Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 06-11-2022
Ran by Bernt (administrator) on KRUTOG (Dell Inc. OptiPlex 5040) (07-11-2022 14:12:12)
Running from C:\Users\Meiner\Desktop
Loaded Profiles: Bernt
Platform: Microsoft Windows 10 Pro Version 22H2 19045.2193 (X64) Language: Czech (Czechia) -> English (United States)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\acrocef_1\RdrCEF.exe <5>
(C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe ->) (Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(C:\Program Files\Bitdefender\Endpoint Security\epsecurityservice.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Endpoint Security\epconsole.exe
(C:\Program Files\Bitdefender\Endpoint Security\epsecurityservice.exe ->) (S.C. BITDEFENDER S.R.L. -> Bitdefender) C:\Program Files\Bitdefender\Endpoint Security\ephost.integrity.exe
(C:\Program Files\Dell\Dell Data Protection\Authentication\Bin\DpHostW.exe ->) (DigitalPersona, Inc. -> DigitalPersona, Inc.) C:\Program Files\Dell\Dell Data Protection\Authentication\Bin\DpCardEngine.exe
(C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\MKCHelper.exe
(C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <4>
(C:\Program Files\Synaptics\SynFP\SynaFPService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated.) C:\Program Files\Synaptics\SynFP\SynaU2F.exe
(DriverStore\FileRepository\cui_dch.inf_amd64_b18a4e283f67c0b5\igfxCUIService.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_b18a4e283f67c0b5\igfxEM.exe
(EMC Corporation -> EMC Corporation) C:\Program Files (x86)\EMC Captiva\Captiva Cloud Runtime\Emc.Captiva.WebToolkitHost.exe
(explorer.exe ->) (Agilebits -> 1Password) C:\Users\Meiner\AppData\Local\1Password\app\8\1Password.exe <3>
(explorer.exe ->) (AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
(explorer.exe ->) (Google LLC -> ) C:\Program Files\Google\Drive File Stream\65.0.4.0\crashpad_handler.exe <2>
(explorer.exe ->) (Google LLC -> Google, Inc.) C:\Program Files\Google\Drive File Stream\65.0.4.0\GoogleDriveFS.exe <7>
(explorer.exe ->) (Michael Maltsev -> Ramen Software) C:\Users\Meiner\AppData\Roaming\7+ Taskbar Tweaker\7+ Taskbar Tweaker.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <19>
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(explorer.exe ->) (Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(services.exe ->) () [File not signed] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
(services.exe ->) (Acronis International GmbH -> ) C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\anti_ransomware_service.exe
(services.exe ->) (Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(services.exe ->) (Autodesk, Inc. -> Autodesk Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe
(services.exe ->) (AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(services.exe ->) (bit4id srl - hxxp://www.bit4id.com) [File not signed] C:\Windows\SysWOW64\k4hidconvert.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\redline\bdredline.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Endpoint Security\bdredline.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Endpoint Security\epintegrationservice.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Endpoint Security\epprotectedservice.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Endpoint Security\epsecurityservice.exe
(services.exe ->) (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Endpoint Security\epupdateservice.exe
(services.exe ->) (Cisco Systems, Inc. -> Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(services.exe ->) (CyberLink -> ) C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(services.exe ->) (CyberLink Corp. -> CyberLink) C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(services.exe ->) (DASSAULT SYSTEMES SE -> Dassault Systemes) E:\Programs\Dassault Systemes\B32 CATIA V5-6R2022\win_b64\code\bin\CATSysDemon.exe
(services.exe ->) (Dell Inc -> ) C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe
(services.exe ->) (Dell Inc -> CREDANT Technologies, Inc.) C:\Program Files\Dell\Dell Data Protection\Client Security Framework\Dell.SecurityFramework.Agent.exe
(services.exe ->) (Dell Inc -> Dell Inc.) C:\Program Files\Dell\Dell Data Protection\Client Security Framework\DCF.Loader.exe
(services.exe ->) (Dell Inc -> Dell, Inc.) C:\Program Files\Dell\Dell Data Protection\Client Security Framework\Dell.SecurityFramework.LocalServer.exe
(services.exe ->) (Dell Inc. -> Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(services.exe ->) (Dell Inc. -> Dell Products, LP.) C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
(services.exe ->) (Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(services.exe ->) (Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
(services.exe ->) (Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(services.exe ->) (DigitalPersona, Inc. -> DigitalPersona, Inc.) C:\Program Files\Dell\Dell Data Protection\Authentication\Bin\DpHostW.exe
(services.exe ->) (EMC Corporation -> EMC Corporation) C:\Program Files (x86)\EMC Captiva\Captiva Cloud Runtime\Emc.Captiva.WebCaptureService.exe
(services.exe ->) (FabulaTech, LLP -> ) C:\Program Files\Common Files\VMware\DeviceRedirectionCommon\ftnlsv.exe
(services.exe ->) (FabulaTech, LLP -> ) C:\Program Files\Common Files\VMware\ScannerRedirection\ftscanmgrhv.exe
(services.exe ->) (FabulaTech, LLP -> VMware) C:\Program Files\Common Files\VMware\SerialPortRedirection\Client\vmwsprrdpwks.exe
(services.exe ->) (gemalto -> Gemalto) C:\Program Files\SafeNet\Authentication\SAC\x64\SACSRV.exe
(services.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome Remote Desktop\107.0.5304.19\remoting_host.exe <2>
(services.exe ->) (Huawei Technologies Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_b18a4e283f67c0b5\igfxCUIService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_5fe2e31c542e0065\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_98ea1a1ac9fa4d66\IntelCpHDCPSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_98ea1a1ac9fa4d66\IntelCpHeciSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_cad1db73e8c782a6\WMIRegistrationService.exe
(services.exe ->) (Intel(R) Driver & Support Assistant -> Intel) C:\Program Files (x86)\Intel Driver and Support Assistant\DSAService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Intel(R) Intel Network Drivers -> Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_ecb9604542bb4ba6\RstMwService.exe
(services.exe ->) (Intel(R) Software -> Intel Corporation) C:\Program Files\Intel\Intel(R) Ready Mode Technology\IRMTService.exe
(services.exe ->) (Logitech Inc -> Logitech) C:\Program Files\Logitech\LogiCapture\bin\Service\LogiFacecamService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL11.HPWJA\MSSQL\Binn\sqlservr.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CredentialEnrollmentManager.exe
(services.exe ->) (PC-Doctor, Inc. -> PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.7193.611\DSAPI.exe
(services.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(services.exe ->) (Solitea, a. s. -> Vema, a. s. Okružní 871/3a, 638 00 Brno, CZ) C:\Program Files (x86)\Vema\AdminS\7.02.00\NV3ServerSrv.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated.) C:\Program Files\Synaptics\SynFP\SynaFPService.exe
(services.exe ->) (Synology Inc. -> ) [File not signed] C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(services.exe ->) (TEFINCOM S.A. -> TEFINCOM S.A.) C:\Program Files\NordVPN\nordvpn-service.exe
(services.exe ->) (Trade Fides a.s.) [File not signed] C:\Program Files (x86)\Fides SQL\Fides Software Storage Service\FssService.exe
(services.exe ->) (UVT MU) [File not signed] C:\Program Files\RemSig\VirtualCardService\RemSigVirtualCard.exe
(services.exe ->) (VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
(services.exe ->) (VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\VMware\VMware Horizon View Client\ClientService\horizon_client_service.exe
(services.exe ->) (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
(services.exe ->) (Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Wondershare\drfone\Library\DriverInstaller\DriverInstall.exe
(services.exe ->) (Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.4.3.237\WsAppService.exe
(svchost.exe ->) (CyberLink Corp. -> CyberLink) C:\Program Files (x86)\CyberLink\CyberLink Media Suite\Power2Go8\CLMLSvc_P2G8.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22082.119.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\PrintIsolationHost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wscript.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [321096 2017-08-18] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [bit4id csp store register (M x64)] => C:\WINDOWS\system32\bit4upki-store.dll [265936 2017-03-29] (Bit4id -> bit4id srl)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9230280 2017-06-21] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_MAXX6] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1489384 2017-06-21] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3476184 2022-07-27] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [WavesSvc] => C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [723928 2017-01-26] (Waves Inc -> Waves Audio Ltd.)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [827200 2020-12-19] (Acronis International GmbH -> Acronis International GmbH)
HKLM\...\Run: [SynaU2F] => C:\Program Files\Synaptics\SynFP\SynaU2F.exe [149272 2021-01-06] (Synaptics Incorporated -> Synaptics Incorporated.)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [5678624 2020-12-19] (Acronis International GmbH -> )
HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\tib_mounter_monitor.exe [447520 2020-12-19] (Acronis International GmbH -> Acronis International GmbH)
HKLM-x32\...\Run: [Autodesk Desktop App] => C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [668376 2021-05-11] (Autodesk, Inc. -> Autodesk, Inc.)
