoxSearch
Akcia    :  Vymazať
-----------------------------------------------------------------------
MD5    :  
Stav    :  Skontrolované
Objekt    :  slovnik.sk (en-sk) - http://slovnik.azet.sk
Vydavatel    :  
Veľkosť    :  0
Odhalenie    :  Hijack:Browser/FirefoxSearch
Akcia    :  Vymazať
-----------------------------------------------------------------------
MD5    :  
Stav    :  Skontrolované
Objekt    :  zoznam - http://zoznam.sk
Vydavatel    :  
Veľkosť    :  0
Odhalenie    :  Hijack:Browser/FirefoxSearch
Akcia    :  Vymazať
-----------------------------------------------------------------------


Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 8:15:43, on 26. 1. 2022
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.19041.1202)


Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
C:\Windows\System32\TiltWheelMouse.exe
C:\Program Files (x86)\Unified Remote 3\RemoteServerWin.exe
C:\Program Files (x86)\Bloody7\Bloody7\Bloody7.exe
C:\Users\User\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_241\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_241\bin\jp2ssv.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [Unified Remote V3] "C:\Program Files (x86)\Unified Remote 3\RemoteServerWin.exe"
O4 - HKCU\..\Run: [Spotify] C:\Users\User\AppData\Roaming\Spotify\Spotify.exe --autostart --minimized
O4 - HKCU\..\Run: [com.squirrel.Teams.Teams] C:\Users\User\AppData\Local\Microsoft\Teams\Update.exe --processStart "Teams.exe" --process-start-args "--system-initiated"
O4 - HKCU\..\Run: [Lync] "C:\Program Files\Microsoft Office\root\Office16\lync.exe" /fromrunkey
O4 - HKCU\..\Run: [NordVPN] C:\Program Files\NordVPN\NordVPN.exe
O4 - HKCU\..\Run: [TSMApplication] "C:\Program Files (x86)\TradeSkillMaster Application\app\TSMApplication.exe"
O4 - HKCU\..\Run: [JellyfinTray] C:\Program Files\Jellyfin\Server\Jellyfin.Windows.Tray.exe
O4 - HKCU\..\Run: [GogGalaxy] C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe /launchViaAutoStart
O4 - HKCU\..\Run: [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [Discord] C:\Users\User\AppData\Local\Discord\Update.exe --processStart Discord.exe --process-start-args --start-minimized
O4 - HKCU\..\Run: [EpicGamesLauncher] "C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe" -silent
O4 - HKCU\..\Run: [Bloody2] "C:\Program Files (x86)\Bloody7\Bloody7\Bloody7.exe" Minimum
O4 - HKCU\..\RunOnce: [Application Restart #5] C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe --enable-dom-distiller --disable-domain-reliability --disable-chrome-google-url-tracking-client --no-pings --extensions-install-verification=enforce_strict --enable-features=NewExtensionUpdaterService,SimplifyHttpsIndicator,WebUIDarkMode --disable-features=AutofillServerCommunication,LookalikeUrlNavigationSuggestionsUI,UnifiedConsent,AudioServiceOutOfProcess,TranslateUI --flag-switches-begin --flag-switches-end --restore-last-session
O4 - HKCU\..\RunOnce: [Application Restart #3] C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe --enable-dom-distiller --disable-domain-reliability --no-pings --extension-content-verification=enforce_strict --extensions-install-verification=enforce --origin-trial-public-key=bYUKPJoPnCxeNvu72j4EmPuK7tr1PAC7SHh8ld9Mw3E=,fMS4mpO6buLQ/QMd+zJmxzty/VQ6B1EUZqoCU04zoRU= --sync-url=https://sync-v2.brave.com/v2 --lso-url=https://no-thanks.invalid --enable-features=PrefetchPrivacyChanges,DnsOverHttps,OmniboxContextMenuShowFullUrls,LegacyTLSEnforced,PasswordImport,ReducedReferrerGranularity,MixedContentSiteSetting,AutoupgradeMixedContent,WinrtGeolocationImplementation,PassiveMixedContentWarning,WebUIDarkMode --disable-features=TextFragmentAnchor,AutofillEnableAccountWalletStorage,AllowPopupsDuringPageUnload,PrivacySettingsRedesign,NotificationTriggers,TabHoverCards,SmsReceiver,SafeBrowsingEnhancedProtection,VideoPlaybackQuality,AutofillServerCommunication,PasswordCheck --flag-switches-begin --loa
O4 - HKCU\..\RunOnce: [Application Restart #2] C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe --disable-domain-reliability --disable-features=TextFragmentAnchor,AutofillEnableAccountWalletStorage,AllowPopupsDuringPageUnload,SafeBrowsingEnhancedProtection,NotificationTriggers,PasswordCheck,AutofillServerCommunication,PrivacySettingsRedesign,TabHoverCards,SmsReceiver,VideoPlaybackQuality --enable-dom-distiller --enable-features=MixedContentSiteSetting,ReducedReferrerGranularity,PasswordImport,WinrtGeolocationImplementation,PassiveMixedContentWarning,AutoupgradeMixedContent,WebUIDarkMode,PrefetchPrivacyChanges,LegacyTLSEnforced,DnsOverHttps,OmniboxContextMenuShowFullUrls --extension-content-verification=enforce_strict --extensions-install-verification=enforce --lso-url=https://no-thanks.invalid --no-pings --origin-trial-public-key=bYUKPJoPnCxeNvu72j4EmPuK7tr1PAC7SHh8ld9Mw3E=,fMS4mpO6buLQ/QMd+zJmxzty/VQ6B1EUZqoCU04zoRU= --sync-url=https://sync-v2.brave.com/v2 --restore-last-session
O4 - HKCU\..\RunOnce: [Application Restart #1] C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe --disable-domain-reliability --disable-features=PasswordCheck,AutofillServerCommunication,VideoPlaybackQuality,TabHoverCards,SmsReceiver,SafeBrowsingEnhancedProtection,AllowPopupsDuringPageUnload,AutofillEnableAccountWalletStorage,NotificationTriggers,PrivacySettingsRedesign,TextFragmentAnchor --enable-dom-distiller --enable-features=OmniboxContextMenuShowFullUrls,DnsOverHttps,LegacyTLSEnforced,WinrtGeolocationImplementation,PassiveMixedContentWarning,AutoupgradeMixedContent,MixedContentSiteSetting,WebUIDarkMode,ReducedReferrerGranularity,PasswordImport,PrefetchPrivacyChanges --extension-content-verification=enforce_strict --extensions-install-verification=enforce --lso-url=https://no-thanks.invalid --no-pings --origin-trial-public-key=bYUKPJoPnCxeNvu72j4EmPuK7tr1PAC7SHh8ld9Mw3E=,fMS4mpO6buLQ/QMd+zJmxzty/VQ6B1EUZqoCU04zoRU= --sync-url=https://sync-v2.brave.com/v2 --restore-last-session
O4 - Global Startup: Bitmeter2.lnk = C:\Program Files (x86)\Codebox\BitMeter\BitMeter2.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
O9 - Extra 'Tools' menuitem: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{fc2a1fda-3151-4f24-b8e6-e38cd2079293}: NameServer = 8.8.4.4,8.8.8.8
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\MSOXMLMF.DLL
O23 - Service: ADATA ToolBox Service - Unknown owner - C:\Program Files (x86)\ADATA\SSD ToolBox\ToolBoxSvc.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Inc. - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Služba Brave Update (brave) (brave) - BraveSoftware Inc. - C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe
O23 - Service: Služba Brave Update (bravem) (bravem) - BraveSoftware Inc. - C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe
O23 - Service: COMODO Internet Security Helper Service (CmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: COMODO Internet Security Protected Helper Service (CmdAgentProt) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: COMODO Virtual Service Manager (cmdvirth) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
O23 - Service: @%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100 (CredentialEnrollmentManagerUserSvc) - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: CredentialEnrollmentManagerUserSvc_4fa05 - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: Digital Wave Update Service (DigitalWave.Update.Service) - Digital Wave Ltd - C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
O23 - Service: EasyAntiCheat - EasyAntiCheat Ltd - C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: Epic Online Services (EpicOnlineServices) - Epic Games, Inc. - C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: NVIDIA FrameView SDK service (FvSvc) - NVIDIA - C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe
O23 - Service: GalaxyClientService - GOG.com - C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe
O23 - Service: GalaxyCommunication - GOG.com - C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) (GoogleChromeElevationService) - Google LLC - C:\Program Files (x86)\Google\Chrome\Application\97.0.4692.99\elevation_service.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @oem46.inf,%SocketHECIServiceName%;Intel(R) Capability Licensing Service TCP IP Interface (Intel(R) Capability Licensing Service TCP IP Interface) - Intel(R) Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\SocketHeciServer.exe
O23 - Service: @oem46.inf,%TPMProvisioningServiceName%;Intel(R) TPM Provisioning Service (Intel(R) TPM Provisioning Service) - Intel(R) Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\TPMProvisioningService.exe
O23 - Service: IObit Uninstaller Service (IObitUnSvr) - IObit - C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: MySQL - Unknown owner - C:\Program Files\MySQL\MySQL Server 5.6\bin\mysqld.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: nordvpn-service - TEFINCOM S.A. - C:\Program Files\NordVPN\nordvpn-service.exe
O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\nvmdi.inf_amd64_de900db96e9c1480\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: Origin Web Helper Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginWebHelperService.exe
O23 - Service: @%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101 (perceptionsimulation) - Unknown owner - C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe (file missing)
O23 - Service: RogueKiller RTP (rkrtservice) - Unknown owner - C:\Program Files\RogueKiller\RogueKillerSvc.exe
O23 - Service: Rockstar Game Library Service (Rockstar Service) - Rockstar Games - C:\Program Files\Rockstar Games\Launcher\RockstarService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001 (Sense) - Unknown owner - C:\Program Files (x86)\Windows Defender Advanced Threat Protection\MsSense.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\WINDOWS\system32\SgrmBroker.exe (file missing)
O23 - Service: @firewallapi.dll,-50323 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer - TeamViewer Germany GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 18752 bytes



Systém sa občas zasekne
Nahoru
Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43060
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu

Příspěvekod jaro3 » 26 led 2022 17:30

Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod

Kód: Vybrat vše

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe
O1 - Hosts: ::1 localhost
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"


Stáhni si zde DelFix
Další odkazy:
https://toolslib.net/downloads/viewdownload/2-delfix/
http://ccm.net/download/download-24087-delfix
https://www.bleepingcomputer.com/download/delfix/

ulož si soubor na plochu.
Poklepáním na ikonu spusť nástroj Delfix.exe
( Ve Windows Vista, Windows 7, 8 a10 musíš spustit soubor pravým tlačítkem myši -> Spustit jako správce .
V hlavním menu, zkontroluj tyto možnosti - Odstranění dezinfekce nástrojů (Remove desinfection tools) – Vyčistit body obnovy (Purge System Restore)
Poté klikněte na tlačítko Spustit (Run) a nech nástroj dělat svoji práci

Poté se zpráva se otevře (DelFix.txt). Vlož celý obsah zprávy sem.Jinak je zpráva zde:
v C: \ DelFix.txt

Stáhni si Memtest
http://www.stahuj.cz/utility_a_ostatni/ ... i/memtest/


Políčko , ve kterém je napsáno:
All unused RAM ponech.
-dej Start , nech nejméně 2h běžet , pokud bude po 2h stále 0 errors , jsou v pořádku.
V případě vyšších kapacit RAM je třeba Memtest spustit několikrát , pro 2GB ( jednotlivá největší kapacita RAM) 2x , pro 4GB 3x , pro 8Gb 4x ap.
poklepej na Memtest , pak znovu a znovu , do políček všech Memtestů napiš 2048 , pak dej u všech Memtestů "Start".

Ještě zkontrolovat HDD na chyby ,popř. zkusit jeho defragmentaci ..

Stáhni si CrystalDiskInfo
https://www.stahuj.cz/utility_a_ostatni ... ldiskinfo/
Spusť program a klikni na Úpravy-Kopírovat. Poté sem vlož pomocí Ctrl+V obsah logu.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Nahoru
nermitus
Level 2
Level 2
Příspěvky: 207
Registrován: prosinec 14
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu

Příspěvekod nermitus » 26 led 2022 19:35

Memtest nenašiel žiadnu chybu

# DelFix v1.010 - Logfile created 26/01/2022 at 17:51:33
# Updated 26/04/2015 by Xplode
# Username : User - DESKTOP-DN5JIN0
# Operating System : Windows 10 Enterprise (64 bits)

~ Removing disinfection tools ...

Deleted : C:\zoek_backup
Deleted : C:\AdwCleaner
Deleted : C:\zoek-results.log
Deleted : C:\Users\User\Desktop\AdwCleaner.exe
Deleted : C:\Users\User\Desktop\JRT.exe
Deleted : C:\Users\User\Desktop\JRT.txt
Deleted : C:\Users\User\Desktop\hijackthis.log
Deleted : C:\Users\User\Desktop\RogueKiller_setup.exe
Deleted : C:\Users\User\Desktop\TFC.exe
Deleted : C:\Users\User\Desktop\zoek1.rar
Deleted : C:\Users\Public\Desktop\RogueKiller.lnk
Deleted : C:\Users\User\Downloads\HijackThis.exe
Deleted : C:\Users\User\Downloads\hijackthis.log
Deleted : C:\Users\User\Downloads\RogueKiller_portable64.exe
Deleted : C:\Users\User\Downloads\TFC.exe
Deleted : HKLM\SOFTWARE\OldTimer Tools

~ Cleaning system restore ...

Deleted : RP #93 [Scheduled Checkpoint | 01/17/2022 08:43:43]
Deleted : RP #94 [JRT Pre-Junkware Removal | 01/25/2022 19:03:44]
Deleted : RP #95 [Installed Sophos Virus Removal Tool. | 01/25/2022 21:01:12]
Deleted : RP #96 [zoek.exe restore point | 01/26/2022 06:39:48]

New restore point created !

########## - EOF - ##########


----------------------------------------------------------------------------
CrystalDiskInfo 8.13.2 (C) 2008-2021 hiyohiyo
Crystal Dew World: https://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 10 Professional [10.0 Build 19042] (x64)
Date : 2022/01/26 19:30:47

-- Controller Map ----------------------------------------------------------
+ Standard SATA AHCI Controller [ATA]
- ST2000LM015-2E8174
- ADATA SU800
- Microsoft Storage Spaces Controller [SCSI]

-- Disk List ---------------------------------------------------------------
(01) ST2000LM015-2E8174 : 2000,3 GB [0/0/0, pd1]
(02) ADATA SU800 : 512,1 GB [1/0/0, pd1] - sm

----------------------------------------------------------------------------
(01) ST2000LM015-2E8174
----------------------------------------------------------------------------
Model : ST2000LM015-2E8174
Firmware : SDM1
Serial Number : WDZ42JFP
Disk Size : 2000,3 GB (8,4/137,4/2000,3/2000,3)
Buffer Size : Unknown
Queue Depth : 32
# of Sectors : 3907029168
Rotation Rate : 5400 RPM
Interface : Serial ATA
Major Version : ACS-3
Minor Version : ACS-3 Revision 3b
Transfer Mode : SATA/600 | SATA/600
Power On Hours : 20977 hours
Power On Count : 1903 count
Temperature : 24 C (75 F)
Health Status : Good
Features : S.M.A.R.T., APM, NCQ
APM Level : 8080h [ON]
AAM Level : ----
Drive Letter : D:

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 _79 _64 __6 000004EC5647 Read Error Rate
03 _99 _99 __0 000000000000 Spin-Up Time
04 _99 _99 _20 0000000007A1 Start/Stop Count
05 100 100 _36 000000000000 Reallocated Sectors Count
07 _73 _60 _45 0000011F91A3 Seek Error Rate
09 _77 _77 __0 0BD5000051F1 Power-On Hours
0A 100 100 _97 000000000000 Spin Retry Count
0C _99 _99 _20 00000000076F Power Cycle Count
B8 100 100 _99 000000000000 End-to-End Error
BB 100 100 __0 000000000000 Reported Uncorrectable Errors
BC 100 100 __0 000000000000 Command Timeout
BD 100 100 __0 000000000000 High Fly Writes
BE _76 _63 _40 000021120018 Airflow Temperature
BF 100 100 __0 000000000000 G-Sense Error Rate
C0 100 100 __0 000000000004 Power-off Retract Count
C1 __1 __1 __0 00000011E2D7 Load/Unload Cycle Count
C2 _24 _40 __0 000D00000018 Temperature
C5 100 100 __0 000000000000 Current Pending Sector Count
C6 100 100 __0 000000000000 Uncorrectable Sector Count
C7 200 200 __0 000000000000 UltraDMA CRC Error Count
F0 100 253 __0 FD29000050AA Head Flying Hours
F1 100 253 __0 000118B72A99 Total Host Writes
F2 100 253 __0 00016CBBB468 Total Host Reads
FE 100 100 __0 000000000000 Free Fall Protection

