Přesměrovávání na jinou stránku + problémy

[Karrex]

Ahoj, tento PC přesměrovává na jiné weby. Také dochází k útokům ze sítě na servery ISP a to i v době, kdy není zaplé nic, kromě kamer, switche, routeru a modemu .

HTJ:
Logfile of HiJackThis Fork by Alex Dragokas v.2.10.0.31

Platform: x64 Windows 11 (Pro), 10.0.26100.4351 (ReleaseId: 2009, 24H2), Service Pack: 0
Time: 17.06.2025 - 11:30 (UTC+02:00)
Language: OS: Czech (0x405). Display: Czech (0x405). Non-Unicode: Czech (0x405)
Memory: 55188 MiB Free (17 %). CPU Loading: (5 %)
Elevated: Yes
Ran by: LM (group: Administrators) on DESKTOP-8D4LOVK, FirstRun: yes

Chrome: 137.0.7151.104
Internet Explorer: 11.0.26100.1882
Default: "C:\Program Files\Google\Chrome\Application\chrome.exe" --single-argument %1 (Google Chrome)

Boot mode: Normal

Running processes:
Number | Path
1 C:\Program Files (x86)\Brother\iPrint&Scan\USBAppControl.exe
1 C:\Program Files (x86)\Brother\iPrint&Scan\WorkflowAppControl.exe
1 C:\Program Files (x86)\Brother\SoftwareUpdateNotification\SoftwareUpdateNotificationService.exe
1 C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
1 C:\Program Files (x86)\Browny02\BrYNSvc.exe
1 C:\Program Files (x86)\Camo Studio\Service\CamoService.exe
1 C:\Program Files (x86)\Common Files\Steam\steamservice.exe
8 C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
1 C:\Program Files (x86)\Gigabyte\EasyTuneEngineService\EasyTuneEngineService.exe
1 C:\Program Files (x86)\Gyazo\GyazoVideoCore.exe
1 C:\Program Files (x86)\Gyazo\GyStation.exe
6 C:\Program Files (x86)\Microsoft\EdgeWebView\Application\137.0.3296.83\msedgewebview2.exe
1 C:\Program Files (x86)\Samsung\Samsung Magician\MigrationService\MigrationService.exe
4 C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe
1 C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagicianSVC.exe
7 C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
1 C:\Program Files (x86)\Steam\steam.exe
1 C:\Program Files (x86)\Thrustmaster\TARGET\TmService.exe
1 C:\Program Files (x86)\UltraViewer\UltraViewer_Service.exe
1 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
1 C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
1 C:\Program Files\Corsair\Corsair iCUE5 Software\CorsairCpuIdService.exe
2 C:\Program Files\Corsair\Corsair iCUE5 Software\crashpad_handler.exe
1 C:\Program Files\Corsair\Corsair iCUE5 Software\iCUE.exe
1 C:\Program Files\Corsair\Corsair iCUE5 Software\iCUEUpdateService.exe
1 C:\Program Files\ESET\ESET Security\BrowserPrivacyAndSecurity.exe
1 C:\Program Files\ESET\ESET Security\efwd.exe
1 C:\Program Files\ESET\ESET Security\eguiProxy.exe
1 C:\Program Files\ESET\ESET Security\ekrn.exe
1 C:\Program Files\ESET\ESET Security\eOppFrame.exe
1 C:\Program Files\GIGABYTE\Control Center\GCC.exe
16 C:\Program Files\Google\Chrome\Application\chrome.exe
1 C:\Program Files\LGHUB\lghub_agent.exe
1 C:\Program Files\LGHUB\lghub_updater.exe
1 C:\Program Files\LGHUB\system_tray\lghub_system_tray.exe
1 C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe
1 C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
1 C:\Program Files\Microsoft Office\root\Office16\SDXHelper.exe
3 C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
1 C:\Program Files\Riot Vanguard\vgtray.exe
1 C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2523.1.0_x64__cv1g1gvanyjgm\WhatsApp.exe
1 C:\Program Files\WindowsApps\Microsoft.GamingServices_28.100.8001.0_x64__8wekyb3d8bbwe\gamingservices.exe
1 C:\Program Files\WindowsApps\Microsoft.GamingServices_28.100.8001.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe
1 C:\Program Files\WindowsApps\Microsoft.StartExperiencesApp_1.41.3.0_x64__8wekyb3d8bbwe\MicrosoftStartFeedProvider\MicrosoftStartFeedProvider.exe
1 C:\Program Files\WindowsApps\Microsoft.WidgetsPlatformRuntime_1.6.9.0_x64__8wekyb3d8bbwe\WidgetService\WidgetService.exe
1 C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2025.11040.23001.0_x64__8wekyb3d8bbwe\Photos.exe
1 C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_525.10401.30.0_x64__cw5n1h2txyewy\WidgetBoard.exe
1 C:\Program Files\WindowsApps\MicrosoftWindows.CrossDevice_1.25042.38.0_x64__cw5n1h2txyewy\CrossDeviceService.exe
1 C:\Users\LM\AppData\Local\FluxSoftware\Flux\flux.exe
4 C:\Users\LM\AppData\Local\Programs\U.GG\U.GG.exe
1 C:\Users\LM\AppData\Local\Temp\AnyViewer\AVCore.exe
1 C:\Users\LM\AppData\Local\Temp\AnyViewer\RCClient.exe
1 C:\Users\LM\AppData\Local\Temp\AnyViewer\RCService.exe
1 C:\Users\LM\AppData\Local\Viber\Viber.exe
1 C:\Users\LM\Desktop\HiJackThis\HiJackThis.exe
1 C:\Windows\explorer.exe
1 C:\Windows\ImmersiveControlPanel\SystemSettings.exe
1 C:\Windows\RtkBtManServ.exe
1 C:\Windows\System32\AggregatorHost.exe
1 C:\Windows\System32\ApplicationFrameHost.exe
1 C:\Windows\System32\audiodg.exe
6 C:\Windows\System32\backgroundTaskHost.exe
1 C:\Windows\System32\cmd.exe
1 C:\Windows\System32\conhost.exe
2 C:\Windows\System32\csrss.exe
2 C:\Windows\System32\ctfmon.exe
2 C:\Windows\System32\dasHost.exe
1 C:\Windows\System32\DbxSvc.exe
7 C:\Windows\System32\dllhost.exe
1 C:\Windows\System32\DriverStore\FileRepository\logi_lamparray_usb.inf_amd64_03f1ba0930191bc7\logi_lamparray_service.exe
2 C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_d2629211e16b69ec\Display.NvContainer\NVDisplay.Container.exe
2 C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_c2fa179f72a88c18\RtkAudUService64.exe
1 C:\Windows\System32\dwm.exe
2 C:\Windows\System32\fontdrvhost.exe
1 C:\Windows\System32\lsass.exe
1 C:\Windows\System32\oobe\UserOOBEBroker.exe
6 C:\Windows\System32\RuntimeBroker.exe
1 C:\Windows\System32\SearchIndexer.exe
1 C:\Windows\System32\SecurityHealthService.exe
1 C:\Windows\System32\SecurityHealthSystray.exe
1 C:\Windows\System32\services.exe
1 C:\Windows\System32\ShellHost.exe
1 C:\Windows\System32\sihost.exe
1 C:\Windows\System32\smartscreen.exe
1 C:\Windows\System32\smss.exe
1 C:\Windows\System32\spoolsv.exe
1 C:\Windows\System32\sppsvc.exe
85 C:\Windows\System32\svchost.exe
2 C:\Windows\System32\taskhostw.exe
2 C:\Windows\System32\wbem\unsecapp.exe
1 C:\Windows\System32\wbem\WmiApSrv.exe
2 C:\Windows\System32\wbem\WmiPrvSE.exe
1 C:\Windows\System32\wininit.exe
1 C:\Windows\System32\winlogon.exe
1 C:\Windows\System32\WUDFHost.exe
1 C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
1 C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe
1 C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TextInputHost.exe
1 C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
1 C:\Windows\UUS\Packages\Preview\amd64\MoUsoCoreWorker.exe
1 F:\Riot Games\Riot Client\RiotClientCrashHandler.exe
1 F:\Riot Games\Riot Client\RiotClientServices.exe

O1 - Hosts: ::1 karty.local #Local Site
O1 - Hosts: 127.0.0.1 karty.local #Local Site
O1 - Hosts: ::1 www.karty.local #Local Site
O1 - Hosts: 127.0.0.1 www.karty.local #Local Site
O2 - HKLM\..\BHO: Adobe Acrobat Create PDF Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll
O2 - HKLM\..\BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll
O2-32 - HKLM\..\BHO: Adobe Acrobat Create PDF Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll
O2-32 - HKLM\..\BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll
O3 - HKLM\..\Toolbar: Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll
O3-32 - HKLM\..\Toolbar: Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll
O4 - HKCU\..\Run: [electron.app.U.GG] = C:\Users\LM\AppData\Local\Programs\U.GG\U.GG.exe --autostart
O4 - HKCU\..\Run: [f.lux] = C:\Users\LM\AppData\Local\FluxSoftware\Flux\flux.exe /noshow
O4 - HKCU\..\Run: [Gyazo] = C:\Program Files (x86)\Gyazo\GyStation.exe
O4 - HKCU\..\Run: [LGHUB] = C:\Program Files\LGHUB\system_tray\lghub_system_tray.exe --minimized
O4 - HKCU\..\Run: [RiotClient] = F:\Riot Games\Riot Client\RiotClientServices.exe --launch-background-mode
O4 - HKCU\..\Run: [Spotify] = C:\Users\LM\AppData\Roaming\Spotify\Spotify.exe --autostart --minimized
O4 - HKCU\..\Run: [Steam] = C:\Program Files (x86)\Steam\steam.exe -silent
O4 - HKCU\..\Run: [Viber] = C:\Users\LM\AppData\Local\Viber\Viber.exe AutoStart
O4 - HKLM\..\Run: [Corsair iCUE5 Software] = C:\Program Files\Corsair\Corsair iCUE5 Software\iCUE Launcher.exe --autorun
O4 - HKLM\..\Run: [egui] = C:\Program Files\ESET\ESET Security\ecmds.exe /run /hide /proxy
O4 - HKLM\..\Run: [Riot Vanguard] = C:\Program Files\Riot Vanguard\vgtray.exe
O4 - HKLM\..\Run: [RtkAudUService] = C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_c2fa179f72a88c18\RtkAudUService64.exe -background
O4 - HKU\S-1-5-19\..\Run: [OneDriveSetup] = C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (Microsoft) (User 'Local service')
O4 - HKU\S-1-5-19\..\RunOnce: [WAB Migrate] = C:\Program Files\Windows Mail\wab.exe /Upgrade (User 'Local service')
O4 - HKU\S-1-5-20\..\Run: [OneDriveSetup] = C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (Microsoft) (User 'Network service')
O4 - HKU\S-1-5-20\..\RunOnce: [WAB Migrate] = C:\Program Files\Windows Mail\wab.exe /Upgrade (User 'Network service')
O4-32 - HKLM\..\Run: [BrotherSoftwareUpdateNotification] = C:\Program Files (x86)\Brother\SoftwareUpdateNotification\SoftwareUpdateNotificationService.exe /Autorun
O4-32 - HKLM\..\Run: [BrStsMon00] = C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN
O4-32 - HKLM\..\Run: [Dropbox] = C:\Program Files (x86)\Dropbox\Client\Dropbox.exe /systemstartup
O4-32 - HKLM\..\Run: [M17A] = C:\WINDOWS\twain_32\Brimm17a\Common\TwDsUiLaunch.exe
O7 - KnownFolder: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders, {374DE290-123F-4565-9164-39C4925E467B} = D:\Stažené soubory
O7 - KnownFolder: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders, My Pictures = D:\Obrázky
O7 - KnownFolder: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders, {374DE290-123F-4565-9164-39C4925E467B} = D:\Stažené soubory
O7 - KnownFolder: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders, My Pictures = D:\Obrázky
O7 - Policy: HKLM\Software\Microsoft\Windows Defender: [DisableAntiSpyware] = 1
O7 - Policy: HKLM\Software\Microsoft\Windows Defender: [DisableAntiVirus] = 1
O15 - Trusted Zone: https://*.ultraviewer.net
O17 - DHCP DNS 1: 192.168.0.2
O21 - HKLM\..\ShellIconOverlayIdentifiers\ - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.79.0.dll
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive1: (no name) - {BBACC218-34EA-4666-9D7A-C78F2274A524} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive2: (no name) - {5AB7172C-9C11-405C-8DD5-AF20F3606282} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive3: (no name) - {A78ED123-AB77-406B-9962-2A5D9D2F7F30} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive4: (no name) - {F241C880-6982-4CE5-8CF7-7085BA96DA5A} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive5: (no name) - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive6: (no name) - {9AA2F32D-362A-42D9-9328-24A483E2CCC3} - (no file)
O21 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive7: (no name) - {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ - C:\Program Files (x86)\Dropbox\Client\DropboxExt.79.0.dll
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive1: (no name) - {BBACC218-34EA-4666-9D7A-C78F2274A524} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive2: (no name) - {5AB7172C-9C11-405C-8DD5-AF20F3606282} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive3: (no name) - {A78ED123-AB77-406B-9962-2A5D9D2F7F30} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive4: (no name) - {F241C880-6982-4CE5-8CF7-7085BA96DA5A} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive5: (no name) - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive6: (no name) - {9AA2F32D-362A-42D9-9328-24A483E2CCC3} - (no file)
O21-32 - HKLM\..\ShellIconOverlayIdentifiers\ OneDrive7: (no name) - {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} - (no file)
O22 - Tasks: (damaged) \Microsoft\Windows\Application Experience\MareBackup - C:\WINDOWS\system32\compattelrunner.exe -m:aemarebackup.dll -f:BackupMareData (Microsoft) (user missing)
O22 - Tasks: (damaged) \Microsoft\Windows\Application Experience\MareBackup - C:\WINDOWS\system32\compattelrunner.exe -m:appraiser.dll -f:DoScheduledTelemetryRun (Microsoft) (user missing)
O22 - Tasks: (disabled) (telemetry) \Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - C:\WINDOWS\system32\sc.exe start InventorySvc
O22 - Tasks: (disabled) (telemetry) \Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser Exp - C:\WINDOWS\system32\compattelrunner.exe -m:appraiser.dll -f:DoScheduledTelemetryRun express (Microsoft)
O22 - Tasks: (disabled) \Microsoft\Office\Office Actions Server - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\ActionsServer\ActionsServer.exe availabilitycheck (Microsoft)
O22 - Tasks: (disabled) \Microsoft\Windows\Clip\LicenseImdsIntegration - C:\WINDOWS\system32\fclip.exe (Microsoft)
O22 - Tasks: (disabled) \Microsoft\Windows\Device Setup\Driver Recovery on Reboot - {452f6ddc-7930-4b57-8794-19cd7420241d} - C:\WINDOWS\System32\DeviceSetupManagerAPI.dll (Microsoft)
O22 - Tasks: (disabled) \Microsoft\Windows\Flighting\FeatureConfig\BootstrapUsageDataReporting - {D759C938-B375-41CB-A2A2-E6D866A767F4} - C:\Windows\System32\fcon.dll (Microsoft)
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Autopilot\DetectHardwareChange - {62B2DD2C-F129-42EE-BF59-55D3FD21C215},DetectHardwareChange - C:\Windows\System32\Autopilot.dll (Microsoft)
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Autopilot\RemediateHardwareChange - {62B2DD2C-F129-42EE-BF59-55D3FD21C215},RemediateHardwareChange - C:\Windows\System32\Autopilot.dll (Microsoft)
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Provisioning\MdmDiagnosticsCleanup - C:\WINDOWS\system32\MdmDiagnosticsTool.exe /clean (Microsoft)
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Provisioning\Retry - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ProvRetryTask (Microsoft)
O22 - Tasks: (disabled) \Microsoft\Windows\Management\Provisioning\RunOnReboot - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ContinueSessionTask (Microsoft)
O22 - Tasks: (disabled) \Microsoft\Windows\Servicing\OOBEFodSetup - C:\WINDOWS\system32\OOBEFodSetup.exe (Microsoft)
O22 - Tasks: (disabled) \Microsoft\Windows\SharedPC\Account Cleanup - {7750564D-D61C-4557-8A9D-7DF56BDCFF96} - C:\WINDOWS\system32\Windows.SharedPC.AccountManager.dll (Microsoft)
O22 - Tasks: (disabled) \Microsoft\Windows\Shell\ThemeAssetTask_SyncFODState - {3BC5DD7D-EA3B-428C-B9B6-0723DB6A1057} - C:\Windows\System32\Windows.UI.Immersive.dll (Microsoft)
O22 - Tasks: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Maintenance Work - C:\WINDOWS\system32\usoclient.exe StartMaintenanceWork (Microsoft)
O22 - Tasks: (disabled) \Microsoft\Windows\UpdateOrchestrator\Schedule Wake To Work - C:\WINDOWS\system32\usoclient.exe StartWork (Microsoft)
O22 - Tasks: (disabled) \Microsoft\Windows\WindowsAI\Recall\InitialConfiguration - {709FD5EF-7296-4154-BD3A-E9830FCFA60A} - C:\WINDOWS\system32\ShellConfigTask.dll (Microsoft)
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\MareBackup - C:\WINDOWS\system32\compattelrunner.exe -m:aeinv.dll -f:UpdateSoftwareInventoryW invsvc (Microsoft)
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\MareBackup - C:\WINDOWS\system32\compattelrunner.exe -m:aemarebackup.dll -f:BackupMareData (Microsoft)
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\MareBackup - C:\WINDOWS\system32\compattelrunner.exe -m:appraiser.dll -f:DoScheduledTelemetryRun (Microsoft)
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\PcaPatchDbTask - C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\PcaSvc.dll,PcaPatchSdbTask (Microsoft)
O22 - Tasks: (telemetry) \Microsoft\Windows\Application Experience\SdbinstMergeDbTask - C:\WINDOWS\system32\sdbinst.exe -mm (Microsoft)
O22 - Tasks: (telemetry) \Microsoft\Windows\Sustainability\SustainabilityTelemetry - {6EE41D75-D091-4FB7-9AD5-018760DD25D4} - C:\WINDOWS\system32\EcoScoreTask.dll (Microsoft)
O22 - Tasks: \DropboxSystem\DropboxUpdater\DropboxUpdaterTaskSystem123.0.6299.109{1FF9E5F2-5243-4238-902E-A738E9D36E59} - C:\Program Files\Dropbox\DropboxUpdater\123.0.6299.109\updater.exe --wake --system --enable-logging --vmodule=*/components/winhttp/*=1,*/components/update_client/*=2,*/chrome/updater/*=2
O22 - Tasks: \GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem138.0.7194.0{8F4B049D-2F76-4569-BE30-BC69A4130E6B} - C:\Program Files (x86)\Google\GoogleUpdater\138.0.7194.0\updater.exe --wake --system
O22 - Tasks: \Microsoft\Office\Office Background Push Maintenance - C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\opushutil.exe /pushregistration (Microsoft)
O22 - Tasks: \Microsoft\Office\Office Performance Monitor - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe (Microsoft)
O22 - Tasks: \Microsoft\Office\Office Startup Boost - C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe /prewarm (Microsoft)
O22 - Tasks: \Microsoft\Office\Office Startup Boost Logon - C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe /prewarm (Microsoft)
O22 - Tasks: \Microsoft\Windows\AccountHealth\RecoverabilityToastTask - {B7F5B442-EBF8-46CD-9F0B-D8E45ED43492},-flow showtoast -checkup recoverability - C:\WINDOWS\system32\AccountHealth.dll (Microsoft)
O22 - Tasks: \Microsoft\Windows\AppListBackup\BackupNonMaintenance - {E0DCC2CC-3354-45F2-8914-519E07809082} - C:\WINDOWS\system32\AppListBackupLauncher.dll (Microsoft)
O22 - Tasks: \Microsoft\Windows\AppxDeploymentClient\UCPD velocity - C:\WINDOWS\system32\UCPDMgr.exe (Microsoft)
O22 - Tasks: \Microsoft\Windows\CloudRestore\Backup - {722D0F89-B69C-4700-AE8C-4A44350E4876},$(Arg0) - C:\Windows\System32\CloudRestoreLauncher.dll (Microsoft)
O22 - Tasks: \Microsoft\Windows\ConsentUX\UnifiedConsent\UnifiedConsentSyncTask - {82AA0895-198A-4C1B-B2D1-C16894218AFB} - C:\WINDOWS\System32\unifiedconsent.dll (Microsoft)
O22 - Tasks: \Microsoft\Windows\Containers\CmCleanup - {F50E9363-6BC8-4DC5-8CAB-7D9F8C1B81B4} - C:\WINDOWS\System32\cmcleanup.dll (Microsoft)
O22 - Tasks: \Microsoft\Windows\Diagnosis\UnexpectedCodepath - C:\WINDOWS\system32\UCConfigTask.exe (Microsoft)
O22 - Tasks: \Microsoft\Windows\Flighting\FeatureConfig\ReconcileConfigs - {15F5ECE1-4550-4A92-8E26-984FD1DA54FA} - C:\WINDOWS\System32\fcon.dll (Microsoft)
O22 - Tasks: \Microsoft\Windows\Flighting\FeatureConfig\UsageDataReceiver - {D4C0420F-76BD-4F66-A91F-918A93ABEBEB} - C:\Windows\System32\fcon.dll (Microsoft)
O22 - Tasks: \Microsoft\Windows\Hotpatch\Monitoring - C:\WINDOWS\system32\cmd.exe /d /c C:\WINDOWS\system32\hpatchmonTask.cmd
O22 - Tasks: \Microsoft\Windows\Input\InputSettingsRestoreDataAvailable - {378EAB97-EFD6-4ED5-9AD9-E64A6AA1E6FA},InputSettingsRestoreDataAvailable - C:\Windows\System32\InputCloudStore.dll (Microsoft)
O22 - Tasks: \Microsoft\Windows\Input\RemoteMouseSyncDataAvailable - {378EAB97-EFD6-4ED5-9AD9-E64A6AA1E6FA},RemoteMouseSyncDataAvailable - C:\Windows\System32\InputCloudStore.dll (Microsoft)
O22 - Tasks: \Microsoft\Windows\Input\RemotePenSyncDataAvailable - {378EAB97-EFD6-4ED5-9AD9-E64A6AA1E6FA},RemotePenSyncDataAvailable - C:\Windows\System32\InputCloudStore.dll (Microsoft)
O22 - Tasks: \Microsoft\Windows\Input\RemoteTouchpadSyncDataAvailable - {378EAB97-EFD6-4ED5-9AD9-E64A6AA1E6FA},RemoteTouchpadSyncDataAvailable - C:\Windows\System32\InputCloudStore.dll (Microsoft)
O22 - Tasks: \Microsoft\Windows\Input\syncpensettings - {3ECEE215-83F5-4123-A592-74F1FE4C3D59},SYNC_PEN_SETTINGS - C:\Windows\System32\SettingsHandlers_Pen.dll (Microsoft)
O22 - Tasks: \Microsoft\Windows\InstallService\RestoreDevice - {7F019157-05C8-473F-8664-2BA04A090DC8} - C:\Windows\System32\InstallServiceTasks.dll (Microsoft)
O22 - Tasks: \Microsoft\Windows\Location\Notifications - C:\WINDOWS\System32\LocationNotificationWindows.exe (file missing)
O22 - Tasks: \Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser - C:\WINDOWS\System32\MbaeParserTask.exe (file missing)
O22 - Tasks: \Microsoft\Windows\Network Connectivity Status Indicator\NcsiIdentifyUserProxies - {706B965A-8308-4CD4-9900-87C2D79C121B} - C:\Windows\System32\netprofm.dll (Microsoft)
O22 - Tasks: \Microsoft\Windows\PerformanceTrace\RequestTrace - {9EFEB182-2EE3-4AF9-AFFA-521410D110D1} - C:\WINDOWS\system32\PerformanceTraceHandler.dll (Microsoft)
O22 - Tasks: \Microsoft\Windows\ReFsDedupSvc\Initialization - {DCFF735B-64F7-45F3-B39C-6C66BBE2120F} - C:\WINDOWS\System32\ReFsDedupSvc.exe (Microsoft)
O22 - Tasks: \Microsoft\Windows\SMB\UninstallSMB1ClientTask - C:\WINDOWS\system32\WindowsPowerShell\v1.0\powershell.exe -ExecutionPolicy Unrestricted -NonInteractive -NoProfile -WindowStyle Hidden "& C:\WINDOWS\system32\WindowsPowerShell\v1.0\Modules\SmbShare\DisableUnusedSmb1.ps1 -Scenario Client"
O22 - Tasks: \Microsoft\Windows\SMB\UninstallSMB1ServerTask - C:\WINDOWS\system32\WindowsPowerShell\v1.0\powershell.exe -ExecutionPolicy Unrestricted -NonInteractive -NoProfile -WindowStyle Hidden "& C:\WINDOWS\system32\WindowsPowerShell\v1.0\Modules\SmbShare\DisableUnusedSmb1.ps1 -Scenario Server"
O22 - Tasks: \Microsoft\Windows\Sustainability\PowerGridForecastTask - {251E5B1F-E370-4E12-B5BD-B7AD2A8EE810} - C:\WINDOWS\system32\PowerGridForecastTask.dll (Microsoft)
O22 - Tasks: \Microsoft\Windows\TPM\Tpm-PreAttestationHealthCheck - {5014B7C8-934E-4262-9816-887FA745A6C4},TpmPreAttestationHealthCheck - C:\WINDOWS\system32\TpmTasks.dll (Microsoft)
O22 - Tasks: \Microsoft\Windows\UpdateOrchestrator\UIEOrchestrator - C:\WINDOWS\system32\UIEOrchestrator.exe /SendHeartbeat (Microsoft)
O22 - Tasks: \Microsoft\Windows\UpdateOrchestrator\USO_UxBroker - C:\WINDOWS\system32\MusNotification.exe (file missing)
O22 - Tasks: \Microsoft\Windows\UpdateOrchestrator\UUS Failover Task - C:\WINDOWS\System32\MLEngineStub.exe HandleUusFailoverEvaluationSignalFromWnf (Microsoft)
O22 - Tasks: \Microsoft\Windows\WindowsAI\Recall\PolicyConfiguration - {0BE6820D-B667-4CB6-931B-C153A77DA895} - C:\WINDOWS\system32\ShellConfigTask.dll (Microsoft)
O22 - Tasks: \Microsoft\Windows\WindowsUpdate\Refresh Group Policy Cache - {07369A67-07A6-4608-ABEA-379491CB7C46} - C:\Windows\System32\UpdatePolicy.dll (Microsoft)
O22 - Tasks: GCC - C:\Program Files\GIGABYTE\Control Center\GCC.exe -b
O22 - Tasks: GyazoUpdateTaskMachine - C:\Program Files (x86)\Gyazo\GyazoUpdate.exe
O22 - Tasks: GyazoUpdateTaskMachineDaily - C:\Program Files (x86)\Gyazo\GyazoUpdate.exe
O22 - Tasks: npcapwatchdog - C:\Program Files\Npcap\CheckStatus.bat
O22 - Tasks: NVIDIA App SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NVIDIA App\CEF\NVIDIA App.exe
O22 - Tasks: SamsungMagician - C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe --disable-gpu-sandbox /AUTOHIDE
O22 - Tasks: Thunderbird - C:\Program Files\Mozilla Thunderbird\thunderbird.exe
O22 - Tasks_Migrated: (damaged) \Microsoft\Windows\Application Experience\MareBackup - C:\WINDOWS\system32\compattelrunner.exe -m:aemarebackup.dll -f:BackupMareData (Microsoft) (user missing)
O22 - Tasks_Migrated: (damaged) \Microsoft\Windows\Application Experience\MareBackup - C:\WINDOWS\system32\compattelrunner.exe -m:appraiser.dll -f:DoScheduledTelemetryRun (Microsoft) (user missing)
O22 - Tasks_Migrated: (disabled) \Microsoft\Windows\Clip\LicenseImdsIntegration - C:\WINDOWS\system32\fclip.exe (Microsoft)
O22 - Tasks_Migrated: (disabled) \Microsoft\Windows\Flighting\FeatureConfig\BootstrapUsageDataReporting - {D759C938-B375-41CB-A2A2-E6D866A767F4} - C:\Windows\System32\fcon.dll (Microsoft)
O22 - Tasks_Migrated: (disabled) \Microsoft\Windows\Management\Autopilot\DetectHardwareChange - {62B2DD2C-F129-42EE-BF59-55D3FD21C215},DetectHardwareChange - C:\Windows\System32\Autopilot.dll (Microsoft)
O22 - Tasks_Migrated: (disabled) \Microsoft\Windows\Management\Autopilot\RemediateHardwareChange - {62B2DD2C-F129-42EE-BF59-55D3FD21C215},RemediateHardwareChange - C:\Windows\System32\Autopilot.dll (Microsoft)
O22 - Tasks_Migrated: (disabled) \Microsoft\Windows\Management\Provisioning\MdmDiagnosticsCleanup - C:\WINDOWS\system32\MdmDiagnosticsTool.exe /clean (Microsoft)
O22 - Tasks_Migrated: (disabled) \Microsoft\Windows\Management\Provisioning\Retry - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ProvRetryTask (Microsoft)
O22 - Tasks_Migrated: (disabled) \Microsoft\Windows\Management\Provisioning\RunOnReboot - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source ContinueSessionTask (Microsoft)
O22 - Tasks_Migrated: (disabled) \Microsoft\Windows\Shell\ThemeAssetTask_SyncFODState - {3BC5DD7D-EA3B-428C-B9B6-0723DB6A1057} - C:\Windows\System32\Windows.UI.Immersive.dll (Microsoft)
O22 - Tasks_Migrated: (telemetry) \Microsoft\Windows\Application Experience\MareBackup - C:\WINDOWS\system32\compattelrunner.exe -m:aeinv.dll -f:UpdateSoftwareInventoryW invsvc (Microsoft)
O22 - Tasks_Migrated: (telemetry) \Microsoft\Windows\Application Experience\MareBackup - C:\WINDOWS\system32\compattelrunner.exe -m:aemarebackup.dll -f:BackupMareData (Microsoft)
O22 - Tasks_Migrated: (telemetry) \Microsoft\Windows\Application Experience\MareBackup - C:\WINDOWS\system32\compattelrunner.exe -m:appraiser.dll -f:DoScheduledTelemetryRun (Microsoft)
O22 - Tasks_Migrated: (telemetry) \Microsoft\Windows\Application Experience\PcaPatchDbTask - C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\PcaSvc.dll,PcaPatchSdbTask (Microsoft)
O22 - Tasks_Migrated: (telemetry) \Microsoft\Windows\Application Experience\PcaWallpaperAppDetect - C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\PcaSvc.dll,PcaWallpaperAppDetect (Microsoft)
O22 - Tasks_Migrated: (telemetry) \Microsoft\Windows\Application Experience\SdbinstMergeDbTask - C:\WINDOWS\system32\sdbinst.exe -mm (Microsoft)
O22 - Tasks_Migrated: (telemetry) NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe (file missing)
O22 - Tasks_Migrated: (telemetry) NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe (file missing)
O22 - Tasks_Migrated: (telemetry) NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe (file missing)
O22 - Tasks_Migrated: (telemetry) NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe (file missing)
O22 - Tasks_Migrated: \GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem132.0.6833.0{C3820060-F8BB-421E-B5C1-09DF94C3106D} - C:\Program Files (x86)\Google\GoogleUpdater\132.0.6833.0\updater.exe --wake --system (file missing)
O22 - Tasks_Migrated: \Microsoft\Office\Office Performance Monitor - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe (Microsoft)
O22 - Tasks_Migrated: \Microsoft\Windows\AppListBackup\BackupNonMaintenance - {E0DCC2CC-3354-45F2-8914-519E07809082} - C:\WINDOWS\system32\AppListBackupLauncher.dll (Microsoft)
O22 - Tasks_Migrated: \Microsoft\Windows\AppxDeploymentClient\UCPD velocity - C:\WINDOWS\system32\UCPDMgr.exe (Microsoft)
O22 - Tasks_Migrated: \Microsoft\Windows\CloudRestore\Backup - {722D0F89-B69C-4700-AE8C-4A44350E4876},$(Arg0) - C:\Windows\System32\CloudRestoreLauncher.dll (Microsoft)
O22 - Tasks_Migrated: \Microsoft\Windows\ConsentUX\UnifiedConsent\UnifiedConsentSyncTask - {82aa0895-198a-4c1b-b2d1-c16894218afb} - C:\WINDOWS\System32\unifiedconsent.dll (Microsoft)
O22 - Tasks_Migrated: \Microsoft\Windows\Input\InputSettingsRestoreDataAvailable - {378EAB97-EFD6-4ED5-9AD9-E64A6AA1E6FA},InputSettingsRestoreDataAvailable - C:\Windows\System32\InputCloudStore.dll (Microsoft)
O22 - Tasks_Migrated: \Microsoft\Windows\Input\syncpensettings - {3ECEE215-83F5-4123-A592-74F1FE4C3D59},SYNC_PEN_SETTINGS - C:\Windows\System32\SettingsHandlers_Pen.dll (Microsoft)
O22 - Tasks_Migrated: \Microsoft\Windows\InstallService\RestoreDevice - {7F019157-05C8-473F-8664-2BA04A090DC8} - C:\Windows\System32\InstallServiceTasks.dll (Microsoft)
O22 - Tasks_Migrated: \Microsoft\Windows\Location\Notifications - C:\WINDOWS\System32\LocationNotificationWindows.exe (file missing)
O22 - Tasks_Migrated: \Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser - C:\WINDOWS\System32\MbaeParserTask.exe (file missing)
O22 - Tasks_Migrated: \Microsoft\Windows\NetTrace\GatherNetworkInfo - C:\WINDOWS\system32\gatherNetworkInfo.vbs (file missing)
O22 - Tasks_Migrated: \Microsoft\Windows\PI\SecureBootEncodeUEFI - C:\WINDOWS\system32\SecureBootEncodeUEFI.exe (file missing)
O22 - Tasks_Migrated: \Microsoft\Windows\Security\Pwdless\IntelligentPwdlessTask - {8702A841-D5CA-47C3-812D-9CEDC304C200} - (no file)
O22 - Tasks_Migrated: \Microsoft\Windows\SMB\UninstallSMB1ClientTask - C:\WINDOWS\system32\WindowsPowerShell\v1.0\powershell.exe -ExecutionPolicy Unrestricted -NonInteractive -NoProfile -WindowStyle Hidden "& C:\WINDOWS\system32\WindowsPowerShell\v1.0\Modules\SmbShare\DisableUnusedSmb1.ps1 -Scenario Client"
O22 - Tasks_Migrated: \Microsoft\Windows\SMB\UninstallSMB1ServerTask - C:\WINDOWS\system32\WindowsPowerShell\v1.0\powershell.exe -ExecutionPolicy Unrestricted -NonInteractive -NoProfile -WindowStyle Hidden "& C:\WINDOWS\system32\WindowsPowerShell\v1.0\Modules\SmbShare\DisableUnusedSmb1.ps1 -Scenario Server"
O22 - Tasks_Migrated: \Microsoft\Windows\WindowsUpdate\Refresh Group Policy Cache - {07369A67-07A6-4608-ABEA-379491CB7C46} - C:\Windows\System32\UpdatePolicy.dll (Microsoft)
O22 - Tasks_Migrated: DropboxUpdateTaskMachineCore - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /c
O22 - Tasks_Migrated: DropboxUpdateTaskMachineUA - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
O22 - Tasks_Migrated: GCC - C:\Program Files\GIGABYTE\Control Center\GCC.exe -b
O22 - Tasks_Migrated: GyazoUpdateTaskMachine - C:\Program Files (x86)\Gyazo\GyazoUpdate.exe
O22 - Tasks_Migrated: GyazoUpdateTaskMachineDaily - C:\Program Files (x86)\Gyazo\GyazoUpdate.exe
O22 - Tasks_Migrated: NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
O22 - Tasks_Migrated: NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe (file missing)
O22 - Tasks_Migrated: NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe --launcher=TaskScheduler (file missing)
O22 - Tasks_Migrated: NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe (file missing)
O22 - Tasks_Migrated: NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe (file missing)
O22 - Tasks_Migrated: SamsungMagician - C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe --disable-gpu-sandbox /AUTOHIDE
O22 - Tasks_Migrated: Thunderbird - C:\Program Files\Mozilla Thunderbird\thunderbird.exe
O23 - Service R2: "Realtek Bluetooth Device Manager Service" ;RtkServ - (RtkBtManServ) - C:\WINDOWS\RtkBtManServ.exe
O23 - Service R2: AnyViewer Service - (RCService) - C:\Users\LM\AppData\Local\Temp\AnyViewer\RCService.exe
O23 - Service R2: Apple Mobile Device Service - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service R2: Brother USB Application Controller - (USBAppControl) - C:\Program Files (x86)\Brother\iPrint&Scan\USBAppControl.exe
O23 - Service R2: Brother Workflow Application Controller - (WorkflowAppControl) - C:\Program Files (x86)\Brother\iPrint&Scan\WorkflowAppControl.exe
O23 - Service R2: Camo Helper Service - (CamoService) - C:\Program Files (x86)\Camo Studio\Service\CamoService.exe
O23 - Service R2: CMigrationService - C:\Program Files (x86)\Samsung\Samsung Magician\MigrationService\MigrationService.exe
O23 - Service R2: DbxSvc - C:\WINDOWS\System32\DbxSvc.exe
O23 - Service R2: EasyTune Engine Service - (EasyTuneEngineService) - C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\EasyTuneEngineService.exe
O23 - Service R2: ESET Forwarder - (efwd) - C:\Program Files\ESET\ESET Security\efwd.exe
O23 - Service R2: ESET Service - (ekrn) - C:\Program Files\ESET\ESET Security\ekrn.exe
O23 - Service R2: Gaming Services - (GamingServices) - C:\Program Files\WindowsApps\Microsoft.GamingServices_28.100.8001.0_x64__8wekyb3d8bbwe\GamingServices.exe
O23 - Service R2: Gaming Services - (GamingServicesNet) - C:\Program Files\WindowsApps\Microsoft.GamingServices_28.100.8001.0_x64__8wekyb3d8bbwe\GamingServicesNet.exe
O23 - Service R2: LGHUB Updater Service - (LGHUBUpdaterService) - C:\Program Files\LGHUB\lghub_updater.exe --run-as-service
O23 - Service R2: Logitech LampArray Service - (logi_lamparray_service) - C:\WINDOWS\System32\DriverStore\FileRepository\logi_lamparray_usb.inf_amd64_03f1ba0930191bc7\logi_lamparray_service.exe
O23 - Service R2: Malwarebytes Service - (MBAMService) - C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
O23 - Service R2: NVIDIA Display Container LS - (NVDisplay.ContainerLocalSystem) - C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_d2629211e16b69ec\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_d2629211e16b69ec\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem /ert
O23 - Service R2: NVIDIA LocalSystem Container - (NvContainerLocalSystem) - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -s NvContainerLocalSystem -a -f "C:\ProgramData\NVIDIA Corporation\NVIDIA app\NvContainer\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000 -ert
O23 - Service R2: Realtek Audio Universal Service - (RtkAudioUniversalService) - C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_c2fa179f72a88c18\RtkAudUService64.exe
O23 - Service R2: SamsungMagicianSVC - C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagicianSVC.exe
O23 - Service R2: Thrustmaster FAST service - (TmWinService) - C:\Program Files (x86)\Thrustmaster\TARGET\TmService.exe
O23 - Service R2: UltraViewer Service - (UltraViewService) - C:\Program Files (x86)\UltraViewer\UltraViewer_Service.exe
O23 - Service R3: BrYNSvc - C:\Program Files (x86)\Browny02\BrYNSvc.exe
O23 - Service R3: Corsair CpuIdService - (CorsairCpuIdService) - C:\Program Files\Corsair\Corsair iCUE5 Software\CorsairCpuIdService.exe
O23 - Service R3: Corsair iCUE Update Service - (iCUEUpdateService) - C:\Program Files\Corsair\Corsair iCUE5 Software\iCUEUpdateService.exe
O23 - Service R3: ESET Firewall Helper - (ekrnEpfw) - C:\Program Files\ESET\ESET Security\ekrn.exe
O23 - Service R3: Steam Client Service - C:\Program Files (x86)\Common Files\Steam\steamservice.exe /RunAsService
O23 - Service S2: Aktualizační služba Google (GoogleUpdaterService138.0.7194.0) - (GoogleUpdaterService138.0.7194.0) - C:\Program Files (x86)\Google\GoogleUpdater\138.0.7194.0\updater.exe --system --windows-service --service=update
O23 - Service S2: DropboxUpdater InternalService 123.0.6299.109 (DropboxUpdaterInternalService123.0.6299.109) - (DropboxUpdaterInternalService123.0.6299.109) - C:\Program Files\Dropbox\DropboxUpdater\123.0.6299.109\updater.exe --system --windows-service --service=update-internal --enable-logging --vmodule=*/components/winhttp/*=1,*/components/update_client/*=2,*/chrome/updater/*=2
O23 - Service S2: DropboxUpdater Service 123.0.6299.109 (DropboxUpdaterService123.0.6299.109) - (DropboxUpdaterService123.0.6299.109) - C:\Program Files\Dropbox\DropboxUpdater\123.0.6299.109\updater.exe --system --windows-service --service=update --enable-logging --vmodule=*/components/winhttp/*=1,*/components/update_client/*=2,*/chrome/updater/*=2
O23 - Service S2: GBTECService - C:\Program Files (x86)\GIGABYTE\GBTECService\OLEDDisplayService.exe
O23 - Service S2: Interní aktualizační služba Google (GoogleUpdaterInternalService138.0.7194.0) - (GoogleUpdaterInternalService138.0.7194.0) - C:\Program Files (x86)\Google\GoogleUpdater\138.0.7194.0\updater.exe --system --windows-service --service=update-internal
O23 - Service S3: BattlEye Service - (BEService) - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service S3: Corsair Device Listing Service - (CorsairDeviceListerService) - C:\Program Files\Corsair\Corsair iCUE5 Software\CorsairDeviceListerService.exe
O23 - Service S3: Dropbox Elevation Service (DropboxElevationService) - (DropboxElevationService) - C:\Program Files (x86)\Dropbox\Client\226.4.5094\DropboxElevationService.exe --svc --appid={cc46080e-4c33-4981-859a-bba2f780f31e}
O23 - Service S3: Easy Anti-Cheat (Epic Online Services) - (EasyAntiCheat_EOS) - C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe
O23 - Service S3: EasyAntiCheat - C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe
O23 - Service S3: Epic Games Updater - (EpicGamesUpdater) - C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesUpdater.exe
O23 - Service S3: Epic Online Services - (EpicOnlineServices) - C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe
O23 - Service S3: Google Chrome Elevation Service (GoogleChromeElevationService) - (GoogleChromeElevationService) - C:\Program Files\Google\Chrome\Application\137.0.7151.104\elevation_service.exe
O23 - Service S3: MBVpnTunnelService - C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe
O23 - Service S3: Microsoft Defender Core Service - (MDCoreSvc) - C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25040.2-0\MpDefenderCoreService.exe
O23 - Service S3: Mozilla Maintenance Service - (MozillaMaintenance) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service S3: NVIDIA FrameView SDK service - (FvSvc) - C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe -service
O23 - Service S3: vgc - C:\Program Files\Riot Vanguard\vgc.exe


