Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Mizící soubory WIN 10 SSD

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
AndySue
Návštěvník
Návštěvník
Příspěvky: 91
Registrován: 26 pro 2009 12:10

Mizící soubory WIN 10 SSD

#1 Příspěvek od AndySue »

Začaly mi záhadně mizet jednotlivé soubory ze složky Documents (teď, před 2 měsící zmizel dokonce celý program HSMWorks ale ze složky Program Files).

Níže logy.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 12-03-2023
Ran by admin (administrator) on DESKTOP-OLM3P1O (HP HP Z240 Tower Workstation) (13-03-2023 09:43:39)
Running from C:\Users\admin\Documents\INSTALL
Loaded Profiles: admin
Platform: Microsoft Windows 10 Pro Version 21H2 19044.2604 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Acronis, Inc -> Acronis) C:\Program Files (x86)\Acronis\DriveMonitor\adm_tray.exe
(C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe ->) (Acronis, Inc -> Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(C:\Program Files (x86)\Common Files\iMyFone\Components\Resident\LocalService.exe ->) (Shenzhen iMyFone Technology Co., Ltd -> ) C:\Program Files (x86)\Common Files\iMyFone\Components\Resident\MFResident.exe
(C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\bin\eds-httpd.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\EasyPHP-DevServer-14.1VC11.exe ->) () [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\mysql\bin\eds-mysqld.exe
(C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\EasyPHP-DevServer-14.1VC11.exe ->) (Apache Software Foundation) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\bin\eds-httpd.exe <2>
(C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe ->) (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_2\AcroCEF.exe <7>
(C:\Program Files\Google\Drive File Stream\70.0.2.0\GoogleDriveFS.exe ->) (Google LLC -> Google, Inc.) C:\Program Files\Google\Drive File Stream\71.0.3.0\GoogleDriveFS.exe <6>
(C:\Program Files\Google\Drive File Stream\71.0.3.0\GoogleDriveFS.exe ->) (Google LLC -> ) C:\Program Files\Google\Drive File Stream\71.0.3.0\crashpad_handler.exe <5>
(C:\Program Files\Google\Chrome\Application\chrome.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe <2>
(C:\Program Files\HP\HP Enabling Services\NetworkCap.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\BridgeCommunication.exe
(C:\Program Files\LibreOffice\program\scalc.exe ->) (The Document Foundation -> The Document Foundation) C:\Program Files\LibreOffice\program\soffice.exe
(C:\Program Files\LibreOffice\program\soffice.exe ->) (The Document Foundation -> The Document Foundation) C:\Program Files\LibreOffice\program\soffice.bin
(C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS\SLDWORKS.exe ->) (Dassault Systemes SolidWorks Corp. -> Dassault Systèmes SolidWorks Corp.) C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS\sldProcMon.exe
(C:\Program Files\WindowsApps\Microsoft.YourPhone_1.23012.167.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.23012.167.0_x64__8wekyb3d8bbwe\YourPhoneAppProxy.exe
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MpCopyAccelerator.exe
(C:\Windows\SysWOW64\cmd.exe ->) (Python Software Foundation -> Python Software Foundation) C:\Users\admin\AppData\Local\Programs\Python\Python311\python.exe
(cmd.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome Remote Desktop\111.0.5563.12\remoting_native_messaging_host.exe
(Dassault Systemes SolidWorks Corp. -> Dassault Systèmes SolidWorks Corp.) C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS\SLDWORKS.exe
(explorer.exe ->) (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe <2>
(explorer.exe ->) (Dassault Systemes SolidWorks Corp. -> Dassault Systèmes SolidWorks Corp.) C:\Program Files (x86)\Common Files\Manažer instalací SOLIDWORKS\BackgroundDownloading\sldBgDwld.exe
(explorer.exe ->) (Dassault Systemes SolidWorks Corp. -> Dassault Systèmes SolidWorks Corp.) C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS\sldworks_fs.exe
(explorer.exe ->) (EasyPHP) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\EasyPHP-DevServer-14.1VC11.exe
(explorer.exe ->) (Ghisler Software GmbH -> Ghisler Software GmbH) C:\Program Files\totalcmd\TOTALCMD64.EXE
(explorer.exe ->) (Google LLC -> ) C:\Program Files\Google\Drive File Stream\70.0.2.0\crashpad_handler.exe <2>
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <36>
(explorer.exe ->) (Google LLC -> Google, Inc.) C:\Program Files\Google\Drive File Stream\70.0.2.0\GoogleDriveFS.exe
(explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(explorer.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Pixart Imaging Inc) C:\Windows\System32\TiltWheelMouse.exe
(explorer.exe ->) (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Thunderbird\thunderbird.exe <3>
(explorer.exe ->) (Petr Laštovička) [File not signed] C:\Program Files\hotkeyp\HotkeyP.exe
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(explorer.exe ->) (The Document Foundation -> The Document Foundation) C:\Program Files\LibreOffice\program\scalc.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler64.exe
(Jan Fiala -> Jan Fiala) C:\Program Files (x86)\PSPad editor\PSPad.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(Open Source Developer, Noriyuki Miyazaki -> Crystal Dew World) C:\Program Files\CrystalDiskInfo\DiskInfo64.exe
(services.exe ->) (Acronis, Inc -> Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (Flexera Software LLC -> Flexera Software LLC) C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe
(services.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome Remote Desktop\111.0.5563.12\remoting_host.exe <2>
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\AppHelperCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\DiagsCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\NetworkCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\SysInfoCap.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_9949412f65718dfe\LMS.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_670360bdb5a40a0d\WMIRegistrationService.exe
(services.exe ->) (Intel Corporation -> Intel(R) Corporation) C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_45efd8a6478e15ce\lib\TPMProvisioningService.exe
(services.exe ->) (Intel Corporation -> Intel(R) Corporation) C:\Windows\SysWOW64\XtuService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\NisSrv.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvwu.inf_amd64_422d09ccf7b0b873\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvwu.inf_amd64_422d09ccf7b0b873\NVWMI\nvWmi64.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(services.exe ->) (Shenzhen iMyFone Technology Co., Ltd -> ) C:\Program Files (x86)\Common Files\iMyFone\Components\Resident\LocalService.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(sihost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.23012.167.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(spoolsv.exe ->) (CANON INC. -> CANON INC.) C:\Windows\System32\CNAB4RPD.EXE
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_4.2204.13303.0_x64__8wekyb3d8bbwe\Cortana.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_11.2210.0.0_x64__8wekyb3d8bbwe\CalculatorApp.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18391120 2019-03-04] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [MouseDriver] => C:\WINDOWS\system32\TiltWheelMouse.exe [241152 2013-04-09] (Microsoft Windows Hardware Compatibility Publisher -> Pixart Imaging Inc)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [462328 2009-10-27] (Acronis, Inc -> Acronis)
HKLM-x32\...\Run: [adm_tray.exe] => C:\Program Files (x86)\Acronis\DriveMonitor\adm_tray.exe [530768 2010-06-04] (Acronis, Inc -> Acronis)
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\71.0.3.0\GoogleDriveFS.exe [52571928 2023-02-22] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\71.0.3.0\GoogleDriveFS.exe [52571928 2023-02-22] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-567959055-877555932-3223723616-1001\...\Run: [EasyPHP] => C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\EasyPHP-DevServer-14.1VC11.exe [279552 2014-01-09] (EasyPHP) [File not signed]
HKU\S-1-5-21-567959055-877555932-3223723616-1001\...\Run: [HotkeyP] => C:\Program Files\hotkeyp\HotkeyP.exe [147456 2012-11-20] (Petr Laštovička) [File not signed]
HKU\S-1-5-21-567959055-877555932-3223723616-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\71.0.3.0\GoogleDriveFS.exe [52571928 2023-02-22] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-567959055-877555932-3223723616-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\admin\AppData\Local\Microsoft\Teams\Update.exe [2587456 2023-02-20] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-567959055-877555932-3223723616-1001\...\Run: [MicrosoftEdgeAutoLaunch_29EBC4579851B72EE312C449CF839B1A] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4243408 2023-03-02] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-567959055-877555932-3223723616-1001\...\RunOnce: [Application Restart #2] => C:\Program Files\Microsoft Visual Studio\2022\Community\Common7\IDE\devenv.exe [1004480 2023-02-06] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-567959055-877555932-3223723616-1001\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-567959055-877555932-3223723616-1001\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\admin\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-567959055-877555932-3223723616-1001\...\RunOnce: [Uninstall 23.023.0129.0002\i386] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\admin\AppData\Local\Microsoft\OneDrive\23.023.0129.0002\i386" (No File)
HKU\S-1-5-21-567959055-877555932-3223723616-1001\...\RunOnce: [Uninstall 23.023.0129.0002] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\admin\AppData\Local\Microsoft\OneDrive\23.023.0129.0002" (No File)
HKU\S-1-5-21-567959055-877555932-3223723616-1001\...\RunOnce: [Uninstall 23.028.0205.0002] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\admin\AppData\Local\Microsoft\OneDrive\23.028.0205.0002" (No File)
HKU\S-1-5-21-567959055-877555932-3223723616-1001\...\RunOnce: [Uninstall 23.033.0212.0001\i386] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\admin\AppData\Local\Microsoft\OneDrive\23.033.0212.0001\i386" (No File)
HKU\S-1-5-21-567959055-877555932-3223723616-1001\...\RunOnce: [Uninstall 23.033.0212.0001] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\admin\AppData\Local\Microsoft\OneDrive\23.033.0212.0001" (No File)
HKU\S-1-5-21-567959055-877555932-3223723616-1001\...\MountPoints2: {bc7d3332-a0f9-11ec-b7c8-9457a5edaf40} - "E:\WD SmartWare.exe" autoplay=true
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\71.0.3.0\GoogleDriveFS.exe [52571928 2023-02-22] (Google LLC -> Google, Inc.)
HKLM\...\Windows x64\Print Processors\hpcpp160: C:\Windows\System32\spool\prtprocs\x64\hpcpp160.dll [602912 2013-12-04] (Hewlett-Packard Company -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\CNAB4 Monitor: C:\WINDOWS\system32\CNAB4LMD.DLL [58880 2012-10-10] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\HP Universal Print Monitor: C:\WINDOWS\system32\HPMPW081.DLL [74016 2013-12-04] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM\...\Print\Monitors\HPMLM135: C:\WINDOWS\system32\hpmlm135.dll [237344 2013-12-04] (Hewlett-Packard Company -> Hewlett-Packard Company)
HKLM\...\Print\Monitors\PrimoMon: C:\WINDOWS\system32\Primomonnt.dll [95008 2015-09-01] (Nitro PDF Software -> )
HKLM\...\Print\Monitors\ZDesigner Language Monitor: C:\WINDOWS\system32\zdnNLM64.dll [645760 2021-02-03] (Microsoft Windows Hardware Compatibility Publisher -> Euro Plus d.o.o.)
HKLM\...\Print\Monitors\ZDesigner Port Monitor: C:\WINDOWS\system32\zdnPMS.dll [206032 2022-08-12] (Euro Plus d.o.o. -> Euro Plus d.o.o.)
HKLM\...\Print\Monitors\ZDesigner2 Language Monitor: C:\WINDOWS\system32\ZDesignerLM.dll [961632 2021-12-24] (Zebra Technologies Corporation -> Zebra Technologies Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\110.0.5481.180\Installer\chrmstp.exe [2023-03-08] (Google LLC -> Google LLC)
Startup: C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\chrome – zástupce.lnk [2023-01-30]
ShortcutTarget: chrome – zástupce.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
Startup: C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EasyPHP-DevServer-14.1VC11.exe [2014-01-09] (EasyPHP) [File not signed]
Startup: C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\thunderbird – zástupce.lnk [2022-10-31]
ShortcutTarget: thunderbird – zástupce.lnk -> C:\Program Files\Mozilla Thunderbird\thunderbird.exe (Mozilla Corporation -> Mozilla Corporation)
Startup: C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TOTALCMD64 – zástupce.lnk [2023-01-30]
ShortcutTarget: TOTALCMD64 – zástupce.lnk -> C:\Program Files\totalcmd\TOTALCMD64.EXE (Ghisler Software GmbH -> Ghisler Software GmbH)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Canon LBP2900 Status Window.lnk [2021-12-21]
ShortcutTarget: Canon LBP2900 Status Window.lnk -> C:\Windows\System32\spool\drivers\x64\3\CNAB4LAD.EXE (CANON INC. -> CANON INC.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SOLIDWORKS 2016 Rychlé spuštění.lnk [2021-11-15]
ShortcutTarget: SOLIDWORKS 2016 Rychlé spuštění.lnk -> C:\Windows\Installer\{768F3B65-1695-47B7-9002-B11400CB111D}\NewShortcut2_87EDF6C81D0A4B7B84F42FE0C6A9D608.exe (Flexera Software LLC) [File not signed]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SOLIDWORKS Nástroj pro stahování na pozadí.lnk [2021-11-15]
ShortcutTarget: SOLIDWORKS Nástroj pro stahování na pozadí.lnk -> C:\Program Files (x86)\Common Files\Manažer instalací SOLIDWORKS\BackgroundDownloading\sldBgDwld.exe (Dassault Systemes SolidWorks Corp. -> Dassault Systèmes SolidWorks Corp.)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0819FB25-04EC-445F-BE82-9A09B0964AE6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSFReport.exe [138328 2023-01-10] (HP Inc. -> HP Inc.)
Task: {127D5BA0-B9C3-43BD-BEED-B4A3DD1DFEF5} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MpCmdRun.exe [1592184 2023-02-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {147C811D-E8C5-4650-8ADC-661D0FCD0C1B} - System32\Tasks\Microsoft\VisualStudio\Updates\BackgroundDownload => C:\Program Files (x86)\Microsoft Visual Studio\Installer\resources\app\ServiceHub\Services\Microsoft.VisualStudio.Setup.Service\BackgroundDownload.exe [73648 2023-02-06] (Microsoft Corporation -> Microsoft)
Task: {1AAC70DF-DAC7-4859-8EAF-89DD78983587} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MpCmdRun.exe [1592184 2023-02-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {2CDDAF7A-8EAF-44DD-A630-224058756321} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [716704 2023-03-01] (Mozilla Corporation -> Mozilla Foundation)
Task: {311EB5D0-3570-403E-9A13-DE2B8D670493} - System32\Tasks\npcapwatchdog => C:\Program Files\Npcap\CheckStatus.bat [1145 2021-03-24] () [File not signed]
Task: {37F185F9-2FD1-4D4E-8054-4C132D4B72D2} - System32\Tasks\Probudit PC 7.45 po-pá => C:\Users\admin\Desktop\wake.bat [27 2023-01-26] () [File not signed]
Task: {3F955AB3-23DE-4EA6-8BF1-EE07E7F4A253} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [674720 2023-03-01] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {59E4F7B7-CA12-45D5-8AEE-FA53C1495B62} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPPrinterLowInk => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPPrinterLowInk\HPPrinterLowInk.exe [228888 2023-01-10] (HP Inc. -> HP Inc.)
Task: {7DC82039-D972-4EC5-9A11-599D4EC20DEB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2022-04-01] (Google Inc -> Google Inc.)
Task: {9D81A578-38E0-4C84-8443-864130E177C0} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1560056 2023-02-01] (Adobe Inc. -> Adobe Inc.)
Task: {ABEB1A4F-2159-464A-A0DC-321EC2C14041} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Update Notice => C:\Program Files (x86)\HP\HP Support Framework\Resources\BingPopup\BingPopup.exe [847392 2023-01-10] (HP Inc. -> HP Inc.)
Task: {B9B449DF-4DC0-4584-B9D6-04BCB2912B1F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MpCmdRun.exe [1592184 2023-02-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D7741F2B-8B82-4685-8DFD-E74E5C1FB62B} - System32\Tasks\update_company => C:\Users\admin\Documents\www\www.admin.loc\system\BAT\update_company.bat [1176 2022-01-18] () [File not signed]
Task: {EE2C95BB-E303-4CE1-BCCC-6076C278AAD0} - System32\Tasks\nWizard_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [1554120 2022-06-13] (Nvidia Corporation -> NVIDIA Corporation)
Task: {F286E52C-56EC-42D2-9179-9B6ACEBE4801} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MpCmdRun.exe [1592184 2023-02-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F8CAB140-C37E-478B-A395-7E3C0BE36937} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2022-04-01] (Google Inc -> Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\..\Interfaces\{b9f3719c-ace1-4167-aaa2-85c5dd728a98}: [NameServer] 192.168.11.1,8.8.8.8

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\admin\AppData\Local\Microsoft\Edge\User Data\Default [2023-03-13]
Edge Notifications: Default -> hxxps://teams.microsoft.com

FireFox:
========
FF DefaultProfile: tknw74kv.default
FF ProfilePath: C:\Users\admin\AppData\Roaming\Thunderbird___nová instalace\Profiles\tknw74kv.default [not found] <==== ATTENTION
FF DefaultProfile: iQsF42px.default
FF ProfilePath: C:\Users\admin\AppData\Roaming\Thunderbird___nová instalace\Profiles\u0ntw8kz.default-release [2021-11-15]
FF ProfilePath: C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\ntpvq0ak.default-release [2023-01-20]
FF ProfilePath: C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\iQsF42px.default [2023-02-27]
FF Homepage: Mozilla\Firefox\Profiles\iQsF42px.default -> hxxp://localhost/www.admin.loc/index.php?src=b35e&refres ... document=1
FF Session Restore: Mozilla\Firefox\Profiles\iQsF42px.default -> is enabled.
FF Notifications: Mozilla\Firefox\Profiles\iQsF42px.default -> hxxps://calendar.google.com; hxxps://www.digitaltrends.com; hxxps://my.netatmo.com; hxxps://aukro.cz; hxxps://www.machineseeker.co.uk; hxxps://www.heureka.cz; hxxps://r1132100503382-eu1-3dswym.3dexperience.3ds.com; hxxps://www.machineseeker.com
FF Extension: (Avira Browser Safety) - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\iQsF42px.default\Extensions\abs@avira.com.xpi [2022-05-02]
FF Extension: (Bing Search) - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\iQsF42px.default\Extensions\bingsearch.full@microsoft.com.xpi [2016-10-23] [Legacy]
FF Extension: (Český slovník pro kontrolu pravopisu) - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\iQsF42px.default\Extensions\cs@dictionaries.addons.mozilla.org.xpi [2021-06-21]
FF Extension: (Form History Control (II)) - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\iQsF42px.default\Extensions\formhistory@yahoo.com.xpi [2019-12-30]
FF Extension: (Lazarus: Form Recovery) - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\iQsF42px.default\Extensions\lazarus@interclue.com.xpi [2016-04-28] [Legacy]
FF Extension: (Textarea Cache) - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\iQsF42px.default\Extensions\{578e7caa-210f-4967-a0d3-88fe5b59a39f}.xpi [2017-06-05] [Legacy]
FF Extension: (Manipulist 3DViewer) - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\iQsF42px.default\Extensions\{93256482-e41a-49fd-9918-7cfcfe2eec5b}.xpi [2021-03-19]
FF Extension: (Block Site) - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\iQsF42px.default\Extensions\{dd3d7613-0246-469d-bc65-2a3cc1668adc}.xpi [2021-01-14]
FF SearchPlugin: C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\iQsF42px.default\searchplugins\bing-.xml [2016-10-23]
FF Plugin: 3ds.com/ComposerPlayerWebPlugin_x86_64 -> C:\PROGRA~1\SOLIDW~1\SOLIDW~3\Bin\NPCOMP~1.DLL [2016-10-13] (DASSAULT SYSTEMES SA -> Dassault Systemes)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2023-02-14] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: 3ds.com/ComposerPlayerWebPlugin -> C:\PROGRA~1\SOLIDW~1\SOLIDW~3\Bin\x86\NPCOMP~1.DLL [2016-10-13] (DASSAULT SYSTEMES SA -> Dassault Systemes)

Chrome:
=======
CHR Profile: C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default [2023-03-13]
CHR Notifications: Default -> hxxps://calendar.google.com; hxxps://teams.microsoft.com; hxxps://www.conrad.cz; hxxps://www.facebook.com; hxxps://www.youtube.com
CHR Extension: (Adblock na Youtube™) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2023-02-17]
CHR Extension: (AdBlock Suite) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gekoepiplklhniacchbbgbhilidiojmb [2023-02-17]
CHR Extension: (Dokumenty Google offline) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-02-17]
CHR Extension: (Chrome Remote Desktop) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\inomeogfingihgjfjlpeplalcfajhgai [2022-12-15]
CHR Extension: (Spouštěč aplikací pro Disk (od Googlu)) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2023-01-12]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-12-15]
CHR HKU\S-1-5-21-567959055-877555932-3223723616-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AcrSch2Svc; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [881688 2009-10-27] (Acronis, Inc -> Acronis)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-02-01] (Adobe Inc. -> Adobe Inc.)
R2 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\111.0.5563.12\remoting_host.exe [74520 2023-02-02] (Google LLC -> Google LLC)
R2 HPAppHelperCap; C:\Program Files\HP\HP Enabling Services\AppHelperCap.exe [797640 2023-01-10] (HP Inc. -> HP Inc.)
R2 HPDiagsCap; C:\Program Files\HP\HP Enabling Services\DiagsCap.exe [796616 2023-01-10] (HP Inc. -> HP Inc.)
R2 HPNetworkCap; C:\Program Files\HP\HP Enabling Services\NetworkCap.exe [793000 2023-01-10] (HP Inc. -> HP Inc.)
R2 HPSysInfoCap; C:\Program Files\HP\HP Enabling Services\SysInfoCap.exe [796584 2023-01-10] (HP Inc. -> HP Inc.)
R2 MFLocalService; C:\Program Files (x86)\Common Files\iMyFone\Components\Resident\LocalService.exe [54664 2022-04-28] (Shenzhen iMyFone Technology Co., Ltd -> )
S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [50688 2013-11-14] (Hewlett-Packard) [File not signed]
R2 NVWMI; C:\WINDOWS\System32\DriverStore\FileRepository\nvwu.inf_amd64_422d09ccf7b0b873\NVWMI\nvWmi64.exe [4485232 2022-06-13] (Nvidia Corporation -> NVIDIA Corporation)
S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [66048 2013-11-14] (Hewlett-Packard) [File not signed]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [224184 2023-02-16] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 SolidWorks Licensing Service; C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [79360 2021-11-15] (SolidWorks) [File not signed]
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [16518456 2022-12-12] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 VSStandardCollectorService150; C:\Program Files (x86)\Microsoft Visual Studio\Shared\Common\DiagnosticsHub.Collection.Service\StandardCollector.Service.exe [142304 2022-06-01] (Microsoft Corporation -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\NisSrv.exe [3191256 2023-02-15] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MsMpEng.exe [133576 2023-02-15] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvwu.inf_amd64_422d09ccf7b0b873\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvwu.inf_amd64_422d09ccf7b0b873\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R1 googledrivefs31092; C:\WINDOWS\System32\DRIVERS\googledrivefs31092.sys [384600 2023-02-06] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
U4 googledrivefs3758; C:\WINDOWS\System32\DRIVERS\googledrivefs3758.sys [384584 2022-03-24] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
R3 MpKsld2fae354; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{2909532D-B8CA-4082-9210-4B02A521A753}\MpKslDrv.sys [214280 2023-03-13] (Microsoft Windows -> Microsoft Corporation)
R1 npcap; C:\WINDOWS\system32\DRIVERS\npcap.sys [71736 2021-08-30] (Insecure.Com LLC -> Insecure.Com LLC.)
S4 npcap_wifi; C:\WINDOWS\system32\DRIVERS\npcap.sys [71736 2021-08-30] (Insecure.Com LLC -> Insecure.Com LLC.)
R3 Ser2pl; C:\WINDOWS\system32\DRIVERS\ser2pl64.sys [92160 2008-10-27] (Microsoft Windows Hardware Compatibility Publisher -> Prolific Technology Inc.)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 t_mouse.sys; C:\WINDOWS\system32\DRIVERS\t_mouse.sys [6144 2013-04-09] (Microsoft Windows Hardware Compatibility Publisher -> )
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49576 2023-02-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [473336 2023-02-15] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [99576 2023-02-15] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-03-13 09:40 - 2023-03-13 09:44 - 000000000 ____D C:\FRST
2023-03-13 09:36 - 2023-03-13 09:36 - 000048884 _____ C:\Users\admin\Downloads\Pohyb_25948539317_na_uctu_2601751263.pdf
2023-03-13 09:29 - 2023-03-13 09:31 - 000000000 ____D C:\Program Files\CrystalDiskInfo
2023-03-13 09:29 - 2023-03-13 09:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
2023-03-09 13:31 - 2023-03-09 13:31 - 000001219 _____ C:\Users\Public\Desktop\Acronis Drive Monitor.lnk
2023-03-09 13:31 - 2023-03-09 13:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis
2023-03-09 13:31 - 2023-03-09 13:31 - 000000000 ____D C:\ProgramData\Acronis
2023-03-09 13:31 - 2023-03-09 13:31 - 000000000 ____D C:\Program Files (x86)\Acronis
2023-03-09 13:30 - 2023-03-09 13:30 - 018230809 _____ (Acronis) C:\Users\admin\Downloads\Drive_Monitor_build_187.exe
2023-03-09 10:57 - 2023-03-09 10:57 - 000007468 _____ C:\Users\admin\Downloads\fv231007780-prehled-zasilek.xlsx
2023-03-06 19:47 - 2023-03-06 19:47 - 000000000 ____D C:\Program Files\Tesseract-OCR
2023-03-06 19:31 - 2023-03-06 19:31 - 002489901 _____ C:\Users\admin\Downloads\tesseract-main.zip
2023-03-02 16:19 - 2023-03-02 16:19 - 000134506 _____ C:\Users\admin\Downloads\formular (3).pdf
2023-03-01 17:32 - 2023-03-01 17:32 - 000215103 _____ C:\Users\admin\Downloads\formular (2).pdf
2023-03-01 12:20 - 2023-03-01 12:20 - 020217856 _____ C:\Users\admin\Downloads\python-3.3.1.msi
2023-03-01 12:13 - 2023-03-01 12:13 - 025325400 _____ (Python Software Foundation) C:\Users\admin\Downloads\python-3.11.2-amd64.exe
2023-03-01 11:14 - 2023-03-01 10:37 - 012745236 ____R C:\Users\admin\Desktop\screenshots-save.exe
2023-03-01 08:12 - 2023-03-01 11:38 - 000000000 ____D C:\Users\admin\AppData\Local\pyinstaller
2023-03-01 02:39 - 2023-03-01 09:39 - 000000000 ____D C:\Program Files\Mozilla Firefox
2023-02-23 22:06 - 2023-03-09 15:37 - 000000389 _____ C:\Users\admin\Desktop\!dpd.xls
2023-02-22 08:55 - 2023-02-22 14:58 - 000000024 _____ C:\Users\admin\Desktop\POZN.txt
2023-02-20 11:00 - 2023-02-20 11:00 - 000370968 _____ C:\Users\admin\Downloads\124753576.pdf
2023-02-20 07:57 - 2023-02-20 07:57 - 000002061 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk
2023-02-16 12:39 - 2023-02-16 12:39 - 000000000 ____D C:\Users\admin\.android
2023-02-16 12:39 - 2023-02-16 12:39 - 000000000 ____D C:\iMyfone
2023-02-16 12:37 - 2023-02-16 13:17 - 000000000 ____D C:\Program Files (x86)\iMyFone
2023-02-16 12:37 - 2023-02-16 12:37 - 000000000 ____D C:\Users\admin\AppData\Local\ProductData
2023-02-16 12:37 - 2023-02-16 12:37 - 000000000 ____D C:\Program Files (x86)\imyfone_down
2023-02-16 12:20 - 2023-02-16 12:20 - 001875224 _____ C:\Users\admin\Downloads\imyfone-lockwiper-android_setup-com_android.exe
2023-02-16 08:21 - 2023-02-16 08:21 - 000000000 ___HD C:\$WinREAgent
2023-02-15 18:37 - 2023-02-15 18:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tesseract-OCR
2023-02-15 18:37 - 2023-02-15 18:37 - 000000000 ____D C:\Program Files (x86)\Tesseract-OCR
2023-02-15 17:01 - 2023-02-15 17:01 - 000857596 _____ C:\Users\admin\Desktop\2Kladka padak.SLDPRT
2023-02-15 14:59 - 2023-02-15 14:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Python 2.7
2023-02-15 14:56 - 2023-02-15 14:57 - 020598784 _____ C:\Users\admin\Downloads\python-2.7.18.amd64.msi
2023-02-15 14:40 - 2023-02-15 14:40 - 000004859 _____ C:\Users\admin\Downloads\win32printing-0.1.3.tar.gz
2023-02-15 13:49 - 2023-02-15 13:49 - 000000000 ____D C:\Users\admin\AppData\Roaming\NuGet
2023-02-15 13:46 - 2023-02-15 13:46 - 000000000 ____D C:\Users\admin\.templateengine
2023-02-13 11:34 - 2023-02-13 11:34 - 000006312 _____ C:\Users\admin\Desktop\conf 2300213.bin

