Preventivní kontrola, využití disku 100 %

[Lancre]

Dobrý den,

prosím o preventivní kontrolu. Počítač je velmi pomalý. Využití SSD disku je podle Správce úloh 100 %.

Logfile of random's system information tool 1.10 (written by random/random)
Run by Vali at 2023-09-07 22:11:56
Microsoft Windows 11 Home
System drive C: has 23 GB (9%) free of 243 GB
Total RAM: 16251 MB (62% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:12:01, on 07.09.2023
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.22621.0001)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AcroTray.exe
C:\Program Files\trend micro\Vali.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: IEToEdge BHO - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\115.0.1901.183\BHO\ie_to_edge_bho.dll
O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_251\bin\ssv.dll
O2 - BHO: Adobe Acrobat Create PDF Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll
O2 - BHO: Microsoft OneDrive for Business Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~2\Office16\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_251\bin\jp2ssv.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll
O3 - Toolbar: Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll
O4 - HKLM\..\Run: [Adobe Creative Cloud] "C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
O4 - HKLM\..\Run: [Dropbox] "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Autodesk Desktop App] "C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe" -tray
O4 - HKLM\..\Run: [Adobe CCXProcess] C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
O4 - HKLM\..\Run: [Evoluent Mouse Listener] C:\Program Files (x86)\Evoluent\Evoluent Mouse Manager\EvoMouseListener.exe
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe"
O4 - HKCU\..\Run: [CCXProcess] "C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe"
O4 - HKCU\..\Run: [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [Skype for Desktop] C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
O4 - HKCU\..\Run: [DAEMON Tools Ultra Agent] "C:\Program Files\DAEMON Tools Ultra\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [1Password] "C:\Users\Vali\AppData\Local\1Password\app\8\1Password.exe" --silent
O4 - HKCU\..\Run: [MicrosoftEdgeAutoLaunch_47E7A3D832D99C24E8E65EF6A7C4529C] "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5
O4 - HKCU\..\Run: [Opera Browser Assistant] C:\Users\Vali\AppData\Local\Programs\Opera\assistant\browser_assistant.exe
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - Startup: Poslat do aplikace OneNote.lnk = C:\Program Files\Microsoft Office\Office16\ONENOTEM.EXE
O4 - Global Startup: CodeMeter Control Center.lnk = C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe
O4 - Global Startup: Evoluent Mouse Manager.lnk = C:\Program Files (x86)\Evoluent\Evoluent Mouse Manager\EvoMouseExec.exe
O4 - Global Startup: Image Transfer Utility.lnk = C:\Program Files (x86)\Canon\ImageTransferUtility\ImageTransferUtility.exe
O4 - Global Startup: Network Server.lnk = C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe
O8 - Extra context menu item: E&xportovat do Microsoft Excelu - res://C:\PROGRA~1\MICROS~1\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: Poslat do On&eNotu - res://C:\PROGRA~1\MICROS~1\Office16\ONBttnIE.dll/105
O9 - Extra button: Poslat do OneNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Poslat do On&eNotu - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office16\ONBttnIE.dll
O9 - Extra button: @%CommonProgramFiles%\Microsoft Shared\Office16\oregres.dll,-430 - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll
O9 - Extra 'Tools' menuitem: @%CommonProgramFiles%\Microsoft Shared\Office16\oregres.dll,-430 - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nlansp_c.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE16\MSOXMLMF.DLL
O23 - Service: Autodesk Desktop App Service (AdAppMgrSvc) - Autodesk Inc. - C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Inc. - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Autodesk Desktop Licensing Service (AdskLicensingService) - Autodesk - C:\Program Files (x86)\Common Files\Autodesk Shared\AdskLicensing\Current\AdskLicensingService\AdskLicensingService.exe
O23 - Service: Adobe Genuine Software Monitor Service (AGMService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Automation License Manager Service (almservice) - SIEMENS AG - C:\Program Files\Common Files\Siemens\sws\almsrv\almsrv64x.exe
O23 - Service: Autodesk Content Service - Autodesk, Inc. - C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe
O23 - Service: Služba Aktualizace Brave (brave) (brave) - BraveSoftware Inc. - C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe
O23 - Service: Služba Aktualizace Brave (bravem) (bravem) - BraveSoftware Inc. - C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe
O23 - Service: Brave Vpn Service (BraveVpnService) (BraveVpnService) - Brave Software, Inc. - C:\Program Files\BraveSoftware\Brave-Browser\Application\116.1.57.62\brave_vpn_helper.exe
O23 - Service: Brave Vpn Wireguard Service (BraveVpnWireguardService) (BraveVpnWireguardService) - Brave Software, Inc. - C:\Program Files\BraveSoftware\Brave-Browser\Application\116.1.57.62\BraveVpnWireguardService\brave_vpn_wireguard_service.exe
O23 - Service: Chaos Cosmos Browser Service (CCBService) - ChaosGroup - C:\Program Files\Chaos Group\Chaos Cosmos\cbservice.exe
O23 - Service: CmWebAdmin (CmWebAdmin.exe) - WIBU-SYSTEMS AG - C:\Program Files\CodeMeter\Runtime\bin\CmWebAdmin.exe
O23 - Service: CodeMeter Runtime Server (CodeMeter.exe) - WIBU-SYSTEMS AG - C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
O23 - Service: @%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100 (CredentialEnrollmentManagerUserSvc) - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: CredentialEnrollmentManagerUserSvc_62c66 - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: DbxSvc - Unknown owner - C:\WINDOWS\system32\DbxSvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: Disc Soft Ultra Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Ultra\DiscSoftBusServiceUltra.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: ESET Forwarder (efwd) - ESET - C:\Program Files\ESET\ESET Security\efwd.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Security\ekrn.exe
O23 - Service: ESET Firewall Helper (ekrnEpfw) - ESET - C:\Program Files\ESET\ESET Security\ekrn.exe
O23 - Service: Evoluent Driver Update Service (EvoDriverUpdateService) - Evoluent - C:\Program Files (x86)\Evoluent\Evoluent Mouse Manager\EvoDriverUpdateService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: FlexNet Licensing Service - Flexera - C:\Program Files (x86)\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe
O23 - Service: FlexNet Licensing Service 64 - Flexera Software LLC - C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe
O23 - Service: NVIDIA FrameView SDK service (FvSvc) - NVIDIA - C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) (GoogleChromeElevationService) - Google LLC - C:\Program Files (x86)\Google\Chrome\Application\114.0.5735.199\elevation_service.exe
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google LLC - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google LLC - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @oem9.inf,%SocketHECIServiceName%;Intel(R) Capability Licensing Service TCP IP Interface (Intel(R) Capability Licensing Service TCP IP Interface) - Intel(R) Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\SocketHeciServer.exe
O23 - Service: @oem9.inf,%TPMProvisioningServiceName%;Intel(R) TPM Provisioning Service (Intel(R) TPM Provisioning Service) - Intel(R) Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\TPMProvisioningService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\nvhdcsi.inf_amd64_ebf3b33cb526b321\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: @%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101 (perceptionsimulation) - Unknown owner - C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe (file missing)
O23 - Service: Corel License Validation Service V2 x64, Powered by arvato (PSI_SVC_2_x64) - arvato digital services llc - C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @oem46.inf,%RtkBtManServ.SvcDesc%;Realtek Bluetooth Device Manager Service (RtkBtManServ) - Realtek Semiconductor Corp. - C:\WINDOWS\RtkBtManServ.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: Service KMSELDI - @ByELDI - C:\Program Files\KMSpico\Service_KMS.exe
O23 - Service: @%SystemRoot%\System32\Sgrm\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\WINDOWS\system32\Sgrm\SgrmBroker.exe (file missing)
O23 - Service: @firewallapi.dll,-50323 (SNMPTrap) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer - TeamViewer Germany GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: VirtualBox system service (VBoxSDS) - Oracle Corporation - C:\Program Files\Oracle\VirtualBox\VBoxSDS.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: VRLService - Unknown owner - C:\Program Files\Chaos Group\VRLService\OLS\vrol.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: @oem54.inf,%OCServiceName%;XTUOCDriverService (XTU3SERVICE) - Intel(R) Corporation - C:\WINDOWS\SysWOW64\XtuService.exe

--
End of file - 17452 bytes

======Listing Processes======









C:\WINDOWS\system32\lsass.exe
winlogon.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p
"fontdrvhost.exe"
"fontdrvhost.exe"
C:\WINDOWS\system32\svchost.exe -k RPCSS -p
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p -s LSM
"dwm.exe"
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s NcbService
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -s BTAGService
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s bthserv
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s BthAvctpSvc
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s Schedule
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s hidserv
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s nsi
C:\WINDOWS\system32\svchost.exe -k UserProfileService -p -s ProfSvc
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s TimeBrokerSvc
C:\WINDOWS\System32\svchost.exe -k netprofm -p -s netprofm
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s UserManager
C:\WINDOWS\system32\svchost.exe -k osprivacy -p -s camsvc
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DevQueryBroker

C:\WINDOWS\system32\svchost.exe -k NetworkService -p
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DeviceAssociationService
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s PhoneSvc
C:\WINDOWS\system32\svchost.exe -k appmodel -p -s StateRepository
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s EventLog
C:\WINDOWS\system32\svchost.exe -k NetworkService -p
C:\WINDOWS\System32\svchost.exe -k netsvcs -p -s Themes
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s EventSystem
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s SENS
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s AudioEndpointBuilder
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s FontCache
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork -p
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s DispBrokerDesktopSvc
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s TextInputManagementService
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s Dhcp
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s WinHttpAutoProxySvc
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p
C:\WINDOWS\System32\svchost.exe -k netsvcs -p -s ShellHWDetection
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetworkFirewall -p
C:\WINDOWS\System32\svchost.exe -k NetworkService -p -s LanmanWorkstation
C:\WINDOWS\system32\WLANExt.exe 2540534799200
C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork -p -s DPS
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s Winmgmt
C:\WINDOWS\System32\svchost.exe -k NetSvcs -p -s iphlpsvc
C:\WINDOWS\system32\DbxSvc.exe
"C:\Program Files\CodeMeter\Runtime\bin\CmWebAdmin.exe"
"C:\Program Files\Common Files\Siemens\sws\almsrv\almsrv64x.exe"
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s WpnService
"C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe"
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s SstpSvc
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s TrkWks
"C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe"
C:\WINDOWS\RtkBtManServ.exe
C:\WINDOWS\SysWOW64\XtuService.exe
"C:\Program Files\Chaos Group\Chaos Cosmos\cbservice.exe"
"C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe"
"C:\Program Files\ESET\ESET Security\efwd.exe"
"C:\Program Files (x86)\Common Files\Autodesk Shared\AdskLicensing\Current\AdskLicensingService\AdskLicensingService.exe"
"C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe"
"C:\Program Files\KMSpico\Service_KMS.exe"
"C:\Program Files (x86)\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe"
"C:\ProgramData\SOLIDWORKS Electrical\MSSQL12.TEW_SQLEXPRESS\MSSQL\Binn\sqlservr.exe" -sTEW_SQLEXPRESS
C:\WINDOWS\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s LanmanServer
"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
"C:\Program Files (x86)\Evoluent\Evoluent Mouse Manager\EvoDriverUpdateService.exe"
"C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe"
C:\WINDOWS\System32\svchost.exe -k NetworkService -p -s TapiSrv
C:\WINDOWS\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s WdiSystemHost
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted -p -s PolicyAgent
sihost.exe
C:\WINDOWS\system32\svchost.exe -k BthAppGroup -p -s BluetoothUserService
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup -s CDPUserSvc
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s webthreatdefusersvc
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup -s WpnUserService
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
"C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe" /c
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /c
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s TokenBroker
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s CDPSvc
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -s RmSvc
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s PcaSvc
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s lmhosts
C:\WINDOWS\system32\svchost.exe -k ClipboardSvcGroup -p -s cbdhsvc
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s Appinfo
"C:\WINDOWS\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe" -ServerName:CortanaUI.AppXstmwaab17q5s3y22tp6apqz7a45vwv65.mca
"C:\WINDOWS\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe" -ServerName:App.AppXywbrabmsek0gm3tkwpr5kwzbs55tkqay.mca
"C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_423.13900.0.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe" -ServerName:Microsoft.Windows.DashboardServer
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\system32\svchost.exe -k UdkSvcGroup -s UdkUserSvc
C:\WINDOWS\system32\DllHost.exe /Processid:{973D20D7-562D-44B9-B70B-5A0F49CCDF3F}
"ctfmon.exe"
"C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe" -ServerName:WindowsDefaultLockScreen.AppX7y4nbzq37zn4ks9k7amqjywdat7d3j2z.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s NPSMSvc
"C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe" index.js
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files (x86)\BraveSoftware\Update\1.3.361.141\BraveCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.36.292\GoogleCrashHandler.exe"
"C:\Program Files (x86)\BraveSoftware\Update\1.3.361.141\BraveCrashHandler64.exe"
"C:\Program Files (x86)\Google\Update\1.3.36.292\GoogleCrashHandler64.exe"
"C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerLocalSystem -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll"
rundll32.exe "c:\program files\nvidia corporation\nvstreamsrv\rxdiag.dll" RxDiagSetRuntimeMessagePump
"C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -f "C:\ProgramData\NVIDIA\NvContainerUser%dSPUser.log" -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\SPUser" -r -l 3 -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll" -c
"C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -f "C:\ProgramData\NVIDIA\NvContainerUser%d.log" -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\User" -r -l 3 -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll" -c
"C:\Windows\System32\SecurityHealthSystray.exe"

"C:\Program Files\ESET\ESET Security\eguiproxy.exe" /hide
"C:\WINDOWS\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TextInputHost.exe" -ServerName:InputApp.AppXjd5de1g66v206tj52m9d0dtpppx4cgpn.mca
"C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe"
"C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe"
"C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe" --type=gpu-process --field-trial-handle=2168,8263648256985809526,5312711121681546659,131072 --disable-features=VizDisplayCompositor --no-sandbox --log-file="C:\Users\Vali\AppData\Local\NVIDIA Corporation\NVIDIA Share\debug.log" --lang=en-US --gpu-preferences=KAAAAAAAAACACwAAAQAAAAAAAAAAAGAAAAAAAAEAAAAIAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAFAAAAEAAAAAAAAAAAAAAABgAAABAAAAAAAAAAAQAAAAUAAAAQAAAAAAAAAAEAAAAGAAAA --log-file="C:\Users\Vali\AppData\Local\NVIDIA Corporation\NVIDIA Share\debug.log" --service-request-channel-token=8286616392961987105 --mojo-platform-channel-handle=2192 /prefetch:2
"C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe" --type=renderer --no-sandbox --autoplay-policy=no-user-gesture-required --log-file="C:\Users\Vali\AppData\Local\NVIDIA Corporation\NVIDIA Share\debug.log" --field-trial-handle=2168,8263648256985809526,5312711121681546659,131072 --disable-features=VizDisplayCompositor --service-pipe-token=5725664760617041100 --lang=en-US --log-file="C:\Users\Vali\AppData\Local\NVIDIA Corporation\NVIDIA Share\debug.log" --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=5725664760617041100 --renderer-client-id=3 --mojo-platform-channel-handle=2700 /prefetch:1
C:\WINDOWS\system32\svchost.exe -k WebThreatDefense -p -s webthreatdefsvc
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DisplayEnhancementService
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation -p -s SSDPSRV
"C:\Program Files\DAEMON Tools Ultra\DTShellHlp.exe"
"C:\Program Files\DAEMON Tools Ultra\DiscSoftBusServiceUltra.exe"
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup

C:\WINDOWS\System32\svchost.exe -k LocalService -p -s LicenseManager
"C:\Users\Vali\AppData\Local\1Password\app\8\1Password.exe" --just-updated --silent --should-restart
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s StorSvc

"C:\Users\Vali\AppData\Local\1Password\app\8\1Password.exe" --type=gpu-process --user-data-dir="C:\Users\Vali\AppData\Roaming\1Password" --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --mojo-platform-channel-handle=1748 --field-trial-handle=1752,i,16273755971570940858,15612547726619388776,262144 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:2
"C:\Users\Vali\AppData\Local\1Password\app\8\1Password.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=cs --service-sandbox-type=none --user-data-dir="C:\Users\Vali\AppData\Roaming\1Password" --standard-schemes=resource,file-icon --enable-sandbox --secure-schemes --bypasscsp-schemes=resource,file-icon --cors-schemes --fetch-schemes=resource,file-icon --service-worker-schemes --streaming-schemes --mojo-platform-channel-handle=1892 --field-trial-handle=1752,i,16273755971570940858,15612547726619388776,262144 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:8
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s UsoSvc
"C:\Program Files\Chaos Group\VRLService\OLS\vrol.exe" 2>> "C:\Program Files\Common Files\ChaosGroup\log\panic.log"