--
End of file - Time spent: 12,5 sec. - 80322 bytes, CRC32: FFFFFFFF. Sign: 昊㭗




Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 17.06.2025
Scan Time: 11:21
Log File: 72ae9a0a-4b5c-11f0-8ecd-18c04d949a6c.json

-Software Information-
Version: 5.3.2.195
Components Version: 134.1.5283
Update Package Version: 1.0.100217
License: Free

-System Information-
OS: Windows 11 (Build 26100.4351)
CPU: x64
File System: NTFS
User: DESKTOP-8D4LOVK\LM

-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Manual
Result: Completed
Objects Scanned: 274085
Threats Detected: 0
Threats Quarantined: 0
Time Elapsed: 2 min, 20 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
File system: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 0
(No malicious items detected)

Registry Value: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 0
(No malicious items detected)

File: 0
(No malicious items detected)

Physical Sector: 0
(No malicious items detected)

WMI: 0
(No malicious items detected)


(end)

[Reklama]

[jaro3]

Ahoj!
Tohle znáš:
http://www.karty.local/?

Modem se dá restartovat do továrního nastavení , pak musíš ale znovu vše nastavit znovu (wifi ap.)

Příště novější verzi HJT (2.0.4.,nebo 2.0.5Beta):
http://sourceforge.net/projects/hjt/fil ... t/download

Stáhni si ATF Cleaner
https://www.majorgeeks.com/mg/getmirror ... ner,2.html
Poklepej na ATF Cleaner.exe, klikni na select all, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.
- Pokud používáš jen Google Chrome ,Edge , tak ATF nemusíš použít.


Stáhni si TFC
http://www.geekstogo.com/forum/files/fi ... -oldtimer/
https://www.bleepingcomputer.com/download/tfc/
https://www.majorgeeks.com/files/detail ... eaner.html
https://www.majorgeeks.com/mg/get/temp_ ... ner,1.html

Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.

Stáhni AdwCleaner (by Xplode)
http://www.bleepingcomputer.com/download/adwcleaner/
http://www.adlice.com/downloadprogress/
pro majitele win7 stáhni zde:
https://filehippo.com/download_adwcleaner/ ( nedávej aktualizaci!)

Ulož si ho na svojí plochu . Klikni na „Souhlasím“ k povrzení podmínek.
Ukonči všechny programy , okna a prohlížeče
Spusť program poklepáním a klikni na „Skenování“
Po skenu se objeví log , který se otevře. ( jinak je uložen systémovem disku jako) C:\AdwCleaner\Logs, jeho obsah sem celý vlož.

Sophos Virus Removal Tool je praktický softwarový nástroj, který by mohl odstranit infekce, které antivirový program nedetekuje .
Stáhněte si ho zde z některého odkazu:
https://www.majorgeeks.com/mg/getmirror ... ool,1.html
https://www.majorgeeks.com/mg/get/sopho ... ool,1.html
http://www.majorgeeks.com/mg/getmirror/ ... ool,1.html
http://www.majorgeeks.com/mg/getmirror/ ... ool,2.html

Viry mohou zpomalit počítač, nebo se snaží ukrást vaše data, a ani nevíte , že je máte. Co potřebujete, je rychlý a snadný způsob, jak je najít a zbavit se jich, pokud již máte antivirový program v počítači nainstalován , můžete nainstalovat i nástroj Sophos Virus Removal , který identifikuje a vyčistí zbylé infekce, které mohl Váš antivirový program přehlédnout.
K použití Sophos Virus Removal Tool na něj poklepejte a stiskněte tlačítko „Start scanning“ . Pak bude Sophos Virus Removal Tool vyhledávat a odstraňovat viry, které najde. Může být vyžadován restart.
Pokud byly nalezeny viry , tak po skenu klikni na „Details…“ a potom na „View log file“. Zkopíruj celý log a vlož ho sem. Potom zavři „threat detail“ a klikni na „Start cleanup“.
Jinak se log nachází zde:
C:\ProgramData\Sophos\Sophos Virus Removal Tool\Logs

Stáhni si RogueKiller by Adlice Software
http://www.adlice.com/download/roguekiller/
http://www.bleepingcomputer.com/download/roguekiller/
tutorial:
https://www.adlice.com/docs/roguekiller ... /tutorial/
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- - klikni na „Scan“. V novém okně nic neměň a klikni dole na „Start“ ve sloupci „Quick Scan“
- Program skenuje procesy PC. Po proskenování klikni na „Results “ , v dalším okně pak levým t. na „Report“ a vyber : „Text File“ , log nazvi třeba RK a ulož do dokumentů nebo na plochu. Otevři soubor a celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.
-pokud bude mít log více než 60.000 znaků , rozděl ho a vlož do více příspěvků
Pokud nepůjde uložit log, vyfoť si nákazy z obrazovky a vlož sem.

[Karrex]

Scany zatím běží, jinak toto píše router:
2025-06-17 13:46:52
Device Infected 89.19x.xx.xx 91.179.62.127 WEB Hikvision Product Web Server Command Injection -1.1 (CVE-2021-36260)
(nemám nic od Hikvision)

[jaro3]

restart do továrního nastavení necháme případně na konec. Co ta stránka?

[Karrex]

Ahoj! Tohle znáš: http://www.karty.local/?

Jo jo, jde o lokální wordpress.

# -------------------------------
# Malwarebytes AdwCleaner 8.5.0.595
# -------------------------------
# Build: 03-05-2025
# Database: 2024-10-23.4 (Local)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 06-17-2025
# Duration: 00:00:09
# OS: Windows 11 (Build 26100.4351)
# Scanned: 32108
# Detected: 1


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

PUP.Optional.SafeFinder Jenkins

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

No Preinstalled Software found.

***

2025-06-17 12:04:45.896 Sophos Virus Removal Tool version 2.9.0
2025-06-17 12:04:45.896 Copyright (c) 2009-2021 Sophos Limited. All rights reserved.

2025-06-17 12:04:45.896 This tool will scan your computer for viruses and other threats. If it finds any, it will give you the option to remove them.

2025-06-17 12:04:45.896 Windows version 6.2 SP 0.0 build 9200 SM=0x100 PT=0x1 WOW64
2025-06-17 12:04:45.897 Checking for updates...
2025-06-17 12:04:45.903 Update progress: proxy server not available
2025-06-17 12:04:47.526 Update error: failed to read remote metadata (error 4)
[V46381] SU::Handle::readRemoteMetadata + SU::Handle::readRemoteMetadata()
[V75884] SU::Metadata::readRemoteMetadata SU::Metadata::readRemoteMetadata()
[I40394] Downloading customer file from sophos:1:1
[V81533] SU::createCachedPackageSource creating cached package source for sophos:1:1: url=SOPHOS
[V81533] SU::createCachedPackageSource creating http_source_specific_data to download customer file
[V81533] SU::createCachedPackageSource creating package source to download customer file
[E26245] Error fetching data from http://dci.sophosupd.com/update/d/8a/d8 ... 768996.dat: WinHttpSendRequest (error 12007)
[I26245] No proxy was used.
[I40394] Downloading customer file from sophos:2:1
[V81533] SU::createCachedPackageSource creating cached package source for sophos:2:1: url=SOPHOS
[V81533] SU::createCachedPackageSource creating http_source_specific_data to download customer file
[V81533] SU::createCachedPackageSource creating package source to download customer file
[E26245] Error fetching data from http://dci.sophosupd.net/update/d/8a/d8 ... 768996.dat: WinHttpSendRequest (error 12007)
[I26245] No proxy was used.
[I40394] Downloading customer file from sophos:3:1
[V81533] SU::createCachedPackageSource creating cached package source for sophos:3:1: url=SOPHOS
[V81533] SU::createCachedPackageSource creating http_source_specific_data to download customer file
[V81533] SU::createCachedPackageSource creating package source to download customer file
[E75373] Ran out of sophos aliases for this update source
[E35369] Out of update sources
[E99999] Out of sources
2025-06-17 12:04:50.702 Option all = no
2025-06-17 12:04:50.702 Option recurse = yes
2025-06-17 12:04:50.702 Option archive = no
2025-06-17 12:04:50.702 Option service = yes
2025-06-17 12:04:50.702 Option confirm = yes
2025-06-17 12:04:50.702 Option sxl = yes
2025-06-17 12:04:50.703 Option max-data-age = 35
2025-06-17 12:04:50.703 Option vdl-logging = yes
2025-06-17 12:04:50.708 Customer ID: 094260ca9b3af99f9d4a3909fc47a743
2025-06-17 12:04:50.708 Machine ID: 2910b4f8e7bf40a6be6c597bfd693fb0
2025-06-17 12:04:50.709 Component SVRTcli.exe version 2.9.0
2025-06-17 12:04:50.709 Component control.dll version 2.9.0
2025-06-17 12:04:50.709 Component SVRTservice.exe version 2.9.0
2025-06-17 12:04:50.709 Component engine\osdp.dll version 1.44.1.2510
2025-06-17 12:04:50.709 Component engine\veex.dll version 3.81.0.2510
2025-06-17 12:04:50.709 Component engine\savi.dll version 9.0.23.2510
2025-06-17 12:04:50.710 Component rkdisk.dll version 1.5.33.1
2025-06-17 12:04:50.710 Version info: Product version 2.9.0
2025-06-17 12:04:50.710 Version info: Detection engine 3.81.0
2025-06-17 12:04:50.710 Version info: Detection data 5.82
2025-06-17 12:04:50.710 Version info: Build date 16.02.2021
2025-06-17 12:04:50.710 Version info: Data files added 208
2025-06-17 12:04:50.710 Version info: Last successful update (not yet updated)