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-03-13 09:43 - 2021-11-15 11:31 - 000000000 ____D C:\Users\admin\Documents\INSTALL
2023-03-13 09:34 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-03-13 09:26 - 2021-11-15 12:34 - 000000000 ____D C:\Users\admin\Documents\www
2023-03-13 09:24 - 2022-04-01 05:31 - 000000000 ____D C:\Program Files (x86)\Google
2023-03-13 09:24 - 2021-11-15 14:26 - 000000000 ____D C:\Users\admin\Documents\2.Suchomel PLASTY
2023-03-13 09:15 - 2020-11-18 23:46 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-03-13 08:53 - 2021-11-15 11:38 - 000000000 ____D C:\Users\admin\AppData\LocalLow\Mozilla
2023-03-13 08:51 - 2020-11-19 00:48 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-03-10 08:25 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-03-10 08:25 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-03-10 08:21 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2023-03-09 16:35 - 2021-11-15 11:37 - 000000000 ____D C:\Users\admin\AppData\Local\GHISLER
2023-03-09 16:08 - 2021-11-24 09:37 - 000000000 ____D C:\Users\admin\Documents\0.Nemovitost
2023-03-09 15:37 - 2021-11-15 12:31 - 000000572 _____ C:\Users\admin\Desktop\!zaslat.cz.csv
2023-03-09 14:26 - 2021-11-15 12:23 - 000000000 ____D C:\Users\admin\Desktop\!VYDANÉ_FAKTURY
2023-03-09 13:30 - 2021-11-15 11:22 - 000000000 ____D C:\Users\admin\AppData\Local\Packages
2023-03-09 08:52 - 2021-11-15 11:24 - 000000000 ___RD C:\Users\admin\OneDrive
2023-03-09 08:51 - 2021-12-13 09:30 - 000003584 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-567959055-877555932-3223723616-1001
2023-03-09 08:51 - 2021-11-20 05:42 - 000003376 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-567959055-877555932-3223723616-1001
2023-03-09 08:51 - 2021-11-20 05:39 - 000002377 _____ C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-03-08 12:50 - 2021-11-15 15:52 - 000000000 ____D C:\Users\admin\AppData\Local\TempAdresářZálohySW
2023-03-08 12:18 - 2021-11-15 12:31 - 000000328 _____ C:\Users\admin\Desktop\!podani_online.csv
2023-03-08 08:12 - 2022-04-11 09:14 - 000002382 ____H C:\Users\admin\Documents\Default.rdp
2023-03-08 08:12 - 2019-12-07 15:45 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2023-03-08 07:48 - 2022-12-15 16:32 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-03-06 09:57 - 2022-02-14 08:19 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-03-02 07:32 - 2020-11-19 00:48 - 000003640 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-03-02 07:32 - 2020-11-19 00:48 - 000003516 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-03-01 11:34 - 2023-01-29 13:49 - 000000000 ____D C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Python 3.11
2023-03-01 11:34 - 2021-11-15 17:15 - 000000000 ____D C:\Users\admin\AppData\Local\Package Cache
2023-03-01 09:39 - 2021-11-20 05:42 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2023-03-01 09:39 - 2021-11-15 11:46 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2023-02-27 16:03 - 2021-11-22 08:52 - 000000000 ____D C:\Users\admin\AppData\Local\D3DSCache
2023-02-23 11:55 - 2021-11-15 13:29 - 000000000 ____D C:\Users\admin\Documents\podpisy
2023-02-23 10:20 - 2023-02-08 08:14 - 000000000 ____D C:\Program Files\Mozilla Thunderbird
2023-02-23 10:20 - 2021-11-15 11:36 - 000001055 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Thunderbird.lnk
2023-02-23 10:20 - 2021-11-15 11:36 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2023-02-23 09:15 - 2021-12-03 10:50 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2023-02-22 20:02 - 2022-04-01 05:32 - 000002057 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk
2023-02-20 10:11 - 2020-11-19 00:55 - 001693576 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-02-20 10:11 - 2019-12-07 15:43 - 000716874 _____ C:\WINDOWS\system32\perfh005.dat
2023-02-20 10:11 - 2019-12-07 15:43 - 000145052 _____ C:\WINDOWS\system32\perfc005.dat
2023-02-20 10:11 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2023-02-20 09:56 - 2023-01-13 11:43 - 000000000 ____D C:\Program Files\TeamViewer
2023-02-20 09:56 - 2021-11-20 05:37 - 000008192 ___SH C:\DumpStack.log.tmp
2023-02-20 09:56 - 2021-11-15 11:27 - 000000000 ____D C:\ProgramData\NVIDIA
2023-02-20 09:56 - 2020-11-19 00:46 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-02-20 09:55 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2023-02-20 07:57 - 2022-10-13 23:24 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2023-02-20 07:56 - 2022-06-24 07:45 - 000002364 _____ C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk
2023-02-17 18:00 - 2021-11-20 05:39 - 000000000 ____D C:\Users\admin
2023-02-17 18:00 - 2020-11-18 23:46 - 001440352 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-02-17 17:59 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2023-02-17 17:59 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-02-17 17:59 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2023-02-17 17:59 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2023-02-17 17:59 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2023-02-17 17:59 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-02-17 17:59 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\DDFs
2023-02-17 17:59 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2023-02-17 17:59 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-02-16 08:27 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-02-16 08:25 - 2020-11-19 00:48 - 003015680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-02-16 08:21 - 2021-11-15 15:42 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-02-16 08:17 - 2021-11-15 15:42 - 149955784 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-02-15 14:59 - 2021-11-15 16:17 - 000000000 ____D C:\Python27
2023-02-15 13:49 - 2023-02-06 13:03 - 000000000 ____D C:\Users\admin\Documents\Visual Studio 2022
2023-02-15 07:45 - 2020-11-19 00:46 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd

==================== Files in the root of some directories ========

2021-11-15 11:32 - 2016-04-21 07:31 - 000234863 _____ () C:\Program Files\hotkeyp.zip
2022-09-30 12:57 - 2022-09-30 12:57 - 000001425 _____ () C:\Users\admin\AppData\Local\recently-used.xbel
2022-01-07 14:21 - 2022-01-07 14:21 - 000000000 _____ () C:\Users\admin\AppData\Local\Temptable.xml

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-03-2023
Ran by admin (13-03-2023 09:45:45)
Running from C:\Users\admin\Documents\INSTALL
Microsoft Windows 10 Pro Version 21H2 19044.2604 (X64) (2021-11-20 04:42:20)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