HKLM-x32\...\Run: [Autodesk Genuine Service ] => C:\ProgramData\Autodesk\Genuine Service\x64\GenuineService.exe [2913648 2021-05-10] (Autodesk, Inc. -> Autodesk)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [2011528 2022-06-02] (Cisco Systems, Inc. -> Cisco Systems, Inc.)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 2020\Acrobat\Acrotray.exe [6556624 2022-09-24] (Adobe Inc. -> Adobe Systems Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [ICAMaintenance_ICAPKIService_RegKeysRefresh] => C:\Program Files (x86)\I.CA\I.CA Maintenance\ICAMaintenance.exe [272120 2016-10-07] (Prvni certifikacni autorita, a.s. -> I.CA, a.s.)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\65.0.4.0\GoogleDriveFS.exe [52794648 2022-10-19] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\65.0.4.0\GoogleDriveFS.exe [52794648 2022-10-19] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-3484508172-1537139364-842860775-1001\...\Run: [MurGee.com Auto Clicker] => C:\Users\Meiner\AppData\Roaming\Auto Clicker\AutoClicker.exe [124072 2016-10-27] (MurGee Softwares Pvt Ltd -> MurGee.com)
HKU\S-1-5-21-3484508172-1537139364-842860775-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Meiner\AppData\Local\Microsoft\Teams\Update.exe [2576128 2022-09-07] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-3484508172-1537139364-842860775-1001\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [45488 2020-10-23] (Glarysoft LTD -> Glarysoft Ltd)
HKU\S-1-5-21-3484508172-1537139364-842860775-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [365760 2020-07-24] (AVB Disc Soft, SIA -> Disc Soft Ltd)
HKU\S-1-5-21-3484508172-1537139364-842860775-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\65.0.4.0\GoogleDriveFS.exe [52794648 2022-10-19] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-3484508172-1537139364-842860775-1001\...\Run: [Discord] => C:\Users\Meiner\AppData\Local\Discord\Update.exe [1512608 2021-09-21] (Discord Inc. -> GitHub)
HKU\S-1-5-21-3484508172-1537139364-842860775-1001\...\Run: [7 Taskbar Tweaker] => C:\Users\Meiner\AppData\Roaming\7+ Taskbar Tweaker\7+ Taskbar Tweaker.exe [494552 2022-10-15] (Michael Maltsev -> Ramen Software)
HKU\S-1-5-21-3484508172-1537139364-842860775-1001\...\Run: [PC Suite Tray] => C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe [1516632 2012-06-26] (Nokia -> Nokia)
HKU\S-1-5-21-3484508172-1537139364-842860775-1001\...\Run: [1Password] => C:\Users\Meiner\AppData\Local\1Password\app\8\1Password.exe [153621360 2022-11-07] (Agilebits -> 1Password)
HKU\S-1-5-21-3484508172-1537139364-842860775-1001\...\Run: [com.messenger] => "C:\Users\Meiner\AppData\Local\Programs\Messenger\Messenger.exe" messenger://openAtLogin (No File)
HKU\S-1-5-21-3484508172-1537139364-842860775-1001\...\Run: [org.whispersystems.signal-desktop] => C:\Users\Meiner\AppData\Local\Programs\signal-desktop\Signal.exe [151940472 2022-09-29] (Signal Messenger, LLC -> Signal Messenger, LLC)
HKU\S-1-5-21-3484508172-1537139364-842860775-1001\...\Run: [MicrosoftEdgeAutoLaunch_7C6CAC06C6033686C329BA34955B64A4] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3891624 2022-11-03] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3484508172-1537139364-842860775-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [38789456 2022-10-20] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-3484508172-1537139364-842860775-1001\...\Policies\Explorer: [] 
HKU\S-1-5-21-3484508172-1537139364-842860775-1004\...\Run: [MicrosoftEdgeAutoLaunch_8714F0D917266FE3AFB7F8BB98EEBC18] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3891624 2022-11-03] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3484508172-1537139364-842860775-1004\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\user\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-3484508172-1537139364-842860775-1004\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\user\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-3484508172-1537139364-842860775-1004\...\RunOnce: [Uninstall 20.169.0823.0006\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\user\AppData\Local\Microsoft\OneDrive\20.169.0823.0006\amd64" (No File)
HKU\S-1-5-21-3484508172-1537139364-842860775-1004\...\RunOnce: [Uninstall 20.169.0823.0006] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\user\AppData\Local\Microsoft\OneDrive\20.169.0823.0006" (No File)
HKU\S-1-5-21-3484508172-1537139364-842860775-500\...\Run: [MicrosoftEdgeAutoLaunch_98769996E24836F99EC8617644423B4C] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3891624 2022-11-03] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3484508172-1537139364-842860775-500\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Administrator\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-3484508172-1537139364-842860775-500\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Administrator\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-3484508172-1537139364-842860775-500\...\RunOnce: [Application Restart #0] => C:\Windows\System32\Taskmgr.exe [1213232 2021-10-06] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\65.0.4.0\GoogleDriveFS.exe [52794648 2022-10-19] (Google LLC -> Google, Inc.)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\WINDOWS\System32\AdobePDF.dll [203952 2022-04-09] (Adobe Inc. -> Adobe Systems Inc)
HKLM\...\Print\Monitors\Brother PT-P750W Monitor: C:\WINDOWS\System32\BSPP75L6.DLL [69632 2013-12-06] (Microsoft Windows Hardware Compatibility Publisher -> Brother Industries, Ltd.)
HKLM\...\Print\Monitors\Brother QL-800 Monitor: C:\WINDOWS\System32\bsq16aL6.DLL [100464 2020-02-26] (Microsoft Windows Hardware Compatibility Publisher -> Brother Industries, Ltd.)
HKLM\...\Print\Monitors\EPSON SIDM BS64MonitorB: C:\WINDOWS\System32\EBPMONB.DLL [108032 2008-08-08] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
HKLM\...\Print\Monitors\EPSON WF-C869R Series 64MonitorBE: C:\WINDOWS\System32\E_YLMBQAE.DLL [182784 2016-07-19] (Microsoft Windows Hardware Compatibility Publisher -> SEIKO EPSON CORPORATION)
HKLM\...\Print\Monitors\EpsonNet Print Port: C:\WINDOWS\System32\enppmon.dll [500736 2016-09-14] (SEIKO EPSON CORPORATION) [File not signed]
HKLM\...\Print\Monitors\KM Language Monitor: C:\WINDOWS\System32\KMPJL64.DLL [150248 2022-05-02] (Microsoft Windows Hardware Compatibility Publisher -> KYOCERA Document Solutions Inc.)
HKLM\...\Print\Monitors\Software602 XPS port monitor: C:\WINDOWS\System32\602localmon.dll [54864 2018-05-31] (Software602 a.s. -> Windows (R) Win 7 DDK provider)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\107.0.5304.88\Installer\chrmstp.exe [2022-11-02] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{722DEFE8-78AF-4E12-86A1-A8B21B509C52}] -> C:\WINDOWS\system32\dpcrprov2.dll [2016-12-14] (DigitalPersona, Inc. -> DigitalPersona, Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{77B7ED10-A641-4766-A428-8B9EE42E830A}] -> C:\WINDOWS\system32\dpcrprov2.dll [2016-12-14] (DigitalPersona, Inc. -> DigitalPersona, Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{E85E7D14-653B-4E51-9BC5-E5F9EC9BC51D}] -> C:\WINDOWS\system32\dpcrprov2.dll [2016-12-14] (DigitalPersona, Inc. -> DigitalPersona, Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{F0C31759-99A6-493E-AD7D-7F69126CDFBC}] -> C:\WINDOWS\system32\dpcrprov2.dll [2016-12-14] (DigitalPersona, Inc. -> DigitalPersona, Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{F731030D-3272-4D8B-A21A-3940EF268453}] -> C:\WINDOWS\system32\dpcrprov2.dll [2016-12-14] (DigitalPersona, Inc. -> DigitalPersona, Inc.)
HKLM\Software\...\Authentication\Credential Provider Filters: [{DCFB2A33-814B-4236-BFBD-FFEA3F528385}] -> C:\WINDOWS\system32\dpcrprov2.dll [2016-12-14] (DigitalPersona, Inc. -> DigitalPersona, Inc.)
Lsa: [Notification Packages] DPPassFilter scecli
Startup: C:\Users\Meiner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\disky.cmd [2017-02-23] () [File not signed]
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {01FB131D-5722-4A77-BF56-E646C710E60A} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [617096 2022-02-25] (Apple Inc. -> Apple Inc.)
Task: {05605403-83F2-4853-AD81-63ECCEF4F8D7} - System32\Tasks\npcapwatchdog => C:\Program Files\Npcap\CheckStatus.bat [862 2019-04-30] () [File not signed]
Task: {0D58CF8B-3440-4C06-B66C-40482F6AC191} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [21864376 2022-09-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {1721B495-3B1E-4AD9-AE00-F271B16CB630} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\CyberLink Media Suite\Power2Go8\CLMLSvc_P2G8.exe [110008 2016-04-27] (CyberLink Corp. -> CyberLink)
Task: {2784E3FE-B6DB-41FA-88F5-3058E921F1F1} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe do-task "E7CF176E110C211B"
Task: {3B8BE868-0EFB-493A-8D41-7293C1738515} - System32\Tasks\moje\kill messenger => C:\Krut\kill_messenger.bat [26 2022-10-21] () [File not signed]
Task: {452EF11A-5866-4415-BCA0-9ECBCA36430F} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1938792 2021-09-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {46016409-5EA4-4754-B563-D36E466518A0} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [141232 2022-10-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {46C30DF2-8141-4DD3-A70A-D229E9897A42} - System32\Tasks\Sump Task (One-Time) => C:\Program Files (x86)\IObit\IObit Uninstaller\sump.exe /sup2 (No File)
Task: {47B31639-DE76-4658-94C7-9A2D16F1F49C} - System32\Tasks\EPSON DS-780N Update => C:\Program Files (x86)\epson\Epson Scan 2\Update\e_dtsksd.exe [690176 2019-01-21] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
Task: {51606125-50D3-4B07-9BB4-832DFD688956} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3476184 2022-07-27] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {519FC0BE-DC70-496F-B3BD-1822CD5EDA41} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe --automatic (No File)
Task: {6FFC9D18-3268-4843-9AC8-FD8DA4EEF4C3} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe --automatic (No File)
Task: {79036EC0-119A-40DD-B961-8678FD0A9B22} - System32\Tasks\Open URL by RoboForm => C:\WINDOWS\system32\rundll32.exe url.dll,FileProtocolHandler "hxxps://www.roboform.com/uninstall.html?aaa=KICMJMNJJJLMNMLMMMLMCNKJGMJMIMCNLMLJKMNJCNNJNJLJNMCNPMMJKMOJNMIMMJPMNMPMNMJJJNJICMHMCNLMCNJMFMOMOMCNOMGMNMCNOMJMNMGMGMFMPMCNPMCNOMJMNMGMGMCNNMJNPICMPMFMFMIMGMJNHICMEKMICNJJCKJNBJCMCLKJGJBJKJNIJNKJCMJNNICMJNDJCMMJFIJNMJCMPMFMPMF (the data entry has 36 more characters).
Task: {7ED39443-6D13-4404-8C04-0B0098B317BD} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2016-12-06] (Google Inc -> Google Inc.)
Task: {81F7D5B6-E0F1-4528-978E-D2C53E04924B} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2463600 2021-09-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {83788322-51E5-4693-846B-CB527C53AD27} - System32\Tasks\Microsoft_MKC_Logon_Task_ceip.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ceip.exe [32632 2021-09-08] (Microsoft Corporation -> Microsoft)
Task: {880C6903-AB5F-48A5-A437-F4A744843685} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2335600 2021-09-08] (Microsoft Corporation -> Microsoft)
"C:\Windows\System32\Tasks\Microsoft\Windows\GroupPolicy\{3E0A038B-D834-4930-9981-E89C9BFF83AA}" was unlocked. <==== ATTENTION
Task: {954C54E8-D129-4E75-B427-01A4CCF615F6} - System32\Tasks\Microsoft\Windows\GroupPolicy\{3E0A038B-D834-4930-9981-E89C9BFF83AA} => C:\WINDOWS\System32\gpupdate.exe [30720 2021-10-06] (Microsoft Windows -> Microsoft Corporation)
Task: {9FA50CD6-6899-4C5B-9A54-EDA04216E860} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4669264 2022-10-20] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "3df0890e-d877-41e6-80eb-104e0be2a5da" --version "6.05.10110" --silent
Task: {A1AA04C8-EE3D-4E7B-AF4C-AE811A789AB9} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [7056328 2022-10-18] (Microsoft Corporation -> Microsoft Corporation)
"C:\Windows\System32\Tasks\Microsoft\Windows\GroupPolicy\{A7719E0F-10DB-4640-AD8C-490CC6AD5202}" was unlocked. <==== ATTENTION
Task: {ADCBE287-0635-4E5A-BF8C-885B0386C1B1} - System32\Tasks\Microsoft\Windows\GroupPolicy\{A7719E0F-10DB-4640-AD8C-490CC6AD5202} => C:\WINDOWS\System32\gpupdate.exe [30720 2021-10-06] (Microsoft Windows -> Microsoft Corporation)
Task: {B122E65B-8D70-4BA0-AD2E-3109FCB6DF94} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1938792 2021-09-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {B284184A-D205-4994-99DF-ACD49F944F94} - System32\Tasks\Opera scheduled assistant Autoupdate 1582786890 => C:\Program Files\Opera\launcher.exe [2569160 2022-10-28] (Opera Norway AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Program Files\Opera\assistant" $(Arg0)
Task: {B73DF3F5-A82C-4524-B8E7-1AC3FCE8EF77} - System32\Tasks\RtHDVBg_PushButton => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1489384 2017-06-21] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {B83C7F75-2ABC-45A9-82AB-7E8C74B9D925} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistInstaller.exe [1045976 2020-09-01] (Dell Inc. -> Dell Inc.)