2025-06-17 13:03:32.793 Could not open C:\hiberfil.sys
2025-06-17 13:03:32.800 Could not open C:\pagefile.sys
2025-06-17 13:13:53.195 Could not open C:\swapfile.sys
2025-06-17 13:13:53.383 Could not open C:\System Volume Information\{3808876b-c176-4e48-b7ae-04046e6cc752}
2025-06-17 13:13:53.384 Could not open C:\System Volume Information\{4cd7562d-4b3f-11f0-83ab-e71ad7b80bef}{3808876b-c176-4e48-b7ae-04046e6cc752}
2025-06-17 13:13:53.384 Could not open C:\System Volume Information\{4cd7563d-4b3f-11f0-83ab-e71ad7b80bef}{3808876b-c176-4e48-b7ae-04046e6cc752}
2025-06-17 13:13:53.384 Could not open C:\System Volume Information\{4cd7564e-4b3f-11f0-83ab-e71ad7b80bef}{3808876b-c176-4e48-b7ae-04046e6cc752}
2025-06-17 13:13:58.968 Could not open C:\Users\LM\AppData\Local\Dropbox\events\store
2025-06-17 13:13:58.979 Could not open C:\Users\LM\AppData\Local\Dropbox\instance1\bi_sync\temp\666b24587f169bd6
2025-06-17 13:13:58.979 Could not open C:\Users\LM\AppData\Local\Dropbox\instance1\bi_sync\temp\706ae6c9862c14cf
2025-06-17 13:13:58.979 Could not open C:\Users\LM\AppData\Local\Dropbox\instance1\bi_sync\temp\aaff9c3dbbd62184
2025-06-17 13:13:58.991 Could not open C:\Users\LM\AppData\Local\Dropbox\instance1\sync\temp\506be2239185373c
2025-06-17 13:13:58.991 Could not open C:\Users\LM\AppData\Local\Dropbox\instance1\sync\temp\83244bea69ad1b6b
2025-06-17 13:13:58.991 Could not open C:\Users\LM\AppData\Local\Dropbox\instance1\sync\temp\f511a2b696cdd3d1
2025-06-17 13:13:59.018 Could not open C:\Users\LM\AppData\Local\Dropbox\ssa_events\store
2025-06-17 13:14:14.531 Could not open C:\Users\LM\AppData\Local\Google\Chrome\User Data\Default\Network\Cookies
2025-06-17 13:14:14.531 Could not open C:\Users\LM\AppData\Local\Google\Chrome\User Data\Default\Network\Cookies-journal
2025-06-17 13:14:14.594 Could not open C:\Users\LM\AppData\Local\Google\Chrome\User Data\Default\Safe Browsing Network\Safe Browsing Cookies
2025-06-17 13:14:14.594 Could not open C:\Users\LM\AppData\Local\Google\Chrome\User Data\Default\Safe Browsing Network\Safe Browsing Cookies-journal
2025-06-17 13:14:14.733 Could not open C:\Users\LM\AppData\Local\Google\Chrome\User Data\Default\Sessions\Session_13394639643214726
2025-06-17 13:14:14.734 Could not open C:\Users\LM\AppData\Local\Google\Chrome\User Data\Default\Sessions\Tabs_13394636769930280
2025-06-17 13:14:30.349 Could not open C:\Users\LM\AppData\Local\Microsoft\WindowsApps\ActionsMcpHost.exe
2025-06-17 13:14:30.351 Could not open C:\Users\LM\AppData\Local\Microsoft\WindowsApps\camostudio.exe
2025-06-17 13:14:30.352 Could not open C:\Users\LM\AppData\Local\Microsoft\WindowsApps\GameBarElevatedFT_Alias.exe
2025-06-17 13:14:30.352 Could not open C:\Users\LM\AppData\Local\Microsoft\WindowsApps\GetHelp.exe
2025-06-17 13:14:30.352 Could not open C:\Users\LM\AppData\Local\Microsoft\WindowsApps\idle.exe
2025-06-17 13:14:30.353 Could not open C:\Users\LM\AppData\Local\Microsoft\WindowsApps\idle3.13.exe
2025-06-17 13:14:30.353 Could not open C:\Users\LM\AppData\Local\Microsoft\WindowsApps\idle3.exe
2025-06-17 13:14:30.353 Could not open C:\Users\LM\AppData\Local\Microsoft\WindowsApps\MediaPlayer.exe
2025-06-17 13:14:30.357 Could not open C:\Users\LM\AppData\Local\Microsoft\WindowsApps\Microsoft.DesktopAppInstaller_8wekyb3d8bbwe\python.exe
2025-06-17 13:14:30.357 Could not open C:\Users\LM\AppData\Local\Microsoft\WindowsApps\Microsoft.DesktopAppInstaller_8wekyb3d8bbwe\python3.exe
2025-06-17 13:14:30.358 Could not open C:\Users\LM\AppData\Local\Microsoft\WindowsApps\Microsoft.DesktopAppInstaller_8wekyb3d8bbwe\WindowsPackageManagerServer.exe
2025-06-17 13:14:30.358 Could not open C:\Users\LM\AppData\Local\Microsoft\WindowsApps\Microsoft.DesktopAppInstaller_8wekyb3d8bbwe\winget.exe
2025-06-17 13:14:30.361 Could not open C:\Users\LM\AppData\Local\Microsoft\WindowsApps\Microsoft.GamingApp_8wekyb3d8bbwe\XboxPcAppAdminServer.exe
2025-06-17 13:14:30.361 Could not open C:\Users\LM\AppData\Local\Microsoft\WindowsApps\Microsoft.GamingApp_8wekyb3d8bbwe\XboxPcAppCE.exe
2025-06-17 13:14:30.364 Could not open C:\Users\LM\AppData\Local\Microsoft\WindowsApps\Microsoft.GetHelp_8wekyb3d8bbwe\GetHelp.exe
2025-06-17 13:14:30.367 Could not open C:\Users\LM\AppData\Local\Microsoft\WindowsApps\Microsoft.Paint_8wekyb3d8bbwe\mspaint.exe
2025-06-17 13:14:30.368 Could not open C:\Users\LM\AppData\Local\Microsoft\WindowsApps\Microsoft.Paint_8wekyb3d8bbwe\pbrush.exe
2025-06-17 13:14:30.371 Could not open C:\Users\LM\AppData\Local\Microsoft\WindowsApps\Microsoft.ScreenSketch_8wekyb3d8bbwe\SnippingTool.exe
2025-06-17 13:14:30.374 Could not open C:\Users\LM\AppData\Local\Microsoft\WindowsApps\Microsoft.SkypeApp_kzf8qxf38zg5c\Skype.exe
2025-06-17 13:14:30.376 Could not open C:\Users\LM\AppData\Local\Microsoft\WindowsApps\Microsoft.WindowsNotepad_8wekyb3d8bbwe\notepad.exe
2025-06-17 13:14:30.379 Could not open C:\Users\LM\AppData\Local\Microsoft\WindowsApps\Microsoft.WindowsTerminal_8wekyb3d8bbwe\wt.exe
2025-06-17 13:14:30.382 Could not open C:\Users\LM\AppData\Local\Microsoft\WindowsApps\Microsoft.XboxGamingOverlay_8wekyb3d8bbwe\GameBarElevatedFT_Alias.exe
2025-06-17 13:14:30.385 Could not open C:\Users\LM\AppData\Local\Microsoft\WindowsApps\Microsoft.ZuneMusic_8wekyb3d8bbwe\MediaPlayer.exe
2025-06-17 13:14:30.388 Could not open C:\Users\LM\AppData\Local\Microsoft\WindowsApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\ActionsMcpHost.exe
2025-06-17 13:14:30.389 Could not open C:\Users\LM\AppData\Local\Microsoft\WindowsApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MicrosoftWindows.DesktopStickerEditorCentennial.exe
2025-06-17 13:14:30.389 Could not open C:\Users\LM\AppData\Local\Microsoft\WindowsApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\VisualAssist.exe
2025-06-17 13:14:30.390 Could not open C:\Users\LM\AppData\Local\Microsoft\WindowsApps\MicrosoftWindows.DesktopStickerEditorCentennial.exe
2025-06-17 13:14:30.390 Could not open C:\Users\LM\AppData\Local\Microsoft\WindowsApps\ms-teams.exe
2025-06-17 13:14:30.390 Could not open C:\Users\LM\AppData\Local\Microsoft\WindowsApps\ms-teamsupdate.exe
2025-06-17 13:14:30.391 Could not open C:\Users\LM\AppData\Local\Microsoft\WindowsApps\ms-teams_autostarter.exe
2025-06-17 13:14:30.391 Could not open C:\Users\LM\AppData\Local\Microsoft\WindowsApps\mspaint.exe
2025-06-17 13:14:30.394 Could not open C:\Users\LM\AppData\Local\Microsoft\WindowsApps\MSTeams_8wekyb3d8bbwe\ms-teams.exe
2025-06-17 13:14:30.395 Could not open C:\Users\LM\AppData\Local\Microsoft\WindowsApps\MSTeams_8wekyb3d8bbwe\ms-teamsupdate.exe
2025-06-17 13:14:30.395 Could not open C:\Users\LM\AppData\Local\Microsoft\WindowsApps\MSTeams_8wekyb3d8bbwe\ms-teams_autostarter.exe
2025-06-17 13:14:30.395 Could not open C:\Users\LM\AppData\Local\Microsoft\WindowsApps\notepad.exe
2025-06-17 13:14:30.396 Could not open C:\Users\LM\AppData\Local\Microsoft\WindowsApps\pbrush.exe
2025-06-17 13:14:30.396 Could not open C:\Users\LM\AppData\Local\Microsoft\WindowsApps\pip.exe
2025-06-17 13:14:30.396 Could not open C:\Users\LM\AppData\Local\Microsoft\WindowsApps\pip3.13.exe
2025-06-17 13:14:30.397 Could not open C:\Users\LM\AppData\Local\Microsoft\WindowsApps\pip3.exe
2025-06-17 13:14:30.397 Could not open C:\Users\LM\AppData\Local\Microsoft\WindowsApps\python.exe
2025-06-17 13:14:30.398 Could not open C:\Users\LM\AppData\Local\Microsoft\WindowsApps\python3.13.exe
2025-06-17 13:14:30.398 Could not open C:\Users\LM\AppData\Local\Microsoft\WindowsApps\python3.exe
2025-06-17 13:14:30.403 Could not open C:\Users\LM\AppData\Local\Microsoft\WindowsApps\PythonSoftwareFoundation.Python.3.13_qbz5n2kfra8p0\idle.exe
2025-06-17 13:14:30.403 Could not open C:\Users\LM\AppData\Local\Microsoft\WindowsApps\PythonSoftwareFoundation.Python.3.13_qbz5n2kfra8p0\idle3.13.exe
2025-06-17 13:14:30.404 Could not open C:\Users\LM\AppData\Local\Microsoft\WindowsApps\PythonSoftwareFoundation.Python.3.13_qbz5n2kfra8p0\idle3.exe
2025-06-17 13:14:30.404 Could not open C:\Users\LM\AppData\Local\Microsoft\WindowsApps\PythonSoftwareFoundation.Python.3.13_qbz5n2kfra8p0\pip.exe
2025-06-17 13:14:30.405 Could not open C:\Users\LM\AppData\Local\Microsoft\WindowsApps\PythonSoftwareFoundation.Python.3.13_qbz5n2kfra8p0\pip3.13.exe
2025-06-17 13:14:30.405 Could not open C:\Users\LM\AppData\Local\Microsoft\WindowsApps\PythonSoftwareFoundation.Python.3.13_qbz5n2kfra8p0\pip3.exe
2025-06-17 13:14:30.405 Could not open C:\Users\LM\AppData\Local\Microsoft\WindowsApps\PythonSoftwareFoundation.Python.3.13_qbz5n2kfra8p0\python.exe
2025-06-17 13:14:30.406 Could not open C:\Users\LM\AppData\Local\Microsoft\WindowsApps\PythonSoftwareFoundation.Python.3.13_qbz5n2kfra8p0\python3.13.exe
2025-06-17 13:14:30.406 Could not open C:\Users\LM\AppData\Local\Microsoft\WindowsApps\PythonSoftwareFoundation.Python.3.13_qbz5n2kfra8p0\python3.exe
2025-06-17 13:14:30.406 Could not open C:\Users\LM\AppData\Local\Microsoft\WindowsApps\PythonSoftwareFoundation.Python.3.13_qbz5n2kfra8p0\pythonw.exe
2025-06-17 13:14:30.407 Could not open C:\Users\LM\AppData\Local\Microsoft\WindowsApps\PythonSoftwareFoundation.Python.3.13_qbz5n2kfra8p0\pythonw3.13.exe
2025-06-17 13:14:30.407 Could not open C:\Users\LM\AppData\Local\Microsoft\WindowsApps\PythonSoftwareFoundation.Python.3.13_qbz5n2kfra8p0\pythonw3.exe
2025-06-17 13:14:30.407 Could not open C:\Users\LM\AppData\Local\Microsoft\WindowsApps\pythonw.exe
2025-06-17 13:14:30.408 Could not open C:\Users\LM\AppData\Local\Microsoft\WindowsApps\pythonw3.13.exe
2025-06-17 13:14:30.408 Could not open C:\Users\LM\AppData\Local\Microsoft\WindowsApps\pythonw3.exe
2025-06-17 13:14:30.411 Could not open C:\Users\LM\AppData\Local\Microsoft\WindowsApps\ReincubateLtd.CamoStudio_9bq3v28c93p4r\camostudio.exe
2025-06-17 13:14:30.411 Could not open C:\Users\LM\AppData\Local\Microsoft\WindowsApps\Skype.exe
2025-06-17 13:14:30.412 Could not open C:\Users\LM\AppData\Local\Microsoft\WindowsApps\SnippingTool.exe
2025-06-17 13:14:30.412 Could not open C:\Users\LM\AppData\Local\Microsoft\WindowsApps\VisualAssist.exe
2025-06-17 13:14:30.412 Could not open C:\Users\LM\AppData\Local\Microsoft\WindowsApps\WindowsPackageManagerServer.exe
2025-06-17 13:14:30.413 Could not open C:\Users\LM\AppData\Local\Microsoft\WindowsApps\winget.exe
2025-06-17 13:14:30.413 Could not open C:\Users\LM\AppData\Local\Microsoft\WindowsApps\wt.exe
2025-06-17 13:14:30.413 Could not open C:\Users\LM\AppData\Local\Microsoft\WindowsApps\XboxPcAppAdminServer.exe
2025-06-17 13:14:30.414 Could not open C:\Users\LM\AppData\Local\Microsoft\WindowsApps\XboxPcAppCE.exe
2025-06-17 13:14:43.967 Could not open C:\Users\LM\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\LocalState\EBWebView\Default\Network\Cookies
2025-06-17 13:14:43.967 Could not open C:\Users\LM\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\LocalState\EBWebView\Default\Network\Cookies-journal
2025-06-17 13:14:43.999 Could not open C:\Users\LM\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\LocalState\EBWebView\Default\Safe Browsing Network\Safe Browsing Cookies
2025-06-17 13:19:02.543 Could not open C:\Windows\System32\catroot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb
2025-06-17 13:19:02.544 Could not open C:\Windows\System32\catroot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb
2025-06-17 13:19:14.431 Could not open C:\Windows\System32\config\BBI
2025-06-17 13:19:15.061 Could not open C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\WindowsApps\ActionsMcpHost.exe
2025-06-17 13:19:15.066 Could not open C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\WindowsApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\ActionsMcpHost.exe
2025-06-17 13:19:15.066 Could not open C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\WindowsApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MicrosoftWindows.DesktopStickerEditorCentennial.exe
2025-06-17 13:19:15.067 Could not open C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\WindowsApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\VisualAssist.exe
2025-06-17 13:19:15.067 Could not open C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\WindowsApps\MicrosoftWindows.DesktopStickerEditorCentennial.exe
2025-06-17 13:19:15.068 Could not open C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\WindowsApps\VisualAssist.exe
2025-06-17 14:26:24.123 Error level 0
2025-06-17 14:26:24.131 Scan completed.
2025-06-17 14:26:24.131

***

Program : RogueKiller Anti-Malware
Version : 16.2.2.0
x64 : Yes
Program Date : Jun 4 2025
Location : D:\Stažené soubory\RogueKiller_portable64 (1).exe
Premium : No
Company : Adlice Software
Website : https://www.adlice.com/
Contact : https://adlice.com/contact/
Website : https://adlice.com/download/roguekiller/
Operating System : Windows 11 (10.0.26100) 64-bit
64-bit OS : Yes
Startup : 0
WindowsPE : No
User : LM
User is Admin : Yes
Date : 2025/06/17 14:34:57
Type : Scan
Aborted : No
Scan Mode : Quick
Duration : 8
Found items : 0
Total scanned : 1053
removed_count : 0
Signatures Version : 20250616_081932
Truesight Driver : Yes
Updates Count : 0

************************* Warnings *************************

************************* Updates *************************

************************* Processes *************************

************************* Modules *************************

************************* Services *************************

************************* Scheduled Tasks *************************

************************* Registry *************************

************************* WMI *************************

************************* Hosts File *************************
is_too_big : No
hosts_file_path : N/A


************************* Filesystem *************************

************************* Web Browsers *************************

************************* Antirootkit *************************

[jaro3]

Vypni antivir i firewall, RogueKiller, Malwarebytes Antimalware, windowsDefender
Stáhni zoek:
https://datoid.cz/UeeEYf/zoek1-rar
editační odkaz
https://datoid.cz/UeeEYf/zoek1-rar/cWMjoITrleT7T2lw
https://tbit.to/h79ju9ti9xu0.html

NwXuB8pDfB1o
Zavři všechny ostatní programy , okna i prohlížeče.
Spusť Zoek.exe ( u win vista , win7, 8 klikni na něj pravým a vyber : „Spustit jako správce“
-pozor , náběh programu může trvat déle.
Do okna programu vlož skript níže:

Kód: Vybrat vše

autoclean;
resethosts;
emptyclsid;
IEdefaults;
FFdefaults;
CHRdefaults;
emptyIEcache;
emptyFFcache;
emptyCHRcache;
emptyalltemp;
emptyflash;
emptyjava;
emptyrecycle.bin;

klikni na Run Script
Program provede sken , opravu, sken i oprava může trvat i více minut ,je třeba posečkat do konce. Do okna neklikej!
Program nabídne restart , potvrď .
Po restartu se může nějaký čas ukázat pouze černá plocha , to je normální. Je třeba počkat až se vytvoří log. Ten si můžeš uložit třeba do dokumentů , jinak se sám ukládá do:
C:\zoek-results.log Zkopíruj sem celý obsah toho logu.
Pokud budou problémy , spusť zoek v nouz. režimu.


Stáhni si Zemana AntiMalware Free z tohoto odkazu:
https://www.zemana.com/Download/AntiMal ... .Setup.exe

(posuvník dolu na download)
a ulož si ho na plochu.
Poklepej na tento soubor na ploše a postupuj podle pokynů k instalaci programu.
Přijmi licenci k používání programu EULA , pokud se nabídne.
Pokud je k dispozici aktualizace programu , klepni na tlačítko „Update now“ ( aktualizovat nyní).
Zavři všechny otevřené soubory, složky a prohlížeče
Neměň žádné nastavení. Klikni na „Skenovat nyní“.
Po skenu lze vidět , zda jsou nějaké nákazy. Klikni na „Vykonat“ ( vymazat). Nákazy budou přemístěny do karantény.
Když je skenování dokončeno, klikni vlevo na „zprávy“ a pak na „otevři zprávu“ a zkopíruj sem celý obsah té zprávy.

Pak napiš co problémy.

[Karrex]

Zemana píše při instalaci toto:


Zoek.exe v5.0.0.2 Updated 03-May-2018(Online Version)
Tool run by LM on 17.06.2025 at 20:25:28,53.
Microsoft Windows 11 Pro 10.0.26100 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\LM\AppData\Local\Temp\Rar$EXa14184.3190.rartemp\zoek1\zoek (1).exe [Scan all users] [Script inserted]

==== System Restore Info ======================

17.06.2025 20:26:28 Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handled within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Empty Folders Check ======================

C:\Program Files\EA Games deleted successfully
C:\PROGRA~3\Reprise deleted successfully
C:\PROGRA~3\SoftwareDistribution deleted successfully
C:\PROGRA~3\ssh deleted successfully
C:\PROGRA~3\USVFS deleted successfully
C:\PROGRA~3\WarThunder deleted successfully
C:\Users\LM\AppData\Roaming\Albion deleted successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Roaming\Apple Computer deleted successfully
C:\Users\LM\AppData\Local\DBG deleted successfully
C:\Users\LM\AppData\Local\PeerDistRepub deleted successfully
C:\Users\LM\AppData\Local\ViberCache deleted successfully

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== FireFox Fix ======================

Deleted from C:\Users\LM\AppData\Roaming\Thunderbird\Profiles\iziwp71j.default-release\prefs.js:

Added to C:\Users\LM\AppData\Roaming\Thunderbird\Profiles\iziwp71j.default-release\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Deleting Files \ Folders ======================