admin (S-1-5-21-567959055-877555932-3223723616-1001 - Administrator - Enabled) => C:\Users\admin
Administrator (S-1-5-21-567959055-877555932-3223723616-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-567959055-877555932-3223723616-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-567959055-877555932-3223723616-1000 - Limited - Disabled) => C:\Users\defaultuser0
Guest (S-1-5-21-567959055-877555932-3223723616-501 - Limited - Disabled)
printman (S-1-5-21-567959055-877555932-3223723616-1002 - Limited - Enabled)
WDAGUtilityAccount (S-1-5-21-567959055-877555932-3223723616-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (HKLM\...\{F8F948EA-5AEA-4158-8821-A2F788ECE936}) (Version: 16.2.1 - Hewlett-Packard) Hidden
Acronis Drive Monitor (HKLM-x32\...\{706AE61D-40A4-4F50-8359-FE8F6F7FA461}) (Version: 1.0.187 - Acronis)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1029-1033-7760-BC15014EA700}) (Version: 22.003.20322 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601042}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Application Verifier x64 External Package (HKLM\...\{2CBA883F-51A6-3D7D-DBB9-0527D39433CB}) (Version: 10.1.22000.832 - Microsoft) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Canon LBP2900 (HKLM\...\Canon LBP2900) (Version: - )
ClickOnce Bootstrapper Package for Microsoft .NET Framework (HKLM-x32\...\{22E13608-4DB0-4977-A267-3AAFA09CD54A}) (Version: 4.8.09037 - Microsoft Corporation) Hidden
CrystalDiskInfo 8.17.12 (HKLM\...\CrystalDiskInfo_is1) (Version: 8.17.12 - Crystal Dew World)
DiagnosticsHub_CollectionService (HKLM\...\{FECAFEB5-8D0E-4AE4-8FA0-745BAA835C35}) (Version: 17.3.32601 - Microsoft Corporation) Hidden
Dynamic Application Loader Host Interface Service (HKLM\...\{E3AB2E94-D548-48A7-9F0E-A44D82ED1D7A}) (Version: 1.0.0.0 - Intel Corporation) Hidden
eDrawings (HKLM\...\{99FC8D5C-67F0-4087-9BDF-FA5CC6702AEF}) (Version: 30.40.0011 - Společnost Dassault Systemes SolidWorks Corp)
Entity Framework 6.2.0 Tools for Visual Studio 2022 (HKLM-x32\...\{6D5C07E3-6A4D-4126-A7A7-8B6EFFE16E51}) (Version: 6.2.0.0 - Microsoft Corporation) Hidden
FreeCAD 0.20.0 (HKLM\...\FreeCAD0200) (Version: 0.20.0 - FreeCAD Team)
Google Drive (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 71.0.3.0 - Google LLC)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 110.0.5481.180 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.31.5 - Google Inc.) Hidden
HSMWorks x64 2016 R2.40513 (HKLM\...\{07404224-03A7-4ffc-9AFB-EC32BD898C55}_is1) (Version: 2016 R2.40513 - Autodesk, Inc.)
Chrome Remote Desktop Host (HKLM-x32\...\{947DBF18-E228-4F2D-9D2A-6FCA4B5AAE3C}) (Version: 111.0.5563.12 - Google LLC)
icecap_collection_neutral (HKLM-x32\...\{90819A24-C7DD-4956-8CBE-AE50B43D020D}) (Version: 17.4.33006 - Microsoft Corporation) Hidden
icecap_collection_x64 (HKLM\...\{7D6A7B92-A26B-4DC6-A51F-0D741C9BC70F}) (Version: 17.4.33006 - Microsoft Corporation) Hidden
icecap_collectionresources (HKLM-x32\...\{278641ED-D56B-43E0-AEDC-FFC14B038C74}) (Version: 17.4.33006 - Microsoft Corporation) Hidden
icecap_collectionresourcesx64 (HKLM-x32\...\{D8998F76-2D74-42E3-BCA4-D8D0F5D369CF}) (Version: 17.4.33006 - Microsoft Corporation) Hidden
Inkscape (HKLM-x32\...\Inkscape) (Version: 1.2.1- - Inkscape)
Intel(R) Chipset Device Software (HKLM\...\{66F00951-0E74-43E7-9182-084A681734D0}) (Version: 10.1.18228.8176 - Intel Corporation) Hidden
Intel(R) Icls (HKLM\...\{57640D80-A187-4A4F-BB91-7F2EF7AB5FE9}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) LMS (HKLM\...\{62609178-ECD7-473C-9D1F-9E0CF6927E45}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 2242.3.34.0 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{939DFEE4-2675-4B42-904B-B213B857E347}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{E4697D8A-D9C0-4BCE-AC7F-5A56DD250529}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Driver (HKLM\...\{EC8B054F-9D60-4AFC-9920-25ABFF987B29}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) ME WMI Provider (HKLM\...\{3C66C597-3BAA-403D-9BCD-561ED78B0F1B}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) SOL LMS Extension (HKLM\...\{D36619E0-ADBA-41C6-A5AC-222FCFBF762B}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel® Chipset Device Software (HKLM-x32\...\{c4a581e8-a702-448c-80c7-4b6192985db2}) (Version: 10.1.18228.8176 - Intel(R) Corporation)
IntelliTraceProfilerProxy (HKLM\...\{F8B9E8C8-61E8-4E9E-879D-F3F498AD0230}) (Version: 15.0.21225.01 - Microsoft Corporation) Hidden
IntelliTraceProfilerProxy (HKLM-x32\...\{C8891AD2-C223-45CD-A9BE-617A68923B61}) (Version: 15.0.21225.01 - Microsoft Corporation) Hidden
IrfanView 64 (remove only) (HKLM\...\IrfanView64) (Version: 4.42 - Irfan Skiljan)
Kits Configuration Installer (HKLM-x32\...\{CF83D17D-FB70-21A1-36E4-37EE7EC1B587}) (Version: 10.1.22000.832 - Microsoft) Hidden
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
LibreOffice 7.1.7.2 (HKLM\...\{9ED995EA-19B1-40AE-886A-339A3BECA977}) (Version: 7.1.7.2 - The Document Foundation)
Microsoft .NET 6.0 Templates 7.0.102 (x64) (HKLM\...\{48C24F32-A313-4B3C-B2C0-692D05461628}) (Version: 24.7.49407 - Microsoft Corporation) Hidden
Microsoft .NET 7.0 Templates 7.0.102 (x64) (HKLM\...\{406BB598-E5A9-454A-8719-82644CB09B03}) (Version: 28.5.33023 - Microsoft Corporation) Hidden
Microsoft .NET AppHost Pack - 6.0.13 (x64) (HKLM\...\{F612BCA2-6E26-4F93-834B-8877939C0293}) (Version: 48.55.52137 - Microsoft Corporation) Hidden
Microsoft .NET AppHost Pack - 6.0.13 (x64_arm) (HKLM\...\{93A17F63-9B12-48F6-86BD-84535F2955FA}) (Version: 48.55.52137 - Microsoft Corporation) Hidden
Microsoft .NET AppHost Pack - 6.0.13 (x64_arm64) (HKLM\...\{CC2A595B-74D2-45E6-8B53-45F20215850D}) (Version: 48.55.52137 - Microsoft Corporation) Hidden
Microsoft .NET AppHost Pack - 6.0.13 (x64_x86) (HKLM\...\{F285BA87-F560-4587-8C08-7BF5A4A68762}) (Version: 48.55.52137 - Microsoft Corporation) Hidden
Microsoft .NET AppHost Pack - 7.0.2 (x64) (HKLM\...\{D7A77FBE-E0E7-47D7-86B4-51CB65B502C0}) (Version: 56.11.53349 - Microsoft Corporation) Hidden
Microsoft .NET AppHost Pack - 7.0.2 (x64_arm) (HKLM\...\{A4CCC742-818F-4C8C-8B56-631F6F76C7C6}) (Version: 56.11.53349 - Microsoft Corporation) Hidden
Microsoft .NET AppHost Pack - 7.0.2 (x64_arm64) (HKLM\...\{BEB46B9B-6D72-46E5-968C-CDED3C01896B}) (Version: 56.11.53349 - Microsoft Corporation) Hidden
Microsoft .NET AppHost Pack - 7.0.2 (x64_x86) (HKLM\...\{8C89D103-57BE-4509-9752-B1CD9F12D0B9}) (Version: 56.11.53349 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.7.2 Targeting Pack (čeština) (HKLM-x32\...\{3DC65636-1EBB-41E9-836B-10174949883C}) (Version: 4.7.03062 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.7.2 Targeting Pack (HKLM-x32\...\{1784A8CD-F7FE-47E2-A87D-1F31E7242D0D}) (Version: 4.7.03062 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.8 SDK (čeština) (HKLM-x32\...\{84224644-1FA0-496E-8941-B1553C004E7A}) (Version: 4.8.03761 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.8 SDK (HKLM-x32\...\{949C0535-171C-480F-9CF4-D25C9E60FE88}) (Version: 4.8.03928 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.8 Targeting Pack (čeština) (HKLM-x32\...\{33D8579D-AE2C-45ED-9D16-08451BCC9B45}) (Version: 4.8.03761 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.8 Targeting Pack (HKLM-x32\...\{BAAF5851-0759-422D-A1E9-90061B597188}) (Version: 4.8.03761 - Microsoft Corporation) Hidden
Microsoft .NET Framework Cumulative Intellisense Pack for Visual Studio (čeština) (HKLM-x32\...\{EABEB841-5C97-4CE3-A4CF-64F5978D13B2}) (Version: 4.8.09037 - Microsoft Corporation) Hidden
Microsoft .NET Host - 7.0.2 (x64) (HKLM\...\{F0719345-342D-4A57-8EE4-30BF4FA3FBE9}) (Version: 56.11.53349 - Microsoft Corporation) Hidden
Microsoft .NET Host - 7.0.2 (x86) (HKLM-x32\...\{BDC8107C-65E1-41C2-BE5E-8E27D70AB3B4}) (Version: 56.11.53349 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 7.0.2 (x64) (HKLM\...\{BE394B10-AD5D-4503-9AA9-E79F953B30E3}) (Version: 56.11.53349 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 7.0.2 (x86) (HKLM-x32\...\{4FFCA92E-5974-473C-9239-516D02E11AEA}) (Version: 56.11.53349 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.13 (x64) (HKLM\...\{5F0DB006-2AE3-4D36-8077-65247FD687D4}) (Version: 48.55.52137 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.13 (x86) (HKLM-x32\...\{87EA745D-32DA-4DCA-9ED4-BF4BA6232E1E}) (Version: 48.55.52137 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 7.0.2 (x64) (HKLM\...\{AE2D80C7-F19D-463F-B48F-3F343806721C}) (Version: 56.11.53349 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 7.0.2 (x86) (HKLM-x32\...\{4B87C1C9-F1F5-4308-BE65-E23B51BACC60}) (Version: 56.11.53349 - Microsoft Corporation) Hidden
Microsoft .NET SDK 7.0.102 (x64) from Visual Studio (HKLM\...\{B3A63F4D-11C4-46FF-94C1-695633384F54}) (Version: 7.1.222.60703 - Microsoft Corporation)
Microsoft .NET Standard Targeting Pack - 2.1.0 (x64) (HKLM\...\{A7036CFB-B403-4598-85FF-D397ABB88173}) (Version: 24.0.28113 - Microsoft Corporation) Hidden
Microsoft .NET Targeting Pack - 6.0.13 (x64) (HKLM\...\{62E8F7DA-76C4-46BC-AB40-581C42EC5AFA}) (Version: 48.55.52137 - Microsoft Corporation) Hidden
Microsoft .NET Targeting Pack - 6.0.13 (x86) (HKLM-x32\...\{22AC2DC4-99C8-469F-837B-03AE342E3827}) (Version: 48.55.52137 - Microsoft Corporation) Hidden
Microsoft .NET Targeting Pack - 7.0.2 (x64) (HKLM\...\{C0E951A8-6B2D-45CB-869D-EC4BC950D1E7}) (Version: 56.11.53349 - Microsoft Corporation) Hidden
Microsoft .NET Targeting Pack - 7.0.2 (x86) (HKLM-x32\...\{6FE1E993-8813-44E5-945A-612BB76A99FA}) (Version: 56.11.53349 - Microsoft Corporation) Hidden
Microsoft .NET Toolset 7.0.102 (x64) (HKLM\...\{CD3AD81A-A806-473F-BB60-A402AFAD8D84}) (Version: 28.5.33023 - Microsoft Corporation) Hidden
Microsoft ASP.NET Core 6.0.13 Shared Framework (x64) (HKLM\...\{A6500837-F3BE-357E-9A21-6A78D098659F}) (Version: 6.0.13.22580 - Microsoft Corporation) Hidden
Microsoft ASP.NET Core 6.0.13 Shared Framework (x86) (HKLM-x32\...\{43E10FF2-0E80-3E13-8AD8-302355855BB3}) (Version: 6.0.13.22580 - Microsoft Corporation) Hidden
Microsoft ASP.NET Core 6.0.13 Targeting Pack (x64) (HKLM\...\{BED7E006-DA64-3E61-8836-A231C2F7DD81}) (Version: 6.0.13.22580 - Microsoft Corporation) Hidden
Microsoft ASP.NET Core 6.0.13 Targeting Pack (x86) (HKLM-x32\...\{A58EBFF5-0BF1-3F07-889B-31B20843BA1C}) (Version: 6.0.13.22580 - Microsoft Corporation) Hidden
Microsoft ASP.NET Core 7.0.2 Shared Framework (x64) (HKLM\...\{210A496F-E6CA-39C1-8FA4-1004059ED4E3}) (Version: 7.0.2.22606 - Microsoft Corporation) Hidden
Microsoft ASP.NET Core 7.0.2 Shared Framework (x86) (HKLM-x32\...\{4EDC2B14-E02A-37B9-810B-336C3DDA6424}) (Version: 7.0.2.22606 - Microsoft Corporation) Hidden
Microsoft ASP.NET Core 7.0.2 Targeting Pack (x64) (HKLM\...\{0C082AC1-36AD-3E86-B72D-16EF3A4D907F}) (Version: 7.0.2.22606 - Microsoft Corporation) Hidden
Microsoft ASP.NET Core 7.0.2 Targeting Pack (x86) (HKLM-x32\...\{85CECCAF-91AA-3D0E-8AA5-B68904EEBB85}) (Version: 7.0.2.22606 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 110.0.1587.69 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 110.0.1587.69 - Microsoft Corporation)
Microsoft Office 2003 Web Components (HKLM-x32\...\{90120000-00A4-0409-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-567959055-877555932-3223723616-1001\...\OneDriveSetup.exe) (Version: 23.038.0219.0001 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2019 (HKLM\...\{5BC7E9EB-13E8-45DB-8A60-F2481FEB4595}) (Version: 15.0.2000.5 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-567959055-877555932-3223723616-1001\...\Teams) (Version: 1.6.00.1381 - Microsoft Corporation)
Microsoft TestPlatform SDK Local Feed (HKLM-x32\...\{839C2D45-DDF6-432C-A6A2-C6AF2EF281BF}) (Version: 17.0.0.5175695 - Microsoft) Hidden
Microsoft Update Health Tools (HKLM\...\{89581302-705F-42C5-99B0-E368A845DAD5}) (Version: 3.70.0.0 - Microsoft Corporation)
Microsoft Visual Basic for Applications 7.1 (x64) (HKLM\...\{90120064-0070-0000-0000-4000000FF1CE}) (Version: 7.1.00.00 - Microsoft Corporation) Hidden
Microsoft Visual Basic for Applications 7.1 (x64) English (HKLM\...\{90F60409-7000-11D3-8CFE-0150048383C9}) (Version: 7.1.0.0 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.34.31931 (HKLM-x32\...\{d4cecf3b-b68f-4995-8840-52ea0fab646e}) (Version: 14.34.31931.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.34.31931 (HKLM-x32\...\{6ba9fb5e-8366-4cc4-bf65-25fe9819b2fc}) (Version: 14.34.31931.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.34.31931 (HKLM\...\{EAE242B1-0A26-485A-BFEB-0292EE9F03CB}) (Version: 14.34.31931 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Debug Runtime - 14.34.31931 (HKLM\...\{28E7B326-6E09-4960-88C1-AF305A11665C}) (Version: 14.34.31931 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.34.31931 (HKLM\...\{CF4C347D-954E-4543-88D2-EC17F07F466F}) (Version: 14.34.31931 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.34.31931 (HKLM-x32\...\{C2662EFF-06E6-4FD1-9D6D-FDCA91025757}) (Version: 14.34.31931 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Debug Runtime - 14.34.31931 (HKLM-x32\...\{26D20F81-7672-441B-9092-88E0D2409992}) (Version: 14.34.31931 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.34.31931 (HKLM-x32\...\{AB1BDF73-7393-42CE-812D-9A90918814D5}) (Version: 14.34.31931 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU (HKLM\...\Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU) (Version: - Microsoft Corporation)
Microsoft Visual Studio Installer (HKLM\...\{6F320B93-EE3C-4826-85E0-ADF79F8D4C61}) (Version: 3.4.2246.31370 - Microsoft Corporation)
Microsoft Visual Studio Setup Configuration (HKLM-x32\...\{B1CFE19E-298A-4D14-BACD-CAA36AC4895B}) (Version: 3.4.1128.26111 - Microsoft Corporation) Hidden
Microsoft Visual Studio Setup WMI Provider (HKLM-x32\...\{85516DED-4402-44CD-9D01-1D1F3D0C0178}) (Version: 3.4.1128.26111 - Microsoft Corporation) Hidden
Microsoft Web Deploy 4.0 (HKLM\...\{0C85743B-48E7-4948-96D6-C3BB90246418}) (Version: 10.0.5923 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 6.0.13 (x64) (HKLM\...\{8484730A-68A4-4C63-93B4-52628D3B488D}) (Version: 48.55.53270 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.13 (x86) (HKLM-x32\...\{ACFA81A9-FD2F-4731-BE64-9163E3E9FF58}) (Version: 48.55.53270 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 7.0.2 (x64) (HKLM\...\{B7177578-AF27-44BF-A0B1-8B9D6AF7ECC3}) (Version: 56.11.53361 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 7.0.2 (x86) (HKLM-x32\...\{B5CB1A18-CEB8-464B-B83C-556D1DDBF3B5}) (Version: 56.11.53361 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Targeting Pack - 6.0.13 (x64) (HKLM\...\{F3E2081B-744C-4023-A61E-EEAB556A2A33}) (Version: 48.55.53270 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Targeting Pack - 6.0.13 (x86) (HKLM-x32\...\{D73590E4-7314-4E3D-B2CB-B308B256D8AF}) (Version: 48.55.53270 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Targeting Pack - 7.0.2 (x64) (HKLM\...\{2505676D-0245-4775-B7BE-F4C1DDC902D8}) (Version: 56.11.53361 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Targeting Pack - 7.0.2 (x86) (HKLM-x32\...\{C6DF1343-B58A-44E4-B3FB-4C05649A7B59}) (Version: 56.11.53361 - Microsoft Corporation) Hidden
Microsoft.NET.Sdk.Android.Manifest-7.0.100 (x64) (HKLM\...\{FE768F65-89B5-40E5-9CE5-25D002197AE7}) (Version: 33.0.4 - Microsoft Corporation) Hidden
Microsoft.NET.Sdk.iOS.Manifest-7.0.100 (x64) (HKLM\...\{4491220D-21E8-4C34-84FC-F2659E08BF7E}) (Version: 16.1.17 - Microsoft Corporation) Hidden
Microsoft.NET.Sdk.MacCatalyst.Manifest-7.0.100 (x64) (HKLM\...\{C20CF802-93E3-4BF8-B2F0-8D0B9C826C00}) (Version: 16.1.17 - Microsoft Corporation) Hidden
Microsoft.NET.Sdk.macOS.Manifest-7.0.100 (x64) (HKLM\...\{1E665F2B-6760-42E4-8E97-02B10B97FBA2}) (Version: 13.0.17 - Microsoft Corporation) Hidden
Microsoft.NET.Sdk.Maui.Manifest-7.0.100 (x64) (HKLM\...\{B0FBA6B7-B985-4D20-AC10-7E16D4D8C9CB}) (Version: 7.0.52 - Microsoft Corporation) Hidden
Microsoft.NET.Sdk.tvOS.Manifest-7.0.100 (x64) (HKLM\...\{D98B986D-3D40-4E37-A584-F82381A3E74B}) (Version: 16.1.17 - Microsoft Corporation) Hidden
Microsoft.NET.Workload.Emscripten.net6.Manifest (x64) (HKLM\...\{754E7936-D264-406F-A76D-1C4E0102AE39}) (Version: 56.31.52114 - Microsoft Corporation) Hidden
Microsoft.NET.Workload.Emscripten.net7.Manifest (x64) (HKLM\...\{F99D901B-F288-4D79-ACAA-E31BE48D789D}) (Version: 56.31.52114 - Microsoft Corporation) Hidden
Microsoft.NET.Workload.Mono.Toolchain.net6.Manifest (x64) (HKLM\...\{8A4F7CD9-8D41-414C-8F68-6A3D291C16A4}) (Version: 56.3.53349 - Microsoft Corporation) Hidden
Microsoft.NET.Workload.Mono.Toolchain.net7.Manifest (x64) (HKLM\...\{A0F31B66-D366-4C0E-86B1-511DE274FE2D}) (Version: 56.3.53349 - Microsoft Corporation) Hidden
MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version: - Pavel Cvrcek)
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 110.0.1 (x64 cs)) (Version: 110.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 94.0.1 - Mozilla)
Mozilla Thunderbird (x64 cs) (HKLM\...\Mozilla Thunderbird 102.8.0 (x64 cs)) (Version: 102.8.0 - Mozilla)
MSI Development Tools (HKLM-x32\...\{95A498A9-5E6E-5779-1523-876224F41F94}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Npcap (HKLM-x32\...\NpcapInst) (Version: 1.55 - Nmap Project)
NVIDIA Ovladač HD audia 1.3.39.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.39.3 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 516.40 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 516.40 - NVIDIA Corporation)
NVIDIA RTX Desktop Manager 202.85 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView) (Version: 202.85 - NVIDIA Corporation)
PrimoPDF -- brought to you by Nitro PDF Software (HKLM-x32\...\PrimoPDF) (Version: 5 - Nitro PDF Software)
PSPad editor (HKLM-x32\...\PSPad editor_is1) (Version: 4.6.1.2730 - Jan Fiala)
PuTTY release 0.71 (64-bit) (HKLM\...\{B27534DB-4F72-4F49-A3AD-5EC1B6901E5E}) (Version: 0.71.0.0 - Simon Tatham)
Python 2.7.18 (64-bit) (HKLM\...\{A5F504DF-2ED9-4A2D-A2F3-9D2750DD42D6}) (Version: 2.7.18150 - Python Software Foundation)
Python 3.10.0 (64-bit) (HKU\S-1-5-21-567959055-877555932-3223723616-1001\...\{21b42743-c8f9-49d7-b8b6-b5855317c7ed}) (Version: 3.10.150.0 - Python Software Foundation)
Python 3.10.0 Core Interpreter (64-bit) (HKLM\...\{B137EFE9-BD8A-4138-AC7F-360461C4EEAF}) (Version: 3.10.150.0 - Python Software Foundation) Hidden
Python 3.10.0 Development Libraries (64-bit) (HKLM\...\{A8E320AF-B8C7-493C-97D8-6328C1CE721B}) (Version: 3.10.150.0 - Python Software Foundation) Hidden
Python 3.10.0 Documentation (64-bit) (HKLM\...\{23A78F0F-0B41-497A-BB67-7E9AC3C20351}) (Version: 3.10.150.0 - Python Software Foundation) Hidden
Python 3.10.0 Executables (64-bit) (HKLM\...\{D623791F-7EBA-4794-BF56-79D4CFC6BE65}) (Version: 3.10.150.0 - Python Software Foundation) Hidden
Python 3.10.0 pip Bootstrap (64-bit) (HKLM\...\{D545AFB9-E0E8-4B43-897A-0EB97ED46859}) (Version: 3.10.150.0 - Python Software Foundation) Hidden
Python 3.10.0 Standard Library (64-bit) (HKLM\...\{BB3BA776-4C84-43FB-9CE6-5A37FFC23032}) (Version: 3.10.150.0 - Python Software Foundation) Hidden
Python 3.10.0 Tcl/Tk Support (64-bit) (HKLM\...\{AE37C7FB-835D-4E31-851E-801D5C659A3E}) (Version: 3.10.150.0 - Python Software Foundation) Hidden
Python 3.10.0 Test Suite (64-bit) (HKLM\...\{6B61C3C6-43DE-4D58-BDC4-76170C7C7C32}) (Version: 3.10.150.0 - Python Software Foundation) Hidden
Python 3.10.0 Utility Scripts (64-bit) (HKLM\...\{578C5B87-CBE0-4720-90C0-46A917C4FE5C}) (Version: 3.10.150.0 - Python Software Foundation) Hidden
Python 3.11.0 (32-bit) (HKU\S-1-5-21-567959055-877555932-3223723616-1001\...\{8bb2e8e4-a699-403d-be05-4e00aa0632fd}) (Version: 3.11.150.0 - Python Software Foundation)
Python 3.11.0 Core Interpreter (32-bit) (HKLM-x32\...\{71EC41D8-507E-40C8-AF95-53FE5BA4ED34}) (Version: 3.11.150.0 - Python Software Foundation) Hidden
Python 3.11.0 Development Libraries (32-bit) (HKLM-x32\...\{DDE3E99C-F86A-436D-91F9-304F3C00370C}) (Version: 3.11.150.0 - Python Software Foundation) Hidden
Python 3.11.0 Documentation (32-bit) (HKLM-x32\...\{5E6FBC90-4180-491B-8DF3-387E9C505621}) (Version: 3.11.150.0 - Python Software Foundation) Hidden
Python 3.11.0 Executables (32-bit) (HKLM-x32\...\{869D67C8-AE2E-43F3-96C2-85927E4A7380}) (Version: 3.11.150.0 - Python Software Foundation) Hidden
Python 3.11.0 pip Bootstrap (32-bit) (HKLM-x32\...\{D070AAAA-0D89-4DCA-901A-BC79F5E2276F}) (Version: 3.11.150.0 - Python Software Foundation) Hidden
Python 3.11.0 Standard Library (32-bit) (HKLM-x32\...\{7565E13F-F118-44FD-B7E9-6E673A6B3A9D}) (Version: 3.11.150.0 - Python Software Foundation) Hidden
Python 3.11.0 Tcl/Tk Support (32-bit) (HKLM-x32\...\{0D26C541-D790-4E31-9B16-0C65969AA44C}) (Version: 3.11.150.0 - Python Software Foundation) Hidden
Python 3.11.0 Test Suite (32-bit) (HKLM-x32\...\{2652ADDA-74F2-4C40-BC75-E049A19BEE3F}) (Version: 3.11.150.0 - Python Software Foundation) Hidden
Python 3.11.0 Utility Scripts (32-bit) (HKLM-x32\...\{EFE290C7-EDE6-4C22-A11F-71D3E45C3305}) (Version: 3.11.150.0 - Python Software Foundation) Hidden
Python 3.11.1 (64-bit) (HKU\S-1-5-21-567959055-877555932-3223723616-1001\...\{fca95908-8c70-405d-9e72-cd746e2f7786}) (Version: 3.11.1150.0 - Python Software Foundation)
Python 3.11.1 Core Interpreter (64-bit) (HKLM\...\{5D1EFF51-4740-4E62-8E49-11C13DEC34C3}) (Version: 3.11.1150.0 - Python Software Foundation) Hidden
Python 3.11.1 Development Libraries (64-bit) (HKLM\...\{988799D6-A7CE-4F51-89AF-1E4A64FA7ECA}) (Version: 3.11.1150.0 - Python Software Foundation) Hidden
Python 3.11.1 Documentation (64-bit) (HKLM\...\{5EB7FFE8-5B05-4DD3-9DE0-D0F20D93FA6C}) (Version: 3.11.1150.0 - Python Software Foundation) Hidden
Python 3.11.1 Executables (64-bit) (HKLM\...\{A7DE96A8-2F75-44B2-B46E-5D50DE5B1B80}) (Version: 3.11.1150.0 - Python Software Foundation) Hidden
Python 3.11.1 pip Bootstrap (64-bit) (HKLM\...\{C5FAF3D9-A03D-4F6A-AAC9-87735DDA5DCF}) (Version: 3.11.1150.0 - Python Software Foundation) Hidden
Python 3.11.1 Standard Library (64-bit) (HKLM\...\{21EEFB31-6A96-4CAE-9A3B-B7FD6374C155}) (Version: 3.11.1150.0 - Python Software Foundation) Hidden
Python 3.11.1 Tcl/Tk Support (64-bit) (HKLM\...\{66CA643F-68B2-4063-8F87-34D48A2C49ED}) (Version: 3.11.1150.0 - Python Software Foundation) Hidden
Python 3.11.1 Test Suite (64-bit) (HKLM\...\{EFFC2C23-AEE2-4867-998C-5F5A902496C0}) (Version: 3.11.1150.0 - Python Software Foundation) Hidden
Python 3.11.1 Utility Scripts (64-bit) (HKLM\...\{E63D4F21-1B1F-43DC-9347-4FB51A71704C}) (Version: 3.11.1150.0 - Python Software Foundation) Hidden
Python 3.9.7 (64-bit) (HKU\S-1-5-21-567959055-877555932-3223723616-1001\...\{0f0bf1a5-3ec1-459b-ab7c-916db941f50d}) (Version: 3.9.7150.0 - Python Software Foundation)
Python 3.9.7 Core Interpreter (64-bit symbols) (HKLM\...\{19CCBF82-F32C-4F9B-A25A-C18CA0229930}) (Version: 3.9.7150.0 - Python Software Foundation) Hidden
Python 3.9.7 Core Interpreter (64-bit) (HKLM\...\{88D4EF59-607D-43AD-B7C7-F5A753740FD1}) (Version: 3.9.7150.0 - Python Software Foundation) Hidden
Python 3.9.7 Development Libraries (64-bit) (HKLM\...\{97496FC6-5044-4A2A-BACD-40A44F38D483}) (Version: 3.9.7150.0 - Python Software Foundation) Hidden
Python 3.9.7 Documentation (64-bit) (HKLM\...\{AA408E09-EBB3-470F-8D63-5AA0C46C2DA2}) (Version: 3.9.7150.0 - Python Software Foundation) Hidden
Python 3.9.7 Executables (64-bit symbols) (HKLM\...\{FA525B0C-1DC4-4733-895E-FC0BB30229C9}) (Version: 3.9.7150.0 - Python Software Foundation) Hidden
Python 3.9.7 Executables (64-bit) (HKLM\...\{870EC220-FEAE-481D-8B29-B4B0DF5402FA}) (Version: 3.9.7150.0 - Python Software Foundation) Hidden
Python 3.9.7 pip Bootstrap (64-bit) (HKLM\...\{F1280AA2-AAC3-41AB-9616-CCF00814E626}) (Version: 3.9.7150.0 - Python Software Foundation) Hidden
Python 3.9.7 Standard Library (64-bit symbols) (HKLM\...\{AB1F1505-63F0-4E88-874D-55448A1020C4}) (Version: 3.9.7150.0 - Python Software Foundation) Hidden
Python 3.9.7 Standard Library (64-bit) (HKLM\...\{05903EEF-72A2-4C1A-AD35-41AD6C7094A8}) (Version: 3.9.7150.0 - Python Software Foundation) Hidden
Python 3.9.7 Tcl/Tk Support (64-bit symbols) (HKLM\...\{F9100C91-CF07-4FAE-A017-7E6A57FAF41D}) (Version: 3.9.7150.0 - Python Software Foundation) Hidden
Python 3.9.7 Tcl/Tk Support (64-bit) (HKLM\...\{6E8EAD3C-6F0C-494C-9C12-E10C5B5EE7EA}) (Version: 3.9.7150.0 - Python Software Foundation) Hidden
Python 3.9.7 Test Suite (64-bit symbols) (HKLM\...\{EA4833F1-B32B-4D49-81C8-E28B67E87590}) (Version: 3.9.7150.0 - Python Software Foundation) Hidden
Python 3.9.7 Test Suite (64-bit) (HKLM\...\{67D79D6E-8497-4EE6-850B-834D3A27553F}) (Version: 3.9.7150.0 - Python Software Foundation) Hidden
Python 3.9.7 Utility Scripts (64-bit) (HKLM\...\{4110826A-903C-410C-9785-7848A51B9CC9}) (Version: 3.9.7150.0 - Python Software Foundation) Hidden
Python Launcher (HKLM-x32\...\{8A19B72D-62A8-4198-BEBD-CAEF117194C8}) (Version: 3.11.8009.0 - Python Software Foundation)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8644 - Realtek Semiconductor Corp.)
SDK ARM Additions (HKLM-x32\...\{BD786819-AA80-7B18-125D-AA03AAF2759B}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
SDK ARM Redistributables (HKLM-x32\...\{4349F57C-0C9C-C16B-9A40-E7B406C451E2}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
SOLIDWORKS 2016 x64 Czech Resources (HKLM\...\{BD37B53B-592C-41B4-BECA-D156E3D0B058}) (Version: 24.150.58 - Dassault Systemes SolidWorks Corp) Hidden
SOLIDWORKS 2016 x64 Edition SP05 (HKLM\...\{768F3B65-1695-47B7-9002-B11400CB111D}) (Version: 24.150.58 - Dassault Systemes SolidWorks Corp) Hidden
SOLIDWORKS 2016 x64 Edition SP05 (HKLM-x32\...\SolidWorks Installation Manager 20160-40500-1100-100) (Version: 24.5.0.58 - SolidWorks Corporation)
SOLIDWORKS Composer Player 2016 SP05 x64 Edition (HKLM\...\{8537E059-C18B-4DE6-AED6-CD9B90240C35}) (Version: 24.50.58 - Dassault Systemes SolidWorks Corp) Hidden
SOLIDWORKS eDrawings 2016 x64 Edition SP05 (HKLM\...\{12339098-76B6-47CD-B52A-52E4809108F6}) (Version: 16.5.0084 - Společnost Dassault Systemes SolidWorks Corp) Hidden
SOLIDWORKS Explorer 2016 SP05 x64 Edition (HKLM\...\{41E08694-1890-4B39-9D1C-B9D27A1D67B3}) (Version: 24.50.58 - Společnost Dassault Systemes SolidWorks Corp) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.19.63 - Synaptics Incorporated)
TeamViewer (HKLM\...\TeamViewer) (Version: 15.37.3 - TeamViewer)
Tesseract-OCR - open source OCR engine (HKLM\...\Tesseract-OCR) (Version: 5.3.0.20221222 - Tesseract-OCR community)
Tesseract-OCR - open source OCR engine (HKLM-x32\...\Tesseract-OCR) (Version: 5.3.0.20221222 - Tesseract-OCR community)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 10.00 - Ghisler Software GmbH)
UltraVnc (HKLM\...\Ultravnc2_is1) (Version: 1.3.8.1 - uvnc bvba)
Universal CRT Extension SDK (HKLM-x32\...\{90AAE845-42CE-EC12-4041-8ADF7BE765E7}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (HKLM-x32\...\{98D5C5AA-993C-1371-C7AF-8F8A0E8CAF86}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Universal CRT Redistributable (HKLM-x32\...\{0460C87B-7F4C-3170-FAC9-B7A6AE5CE4E9}) (Version: 10.0.26624 - Microsoft Corporation) Hidden
Universal CRT Redistributable (HKLM-x32\...\{8EC1DC78-0A65-B6AC-664D-DFB3AC8E9736}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Universal CRT Tools x64 (HKLM\...\{82F9F289-6088-8F39-1918-A45315FEF99A}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Universal CRT Tools x86 (HKLM-x32\...\{A829BD53-4BE5-23F2-C4A8-026CB5D47ECF}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Universal General MIDI DLS Extension SDK (HKLM-x32\...\{D62BC488-4C4A-BF17-A0CE-21B4BF8F9B30}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{8F2D6CEB-BC98-4B69-A5C1-78BED238FE77}) (Version: 2.71.0.0 - Microsoft Corporation) Hidden
Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{0746492E-47B6-4251-940C-44462DFD74BB}) (Version: 2.55.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{76A22428-2400-4521-96AF-7AC4A6174CA5}) (Version: 1.25.0.0 - Microsoft Corporation) Hidden
vcpp_crt.redist.clickonce (HKLM-x32\...\{CFF203A1-51CB-42FE-9997-B6B01371AF30}) (Version: 14.34.31931 - Microsoft Corporation) Hidden
Visual Studio Community 2022 (HKLM-x32\...\f3f14e08) (Version: 17.4.4 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.16 - VideoLAN)
VS Immersive Activate Helper (HKLM-x32\...\{0B826206-3626-4E96-A675-0BDE6B8711B6}) (Version: 17.0.118.0 - Microsoft Corporation) Hidden
VS JIT Debugger (HKLM\...\{7B8542BA-01E4-43EB-A172-1DA975AFD00B}) (Version: 17.0.118.0 - Microsoft Corporation) Hidden
VS Script Debugging Common (HKLM\...\{C8EA234A-FC2F-4EEC-BF7F-DB14C28C84D2}) (Version: 17.0.118.0 - Microsoft Corporation) Hidden
vs_BlendMsi (HKLM-x32\...\{8C14D3DF-69AD-443A-A607-B4B1BE9575CC}) (Version: 17.4.33006 - Microsoft Corporation) Hidden
vs_clickoncebootstrappermsi (HKLM-x32\...\{6AF210BE-348B-4156-8B2E-CD57FC573ABD}) (Version: 17.4.33006 - Microsoft Corporation) Hidden
vs_clickoncebootstrappermsires (HKLM-x32\...\{3826E149-22D5-470D-B8A7-D11244EA2720}) (Version: 17.4.33006 - Microsoft Corporation) Hidden
vs_clickoncesigntoolmsi (HKLM-x32\...\{7B907A0B-2606-42EB-A880-80E1F6AA4C48}) (Version: 17.4.33006 - Microsoft Corporation) Hidden
vs_communitymsires (HKLM-x32\...\{F48F6538-AB3C-4FD1-8ACE-0E5A861EC43C}) (Version: 17.4.33006 - Microsoft Corporation) Hidden
vs_communitysharedmsi (HKLM-x32\...\{B56EF9C1-B982-45B1-BEB5-3C8F50B21CF2}) (Version: 17.4.33006 - Microsoft Corporation) Hidden
vs_communityx64msi (HKLM\...\{9BF7BDD3-62E8-4E47-AF96-13EA1EB853AD}) (Version: 17.4.33006 - Microsoft Corporation) Hidden
vs_CoreEditorFonts (HKLM-x32\...\{667150AA-8DA3-433E-91EC-88BD8730D32A}) (Version: 17.4.33213 - Microsoft Corporation)
vs_devenvsharedmsi (HKLM-x32\...\{04D84C30-B442-49D2-A139-B8AAA7ACD445}) (Version: 17.4.33006 - Microsoft Corporation) Hidden
vs_devenx64vmsi (HKLM\...\{0DE775A3-1C63-4210-9CDC-D23F5330D715}) (Version: 17.4.33006 - Microsoft Corporation) Hidden
vs_filehandler_amd64 (HKLM-x32\...\{12B0A225-610B-43DA-8585-E2EAD563D611}) (Version: 17.4.33006 - Microsoft Corporation) Hidden
vs_filehandler_x86 (HKLM-x32\...\{56373DD6-9A8E-4C0C-95F6-F64DF2054A6F}) (Version: 17.4.33006 - Microsoft Corporation) Hidden
vs_FileTracker_Singleton (HKLM-x32\...\{49559293-3192-40D3-864C-5AB88E744A79}) (Version: 17.4.33006 - Microsoft Corporation) Hidden
vs_Graphics_Singletonx64 (HKLM\...\{9138874C-2D20-46BC-84BC-A13B31DF8955}) (Version: 17.4.33006 - Microsoft Corporation) Hidden
vs_Graphics_Singletonx86 (HKLM-x32\...\{9D4033AD-2990-469B-A2CC-CEE9A707106A}) (Version: 17.4.33006 - Microsoft Corporation) Hidden
vs_minshellinteropsharedmsi (HKLM-x32\...\{1EF48E65-5B07-4502-B6C2-43BC8311DAC3}) (Version: 17.4.33006 - Microsoft Corporation) Hidden
vs_minshellinteropx64msi (HKLM\...\{5691C5AB-0847-4862-8C49-43245E7DCE2C}) (Version: 17.4.33006 - Microsoft Corporation) Hidden
vs_minshellmsires (HKLM-x32\...\{988A9E72-24DF-4FC8-9F94-E2BFDAE40397}) (Version: 17.4.33006 - Microsoft Corporation) Hidden
vs_minshellsharedmsi (HKLM-x32\...\{C32CB038-8A83-4860-853F-9168214E3536}) (Version: 17.4.33006 - Microsoft Corporation) Hidden
vs_minshellx64msi (HKLM\...\{1AB2F81F-A360-4BE1-B68F-B50F0609A1AE}) (Version: 17.4.33006 - Microsoft Corporation) Hidden
vs_SQLClickOnceBootstrappermsi (HKLM-x32\...\{8C352959-35A5-40CA-A49C-91B349AB2778}) (Version: 17.4.33006 - Microsoft Corporation) Hidden
vs_tipsmsi (HKLM-x32\...\{6A7EA630-41A1-455D-849D-2AA2D1420236}) (Version: 17.4.33006 - Microsoft Corporation) Hidden
vs_vswebprotocolselectormsi (HKLM-x32\...\{ACBBFCA9-A48A-425A-BF50-B6FB8EFE7934}) (Version: 17.4.33006 - Microsoft Corporation) Hidden
vs_vswebprotocolselectormsires (HKLM-x32\...\{2BC745F0-9928-46F2-949C-0966D3826611}) (Version: 17.4.33006 - Microsoft Corporation) Hidden
Vzdálená plocha Chrome (HKU\S-1-5-21-567959055-877555932-3223723616-1001\...\b6c3e8b3f73bd926a7cca588d89cd991) (Version: 1.0 - Google\Chrome)
WinAppDeploy (HKLM-x32\...\{8E3AB865-9E38-1E5F-7B49-C8E3A70C6303}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Windows App Certification Kit Native Components (HKLM\...\{69331A50-908A-0745-CFCF-8413360C5B96}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Windows App Certification Kit SupportedApiList x86 (HKLM-x32\...\{81D4E442-F6C5-DF4B-DEF8-76E51ACC56F8}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Windows App Certification Kit x64 (HKLM-x32\...\{FD68622A-634F-FB49-6E94-E21A451A3B5A}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Windows Desktop Extension SDK (HKLM-x32\...\{3F737DA8-C5B7-8740-6B07-BA73B5E62CDF}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Windows Desktop Extension SDK Contracts (HKLM-x32\...\{D54B24F7-43DE-C7BF-3A5C-83F9E8E0700D}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Windows IoT Extension SDK (HKLM-x32\...\{5B64C01B-2798-A2F6-89C3-AC03906F8788}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Windows IoT Extension SDK Contracts (HKLM-x32\...\{1FF69612-5A91-3565-7EE3-0539A04E3B8D}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Windows Mobile Extension SDK (HKLM-x32\...\{DF2A6855-DB81-9047-3033-8D6AC6055AEF}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Windows Mobile Extension SDK Contracts (HKLM-x32\...\{8EDE105B-885A-D173-50F8-F50F39C51CF9}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Windows SDK (HKLM-x32\...\{2D2EBB11-484D-8F73-FA25-3FFABCE371F0}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Windows SDK AddOn (HKLM-x32\...\{15941C7F-810D-41DF-8C5A-8D0490277AFB}) (Version: 10.1.0.0 - Microsoft Corporation)
Windows SDK ARM Desktop Tools (HKLM-x32\...\{A99B19D4-7F87-03E5-B4A8-80420ECD7F53}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Windows SDK Desktop Headers arm (HKLM-x32\...\{C7C68DA0-8501-16DD-1E6A-6C34AAA28F21}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Windows SDK Desktop Headers arm64 (HKLM-x32\...\{30092A0E-1D50-8D66-E5EB-01F6AA8C1FFE}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Windows SDK Desktop Headers x64 (HKLM-x32\...\{C47F0820-6424-AE53-6BAF-2D41E829C855}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Windows SDK Desktop Headers x86 (HKLM-x32\...\{6F1B1243-7C12-5398-F575-5102906569A6}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Windows SDK Desktop Libs arm (HKLM-x32\...\{6221E085-FE37-1068-E6D7-9D08ABD32AE2}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Windows SDK Desktop Libs arm64 (HKLM-x32\...\{82931C8D-83CC-CF2E-F4FA-9AF0829BCA22}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Windows SDK Desktop Libs x64 (HKLM-x32\...\{1A457607-6262-3949-63D4-E1F85A3D95FD}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Windows SDK Desktop Libs x86 (HKLM-x32\...\{7CAF3DA2-79F6-C0DB-6C56-2462C8C4914C}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Windows SDK Desktop Tools arm64 (HKLM-x32\...\{54E5E684-132E-23D3-CBF6-962122E2C568}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Windows SDK Desktop Tools x64 (HKLM-x32\...\{E5715C32-34B0-6F8E-81B8-13FB19B1B682}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Windows SDK Desktop Tools x86 (HKLM-x32\...\{02594FB6-9905-CBB9-10E8-EFCFB7122D7C}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Windows SDK DirectX x64 Remote (HKLM\...\{0B12F7E3-EDAA-AF92-20BB-88540FEF54BA}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Windows SDK DirectX x86 Remote (HKLM-x32\...\{B9A2EE66-E1B9-ED85-E75B-041A348EB46D}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Windows SDK EULA (HKLM-x32\...\{93F9D7FA-F2FD-837D-E53F-D79767071E44}) (Version: 10.1.22000.832 - Microsoft Corporations) Hidden
Windows SDK Facade Windows WinMD Versioned (HKLM-x32\...\{31B6D021-BC97-82C5-9C42-16AB86C37215}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Windows SDK for Windows Store Apps (HKLM-x32\...\{CFC51C75-8F08-1968-BC86-70A396D353D9}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Windows SDK for Windows Store Apps Contracts (HKLM-x32\...\{AD3B32A0-5F71-DE89-B55A-9E85964186D8}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Windows SDK for Windows Store Apps DirectX x86 Remote (HKLM-x32\...\{31A3EB09-E226-B0E5-FA70-FF4B3CAD2ECF}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Windows SDK for Windows Store Apps Headers (HKLM-x32\...\{A1DA436A-2FA4-FDC2-9B0A-FBB40CF0499D}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Windows SDK for Windows Store Apps Libs (HKLM-x32\...\{C8977C7D-F685-8282-3C78-6276E03E3B32}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Windows SDK for Windows Store Apps Metadata (HKLM-x32\...\{7907F380-3CFD-247C-9DFC-A23CED2012F8}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Windows SDK for Windows Store Apps Tools (HKLM-x32\...\{68F11757-8C35-BEB6-2AED-6F7C6CC5B8C0}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Windows SDK for Windows Store Managed Apps Libs (HKLM-x32\...\{B0CB401F-F1EF-E63C-8191-9A447FC24C58}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Windows SDK Modern Non-Versioned Developer Tools (HKLM-x32\...\{FA582B75-7D9C-2717-5E64-1A8CC5E46ABD}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Windows SDK Modern Versioned Developer Tools (HKLM-x32\...\{EA338ECA-C63F-4BD6-B66F-274433C75A49}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Windows SDK Redistributables (HKLM-x32\...\{7DBE357D-2AA2-7B68-267E-F8DAEB182D6F}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Windows SDK Signing Tools (HKLM-x32\...\{0F5E7D7D-8969-DC1B-205D-024FB54A0417}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Windows Software Development Kit - Windows 10.0.22000.832 (HKLM-x32\...\{d6a76ead-c762-4d93-9c24-1fa3efa1e12d}) (Version: 10.1.22000.832 - Microsoft Corporation)
Windows Team Extension SDK (HKLM-x32\...\{14705B25-5AC2-82AC-DB79-A35219016ABB}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Windows Team Extension SDK Contracts (HKLM-x32\...\{5F1D4DE5-BFF3-503B-D05F-40ED6927DE17}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
WinRT Intellisense Desktop - en-us (HKLM-x32\...\{FBF034E1-563E-1F9D-DC45-491BB88E9B9E}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
WinRT Intellisense Desktop - Other Languages (HKLM-x32\...\{837DD890-14CE-9EB3-E8E1-F96A7EE5CFE5}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - en-us (HKLM-x32\...\{823E92A6-7572-174D-0671-95A55785F991}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - Other Languages (HKLM-x32\...\{3A8F388C-D0F7-0A66-0EDE-D477B1B1B2F4}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
WinRT Intellisense Mobile - en-us (HKLM-x32\...\{0F2D2736-F436-3F10-FB30-9D279F58305B}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - en-us (HKLM-x32\...\{FEAF2203-A2AC-080C-9D55-9F09623F38C3}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - Other Languages (HKLM-x32\...\{A06212FE-3C20-31C7-F88A-46673EF72E83}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - en-us (HKLM-x32\...\{4308116D-A763-144D-DC81-6243BE6B2ADF}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - Other Languages (HKLM-x32\...\{D307C8A5-7335-056E-6E64-E28544674EFD}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Wireshark 3.6.3 64-bit (HKLM-x32\...\Wireshark) (Version: 3.6.3 - The Wireshark developer community, hxxps://www.wireshark.org)
WPTx64 (HKLM-x32\...\{0B2C58EB-67A2-225B-60B2-D1990E55DD33}) (Version: 8.100.26866 - Microsoft)
Zebra Setup Utilities (HKLM-x32\...\{9207A8EC-3B2D-4A4A-8BF7-957FC19BB3DE}) (Version: 1.1.9.1290 - Zebra Technologies) Hidden
Zebra Setup Utilities (HKLM-x32\...\Zebra Setup Utilities) (Version: 1.1.9.1290 - Zebra Technologies)