Task: {BB19A07F-B743-4F39-BDCD-1706522FA336} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [21864376 2022-09-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {BE3399A1-596A-4CE3-98AE-1F45CA7639D6} - System32\Tasks\AdobeAAMUpdater-1.0-DESKTOP-6ILPE0F-Meiner => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {BE8F8A2E-0634-4619-A8A7-C3333698820D} - System32\Tasks\CCleanerSkipUAC - Bernt => C:\Program Files\CCleaner\CCleaner.exe [32472400 2022-10-20] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {C22468C6-C9BD-42EB-BD99-A591A7FC91E6} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-10-20] (Piriform Software Ltd -> Piriform)
Task: {C2E591C4-A1EB-4ACA-AD2C-111DD318EF75} - System32\Tasks\moje\kill vpn => C:\Krut\kill_vpn.bat [37 2022-10-21] () [File not signed]
Task: {C39F262B-CD22-44DD-99B1-20ACDB497973} - System32\Tasks\Meta\Messenger-SL-Helper-S-1-5-21-3484508172-1537139364-842860775-1001 => C:\Users\Meiner\AppData\Local\Programs\Messenger\MessengerHelper.exe [2031864 2022-10-29] (Facebook, Inc. -> Meta Platforms, Inc.)
Task: {C82AFAF8-238D-41BD-9D10-97EC4DBC783D} - System32\Tasks\Opera scheduled Autoupdate 1487677731 => C:\Program Files\Opera\launcher.exe [2569160 2022-10-28] (Opera Norway AS -> Opera Software)
Task: {CC7DB6F0-AAA0-40B9-B0C9-980B19F9401F} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [414872 2017-04-12] (OOO Lightshot -> TODO: <Company name>)
Task: {CD05D165-A778-46DA-AA8B-44F5348AF8D1} - System32\Tasks\BlueStacksHelper_nxt => C:\Program Files\BlueStacks_nxt\BlueStacksHelper.exe [275136 2022-01-31] (Bluestack Systems, Inc -> BlueStack Systems, Inc.)
Task: {CE0980D1-79FF-4B07-898C-54A8A22BF1FB} - System32\Tasks\Dell Cleanup => c:\windows\system32\oem\startmenufix.vbs [1595 2016-09-14] () [File not signed]
Task: {CE135329-3D43-4896-B3F5-38989F7C31B3} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {D41A0DEA-A7C1-41C4-BA0B-86F56AEF9464} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [7056328 2022-10-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {D7F26D35-8916-4D35-A84D-A85E111E7DB1} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\CyberLink Media Suite\Power2Go8\CLVDLauncher.exe [340440 2015-01-29] (CyberLink Corp. -> CyberLink Corp.)
Task: {D90FFD8B-72DD-49AB-827A-603A850464F7} - System32\Tasks\Meta\Messenger-WSP-Helper-S-1-5-21-3484508172-1537139364-842860775-1001 => C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_1650.17.91.0_x64__8xx8rvfyw5nnt\app\MessengerHelper.exe [2007288 2022-10-26] (Facebook, Inc. -> Meta Platforms, Inc.)
Task: {EB59B4B2-0076-4DAE-84B4-E629E785E6B7} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {EB8C7F76-7CFF-4259-B0C4-9620E5A3A90C} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2463600 2021-09-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {EF02232E-B4DE-4D4A-91B8-102BFED8E44E} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [141232 2022-10-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {EFDD73EF-D629-4C3E-8D0F-14EFD249CEB1} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\26.0.1.233\WatchDog.exe [1053264 2022-07-25] (Bitdefender SRL -> Bitdefender)
Task: {EFF95214-BF62-4EE1-BDA2-79B6244DCEA1} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1552376 2022-09-26] (Adobe Inc. -> Adobe Inc.)
Task: {F11D048D-015B-4D87-8BAC-E951AEE24E6B} - System32\Tasks\EPSON DS-770 Update => C:\Program Files (x86)\epson\Epson Scan 2\Update\e_dtsksd.exe [690176 2019-01-21] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
Task: {F2172E56-60A5-4C7E-9141-82B448939E5D} - System32\Tasks\update-S-1-5-21-3484508172-1537139364-842860775-1001 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [414872 2017-04-12] (OOO Lightshot -> TODO: <Company name>)
Task: {F9954FB7-A2AB-4DEE-9386-B0A89C44ECB8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2016-12-06] (Google Inc -> Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\EPSON DS-770 Update.job => C:\Program Files (x86)\epson\Epson Scan 2\Update\e_dtsksd.exe/EXE_S:EPSON DS-770,ES014D.DAT /F:UpdateKRUTOG\MeinerĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\EPSON DS-780N Update.job => C:\Program Files (x86)\epson\Epson Scan 2\Update\e_dtsksd.exe0/EXE_S:EPSON DS-780N,ES014E.DAT /F:UpdateKRUTOG\BerntĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\update-S-1-5-21-3484508172-1537139364-842860775-1001.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\WINDOWS\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
Hosts: 127.0.0.1 view-localhost # view localhost server
Tcpip\..\Interfaces\{118d05fb-83d4-4ad9-8b7e-6279223530b2}: [DhcpNameServer] 147.230.16.240 147.230.16.140
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION

Edge: 
=======
Edge Profile: C:\Users\Meiner\AppData\Local\Microsoft\Edge\User Data\Default [2022-11-07]
Edge DownloadDir: Default -> E:\Downloads
Edge HomePage: Default -> hxxp://www.google.com/
Edge StartupUrls: Default -> "hxxp://www.google.com/"
Edge Session Restore: Default -> is enabled.
Edge Extension: (AdBlock — best ad blocker) - C:\Users\Meiner\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ndcileolkflehcjpmjnfbnaibdcgglog [2022-11-07]

FireFox:
========
FF DefaultProfile: w3oz35jx.default
FF ProfilePath: C:\Users\Meiner\AppData\Roaming\Mozilla\Firefox\Profiles\w3oz35jx.default [2022-11-07]
FF Notifications: Mozilla\Firefox\Profiles\w3oz35jx.default -> hxxp://poe.trade; hxxps://photos.google.com; hxxps://calendar.google.com
FF Extension: (English United States Dictionary) - C:\Users\Meiner\AppData\Roaming\Mozilla\Firefox\Profiles\w3oz35jx.default\Extensions\@unitedstatesenglishdictionary.xpi [2022-04-07]
FF Extension: (Český slovník pro kontrolu pravopisu) - C:\Users\Meiner\AppData\Roaming\Mozilla\Firefox\Profiles\w3oz35jx.default\Extensions\cs@dictionaries.addons.mozilla.org.xpi [2021-06-20]
FF Extension: (To Google Translate) - C:\Users\Meiner\AppData\Roaming\Mozilla\Firefox\Profiles\w3oz35jx.default\Extensions\jid1-93WyvpgvxzGATw@jetpack.xpi [2021-06-23]
FF Extension: (English (US) Language Pack) - C:\Users\Meiner\AppData\Roaming\Mozilla\Firefox\Profiles\w3oz35jx.default\Extensions\langpack-en-US@firefox.mozilla.org.xpi [2022-10-19]
FF Extension: (1Password extension (desktop app required)) - C:\Users\Meiner\AppData\Roaming\Mozilla\Firefox\Profiles\w3oz35jx.default\Extensions\onepassword4@agilebits.com.xpi [2021-03-24] [UpdateUrl:hxxps://cdn.agilebits.com/dist/1P/ext/autoupdate_firefox4.json]
FF Extension: (Simple Translate) - C:\Users\Meiner\AppData\Roaming\Mozilla\Firefox\Profiles\w3oz35jx.default\Extensions\simple-translate@sienori.xpi [2022-10-19]
FF Extension: (Tab Session Manager) - C:\Users\Meiner\AppData\Roaming\Mozilla\Firefox\Profiles\w3oz35jx.default\Extensions\Tab-Session-Manager@sienori.xpi [2022-10-19]
FF Extension: (uBlock Origin) - C:\Users\Meiner\AppData\Roaming\Mozilla\Firefox\Profiles\w3oz35jx.default\Extensions\uBlock0@raymondhill.net.xpi [2022-10-19]
FF Extension: (Tab Auto Refresh) - C:\Users\Meiner\AppData\Roaming\Mozilla\Firefox\Profiles\w3oz35jx.default\Extensions\{7fee47a1-8299-4576-90bf-5fd88d756926}.xpi [2022-10-19]
FF Extension: (Adblock Plus - free ad blocker) - C:\Users\Meiner\AppData\Roaming\Mozilla\Firefox\Profiles\w3oz35jx.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2022-10-19]
FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat 2020\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat 2020\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2020-05-09]
FF HKLM-x32\...\Firefox\Extensions: [ISVCU@iSkysoft.com] - C:\ProgramData\iSkysoft\Video Converter Ultimate\ISVCU@iSkysoft.com_xpi => not found
FF HKLM-x32\...\Firefox\Extensions: [dpmaxz_ng@jetpack] - C:\Program Files (x86)\Dell\Dell Data Protection\Authentication\Bin\BrowserExt\dpchrome
FF Extension: (Dell Data Protection | Security Tools) - C:\Program Files (x86)\Dell\Dell Data Protection\Authentication\Bin\BrowserExt\dpchrome [2020-07-01] [Legacy] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat 2020\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-01-11] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.17.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-03-24] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-03-24] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-03-24] (VideoLAN -> VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2021-03-30] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-01-11] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [No File]
FF Plugin-x32: @software602.cz/602XML Filler -> C:\Program Files (x86)\Software602\602XML\Filler\npfiller.dll [2018-01-08] (Software602 a.s. -> Software602 a.s.)
FF Plugin-x32: @vmware.com/vmrc,version=5.5.0.00000 -> C:\Program Files (x86)\Common Files\VMware\VMware Remote Console Plug-in 5.5\Firefox\np-vmware-vmrc.dll [2014-06-12] (VMware, Inc.) [File not signed]
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 2020\Acrobat\Air\nppdf32.dll [2022-09-24] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2022-10-16] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2021-03-30] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: digitalpersona.com/ChromeDPAgent -> C:\Program Files (x86)\Dell\Dell Data Protection\Authentication\Bin\BrowserExt\components\npChromeDPAgent.dll [2016-10-17] (DigitalPersona, Inc. -> DigitalPersona, Inc.)