"C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe"
"C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Vali\AppData\Local\BraveSoftware\Brave-Browser\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Vali\AppData\Local\BraveSoftware\Brave-Browser\User Data\Crashpad" "--metrics-dir=C:\Users\Vali\AppData\Local\BraveSoftware\Brave-Browser\User Data" --url=https://cr.brave.com --annotation=plat=Win64 --annotation=prod=Brave --annotation=ver=116.1.57.62 --initial-client-data=0x114,0x118,0x11c,0xf0,0x120,0x7ffc6b9e5dc0,0x7ffc6b9e5dd0,0x7ffc6b9e5de0
"C:\WINDOWS\system32\taskmgr.exe" /4
"C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe" --type=gpu-process --start-stack-profiler --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --mojo-platform-channel-handle=1892 --field-trial-handle=1896,i,11411771502932224357,13414259899069059434,262144 /prefetch:2
"C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=cs --service-sandbox-type=none --start-stack-profiler --mojo-platform-channel-handle=2172 --field-trial-handle=1896,i,11411771502932224357,13414259899069059434,262144 /prefetch:8
"C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=cs --service-sandbox-type=service --mojo-platform-channel-handle=2280 --field-trial-handle=1896,i,11411771502932224357,13414259899069059434,262144 /prefetch:8
"C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe" --type=renderer --extension-process --origin-trial-public-key=bYUKPJoPnCxeNvu72j4EmPuK7tr1PAC7SHh8ld9Mw3E=,fMS4mpO6buLQ/QMd+zJmxzty/VQ6B1EUZqoCU04zoRU= --brave_session_token=7965890508622891787 --lang=cs --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --time-ticks-at-unix-epoch=-1694115848101597 --launch-time-ticks=229025501 --mojo-platform-channel-handle=3380 --field-trial-handle=1896,i,11411771502932224357,13414259899069059434,262144 /prefetch:1
"C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe" --type=renderer --extension-process --origin-trial-public-key=bYUKPJoPnCxeNvu72j4EmPuK7tr1PAC7SHh8ld9Mw3E=,fMS4mpO6buLQ/QMd+zJmxzty/VQ6B1EUZqoCU04zoRU= --brave_session_token=7965890508622891787 --lang=cs --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --time-ticks-at-unix-epoch=-1694115848101597 --launch-time-ticks=229030227 --mojo-platform-channel-handle=3668 --field-trial-handle=1896,i,11411771502932224357,13414259899069059434,262144 /prefetch:1
"C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe" --type=renderer --extension-process --origin-trial-public-key=bYUKPJoPnCxeNvu72j4EmPuK7tr1PAC7SHh8ld9Mw3E=,fMS4mpO6buLQ/QMd+zJmxzty/VQ6B1EUZqoCU04zoRU= --brave_session_token=7965890508622891787 --lang=cs --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --time-ticks-at-unix-epoch=-1694115848101597 --launch-time-ticks=229037971 --mojo-platform-channel-handle=3812 --field-trial-handle=1896,i,11411771502932224357,13414259899069059434,262144 /prefetch:1
"C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe" --type=renderer --extension-process --origin-trial-public-key=bYUKPJoPnCxeNvu72j4EmPuK7tr1PAC7SHh8ld9Mw3E=,fMS4mpO6buLQ/QMd+zJmxzty/VQ6B1EUZqoCU04zoRU= --brave_session_token=7965890508622891787 --lang=cs --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --time-ticks-at-unix-epoch=-1694115848101597 --launch-time-ticks=229042861 --mojo-platform-channel-handle=3948 --field-trial-handle=1896,i,11411771502932224357,13414259899069059434,262144 /prefetch:1
"C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe" --type=renderer --extension-process --origin-trial-public-key=bYUKPJoPnCxeNvu72j4EmPuK7tr1PAC7SHh8ld9Mw3E=,fMS4mpO6buLQ/QMd+zJmxzty/VQ6B1EUZqoCU04zoRU= --brave_session_token=7965890508622891787 --lang=cs --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --time-ticks-at-unix-epoch=-1694115848101597 --launch-time-ticks=229047890 --mojo-platform-channel-handle=4172 --field-trial-handle=1896,i,11411771502932224357,13414259899069059434,262144 /prefetch:1
"C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe" --type=renderer --extension-process --origin-trial-public-key=bYUKPJoPnCxeNvu72j4EmPuK7tr1PAC7SHh8ld9Mw3E=,fMS4mpO6buLQ/QMd+zJmxzty/VQ6B1EUZqoCU04zoRU= --brave_session_token=7965890508622891787 --lang=cs --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --time-ticks-at-unix-epoch=-1694115848101597 --launch-time-ticks=229052963 --mojo-platform-channel-handle=4304 --field-trial-handle=1896,i,11411771502932224357,13414259899069059434,262144 /prefetch:1
"C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe" --type=renderer --extension-process --origin-trial-public-key=bYUKPJoPnCxeNvu72j4EmPuK7tr1PAC7SHh8ld9Mw3E=,fMS4mpO6buLQ/QMd+zJmxzty/VQ6B1EUZqoCU04zoRU= --brave_session_token=7965890508622891787 --lang=cs --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --time-ticks-at-unix-epoch=-1694115848101597 --launch-time-ticks=229058279 --mojo-platform-channel-handle=4452 --field-trial-handle=1896,i,11411771502932224357,13414259899069059434,262144 /prefetch:1
"C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe" --type=renderer --extension-process --origin-trial-public-key=bYUKPJoPnCxeNvu72j4EmPuK7tr1PAC7SHh8ld9Mw3E=,fMS4mpO6buLQ/QMd+zJmxzty/VQ6B1EUZqoCU04zoRU= --brave_session_token=7965890508622891787 --lang=cs --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --time-ticks-at-unix-epoch=-1694115848101597 --launch-time-ticks=229064676 --mojo-platform-channel-handle=4492 --field-trial-handle=1896,i,11411771502932224357,13414259899069059434,262144 /prefetch:1
"C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe" --type=utility --utility-sub-type=bat_ads.mojom.BatAdsService --lang=cs --service-sandbox-type=utility --mojo-platform-channel-handle=2836 --field-trial-handle=1896,i,11411771502932224357,13414259899069059434,262144 /prefetch:8
"C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe" --type=renderer --extension-process --origin-trial-public-key=bYUKPJoPnCxeNvu72j4EmPuK7tr1PAC7SHh8ld9Mw3E=,fMS4mpO6buLQ/QMd+zJmxzty/VQ6B1EUZqoCU04zoRU= --brave_session_token=7965890508622891787 --lang=cs --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --time-ticks-at-unix-epoch=-1694115848101597 --launch-time-ticks=230038485 --mojo-platform-channel-handle=6572 --field-trial-handle=1896,i,11411771502932224357,13414259899069059434,262144 /prefetch:1
"C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe" --type=renderer --extension-process --origin-trial-public-key=bYUKPJoPnCxeNvu72j4EmPuK7tr1PAC7SHh8ld9Mw3E=,fMS4mpO6buLQ/QMd+zJmxzty/VQ6B1EUZqoCU04zoRU= --brave_session_token=7965890508622891787 --lang=cs --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --time-ticks-at-unix-epoch=-1694115848101597 --launch-time-ticks=230040703 --mojo-platform-channel-handle=6588 --field-trial-handle=1896,i,11411771502932224357,13414259899069059434,262144 /prefetch:1
"C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe" --type=renderer --extension-process --origin-trial-public-key=bYUKPJoPnCxeNvu72j4EmPuK7tr1PAC7SHh8ld9Mw3E=,fMS4mpO6buLQ/QMd+zJmxzty/VQ6B1EUZqoCU04zoRU= --brave_session_token=7965890508622891787 --lang=cs --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --time-ticks-at-unix-epoch=-1694115848101597 --launch-time-ticks=230044613 --mojo-platform-channel-handle=6824 --field-trial-handle=1896,i,11411771502932224357,13414259899069059434,262144 /prefetch:1
C:\WINDOWS\system32\cmd.exe /d /c "C:\Users\Vali\AppData\Local\1Password\app\8\1Password-BrowserSupport.exe" chrome-extension://aeblfdkhhhdcdjpifhhbdiojplfjncoa/ --parent-window=0 < \\.\pipe\chrome.nativeMessaging.in.b58484b0de189fe7 > \\.\pipe\chrome.nativeMessaging.out.b58484b0de189fe7
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\Users\Vali\AppData\Local\1Password\app\8\1Password-BrowserSupport.exe chrome-extension://aeblfdkhhhdcdjpifhhbdiojplfjncoa/ --parent-window=0
"C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe" --type=renderer --origin-trial-public-key=bYUKPJoPnCxeNvu72j4EmPuK7tr1PAC7SHh8ld9Mw3E=,fMS4mpO6buLQ/QMd+zJmxzty/VQ6B1EUZqoCU04zoRU= --brave_session_token=7965890508622891787 --lang=cs --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --time-ticks-at-unix-epoch=-1694115848101597 --launch-time-ticks=250532244 --mojo-platform-channel-handle=10472 --field-trial-handle=1896,i,11411771502932224357,13414259899069059434,262144 /prefetch:1
"C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe" --type=renderer --extension-process --origin-trial-public-key=bYUKPJoPnCxeNvu72j4EmPuK7tr1PAC7SHh8ld9Mw3E=,fMS4mpO6buLQ/QMd+zJmxzty/VQ6B1EUZqoCU04zoRU= --brave_session_token=7965890508622891787 --lang=cs --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --time-ticks-at-unix-epoch=-1694115848101597 --launch-time-ticks=251209821 --mojo-platform-channel-handle=10996 --field-trial-handle=1896,i,11411771502932224357,13414259899069059434,262144 /prefetch:1
"C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe" --type=renderer --origin-trial-public-key=bYUKPJoPnCxeNvu72j4EmPuK7tr1PAC7SHh8ld9Mw3E=,fMS4mpO6buLQ/QMd+zJmxzty/VQ6B1EUZqoCU04zoRU= --brave_session_token=7965890508622891787 --lang=cs --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --time-ticks-at-unix-epoch=-1694115848101597 --launch-time-ticks=255255571 --mojo-platform-channel-handle=9164 --field-trial-handle=1896,i,11411771502932224357,13414259899069059434,262144 /prefetch:1
"C:\Users\Vali\AppData\Local\1Password\app\8\1Password.exe" --type=renderer --user-data-dir="C:\Users\Vali\AppData\Roaming\1Password" --standard-schemes=resource,file-icon --enable-sandbox --secure-schemes --bypasscsp-schemes=resource,file-icon --cors-schemes --fetch-schemes=resource,file-icon --service-worker-schemes --streaming-schemes --app-user-model-id=AgileBits.1Password --app-path="C:\Users\Vali\AppData\Local\1Password\app\8\resources\app.asar" --enable-sandbox --disable-blink-features=Auxclick --lang=cs --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --time-ticks-at-unix-epoch=-1694115848102010 --launch-time-ticks=267120958 --mojo-platform-channel-handle=4492 --field-trial-handle=1752,i,16273755971570940858,15612547726619388776,262144 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:1
"C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_423.13900.0.0_x64__cw5n1h2txyewy\Dashboard\widgetservice.exe" -RegisterProcessAsComServer -Embedding
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s lfsvc
"C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AcroTray.exe"
C:\WINDOWS\system32\svchost.exe -k LocalService -s W32Time
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s gpsvc
"C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=cs --service-sandbox-type=audio --mojo-platform-channel-handle=9408 --field-trial-handle=1896,i,11411771502932224357,13414259899069059434,262144 /prefetch:8
"C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe" --type=renderer --origin-trial-public-key=bYUKPJoPnCxeNvu72j4EmPuK7tr1PAC7SHh8ld9Mw3E=,fMS4mpO6buLQ/QMd+zJmxzty/VQ6B1EUZqoCU04zoRU= --brave_session_token=7965890508622891787 --lang=cs --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=65 --time-ticks-at-unix-epoch=-1694115848101597 --launch-time-ticks=809874362 --mojo-platform-channel-handle=8836 --field-trial-handle=1896,i,11411771502932224357,13414259899069059434,262144 /prefetch:1
"C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe" --type=renderer --origin-trial-public-key=bYUKPJoPnCxeNvu72j4EmPuK7tr1PAC7SHh8ld9Mw3E=,fMS4mpO6buLQ/QMd+zJmxzty/VQ6B1EUZqoCU04zoRU= --brave_session_token=7965890508622891787 --lang=cs --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=66 --time-ticks-at-unix-epoch=-1694115848101597 --launch-time-ticks=810866144 --mojo-platform-channel-handle=7352 --field-trial-handle=1896,i,11411771502932224357,13414259899069059434,262144 /prefetch:1
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe" --type=renderer --origin-trial-public-key=bYUKPJoPnCxeNvu72j4EmPuK7tr1PAC7SHh8ld9Mw3E=,fMS4mpO6buLQ/QMd+zJmxzty/VQ6B1EUZqoCU04zoRU= --brave_session_token=7965890508622891787 --lang=cs --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=91 --time-ticks-at-unix-epoch=-1694115848101597 --launch-time-ticks=1250998141 --mojo-platform-channel-handle=7892 --field-trial-handle=1896,i,11411771502932224357,13414259899069059434,262144 /prefetch:1
"C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe" --type=renderer --origin-trial-public-key=bYUKPJoPnCxeNvu72j4EmPuK7tr1PAC7SHh8ld9Mw3E=,fMS4mpO6buLQ/QMd+zJmxzty/VQ6B1EUZqoCU04zoRU= --brave_session_token=7965890508622891787 --lang=cs --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=93 --time-ticks-at-unix-epoch=-1694115848101597 --launch-time-ticks=1257427571 --mojo-platform-channel-handle=5248 --field-trial-handle=1896,i,11411771502932224357,13414259899069059434,262144 /prefetch:1
"C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe" --type=renderer --origin-trial-public-key=bYUKPJoPnCxeNvu72j4EmPuK7tr1PAC7SHh8ld9Mw3E=,fMS4mpO6buLQ/QMd+zJmxzty/VQ6B1EUZqoCU04zoRU= --brave_session_token=7965890508622891787 --lang=cs --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=96 --time-ticks-at-unix-epoch=-1694115848101597 --launch-time-ticks=1281076316 --mojo-platform-channel-handle=6852 --field-trial-handle=1896,i,11411771502932224357,13414259899069059434,262144 /prefetch:1
"C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe"
"C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding

C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\System32\svchost.exe -k WerSvcGroup
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s wlidsvc
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
C:\Windows\System32\smartscreen.exe -Embedding
"C:\Users\Vali\Desktop\RSITx64.exe"

======Scheduled tasks folder======

C:\WINDOWS\tasks\CCleanerCrashReporting.job - C:\Program Files\CCleaner\CCleanerBugReport.exe --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "1d1c4fe2-63fd-4778-ac1c-14a0ce70a008" --version "6.15.10623" --silent
C:\WINDOWS\tasks\DropboxUpdateTaskMachineCore.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /c
C:\WINDOWS\tasks\DropboxUpdateTaskMachineUA.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler

=========Mozilla firefox=========

ProfilePath - C:\Users\Vali\AppData\Roaming\Mozilla\Firefox\Profiles\ty746rql.default-release

"web2pdfextension.17@acrobat.adobe.com"=C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi


[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.251.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_251\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.251.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_251\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/Lync,version=15.0]
"Description"=Skype for Business Plug-in for Firefox
"Path"=C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~2\Office16\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Acrobat]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=3.0.16]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=3.0.8]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll


======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}]
IEToEdge BHO - C:\Program Files (x86)\Microsoft\Edge\Application\115.0.1901.183\BHO\ie_to_edge_bho_64.dll [2023-07-21 587712]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2022-02-08 238376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe Acrobat Create PDF Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2021-02-02 171704]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft OneDrive for Business Browser Helper - C:\PROGRA~1\MICROS~1\Office16\GROOVEEX.DLL [2018-07-20 2179864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
Adobe Acrobat Create PDF from Selection - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2021-02-02 171704]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}]
IEToEdge BHO - C:\Program Files (x86)\Microsoft\Edge\Application\115.0.1901.183\BHO\ie_to_edge_bho.dll [2023-07-21 456128]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2022-02-08 173928]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_251\bin\ssv.dll [2020-04-22 480424]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe Acrobat Create PDF Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2021-02-02 141496]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft OneDrive for Business Browser Helper - C:\PROGRA~2\MICROS~2\Office16\GROOVEEX.DLL [2018-07-22 1525016]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_251\bin\jp2ssv.dll [2020-04-22 194728]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
Adobe Acrobat Create PDF from Selection - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2021-02-02 141496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe Acrobat Create PDF Toolbar - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2021-02-02 171704]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe Acrobat Create PDF Toolbar - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2021-02-02 141496]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\WINDOWS\system32\SecurityHealthSystray.exe [2022-10-06 266240]
"egui"=C:\Program Files\ESET\ESET Security\ecmdS.exe [2023-09-07 194704]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2018-04-11 509936]
"AdobeGCInvoker-1.0"=C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2023-06-14 3571168]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCXProcess"=C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [2020-11-01 677512]
"CCleaner Smart Cleaning"=C:\Program Files\CCleaner\CCleaner64.exe [2023-08-11 41584544]
"Skype for Desktop"=C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [2021-01-15 91016584]
"DAEMON Tools Ultra Agent"=C:\Program Files\DAEMON Tools Ultra\DTAgent.exe [2019-11-21 458608]
"1Password"=C:\Users\Vali\AppData\Local\1Password\app\8\1Password.exe [2023-09-07 163306352]
"MicrosoftEdgeAutoLaunch_47E7A3D832D99C24E8E65EF6A7C4529C"=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe [2023-07-21 4088272]
"Opera Browser Assistant"=C:\Users\Vali\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [2023-06-20 3955608]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Adobe Creative Cloud"=C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2020-11-01 2095672]
"Dropbox"=C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [2023-09-06 11559648]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2020-03-12 646776]
"Autodesk Desktop App"=C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [2021-05-11 668376]
"Adobe CCXProcess"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [2020-11-01 114824]
"Evoluent Mouse Listener"=C:\Program Files (x86)\Evoluent\Evoluent Mouse Manager\EvoMouseListener.exe [2021-07-21 144800]
"Acrobat Assistant 8.0"=C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [2021-02-02 5237416]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
CodeMeter Control Center.lnk - C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe
Evoluent Mouse Manager.lnk - C:\Program Files (x86)\Evoluent\Evoluent Mouse Manager\EvoMouseExec.exe
Image Transfer Utility.lnk - C:\Program Files (x86)\Canon\ImageTransferUtility\ImageTransferUtility.exe
Network Server.lnk - C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe

C:\Users\Vali\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Poslat do aplikace OneNote.lnk - C:\Program Files\Microsoft Office\Office16\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CBDHSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HidSpiCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NgcCtnrSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NgcSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TextInputManagementService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{5099944A-F6B9-4057-A056-8C550228544C}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{53966CB1-4D46-4166-BF23-C522403CD495}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioEndpointBuilder]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioSrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CBDHSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudAddService.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudBus.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HidSpiCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsQuic]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NgcCtnrSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NgcSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TextInputManagementService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\usbaudio.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96C-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{53966CB1-4D46-4166-BF23-C522403CD495}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"EnableFullTrustStartupTasks"=2
"EnableUwpStartupTasks"=2
"SupportFullTrustStartupTasks"=1
"SupportUwpStartupTasks"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe"="C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe:*:Enabled:CodeMeter Runtime Server"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe"="C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe:*:Enabled:CodeMeter Runtime Server"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"aux"=wdmaud.drv
"midi"=wdmaud.drv
"midimapper"=midimap.dll
"mixer"=wdmaud.drv
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wave"=wdmaud.drv
"wavemapper"=msacm32.drv
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"aux1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave1"=wdmaud.drv
"aux3"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave5"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"aux2"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave4"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave2"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave3"=wdmaud.drv

======File associations======

.inf - open -
.inf - install -
.ini - open -
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open -
.scr - install -
.scr - config -
.txt - open - "C:\Program Files (x86)\PSPad editor\PSPad.exe" "%1"

======List of files/folders created in the last 1 month======

2023-09-07 21:53:03 ----D---- C:\Program Files\trend micro
2023-09-07 21:53:02 ----D---- C:\rsit
2023-09-07 21:51:26 ----A---- C:\WINDOWS\system32\perfh009.dat
2023-09-07 21:51:26 ----A---- C:\WINDOWS\system32\perfh005.dat
2023-09-07 21:51:26 ----A---- C:\WINDOWS\system32\perfc009.dat
2023-09-07 21:51:26 ----A---- C:\WINDOWS\system32\perfc005.dat
2023-09-06 00:17:50 ----A---- C:\WINDOWS\system32\drivers\dbx-stable.sys
2023-09-06 00:17:50 ----A---- C:\WINDOWS\system32\drivers\dbx-dev.sys
2023-09-06 00:17:50 ----A---- C:\WINDOWS\system32\drivers\dbx-canary.sys
2023-09-06 00:17:50 ----A---- C:\WINDOWS\system32\DbxSvc.exe

======List of files/folders modified in the last 1 month======

2023-09-07 22:11:57 ----D---- C:\WINDOWS\Temp
2023-09-07 22:05:35 ----D---- C:\WINDOWS\system32\Tasks
2023-09-07 22:04:55 ----SHD---- C:\WINDOWS\Installer
2023-09-07 22:04:55 ----D---- C:\WINDOWS\SystemTemp
2023-09-07 22:03:36 ----D---- C:\WINDOWS\system32\sru
2023-09-07 22:00:47 ----D---- C:\WINDOWS\SysWOW64
2023-09-07 21:56:35 ----D---- C:\WINDOWS\system32\config
2023-09-07 21:53:04 ----RD---- C:\Program Files
2023-09-07 21:51:32 ----D---- C:\WINDOWS\System32
2023-09-07 21:51:31 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2023-09-07 21:51:30 ----D---- C:\WINDOWS\INF
2023-09-07 21:49:57 ----D---- C:\ProgramData\NVIDIA
2023-09-07 21:49:20 ----D---- C:\WINDOWS\CbsTemp
2023-09-07 21:46:54 ----D---- C:\Users\Vali\AppData\Roaming\1Password
2023-09-07 21:46:43 ----D---- C:\Program Files (x86)\Google
2023-09-07 21:44:28 ----D---- C:\WINDOWS\system32\drivers
2023-09-07 21:44:28 ----D---- C:\WINDOWS\AppReadiness
2023-09-07 21:44:28 ----AD---- C:\Windows
2023-09-07 21:44:26 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2023-09-07 21:44:24 ----D---- C:\WINDOWS\system32\SleepStudy
2023-09-07 21:44:20 ----HD---- C:\ProgramData
2023-09-07 21:44:20 ----D---- C:\Program Files (x86)\TeamViewer
2023-09-07 21:44:17 ----ASH---- C:\DumpStack.log.tmp
2023-09-07 21:44:13 ----D---- C:\Program Files\CCleaner
2023-09-07 21:43:49 ----D---- C:\WINDOWS\system32\catroot2
2023-09-07 21:37:35 ----D---- C:\WINDOWS\WinSxS
2023-09-07 21:35:54 ----D---- C:\Program Files (x86)\Dropbox
2023-09-07 21:35:38 ----HD---- C:\Program Files\WindowsApps
2023-09-07 21:28:27 ----D---- C:\WINDOWS\Tasks
2023-09-07 21:23:30 ----D---- C:\ProgramData\Microsoft Help
2023-09-07 21:23:28 ----A---- C:\WINDOWS\win.ini
2023-09-07 21:17:19 ----D---- C:\Program Files\Mozilla Firefox
2023-09-07 21:17:19 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2023-09-07 21:14:44 ----D---- C:\WINDOWS\system32\DriverStore