Packages:
=========
Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_7.31.42.0_x64__kgqvnymyfvs32 [2023-03-02] (king.com)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.238.500.0_x64__kgqvnymyfvs32 [2023-03-10] (king.com)
Hidden City: Hidden Object Adventure -> C:\Program Files\WindowsApps\828B5831.HiddenCityMysteryofShadows_1.55.5501.0_x86__ytsefhwckbdv6 [2023-03-02] (G5 Entertainment AB)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_143.1.1136.0_x64__v10z8vjag6ke6 [2023-03-06] (HP Inc.)
HP Support Assistant -> C:\Program Files\WindowsApps\AD2F1837.HPSupportAssistant_9.23.20.0_x64__v10z8vjag6ke6 [2023-01-20] (HP Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-11-15] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-11-15] (Microsoft Corporation) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.964.0_x64__56jybvy8sckqj [2023-03-10] (NVIDIA Corp.)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.15.12020.0_x64__8wekyb3d8bbwe [2023-01-06] (Microsoft Studios) [MS Ad]
WindowsAppRuntime.1.2 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.2_2000.777.2143.0_x64__8wekyb3d8bbwe [2023-02-24] (Microsoft Corporation)
WindowsAppRuntime.1.2 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.2_2000.777.2143.0_x86__8wekyb3d8bbwe [2023-02-24] (Microsoft Corporation)
WinZip Universal -> C:\Program Files\WindowsApps\WinZipComputing.WinZipUniversal_1.5.13516.0_x64__3ykzqggjzj4z0 [2022-12-23] (WinZip Computing)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-567959055-877555932-3223723616-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\admin\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.22349.4\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-567959055-877555932-3223723616-1001_Classes\CLSID\{ED90173A-3B4C-4E7E-B9CF-79714425D4B5}\InprocServer32 -> C:\Program Files (x86)\PSPad editor\pspshellx64.dll () [File not signed]
ShellIconOverlayIdentifiers: [ GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\71.0.3.0\drivefsext.dll [2023-02-22] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\71.0.3.0\drivefsext.dll [2023-02-22] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\71.0.3.0\drivefsext.dll [2023-02-22] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\71.0.3.0\drivefsext.dll [2023-02-22] (Google LLC -> Google, Inc.)
ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\71.0.3.0\drivefsext.dll [2023-02-22] (Google LLC -> Google, Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\71.0.3.0\drivefsext.dll [2023-02-22] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\71.0.3.0\drivefsext.dll [2023-02-22] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvwu.inf_amd64_422d09ccf7b0b873\nvshext.dll [2022-06-13] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers5: [NvQuadroView] -> {1E9B04FB-F9E5-4718-997B-B8DA88302A48} => C:\Program Files\NVIDIA Corporation\nview\nvshell.dll [2022-06-13] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1_S-1-5-21-567959055-877555932-3223723616-1001: [EditWithPSPad] -> {ED90173A-3B4C-4E7E-B9CF-79714425D4B5} => C:\Program Files (x86)\PSPad editor\pspshellx64.dll [2014-11-02] () [File not signed]

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\admin\Documents\www\www.admin.loc\modules\_dev\require\SolidWorks\Macros\SLDWORKS.lnk -> C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS\SLDWORKS.exe (Dassault Systèmes SolidWorks Corp.) -> /m "C:\Users\admin\Documents\www\www.admin.loc\modules\_dev\require\SolidWorks\Macros\analysis_pictures-v1.10.swp"
ShortcutWithArgument: C:\Users\admin\Desktop\Vzdálená plocha Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=efmjfjelnicpmdcmfikempdhlmainjcb
ShortcutWithArgument: C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Vzdálená plocha Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=efmjfjelnicpmdcmfikempdhlmainjcb

==================== Loaded Modules (Whitelisted) =============

2021-11-15 11:51 - 2013-07-08 18:34 - 000114688 _____ () [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\bin\pcre.dll
2023-01-13 12:37 - 2015-08-05 18:21 - 017864192 _____ () [File not signed] C:\Program Files\HSMWorks\machineworks.dll
2023-01-13 12:37 - 2014-01-30 16:38 - 003328512 _____ () [File not signed] C:\Program Files\HSMWorks\mozjs.dll
2023-02-18 02:27 - 2023-02-18 02:27 - 000369152 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\annotationcplu\2837e4e56f77982fa8263d62133f3b77\annotationcplu.ni.dll
2023-02-18 02:27 - 2023-02-18 02:27 - 000723968 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\asmfeaturecplu\280b82ca178c40573c47ec38b3776d03\asmfeaturecplu.ni.dll
2023-02-18 02:27 - 2023-02-18 02:27 - 000160256 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\clrloadu\1a34754c388f58952ee8d972f5bd06cb\clrloadu.ni.dll
2023-02-18 02:27 - 2023-02-18 02:27 - 000743936 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\contentcplu\e374d78b1deb93270d63678efc4cd1ad\contentcplu.ni.dll
2023-02-18 02:27 - 2023-02-18 02:27 - 001688064 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\couplingBase\5a09d177c33ee9adcad5973839dd4675\couplingBase.ni.dll
2023-02-18 02:27 - 2023-02-18 02:27 - 000395776 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\featurecplu\cfa6ba3e2d635a0b34653b1bb22bae5c\featurecplu.ni.dll
2023-02-18 02:27 - 2023-02-18 02:27 - 000256000 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\refgeomcplu\e097a7b4d817eab2b4051a0e544cea26\refgeomcplu.ni.dll
2023-02-18 02:27 - 2023-02-18 02:27 - 000736256 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\sheetmetalcplu\a66dc08bd1954f603153708e92b7fb11\sheetmetalcplu.ni.dll
2023-02-18 02:27 - 2023-02-18 02:27 - 001113600 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Sketchcplu\eff6cd6b9fbdcf70a274ddd62c119689\Sketchcplu.ni.dll
2023-02-18 02:27 - 2023-02-18 02:27 - 011044864 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\sldcoreu\0efbbb903c494035065e73f7ecbd564e\sldcoreu.ni.dll
2023-02-18 02:27 - 2023-02-18 02:27 - 000321536 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\wpfsupport\a4494015a10194b14d6a089e5feca881\wpfsupport.ni.dll
2021-11-15 11:51 - 2013-11-22 03:12 - 000152576 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\bin\libapr-1.dll
2021-11-15 11:51 - 2013-11-22 03:12 - 000027136 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\bin\libapriconv-1.dll
2021-11-15 11:51 - 2013-11-22 03:12 - 000206848 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\bin\libaprutil-1.dll
2021-11-15 11:51 - 2013-11-22 03:13 - 000328192 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\bin\libhttpd.dll
2021-11-15 11:51 - 2013-11-22 03:07 - 000012288 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\modules\mod_access_compat.so
2021-11-15 11:51 - 2013-11-22 03:07 - 000011264 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\modules\mod_actions.so
2021-11-15 11:51 - 2013-11-22 03:07 - 000013824 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\modules\mod_alias.so
2021-11-15 11:51 - 2013-11-22 03:07 - 000009728 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\modules\mod_allowmethods.so
2021-11-15 11:51 - 2013-11-22 03:07 - 000010752 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\modules\mod_asis.so
2021-11-15 11:51 - 2013-11-22 03:07 - 000014336 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\modules\mod_auth_basic.so
2021-11-15 11:51 - 2013-11-22 03:07 - 000011776 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\modules\mod_authn_core.so
2021-11-15 11:51 - 2013-11-22 03:07 - 000011264 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\modules\mod_authn_file.so
2021-11-15 11:51 - 2013-11-22 03:07 - 000018944 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\modules\mod_authz_core.so
2021-11-15 11:51 - 2013-11-22 03:07 - 000011776 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\modules\mod_authz_groupfile.so
2021-11-15 11:51 - 2013-11-22 03:07 - 000011264 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\modules\mod_authz_host.so
2021-11-15 11:51 - 2013-11-22 03:07 - 000009728 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\modules\mod_authz_user.so
2021-11-15 11:51 - 2013-11-22 03:07 - 000030208 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\modules\mod_autoindex.so
2021-11-15 11:51 - 2013-11-22 03:07 - 000020480 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\modules\mod_cgi.so
2021-11-15 11:51 - 2013-11-22 03:07 - 000012288 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\modules\mod_dir.so
2021-11-15 11:51 - 2013-11-22 03:07 - 000010752 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\modules\mod_env.so
2021-11-15 11:51 - 2013-11-22 03:08 - 000039424 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\modules\mod_include.so
2021-11-15 11:51 - 2013-11-22 03:08 - 000024064 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\modules\mod_isapi.so
2021-11-15 11:51 - 2013-11-22 03:08 - 000024576 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\modules\mod_log_config.so
2021-11-15 11:51 - 2013-11-22 03:08 - 000016896 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\modules\mod_mime.so
2021-11-15 11:51 - 2013-11-22 03:08 - 000029184 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\modules\mod_negotiation.so
2021-11-15 11:51 - 2013-11-22 03:08 - 000051200 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\modules\mod_rewrite.so
2021-11-15 11:51 - 2013-11-22 03:08 - 000013824 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\modules\mod_setenvif.so
2023-02-18 02:27 - 2023-02-18 02:27 - 000020992 _____ (Dassault Systèmes SolidWorks Corporation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\AnnotationOperation\748cb72785e7d8bb05f817d9a4c3c7ff\AnnotationOperation.ni.dll
2023-02-18 02:27 - 2023-02-18 02:27 - 000026112 _____ (Dassault Systèmes SolidWorks Corporation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\AnnotationUI\fc8915bf7ddc20b9c6bc71480cd1836b\AnnotationUI.ni.dll
2023-02-18 02:27 - 2023-02-18 02:27 - 000260608 _____ (Dassault Systèmes SolidWorks Corporation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\AnnotationWPF\92ebf429fbaac54751d766fd1afd5a2b\AnnotationWPF.ni.dll
2023-02-18 02:27 - 2023-02-18 02:27 - 000024576 _____ (Dassault Systèmes SolidWorks Corporation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\AsmFeatureOperation\2d941e9eab805bf2abbb4ca4506b3a58\AsmFeatureOperation.ni.dll
2023-02-18 02:27 - 2023-02-18 02:27 - 000034304 _____ (Dassault Systèmes SolidWorks Corporation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\asmfeatureui\c4c7f1266d4555162547932f5a70ce94\asmfeatureui.ni.dll
2023-02-18 02:27 - 2023-02-18 02:27 - 000046592 _____ (Dassault Systèmes SolidWorks Corporation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\asmfeaturewpf\9336202f19a2f5e4a152f6e57f7e5957\asmfeaturewpf.ni.dll
2023-02-18 02:27 - 2023-02-18 02:27 - 000203264 _____ (Dassault Systèmes SolidWorks Corporation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CmdInterface\9d92d24e2926aacf30e6b9e6b122901c\CmdInterface.ni.dll
2023-02-18 02:27 - 2023-02-18 02:27 - 000029696 _____ (Dassault Systèmes SolidWorks Corporation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\ContentOperation\e4a1a41ed5f983d19f099fc54ceb7298\ContentOperation.ni.dll
2023-02-18 02:27 - 2023-02-18 02:27 - 000028672 _____ (Dassault Systèmes SolidWorks Corporation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\ContentUI\bf62bc95e666606bc7c2719a59786829\ContentUI.ni.dll
2023-02-18 02:27 - 2023-02-18 02:27 - 000592384 _____ (Dassault Systèmes SolidWorks Corporation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Controls\607590d36a69a363054616053397c0f2\Controls.ni.dll
2023-02-18 02:27 - 2023-02-18 02:27 - 000063488 _____ (Dassault Systèmes SolidWorks Corporation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CoreInterface\6453b958972fb929f7698aea24e137a6\CoreInterface.ni.dll
2023-02-18 02:27 - 2023-02-18 02:27 - 000045568 _____ (Dassault Systèmes SolidWorks Corporation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DebugControls\4d809ea57e643ece505824f9d4a39eb4\DebugControls.ni.dll
2023-02-18 02:27 - 2023-02-18 02:27 - 000099328 _____ (Dassault Systèmes SolidWorks Corporation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DveSupport\f5691ecc53966c728eb4ab962d578d25\DveSupport.ni.dll
2023-02-18 02:27 - 2023-02-18 02:27 - 000034816 _____ (Dassault Systèmes SolidWorks Corporation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\EnvironmentCore\560ea4a01d3202ac882bfe6364032d94\EnvironmentCore.ni.dll
2023-02-18 02:27 - 2023-02-18 02:27 - 000028672 _____ (Dassault Systèmes SolidWorks Corporation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\FeatureOperation\1c0eb7c0c2c365fa9c2e0a6b183e6fac\FeatureOperation.ni.dll
2023-02-18 02:27 - 2023-02-18 02:27 - 000067072 _____ (Dassault Systèmes SolidWorks Corporation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\FeatureUI\b168da0fc8d391a0dcf769018a0c580e\FeatureUI.ni.dll
2023-02-18 02:27 - 2023-02-18 02:27 - 000114688 _____ (Dassault Systèmes SolidWorks Corporation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\FeatureWPF\56fcacd12f07693bd8c43e28ceb379db\FeatureWPF.ni.dll
2023-02-18 02:27 - 2023-02-18 02:27 - 000048128 _____ (Dassault Systèmes SolidWorks Corporation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\OperationBase\85ffa77eab2b9a85b32185f0bbd837f7\OperationBase.ni.dll
2023-02-18 02:27 - 2023-02-18 02:27 - 000023552 _____ (Dassault Systèmes SolidWorks Corporation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\RefGeomOperation\c1d7c25d29f14bd3727c404b5d4854c8\RefGeomOperation.ni.dll
2023-02-18 02:27 - 2023-02-18 02:27 - 000091648 _____ (Dassault Systèmes SolidWorks Corporation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\RefGeomUI\bcf5183f645571f3f89f9cfe0c0ae9ac\RefGeomUI.ni.dll
2023-02-18 02:27 - 2023-02-18 02:27 - 000078336 _____ (Dassault Systèmes SolidWorks Corporation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\RefPlaneWPF\2fcfc5160c097da3093bd24fb08158c7\RefPlaneWPF.ni.dll
2023-02-18 02:27 - 2023-02-18 02:27 - 000024576 _____ (Dassault Systèmes SolidWorks Corporation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\SheetMetalOperation\9a513acfbdd967117f1f65360d6e0378\SheetMetalOperation.ni.dll
2023-02-18 02:27 - 2023-02-18 02:27 - 000180736 _____ (Dassault Systèmes SolidWorks Corporation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\SheetMetalUi\1040489e740434a06898baa859e5d083\SheetMetalUi.ni.dll
2023-02-18 02:27 - 2023-02-18 02:27 - 000102912 _____ (Dassault Systèmes SolidWorks Corporation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\SheetMetalWPF\e49040ee82a8b745f6fabdcf1567e4cf\SheetMetalWPF.ni.dll
2023-02-18 02:27 - 2023-02-18 02:27 - 000027648 _____ (Dassault Systèmes SolidWorks Corporation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\SketchOperation\d3b88901fe88127dbec75eeb2eb294a1\SketchOperation.ni.dll
2023-02-18 02:27 - 2023-02-18 02:27 - 000057344 _____ (Dassault Systèmes SolidWorks Corporation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\SketchUI\cde19c03698b806169f87be12f9c4991\SketchUI.ni.dll
2023-02-18 02:27 - 2023-02-18 02:27 - 000095744 _____ (Dassault Systèmes SolidWorks Corporation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\SketchWPF\cea5396792b5c9f0e2d1f6dbf0949894\SketchWPF.ni.dll
2023-02-18 02:27 - 2023-02-18 02:27 - 000150016 _____ (Dassault Systèmes SolidWorks Corporation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\UiBase\54349f999a48745393d3076d71674f68\UiBase.ni.dll
2023-02-18 02:27 - 2023-02-18 02:27 - 002051072 _____ (Dassault Systèmes SolidWorks Corporation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\WPFRes\d6854e7f59c29ee0f7aee697f32f9722\WPFRes.ni.dll
2021-10-27 22:28 - 2021-10-27 22:28 - 000073728 _____ (Python Software Foundation) [File not signed] C:\Program Files\LibreOffice\program\python-core-3.8.8\lib\_socket.pyd
2021-10-27 22:28 - 2021-10-27 22:28 - 000020992 _____ (Python Software Foundation) [File not signed] C:\Program Files\LibreOffice\program\python-core-3.8.8\lib\select.pyd
2021-10-28 01:41 - 2021-10-28 01:41 - 000476160 _____ (The Document Foundation) [File not signed] C:\Program Files\LibreOffice\program\pyuno.pyd
2023-02-16 12:37 - 2022-04-28 21:21 - 001269760 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Common Files\iMyFone\Components\Resident\LIBEAY32.dll
2023-02-16 12:37 - 2022-04-28 21:21 - 000276480 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Common Files\iMyFone\Components\Resident\ssleay32.dll
2021-11-15 11:51 - 2013-07-08 18:29 - 001175040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\bin\libeay32.dll
2021-11-15 11:51 - 2013-07-08 18:29 - 000269312 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\bin\ssleay32.dll
2021-11-15 12:28 - 2014-01-09 07:37 - 000066560 _____ (The PHP Group) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\php\php_runningversion\ext\php_bz2.dll
2021-11-15 12:28 - 2014-01-09 07:37 - 000492032 _____ (The PHP Group) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\php\php_runningversion\ext\php_curl.dll
2021-11-15 12:28 - 2014-01-09 07:37 - 001348096 _____ (The PHP Group) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\php\php_runningversion\ext\php_gd2.dll
2021-11-15 12:28 - 2014-01-09 07:37 - 000831488 _____ (The PHP Group) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\php\php_runningversion\ext\php_imap.dll
2021-11-15 12:28 - 2014-01-09 07:37 - 001239552 _____ (The PHP Group) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\php\php_runningversion\ext\php_mbstring.dll
2021-11-15 12:28 - 2014-01-09 07:37 - 000036864 _____ (The PHP Group) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\php\php_runningversion\ext\php_mysql.dll
2021-11-15 12:28 - 2014-01-09 07:37 - 000088576 _____ (The PHP Group) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\php\php_runningversion\ext\php_mysqli.dll
2021-11-15 12:28 - 2014-01-09 07:37 - 000072704 _____ (The PHP Group) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\php\php_runningversion\ext\php_openssl.dll
2021-11-15 12:28 - 2014-01-09 07:37 - 000024576 _____ (The PHP Group) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\php\php_runningversion\ext\php_pdo_mysql.dll
2021-11-15 12:28 - 2014-01-09 07:37 - 000399872 _____ (The PHP Group) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\php\php_runningversion\ext\php_pdo_sqlite.dll
2021-11-15 12:28 - 2014-01-09 07:37 - 000054784 _____ (The PHP Group) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\php\php_runningversion\ext\php_sockets.dll
2021-11-15 12:28 - 2014-01-09 07:37 - 000553472 _____ (The PHP Group) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\php\php_runningversion\ext\php_sqlite3.dll
2021-11-15 12:28 - 2014-01-09 07:37 - 000231936 _____ (The PHP Group) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\php\php_runningversion\ext\php_xsl.dll
2021-11-15 12:28 - 2014-01-09 07:37 - 000026624 _____ (The PHP Group) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\php\php_runningversion\php5apache2_4.dll
2021-11-15 12:28 - 2014-01-09 07:37 - 006155264 _____ (The PHP Group) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\php\php_runningversion\php5ts.dll
2023-02-16 12:37 - 2017-09-14 07:45 - 000037888 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Common Files\iMyFone\Components\Resident\bearer\qgenericbearer.dll
2023-02-16 12:37 - 2017-09-14 07:45 - 000039424 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Common Files\iMyFone\Components\Resident\bearer\qnativewifibearer.dll
2023-02-16 12:37 - 2017-09-14 07:46 - 001012224 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Common Files\iMyFone\Components\Resident\platforms\qwindows.dll
2023-02-16 12:37 - 2022-04-28 21:21 - 004694016 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Common Files\iMyFone\Components\Resident\Qt5Core.dll
2023-02-16 12:37 - 2022-04-28 21:21 - 005032960 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Common Files\iMyFone\Components\Resident\Qt5Gui.dll
2023-02-16 12:37 - 2022-04-28 21:21 - 000856064 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Common Files\iMyFone\Components\Resident\Qt5Network.dll
2023-02-16 12:37 - 2022-04-28 21:21 - 004483072 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Common Files\iMyFone\Components\Resident\Qt5Widgets.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2023-01-10] (HP Inc. -> HP Inc.)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2023-01-10] (HP Inc. -> HP Inc.)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2016-07-16 12:47 - 2016-07-16 12:45 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\php\php_runningversion;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit\;C:\Program Files\PuTTY\;c:\Users\admin\AppData\Local\Programs\Python\Python311\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\dotnet\;
HKU\S-1-5-21-567959055-877555932-3223723616-1000\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-567959055-877555932-3223723616-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\windows\img0.jpg
DNS Servers: 192.168.11.1 - 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

Network Binding:
=============
Ethernet: Npcap Packet Driver (NPCAP) -> INSECURE_NPCAP (enabled)

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIG\Services: wuauserv => 3

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{5D14C625-87C3-4153-AC53-C93FFF761FAF}] => (Allow) C:\Windows\System32\CNAB4RPD.EXE (CANON INC. -> CANON INC.)
FirewallRules: [{8E5CF802-BB1B-43F5-8FCA-D5F61A19C477}] => (Allow) C:\Windows\System32\CNAB4RPD.EXE (CANON INC. -> CANON INC.)
FirewallRules: [{1B0A0BCC-3E66-4897-ACC3-79BF35E01190}] => (Allow) C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS\swScheduler\DTSCoordinatorService.exe (Dassault Systemes SolidWorks Corp. -> Dassault Systèmes SolidWorks Corporation)
FirewallRules: [{67A51E73-3B44-446E-9D84-7F13870902DF}] => (Allow) C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS\swScheduler\DTSCoordinatorService.exe (Dassault Systemes SolidWorks Corp. -> Dassault Systèmes SolidWorks Corporation)
FirewallRules: [{4F3D12E4-D95C-4358-9F76-F16C805D31C3}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{D2AA0281-ED6E-4235-AF1B-74DB8209717A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{A310AA8D-88F9-4287-BD5F-6A302EA24BA2}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{F4798396-E301-4EF4-9058-B61A151CFAEB}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [UDP Query User{26A6BC19-30E9-4F42-B025-B9D7AE4C719A}C:\program files (x86)\easyphp-devserver-14.1vc11\binaries\apache\bin\eds-httpd.exe] => (Allow) C:\program files (x86)\easyphp-devserver-14.1vc11\binaries\apache\bin\eds-httpd.exe (Apache Software Foundation) [File not signed]
FirewallRules: [TCP Query User{A4ED5F5F-2EC8-4330-BE8F-8C96E9BECA58}C:\program files (x86)\easyphp-devserver-14.1vc11\binaries\apache\bin\eds-httpd.exe] => (Allow) C:\program files (x86)\easyphp-devserver-14.1vc11\binaries\apache\bin\eds-httpd.exe (Apache Software Foundation) [File not signed]
FirewallRules: [{437E47C2-7168-4588-8F90-5A36FBAC2486}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{7A9C115C-6F64-4936-95AC-BF8BBAEFCE07}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{AB0CE918-2D94-4E15-AAC2-829DEAA1A2F6}] => (Allow) C:\HP\Diagnostics\PSDR\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [{71C12985-9416-49AD-BCF2-FAFEA0788A58}] => (Allow) C:\HP\Diagnostics\PSDR\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [TCP Query User{B5FB24A2-BF19-42C3-82A9-C79478EE2360}C:\program files (x86)\easyphp-devserver-14.1vc11\binaries\php\php_runningversion\php.exe] => (Allow) C:\program files (x86)\easyphp-devserver-14.1vc11\binaries\php\php_runningversion\php.exe (The PHP Group) [File not signed]
FirewallRules: [UDP Query User{D0C5EEB4-8299-46B1-BEB4-4843163BEC15}C:\program files (x86)\easyphp-devserver-14.1vc11\binaries\php\php_runningversion\php.exe] => (Allow) C:\program files (x86)\easyphp-devserver-14.1vc11\binaries\php\php_runningversion\php.exe (The PHP Group) [File not signed]
FirewallRules: [{507FB27B-ACA9-4145-9E17-16AC2ECDAED4}] => (Allow) LPort=5900
FirewallRules: [{A3F5CC0E-1786-471E-83E0-B94A107CED61}] => (Allow) LPort=5800
FirewallRules: [{F0A1A67F-461E-4854-A4D1-3A3A65A9BBDA}] => (Allow) C:\Program Files\uvnc bvba\UltraVNC\winvnc.exe (uvnc bvba -> UltraVNC)
FirewallRules: [{878CEB91-B51C-4B21-8431-DBAEEAA81CC7}] => (Allow) C:\Program Files\uvnc bvba\UltraVNC\winvnc.exe (uvnc bvba -> UltraVNC)
FirewallRules: [{9D91615D-9128-4B77-B56B-5198A26BC88C}] => (Allow) C:\Program Files\uvnc bvba\UltraVNC\vncviewer.exe (uvnc bvba -> UltraVNC)
FirewallRules: [{D9AF2464-FCF4-4DF8-8BE6-A36C3C6AB147}] => (Allow) C:\Program Files\uvnc bvba\UltraVNC\vncviewer.exe (uvnc bvba -> UltraVNC)
FirewallRules: [TCP Query User{FA773161-33E7-4496-8652-CAF829D25749}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{9F67C77A-C336-4A5D-8A36-B0BF4EA91F7E}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [TCP Query User{F4B5E456-ACF9-4065-BC13-9EAD3CBE6ABA}C:\users\admin\documents\install\mikroftp\mikroftp.exe] => (Allow) C:\users\admin\documents\install\mikroftp\mikroftp.exe () [File not signed]
FirewallRules: [UDP Query User{64571B73-78E2-4892-9AE3-3C0A7AB0D2AB}C:\users\admin\documents\install\mikroftp\mikroftp.exe] => (Allow) C:\users\admin\documents\install\mikroftp\mikroftp.exe () [File not signed]
FirewallRules: [TCP Query User{8B007BE5-9DD1-476D-A4F0-59B473BA7810}C:\program files (x86)\pspad editor\pspad.exe] => (Allow) C:\program files (x86)\pspad editor\pspad.exe (Jan Fiala -> Jan Fiala)
FirewallRules: [UDP Query User{1BF4BA17-D5E8-4CD3-984C-62E796B770E2}C:\program files (x86)\pspad editor\pspad.exe] => (Allow) C:\program files (x86)\pspad editor\pspad.exe (Jan Fiala -> Jan Fiala)
FirewallRules: [TCP Query User{5ABDECA2-32CC-4CCE-AE5C-B41AD1A428C0}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{0BA7EC0E-3D3F-44B4-BC6C-8409230CE900}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{9308BD71-6C0E-44AA-BA9E-72957EC22BD5}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{280CB6D8-3C86-4F91-AB29-B146B215F3A8}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{F0621917-8433-41C1-8DD3-FFB7908CC066}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{AEF668C5-62DB-47F9-B064-2BB28B48E9FA}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{76D24C53-DF05-4313-8781-82C4488E76D6}] => (Allow) C:\Program Files (x86)\Google\Chrome Remote Desktop\111.0.5563.12\remoting_host.exe (Google LLC -> Google LLC)
FirewallRules: [{5AF94143-9262-4C5A-9DDA-9D06A71C1CF5}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.94.3428.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{20C28AEC-0438-491A-9998-3A73712506D2}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.94.3428.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{CB589358-AAF1-4EEA-9C68-FCD04FB0AFDC}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.94.3428.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{094D6C71-B35F-4434-9A39-A3DD4E76CAA2}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.94.3428.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{18AA7170-188E-41A7-8A74-67C9628B3848}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{4B4E73CF-192C-477C-BCA4-445F4DC97410}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\110.0.1587.69\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================

07-03-2023 15:46:47 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices ============

Name: Synaptics PS/2 Port TouchPad
Description: Synaptics PS/2 Port TouchPad
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Synaptics
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Neznámé zařízení USB (reset portu se nezdařil)
Description: Neznámé zařízení USB (reset portu se nezdařil)
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standardní hostitelský řadič USB)
Service:
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation.

Name: Standardní klávesnice PS/2
Description: Standardní klávesnice PS/2
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardní klávesnice)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: ========================

Application errors:
==================
Error: (03/13/2023 09:21:18 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (1426300,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (03/13/2023 09:10:44 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (1424364,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (03/13/2023 09:02:04 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (1423160,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (03/10/2023 05:13:51 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (1421360,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (03/10/2023 05:03:18 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (1419252,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (03/10/2023 04:43:51 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (1417924,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (03/10/2023 04:27:35 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (1413368,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (03/10/2023 04:13:51 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (1412116,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).


System errors:
=============
Error: (03/10/2023 08:21:15 AM) (Source: nvlddmkm) (EventID: 0) (User: )
Description: Event-ID 0

Error: (03/10/2023 08:21:14 AM) (Source: nvlddmkm) (EventID: 0) (User: )
Description: Event-ID 0

Error: (03/10/2023 08:21:14 AM) (Source: nvlddmkm) (EventID: 0) (User: )
Description: Event-ID 0

Error: (03/07/2023 03:21:06 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Stínové kopie svazku C: byly přerušeny, protože z důvodu limitu stanoveného uživatelem se nepodařilo zvětšit úložiště stínové kopie.

Error: (02/28/2023 12:00:48 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9NMPJ99VJBWV-Microsoft.YourPhone.