FF Plugin-x32: WinLessPlugin -> C:\Program Files (x86)\Camera Stream Controler\npWinLessRtspCtrl.dll [2011-08-25] (VIVOTEK INC. -> )

Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Meiner\AppData\Local\Google\Chrome\User Data\Default [2022-11-07]
CHR DownloadDir: E:\Downloads
CHR Notifications: Default -> hxxps://calendar.google.com; hxxps://drive.google.com; hxxps://lostmerchants.com; hxxps://meet.google.com; hxxps://messages.google.com
CHR Extension: (lock) - C:\Users\Meiner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aeblfdkhhhdcdjpifhhbdiojplfjncoa [2022-10-31]
CHR Extension: (1Password extension (desktop app required)) - C:\Users\Meiner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aomjjhallfgjeglblehebfpbcfeobpgk [2021-10-20]
CHR Extension: (PayPal Honey: Automatic Coupons & Cash Back) - C:\Users\Meiner\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2022-10-27]
CHR Extension: (uBlock Origin) - C:\Users\Meiner\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2022-10-05]
CHR Extension: (I.CA PKI Service Component) - C:\Users\Meiner\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdolcjnejgbpoadihncaggiicpkhjchl [2022-10-05]
CHR Extension: (Google Docs Offline) - C:\Users\Meiner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-11-07]
CHR Extension: (Tab Session Manager) - C:\Users\Meiner\AppData\Local\Google\Chrome\User Data\Default\Extensions\iaiomicjabeggjcfkbimgmglanimpnae [2022-09-19]
CHR Extension: (Simple Translate) - C:\Users\Meiner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibplnjkanclpjokhdolnendpplpjiace [2022-09-13]
CHR Extension: (Cookie Cutter by Neeva ) - C:\Users\Meiner\AppData\Local\Google\Chrome\User Data\Default\Extensions\idcnmiefjmnabbchggljinkeiinlolon [2022-10-19]
CHR Extension: (Tab Auto Refresh) - C:\Users\Meiner\AppData\Local\Google\Chrome\User Data\Default\Extensions\jaioibhbkffompljnnipmpkeafhpicpd [2022-06-15]
CHR Extension: (Application Launcher For Drive (by Google)) - C:\Users\Meiner\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2021-03-10]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Meiner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-03-10]
CHR Profile: C:\Users\Meiner\AppData\Local\Google\Chrome\User Data\Default_bak [2020-07-01] <==== ATTENTION
CHR HomePage: Default_bak -> hxxp://search.babylon.com/?affID=112061&babsrc=HP_ss&mntrId=149d8c36000000000000386077a7bb14
CHR StartupUrls: Default_bak -> "hxxp://www.google.com/","hxxp://websearch.searchmania.info/?pid=20494&r=2014/12/06&hid=28285115881752874&lg=EN&cc=CZ&unqvl=70","hxxp://google.com/"
CHR Session Restore: Default_bak -> is enabled.
CHR Extension: (Překladač Google) - C:\Users\Meiner\AppData\Local\Google\Chrome\User Data\Default_bak\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2018-11-07]
CHR Extension: (Prezentace) - C:\Users\Meiner\AppData\Local\Google\Chrome\User Data\Default_bak\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-11-07]
CHR Extension: (Dokumenty) - C:\Users\Meiner\AppData\Local\Google\Chrome\User Data\Default_bak\Extensions\aohghmighlieiainnegkcijnfilokake [2018-11-07]
CHR Extension: (Disk Google) - C:\Users\Meiner\AppData\Local\Google\Chrome\User Data\Default_bak\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-11-07]
CHR Extension: (YouTube) - C:\Users\Meiner\AppData\Local\Google\Chrome\User Data\Default_bak\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-11-07]
CHR Extension: (Realm of the Mad God) - C:\Users\Meiner\AppData\Local\Google\Chrome\User Data\Default_bak\Extensions\dhjfmaldpppkmjjgkmadddbanpabfflp [2018-11-07]
CHR Extension: (Tabulky) - C:\Users\Meiner\AppData\Local\Google\Chrome\User Data\Default_bak\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-11-07]
CHR Extension: (Dokumenty Google offline) - C:\Users\Meiner\AppData\Local\Google\Chrome\User Data\Default_bak\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-11-07]
CHR Extension: (AdBlock) - C:\Users\Meiner\AppData\Local\Google\Chrome\User Data\Default_bak\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2018-11-07]
CHR Extension: (Google Keep – poznámky a seznamy) - C:\Users\Meiner\AppData\Local\Google\Chrome\User Data\Default_bak\Extensions\hmjkmjkepdijhoojdojkdfohbdgmmhki [2018-11-07]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Meiner\AppData\Local\Google\Chrome\User Data\Default_bak\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2018-11-07]
CHR Extension: (Hangouts Google) - C:\Users\Meiner\AppData\Local\Google\Chrome\User Data\Default_bak\Extensions\nckgahadagoaajjgafhacjanaoiihapd [2018-11-07]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Meiner\AppData\Local\Google\Chrome\User Data\Default_bak\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-11-07]
CHR Extension: (Gmail) - C:\Users\Meiner\AppData\Local\Google\Chrome\User Data\Default_bak\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-11-07]
CHR Extension: (Chrome Media Router) - C:\Users\Meiner\AppData\Local\Google\Chrome\User Data\Default_bak\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-11-07]
CHR Profile: C:\Users\Meiner\AppData\Local\Google\Chrome\User Data\Guest Profile [2022-11-07]
CHR Profile: C:\Users\Meiner\AppData\Local\Google\Chrome\User Data\Profile 3 [2021-11-22]
CHR Extension: (Slides) - C:\Users\Meiner\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-10-20]
CHR Extension: (Docs) - C:\Users\Meiner\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aohghmighlieiainnegkcijnfilokake [2021-10-20]
CHR Extension: (Google Drive) - C:\Users\Meiner\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-10-20]
CHR Extension: (YouTube) - C:\Users\Meiner\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-10-20]
CHR Extension: (Adobe Acrobat) - C:\Users\Meiner\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2021-11-16]
CHR Extension: (Sheets) - C:\Users\Meiner\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-10-20]
CHR Extension: (Google Docs Offline) - C:\Users\Meiner\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-10-20]
CHR Extension: (Application Launcher For Drive (by Google)) - C:\Users\Meiner\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2021-10-20]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Meiner\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-10-20]
CHR Extension: (Gmail) - C:\Users\Meiner\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-10-20]
CHR Profile: C:\Users\Meiner\AppData\Local\Google\Chrome\User Data\Profile 4 [2021-12-20]
CHR Extension: (Slides) - C:\Users\Meiner\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-12-06]
CHR Extension: (Docs) - C:\Users\Meiner\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\aohghmighlieiainnegkcijnfilokake [2021-12-06]
CHR Extension: (Google Drive) - C:\Users\Meiner\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-12-06]
CHR Extension: (YouTube) - C:\Users\Meiner\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-12-06]
CHR Extension: (Adobe Acrobat) - C:\Users\Meiner\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2021-12-06]
CHR Extension: (Sheets) - C:\Users\Meiner\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-12-06]
CHR Extension: (Google Docs Offline) - C:\Users\Meiner\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-12-06]
CHR Extension: (Application Launcher For Drive (by Google)) - C:\Users\Meiner\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2021-12-06]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Meiner\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-12-06]
CHR Extension: (Gmail) - C:\Users\Meiner\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-12-06]
CHR Profile: C:\Users\Meiner\AppData\Local\Google\Chrome\User Data\Profile 5 [2022-01-04]
CHR Extension: (Slides) - C:\Users\Meiner\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-12-15]
CHR Extension: (Docs) - C:\Users\Meiner\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\aohghmighlieiainnegkcijnfilokake [2021-12-15]
CHR Extension: (Google Drive) - C:\Users\Meiner\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-12-15]
CHR Extension: (YouTube) - C:\Users\Meiner\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-12-15]
CHR Extension: (Adobe Acrobat) - C:\Users\Meiner\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2021-12-15]
CHR Extension: (Sheets) - C:\Users\Meiner\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-12-15]
CHR Extension: (Google Docs Offline) - C:\Users\Meiner\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-12-15]
CHR Extension: (Application Launcher For Drive (by Google)) - C:\Users\Meiner\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2021-12-15]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Meiner\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-12-15]
CHR Extension: (Gmail) - C:\Users\Meiner\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-12-15]
CHR Profile: C:\Users\Meiner\AppData\Local\Google\Chrome\User Data\System Profile [2022-11-07]
CHR HKU\S-1-5-21-3484508172-1537139364-842860775-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Meiner\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx <not found>
CHR HKU\S-1-5-21-3484508172-1537139364-842860775-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKU\S-1-5-21-3484508172-1537139364-842860775-1004\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]

Opera: 
=======
OPR Profile: C:\Users\Meiner\AppData\Roaming\Opera Software\Opera Stable [2022-10-31]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\Meiner\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2022-10-31]
OPR Extension: (Opera Wallet) - C:\Users\Meiner\AppData\Roaming\Opera Software\Opera Stable\Extensions\gojhcdgcpbpfigcaejpfhfegekdgiblk [2022-10-31]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\Meiner\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2021-09-15]
OPR Extension: (Adblock Plus - free ad blocker) - C:\Users\Meiner\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2022-10-19]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 602XML Updater; C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [85344 2011-10-10] (Software602 a.s. -> Software602 a.s.)
S3 aakore; C:\Program Files (x86)\Acronis\Agent\aakore.exe [15839648 2020-12-19] (Acronis International GmbH -> Acronis International GmbH)
R2 AcronisActiveProtectionService; C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\anti_ransomware_service.exe [12905888 2020-12-19] (Acronis International GmbH -> )
S4 AcronisCyberProtectionService; C:\Program Files\Acronis\CyberProtect\cyber-protect-service.exe [1421352 2020-12-19] (Acronis International GmbH -> Acronis International GmbH)
R2 AcrSch2Svc; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [1264400 2020-12-19] (Acronis International GmbH -> Acronis International GmbH)
R2 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1050920 2021-05-11] (Autodesk, Inc. -> Autodesk Inc.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2022-09-26] (Adobe Inc. -> Adobe Inc.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [842424 2021-03-30] (Adobe Inc. -> Adobe Inc.)
S3 AdskLicensingService; C:\Program Files (x86)\Common Files\Autodesk Shared\AdskLicensing\Current\AdskLicensingService\AdskLicensingService.exe [18673448 2020-11-17] (Autodesk, Inc. -> Autodesk)
S3 afcdpsrv; C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [6388072 2021-03-09] (Acronis International GmbH -> )
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3863256 2022-07-27] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3701464 2022-07-27] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [100424 2022-05-02] (Apple Inc. -> Apple Inc.)
R2 BBDemon; e:\programs\Dassault Systemes\B32 CATIA V5-6R2022\win_b64\code\bin\CATSysDemon.exe [58016 2021-06-19] (DASSAULT SYSTEMES SE -> Dassault Systemes)
R2 bdredline_agent; C:\Program Files\Bitdefender Agent\redline\bdredline.exe [2454632 2022-02-10] (Bitdefender SRL -> Bitdefender)
R2 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\107.0.5304.19\remoting_host.exe [74520 2022-09-28] (Google LLC -> Google LLC)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9191816 2022-09-05] (Microsoft Corporation -> Microsoft Corporation)
R2 client_service; C:\Program Files (x86)\VMware\VMware Horizon View Client\ClientService\horizon_client_service.exe [444632 2020-07-07] (VMware, Inc. -> VMware, Inc.)
S3 dcsvc; C:\WINDOWS\system32\dcsvc.dll [785408 2022-11-07] (Microsoft Windows -> Microsoft Corporation)
R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [284720 2020-08-08] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3563568 2020-08-08] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [490032 2020-08-08] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 Dell Hardware Support; C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.7193.611\DSAPI.exe [987632 2020-09-23] (PC-Doctor, Inc. -> PC-Doctor, Inc.)
R2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [44328 2022-03-16] (Dell Inc -> )
R2 DellMgmtAgent; C:\Program Files\Dell\Dell Data Protection\Client Security Framework\Dell.SecurityFramework.Agent.exe [22280 2017-01-17] (Dell Inc -> CREDANT Technologies, Inc.)