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0C5A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2020 2020 2020 2020 5744 5A34 324A 4650
020: 0000 0000 0000 5344 4D31 2020 2020 5354 3230 3030
030: 4C4D 3031 352D 3245 3831 3734 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 4000 2F00
050: 4000 0200 0200 0007 3FFF 0010 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0100
070: 0000 0000 0000 0000 0000 001F 8F0E 0006 006C 0040
080: 07F0 001F 746B 7D69 6163 7469 BC49 6163 207F 00A7
090: 00A7 8080 FFFE 0000 D0D0 0000 0000 0000 0000 0000
100: 88B0 E8E0 0000 0000 0000 0000 6003 0000 5000 C500
110: A924 9682 0000 0000 0000 0000 0000 0000 0000 401E
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 88B0
130: E8E0 88B0 E8E0 2020 0002 0140 0100 5000 3C06 3C0A
140: 0000 003C 0000 0008 0000 0000 BDFF 0280 0000 0000
150: 0008 0000 0000 0027 1028 8000 4000 0100 A500 8000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0003 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 3035 0000 0000 4000
210: 0000 0000 0000 0000 0000 0000 0000 1518 0000 0000
220: 0000 0000 107F 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 57A5

-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 0A 00 01 0F 00 4F 40 47 56 EC 04 00 00 00 03 03
010: 00 63 63 00 00 00 00 00 00 00 04 32 00 63 63 A1
020: 07 00 00 00 00 00 05 33 00 64 64 00 00 00 00 00
030: 00 00 07 0F 00 49 3C A3 91 1F 01 00 00 00 09 32
040: 00 4D 4D F1 51 00 00 D5 0B 0E 0A 13 00 64 64 00
050: 00 00 00 00 00 00 0C 32 00 63 63 6F 07 00 00 00
060: 00 00 B8 32 00 64 64 00 00 00 00 00 00 00 BB 32
070: 00 64 64 00 00 00 00 00 00 00 BC 32 00 64 64 00
080: 00 00 00 00 00 00 BD 3A 00 64 64 00 00 00 00 00
090: 00 00 BE 22 00 4C 3F 18 00 12 21 00 00 00 BF 32
0A0: 00 64 64 00 00 00 00 00 00 00 C0 32 00 64 64 04
0B0: 00 00 00 00 00 01 C1 32 00 01 01 D7 E2 11 00 00
0C0: 00 00 C2 22 00 18 28 18 00 00 00 0D 00 00 C5 12
0D0: 00 64 64 00 00 00 00 00 00 00 C6 10 00 64 64 00
0E0: 00 00 00 00 00 00 C7 3E 00 C8 C8 00 00 00 00 00
0F0: 00 00 F0 00 00 64 FD AA 50 00 00 29 FD 05 F1 00
100: 00 64 FD 99 2A B7 18 01 00 00 F2 00 00 64 FD 68
110: B4 BB 6C 01 00 00 FE 32 00 64 64 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 71
170: 03 00 01 00 01 FF 02 4D 01 00 00 00 00 00 00 00
180: 00 00 00 00 12 0A 00 00 01 01 01 01 01 01 01 01
190: 01 00 00 00 00 00 00 00 00 01 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 15 AB E6 F5 AE 44 00 00
1B0: 00 00 00 00 01 00 0A 00 99 2A B7 18 01 00 00 00
1C0: 68 B4 BB 6C 01 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 3D 03 00 00 01 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 02
1F0: 00 00 00 00 00 00 00 00 00 00 03 18 00 00 00 81

-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 01 00 01 06 00 00 00 00 00 00 00 00 00 00 03 00
010: 00 00 00 00 00 00 00 00 00 00 04 14 00 00 00 00
020: 00 00 00 00 00 00 05 24 00 00 00 00 00 00 00 00
030: 00 00 07 2D 00 00 00 00 00 00 00 00 00 00 09 00
040: 00 00 00 00 00 00 00 00 00 00 0A 61 00 00 00 00
050: 00 00 00 00 00 00 0C 14 00 00 00 00 00 00 00 00
060: 00 00 B8 63 00 00 00 00 00 00 00 00 00 00 BB 00
070: 00 00 00 00 00 00 00 00 00 00 BC 00 00 00 00 00
080: 00 00 00 00 00 00 BD 00 00 00 00 00 00 00 00 00
090: 00 00 BE 28 00 00 00 00 00 00 00 00 00 00 BF 00
0A0: 00 00 00 00 00 00 00 00 00 00 C0 00 00 00 00 00
0B0: 00 00 00 00 00 00 C1 00 00 00 00 00 00 00 00 00
0C0: 00 00 C2 00 00 00 00 00 00 00 00 00 00 00 C5 00
0D0: 00 00 00 00 00 00 00 00 00 00 C6 00 00 00 00 00
0E0: 00 00 00 00 00 00 C7 00 00 00 00 00 00 00 00 00
0F0: 00 00 F0 00 00 00 00 00 00 00 00 00 00 00 F1 00
100: 00 00 00 00 00 00 00 00 00 00 F2 00 00 00 00 00
110: 00 00 00 00 00 00 FE 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 92

----------------------------------------------------------------------------
(02) ADATA SU800
----------------------------------------------------------------------------
Model : ADATA SU800
Firmware : P1021A
Serial Number : 2G4720086676
Disk Size : 512,1 GB (8,4/137,4/512,1/512,1)
Buffer Size : Unknown
Queue Depth : 32
# of Sectors : 1000215216
Rotation Rate : ---- (SSD)
Interface : Serial ATA
Major Version : ACS-3
Minor Version : ----
Transfer Mode : SATA/600 | SATA/600
Power On Hours : 3821 hours
Power On Count : 1908 count
Host Reads : 43714 GB
Host Writes : 31232 GB
NAND Writes : 63906 GB
Temperature : 42 C (107 F)
Health Status : Good (100 %)
Features : S.M.A.R.T., NCQ, TRIM, DevSleep
APM Level : ----
AAM Level : ----
Drive Letter : C:

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 100 100 __0 000000000000 Read Error Rate
05 100 100 __0 00000000000D Reallocated Sectors Count
09 100 100 __0 000000000EED Power-On Hours
0C 100 100 __0 000000000774 Power Cycle Count
A0 100 100 __0 000000000000 Uncorrectable sectors count when read/write
A1 100 100 __0 00000000002E Number of Valid Spare Blocks
A3 100 100 __0 00000000001C Number of Initial Invalid Blocks
A4 100 100 __0 00000000F9A2 Total Erase Count
A5 100 100 __0 0000000000B4 Maximum Erase Count
A6 100 100 __0 00000000004E Minimum Erase Count
A7 100 100 __0 000000000084 Average Erase Count
94 100 100 __0 00000001D830 SLC Total Erase Count
95 100 100 __0 000000000DEF SLC Maximum Erase Count
96 100 100 __0 000000000D5B SLC Minimum Erase Count
97 100 100 __0 000000000DE3 SLC Average Erase Count
A9 100 100 __0 000000000064 Remain Life
B1 100 100 _50 00000000011F Total Wear Level Count
B5 100 100 __0 000000000000 Total Program Fail Count
B6 100 100 __0 000000000000 Total Erase Fail Count
C0 100 100 __0 000000000023 Power-Off Retract Count
C2 100 100 __0 00000000002A Temperature
C4 100 100 _16 000000000004 Reallocation Event Count
C7 100 100 _50 000000000001 Ultra DMA CRC Error Count
E8 100 100 __0 000000000064 Available Reserved Space
F1 100 100 __0 0000000F4006 Total LBA Written
F2 100 100 __0 00000015584B Total LBA Read
F5 100 100 __0 0000001F3440 Flash Write Sector Count

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0040 3FFF C837 0010 0000 0000 003F FFFF FF0F 0000
010: 3247 3437 3230 3038 3636 3736 2020 2020 2020 2020
020: 0000 0000 0000 5031 3032 3141 2020 4144 4154 4120
030: 5355 3830 3020 2020 2020 2020 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8002 4000 2F00
050: 4000 0000 0000 0007 3FFF 0010 003F FC10 00FB 9102
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 4D20
070: 0000 0000 0000 0000 0000 001F 870E 0006 014C 0040
080: 07F0 0000 746B 7501 4163 7469 B401 4163 207F 0001
090: 0001 0000 FFFE 0000 0000 0000 0000 0000 0000 0000
100: 12B0 3B9E 0000 0000 0000 0008 4000 0000 5707 C181
110: 003E 7F3B 0000 0000 0000 0000 0000 0100 0000 401C
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 4144
130: 4154 4100 0000 0000 0000 0000 0000 0000 0000 0000
140: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0003 0001
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 0035 0000 0000 4000
210: 0000 0000 0000 0000 0000 0000 0000 0001 0000 0000
220: 0000 0000 107F 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 0200 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 7BA5

-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 01 00 01 00 00 64 64 00 00 00 00 00 00 00 05 00
010: 00 64 64 0D 00 00 00 00 00 00 09 00 00 64 64 ED
020: 0E 00 00 00 00 00 0C 00 00 64 64 74 07 00 00 00
030: 00 00 A0 00 00 64 64 00 00 00 00 00 00 00 A1 00
040: 00 64 64 2E 00 00 00 00 00 00 A3 00 00 64 64 1C
050: 00 00 00 00 00 00 A4 00 00 64 64 A2 F9 00 00 00
060: 00 00 A5 00 00 64 64 B4 00 00 00 00 00 00 A6 00
070: 00 64 64 4E 00 00 00 00 00 00 A7 00 00 64 64 84
080: 00 00 00 00 00 00 94 00 00 64 64 30 D8 01 00 00
090: 00 00 95 00 00 64 64 EF 0D 00 00 00 00 00 96 00
0A0: 00 64 64 5B 0D 00 00 00 00 00 97 00 00 64 64 E3
0B0: 0D 00 00 00 00 00 A9 00 00 64 64 64 00 00 00 00
0C0: 00 00 B1 00 00 64 64 1F 01 00 00 00 00 00 B5 00
0D0: 00 64 64 00 00 00 00 00 00 00 B6 00 00 64 64 00
0E0: 00 00 00 00 00 00 C0 00 00 64 64 23 00 00 00 00
0F0: 00 00 C2 00 00 64 64 2A 00 00 00 00 00 00 C4 00
100: 00 64 64 04 00 00 00 00 00 00 C7 00 00 64 64 01
110: 00 00 00 00 00 00 E8 00 00 64 64 64 00 00 00 00
120: 00 00 F1 00 00 64 64 06 40 0F 00 00 00 00 F2 00
130: 00 64 64 4B 58 15 00 00 00 00 F5 00 00 64 64 40
140: 34 1F 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 71
170: 02 00 01 00 02 0A 02 00 00 00 00 00 00 00 00 00
180: 00 00 50 31 30 32 31 41 20 20 00 00 00 00 00 00
190: 53 4D 32 32 35 38 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 BD

-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 01 00 01 00 00 00 00 00 00 00 00 00 00 00 05 00
010: 00 00 00 00 00 00 00 00 00 00 09 00 00 00 00 00
020: 00 00 00 00 00 00 0C 00 00 00 00 00 00 00 00 00
030: 00 00 A0 00 00 00 00 00 00 00 00 00 00 00 A1 00
040: 00 00 00 00 00 00 00 00 00 00 A3 00 00 00 00 00
050: 00 00 00 00 00 00 A4 00 00 00 00 00 00 00 00 00
060: 00 00 A5 00 00 00 00 00 00 00 00 00 00 00 A6 00
070: 00 00 00 00 00 00 00 00 00 00 A7 00 00 00 00 00
080: 00 00 00 00 00 00 94 00 00 00 00 00 00 00 00 00
090: 00 00 95 00 00 00 00 00 00 00 00 00 00 00 96 00
0A0: 00 00 00 00 00 00 00 00 00 00 97 00 00 00 00 00
0B0: 00 00 00 00 00 00 A9 00 00 00 00 00 00 00 00 00
0C0: 00 00 B1 32 00 00 00 00 00 00 00 00 00 00 B5 00
0D0: 00 00 00 00 00 00 00 00 00 00 B6 00 00 00 00 00
0E0: 00 00 00 00 00 00 C0 00 00 00 00 00 00 00 00 00
0F0: 00 00 C2 00 00 00 00 00 00 00 00 00 00 00 C4 10
100: 00 00 00 00 00 00 00 00 00 00 C7 32 00 00 00 00
110: 00 00 00 00 00 00 E8 00 00 00 00 00 00 00 00 00
120: 00 00 F1 00 00 00 00 00 00 00 00 00 00 00 F2 00
130: 00 00 00 00 00 00 00 00 00 00 F5 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0E
Nahoru
Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43060
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu

Příspěvekod jaro3 » 26 led 2022 19:49

Disky OK , ještě ten Memtest.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Nahoru
nermitus
Level 2
Level 2
Příspěvky: 207
Registrován: prosinec 14
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu

Příspěvekod nermitus » 26 led 2022 19:52

Memtest som mal zapnutý 8x 2 hodiny a nenašiel žiadnu chybu.
Nahoru
Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43060
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu

Příspěvekod jaro3 » 26 led 2022 19:56

OK , měls to tam , teď jsem to přečetl.

Vypni antivir i firewall.
Prosím stáhni příslušnou verzi programu pro Tvůj systém 32-bit/64-bit FarbarRecovery Scan Tool (FrSt)
32bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/81/
64bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/82/
další odkaz:
http://www.bleepingcomputer.com/downloa ... scan-tool/
a ulož jej na plochu. ,pak spusť FrSt.
Potvrď způsob užití.
Neměň žádné z výchozích nastavení a klikni na položku „Scan“ („Skenovat“) .Když je skenování dokončeno, ukážou se dva logy = FRST.txt a Addition.txt a uloží se na ploše.Prosím zkopíruj sem celý jejich obsah.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Nahoru
nermitus
Level 2
Level 2
Příspěvky: 207
Registrován: prosinec 14
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu

Příspěvekod nermitus » 26 led 2022 20:07

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 26-01-2022
Ran by User (administrator) on DESKTOP-DN5JIN0 (MSI MS-7998) (26-01-2022 20:03:16)
Running from C:\Users\User\Desktop
Loaded Profiles: User
Platform: Microsoft Windows 10 Pro Version 20H2 19042.1466 (X64) Language: Slovenčina (Slovensko)
Default browser: "C:\Users\User\AppData\Local\Brave\Brave.exe" -- "%1"
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files (x86)\Codebox\BitMeter\BitMeter2.exe
() [File not signed] C:\Program Files\MySQL\MySQL Server 5.6\bin\mysqld.exe
(A FOUR TECH CO., LTD. -> ) C:\Program Files (x86)\Bloody7\Bloody7\Bloody7.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(ALCPU -> ALCPU) C:\Program Files\Core Temp\Core Temp.exe
(Alexander Drozdov) [File not signed] C:\Program Files\Awakened PoE Trade\Awakened PoE Trade.exe <4>
(Brave Software, Inc. -> Brave Software, Inc.) C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe <11>
(Brave Software, Inc. -> BraveSoftware Inc.) C:\Program Files (x86)\BraveSoftware\Update\1.3.361.111\BraveCrashHandler.exe
(Brave Software, Inc. -> BraveSoftware Inc.) C:\Program Files (x86)\BraveSoftware\Update\1.3.361.111\BraveCrashHandler64.exe
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe <2>
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe <2>
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
(Digital Wave Ltd -> Digital Wave Ltd) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\EpicWebHelper.exe <2>
(Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(IObit CO., LTD -> IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
(IObit Information Technology -> IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\Pub\imsctadn.exe
(Kakao corp. -> Kakao) C:\Program Files\DAUM\PotPlayer\PotPlayerMini64.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.721.12013.0_x64__8wekyb3d8bbwe\GameBar.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.721.12013.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\printfilterpipelinesvc.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Microsoft Windows Hardware Compatibility Publisher -> Pixart Imaging Inc) C:\Windows\System32\TiltWheelMouse.exe
(MurGee Softwares Pvt Ltd -> MurGee.com) C:\Users\User\AppData\Roaming\Auto Mouse Click by MurGee.com\AutoMouseClick.exe
(nordvpn s.a. -> TEFINCOM S.A.) C:\Program Files\NordVPN\nordvpn-service.exe
(Notepad++ -> Don HO don.h@free.fr) C:\Program Files\Notepad++\notepad++.exe
(Nvidia Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvmdi.inf_amd64_de900db96e9c1480\Display.NvContainer\NVDisplay.Container.exe <2>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Shanghai Changzhi Network Technology Co., Ltd. -> ) C:\LDPlayer\LDPlayer4.0\dnplayer.exe
(Shanghai Changzhi Network Technology Co., Ltd. -> Oracle Corporation) C:\Program Files\ldplayerbox\LdVBoxHeadless.exe
(Shanghai Changzhi Network Technology Co., Ltd. -> Oracle Corporation) C:\Program Files\ldplayerbox\LdVBoxSVC.exe
(SOKNO S.R.L. -> ) C:\Program Files (x86)\SpeedFan\speedfan.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Unified Intents AB -> Unified Intents AB) C:\Program Files (x86)\Unified Remote 3\RemoteServerWin.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9217024 2017-04-13] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [MouseDriver] => C:\Windows\system32\TiltWheelMouse.exe [241152 2013-04-09] (Microsoft Windows Hardware Compatibility Publisher -> Pixart Imaging Inc)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [646160 2019-12-11] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-2617044153-1973433787-3727689247-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4267432 2021-12-16] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-2617044153-1973433787-3727689247-1001\...\Run: [Unified Remote V3] => C:\Program Files (x86)\Unified Remote 3\RemoteServerWin.exe [3245752 2021-11-22] (Unified Intents AB -> Unified Intents AB)
HKU\S-1-5-21-2617044153-1973433787-3727689247-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\User\AppData\Local\Microsoft\Teams\Update.exe [1789552 2019-06-28] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-2617044153-1973433787-3727689247-1001\...\Run: [Lync] => C:\Program Files\Microsoft Office\root\Office16\lync.exe [26599728 2022-01-16] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2617044153-1973433787-3727689247-1001\...\Run: [NordVPN] => C:\Program Files\NordVPN\NordVPN.exe [280440 2021-06-05] (nordvpn s.a. -> TEFINCOM S.A.)
HKU\S-1-5-21-2617044153-1973433787-3727689247-1001\...\Run: [TSMApplication] => "C:\Program Files (x86)\TradeSkillMaster Application\app\TSMApplication.exe" (No File)
HKU\S-1-5-21-2617044153-1973433787-3727689247-1001\...\Run: [JellyfinTray] => C:\Program Files\Jellyfin\Server\Jellyfin.Windows.Tray.exe (No File)
HKU\S-1-5-21-2617044153-1973433787-3727689247-1001\...\Run: [GalaxyClient] => [X]
HKU\S-1-5-21-2617044153-1973433787-3727689247-1001\...\Run: [GogGalaxy] => C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe [14858824 2020-12-23] (GOG Sp. z o.o. -> GOG.com)
HKU\S-1-5-21-2617044153-1973433787-3727689247-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [34508416 2021-06-17] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-2617044153-1973433787-3727689247-1001\...\Run: [Discord] => C:\Users\User\AppData\Local\Discord\Update.exe [1512760 2020-12-03] (Discord Inc. -> GitHub)
HKU\S-1-5-21-2617044153-1973433787-3727689247-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [33627104 2022-01-25] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-2617044153-1973433787-3727689247-1001\...\Run: [Bloody2] => C:\Program Files (x86)\Bloody7\Bloody7\Bloody7.exe [19910456 2021-10-07] (A FOUR TECH CO., LTD. -> )
HKU\S-1-5-21-2617044153-1973433787-3727689247-1001\...\Run: [Spotify] => C:\Users\User\AppData\Roaming\Spotify\Spotify.exe [19227064 2022-01-26] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-2617044153-1973433787-3727689247-1001\...\RunOnce: [Application Restart #5] => C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe [2394568 2022-01-20] (Brave Software, Inc. -> Brave Software, Inc.)
HKU\S-1-5-21-2617044153-1973433787-3727689247-1001\...\RunOnce: [Application Restart #3] => C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe [2394568 2022-01-20] (Brave Software, Inc. -> Brave Software, Inc.)
HKU\S-1-5-21-2617044153-1973433787-3727689247-1001\...\RunOnce: [Application Restart #2] => C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe [2394568 2022-01-20] (Brave Software, Inc. -> Brave Software, Inc.)
HKU\S-1-5-21-2617044153-1973433787-3727689247-1001\...\RunOnce: [Application Restart #1] => C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe [2394568 2022-01-20] (Brave Software, Inc. -> Brave Software, Inc.)
HKLM\...\Print\Monitors\HP c111 Status Monitor: C:\Windows\system32\hpinkstsc111LM.dll [333496 2012-12-16] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [OpenVPN_UserSetup] -> reg delete HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v OPENVPN-GUI /f
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\97.0.4692.99\Installer\chrmstp.exe [2022-01-25] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\97.1.34.81\Installer\chrmstp.exe [2022-01-21] (Brave Software, Inc. -> Brave Software, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bitmeter2.lnk [2017-08-12]
ShortcutTarget: Bitmeter2.lnk -> C:\Program Files (x86)\Codebox\BitMeter\BitMeter2.exe () [File not signed]
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {033D3260-BC5C-4D94-95E5-735133BE2EE1} - System32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13190952 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {035769B5-3AB3-4FFD-BD32-A8F856A0C6B6} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [138592 2022-01-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {076285B3-6190-4311-B4C7-4F2604782C5B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8413176 2022-01-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {08982020-D8C4-4B09-B0DD-2F7E0AD5B934} - System32\Tasks\COMODO\COMODO Telemetry {18AD3DFA-30C0-4B5F-84F7-F1870B1A4921} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13190952 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {0C8EF34B-1034-420F-AD12-2539E60304EA} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-17] (Adobe Inc. -> Adobe Inc.)
Task: {0D6BC1C5-7646-48CE-8A93-3717730EDEC8} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [904904 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation)
Task: {14973A18-F410-454A-9F51-A1FEACD6121C} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5758488 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {15321779-D46B-42EA-A559-6913449C0C67} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22844272 2022-01-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {1A18F5B7-A271-4654-A5FC-A55A26FD3B26} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1650384 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation)
Task: {2D6D62F3-71C5-45DB-A6D0-A4F3BE70FA7B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-08-12] (Google Inc -> Google Inc.)
Task: {30F50267-ACF6-4CC9-A82A-09A4B2FD6EE6} - System32\Tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5758488 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {3ED31A2F-4C00-4E4D-85CD-1F73BB98757B} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5758488 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {404BB9C7-CBDB-4142-9F56-6FF5765B6116} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3341312 2021-12-09] (Nvidia Corporation -> NVIDIA Corporation)
Task: {448CCAB7-CA93-487E-B20B-02DBD3C3DC83} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-08-12] (Google Inc -> Google Inc.)
Task: {4C3F4B7B-7DB2-4433-BF63-0E3693757033} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [904904 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation)
Task: {588221BC-359A-4689-8150-EC5D52F98914} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13190952 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {6068682F-4E6D-4E53-942A-D94514096D3F} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22844272 2022-01-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {6596C8D0-30D5-402E-B794-D930D77AD075} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [138592 2022-01-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {6787D7CD-AB0A-4A8B-844D-D4FF186B36EF} - System32\Tasks\COMODO\COMODO Maintenance {947247B5-026A-4437-9371-770782BE839D} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5758488 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {6B5C9DD2-E29D-4100-829A-5D1060453950} - System32\Tasks\Microsoft\Windows\rempl\shell-usoscan => C:\Program Files\rempl\remsh.exe /RunUsoScanOnly (No File)
Task: {74024FC7-25D9-47E1-96A4-4D71E765E5DB} - System32\Tasks\BraveSoftwareUpdateTaskMachineUA => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [154056 2019-02-23] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {77EC3670-D0F1-4EB3-AAAB-C9CE4E7B6479} - System32\Tasks\AMHelper => C:\Program Files (x86)\Zemana\AntiMalware\AntiMalware.exe [682008 2021-03-30] (Zemana D.O.O. Sarajevo -> Zemana Ltd.)
Task: {7E9EE450-3670-4174-B2CC-03CA11CC42E3} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-06-17] (Piriform Software Ltd -> Piriform)
Task: {847CC765-4928-4C73-B1AD-BDE39477F5AF} - System32\Tasks\Intel PTT EK Recertification => C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\IntelPTTEKRecertification.exe [818008 2021-09-15] (Intel Corporation -> Intel(R) Corporation)
Task: {865542FE-6862-4E40-8378-C035563B0178} - System32\Tasks\BraveSoftwareUpdateTaskUserS-1-5-21-2617044153-1973433787-3727689247-1001Core => C:\Users\User\AppData\Local\BraveSoftware\Update\BraveUpdate.exe /c (No File)
Task: {887EC67C-8332-49D8-B013-53E4F9E61DD0} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [28880512 2021-06-17] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {8C6D5A9E-5CC2-4CD8-87B2-1BF438B17833} - System32\Tasks\BraveSoftwareUpdateTaskMachineCore => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [154056 2019-02-23] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {A55A797B-E8D2-4100-A943-BF768DE5F825} - System32\Tasks\BraveSoftwareUpdateTaskUserS-1-5-21-2617044153-1973433787-3727689247-1001UA => C:\Users\User\AppData\Local\BraveSoftware\Update\BraveUpdate.exe /ua /installsource scheduler (No File)
Task: {A64ABB6E-92C4-40D4-BE46-837BFB651EE9} - System32\Tasks\Core Temp Autostart User => C:\Program Files\Core Temp\Core Temp.exe [945640 2017-03-25] (ALCPU -> ALCPU)
Task: {BD597C15-6C9E-44EA-8AAD-3CA9D803B544} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649216 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation)
Task: {C1FF3F72-690C-47D5-BBE9-DBD345AB2474} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1650384 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation)
Task: {C21BB792-63CC-4AC5-9E90-D2A19C62F55F} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1650384 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation)
Task: {CBF9F3BF-E36E-4D08-8939-24958D959791} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8413176 2022-01-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {CC7C8B34-EC0F-46BB-A01F-C0B14CFBC1FE} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe [804408 2021-12-03] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
Task: {D55DCA50-24D9-40BE-BF8D-A94CFD4416A4} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-11-16] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {D5E672A7-511E-4ECB-B701-AC0BD8CBA982} - System32\Tasks\Uninstaller_SkipUac_User => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [7225368 2021-08-24] (IObit CO., LTD -> IObit)
Task: {D8F775C3-6839-4A0B-B67E-9364249BC2F8} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1613720 2022-01-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {E7D9A008-71A0-4FE8-9C9F-0B4CED1C90F6} - System32\Tasks\BlueStacksHelper_nxt => C:\Program Files\BlueStacks_nxt\BlueStacksHelper.exe [275136 2021-08-04] (Bluestack Systems, Inc -> BlueStack Systems, Inc.)
Task: {E9C1A8B0-37C7-4CAE-92ED-71566138A3FA} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1650384 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation)
Task: {ECD5458A-E1A6-45AF-87B6-CCD46B01953D} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [566592 2008-07-30] (Apple Inc. -> Apple Inc.)
Task: {F866E343-406C-4D1F-BBDA-B8289A63A4FE} - System32\Tasks\COMODO\COMODO CMC {06A09C0F-DD9C-4191-A670-71115CD78627} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5758488 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
Task: {F8DA054D-B417-426A-B9BF-F9E2E2932236} - System32\Tasks\Microsoft\KiN SF => C:\Program Files (x86)\SpeedFan\speedfan.exe [8166536 2016-06-29] (SOKNO S.R.L. -> )

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.1.138
Tcpip\..\Interfaces\{fc2a1fda-3151-4f24-b8e6-e38cd2079293}: [NameServer] 8.8.4.4,8.8.8.8
Tcpip\..\Interfaces\{fc2a1fda-3151-4f24-b8e6-e38cd2079293}: [DhcpNameServer] 10.0.1.138

Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]

FireFox:
========
FF DefaultProfile: kyywts3s.default
FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\kyywts3s.default [2022-01-26]
FF Homepage: Mozilla\Firefox\Profiles\kyywts3s.default -> about:home
FF NewTab: Mozilla\Firefox\Profiles\kyywts3s.default -> about:newtab
FF Notifications: Mozilla\Firefox\Profiles\kyywts3s.default -> hxxps://s17-sk.gladiatus.gameforge.com
FF Extension: (Greasemonkey) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\kyywts3s.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2018-01-17]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-11-02] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.241.2 -> C:\Program Files (x86)\Java\jre1.8.0_241\bin\dtplugin\npDeployJava1.dll [2020-03-21] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.241.2 -> C:\Program Files (x86)\Java\jre1.8.0_241\bin\plugin2\npjp2.dll [2020-03-21] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-11-02] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-11-02] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.11 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.16 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-12-24] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2617044153-1973433787-3727689247-1001: @tools.brave.com/BraveSoftware Update;version=3 -> C:\Users\User\AppData\Local\BraveSoftware\Update\1.3.99.0\npBraveUpdate3.dll [No File]
FF Plugin HKU\S-1-5-21-2617044153-1973433787-3727689247-1001: @tools.brave.com/BraveSoftware Update;version=9 -> C:\Users\User\AppData\Local\BraveSoftware\Update\1.3.99.0\npBraveUpdate3.dll [No File]

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default [2022-01-26]
CHR StartupUrls: Default -> "chrome://newtab/"
CHR Extension: (Prezentácie) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2022-01-26]
CHR Extension: (BetterTTV) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2021-12-09]
CHR Extension: (Dokumenty) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2022-01-26]
CHR Extension: (Disk Google) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2022-01-26]
CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2022-01-26]
CHR Extension: (Set Character Encoding) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpojelgakakmcfmjfilgdlmhefphglae [2019-02-25]
CHR Extension: (PotPlayer YouTube Shortcut, Open Links) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfdpeaefecdlkdlgdpjjllmhlnckcodp [2021-12-20]
CHR Extension: (Social Blade) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfidkbgamfhdgmedldkagjopnbobdmdn [2022-01-26] [UpdateUrl:hxxps://addon.socialblade.com/updates.json] <==== ATTENTION
CHR Extension: (uBlock Origin) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2022-01-19]
CHR Extension: (Gladiatus Crazy Add On) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfbmiedjenagoegiiabjfjpkhfocifkp [2022-01-02]
CHR Extension: (Tampermonkey) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2021-06-27]
CHR Extension: (AHA Music - Song Finder for Browser) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpacanjfikmhoddligfbehkpomnbgblf [2021-12-23]
CHR Extension: (Adobe Acrobat) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2022-01-26]
CHR Extension: (Tabuľky) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2022-01-26]
CHR Extension: (Readium) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\fepbnnnkkadjhjahcafoaglimekefifl [2018-12-31]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-01-26]
CHR Extension: (No Coin - Block miners on the web!) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gojamcfopckidlocpkbelmpjcgmbgjcl [2018-02-26]
CHR Extension: (Arcane Legends) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibmlkgieigeddcedpbijnpojheoddido [2018-09-05]
CHR Extension: (Ghostery – Privacy Ad Blocker) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2022-01-19]
CHR Extension: (cookies.txt) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\njabckikapfpffapmjgojcnbfjonfjfg [2018-04-11]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-01-26]
CHR Extension: (Gmail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2022-01-26]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]