Error: (02/27/2023 04:01:39 PM) (Source: googledrivefs3758) (EventID: 2) (User: )
Description: The driver version of the disk does not match.

Error: (02/24/2023 03:20:18 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9NMPJ99VJBWV-Microsoft.YourPhone.

Error: (02/23/2023 10:20:19 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Mozilla Maintenance Service byla ukončena s následující chybou:
Nesprávná funkce.


Windows Defender:
================
Date: 2023-03-10 08:42:01
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {F0A997B4-2C37-4E5E-AF08-B9BA88FA9DD8}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2023-03-09 13:14:36
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {1308C5E2-EA70-42EC-A8EE-223B65E012EF}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2023-03-08 09:29:58
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {73B5B7D9-FDF6-478B-ACAE-FD63609833F6}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2023-03-08 09:17:40
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {377ECFB0-B613-4CF4-8E1B-EA598812BAB2}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2023-03-07 15:00:58
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {160CFB76-2EE1-4B70-AB6D-F547AD9ADA49}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

CodeIntegrity:
===============
Date: 2023-02-16 13:16:57
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\ImmersiveControlPanel\SystemSettings.exe) attempted to load \Device\HarddiskVolume4\Program Files\Google\Drive File Stream\70.0.2.0\crashpad_handler.exe that did not meet the Microsoft signing level requirements.

Date: 2023-01-30 07:44:17
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\ImmersiveControlPanel\SystemSettings.exe) attempted to load \Device\HarddiskVolume4\Program Files\Google\Drive File Stream\69.0.0.0\crashpad_handler.exe that did not meet the Microsoft signing level requirements.

Date: 2022-12-14 18:13:36
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Mozilla Firefox\firefox.exe) attempted to load \Device\HarddiskVolume4\Program Files\Mozilla Firefox\mozavcodec.dll that did not meet the Microsoft signing level requirements.

Date: 2022-12-14 18:13:36
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Mozilla Firefox\firefox.exe) attempted to load \Device\HarddiskVolume4\Program Files\Mozilla Firefox\mozavutil.dll that did not meet the Microsoft signing level requirements.


==================== Memory info ===========================

BIOS: HP N51 Ver. 01.24 04/27/2016
Motherboard: HP 802F
Processor: Intel(R) Core(TM) i7-6700 CPU @ 3.40GHz
Percentage of memory in use: 68%
Total physical RAM: 32688.59 MB
Available physical RAM: 10434.19 MB
Total Virtual: 37552.59 MB
Available Virtual: 7127.98 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:475.75 GB) (Free:233.38 GB) (Model: MTFDDAK512MBF-1AN1ZABHA) NTFS
Drive d: (Nový svazek) (Fixed) (Total:931.39 GB) (Free:62.7 GB) (Model: WDC WD10EZEX-60WN4A0) NTFS
Drive g: (Google Drive) (Fixed) (Total:100 GB) (Free:30.6 GB) (Model: MTFDDAK512MBF-1AN1ZABHA) FAT32
Drive h: (My Book) (Fixed) (Total:5589 GB) (Free:2534.97 GB) (Model: WD My Book 25EE USB Device) exFAT

\\?\Volume{2d11b580-00ec-446f-8c28-fccb217c6554}\ (Obnovení) (Fixed) (Total:0.44 GB) (Free:0.43 GB) NTFS
\\?\Volume{8cece581-d353-4b03-a381-f10bd18e0060}\ () (Fixed) (Total:0.63 GB) (Free:0.08 GB) NTFS
\\?\Volume{a70e0bb1-edf6-4ce0-9565-b1fe5b665825}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 476.9 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 1 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 2 (Size: 5589 GB) (Disk ID: 16F2A91F)

Partition: GPT.

==================== End of Addition.txt =======================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118196
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Mizící soubory WIN 10 SSD

#2 Příspěvek od Rudy »

Zdravím!
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

AndySue
Návštěvník
Návštěvník
Příspěvky: 91
Registrován: 26 pro 2009 12:10

Re: Mizící soubory WIN 10 SSD

#3 Příspěvek od AndySue »

Nejsem si jist, jestli jsem vše provedl dobře. Snad jo.

# -------------------------------
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build: 08-30-2022
# Database: 2022-10-10.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 03-13-2023
# Duration: 00:00:01
# OS: Windows 10 (Build 19044.2604)
# Cleaned: 9
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

Deleted BlockSite - Stay Focused & Control Your Time - {dd3d7613-0246-469d-bc65-2a3cc1668adc}

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

Deleted Preinstalled.HPSupportAssistant Folder C:\Program Files (x86)\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Deleted Preinstalled.HPSupportAssistant Folder C:\ProgramData\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Deleted Preinstalled.HPSupportAssistant Folder C:\Users\admin\AppData\Roaming\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Deleted Preinstalled.HPSupportAssistant Folder C:\Windows\System32\config\systemprofile\AppData\Local\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Deleted Preinstalled.HPSupportAssistant Registry HKLM\Software\Classes\CLSID\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Deleted Preinstalled.HPSupportAssistant Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Deleted Preinstalled.HPSupportAssistant Registry HKLM\Software\Wow6432Node\\Classes\CLSID\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Deleted Preinstalled.HPSupportAssistant Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [2505 octets] - [13/03/2023 10:57:16]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118196
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Mizící soubory WIN 10 SSD

#4 Příspěvek od Rudy »

OK. Dejte nové logy FRST+Addition.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

AndySue
Návštěvník
Návštěvník
Příspěvky: 91
Registrován: 26 pro 2009 12:10

Re: Mizící soubory WIN 10 SSD

#5 Příspěvek od AndySue »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 12-03-2023
Ran by admin (administrator) on DESKTOP-OLM3P1O (HP HP Z240 Tower Workstation) (14-03-2023 11:06:15)
Running from C:\Users\admin\Desktop
Loaded Profiles: admin
Platform: Microsoft Windows 10 Pro Version 21H2 19044.2604 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Acronis, Inc -> Acronis) C:\Program Files (x86)\Acronis\DriveMonitor\adm_tray.exe
(C:\Program Files (x86)\Common Files\iMyFone\Components\Resident\LocalService.exe ->) (Shenzhen iMyFone Technology Co., Ltd -> ) C:\Program Files (x86)\Common Files\iMyFone\Components\Resident\MFResident.exe
(C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\EasyPHP-DevServer-14.1VC11.exe ->) () [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\mysql\bin\eds-mysqld.exe
(C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\EasyPHP-DevServer-14.1VC11.exe ->) (Apache Software Foundation) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\bin\eds-httpd.exe <2>
(C:\Program Files\HP\HP Enabling Services\SysInfoCap.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\BridgeCommunication.exe
(C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(C:\Program Files\WindowsApps\Microsoft.YourPhone_1.23012.167.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.23012.167.0_x64__8wekyb3d8bbwe\YourPhoneAppProxy.exe
(explorer.exe ->) (Acronis, Inc -> Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(explorer.exe ->) (Dassault Systemes SolidWorks Corp. -> Dassault Systèmes SolidWorks Corp.) C:\Program Files (x86)\Common Files\Manažer instalací SOLIDWORKS\BackgroundDownloading\sldBgDwld.exe
(explorer.exe ->) (Dassault Systemes SolidWorks Corp. -> Dassault Systèmes SolidWorks Corp.) C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS\sldworks_fs.exe
(explorer.exe ->) (EasyPHP) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\EasyPHP-DevServer-14.1VC11.exe
(explorer.exe ->) (Google LLC -> ) C:\Program Files\Google\Drive File Stream\71.0.3.0\crashpad_handler.exe <2>
(explorer.exe ->) (Google LLC -> Google, Inc.) C:\Program Files\Google\Drive File Stream\71.0.3.0\GoogleDriveFS.exe <7>
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <8>
(explorer.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Pixart Imaging Inc) C:\Windows\System32\TiltWheelMouse.exe
(explorer.exe ->) (Petr Laštovička) [File not signed] C:\Program Files\hotkeyp\HotkeyP.exe
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler64.exe
(services.exe ->) (Acronis, Inc -> Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome Remote Desktop\111.0.5563.12\remoting_host.exe <2>
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\AppHelperCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\DiagsCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\NetworkCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\SysInfoCap.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_9949412f65718dfe\LMS.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_670360bdb5a40a0d\WMIRegistrationService.exe
(services.exe ->) (Intel Corporation -> Intel(R) Corporation) C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_45efd8a6478e15ce\lib\TPMProvisioningService.exe
(services.exe ->) (Intel Corporation -> Intel(R) Corporation) C:\Windows\SysWOW64\XtuService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\NisSrv.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvwu.inf_amd64_422d09ccf7b0b873\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvwu.inf_amd64_422d09ccf7b0b873\NVWMI\nvWmi64.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(services.exe ->) (Shenzhen iMyFone Technology Co., Ltd -> ) C:\Program Files (x86)\Common Files\iMyFone\Components\Resident\LocalService.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(spoolsv.exe ->) (CANON INC. -> CANON INC.) C:\Windows\System32\CNAB4RPD.EXE
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_4.2204.13303.0_x64__8wekyb3d8bbwe\Cortana.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_11.2210.0.0_x64__8wekyb3d8bbwe\CalculatorApp.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.23012.167.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18391120 2019-03-04] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [MouseDriver] => C:\WINDOWS\system32\TiltWheelMouse.exe [241152 2013-04-09] (Microsoft Windows Hardware Compatibility Publisher -> Pixart Imaging Inc)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [462328 2009-10-27] (Acronis, Inc -> Acronis)
HKLM-x32\...\Run: [adm_tray.exe] => C:\Program Files (x86)\Acronis\DriveMonitor\adm_tray.exe [530768 2010-06-04] (Acronis, Inc -> Acronis)
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\71.0.3.0\GoogleDriveFS.exe [52571928 2023-02-22] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\71.0.3.0\GoogleDriveFS.exe [52571928 2023-02-22] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-567959055-877555932-3223723616-1001\...\Run: [EasyPHP] => C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\EasyPHP-DevServer-14.1VC11.exe [279552 2014-01-09] (EasyPHP) [File not signed]
HKU\S-1-5-21-567959055-877555932-3223723616-1001\...\Run: [HotkeyP] => C:\Program Files\hotkeyp\HotkeyP.exe [147456 2012-11-20] (Petr Laštovička) [File not signed]
HKU\S-1-5-21-567959055-877555932-3223723616-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\71.0.3.0\GoogleDriveFS.exe [52571928 2023-02-22] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-567959055-877555932-3223723616-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\admin\AppData\Local\Microsoft\Teams\Update.exe [2587456 2023-02-20] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-567959055-877555932-3223723616-1001\...\Run: [MicrosoftEdgeAutoLaunch_29EBC4579851B72EE312C449CF839B1A] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4242384 2023-03-09] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-567959055-877555932-3223723616-1001\...\RunOnce: [Application Restart #2] => C:\Program Files\Microsoft Visual Studio\2022\Community\Common7\IDE\devenv.exe [1004480 2023-02-06] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-567959055-877555932-3223723616-1001\...\MountPoints2: {bc7d3332-a0f9-11ec-b7c8-9457a5edaf40} - "E:\WD SmartWare.exe" autoplay=true
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\71.0.3.0\GoogleDriveFS.exe [52571928 2023-02-22] (Google LLC -> Google, Inc.)
HKLM\...\Windows x64\Print Processors\hpcpp160: C:\Windows\System32\spool\prtprocs\x64\hpcpp160.dll [602912 2013-12-04] (Hewlett-Packard Company -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\CNAB4 Monitor: C:\WINDOWS\system32\CNAB4LMD.DLL [58880 2012-10-10] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\HP Universal Print Monitor: C:\WINDOWS\system32\HPMPW081.DLL [74016 2013-12-04] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM\...\Print\Monitors\HPMLM135: C:\WINDOWS\system32\hpmlm135.dll [237344 2013-12-04] (Hewlett-Packard Company -> Hewlett-Packard Company)
HKLM\...\Print\Monitors\PrimoMon: C:\WINDOWS\system32\Primomonnt.dll [95008 2015-09-01] (Nitro PDF Software -> )
HKLM\...\Print\Monitors\ZDesigner Language Monitor: C:\WINDOWS\system32\zdnNLM64.dll [645760 2021-02-03] (Microsoft Windows Hardware Compatibility Publisher -> Euro Plus d.o.o.)
HKLM\...\Print\Monitors\ZDesigner Port Monitor: C:\WINDOWS\system32\zdnPMS.dll [206032 2022-08-12] (Euro Plus d.o.o. -> Euro Plus d.o.o.)
HKLM\...\Print\Monitors\ZDesigner2 Language Monitor: C:\WINDOWS\system32\ZDesignerLM.dll [961632 2021-12-24] (Zebra Technologies Corporation -> Zebra Technologies Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\111.0.5563.65\Installer\chrmstp.exe [2023-03-14] (Google LLC -> Google LLC)
Startup: C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\chrome – zástupce.lnk [2023-01-30]
ShortcutTarget: chrome – zástupce.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
Startup: C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EasyPHP-DevServer-14.1VC11.exe [2014-01-09] (EasyPHP) [File not signed]
Startup: C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\thunderbird – zástupce.lnk [2022-10-31]
ShortcutTarget: thunderbird – zástupce.lnk -> C:\Program Files\Mozilla Thunderbird\thunderbird.exe (Mozilla Corporation -> Mozilla Corporation)
Startup: C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TOTALCMD64 – zástupce.lnk [2023-01-30]
ShortcutTarget: TOTALCMD64 – zástupce.lnk -> C:\Program Files\totalcmd\TOTALCMD64.EXE (Ghisler Software GmbH -> Ghisler Software GmbH)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Canon LBP2900 Status Window.lnk [2021-12-21]
ShortcutTarget: Canon LBP2900 Status Window.lnk -> C:\Windows\System32\spool\drivers\x64\3\CNAB4LAD.EXE (CANON INC. -> CANON INC.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SOLIDWORKS 2016 Rychlé spuštění.lnk [2021-11-15]
ShortcutTarget: SOLIDWORKS 2016 Rychlé spuštění.lnk -> C:\Windows\Installer\{768F3B65-1695-47B7-9002-B11400CB111D}\NewShortcut2_87EDF6C81D0A4B7B84F42FE0C6A9D608.exe (Flexera Software LLC) [File not signed]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SOLIDWORKS Nástroj pro stahování na pozadí.lnk [2021-11-15]
ShortcutTarget: SOLIDWORKS Nástroj pro stahování na pozadí.lnk -> C:\Program Files (x86)\Common Files\Manažer instalací SOLIDWORKS\BackgroundDownloading\sldBgDwld.exe (Dassault Systemes SolidWorks Corp. -> Dassault Systèmes SolidWorks Corp.)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0819FB25-04EC-445F-BE82-9A09B0964AE6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSFReport.exe [138328 2023-01-10] (HP Inc. -> HP Inc.)
Task: {127D5BA0-B9C3-43BD-BEED-B4A3DD1DFEF5} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MpCmdRun.exe [1592184 2023-02-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {147C811D-E8C5-4650-8ADC-661D0FCD0C1B} - System32\Tasks\Microsoft\VisualStudio\Updates\BackgroundDownload => C:\Program Files (x86)\Microsoft Visual Studio\Installer\resources\app\ServiceHub\Services\Microsoft.VisualStudio.Setup.Service\BackgroundDownload.exe [73648 2023-02-06] (Microsoft Corporation -> Microsoft)
Task: {1AAC70DF-DAC7-4859-8EAF-89DD78983587} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MpCmdRun.exe [1592184 2023-02-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {2CDDAF7A-8EAF-44DD-A630-224058756321} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [716704 2023-03-01] (Mozilla Corporation -> Mozilla Foundation)
Task: {311EB5D0-3570-403E-9A13-DE2B8D670493} - System32\Tasks\npcapwatchdog => C:\Program Files\Npcap\CheckStatus.bat [1145 2021-03-24] () [File not signed]
Task: {37F185F9-2FD1-4D4E-8054-4C132D4B72D2} - System32\Tasks\Probudit PC 7.45 po-pá => C:\Users\admin\Desktop\wake.bat [27 2023-01-26] () [File not signed]
Task: {3F955AB3-23DE-4EA6-8BF1-EE07E7F4A253} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [674720 2023-03-01] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {59E4F7B7-CA12-45D5-8AEE-FA53C1495B62} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPPrinterLowInk => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPPrinterLowInk\HPPrinterLowInk.exe [228888 2023-01-10] (HP Inc. -> HP Inc.)
Task: {7DC82039-D972-4EC5-9A11-599D4EC20DEB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2022-04-01] (Google Inc -> Google Inc.)
Task: {9D81A578-38E0-4C84-8443-864130E177C0} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1560056 2023-02-01] (Adobe Inc. -> Adobe Inc.)
Task: {ABEB1A4F-2159-464A-A0DC-321EC2C14041} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Update Notice => C:\Program Files (x86)\HP\HP Support Framework\Resources\BingPopup\BingPopup.exe [847392 2023-01-10] (HP Inc. -> HP Inc.)
Task: {B9B449DF-4DC0-4584-B9D6-04BCB2912B1F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MpCmdRun.exe [1592184 2023-02-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D7741F2B-8B82-4685-8DFD-E74E5C1FB62B} - System32\Tasks\update_company => C:\Users\admin\Documents\www\www.admin.loc\system\BAT\update_company.bat [1176 2022-01-18] () [File not signed]
Task: {EE2C95BB-E303-4CE1-BCCC-6076C278AAD0} - System32\Tasks\nWizard_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [1554120 2022-06-13] (Nvidia Corporation -> NVIDIA Corporation)
Task: {F286E52C-56EC-42D2-9179-9B6ACEBE4801} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MpCmdRun.exe [1592184 2023-02-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F8CAB140-C37E-478B-A395-7E3C0BE36937} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2022-04-01] (Google Inc -> Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\..\Interfaces\{b9f3719c-ace1-4167-aaa2-85c5dd728a98}: [NameServer] 192.168.11.1,8.8.8.8

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\admin\AppData\Local\Microsoft\Edge\User Data\Default [2023-03-14]
Edge Notifications: Default -> hxxps://teams.microsoft.com

FireFox:
========
FF DefaultProfile: tknw74kv.default
FF ProfilePath: C:\Users\admin\AppData\Roaming\Thunderbird___nová instalace\Profiles\tknw74kv.default [not found] <==== ATTENTION
FF DefaultProfile: iQsF42px.default
FF ProfilePath: C:\Users\admin\AppData\Roaming\Thunderbird___nová instalace\Profiles\u0ntw8kz.default-release [2021-11-15]
FF ProfilePath: C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\ntpvq0ak.default-release [2023-01-20]
FF ProfilePath: C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\iQsF42px.default [2023-03-13]
FF Homepage: Mozilla\Firefox\Profiles\iQsF42px.default -> hxxp://localhost/www.admin.loc/index.php?src=b35e&refres ... document=1
FF Session Restore: Mozilla\Firefox\Profiles\iQsF42px.default -> is enabled.
FF Notifications: Mozilla\Firefox\Profiles\iQsF42px.default -> hxxps://calendar.google.com; hxxps://www.digitaltrends.com; hxxps://my.netatmo.com; hxxps://aukro.cz; hxxps://www.machineseeker.co.uk; hxxps://www.heureka.cz; hxxps://r1132100503382-eu1-3dswym.3dexperience.3ds.com; hxxps://www.machineseeker.com
FF Extension: (Avira Browser Safety) - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\iQsF42px.default\Extensions\abs@avira.com.xpi [2022-05-02]
FF Extension: (Bing Search) - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\iQsF42px.default\Extensions\bingsearch.full@microsoft.com.xpi [2016-10-23] [Legacy]
FF Extension: (Český slovník pro kontrolu pravopisu) - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\iQsF42px.default\Extensions\cs@dictionaries.addons.mozilla.org.xpi [2021-06-21]
FF Extension: (Form History Control (II)) - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\iQsF42px.default\Extensions\formhistory@yahoo.com.xpi [2019-12-30]
FF Extension: (Lazarus: Form Recovery) - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\iQsF42px.default\Extensions\lazarus@interclue.com.xpi [2016-04-28] [Legacy]
FF Extension: (Textarea Cache) - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\iQsF42px.default\Extensions\{578e7caa-210f-4967-a0d3-88fe5b59a39f}.xpi [2017-06-05] [Legacy]
FF Extension: (Manipulist 3DViewer) - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\iQsF42px.default\Extensions\{93256482-e41a-49fd-9918-7cfcfe2eec5b}.xpi [2021-03-19]
FF SearchPlugin: C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\iQsF42px.default\searchplugins\bing-.xml [2016-10-23]
FF Plugin: 3ds.com/ComposerPlayerWebPlugin_x86_64 -> C:\PROGRA~1\SOLIDW~1\SOLIDW~3\Bin\NPCOMP~1.DLL [2016-10-13] (DASSAULT SYSTEMES SA -> Dassault Systemes)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2023-02-14] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: 3ds.com/ComposerPlayerWebPlugin -> C:\PROGRA~1\SOLIDW~1\SOLIDW~3\Bin\x86\NPCOMP~1.DLL [2016-10-13] (DASSAULT SYSTEMES SA -> Dassault Systemes)

Chrome:
=======
CHR Profile: C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default [2023-03-14]
CHR Notifications: Default -> hxxps://calendar.google.com; hxxps://teams.microsoft.com; hxxps://www.conrad.cz; hxxps://www.facebook.com; hxxps://www.youtube.com
CHR Extension: (Adblock na Youtube™) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2023-02-17]
CHR Extension: (AdBlock Suite) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gekoepiplklhniacchbbgbhilidiojmb [2023-02-17]
CHR Extension: (Dokumenty Google offline) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-02-17]
CHR Extension: (Chrome Remote Desktop) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\inomeogfingihgjfjlpeplalcfajhgai [2022-12-15]
CHR Extension: (Spouštěč aplikací pro Disk (od Googlu)) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2023-01-12]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-12-15]
CHR HKU\S-1-5-21-567959055-877555932-3223723616-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AcrSch2Svc; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [881688 2009-10-27] (Acronis, Inc -> Acronis)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-02-01] (Adobe Inc. -> Adobe Inc.)
R2 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\111.0.5563.12\remoting_host.exe [74520 2023-02-02] (Google LLC -> Google LLC)
R2 HPAppHelperCap; C:\Program Files\HP\HP Enabling Services\AppHelperCap.exe [797640 2023-01-10] (HP Inc. -> HP Inc.)
R2 HPDiagsCap; C:\Program Files\HP\HP Enabling Services\DiagsCap.exe [796616 2023-01-10] (HP Inc. -> HP Inc.)
R2 HPNetworkCap; C:\Program Files\HP\HP Enabling Services\NetworkCap.exe [793000 2023-01-10] (HP Inc. -> HP Inc.)
R2 HPSysInfoCap; C:\Program Files\HP\HP Enabling Services\SysInfoCap.exe [796584 2023-01-10] (HP Inc. -> HP Inc.)
R2 MFLocalService; C:\Program Files (x86)\Common Files\iMyFone\Components\Resident\LocalService.exe [54664 2022-04-28] (Shenzhen iMyFone Technology Co., Ltd -> )
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [50688 2013-11-14] (Hewlett-Packard) [File not signed]
R2 NVWMI; C:\WINDOWS\System32\DriverStore\FileRepository\nvwu.inf_amd64_422d09ccf7b0b873\NVWMI\nvWmi64.exe [4485232 2022-06-13] (Nvidia Corporation -> NVIDIA Corporation)
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [66048 2013-11-14] (Hewlett-Packard) [File not signed]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [224184 2023-02-16] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 SolidWorks Licensing Service; C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [79360 2021-11-15] (SolidWorks) [File not signed]
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [16518456 2022-12-12] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 VSStandardCollectorService150; C:\Program Files (x86)\Microsoft Visual Studio\Shared\Common\DiagnosticsHub.Collection.Service\StandardCollector.Service.exe [142304 2022-06-01] (Microsoft Corporation -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\NisSrv.exe [3191256 2023-02-15] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MsMpEng.exe [133576 2023-02-15] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvwu.inf_amd64_422d09ccf7b0b873\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvwu.inf_amd64_422d09ccf7b0b873\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R1 googledrivefs31092; C:\WINDOWS\System32\DRIVERS\googledrivefs31092.sys [384600 2023-02-06] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
R3 MpKslda300eb1; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{88E95FB3-AD75-44C6-820E-3B620DE4A3EF}\MpKslDrv.sys [214280 2023-03-14] (Microsoft Windows -> Microsoft Corporation)
R1 npcap; C:\WINDOWS\system32\DRIVERS\npcap.sys [71736 2021-08-30] (Insecure.Com LLC -> Insecure.Com LLC.)
S4 npcap_wifi; C:\WINDOWS\system32\DRIVERS\npcap.sys [71736 2021-08-30] (Insecure.Com LLC -> Insecure.Com LLC.)
R3 Ser2pl; C:\WINDOWS\system32\DRIVERS\ser2pl64.sys [92160 2008-10-27] (Microsoft Windows Hardware Compatibility Publisher -> Prolific Technology Inc.)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 t_mouse.sys; C:\WINDOWS\system32\DRIVERS\t_mouse.sys [6144 2013-04-09] (Microsoft Windows Hardware Compatibility Publisher -> )
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49576 2023-02-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [473336 2023-02-15] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [99576 2023-02-15] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-03-14 11:06 - 2023-03-14 11:06 - 000027946 _____ C:\Users\admin\Desktop\FRST.txt
2023-03-14 11:05 - 2023-03-14 11:05 - 002378752 _____ (Farbar) C:\Users\admin\Desktop\FRST64.exe
2023-03-14 09:56 - 2023-03-14 09:56 - 000006344 _____ C:\Users\admin\Desktop\conf__archer_230314__SG-S22-OS.bin
2023-03-13 10:56 - 2023-03-13 10:58 - 000000000 ____D C:\AdwCleaner
2023-03-13 10:54 - 2023-03-13 10:54 - 008791352 _____ (Malwarebytes) C:\Users\admin\Desktop\adwcleaner.exe
2023-03-13 09:40 - 2023-03-14 11:06 - 000000000 ____D C:\FRST
2023-03-13 09:36 - 2023-03-13 09:36 - 000048884 _____ C:\Users\admin\Downloads\Pohyb_25948539317_na_uctu_2601751263.pdf
2023-03-13 09:29 - 2023-03-13 09:31 - 000000000 ____D C:\Program Files\CrystalDiskInfo
2023-03-13 09:29 - 2023-03-13 09:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
2023-03-09 13:31 - 2023-03-09 13:31 - 000001219 _____ C:\Users\Public\Desktop\Acronis Drive Monitor.lnk
2023-03-09 13:31 - 2023-03-09 13:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis
2023-03-09 13:31 - 2023-03-09 13:31 - 000000000 ____D C:\ProgramData\Acronis
2023-03-09 13:31 - 2023-03-09 13:31 - 000000000 ____D C:\Program Files (x86)\Acronis
2023-03-09 13:30 - 2023-03-09 13:30 - 018230809 _____ (Acronis) C:\Users\admin\Downloads\Drive_Monitor_build_187.exe
2023-03-09 10:57 - 2023-03-09 10:57 - 000007468 _____ C:\Users\admin\Downloads\fv231007780-prehled-zasilek.xlsx
2023-03-06 19:47 - 2023-03-06 19:47 - 000000000 ____D C:\Program Files\Tesseract-OCR
2023-03-06 19:31 - 2023-03-06 19:31 - 002489901 _____ C:\Users\admin\Downloads\tesseract-main.zip
2023-03-02 16:19 - 2023-03-02 16:19 - 000134506 _____ C:\Users\admin\Downloads\formular (3).pdf
2023-03-01 17:32 - 2023-03-01 17:32 - 000215103 _____ C:\Users\admin\Downloads\formular (2).pdf
2023-03-01 12:20 - 2023-03-01 12:20 - 020217856 _____ C:\Users\admin\Downloads\python-3.3.1.msi
2023-03-01 12:13 - 2023-03-01 12:13 - 025325400 _____ (Python Software Foundation) C:\Users\admin\Downloads\python-3.11.2-amd64.exe
2023-03-01 11:14 - 2023-03-01 10:37 - 012745236 ____R C:\Users\admin\Desktop\screenshots-save.exe
2023-03-01 08:12 - 2023-03-01 11:38 - 000000000 ____D C:\Users\admin\AppData\Local\pyinstaller
2023-03-01 02:39 - 2023-03-13 11:00 - 000000000 ____D C:\Program Files\Mozilla Firefox
2023-02-23 22:06 - 2023-03-09 15:37 - 000000389 _____ C:\Users\admin\Desktop\!dpd.xls
2023-02-22 08:55 - 2023-02-22 14:58 - 000000024 _____ C:\Users\admin\Desktop\POZN.txt
2023-02-20 11:00 - 2023-02-20 11:00 - 000370968 _____ C:\Users\admin\Downloads\124753576.pdf
2023-02-20 07:57 - 2023-02-20 07:57 - 000002061 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk
2023-02-16 12:39 - 2023-02-16 12:39 - 000000000 ____D C:\Users\admin\.android
2023-02-16 12:39 - 2023-02-16 12:39 - 000000000 ____D C:\iMyfone
2023-02-16 12:37 - 2023-02-16 13:17 - 000000000 ____D C:\Program Files (x86)\iMyFone
2023-02-16 12:37 - 2023-02-16 12:37 - 000000000 ____D C:\Users\admin\AppData\Local\ProductData
2023-02-16 12:37 - 2023-02-16 12:37 - 000000000 ____D C:\Program Files (x86)\imyfone_down
2023-02-16 12:20 - 2023-02-16 12:20 - 001875224 _____ C:\Users\admin\Downloads\imyfone-lockwiper-android_setup-com_android.exe
2023-02-16 08:21 - 2023-02-16 08:21 - 000000000 ___HD C:\$WinREAgent
2023-02-15 18:37 - 2023-02-15 18:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tesseract-OCR
2023-02-15 18:37 - 2023-02-15 18:37 - 000000000 ____D C:\Program Files (x86)\Tesseract-OCR
2023-02-15 17:01 - 2023-02-15 17:01 - 000857596 _____ C:\Users\admin\Desktop\2Kladka padak.SLDPRT
2023-02-15 14:59 - 2023-02-15 14:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Python 2.7
2023-02-15 14:56 - 2023-02-15 14:57 - 020598784 _____ C:\Users\admin\Downloads\python-2.7.18.amd64.msi
2023-02-15 14:40 - 2023-02-15 14:40 - 000004859 _____ C:\Users\admin\Downloads\win32printing-0.1.3.tar.gz
2023-02-15 13:49 - 2023-02-15 13:49 - 000000000 ____D C:\Users\admin\AppData\Roaming\NuGet
2023-02-15 13:46 - 2023-02-15 13:46 - 000000000 ____D C:\Users\admin\.templateengine
2023-02-13 11:34 - 2023-02-13 11:34 - 000006312 _____ C:\Users\admin\Desktop\conf 2300213.bin