R2 DellMgmtLoader; C:\Program Files\Dell\Dell Data Protection\Client Security Framework\DCF.Loader.exe [35080 2017-01-17] (Dell Inc -> Dell Inc.)
R3 DellMgmtServer; C:\Program Files\Dell\Dell Data Protection\Client Security Framework\Dell.SecurityFramework.LocalServer.exe [53000 2017-01-17] (Dell Inc -> Dell, Inc.)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [4582080 2020-07-24] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R2 DpHost; C:\Program Files\Dell\Dell Data Protection\Authentication\Bin\DpHostW.exe [498136 2017-01-11] (DigitalPersona, Inc. -> DigitalPersona, Inc.)
R2 DSAService; C:\Program Files (x86)\Intel Driver and Support Assistant\DSAService.exe [22816 2018-03-15] (Intel(R) Driver & Support Assistant -> Intel)
R2 Emc.Captiva.WebCaptureService; C:\Program Files (x86)\EMC Captiva\Captiva Cloud Runtime\Emc.Captiva.WebCaptureService.exe [86008 2016-06-20] (EMC Corporation -> EMC Corporation)
R2 EPIntegrationService; C:\Program Files\Bitdefender\Endpoint Security\EPIntegrationService.exe [157024 2022-07-05] (Bitdefender SRL -> Bitdefender)
R2 EPProtectedService; C:\Program Files\Bitdefender\Endpoint Security\EPProtectedService.exe [157024 2022-07-05] (Bitdefender SRL -> Bitdefender)
R2 epredline; C:\Program Files\Bitdefender\Endpoint Security\bdredline.exe [2811232 2022-09-28] (Bitdefender SRL -> Bitdefender)
R2 EPSecurityService; C:\Program Files\Bitdefender\Endpoint Security\EPSecurityService.exe [157024 2022-07-05] (Bitdefender SRL -> Bitdefender)
S3 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [206304 2020-05-19] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
R2 EPUpdateService; C:\Program Files\Bitdefender\Endpoint Security\EPUpdateService.exe [157024 2022-07-05] (Bitdefender SRL -> Bitdefender)
R2 FssUpdateService; C:\Program Files (x86)\Fides SQL\Fides Software Storage Service\FssService.exe [31232 2014-01-06] (Trade Fides a.s.) [File not signed]
R2 ftnlsv3hv; C:\Program Files\Common Files\VMware\DeviceRedirectionCommon\ftnlsv.exe [280176 2020-03-18] (FabulaTech, LLP -> )
R2 ftscanmgrhv; C:\Program Files\Common Files\VMware\ScannerRedirection\ftscanmgrhv.exe [299632 2020-05-18] (FabulaTech, LLP -> )
S4 HPWJAService; C:\Program Files\HP Inc\Web Jetadmin 10\bin\HPWJAService.exe [45056 2017-05-29] (HP Inc. Development Company, L.P.) [File not signed]
S4 HPWSProAdapter; C:\Program Files\HP Inc\Web Jetadmin 10\HPWSProAdapter\FileSystems\Core\bin\XP-x86\release\HP.Dss.App.WinService.exe [9728 2017-04-12] (Hewlett-Packard) [File not signed]
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [236864 2021-06-03] (Huawei Technologies Co., Ltd. -> ) [File not signed]
S3 I.CA Maintenance Service; C:\Program Files (x86)\I.CA\I.CA Maintenance\ICAMaintenance.exe [272120 2016-10-07] (Prvni certifikacni autorita, a.s. -> I.CA, a.s.)
S3 I.CA Maintenance Service2; C:\Program Files (x86)\I.CA\I.CA Maintenance2\ICAMaintenance.exe [298064 2022-04-19] (Prvni certifikacni autorita, a.s. -> I.CA, a.s.)
S3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [File not signed]
R2 IRMTService; C:\Program Files\Intel\Intel(R) Ready Mode Technology\IRMTService.exe [182336 2015-09-10] (Intel(R) Software -> Intel Corporation)
R2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [File not signed]
R2 key4hidconvert; C:\WINDOWS\SysWOW64\k4hidconvert.exe [135168 2017-06-28] (bit4id srl - hxxp://www.bit4id.com) [File not signed]
R2 LogiFacecamService; C:\Program Files\Logitech\LogiCapture\bin\Service\LogiFacecamService.exe [497568 2021-04-08] (Logitech Inc -> Logitech)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6234056 2017-11-01] (Malwarebytes Corporation -> Malwarebytes)
S3 mmsminisrv; C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe [4808088 2019-11-18] (Acronis International GmbH -> Acronis International GmbH)
S3 mobile_backup_server; C:\Program Files (x86)\Common Files\Acronis\MobileBackupServer\mobile_backup_server.exe [3004128 2019-11-18] (Acronis International GmbH -> Acronis International GmbH)
S3 mobile_backup_status_server; C:\Program Files (x86)\Acronis\TrueImageHome\mobile_backup_status_server.exe [2102096 2020-12-19] (Acronis International GmbH -> )
R2 MSSQL$HPWJA; C:\Program Files\Microsoft SQL Server\MSSQL11.HPWJA\MSSQL\Binn\sqlservr.exe [194240 2016-09-24] (Microsoft Corporation -> Microsoft Corporation)
R2 nordvpn-service; C:\Program Files\NordVPN\nordvpn-service.exe [277688 2021-04-21] (TEFINCOM S.A. -> TEFINCOM S.A.)
S3 OpLclSrv; C:\Program Files\Okidata\Common\extend3\portmgrsrv.exe [184320 2017-10-02] (Oki Data Corporation) [File not signed]
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [789072 2022-07-25] (Bitdefender SRL -> Bitdefender)
U2 RemSigVirtualCard; C:\Program Files\RemSig\VirtualCardService\RemSigVirtualCard.exe [9728 2021-05-10] (UVT MU) [File not signed]
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [253776 2014-10-20] (CyberLink Corp. -> CyberLink)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-24] (CyberLink -> )
R2 SACSrv; C:\Program Files\SafeNet\Authentication\SAC\x64\SACSRV.exe [57920 2017-11-21] (gemalto -> Gemalto)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [224216 2022-11-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 SQLAgent$HPWJA; C:\Program Files\Microsoft SQL Server\MSSQL11.HPWJA\MSSQL\Binn\SQLAGENT.EXE [613056 2016-09-24] (Microsoft Corporation -> Microsoft Corporation)
R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [31704 2020-09-01] (Dell Inc. -> Dell Inc.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
S3 syncagentsrv; C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [7394008 2020-12-19] (Acronis International GmbH -> )
R2 SynFPService; C:\Program Files\Synaptics\SynFP\SynaFPService.exe [194328 2021-01-06] (Synaptics Incorporated -> Synaptics Incorporated.)
S2 tcsd_win32.exe; C:\Program Files\Dell\Dell Data Protection\Drivers\TSS\bin\tcsd_win32.exe [1636352 2012-12-10] (Security Innovation, Inc.) [File not signed]
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [16197432 2022-10-12] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 Tib Mounter Service; C:\Program Files (x86)\Common Files\Acronis\TibMounter64\tib_mounter_service.exe [5911456 2020-12-19] (Acronis International GmbH -> Acronis International GmbH)
R2 UsbClientService; C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe [248856 2018-05-11] (Synology Inc. -> ) [File not signed]
R2 VemaAdminService; C:\Program Files (x86)\Vema\AdminS\7.02.00\NV3ServerSrv.exe [2340024 2021-10-19] (Solitea, a. s. -> Vema, a. s. Okružní 871/3a, 638 00 Brno, CZ)
R2 vmwsprrdpwks; C:\Program Files\Common Files\VMware\SerialPortRedirection\Client\vmwsprrdpwks.exe [461936 2020-05-22] (FabulaTech, LLP -> VMware)
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [363888 2018-06-01] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2004.6-0\NisSrv.exe [3304992 2020-05-18] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2004.6-0\MsMpEng.exe [103376 2020-05-18] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.237\WsAppService.exe [495720 2018-07-04] (Wondershare Technology Co.,Ltd -> Wondershare)
R2 WsDrvInst; C:\Program Files (x86)\Wondershare\drfone\Library\DriverInstaller\DriverInstall.exe [120016 2018-07-04] (Wondershare Technology Co.,Ltd -> Wondershare)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 acsock; C:\WINDOWS\system32\DRIVERS\acsock64.sys [297888 2022-06-02] (Microsoft Windows Hardware Compatibility Publisher -> Cisco Systems, Inc.)
S3 AKSIFDH; C:\WINDOWS\System32\drivers\aksifdh.sys [62632 2017-08-03] (Aladdin Knowledge Systems Inc. -> Aladdin Knowledge Systems, Ltd.)
S3 AKSUP; C:\WINDOWS\system32\drivers\aksup.sys [44712 2017-08-03] (Aladdin Knowledge Systems Inc. -> Aladdin Knowledge Systems, Ltd.)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AVerPola; C:\WINDOWS\system32\DRIVERS\AVerPola.sys [862336 2013-12-18] (AVerMedia TECHNOLOGIES, Inc.) [File not signed]
R2 BdDci; C:\WINDOWS\system32\DRIVERS\bddci.sys [367096 2020-12-19] (Bitdefender SRL -> Bitdefender)
S0 BDElam; C:\WINDOWS\System32\drivers\bdelam.sys [22976 2021-04-21] (Microsoft Windows Early Launch Anti-malware Publisher -> Bitdefender)
R2 BlueStacksDrv_nxt; C:\Program Files\BlueStacks_nxt\BstkDrv_nxt.sys [320728 2022-01-31] (Bluestack Systems, Inc -> Bluestack System Inc.)
R3 busenum; C:\WINDOWS\System32\drivers\busenum.sys [57824 2012-08-03] (Synology Inc. -> Windows (R) Win 7 DDK provider)
R3 DDDriver; C:\WINDOWS\System32\drivers\dddriver64Dcsa.sys [42376 2020-08-03] (Microsoft Windows Hardware Compatibility Publisher -> Dell Inc.)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [42256 2020-07-24] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [59360 2020-07-24] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S3 epmntdrv; C:\WINDOWS\system32\epmntdrv.sys [36280 2019-12-25] (CHENGDU YIWO Tech Development Co., Ltd. -> )
R0 EPMVolFl; C:\WINDOWS\System32\drivers\EPMVolFl.sys [30136 2019-12-25] (CHENGDU YIWO Tech Development Co., Ltd. -> Windows (R) Codename Longhorn DDK provider)
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2021-06-03] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R2 file_protector; C:\WINDOWS\System32\DRIVERS\file_protector.sys [721536 2021-03-09] (Acronis International GmbH -> Acronis International GmbH)
R0 file_tracker; C:\WINDOWS\System32\DRIVERS\file_tracker.sys [392840 2021-03-09] (Acronis International GmbH -> Acronis International GmbH)
R0 fltsrv; C:\WINDOWS\System32\DRIVERS\fltsrv.sys [183944 2021-03-09] (Acronis International GmbH -> Acronis International GmbH)
R3 gemma; C:\WINDOWS\System32\DRIVERS\gemma.sys [1274296 2022-08-30] (Microsoft Windows Hardware Compatibility Publisher -> BitDefender S.R.L. Bucharest, ROMANIA)
R1 googledrivefs3758; C:\WINDOWS\System32\DRIVERS\googledrivefs3758.sys [384584 2022-03-24] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
R1 GUBootStartup; C:\WINDOWS\System32\drivers\GUBootStartup.sys [28936 2020-07-01] (Glarysoft LTD -> Glarysoft Ltd)
S3 iKeyEnum; C:\WINDOWS\System32\drivers\ikeyenum.sys [16160 2017-08-03] (SafeNet, Inc. -> SafeNet, Inc.)