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 edevmon;edevmon; C:\WINDOWS\system32\DRIVERS\edevmon.sys [2023-09-07 118904]
R0 IntelPMT;@intelpmt.inf,%IntelPMT.SVCDESC%;Intel(R) Platform Monitoring Technology Service; C:\WINDOWS\System32\drivers\IntelPMT.sys [2023-04-13 91688]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\WINDOWS\system32\drivers\iorate.sys [2022-05-07 87392]
R0 lxss;@%SystemRoot%\system32\drivers\lxss.sys,-100; C:\WINDOWS\system32\drivers\lxss.sys [2022-05-07 50536]
R0 PRM;@prm.inf,%PRM.SvcDesc%;Microsoft PRM Driver; C:\WINDOWS\System32\DriverStore\FileRepository\prm.inf_amd64_de435dc5c75d64a5\PRM.sys [2022-05-07 66896]
R0 pwdrvio;pwdrvio; C:\WINDOWS\system32\pwdrvio.sys [2019-11-08 19152]
R1 afunix;afunix; C:\WINDOWS\system32\drivers\afunix.sys [2022-05-07 81920]
R1 bam;@%SystemRoot%\system32\drivers\bam.sys,-100; C:\WINDOWS\system32\drivers\bam.sys [2022-05-07 116056]
R1 CimFS;CimFS; C:\WINDOWS\system32\drivers\CimFS.sys [2022-05-07 173424]
R1 dokan1;dokan1; C:\WINDOWS\system32\DRIVERS\dokan1.sys [2019-07-24 131080]
R1 eamonm;eamonm; C:\WINDOWS\system32\DRIVERS\eamonm.sys [2023-09-07 208704]
R1 edevmonm;edevmonm; C:\WINDOWS\system32\DRIVERS\edevmonm.sys [2023-09-07 122560]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2023-09-07 249544]
R1 epfwwfp;epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [2023-09-07 123040]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2022-05-07 90112]
R1 npcap;@oem68.inf,%NPF_Desc_Standard%;Npcap Packet Driver (NPCAP); C:\WINDOWS\system32\DRIVERS\npcap.sys [2021-08-30 71736]
R2 bfs;@%systemroot%\system32\drivers\bfs.sys,-100; C:\WINDOWS\system32\drivers\bfs.sys [2023-06-15 91504]
R2 bindflt;@%systemroot%\system32\drivers\bindflt.sys,-100; C:\WINDOWS\system32\drivers\bindflt.sys [2023-01-11 173424]
R2 CldFlt;Windows Cloud Files Filter Driver; C:\WINDOWS\system32\drivers\cldflt.sys [2023-07-11 565248]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2022-10-06 90112]
R2 NPF;Netgroup Packet Filter; sysWOW64\drivers\npf.sys []
R3 BthA2dp;@microsoft_bluetooth_a2dp.inf,%BthA2dp.ServiceDescription%;Microsoft Bluetooth A2dp driver; C:\WINDOWS\System32\drivers\BthA2dp.sys [2023-05-25 544768]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\WINDOWS\System32\drivers\BthEnum.sys [2023-07-11 143360]
R3 BthHFAud;@microsoft_bluetooth_hfp.inf,%BTHHFAUD_DISPLAY_NAME%;Microsoft Bluetooth Hands-Free Audio driver; C:\WINDOWS\System32\drivers\BthHfAud.sys [2023-05-25 110592]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [2023-05-25 143360]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2023-04-13 159744]
R3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\drivers\BTHport.sys [2023-07-11 2088960]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\drivers\BTHUSB.sys [2023-07-11 139264]
R3 EvoMouseDriverMini;EvoMouseDriverMini; C:\WINDOWS\system32\drivers\EvoMouseDriverMini.sys [2018-09-20 25952]
R3 iaLPSS2_GPIO2;@oem47.inf,%iaLPSS2_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2_GPIO2.sys [2019-05-23 128608]
R3 iaLPSS2_UART2;@oem36.inf,%iaLPSS2_UART2.SVCDESC%;Intel(R) Serial IO UART Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2_UART2.sys [2019-05-23 305760]
R3 iaLPSS2i_I2C_CNL;@iaLPSS2i_I2C_CNL.inf,%iaLPSS2i_I2C_CNL.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_CNL.sys [2022-05-07 177152]
R3 ICCWDT;@oem7.inf,%ICCWDT.SVCDESC%;Intel(R) Watchdog Timer Driver (Intel(R) WDT); C:\WINDOWS\System32\drivers\ICCWDT.sys [2022-08-11 44144]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2020-03-30 7326296]
R3 MEIx64;@oem51.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\DriverStore\FileRepository\heci.inf_amd64_1308ad4bd1ad0f9f\x64\TeeDriverW10x64.sys [2020-08-10 304648]
R3 Microsoft_Bluetooth_AvrcpTransport;@microsoft_bluetooth_avrcptransport.inf,%Microsoft_Bluetooth_AvrcpTransport.ServiceDescription%;Microsoft Bluetooth Avrcp Transport Driver; C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.AvrcpTransport.sys [2023-05-25 98304]
R3 MsQuic;@%SystemRoot%\system32\drivers\msquic.sys,-200; C:\WINDOWS\system32\drivers\msquic.sys [2023-04-13 419152]
R3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2023-04-13 394576]
R3 NVHDA;@oem98.inf,%NVHDA.SvcDesc%;Service for NVIDIA High Definition Audio Driver; C:\WINDOWS\system32\drivers\nvhda64v.sys [2023-03-17 121880]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvhdcsi.inf_amd64_ebf3b33cb526b321\nvlddmkm.sys [2023-04-10 58245640]
R3 NvModuleTracker;@oem49.inf,%ServiceName%;NvModuleTracker; C:\WINDOWS\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys [2022-07-14 45656]
R3 nvvad_WaveExtensible;@oem96.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\WINDOWS\system32\drivers\nvvad64v.sys [2022-10-14 59928]
R3 nvvhci;@oem94.inf,%ServiceDesc%;NVVHCI Enumerator Service; C:\WINDOWS\System32\drivers\nvvhci.sys [2022-07-14 60112]
S0 AppleSSD;@AppleSSD.inf,%DevDesc1%;Apple Solid State Drive Device; C:\WINDOWS\System32\drivers\AppleSSD.sys [2022-05-07 113496]
S0 bttflt;@virtdisk.inf,%service_desc%;Microsoft Hyper-V VHDPMEM BTT Filter; C:\WINDOWS\System32\drivers\bttflt.sys [2022-05-07 79184]
S0 ebdrv0;@netevbd0a.inf,%vbd_srv_desc%;QLogic Legacy Ethernet Adapter VBD; C:\WINDOWS\System32\drivers\evbd0a.sys [2022-05-07 3424104]
S0 eelam;eelam; C:\WINDOWS\system32\DRIVERS\eelam.sys [2022-08-23 16336]
S0 GenPass;@genpass.inf,%GenPass.SVCDESC%;Microsoft GenPass Driver; C:\WINDOWS\System32\DriverStore\FileRepository\genpass.inf_amd64_bef88a423225ecdc\genpass.sys [2022-05-07 62800]
S0 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2022-05-07 320880]
S0 iaStorAVC;@iastorav.inf,%iaStorAVC.DeviceDesc%;Intel Chipset SATA RAID Controller; C:\WINDOWS\System32\drivers\iaStorAVC.sys [2022-05-07 885584]
S0 ItSas35i;ItSas35i; C:\WINDOWS\System32\drivers\ItSas35i.sys [2022-05-07 187224]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2022-05-07 125280]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2022-05-07 138600]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2022-05-07 81752]
S0 megasas35i;megasas35i; C:\WINDOWS\System32\drivers\megasas35i.sys [2022-05-07 101224]
S0 mpi3drvi;mpi3drvi; C:\WINDOWS\System32\drivers\mpi3drvi.sys [2022-05-07 90472]
S0 nvdimm;@nvdimm.inf,%nvdimm.SvcDesc%;Microsoft NVDIMM device driver; C:\WINDOWS\System32\drivers\nvdimm.sys [2022-05-07 206160]
S0 nvmedisk;@nvmedisk.inf,%nvmedisk.SvcDesc%;Microsoft NVMe disk driver; C:\WINDOWS\System32\drivers\nvmedisk.sys [2022-05-07 91496]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2022-05-07 59752]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2022-05-07 69464]
S0 pmem;@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver; C:\WINDOWS\System32\drivers\pmem.sys [2022-10-06 181600]
S0 pvscsi;@pvscsii.inf,%pvscsi.DiskName%;pvscsi Storage Controller Driver; C:\WINDOWS\System32\drivers\pvscsii.sys [2022-05-07 45408]
S0 Ramdisk;Windows RAM Disk Driver; C:\WINDOWS\system32\DRIVERS\ramdisk.sys [2022-05-07 75104]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2022-10-06 57344]
S3 Acx01000;@%SystemRoot%\system32\drivers\Acx01000.sys,-1000; C:\WINDOWS\system32\drivers\Acx01000.sys [2023-05-25 733184]
S3 amdgpio2;@amdgpio2.inf,%GPIO.SvcDesc%;AMD GPIO Client Driver; C:\WINDOWS\System32\drivers\amdgpio2.sys [2022-05-07 18432]
S3 amdi2c;@amdi2c.inf,%amdi2c.SVCDESC%;AMD I2C Controller Service; C:\WINDOWS\System32\drivers\amdi2c.sys [2022-05-07 45568]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2022-10-06 49152]
S3 BthMini;@bth.inf,%BTHMINI.SvcDesc%;Bluetooth Radio Driver; C:\WINDOWS\System32\drivers\BTHMINI.sys [2023-07-11 86016]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2022-05-07 90112]
S3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\WINDOWS\System32\drivers\CAD.sys [2022-05-07 99672]
S3 EvoMouseDriverFilterHidUsb;Evoluent Mouse Driver Filter; C:\WINDOWS\System32\drivers\EvoMouseDriverFilterHidUsb.sys [2020-07-29 29616]
S3 ExecutionContext;@%SystemRoot%\System32\Drivers\ExecutionContext.sys,-101; C:\WINDOWS\System32\Drivers\ExecutionContext.sys [2022-10-06 75088]
S3 FTDIBUS;@oem75.inf,%SvcDesc%;USB Serial Converter Driver; C:\WINDOWS\system32\drivers\ftdibus.sys [2021-07-08 145192]
S3 FTSER2K;@oem76.inf,%SvcDesc%;USB Serial Port Driver; C:\WINDOWS\system32\drivers\ftser2k.sys [2021-07-08 99296]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\DriverStore\FileRepository\genericusbfn.inf_amd64_cea150c98a1ca844\genericusbfn.sys [2022-05-07 61440]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2022-05-07 91472]
S3 hidspi;@hidspi_km.inf,%hidspi.SVCDESC%;Microsoft SPI HID Miniport Driver; C:\WINDOWS\System32\drivers\hidspi.sys [2022-10-06 139264]
S3 HidSpiCx;HidSpi KMDF Class Extension; C:\WINDOWS\system32\drivers\HidSpiCx.sys [2022-10-06 126976]
S3 Hsp;@hsp.inf,%Hsp.SVCDESC%;Microsoft Pluton Service; C:\WINDOWS\System32\drivers\Hsp.sys [2022-05-07 124264]
S3 hvservice;@hvservice.inf,%hvservice.SvcDesc%;Microsoft Hypervisor Service Driver; C:\WINDOWS\System32\drivers\hvservice.sys [2022-10-06 91472]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver; C:\WINDOWS\System32\Drivers\mshwnclx.sys [2022-05-07 61440]
S3 CH341SER_A64;CH341SER_A64; C:\WINDOWS\System32\Drivers\CH341S64.SYS [2023-03-21 84640]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2022-05-07 1854832]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2022-05-07 36352]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2022-05-07 91136]
S3 iaLPSS2_I2C;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2_I2C.sys [2019-05-23 195680]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2022-05-07 79360]
S3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2022-05-07 93184]
S3 iaLPSS2i_GPIO2_CNL;@iaLPSS2i_GPIO2_CNL.inf,%iaLPSS2i_GPIO2_CNL.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_CNL.sys [2022-05-07 112128]
S3 iaLPSS2i_GPIO2_GLK;@iaLPSS2i_GPIO2_GLK.inf,%iaLPSS2i_GPIO2_GLK.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_GLK.sys [2022-05-07 96256]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2022-05-07 171520]
S3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2022-05-07 175104]
S3 iaLPSS2i_I2C_GLK;@iaLPSS2i_I2C_GLK.inf,%iaLPSS2i_I2C_GLK.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_GLK.sys [2022-05-07 177664]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2022-05-07 559976]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2022-10-06 77824]
S3 intelpmax;@intelpmax.inf,%SvcDesc%;Intel(R) Dynamic Device Peak Power Manager Driver; C:\WINDOWS\System32\drivers\intelpmax.sys [2022-05-07 65536]
S3 IPT;IPT; C:\WINDOWS\System32\drivers\ipt.sys [2022-05-07 99688]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\WINDOWS\System32\drivers\mausbhost.sys [2022-05-07 566632]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\WINDOWS\System32\drivers\mausbip.sys [2022-05-07 99664]
S3 MbbCx;MBB Network Adapter Class Extension; C:\WINDOWS\system32\drivers\MbbCx.sys [2023-04-13 454656]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2022-05-07 1132392]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2022-05-07 147304]
S3 NDKPerf;NDKPerf Driver; C:\WINDOWS\system32\drivers\NDKPerf.sys [2022-05-07 83288]
S3 NDKPing;NDKPing Driver; C:\WINDOWS\system32\drivers\NDKPing.sys [2022-05-07 107872]
S3 P9Rdr;@%SystemRoot%\System32\drivers\p9rdr.sys,-100; C:\WINDOWS\System32\drivers\p9rdr.sys [2022-05-07 148816]
S3 PktMon;Packet Monitor Driver; C:\WINDOWS\system32\drivers\PktMon.sys [2022-10-12 177504]
S3 PNPMEM;@memory.inf,%PNPMEM.SvcDesc%;Microsoft Memory Module Driver; C:\WINDOWS\System32\drivers\pnpmem.sys [2022-05-07 53248]
S3 portcfg;portcfg; C:\WINDOWS\System32\drivers\portcfg.sys [2022-05-07 61440]
S3 pwdspio;pwdspio; \??\C:\Windows\system32\pwdspio.sys [2019-11-08 12504]
S4 hvcrash;hvcrash; C:\WINDOWS\System32\drivers\hvcrash.sys [2022-05-07 75112]
S4 npcap_wifi;@oem68.inf,%NPF_Desc_WiFi%;Npcap Packet Driver (NPCAP) (Wi-Fi); C:\WINDOWS\system32\DRIVERS\npcap.sys [2021-08-30 71736]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdAppMgrSvc;Autodesk Desktop App Service; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [2021-05-11 1050920]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2023-04-03 173040]
R2 AdskLicensingService;Autodesk Desktop Licensing Service; C:\Program Files (x86)\Common Files\Autodesk Shared\AdskLicensing\Current\AdskLicensingService\AdskLicensingService.exe [2020-11-17 18673448]
R2 AGMService;Adobe Genuine Software Monitor Service; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2023-06-14 3966432]
R2 almservice;Automation License Manager Service; C:\Program Files\Common Files\Siemens\sws\almsrv\almsrv64x.exe [2018-01-17 2209144]
R2 cbdhsvc_62c66;cbdhsvc_62c66; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
R2 CCBService;Chaos Cosmos Browser Service; C:\Program Files\Chaos Group\Chaos Cosmos\cbservice.exe [2021-08-05 41120623]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
R2 CDPUserSvc_62c66;CDPUserSvc_62c66; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
R2 CmWebAdmin.exe;CmWebAdmin; C:\Program Files\CodeMeter\Runtime\bin\CmWebAdmin.exe [2018-07-19 9550744]
R2 CodeMeter.exe;CodeMeter Runtime Server; C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe [2018-07-19 5178256]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
R2 DbxSvc;DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [2023-09-06 46824]
R2 DispBrokerDesktopSvc;@%SystemRoot%\system32\dispbroker.desktop.dll,-101; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
R2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2022-05-07 79920]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; C:\WINDOWS\System32\svchost.exe [2022-05-07 79920]
R2 efwd;ESET Forwarder; C:\Program Files\ESET\ESET Security\efwd.exe [2023-09-07 2528888]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Security\ekrn.exe [2023-09-07 3860792]
R2 EvoDriverUpdateService;Evoluent Driver Update Service; C:\Program Files (x86)\Evoluent\Evoluent Mouse Manager\EvoDriverUpdateService.exe [2021-07-21 40864]
R2 FlexNet Licensing Service 64;FlexNet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe [2020-03-01 3460072]
R2 FlexNet Licensing Service;FlexNet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe [2020-09-29 2657616]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\WINDOWS\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe [2021-06-16 628616]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\WINDOWS\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe [2021-09-02 4064384]
R2 MSSQL$TEW_SQLEXPRESS;SQL Server (TEW_SQLEXPRESS); C:\ProgramData\SOLIDWORKS Electrical\MSSQL12.TEW_SQLEXPRESS\MSSQL\Binn\sqlservr.exe [2023-01-04 366512]
R2 OneSyncSvc_62c66;OneSyncSvc_62c66; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
R2 PSI_SVC_2_x64;Corel License Validation Service V2 x64, Powered by arvato; C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [2014-04-30 337776]
R3 BluetoothUserService_62c66;BluetoothUserService_62c66; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
R3 BTAGService;@%SystemRoot%\system32\BTAGService.dll,-101; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
R3 BthAvctpSvc;@%SystemRoot%\system32\BthAvctpSvc.dll,-101; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
R3 camsvc;@%SystemRoot%\system32\CapabilityAccessManager.dll,-1; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
R3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
R3 Disc Soft Ultra Bus Service;Disc Soft Ultra Bus Service; C:\Program Files\DAEMON Tools Ultra\DiscSoftBusServiceUltra.exe [2019-11-21 7208816]
R3 DisplayEnhancementService;@%SystemRoot%\System32\Microsoft.Graphics.Display.DisplayEnhancementService.dll,-1000; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
R3 ekrnEpfw;ESET Firewall Helper; C:\Program Files\ESET\ESET Security\ekrn.exe [2023-09-07 3860792]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2022-05-07 79920]
R3 NPSMSvc_62c66;NPSMSvc_62c66; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
R3 NvContainerLocalSystem;NVIDIA LocalSystem Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2022-03-15 1003128]
R3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
S2 Autodesk Content Service;Autodesk Content Service; C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe [2015-02-05 31160]
S2 brave;Služba Aktualizace Brave (brave); C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [2021-05-14 162400]
S2 cbdhsvc;@%SystemRoot%\system32\cbdhsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
S2 edgeupdate;Microsoft Edge Update Service (edgeupdate); C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [2020-08-26 224160]
S2 gupdate;Služba Aktualizace Google (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2019-07-08 154920]
S2 Intel(R) TPM Provisioning Service;@oem9.inf,%TPMProvisioningServiceName%;Intel(R) TPM Provisioning Service; C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\TPMProvisioningService.exe [2021-09-15 729944]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2022-05-07 79920]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
S3 AarSvc;@%SystemRoot%\system32\AarSvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
S3 AarSvc_62c66;AarSvc_62c66; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
S3 autotimesvc;@%SystemRoot%\System32\autotimesvc.dll,-6; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
S3 BcastDVRUserService;@%SystemRoot%\system32\BcastDVRUserService.dll,-100; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
S3 BcastDVRUserService_62c66;BcastDVRUserService_62c66; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
S3 BluetoothUserService;@%SystemRoot%\system32\Microsoft.Bluetooth.UserService.dll,-101; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
S3 bravem;Služba Aktualizace Brave (bravem); C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [2021-05-14 162400]
S3 BraveVpnService;Brave Vpn Service (BraveVpnService); C:\Program Files\BraveSoftware\Brave-Browser\Application\116.1.57.62\brave_vpn_helper.exe [2023-09-06 3171864]
S3 BraveVpnWireguardService;Brave Vpn Wireguard Service (BraveVpnWireguardService); C:\Program Files\BraveSoftware\Brave-Browser\Application\116.1.57.62\BraveVpnWireguardService\brave_vpn_wireguard_service.exe [2023-09-06 2183192]
S3 CaptureService;@%SystemRoot%\system32\CaptureService.dll,-100; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
S3 CaptureService_62c66;CaptureService_62c66; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
S3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2022-05-07 79920]
S3 ConsentUxUserSvc;@%SystemRoot%\system32\ConsentUxClient.dll,-100; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
S3 ConsentUxUserSvc_62c66;ConsentUxUserSvc_62c66; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
S3 CredentialEnrollmentManagerUserSvc;@%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100; C:\WINDOWS\system32\CredentialEnrollmentManager.exe [2022-05-07 406336]
S3 CredentialEnrollmentManagerUserSvc_62c66;CredentialEnrollmentManagerUserSvc_62c66; C:\WINDOWS\system32\CredentialEnrollmentManager.exe [2022-05-07 406336]
S3 dcsvc;@%systemroot%\system32\dcsvc,-100; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
S3 DeviceAssociationBrokerSvc;@%SystemRoot%\system32\deviceaccess.dll,-107; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
S3 DeviceAssociationBrokerSvc_62c66;DeviceAssociationBrokerSvc_62c66; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
S3 DevicePickerUserSvc;@%SystemRoot%\system32\Windows.Devices.Picker.dll,-1006; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
S3 DevicePickerUserSvc_62c66;DevicePickerUserSvc_62c66; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
S3 DevicesFlowUserSvc_62c66;DevicesFlowUserSvc_62c66; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2022-05-07 114688]
S3 diagsvc;@%systemroot%\system32\DiagSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2022-05-07 79920]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2022-05-07 79920]
S3 edgeupdatem;Microsoft Edge Update Service (edgeupdatem); C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [2020-08-26 224160]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\WINDOWS\System32\svchost.exe [2022-05-07 79920]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2022-05-06 45992]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2022-05-07 79920]
S3 FrameServerMonitor;@%systemroot%\system32\FrameServerMonitor.dll,-100; C:\WINDOWS\System32\svchost.exe [2022-05-07 79920]
S3 FvSvc;NVIDIA FrameView SDK service; C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe [2023-01-13 1081896]
S3 GoogleChromeElevationService;Google Chrome Elevation Service (GoogleChromeElevationService); C:\Program Files (x86)\Google\Chrome\Application\114.0.5735.199\elevation_service.exe [2023-06-24 1742616]
S3 GraphicsPerfSvc;@%SystemRoot%\system32\GraphicsPerfSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2022-05-07 79920]
S3 gupdatem;Služba Aktualizace Google (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2019-07-08 154920]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
S3 InstallService;@%SystemRoot%\system32\InstallService.dll,-200; C:\WINDOWS\System32\svchost.exe [2022-05-07 79920]
S3 Intel(R) Capability Licensing Service TCP IP Interface;@oem9.inf,%SocketHECIServiceName%;Intel(R) Capability Licensing Service TCP IP Interface; C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\SocketHeciServer.exe [2021-09-15 785240]
S3 InventorySvc;@%SystemRoot%\system32\inventorysvc.dll,-501; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2018-02-05 673592]
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; C:\WINDOWS\System32\svchost.exe [2022-05-07 79920]
S3 LxpSvc;@%SystemRoot%\system32\LanguageOverlayServer.dll,-100; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
S3 LxssManager;@%systemroot%\system32\lxss\LxssManager.dll,-100; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
S3 McpManagementService;@%SystemRoot%\system32\McpManagementService.dll,-100; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
S3 MessagingService_62c66;MessagingService_62c66; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
S3 MicrosoftEdgeElevationService;Microsoft Edge Elevation Service (MicrosoftEdgeElevationService); C:\Program Files (x86)\Microsoft\Edge\Application\115.0.1901.183\elevation_service.exe [2023-07-21 1750480]
S3 MixedRealityOpenXRSvc;@%SystemRoot%\system32\MixedRealityRuntime.dll,-101; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2023-07-15 241056]
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2022-05-07 79920]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
S3 NPSMSvc;@%SystemRoot%\system32\npsm.dll,-100; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
S3 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS; C:\WINDOWS\System32\DriverStore\FileRepository\nvhdcsi.inf_amd64_ebf3b33cb526b321\Display.NvContainer\NVDisplay.Container.exe [2023-04-10 1015320]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2018-06-13 253640]
S3 P9RdrService;@%systemroot%\system32\p9rdrservice.dll,-102; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
S3 P9RdrService_62c66;P9RdrService_62c66; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
S3 PenService;@%SystemRoot%\system32\PenService.dll,-100; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
S3 PenService_62c66;PenService_62c66; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
S3 perceptionsimulation;@%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101; C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe [2022-05-07 241664]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
S3 PimIndexMaintenanceSvc_62c66;PimIndexMaintenanceSvc_62c66; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
S3 PrintWorkflowUserSvc;@%SystemRoot%\system32\PrintWorkflowService.dll,-100; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
S3 PrintWorkflowUserSvc_62c66;PrintWorkflowUserSvc_62c66; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
S3 PushToInstall;@%SystemRoot%\system32\pushtoinstall.dll,-200; C:\WINDOWS\System32\svchost.exe [2022-05-07 79920]
S4 AdobeUpdateService;AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [2020-11-01 852024]
S4 dbupdate;Dropbox Update Service (dbupdate); C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2021-11-14 130320]
S4 dbupdatem;Dropbox Update Service (dbupdatem); C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2021-11-14 130320]
S4 DiagTrack;Propojená uživatelská prostředí a telemetrie; C:\WINDOWS\System32\svchost.exe [2022-05-07 79920]

-----------------EOF-----------------

[Rudy]

Zdravím!
Potřebuji logy FRST+Addition: https://forum.viry.cz/viewtopic.php?f=13&t=154679 , RSIT není plně kompatibilní se současnými 64b systémy. Děkuji.