Brave:
=======
BRA DefaultProfile: Default
BRA Profile: C:\Users\User\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2022-01-26]
BRA Extension: (Adobe Acrobat) - C:\Users\User\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2022-01-26]
BRA Extension: (Brave Local Data Files Updater) - C:\Users\User\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2022-01-25]
BRA Extension: (Brave NTP background images) - C:\Users\User\AppData\Local\BraveSoftware\Brave-Browser\User Data\aoojcmojmmcbpfgoecoadbdpnagfchel [2021-12-15]
BRA Extension: (Wallet Data Files Updater) - C:\Users\User\AppData\Local\BraveSoftware\Brave-Browser\User Data\BraveWallet [2021-12-01]
BRA Extension: (Brave Ad Block Updater (Default)) - C:\Users\User\AppData\Local\BraveSoftware\Brave-Browser\User Data\cffkpbalmllkdoenhmdmpbkajipdjfam [2022-01-26]
BRA Extension: (Brave Tor Client Updater (Windows)) - C:\Users\User\AppData\Local\BraveSoftware\Brave-Browser\User Data\cpoalefficncklhjfpglfiplenlpccdb [2021-08-12]
BRA Extension: (Brave SpeedReader Updater) - C:\Users\User\AppData\Local\BraveSoftware\Brave-Browser\User Data\jicbkmdloagakknpihibphagfckhjdih [2021-09-16]
BRA Extension: (Brave NTP sponsored images) - C:\Users\User\AppData\Local\BraveSoftware\Brave-Browser\User Data\mjgplcflbkgklplplbakkopkafojhbmk [2022-01-26]
BRA Extension: (PDF Viewer) - C:\Users\User\AppData\Local\BraveSoftware\Brave-Browser\User Data\oemmndcbldboiebfnladdacbdfmadadm [2019-02-23]
BRA Extension: (Brave Ad Block Updater (CZE, SVK: EasyList Czech and Slovak)) - C:\Users\User\AppData\Local\BraveSoftware\Brave-Browser\User Data\omkkefoeihpbpebhhbhmjekpnegokpbj [2022-01-26]
BRA Extension: (Brave HTTPS Everywhere Updater) - C:\Users\User\AppData\Local\BraveSoftware\Brave-Browser\User Data\oofiananboodjbbmdelgdommihjbkfag [2022-01-25]
StartMenuInternet: Brave - C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 ADATA ToolBox Service; C:\Program Files (x86)\ADATA\SSD ToolBox\ToolBoxSvc.exe [6519296 2017-09-27] () [File not signed]
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-17] (Adobe Inc. -> Adobe Inc.)
S2 brave; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [154056 2019-02-23] (Brave Software, Inc. -> BraveSoftware Inc.)
S3 bravem; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [154056 2019-02-23] (Brave Software, Inc. -> BraveSoftware Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12119432 2022-01-10] (Microsoft Corporation -> Microsoft Corporation)
R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [11334144 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
R2 CmdAgentProt; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [11334144 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
R3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2675504 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [439616 2020-03-11] (Digital Wave Ltd -> Digital Wave Ltd)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [803440 2021-09-29] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [16029472 2021-10-05] (Epic Games Inc. -> Epic Games, Inc.)
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [1741384 2020-12-23] (GOG Sp. z o.o. -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6821960 2020-12-16] (GOG Sp. z o.o. -> GOG.com)
S2 IObitUnSvr; C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe [158232 2021-08-04] (IObit CO., LTD -> IObit)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7972536 2022-01-25] (Malwarebytes Inc -> Malwarebytes)
R2 MySQL; C:\Program Files\MySQL\MySQL Server 5.6\bin\mysqld.exe [12907520 2013-02-01] () [File not signed]
R2 nordvpn-service; C:\Program Files\NordVPN\nordvpn-service.exe [280440 2021-06-05] (nordvpn s.a. -> TEFINCOM S.A.)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2562776 2022-01-21] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3481312 2022-01-21] (Electronic Arts, Inc. -> Electronic Arts)
S2 rkrtservice; C:\Program Files\RogueKiller\RogueKillerSvc.exe [14386160 2022-01-20] (ADLICE -> )
S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [2017072 2021-11-15] (Rockstar Games, Inc. -> Rockstar Games)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6137040 2022-01-13] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12986664 2021-12-15] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\NisSrv.exe [3206472 2020-01-26] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MsMpEng.exe [103376 2020-01-26] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvmdi.inf_amd64_de900db96e9c1480\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvmdi.inf_amd64_de900db96e9c1480\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 ALSysIO; C:\Users\User\AppData\Local\Temp\ALSysIO64.sys [35320 2022-01-26] (ALCPU -> Arthur Liberman) <==== ATTENTION
R1 amsdk; C:\WINDOWS\system32\drivers\amsdk.sys [232792 2022-01-26] (Zemana D.O.O. Sarajevo -> Copyright 2018.)
R2 BlueStacksDrv_nxt; C:\Program Files\BlueStacks_nxt\BstkDrv_nxt.sys [320728 2021-07-27] (Bluestack Systems, Inc -> Bluestack System Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
S0 cmdboot; C:\WINDOWS\System32\DRIVERS\cmdboot.sys [17576 2019-10-23] (Microsoft Windows Early Launch Anti-malware Publisher -> COMODO)
R1 cmderd; C:\WINDOWS\System32\DRIVERS\cmderd.sys [38880 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
R1 cmdGuard; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [844000 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
R1 cmdhlp; C:\WINDOWS\system32\DRIVERS\cmdhlp.sys [47104 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
S3 epmntdrv; C:\WINDOWS\system32\epmntdrv.sys [34744 2019-02-18] (CHENGDU YIWO Tech Development Co., Ltd. -> )
R0 EPMVolFl; C:\WINDOWS\System32\drivers\EPMVolFl.sys [30136 2019-04-12] (CHENGDU YIWO Tech Development Co., Ltd. -> Windows (R) Codename Longhorn DDK provider)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [160176 2022-01-25] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R1 inspect; C:\WINDOWS\system32\DRIVERS\inspect.sys [130256 2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
R3 IUFileFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IUFileFilter.sys [43896 2020-07-31] (IObit Information Technology -> IObit)
R3 IUProcessFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IUProcessFilter.sys [37112 2020-07-31] (IObit Information Technology -> IObit)
R3 IURegistryFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IURegistryFilter.sys [51128 2020-07-31] (IObit Information Technology -> IObit)
R2 LdVBoxDrv; C:\Program Files\ldplayerbox\LdVBoxDrv.sys [315232 2021-11-04] (MyTestCertificate -> Oracle Corporation)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220568 2022-01-26] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2022-01-25] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [194480 2022-01-26] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [69040 2022-01-26] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2022-01-25] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [156792 2022-01-26] (Malwarebytes Inc -> Malwarebytes)
R2 memudrv; C:\Microvirt\MEmuHyperv\MEmuDrv.sys [260368 2015-11-02] (上海迈微软件科技有限公司 -> Microvirt Corporation)
R2 NDivert; C:\Program Files\NordVPN\Drivers\NDivert.sys [128856 2021-06-09] (nordvpn s.a. -> Nordvpn S.A.)
S3 nlwt; C:\WINDOWS\system32\DRIVERS\nlwt.sys [39360 2020-11-23] (TEFINCOM S.A. -> WireGuard LLC)
R1 nordlwf; C:\WINDOWS\system32\DRIVERS\nordlwf.sys [38608 2020-10-14] (TEFINCOM S.A. -> TEFINCOM S.A.)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48552 2021-11-01] (Microsoft Windows Hardware Compatibility Publisher -> NVIDIA Corporation)
S3 rspLLL; C:\WINDOWS\System32\DRIVERS\rspLLL64.sys [26368 2015-07-13] (Daniel Terhell -> Resplendence Software Projects Sp.)
S3 rspWhySoSlow; C:\WINDOWS\System32\DRIVERS\rspWhy64.sys [28928 2016-12-17] (Daniel Terhell -> Resplendence Software Projects Sp.)
R2 speedfan; C:\Windows\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
S3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [30720 2019-10-31] (OpenVPN Inc. -> The OpenVPN Project)
S3 tapexpressvpn; C:\WINDOWS\System32\drivers\tapexpressvpn.sys [45024 2018-02-07] (ExprsVPN LLC -> The OpenVPN Project)
S3 tapmullvad0901; C:\WINDOWS\System32\drivers\tapmullvad0901.sys [39616 2020-02-04] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
R3 tapnordvpn; C:\WINDOWS\System32\drivers\tapnordvpn.sys [44896 2020-06-09] (TEFINCOM S.A. -> The OpenVPN Project)
S3 tapprotonvpn; C:\WINDOWS\System32\drivers\tapprotonvpn.sys [49008 2020-04-06] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S3 tapwindscribe0901; C:\WINDOWS\System32\drivers\tapwindscribe0901.sys [54896 2018-07-06] (Windscribe Limited -> The OpenVPN Project)
S3 t_mouse.sys; C:\WINDOWS\system32\DRIVERS\t_mouse.sys [6144 2013-04-09] (Microsoft Windows Hardware Compatibility Publisher -> )
R3 uvhid; C:\WINDOWS\System32\drivers\uvhid.sys [28128 2017-12-13] (Unified Intents AB -> Windows (R) Win 7 DDK provider)
S3 VBoxNetAdp; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys [196040 2017-09-13] (Oracle Corporation -> Oracle Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45664 2020-01-26] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [355760 2020-01-26] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54192 2020-01-26] (Microsoft Windows -> Microsoft Corporation)
S3 wintun; C:\WINDOWS\system32\DRIVERS\wintun.sys [29680 2021-12-20] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
S3 cpuz149; \??\C:\WINDOWS\temp\cpuz149\cpuz149_x64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-01-26 20:03 - 2022-01-26 20:04 - 000041604 _____ C:\Users\User\Desktop\FRST.txt
2022-01-26 20:02 - 2022-01-26 20:03 - 000000000 ____D C:\FRST
2022-01-26 20:01 - 2022-01-26 20:01 - 002311680 _____ (Farbar) C:\Users\User\Desktop\FRST64.exe
2022-01-26 19:30 - 2022-01-26 19:30 - 000015875 _____ C:\Users\User\Desktop\CrystalDiskInfo_20220126193042.txt
2022-01-26 19:30 - 2022-01-26 19:30 - 000001828 _____ C:\Users\User\Desktop\CrystalDiskInfo.lnk
2022-01-26 19:30 - 2022-01-26 19:30 - 000000000 ____D C:\Program Files\CrystalDiskInfo
2022-01-26 19:29 - 2022-01-26 19:29 - 004747720 _____ (Crystal Dew World ) C:\Users\User\Downloads\CrystalDiskInfo8_13_2.exe
2022-01-26 17:53 - 2019-12-07 01:49 - 000040960 _____ () C:\Users\User\Desktop\memtest.exe
2022-01-26 17:52 - 2022-01-26 17:52 - 000017671 _____ C:\Users\User\Downloads\MemTest.zip
2022-01-26 17:51 - 2022-01-26 17:51 - 000001436 _____ C:\DelFix.txt
2022-01-26 17:50 - 2022-01-26 17:50 - 000781312 _____ C:\Users\User\Downloads\delfix_1.010 (1).exe
2022-01-26 17:50 - 2022-01-26 17:50 - 000000000 ____D C:\Users\User\AppData\LocalLow\IGDump
2022-01-26 13:54 - 2022-01-26 13:54 - 000002000 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Awakened PoE Trade.lnk
2022-01-26 13:54 - 2022-01-26 13:54 - 000001988 _____ C:\Users\Public\Desktop\Awakened PoE Trade.lnk
2022-01-26 13:54 - 2022-01-26 13:54 - 000000000 ____D C:\Program Files\Awakened PoE Trade
2022-01-26 13:53 - 2022-01-26 13:53 - 060617518 _____ (Alexander Drozdov) C:\Users\User\Downloads\Awakened-PoE-Trade-Setup-2.14.1.exe
2022-01-26 10:57 - 2022-01-26 10:57 - 000194480 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2022-01-26 10:57 - 2022-01-26 10:57 - 000156792 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2022-01-26 10:57 - 2022-01-26 10:57 - 000069040 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2022-01-26 10:46 - 2022-01-26 10:46 - 000073462 _____ C:\Users\User\Downloads\vypoved-zmluvy-o-internetovom-pripojeni.pdf
2022-01-26 10:28 - 2022-01-26 10:39 - 000000000 ____D C:\Users\User\AppData\Roaming\Spotify
2022-01-26 10:28 - 2022-01-26 10:28 - 000726552 _____ (Spotify Ltd) C:\Users\User\Downloads\SpotifySetup (1).exe
2022-01-26 08:30 - 2022-01-26 08:30 - 000000000 ____D C:\Users\User\AppData\Local\PeerDistRepub
2022-01-26 08:11 - 2022-01-26 08:11 - 000003138 _____ C:\WINDOWS\system32\Tasks\Uninstaller_SkipUac_User
2022-01-26 08:10 - 2022-01-26 08:10 - 015350472 _____ (JAM Software ) C:\Users\User\Downloads\HeavyLoad-x64-Setup.exe
2022-01-26 08:09 - 2022-01-26 20:04 - 000249031 _____ C:\WINDOWS\ZAM.krnl.trace
2022-01-26 08:09 - 2022-01-26 08:09 - 013922376 _____ (Zemana Ltd. ) C:\Users\User\Downloads\AntiMalware_Setup.exe
2022-01-26 08:09 - 2022-01-26 08:09 - 000232792 _____ (Copyright 2018.) C:\WINDOWS\system32\Drivers\amsdk.sys
2022-01-26 08:09 - 2022-01-26 08:09 - 000003556 _____ C:\WINDOWS\system32\Tasks\AMHelper
2022-01-26 08:09 - 2022-01-26 08:09 - 000001333 _____ C:\Users\Public\Desktop\Zemana AntiMalware.lnk
2022-01-26 08:09 - 2022-01-26 08:09 - 000000000 ____D C:\Users\User\AppData\Local\Zemana
2022-01-26 08:09 - 2022-01-26 08:09 - 000000000 ____D C:\Users\User\AppData\Local\AMSDK
2022-01-26 08:09 - 2022-01-26 08:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware
2022-01-26 08:09 - 2022-01-26 08:09 - 000000000 ____D C:\Program Files (x86)\Zemana
2022-01-26 08:08 - 2022-01-26 08:11 - 000000000 ____D C:\ProgramData\ProductData
2022-01-26 08:06 - 2022-01-26 08:06 - 000220568 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2022-01-26 08:06 - 2022-01-26 08:06 - 000000000 ____D C:\ProgramData\DigitalWave.ApplicationUpdater_files
2022-01-26 08:05 - 2014-02-13 23:59 - 000024064 _____ C:\WINDOWS\zoek-delete.exe
2022-01-25 22:01 - 2022-01-25 22:01 - 000002775 _____ C:\Users\Public\Desktop\Sophos Virus Removal Tool.lnk
2022-01-25 22:01 - 2022-01-25 22:01 - 000000000 ____D C:\ProgramData\Sophos
2022-01-25 22:01 - 2022-01-25 22:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos
2022-01-25 22:01 - 2022-01-25 22:01 - 000000000 ____D C:\Program Files (x86)\Sophos
2022-01-25 21:59 - 2022-01-25 22:00 - 185115928 _____ (Sophos Limited) C:\Users\User\Desktop\Sophos Virus Removal Tool.exe
2022-01-25 20:13 - 2022-01-26 00:05 - 000003320 _____ C:\Users\User\Desktop\rogue_report.txt
2022-01-25 20:11 - 2022-01-25 20:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2022-01-25 20:11 - 2022-01-25 20:11 - 000000000 ____D C:\Program Files\RogueKiller
2022-01-25 17:54 - 2022-01-25 17:54 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2022-01-25 17:54 - 2022-01-25 17:54 - 000160176 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2022-01-25 17:54 - 2022-01-25 17:54 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2022-01-25 17:54 - 2022-01-25 17:54 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2022-01-25 17:54 - 2022-01-25 17:54 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2022-01-25 17:54 - 2022-01-25 17:54 - 000000000 ____D C:\Users\User\AppData\Local\mbam
2022-01-25 17:53 - 2022-01-25 17:53 - 000000000 ____D C:\ProgramData\Malwarebytes
2022-01-25 17:52 - 2022-01-25 17:52 - 002911928 _____ (Malwarebytes) C:\Users\User\Desktop\MBSetup.exe
2022-01-25 17:47 - 2022-01-25 17:47 - 000050688 _____ (Atribune.org) C:\Users\User\Desktop\ATF-Cleaner.exe
2022-01-25 12:25 - 2022-01-26 17:49 - 000000000 ____D C:\Users\User\Downloads\backups
2022-01-24 11:02 - 2022-01-24 11:02 - 000000000 ____D C:\Users\User\Documents\Portia
2022-01-24 10:36 - 2022-01-24 10:36 - 000000222 _____ C:\Users\User\Desktop\My Time At Portia.url
2022-01-23 13:10 - 2022-01-23 13:10 - 000000000 ____D C:\Users\User\AppData\Local\poe-secondscreen-updater
2022-01-21 21:32 - 2022-01-21 21:32 - 000001066 _____ C:\Users\Public\Desktop\Origin.lnk
2022-01-21 21:32 - 2022-01-21 21:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2022-01-21 21:31 - 2022-01-21 21:32 - 000000000 ____D C:\Program Files (x86)\Origin
2022-01-21 21:30 - 2022-01-21 21:41 - 000000000 ____D C:\Users\User\AppData\Roaming\Origin
2022-01-21 21:30 - 2022-01-21 21:41 - 000000000 ____D C:\ProgramData\Origin
2022-01-21 21:30 - 2022-01-21 21:40 - 000000000 ____D C:\Users\User\AppData\Local\Origin
2022-01-21 21:30 - 2022-01-21 21:30 - 000000000 ____D C:\Users\User\.Origin
2022-01-21 21:12 - 2022-01-21 21:12 - 000000540 _____ C:\Users\User\Desktop\dysmantle.mamc
2022-01-20 23:00 - 2022-01-11 00:54 - 000039080 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhdap64.dll
2022-01-20 22:58 - 2022-01-11 13:28 - 001879784 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2022-01-20 22:58 - 2022-01-11 13:28 - 001879784 _____ C:\WINDOWS\system32\vulkaninfo.exe
2022-01-20 22:58 - 2022-01-11 13:28 - 001467872 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2022-01-20 22:58 - 2022-01-11 13:28 - 001454824 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2022-01-20 22:58 - 2022-01-11 13:28 - 001454824 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2022-01-20 22:58 - 2022-01-11 13:28 - 001206400 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2022-01-20 22:58 - 2022-01-11 13:28 - 001115368 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2022-01-20 22:58 - 2022-01-11 13:28 - 001115368 _____ C:\WINDOWS\system32\vulkan-1.dll
2022-01-20 22:58 - 2022-01-11 13:28 - 000969448 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2022-01-20 22:58 - 2022-01-11 13:28 - 000969448 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2022-01-20 22:58 - 2022-01-11 13:25 - 001529512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2022-01-20 22:58 - 2022-01-11 13:25 - 001179096 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2022-01-20 22:58 - 2022-01-11 13:25 - 000797096 _____ C:\WINDOWS\system32\nvofapi64.dll
2022-01-20 22:58 - 2022-01-11 13:25 - 000710824 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2022-01-20 22:58 - 2022-01-11 13:25 - 000710776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2022-01-20 22:58 - 2022-01-11 13:25 - 000637864 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2022-01-20 22:58 - 2022-01-11 13:24 - 002119792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2022-01-20 22:58 - 2022-01-11 13:24 - 001601144 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2022-01-20 22:58 - 2022-01-11 13:24 - 000983208 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2022-01-20 22:58 - 2022-01-11 13:24 - 000455792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2022-01-20 22:58 - 2022-01-11 13:23 - 008609920 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2022-01-20 22:58 - 2022-01-11 13:23 - 007713392 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2022-01-20 22:58 - 2022-01-11 13:23 - 005734568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2022-01-20 22:58 - 2022-01-11 13:23 - 005099176 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2022-01-20 22:58 - 2022-01-11 13:23 - 002934696 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2022-01-20 22:58 - 2022-01-11 13:22 - 000850088 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2022-01-20 22:58 - 2022-01-11 00:54 - 000089178 _____ C:\WINDOWS\system32\nvinfo.pb
2022-01-20 22:12 - 2021-11-16 19:36 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2022-01-20 12:56 - 2022-01-20 12:56 - 000001171 _____ C:\Users\Public\Desktop\Unified Remote.lnk
2022-01-19 09:10 - 2022-01-19 09:10 - 005227019 _____ C:\Users\User\Desktop\namebench-1.3.1-Windows.exe
2022-01-18 11:25 - 2022-01-18 11:25 - 000000652 _____ C:\Users\User\Desktop\expedition.mamc
2022-01-16 22:54 - 2022-01-16 22:54 - 000000000 ____D C:\Users\User\AppData\Local\Apple
2022-01-15 11:25 - 2022-01-15 11:25 - 000000000 ____D C:\Users\User\Documents\Train Station Renovation
2022-01-15 10:52 - 2022-01-15 10:52 - 038496951 _____ C:\Users\User\Desktop\Pepe the frog.mp4
2022-01-15 10:37 - 2022-01-15 10:37 - 000000222 _____ C:\Users\User\Desktop\Train Station Renovation.url
2022-01-14 09:41 - 2011-01-31 18:10 - 000000000 ____D C:\Users\User\Desktop\WinMTR-v092
2022-01-13 23:58 - 2022-01-13 23:58 - 000523776 _____ (curl, hxxps://curl.se/) C:\WINDOWS\system32\curl.exe
2022-01-13 23:58 - 2022-01-13 23:58 - 000464384 _____ (curl, hxxps://curl.se/) C:\WINDOWS\SysWOW64\curl.exe
2022-01-13 23:58 - 2022-01-13 23:58 - 000011797 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-01-13 23:52 - 2022-01-13 23:52 - 000000000 ___HD C:\$WinREAgent
2022-01-11 23:44 - 2022-01-20 15:32 - 000000000 ____D C:\Users\User\AppData\Local\Adobe
2022-01-11 23:39 - 2022-01-11 23:39 - 000000000 ____D C:\Users\User\AppData\Roaming\NVIDIA
2022-01-11 23:31 - 2022-01-11 23:31 - 000000000 ____D C:\WINDOWS\SystemTemp
2022-01-05 00:14 - 2022-01-05 00:14 - 000000000 ____D C:\Users\User\AppData\Roaming\10tons
2022-01-05 00:11 - 2022-01-05 00:11 - 000000222 _____ C:\Users\User\Desktop\DYSMANTLE.url
2022-01-04 17:39 - 2022-01-04 17:39 - 000000000 ____D C:\Users\User\Xiaomi Cloud
2022-01-04 17:38 - 2022-01-04 17:38 - 000000000 ____D C:\Users\User\AppData\Local\xiaomicloud-updater
2022-01-04 17:36 - 2022-01-04 17:36 - 003604052 _____ C:\Users\User\Downloads\4105ba23-2e2f-4186-8d55-729fa38c542d.tmp
2022-01-04 17:36 - 2022-01-04 17:36 - 002564116 _____ C:\Users\User\Downloads\e664cbfc-3df6-44d7-8a1b-5578e680eb0a.tmp
2022-01-04 17:36 - 2022-01-04 17:36 - 000500404 _____ C:\Users\User\Downloads\0830bf67-87d6-4aee-9e92-a7e7f4ff942c.tmp
2022-01-04 17:36 - 2022-01-04 17:36 - 000474212 _____ C:\Users\User\Downloads\d6fa215d-9869-4cc3-95ca-2d942b5b42c8.tmp
2022-01-04 17:36 - 2022-01-04 17:36 - 000458184 _____ C:\Users\User\Downloads\fd41aee1-cd3c-447b-81b7-49ca20a9333e.tmp
2022-01-04 17:36 - 2022-01-04 17:36 - 000432680 _____ C:\Users\User\Downloads\3b18d358-72a6-437b-907e-b73a41a611a5.tmp
2022-01-04 17:36 - 2022-01-04 17:36 - 000396260 _____ C:\Users\User\Downloads\896567de-af05-4df8-85a2-8dda337f95ca.tmp
2022-01-04 17:36 - 2022-01-04 17:36 - 000212669 _____ C:\Users\User\Downloads\45b3d97f-32a5-4a21-9ee4-95a6232188f7.tmp
2022-01-04 17:36 - 2022-01-04 17:36 - 000016060 _____ C:\Users\User\Downloads\4d4ac1ff-72e7-4375-a655-3d8139319575.tmp
2022-01-04 15:03 - 2022-01-04 15:53 - 000000000 ____D C:\Users\User\AppData\Local\The Witcher
2022-01-04 15:03 - 2022-01-04 15:03 - 000000000 ____D C:\Users\User\Documents\The Witcher
2022-01-04 15:01 - 2022-01-04 15:01 - 000000000 ____D C:\Users\Public\Documents\The Witcher
2022-01-04 12:43 - 2022-01-04 12:43 - 000000000 ____D C:\Users\User\AppData\LocalLow\Perun Creative
2022-01-01 00:35 - 2022-01-01 00:35 - 000000223 _____ C:\Users\User\Desktop\SnowRunner.url
2021-12-31 20:09 - 2021-12-31 20:09 - 000000000 ____D C:\Users\User\AppData\LocalLow\Entertainment Forge
Nahoru
nermitus
Level 2
Level 2
Příspěvky: 207
Registrován: prosinec 14
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu

Příspěvekod nermitus » 26 led 2022 20:08

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-01-26 20:04 - 2017-08-12 22:34 - 000000000 ____D C:\ProgramData\Bitmeter2
2022-01-26 20:02 - 2017-08-12 22:00 - 025341896 _____ C:\WINDOWS\system32\Drivers\fvstore.dat
2022-01-26 19:58 - 2020-09-20 05:02 - 000000000 ____D C:\Users\User\AppData\Roaming\awakened-poe-trade
2022-01-26 19:34 - 2021-09-08 14:53 - 000000000 ____D C:\Users\User\.Ld2VirtualBox
2022-01-26 19:30 - 2018-04-07 21:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
2022-01-26 19:26 - 2020-11-15 06:16 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-01-26 19:11 - 2017-08-12 21:48 - 000000000 ____D C:\Program Files (x86)\Google
2022-01-26 18:12 - 2018-01-29 16:25 - 000000000 ____D C:\ProgramData\Unified Remote
2022-01-26 17:50 - 2018-03-24 12:14 - 000000000 ____D C:\ProgramData\RogueKiller
2022-01-26 17:49 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-01-26 13:56 - 2018-05-20 19:53 - 000000000 ____D C:\Users\User\AppData\Local\D3DSCache
2022-01-26 12:25 - 2017-05-31 17:56 - 000000000 ____D C:\ProgramData\NVIDIA
2022-01-26 12:19 - 2021-05-30 20:44 - 000000000 ____D C:\Program Files\CCleaner
2022-01-26 11:04 - 2020-11-15 06:25 - 005882410 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-01-26 11:04 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2022-01-26 11:04 - 2017-05-31 18:14 - 003795264 _____ C:\WINDOWS\system32\perfh01B.dat
2022-01-26 11:04 - 2017-05-31 18:14 - 001170672 _____ C:\WINDOWS\system32\perfc01B.dat
2022-01-26 10:57 - 2021-01-10 08:54 - 000003140 _____ C:\WINDOWS\system32\Tasks\MSIAfterburner
2022-01-26 10:57 - 2020-11-15 06:21 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-01-26 10:57 - 2020-11-15 06:16 - 000008192 ___SH C:\DumpStack.log.tmp
2022-01-26 10:57 - 2019-02-27 15:17 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2022-01-26 10:57 - 2017-05-31 18:18 - 000000000 ____D C:\Program Files (x86)\SpeedFan
2022-01-26 10:56 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2022-01-26 10:47 - 2018-02-02 15:04 - 000000000 ____D C:\Users\User\AppData\Local\Packages
2022-01-26 10:32 - 2018-02-26 13:21 - 000000000 ____D C:\Users\User\AppData\Local\Spotify
2022-01-26 10:28 - 2018-02-26 13:21 - 000001845 _____ C:\Users\User\Desktop\Spotify.lnk
2022-01-26 10:28 - 2018-02-26 13:21 - 000001831 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2022-01-26 08:06 - 2017-09-05 16:28 - 000000008 __RSH C:\ProgramData\ntuser.pol
2022-01-26 08:00 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2022-01-26 08:00 - 2017-03-18 22:03 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2022-01-26 07:38 - 2017-08-20 07:30 - 000000000 ____D C:\Users\User\AppData\Local\CrashDumps
2022-01-26 07:32 - 2017-08-12 21:51 - 001474832 _____ C:\WINDOWS\system32\Drivers\sfi.dat
2022-01-26 06:37 - 2018-10-16 09:23 - 000000000 ____D C:\Users\User\AppData\Local\Discord
2022-01-26 00:43 - 2020-11-28 08:49 - 000003480 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6bb0f1fc44b0
2022-01-26 00:43 - 2020-11-15 06:21 - 000003576 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-01-25 19:58 - 2017-09-05 12:02 - 000000000 ____D C:\Users\User\AppData\Roaming\IObit
2022-01-25 17:57 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-01-25 17:54 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2022-01-25 17:53 - 2018-03-23 10:39 - 000000000 ____D C:\Program Files\Malwarebytes
2022-01-25 17:48 - 2017-09-13 17:41 - 000007594 _____ C:\Users\User\AppData\Local\Resmon.ResmonCfg
2022-01-25 17:40 - 2017-08-18 17:39 - 000000000 ____D C:\Program Files (x86)\Steam
2022-01-25 12:06 - 2021-12-14 08:33 - 000000000 ____D C:\Users\User\Desktop\Nový priečinok (2)
2022-01-25 08:12 - 2017-08-12 21:49 - 000002313 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-01-25 08:12 - 2017-08-12 21:49 - 000002272 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-01-24 08:44 - 2018-01-02 06:35 - 000000000 ____D C:\Users\User\AppData\Roaming\vlc
2022-01-23 20:30 - 2021-12-18 17:37 - 000000000 ____D C:\Users\User\AppData\Roaming\Kodi
2022-01-22 15:41 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-01-22 06:43 - 2020-08-10 15:27 - 000002444 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-01-22 06:43 - 2020-08-10 15:27 - 000002282 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2022-01-21 18:53 - 2019-02-23 16:06 - 000002430 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brave.lnk
2022-01-21 18:53 - 2019-02-23 16:06 - 000002389 _____ C:\Users\Public\Desktop\Brave.lnk
2022-01-20 23:02 - 2017-08-12 21:53 - 000000000 ____D C:\Users\User\AppData\Local\NVIDIA
2022-01-20 22:12 - 2020-11-15 06:21 - 000004308 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-01-20 22:12 - 2020-11-15 06:21 - 000003976 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-01-20 22:12 - 2020-11-15 06:21 - 000003940 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-01-20 22:12 - 2020-11-15 06:21 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-01-20 22:12 - 2020-11-15 06:21 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-01-20 22:12 - 2020-11-15 06:21 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-01-20 22:12 - 2020-11-15 06:21 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-01-20 22:12 - 2017-05-31 17:56 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2022-01-20 22:12 - 2017-05-31 17:56 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2022-01-20 22:12 - 2017-05-31 17:56 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2022-01-20 22:11 - 2020-11-15 06:21 - 000003894 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-01-20 22:11 - 2020-11-15 06:21 - 000003654 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2022-01-20 19:03 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2022-01-20 15:21 - 2020-11-15 06:21 - 000003840 _____ C:\WINDOWS\system32\Tasks\Intel PTT EK Recertification
2022-01-20 15:20 - 2020-11-15 06:16 - 000452160 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-01-20 15:19 - 2019-12-07 15:41 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2022-01-20 15:19 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2022-01-20 15:19 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-01-20 15:19 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-01-20 15:19 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2022-01-20 15:19 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-01-20 15:19 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-01-20 15:19 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-01-20 12:56 - 2018-01-29 16:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unified Remote 3
2022-01-20 12:56 - 2018-01-29 16:25 - 000000000 ____D C:\Program Files (x86)\Unified Remote 3
2022-01-20 00:05 - 2020-11-15 06:21 - 000003458 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2022-01-20 00:05 - 2020-11-15 06:21 - 000003334 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2022-01-17 12:50 - 2020-11-23 17:05 - 000000000 ____D C:\Users\User\AppData\Local\NordVPN
2022-01-16 14:09 - 2017-10-19 09:48 - 000000000 ____D C:\Program Files\Microsoft Office
2022-01-14 00:00 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-01-13 23:52 - 2017-05-31 18:16 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-01-13 23:50 - 2017-05-31 18:16 - 145765912 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-01-13 18:51 - 2021-12-20 09:16 - 000001018 _____ C:\Users\Public\Desktop\PotPlayer 64 bit.lnk
2022-01-13 14:15 - 2020-11-15 06:21 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2022-01-13 14:15 - 2017-08-13 14:57 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2022-01-11 23:50 - 2020-11-22 12:20 - 000000000 ____D C:\Users\User\Documents\My Games
2022-01-11 23:31 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-01-11 23:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2022-01-11 23:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2022-01-11 23:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2022-01-11 23:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2022-01-11 23:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2022-01-11 23:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2022-01-11 23:27 - 2017-09-05 12:02 - 000000000 ____D C:\ProgramData\IObit
2022-01-11 13:24 - 2021-11-17 11:53 - 000792688 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2022-01-11 13:21 - 2021-11-17 11:53 - 007610232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2022-01-11 13:21 - 2021-11-17 11:53 - 006455824 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2022-01-11 00:54 - 2021-11-17 11:54 - 000118952 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2022-01-04 17:44 - 2021-12-20 00:40 - 000000219 _____ C:\Users\User\Desktop\algo.txt
2021-12-31 06:33 - 2021-11-29 23:05 - 000000000 ____D C:\Program Files (x86)\Last Epoch
2021-12-27 21:20 - 2020-06-11 21:06 - 000000000 ____D C:\Users\User\AppData\Roaming\foobar2000

==================== Files in the root of some directories ========

2021-09-08 14:53 - 2021-09-08 14:53 - 000000068 _____ () C:\Users\User\AppData\Roaming\changzhi_leidian.data
2021-09-08 14:53 - 2021-09-08 14:53 - 000000050 _____ () C:\Users\User\AppData\Roaming\changzhi_leidianmac.data
2017-05-31 18:18 - 2017-05-31 18:18 - 000728064 _____ () C:\Users\User\AppData\Local\file__0.localstorage
2017-09-13 17:41 - 2022-01-25 17:48 - 000007594 _____ () C:\Users\User\AppData\Local\Resmon.ResmonCfg
2017-11-25 17:47 - 2017-11-25 17:47 - 000000425 _____ () C:\Users\User\AppData\Local\UserProducts.xml

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================
Nahoru
nermitus
Level 2
Level 2
Příspěvky: 207
Registrován: prosinec 14
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu

Příspěvekod nermitus » 26 led 2022 20:09

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-01-2022
Ran by User (26-01-2022 20:04:56)
Running from C:\Users\User\Desktop
Microsoft Windows 10 Pro Version 20H2 19042.1466 (X64) (2020-11-15 05:21:47)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-2617044153-1973433787-3727689247-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2617044153-1973433787-3727689247-503 - Limited - Disabled)
Guest (S-1-5-21-2617044153-1973433787-3727689247-501 - Limited - Disabled)
User (S-1-5-21-2617044153-1973433787-3727689247-1001 - Administrator - Enabled) => C:\Users\User
WDAGUtilityAccount (S-1-5-21-2617044153-1973433787-3727689247-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: COMODO Antivirus (Disabled - Up to date) {9E3E06E3-F8E0-3C44-2336-BBD8AF8F84B8}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: COMODO Antivirus (Disabled - Up to date) {05BC7AB5-FF0E-71EC-1054-15DA19B62DC7}
AS: COMODO Advanced Protection (Enabled - Up to date) {255FE707-DEDA-33CA-1986-80AAD408CE05}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: COMODO Firewall (Disabled) {A60587C6-B28F-3D1C-0869-12ED515CC3C3}
FW: COMODO Firewall (Disabled) {3D87FB90-B561-70B4-3B0B-BCEFE7656ABC}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