S3 iKeyIFD; C:\WINDOWS\System32\drivers\ikeyifd.sys [22304 2017-08-03] (SafeNet, Inc. -> SafeNet, Inc.)
R3 IntelReadyModeDriver; C:\WINDOWS\System32\drivers\IntelReadyModeDriver.sys [33512 2015-09-10] (Intel CASE -> Intel Corporation)
S3 NDivert; C:\WINDOWS\System32\drivers\NDivert.sys [105184 2021-03-28] (TEFINCOM S.A. -> )
R1 ngscan; C:\WINDOWS\System32\DRIVERS\ngscan.sys [171312 2020-12-19] (Acronis International GmbH -> Acronis International GmbH)
R3 nlwt; C:\WINDOWS\system32\DRIVERS\nlwt.sys [39360 2020-05-26] (TEFINCOM S.A. -> WireGuard LLC)
S3 nmwcd; C:\WINDOWS\system32\drivers\ccdcmbx64.sys [19968 2012-01-09] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 nmwcdc; C:\WINDOWS\system32\drivers\ccdcmbox64.sys [27136 2012-01-09] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
R1 nordlwf; C:\WINDOWS\system32\DRIVERS\nordlwf.sys [38608 2020-12-14] (TEFINCOM S.A. -> TEFINCOM S.A.)
S3 npcap; C:\WINDOWS\system32\DRIVERS\npcap.sys [81680 2020-05-02] (Insecure.Com LLC -> Insecure.Com LLC.)
S3 npf; C:\WINDOWS\System32\drivers\npf.sys [40464 2009-02-08] (CACE TECHNOLOGIES, LLC -> CACE Technologies)
S3 pccsmcfd; C:\WINDOWS\system32\DRIVERS\pccsmcfdx64.sys [26112 2012-06-11] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S4 RsFx0201; C:\WINDOWS\System32\DRIVERS\RsFx0201.sys [337088 2014-05-15] (Microsoft Corporation -> Microsoft Corporation)
S3 rtump64x64; C:\WINDOWS\System32\drivers\rtump64x64.sys [1049936 2022-02-24] (Realtek Semiconductor Corp. -> Realtek Corporation)
S3 S3XXx64; C:\WINDOWS\system32\DRIVERS\S3XXx64.sys [73856 2015-02-17] (Microsoft Windows Hardware Compatibility Publisher -> Identiv)
R0 SEDFilter; C:\WINDOWS\System32\DRIVERS\SEDFilter.sys [209584 2017-01-17] (Dell Inc -> Dell Inc.)
R3 SteamStreamingMicrophone; C:\WINDOWS\system32\drivers\SteamStreamingMicrophone.sys [40736 2017-07-28] (Valve Corp. -> )
R3 SteamStreamingSpeakers; C:\WINDOWS\system32\drivers\SteamStreamingSpeakers.sys [40736 2017-07-21] (Valve Corp. -> )
S3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
R3 tapnordvpn; C:\WINDOWS\System32\drivers\tapnordvpn.sys [44896 2020-05-26] (TEFINCOM S.A. -> The OpenVPN Project)
S3 tapprotonvpn; C:\WINDOWS\System32\drivers\tapprotonvpn.sys [44976 2018-09-07] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S3 tib; C:\WINDOWS\system32\DRIVERS\tib.sys [887032 2021-03-09] (Acronis International GmbH -> Acronis International GmbH)
R2 tib_mounter; C:\WINDOWS\system32\DRIVERS\tib_mounter.sys [176248 2021-03-09] (Acronis International GmbH -> Acronis International GmbH)
S3 tnd; C:\WINDOWS\system32\DRIVERS\tnd.sys [694920 2021-03-09] (Acronis International GmbH -> Acronis International GmbH)
R2 trufos; C:\WINDOWS\System32\DRIVERS\trufos.sys [633264 2022-09-28] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] (Empty Loop -> )
S3 upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltx64.sys [9216 2012-01-09] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltjx64.sys [9216 2012-01-09] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
R2 virtual_file; C:\WINDOWS\System32\DRIVERS\virtual_file.sys [334984 2021-03-09] (Acronis International GmbH -> Acronis International GmbH)
R0 vlflt; C:\WINDOWS\System32\DRIVERS\vlflt.sys [480184 2022-07-05] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
R0 volume_tracker; C:\WINDOWS\System32\DRIVERS\volume_tracker.sys [251016 2021-03-09] (Acronis International GmbH -> Acronis International GmbH)
S3 vpnva; C:\WINDOWS\System32\drivers\vpnva64-6.sys [74064 2022-06-02] (Cisco Systems, Inc. -> Cisco Systems, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45960 2020-05-18] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [26880 2015-11-12] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [394680 2020-05-18] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [64944 2020-05-18] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

NETSVC: DcSvc -> C:\Windows\system32\dcsvc.dll (Microsoft Corporation)

==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-11-07 14:12 - 2022-11-07 14:13 - 000077355 _____ C:\Users\Meiner\Desktop\FRST.txt
2022-11-07 14:11 - 2022-11-07 14:12 - 000000000 ____D C:\FRST
2022-11-07 14:11 - 2022-11-07 14:11 - 002374656 _____ (Farbar) C:\Users\Meiner\Desktop\FRST64.exe
2022-11-07 14:04 - 2022-11-07 14:04 - 001048576 _____ C:\WINDOWS\defltbase.sdb
2022-11-07 14:04 - 2022-11-07 14:04 - 000016384 _____ C:\WINDOWS\defltbase.jfm
2022-11-07 10:58 - 2022-11-07 10:58 - 000000020 ___SH C:\Users\bernt\ntuser.ini
2022-11-07 10:58 - 2022-11-07 10:58 - 000000000 _SHDL C:\Users\bernt\Soubory cookie
2022-11-07 10:58 - 2022-11-07 10:58 - 000000000 _SHDL C:\Users\bernt\Šablony
2022-11-07 10:58 - 2022-11-07 10:58 - 000000000 _SHDL C:\Users\bernt\Poslední
2022-11-07 10:58 - 2022-11-07 10:58 - 000000000 _SHDL C:\Users\bernt\Okolní tiskárny
2022-11-07 10:58 - 2022-11-07 10:58 - 000000000 _SHDL C:\Users\bernt\Okolní síť
2022-11-07 10:58 - 2022-11-07 10:58 - 000000000 _SHDL C:\Users\bernt\Nabídka Start
2022-11-07 10:58 - 2022-11-07 10:58 - 000000000 _SHDL C:\Users\bernt\Dokumenty
2022-11-07 10:58 - 2022-11-07 10:58 - 000000000 _SHDL C:\Users\bernt\Documents\Obrázky
2022-11-07 10:58 - 2022-11-07 10:58 - 000000000 _SHDL C:\Users\bernt\Documents\Hudba
2022-11-07 10:58 - 2022-11-07 10:58 - 000000000 _SHDL C:\Users\bernt\Documents\Filmy
2022-11-07 10:58 - 2022-11-07 10:58 - 000000000 _SHDL C:\Users\bernt\Data aplikací
2022-11-07 10:58 - 2022-11-07 10:58 - 000000000 _SHDL C:\Users\bernt\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2022-11-07 10:58 - 2022-11-07 10:58 - 000000000 _SHDL C:\Users\bernt\AppData\Local\Data aplikací
2022-11-07 10:58 - 2022-11-07 10:58 - 000000000 ____D C:\Users\bernt
2022-11-07 10:58 - 2021-05-18 07:06 - 000000000 ____D C:\Users\bernt\AppData\Roaming\ISIS Drivers
2022-11-07 10:58 - 2016-12-06 10:22 - 000000000 ____D C:\Users\bernt\AppData\Roaming\Macromedia
2022-11-07 10:57 - 2022-11-07 10:57 - 000000000 ____D C:\Users\bernt_adm\AppData\Roaming\Intel Corporation
2022-11-07 10:57 - 2022-11-07 10:57 - 000000000 ____D C:\Users\bernt_adm\AppData\Roaming\Disc-Soft
2022-11-07 10:57 - 2022-11-07 10:57 - 000000000 ____D C:\Users\bernt_adm\AppData\Roaming\DAEMON Tools Lite
2022-11-07 10:56 - 2022-11-07 10:56 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3931774261-353690543-269189853-26479
2022-11-07 10:56 - 2022-11-07 10:56 - 000003368 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3931774261-353690543-269189853-26479
2022-11-07 10:56 - 2022-11-07 10:56 - 000002375 _____ C:\Users\bernt_adm\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-11-07 10:56 - 2022-11-07 10:56 - 000000000 ___RD C:\Users\bernt_adm\OneDrive
2022-11-07 10:56 - 2022-11-07 10:56 - 000000000 ____D C:\Users\bernt_adm\AppData\Local\D3DSCache
2022-11-07 10:56 - 2022-11-07 10:56 - 000000000 ____D C:\Users\bernt_adm\AppData\Local\Adobe
2022-11-07 10:55 - 2022-11-07 10:55 - 000000000 ____D C:\Users\bernt_adm\AppData\Local\Publishers
2022-11-07 10:55 - 2022-11-07 10:55 - 000000000 ____D C:\Users\bernt_adm\AppData\Local\Power2Go8
2022-11-07 10:54 - 2022-11-07 10:56 - 000000000 ____D C:\Users\bernt_adm\AppData\Local\Packages
2022-11-07 10:54 - 2022-11-07 10:56 - 000000000 ____D C:\Users\bernt_adm
2022-11-07 10:54 - 2022-11-07 10:54 - 000002334 _____ C:\Users\bernt_adm\Desktop\Google Chrome.lnk
2022-11-07 10:54 - 2022-11-07 10:54 - 000000020 ___SH C:\Users\bernt_adm\ntuser.ini
2022-11-07 10:54 - 2022-11-07 10:54 - 000000000 _SHDL C:\Users\bernt_adm\Soubory cookie
2022-11-07 10:54 - 2022-11-07 10:54 - 000000000 _SHDL C:\Users\bernt_adm\Šablony
2022-11-07 10:54 - 2022-11-07 10:54 - 000000000 _SHDL C:\Users\bernt_adm\Poslední
2022-11-07 10:54 - 2022-11-07 10:54 - 000000000 _SHDL C:\Users\bernt_adm\Okolní tiskárny
2022-11-07 10:54 - 2022-11-07 10:54 - 000000000 _SHDL C:\Users\bernt_adm\Okolní síť
2022-11-07 10:54 - 2022-11-07 10:54 - 000000000 _SHDL C:\Users\bernt_adm\Nabídka Start
2022-11-07 10:54 - 2022-11-07 10:54 - 000000000 _SHDL C:\Users\bernt_adm\Dokumenty
2022-11-07 10:54 - 2022-11-07 10:54 - 000000000 _SHDL C:\Users\bernt_adm\Documents\Obrázky
2022-11-07 10:54 - 2022-11-07 10:54 - 000000000 _SHDL C:\Users\bernt_adm\Documents\Hudba
2022-11-07 10:54 - 2022-11-07 10:54 - 000000000 _SHDL C:\Users\bernt_adm\Documents\Filmy
2022-11-07 10:54 - 2022-11-07 10:54 - 000000000 _SHDL C:\Users\bernt_adm\Data aplikací
2022-11-07 10:54 - 2022-11-07 10:54 - 000000000 _SHDL C:\Users\bernt_adm\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2022-11-07 10:54 - 2022-11-07 10:54 - 000000000 _SHDL C:\Users\bernt_adm\AppData\Local\Data aplikací
2022-11-07 10:54 - 2022-11-07 10:54 - 000000000 __SHD C:\Users\bernt_adm\IntelGraphicsProfiles
2022-11-07 10:54 - 2022-11-07 10:54 - 000000000 ____D C:\Users\bernt_adm\AppData\Roaming\Adobe
2022-11-07 10:54 - 2022-11-07 10:54 - 000000000 ____D C:\Users\bernt_adm\AppData\LocalLow\Intel
2022-11-07 10:54 - 2022-11-07 10:54 - 000000000 ____D C:\Users\bernt_adm\AppData\Local\VirtualStore
2022-11-07 10:54 - 2022-11-07 10:54 - 000000000 ____D C:\Users\bernt_adm\AppData\Local\Google
2022-11-07 10:54 - 2022-11-07 10:54 - 000000000 ____D C:\Users\bernt_adm\AppData\Local\ConnectedDevicesPlatform
2022-11-07 10:54 - 2022-11-07 10:54 - 000000000 ____D C:\Users\bernt_adm\AppData\Local\Bitdefender