[Lancre]

FRST
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 09-09-2023
Ran by Vali (administrator) on VALIPC (HP HP Pavilion Gaming Desktop 690-00xx) (10-09-2023 15:37:04)
Running from C:\Users\Vali\Desktop\FRST64.exe
Loaded Profiles: Vali
Platform: Microsoft Windows 11 Home Version 22H2 22621.1992 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Brave Software, Inc. -> BraveSoftware Inc.) C:\Program Files (x86)\BraveSoftware\Update\1.3.361.141\BraveCrashHandler.exe
(Brave Software, Inc. -> BraveSoftware Inc.) C:\Program Files (x86)\BraveSoftware\Update\1.3.361.141\BraveCrashHandler64.exe
(C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{81A74B2E-7A86-4558-B7DC-A3007DC58CA7}\MicrosoftEdge_X64_116.0.1938.76.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{81A74B2E-7A86-4558-B7DC-A3007DC58CA7}\EDGEMITMP_7915C.tmp\setup.exe
(C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{81A74B2E-7A86-4558-B7DC-A3007DC58CA7}\MicrosoftEdge_X64_116.0.1938.76.exe
(C:\Program Files\ESET\ESET Security\ekrn.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(C:\Users\Vali\AppData\Local\Autodesk\webdeploy\production\6a0c9611291d45bb9226980209917c3d\FusionLauncher.exe ->) (Autodesk, Inc. -> Autodesk, Inc.) C:\Users\Vali\AppData\Local\Autodesk\webdeploy\production\dbacedcc6dabacdc41406088a765962c5f1923ad\Fusion360.exe
(C:\Users\Vali\AppData\Local\Autodesk\webdeploy\production\dbacedcc6dabacdc41406088a765962c5f1923ad\adexmtsv.exe ->) (Autodesk, Inc. -> Autodesk, Inc.) C:\Users\Vali\AppData\Roaming\Autodesk\ADPSDK\bin\ADPClientService.exe
(C:\Users\Vali\AppData\Local\Autodesk\webdeploy\production\dbacedcc6dabacdc41406088a765962c5f1923ad\Fusion360.exe ->) (Autodesk, Inc. -> Autodesk, Inc.) C:\Users\Vali\AppData\Local\Autodesk\webdeploy\production\dbacedcc6dabacdc41406088a765962c5f1923ad\adexmtsv.exe
(C:\Users\Vali\AppData\Local\Autodesk\webdeploy\production\dbacedcc6dabacdc41406088a765962c5f1923ad\Fusion360.exe ->) (Autodesk, Inc. -> Autodesk, Inc.) C:\Users\Vali\AppData\Local\Autodesk\webdeploy\production\dbacedcc6dabacdc41406088a765962c5f1923ad\Autodesk Identity Manager\AdskIdentityManager.exe
(C:\Users\Vali\AppData\Local\Autodesk\webdeploy\production\dbacedcc6dabacdc41406088a765962c5f1923ad\Fusion360.exe ->) (Autodesk, Inc. -> Autodesk, Inc.) C:\Users\Vali\AppData\Local\Autodesk\webdeploy\production\dbacedcc6dabacdc41406088a765962c5f1923ad\Win64\AdCefWebBrowser.exe <3>
(C:\Users\Vali\AppData\Local\Autodesk\webdeploy\production\dbacedcc6dabacdc41406088a765962c5f1923ad\Fusion360.exe ->) (Autodesk, Inc. -> Node.js) C:\Users\Vali\AppData\Local\Autodesk\webdeploy\production\dbacedcc6dabacdc41406088a765962c5f1923ad\NODEJS\node.exe
(C:\Users\Vali\AppData\Local\Autodesk\webdeploy\production\dbacedcc6dabacdc41406088a765962c5f1923ad\Fusion360.exe ->) (Autodesk, Inc. -> The Qt Company Ltd.) C:\Users\Vali\AppData\Local\Autodesk\webdeploy\production\dbacedcc6dabacdc41406088a765962c5f1923ad\QtWebEngineProcess.exe <7>
(cmd.exe ->) (Agilebits -> AgileBits, Inc.) C:\Users\Vali\AppData\Local\1Password\app\8\1Password-BrowserSupport.exe
(explorer.exe ->) (Agilebits -> 1Password) C:\Users\Vali\AppData\Local\1Password\app\8\1Password.exe <4>
(explorer.exe ->) (Autodesk, Inc. -> Autodesk, Inc.) C:\Users\Vali\AppData\Local\Autodesk\webdeploy\production\6a0c9611291d45bb9226980209917c3d\FusionLauncher.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <22>
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.292\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.292\GoogleCrashHandler64.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Nvidia Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Opera Norway AS -> Opera Software) C:\Users\Vali\AppData\Local\Programs\Opera\launcher.exe <2>
(services.exe ->) (@ByELDI -> @ByELDI) [File not signed] C:\Program Files\KMSpico\Service_KMS.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(services.exe ->) (Arvato Digital Services Canada Inc -> arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(services.exe ->) (Autodesk, Inc. -> Autodesk Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe
(services.exe ->) (Autodesk, Inc. -> Autodesk) C:\Program Files (x86)\Common Files\Autodesk Shared\AdskLicensing\11.0.0.4854\AdskLicensingService\AdskLicensingService.exe
(services.exe ->) (AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Ultra\DiscSoftBusServiceUltra.exe
(services.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(services.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\efwd.exe
(services.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(services.exe ->) (Evoluent (Jack Lo) -> Evoluent) [File not signed] C:\Program Files (x86)\Evoluent\Evoluent Mouse Manager\EvoDriverUpdateService.exe
(services.exe ->) (Flexera Software LLC -> Flexera Software LLC) C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe
(services.exe ->) (Flexera Software LLC -> Flexera) C:\Program Files (x86)\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe
(services.exe ->) (Chaos Software Ltd. -> ) C:\Program Files\Chaos Group\VRLService\OLS\vrol.exe
(services.exe ->) (ChaosGroup) [File not signed] C:\Program Files\Chaos Group\Chaos Cosmos\cbservice.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
(services.exe ->) (Intel Corporation -> Intel(R) Corporation) C:\Windows\SysWOW64\XtuService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\ProgramData\SOLIDWORKS Electrical\MSSQL12.TEW_SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(services.exe ->) (Siemens AG -> SIEMENS AG) C:\Program Files\Common Files\Siemens\sws\almsrv\almsrv64x.exe
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(services.exe ->) (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
(services.exe ->) (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG) C:\Program Files\CodeMeter\Runtime\bin\CmWebAdmin.exe
(svchost.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe <3>
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.823.3261.0_x64__8wekyb3d8bbwe\GameBar.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.823.3261.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(svchost.exe ->) (Microsoft Windows -> ) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_423.13900.0.0_x64__cw5n1h2txyewy\Dashboard\WidgetService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\UUS\amd64\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\UUS\amd64\wuaucltcore.exe
(svchost.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(wbem\WmiPrvSE.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <6>

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmdS.exe [194704 2023-09-07] (ESET, spol. s r.o. -> ESET)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3571168 2023-06-14] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2095672 2020-11-01] (Adobe Inc. -> Adobe Inc.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [11559648 2023-09-06] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [646776 2020-03-12] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [Autodesk Desktop App] => C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [668376 2021-05-11] (Autodesk, Inc. -> Autodesk, Inc.)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [114824 2020-11-01] (Adobe Inc. -> )
HKLM-x32\...\Run: [Evoluent Mouse Listener] => C:\Program Files (x86)\Evoluent\Evoluent Mouse Manager\EvoMouseListener.exe [144800 2021-07-21] (Evoluent (Jack Lo) -> Evoluent) [File not signed]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [5237416 2021-02-02] (Adobe Inc. -> Adobe Systems Inc.)
HKLM\Software\Policies\...\system: [EnableSmartScreen] 0
HKU\S-1-5-21-4123483902-689985857-2153118612-1002\...\Run: [CCXProcess] => C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [677512 2020-11-01] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-4123483902-689985857-2153118612-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [41584544 2023-08-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-4123483902-689985857-2153118612-1002\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [91016584 2021-01-15] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-4123483902-689985857-2153118612-1002\...\Run: [DAEMON Tools Ultra Agent] => C:\Program Files\DAEMON Tools Ultra\DTAgent.exe [458608 2019-11-21] (AVB Disc Soft, SIA -> Disc Soft Ltd)
HKU\S-1-5-21-4123483902-689985857-2153118612-1002\...\Run: [1Password] => C:\Users\Vali\AppData\Local\1Password\app\8\1Password.exe [163306352 2023-09-07] (Agilebits -> 1Password)
HKU\S-1-5-21-4123483902-689985857-2153118612-1002\...\Run: [MicrosoftEdgeAutoLaunch_47E7A3D832D99C24E8E65EF6A7C4529C] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4088272 2023-07-21] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-4123483902-689985857-2153118612-1002\...\Run: [Opera Browser Assistant] => C:\Users\Vali\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [3955608 2023-06-20] (Opera Norway AS -> Opera Software)
HKU\S-1-5-21-4123483902-689985857-2153118612-1002\...\MountPoints2: {5046f8b5-0033-11ee-be8f-d89c67923162} - "D:\Lenovo_Suite.exe"
HKU\S-1-5-21-4123483902-689985857-2153118612-1003\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [41584544 2023-08-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-4123483902-689985857-2153118612-1003\...\MountPoints2: {5046f8b5-0033-11ee-be8f-d89c67923162} - "D:\Lenovo_Suite.exe"
HKLM\...\Providers\Internet Print Provider: inetpp.dll
HKLM\...\Providers\LanMan Print Services: win32spl.dll
HKLM\...\Windows x64\Print Processors\HP1006PrintProc: C:\Windows\System32\spool\prtprocs\x64\HP1006PP.dll [65024 2013-04-15] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] -> C:\Windows\System32\Rundll32.exe C:\Windows\System32\mscories.dll,Install
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\116.0.5845.180\Installer\chrmstp.exe [2023-09-07] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C:\Program Files\BraveSoftware\Brave-Browser\Application\116.1.57.62\Installer\chrmstp.exe [2023-09-07] (Brave Software, Inc. -> Brave Software, Inc.)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] -> C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
HKLM\Software\...\Winlogon\GPExtensions: [{0ACDD40C-75AC-47ab-BAA0-BF6DE7E7FE63}] -> C:\Windows\SysWOW64\wlgpclnt.dll [2022-05-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{16be69fa-4209-4250-88cb-716cf41954e0}] -> auditcse.dll
HKLM\Software\...\Winlogon\GPExtensions: [{25537BA6-77A8-11D2-9B6C-0000F8080861}] -> C:\Windows\SysWOW64\fdeploy.dll [2023-05-25] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{426031c0-0b47-4852-b0ca-ac3d37bfcb39}] -> C:\Windows\SysWOW64\gptext.dll [2022-05-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{4d968b55-cac2-4ff5-983f-0a54603781a3}] -> WorkFoldersGPExt.dll
HKLM\Software\...\Winlogon\GPExtensions: [{7909AD9E-09EE-4247-BAB9-7029D5F0A278}] -> C:\Windows\SysWOW64\dmenrollengine.dll [2023-07-11] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{827D319E-6EAC-11D2-A4EA-00C04F79F83A}] -> C:\Windows\SysWOW64\scecli.dll [2023-05-09] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{B587E2B1-4D59-4e7e-AED9-22B9DF11D053}] -> C:\Windows\SysWOW64\dot3gpclnt.dll [2022-05-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{BA649533-0AAC-4E04-B9BC-4DBAE0325B12}] -> pwlauncher.dll
HKLM\Software\...\Winlogon\GPExtensions: [{C34B2751-1CF4-44F5-9262-C3FC39666591}] -> pwlauncher.dll
HKLM\Software\...\Winlogon\GPExtensions: [{cdeafc3d-948d-49dd-ab12-e578ba4af7aa}] -> C:\Windows\SysWOW64\gptext.dll [2022-05-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{f3ccc681-b74c-4060-9f26-cd84525dca2a}] -> auditcse.dll
HKLM\Software\...\Winlogon\GPExtensions: [{FB2CA36D-0B40-4307-821B-A13B252DE56C}] -> C:\Windows\SysWOW64\gptext.dll [2022-05-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{fbf687e6-f063-4d9f-9f4f-fd9a26acdd5f}] -> C:\Windows\SysWOW64\gptext.dll [2022-05-07] (Microsoft Windows -> Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CodeMeter Control Center.lnk [2020-04-29]
ShortcutTarget: CodeMeter Control Center.lnk -> C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Evoluent Mouse Manager.lnk [2021-10-21]
ShortcutTarget: Evoluent Mouse Manager.lnk -> C:\Program Files (x86)\Evoluent\Evoluent Mouse Manager\EvoMouseExec.exe (Evoluent (Jack Lo) -> Evoluent) [File not signed]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Image Transfer Utility.lnk [2022-01-03]
ShortcutTarget: Image Transfer Utility.lnk -> C:\Program Files (x86)\Canon\ImageTransferUtility\ImageTransferUtility.exe (Canon Inc. -> CANON INC.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Network Server.lnk [2021-03-24]
ShortcutTarget: Network Server.lnk -> C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG)
Startup: C:\Users\Vali\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Poslat do aplikace OneNote.lnk [2022-10-06]
ShortcutTarget: Poslat do aplikace OneNote.lnk -> C:\Program Files\Microsoft Office\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {515BA5AE-53F6-48BF-9953-DAB211E981E3} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564152 2023-04-03] (Adobe Inc. -> Adobe Inc.)
Task: {6A7B1450-C7C0-4B3B-862A-B3377AC01100} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3571168 2023-06-14] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {09771F0B-8368-439A-A034-13FD306BB5E8} - System32\Tasks\Adobe-Genuine-Software-Integrity-Scheduler-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3807712 2023-06-14] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {96D98186-5BE4-4D21-9F8F-546CF4AA8073} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe [737984 2015-08-30] (@ByELDI -> @ByELDI) [File not signed]
Task: {530E48A3-7CFC-47B1-9A02-5D1C3B6768F1} - System32\Tasks\BraveSoftwareUpdateTaskMachineCore => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162400 2021-05-14] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {2006202D-B4F4-4C3E-B64D-8F156AF011FE} - System32\Tasks\BraveSoftwareUpdateTaskMachineUA => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162400 2021-05-14] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {1A8557CA-76F4-4BFD-A259-8666EE98FF8B} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2023-08-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {2049D666-91BF-4AA9-AFC4-D840E5F634AD} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703648 2023-08-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "1d1c4fe2-63fd-4778-ac1c-14a0ce70a008" --version "6.15.10623" --silent
Task: {EB2BEE17-52AF-4DC3-8AC8-5B45CEF874E0} - System32\Tasks\CCleanerSkipUAC - Tami => C:\Program Files\CCleaner\CCleaner.exe [34687904 2023-08-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {469FC1FC-450B-40E2-97B5-1F2434527FAB} - System32\Tasks\CCleanerSkipUAC - Vali => C:\Program Files\CCleaner\CCleaner.exe [34687904 2023-08-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {4CF5CEE9-185D-42AE-8BB0-D0953E29AE2B} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-14] (Dropbox, Inc -> Dropbox, Inc.)
Task: {6617D44F-1931-4C8B-9495-F9D0EB43EA44} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-14] (Dropbox, Inc -> Dropbox, Inc.)
Task: {29F8F79B-88C6-4F19-8ED8-9EC1516CE808} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-07-08] (Google Inc -> Google LLC)
Task: {040D3F70-C727-4270-9868-9D15F318F46E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-07-08] (Google Inc -> Google LLC)
Task: {54DE8D02-85C8-45DF-A408-1C7078B52CA2} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {EB5C348D-B449-44AB-BAA3-EA0590CCAF19} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {243E2771-B540-4C0F-A24B-3320FF81D579} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {BC0A6097-F752-4DF9-A567-0D788B2215D2} - System32\Tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask => C:\Windows\SysWOW64\BthUdTask.exe [38400 2022-05-07] (Microsoft Windows -> Microsoft Corporation)
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => %SystemRoot%\System32\MbaeParserTask.exe (No File)
Task: {082CF432-5DC7-44DB-9042-0A31D108824F} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => %systemroot%\system32\MusNotification.exe /RunOnAC RebootDialog (No File)
Task: {131690E8-FD7A-4B71-B336-B26D5841983A} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => %systemroot%\system32\MusNotification.exe /RunOnBattery RebootDialog (No File)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
Task: {E39FFAC5-C765-4C83-8D78-A61ABEF8C861} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [686496 2023-07-15] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {F715457F-3DCF-4D1D-85EC-CD483977559A} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [724384 2023-07-15] (Mozilla Corporation -> Mozilla Foundation)
Task: {0C7FE380-97EA-43D9-BF8D-3A28F096782D} - System32\Tasks\npcapwatchdog => C:\Program Files\Npcap\CheckStatus.bat [1145 2021-03-24] () [File not signed]
Task: {A886B470-2A53-41AD-BC7D-647CA2DDCA7E} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1003128 2022-03-15] (Nvidia Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {8F102B42-8827-4EE8-BE87-6ADA006DE548} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3342376 2023-01-27] (Nvidia Corporation -> NVIDIA Corporation)
Task: {5C84E12A-9B24-4966-A006-A608EC9AFCFD} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649784 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {92AAA967-CD49-4933-9DE4-E87E1BA9F2BD} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {CDB7AD21-5392-43C8-B908-BD515720602F} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D8FD6584-1BEB-416C-A204-51BCC9E88707} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {FFCD3D9C-7C31-45E0-AD44-04FE1A5DD65C} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {7149F3C6-4D3F-4151-86D5-9E455EDF9706} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {1E09107D-8F44-4338-B329-82986C84F663} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {DCA14F9C-9266-46AA-A2A4-C6105BC60040} - System32\Tasks\Opera scheduled assistant Autoupdate 1582729239 => C:\Users\Vali\AppData\Local\Programs\Opera\launcher.exe [2730912 2023-08-09] (Opera Norway AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\Vali\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {68DE1D89-F06B-4412-B805-CBF0DCB9B8A8} - System32\Tasks\Opera scheduled Autoupdate 1562600925 => C:\Users\Vali\AppData\Local\Programs\Opera\launcher.exe [2730912 2023-08-09] (Opera Norway AS -> Opera Software)
Task: {22149EAF-22C7-46A9-8A6F-1B440BFC8B4F} - System32\Tasks\Red Giant Link => C:\Program -> Files (x86)\Red Giant Link\Red Giant Link.exe
Task: {48FFC210-3964-454A-9B6C-F5580C2EA73E} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [11235928 2020-03-30] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {ACA040FB-CF65-4080-9FBF-32FA5BEED809} - System32\Tasks\UserSwitch_Enable => C:\Windows\system32\WindowsPowerShell\v1.0\PowerShell.exe [491520 2023-05-09] (Microsoft Windows -> Microsoft Corporation) -> Set-ItemProperty -Path HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\LogonUI\UserSwitch -Name Enabled -Value 1