3DMark (HKLM\...\{55B50DFB-C31F-4D90-9B7F-75233BE6DCC6}) (Version: 2.3.3693.0 - Futuremark) Hidden
ADATA SSD ToolBox version 3.0.3 (HKLM-x32\...\{C0991D3E-8786-48E7-A5DB-57FBACB0A03A}_is1) (Version: 3.0.3 - ADATA, Inc.)
Adobe Acrobat Reader DC - Slovak (HKLM-x32\...\{AC76BA86-7AD7-1051-7B44-AC0F074E4100}) (Version: 21.011.20039 - Adobe Systems Incorporated)
Aplikácie Microsoft 365 pre veľké organizácie - sk-sk (HKLM\...\O365ProPlusRetail - sk-sk) (Version: 16.0.14729.20260 - Microsoft Corporation)
Apple Software Update (HKLM-x32\...\{6956856F-B6B3-4BE0-BA0B-8F495BE32033}) (Version: 2.1.1.116 - Apple Inc.)
Auto Mouse Click v29.1 (HKLM-x32\...\{F5E3859D-0720-41F0-BAF5-4CBCDFD8F406}_is1) (Version: 29.1 - MurGee.com)
AutoHotkey 1.1.32.00 (HKLM\...\AutoHotkey) (Version: 1.1.32.00 - Lexikos)
Awakened PoE Trade 2.14.1 (HKLM\...\2ea281da-028b-5d55-b26e-53163c89344a) (Version: 2.14.1 - Alexander Drozdov)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Binance 1.23.1 (HKLM\...\Binance) (Version: 1.23.1 - BinanceTech)
BitMeter (HKLM-x32\...\BitMeter) (Version: - )
Bloody7 (HKLM-x32\...\Bloody3) (Version: 21.10.0002 - Bloody)
BlueStacks 5 (HKLM\...\BlueStacks_nxt) (Version: 5.2.50.1002 - BlueStack Systems, Inc.)
Brave (HKLM-x32\...\BraveSoftware Brave-Browser) (Version: 97.1.34.81 - Autori prehliadača Brave)
Brave (HKU\S-1-5-21-2617044153-1973433787-3727689247-1001\...\Brave) (Version: 0.27.3 - Brave Software)
Brave (HKU\S-1-5-21-2617044153-1973433787-3727689247-1001\...\BraveSoftware Brave-Browser) (Version: 71.0.58.21 - Autori prehliadača Brave)
CCleaner (HKLM\...\CCleaner) (Version: 5.82 - Piriform)
Cok Free Auto Clicker 3.0 (HKLM-x32\...\Cok Free Auto Clicker_is1) (Version: 3.0 - Cok Software)
COMODO Internet Security Premium (HKLM\...\{51E5F3BE-F3D1-4F44-B49F-05BFA7E0D2D2}) (Version: 12.2.2.8012 - COMODO Security Solutions Inc.) Hidden
COMODO Internet Security Premium (HKLM\...\COMODO Internet Security) (Version: 12.2.2.8012 - COMODO Security Solutions Inc.)
CPUID CPU-Z 1.87 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.87 - CPUID, Inc.)
CPUID HWMonitor 1.41 (HKLM\...\CPUID HWMonitor_is1) (Version: 1.41 - CPUID, Inc.)
CrystalDiskInfo 7.6.0 Shizuku Edition (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 7.6.0 - Crystal Dew World)
CrystalDiskInfo 8.13.2 (64-bit) (HKLM\...\CrystalDiskInfo_is1) (Version: 8.13.2 - Crystal Dew World)
Discord (HKU\S-1-5-21-2617044153-1973433787-3727689247-1001\...\Discord) (Version: 0.0.309 - Discord Inc.)
Epic Games Launcher (HKLM-x32\...\{A7BBC0A6-3DB0-41CC-BCED-DDFC5D4F3060}) (Version: 1.2.17.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32\...\{32C68D93-D32F-4B01-8250-61642BFC22F8}) (Version: 2.0.28.0 - Epic Games, Inc.)
Exilence Next 1.1.6 (HKU\S-1-5-21-2617044153-1973433787-3727689247-1001\...\58032b8c-4c17-5b0e-b3bc-74d53946ba55) (Version: 1.1.6 - )
FileZilla Client 3.46.0 (HKLM-x32\...\FileZilla Client) (Version: 3.46.0 - Tim Kosse)
foobar2000 v1.5.4 (HKLM-x32\...\foobar2000) (Version: 1.5.4 - Peter Pawlowski)
Free Video To MP3 Converter (HKLM-x32\...\Free Video To MP3 Converter_is1) (Version: 5.1.8.310 - Digital Wave Ltd)
GOG GALAXY (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 97.0.4692.99 - Google LLC)
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.99.0 - Google Inc.) Hidden
Cheat Engine 6.7 (HKLM-x32\...\Cheat Engine 6.7_is1) (Version: - Cheat Engine)
IObit Uninstaller 11 (HKLM-x32\...\IObitUninstall) (Version: 11.0.1.14 - IObit)
Java 8 Update 241 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180241F0}) (Version: 8.0.2410.7 - Oracle Corporation)
Kodi (HKU\S-1-5-21-2617044153-1973433787-3727689247-1001\...\Kodi) (Version: 19.3.0.0 - XBMC Foundation)
Last Epoch (HKLM-x32\...\{2F171AB5-1EE6-4562-A9A9-3FEA1D9DC4B8}_is1) (Version: 1 - Eleventh Hour Games)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
LAV Filters 0.74.1 (HKLM-x32\...\lavfilters_is1) (Version: 0.74.1 - Hendrik Leppkes)
LDPlayer (HKLM-x32\...\LDPlayer4) (Version: 4.0.68 - XUANZHI INTERNATIONAL CO., LIMITED)
Lightshot-5.4.0.35 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.4.0.35 - Skillbrains)
LuaEdit 2010 (x86 - 3.0.10.0) (HKLM-x32\...\LuaEdit 2010_is1) (Version: - Open Source)
Malwarebytes version 4.5.2.157 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.2.157 - Malwarebytes)
MediaTek SP Driver version 5.16.32.04 (HKLM\...\MediaTek SP Driver_is1) (Version: 5.16.32.04 - MediaTek.Inc.)
Microsoft 365 Apps for enterprise - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 16.0.14729.20260 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 97.0.1072.69 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 97.0.1072.69 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-2617044153-1973433787-3727689247-1001\...\Teams) (Version: 1.2.00.17057 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{29B15818-E79F-4AB0-8938-9410C807AD76}) (Version: 2.84.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.29.30133 (HKLM-x32\...\{295d1583-fdb9-414b-a4c8-da539362a26b}) (Version: 14.29.30133.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29334 (HKLM-x32\...\{b2d0f752-adc5-496e-8f70-8669de01f746}) (Version: 14.28.29334.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Mozilla Firefox 57.0.3 (x64 sk) (HKLM\...\Mozilla Firefox 57.0.3 (x64 sk)) (Version: 57.0.3 - Mozilla)
MSI Afterburner 4.6.4 (HKLM-x32\...\Afterburner) (Version: 4.6.4 - MSI Co., LTD)
Mullvad-Wintun (HKLM\...\{3F8BDD2B-DF33-4D58-9963-6236A41BE905}) (Version: 1.0 - Amagicom AB) Hidden
MySQL Server 5.6 (HKLM\...\{56DA0CB5-ABD2-4318-BEAB-62FDBC9B12CC}) (Version: 5.6.10 - Oracle Corporation)
NordVPN (HKLM\...\{19465C24-3D5D-4327-B99F-3CC0A1D38151}_is1) (Version: 6.41.11.0 - TEFINCOM S.A.)
NordVPN network TAP (HKLM-x32\...\{97DEC5D6-2BE9-45BB-BFC5-274B851B486B}) (Version: 1.0.1 - NordVPN)
NordVPN network TUN (HKLM\...\{BD0E4F38-D3F6-452D-A32E-B14D721839AC}) (Version: 1.0.1 - NordVPN)
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 8.1.1 - Notepad++ Team)
NVIDIA FrameView SDK 1.2.4999.30397803 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.2.4999.30397803 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.24.0.126 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.24.0.126 - NVIDIA Corporation)
NVIDIA Grafický ovládač 511.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 511.23 - NVIDIA Corporation)
NVIDIA Ovládač zvuku HD 1.3.39.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.39.1 - NVIDIA Corporation)
NVIDIA Softvér systému s podporou technológie PhysX 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.14729.20260 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.14729.20260 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 10.5.110.50000 - Electronic Arts, Inc.)
Path of Building Community (HKU\S-1-5-21-2617044153-1973433787-3727689247-1001\...\Path of Building Community) (Version: 2.11.0 - Path of Building Community)
Path of Exile (HKLM-x32\...\{90A4562F-D4A1-4B65-906D-41F236CF6902}) (Version: 3.16.1.54954 - Grinding Gear Games) Hidden
Path of Exile (HKLM-x32\...\{f14a2334-0511-4225-9f2a-2d55fb683e6c}) (Version: 3.16.1.54954 - Grinding Gear Games)
PC Sleep (HKLM-x32\...\{11BD0F20-27DC-4584-AD10-9E99F32F8501}) (Version: 2.2.0 - www.pc-sleep.com)
PotPlayer-64 bit (HKLM\...\PotPlayer64) (Version: 220106 - Kakao Corp.)
ProjectLibre (HKLM-x32\...\{4E352A24-AE3C-482F-9409-3E1C2B7ABED8}) (Version: 1.7.0.0 - ProjectLibre)
ProtonVPNTap (HKLM-x32\...\{BCB82CD9-F514-4F93-A6D9-F898494DC927}) (Version: 1.1.0 - Proton Technologies AG)
qBittorrent 4.3.7 (HKLM-x32\...\qBittorrent) (Version: 4.3.7 - The qBittorrent project)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8117 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
RivaTuner Statistics Server 7.3.3 (HKLM-x32\...\RTSS) (Version: 7.3.3 - Unwinder)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.52.574 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.9.3 - Rockstar Games)
RogueKiller version 15.2.0.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 15.2.0.0 - Adlice Software)
Sophos Virus Removal Tool (HKLM-x32\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.9.0 - Sophos Limited)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
Spotify (HKU\S-1-5-21-2617044153-1973433787-3727689247-1001\...\Spotify) (Version: 1.1.77.643.g3c4c6fc6 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.2.0.17057 - Microsoft Corporation)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.25.6 - TeamViewer)
Twitch (HKU\S-1-5-21-2617044153-1973433787-3727689247-1001\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 8.0.0 - Twitch Interactive, Inc.)
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 119.0.10382 - Ubisoft)
UE4 Prerequisites (x64) (HKLM-x32\...\{2890ae6b-90e9-448d-b3e6-97e43c21e2fd}) (Version: 1.0.13.0 - Epic Games, Inc.) Hidden
Unified Remote (HKLM-x32\...\{415B4714-4F8C-49C6-B310-881EAF892CFB}_is1) (Version: 3.11.0 - Unified Intents AB)
Unigine Superposition Benchmark 1.0 (HKLM\...\Superposition_is1) (Version: 1.0 - Unigine Corp.)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F14FB68A-9188-4036-AD0D-D054BC9C9291}) (Version: 2.59.0.0 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.16 - VideoLAN)
WhoCrashed 6.70 (HKLM\...\WhoCrashed_is1) (Version: - Resplendence Software Projects Sp.)
WhySoSlow 1.61 (HKLM\...\WhySoSlowHome_is1) (Version: - Resplendence Software Projects Sp.)
WinDirStat 1.1.2 (HKU\S-1-5-21-2617044153-1973433787-3727689247-1001\...\WinDirStat) (Version: - )
Windows Kontrola stavu počítača (HKLM\...\{DC04D0BB-5702-4932-ACFF-D39065DCB089}) (Version: 3.1.2109.29003 - Microsoft Corporation)
WinRAR 6.02 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.02.0 - win.rar GmbH)
Zemana AntiMalware version 3.2.28 (HKLM-x32\...\{4E1F3677-C72E-4F7D-B66E-85467B1A289E}_is1) (Version: 3.2.28 - Zemana)

Packages:
=========
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-06] (Autodesk Inc.)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_133.1.340.0_x64__v10z8vjag6ke6 [2021-12-13] (HP Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-21] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-21] (Microsoft Corporation) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.962.0_x64__56jybvy8sckqj [2022-01-19] (NVIDIA Corp.)
Telegram Desktop -> C:\Program Files\WindowsApps\TelegramMessengerLLP.TelegramDesktop_3.4.8.0_x64__t4vj0pshhgkwm [2022-01-22] (Telegram Messenger LLP) [Startup Task]
TuneIn Radio -> C:\Program Files\WindowsApps\TuneIn.TuneInRadio_4.0.7.0_x64__6bhtb546zcxnj [2019-09-20] (TuneIn) [MS Ad]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2617044153-1973433787-3727689247-1001_Classes\CLSID\{06B74C04-E813-4DD4-A972-172836EFA8D6}\InprocServer32 -> C:\Users\User\AppData\Local\BraveSoftware\Update\1.3.99.0\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2617044153-1973433787-3727689247-1001_Classes\CLSID\{06C9646D-2807-44C0-97D2-6DA0DB623DB4}\localserver32 -> "C:\Users\User\AppData\Local\BraveSoftware\Brave-Browser\Application\71.0.58.21\notification_helper.exe" => No File
CustomCLSID: HKU\S-1-5-21-2617044153-1973433787-3727689247-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\User\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.19127.3\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2617044153-1973433787-3727689247-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\User\AppData\Local\Microsoft\OneDrive\17.3.7289.1207\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-2617044153-1973433787-3727689247-1001_Classes\CLSID\{488E3BA0-A826-4958-9AC6-3F35ED8D62EB}\InprocServer32 -> C:\Users\User\AppData\Local\BraveSoftware\Update\1.3.99.0\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2617044153-1973433787-3727689247-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\User\AppData\Local\Microsoft\OneDrive\17.3.7289.1207\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-2617044153-1973433787-3727689247-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\User\AppData\Local\Microsoft\OneDrive\17.3.7289.1207\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-2617044153-1973433787-3727689247-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\User\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.19127.3\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana\AntiMalware\AM_ShellExt64.dll [2021-03-30] (Zemana D.O.O. Sarajevo -> Advanced Malware Protection. Copyright 2019.)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2020-09-24] (Notepad++ -> )
ContextMenuHandlers1: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
ContextMenuHandlers1: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2020-07-31] (IObit Information Technology -> IObit)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-01-25] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2020-07-31] (IObit Information Technology -> IObit)
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvmdi.inf_amd64_de900db96e9c1480\nvshext.dll [2022-01-11] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana\AntiMalware\AM_ShellExt64.dll [2021-03-30] (Zemana D.O.O. Sarajevo -> Advanced Malware Protection. Copyright 2019.)
ContextMenuHandlers6: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2021-01-22] (Comodo Security Solutions, Inc. -> COMODO)
ContextMenuHandlers6: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2020-07-31] (IObit Information Technology -> IObit)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-01-25] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\system32\rtvcvfw64.dll [246272 2012-09-28] () [File not signed]
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [247296 2012-09-28] () [File not signed]

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\User\Desktop\YouTube Music.lnk -> C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\chrome_proxy.exe (Brave Software, Inc.) -> --profile-directory=Default --app-id=cinhimbnkkaeohfgghhklpknlkffjgod
ShortcutWithArgument: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikácie Chrome\Readium.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=fepbnnnkkadjhjahcafoaglimekefifl
ShortcutWithArgument: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Brave\YouTube Music.lnk -> C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\chrome_proxy.exe (Brave Software, Inc.) -> --profile-directory=Default --app-id=cinhimbnkkaeohfgghhklpknlkffjgod