C:\Users\LM\AppData\Roaming\discord deleted
C:\Users\LM\AppData\Roaming\lghub deleted
C:\Users\LM\AppData\Roaming\Local deleted
C:\Users\LM\AppData\Roaming\Spotify deleted
C:\Users\LM\AppData\Roaming\Techsmith deleted
C:\Users\LM\AppData\Roaming\Visual Studio Setup deleted
C:\Users\LM\.android deleted
C:\Users\LM\AppData\Roaming\obs-virtualcam.txt deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\LM\AppData\Local\oobelibMkey.log deleted
C:\Users\LM\AppData\Local\cache deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-11ec-7494-91dc5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-157c-1fec-11ffd7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-157c-1fec-11ffd9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-157c-1fec-11ffdb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-157c-1fec-11ffdd.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-157c-1fec-11ffef.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-157c-1fec-11fff1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-157c-1fec-11fff3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-157c-1fec-11fff5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-157c-1fec-120006.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-157c-1fec-120008.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-157c-1fec-12000a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-157c-1fec-12000c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-157c-1fec-12001e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-157c-1fec-120020.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-157c-1fec-120022.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-157c-1fec-120024.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-157c-1fec-120026.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-157c-1fec-120038.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-157c-1fec-12003a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-157c-1fec-12003c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-157c-1fec-12003e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-157c-1fec-12004f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-157c-1fec-120051.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1ac8-4670-108b19.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1ac8-4670-108b1b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1ac8-4670-108b2d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1ac8-4670-108b2f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1ac8-4670-108b31.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1ac8-4670-108b33.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1ac8-4670-108b45.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1ac8-4670-108b47.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1ac8-4670-108b49.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1ac8-4670-108b4b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1ac8-4670-108b5c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1ac8-4670-108b5e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1ac8-4670-108b60.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1ac8-4670-108b72.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1ac8-4670-108b74.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1ac8-4670-108b76.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1ac8-4670-108b78.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1ac8-4670-108b7a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1ac8-4670-108b8b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1ac8-4670-108b8d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1ac8-4670-108b8f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1ac8-4670-108b91.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1ac8-4670-108ba3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1b38-13b4-d978b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1b38-13b4-d978d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1b38-13b4-d979f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1b38-13b4-d97a1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1b38-13b4-d97a3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1b38-13b4-d97a5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1b38-13b4-d97b7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1b38-13b4-d97b9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1b38-13b4-d97bb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1b38-13b4-d97bd.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1b38-13b4-d97ce.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1b38-13b4-d97d0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1b38-13b4-d97d2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1b38-13b4-d97d4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1b38-13b4-d97e6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1b38-13b4-d97e8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1b38-13b4-d97ea.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1b38-13b4-d97ec.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1b38-13b4-d97fe.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1b38-13b4-d9800.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1b38-13b4-d9802.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1b38-13b4-d9804.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1b38-13b4-d9815.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f70-6478-9afba.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f70-6478-9afcc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f70-6478-9afce.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f70-6478-9afef.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f70-6478-9aff1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f70-6478-9b003.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f70-6478-9b005.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f70-6478-9b007.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f70-6478-9b009.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f70-6478-9b01a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f70-6478-9b01c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f70-6478-9b01e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f70-6478-9b020.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f70-6478-9b032.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f70-6478-9b034.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f70-6478-9b036.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f70-6478-9b038.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f70-6478-9b04a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f70-6478-9b04c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f70-6478-9b04e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f70-6478-9b050.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f70-6478-9b061.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-1f70-6478-9b063.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2670-6dd8-9a337.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2670-6dd8-9a339.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2670-6dd8-9a33b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2670-6dd8-9a33d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2670-6dd8-9a34f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2670-6dd8-9a351.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2670-6dd8-9a353.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2670-6dd8-9a364.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2670-6dd8-9a366.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2670-6dd8-9a368.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2670-6dd8-9a36a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2670-6dd8-9a37c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2670-6dd8-9a37e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2670-6dd8-9a390.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2670-6dd8-9a3a1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2670-6dd8-9a3a3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2670-6dd8-9a3a5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2670-6dd8-9a3a7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2670-6dd8-9a3b9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2670-6dd8-9a3bb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2670-6dd8-9a3bd.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2670-6dd8-9a3cf.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2670-6dd8-9a3d1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2864-1898-4205bba.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2864-1898-4205bbc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2864-1898-4205bbe.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2864-1898-4205bc0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2864-1898-4205bd1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2864-1898-4205bd3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2864-1898-4205bd5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2864-1898-4205bd7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2864-1898-4205be9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2864-1898-4205beb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2864-1898-4205bed.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2864-1898-4205bef.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2864-1898-4205c01.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2864-1898-4205c03.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2864-1898-4205c05.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2864-1898-4205c16.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2864-1898-4205c18.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2864-1898-4205c1a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2864-1898-4205c1c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2864-1898-4205c2e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2864-1898-4205c30.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2864-1898-4205c32.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-2864-1898-4205c44.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-28b0-28ac-9a01a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-28b0-28ac-9a01c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-28b0-28ac-9a02e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-28b0-28ac-9a030.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-28b0-28ac-9a032.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-28b0-28ac-9a034.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-28b0-28ac-9a046.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-28b0-28ac-9a048.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-28b0-28ac-9a04a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-28b0-28ac-9a04c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-28b0-28ac-9a05d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-28b0-28ac-9a05f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-28b0-28ac-9a061.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-28b0-28ac-9a063.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-28b0-28ac-9a075.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-28b0-28ac-9a077.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-28b0-28ac-9a079.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-28b0-28ac-9a07b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-28b0-28ac-9a08c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-28b0-28ac-9a08e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-28b0-28ac-9a090.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-28b0-28ac-9a092.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-28b0-28ac-9a0a4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-30d4-5b0c-9809c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-30d4-5b0c-980ad.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-30d4-5b0c-980af.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-30d4-5b0c-980b1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-30d4-5b0c-980b3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-30d4-5b0c-980c5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-30d4-5b0c-980c7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-30d4-5b0c-980c9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-30d4-5b0c-980cb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-30d4-5b0c-980dd.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-30d4-5b0c-980df.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-30d4-5b0c-980e1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-30d4-5b0c-980e3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-30d4-5b0c-980f4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-30d4-5b0c-980f6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-30d4-5b0c-980f8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-30d4-5b0c-980fa.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-30d4-5b0c-9810c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-30d4-5b0c-9810e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-30d4-5b0c-98110.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-30d4-5b0c-98122.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-30d4-5b0c-98124.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-30d4-5b0c-98126.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3414-3214-98b4a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3414-3214-98b5c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3414-3214-98b5e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3414-3214-98b60.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3414-3214-98b62.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3414-3214-98b73.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3414-3214-98b75.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3414-3214-98b77.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3414-3214-98b79.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3414-3214-98b8b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3414-3214-98b8d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3414-3214-98b8f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3414-3214-98bb0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3414-3214-98bb2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3414-3214-98bb4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3414-3214-98bb6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3414-3214-98bc8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3414-3214-98bca.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3414-3214-98bcc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3414-3214-98bce.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3414-3214-98be0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3414-3214-98be2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3414-3214-98bf3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3cc4-22f4-9a5e7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3cc4-22f4-9a5e9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3cc4-22f4-9a5fa.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3cc4-22f4-9a5fc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3cc4-22f4-9a5fe.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3cc4-22f4-9a600.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3cc4-22f4-9a612.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3cc4-22f4-9a614.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3cc4-22f4-9a616.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3cc4-22f4-9a618.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3cc4-22f4-9a62a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3cc4-22f4-9a62c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3cc4-22f4-9a62e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3cc4-22f4-9a630.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3cc4-22f4-9a641.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3cc4-22f4-9a643.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3cc4-22f4-9a645.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3cc4-22f4-9a657.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3cc4-22f4-9a659.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3cc4-22f4-9a65b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3cc4-22f4-9a65d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3cc4-22f4-9a66e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-3cc4-22f4-9a670.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4438-4be8-e41d5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4438-4be8-e41d7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4438-4be8-e41d9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4438-4be8-e41eb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4438-4be8-e41ed.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4438-4be8-e41ef.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4438-4be8-e4200.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4438-4be8-e4202.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4438-4be8-e4204.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4438-4be8-e4206.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4438-4be8-e4218.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4438-4be8-e421a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4438-4be8-e421c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4438-4be8-e421e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4438-4be8-e4220.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4438-4be8-e4232.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4438-4be8-e4234.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4438-4be8-e4236.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4438-4be8-e4238.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4438-4be8-e4249.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4438-4be8-e424b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4438-4be8-e424d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4438-4be8-e424f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4450-58c8-9cdf1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4450-58c8-9ce02.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4450-58c8-9ce04.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4450-58c8-9ce06.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4450-58c8-9ce08.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4450-58c8-9ce1a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4450-58c8-9ce1c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4450-58c8-9ce1e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4450-58c8-9ce20.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4450-58c8-9ce32.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4450-58c8-9ce34.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4450-58c8-9ce36.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4450-58c8-9ce47.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4450-58c8-9ce49.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4450-58c8-9ce4b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4450-58c8-9ce4d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4450-58c8-9ce5f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4450-58c8-9ce61.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4450-58c8-9ce63.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4450-58c8-9ce65.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4450-58c8-9ce76.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4450-58c8-9ce78.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4450-58c8-9ce7a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4694-16f0-dc93a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4694-16f0-dc93c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4694-16f0-dc93e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4694-16f0-dc940.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4694-16f0-dc952.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4694-16f0-dc954.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4694-16f0-dc956.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4694-16f0-dc958.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4694-16f0-dc95a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4694-16f0-dc96b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4694-16f0-dc96d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4694-16f0-dc96f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4694-16f0-dc971.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4694-16f0-dc983.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4694-16f0-dc985.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4694-16f0-dc987.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4694-16f0-dc989.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4694-16f0-dc99b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4694-16f0-dc99d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4694-16f0-dc99f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4694-16f0-dc9a1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4694-16f0-dc9b2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4694-16f0-dc9b4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4dbc-13f8-86c9ab.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4dbc-13f8-86c9ad.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4dbc-13f8-86c9bf.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4dbc-13f8-86c9c1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4dbc-13f8-86c9c3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4dbc-13f8-86c9c5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4dbc-13f8-86c9d6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4dbc-13f8-86c9e8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4dbc-13f8-86c9f9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4dbc-13f8-86c9fb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4dbc-13f8-86c9fd.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4dbc-13f8-86ca0f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4dbc-13f8-86ca11.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4dbc-13f8-86ca13.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4dbc-13f8-86ca15.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4dbc-13f8-86ca27.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4dbc-13f8-86ca29.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4dbc-13f8-86ca2b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4dbc-13f8-86ca3c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4dbc-13f8-86ca3e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4dbc-13f8-86ca40.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4dbc-13f8-86ca42.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-4dbc-13f8-86ca54.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5030-5518-165a67.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5030-5518-165a79.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5030-5518-165a7b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5030-5518-165a7d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5030-5518-165a7f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5030-5518-165a91.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5030-5518-165a93.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5030-5518-165a95.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5030-5518-165a97.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5030-5518-165aa8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5030-5518-165aaa.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5030-5518-165aac.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5030-5518-165aae.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5030-5518-165ac0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5030-5518-165ac2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5030-5518-165ac4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5030-5518-165ad5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5030-5518-165ad7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5030-5518-165ad9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5030-5518-165adb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5030-5518-165aed.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5030-5518-165aef.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5030-5518-165af1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-530-47c4-9ae82.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-530-47c4-9ae84.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-530-47c4-9ae95.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-530-47c4-9ae97.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-530-47c4-9ae99.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-530-47c4-9ae9b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-530-47c4-9aead.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-530-47c4-9aeaf.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-530-47c4-9aeb1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-530-47c4-9aeb3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-530-47c4-9aeb5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-530-47c4-9aec7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-530-47c4-9aec9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-530-47c4-9aecb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-530-47c4-9aecd.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-530-47c4-9aede.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-530-47c4-9aee0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-530-47c4-9aee2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-530-47c4-9aee4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-530-47c4-9aef6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-530-47c4-9aef8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-530-47c4-9aefa.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-530-47c4-9aefc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5e18-27dc-5ee2f2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5e18-27dc-5ee2f4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5e18-27dc-5ee2f6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5e18-27dc-5ee308.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5e18-27dc-5ee30a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5e18-27dc-5ee30c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5e18-27dc-5ee30e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5e18-27dc-5ee31f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5e18-27dc-5ee321.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5e18-27dc-5ee333.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5e18-27dc-5ee335.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5e18-27dc-5ee337.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5e18-27dc-5ee339.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5e18-27dc-5ee34b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5e18-27dc-5ee34d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5e18-27dc-5ee34f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5e18-27dc-5ee351.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5e18-27dc-5ee362.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5e18-27dc-5ee364.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5e18-27dc-5ee366.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5e18-27dc-5ee378.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5e18-27dc-5ee37a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5e18-27dc-5ee37c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5f48-39a0-139721.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5f48-39a0-139723.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5f48-39a0-139725.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5f48-39a0-139736.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5f48-39a0-139738.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5f48-39a0-13973a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5f48-39a0-13973c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5f48-39a0-13974e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5f48-39a0-139750.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5f48-39a0-139752.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5f48-39a0-139754.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5f48-39a0-139766.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5f48-39a0-139768.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5f48-39a0-13976a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5f48-39a0-13976c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5f48-39a0-13977d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5f48-39a0-13977f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5f48-39a0-139781.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5f48-39a0-139783.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5f48-39a0-139795.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5f48-39a0-139797.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5f48-39a0-139799.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-5f48-39a0-13979b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-6110-443c-9b289.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-6110-443c-9b29b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-6110-443c-9b29d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-6110-443c-9b29f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-6110-443c-9b2a1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-6110-443c-9b2b2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-6110-443c-9b2b4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-6110-443c-9b2b6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-6110-443c-9b2b8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-6110-443c-9b2ca.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-6110-443c-9b2cc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-6110-443c-9b2ce.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-6110-443c-9b2d0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-6110-443c-9b2e2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-6110-443c-9b2e4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-6110-443c-9b2e6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-6110-443c-9b2e8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-6110-443c-9b2f9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-6110-443c-9b2fb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-6110-443c-9b2fd.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-6110-443c-9b2ff.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-6110-443c-9b311.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-6110-443c-9b313.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-69c0-1308-b55adf.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-69c0-1308-b55ae1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-69c0-1308-b55ae3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-69c0-1308-b55af5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-69c0-1308-b55af7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-69c0-1308-b55af9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-69c0-1308-b55b0a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-69c0-1308-b55b0c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-69c0-1308-b55b0e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-69c0-1308-b55b10.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-69c0-1308-b55b22.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-69c0-1308-b55b24.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-69c0-1308-b55b26.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-69c0-1308-b55b38.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-69c0-1308-b55b3a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-69c0-1308-b55b3c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-69c0-1308-b55b3e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-69c0-1308-b55b4f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-69c0-1308-b55b51.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-69c0-1308-b55b53.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-69c0-1308-b55b55.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-69c0-1308-b55b67.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-69c0-1308-b55b69.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-69d4-39e8-1c27d1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-69d4-39e8-1c27d3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-69d4-39e8-1c27d5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-69d4-39e8-1c27e7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-69d4-39e8-1c27e9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-69d4-39e8-1c27eb.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-69d4-39e8-1c27ed.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-69d4-39e8-1c27fe.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-69d4-39e8-1c2800.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-69d4-39e8-1c2802.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-69d4-39e8-1c2814.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-69d4-39e8-1c2816.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-69d4-39e8-1c2818.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-69d4-39e8-1c2829.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-69d4-39e8-1c282b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-69d4-39e8-1c282d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-69d4-39e8-1c282f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-69d4-39e8-1c2841.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-69d4-39e8-1c2843.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-69d4-39e8-1c2845.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-69d4-39e8-1c2857.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-69d4-39e8-1c2859.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-69d4-39e8-1c285b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-6d10-5944-2a3922.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-6d10-5944-2a3934.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-6d10-5944-2a3936.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-6d10-5944-2a3938.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-6d10-5944-2a393a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-6d10-5944-2a394c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-6d10-5944-2a394e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-6d10-5944-2a3950.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-6d10-5944-2a3961.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-6d10-5944-2a3963.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-6d10-5944-2a3965.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-6d10-5944-2a3967.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-6d10-5944-2a3979.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-6d10-5944-2a397b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-6d10-5944-2a397d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-6d10-5944-2a398f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-6d10-5944-2a3991.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-6d10-5944-2a3993.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-6d10-5944-2a39a4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-6d10-5944-2a39a6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-6d10-5944-2a39a8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-6d10-5944-2a39aa.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-6d10-5944-2a39bc.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-7bd4-7bd8-11a19dd.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-8634-2fb0-f91938.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-8634-2fb0-f9193a.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-8634-2fb0-f9193c.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-8634-2fb0-f9194d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-8634-2fb0-f9194f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-8634-2fb0-f91951.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-8634-2fb0-f91963.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-8634-2fb0-f91965.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-8634-2fb0-f91967.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-8634-2fb0-f91969.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-8634-2fb0-f9197b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-8634-2fb0-f9197d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-8634-2fb0-f9197f.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-8634-2fb0-f91990.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-8634-2fb0-f91992.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-8634-2fb0-f91994.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-8634-2fb0-f919a6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-8634-2fb0-f919a8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-8634-2fb0-f919aa.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-8634-2fb0-f919ac.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-8634-2fb0-f919bd.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-8634-2fb0-f919bf.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-8634-2fb0-f919c1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e40-39a8-997ae.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e40-39a8-997c0.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e40-39a8-997c2.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e40-39a8-997c4.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e40-39a8-997c6.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e40-39a8-997c8.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e40-39a8-997d9.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e40-39a8-997db.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e40-39a8-997dd.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e40-39a8-997ef.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e40-39a8-997f1.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e40-39a8-997f3.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e40-39a8-997f5.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e40-39a8-997f7.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e40-39a8-99809.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e40-39a8-9980b.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e40-39a8-9980d.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e40-39a8-9981e.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e40-39a8-99820.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e40-39a8-99822.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e40-39a8-99824.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e40-39a8-99826.tmp deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tw-e40-39a8-99828.tmp deleted
"C:\ProgramData\rtpeskt" deleted
"C:\DumpStack.log.tmp" not deleted
"C:\Users\LM\AppData\Roaming\U.GG\lockfile" not deleted
"C:\Users\LM\AppData\Roaming\U.GG\SharedStorage" not deleted
"C:\Users\LM\AppData\Roaming\U.GG\Network\Cookies" not deleted
"C:\Users\LM\AppData\Roaming\U.GG\Network\Cookies-journal" not deleted
"C:\Users\LM\AppData\Roaming\U.GG\Network\Trust Tokens" not deleted
"C:\Users\LM\AppData\Roaming\U.GG\Session Storage\000005.ldb" not deleted
"C:\Users\LM\AppData\Roaming\U.GG\Session Storage\000058.ldb" not deleted
"C:\Users\LM\AppData\Roaming\U.GG\Session Storage\000061.ldb" not deleted
"C:\Users\LM\AppData\Roaming\U.GG\Session Storage\000063.log" not deleted
"C:\Users\LM\AppData\Roaming\U.GG\Session Storage\000064.ldb" not deleted
"C:\Users\LM\AppData\Roaming\U.GG\Session Storage\LOCK" not deleted
"C:\Users\LM\AppData\Roaming\U.GG\Session Storage\LOG" not deleted
"C:\Users\LM\AppData\Roaming\U.GG\Session Storage\MANIFEST-000001" not deleted
"C:\Users\LM\AppData\Roaming\U.GG\Shared Dictionary\db" not deleted
"C:\Users\LM\AppData\Roaming\U.GG\WebStorage\QuotaManager" not deleted
"C:\Users\LM\AppData\Roaming\U.GG\WebStorage\QuotaManager-journal" not deleted
"C:\Users\LM\AppData\Roaming\U.GG\Local Storage\leveldb\000167.ldb" not deleted
"C:\Users\LM\AppData\Roaming\U.GG\Local Storage\leveldb\000169.log" not deleted
"C:\Users\LM\AppData\Roaming\U.GG\Local Storage\leveldb\000170.ldb" not deleted
"C:\Users\LM\AppData\Roaming\U.GG\Local Storage\leveldb\LOCK" not deleted
"C:\Users\LM\AppData\Roaming\U.GG\Local Storage\leveldb\LOG" not deleted
"C:\Users\LM\AppData\Roaming\U.GG\Local Storage\leveldb\MANIFEST-000001" not deleted
"C:\Users\LM\AppData\Roaming\U.GG\Service Worker\Database\000003.log" not deleted
"C:\Users\LM\AppData\Roaming\U.GG\Service Worker\Database\LOCK" not deleted
"C:\Users\LM\AppData\Roaming\U.GG\Service Worker\Database\LOG" not deleted
"C:\Users\LM\AppData\Roaming\U.GG\Service Worker\Database\MANIFEST-000001" not deleted
"C:\Users\LM\AppData\Roaming\U.GG" not deleted
"C:\Users\LM\AppData\Roaming\U.GG\Local Storage" not deleted
"C:\Users\LM\AppData\Roaming\U.GG\Network" not deleted
"C:\Users\LM\AppData\Roaming\U.GG\Service Worker" not deleted
"C:\Users\LM\AppData\Roaming\U.GG\Session Storage" not deleted
"C:\Users\LM\AppData\Roaming\U.GG\Shared Dictionary" not deleted
"C:\Users\LM\AppData\Roaming\U.GG\WebStorage" not deleted
"C:\Users\LM\AppData\Roaming\U.GG\Local Storage\leveldb" not deleted
"C:\Users\LM\AppData\Roaming\U.GG\Service Worker\Database" not deleted

[Karrex]

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\LM\AppData\Roaming\Thunderbird\Profiles\iziwp71j.default-release
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"web2pdfextension.17@acrobat.adobe.com"="C:\Program Files\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi" [01.02.2021 21:49]
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"web2pdfextension.17@acrobat.adobe.com"="C:\Program Files\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi" [01.02.2021 21:49]

==== Firefox Extensions ======================

==== Firefox Plugins ======================


==== Chromium Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
efaidnbmnnnibpcajpcglclefindmkaj - No path found[]
oombnmpbbhbakfpfgdflaajkhicgfaam - No path found[]

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
efaidnbmnnnibpcajpcglclefindmkaj - No path found[]

YouTube Auto HD + FPS - LM\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcphghnknhkimeagdglkljinmpbagone
AdBlock Max - LM\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcaoacfoknodmofedelgkacmokjocapa
FormApps Extension - LM\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilfoopambfaclfjmpiaijnccgcmbeigi
Grammarly AI Writing and Grammar Checker App - LM\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen
ESET Browser Privacy & Security - LM\AppData\Local\Google\Chrome\User Data\Default\Extensions\oombnmpbbhbakfpfgdflaajkhicgfaam
ESET Browser Privacy & Security - LM\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\oombnmpbbhbakfpfgdflaajkhicgfaam
Edge relevant text changes - LM\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha
ESET Browser Privacy & Security - LM\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\nkapkmklnmidbbgjaipbgpcnbomnaakc

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"

==== All HKLM and HKCU SearchScopes ======================

HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKCU\SearchScopes "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC

==== Reset Google Chrome ======================

C:\Users\LM\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\LM\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\LM\AppData\Local\Google\Chrome\User Data\Profile 1\Preferences was reset successfully
C:\Users\LM\AppData\Local\Google\Chrome\User Data\Profile 1\Secure Preferences was reset successfully
C:\Users\LM\AppData\Local\Google\Chrome\User Data\System Profile\Preferences was reset successfully
C:\Users\LM\AppData\Local\Google\Chrome\User Data\System Profile\Secure Preferences was reset successfully
C:\Users\LM\AppData\Local\Microsoft\Edge\User Data\Default\Preferences was reset successfully
C:\Users\LM\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences was reset successfully
C:\Users\LM\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\LM\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully
C:\Users\LM\AppData\Local\Google\Chrome\User Data\Profile 1\Web Data was reset successfully
C:\Users\LM\AppData\Local\Google\Chrome\User Data\Profile 1\Web Data-journal was reset successfully
C:\Users\LM\AppData\Local\Microsoft\Edge\User Data\Default\Web Data was reset successfully
C:\Users\LM\AppData\Local\Microsoft\Edge\User Data\Default\Web Data-journal was reset successfully

==== Empty IE Cache ======================

C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\LM\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\LM\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\LM\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\LM\AppData\Local\Google\Chrome\User Data\Profile 1\Cache emptied successfully
C:\Users\LM\AppData\Local\Microsoft\Edge\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

No Flash Cache Found

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=11377 folders=1255 4990127056 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\LM\AppData\Local\Temp will be emptied at reboot
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Temp emptied successfully
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\Users\LM\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\DumpStack.log.tmp" not deleted
"C:\Users\LM\AppData\Roaming\U.GG\lockfile" not found
"C:\Users\LM\AppData\Roaming\U.GG\SharedStorage" not found
"C:\Users\LM\AppData\Roaming\U.GG\Network\Cookies" not found
"C:\Users\LM\AppData\Roaming\U.GG\Network\Cookies-journal" not found
"C:\Users\LM\AppData\Roaming\U.GG\Network\Trust Tokens" not found
"C:\Users\LM\AppData\Roaming\U.GG\Session Storage\000005.ldb" not found
"C:\Users\LM\AppData\Roaming\U.GG\Session Storage\000058.ldb" not found
"C:\Users\LM\AppData\Roaming\U.GG\Session Storage\000061.ldb" not found
"C:\Users\LM\AppData\Roaming\U.GG\Session Storage\000063.log" not found
"C:\Users\LM\AppData\Roaming\U.GG\Session Storage\000064.ldb" not found
"C:\Users\LM\AppData\Roaming\U.GG\Session Storage\LOCK" not found
"C:\Users\LM\AppData\Roaming\U.GG\Session Storage\LOG" not found
"C:\Users\LM\AppData\Roaming\U.GG\Session Storage\MANIFEST-000001" not found
"C:\Users\LM\AppData\Roaming\U.GG\Shared Dictionary\db" not found
"C:\Users\LM\AppData\Roaming\U.GG\WebStorage\QuotaManager" not found
"C:\Users\LM\AppData\Roaming\U.GG\WebStorage\QuotaManager-journal" not found
"C:\Users\LM\AppData\Roaming\U.GG\Local Storage\leveldb\000167.ldb" not found
"C:\Users\LM\AppData\Roaming\U.GG\Local Storage\leveldb\000169.log" not found
"C:\Users\LM\AppData\Roaming\U.GG\Local Storage\leveldb\000170.ldb" not found
"C:\Users\LM\AppData\Roaming\U.GG\Local Storage\leveldb\LOCK" not found
"C:\Users\LM\AppData\Roaming\U.GG\Local Storage\leveldb\LOG" not found
"C:\Users\LM\AppData\Roaming\U.GG\Local Storage\leveldb\MANIFEST-000001" not found
"C:\Users\LM\AppData\Roaming\U.GG\Service Worker\Database\000003.log" not found
"C:\Users\LM\AppData\Roaming\U.GG\Service Worker\Database\LOCK" not found
"C:\Users\LM\AppData\Roaming\U.GG\Service Worker\Database\LOG" not found
"C:\Users\LM\AppData\Roaming\U.GG\Service Worker\Database\MANIFEST-000001" not found
"C:\Users\LM\AppData\Roaming\U.GG" not found

==== EOF on 17.06.2025 at 20:48:10,42 ======================

[jaro3]

Ještě jeden nástroj:
Vypni antivir i firewall.
Prosím stáhni příslušnou verzi programu pro Tvůj systém 32-bit/64-bit FarbarRecovery Scan Tool (FrSt)
32bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/81/
64bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/82/
další odkaz:
http://www.bleepingcomputer.com/downloa ... scan-tool/
a ulož jej na plochu. ,pak spusť FrSt.
Potvrď způsob užití.
Neměň žádné z výchozích nastavení a klikni na položku „Scan“ („Skenovat“) .Když je skenování dokončeno, ukážou se dva logy = FRST.txt a Addition.txt a uloží se na ploše.Prosím zkopíruj sem celý jejich obsah.

+
Stáhni si MiniToolBox
a spusť ho.
V okně zaškrtni čtverečky:
Report IE Proxy Settings
Report FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
Potom klikni na GO , po chvíli skenu se objeví log s názvem „Result“ , zkopíruj sem celý jeho obsah.

[Karrex]

VŠIML JSEM SI TAVERN SLUŽBY, COŽ JE PRÝ VIR?

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 07-06-2025
Ran by LM (administrator) on DESKTOP-8D4LOVK (Gigabyte Technology Co., Ltd. B550 AORUS ELITE V2) (17-06-2025 21:12:37)
Running from C:\Users\LM\Desktop\FRST64.exe
Loaded Profiles: LM
Platform: Microsoft Windows 11 Pro Version 24H2 26100.4351 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.265.255.0_x64__zpdnekdrzrea0\Spotify.exe <7>
(Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Brother\SoftwareUpdateNotification\SoftwareUpdateNotificationService.exe
(Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(C:\Program Files (x86)\Gyazo\GyStation.exe ->) (Helpfeel Inc -> Helpfeel Inc.) C:\Program Files (x86)\Gyazo\GyazoVideoCore.exe
(C:\Program Files (x86)\Steam\steam.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
(C:\Program Files\Corsair\Corsair iCUE5 Software\iCUE.exe ->) (Corsair Memory, Inc. -> ) C:\Program Files\Corsair\Corsair iCUE5 Software\crashpad_handler.exe <2>
(C:\Program Files\ESET\ESET Security\ekrn.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\egui.exe
(C:\Program Files\ESET\ESET Security\ekrn.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(C:\Program Files\ESET\ESET Security\ekrn.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eOppFrame.exe
(C:\Program Files\LGHUB\system_tray\lghub_system_tray.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_agent.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe
(Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files\Corsair\Corsair iCUE5 Software\iCUE.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe <8>
(explorer.exe ->) (Enthusiast Gaming Inc. -> Outplayed, Inc.) C:\Users\LM\AppData\Local\Programs\U.GG\U.GG.exe <4>
(explorer.exe ->) (F.lux Software LLC -> f.lux Software LLC) C:\Users\LM\AppData\Local\FluxSoftware\Flux\flux.exe
(explorer.exe ->) (Helpfeel Inc -> Helpfeel Inc.) C:\Program Files (x86)\Gyazo\GyStation.exe
(explorer.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\system_tray\lghub_system_tray.exe
(explorer.exe ->) (Riot Games, Inc. -> Riot Games, Inc.) C:\Program Files\Riot Vanguard\vgtray.exe
(explorer.exe ->) (Riot Games, Inc. -> Riot Games, Inc.) F:\Riot Games\Riot Client\RiotClientServices.exe
(explorer.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe
(explorer.exe ->) (Viber Media S.a r.l. -> Viber Media S.à r.l.) C:\Users\LM\AppData\Local\Viber\Viber.exe
(F:\Riot Games\Riot Client\RiotClientServices.exe ->) () [File not signed] F:\Riot Games\Riot Client\RiotClientCrashHandler.exe
(services.exe ->) () [File not signed] C:\Program Files (x86)\Brother\iPrint&Scan\USBAppControl.exe
(services.exe ->) () [File not signed] C:\Program Files (x86)\Brother\iPrint&Scan\WorkflowAppControl.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(services.exe ->) (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\BrYNSvc.exe
(services.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files\Corsair\Corsair iCUE5 Software\CorsairCpuIdService.exe
(services.exe ->) (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files\Corsair\Corsair iCUE5 Software\iCUEUpdateService.exe
(services.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(services.exe ->) (DUC FABULOUS CO.,LTD -> ) C:\Program Files (x86)\UltraViewer\UltraViewer_Service.exe
(services.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\efwd.exe
(services.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(services.exe ->) (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.) C:\Program Files (x86)\Gigabyte\EasyTuneEngineService\EasyTuneEngineService.exe
(services.exe ->) (Guillemot Corporation S.A. -> Guillemot Corporation) C:\Program Files (x86)\Thrustmaster\TARGET\TmService.exe
(services.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_updater.exe
(services.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Windows\System32\DriverStore\FileRepository\logi_lamparray_usb.inf_amd64_03f1ba0930191bc7\logi_lamparray_service.exe
(services.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_d2629211e16b69ec\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_c2fa179f72a88c18\RtkAudUService64.exe <2>
(services.exe ->) (REINCUBATE LIMITED -> Reincubate) C:\Program Files (x86)\Camo Studio\Service\CamoService.exe
(services.exe ->) (Samsung Electronics Co., Ltd. -> Clonix & CottonCandy) C:\Program Files (x86)\Samsung\Samsung Magician\MigrationService\MigrationService.exe
(services.exe ->) (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagicianSVC.exe
(services.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\steamservice.exe
(sihost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftWindows.CrossDevice_1.25042.38.0_x64__cw5n1h2txyewy\CrossDeviceService.exe
(svchost.exe ->) (24803D75-212C-471A-BC57-9EF86AB91435 -> ) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2523.1.0_x64__cv1g1gvanyjgm\WhatsApp.exe
(svchost.exe ->) (GIGA-BYTE TECHNOLOGY CO., LTD. -> ) C:\Program Files\GIGABYTE\Control Center\GCC.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\SDXHelper.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.StartExperiencesApp_1.41.3.0_x64__8wekyb3d8bbwe\MicrosoftStartFeedProvider\MicrosoftStartFeedProvider.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_525.10401.30.0_x64__cw5n1h2txyewy\WidgetBoard.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe
(svchost.exe ->) (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe <4>