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{13d8dad0-a2ff-4a71-969d-56315a709532}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{257bd8ad-0260-427e-9cff-d25d98d40cda}: [DhcpNameServer] 192.168.0.1

Edge:
=======
Edge Notifications: HKU\S-1-5-21-4123483902-689985857-2153118612-1002 -> hxxps://teams.microsoft.com
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\Vali\AppData\Local\Microsoft\Edge\User Data\Default [2023-09-10]
Edge Notifications: Default -> hxxps://teams.microsoft.com
Edge Extension: (Edge relevant text changes) - C:\Users\Vali\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-09-10]
Edge Extension: (Microsoft Edge DevTools Enhancements) - C:\Users\Vali\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\kfbdpdaobnofkbopebjglnaadopfikhh [2023-04-10]

FireFox:
========
FF DefaultProfile: gkd7snae.default
FF ProfilePath: C:\Users\Vali\AppData\Roaming\Mozilla\Firefox\Profiles\gkd7snae.default [2023-05-01]
FF ProfilePath: C:\Users\Vali\AppData\Roaming\Mozilla\Firefox\Profiles\ty746rql.default-release [2023-06-24]
FF Extension: (Tampermonkey) - C:\Users\Vali\AppData\Roaming\Mozilla\Firefox\Profiles\ty746rql.default-release\Extensions\firefox@tampermonkey.net.xpi [2022-01-19]
FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2021-02-01]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-01-23] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @java.com/DTPlugin,version=11.251.2 -> C:\Program Files (x86)\Java\jre1.8.0_251\bin\dtplugin\npDeployJava1.dll [2020-04-22] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.251.2 -> C:\Program Files (x86)\Java\jre1.8.0_251\bin\plugin2\npjp2.dll [2020-04-22] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-06-26] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2021-02-02] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2023-08-19] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-01-23] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin HKU\S-1-5-21-4123483902-689985857-2153118612-1002: SkypeForBusinessPlugin-16.2 -> C:\Users\Vali\AppData\Local\Microsoft\SkypeForBusinessPlugin\16.2.0.511\npGatewayNpapi.dll [2019-08-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin HKU\S-1-5-21-4123483902-689985857-2153118612-1002: SkypeForBusinessPlugin64-16.2 -> C:\Users\Vali\AppData\Local\Microsoft\SkypeForBusinessPlugin\16.2.0.511\npGatewayNpapi-x64.dll [2019-08-03] (Microsoft Corporation -> Microsoft Corporation)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\eset_security_config_overlay.js [2023-09-10]

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Vali\AppData\Local\Google\Chrome\User Data\Default [2023-09-10]
CHR Notifications: Default -> hxxps://calendar.google.com; hxxps://teams.microsoft.com; hxxps://webchat.freenode.net; hxxps://www.facebook.com
CHR HomePage: Default -> hxxps://mail.google.com/mail/u/0/#inbox
CHR StartupUrls: Default -> "hxxps://mail.google.com/mail/u/0/#inbox"
CHR Extension: (lock) - C:\Users\Vali\AppData\Local\Google\Chrome\User Data\Default\Extensions\aeblfdkhhhdcdjpifhhbdiojplfjncoa [2023-09-07]
CHR Extension: (Injector) - C:\Users\Vali\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfdonckegflhbiamlmidciapolfccmmb [2022-10-21]
CHR Extension: (GCVote) - C:\Users\Vali\AppData\Local\Google\Chrome\User Data\Default\Extensions\boingbkmoapffongfpcancmephhnmehp [2019-07-08]
CHR Extension: (Markdown Viewer) - C:\Users\Vali\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckkdlimhmcjmikdlpkmbgfkaikojcbjk [2023-04-18]
CHR Extension: (Adblock na Youtube™) - C:\Users\Vali\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2023-05-25]
CHR Extension: (Tampermonkey) - C:\Users\Vali\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2023-07-10]
CHR Extension: (Postman) - C:\Users\Vali\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhbjgbiflinjbdggehcddcbncdddomop [2022-11-03]
CHR Extension: (Page load time) - C:\Users\Vali\AppData\Local\Google\Chrome\User Data\Default\Extensions\fploionmjgeclbkemipmkogoaohcdbig [2022-12-13]
CHR Extension: (Vzdálená plocha Chrome) - C:\Users\Vali\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2019-07-18]
CHR Extension: (HTTPS Everywhere) - C:\Users\Vali\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcbommkclmclpchllfjekcdonpmejbdp [2022-06-26]
CHR Extension: (Dokumenty Google offline) - C:\Users\Vali\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-09-07]
CHR Extension: (Page Ruler Redux) - C:\Users\Vali\AppData\Local\Google\Chrome\User Data\Default\Extensions\giejhjebcalaheckengmchjekofhhmal [2022-03-24]
CHR Extension: (AdBlock - nejlepší blokátor reklam) - C:\Users\Vali\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2023-09-07]
CHR Extension: (Reklamy blokátor pro YouTube ™) - C:\Users\Vali\AppData\Local\Google\Chrome\User Data\Default\Extensions\hflefjhkfeiaignkclmphmokmmbhbhik [2019-07-08]
CHR Extension: (FormApps Extension) - C:\Users\Vali\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilfoopambfaclfjmpiaijnccgcmbeigi [2022-10-11]
CHR Extension: (Boční lišta záložek) - C:\Users\Vali\AppData\Local\Google\Chrome\User Data\Default\Extensions\jdbnofccmhefkmjbkkdkfiicjkgofkdh [2023-09-07]
CHR Extension: (Disconnect) - C:\Users\Vali\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeoacafpbcihiomhlakheieifhpjdfeo [2020-11-11]
CHR Extension: (ChroPath) - C:\Users\Vali\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljngjbnaijcbncmcnjfhigebomdlkcjo [2021-11-06]
CHR Extension: (Spouštěč aplikací pro Disk (od Googlu)) - C:\Users\Vali\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2023-09-07]
CHR Extension: (Mapy Google) - C:\Users\Vali\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2019-07-08]
CHR Extension: (MD Reader) - C:\Users\Vali\AppData\Local\Google\Chrome\User Data\Default\Extensions\medapdbncneneejhbgcjceippjlfkmkg [2023-09-07]
CHR Extension: (MindMup 2.0 - Free Mind Map web site) - C:\Users\Vali\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkgkheknpfngchmoaognoilfanomldfl [2019-07-08]
CHR Extension: (Ghostery – Privacy Ad Blocker) - C:\Users\Vali\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2023-09-07]
CHR Extension: (SingleFile) - C:\Users\Vali\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpiodijhokgodhhofbcjdecpffjipkle [2023-09-07]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Vali\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Privacy Badger) - C:\Users\Vali\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkehgijcmpdhfbdbbnkijodmdjhbjlgp [2023-07-09]
CHR HKU\S-1-5-21-4123483902-689985857-2153118612-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKU\S-1-5-21-4123483902-689985857-2153118612-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKU\S-1-5-21-4123483902-689985857-2153118612-1003\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKU\S-1-5-21-4123483902-689985857-2153118612-1003\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]

Opera:
=======
OPR Profile: C:\Users\Vali\AppData\Roaming\Opera Software\Opera Stable [2023-09-10]
OPR DefaultSearchURL: Opera Stable -> hxxps://www.google.com/search?client=opera&q={s ... utEncoding}
OPR DefaultSearchKeyword: Opera Stable -> g
OPR Extension: (AdBlocker for YouTube™) - C:\Users\Vali\AppData\Roaming\Opera Software\Opera Stable\Extensions\cgdogbijachehheddakopmfjahhgmmma [2023-02-09]
OPR Extension: (Rich Hints Agent) - C:\Users\Vali\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2023-03-25]
OPR Extension: (Opera Wallet) - C:\Users\Vali\AppData\Roaming\Opera Software\Opera Stable\Extensions\gojhcdgcpbpfigcaejpfhfegekdgiblk [2023-03-25]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\Vali\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2022-01-11]
OPR Extension: (Tampermonkey) - C:\Users\Vali\AppData\Roaming\Opera Software\Opera Stable\Extensions\mfdhdgbonjidekjkjmjaneanmdmpmidf [2023-02-09]