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-03-14 11:04 - 2022-04-01 05:31 - 000000000 ____D C:\Program Files (x86)\Google
2023-03-14 11:03 - 2022-02-14 08:19 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-03-14 11:03 - 2021-11-15 11:38 - 000000000 ____D C:\Users\admin\AppData\LocalLow\Mozilla
2023-03-14 11:03 - 2021-11-15 11:24 - 000000000 ___RD C:\Users\admin\OneDrive
2023-03-14 11:03 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-03-14 11:02 - 2023-01-13 11:43 - 000000000 ____D C:\Program Files\TeamViewer
2023-03-14 11:02 - 2021-11-20 05:37 - 000008192 ___SH C:\DumpStack.log.tmp
2023-03-14 11:02 - 2021-11-15 11:27 - 000000000 ____D C:\ProgramData\NVIDIA
2023-03-14 11:02 - 2020-11-19 00:46 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-03-14 11:02 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2023-03-14 10:58 - 2021-11-15 15:52 - 000000000 ____D C:\Users\admin\AppData\Local\TempAdresářZálohySW
2023-03-14 10:46 - 2021-11-15 11:31 - 000000000 ____D C:\Users\admin\Documents\INSTALL
2023-03-14 09:29 - 2021-11-15 12:31 - 000000342 _____ C:\Users\admin\Desktop\!zaslat.cz.csv
2023-03-14 08:30 - 2020-11-18 23:46 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-03-14 08:20 - 2022-12-15 16:32 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-03-13 19:07 - 2021-11-15 12:34 - 000000000 ____D C:\Users\admin\Documents\www
2023-03-13 18:55 - 2022-04-11 09:14 - 000002378 ____H C:\Users\admin\Documents\Default.rdp
2023-03-13 18:28 - 2021-11-15 12:23 - 000000000 ____D C:\Users\admin\Desktop\!VYDANÉ_FAKTURY
2023-03-13 16:15 - 2021-11-15 14:26 - 000000000 ____D C:\Users\admin\Documents\2.Suchomel PLASTY
2023-03-13 14:43 - 2021-11-29 19:48 - 000000000 ____D C:\ProgramData\Hewlett-Packard
2023-03-13 11:06 - 2020-11-19 00:55 - 001693576 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-03-13 11:06 - 2019-12-07 15:43 - 000716874 _____ C:\WINDOWS\system32\perfh005.dat
2023-03-13 11:06 - 2019-12-07 15:43 - 000145052 _____ C:\WINDOWS\system32\perfc005.dat
2023-03-13 11:06 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2023-03-13 11:00 - 2023-02-08 08:14 - 000000000 ____D C:\Program Files\Mozilla Thunderbird
2023-03-13 11:00 - 2021-11-15 11:36 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2023-03-13 10:58 - 2021-11-29 19:50 - 000000000 ____D C:\Users\admin\AppData\Roaming\Hewlett-Packard
2023-03-13 10:58 - 2021-11-29 19:48 - 000000000 ____D C:\Program Files (x86)\Hewlett-Packard
2023-03-13 09:50 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-03-13 09:50 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-03-13 08:51 - 2020-11-19 00:48 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-03-10 08:21 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2023-03-09 16:35 - 2021-11-15 11:37 - 000000000 ____D C:\Users\admin\AppData\Local\GHISLER
2023-03-09 16:08 - 2021-11-24 09:37 - 000000000 ____D C:\Users\admin\Documents\0.Nemovitost
2023-03-09 13:30 - 2021-11-15 11:22 - 000000000 ____D C:\Users\admin\AppData\Local\Packages
2023-03-09 08:51 - 2021-12-13 09:30 - 000003584 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-567959055-877555932-3223723616-1001
2023-03-09 08:51 - 2021-11-20 05:42 - 000003376 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-567959055-877555932-3223723616-1001
2023-03-09 08:51 - 2021-11-20 05:39 - 000002377 _____ C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-03-08 12:18 - 2021-11-15 12:31 - 000000328 _____ C:\Users\admin\Desktop\!podani_online.csv
2023-03-08 08:12 - 2019-12-07 15:45 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2023-03-02 07:32 - 2020-11-19 00:48 - 000003640 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-03-02 07:32 - 2020-11-19 00:48 - 000003516 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-03-01 11:34 - 2023-01-29 13:49 - 000000000 ____D C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Python 3.11
2023-03-01 11:34 - 2021-11-15 17:15 - 000000000 ____D C:\Users\admin\AppData\Local\Package Cache
2023-03-01 09:39 - 2021-11-20 05:42 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2023-03-01 09:39 - 2021-11-15 11:46 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2023-02-27 16:03 - 2021-11-22 08:52 - 000000000 ____D C:\Users\admin\AppData\Local\D3DSCache
2023-02-23 11:55 - 2021-11-15 13:29 - 000000000 ____D C:\Users\admin\Documents\podpisy
2023-02-23 10:20 - 2021-11-15 11:36 - 000001055 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Thunderbird.lnk
2023-02-23 09:15 - 2021-12-03 10:50 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2023-02-22 20:02 - 2022-04-01 05:32 - 000002057 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk
2023-02-20 07:57 - 2022-10-13 23:24 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2023-02-20 07:56 - 2022-06-24 07:45 - 000002364 _____ C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk
2023-02-17 18:00 - 2021-11-20 05:39 - 000000000 ____D C:\Users\admin
2023-02-17 18:00 - 2020-11-18 23:46 - 001440352 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-02-17 17:59 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2023-02-17 17:59 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-02-17 17:59 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2023-02-17 17:59 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2023-02-17 17:59 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2023-02-17 17:59 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-02-17 17:59 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\DDFs
2023-02-17 17:59 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2023-02-17 17:59 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-02-16 08:27 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-02-16 08:25 - 2020-11-19 00:48 - 003015680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-02-16 08:21 - 2021-11-15 15:42 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-02-16 08:17 - 2021-11-15 15:42 - 149955784 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-02-15 14:59 - 2021-11-15 16:17 - 000000000 ____D C:\Python27
2023-02-15 13:49 - 2023-02-06 13:03 - 000000000 ____D C:\Users\admin\Documents\Visual Studio 2022
2023-02-15 07:45 - 2020-11-19 00:46 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd

==================== Files in the root of some directories ========

2021-11-15 11:32 - 2016-04-21 07:31 - 000234863 _____ () C:\Program Files\hotkeyp.zip
2022-09-30 12:57 - 2022-09-30 12:57 - 000001425 _____ () C:\Users\admin\AppData\Local\recently-used.xbel
2022-01-07 14:21 - 2022-01-07 14:21 - 000000000 _____ () C:\Users\admin\AppData\Local\Temptable.xml

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-03-2023
Ran by admin (14-03-2023 11:07:34)
Running from C:\Users\admin\Desktop
Microsoft Windows 10 Pro Version 21H2 19044.2604 (X64) (2021-11-20 04:42:20)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