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_c2fa179f72a88c18\RtkAudUService64.exe [2257752 2024-09-11] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [292064 2025-05-31] (ESET, spol. s r.o. -> ESET)
HKLM\...\Run: [Riot Vanguard] => C:\Program Files\Riot Vanguard\vgtray.exe [4143376 2025-05-05] (Riot Games, Inc. -> Riot Games, Inc.)
HKLM\...\Run: [Corsair iCUE5 Software] => C:\Program Files\Corsair\Corsair iCUE5 Software\iCUE Launcher.exe [189824 2025-06-17] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [9524616 2025-06-09] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [M17A] => C:\WINDOWS\twain_32\Brimm17a\Common\TwDsUiLaunch.exe [85912 2021-09-15] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4009984 2024-05-31] (Brother Industries, Ltd.) [File not signed]
HKLM-x32\...\Run: [BrotherSoftwareUpdateNotification] => C:\Program Files (x86)\Brother\SoftwareUpdateNotification\SoftwareUpdateNotificationService.exe [3591168 2022-10-09] (Brother Industries, Ltd.) [File not signed]
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-3383119089-1705184809-3219548888-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4698720 2025-05-19] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-3383119089-1705184809-3219548888-1001\...\Run: [LGHUB] => C:\Program Files\LGHUB\system_tray\lghub_system_tray.exe [22841736 2025-05-21] (Logitech Inc -> Logitech, Inc.)
HKU\S-1-5-21-3383119089-1705184809-3219548888-1001\...\Run: [Viber] => C:\Users\LM\AppData\Local\Viber\Viber.exe [105195864 2025-06-10] (Viber Media S.a r.l. -> Viber Media S.à r.l.)
HKU\S-1-5-21-3383119089-1705184809-3219548888-1001\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [1241704 2025-05-19] (Helpfeel Inc -> Helpfeel Inc.)
HKU\S-1-5-21-3383119089-1705184809-3219548888-1001\...\Run: [f.lux] => C:\Users\LM\AppData\Local\FluxSoftware\Flux\flux.exe [1533560 2024-08-08] (F.lux Software LLC -> f.lux Software LLC)
HKU\S-1-5-21-3383119089-1705184809-3219548888-1001\...\Run: [RiotClient] => F:\Riot Games\Riot Client\RiotClientServices.exe [74829520 2025-06-17] (Riot Games, Inc. -> Riot Games, Inc.)
HKU\S-1-5-21-3383119089-1705184809-3219548888-1001\...\Run: [electron.app.U.GG] => C:\Users\LM\AppData\Local\Programs\U.GG\U.GG.exe [177093184 2025-05-27] (Enthusiast Gaming Inc. -> Outplayed, Inc.)
HKU\S-1-5-21-3383119089-1705184809-3219548888-1001\...\MountPoints2: {45669fd2-517a-11ef-836f-8c882b11fbb1} - "H:\setup.exe"
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\WINDOWS\system32\AdobePDF.dll [203936 2024-06-27] (Adobe Inc. -> Adobe Systems Inc)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\137.0.7151.104\Installer\chrmstp.exe [2025-06-17] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {7F36CF3A-53C5-42D5-90D9-C0B273C6AF18} - System32\Tasks\DropboxSystem\DropboxUpdater\DropboxUpdaterTaskSystem123.0.6299.109{1FF9E5F2-5243-4238-902E-A738E9D36E59} => C:\Program Files\Dropbox\DropboxUpdater\123.0.6299.109\updater.exe [5895032 2025-03-21] (Dropbox, Inc -> Dropbox, Inc.)
Task: {99AAB6B0-C17E-4830-A425-5AA92EE0EF5F} - System32\Tasks\GCC => C:\Program Files\GIGABYTE\Control Center\GCC.exe [35405928 2024-12-04] (GIGA-BYTE TECHNOLOGY CO., LTD. -> ) -> C:\Program Files\GIGABYTE\Control Center\\-b
Task: {3998C054-4658-4BE4-B4F5-CB6D2FAA26E5} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem138.0.7194.0{8F4B049D-2F76-4569-BE30-BC69A4130E6B} => C:\Program Files (x86)\Google\GoogleUpdater\138.0.7194.0\updater.exe [7080032 2025-05-22] (Google LLC -> Google LLC)
Task: {7C3981B3-0592-4A41-A70F-5F74EAB2DB1C} - System32\Tasks\GyazoUpdateTaskMachine => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [10513968 2025-05-19] (Helpfeel Inc -> Helpfeel Inc.)
Task: {011BA227-69AF-4AAD-A570-9C188E53AF25} - System32\Tasks\GyazoUpdateTaskMachineDaily => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [10513968 2025-05-19] (Helpfeel Inc -> Helpfeel Inc.)
Task: {772954D3-FCBA-4A0B-BC02-D0110F345368} - System32\Tasks\Microsoft\Office\Office Actions Server => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\ActionsServer\ActionsServer.exe [15528328 2025-06-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {7753B15A-3E65-4802-8933-6F33A5E24493} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28586904 2025-06-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {17F283CD-9727-4833-AD62-136E4B063435} - System32\Tasks\Microsoft\Office\Office Background Push Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\opushutil.exe [70072 2025-06-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {F32D1544-793D-4514-98AD-541008071646} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28586904 2025-06-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {A75FC623-BB8C-4818-8F89-1BC002D41D85} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [311648 2025-06-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {83DCEA02-06B8-4FF2-9FBF-BE63C1183CD0} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [311648 2025-06-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {B68A4F95-A218-40E9-BA80-59BAB4566E80} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [229176 2025-06-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {B02962D1-65C7-417A-937D-CD808892A81F} - System32\Tasks\Microsoft\Office\Office Startup Boost => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [311648 2025-06-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {E43DBB8A-D3D9-4196-B733-D99447827D74} - System32\Tasks\Microsoft\Office\Office Startup Boost Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [311648 2025-06-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {9AE55D45-A51D-4D86-A281-3D7E2B8412DC} - System32\Tasks\Microsoft\Windows\Hotpatch\Monitoring => C:\WINDOWS\system32\cmd.exe [376832 2025-06-17] (Microsoft Windows -> Microsoft Corporation) -> /d /c %systemroot%\system32\hpatchmonTask.cmd
Task: {077BA067-7C15-40F0-B22E-C9DC2A54B4A2} - System32\Tasks\Microsoft\Windows\Location\Notifications => %windir%\System32\LocationNotificationWindows.exe (No File)
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => %SystemRoot%\System32\MbaeParserTask.exe (No File)
Task: {F3E6E7ED-A196-4E44-8803-55FAB3AD4E29} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
Task: {BC7FEC38-CA73-447D-A848-08A84F915A64} - System32\Tasks\npcapwatchdog => C:\Program Files\Npcap\CheckStatus.bat [862 2019-04-30] () [File not signed]
Task: {DE16AC67-2228-4B12-A7B9-21DC5596D854} - System32\Tasks\NVIDIA App SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA App\CEF\NVIDIA App.exe [3275808 2025-05-06] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A302BE4C-2888-43E3-9462-246CA1DBDE73} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe [140407528 2025-04-04] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) -> C:\Program Files (x86)\Samsung\Samsung Magician\\--disable-gpu-sandbox /AUTOHIDE
Task: {24C9E054-4CE5-4AB0-B1CA-1654F5DB656A} - System32\Tasks\Thunderbird => C:\Program Files\Mozilla Thunderbird\thunderbird.exe [463424 2025-06-17] (Mozilla Corporation -> Mozilla Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.2
Tcpip\..\Interfaces\{097a7e0c-c107-4e0d-81a3-4c3bbbd2d2b9}: [DhcpNameServer] 192.168.0.2

Edge:
=======
Edge HKLM-x32\...\Edge\Extension: [nkapkmklnmidbbgjaipbgpcnbomnaakc]

FireFox:
========
FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2021-02-01]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2025-06-17] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.21 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2024-06-08] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2024-09-06] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2025-06-17] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @surveillance.com/npnetsdkplayer -> C:\Program Files (x86)\Surveillance Viewer\Surveillance Viewer Unity\npnetsdkplayer.dll [2025-04-18] (Zhejiang Uniview Technologies Co.,Ltd. -> Surveillance Viewer)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\LM\AppData\Local\Google\Chrome\User Data\Default [2025-06-17]
CHR DefaultSearchURL: Default -> hxxps://duckduckgo.com/?q={searchTerms}
CHR DefaultSearchKeyword: Default -> duckduckgo.com
CHR DefaultNewTabURL: Default -> hxxps://duckduckgo.com/chrome_newtab
CHR DefaultSuggestURL: Default -> hxxps://duckduckgo.com/ac/?q={searchTerms}&type=list
CHR Session Restore: Default -> is enabled.
CHR Extension: (Authenticator) - C:\Users\LM\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhghoamapcdpbohphigoooaddinpkbai [2025-06-17]
CHR Extension: (Adblock na Youtube™) - C:\Users\LM\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2025-06-17]
CHR Extension: (Tampermonkey) - C:\Users\LM\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2025-06-17]
CHR Extension: (Copyfish Free OCR Software) - C:\Users\LM\AppData\Local\Google\Chrome\User Data\Default\Extensions\eenjdnjldapjajjofmldgmkjaienebbj [2025-06-17]
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\LM\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2025-06-17]
CHR Extension: (YouTube Auto HD + FPS) - C:\Users\LM\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcphghnknhkimeagdglkljinmpbagone [2025-06-17]
CHR Extension: (AdBlock Max: Ad Blocker for YouTube) - C:\Users\LM\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcaoacfoknodmofedelgkacmokjocapa [2025-06-17]
CHR Extension: (Dokumenty Google offline) - C:\Users\LM\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-06-17]
CHR Extension: (AdBlock - nejlepší blokátor reklam) - C:\Users\LM\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2025-06-17]
CHR Extension: (FormApps Extension) - C:\Users\LM\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilfoopambfaclfjmpiaijnccgcmbeigi [2025-06-17]
CHR Extension: (Grammarly: AI Writing and Grammar Checker App) - C:\Users\LM\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2025-06-17]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\LM\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2025-06-17]
CHR Extension: (ESET Browser Privacy & Security) - C:\Users\LM\AppData\Local\Google\Chrome\User Data\Default\Extensions\oombnmpbbhbakfpfgdflaajkhicgfaam [2025-06-17]
CHR HKU\S-1-5-21-3383119089-1705184809-3219548888-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [oombnmpbbhbakfpfgdflaajkhicgfaam]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [103776 2024-08-27] (Apple Inc. -> Apple Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [18663720 2025-04-25] (BattlEye Innovations e.K. -> )
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [500736 2024-05-31] (Brother Industries, Ltd.) [File not signed]
R2 CamoService; C:\Program Files (x86)\Camo Studio\Service\CamoService.exe [513632 2024-08-22] (REINCUBATE LIMITED -> Reincubate)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13046624 2025-06-12] (Microsoft Corporation -> Microsoft Corporation)
R2 CMigrationService; C:\Program Files (x86)\Samsung\Samsung Magician\MigrationService\MigrationService.exe [765672 2025-04-04] (Samsung Electronics Co., Ltd. -> Clonix & CottonCandy)
R3 CorsairCpuIdService; C:\Program Files\Corsair\Corsair iCUE5 Software\CorsairCpuIdService.exe [304512 2025-06-17] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
S3 CorsairDeviceListerService; C:\Program Files\Corsair\Corsair iCUE5 Software\CorsairDeviceListerService.exe [176512 2025-06-17] (Corsair Memory, Inc. -> )
R2 DbxSvc; C:\WINDOWS\System32\DbxSvc.exe [58984 2025-04-29] (Dropbox, Inc -> Dropbox, Inc.)
S3 DropboxElevationService; C:\Program Files (x86)\Dropbox\Client\226.4.5094\DropboxElevationService.exe [1659280 2025-06-09] (Dropbox, Inc -> Dropbox, Inc.)
S2 DropboxUpdaterInternalService123.0.6299.109; C:\Program Files\Dropbox\DropboxUpdater\123.0.6299.109\updater.exe [5895032 2025-03-21] (Dropbox, Inc -> Dropbox, Inc.)
S2 DropboxUpdaterService123.0.6299.109; C:\Program Files\Dropbox\DropboxUpdater\123.0.6299.109\updater.exe [5895032 2025-03-21] (Dropbox, Inc -> Dropbox, Inc.)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [1137904 2024-10-17] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [964336 2025-02-15] (EasyAntiCheat Oy -> Epic Games, Inc.)
R2 EasyTuneEngineService; C:\Program Files (x86)\GIGABYTE\EasyTuneEngineService\EasyTuneEngineService.exe [150640 2023-11-06] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
R2 efwd; C:\Program Files\ESET\ESET Security\efwd.exe [5559152 2025-05-31] (ESET, spol. s r.o. -> ESET)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [4582480 2025-05-31] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [4582480 2025-05-31] (ESET, spol. s r.o. -> ESET)
S3 EpicGamesUpdater; C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesUpdater.exe [3071272 2025-05-23] (Epic Games Inc. -> Epic Games, Inc.)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [1604112 2025-04-02] (Epic Games Inc. -> Epic Games, Inc.)
S2 GBTECService; C:\Program Files (x86)\GIGABYTE\GBTECService\OLEDDisplayService.exe [19568 2024-07-04] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
S3 hpatchmon; C:\WINDOWS\system32\hpatchmon.dll [173472 2025-06-17] (Microsoft Windows -> Microsoft Corporation)
R3 iCUEUpdateService; C:\Program Files\Corsair\Corsair iCUE5 Software\iCUEUpdateService.exe [533888 2025-06-17] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
R2 LGHUBUpdaterService; C:\Program Files\LGHUB\lghub_updater.exe [16548744 2025-05-21] (Logitech Inc -> Logitech, Inc.)
R2 logi_lamparray_service; C:\WINDOWS\System32\DriverStore\FileRepository\logi_lamparray_usb.inf_amd64_03f1ba0930191bc7\logi_lamparray_service.exe [11288160 2025-05-22] (Logitech Inc -> Logitech, Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9577376 2025-06-02] (Malwarebytes Inc -> Malwarebytes)
S3 MBVpnTunnelService; C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe [2788304 2025-06-02] (Malwarebytes Inc. -> Malwarebytes)
S3 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25040.2-0\MpDefenderCoreService.exe [2050904 2025-05-23] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_d2629211e16b69ec\Display.NvContainer\NVDisplay.Container.exe [1275032 2025-02-27] (NVIDIA Corporation -> NVIDIA Corporation)
R2 SamsungMagicianSVC; C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagicianSVC.exe [428264 2025-04-04] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [917472 2025-06-17] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 TmWinService; C:\Program Files (x86)\Thrustmaster\TARGET\TmService.exe [320536 2024-11-30] (Guillemot Corporation S.A. -> Guillemot Corporation)
R2 UltraViewService; C:\Program Files (x86)\UltraViewer\UltraViewer_Service.exe [241112 2024-04-26] (DUC FABULOUS CO.,LTD -> )
R2 USBAppControl; C:\Program Files (x86)\Brother\iPrint&Scan\USBAppControl.exe [11776 2023-11-28] () [File not signed]
S3 vgc; C:\Program Files\Riot Vanguard\vgc.exe [40075376 2025-05-05] (Riot Games, Inc. -> Riot Games, Inc.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25040.2-0\NisSrv.exe [4525976 2025-05-23] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25040.2-0\MsMpEng.exe [278304 2025-05-23] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WorkflowAppControl; C:\Program Files (x86)\Brother\iPrint&Scan\WorkflowAppControl.exe [18944 2023-11-28] () [File not signed]
S2 RCService; "C:\Users\LM\AppData\Local\Temp\AnyViewer\RCService.exe" [X] <==== ATTENTION
S4 TavernComn_2_1; C:\Program Files\IRONMACE\Tavern\EpicGames\TavernApp_2_1\TavernComn.dll [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 amdgpio3; C:\WINDOWS\System32\drivers\amdgpio3.sys [33592 2024-09-12] (ASMedia Technology Inc. -> Advanced Micro Devices, Inc)
S1 amsdk; C:\WINDOWS\system32\drivers\amsdk.sys [232792 2025-06-17] (Zemana D.O.O. Sarajevo -> Copyright 2018.)
R3 camodriver; C:\WINDOWS\System32\DriverStore\FileRepository\camodriver.inf_amd64_99bad0a66e30f6f3\x64\camodriver.sys [36912 2024-08-22] (Microsoft Windows Hardware Compatibility Publisher -> Reincubate Ltd.)
R3 Camo_e070661c-ac3f-4aae-aa3f-7d4e8ded5142; C:\WINDOWS\System32\drivers\vacrnckd.sys [193120 2024-08-22] (Muzychenko Evgenii Viktorovich, IP -> )
R2 CorsairLLAccess8F050F5E415C1A5882EB9FF7CE2BC59B7BE3A953; C:\Program Files\Corsair\Corsair iCUE5 Software\CorsairLLAccess64.sys [23616 2025-06-17] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.)
R3 CorsairVBusDriver; C:\WINDOWS\System32\drivers\CorsairVBusDriver.sys [47032 2025-06-17] (Microsoft Windows Hardware Compatibility Publisher -> Corsair)
R3 CorsairVHidDriver; C:\WINDOWS\System32\drivers\CorsairVHidDriver.sys [22968 2025-06-17] (Microsoft Windows Hardware Compatibility Publisher -> Corsair)
R3 cpuz160; C:\WINDOWS\temp\cpuz160\cpuz160_x64.sys [44696 2025-06-17] (Microsoft Windows Hardware Compatibility Publisher -> CPUID) <==== ATTENTION
R1 CTIIO; C:\WINDOWS\system32\drivers\CtiIo64.sys [34920 2025-01-18] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Innovation Co., LTd.)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [227224 2025-05-31] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [121816 2025-05-31] (Microsoft Windows Hardware Compatibility Publisher -> ESET)
R1 edevmonm; C:\WINDOWS\System32\DRIVERS\edevmonm.sys [123352 2025-05-31] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [16336 2024-12-24] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [266944 2025-05-31] (ESET, spol. s r.o. -> ESET)
R2 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [57304 2025-05-31] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [86200 2025-05-31] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [128512 2025-05-31] (ESET, spol. s r.o. -> ESET)
R3 gdrv3; C:\WINDOWS\system32\drivers\gdrv3.sys [52440 2025-01-18] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
S3 KslD; C:\WINDOWS\System32\drivers\wd\KslD.sys [331168 2025-04-13] (Microsoft Windows -> Microsoft Corporation)
R3 logi_joy_bus_enum; C:\WINDOWS\system32\drivers\logi_joy_bus_enum.sys [44880 2024-09-18] (Logitech Inc -> Logitech)
R3 logi_joy_vir_hid; C:\WINDOWS\system32\drivers\logi_joy_vir_hid.sys [32080 2024-07-19] (Logitech Inc -> Logitech)
R3 logi_joy_xlcore; C:\WINDOWS\system32\drivers\logi_joy_xlcore.sys [73040 2024-09-18] (Logitech Inc -> Logitech)
R3 logi_lamparray; C:\WINDOWS\System32\DriverStore\FileRepository\logi_lamparray_usb.inf_amd64_03f1ba0930191bc7\logi_lamparray.sys [89696 2025-05-22] (Logitech Inc -> Logitech, Inc.)
R2 mbamchameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [234072 2025-06-17] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [22120 2025-06-02] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [242752 2025-06-02] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R1 MSIO; C:\WINDOWS\system32\drivers\MsIo64.sys [19672 2025-01-18] (Microsoft Windows Hardware Compatibility Publisher -> MICSYS Technology Co., LTd)
R1 npcap; C:\WINDOWS\system32\DRIVERS\npcap.sys [78648 2019-08-30] (Insecure.Com LLC -> Insecure.Com LLC.)
R1 npf; C:\WINDOWS\system32\DRIVERS\npf.sys [78648 2019-08-30] (Insecure.Com LLC -> Insecure.Com LLC.)
S3 PlutonHeci; C:\WINDOWS\System32\DriverStore\FileRepository\pluton-heci.inf_amd64_f74945e2fcb1d3d7\pluton-heci.sys [75168 2025-06-17] (Microsoft Windows -> Microsoft Corporation)
R3 rt25cx21; C:\WINDOWS\System32\DriverStore\FileRepository\rt25cx21x64.inf_amd64_f32b9472bc5b90de\rt25cx21x64.sys [887640 2024-09-19] (Realtek Semiconductor Corp. -> Realtek)
R0 secnvme; C:\WINDOWS\System32\drivers\secnvme.sys [133944 2020-01-20] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd)
S3 ThermalFilter; C:\WINDOWS\System32\DriverStore\FileRepository\c_thermal.inf_amd64_732a53ed1662b707\ThermalFilter.sys [75376 2025-04-09] (Microsoft Windows Hardware Abstraction Layer Publisher -> Microsoft Corporation)
R3 TmBusEn; C:\WINDOWS\System32\drivers\TmBusEn.sys [43088 2023-12-14] (Microsoft Windows Hardware Compatibility Publisher -> Guillemot Corporation)
R3 TmBusEn; C:\Windows\SysWOW64\drivers\TmBusEn.sys [43088 2023-12-14] (Microsoft Windows Hardware Compatibility Publisher -> Guillemot Corporation)
S3 TmFilter; C:\WINDOWS\System32\drivers\TmFilter.sys [70736 2023-12-14] (Microsoft Windows Hardware Compatibility Publisher -> Guillemot Corporation)
S3 TmFilter; C:\Windows\SysWOW64\drivers\TmFilter.sys [70736 2023-12-14] (Microsoft Windows Hardware Compatibility Publisher -> Guillemot Corporation)
S1 vgk; C:\Program Files\Riot Vanguard\vgk.sys [26955888 2025-05-05] (Riot Games, Inc. -> Riot Games, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [19984 2025-05-23] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [606568 2025-05-23] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [100736 2025-05-23] (Microsoft Windows -> Microsoft Corporation)
R3 WSDPrintDevice; C:\WINDOWS\System32\DriverStore\FileRepository\wsdprint.inf_amd64_1f9e32519098c0b6\WSDPrint.sys [57344 2024-12-24] (Microsoft Windows -> Microsoft Corporation)
R3 WSDScan; C:\WINDOWS\System32\DriverStore\FileRepository\sti.inf_amd64_971c769b103df369\WSDScan.sys [61440 2024-12-24] (Microsoft Windows -> Microsoft Corporation)
S3 cpuz159; \??\C:\WINDOWS\temp\cpuz159\cpuz159_x64.sys [X] <==== ATTENTION
U4 npcap_wifi; no ImagePath
U4 npf_wifi; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2025-06-17 21:08 - 2025-06-17 21:12 - 000034548 _____ C:\Users\LM\Desktop\FRST.txt
2025-06-17 21:08 - 2025-06-17 21:12 - 000000000 ____D C:\FRST
2025-06-17 21:07 - 2025-06-17 21:07 - 002406912 _____ (Farbar) C:\Users\LM\Desktop\FRST64.exe
2025-06-17 20:53 - 2025-06-17 20:54 - 000232792 _____ (Copyright 2018.) C:\WINDOWS\system32\Drivers\amsdk.sys
2025-06-17 20:53 - 2025-06-17 20:54 - 000000000 ____D C:\Users\LM\AppData\Local\AMSDK
2025-06-17 20:48 - 2025-06-17 20:50 - 000000000 ____D C:\Users\LM\AppData\Roaming\U.GG
2025-06-17 20:44 - 2014-02-13 23:59 - 000024064 _____ C:\WINDOWS\zoek-delete.exe
2025-06-17 20:25 - 2025-06-17 20:40 - 000000000 ____D C:\zoek_backup
2025-06-17 14:04 - 2025-06-17 14:04 - 000000000 ____D C:\ProgramData\Sophos
2025-06-17 14:03 - 2025-06-17 14:03 - 000002775 _____ C:\Users\Public\Desktop\Sophos Virus Removal Tool.lnk
2025-06-17 14:03 - 2025-06-17 14:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos
2025-06-17 14:03 - 2025-06-17 14:03 - 000000000 ____D C:\Program Files (x86)\Sophos
2025-06-17 13:56 - 2025-06-17 13:58 - 000000000 ____D C:\AdwCleaner
2025-06-17 11:18 - 2025-06-17 11:18 - 000000000 ____D C:\WINDOWS\ABR
2025-06-17 11:12 - 2025-06-17 11:30 - 000000000 ____D C:\Users\LM\Desktop\HiJackThis
2025-06-17 10:15 - 2025-06-17 20:15 - 000000000 ____D C:\Program Files\Mozilla Thunderbird
2025-06-17 10:04 - 2025-06-17 13:20 - 000000000 ____D C:\WINDOWS\CbsTemp
2025-06-17 09:37 - 2025-06-17 09:37 - 000711764 _____ C:\WINDOWS\system32\perfh005.dat
2025-06-17 09:37 - 2025-06-17 09:37 - 000152978 _____ C:\WINDOWS\system32\perfc005.dat
2025-06-17 08:13 - 2025-06-17 08:13 - 000033224 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json
2025-06-17 08:13 - 2025-06-17 08:13 - 000033224 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2025-06-17 08:13 - 2025-06-17 08:13 - 000001555 _____ C:\WINDOWS\system32\DeviceFeatureDDF.json
2025-06-17 07:53 - 2025-06-17 07:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2025-06-02 10:54 - 2025-06-17 21:08 - 000000000 ____D C:\Users\LM\AppData\Local\Malwarebytes
2025-06-02 10:54 - 2025-06-02 10:54 - 000002093 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2025-06-02 10:54 - 2025-06-02 10:54 - 000002081 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2025-06-02 10:54 - 2025-06-02 10:54 - 000000000 ____D C:\ProgramData\Malwarebytes
2025-06-02 10:54 - 2025-06-02 10:54 - 000000000 ____D C:\Program Files\Malwarebytes
2025-05-24 09:29 - 2025-05-24 09:29 - 000000000 ____D C:\Users\LM\AppData\Roaming\Thrustmaster
2025-05-24 08:23 - 2025-05-24 08:23 - 000002291 _____ C:\Users\Public\Desktop\TARGET Script Editor.lnk
2025-05-24 08:23 - 2025-05-24 08:23 - 000002228 _____ C:\Users\Public\Desktop\TARGET GUI.lnk
2025-05-24 08:23 - 2025-05-24 08:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Thrustmaster TARGET
2025-05-23 17:16 - 2025-05-23 17:16 - 000000000 ____D C:\Program Files (x86)\Thrustmaster
2025-05-23 17:16 - 2023-12-14 10:20 - 000049040 _____ (Guillemot Corporation) C:\WINDOWS\SysWOW64\Drivers\TmHid.sys
2025-05-23 17:09 - 2025-05-23 17:09 - 000000000 ____D C:\Users\LM\AppData\Roaming\Frontier Developments
2025-05-23 17:09 - 2025-05-23 17:09 - 000000000 ____D C:\Users\LM\AppData\Local\Frontier Developments
2025-05-23 16:18 - 2025-05-23 16:18 - 000000000 ____D C:\Users\LM\AppData\Local\min-ed-launcher
2025-05-23 16:07 - 2025-05-23 17:08 - 000000000 ____D C:\Users\LM\AppData\Local\Frontier_Developments
2025-05-23 16:02 - 2025-05-23 16:02 - 000000000 ____D C:\Users\LM\AppData\Local\Frontier_Developments_Ltd
2025-05-22 06:56 - 2025-05-22 06:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logi
2025-05-22 06:56 - 2025-05-22 06:56 - 000000000 ____D C:\Program Files\LGHUB
2025-05-19 19:41 - 2025-05-19 19:41 - 000000000 ____D C:\Users\LM\AppData\Roaming\Amanita-Design.CHUCHEL
2025-05-19 15:40 - 2025-05-20 17:03 - 000000000 ____D C:\Users\LM\AppData\Local\PingPlotter 5
2025-05-19 15:40 - 2025-05-19 15:40 - 000000000 ____D C:\ProgramData\PingPlotter 5
2025-05-19 15:40 - 2025-05-19 15:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PingPlotter 5
2025-05-19 15:40 - 2025-05-19 15:40 - 000000000 ____D C:\Program Files (x86)\PingPlotter 5
2025-05-19 15:39 - 2025-05-19 15:39 - 000000000 ____D C:\Users\LM\AppData\Roaming\Downloaded Installations
2025-05-18 12:43 - 2025-05-18 12:43 - 000000048 ____H C:\Program Files (x86)\ofp4opxt8k.dat