==================== Loaded Modules (Whitelisted) =============

2022-01-26 13:54 - 2022-01-26 13:54 - 000711680 _____ () [File not signed] \\?\C:\Users\User\AppData\Local\Temp\4b8bb9d6-5489-4f7e-a587-54e59b1a7c80.tmp.node
2022-01-26 13:54 - 2022-01-26 13:54 - 000579072 _____ () [File not signed] \\?\C:\Users\User\AppData\Local\Temp\82a6eaa4-5456-4e6c-b0bd-ae3311582e02.tmp.node
2022-01-26 13:54 - 2022-01-26 13:54 - 000599552 _____ () [File not signed] \\?\C:\Users\User\AppData\Local\Temp\e836e99a-6016-480a-ab67-80c7f16d2e1b.tmp.node
2021-12-04 21:41 - 2017-04-17 03:43 - 003852800 ____N () [File not signed] C:\Program Files (x86)\Bloody7\Bloody7\Data\Mouse\Forms\Internet_Advertisement\Internet_Advertisement_DLL.dll
2022-01-26 13:54 - 2021-10-24 16:30 - 002699264 _____ () [File not signed] C:\Program Files\Awakened PoE Trade\ffmpeg.dll
2022-01-26 13:54 - 2021-10-24 16:30 - 000442368 _____ () [File not signed] C:\Program Files\Awakened PoE Trade\libegl.dll
2022-01-26 13:54 - 2021-10-24 16:30 - 008143872 _____ () [File not signed] C:\Program Files\Awakened PoE Trade\libglesv2.dll
2022-01-26 13:54 - 2021-10-24 16:30 - 004646400 _____ () [File not signed] C:\Program Files\Awakened PoE Trade\vk_swiftshader.dll
2022-01-26 13:54 - 2021-10-24 16:30 - 000728576 _____ () [File not signed] C:\Program Files\Awakened PoE Trade\vulkan-1.dll
2022-01-06 02:23 - 2022-01-06 02:23 - 025990144 _____ () [File not signed] C:\Program Files\DAUM\PotPlayer\ffcodec64.dll
2021-05-25 07:22 - 2021-05-25 07:22 - 000292864 _____ () [File not signed] C:\Program Files\DAUM\PotPlayer\Module\FFmpeg4\FFmpegMininum64.dll
2021-05-25 06:36 - 2021-05-25 06:36 - 005343744 _____ () [File not signed] C:\Program Files\DAUM\PotPlayer\Module\OpenCodec\OpenCodecUnity64.dll
2022-01-26 08:06 - 2022-01-26 10:57 - 000192512 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\sfamcc00001.dll
2022-01-26 08:06 - 2022-01-26 10:57 - 000158720 _____ () [File not signed] C:\Users\User\AppData\Local\Temp\sfareca00001.dll
2018-01-29 16:25 - 2016-10-10 06:27 - 000556544 _____ (Soft Service Company) [File not signed] C:\Program Files (x86)\Unified Remote 3\wcl.dll
2022-01-21 21:32 - 2022-01-21 21:31 - 001282048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\LIBEAY32.dll
2022-01-21 21:32 - 2022-01-21 21:31 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\ssleay32.dll
2022-01-20 12:56 - 2017-05-29 04:55 - 001846272 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Unified Remote 3\libcryptoMD.dll
2022-01-20 12:56 - 2017-05-29 04:55 - 000382976 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Unified Remote 3\libsslMD.dll
2022-01-21 21:32 - 2022-01-21 21:31 - 001611264 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2022-01-21 21:32 - 2022-01-21 21:31 - 005487104 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Core.dll
2022-01-21 21:32 - 2022-01-21 21:31 - 005841920 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Gui.dll
2022-01-21 21:32 - 2022-01-21 21:31 - 001179136 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Network.dll
2022-01-21 21:32 - 2022-01-21 21:31 - 000146432 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebSockets.dll
2022-01-21 21:32 - 2022-01-21 21:31 - 005089792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2022-01-21 21:32 - 2022-01-21 21:31 - 000184832 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Xml.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\amsdk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\amsdk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2020-01-31] (IObit Information Technology -> IObit)
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2021-11-02] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-11-02] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_241\bin\ssv.dll [2020-03-21] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_241\bin\jp2ssv.dll [2020-03-21] (Oracle America, Inc. -> Oracle Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-01-16] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-01-16] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-01-16] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-01-16] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-01-16] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-01-16] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2022-01-16] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2022-01-16] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2017-03-18 22:03 - 2022-01-26 07:40 - 000000841 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common
HKU\S-1-5-21-2617044153-1973433787-3727689247-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\User\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\316402_56.jpg
DNS Servers: 8.8.4.4 - 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

Network Binding:
=============
Ethernet: COMODO Internet Security Firewall Driver -> inspect (enabled)
Ethernet: NordVPN LightWeight Firewall -> NordLwf (enabled)
Ethernet 2: COMODO Internet Security Firewall Driver -> inspect (enabled)
Ethernet 2: NordVPN LightWeight Firewall -> NordLwf (enabled)

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "Lightshot"
HKLM\...\StartupApproved\Run32: => "Opera Browser Assistant"
HKU\S-1-5-21-2617044153-1973433787-3727689247-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-2617044153-1973433787-3727689247-1001\...\StartupApproved\Run: => "OneDriveSetup"
HKU\S-1-5-21-2617044153-1973433787-3727689247-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-2617044153-1973433787-3727689247-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-2617044153-1973433787-3727689247-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_BCEA24321E5E4F1401136BBEDFB545FE"
HKU\S-1-5-21-2617044153-1973433787-3727689247-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-2617044153-1973433787-3727689247-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"
HKU\S-1-5-21-2617044153-1973433787-3727689247-1001\...\StartupApproved\Run: => "uTorrent"
HKU\S-1-5-21-2617044153-1973433787-3727689247-1001\...\StartupApproved\Run: => "BitTorrent"
HKU\S-1-5-21-2617044153-1973433787-3727689247-1001\...\StartupApproved\Run: => "Lync"
HKU\S-1-5-21-2617044153-1973433787-3727689247-1001\...\StartupApproved\Run: => "PlariumPlay"
HKU\S-1-5-21-2617044153-1973433787-3727689247-1001\...\StartupApproved\Run: => "NordVPN"
HKU\S-1-5-21-2617044153-1973433787-3727689247-1001\...\StartupApproved\Run: => "GogGalaxy"
HKU\S-1-5-21-2617044153-1973433787-3727689247-1001\...\StartupApproved\Run: => "JellyfinTray"
HKU\S-1-5-21-2617044153-1973433787-3727689247-1001\...\StartupApproved\Run: => "Overwolf"
HKU\S-1-5-21-2617044153-1973433787-3727689247-1001\...\StartupApproved\Run: => "TSMApplication"
HKU\S-1-5-21-2617044153-1973433787-3727689247-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
Nahoru
nermitus
Level 2
Level 2
Příspěvky: 207
Registrován: prosinec 14
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu logu

Příspěvekod nermitus » 26 led 2022 20:09

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [TCP Query User{5D1680EC-995B-403E-90AE-E3A8D92FDBEB}C:\program files (x86)\bravesoftware\brave-browser\application\brave.exe] => (Allow) C:\program files (x86)\bravesoftware\brave-browser\application\brave.exe (Brave Software, Inc. -> Brave Software, Inc.)
FirewallRules: [UDP Query User{57EE4B92-9071-4864-85BC-5DAD8AA307FE}C:\program files (x86)\bravesoftware\brave-browser\application\brave.exe] => (Allow) C:\program files (x86)\bravesoftware\brave-browser\application\brave.exe (Brave Software, Inc. -> Brave Software, Inc.)
FirewallRules: [TCP Query User{660FF7E0-E6B8-48F6-9ACF-3D6DAA1B6DAC}C:\program files (x86)\unified remote 3\remoteserverwin.exe] => (Allow) C:\program files (x86)\unified remote 3\remoteserverwin.exe (Unified Intents AB -> Unified Intents AB)
FirewallRules: [UDP Query User{37541E06-0183-4B27-9C16-9F465B5C7FF9}C:\program files (x86)\unified remote 3\remoteserverwin.exe] => (Allow) C:\program files (x86)\unified remote 3\remoteserverwin.exe (Unified Intents AB -> Unified Intents AB)
FirewallRules: [{2B0BDE32-7D48-4F92-B0A6-020053F52DC4}] => (Block) C:\program files (x86)\unified remote 3\remoteserverwin.exe (Unified Intents AB -> Unified Intents AB)
FirewallRules: [{3E4CEA99-ED78-4530-B222-CE7C33779099}] => (Block) C:\program files (x86)\unified remote 3\remoteserverwin.exe (Unified Intents AB -> Unified Intents AB)
FirewallRules: [{EC55A4AC-6BC0-4C11-AB43-6BDF1CF496E6}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{195991E7-F519-4E4E-83B8-09A0004AB577}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{9E9FE924-DA8D-4A4B-A0D9-1C5FD6312DE2}] => (Block) C:\program files\qbittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{2D959BBE-EC08-40D6-8A1B-F0FCA5CDFB58}] => (Block) C:\program files\qbittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{082A42EA-D451-445C-971C-958CF4921A65}] => (Allow) C:\Program Files (x86)\Team MediaPortal\MediaPortal TV Server\TvService.exe => No File
FirewallRules: [{A2871D79-6BEA-4EA9-8942-9916967985BB}] => (Allow) C:\Program Files (x86)\Team MediaPortal\MediaPortal TV Server\TvService.exe => No File
FirewallRules: [{88BC138F-DBD5-437A-97D6-3C2FD8683A1F}] => (Allow) C:\Program Files (x86)\Team MediaPortal\MediaPortal TV Server\SetupTv.exe => No File
FirewallRules: [{12CD8513-591C-498A-91AB-A9226E3D8000}] => (Allow) C:\Program Files (x86)\Team MediaPortal\MediaPortal TV Server\SetupTv.exe => No File
FirewallRules: [{D9BCAAB7-1273-4AAB-9209-366F5C437BF2}] => (Allow) C:\Program Files (x86)\Team MediaPortal\MediaPortal\MediaPortal.exe => No File
FirewallRules: [{8F411665-FE1D-421F-87C4-FF6DCD4AD61B}] => (Allow) C:\Program Files (x86)\Team MediaPortal\MediaPortal\MediaPortal.exe => No File
FirewallRules: [{954A55FF-5D35-431F-B73D-A362F7A998F1}] => (Allow) LPort=3306
FirewallRules: [TCP Query User{F2B53D02-E5FD-4145-8566-D1F54C77DB66}C:\program files (x86)\team mediaportal\mediaportal\configuration.exe] => (Allow) C:\program files (x86)\team mediaportal\mediaportal\configuration.exe => No File
FirewallRules: [UDP Query User{AC6CB85C-7A35-4671-B725-351D1A5DE7B2}C:\program files (x86)\team mediaportal\mediaportal\configuration.exe] => (Allow) C:\program files (x86)\team mediaportal\mediaportal\configuration.exe => No File
FirewallRules: [TCP Query User{FC89FC44-19A3-4F5F-8859-D921F839B6E1}C:\program files\jellyfin\server\jellyfin.exe] => (Allow) C:\program files\jellyfin\server\jellyfin.exe => No File
FirewallRules: [UDP Query User{04B6ABEB-6FDB-4B28-B203-FF64F97BBDEF}C:\program files\jellyfin\server\jellyfin.exe] => (Allow) C:\program files\jellyfin\server\jellyfin.exe => No File
FirewallRules: [TCP Query User{326C29F6-4B78-47F2-8990-31928EBF0D62}C:\program files (x86)\foobar2000\foobar2000.exe] => (Allow) C:\program files (x86)\foobar2000\foobar2000.exe (Piotr Pawlowski) [File not signed]
FirewallRules: [UDP Query User{87E282B3-D59A-4F37-9725-79048518D2AC}C:\program files (x86)\foobar2000\foobar2000.exe] => (Allow) C:\program files (x86)\foobar2000\foobar2000.exe (Piotr Pawlowski) [File not signed]
FirewallRules: [TCP Query User{64516465-07E8-4215-8AFC-B3CA6ACEE8BF}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{2C7EC1F5-8449-4906-B0A2-BA2D3C0968C4}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [TCP Query User{0C2FF5D4-4833-49AA-BA05-35A02C6445E4}C:\program files (x86)\stream what you hear\swyh.exe] => (Allow) C:\program files (x86)\stream what you hear\swyh.exe => No File
FirewallRules: [UDP Query User{DC75E7B1-BD54-46E4-B1B5-90F449224647}C:\program files (x86)\stream what you hear\swyh.exe] => (Allow) C:\program files (x86)\stream what you hear\swyh.exe => No File
FirewallRules: [TCP Query User{50284367-4465-478E-8AEC-6FC011D581A3}C:\program files (x86)\gog galaxy\games\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) C:\program files (x86)\gog galaxy\games\cyberpunk 2077\bin\x64\cyberpunk2077.exe => No File
FirewallRules: [UDP Query User{7E0C6F06-D725-4149-B8BA-04C94E506937}C:\program files (x86)\gog galaxy\games\cyberpunk 2077\bin\x64\cyberpunk2077.exe] => (Allow) C:\program files (x86)\gog galaxy\games\cyberpunk 2077\bin\x64\cyberpunk2077.exe => No File
FirewallRules: [{55DA6523-E81B-4D9C-B75F-1D51FF0A2B98}] => (Block) C:\program files (x86)\gog galaxy\games\cyberpunk 2077\bin\x64\cyberpunk2077.exe => No File
FirewallRules: [{4598641C-5B6A-48BC-B19C-0E6CF84DBFBE}] => (Block) C:\program files (x86)\gog galaxy\games\cyberpunk 2077\bin\x64\cyberpunk2077.exe => No File
FirewallRules: [TCP Query User{FF336661-0640-4E47-801F-846638051722}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe => No File
FirewallRules: [UDP Query User{5AEAD668-D6BD-453D-B7C6-E6A86993C4DF}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe => No File
FirewallRules: [{5D24459B-7D70-4020-A1D9-9DCCFC675879}] => (Block) C:\program files (x86)\kodi\kodi.exe => No File
FirewallRules: [{53AE2048-70E8-4782-8CF5-E826BE7766DE}] => (Block) C:\program files (x86)\kodi\kodi.exe => No File
FirewallRules: [TCP Query User{0F8CE81F-6DC6-4F05-A23D-BF4B63E9A1E1}C:\program files (x86)\steam\steam.exe] => (Allow) C:\program files (x86)\steam\steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [UDP Query User{3934B298-4FA2-40F7-9D43-4C9C7439017F}C:\program files (x86)\steam\steam.exe] => (Allow) C:\program files (x86)\steam\steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{4D040277-6A45-4AE9-A4B8-57EB4E539827}] => (Allow) C:\Program Files (x86)\Steam\steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{B0C2955A-7DD7-4F38-92C0-2C6CBF6BC97B}] => (Allow) C:\Program Files (x86)\Steam\steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{17578B1F-9072-4EA2-B8E3-1FD89D471CD9}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{FA6DBE40-D493-4C79-B312-28206DEA29BB}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [TCP Query User{A29124EF-3A4D-403B-901A-72BE02A97DFB}C:\program files (x86)\steam\steamapps\common\torchlight iii\frontiers\binaries\win64\frontiers-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\torchlight iii\frontiers\binaries\win64\frontiers-win64-shipping.exe => No File
FirewallRules: [UDP Query User{EF59D269-4A8A-4026-9901-3B6FC8C0E5F7}C:\program files (x86)\steam\steamapps\common\torchlight iii\frontiers\binaries\win64\frontiers-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\torchlight iii\frontiers\binaries\win64\frontiers-win64-shipping.exe => No File
FirewallRules: [{10137424-1989-4AF7-BE9E-B41301CE3880}] => (Block) C:\program files (x86)\steam\steamapps\common\torchlight iii\frontiers\binaries\win64\frontiers-win64-shipping.exe => No File
FirewallRules: [{544F5D26-2CFF-40B3-BEA2-C027C9C80D7A}] => (Block) C:\program files (x86)\steam\steamapps\common\torchlight iii\frontiers\binaries\win64\frontiers-win64-shipping.exe => No File
FirewallRules: [TCP Query User{96AD5A2A-9293-457A-9A92-DC5779B729C2}C:\users\user\desktop\anydesk.exe] => (Allow) C:\users\user\desktop\anydesk.exe => No File
FirewallRules: [UDP Query User{E1804EBB-B9FF-41C3-85CA-3099F5F6C032}C:\users\user\desktop\anydesk.exe] => (Allow) C:\users\user\desktop\anydesk.exe => No File
FirewallRules: [{30876388-6A30-4575-8264-9F2A49D19DFC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{2CB22A36-9CFB-493E-9498-27031E1B1DBC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{B76EC0CA-19D6-48E3-9CB1-CB869CE39B34}C:\program files (x86)\steam\steamapps\common\smite\binaries\win64\smite.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\smite\binaries\win64\smite.exe => No File
FirewallRules: [UDP Query User{0D8BD682-254E-40D5-ABBD-94CCE150F0E6}C:\program files (x86)\steam\steamapps\common\smite\binaries\win64\smite.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\smite\binaries\win64\smite.exe => No File
FirewallRules: [TCP Query User{77ED96F9-6343-4CB0-9039-DED01A2E5F57}C:\program files\kodi\kodi.exe] => (Allow) C:\program files\kodi\kodi.exe (XBMC Foundation) [File not signed]
FirewallRules: [UDP Query User{48483E89-9F0D-4B33-83BD-BCD45CFF208A}C:\program files\kodi\kodi.exe] => (Allow) C:\program files\kodi\kodi.exe (XBMC Foundation) [File not signed]
FirewallRules: [{1F684A17-A584-4698-BEBA-0EA62A05E3EC}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{8A4037B2-8E35-4BB3-BE1D-F9BBC6EC8DE0}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{4448994F-7900-4021-9A2F-3ABC77F28F12}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{A71EC85B-4F73-42EA-99C8-DA7E85C87A52}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [TCP Query User{C06279CD-6ADA-4BDB-A930-C18CE3F3F28B}C:\users\user\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\user\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{C2739922-E3D7-432E-8675-4ACF759883C3}C:\users\user\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\user\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{1696FD22-077F-4824-BC11-47B07508E206}C:\users\user\desktop\mmorpg.tycoon.2.v0.18.0\mt2.exe] => (Block) C:\users\user\desktop\mmorpg.tycoon.2.v0.18.0\mt2.exe => No File
FirewallRules: [UDP Query User{AE94F929-C76D-4E15-86F1-EB221DADBF0A}C:\users\user\desktop\mmorpg.tycoon.2.v0.18.0\mt2.exe] => (Block) C:\users\user\desktop\mmorpg.tycoon.2.v0.18.0\mt2.exe => No File
FirewallRules: [TCP Query User{7D3F1C27-51B5-4563-93E6-B4B3D810BDD8}C:\users\user\desktop\bloons.td.6.v27.1.4229\bloonstd6.exe] => (Block) C:\users\user\desktop\bloons.td.6.v27.1.4229\bloonstd6.exe => No File
FirewallRules: [UDP Query User{FEA6AF4C-7BBA-4B17-A75E-890962B75B7A}C:\users\user\desktop\bloons.td.6.v27.1.4229\bloonstd6.exe] => (Block) C:\users\user\desktop\bloons.td.6.v27.1.4229\bloonstd6.exe => No File
FirewallRules: [TCP Query User{B1E3985B-769B-4A88-944D-924EC32204FE}C:\program files\daedalus mainnet\daedalus mainnet.exe] => (Allow) C:\program files\daedalus mainnet\daedalus mainnet.exe => No File
FirewallRules: [UDP Query User{942A8C71-C08F-40D8-BA29-86D18B378B4E}C:\program files\daedalus mainnet\daedalus mainnet.exe] => (Allow) C:\program files\daedalus mainnet\daedalus mainnet.exe => No File
FirewallRules: [TCP Query User{FCB4DB59-83F3-46AF-BFFB-D651477CE2BD}C:\program files\binance\binance.exe] => (Allow) C:\program files\binance\binance.exe (Binance Holdings Limited -> BinanceTech)
FirewallRules: [UDP Query User{9CE1D95A-F3E2-4D06-9794-8F6572C75DEB}C:\program files\binance\binance.exe] => (Allow) C:\program files\binance\binance.exe (Binance Holdings Limited -> BinanceTech)
FirewallRules: [{2E1BFBBA-90FC-40F8-8047-95BEEB59465E}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{A09E6A0E-EAB5-4216-BE03-07CB00E75AFB}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{E891B790-A28A-498A-8073-626A40BED745}] => (Allow) C:\Program Files\BlueStacks_nxt\HD-Player.exe (Bluestack Systems, Inc -> BlueStack Systems)
FirewallRules: [TCP Query User{AEA73BB4-CA8E-4686-9274-2369D58F030F}C:\program files\ldplayerbox\ldvboxheadless.exe] => (Allow) C:\program files\ldplayerbox\ldvboxheadless.exe (Shanghai Changzhi Network Technology Co., Ltd. -> Oracle Corporation)
FirewallRules: [UDP Query User{B6ED6BDE-2E7A-4D13-8B21-538CD1529EF2}C:\program files\ldplayerbox\ldvboxheadless.exe] => (Allow) C:\program files\ldplayerbox\ldvboxheadless.exe (Shanghai Changzhi Network Technology Co., Ltd. -> Oracle Corporation)
FirewallRules: [TCP Query User{36385DBA-03D4-4D40-ADB9-4AC756DBE95E}C:\program files (x86)\steam\steamapps\common\new world\bin64\newworld.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\new world\bin64\newworld.exe => No File
FirewallRules: [UDP Query User{3410CBBB-B75A-4E57-A7CE-7FD0FAD41400}C:\program files (x86)\steam\steamapps\common\new world\bin64\newworld.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\new world\bin64\newworld.exe => No File
FirewallRules: [{74d23a34-f951-4d47-9b35-9624a34b8085}] => (Allow) C:\Program Files\ldplayerbox\LdVBoxHeadless.exe (Shanghai Changzhi Network Technology Co., Ltd. -> Oracle Corporation)
FirewallRules: [TCP Query User{B0F14579-A0A3-429E-A96F-3040B14E15F1}C:\program files (x86)\steam\steamapps\common\red dead redemption 2\rdr2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\red dead redemption 2\rdr2.exe => No File
FirewallRules: [UDP Query User{A0CA4C6F-525D-45B7-B6C7-83CDA012729A}C:\program files (x86)\steam\steamapps\common\red dead redemption 2\rdr2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\red dead redemption 2\rdr2.exe => No File
FirewallRules: [TCP Query User{707D6916-9061-40D4-9E82-08259D4257E7}C:\program files (x86)\tikvpn\tikvpn.exe] => (Allow) C:\program files (x86)\tikvpn\tikvpn.exe => No File
FirewallRules: [UDP Query User{0A8A0E4E-591B-41DE-BB5B-68B24DA3B1E2}C:\program files (x86)\tikvpn\tikvpn.exe] => (Allow) C:\program files (x86)\tikvpn\tikvpn.exe => No File
FirewallRules: [TCP Query User{0B226FB5-B29D-473F-B8C7-4664FD623C57}C:\program files (x86)\tikvpn\tun2socks-tik.exe] => (Allow) C:\program files (x86)\tikvpn\tun2socks-tik.exe => No File
FirewallRules: [UDP Query User{6B2E16E2-FC60-42A0-834C-A5490F83FA41}C:\program files (x86)\tikvpn\tun2socks-tik.exe] => (Allow) C:\program files (x86)\tikvpn\tun2socks-tik.exe => No File
FirewallRules: [{AAD8DC8C-29ED-4C28-9A62-F99316BB676A}] => (Block) C:\program files (x86)\tikvpn\tun2socks-tik.exe => No File
FirewallRules: [{7F5BD5BA-55D0-498D-84A2-F2ABCC8C7E1E}] => (Block) C:\program files (x86)\tikvpn\tun2socks-tik.exe => No File
FirewallRules: [{25F4DF7B-D24B-48FC-BAA0-73A540F2A691}] => (Block) C:\program files (x86)\tikvpn\tikvpn.exe => No File
FirewallRules: [{1D62355E-E633-4632-A827-32423C7FBD89}] => (Block) C:\program files (x86)\tikvpn\tikvpn.exe => No File
FirewallRules: [TCP Query User{53A8C666-5404-4569-B75A-C41789E76918}C:\users\user\desktop\powerwash.simulator.v0.6\powerwashsimulator.exe] => (Block) C:\users\user\desktop\powerwash.simulator.v0.6\powerwashsimulator.exe () [File not signed]
FirewallRules: [UDP Query User{6F490DDF-0663-42CA-9511-9F1F8F40451F}C:\users\user\desktop\powerwash.simulator.v0.6\powerwashsimulator.exe] => (Block) C:\users\user\desktop\powerwash.simulator.v0.6\powerwashsimulator.exe () [File not signed]
FirewallRules: [{F0782B2B-5914-4CCC-BBBC-2903664FF224}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{92E6FA80-60DC-4B12-9EAC-CFFCA5CC7AE9}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{1277BF09-D6D9-4D06-9074-47115B2E4C62}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F237100B-9239-4E55-90FC-88994BD493A8}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{13B66B2B-C5BC-43E4-AD41-570424B979B4}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{7526FDAA-F91A-44FC-BE80-4A0E234CB264}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{CE3F9512-7B37-4881-B5B5-033B138EB835}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{0BEE43D0-9526-4CF2-86AB-628AAAC93481}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{AA5F3B2A-2004-4DAD-8029-A95841EBA938}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SnowRunner\Sources\Bin\SnowRunner.exe (Focus Home Interactive S.A -> Focus Home Interactive)
FirewallRules: [{BB0D5767-A242-415F-9463-85A91E26DD46}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SnowRunner\Sources\Bin\SnowRunner.exe (Focus Home Interactive S.A -> Focus Home Interactive)
FirewallRules: [{7EA7F448-CBDA-4CAF-9A84-E2728E301275}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DYSMANTLE\DYSMANTLE.exe () [File not signed]
FirewallRules: [{95606D05-EC77-4E0C-988A-2E1B711414F4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DYSMANTLE\DYSMANTLE.exe () [File not signed]
FirewallRules: [{2AC391CC-456B-4EE1-B3AB-F83C640073F2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Train Station Renovation\TSR_STEAM.exe () [File not signed]
FirewallRules: [{2BBBE72A-AFB4-4866-AFAB-C7B46F20B39A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Train Station Renovation\TSR_STEAM.exe () [File not signed]
FirewallRules: [{B8E0852A-598F-4A51-B352-205002FAD54B}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C2A91900-6FA7-447B-A92A-6FFCC59979D7}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{21A828DB-F6A5-4499-B0B8-66F20641EFA5}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{0CDEA282-05A3-4BC9-A953-E7CFF0E8E90B}C:\users\user\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\user\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{5D03C38F-91EC-46E1-9615-8CDE896C0A17}C:\users\user\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\user\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{DBBDC1E7-B594-4651-B3A8-DB6B4F4A228E}] => (Allow) C:\Program Files (x86)\Unified Remote 3\RemoteServerWin.exe (Unified Intents AB -> Unified Intents AB)
FirewallRules: [{782A8576-ED5E-447F-8AC6-312787DE2217}] => (Allow) C:\Program Files (x86)\Unified Remote 3\RemoteServerWin.exe (Unified Intents AB -> Unified Intents AB)
FirewallRules: [{2235F87D-0C2D-457E-89C7-1327DD9FD925}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{0A61C592-6B00-4F17-82B5-DDB6019D6950}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{A302CC5A-A6FA-4BC9-A812-1413E1E7C8A1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{A0DCF429-883D-4AFA-B7CB-9123591C574D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{1B4D3ED0-B0FA-43C6-A83E-09B9011508D1}] => (Allow) C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc. -> Brave Software, Inc.)
FirewallRules: [{1672FECE-C39E-4171-9792-4ADD865BAF03}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\97.0.1072.69\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{EFCBE956-B0FD-40BC-A53E-BF38FD6AC1A1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\My Time At Portia\Portia.exe () [File not signed]
FirewallRules: [{6F992C7C-537F-4D90-BE5A-F82FF1F2ECE7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\My Time At Portia\Portia.exe () [File not signed]
FirewallRules: [{281081AD-7A94-4369-AD55-30334886A556}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