Brave:
=======
BRA Profile: C:\Users\Vali\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2023-09-10]
BRA Notifications: Default -> hxxps://calendar.google.com; hxxps://www.facebook.com
BRA HomePage: Default -> hxxps://mail.google.com/mail/u/0/#inbox
BRA Extension: (Překladač Google) - C:\Users\Vali\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2023-03-23]
BRA Extension: (lock) - C:\Users\Vali\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\aeblfdkhhhdcdjpifhhbdiojplfjncoa [2023-09-07]
BRA Extension: (GCVote) - C:\Users\Vali\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\boingbkmoapffongfpcancmephhnmehp [2021-05-14]
BRA Extension: (Markdown Viewer) - C:\Users\Vali\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\ckkdlimhmcjmikdlpkmbgfkaikojcbjk [2023-03-15]
BRA Extension: (Adblock na Youtube™) - C:\Users\Vali\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2023-05-30]
BRA Extension: (Tampermonkey) - C:\Users\Vali\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2023-06-01]
BRA Extension: (Adobe Acrobat: nástroje pro úpravu, převod a podpis souborů PDF) - C:\Users\Vali\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2023-09-07]
BRA Extension: (HTTPS Everywhere) - C:\Users\Vali\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\gcbommkclmclpchllfjekcdonpmejbdp [2022-06-14]
BRA Extension: (AdBlock - nejlepší blokátor reklam) - C:\Users\Vali\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2023-09-07]
BRA Extension: (QR Scanner) - C:\Users\Vali\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\gmloihcgbhbonllenincdakeijmikcne [2022-06-26]
BRA Extension: (Najít na mapy.cz) - C:\Users\Vali\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\gmogjpphjifpompcibhiafmlkhdmbbkb [2022-01-24]
BRA Extension: (FormApps Extension) - C:\Users\Vali\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\ilfoopambfaclfjmpiaijnccgcmbeigi [2022-10-11]
BRA Extension: (Boční lišta záložek) - C:\Users\Vali\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\jdbnofccmhefkmjbkkdkfiicjkgofkdh [2023-09-07]
BRA Extension: (Disconnect) - C:\Users\Vali\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\jeoacafpbcihiomhlakheieifhpjdfeo [2021-05-14]
BRA Extension: (Protractor) - C:\Users\Vali\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\kpjldaeddnfokhmgdlmpdlecmobaonnj [2022-01-24]
BRA Extension: (ChroPath) - C:\Users\Vali\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\ljngjbnaijcbncmcnjfhigebomdlkcjo [2021-08-03]
BRA Extension: (Spouštěč aplikací pro Disk (od Googlu)) - C:\Users\Vali\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2023-09-07]
BRA Extension: (Ghostery – Privacy Ad Blocker) - C:\Users\Vali\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2023-07-15]
BRA Extension: (Material Theme Dark [blue-grey]) - C:\Users\Vali\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\paoafodbgcjnmijjepmpgnlhnogaahme [2021-11-17]
BRA Extension: (Brave Ad Block Updater (Exception-exceptions (plaintext))) - C:\Users\Vali\AppData\Local\BraveSoftware\Brave-Browser\User Data\adcocjohghhfpidemphmcmlmhnfgikei [2023-09-07]
BRA Extension: (Brave Local Data Files Updater) - C:\Users\Vali\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2023-09-10]
BRA Extension: (Brave NTP background images) - C:\Users\Vali\AppData\Local\BraveSoftware\Brave-Browser\User Data\aoojcmojmmcbpfgoecoadbdpnagfchel [2023-09-07]
BRA Extension: (Brave Ad Block Updater (Fanboy's Mobile Notifications (plaintext))) - C:\Users\Vali\AppData\Local\BraveSoftware\Brave-Browser\User Data\bfpgedeaaibpoidldhjcknekahbikncb [2023-09-10]
BRA Extension: (Wallet Data Files Updater) - C:\Users\Vali\AppData\Local\BraveSoftware\Brave-Browser\User Data\BraveWallet [2023-09-07]
BRA Extension: (Brave Ad Block Updater (EasyList Cookie (plaintext))) - C:\Users\Vali\AppData\Local\BraveSoftware\Brave-Browser\User Data\cdbbhgbmjhfnhnmgeddbliobbofkgdhe [2023-09-10]
BRA Extension: (Brave Ad Block Updater (Default)) - C:\Users\Vali\AppData\Local\BraveSoftware\Brave-Browser\User Data\cffkpbalmllkdoenhmdmpbkajipdjfam [2022-12-04]
BRA Extension: (Brave NTP sponsored images) - C:\Users\Vali\AppData\Local\BraveSoftware\Brave-Browser\User Data\efkihffiamafhbhefjaljejgdpkelpal [2023-09-10]
BRA Extension: (Brave Ad Block Updater (Regional Catalog)) - C:\Users\Vali\AppData\Local\BraveSoftware\Brave-Browser\User Data\gkboaolpopklhgplhaaiboijnklogmbc [2023-09-07]
BRA Extension: (Brave Ads Resources) - C:\Users\Vali\AppData\Local\BraveSoftware\Brave-Browser\User Data\iejekkikpddbbockoldagmfcdbffomfc [2023-09-07]
BRA Extension: (Brave Ad Block Updater (Default (plaintext))) - C:\Users\Vali\AppData\Local\BraveSoftware\Brave-Browser\User Data\iodkpdagapdfkphljnddpjlldadblomo [2023-09-10]
BRA Extension: (Brave SpeedReader Updater) - C:\Users\Vali\AppData\Local\BraveSoftware\Brave-Browser\User Data\jicbkmdloagakknpihibphagfckhjdih [2022-03-10]
BRA Extension: (Brave Ad Block Updater (Resources)) - C:\Users\Vali\AppData\Local\BraveSoftware\Brave-Browser\User Data\mfddibmblmbccpadfndgakiopmmhebop [2023-09-10]
BRA Extension: (Brave Ad Block Updater (EasyList Czech and Slovak (plaintext))) - C:\Users\Vali\AppData\Local\BraveSoftware\Brave-Browser\User Data\oegebjahecghlckbhkmojgnpcgdeajdi [2023-07-11]
BRA Extension: (Brave Ad Block Updater (CZE, SVK: EasyList Czech and Slovak)) - C:\Users\Vali\AppData\Local\BraveSoftware\Brave-Browser\User Data\omkkefoeihpbpebhhbhmjekpnegokpbj [2022-12-04]
BRA Extension: (Brave HTTPS Everywhere Updater) - C:\Users\Vali\AppData\Local\BraveSoftware\Brave-Browser\User Data\oofiananboodjbbmdelgdommihjbkfag [2023-09-07]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1050920 2021-05-11] (Autodesk, Inc. -> Autodesk Inc.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-04-03] (Adobe Inc. -> Adobe Inc.)
S4 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [852024 2020-11-01] (Adobe Inc. -> Adobe Inc.)
R2 AdskLicensingService; C:\Program Files (x86)\Common Files\Autodesk Shared\AdskLicensing\Current\AdskLicensingService\AdskLicensingService.exe [18673448 2020-11-17] (Autodesk, Inc. -> Autodesk)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3966432 2023-06-14] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 almservice; C:\Program Files\Common Files\Siemens\sws\almsrv\almsrv64x.exe [2209144 2018-01-17] (Siemens AG -> SIEMENS AG)
S2 Autodesk Content Service; C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe [31160 2015-02-05] (Autodesk, Inc -> Autodesk, Inc.)
S2 brave; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162400 2021-05-14] (Brave Software, Inc. -> BraveSoftware Inc.)
S3 bravem; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162400 2021-05-14] (Brave Software, Inc. -> BraveSoftware Inc.)
S3 BraveVpnService; C:\Program Files\BraveSoftware\Brave-Browser\Application\116.1.57.62\brave_vpn_helper.exe [3171864 2023-09-06] (Brave Software, Inc. -> Brave Software, Inc.)
S3 BraveVpnWireguardService; C:\Program Files\BraveSoftware\Brave-Browser\Application\116.1.57.62\BraveVpnWireguardService\brave_vpn_wireguard_service.exe [2183192 2023-09-06] (Brave Software, Inc. -> Brave Software, Inc.)
R2 CCBService; C:\Program Files\Chaos Group\Chaos Cosmos\cbservice.exe [41120623 2021-08-05] (ChaosGroup) [File not signed]
R2 CmWebAdmin.exe; C:\Program Files\CodeMeter\Runtime\bin\CmWebAdmin.exe [9550744 2018-07-19] (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG)
S4 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-14] (Dropbox, Inc -> Dropbox, Inc.)
S4 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-14] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [46824 2023-09-06] (Dropbox, Inc -> Dropbox, Inc.)
R3 Disc Soft Ultra Bus Service; C:\Program Files\DAEMON Tools Ultra\DiscSoftBusServiceUltra.exe [7208816 2019-11-21] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R2 efwd; C:\Program Files\ESET\ESET Security\efwd.exe [2528888 2023-09-07] (ESET, spol. s r.o. -> ESET)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [3860792 2023-09-07] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [3860792 2023-09-07] (ESET, spol. s r.o. -> ESET)
R2 EvoDriverUpdateService; C:\Program Files (x86)\Evoluent\Evoluent Mouse Manager\EvoDriverUpdateService.exe [40864 2021-07-21] (Evoluent (Jack Lo) -> Evoluent) [File not signed]
R2 MSSQL$TEW_SQLEXPRESS; C:\ProgramData\SOLIDWORKS Electrical\MSSQL12.TEW_SQLEXPRESS\MSSQL\Binn\sqlservr.exe [366512 2023-01-04] (Microsoft Corporation -> Microsoft Corporation)
R2 PSI_SVC_2_x64; C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [337776 2014-04-30] (Arvato Digital Services Canada Inc -> arvato digital services llc)
R2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [737984 2015-08-30] (@ByELDI -> @ByELDI) [File not signed]
S4 SQLAgent$TEW_SQLEXPRESS; C:\ProgramData\SOLIDWORKS Electrical\MSSQL12.TEW_SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [607152 2023-01-04] (Microsoft Corporation -> Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [15212856 2023-01-18] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 VBoxSDS; C:\Program Files\Oracle\VirtualBox\VBoxSDS.exe [744968 2020-02-18] (Oracle Corporation -> Oracle Corporation)
R2 VRLService; C:\Program Files\Chaos Group\VRLService\OLS\vrol.exe [20309016 2021-05-31] (Chaos Software Ltd. -> )
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [2909208 2022-05-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [128376 2022-05-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvhdcsi.inf_amd64_ebf3b33cb526b321\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvhdcsi.inf_amd64_ebf3b33cb526b321\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BTHMODEM; C:\WINDOWS\System32\drivers\bthmodem.sys [106496 2022-05-07] (Microsoft Corporation) [File not signed]
S3 CH341SER_A64; C:\WINDOWS\System32\Drivers\CH341S64.SYS [84640 2023-03-21] (Microsoft Windows Hardware Compatibility Publisher -> wch.cn)
R1 dokan1; C:\WINDOWS\System32\DRIVERS\dokan1.sys [131080 2019-07-24] (D3L -> Dokan Project)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [208704 2023-09-07] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [118904 2023-09-07] (ESET, spol. s r.o. -> ESET)
R1 edevmonm; C:\WINDOWS\System32\DRIVERS\edevmonm.sys [122560 2023-09-07] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [16336 2022-08-23] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [249544 2023-09-07] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [123040 2023-09-07] (ESET, spol. s r.o. -> ESET)
S3 EvoMouseDriverFilterHidUsb; C:\WINDOWS\System32\drivers\EvoMouseDriverFilterHidUsb.sys [29616 2020-07-29] (Microsoft Windows Hardware Compatibility Publisher -> Evoluent)
R3 EvoMouseDriverMini; C:\WINDOWS\system32\drivers\EvoMouseDriverMini.sys [25952 2018-09-20] (Microsoft Windows Hardware Compatibility Publisher -> Evoluent)
R1 npcap; C:\WINDOWS\system32\DRIVERS\npcap.sys [71736 2021-08-30] (Insecure.Com LLC -> Insecure.Com LLC.)
S4 npcap_wifi; C:\WINDOWS\system32\DRIVERS\npcap.sys [71736 2021-08-30] (Insecure.Com LLC -> Insecure.Com LLC.)
R2 NPF; C:\Windows\SysWow64\drivers\npf.sys [35344 2014-06-06] (CACE Technologies, Inc. -> CACE Technologies, Inc.)
R3 NvModuleTracker; C:\WINDOWS\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys [45656 2022-07-14] (Nvidia Corporation -> NVIDIA Corporation)
R0 pwdrvio; C:\WINDOWS\System32\pwdrvio.sys [19152 2019-11-08] (MiniTool Solution Ltd -> )
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2019-11-08] (MiniTool Solution Ltd -> )
S4 RsFx0321; C:\WINDOWS\System32\DRIVERS\RsFx0321.sys [258720 2018-07-25] (Microsoft Corporation -> Microsoft Corporation)
R3 rtcx21; C:\WINDOWS\System32\DriverStore\FileRepository\rtcx21x64.inf_amd64_516e5c9b75c49dc2\rtcx21x64.sys [539648 2022-05-06] (Microsoft Windows -> Realtek)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2018-02-05] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
R1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [247224 2020-02-19] (Oracle Corporation -> Oracle Corporation)
R1 VD_FileDisk; C:\Windows\System32\Drivers\VD_FileDisk.sys [30312 2011-01-26] (Ghisler Software GmbH -> CaptainFlint Software)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [48536 2022-05-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [438544 2022-05-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [90384 2022-05-07] (Microsoft Windows -> Microsoft Corporation)
R2 WIBUKEY; C:\WINDOWS\System32\DRIVERS\WibuKey64.sys [97792 2011-09-22] (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-09-10 15:37 - 2023-09-10 15:48 - 000054846 _____ C:\Users\Vali\Desktop\FRST.txt
2023-09-10 15:33 - 2023-09-10 15:33 - 002382848 _____ (Farbar) C:\Users\Vali\Desktop\FRST64.exe
2023-09-07 22:14 - 2023-09-07 22:14 - 001372712 _____ (Google LLC) C:\Users\Vali\Downloads\ChromeSetup.exe
2023-09-07 22:05 - 2023-09-07 22:05 - 000003530 _____ C:\WINDOWS\system32\Tasks\Adobe-Genuine-Software-Integrity-Scheduler-1.0
2023-09-07 21:53 - 2023-09-07 22:12 - 000000000 ____D C:\rsit
2023-09-07 21:53 - 2023-09-07 22:12 - 000000000 ____D C:\Program Files\trend micro
2023-09-07 21:51 - 2023-09-07 21:51 - 001222144 _____ C:\Users\Vali\Desktop\RSITx64.exe
2023-09-07 21:51 - 2023-09-07 21:51 - 000830592 _____ C:\WINDOWS\system32\perfh005.dat
2023-09-07 21:51 - 2023-09-07 21:51 - 000192138 _____ C:\WINDOWS\system32\perfc005.dat
2023-09-07 21:48 - 2023-09-07 21:48 - 000000087 _____ C:\Users\Vali\.git-credentials
2023-09-07 21:46 - 2023-09-07 21:46 - 000001351 _____ C:\Users\Vali\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\1Password.lnk
2023-09-07 21:44 - 2023-09-07 21:44 - 000000004 ____H C:\ProgramData\cm-lock
2023-09-07 21:35 - 2023-09-07 21:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2023-09-06 00:17 - 2023-09-06 00:17 - 000046824 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-09-10 15:47 - 2022-05-07 07:24 - 000000000 ___HD C:\Program Files\WindowsApps
2023-09-10 15:47 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SystemTemp
2023-09-10 15:47 - 2020-06-27 14:20 - 000000000 ____D C:\FRST
2023-09-10 15:47 - 2019-06-26 10:06 - 000000000 ____D C:\ProgramData\NVIDIA
2023-09-10 15:46 - 2019-10-04 18:51 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2023-09-10 15:45 - 2020-08-26 17:03 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-09-10 15:43 - 2019-07-10 19:46 - 000000000 ____D C:\Users\Vali\AppData\Local\Autodesk
2023-09-10 15:42 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-09-10 15:41 - 2022-05-07 07:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-09-10 15:32 - 2022-05-05 17:09 - 000000000 ____D C:\Users\Vali\AppData\Local\1Password
2023-09-10 15:31 - 2022-05-05 17:10 - 000000000 ____D C:\Users\Vali\AppData\Roaming\1Password
2023-09-10 15:30 - 2019-07-08 17:44 - 000000000 ____D C:\Program Files (x86)\Google
2023-09-10 15:29 - 2020-04-29 09:25 - 000000068 __RSH C:\WINDOWS\system32\Drivers\xinputhid.winsecurity
2023-09-10 15:29 - 2020-04-29 09:25 - 000000068 __RSH C:\WINDOWS\system32\Drivers\winusb.winsecurity
2023-09-07 22:18 - 2019-07-08 17:44 - 000002437 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-09-07 22:05 - 2022-10-05 16:07 - 000003506 _____ C:\WINDOWS\system32\Tasks\AdobeGCInvoker-1.0
2023-09-07 22:04 - 2022-10-05 16:07 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2023-09-07 22:02 - 2022-10-16 19:07 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader.lnk
2023-09-07 21:53 - 2022-10-05 16:07 - 000004144 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1562600925
2023-09-07 21:53 - 2022-01-17 17:00 - 000001402 _____ C:\Users\Vali\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2023-09-07 21:51 - 2022-10-05 16:07 - 002006634 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-09-07 21:51 - 2022-05-07 07:22 - 000000000 ____D C:\WINDOWS\INF
2023-09-07 21:49 - 2022-05-07 07:17 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-09-07 21:49 - 2020-04-17 16:19 - 000003816 _____ C:\Users\Vali\.bash_history
2023-09-07 21:48 - 2022-10-05 15:56 - 000000000 ____D C:\Users\Vali
2023-09-07 21:44 - 2022-10-05 16:07 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-09-07 21:44 - 2022-10-05 15:50 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-09-07 21:44 - 2022-09-29 17:12 - 000000760 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2023-09-07 21:44 - 2020-07-19 20:31 - 000012288 ___SH C:\DumpStack.log.tmp
2023-09-07 21:44 - 2019-10-14 17:09 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2023-09-07 21:44 - 2019-07-10 06:28 - 000000000 ____D C:\Program Files\CCleaner
2023-09-07 21:43 - 2022-05-07 07:17 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2023-09-07 21:35 - 2019-07-18 20:54 - 000000000 ____D C:\Program Files (x86)\Dropbox
2023-09-07 21:31 - 2019-07-21 21:21 - 000000000 ____D C:\Users\Vali\Documents\_CCleaner_registry
2023-09-07 21:28 - 2022-12-15 12:24 - 000003474 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2023-09-07 21:28 - 2019-12-09 18:08 - 000000000 ____D C:\Users\Vali\AppData\Local\CrashDumps
2023-09-07 21:27 - 2022-10-05 16:07 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2023-09-07 21:27 - 2019-12-09 17:31 - 000000000 ____D C:\Users\Vali\AppData\Local\NVIDIA Corporation
2023-09-07 21:23 - 2021-05-14 20:06 - 000002364 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brave.lnk
2023-09-07 21:23 - 2019-03-19 06:49 - 000000167 _____ C:\WINDOWS\win.ini
2023-09-07 21:17 - 2023-07-15 19:16 - 000000000 ____D C:\Program Files\Mozilla Firefox
2023-09-07 21:17 - 2021-11-11 20:22 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2023-09-07 21:14 - 2022-10-05 16:07 - 000003496 _____ C:\WINDOWS\system32\Tasks\BraveSoftwareUpdateTaskMachineUA
2023-09-07 21:14 - 2022-10-05 16:07 - 000003372 _____ C:\WINDOWS\system32\Tasks\BraveSoftwareUpdateTaskMachineCore
2023-09-07 21:14 - 2022-09-23 20:18 - 000118904 _____ (ESET) C:\WINDOWS\system32\Drivers\edevmon.sys
2023-09-07 21:14 - 2022-04-03 18:57 - 000122560 _____ (ESET) C:\WINDOWS\system32\Drivers\edevmonm.sys
2023-09-07 21:14 - 2019-04-05 11:37 - 000249544 _____ (ESET) C:\WINDOWS\system32\Drivers\ehdrv.sys
2023-09-07 21:14 - 2019-04-05 11:37 - 000208704 _____ (ESET) C:\WINDOWS\system32\Drivers\eamonm.sys
2023-09-07 21:14 - 2019-04-05 11:37 - 000123040 _____ (ESET) C:\WINDOWS\system32\Drivers\epfwwfp.sys
2023-09-07 21:13 - 2022-10-05 16:07 - 000003768 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2023-09-07 21:13 - 2022-10-05 16:07 - 000003644 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore

==================== Files in the root of some directories ========

2019-07-10 20:27 - 2023-06-27 20:05 - 000000033 _____ () C:\Users\Vali\AppData\Roaming\AdobeWLCMCache.dat
2020-08-23 19:15 - 2020-08-23 19:20 - 000001140 _____ () C:\Users\Vali\AppData\Roaming\javascriptobfuscator.jsop
2020-09-24 20:11 - 2023-02-12 17:14 - 000001480 _____ () C:\Users\Vali\AppData\Local\Adobe Uložit pro web 13.0 Prefs
2020-08-13 17:27 - 2022-09-08 21:09 - 000002733 _____ () C:\Users\Vali\AppData\Local\meld.log
2019-07-10 20:19 - 2019-07-10 20:19 - 000000410 _____ () C:\Users\Vali\AppData\Local\oobelibMkey.log
2022-10-04 14:54 - 2023-04-02 20:54 - 000000128 _____ () C:\Users\Vali\AppData\Local\PUTTY.RND
2023-06-23 21:43 - 2023-06-23 21:43 - 000000218 _____ () C:\Users\Vali\AppData\Local\recently-used.xbel

==================== FLock ==============================

2021-11-30 21:50 C:\Users\Tami\AppData\Roaming\FileZilla
2021-11-30 21:48 C:\Users\Tami\AppData\Local\FileZilla

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

addition:

Addition.rar

(32.9 KiB) Staženo 31 x

[Rudy]

OK. Spusťte nyní tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

[Lancre]

# -------------------------------
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build: 08-30-2022
# Database: 2023-07-19.3 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 09-11-2023
# Duration: 00:00:01
# OS: Windows 11 (Build 22621.2134)
# Cleaned: 4
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

Deleted C:\END

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\Conduit
Deleted HKLM\Software\Wow6432Node\Conduit

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

Deleted AVG Secure Search

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1533 octets] - [11/09/2023 20:41:27]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

[Rudy]

Dejte nové logy FRST+Addition.