admin (S-1-5-21-567959055-877555932-3223723616-1001 - Administrator - Enabled) => C:\Users\admin
Administrator (S-1-5-21-567959055-877555932-3223723616-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-567959055-877555932-3223723616-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-567959055-877555932-3223723616-1000 - Limited - Disabled) => C:\Users\defaultuser0
Guest (S-1-5-21-567959055-877555932-3223723616-501 - Limited - Disabled)
printman (S-1-5-21-567959055-877555932-3223723616-1002 - Limited - Enabled)
WDAGUtilityAccount (S-1-5-21-567959055-877555932-3223723616-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (HKLM\...\{F8F948EA-5AEA-4158-8821-A2F788ECE936}) (Version: 16.2.1 - Hewlett-Packard) Hidden
Acronis Drive Monitor (HKLM-x32\...\{706AE61D-40A4-4F50-8359-FE8F6F7FA461}) (Version: 1.0.187 - Acronis)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1029-1033-7760-BC15014EA700}) (Version: 22.003.20322 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601042}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Application Verifier x64 External Package (HKLM\...\{2CBA883F-51A6-3D7D-DBB9-0527D39433CB}) (Version: 10.1.22000.832 - Microsoft) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Canon LBP2900 (HKLM\...\Canon LBP2900) (Version: - )
ClickOnce Bootstrapper Package for Microsoft .NET Framework (HKLM-x32\...\{22E13608-4DB0-4977-A267-3AAFA09CD54A}) (Version: 4.8.09037 - Microsoft Corporation) Hidden
CrystalDiskInfo 8.17.12 (HKLM\...\CrystalDiskInfo_is1) (Version: 8.17.12 - Crystal Dew World)
DiagnosticsHub_CollectionService (HKLM\...\{FECAFEB5-8D0E-4AE4-8FA0-745BAA835C35}) (Version: 17.3.32601 - Microsoft Corporation) Hidden
Dynamic Application Loader Host Interface Service (HKLM\...\{E3AB2E94-D548-48A7-9F0E-A44D82ED1D7A}) (Version: 1.0.0.0 - Intel Corporation) Hidden
eDrawings (HKLM\...\{99FC8D5C-67F0-4087-9BDF-FA5CC6702AEF}) (Version: 30.40.0011 - Společnost Dassault Systemes SolidWorks Corp)
Entity Framework 6.2.0 Tools for Visual Studio 2022 (HKLM-x32\...\{6D5C07E3-6A4D-4126-A7A7-8B6EFFE16E51}) (Version: 6.2.0.0 - Microsoft Corporation) Hidden
FreeCAD 0.20.0 (HKLM\...\FreeCAD0200) (Version: 0.20.0 - FreeCAD Team)
Google Drive (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 71.0.3.0 - Google LLC)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 111.0.5563.65 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.31.5 - Google Inc.) Hidden
HSMWorks x64 2016 R2.40513 (HKLM\...\{07404224-03A7-4ffc-9AFB-EC32BD898C55}_is1) (Version: 2016 R2.40513 - Autodesk, Inc.)
Chrome Remote Desktop Host (HKLM-x32\...\{947DBF18-E228-4F2D-9D2A-6FCA4B5AAE3C}) (Version: 111.0.5563.12 - Google LLC)
icecap_collection_neutral (HKLM-x32\...\{90819A24-C7DD-4956-8CBE-AE50B43D020D}) (Version: 17.4.33006 - Microsoft Corporation) Hidden
icecap_collection_x64 (HKLM\...\{7D6A7B92-A26B-4DC6-A51F-0D741C9BC70F}) (Version: 17.4.33006 - Microsoft Corporation) Hidden
icecap_collectionresources (HKLM-x32\...\{278641ED-D56B-43E0-AEDC-FFC14B038C74}) (Version: 17.4.33006 - Microsoft Corporation) Hidden
icecap_collectionresourcesx64 (HKLM-x32\...\{D8998F76-2D74-42E3-BCA4-D8D0F5D369CF}) (Version: 17.4.33006 - Microsoft Corporation) Hidden
Inkscape (HKLM-x32\...\Inkscape) (Version: 1.2.1- - Inkscape)
Intel(R) Chipset Device Software (HKLM\...\{66F00951-0E74-43E7-9182-084A681734D0}) (Version: 10.1.18228.8176 - Intel Corporation) Hidden
Intel(R) Icls (HKLM\...\{57640D80-A187-4A4F-BB91-7F2EF7AB5FE9}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) LMS (HKLM\...\{62609178-ECD7-473C-9D1F-9E0CF6927E45}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 2242.3.34.0 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{939DFEE4-2675-4B42-904B-B213B857E347}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{E4697D8A-D9C0-4BCE-AC7F-5A56DD250529}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Driver (HKLM\...\{EC8B054F-9D60-4AFC-9920-25ABFF987B29}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) ME WMI Provider (HKLM\...\{3C66C597-3BAA-403D-9BCD-561ED78B0F1B}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) SOL LMS Extension (HKLM\...\{D36619E0-ADBA-41C6-A5AC-222FCFBF762B}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel® Chipset Device Software (HKLM-x32\...\{c4a581e8-a702-448c-80c7-4b6192985db2}) (Version: 10.1.18228.8176 - Intel(R) Corporation)
IntelliTraceProfilerProxy (HKLM\...\{F8B9E8C8-61E8-4E9E-879D-F3F498AD0230}) (Version: 15.0.21225.01 - Microsoft Corporation) Hidden
IntelliTraceProfilerProxy (HKLM-x32\...\{C8891AD2-C223-45CD-A9BE-617A68923B61}) (Version: 15.0.21225.01 - Microsoft Corporation) Hidden
IrfanView 64 (remove only) (HKLM\...\IrfanView64) (Version: 4.42 - Irfan Skiljan)
Kits Configuration Installer (HKLM-x32\...\{CF83D17D-FB70-21A1-36E4-37EE7EC1B587}) (Version: 10.1.22000.832 - Microsoft) Hidden
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
LibreOffice 7.1.7.2 (HKLM\...\{9ED995EA-19B1-40AE-886A-339A3BECA977}) (Version: 7.1.7.2 - The Document Foundation)
Microsoft .NET 6.0 Templates 7.0.102 (x64) (HKLM\...\{48C24F32-A313-4B3C-B2C0-692D05461628}) (Version: 24.7.49407 - Microsoft Corporation) Hidden
Microsoft .NET 7.0 Templates 7.0.102 (x64) (HKLM\...\{406BB598-E5A9-454A-8719-82644CB09B03}) (Version: 28.5.33023 - Microsoft Corporation) Hidden
Microsoft .NET AppHost Pack - 6.0.13 (x64) (HKLM\...\{F612BCA2-6E26-4F93-834B-8877939C0293}) (Version: 48.55.52137 - Microsoft Corporation) Hidden
Microsoft .NET AppHost Pack - 6.0.13 (x64_arm) (HKLM\...\{93A17F63-9B12-48F6-86BD-84535F2955FA}) (Version: 48.55.52137 - Microsoft Corporation) Hidden
Microsoft .NET AppHost Pack - 6.0.13 (x64_arm64) (HKLM\...\{CC2A595B-74D2-45E6-8B53-45F20215850D}) (Version: 48.55.52137 - Microsoft Corporation) Hidden
Microsoft .NET AppHost Pack - 6.0.13 (x64_x86) (HKLM\...\{F285BA87-F560-4587-8C08-7BF5A4A68762}) (Version: 48.55.52137 - Microsoft Corporation) Hidden
Microsoft .NET AppHost Pack - 7.0.2 (x64) (HKLM\...\{D7A77FBE-E0E7-47D7-86B4-51CB65B502C0}) (Version: 56.11.53349 - Microsoft Corporation) Hidden
Microsoft .NET AppHost Pack - 7.0.2 (x64_arm) (HKLM\...\{A4CCC742-818F-4C8C-8B56-631F6F76C7C6}) (Version: 56.11.53349 - Microsoft Corporation) Hidden
Microsoft .NET AppHost Pack - 7.0.2 (x64_arm64) (HKLM\...\{BEB46B9B-6D72-46E5-968C-CDED3C01896B}) (Version: 56.11.53349 - Microsoft Corporation) Hidden
Microsoft .NET AppHost Pack - 7.0.2 (x64_x86) (HKLM\...\{8C89D103-57BE-4509-9752-B1CD9F12D0B9}) (Version: 56.11.53349 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.7.2 Targeting Pack (čeština) (HKLM-x32\...\{3DC65636-1EBB-41E9-836B-10174949883C}) (Version: 4.7.03062 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.7.2 Targeting Pack (HKLM-x32\...\{1784A8CD-F7FE-47E2-A87D-1F31E7242D0D}) (Version: 4.7.03062 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.8 SDK (čeština) (HKLM-x32\...\{84224644-1FA0-496E-8941-B1553C004E7A}) (Version: 4.8.03761 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.8 SDK (HKLM-x32\...\{949C0535-171C-480F-9CF4-D25C9E60FE88}) (Version: 4.8.03928 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.8 Targeting Pack (čeština) (HKLM-x32\...\{33D8579D-AE2C-45ED-9D16-08451BCC9B45}) (Version: 4.8.03761 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.8 Targeting Pack (HKLM-x32\...\{BAAF5851-0759-422D-A1E9-90061B597188}) (Version: 4.8.03761 - Microsoft Corporation) Hidden
Microsoft .NET Framework Cumulative Intellisense Pack for Visual Studio (čeština) (HKLM-x32\...\{EABEB841-5C97-4CE3-A4CF-64F5978D13B2}) (Version: 4.8.09037 - Microsoft Corporation) Hidden
Microsoft .NET Host - 7.0.2 (x64) (HKLM\...\{F0719345-342D-4A57-8EE4-30BF4FA3FBE9}) (Version: 56.11.53349 - Microsoft Corporation) Hidden
Microsoft .NET Host - 7.0.2 (x86) (HKLM-x32\...\{BDC8107C-65E1-41C2-BE5E-8E27D70AB3B4}) (Version: 56.11.53349 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 7.0.2 (x64) (HKLM\...\{BE394B10-AD5D-4503-9AA9-E79F953B30E3}) (Version: 56.11.53349 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 7.0.2 (x86) (HKLM-x32\...\{4FFCA92E-5974-473C-9239-516D02E11AEA}) (Version: 56.11.53349 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.13 (x64) (HKLM\...\{5F0DB006-2AE3-4D36-8077-65247FD687D4}) (Version: 48.55.52137 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.13 (x86) (HKLM-x32\...\{87EA745D-32DA-4DCA-9ED4-BF4BA6232E1E}) (Version: 48.55.52137 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 7.0.2 (x64) (HKLM\...\{AE2D80C7-F19D-463F-B48F-3F343806721C}) (Version: 56.11.53349 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 7.0.2 (x86) (HKLM-x32\...\{4B87C1C9-F1F5-4308-BE65-E23B51BACC60}) (Version: 56.11.53349 - Microsoft Corporation) Hidden
Microsoft .NET SDK 7.0.102 (x64) from Visual Studio (HKLM\...\{B3A63F4D-11C4-46FF-94C1-695633384F54}) (Version: 7.1.222.60703 - Microsoft Corporation)
Microsoft .NET Standard Targeting Pack - 2.1.0 (x64) (HKLM\...\{A7036CFB-B403-4598-85FF-D397ABB88173}) (Version: 24.0.28113 - Microsoft Corporation) Hidden
Microsoft .NET Targeting Pack - 6.0.13 (x64) (HKLM\...\{62E8F7DA-76C4-46BC-AB40-581C42EC5AFA}) (Version: 48.55.52137 - Microsoft Corporation) Hidden
Microsoft .NET Targeting Pack - 6.0.13 (x86) (HKLM-x32\...\{22AC2DC4-99C8-469F-837B-03AE342E3827}) (Version: 48.55.52137 - Microsoft Corporation) Hidden
Microsoft .NET Targeting Pack - 7.0.2 (x64) (HKLM\...\{C0E951A8-6B2D-45CB-869D-EC4BC950D1E7}) (Version: 56.11.53349 - Microsoft Corporation) Hidden
Microsoft .NET Targeting Pack - 7.0.2 (x86) (HKLM-x32\...\{6FE1E993-8813-44E5-945A-612BB76A99FA}) (Version: 56.11.53349 - Microsoft Corporation) Hidden
Microsoft .NET Toolset 7.0.102 (x64) (HKLM\...\{CD3AD81A-A806-473F-BB60-A402AFAD8D84}) (Version: 28.5.33023 - Microsoft Corporation) Hidden
Microsoft ASP.NET Core 6.0.13 Shared Framework (x64) (HKLM\...\{A6500837-F3BE-357E-9A21-6A78D098659F}) (Version: 6.0.13.22580 - Microsoft Corporation) Hidden
Microsoft ASP.NET Core 6.0.13 Shared Framework (x86) (HKLM-x32\...\{43E10FF2-0E80-3E13-8AD8-302355855BB3}) (Version: 6.0.13.22580 - Microsoft Corporation) Hidden
Microsoft ASP.NET Core 6.0.13 Targeting Pack (x64) (HKLM\...\{BED7E006-DA64-3E61-8836-A231C2F7DD81}) (Version: 6.0.13.22580 - Microsoft Corporation) Hidden
Microsoft ASP.NET Core 6.0.13 Targeting Pack (x86) (HKLM-x32\...\{A58EBFF5-0BF1-3F07-889B-31B20843BA1C}) (Version: 6.0.13.22580 - Microsoft Corporation) Hidden
Microsoft ASP.NET Core 7.0.2 Shared Framework (x64) (HKLM\...\{210A496F-E6CA-39C1-8FA4-1004059ED4E3}) (Version: 7.0.2.22606 - Microsoft Corporation) Hidden
Microsoft ASP.NET Core 7.0.2 Shared Framework (x86) (HKLM-x32\...\{4EDC2B14-E02A-37B9-810B-336C3DDA6424}) (Version: 7.0.2.22606 - Microsoft Corporation) Hidden
Microsoft ASP.NET Core 7.0.2 Targeting Pack (x64) (HKLM\...\{0C082AC1-36AD-3E86-B72D-16EF3A4D907F}) (Version: 7.0.2.22606 - Microsoft Corporation) Hidden
Microsoft ASP.NET Core 7.0.2 Targeting Pack (x86) (HKLM-x32\...\{85CECCAF-91AA-3D0E-8AA5-B68904EEBB85}) (Version: 7.0.2.22606 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 110.0.1587.69 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 110.0.1587.69 - Microsoft Corporation)
Microsoft Office 2003 Web Components (HKLM-x32\...\{90120000-00A4-0409-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-567959055-877555932-3223723616-1001\...\OneDriveSetup.exe) (Version: 23.038.0219.0001 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2019 (HKLM\...\{5BC7E9EB-13E8-45DB-8A60-F2481FEB4595}) (Version: 15.0.2000.5 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-567959055-877555932-3223723616-1001\...\Teams) (Version: 1.6.00.1381 - Microsoft Corporation)
Microsoft TestPlatform SDK Local Feed (HKLM-x32\...\{839C2D45-DDF6-432C-A6A2-C6AF2EF281BF}) (Version: 17.0.0.5175695 - Microsoft) Hidden
Microsoft Update Health Tools (HKLM\...\{89581302-705F-42C5-99B0-E368A845DAD5}) (Version: 3.70.0.0 - Microsoft Corporation)
Microsoft Visual Basic for Applications 7.1 (x64) (HKLM\...\{90120064-0070-0000-0000-4000000FF1CE}) (Version: 7.1.00.00 - Microsoft Corporation) Hidden
Microsoft Visual Basic for Applications 7.1 (x64) English (HKLM\...\{90F60409-7000-11D3-8CFE-0150048383C9}) (Version: 7.1.0.0 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.34.31931 (HKLM-x32\...\{d4cecf3b-b68f-4995-8840-52ea0fab646e}) (Version: 14.34.31931.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.34.31931 (HKLM-x32\...\{6ba9fb5e-8366-4cc4-bf65-25fe9819b2fc}) (Version: 14.34.31931.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.34.31931 (HKLM\...\{EAE242B1-0A26-485A-BFEB-0292EE9F03CB}) (Version: 14.34.31931 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Debug Runtime - 14.34.31931 (HKLM\...\{28E7B326-6E09-4960-88C1-AF305A11665C}) (Version: 14.34.31931 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.34.31931 (HKLM\...\{CF4C347D-954E-4543-88D2-EC17F07F466F}) (Version: 14.34.31931 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.34.31931 (HKLM-x32\...\{C2662EFF-06E6-4FD1-9D6D-FDCA91025757}) (Version: 14.34.31931 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Debug Runtime - 14.34.31931 (HKLM-x32\...\{26D20F81-7672-441B-9092-88E0D2409992}) (Version: 14.34.31931 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.34.31931 (HKLM-x32\...\{AB1BDF73-7393-42CE-812D-9A90918814D5}) (Version: 14.34.31931 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU (HKLM\...\Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU) (Version: - Microsoft Corporation)
Microsoft Visual Studio Installer (HKLM\...\{6F320B93-EE3C-4826-85E0-ADF79F8D4C61}) (Version: 3.4.2246.31370 - Microsoft Corporation)
Microsoft Visual Studio Setup Configuration (HKLM-x32\...\{B1CFE19E-298A-4D14-BACD-CAA36AC4895B}) (Version: 3.4.1128.26111 - Microsoft Corporation) Hidden
Microsoft Visual Studio Setup WMI Provider (HKLM-x32\...\{85516DED-4402-44CD-9D01-1D1F3D0C0178}) (Version: 3.4.1128.26111 - Microsoft Corporation) Hidden
Microsoft Web Deploy 4.0 (HKLM\...\{0C85743B-48E7-4948-96D6-C3BB90246418}) (Version: 10.0.5923 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 6.0.13 (x64) (HKLM\...\{8484730A-68A4-4C63-93B4-52628D3B488D}) (Version: 48.55.53270 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.13 (x86) (HKLM-x32\...\{ACFA81A9-FD2F-4731-BE64-9163E3E9FF58}) (Version: 48.55.53270 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 7.0.2 (x64) (HKLM\...\{B7177578-AF27-44BF-A0B1-8B9D6AF7ECC3}) (Version: 56.11.53361 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 7.0.2 (x86) (HKLM-x32\...\{B5CB1A18-CEB8-464B-B83C-556D1DDBF3B5}) (Version: 56.11.53361 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Targeting Pack - 6.0.13 (x64) (HKLM\...\{F3E2081B-744C-4023-A61E-EEAB556A2A33}) (Version: 48.55.53270 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Targeting Pack - 6.0.13 (x86) (HKLM-x32\...\{D73590E4-7314-4E3D-B2CB-B308B256D8AF}) (Version: 48.55.53270 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Targeting Pack - 7.0.2 (x64) (HKLM\...\{2505676D-0245-4775-B7BE-F4C1DDC902D8}) (Version: 56.11.53361 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Targeting Pack - 7.0.2 (x86) (HKLM-x32\...\{C6DF1343-B58A-44E4-B3FB-4C05649A7B59}) (Version: 56.11.53361 - Microsoft Corporation) Hidden
Microsoft.NET.Sdk.Android.Manifest-7.0.100 (x64) (HKLM\...\{FE768F65-89B5-40E5-9CE5-25D002197AE7}) (Version: 33.0.4 - Microsoft Corporation) Hidden
Microsoft.NET.Sdk.iOS.Manifest-7.0.100 (x64) (HKLM\...\{4491220D-21E8-4C34-84FC-F2659E08BF7E}) (Version: 16.1.17 - Microsoft Corporation) Hidden
Microsoft.NET.Sdk.MacCatalyst.Manifest-7.0.100 (x64) (HKLM\...\{C20CF802-93E3-4BF8-B2F0-8D0B9C826C00}) (Version: 16.1.17 - Microsoft Corporation) Hidden
Microsoft.NET.Sdk.macOS.Manifest-7.0.100 (x64) (HKLM\...\{1E665F2B-6760-42E4-8E97-02B10B97FBA2}) (Version: 13.0.17 - Microsoft Corporation) Hidden
Microsoft.NET.Sdk.Maui.Manifest-7.0.100 (x64) (HKLM\...\{B0FBA6B7-B985-4D20-AC10-7E16D4D8C9CB}) (Version: 7.0.52 - Microsoft Corporation) Hidden
Microsoft.NET.Sdk.tvOS.Manifest-7.0.100 (x64) (HKLM\...\{D98B986D-3D40-4E37-A584-F82381A3E74B}) (Version: 16.1.17 - Microsoft Corporation) Hidden
Microsoft.NET.Workload.Emscripten.net6.Manifest (x64) (HKLM\...\{754E7936-D264-406F-A76D-1C4E0102AE39}) (Version: 56.31.52114 - Microsoft Corporation) Hidden
Microsoft.NET.Workload.Emscripten.net7.Manifest (x64) (HKLM\...\{F99D901B-F288-4D79-ACAA-E31BE48D789D}) (Version: 56.31.52114 - Microsoft Corporation) Hidden
Microsoft.NET.Workload.Mono.Toolchain.net6.Manifest (x64) (HKLM\...\{8A4F7CD9-8D41-414C-8F68-6A3D291C16A4}) (Version: 56.3.53349 - Microsoft Corporation) Hidden
Microsoft.NET.Workload.Mono.Toolchain.net7.Manifest (x64) (HKLM\...\{A0F31B66-D366-4C0E-86B1-511DE274FE2D}) (Version: 56.3.53349 - Microsoft Corporation) Hidden
MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version: - Pavel Cvrcek)
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 110.0.1 (x64 cs)) (Version: 110.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 94.0.1 - Mozilla)
Mozilla Thunderbird (x64 cs) (HKLM\...\Mozilla Thunderbird 102.8.0 (x64 cs)) (Version: 102.8.0 - Mozilla)
MSI Development Tools (HKLM-x32\...\{95A498A9-5E6E-5779-1523-876224F41F94}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Npcap (HKLM-x32\...\NpcapInst) (Version: 1.55 - Nmap Project)
NVIDIA Ovladač HD audia 1.3.39.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.39.3 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 516.40 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 516.40 - NVIDIA Corporation)
NVIDIA RTX Desktop Manager 202.85 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView) (Version: 202.85 - NVIDIA Corporation)
PrimoPDF -- brought to you by Nitro PDF Software (HKLM-x32\...\PrimoPDF) (Version: 5 - Nitro PDF Software)
PSPad editor (HKLM-x32\...\PSPad editor_is1) (Version: 4.6.1.2730 - Jan Fiala)
PuTTY release 0.71 (64-bit) (HKLM\...\{B27534DB-4F72-4F49-A3AD-5EC1B6901E5E}) (Version: 0.71.0.0 - Simon Tatham)
Python 2.7.18 (64-bit) (HKLM\...\{A5F504DF-2ED9-4A2D-A2F3-9D2750DD42D6}) (Version: 2.7.18150 - Python Software Foundation)
Python 3.10.0 (64-bit) (HKU\S-1-5-21-567959055-877555932-3223723616-1001\...\{21b42743-c8f9-49d7-b8b6-b5855317c7ed}) (Version: 3.10.150.0 - Python Software Foundation)
Python 3.10.0 Core Interpreter (64-bit) (HKLM\...\{B137EFE9-BD8A-4138-AC7F-360461C4EEAF}) (Version: 3.10.150.0 - Python Software Foundation) Hidden
Python 3.10.0 Development Libraries (64-bit) (HKLM\...\{A8E320AF-B8C7-493C-97D8-6328C1CE721B}) (Version: 3.10.150.0 - Python Software Foundation) Hidden
Python 3.10.0 Documentation (64-bit) (HKLM\...\{23A78F0F-0B41-497A-BB67-7E9AC3C20351}) (Version: 3.10.150.0 - Python Software Foundation) Hidden
Python 3.10.0 Executables (64-bit) (HKLM\...\{D623791F-7EBA-4794-BF56-79D4CFC6BE65}) (Version: 3.10.150.0 - Python Software Foundation) Hidden
Python 3.10.0 pip Bootstrap (64-bit) (HKLM\...\{D545AFB9-E0E8-4B43-897A-0EB97ED46859}) (Version: 3.10.150.0 - Python Software Foundation) Hidden
Python 3.10.0 Standard Library (64-bit) (HKLM\...\{BB3BA776-4C84-43FB-9CE6-5A37FFC23032}) (Version: 3.10.150.0 - Python Software Foundation) Hidden
Python 3.10.0 Tcl/Tk Support (64-bit) (HKLM\...\{AE37C7FB-835D-4E31-851E-801D5C659A3E}) (Version: 3.10.150.0 - Python Software Foundation) Hidden
Python 3.10.0 Test Suite (64-bit) (HKLM\...\{6B61C3C6-43DE-4D58-BDC4-76170C7C7C32}) (Version: 3.10.150.0 - Python Software Foundation) Hidden
Python 3.10.0 Utility Scripts (64-bit) (HKLM\...\{578C5B87-CBE0-4720-90C0-46A917C4FE5C}) (Version: 3.10.150.0 - Python Software Foundation) Hidden
Python 3.11.0 (32-bit) (HKU\S-1-5-21-567959055-877555932-3223723616-1001\...\{8bb2e8e4-a699-403d-be05-4e00aa0632fd}) (Version: 3.11.150.0 - Python Software Foundation)
Python 3.11.0 Core Interpreter (32-bit) (HKLM-x32\...\{71EC41D8-507E-40C8-AF95-53FE5BA4ED34}) (Version: 3.11.150.0 - Python Software Foundation) Hidden
Python 3.11.0 Development Libraries (32-bit) (HKLM-x32\...\{DDE3E99C-F86A-436D-91F9-304F3C00370C}) (Version: 3.11.150.0 - Python Software Foundation) Hidden
Python 3.11.0 Documentation (32-bit) (HKLM-x32\...\{5E6FBC90-4180-491B-8DF3-387E9C505621}) (Version: 3.11.150.0 - Python Software Foundation) Hidden
Python 3.11.0 Executables (32-bit) (HKLM-x32\...\{869D67C8-AE2E-43F3-96C2-85927E4A7380}) (Version: 3.11.150.0 - Python Software Foundation) Hidden
Python 3.11.0 pip Bootstrap (32-bit) (HKLM-x32\...\{D070AAAA-0D89-4DCA-901A-BC79F5E2276F}) (Version: 3.11.150.0 - Python Software Foundation) Hidden
Python 3.11.0 Standard Library (32-bit) (HKLM-x32\...\{7565E13F-F118-44FD-B7E9-6E673A6B3A9D}) (Version: 3.11.150.0 - Python Software Foundation) Hidden
Python 3.11.0 Tcl/Tk Support (32-bit) (HKLM-x32\...\{0D26C541-D790-4E31-9B16-0C65969AA44C}) (Version: 3.11.150.0 - Python Software Foundation) Hidden
Python 3.11.0 Test Suite (32-bit) (HKLM-x32\...\{2652ADDA-74F2-4C40-BC75-E049A19BEE3F}) (Version: 3.11.150.0 - Python Software Foundation) Hidden
Python 3.11.0 Utility Scripts (32-bit) (HKLM-x32\...\{EFE290C7-EDE6-4C22-A11F-71D3E45C3305}) (Version: 3.11.150.0 - Python Software Foundation) Hidden
Python 3.11.1 (64-bit) (HKU\S-1-5-21-567959055-877555932-3223723616-1001\...\{fca95908-8c70-405d-9e72-cd746e2f7786}) (Version: 3.11.1150.0 - Python Software Foundation)
Python 3.11.1 Core Interpreter (64-bit) (HKLM\...\{5D1EFF51-4740-4E62-8E49-11C13DEC34C3}) (Version: 3.11.1150.0 - Python Software Foundation) Hidden
Python 3.11.1 Development Libraries (64-bit) (HKLM\...\{988799D6-A7CE-4F51-89AF-1E4A64FA7ECA}) (Version: 3.11.1150.0 - Python Software Foundation) Hidden
Python 3.11.1 Documentation (64-bit) (HKLM\...\{5EB7FFE8-5B05-4DD3-9DE0-D0F20D93FA6C}) (Version: 3.11.1150.0 - Python Software Foundation) Hidden
Python 3.11.1 Executables (64-bit) (HKLM\...\{A7DE96A8-2F75-44B2-B46E-5D50DE5B1B80}) (Version: 3.11.1150.0 - Python Software Foundation) Hidden
Python 3.11.1 pip Bootstrap (64-bit) (HKLM\...\{C5FAF3D9-A03D-4F6A-AAC9-87735DDA5DCF}) (Version: 3.11.1150.0 - Python Software Foundation) Hidden
Python 3.11.1 Standard Library (64-bit) (HKLM\...\{21EEFB31-6A96-4CAE-9A3B-B7FD6374C155}) (Version: 3.11.1150.0 - Python Software Foundation) Hidden
Python 3.11.1 Tcl/Tk Support (64-bit) (HKLM\...\{66CA643F-68B2-4063-8F87-34D48A2C49ED}) (Version: 3.11.1150.0 - Python Software Foundation) Hidden
Python 3.11.1 Test Suite (64-bit) (HKLM\...\{EFFC2C23-AEE2-4867-998C-5F5A902496C0}) (Version: 3.11.1150.0 - Python Software Foundation) Hidden
Python 3.11.1 Utility Scripts (64-bit) (HKLM\...\{E63D4F21-1B1F-43DC-9347-4FB51A71704C}) (Version: 3.11.1150.0 - Python Software Foundation) Hidden
Python 3.9.7 (64-bit) (HKU\S-1-5-21-567959055-877555932-3223723616-1001\...\{0f0bf1a5-3ec1-459b-ab7c-916db941f50d}) (Version: 3.9.7150.0 - Python Software Foundation)
Python 3.9.7 Core Interpreter (64-bit symbols) (HKLM\...\{19CCBF82-F32C-4F9B-A25A-C18CA0229930}) (Version: 3.9.7150.0 - Python Software Foundation) Hidden
Python 3.9.7 Core Interpreter (64-bit) (HKLM\...\{88D4EF59-607D-43AD-B7C7-F5A753740FD1}) (Version: 3.9.7150.0 - Python Software Foundation) Hidden
Python 3.9.7 Development Libraries (64-bit) (HKLM\...\{97496FC6-5044-4A2A-BACD-40A44F38D483}) (Version: 3.9.7150.0 - Python Software Foundation) Hidden
Python 3.9.7 Documentation (64-bit) (HKLM\...\{AA408E09-EBB3-470F-8D63-5AA0C46C2DA2}) (Version: 3.9.7150.0 - Python Software Foundation) Hidden
Python 3.9.7 Executables (64-bit symbols) (HKLM\...\{FA525B0C-1DC4-4733-895E-FC0BB30229C9}) (Version: 3.9.7150.0 - Python Software Foundation) Hidden
Python 3.9.7 Executables (64-bit) (HKLM\...\{870EC220-FEAE-481D-8B29-B4B0DF5402FA}) (Version: 3.9.7150.0 - Python Software Foundation) Hidden
Python 3.9.7 pip Bootstrap (64-bit) (HKLM\...\{F1280AA2-AAC3-41AB-9616-CCF00814E626}) (Version: 3.9.7150.0 - Python Software Foundation) Hidden
Python 3.9.7 Standard Library (64-bit symbols) (HKLM\...\{AB1F1505-63F0-4E88-874D-55448A1020C4}) (Version: 3.9.7150.0 - Python Software Foundation) Hidden
Python 3.9.7 Standard Library (64-bit) (HKLM\...\{05903EEF-72A2-4C1A-AD35-41AD6C7094A8}) (Version: 3.9.7150.0 - Python Software Foundation) Hidden
Python 3.9.7 Tcl/Tk Support (64-bit symbols) (HKLM\...\{F9100C91-CF07-4FAE-A017-7E6A57FAF41D}) (Version: 3.9.7150.0 - Python Software Foundation) Hidden
Python 3.9.7 Tcl/Tk Support (64-bit) (HKLM\...\{6E8EAD3C-6F0C-494C-9C12-E10C5B5EE7EA}) (Version: 3.9.7150.0 - Python Software Foundation) Hidden
Python 3.9.7 Test Suite (64-bit symbols) (HKLM\...\{EA4833F1-B32B-4D49-81C8-E28B67E87590}) (Version: 3.9.7150.0 - Python Software Foundation) Hidden
Python 3.9.7 Test Suite (64-bit) (HKLM\...\{67D79D6E-8497-4EE6-850B-834D3A27553F}) (Version: 3.9.7150.0 - Python Software Foundation) Hidden
Python 3.9.7 Utility Scripts (64-bit) (HKLM\...\{4110826A-903C-410C-9785-7848A51B9CC9}) (Version: 3.9.7150.0 - Python Software Foundation) Hidden
Python Launcher (HKLM-x32\...\{8A19B72D-62A8-4198-BEBD-CAEF117194C8}) (Version: 3.11.8009.0 - Python Software Foundation)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8644 - Realtek Semiconductor Corp.)
SDK ARM Additions (HKLM-x32\...\{BD786819-AA80-7B18-125D-AA03AAF2759B}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
SDK ARM Redistributables (HKLM-x32\...\{4349F57C-0C9C-C16B-9A40-E7B406C451E2}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
SOLIDWORKS 2016 x64 Czech Resources (HKLM\...\{BD37B53B-592C-41B4-BECA-D156E3D0B058}) (Version: 24.150.58 - Dassault Systemes SolidWorks Corp) Hidden
SOLIDWORKS 2016 x64 Edition SP05 (HKLM\...\{768F3B65-1695-47B7-9002-B11400CB111D}) (Version: 24.150.58 - Dassault Systemes SolidWorks Corp) Hidden
SOLIDWORKS 2016 x64 Edition SP05 (HKLM-x32\...\SolidWorks Installation Manager 20160-40500-1100-100) (Version: 24.5.0.58 - SolidWorks Corporation)
SOLIDWORKS Composer Player 2016 SP05 x64 Edition (HKLM\...\{8537E059-C18B-4DE6-AED6-CD9B90240C35}) (Version: 24.50.58 - Dassault Systemes SolidWorks Corp) Hidden
SOLIDWORKS eDrawings 2016 x64 Edition SP05 (HKLM\...\{12339098-76B6-47CD-B52A-52E4809108F6}) (Version: 16.5.0084 - Společnost Dassault Systemes SolidWorks Corp) Hidden
SOLIDWORKS Explorer 2016 SP05 x64 Edition (HKLM\...\{41E08694-1890-4B39-9D1C-B9D27A1D67B3}) (Version: 24.50.58 - Společnost Dassault Systemes SolidWorks Corp) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.19.63 - Synaptics Incorporated)
TeamViewer (HKLM\...\TeamViewer) (Version: 15.37.3 - TeamViewer)
Tesseract-OCR - open source OCR engine (HKLM\...\Tesseract-OCR) (Version: 5.3.0.20221222 - Tesseract-OCR community)
Tesseract-OCR - open source OCR engine (HKLM-x32\...\Tesseract-OCR) (Version: 5.3.0.20221222 - Tesseract-OCR community)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 10.00 - Ghisler Software GmbH)
UltraVnc (HKLM\...\Ultravnc2_is1) (Version: 1.3.8.1 - uvnc bvba)
Universal CRT Extension SDK (HKLM-x32\...\{90AAE845-42CE-EC12-4041-8ADF7BE765E7}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (HKLM-x32\...\{98D5C5AA-993C-1371-C7AF-8F8A0E8CAF86}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Universal CRT Redistributable (HKLM-x32\...\{0460C87B-7F4C-3170-FAC9-B7A6AE5CE4E9}) (Version: 10.0.26624 - Microsoft Corporation) Hidden
Universal CRT Redistributable (HKLM-x32\...\{8EC1DC78-0A65-B6AC-664D-DFB3AC8E9736}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Universal CRT Tools x64 (HKLM\...\{82F9F289-6088-8F39-1918-A45315FEF99A}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Universal CRT Tools x86 (HKLM-x32\...\{A829BD53-4BE5-23F2-C4A8-026CB5D47ECF}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Universal General MIDI DLS Extension SDK (HKLM-x32\...\{D62BC488-4C4A-BF17-A0CE-21B4BF8F9B30}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{8F2D6CEB-BC98-4B69-A5C1-78BED238FE77}) (Version: 2.71.0.0 - Microsoft Corporation) Hidden
Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{0746492E-47B6-4251-940C-44462DFD74BB}) (Version: 2.55.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{76A22428-2400-4521-96AF-7AC4A6174CA5}) (Version: 1.25.0.0 - Microsoft Corporation) Hidden
vcpp_crt.redist.clickonce (HKLM-x32\...\{CFF203A1-51CB-42FE-9997-B6B01371AF30}) (Version: 14.34.31931 - Microsoft Corporation) Hidden
Visual Studio Community 2022 (HKLM-x32\...\f3f14e08) (Version: 17.4.4 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.16 - VideoLAN)
VS Immersive Activate Helper (HKLM-x32\...\{0B826206-3626-4E96-A675-0BDE6B8711B6}) (Version: 17.0.118.0 - Microsoft Corporation) Hidden
VS JIT Debugger (HKLM\...\{7B8542BA-01E4-43EB-A172-1DA975AFD00B}) (Version: 17.0.118.0 - Microsoft Corporation) Hidden
VS Script Debugging Common (HKLM\...\{C8EA234A-FC2F-4EEC-BF7F-DB14C28C84D2}) (Version: 17.0.118.0 - Microsoft Corporation) Hidden
vs_BlendMsi (HKLM-x32\...\{8C14D3DF-69AD-443A-A607-B4B1BE9575CC}) (Version: 17.4.33006 - Microsoft Corporation) Hidden
vs_clickoncebootstrappermsi (HKLM-x32\...\{6AF210BE-348B-4156-8B2E-CD57FC573ABD}) (Version: 17.4.33006 - Microsoft Corporation) Hidden
vs_clickoncebootstrappermsires (HKLM-x32\...\{3826E149-22D5-470D-B8A7-D11244EA2720}) (Version: 17.4.33006 - Microsoft Corporation) Hidden
vs_clickoncesigntoolmsi (HKLM-x32\...\{7B907A0B-2606-42EB-A880-80E1F6AA4C48}) (Version: 17.4.33006 - Microsoft Corporation) Hidden
vs_communitymsires (HKLM-x32\...\{F48F6538-AB3C-4FD1-8ACE-0E5A861EC43C}) (Version: 17.4.33006 - Microsoft Corporation) Hidden
vs_communitysharedmsi (HKLM-x32\...\{B56EF9C1-B982-45B1-BEB5-3C8F50B21CF2}) (Version: 17.4.33006 - Microsoft Corporation) Hidden
vs_communityx64msi (HKLM\...\{9BF7BDD3-62E8-4E47-AF96-13EA1EB853AD}) (Version: 17.4.33006 - Microsoft Corporation) Hidden
vs_CoreEditorFonts (HKLM-x32\...\{667150AA-8DA3-433E-91EC-88BD8730D32A}) (Version: 17.4.33213 - Microsoft Corporation)
vs_devenvsharedmsi (HKLM-x32\...\{04D84C30-B442-49D2-A139-B8AAA7ACD445}) (Version: 17.4.33006 - Microsoft Corporation) Hidden
vs_devenx64vmsi (HKLM\...\{0DE775A3-1C63-4210-9CDC-D23F5330D715}) (Version: 17.4.33006 - Microsoft Corporation) Hidden
vs_filehandler_amd64 (HKLM-x32\...\{12B0A225-610B-43DA-8585-E2EAD563D611}) (Version: 17.4.33006 - Microsoft Corporation) Hidden
vs_filehandler_x86 (HKLM-x32\...\{56373DD6-9A8E-4C0C-95F6-F64DF2054A6F}) (Version: 17.4.33006 - Microsoft Corporation) Hidden
vs_FileTracker_Singleton (HKLM-x32\...\{49559293-3192-40D3-864C-5AB88E744A79}) (Version: 17.4.33006 - Microsoft Corporation) Hidden
vs_Graphics_Singletonx64 (HKLM\...\{9138874C-2D20-46BC-84BC-A13B31DF8955}) (Version: 17.4.33006 - Microsoft Corporation) Hidden
vs_Graphics_Singletonx86 (HKLM-x32\...\{9D4033AD-2990-469B-A2CC-CEE9A707106A}) (Version: 17.4.33006 - Microsoft Corporation) Hidden
vs_minshellinteropsharedmsi (HKLM-x32\...\{1EF48E65-5B07-4502-B6C2-43BC8311DAC3}) (Version: 17.4.33006 - Microsoft Corporation) Hidden
vs_minshellinteropx64msi (HKLM\...\{5691C5AB-0847-4862-8C49-43245E7DCE2C}) (Version: 17.4.33006 - Microsoft Corporation) Hidden
vs_minshellmsires (HKLM-x32\...\{988A9E72-24DF-4FC8-9F94-E2BFDAE40397}) (Version: 17.4.33006 - Microsoft Corporation) Hidden
vs_minshellsharedmsi (HKLM-x32\...\{C32CB038-8A83-4860-853F-9168214E3536}) (Version: 17.4.33006 - Microsoft Corporation) Hidden
vs_minshellx64msi (HKLM\...\{1AB2F81F-A360-4BE1-B68F-B50F0609A1AE}) (Version: 17.4.33006 - Microsoft Corporation) Hidden
vs_SQLClickOnceBootstrappermsi (HKLM-x32\...\{8C352959-35A5-40CA-A49C-91B349AB2778}) (Version: 17.4.33006 - Microsoft Corporation) Hidden
vs_tipsmsi (HKLM-x32\...\{6A7EA630-41A1-455D-849D-2AA2D1420236}) (Version: 17.4.33006 - Microsoft Corporation) Hidden
vs_vswebprotocolselectormsi (HKLM-x32\...\{ACBBFCA9-A48A-425A-BF50-B6FB8EFE7934}) (Version: 17.4.33006 - Microsoft Corporation) Hidden
vs_vswebprotocolselectormsires (HKLM-x32\...\{2BC745F0-9928-46F2-949C-0966D3826611}) (Version: 17.4.33006 - Microsoft Corporation) Hidden
Vzdálená plocha Chrome (HKU\S-1-5-21-567959055-877555932-3223723616-1001\...\b6c3e8b3f73bd926a7cca588d89cd991) (Version: 1.0 - Google\Chrome)
WinAppDeploy (HKLM-x32\...\{8E3AB865-9E38-1E5F-7B49-C8E3A70C6303}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Windows App Certification Kit Native Components (HKLM\...\{69331A50-908A-0745-CFCF-8413360C5B96}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Windows App Certification Kit SupportedApiList x86 (HKLM-x32\...\{81D4E442-F6C5-DF4B-DEF8-76E51ACC56F8}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Windows App Certification Kit x64 (HKLM-x32\...\{FD68622A-634F-FB49-6E94-E21A451A3B5A}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Windows Desktop Extension SDK (HKLM-x32\...\{3F737DA8-C5B7-8740-6B07-BA73B5E62CDF}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Windows Desktop Extension SDK Contracts (HKLM-x32\...\{D54B24F7-43DE-C7BF-3A5C-83F9E8E0700D}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Windows IoT Extension SDK (HKLM-x32\...\{5B64C01B-2798-A2F6-89C3-AC03906F8788}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Windows IoT Extension SDK Contracts (HKLM-x32\...\{1FF69612-5A91-3565-7EE3-0539A04E3B8D}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Windows Mobile Extension SDK (HKLM-x32\...\{DF2A6855-DB81-9047-3033-8D6AC6055AEF}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Windows Mobile Extension SDK Contracts (HKLM-x32\...\{8EDE105B-885A-D173-50F8-F50F39C51CF9}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Windows SDK (HKLM-x32\...\{2D2EBB11-484D-8F73-FA25-3FFABCE371F0}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Windows SDK AddOn (HKLM-x32\...\{15941C7F-810D-41DF-8C5A-8D0490277AFB}) (Version: 10.1.0.0 - Microsoft Corporation)
Windows SDK ARM Desktop Tools (HKLM-x32\...\{A99B19D4-7F87-03E5-B4A8-80420ECD7F53}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Windows SDK Desktop Headers arm (HKLM-x32\...\{C7C68DA0-8501-16DD-1E6A-6C34AAA28F21}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Windows SDK Desktop Headers arm64 (HKLM-x32\...\{30092A0E-1D50-8D66-E5EB-01F6AA8C1FFE}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Windows SDK Desktop Headers x64 (HKLM-x32\...\{C47F0820-6424-AE53-6BAF-2D41E829C855}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Windows SDK Desktop Headers x86 (HKLM-x32\...\{6F1B1243-7C12-5398-F575-5102906569A6}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Windows SDK Desktop Libs arm (HKLM-x32\...\{6221E085-FE37-1068-E6D7-9D08ABD32AE2}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Windows SDK Desktop Libs arm64 (HKLM-x32\...\{82931C8D-83CC-CF2E-F4FA-9AF0829BCA22}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Windows SDK Desktop Libs x64 (HKLM-x32\...\{1A457607-6262-3949-63D4-E1F85A3D95FD}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Windows SDK Desktop Libs x86 (HKLM-x32\...\{7CAF3DA2-79F6-C0DB-6C56-2462C8C4914C}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Windows SDK Desktop Tools arm64 (HKLM-x32\...\{54E5E684-132E-23D3-CBF6-962122E2C568}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Windows SDK Desktop Tools x64 (HKLM-x32\...\{E5715C32-34B0-6F8E-81B8-13FB19B1B682}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Windows SDK Desktop Tools x86 (HKLM-x32\...\{02594FB6-9905-CBB9-10E8-EFCFB7122D7C}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Windows SDK DirectX x64 Remote (HKLM\...\{0B12F7E3-EDAA-AF92-20BB-88540FEF54BA}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Windows SDK DirectX x86 Remote (HKLM-x32\...\{B9A2EE66-E1B9-ED85-E75B-041A348EB46D}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Windows SDK EULA (HKLM-x32\...\{93F9D7FA-F2FD-837D-E53F-D79767071E44}) (Version: 10.1.22000.832 - Microsoft Corporations) Hidden
Windows SDK Facade Windows WinMD Versioned (HKLM-x32\...\{31B6D021-BC97-82C5-9C42-16AB86C37215}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Windows SDK for Windows Store Apps (HKLM-x32\...\{CFC51C75-8F08-1968-BC86-70A396D353D9}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Windows SDK for Windows Store Apps Contracts (HKLM-x32\...\{AD3B32A0-5F71-DE89-B55A-9E85964186D8}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Windows SDK for Windows Store Apps DirectX x86 Remote (HKLM-x32\...\{31A3EB09-E226-B0E5-FA70-FF4B3CAD2ECF}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Windows SDK for Windows Store Apps Headers (HKLM-x32\...\{A1DA436A-2FA4-FDC2-9B0A-FBB40CF0499D}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Windows SDK for Windows Store Apps Libs (HKLM-x32\...\{C8977C7D-F685-8282-3C78-6276E03E3B32}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Windows SDK for Windows Store Apps Metadata (HKLM-x32\...\{7907F380-3CFD-247C-9DFC-A23CED2012F8}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Windows SDK for Windows Store Apps Tools (HKLM-x32\...\{68F11757-8C35-BEB6-2AED-6F7C6CC5B8C0}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Windows SDK for Windows Store Managed Apps Libs (HKLM-x32\...\{B0CB401F-F1EF-E63C-8191-9A447FC24C58}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Windows SDK Modern Non-Versioned Developer Tools (HKLM-x32\...\{FA582B75-7D9C-2717-5E64-1A8CC5E46ABD}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Windows SDK Modern Versioned Developer Tools (HKLM-x32\...\{EA338ECA-C63F-4BD6-B66F-274433C75A49}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Windows SDK Redistributables (HKLM-x32\...\{7DBE357D-2AA2-7B68-267E-F8DAEB182D6F}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Windows SDK Signing Tools (HKLM-x32\...\{0F5E7D7D-8969-DC1B-205D-024FB54A0417}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Windows Software Development Kit - Windows 10.0.22000.832 (HKLM-x32\...\{d6a76ead-c762-4d93-9c24-1fa3efa1e12d}) (Version: 10.1.22000.832 - Microsoft Corporation)
Windows Team Extension SDK (HKLM-x32\...\{14705B25-5AC2-82AC-DB79-A35219016ABB}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Windows Team Extension SDK Contracts (HKLM-x32\...\{5F1D4DE5-BFF3-503B-D05F-40ED6927DE17}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
WinRT Intellisense Desktop - en-us (HKLM-x32\...\{FBF034E1-563E-1F9D-DC45-491BB88E9B9E}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
WinRT Intellisense Desktop - Other Languages (HKLM-x32\...\{837DD890-14CE-9EB3-E8E1-F96A7EE5CFE5}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - en-us (HKLM-x32\...\{823E92A6-7572-174D-0671-95A55785F991}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - Other Languages (HKLM-x32\...\{3A8F388C-D0F7-0A66-0EDE-D477B1B1B2F4}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
WinRT Intellisense Mobile - en-us (HKLM-x32\...\{0F2D2736-F436-3F10-FB30-9D279F58305B}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - en-us (HKLM-x32\...\{FEAF2203-A2AC-080C-9D55-9F09623F38C3}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - Other Languages (HKLM-x32\...\{A06212FE-3C20-31C7-F88A-46673EF72E83}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - en-us (HKLM-x32\...\{4308116D-A763-144D-DC81-6243BE6B2ADF}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - Other Languages (HKLM-x32\...\{D307C8A5-7335-056E-6E64-E28544674EFD}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Wireshark 3.6.3 64-bit (HKLM-x32\...\Wireshark) (Version: 3.6.3 - The Wireshark developer community, hxxps://www.wireshark.org)
WPTx64 (HKLM-x32\...\{0B2C58EB-67A2-225B-60B2-D1990E55DD33}) (Version: 8.100.26866 - Microsoft)
Zebra Setup Utilities (HKLM-x32\...\{9207A8EC-3B2D-4A4A-8BF7-957FC19BB3DE}) (Version: 1.1.9.1290 - Zebra Technologies) Hidden
Zebra Setup Utilities (HKLM-x32\...\Zebra Setup Utilities) (Version: 1.1.9.1290 - Zebra Technologies)