2022-11-07 10:54 - 2021-05-18 07:06 - 000000000 ____D C:\Users\bernt_adm\AppData\Roaming\ISIS Drivers
2022-11-07 10:54 - 2016-12-06 10:22 - 000000000 ____D C:\Users\bernt_adm\AppData\Roaming\Macromedia
2022-11-07 10:50 - 2022-11-07 10:52 - 000000128 _____ C:\WINDOWS\system32\config\netlogon.ftl
2022-11-07 10:17 - 2022-11-07 10:17 - 000096546 _____ C:\Users\Meiner\Documents\cc_20221107_101718.reg
2022-11-07 10:15 - 2022-11-07 14:01 - 000003416 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2022-11-07 10:15 - 2022-11-07 14:01 - 000000760 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2022-11-07 10:15 - 2022-11-07 10:15 - 000002886 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - Bernt
2022-11-07 10:15 - 2022-11-07 10:15 - 000000865 _____ C:\Users\Public\Desktop\CCleaner.lnk
2022-11-07 08:42 - 2022-11-07 08:42 - 000688128 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2022-11-07 08:42 - 2022-11-07 08:42 - 000073216 _____ C:\WINDOWS\system32\nettraceex.dll
2022-11-07 08:42 - 2022-11-07 08:42 - 000012263 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-11-07 08:41 - 2022-11-07 08:41 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-11-07 08:37 - 2022-11-07 08:37 - 000000000 ____D C:\Users\Administrator\AppData\Local\Comms
2022-11-07 08:32 - 2022-11-07 08:32 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\com.adobe.dunamis
2022-11-07 08:32 - 2022-11-07 08:32 - 000000000 ____D C:\Users\Administrator\AppData\LocalLow\Adobe
2022-11-07 08:32 - 2022-11-07 08:32 - 000000000 ____D C:\Users\Administrator\AppData\Local\CEF
2022-11-07 08:32 - 2022-11-07 08:32 - 000000000 ____D C:\Users\Administrator\.ms-ad
2022-11-07 08:29 - 2022-11-07 08:29 - 001048576 _____ C:\Users\Administrator\defltbase.sdb
2022-11-07 08:29 - 2022-11-07 08:29 - 000016384 _____ C:\Users\Administrator\defltbase.jfm
2022-11-07 08:29 - 2022-11-07 08:29 - 000000000 ___HD C:\$WinREAgent
2022-11-07 08:27 - 2022-11-07 08:27 - 000000000 ____D C:\Users\Administrator\AppData\Local\PlaceholderTileLogoFolder
2022-11-07 08:22 - 2022-11-07 08:28 - 000000000 ____D C:\Users\Administrator\AppData\Local\D3DSCache
2022-11-07 08:22 - 2022-11-07 08:22 - 000003584 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3484508172-1537139364-842860775-500
2022-11-07 08:22 - 2022-11-07 08:22 - 000003374 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3484508172-1537139364-842860775-500
2022-11-07 08:22 - 2022-11-07 08:22 - 000000000 ___RD C:\Users\Administrator\OneDrive
2022-11-07 08:22 - 2022-11-07 08:22 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Intel Corporation
2022-11-07 08:21 - 2022-11-07 08:32 - 000000000 ____D C:\Users\Administrator\AppData\Local\Adobe
2022-11-07 08:20 - 2022-11-07 08:39 - 000000000 ____D C:\Users\Administrator\AppData\Local\Packages
2022-11-07 08:20 - 2022-11-07 08:32 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Adobe
2022-11-07 08:20 - 2022-11-07 08:26 - 000002334 _____ C:\Users\Administrator\Desktop\Google Chrome.lnk
2022-11-07 08:20 - 2022-11-07 08:20 - 000002348 _____ C:\Users\Administrator\Desktop\Microsoft Edge.lnk
2022-11-07 08:20 - 2022-11-07 08:20 - 000000000 ____D C:\Users\Administrator\AppData\Local\Publishers
2022-11-07 08:20 - 2022-11-07 08:20 - 000000000 ____D C:\Users\Administrator\AppData\Local\Google
2022-11-07 08:19 - 2022-11-07 08:32 - 000000000 ____D C:\Users\Administrator
2022-11-07 08:19 - 2022-11-07 08:22 - 000002387 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-11-07 08:19 - 2022-11-07 08:20 - 000000000 ____D C:\Users\Administrator\AppData\Local\ConnectedDevicesPlatform
2022-11-07 08:19 - 2022-11-07 08:19 - 000000020 ___SH C:\Users\Administrator\ntuser.ini
2022-11-07 08:19 - 2022-11-07 08:19 - 000000000 _SHDL C:\Users\Administrator\Soubory cookie
2022-11-07 08:19 - 2022-11-07 08:19 - 000000000 _SHDL C:\Users\Administrator\Šablony
2022-11-07 08:19 - 2022-11-07 08:19 - 000000000 _SHDL C:\Users\Administrator\Poslední
2022-11-07 08:19 - 2022-11-07 08:19 - 000000000 _SHDL C:\Users\Administrator\Okolní tiskárny
2022-11-07 08:19 - 2022-11-07 08:19 - 000000000 _SHDL C:\Users\Administrator\Okolní síť
2022-11-07 08:19 - 2022-11-07 08:19 - 000000000 _SHDL C:\Users\Administrator\Nabídka Start
2022-11-07 08:19 - 2022-11-07 08:19 - 000000000 _SHDL C:\Users\Administrator\Dokumenty
2022-11-07 08:19 - 2022-11-07 08:19 - 000000000 _SHDL C:\Users\Administrator\Documents\Obrázky
2022-11-07 08:19 - 2022-11-07 08:19 - 000000000 _SHDL C:\Users\Administrator\Documents\Hudba
2022-11-07 08:19 - 2022-11-07 08:19 - 000000000 _SHDL C:\Users\Administrator\Documents\Filmy
2022-11-07 08:19 - 2022-11-07 08:19 - 000000000 _SHDL C:\Users\Administrator\Data aplikací
2022-11-07 08:19 - 2022-11-07 08:19 - 000000000 _SHDL C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2022-11-07 08:19 - 2022-11-07 08:19 - 000000000 _SHDL C:\Users\Administrator\AppData\Local\Data aplikací
2022-11-07 08:19 - 2022-11-07 08:19 - 000000000 __SHD C:\Users\Administrator\IntelGraphicsProfiles
2022-11-07 08:19 - 2022-11-07 08:19 - 000000000 ____D C:\Users\Administrator\AppData\LocalLow\Intel
2022-11-07 08:19 - 2022-11-07 08:19 - 000000000 ____D C:\Users\Administrator\AppData\Local\Bitdefender
2022-11-07 08:19 - 2021-05-18 07:06 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\ISIS Drivers
2022-11-07 08:19 - 2016-12-06 10:22 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Macromedia
2022-11-07 07:39 - 2022-11-07 07:39 - 000000000 ____D C:\Program Files\Synaptics
2022-10-31 14:57 - 2022-10-31 14:57 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_synaWudfBioUsb124_02_21_00.Wdf
2022-10-31 13:55 - 2022-10-31 13:55 - 000101220 _____ C:\ProgramData\agent.update.1667220935.bdinstall.v2.bin
2022-10-26 10:32 - 2022-10-26 10:32 - 000000000 ____D C:\Users\Meiner\AppData\Local\ASDWebSigner
2022-10-21 12:23 - 2022-10-21 12:43 - 000000000 ____D C:\WINDOWS\system32\Tasks\moje
2022-10-19 12:47 - 2022-10-19 12:47 - 000002276 _____ C:\Users\Meiner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Firefox Private Browsing.lnk
2022-10-19 12:47 - 2022-10-19 12:47 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2022-10-17 08:31 - 2022-10-25 08:01 - 000002138 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader.lnk
2022-10-17 08:31 - 2022-10-25 08:01 - 000002126 _____ C:\Users\Public\Desktop\Acrobat Reader.lnk
2022-10-12 13:44 - 2022-10-12 13:44 - 000000000 ____D C:\Users\Meiner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2022-10-12 03:03 - 2022-10-12 03:03 - 002260480 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2022-10-12 03:03 - 2022-10-12 03:03 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2022-10-12 03:03 - 2022-10-12 03:03 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2022-10-12 03:03 - 2022-10-12 03:03 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2022-10-12 03:03 - 2022-10-12 03:03 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2022-10-10 09:12 - 2022-10-10 09:12 - 000000000 ____D C:\Autodesk

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-11-07 14:15 - 2022-05-03 07:01 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2022-11-07 14:14 - 2020-07-01 09:39 - 000000000 ____D C:\Users\Meiner\AppData\LocalLow\Mozilla
2022-11-07 14:12 - 2019-10-04 02:58 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2022-11-07 14:06 - 2021-11-22 18:12 - 001710382 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-11-07 14:06 - 2019-12-07 15:43 - 000723282 _____ C:\WINDOWS\system32\perfh005.dat
2022-11-07 14:06 - 2019-12-07 15:43 - 000147516 _____ C:\WINDOWS\system32\perfc005.dat
2022-11-07 14:06 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2022-11-07 14:03 - 2016-12-06 15:54 - 000000000 ____D C:\Program Files (x86)\Google
2022-11-07 14:01 - 2021-01-08 12:10 - 000000000 ____D C:\Users\Meiner\AppData\Local\1Password
2022-11-07 14:01 - 2016-12-06 14:47 - 000000000 ____D C:\Program Files\CCleaner
2022-11-07 14:00 - 2022-09-13 07:59 - 000000569 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics
2022-11-07 14:00 - 2022-01-12 08:27 - 000000000 ____D C:\Users\Meiner\AppData\Roaming\1Password
2022-11-07 14:00 - 2017-06-21 12:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender Endpoint Security Tools
2022-11-07 13:59 - 2022-02-11 12:01 - 000000000 ____D C:\Program Files\TeamViewer
2022-11-07 13:59 - 2021-11-22 18:11 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-11-07 13:59 - 2020-07-05 01:10 - 000008192 ___SH C:\DumpStack.log.tmp
2022-11-07 13:59 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-11-07 13:59 - 2016-11-17 17:34 - 000000000 ____D C:\Intel
2022-11-07 13:58 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2022-11-07 13:49 - 2021-11-22 18:02 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-11-07 13:18 - 2020-01-23 11:22 - 000000000 ____D C:\Users\Meiner\AppData\Roaming\Messenger
2022-11-07 13:17 - 2020-01-23 11:22 - 000000000 ____D C:\Users\Meiner\AppData\Local\Messenger
2022-11-07 13:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2022-11-07 13:07 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-11-07 11:25 - 2021-06-18 06:58 - 000000000 ____D C:\Users\Meiner\AppData\Roaming\Signal
2022-11-07 11:00 - 2017-11-06 16:18 - 000001104 __RSH C:\ProgramData\ntuser.pol