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2025-06-17 21:06 - 2024-07-19 12:54 - 000000000 ____D C:\Program Files (x86)\Steam
2025-06-17 21:06 - 2024-04-01 09:26 - 000000000 ___HD C:\Program Files\WindowsApps
2025-06-17 21:06 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\AppReadiness
2025-06-17 20:59 - 2024-07-19 12:05 - 000000000 ____D C:\Users\LM\AppData\Local\Packages
2025-06-17 20:58 - 2024-07-19 12:05 - 000000000 ____D C:\Users\LM\AppData\Local\D3DSCache
2025-06-17 20:56 - 2025-04-26 09:00 - 000001392 _____ C:\Users\LM\Desktop\Spotify.lnk
2025-06-17 20:56 - 2024-07-19 12:07 - 000000000 ____D C:\Users\LM\AppData\Local\PlaceholderTileLogoFolder
2025-06-17 20:56 - 2024-07-19 12:05 - 000000000 ____D C:\ProgramData\Packages
2025-06-17 20:55 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SystemTemp
2025-06-17 20:55 - 2024-04-01 09:26 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2025-06-17 20:48 - 2024-12-25 20:57 - 000003442 _____ C:\WINDOWS\system32\Tasks\GCC
2025-06-17 20:48 - 2024-12-25 20:57 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2025-06-17 20:48 - 2024-12-25 20:55 - 000004526 _____ C:\WINDOWS\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2
2025-06-17 20:48 - 2024-10-28 10:33 - 000000000 _____ C:\WINDOWS\UV_LastPW.ini
2025-06-17 20:48 - 2024-07-20 10:08 - 000000000 ____D C:\Users\LM\AppData\Roaming\ViberPC
2025-06-17 20:48 - 2024-07-19 16:37 - 000000000 ____D C:\Users\LM\AppData\Roaming\Dropbox
2025-06-17 20:48 - 2024-07-19 16:37 - 000000000 ____D C:\Users\LM\AppData\Local\Dropbox
2025-06-17 20:48 - 2024-07-19 12:23 - 000000000 ____D C:\Users\LM\AppData\Roaming\Samsung Magician
2025-06-17 20:48 - 2024-07-19 12:15 - 000000000 ____D C:\Users\LM\AppData\Local\LGHUB
2025-06-17 20:48 - 2024-07-19 12:08 - 000000000 ____D C:\ProgramData\NVIDIA
2025-06-17 20:48 - 2023-11-05 20:32 - 000012288 ___SH C:\DumpStack.log.tmp
2025-06-17 20:47 - 2024-04-01 09:21 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2025-06-17 20:40 - 2024-12-24 18:58 - 000000000 ____D C:\Users\LM
2025-06-17 20:25 - 2024-07-19 12:10 - 000000000 ____D C:\Users\LM\AppData\Local\CrashDumps
2025-06-17 20:15 - 2024-07-19 12:54 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2025-06-17 15:30 - 2024-11-14 19:11 - 000001829 _____ C:\Users\LM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Thunderbird.lnk
2025-06-17 11:20 - 2024-12-25 20:55 - 000470104 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2025-06-17 11:20 - 2024-04-01 09:24 - 000000000 ____D C:\WINDOWS\INF
2025-06-17 11:19 - 2024-04-01 18:31 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2025-06-17 11:19 - 2024-04-01 18:30 - 000000000 ____D C:\WINDOWS\system32\Microsoft-Edge-WebView
2025-06-17 11:19 - 2024-04-01 09:26 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2025-06-17 11:19 - 2024-04-01 09:26 - 000000000 ___SD C:\WINDOWS\system32\F12
2025-06-17 11:19 - 2024-04-01 09:26 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2025-06-17 11:19 - 2024-04-01 09:26 - 000000000 ___RD C:\Program Files\Windows Defender
2025-06-17 11:19 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\UUS
2025-06-17 11:19 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2025-06-17 11:19 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2025-06-17 11:19 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz
2025-06-17 11:19 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2025-06-17 11:19 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2025-06-17 11:19 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SystemResources
2025-06-17 11:19 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2025-06-17 11:19 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2025-06-17 11:19 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\setup
2025-06-17 11:19 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2025-06-17 11:19 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\oobe
2025-06-17 11:19 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\migwiz
2025-06-17 11:19 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\Dism
2025-06-17 11:19 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\DDFs
2025-06-17 11:19 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\Com
2025-06-17 11:19 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\appraiser
2025-06-17 11:19 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\ShellExperiences
2025-06-17 11:19 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\ShellComponents
2025-06-17 11:19 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2025-06-17 11:19 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\BrowserCore
2025-06-17 11:19 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\bcastdvr
2025-06-17 11:17 - 2024-07-19 12:23 - 000000000 ____D C:\Users\LM\AppData\Roaming\Microsoft\MMC
2025-06-17 10:47 - 2024-07-26 09:29 - 000000000 ____D C:\Users\LM\AppData\Roaming\obs-studio
2025-06-17 10:15 - 2024-07-19 12:23 - 000000000 ____D C:\Users\LM\AppData\Roaming\Corsair
2025-06-17 10:07 - 2024-12-25 20:55 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2025-06-17 10:02 - 2024-07-19 16:10 - 000000000 ____D C:\WINDOWS\system32\MRT
2025-06-17 10:01 - 2024-07-19 16:10 - 216824056 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2025-06-17 09:37 - 2024-12-25 20:58 - 001692324 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2025-06-17 09:32 - 2024-07-20 10:08 - 000000000 ____D C:\Users\LM\AppData\Local\Viber
2025-06-17 09:31 - 2024-08-31 10:00 - 000000000 ____D C:\Program Files\Corsair
2025-06-17 08:13 - 2024-12-25 20:56 - 003383808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2025-06-17 08:00 - 2024-07-19 13:31 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2025-06-17 07:59 - 2024-07-19 13:44 - 000000000 ____D C:\Program Files\Microsoft Office
2025-06-17 07:54 - 2024-07-20 10:08 - 000000000 ____D C:\Users\LM\Documents\ViberDownloads
2025-06-17 07:54 - 2024-07-19 12:53 - 000000000 ____D C:\Program Files (x86)\Dropbox
2025-06-17 07:53 - 2024-07-19 12:25 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2025-06-17 07:53 - 2024-07-19 12:25 - 000002206 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2025-06-17 07:53 - 2024-07-19 11:58 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2025-06-17 00:20 - 2024-12-08 15:30 - 134222904 _____ C:\WINDOWS\392667600.dat
2025-06-17 00:20 - 2024-12-08 15:30 - 000000001 _____ C:\WINDOWS\vgkbootstatus.dat
2025-06-02 10:54 - 2024-04-01 09:26 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2025-06-02 09:17 - 2024-07-19 12:46 - 000000436 _____ C:\Users\LM\Desktop\Účet.txt
2025-05-31 20:35 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\ServiceState
2025-05-31 20:34 - 2024-12-24 19:07 - 000121816 _____ (ESET) C:\WINDOWS\system32\Drivers\edevmon.sys
2025-05-31 20:34 - 2024-07-19 13:31 - 000000000 ____D C:\Program Files\ESET
2025-05-31 20:34 - 2024-06-25 18:15 - 000266944 _____ (ESET) C:\WINDOWS\system32\Drivers\ehdrv.sys
2025-05-31 20:34 - 2024-06-25 18:15 - 000227224 _____ (ESET) C:\WINDOWS\system32\Drivers\eamonm.sys
2025-05-31 20:34 - 2024-06-25 18:15 - 000128512 _____ (ESET) C:\WINDOWS\system32\Drivers\epfwwfp.sys
2025-05-31 20:34 - 2024-06-25 18:15 - 000123352 _____ (ESET) C:\WINDOWS\system32\Drivers\edevmonm.sys
2025-05-31 20:34 - 2024-06-25 18:15 - 000086200 _____ (ESET) C:\WINDOWS\system32\Drivers\epfw.sys
2025-05-31 20:34 - 2024-06-25 18:15 - 000057304 _____ (ESET) C:\WINDOWS\system32\Drivers\ekbdflt.sys
2025-05-29 20:18 - 2025-01-22 11:36 - 000000000 ____D C:\Users\LM\AppData\Local\Discord
2025-05-28 22:31 - 2024-07-19 12:23 - 000000000 ____D C:\Users\LM\AppData\Roaming\vlc
2025-05-28 22:22 - 2024-07-19 12:23 - 000000000 ____D C:\Users\LM\AppData\Roaming\Microsoft\Excel
2025-05-28 21:40 - 2024-07-19 12:49 - 000000000 ____D C:\ProgramData\Transmission
2025-05-28 18:34 - 2024-07-19 12:16 - 000000000 ____D C:\Users\LM\AppData\Local\transmission
2025-05-27 21:09 - 2025-01-22 11:36 - 000002232 _____ C:\Users\LM\Desktop\Discord.lnk
2025-05-27 20:47 - 2024-12-25 20:57 - 000003532 _____ C:\WINDOWS\system32\Tasks\GyazoUpdateTaskMachineDaily
2025-05-27 20:47 - 2024-12-25 20:57 - 000003396 _____ C:\WINDOWS\system32\Tasks\GyazoUpdateTaskMachine
2025-05-27 20:47 - 2024-07-19 12:54 - 000000000 ____D C:\Program Files (x86)\Gyazo
2025-05-24 19:28 - 2024-12-08 15:19 - 000000000 ____D C:\Users\LM\AppData\Roaming\riot-client-ux
2025-05-24 19:28 - 2024-12-08 15:17 - 000000000 ____D C:\ProgramData\Riot Games
2025-05-24 08:23 - 2024-12-24 19:01 - 000000000 ____D C:\Users\LM\AppData\Roaming\Microsoft\CLR Security Config
2025-05-23 17:16 - 2024-07-19 12:54 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2025-05-23 16:09 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\SecurityHealth
2025-05-23 08:48 - 2024-07-19 11:58 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2025-05-22 06:57 - 2024-07-19 12:23 - 000000000 ____D C:\Users\LM\AppData\Roaming\G HUB
2025-05-20 12:21 - 2024-12-08 15:26 - 000000000 ____D C:\Program Files\Riot Vanguard
2025-05-19 12:40 - 2024-12-24 18:58 - 000000000 ____D C:\Users\LM\AppData\Roaming\Microsoft\Spelling
2025-05-19 06:42 - 2024-12-25 20:57 - 000003640 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2025-05-19 06:42 - 2024-12-25 20:57 - 000003514 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore

==================== Files in the root of some directories ========

2025-05-18 12:43 - 2025-05-18 12:43 - 000000048 ____H () C:\Program Files (x86)\ofp4opxt8k.dat
2024-07-19 12:22 - 2024-01-17 17:56 - 000000132 _____ () C:\Users\LM\AppData\Roaming\Adobe Formát PNG CS6 – předvolby
2024-12-24 09:19 - 2024-12-24 09:19 - 000000128 _____ () C:\Users\LM\AppData\Roaming\winscp.rnd

==================== FLock ==============================

2025-06-17 20:48 C:\WINDOWS\UV_LastPW.ini

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

[Karrex]

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07-06-2025
Ran by LM (17-06-2025 21:13:22)
Running from C:\Users\LM\Desktop
Microsoft Windows 11 Pro Version 24H2 26100.4351 (X64) (2024-12-25 19:39:47)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-3383119089-1705184809-3219548888-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3383119089-1705184809-3219548888-503 - Limited - Disabled)
Guest (S-1-5-21-3383119089-1705184809-3219548888-501 - Limited - Disabled)
LM (S-1-5-21-3383119089-1705184809-3219548888-1001 - Administrator - Enabled) => C:\Users\LM
WDAGUtilityAccount (S-1-5-21-3383119089-1705184809-3219548888-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Security (Disabled - Up to date) {26E0861C-6FB9-CEF9-E4F0-531986211ACE}
FW: ESET Firewall (Disabled) {1EDB0739-25D6-CFA1-CFAF-FA2C78F25DB5}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1033-FFFF-7760-BC15014EA700}) (Version: 24.003.20112 - Adobe)
AMD GPIO2 Driver (HKLM-x32\...\{E9DD399F-21A3-479E-A7DF-D6CF4B2ADBF3}) (Version: 2.2.0.133 - Advanced Micro Devices, Inc.) Hidden
AMD Chipset Software (HKLM-x32\...\AMD_Chipset_IODrivers) (Version: 7.01.08.129 - Advanced Micro Devices, Inc.)
AMD PCI Driver (HKLM-x32\...\{80EC3CEE-2940-42A1-A776-B5D810D39F1E}) (Version: 1.0.0.90 - Advanced Micro Devices, Inc.) Hidden
AMD PSP Driver (HKLM-x32\...\{988F14B8-79A8-475D-BAC7-83F96AD3D821}) (Version: 5.36.0.0 - Advanced Micro Devices, Inc.) Hidden
AMD Ryzen Balanced Driver (HKLM-x32\...\{A171D320-C42C-4F3B-A2D8-C6A09F6788CC}) (Version: 8.0.0.13 - Advanced Micro Devices, Inc.) Hidden
AMD SBxxx SMBus Driver (HKLM-x32\...\{AAE0E27D-C88A-49BA-8715-77ADCD4286A3}) (Version: 5.12.0.44 - Advanced Micro Devices, Inc.) Hidden
AMD_Chipset_Drivers (HKLM-x32\...\{9e92542c-fa37-4c1f-9eba-41336bc79c02}) (Version: 7.01.08.129 - Advanced Micro Devices, Inc.) Hidden
Aplikace NVIDIA 11.0.3.241 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NvApp) (Version: 11.0.3.241 - NVIDIA Corporation)
Apple Mobile Device Support (HKLM\...\{AF0C3D84-6909-4B48-A335-2EC35087BAB0}) (Version: 18.0.0.32 - Apple Inc.)
AppLogLibSetup (HKLM-x32\...\{52FB0C8F-DF05-4C61-AEB6-18C55F8C385F}) (Version: 1.0.3.0 - Brother Industries Ltd.) Hidden
Blackmagic RAW Common Components (HKLM\...\{EB1F744F-B900-4BAD-82E8-5350C910AB38}) (Version: 4.1 - Blackmagic Design)
BrLauncher (HKLM-x32\...\{42D26B47-887C-45FC-BCAE-0BE485C5C0BB}) (Version: 2.0.11.0 - Brother Industries Ltd.) Hidden
BrLogRx (HKLM-x32\...\{190861E7-09C5-42D8-BB4B-0AFB234BCFC1}) (Version: 1.0.3.1 - Brother Industries Ltd.) Hidden
Brother iPrint&Scan (HKLM-x32\...\{89208d05-31fd-46e1-a160-6cba7ec49844}) (Version: 11.1.1.1 - Brother Industries, Ltd.)
Brother iPrint&Scan (HKLM-x32\...\{C86D9011-7AE0-4329-AEED-17C69CD84E88}) (Version: 11.1.1.1 - Brother Industries, Ltd.) Hidden
Brother PCFax Driver (HKLM-x32\...\{79262B43-9E15-4732-A034-BFD29D9BD077}) (Version: 1.4.1.0 - Brother Industries Ltd.) Hidden
Brother Port Driver (HKLM-x32\...\{6CEC6409-A328-44E2-A6CA-69A60699740E}) (Version: 1.0.14.1 - Brother Industries Ltd.) Hidden
Brother Printer Driver (HKLM-x32\...\{D9164C2E-91BA-4D5D-B49A-604BB0A127FE}) (Version: 1.9.0.0 - Brother Industries Ltd.) Hidden
Brother Scanner Driver (HKLM-x32\...\{45E4523F-2842-410D-90C6-6D19974B8E57}) (Version: 1.0.28.1 - Brother Industries Ltd.) Hidden
BrSupportTools (HKLM-x32\...\{32F47565-84B1-42CC-B09A-4CDDD9A32F94}) (Version: 1.0.20.0 - Brother Industries Ltd.) Hidden
Camo Studio Compatibility Add-on (HKLM\...\{89AC3A0E-E147-4A58-95A0-19A8D2BDC541}) (Version: 1.0.1.12935 - Reincubate)
Camtasia 2023 (HKLM\...\{97B50947-F298-4BE1-B69A-3857B1140B23}) (Version: 23.4.7.53202 - TechSmith Corporation)
Commandos 3: HD Remaster (HKLM-x32\...\Commandos 3: HD Remaster_is1) (Version: - )
ControlCenter4 (HKLM-x32\...\{9091B952-8719-49C3-9CC7-6E20EC61081F}) (Version: 4.6.6.1 - Brother Industries, Ltd.) Hidden
ControlCenter4 CSDK (HKLM-x32\...\{FD8A9511-BFC9-43B5-BB75-9CEC0EA03CF0}) (Version: 4.6.1.1 - Brother Industries, Ltd.) Hidden
Corsair iCUE5 Software (HKLM\...\{A9B0B2D7-8C59-4413-A2FB-99EDBE65A608}) (Version: 5.29.103 - Corsair)
DaVinci Resolve (HKLM\...\{147F8E46-97F9-4770-A910-5923742DC36D}) (Version: 18.6.50007 - Blackmagic Design)
DaVinci Resolve Control Panels (HKLM\...\{3739CA49-792F-4F1F-9B76-42DFBBBED27E}) (Version: 2.3.0.0 - Blackmagic Design)
DaVinci Resolve Renderer (HKLM\...\{953AAFB1-E9E3-4FED-9E35-575B960236CC}) (Version: 19.0.00051 - Blackmagic Design)
Discord (HKU\S-1-5-21-3383119089-1705184809-3219548888-1001\...\Discord) (Version: 1.0.9059 - Discord Inc.)
Dropbox (HKLM-x32\...\Dropbox) (Version: 226.4.5094 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.983.1 - Dropbox, Inc.) Hidden
ENE Video Capture Box HAL (HKLM\...\{A096611D-BA11-4A1A-8D09-0A0462D7C8F2}) (Version: 1.0.5.15 - Ene Tech.) Hidden
ENE_AIC_Marvell_HAL (HKLM\...\{085E2365-0A70-4230-B664-02D5E4FE7E9C}) (Version: 1.0.7.0 - ENE TECHNOLOGY INC.) Hidden
ENE_DRAM_RGB_AIO (HKLM\...\{5D2EC6F2-7EC3-486E-A144-7174E537A148}) (Version: 1.0.14.4 - Ene Tech.) Hidden
ENE_DRAM_RGB_AIO (HKLM-x32\...\{35a6f7ad-3ff5-4bdc-89a5-e166ef586e81}) (Version: 1.0.14.4 - Ene Tech.) Hidden
ENE_EHD_M2_HAL (HKLM\...\{37A48B7F-D4EA-4863-844E-A284E2AA3C5D}) (Version: 1.0.14.0 - ENE TECHNOLOGY INC.) Hidden
ENE_EHD_M2_HAL (HKLM-x32\...\{c1d017c2-8846-4000-9254-5689eccd462e}) (Version: 1.0.14.0 - ENE TECHNOLOGY INC.) Hidden
ENE_External_Device_HAL (HKLM\...\{2B8E611F-0B51-4FAC-87BB-AF50D82E7DDA}) (Version: 1.0.12.7 - ENE Tech) Hidden
ENE_MousePad_HAL (HKLM\...\{9E97178A-ADB8-4778-BE60-7E28E2A72721}) (Version: 1.0.1.8 - ENE TECHNOLOGY INC.) Hidden
ENE_X_AIC_HAL (HKLM\...\{CF703694-01C6-4062-B797-84DB215662BC}) (Version: 1.0.6.3 - ENE TECHNOLOGY INC.) Hidden
Epic Games Launcher (HKLM-x32\...\{B85FAA6E-A9AA-4655-9029-E1A4EDC05E1A}) (Version: 1.3.93.0 - Epic Games, Inc.)
Epic Online Services (HKLM-x32\...\{57A956AB-4BCC-45C6-9B40-957E4E125568}) (Version: 2.0.44.0 - Epic Games, Inc.)
ESET Security (HKLM\...\{C96F7554-E4B9-4697-B7EC-5A3D3F2A1B7F}) (Version: 18.1.13.0 - ESET, spol. s r.o.)
f.lux (HKU\S-1-5-21-3383119089-1705184809-3219548888-1001\...\Flux) (Version: 4.137 - f.lux Software LLC)
Fairlight Audio Accelerator Utility (HKLM\...\FairlightAudioAccelerator_is1) (Version: 1.0.15 - Blackmagic Design)
GBT_Dynamic_Lighting_Lib_UC 24.08.27.01 (HKLM\...\GBT_Dynamic_Lighting_Lib_UC) (Version: 24.08.27.01 - GIGABYTE)
GBT_MB_Update (HKLM\...\GBT_MB_Update) (Version: 24.12.05.01 - GIGABYTE)
GBT_RGB_Sync_Control 24.11.14.01 (HKLM\...\GBT_RGB_Sync_Control) (Version: 24.11.14.01 - GIGABYTE)
GBT_rgbMotherboard_UC 25.01.07.02 (HKLM\...\GBT_rgbMotherboard_UC) (Version: 25.01.07.02 - GIGABYTE)
GIGABYTE Control Center 24.12.30.01 (HKLM\...\GIGABYTE Control Center) (Version: 24.12.30.01 - GIGABYTE)
GIGABYTE Performance Library (HKLM\...\MBEasyTune) (Version: 24.12.19.01 - GIGABYTE)
GIGABYTE Storage Library (HKLM\...\MBStorage) (Version: 24.12.18.01 - GIGABYTE)
God of War Ragnarok (HKLM-x32\...\God of War Ragnarok_is1) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 137.0.7151.104 - Google LLC)
Gyazo 5.8.1.0 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version: 5.8.1 - Helpfeel Inc.)
HowToGuide (HKLM-x32\...\{36580EEB-4EDF-4880-BBD4-097E2C645ECD}) (Version: 1.0.1.0 - Brother Industries Ltd.) Hidden
HttpToUsbBridge (HKLM-x32\...\{999245BB-F187-45E8-95C9-4AE0CC8639D7}) (Version: 2.1.67.1 - Brother Industries Ltd.)
Java(TM) SE Development Kit 22.0.2 (64-bit) (HKLM\...\{AA2685C5-73D8-54BD-A9B7-2701251A8921}) (Version: 22.0.2.0 - Oracle Corporation)
Kingdom Come Deliverance II (HKLM-x32\...\Kingdom Come Deliverance II_is1) (Version: 0.0.0 - DODI-Repacks)
League of Legends (HKU\S-1-5-21-3383119089-1705184809-3219548888-1001\...\Riot Game league_of_legends.live) (Version: - Riot Games, Inc)
Local 9.1.1 (HKU\S-1-5-21-3383119089-1705184809-3219548888-1001\...\db9b6d64-7ad2-556e-893c-24e21cb471e1) (Version: 9.1.1 - WPEngine, Inc.)
Logitech G HUB (HKLM\...\{521c89be-637f-4274-a840-baaf7460c2b2}) (Version: 2025.4.719084 - Logitech)
Malwarebytes version 5.3.2.195 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 5.3.2.195 - Malwarebytes)
Microsoft .NET 8.0 Templates 8.0.408 (x64) (HKLM\...\{CF58DD24-1862-4940-B4CA-9C920D755134}) (Version: 32.11.59749 - Microsoft Corporation) Hidden
Microsoft .NET AppHost Pack - 8.0.15 (x64) (HKLM\...\{45524620-C06B-47C6-B9AE-7D4795A6087B}) (Version: 64.60.31149 - Microsoft Corporation) Hidden
Microsoft .NET AppHost Pack - 8.0.15 (x64_arm64) (HKLM\...\{455253F4-8363-4F68-B0EB-2E68C2FA7849}) (Version: 64.60.31149 - Microsoft Corporation) Hidden
Microsoft .NET AppHost Pack - 8.0.15 (x64_x86) (HKLM\...\{9E2DEF1C-86F1-4F27-B1E8-6A55EA106ADF}) (Version: 64.60.31149 - Microsoft Corporation) Hidden
Microsoft .NET Host - 8.0.15 (x64) (HKLM\...\{4C903F19-B4C3-4D0C-8CC9-D444C511AF1C}) (Version: 64.60.31149 - Microsoft Corporation) Hidden
Microsoft .NET Host - 9.0.4 (x64) (HKLM\...\{9E5495E6-3E9B-41FD-8D4E-2BC1EA61A696}) (Version: 72.16.31125 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 8.0.15 (x64) (HKLM\...\{11CCC9F6-77AA-4421-9EAC-BAEC36D96817}) (Version: 64.60.31149 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 9.0.4 (x64) (HKLM\...\{1B002B5C-8CD6-4633-B543-2CDD484064A8}) (Version: 72.16.31125 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 8.0.15 (x64) (HKLM\...\{8731E6E3-AF96-4515-ACEC-DBFB3DF55292}) (Version: 64.60.31149 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 9.0.4 (x64) (HKLM\...\{8BAC55BB-CCAC-428E-BCB8-C00015D37D89}) (Version: 72.16.31125 - Microsoft Corporation) Hidden
Microsoft .NET SDK 8.0.408 (x64) (HKLM-x32\...\{e5ddf235-1b10-49a5-9229-2717cea94b1d}) (Version: 8.4.825.16805 - Microsoft Corporation)
Microsoft .NET Standard Targeting Pack - 2.1.0 (x64) (HKLM\...\{A7036CFB-B403-4598-85FF-D397ABB88173}) (Version: 24.0.28113 - Microsoft Corporation) Hidden
Microsoft .NET Targeting Pack - 8.0.15 (x64) (HKLM\...\{187157C4-A642-4735-8870-FD4BC6F4DDA0}) (Version: 64.60.31149 - Microsoft Corporation) Hidden
Microsoft .NET Toolset 8.0.408 (x64) (HKLM\...\{A92AD416-A0E7-4FDA-8584-C8BAF58E96C7}) (Version: 32.11.26981 - Microsoft Corporation) Hidden
Microsoft ASP.NET Core 8.0.15 Shared Framework (x64) (HKLM\...\{AB364897-FF45-3A19-9D65-24E56F4B4EFD}) (Version: 8.0.15.25165 - Microsoft Corporation) Hidden
Microsoft ASP.NET Core 8.0.15 Targeting Pack (x64) (HKLM\...\{9378101D-0C80-32D6-8A8B-88D4BB49DB10}) (Version: 8.0.15.25165 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 137.0.3296.83 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 137.0.3296.83 - Microsoft Corporation) Hidden
Microsoft Office LTSC Professional Plus 2021 - cs-cz (HKLM\...\ProPlus2021Volume - cs-cz) (Version: 16.0.18925.20064 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{C6FD611E-7EFE-488C-A0E0-974C09EF6473}) (Version: 5.72.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.42.34433 (HKLM-x32\...\{804e7d66-ccc2-4c12-84ba-476da31d103d}) (Version: 14.42.34433.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.42.34433 (HKLM-x32\...\{e7802eac-3305-4da0-9378-e55d1ed05518}) (Version: 14.42.34433.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.42.34433 (HKLM\...\{E1902FC6-C423-4719-AB8A-AC7B2694B367}) (Version: 14.42.34433 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.42.34433 (HKLM\...\{382F1166-A409-4C5B-9B1E-85ED538B8291}) (Version: 14.42.34433 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.42.34433 (HKLM-x32\...\{84E3E712-6343-484B-8B6C-9F145F019A70}) (Version: 14.42.34433 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.42.34433 (HKLM-x32\...\{C2BB95AA-90F3-4891-81C1-A7E565BB836C}) (Version: 14.42.34433 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 8.0.15 (x64) (HKLM\...\{0E4A7820-FDA4-4250-B7AC-E7A2F7B43B64}) (Version: 64.60.31203 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 9.0.4 (x64) (HKLM\...\{6D5792BF-708C-485A-A59C-E38806AE6EBB}) (Version: 72.16.31142 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 9.0.4 (x64) (HKLM-x32\...\{60b3bad7-1da1-4082-8348-dbac77899742}) (Version: 9.0.4.34714 - Microsoft Corporation)
Microsoft Windows Desktop Targeting Pack - 8.0.15 (x64) (HKLM\...\{9DCF7CB7-DE0A-4ED3-B870-A0D06B9A83C4}) (Version: 64.60.31203 - Microsoft Corporation) Hidden
Microsoft.NET.Sdk.Android.Manifest-8.0.100 (x64) (HKLM\...\{B5A57BF9-FC7A-4FA6-BAEB-46E173986DF3}) (Version: 34.0.43 - Microsoft Corporation) Hidden
Microsoft.NET.Sdk.Aspire.Manifest-8.0.100 (x64) (HKLM\...\{F3AEB036-4B8A-4C25-B4D2-850944E909C4}) (Version: 64.0.5426 - Microsoft Corporation) Hidden
Microsoft.NET.Sdk.iOS.Manifest-8.0.100 (x64) (HKLM\...\{6BF59E75-BE05-4C69-9C48-3532B6DE0EC5}) (Version: 17.0.8478 - Microsoft Corporation) Hidden
Microsoft.NET.Sdk.MacCatalyst.Manifest-8.0.100 (x64) (HKLM\...\{8B5384CA-D189-4CFE-8DF0-2D05B4EA8499}) (Version: 17.0.8478 - Microsoft Corporation) Hidden
Microsoft.NET.Sdk.macOS.Manifest-8.0.100 (x64) (HKLM\...\{98927287-8779-447A-919E-73028D53F719}) (Version: 14.0.8478 - Microsoft Corporation) Hidden
Microsoft.NET.Sdk.Maui.Manifest-8.0.100 (x64) (HKLM\...\{116EF6D0-AE8E-4E6D-B0D8-EFF145CD45DA}) (Version: 8.0.3 - Microsoft Corporation) Hidden
Microsoft.NET.Sdk.tvOS.Manifest-8.0.100 (x64) (HKLM\...\{568F99E8-9F2D-48D7-A05D-D64C512B3AFD}) (Version: 17.0.8478 - Microsoft Corporation) Hidden
Microsoft.NET.Workload.Emscripten.Current.Manifest (x64) (HKLM\...\{52E99065-4058-4E7E-9A40-C65E35FE4D2D}) (Version: 64.60.31025 - Microsoft Corporation) Hidden
Microsoft.NET.Workload.Emscripten.net6.Manifest (x64) (HKLM\...\{7D35EDA1-4859-4F71-BCE5-8AE2FD34483C}) (Version: 64.60.31025 - Microsoft Corporation) Hidden
Microsoft.NET.Workload.Emscripten.net7.Manifest (x64) (HKLM\...\{29B133F5-B68A-49FA-903A-94522D18CFCA}) (Version: 64.60.31025 - Microsoft Corporation) Hidden
Microsoft.NET.Workload.Mono.Toolchain.Current.Manifest (x64) (HKLM\...\{D36226CD-49B3-4CD1-AE03-4C22D6B86E85}) (Version: 64.60.31149 - Microsoft Corporation) Hidden
Microsoft.NET.Workload.Mono.Toolchain.net6.Manifest (x64) (HKLM\...\{37540904-5DE2-47B8-A423-3479BB327CD3}) (Version: 64.60.31149 - Microsoft Corporation) Hidden
Microsoft.NET.Workload.Mono.Toolchain.net7.Manifest (x64) (HKLM\...\{42160DF9-2533-495B-A9FF-D3F1C70C43CB}) (Version: 64.60.31149 - Microsoft Corporation) Hidden
Minecraft Launcher (HKLM-x32\...\{6A960B34-5197-49DE-AC60-1177DFE24976}) (Version: 2.0.0.0 - Mojang)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 128.0 - Mozilla)
Mozilla Thunderbird (x64 cs) (HKLM\...\Mozilla Thunderbird 128.11.1 (x64 cs)) (Version: 128.11.1 - Mozilla)
NetworkRepairTool (HKLM-x32\...\{86E68F57-FAFE-4052-BDD4-3B90C38236AE}) (Version: 1.2.16.0 - Brother Industries, Ltd.) Hidden
Npcap 0.9983 (HKLM-x32\...\NpcapInst) (Version: 0.9983 - Nmap Project)
NVIDIA FrameView SDK 1.5.10920.35420203 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.5.10920.35420203 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.4.3.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.4.3.2 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 572.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 572.60 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.23.1019 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.23.1019 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 31.0.3 - OBS Project)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.18925.20064 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.18925.20064 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Patriot Viper M2 SSD RGB (HKLM\...\{8B4C0A3D-C135-4E1F-98D8-3926494B4D61}) (Version: 1.1.0.3 - Patriot Memory) Hidden
Patriot Viper M2 SSD RGB (HKLM-x32\...\{6e0eff60-c502-43bb-8f56-360ca07e73d9}) (Version: 1.1.0.3 - Patriot Memory) Hidden
PC-FAXReceive (HKLM-x32\...\{65EA2C86-30CD-444C-ADAB-8762BE4E2E8C}) (Version: 1.8.003.0 - Brother Insutries Ltd.) Hidden
PCFaxTx (HKLM-x32\...\{03BF5A21-6363-410C-B3BE-0946B0012704}) (Version: 3.7.3.1 - Brother Industries Ltd.) Hidden
PingPlotter 5 (HKLM-x32\...\{176A03EC-E27C-41F3-BD50-805CE9BDBA19}) (Version: 5.25.8.9059 - Pingman Tools, LLC) Hidden
PingPlotter 5 (HKLM-x32\...\PingPlotter 5 5.25.8.9059) (Version: 5.25.8.9059 - Pingman Tools, LLC)
Promontory_GPIO Driver (HKLM-x32\...\{B5512BCC-F4CD-4159-86A4-B2AD7D38FFA9}) (Version: 3.0.3.0 - Advanced Micro Devices, Inc.) Hidden
Realtek Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9733.1 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 11.21.0903.2024 - Realtek)
Recuva (HKLM\...\Recuva) (Version: 1.54 - Piriform)
RemoteSetup (HKLM-x32\...\{FAB8A30A-B074-48F9-9D73-5E9A757403F8}) (Version: 3.10.2.0 - Brother Industries Ltd.) Hidden
Riot Client (HKU\S-1-5-21-3383119089-1705184809-3219548888-1001\...\Riot Game Riot_Client.) (Version: - Riot Games, Inc)
Riot Vanguard (HKLM\...\Riot Vanguard) (Version: - Riot Games, Inc.)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 8.3.1.820 - Samsung Electronics)
Samsung NVM Express Driver (HKLM-x32\...\{ff94c273-58d5-40b5-b03a-9bd41d5cff1e}) (Version: 3.3.0.2003 - Samsung Electronics)
Samsung NVM Express Driver 3.3.0.2003 (HKLM\...\{89D55DD5-FE94-497B-B5E5-91915D52DBF2}) (Version: 3.3.0.2003 - Samsung Electronics Co., Ltd) Hidden
ScannerUtilityInstaller (HKLM-x32\...\{D94DD953-F38C-4220-A17C-9217106510A6}) (Version: 1.20.0.1 - Brother) Hidden
SoftwareUpdateNotification (HKLM-x32\...\{3D1AD910-B82B-4635-B1C3-0CEF9F6F3D34}) (Version: 1.0.21.0 - Brother Industries, Ltd.) Hidden
Sophos Virus Removal Tool (HKLM-x32\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.9.0 - Sophos Limited)
StatusMonitor (HKLM-x32\...\{D914EC91-7373-4D62-A194-B02B90D5DB01}) (Version: 1.41.0.0 - Brother Industries, Ltd.) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
StreamElements SE.Live (HKLM-x32\...\StreamElements OBS.Live) (Version: 24.1.30.97 - StreamElements)
Surveillance Viewer Unity version 0.10.0.15 (HKLM-x32\...\{16BC1DFD-F2D4-4E25-8E84-500CBE058F9F}_is1) (Version: 0.10.0.15 - Surveillance Viewer)
TavernWorker for Dark and Darker - EpicGames (HKLM\...\TavernWorker for Dark and Darker - EpicGames) (Version: - IRONMACE)
Thrustmaster TARGET (HKLM-x32\...\{8036A569-CA02-4D33-A7E9-E9BC8A482E91}) (Version: 3.0.25.127 - Thrustmaster)
Transmission 4.0.6 (38c164933e) (x64) (HKLM\...\{E83AF186-257D-4869-8EA4-431F924FE24C}) (Version: 4.0.6 - Transmission Project)
U.GG 1.15.4 (HKU\S-1-5-21-3383119089-1705184809-3219548888-1001\...\aca90cad-9059-53b1-8dc9-f846273ebdf3) (Version: 1.15.4 - Outplayed, Inc.)
UltraViewer version 6.6.108 (HKLM-x32\...\{E0FABD74-083B-47F4-AC5B-CA4237BF8913}_is1) (Version: 6.6.108 - DucFabulous)
UsbRepairTool (HKLM-x32\...\{F8762A81-32B5-4144-9F3C-9274F515A651}) (Version: 1.4.0.0 - Brother Industries, Ltd.) Hidden
Verbatim_SureFireGaming_Product (HKLM\...\{35CB65C6-A7E3-4EE7-AD40-738D70A72164}) (Version: 1.0.3.11 - Verbatim) Hidden
Viber (HKLM-x32\...\{97100214-60EE-495A-9CC2-90BB1E6B30C8}) (Version: 23.1.0.0 - 2010-2024 Viber Media S.a.r.l) Hidden
Viber (HKU\S-1-5-21-3383119089-1705184809-3219548888-1001\...\{849f08c5-6f5d-4499-8619-329346fdcf23}) (Version: 25.5.0.0 - 2010-2024 Viber Media S.a.r.l)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.21 - VideoLAN)
WD P40 Game Drive (HKLM\...\{EE55DBAE-ECDD-4ADD-AAB5-23DE848B0996}) (Version: 1.0.2.18 - Western Digital Corporation) Hidden
WeMod (HKU\S-1-5-21-3383119089-1705184809-3219548888-1001\...\WeMod) (Version: 10.9.0 - WeMod)
WinRAR 7.00 beta 3 64-bit (HKLM\...\WinRAR archiver) (Version: 7.00.3 - win.rar GmbH)