Packages:
=========
Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_7.31.42.0_x64__kgqvnymyfvs32 [2023-03-02] (king.com)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.238.500.0_x64__kgqvnymyfvs32 [2023-03-10] (king.com)
Hidden City: Hidden Object Adventure -> C:\Program Files\WindowsApps\828B5831.HiddenCityMysteryofShadows_1.55.5501.0_x86__ytsefhwckbdv6 [2023-03-02] (G5 Entertainment AB)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_143.1.1136.0_x64__v10z8vjag6ke6 [2023-03-06] (HP Inc.)
HP Support Assistant -> C:\Program Files\WindowsApps\AD2F1837.HPSupportAssistant_9.23.20.0_x64__v10z8vjag6ke6 [2023-01-20] (HP Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-11-15] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-11-15] (Microsoft Corporation) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.964.0_x64__56jybvy8sckqj [2023-03-10] (NVIDIA Corp.)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.15.12020.0_x64__8wekyb3d8bbwe [2023-01-06] (Microsoft Studios) [MS Ad]
WindowsAppRuntime.1.2 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.2_2000.777.2143.0_x64__8wekyb3d8bbwe [2023-02-24] (Microsoft Corporation)
WindowsAppRuntime.1.2 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.2_2000.777.2143.0_x86__8wekyb3d8bbwe [2023-02-24] (Microsoft Corporation)
WinZip Universal -> C:\Program Files\WindowsApps\WinZipComputing.WinZipUniversal_1.5.13516.0_x64__3ykzqggjzj4z0 [2022-12-23] (WinZip Computing)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-567959055-877555932-3223723616-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\admin\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.22349.4\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-567959055-877555932-3223723616-1001_Classes\CLSID\{ED90173A-3B4C-4E7E-B9CF-79714425D4B5}\InprocServer32 -> C:\Program Files (x86)\PSPad editor\pspshellx64.dll () [File not signed]
ShellIconOverlayIdentifiers: [ GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\71.0.3.0\drivefsext.dll [2023-02-22] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\71.0.3.0\drivefsext.dll [2023-02-22] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\71.0.3.0\drivefsext.dll [2023-02-22] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\71.0.3.0\drivefsext.dll [2023-02-22] (Google LLC -> Google, Inc.)
ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\71.0.3.0\drivefsext.dll [2023-02-22] (Google LLC -> Google, Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\71.0.3.0\drivefsext.dll [2023-02-22] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\71.0.3.0\drivefsext.dll [2023-02-22] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvwu.inf_amd64_422d09ccf7b0b873\nvshext.dll [2022-06-13] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers5: [NvQuadroView] -> {1E9B04FB-F9E5-4718-997B-B8DA88302A48} => C:\Program Files\NVIDIA Corporation\nview\nvshell.dll [2022-06-13] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1_S-1-5-21-567959055-877555932-3223723616-1001: [EditWithPSPad] -> {ED90173A-3B4C-4E7E-B9CF-79714425D4B5} => C:\Program Files (x86)\PSPad editor\pspshellx64.dll [2014-11-02] () [File not signed]

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\admin\Documents\www\www.admin.loc\modules\_dev\require\SolidWorks\Macros\SLDWORKS.lnk -> C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS\SLDWORKS.exe (Dassault Systèmes SolidWorks Corp.) -> /m "C:\Users\admin\Documents\www\www.admin.loc\modules\_dev\require\SolidWorks\Macros\analysis_pictures-v1.10.swp"
ShortcutWithArgument: C:\Users\admin\Desktop\Vzdálená plocha Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=efmjfjelnicpmdcmfikempdhlmainjcb
ShortcutWithArgument: C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Vzdálená plocha Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=efmjfjelnicpmdcmfikempdhlmainjcb

==================== Loaded Modules (Whitelisted) =============

2021-11-15 11:51 - 2013-07-08 18:34 - 000114688 _____ () [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\bin\pcre.dll
2021-11-15 11:51 - 2013-11-22 03:12 - 000152576 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\bin\libapr-1.dll
2021-11-15 11:51 - 2013-11-22 03:12 - 000027136 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\bin\libapriconv-1.dll
2021-11-15 11:51 - 2013-11-22 03:12 - 000206848 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\bin\libaprutil-1.dll
2021-11-15 11:51 - 2013-11-22 03:13 - 000328192 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\bin\libhttpd.dll
2021-11-15 11:51 - 2013-11-22 03:07 - 000012288 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\modules\mod_access_compat.so
2021-11-15 11:51 - 2013-11-22 03:07 - 000011264 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\modules\mod_actions.so
2021-11-15 11:51 - 2013-11-22 03:07 - 000013824 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\modules\mod_alias.so
2021-11-15 11:51 - 2013-11-22 03:07 - 000009728 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\modules\mod_allowmethods.so
2021-11-15 11:51 - 2013-11-22 03:07 - 000010752 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\modules\mod_asis.so
2021-11-15 11:51 - 2013-11-22 03:07 - 000014336 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\modules\mod_auth_basic.so
2021-11-15 11:51 - 2013-11-22 03:07 - 000011776 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\modules\mod_authn_core.so
2021-11-15 11:51 - 2013-11-22 03:07 - 000011264 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\modules\mod_authn_file.so
2021-11-15 11:51 - 2013-11-22 03:07 - 000018944 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\modules\mod_authz_core.so
2021-11-15 11:51 - 2013-11-22 03:07 - 000011776 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\modules\mod_authz_groupfile.so
2021-11-15 11:51 - 2013-11-22 03:07 - 000011264 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\modules\mod_authz_host.so
2021-11-15 11:51 - 2013-11-22 03:07 - 000009728 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\modules\mod_authz_user.so
2021-11-15 11:51 - 2013-11-22 03:07 - 000030208 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\modules\mod_autoindex.so
2021-11-15 11:51 - 2013-11-22 03:07 - 000020480 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\modules\mod_cgi.so
2021-11-15 11:51 - 2013-11-22 03:07 - 000012288 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\modules\mod_dir.so
2021-11-15 11:51 - 2013-11-22 03:07 - 000010752 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\modules\mod_env.so
2021-11-15 11:51 - 2013-11-22 03:08 - 000039424 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\modules\mod_include.so
2021-11-15 11:51 - 2013-11-22 03:08 - 000024064 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\modules\mod_isapi.so
2021-11-15 11:51 - 2013-11-22 03:08 - 000024576 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\modules\mod_log_config.so
2021-11-15 11:51 - 2013-11-22 03:08 - 000016896 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\modules\mod_mime.so
2021-11-15 11:51 - 2013-11-22 03:08 - 000029184 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\modules\mod_negotiation.so
2021-11-15 11:51 - 2013-11-22 03:08 - 000051200 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\modules\mod_rewrite.so
2021-11-15 11:51 - 2013-11-22 03:08 - 000013824 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\modules\mod_setenvif.so
2013-11-14 23:47 - 2013-11-14 23:47 - 000050688 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzinw12.dll
2013-11-14 23:47 - 2013-11-14 23:47 - 000066048 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzipm12.dll
2021-11-15 11:51 - 2013-07-08 18:29 - 001175040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\bin\libeay32.dll
2021-11-15 11:51 - 2013-07-08 18:29 - 000269312 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\bin\ssleay32.dll
2021-11-15 12:28 - 2014-01-09 07:37 - 000066560 _____ (The PHP Group) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\php\php_runningversion\ext\php_bz2.dll
2021-11-15 12:28 - 2014-01-09 07:37 - 000492032 _____ (The PHP Group) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\php\php_runningversion\ext\php_curl.dll
2021-11-15 12:28 - 2014-01-09 07:37 - 001348096 _____ (The PHP Group) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\php\php_runningversion\ext\php_gd2.dll
2021-11-15 12:28 - 2014-01-09 07:37 - 000831488 _____ (The PHP Group) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\php\php_runningversion\ext\php_imap.dll
2021-11-15 12:28 - 2014-01-09 07:37 - 001239552 _____ (The PHP Group) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\php\php_runningversion\ext\php_mbstring.dll
2021-11-15 12:28 - 2014-01-09 07:37 - 000036864 _____ (The PHP Group) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\php\php_runningversion\ext\php_mysql.dll
2021-11-15 12:28 - 2014-01-09 07:37 - 000088576 _____ (The PHP Group) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\php\php_runningversion\ext\php_mysqli.dll
2021-11-15 12:28 - 2014-01-09 07:37 - 000072704 _____ (The PHP Group) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\php\php_runningversion\ext\php_openssl.dll
2021-11-15 12:28 - 2014-01-09 07:37 - 000024576 _____ (The PHP Group) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\php\php_runningversion\ext\php_pdo_mysql.dll
2021-11-15 12:28 - 2014-01-09 07:37 - 000399872 _____ (The PHP Group) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\php\php_runningversion\ext\php_pdo_sqlite.dll
2021-11-15 12:28 - 2014-01-09 07:37 - 000054784 _____ (The PHP Group) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\php\php_runningversion\ext\php_sockets.dll
2021-11-15 12:28 - 2014-01-09 07:37 - 000553472 _____ (The PHP Group) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\php\php_runningversion\ext\php_sqlite3.dll
2021-11-15 12:28 - 2014-01-09 07:37 - 000231936 _____ (The PHP Group) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\php\php_runningversion\ext\php_xsl.dll
2021-11-15 12:28 - 2014-01-09 07:37 - 000026624 _____ (The PHP Group) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\php\php_runningversion\php5apache2_4.dll
2021-11-15 12:28 - 2014-01-09 07:37 - 006155264 _____ (The PHP Group) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\php\php_runningversion\php5ts.dll
2023-02-16 12:37 - 2017-09-14 07:46 - 001012224 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Common Files\iMyFone\Components\Resident\platforms\qwindows.dll
2023-02-16 12:37 - 2022-04-28 21:21 - 004694016 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Common Files\iMyFone\Components\Resident\Qt5Core.dll
2023-02-16 12:37 - 2022-04-28 21:21 - 005032960 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Common Files\iMyFone\Components\Resident\Qt5Gui.dll
2023-02-16 12:37 - 2022-04-28 21:21 - 000856064 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Common Files\iMyFone\Components\Resident\Qt5Network.dll
2023-02-16 12:37 - 2022-04-28 21:21 - 004483072 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Common Files\iMyFone\Components\Resident\Qt5Widgets.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2016-07-16 12:47 - 2016-07-16 12:45 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\php\php_runningversion;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit\;C:\Program Files\PuTTY\;c:\Users\admin\AppData\Local\Programs\Python\Python311\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\dotnet\;
HKU\S-1-5-21-567959055-877555932-3223723616-1000\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-567959055-877555932-3223723616-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\windows\img0.jpg
DNS Servers: 192.168.11.1 - 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

Network Binding:
=============
Ethernet: Npcap Packet Driver (NPCAP) -> INSECURE_NPCAP (enabled)

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIG\Services: wuauserv => 3

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{5D14C625-87C3-4153-AC53-C93FFF761FAF}] => (Allow) C:\Windows\System32\CNAB4RPD.EXE (CANON INC. -> CANON INC.)
FirewallRules: [{8E5CF802-BB1B-43F5-8FCA-D5F61A19C477}] => (Allow) C:\Windows\System32\CNAB4RPD.EXE (CANON INC. -> CANON INC.)
FirewallRules: [{1B0A0BCC-3E66-4897-ACC3-79BF35E01190}] => (Allow) C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS\swScheduler\DTSCoordinatorService.exe (Dassault Systemes SolidWorks Corp. -> Dassault Systèmes SolidWorks Corporation)
FirewallRules: [{67A51E73-3B44-446E-9D84-7F13870902DF}] => (Allow) C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS\swScheduler\DTSCoordinatorService.exe (Dassault Systemes SolidWorks Corp. -> Dassault Systèmes SolidWorks Corporation)
FirewallRules: [{4F3D12E4-D95C-4358-9F76-F16C805D31C3}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{D2AA0281-ED6E-4235-AF1B-74DB8209717A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{A310AA8D-88F9-4287-BD5F-6A302EA24BA2}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{F4798396-E301-4EF4-9058-B61A151CFAEB}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [UDP Query User{26A6BC19-30E9-4F42-B025-B9D7AE4C719A}C:\program files (x86)\easyphp-devserver-14.1vc11\binaries\apache\bin\eds-httpd.exe] => (Allow) C:\program files (x86)\easyphp-devserver-14.1vc11\binaries\apache\bin\eds-httpd.exe (Apache Software Foundation) [File not signed]
FirewallRules: [TCP Query User{A4ED5F5F-2EC8-4330-BE8F-8C96E9BECA58}C:\program files (x86)\easyphp-devserver-14.1vc11\binaries\apache\bin\eds-httpd.exe] => (Allow) C:\program files (x86)\easyphp-devserver-14.1vc11\binaries\apache\bin\eds-httpd.exe (Apache Software Foundation) [File not signed]
FirewallRules: [{437E47C2-7168-4588-8F90-5A36FBAC2486}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{7A9C115C-6F64-4936-95AC-BF8BBAEFCE07}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{AB0CE918-2D94-4E15-AAC2-829DEAA1A2F6}] => (Allow) C:\HP\Diagnostics\PSDR\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [{71C12985-9416-49AD-BCF2-FAFEA0788A58}] => (Allow) C:\HP\Diagnostics\PSDR\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [TCP Query User{B5FB24A2-BF19-42C3-82A9-C79478EE2360}C:\program files (x86)\easyphp-devserver-14.1vc11\binaries\php\php_runningversion\php.exe] => (Allow) C:\program files (x86)\easyphp-devserver-14.1vc11\binaries\php\php_runningversion\php.exe (The PHP Group) [File not signed]
FirewallRules: [UDP Query User{D0C5EEB4-8299-46B1-BEB4-4843163BEC15}C:\program files (x86)\easyphp-devserver-14.1vc11\binaries\php\php_runningversion\php.exe] => (Allow) C:\program files (x86)\easyphp-devserver-14.1vc11\binaries\php\php_runningversion\php.exe (The PHP Group) [File not signed]
FirewallRules: [{507FB27B-ACA9-4145-9E17-16AC2ECDAED4}] => (Allow) LPort=5900
FirewallRules: [{A3F5CC0E-1786-471E-83E0-B94A107CED61}] => (Allow) LPort=5800
FirewallRules: [{F0A1A67F-461E-4854-A4D1-3A3A65A9BBDA}] => (Allow) C:\Program Files\uvnc bvba\UltraVNC\winvnc.exe (uvnc bvba -> UltraVNC)
FirewallRules: [{878CEB91-B51C-4B21-8431-DBAEEAA81CC7}] => (Allow) C:\Program Files\uvnc bvba\UltraVNC\winvnc.exe (uvnc bvba -> UltraVNC)
FirewallRules: [{9D91615D-9128-4B77-B56B-5198A26BC88C}] => (Allow) C:\Program Files\uvnc bvba\UltraVNC\vncviewer.exe (uvnc bvba -> UltraVNC)
FirewallRules: [{D9AF2464-FCF4-4DF8-8BE6-A36C3C6AB147}] => (Allow) C:\Program Files\uvnc bvba\UltraVNC\vncviewer.exe (uvnc bvba -> UltraVNC)
FirewallRules: [TCP Query User{FA773161-33E7-4496-8652-CAF829D25749}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{9F67C77A-C336-4A5D-8A36-B0BF4EA91F7E}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [TCP Query User{F4B5E456-ACF9-4065-BC13-9EAD3CBE6ABA}C:\users\admin\documents\install\mikroftp\mikroftp.exe] => (Allow) C:\users\admin\documents\install\mikroftp\mikroftp.exe () [File not signed]
FirewallRules: [UDP Query User{64571B73-78E2-4892-9AE3-3C0A7AB0D2AB}C:\users\admin\documents\install\mikroftp\mikroftp.exe] => (Allow) C:\users\admin\documents\install\mikroftp\mikroftp.exe () [File not signed]
FirewallRules: [TCP Query User{8B007BE5-9DD1-476D-A4F0-59B473BA7810}C:\program files (x86)\pspad editor\pspad.exe] => (Allow) C:\program files (x86)\pspad editor\pspad.exe (Jan Fiala -> Jan Fiala)
FirewallRules: [UDP Query User{1BF4BA17-D5E8-4CD3-984C-62E796B770E2}C:\program files (x86)\pspad editor\pspad.exe] => (Allow) C:\program files (x86)\pspad editor\pspad.exe (Jan Fiala -> Jan Fiala)
FirewallRules: [TCP Query User{5ABDECA2-32CC-4CCE-AE5C-B41AD1A428C0}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{0BA7EC0E-3D3F-44B4-BC6C-8409230CE900}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{9308BD71-6C0E-44AA-BA9E-72957EC22BD5}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{280CB6D8-3C86-4F91-AB29-B146B215F3A8}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{F0621917-8433-41C1-8DD3-FFB7908CC066}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{AEF668C5-62DB-47F9-B064-2BB28B48E9FA}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{76D24C53-DF05-4313-8781-82C4488E76D6}] => (Allow) C:\Program Files (x86)\Google\Chrome Remote Desktop\111.0.5563.12\remoting_host.exe (Google LLC -> Google LLC)
FirewallRules: [{5AF94143-9262-4C5A-9DDA-9D06A71C1CF5}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.94.3428.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{20C28AEC-0438-491A-9998-3A73712506D2}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.94.3428.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{CB589358-AAF1-4EEA-9C68-FCD04FB0AFDC}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.94.3428.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{094D6C71-B35F-4434-9A39-A3DD4E76CAA2}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.94.3428.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{4B4E73CF-192C-477C-BCA4-445F4DC97410}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\110.0.1587.69\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B9825AA4-A824-45D2-8F44-94FA2104871F}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

07-03-2023 15:46:47 Naplánovaný kontrolní bod
13-03-2023 10:58:05 AdwCleaner_BeforeCleaning_13/03/2023_10:58:05

==================== Faulty Device Manager Devices ============

Name: Synaptics PS/2 Port TouchPad
Description: Synaptics PS/2 Port TouchPad
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Synaptics
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Neznámé zařízení USB (reset portu se nezdařil)
Description: Neznámé zařízení USB (reset portu se nezdařil)
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standardní hostitelský řadič USB)
Service:
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation.

Name: Standardní klávesnice PS/2
Description: Standardní klávesnice PS/2
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardní klávesnice)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: ========================

Application errors:
==================
Error: (03/14/2023 11:03:30 AM) (Source: MySQL) (EventID: 100) (User: )
Description: Event-ID 100

Error: (03/14/2023 11:01:51 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program SLDWORKS.exe verze 24.5.0.58 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 112c0

Čas spuštění: 01d9565b8960c728

Čas ukončení: 42

Cesta k aplikaci: C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS\SLDWORKS.exe

ID hlášení: 246b269e-afa2-4677-a604-90560bda3cc5

Úplný název balíčku s chybou:

ID aplikace relativní podle balíčku s chybou:

Typ zablokování: Unknown

Error: (03/14/2023 10:58:12 AM) (Source: .NET Runtime) (EventID: 1022) (User: )
Description: .NET Runtime version 4.0.30319.0 - Došlo k chybě při inicializaci infrastruktury připojení profilovacího rozhraní API. Tento proces neumožní připojení profileru. HRESULT: 0x80004005. ID procesu (desítkově): 14752. ID zprávy: [0x2509].

Error: (03/14/2023 10:57:48 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (76044,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (03/14/2023 10:55:59 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program SLDWORKS.exe verze 24.5.0.58 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 3b48

Čas spuštění: 01d95593c7310936

Čas ukončení: 53

Cesta k aplikaci: C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS\SLDWORKS.exe

ID hlášení: 574d5604-63d2-408f-976c-8f6c3a77b432

Úplný název balíčku s chybou:

ID aplikace relativní podle balíčku s chybou:

Typ zablokování: Unknown

Error: (03/14/2023 10:50:20 AM) (Source: .NET Runtime) (EventID: 1022) (User: )
Description: .NET Runtime version 4.0.30319.0 - Došlo k chybě při inicializaci infrastruktury připojení profilovacího rozhraní API. Tento proces neumožní připojení profileru. HRESULT: 0x80004005. ID procesu (desítkově): 81140. ID zprávy: [0x2509].

Error: (03/14/2023 10:45:13 AM) (Source: .NET Runtime) (EventID: 1022) (User: )
Description: .NET Runtime version 4.0.30319.0 - Došlo k chybě při inicializaci infrastruktury připojení profilovacího rozhraní API. Tento proces neumožní připojení profileru. HRESULT: 0x80004005. ID procesu (desítkově): 74656. ID zprávy: [0x2509].

Error: (03/14/2023 10:41:36 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (79884,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).


System errors:
=============
Error: (03/13/2023 10:58:25 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba SynTPEnh Caller Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (03/13/2023 10:58:17 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA Display Container LS byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.

Error: (03/13/2023 10:58:16 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba HP System Info HSA Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 5000 milisekund: Restartovat službu.

Error: (03/13/2023 10:58:16 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Acronis Scheduler2 Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (03/13/2023 10:58:16 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Adobe Acrobat Update Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (03/13/2023 10:58:16 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba HP Diagnostics HSA Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 5000 milisekund: Restartovat službu.

Error: (03/13/2023 10:58:16 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba NVWMI byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (03/13/2023 10:58:16 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) TPM Provisioning Service byla neočekávaně ukončena. Tento stav nastal již 1krát.


Windows Defender:
================
Date: 2023-03-14 08:30:00
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {3FAD1592-5690-487B-81B2-9667258743FD}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2023-03-13 11:19:58
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {9CB4A01F-F19F-49A7-934F-89C97CA52696}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2023-03-10 08:42:01
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {F0A997B4-2C37-4E5E-AF08-B9BA88FA9DD8}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2023-03-09 13:14:36
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {1308C5E2-EA70-42EC-A8EE-223B65E012EF}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2023-03-08 09:29:58
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {73B5B7D9-FDF6-478B-ACAE-FD63609833F6}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

CodeIntegrity:
===============
Date: 2023-02-16 13:16:57
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\ImmersiveControlPanel\SystemSettings.exe) attempted to load \Device\HarddiskVolume4\Program Files\Google\Drive File Stream\70.0.2.0\crashpad_handler.exe that did not meet the Microsoft signing level requirements.

Date: 2023-01-30 07:44:17
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\ImmersiveControlPanel\SystemSettings.exe) attempted to load \Device\HarddiskVolume4\Program Files\Google\Drive File Stream\69.0.0.0\crashpad_handler.exe that did not meet the Microsoft signing level requirements.

Date: 2022-12-14 18:13:36
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Mozilla Firefox\firefox.exe) attempted to load \Device\HarddiskVolume4\Program Files\Mozilla Firefox\mozavcodec.dll that did not meet the Microsoft signing level requirements.

Date: 2022-12-14 18:13:36
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Mozilla Firefox\firefox.exe) attempted to load \Device\HarddiskVolume4\Program Files\Mozilla Firefox\mozavutil.dll that did not meet the Microsoft signing level requirements.


==================== Memory info ===========================

BIOS: HP N51 Ver. 01.24 04/27/2016
Motherboard: HP 802F
Processor: Intel(R) Core(TM) i7-6700 CPU @ 3.40GHz
Percentage of memory in use: 15%
Total physical RAM: 32688.59 MB
Available physical RAM: 27671.82 MB
Total Virtual: 37552.59 MB
Available Virtual: 32400.38 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:475.75 GB) (Free:201.21 GB) (Model: MTFDDAK512MBF-1AN1ZABHA) NTFS
Drive d: (Nový svazek) (Fixed) (Total:931.39 GB) (Free:62.7 GB) (Model: WDC WD10EZEX-60WN4A0) NTFS
Drive g: (Google Drive) (Fixed) (Total:100 GB) (Free:30.58 GB) (Model: MTFDDAK512MBF-1AN1ZABHA) FAT32

\\?\Volume{2d11b580-00ec-446f-8c28-fccb217c6554}\ (Obnovení) (Fixed) (Total:0.44 GB) (Free:0.43 GB) NTFS
\\?\Volume{8cece581-d353-4b03-a381-f10bd18e0060}\ () (Fixed) (Total:0.63 GB) (Free:0.08 GB) NTFS
\\?\Volume{a70e0bb1-edf6-4ce0-9565-b1fe5b665825}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 476.9 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 1 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118196
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Mizící soubory WIN 10 SSD

#6 Příspěvek od Rudy »

Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
Task: {7DC82039-D972-4EC5-9A11-599D4EC20DEB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2022-04-01] (Google Inc -> Google Inc.)
Task: {F8CAB140-C37E-478B-A395-7E3C0BE36937} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2022-04-01] (Google Inc -> Google Inc.)
C:\DumpStack.log.tmp
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =

EmptyTemp:
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

AndySue
Návštěvník
Návštěvník
Příspěvky: 91
Registrován: 26 pro 2009 12:10

Re: Mizící soubory WIN 10 SSD

#7 Příspěvek od AndySue »

Musel jsem FRST Killnout - zastavil se při promázávání nečeho z Thunderbirdu (servicelog.txt?)

---
Fix result of Farbar Recovery Scan Tool (x64) Version: 12-03-2023
Ran by admin (14-03-2023 13:48:16) Run:1
Running from C:\Users\admin\Desktop
Loaded Profiles: defaultuser0 & admin
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
Task: {7DC82039-D972-4EC5-9A11-599D4EC20DEB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2022-04-01] (Google Inc -> Google Inc.)
Task: {F8CAB140-C37E-478B-A395-7E3C0BE36937} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2022-04-01] (Google Inc -> Google Inc.)
C:\DumpStack.log.tmp
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =

EmptyTemp:
End
*****************

Processes closed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{7DC82039-D972-4EC5-9A11-599D4EC20DEB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7DC82039-D972-4EC5-9A11-599D4EC20DEB}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F8CAB140-C37E-478B-A395-7E3C0BE36937}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F8CAB140-C37E-478B-A395-7E3C0BE36937}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
Could not move "C:\DumpStack.log.tmp" => Scheduled to move on reboot.
HKLM\Software\\Microsoft\Internet Explorer\Main\\"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\"Local Page"="C:\Windows\System32\blank.htm" => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\"Local Page"="C:\Windows\SysWOW64\blank.htm" => value restored successfully

=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 327000428 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 0 B
Windows/system/drivers => 1228090753 B
Edge => 2180012 B
Chrome => 1917997009 B
Firefox => 2462825421 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 752306 B
defaultuser0 => 752306 B

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 14-03-2023 14:00:25)

C:\DumpStack.log.tmp => Could not move

==== End of Fixlog 14:00:25 ====

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118196
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Mizící soubory WIN 10 SSD

#8 Příspěvek od Rudy »

Bylo smazáno, log by již měl být OK.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

AndySue
Návštěvník
Návštěvník
Příspěvky: 91
Registrován: 26 pro 2009 12:10

Re: Mizící soubory WIN 10 SSD

#9 Příspěvek od AndySue »

Díky za pomoc!

Co dělalo ty mizející soubory?

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118196
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Mizící soubory WIN 10 SSD

#10 Příspěvek od Rudy »

Nelze přesně určit, pravděpodobně něco, co bylo uloženo v dočasných internetových souborech. Ty se mažou en block příkazem EmptyTemp: bez podrobného popisu. Kdyby problém nezmizel, ozvěte se. Nemaáte zač! :)
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Odpovědět