26-01-2022 17:51:45 End of disinfection

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (01/26/2022 05:51:47 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Cryptographic Services zlyhala pri spracovávaní volania OnIdentity() v objekte System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary RkFlt.

System Error:
The system cannot find the file specified.
.

Error: (01/26/2022 10:59:28 AM) (Source: SecurityCenter) (EventID: 18) (User: )
Description: The Windows Security Center Service was unable to load instances of FirewallProduct from datastore.

Error: (01/26/2022 08:08:27 AM) (Source: SecurityCenter) (EventID: 18) (User: )
Description: The Windows Security Center Service was unable to load instances of FirewallProduct from datastore.

Error: (01/26/2022 07:38:23 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: zoek (1).exe, verzia: 0.0.0.0, časová značka: 0x00000000
Názov chybujúceho modulu: KERNELBASE.dll, verzia: 10.0.19041.1466, časová značka: 0xc79f51a9
Kód výnimky: 0xc0000409
Odstup chyby: 0x0012b662
Identifikácia chybujúceho procesu: 0x3460
Čas spustenia chybujúcej aplikácie: 0x01d8127f4b75cdbd
Cesta chybujúcej aplikácie: C:\Users\User\Desktop\zoek (1).exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\KERNELBASE.dll
Identifikácia hlásenia: 4c104505-5c48-4ea9-a80f-693b1bdf651e
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:

Error: (01/26/2022 07:37:54 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: zoek (1).exe, verzia: 0.0.0.0, časová značka: 0x00000000
Názov chybujúceho modulu: KERNELBASE.dll, verzia: 10.0.19041.1466, časová značka: 0xc79f51a9
Kód výnimky: 0xc0000409
Odstup chyby: 0x0012b662
Identifikácia chybujúceho procesu: 0x3ed0
Čas spustenia chybujúcej aplikácie: 0x01d8127f39c6d95b
Cesta chybujúcej aplikácie: C:\Users\User\Desktop\zoek (1).exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\KERNELBASE.dll
Identifikácia hlásenia: 7762bf86-d05b-4844-8b30-1a2474f69646
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:

Error: (01/26/2022 07:36:49 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: zoek (1).exe, verzia: 0.0.0.0, časová značka: 0x00000000
Názov chybujúceho modulu: KERNELBASE.dll, verzia: 10.0.19041.1466, časová značka: 0xc79f51a9
Kód výnimky: 0xc0000409
Odstup chyby: 0x0012b662
Identifikácia chybujúceho procesu: 0x3648
Čas spustenia chybujúcej aplikácie: 0x01d8127f142cd045
Cesta chybujúcej aplikácie: C:\Users\User\Desktop\zoek (1).exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\KERNELBASE.dll
Identifikácia hlásenia: 9ab6deed-44ba-475e-9ed5-68f741056ccb
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:

Error: (01/26/2022 07:35:54 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: zoek (1).exe, verzia: 0.0.0.0, časová značka: 0x00000000
Názov chybujúceho modulu: KERNELBASE.dll, verzia: 10.0.19041.1466, časová značka: 0xc79f51a9
Kód výnimky: 0xc0000409
Odstup chyby: 0x0012b662
Identifikácia chybujúceho procesu: 0x4cc
Čas spustenia chybujúcej aplikácie: 0x01d8127ef38292b2
Cesta chybujúcej aplikácie: C:\Users\User\Desktop\zoek (1).exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\KERNELBASE.dll
Identifikácia hlásenia: d6542548-841a-426e-8840-c35cc8ca30c3
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:

Error: (01/26/2022 07:35:20 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: zoek (1).exe, verzia: 0.0.0.0, časová značka: 0x00000000
Názov chybujúceho modulu: KERNELBASE.dll, verzia: 10.0.19041.1466, časová značka: 0xc79f51a9
Kód výnimky: 0xc0000409
Odstup chyby: 0x0012b662
Identifikácia chybujúceho procesu: 0x10f0
Čas spustenia chybujúcej aplikácie: 0x01d8127ede6683d3
Cesta chybujúcej aplikácie: C:\Users\User\Desktop\zoek (1).exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\KERNELBASE.dll
Identifikácia hlásenia: 97e1e492-dce9-4610-b526-bad8df6ebc3c
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:


System errors:
=============
Error: (01/26/2022 07:58:25 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označená ako interaktívna služba. Systém je však nakonfigurovaný tak, aby nepovolil interaktívne služby. Služba pravdepodobne nebude pracovať správne.

Error: (01/26/2022 07:58:25 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označená ako interaktívna služba. Systém je však nakonfigurovaný tak, aby nepovolil interaktívne služby. Služba pravdepodobne nebude pracovať správne.

Error: (01/26/2022 07:58:24 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označená ako interaktívna služba. Systém je však nakonfigurovaný tak, aby nepovolil interaktívne služby. Služba pravdepodobne nebude pracovať správne.

Error: (01/26/2022 07:58:24 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označená ako interaktívna služba. Systém je však nakonfigurovaný tak, aby nepovolil interaktívne služby. Služba pravdepodobne nebude pracovať správne.

Error: (01/26/2022 07:58:24 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označená ako interaktívna služba. Systém je však nakonfigurovaný tak, aby nepovolil interaktívne služby. Služba pravdepodobne nebude pracovať správne.

Error: (01/25/2022 08:04:00 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA LocalSystem Container sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1 krát. O 6000 ms bude vykonaná nasledujúca opravná akcia: Reštartovať službu.

Error: (01/25/2022 08:04:00 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA Display Container LS sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1 krát. O 6000 ms bude vykonaná nasledujúca opravná akcia: Reštartovať službu.

Error: (01/25/2022 07:58:49 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba nordvpn-service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.


CodeIntegrity:
===============
Date: 2022-01-26 20:01:27
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume6\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

BIOS: American Megatrends Inc. 1.A0 12/28/2016
Motherboard: MSI Z170A SLI PLUS (MS-7998)
Processor: Intel(R) Core(TM) i7-7700K CPU @ 4.20GHz
Percentage of memory in use: 36%
Total physical RAM: 16344.37 MB
Available physical RAM: 10349.25 MB
Total Virtual: 22439.86 MB
Available Virtual: 10807.05 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:475.88 GB) (Free:223.93 GB) NTFS
Drive d: () (Fixed) (Total:1862.89 GB) (Free:1092.09 GB) NTFS

\\?\Volume{a43958cf-680e-4cd6-87b0-9351a9a8dde5}\ (Obnovenie) (Fixed) (Total:0.44 GB) (Free:0.43 GB) NTFS
\\?\Volume{cae5e715-e98a-4df1-bc40-09959675454c}\ () (Fixed) (Total:0.5 GB) (Free:0.08 GB) NTFS
\\?\Volume{94b54417-2e3a-48da-a1b1-3e34a2be9b3d}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: 097BA2F6)

Partition: GPT.

==========================================================
Disk: 1 (Size: 476.9 GB) (Disk ID: 097C02F7)

Partition: GPT.

==================== End of Addition.txt =======================
Nahoru
Odpovědět

Zpět na “HiJackThis”

Kdo je online

Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 6 hostů