2022-11-07 10:59 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-11-07 10:56 - 2021-11-22 18:11 - 000000000 ____D C:\WINDOWS\system32\Tasks\Agent Activation Runtime
2022-11-07 10:54 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-11-07 10:22 - 2022-09-13 07:54 - 000001575 _____ C:\WINDOWS\system32\config\VSMIDK
2022-11-07 10:15 - 2021-11-22 18:11 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2022-11-07 08:52 - 2021-11-22 18:02 - 005537152 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-11-07 08:52 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2022-11-07 08:52 - 2016-12-05 14:16 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2022-11-07 08:52 - 2016-12-05 14:14 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-11-07 08:51 - 2022-09-13 07:52 - 000000000 ____D C:\Program Files\Hyper-V
2022-11-07 08:51 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2022-11-07 08:51 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2022-11-07 08:51 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-11-07 08:51 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-11-07 08:51 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-11-07 08:51 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-11-07 08:51 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-11-07 08:41 - 2021-11-22 18:03 - 003014656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-11-07 08:38 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-11-07 08:37 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2022-11-07 08:27 - 2020-10-14 16:23 - 000000000 ____D C:\Program Files\Google
2022-11-07 08:02 - 2022-08-05 07:55 - 000001268 _____ C:\Users\Public\Desktop\Thunderbird.lnk
2022-11-07 08:02 - 2016-12-05 14:18 - 000001280 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Thunderbird.lnk
2022-11-07 07:45 - 2022-01-12 08:27 - 000001266 _____ C:\Users\Meiner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\1Password.lnk
2022-11-07 07:43 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2022-11-07 07:43 - 2017-02-21 12:48 - 000000000 ____D C:\Program Files\Opera
2022-11-07 07:42 - 2017-12-12 16:57 - 000000000 ____D C:\Users\Meiner\AppData\Roaming\WhatsApp
2022-11-07 07:42 - 2017-12-01 12:35 - 000000000 ____D C:\Users\Meiner\AppData\Roaming\discord
2022-11-07 07:40 - 2020-07-01 08:57 - 000000000 ____D C:\ProgramData\Validity
2022-11-07 07:39 - 2017-11-06 14:54 - 000000000 ____D C:\ProgramData\Synaptics
2022-11-07 07:33 - 2021-09-29 14:26 - 000000000 ____D C:\Users\Meiner\AppData\Local\Discord
2022-11-07 07:15 - 2017-07-24 08:48 - 000000000 ____D C:\Users\Meiner\AppData\Local\Spotify
2022-11-05 17:13 - 2020-09-07 06:38 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-11-04 22:40 - 2021-10-21 13:37 - 000000000 ____D C:\Users\Meiner\AppData\Local\WhatsApp
2022-11-03 16:24 - 2017-07-24 08:48 - 000000000 ____D C:\Users\Meiner\AppData\Roaming\Spotify
2022-11-03 10:01 - 2017-04-26 07:46 - 000000000 ____D C:\Users\Meiner\AppData\Local\VMware
2022-11-03 09:39 - 2017-04-26 07:50 - 000000000 ____D C:\Users\Meiner\AppData\Roaming\VMware
2022-11-02 21:15 - 2021-12-13 07:18 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3484508172-1537139364-842860775-1001
2022-11-02 21:15 - 2021-11-22 18:11 - 000003360 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3484508172-1537139364-842860775-1001
2022-11-02 21:15 - 2021-11-22 17:26 - 000002382 _____ C:\Users\Meiner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-11-02 20:48 - 2016-12-06 15:54 - 000002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-11-02 13:08 - 2017-07-20 08:39 - 000000600 _____ C:\Users\Meiner\AppData\Local\PUTTY.RND
2022-11-02 09:11 - 2021-11-22 18:11 - 000003940 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1487677731
2022-11-02 09:11 - 2017-06-30 11:50 - 000001115 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2022-11-01 08:58 - 2022-08-09 06:15 - 000002332 _____ C:\Users\Meiner\Desktop\Messenger.lnk
2022-11-01 08:58 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2022-11-01 08:19 - 2022-08-05 07:55 - 000001280 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2022-10-31 15:27 - 2021-04-23 09:52 - 000000000 ____D C:\Users\Meiner\AppData\Local\ElevatedDiagnostics
2022-10-31 14:39 - 2021-02-20 10:09 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2022-10-31 13:55 - 2021-11-22 18:11 - 000003846 _____ C:\WINDOWS\system32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864
2022-10-31 13:55 - 2016-12-06 14:58 - 000000000 ____D C:\Program Files\Bitdefender Agent
2022-10-31 13:07 - 2016-12-05 12:41 - 000000000 ____D C:\Users\Meiner\AppData\Local\ConnectedDevicesPlatform
2022-10-31 09:22 - 2018-05-25 14:09 - 000000000 ____D C:\Users\Meiner\AppData\Local\D3DSCache
2022-10-31 09:19 - 2016-12-05 14:14 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2022-10-27 12:43 - 2021-01-04 08:15 - 000000000 ____D C:\Users\Meiner\AppData\Local\CrashDumps
2022-10-27 12:40 - 2022-07-15 14:05 - 000000000 ____D C:\ProgramData\I.CA SecureStore
2022-10-24 11:54 - 2017-12-07 11:08 - 000000000 ____D C:\Users\Meiner\AppData\Local\Packages
2022-10-23 08:08 - 2019-10-06 06:54 - 000002023 _____ C:\Users\Meiner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\7+ Taskbar Tweaker.lnk
2022-10-21 12:40 - 2016-12-06 17:21 - 000000000 ____D C:\Krut
2022-10-19 21:48 - 2021-02-01 17:55 - 000002059 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk
2022-10-19 14:15 - 2016-12-06 14:48 - 000000000 ____D C:\Program Files\Microsoft Office
2022-10-19 12:47 - 2022-01-13 09:09 - 000001218 _____ C:\Users\Public\Desktop\Firefox.lnk
2022-10-19 12:46 - 2016-12-05 14:14 - 000001230 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2022-10-17 08:31 - 2021-11-22 18:11 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2022-10-17 08:15 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2022-10-17 08:15 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2022-10-17 08:15 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2022-10-17 08:12 - 2022-07-01 12:04 - 000002126 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller 2020.lnk
2022-10-17 08:12 - 2022-07-01 12:04 - 000002115 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat 2020.lnk
2022-10-17 08:08 - 2021-11-22 18:11 - 000003640 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-10-17 08:08 - 2021-11-22 18:11 - 000003516 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-10-12 13:44 - 2019-02-06 14:11 - 000000000 ____D C:\Users\Meiner\AppData\Roaming\Zoom
2022-10-12 07:58 - 2021-05-10 07:09 - 000000000 ____D C:\Users\Meiner\Desktop\servery
2022-10-12 03:06 - 2019-12-07 10:15 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
2022-10-12 03:06 - 2019-12-07 10:14 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
2022-10-12 02:52 - 2016-12-06 09:57 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-10-12 02:42 - 2020-05-28 13:59 - 000000000 ____D C:\Program Files\dotnet
2022-10-12 02:42 - 2016-12-06 09:57 - 147398024 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-10-12 02:42 - 2016-11-17 17:32 - 000000000 ____D C:\ProgramData\Package Cache
2022-10-10 09:13 - 2022-09-01 09:27 - 000000000 ____D C:\Users\Meiner\AppData\Roaming\UI Launcher

==================== Files in the root of some directories ========

2019-08-01 08:22 - 2019-08-01 08:22 - 000000132 _____ () C:\Users\Meiner\AppData\Roaming\Adobe Formát GIF CS5 – předvolby
2020-02-20 16:21 - 2020-02-27 15:41 - 000000132 _____ () C:\Users\Meiner\AppData\Roaming\Adobe Formát PNG CS5 – předvolby
2022-01-28 10:25 - 2022-01-28 10:25 - 018344964 _____ (Polycom) C:\Users\Meiner\AppData\Roaming\PolycomCompanionSetup.exe
2019-11-26 16:13 - 2021-11-04 07:52 - 000000128 _____ () C:\Users\Meiner\AppData\Roaming\winscp.rnd
2019-08-01 08:39 - 2019-08-01 08:41 - 000001480 _____ () C:\Users\Meiner\AppData\Local\Adobe Uložit pro web 12.0 Prefs
2021-12-22 15:20 - 2021-12-22 15:20 - 000001959 _____ () C:\Users\Meiner\AppData\Local\ECEDD89088A84e9bB3CA813B520B81E0.Klára Tesařová + Václav Bernt.lbx
2017-07-21 12:04 - 2017-07-21 12:04 - 000001842 _____ () C:\Users\Meiner\AppData\Local\HDGraph.log
2022-01-27 11:13 - 2017-03-07 14:33 - 000000036 _____ () C:\Users\Meiner\AppData\Local\installLang.ini
2018-09-28 17:41 - 2018-09-28 17:41 - 000000000 _____ () C:\Users\Meiner\AppData\Local\oobelibMkey.log
2017-07-20 08:39 - 2022-11-02 13:08 - 000000600 _____ () C:\Users\Meiner\AppData\Local\PUTTY.RND
2021-04-26 09:03 - 2021-04-26 09:03 - 000000888 _____ () C:\Users\Meiner\AppData\Local\recently-used.xbel
2018-08-27 13:21 - 2018-10-01 14:56 - 000000487 _____ () C:\Users\Meiner\AppData\Local\ReclaiMe.config
2019-01-28 11:09 - 2022-07-22 09:04 - 000007640 _____ () C:\Users\Meiner\AppData\Local\Resmon.ResmonCfg
2021-12-14 14:11 - 2021-12-14 14:11 - 000000432 _____ () C:\Users\Meiner\AppData\Local\sk.cmp
2018-05-03 13:36 - 2018-05-03 13:36 - 000000003 _____ () C:\Users\Meiner\AppData\Local\updater.log
2018-05-03 13:36 - 2020-07-01 08:40 - 000000059 _____ () C:\Users\Meiner\AppData\Local\UserProducts.xml

==================== FLock ==============================

2021-04-21 08:49 C:\Users\Meiner\AppData\Local\WebEx
2021-04-20 08:49 C:\Users\Meiner\AppData\LocalLow\WebEx

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================