Packages:
=========
@{MicrosoftWindows.55182690.Taskbar_1000.26100.3775.0_x64__cw5n1h2txyewy?ms-resource://MicrosoftWindows.55182690.Taskbar/Resources/ProductPkgDisplayName} -> C:\WINDOWS\SystemApps\SxS\MicrosoftWindows.55182690.Taskbar_cw5n1h2txyewy [2025-06-17] ()
@{MicrosoftWindows.Client.CoreAI_1000.26100.4061.0_x64__cw5n1h2txyewy?ms-resource://MicrosoftWindows.Client.CoreAI/AIXHost/ClickToDo/AppDisplayName} -> C:\WINDOWS\SystemApps\MicrosoftWindows.Client.CoreAI_cw5n1h2txyewy [2025-06-17] (Microsoft Windows)
Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC [2025-01-16] ()
Akce kliknutím (náhled) -> C:\WINDOWS\SystemApps\MicrosoftWindows.Client.CoreAI_cw5n1h2txyewy [2025-06-17] (Microsoft Windows)
Balíček prostředí funkcí systému Windows -> C:\WINDOWS\SystemApps\SxS\MicrosoftWindows.54792954.Filons_cw5n1h2txyewy [2025-06-17] (Microsoft Windows)
Balíček prostředí funkcí systému Windows -> C:\WINDOWS\SystemApps\SxS\MicrosoftWindows.56978801.Voiess_cw5n1h2txyewy [2025-06-17] (Microsoft Windows)
Balíček prostředí funkcí systému Windows -> C:\WINDOWS\SystemApps\SxS\MicrosoftWindows.57058570.Speion_cw5n1h2txyewy [2025-06-17] (Microsoft Windows)
Balíček prostředí funkcí systému Windows -> C:\WINDOWS\SystemApps\SxS\MicrosoftWindows.57074914.Livtop_cw5n1h2txyewy [2025-06-17] (Microsoft Windows)
Camo Studio -> C:\Program Files\WindowsApps\ReincubateLtd.CamoStudio_2.1.340.0_x64__9bq3v28c93p4r [2025-01-15] (Reincubate) [Startup Task]
Dropbox -> C:\Program Files (x86)\Dropbox\Client\PackageAssets [2025-06-17] (Dropbox Inc.)
ESET Context Menu -> C:\Program Files\ESET\ESET Security [2025-06-17] (Sparse Package)
Gyazo -> C:\Program Files (x86)\Gyazo [2025-05-27] (Helpfeel Inc.)
GyazoReplay -> C:\Program Files (x86)\Gyazo [2025-05-27] (Helpfeel Inc.)
GyazoVideo -> C:\Program Files (x86)\Gyazo [2025-05-27] (Helpfeel Inc.)
Local Artificial Intelligence Manager -> C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\AI [2025-06-17] ()
Malwarebytes Anti-Malware -> C:\Program Files\Malwarebytes\Anti-Malware [2025-06-17] ()
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2024-12-25] (Microsoft Corporation) [MS Ad]
Microsoft.Edge.GameAssist -> C:\Program Files\WindowsApps\Microsoft.Edge.GameAssist_1.0.3336.0_x64__8wekyb3d8bbwe [2025-06-01] (Microsoft Corporation)
Microsoft.StartExperiencesApp -> C:\Program Files\WindowsApps\Microsoft.StartExperiencesApp_1.41.3.0_x64__8wekyb3d8bbwe [2025-06-17] (Microsoft Corporation)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.967.0_x64__56jybvy8sckqj [2024-12-25] (NVIDIA Corp.)
OfficePushNotificationsUtility -> C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16 [2025-06-17] ()
Python 3.13 -> C:\Program Files\WindowsApps\PythonSoftwareFoundation.Python.3.13_3.13.1008.0_x64__qbz5n2kfra8p0 [2025-05-11] (Python Software Foundation)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.51.347.0_x64__dt26b99r8h8gj [2025-01-18] (Realtek Semiconductor Corp)
SpotifyAB.SpotifyMusic -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.265.255.0_x64__zpdnekdrzrea0 [2025-06-17] (Spotify AB) [Startup Task]
WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2523.1.0_x64__cv1g1gvanyjgm [2025-06-17] (WhatsApp Inc.) [Startup Task]
WinRAR -> C:\Program Files\WinRAR [2024-09-06] (win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3383119089-1705184809-3219548888-1001_Classes\CLSID\{37617B42-AE24-4401-B1B7-6CADFA4227EB} -> [Dropbox] => E:\DropBoxWork\Dropbox [2023-01-29 18:24]
CustomCLSID: HKU\S-1-5-21-3383119089-1705184809-3219548888-1001_Classes\CLSID\{58624db6-e4cf-4ed6-a097-e489720c719b}\localserver32 -> C:\Program Files\TechSmith\Camtasia 2023\CamtasiaStudio.exe (TechSmith Corporation -> TechSmith Corporation)
CustomCLSID: HKU\S-1-5-21-3383119089-1705184809-3219548888-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => E:\DropBoxWork\Dropbox [2023-01-29 18:24]
CustomCLSID: HKU\S-1-5-21-3383119089-1705184809-3219548888-1001_Classes\CLSID\{FC197F59-C287-468F-9F74-AD71FAD7B5A7}\InprocServer32 -> C:\Program Files\Mozilla Thunderbird\notificationserver.dll (Mozilla Corporation -> Mozilla Foundation)
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.79.0.dll [2025-05-26] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.79.0.dll [2025-05-26] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.79.0.dll [2025-05-26] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.79.0.dll [2025-05-26] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.79.0.dll [2025-05-26] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.79.0.dll [2025-05-26] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.79.0.dll [2025-05-26] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.79.0.dll [2025-05-26] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.79.0.dll [2025-05-26] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.79.0.dll [2025-05-26] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.79.0.dll [2025-05-26] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.79.0.dll [2025-05-26] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.79.0.dll [2025-05-26] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.79.0.dll [2025-05-26] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.79.0.dll [2025-05-26] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.79.0.dll [2025-05-26] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.79.0.dll [2025-05-26] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.79.0.dll [2025-05-26] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.79.0.dll [2025-05-26] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.79.0.dll [2025-05-26] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2024-06-27] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.79.0.dll [2025-05-26] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2025-05-31] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2025-05-31] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2025-06-02] (Malwarebytes Inc -> Malwarebytes)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.79.0.dll [2025-05-26] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.79.0.dll [2025-05-26] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_d2629211e16b69ec\nvshext.dll [2025-02-27] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2024-06-27] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2025-05-31] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2025-06-02] (Malwarebytes Inc -> Malwarebytes)

[Karrex]

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2024-07-19 12:52 - 2016-11-25 11:18 - 000139264 _____ () [File not signed] C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2024-07-19 12:52 - 2024-05-14 11:29 - 000773632 _____ () [File not signed] C:\Program Files (x86)\Browny02\BrMonitor.dll
2024-07-19 12:52 - 2023-08-14 18:10 - 001875456 _____ () [File not signed] C:\Program Files (x86)\Browny02\Brother\BrStMonWRes.dll
2024-07-19 12:52 - 2024-02-22 09:52 - 000021504 _____ () [File not signed] C:\Program Files (x86)\Browny02\OfferingService.dll
2024-11-13 18:20 - 2025-05-19 02:06 - 000120832 _____ () [File not signed] C:\Program Files (x86)\Gyazo\GyazoVideo\MFVideoEncoder.dll
2025-05-07 07:17 - 2025-04-04 13:51 - 002574336 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung Magician\ffmpeg.dll
2025-05-07 07:18 - 2025-04-04 13:51 - 000379392 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung Magician\libegl.dll
2025-05-07 07:18 - 2025-04-04 13:51 - 006585344 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung Magician\libglesv2.dll
2025-05-07 07:18 - 2025-04-04 13:49 - 000144896 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung Magician\resources\app\dist\magutils-napi.node
2025-05-07 07:18 - 2025-04-04 13:49 - 000087040 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung Magician\resources\app\dist\magvibrancy-napi.node
2025-05-07 07:18 - 2025-04-04 13:49 - 000635904 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung Magician\resources\app\dist\uimpewrapper-napi.node
2024-07-19 13:34 - 2025-04-04 13:51 - 004512256 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung Magician\vk_swiftshader.dll
2024-07-19 13:34 - 2025-04-04 13:51 - 000815104 _____ () [File not signed] C:\Program Files (x86)\Samsung\Samsung Magician\vulkan-1.dll
2024-07-23 09:32 - 2005-04-22 13:36 - 000143360 _____ () [File not signed] C:\WINDOWS\system32\BrSNMP64.dll
2025-05-19 17:09 - 2025-05-19 17:09 - 000023552 _____ (.NET Foundation and Contributors.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Reac207edc4d#\fd1d39a4ea616cdc695e02df846b4dfc\System.Reactive.Interfaces.ni.dll
2025-05-19 17:09 - 2025-05-19 17:09 - 000485376 _____ (.NET Foundation and Contributors.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Reactive.Core\30746e5303447a86d32f58835fa3e27e\System.Reactive.Core.ni.dll
2025-05-19 17:09 - 2025-05-19 17:09 - 005931008 _____ (.NET Foundation and Contributors.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Reactive.Linq\c6fc5eae7264c504c7d04dcd72f57c70\System.Reactive.Linq.ni.dll
2024-07-19 13:29 - 2024-06-27 14:22 - 000021504 _____ (Adobe Systems Inc.) [File not signed] C:\Program Files\Adobe\Acrobat DC\Acrobat\locale\cs_cz\Acrobat Elements\ContextMenuShim64.cze
2024-07-19 12:52 - 2023-03-07 12:55 - 003391488 _____ (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\BroSNMP.dll
2024-07-23 09:32 - 2016-11-01 11:27 - 000090112 _____ (Brother Industries, Ltd.) [File not signed] C:\WINDOWS\system32\BrNetSti.dll
2025-05-23 17:16 - 2020-04-01 06:46 - 000037376 _____ (Guillemot Corporation) [File not signed] C:\Program Files (x86)\Thrustmaster\TARGET\cint.dll
2025-05-23 17:16 - 2016-04-14 04:46 - 001036800 _____ (Guillemot Corporation) [File not signed] C:\Program Files (x86)\Thrustmaster\TARGET\TmCommon.dll
2025-05-23 17:16 - 2024-09-09 21:09 - 000192000 _____ (Guillemot Corporation) [File not signed] C:\Program Files (x86)\Thrustmaster\TARGET\TmHidControl.dll
2024-07-29 14:57 - 2024-07-29 14:57 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems64.dll] C:\Program Files\Microsoft Office\Root\Office16\AppVIsvSubsystems64.dll
2024-07-29 14:57 - 2024-07-29 14:57 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R64.dll] C:\Program Files\Microsoft Office\Root\Office16\c2r64.dll
2025-05-19 17:09 - 2025-05-19 17:09 - 003109376 _____ (Newtonsoft) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Newtonsoft.Json\2cc2d93f1c29f86cde4d39530063b374\Newtonsoft.Json.ni.dll
2024-12-28 15:37 - 2025-05-14 11:30 - 000000000 ____L (NVIDIA Corporation) [symlink -> C:\Program Files\NVIDIA Corporation\NVIDIA App\MessageBus\NvMessageBusBroadcast.dll] C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem\NvMessageBusBroadcast.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller.lnk:93337121EE [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk:1FA7E99ECA [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop 2024.lnk:D6CCC992C2 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk:BE32D07BC5 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk:B96E9B8455 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk:1DC1525F34 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Transmission Qt Client.lnk:F362B48BC7 [3442]
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk:7AD7FA8AB1 [3442]

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\amsdk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\amsdk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) =============

BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2024-09-06] (Adobe Inc. -> Adobe Systems Incorporated)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2024-09-06] (Adobe Inc. -> Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2025-06-17] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2024-09-06] (Adobe Inc. -> Adobe Systems Incorporated)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2024-09-06] (Adobe Inc. -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2024-09-06] (Adobe Inc. -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2024-09-06] (Adobe Inc. -> Adobe Systems Incorporated)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2025-06-17] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2025-06-17] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2025-06-17] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2025-06-17] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2025-06-17] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2025-06-17] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2025-06-17] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2025-06-17] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-12-07 11:14 - 2025-06-17 20:26 - 000000841 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3383119089-1705184809-3219548888-1001\Control Panel\Desktop\\Wallpaper -> D:\Obrázky\pozadilmws.png
DNS Servers: 192.168.0.2
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is disabled.

Network Binding:
=============
Ethernet: Realtek Gaming 2.5GbE Family Controller -> rt25cx21x64.sys

INSECURE_NPF: Npcap Packet Driver (NPF)
INSECURE_NPCAP: Npcap Packet Driver (NPCAP)

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{3C35DA88-2C43-4736-BDB5-6D87DD6DEF51}] => (Allow) C:\Program Files (x86)\AnyViewer\avcore.exe => No File
FirewallRules: [{9DFA8212-2687-4045-9C13-46133DEC875E}] => (Allow) C:\Program Files (x86)\AnyViewer\avcore.exe => No File
FirewallRules: [{8A09E5A4-153A-47C7-B84A-0AC0B8B5DD7B}] => (Allow) C:\Program Files (x86)\AnyViewer\RCClient.exe => No File
FirewallRules: [{7FDCA083-D28C-4FFE-B235-2F287ED6F297}] => (Allow) C:\Program Files (x86)\AnyViewer\RCClient.exe => No File
FirewallRules: [UDP Query User{A191F166-4C93-41CB-8CF8-F9141245ECD2}C:\program files\transmission\transmission-qt.exe] => (Allow) C:\program files\transmission\transmission-qt.exe (SignPath Foundation -> Transmission Project)
FirewallRules: [TCP Query User{1A9519F4-ACB9-42F4-B940-D2E6888FDE18}C:\program files\transmission\transmission-qt.exe] => (Allow) C:\program files\transmission\transmission-qt.exe (SignPath Foundation -> Transmission Project)
FirewallRules: [UDP Query User{2745F322-911A-4B4F-A85B-F78FE0360179}C:\users\lm\desktop\unv\ipc-search-tool.exe] => (Allow) C:\users\lm\desktop\unv\ipc-search-tool.exe => No File
FirewallRules: [TCP Query User{90B027F8-1FC5-47E9-AC37-8ACDB12047E7}C:\users\lm\desktop\unv\ipc-search-tool.exe] => (Allow) C:\users\lm\desktop\unv\ipc-search-tool.exe => No File
FirewallRules: [UDP Query User{FD371E9B-1A06-482E-8FC7-7255343515D4}C:\program files (x86)\internet explorer\iexplore.exe] => (Allow) C:\program files (x86)\internet explorer\iexplore.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{62B4A8BB-4AE9-4BF0-8CDD-16BE14255D17}C:\program files (x86)\internet explorer\iexplore.exe] => (Allow) C:\program files (x86)\internet explorer\iexplore.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{1D2CA80D-1E5D-4BB6-938E-F7DCE1332205}C:\users\lm\desktop\unv\eztelnettool\eztelnettool.exe] => (Allow) C:\users\lm\desktop\unv\eztelnettool\eztelnettool.exe => No File
FirewallRules: [TCP Query User{128745A1-226E-443D-8121-CBF033FE4932}C:\users\lm\desktop\unv\eztelnettool\eztelnettool.exe] => (Allow) C:\users\lm\desktop\unv\eztelnettool\eztelnettool.exe => No File
FirewallRules: [{D0DEA99D-3D32-47EF-887A-8559DB912522}] => (Allow) C:\Users\LM\Desktop\UNV\putty.exe => No File
FirewallRules: [{6BF3E7EF-C422-4939-A811-093F760D58B0}] => (Allow) C:\Users\LM\Desktop\UNV\putty.exe => No File
FirewallRules: [{24BA7C58-C536-42E2-A61E-D9B7555CF205}] => (Allow) C:\Users\LM\Desktop\UNV\putty.exe => No File
FirewallRules: [{C6698655-7178-4351-A717-17CF2DD50657}] => (Allow) C:\Users\LM\Desktop\UNV\putty.exe => No File
FirewallRules: [{472BFF9F-4CC3-4306-8B8F-36EDB8F181BE}] => (Allow) C:\Users\LM\Desktop\UNV\tftpd32.exe => No File
FirewallRules: [{48267196-092C-43C0-8B07-8D8A630897C0}] => (Allow) C:\Users\LM\Desktop\UNV\tftpd32.exe => No File
FirewallRules: [{1BB8D8A1-1006-476D-BDCB-002C554882C9}] => (Allow) C:\Users\LM\Desktop\UNV\tftpd32.exe => No File
FirewallRules: [{8C3E24F2-EDB1-4875-99F0-C502105B9C1B}] => (Allow) C:\Users\LM\Desktop\UNV\tftpd32.exe => No File
FirewallRules: [{2BA7014A-C83F-4C99-B332-248D8B2F48D3}] => (Allow) F:\SteamLibrary\steamapps\common\Fall Guys\FallGuysEACLauncher.exe => No File
FirewallRules: [{93723345-4812-4132-83BC-9A343777599B}] => (Allow) F:\SteamLibrary\steamapps\common\Fall Guys\FallGuysEACLauncher.exe => No File
FirewallRules: [{C46EF4C1-AC64-4683-B536-A11DF560F870}] => (Allow) F:\SteamLibrary\steamapps\common\Fall Guys\FallGuys_client_game.exe () [File not signed]
FirewallRules: [{471606F8-6C46-4E8F-B1C2-5BC94E13CF93}] => (Allow) F:\SteamLibrary\steamapps\common\Fall Guys\FallGuys_client_game.exe () [File not signed]
FirewallRules: [{79EE6B1C-49D5-4F67-B787-A4AA0198F8A5}] => (Block) C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe => No File
FirewallRules: [{EF38FA69-E615-4F9F-AB91-A77BEC24BE0B}] => (Block) C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe => No File
FirewallRules: [{95295D4E-75ED-443E-963E-B1B2125B6E1A}] => (Block) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Inc. -> Adobe Inc.)
FirewallRules: [{88148A23-FCA6-43F4-AEEE-0A954E8D1C41}] => (Block) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Inc. -> Adobe Inc.)
FirewallRules: [{81E02621-EB6A-4794-8C7D-3715CD2C0978}] => (Block) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARMHelper.exe (Adobe Inc. -> Adobe Inc.)
FirewallRules: [{7E97F865-A8EB-4B52-A6E3-B2B157223205}] => (Block) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARMHelper.exe (Adobe Inc. -> Adobe Inc.)
FirewallRules: [{6B0606A0-D0FF-49E3-9A91-3A9ABE119DCA}] => (Block) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Inc. -> Adobe Inc.)
FirewallRules: [{C6B1533F-F35E-4891-AD6F-8ACD030F7D29}] => (Block) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Inc. -> Adobe Inc.)
FirewallRules: [{6654B4BC-41F7-4E09-8B31-F1E501CB5B31}] => (Block) C:\Program Files\Adobe\Acrobat DC\Acrobat\acrotray.exe (Adobe Inc. -> Adobe Systems Inc.) [File not signed]
FirewallRules: [{2AF028CA-A5D0-4441-80D6-DE74B031A5F5}] => (Block) C:\Program Files\Adobe\Acrobat DC\Acrobat\acrotray.exe (Adobe Inc. -> Adobe Systems Inc.) [File not signed]
FirewallRules: [{CAFD422A-4886-488A-8C49-7B4C6F241E6B}] => (Block) C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe (Adobe Inc. -> Adobe Systems Incorporated)
FirewallRules: [{AC1CB10A-A614-4EDE-B9BC-DCF41B5E468F}] => (Block) C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe (Adobe Inc. -> Adobe Systems Incorporated)
FirewallRules: [{23A98189-52DB-44D9-BBFA-3BAAF46BBA12}] => (Allow) LPort=1688
FirewallRules: [{11BA6372-E8A4-4C84-8934-B80C10DD7978}] => (Allow) G:\SteamLibrary\steamapps\common\Skyrim Special Edition\SkyrimSELauncher.exe (Bethesda Softworks) [File not signed]
FirewallRules: [{3975B557-3493-4EDF-9A5B-FE28CFF0E3F9}] => (Allow) G:\SteamLibrary\steamapps\common\Skyrim Special Edition\SkyrimSELauncher.exe (Bethesda Softworks) [File not signed]
FirewallRules: [{44CE0CE4-F270-4B96-87A3-0B1D11706EAB}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\fuscript.exe => No File
FirewallRules: [{6F8D20F2-497E-4914-93CD-FDCBAF502138}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\ElementsPanelDaemon.exe => No File
FirewallRules: [{A5174675-D491-4DB6-A617-9763DC410551}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\TangentPanelDaemon.exe => No File
FirewallRules: [{AF5083D9-F725-41E4-A9A4-AD1E4D2CC8B4}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\EuphonixPanelDaemon.exe => No File
FirewallRules: [{114B0165-497B-4B1A-BB86-BE2543367154}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\JLCooperPanelDaemon.exe => No File
FirewallRules: [{854A8D68-9D38-46FA-A687-8DE066EFF42A}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\DaVinciPanelDaemon.exe => No File
FirewallRules: [{B8642719-BD8D-4DE3-AA3B-E7F4576C35E9}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\bmdpaneld.exe => No File
FirewallRules: [{AE9AC529-06A8-4DA4-8D22-28AFC5C17D9D}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\Resolve.exe => No File
FirewallRules: [{45ED1EA3-C866-4327-BE07-B35D7AE52CD7}] => (Allow) c:\program files (x86)\pc-faxreceive\brengineprocess.exe (Brother Industries, Ltd.) [File not signed]
FirewallRules: [{A18499F5-B009-42B0-AE54-E69036A74FB9}] => (Allow) c:\program files (x86)\pc-faxreceive\brengineprocess.exe (Brother Industries, Ltd.) [File not signed]
FirewallRules: [{677E8F1B-ABB7-4FE0-A990-4314C3C86B33}] => (Allow) LPort=54955
FirewallRules: [{EEADA937-2956-4B99-9A52-8A550FFCD981}] => (Allow) LPort=54950
FirewallRules: [{DB863EE2-8E66-4F0D-838D-3162F636DE73}] => (Allow) LPort=54925
FirewallRules: [UDP Query User{EFCF87A9-0A00-4C5F-A73D-B8567937BBF8}C:\users\lm\appdata\local\temp\anyviewer\rcclient.exe] => (Allow) C:\users\lm\appdata\local\temp\anyviewer\rcclient.exe => No File
FirewallRules: [TCP Query User{E5ED8AB5-9955-4079-8D8A-2B40CB94F00E}C:\users\lm\appdata\local\temp\anyviewer\rcclient.exe] => (Allow) C:\users\lm\appdata\local\temp\anyviewer\rcclient.exe => No File
FirewallRules: [{825783EE-1AC8-47C4-ADDD-4EE875D93397}] => (Block) C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe => No File
FirewallRules: [{060CD0D8-F043-487B-8E67-55F3FEA905B3}] => (Block) C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe => No File
FirewallRules: [{F25C7F67-30A6-49C7-92F8-A947453030AB}] => (Block) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Inc. -> Adobe Inc.)
FirewallRules: [{178FD164-5EC1-43F3-B863-5401BE974546}] => (Block) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Inc. -> Adobe Inc.)
FirewallRules: [{C2C702C3-EC6B-460D-9EC6-6316B5A479FF}] => (Block) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARMHelper.exe (Adobe Inc. -> Adobe Inc.)
FirewallRules: [{C85ECB34-3D1B-4B20-924B-6BFFEDF22034}] => (Block) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARMHelper.exe (Adobe Inc. -> Adobe Inc.)
FirewallRules: [{80C14B46-E37F-4AB4-B837-4A08E56FD293}] => (Block) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Inc. -> Adobe Inc.)
FirewallRules: [{114B4BF0-3BC7-451E-93E1-81C53C6A1505}] => (Block) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Inc. -> Adobe Inc.)
FirewallRules: [{326A3C43-2871-44B7-B094-4F7F30AD313C}] => (Block) C:\Program Files\Adobe\Acrobat DC\Acrobat\acrotray.exe (Adobe Inc. -> Adobe Systems Inc.) [File not signed]
FirewallRules: [{1BF3E22F-1C49-4EAE-9E51-3CFEE22C300C}] => (Block) C:\Program Files\Adobe\Acrobat DC\Acrobat\acrotray.exe (Adobe Inc. -> Adobe Systems Inc.) [File not signed]
FirewallRules: [{C4711AD7-AC2C-4896-AEB8-8D1CDC753192}] => (Block) C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe (Adobe Inc. -> Adobe Systems Incorporated)
FirewallRules: [{15B92DC9-4F9C-44EE-B7EF-618EFEE5DFC8}] => (Block) C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe (Adobe Inc. -> Adobe Systems Incorporated)
FirewallRules: [{FB90E013-314E-4EF5-A124-74FB536535A3}] => (Allow) C:\Program Files\GIGABYTE\Control Center\GCC.exe (GIGA-BYTE TECHNOLOGY CO., LTD. -> )
FirewallRules: [{F00FDA16-7226-46A2-BB91-8D3FAC53F7F1}] => (Allow) C:\Program Files (x86)\Steam\steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{BC401E66-CEDF-41FC-B41B-0964676B97FF}] => (Allow) C:\Program Files (x86)\Steam\steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{45DF01AB-E666-439C-A220-D73AC81D8D7A}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{D29117CB-3E85-4F86-8113-64A48D7700D9}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{1701F67A-8CED-47A1-A5C2-EF7CD824C7CA}] => (Allow) F:\SteamLibrary\steamapps\common\rocketleague\Binaries\Win64\RocketLeague.exe (Psyonix, LLC) [File not signed]
FirewallRules: [{95B5F253-ADC6-481D-8F04-1E7B62A77D5F}] => (Allow) F:\SteamLibrary\steamapps\common\rocketleague\Binaries\Win64\RocketLeague.exe (Psyonix, LLC) [File not signed]
FirewallRules: [{931593C2-A176-4877-9A33-6F1CF0909133}] => (Allow) C:\Program Files\WindowsApps\MSTeams_24295.605.3225.8804_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{416053DA-6BAD-4FE2-B43C-DFFA0A2F5B3B}] => (Allow) C:\Program Files\WindowsApps\MSTeams_24295.605.3225.8804_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{252DFBA9-3044-48BB-AC4D-F1D922624E56}] => (Allow) C:\Program Files\WindowsApps\ReincubateLtd.CamoStudio_2.1.340.0_x64__9bq3v28c93p4r\CamoStudio.exe (3699905D-9A67-4D0C-A440-7BC4023B2C93 -> Reincubate)
FirewallRules: [{55B449A9-F772-4700-975E-7F0AEF4C719C}] => (Allow) C:\Program Files\WindowsApps\ReincubateLtd.CamoStudio_2.1.340.0_x64__9bq3v28c93p4r\CamoStudio.exe (3699905D-9A67-4D0C-A440-7BC4023B2C93 -> Reincubate)
FirewallRules: [FPS-SpoolWorker-In-TCP] => (Allow) C:\WINDOWS\system32\spoolsvworker.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [FPS-SpoolWorker-In-TCP-V2] => (Allow) C:\WINDOWS\system32\spoolsvworker.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [FPS-SpoolWorker-In-TCP-NoScope] => (Allow) C:\WINDOWS\system32\spoolsvworker.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{C3953230-5D0A-40DB-9777-76B068BECBC1}] => (Allow) D:\SteamLibrary\steamapps\common\Albion Online\launcher\AlbionLauncher.exe => No File
FirewallRules: [{A67EFB21-159C-4EC3-A8BF-E1BA40450079}] => (Allow) D:\SteamLibrary\steamapps\common\Albion Online\launcher\AlbionLauncher.exe => No File
FirewallRules: [{2A8F1778-2F54-4EE8-BCBE-47697E47F302}] => (Allow) F:\SteamLibrary\steamapps\common\Albion Online\launcher\AlbionLauncher.exe => No File
FirewallRules: [{5E453393-9B2D-4163-BBA3-00D8340E2F77}] => (Allow) F:\SteamLibrary\steamapps\common\Albion Online\launcher\AlbionLauncher.exe => No File
FirewallRules: [{DB893315-ACFB-42BE-8111-51A78F36F596}] => (Allow) C:\WINDOWS\system32\spoolsvworker.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{619F924B-9BEA-4350-BEBE-BD91F13CD941}] => (Allow) C:\Program Files (x86)\PingPlotter 5\PingPlotter.exe (Pingman Tools LLC -> )
FirewallRules: [{723CEBAA-243C-4367-804D-19531C2F6506}] => (Allow) C:\Program Files (x86)\PingPlotter 5\PingPlotter.exe (Pingman Tools LLC -> )
FirewallRules: [{66C44D6D-BD49-449D-8E22-B1EC3DD45A28}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{758BC193-C488-4324-827F-F8FD09A1E081}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{C9ED6822-5B40-421C-B922-7EB0F00F9617}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{C1B9C5C8-470C-41BF-AE54-BDB39EA29DA5}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\137.0.3296.83\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4A8DFC89-2538-4060-BA66-45FD8FADBE63}] => (Allow) C:\WINDOWS\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\WindowsBackupClient.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{957A9B90-9DB0-45C5-A52A-94FEBB83319A}] => (Allow) C:\WINDOWS\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\WindowsBackupClient.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{C187E9E0-9B69-417B-B25B-EE586EBB81E0}] => (Allow) C:\WINDOWS\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\WindowsBackupClient.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{74202348-B2E6-4278-8FDA-D191C25213E4}] => (Allow) C:\WINDOWS\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\WindowsBackupClient.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{77C14293-548B-4195-8EF9-9195D60B2E2A}] => (Allow) C:\WINDOWS\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\WindowsBackupClient.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{4801BC2F-D17C-4AEE-A623-DC93684082D6}] => (Allow) C:\WINDOWS\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\WindowsBackupClient.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{5F7ADF7B-40E2-4256-9C1A-9BA3A5876FF7}] => (Allow) C:\WINDOWS\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\WindowsBackupClient.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{F59418F5-2620-499B-9772-37D03F8DAE03}] => (Allow) C:\WINDOWS\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\WindowsBackupClient.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{7CF21CA7-FCE1-4353-AF50-ADDE73CAFE1B}] => (Allow) C:\WINDOWS\SystemApps\MicrosoftWindows.Client.OOBE_cw5n1h2txyewy\OobeHostApp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{0E9ED793-4295-446E-92AB-F00DB99C7681}] => (Allow) C:\WINDOWS\SystemApps\MicrosoftWindows.Client.OOBE_cw5n1h2txyewy\OobeHostApp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{6C128849-C437-4CED-B9B9-E02BD251A5FF}] => (Allow) C:\WINDOWS\SystemApps\MicrosoftWindows.Client.OOBE_cw5n1h2txyewy\OobeHostApp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{CF4F6BD4-2FF3-4F23-A963-356502E3E47E}] => (Allow) C:\WINDOWS\SystemApps\MicrosoftWindows.Client.OOBE_cw5n1h2txyewy\OobeHostApp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{E04A1505-8E61-4357-85CF-BE507ED039C5}] => (Allow) C:\WINDOWS\SystemApps\MicrosoftWindows.Client.OOBE_cw5n1h2txyewy\OobeHostApp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{19C59011-4430-46B3-8709-B3010603A467}] => (Allow) C:\WINDOWS\SystemApps\MicrosoftWindows.Client.OOBE_cw5n1h2txyewy\OobeHostApp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{DDF34F24-89CE-423F-9DC7-46BABD737B78}] => (Allow) C:\WINDOWS\SystemApps\MicrosoftWindows.Client.OOBE_cw5n1h2txyewy\OobeHostApp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{601FD156-3740-45D5-97C3-CD2FDA89F938}] => (Allow) C:\WINDOWS\SystemApps\MicrosoftWindows.Client.OOBE_cw5n1h2txyewy\OobeHostApp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{90D86641-F2EE-4CA2-A722-5B0BFD05FEFD}] => (Allow) C:\WINDOWS\system32\spoolsvworker.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{2C097141-D030-44AF-B0A6-0290476D0B26}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.265.255.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{DEA2EBB5-E267-4506-A6BA-EE634FE29021}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.265.255.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{DEB75392-1552-4055-88A1-CD1C8A020FD9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.265.255.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{A753D2BF-EFBB-42BD-8CCE-2DF88C851A9F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.265.255.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{F3FAE05B-3BB4-41F5-94CC-9254E7BF1332}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.265.255.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{92CDAC36-C424-4593-8733-D222A5FC9D05}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.265.255.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{029F1050-4A4D-413C-973F-96CB0FA452DE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.265.255.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{E70F757A-91AB-429B-BD51-E8AA8859464D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.265.255.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{D34BC014-B008-4138-B2BA-60163B4218B2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.265.255.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{7229B56C-F2D9-4105-A66B-9AB482DD3E56}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.265.255.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)

==================== Restore Points =========================

17-06-2025 21:06:19 Windows Update

==================== Faulty Device Manager Devices ============

==================== Event log errors: ========================

Application errors:
==================
Error: (06/17/2025 08:48:12 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro WORKGROUP\DESKTOP-8D4LOVK$ přes https://AMD-KeyId-907d65e9b562315997dd5 ... s/Aik/scep se nepovedla:

GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-907d65e9b562315997dd5ad086b2b7598957b92c.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Tue, 17 Jun 2025 18:48:11 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 2df84990-9286-406b-a7cb-36476176789b

Metoda: GET(797ms)
Fáze: GetCACaps
Nenalezeno (404) 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)

Error: (06/17/2025 08:48:11 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro Místní systém přes https://AMD-KeyId-907d65e9b562315997dd5 ... s/Aik/scep se nepovedla:

GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-907d65e9b562315997dd5ad086b2b7598957b92c.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Tue, 17 Jun 2025 18:48:10 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 969c3188-58b6-4b13-a647-43c3492010cf

Metoda: GET(1187ms)
Fáze: GetCACaps
Nenalezeno (404) 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)

Error: (06/17/2025 08:48:10 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro WORKGROUP\DESKTOP-8D4LOVK$ přes https://AMD-KeyId-907d65e9b562315997dd5 ... s/Aik/scep se nepovedla:

GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-907d65e9b562315997dd5ad086b2b7598957b92c.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Tue, 17 Jun 2025 18:48:09 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 67d0b710-74da-4550-8e89-f57290e7d412

Metoda: GET(1187ms)
Fáze: GetCACaps
Nenalezeno (404) 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)

Error: (06/17/2025 08:48:04 PM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Wait Workflow Commands request from device.

Error: (06/17/2025 08:48:04 PM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Start Broadcast Receiver Server...

Error: (06/17/2025 08:48:04 PM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Start Server...

Error: (06/17/2025 08:48:04 PM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Start Server...

Error: (06/17/2025 08:48:04 PM) (Source: WorkflowAppControl) (EventID: 32767) (User: )
Description: Host.AddressList[1]: 127.0.0.1


System errors:
=============
Error: (06/17/2025 09:09:03 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: Název WORKGROUP :1d nelze zaregistrovat v rozhraní s IP adresou 192.168.0.11.
Počítač s IP adresou 192.168.0.5 nepovolil získání názvu
tímto počítačem.

Error: (06/17/2025 09:09:03 PM) (Source: BROWSER) (EventID: 8009) (User: )
Description: Prohledávač se nemůže povýšit na hlavní prohledávač. Za hlavní prohledávač
se aktuálně považuje počítač LM-NAS.

Error: (06/17/2025 09:03:53 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: Název WORKGROUP :1d nelze zaregistrovat v rozhraní s IP adresou 192.168.0.11.
Počítač s IP adresou 192.168.0.5 nepovolil získání názvu
tímto počítačem.

Error: (06/17/2025 08:58:43 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: Název WORKGROUP :1d nelze zaregistrovat v rozhraní s IP adresou 192.168.0.11.
Počítač s IP adresou 192.168.0.5 nepovolil získání názvu
tímto počítačem.

Error: (06/17/2025 08:56:27 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Stínové kopie svazku C: byly přerušeny, protože z důvodu limitu stanoveného uživatelem se nepodařilo zvětšit úložiště stínové kopie.

Error: (06/17/2025 08:53:33 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: Název WORKGROUP :1d nelze zaregistrovat v rozhraní s IP adresou 192.168.0.11.
Počítač s IP adresou 192.168.0.5 nepovolil získání názvu
tímto počítačem.

Error: (06/17/2025 08:53:03 PM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1796) (User: NT AUTHORITY)
Description: The Secure Boot update failed to update a Secure Boot variable with error (-2147020471 = Zabezpečené spouštění není v tomto počítači zapnuto.). For more information, please see https://go.microsoft.com/fwlink/?linkid=2169931

Error: (06/17/2025 08:53:03 PM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1796) (User: NT AUTHORITY)
Description: The Secure Boot update failed to update a Secure Boot variable with error (-2147020471 = Zabezpečené spouštění není v tomto počítači zapnuto.). For more information, please see https://go.microsoft.com/fwlink/?linkid=2169931


Windows Defender:
================
Date: 2025-05-29 11:38:04
Description:
Prohledávání Microsoft Defender Antivirus bylo zastaveno před dokončením.
KOntrola ID: {03BED51D-1DA7-4CA8-8BCE-DDB1B95DD0B7}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Důvod zastavení: Şсħęđüłєð ščдñ шåš śκīрρėď вэċäûšě τћě ℓãšŧ ŝџçčĕśѕƒŭŀ šçãņ ωąŝ ŵìťĥīñ тћє łàśŧ 7 δàўş

Date: 2025-05-28 14:37:22
Description:
Prohledávání Microsoft Defender Antivirus bylo zastaveno před dokončením.
KOntrola ID: {16268011-E334-4EA9-8BDE-883EB0C67C96}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Důvod zastavení: Şсħęđüłєð ščдñ шåš śκīрρėď вэċäûšě τћě ℓãšŧ ŝџçčĕśѕƒŭŀ šçãņ ωąŝ ŵìťĥīñ тћє łàśŧ 7 δàўş

Date: 2025-05-25 09:57:03
Description:
Prohledávání Microsoft Defender Antivirus bylo zastaveno před dokončením.
KOntrola ID: {C7DCDB20-0C17-438C-ADF6-40B5571E479A}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Důvod zastavení: Şсħęđüłєð ščдñ шåš śκīрρėď вэċäûšě τћě ℓãšŧ ŝџçčĕśѕƒŭŀ šçãņ ωąŝ ŵìťĥīñ тћє łàśŧ 7 δàўş

Date: 2025-05-24 09:08:56
Description:
Prohledávání Microsoft Defender Antivirus bylo zastaveno před dokončením.
KOntrola ID: {CC641F54-70EF-430B-BDD4-BCFE0296CA00}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Důvod zastavení: Şсħęđüłєð ščдñ шåš śκīрρėď вэċäûšě τћě ℓãšŧ ŝџçčĕśѕƒŭŀ šçãņ ωąŝ ŵìťĥīñ тћє łàśŧ 7 δàўş

Date: 2025-05-23 08:09:19
Description:
Prohledávání Microsoft Defender Antivirus bylo zastaveno před dokončením.
KOntrola ID: {41AD6100-896D-4D22-AE76-E51AE3EA0914}
Typ prohledávání: Antimalware
Parametry prohledávání: Quick Scan
Uživatel: NT AUTHORITY\SYSTEM
Důvod zastavení: %12
Event[0]

Date: 2025-05-30 20:39:13
Description:
Microsoft Defender Antivirus narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.429.239.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.25040.1
Kód chyby: 0x8024402c
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

CodeIntegrity:
===============
Date: 2025-06-17 21:12:28
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Windows signing level requirements.

Date: 2025-06-17 21:08:40
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SecurityHealthService.exe) attempted to load \Device\HarddiskVolume3\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Windows signing level requirements.


==================== Memory info ===========================

BIOS: American Megatrends International, LLC. F16g 09/20/2023
Motherboard: Gigabyte Technology Co., Ltd. B550 AORUS ELITE V2
Processor: AMD Ryzen 9 5900X 12-Core Processor
Percentage of memory in use: 18%
Total physical RAM: 65436.01 MB
Available physical RAM: 53570.05 MB
Total Virtual: 69532.01 MB
Available Virtual: 55851.88 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:848.16 GB) (Free:599.23 GB) (Model: Samsung SSD 980 PRO 1TB) NTFS
Drive d: (Data) (Fixed) (Total:931.51 GB) (Free:408.02 GB) (Model: ST1000DM003-1ER162) NTFS
Drive e: (Data2) (Fixed) (Total:1863 GB) (Free:1171.51 GB) (Model: ST2000DM008-2UB102) NTFS
Drive f: (Kingston) (Fixed) (Total:447.13 GB) (Free:234.5 GB) (Model: KINGSTON SA400S37480G) NTFS
Drive g: (NVME) (Fixed) (Total:900 GB) (Free:371.08 GB) (Model: SAMSUNG MZVLB1T0HALR-00000) NTFS

\\?\Volume{a078d3b5-6e22-46a8-a3cf-b011bd577671}\ () (Fixed) (Total:0.81 GB) (Free:0.23 GB) NTFS
\\?\Volume{c3083d91-c7ae-424a-b750-a6501101c80e}\ () (Fixed) (Total:0.09 GB) (Free:0.06 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 447.1 GB) (Disk ID: DE6F3C17)
Partition 1: (Not Active) - (Size=447.1 GB) - (Type=07 NTFS)

==========================================================
Disk: 1 (Protective MBR) (Size: 1863 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 2 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 0942AF29)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==========================================================
Disk: 3 (Size: 953.9 GB) (Disk ID: D8E33698)

Partition: GPT.

==========================================================
Disk: 4 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================