[Lancre]

FRST:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 11-09-2023
Ran by Vali (administrator) on VALIPC (HP HP Pavilion Gaming Desktop 690-00xx) (11-09-2023 21:33:12)
Running from C:\Users\Vali\Desktop\FRST64.exe
Loaded Profiles: Vali
Platform: Microsoft Windows 11 Home Version 22H2 22621.2134 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Brave Software, Inc. -> BraveSoftware Inc.) C:\Program Files (x86)\BraveSoftware\Update\1.3.361.141\BraveCrashHandler.exe
(Brave Software, Inc. -> BraveSoftware Inc.) C:\Program Files (x86)\BraveSoftware\Update\1.3.361.141\BraveCrashHandler64.exe
(C:\Program Files\ESET\ESET Security\ekrn.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(explorer.exe ->) (AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Ultra\DTShellHlp.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.292\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.292\GoogleCrashHandler64.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(Nvidia Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Autodesk, Inc. -> Autodesk Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe
(services.exe ->) (Autodesk, Inc. -> Autodesk) C:\Program Files (x86)\Common Files\Autodesk Shared\AdskLicensing\11.0.0.4854\AdskLicensingService\AdskLicensingService.exe
(services.exe ->) (AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Ultra\DiscSoftBusServiceUltra.exe
(services.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(services.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\efwd.exe
(services.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(services.exe ->) (Flexera Software LLC -> Flexera Software LLC) C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe
(services.exe ->) (Chaos Software Ltd. -> ) C:\Program Files\Chaos Group\VRLService\OLS\vrol.exe
(services.exe ->) (ChaosGroup) [File not signed] C:\Program Files\Chaos Group\Chaos Cosmos\cbservice.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
(services.exe ->) (Intel Corporation -> Intel(R) Corporation) C:\Windows\SysWOW64\XtuService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\ProgramData\SOLIDWORKS Electrical\MSSQL12.TEW_SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (Siemens AG -> SIEMENS AG) C:\Program Files\Common Files\Siemens\sws\almsrv\almsrv64x.exe
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(svchost.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmdS.exe [194704 2023-09-07] (ESET, spol. s r.o. -> ESET)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3571168 2023-06-14] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2095672 2020-11-01] (Adobe Inc. -> Adobe Inc.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [11559648 2023-09-06] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [646776 2020-03-12] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [Autodesk Desktop App] => C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [668376 2021-05-11] (Autodesk, Inc. -> Autodesk, Inc.)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [114824 2020-11-01] (Adobe Inc. -> )
HKLM-x32\...\Run: [Evoluent Mouse Listener] => C:\Program Files (x86)\Evoluent\Evoluent Mouse Manager\EvoMouseListener.exe [144800 2021-07-21] (Evoluent (Jack Lo) -> Evoluent) [File not signed]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [5237416 2021-02-02] (Adobe Inc. -> Adobe Systems Inc.)
HKLM\Software\Policies\...\system: [EnableSmartScreen] 0
HKU\S-1-5-21-4123483902-689985857-2153118612-1002\...\Run: [CCXProcess] => C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [677512 2020-11-01] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-4123483902-689985857-2153118612-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [41584544 2023-08-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-4123483902-689985857-2153118612-1002\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [91016584 2021-01-15] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-4123483902-689985857-2153118612-1002\...\Run: [DAEMON Tools Ultra Agent] => C:\Program Files\DAEMON Tools Ultra\DTAgent.exe [458608 2019-11-21] (AVB Disc Soft, SIA -> Disc Soft Ltd)
HKU\S-1-5-21-4123483902-689985857-2153118612-1002\...\Run: [1Password] => C:\Users\Vali\AppData\Local\1Password\app\8\1Password.exe [163306352 2023-09-07] (Agilebits -> 1Password)
HKU\S-1-5-21-4123483902-689985857-2153118612-1002\...\Run: [MicrosoftEdgeAutoLaunch_47E7A3D832D99C24E8E65EF6A7C4529C] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4108344 2023-09-07] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-4123483902-689985857-2153118612-1002\...\Run: [Opera Browser Assistant] => C:\Users\Vali\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [3955608 2023-06-20] (Opera Norway AS -> Opera Software)
HKU\S-1-5-21-4123483902-689985857-2153118612-1002\...\MountPoints2: {5046f8b5-0033-11ee-be8f-d89c67923162} - "D:\Lenovo_Suite.exe"
HKU\S-1-5-21-4123483902-689985857-2153118612-1003\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [41584544 2023-08-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-4123483902-689985857-2153118612-1003\...\MountPoints2: {5046f8b5-0033-11ee-be8f-d89c67923162} - "D:\Lenovo_Suite.exe"
HKLM\...\Providers\Internet Print Provider: inetpp.dll
HKLM\...\Providers\LanMan Print Services: win32spl.dll
HKLM\...\Windows x64\Print Processors\HP1006PrintProc: C:\Windows\System32\spool\prtprocs\x64\HP1006PP.dll [65024 2013-04-15] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] -> C:\Windows\System32\Rundll32.exe C:\Windows\System32\mscories.dll,Install
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\116.0.5845.180\Installer\chrmstp.exe [2023-09-07] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C:\Program Files\BraveSoftware\Brave-Browser\Application\116.1.57.62\Installer\chrmstp.exe [2023-09-07] (Brave Software, Inc. -> Brave Software, Inc.)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] -> C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
HKLM\Software\...\Winlogon\GPExtensions: [{0ACDD40C-75AC-47ab-BAA0-BF6DE7E7FE63}] -> C:\Windows\SysWOW64\wlgpclnt.dll [2022-05-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{16be69fa-4209-4250-88cb-716cf41954e0}] -> auditcse.dll
HKLM\Software\...\Winlogon\GPExtensions: [{25537BA6-77A8-11D2-9B6C-0000F8080861}] -> C:\Windows\SysWOW64\fdeploy.dll [2023-05-25] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{426031c0-0b47-4852-b0ca-ac3d37bfcb39}] -> C:\Windows\SysWOW64\gptext.dll [2022-05-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{4d968b55-cac2-4ff5-983f-0a54603781a3}] -> WorkFoldersGPExt.dll
HKLM\Software\...\Winlogon\GPExtensions: [{7909AD9E-09EE-4247-BAB9-7029D5F0A278}] -> C:\Windows\SysWOW64\dmenrollengine.dll [2023-07-11] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{827D319E-6EAC-11D2-A4EA-00C04F79F83A}] -> C:\Windows\SysWOW64\scecli.dll [2023-05-09] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{B587E2B1-4D59-4e7e-AED9-22B9DF11D053}] -> C:\Windows\SysWOW64\dot3gpclnt.dll [2022-05-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{BA649533-0AAC-4E04-B9BC-4DBAE0325B12}] -> pwlauncher.dll
HKLM\Software\...\Winlogon\GPExtensions: [{C34B2751-1CF4-44F5-9262-C3FC39666591}] -> pwlauncher.dll
HKLM\Software\...\Winlogon\GPExtensions: [{cdeafc3d-948d-49dd-ab12-e578ba4af7aa}] -> C:\Windows\SysWOW64\gptext.dll [2022-05-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{f3ccc681-b74c-4060-9f26-cd84525dca2a}] -> auditcse.dll
HKLM\Software\...\Winlogon\GPExtensions: [{FB2CA36D-0B40-4307-821B-A13B252DE56C}] -> C:\Windows\SysWOW64\gptext.dll [2022-05-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{fbf687e6-f063-4d9f-9f4f-fd9a26acdd5f}] -> C:\Windows\SysWOW64\gptext.dll [2022-05-07] (Microsoft Windows -> Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CodeMeter Control Center.lnk [2020-04-29]
ShortcutTarget: CodeMeter Control Center.lnk -> C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Evoluent Mouse Manager.lnk [2021-10-21]
ShortcutTarget: Evoluent Mouse Manager.lnk -> C:\Program Files (x86)\Evoluent\Evoluent Mouse Manager\EvoMouseExec.exe (Evoluent (Jack Lo) -> Evoluent) [File not signed]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Image Transfer Utility.lnk [2022-01-03]
ShortcutTarget: Image Transfer Utility.lnk -> C:\Program Files (x86)\Canon\ImageTransferUtility\ImageTransferUtility.exe (Canon Inc. -> CANON INC.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Network Server.lnk [2021-03-24]
ShortcutTarget: Network Server.lnk -> C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG)
Startup: C:\Users\Vali\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Poslat do aplikace OneNote.lnk [2022-10-06]
ShortcutTarget: Poslat do aplikace OneNote.lnk -> C:\Program Files\Microsoft Office\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {6743F323-1F87-473B-B70C-8B5A501B7CBD} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1566200 2023-08-02] (Adobe Inc. -> Adobe Inc.)
Task: {6A7B1450-C7C0-4B3B-862A-B3377AC01100} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3571168 2023-06-14] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {09771F0B-8368-439A-A034-13FD306BB5E8} - System32\Tasks\Adobe-Genuine-Software-Integrity-Scheduler-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3807712 2023-06-14] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {96D98186-5BE4-4D21-9F8F-546CF4AA8073} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe [737984 2015-08-30] (@ByELDI -> @ByELDI) [File not signed]
Task: {530E48A3-7CFC-47B1-9A02-5D1C3B6768F1} - System32\Tasks\BraveSoftwareUpdateTaskMachineCore => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162400 2021-05-14] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {2006202D-B4F4-4C3E-B64D-8F156AF011FE} - System32\Tasks\BraveSoftwareUpdateTaskMachineUA => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162400 2021-05-14] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {1A8557CA-76F4-4BFD-A259-8666EE98FF8B} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2023-08-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {2049D666-91BF-4AA9-AFC4-D840E5F634AD} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703648 2023-08-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "1d1c4fe2-63fd-4778-ac1c-14a0ce70a008" --version "6.15.10623" --silent
Task: {EB2BEE17-52AF-4DC3-8AC8-5B45CEF874E0} - System32\Tasks\CCleanerSkipUAC - Tami => C:\Program Files\CCleaner\CCleaner.exe [34687904 2023-08-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {469FC1FC-450B-40E2-97B5-1F2434527FAB} - System32\Tasks\CCleanerSkipUAC - Vali => C:\Program Files\CCleaner\CCleaner.exe [34687904 2023-08-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {4CF5CEE9-185D-42AE-8BB0-D0953E29AE2B} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-14] (Dropbox, Inc -> Dropbox, Inc.)
Task: {6617D44F-1931-4C8B-9495-F9D0EB43EA44} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-14] (Dropbox, Inc -> Dropbox, Inc.)
Task: {29F8F79B-88C6-4F19-8ED8-9EC1516CE808} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-07-08] (Google Inc -> Google LLC)
Task: {040D3F70-C727-4270-9868-9D15F318F46E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-07-08] (Google Inc -> Google LLC)
Task: {54DE8D02-85C8-45DF-A408-1C7078B52CA2} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {EB5C348D-B449-44AB-BAA3-EA0590CCAF19} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {243E2771-B540-4C0F-A24B-3320FF81D579} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {BC0A6097-F752-4DF9-A567-0D788B2215D2} - System32\Tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask => C:\Windows\SysWOW64\BthUdTask.exe [38400 2022-05-07] (Microsoft Windows -> Microsoft Corporation)
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => %SystemRoot%\System32\MbaeParserTask.exe (No File)
Task: {082CF432-5DC7-44DB-9042-0A31D108824F} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => %systemroot%\system32\MusNotification.exe /RunOnAC RebootDialog (No File)
Task: {131690E8-FD7A-4B71-B336-B26D5841983A} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => %systemroot%\system32\MusNotification.exe /RunOnBattery RebootDialog (No File)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
Task: {E39FFAC5-C765-4C83-8D78-A61ABEF8C861} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [686496 2023-07-15] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {F715457F-3DCF-4D1D-85EC-CD483977559A} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [724384 2023-07-15] (Mozilla Corporation -> Mozilla Foundation)
Task: {0C7FE380-97EA-43D9-BF8D-3A28F096782D} - System32\Tasks\npcapwatchdog => C:\Program Files\Npcap\CheckStatus.bat [1145 2021-03-24] () [File not signed]
Task: {A886B470-2A53-41AD-BC7D-647CA2DDCA7E} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1003128 2022-03-15] (Nvidia Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {8F102B42-8827-4EE8-BE87-6ADA006DE548} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3342376 2023-01-27] (Nvidia Corporation -> NVIDIA Corporation)
Task: {5C84E12A-9B24-4966-A006-A608EC9AFCFD} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649784 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {92AAA967-CD49-4933-9DE4-E87E1BA9F2BD} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {CDB7AD21-5392-43C8-B908-BD515720602F} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D8FD6584-1BEB-416C-A204-51BCC9E88707} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {FFCD3D9C-7C31-45E0-AD44-04FE1A5DD65C} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {7149F3C6-4D3F-4151-86D5-9E455EDF9706} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {1E09107D-8F44-4338-B329-82986C84F663} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-01-20] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {DCA14F9C-9266-46AA-A2A4-C6105BC60040} - System32\Tasks\Opera scheduled assistant Autoupdate 1582729239 => C:\Users\Vali\AppData\Local\Programs\Opera\launcher.exe [2730912 2023-08-09] (Opera Norway AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\Vali\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {68DE1D89-F06B-4412-B805-CBF0DCB9B8A8} - System32\Tasks\Opera scheduled Autoupdate 1562600925 => C:\Users\Vali\AppData\Local\Programs\Opera\launcher.exe [2730912 2023-08-09] (Opera Norway AS -> Opera Software)
Task: {22149EAF-22C7-46A9-8A6F-1B440BFC8B4F} - System32\Tasks\Red Giant Link => C:\Program -> Files (x86)\Red Giant Link\Red Giant Link.exe
Task: {48FFC210-3964-454A-9B6C-F5580C2EA73E} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [11235928 2020-03-30] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {ACA040FB-CF65-4080-9FBF-32FA5BEED809} - System32\Tasks\UserSwitch_Enable => C:\Windows\system32\WindowsPowerShell\v1.0\PowerShell.exe [491520 2023-05-09] (Microsoft Windows -> Microsoft Corporation) -> Set-ItemProperty -Path HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\LogonUI\UserSwitch -Name Enabled -Value 1

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{13d8dad0-a2ff-4a71-969d-56315a709532}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{257bd8ad-0260-427e-9cff-d25d98d40cda}: [DhcpNameServer] 192.168.0.1

Edge:
=======
Edge Notifications: HKU\S-1-5-21-4123483902-689985857-2153118612-1002 -> hxxps://teams.microsoft.com
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\Vali\AppData\Local\Microsoft\Edge\User Data\Default [2023-09-11]
Edge Notifications: Default -> hxxps://teams.microsoft.com
Edge Extension: (Dokumenty Google offline) - C:\Users\Vali\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-09-11]
Edge Extension: (Edge relevant text changes) - C:\Users\Vali\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-09-10]
Edge Extension: (Microsoft Edge DevTools Enhancements) - C:\Users\Vali\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\kfbdpdaobnofkbopebjglnaadopfikhh [2023-04-10]

FireFox:
========
FF DefaultProfile: gkd7snae.default
FF ProfilePath: C:\Users\Vali\AppData\Roaming\Mozilla\Firefox\Profiles\gkd7snae.default [2023-05-01]
FF ProfilePath: C:\Users\Vali\AppData\Roaming\Mozilla\Firefox\Profiles\ty746rql.default-release [2023-06-24]
FF Extension: (Tampermonkey) - C:\Users\Vali\AppData\Roaming\Mozilla\Firefox\Profiles\ty746rql.default-release\Extensions\firefox@tampermonkey.net.xpi [2022-01-19]
FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2021-02-01]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-01-23] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @java.com/DTPlugin,version=11.251.2 -> C:\Program Files (x86)\Java\jre1.8.0_251\bin\dtplugin\npDeployJava1.dll [2020-04-22] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.251.2 -> C:\Program Files (x86)\Java\jre1.8.0_251\bin\plugin2\npjp2.dll [2020-04-22] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-06-26] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2021-02-02] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2023-08-19] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-01-23] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin HKU\S-1-5-21-4123483902-689985857-2153118612-1002: SkypeForBusinessPlugin-16.2 -> C:\Users\Vali\AppData\Local\Microsoft\SkypeForBusinessPlugin\16.2.0.511\npGatewayNpapi.dll [2019-08-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin HKU\S-1-5-21-4123483902-689985857-2153118612-1002: SkypeForBusinessPlugin64-16.2 -> C:\Users\Vali\AppData\Local\Microsoft\SkypeForBusinessPlugin\16.2.0.511\npGatewayNpapi-x64.dll [2019-08-03] (Microsoft Corporation -> Microsoft Corporation)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\eset_security_config_overlay.js [2023-09-11]

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Vali\AppData\Local\Google\Chrome\User Data\Default [2023-09-10]
CHR Notifications: Default -> hxxps://calendar.google.com; hxxps://teams.microsoft.com; hxxps://webchat.freenode.net; hxxps://www.facebook.com
CHR HomePage: Default -> hxxps://mail.google.com/mail/u/0/#inbox
CHR StartupUrls: Default -> "hxxps://mail.google.com/mail/u/0/#inbox"
CHR Extension: (lock) - C:\Users\Vali\AppData\Local\Google\Chrome\User Data\Default\Extensions\aeblfdkhhhdcdjpifhhbdiojplfjncoa [2023-09-07]
CHR Extension: (Injector) - C:\Users\Vali\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfdonckegflhbiamlmidciapolfccmmb [2022-10-21]
CHR Extension: (GCVote) - C:\Users\Vali\AppData\Local\Google\Chrome\User Data\Default\Extensions\boingbkmoapffongfpcancmephhnmehp [2019-07-08]
CHR Extension: (Markdown Viewer) - C:\Users\Vali\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckkdlimhmcjmikdlpkmbgfkaikojcbjk [2023-04-18]
CHR Extension: (Adblock na Youtube™) - C:\Users\Vali\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2023-05-25]
CHR Extension: (Tampermonkey) - C:\Users\Vali\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2023-07-10]
CHR Extension: (Postman) - C:\Users\Vali\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhbjgbiflinjbdggehcddcbncdddomop [2022-11-03]
CHR Extension: (Page load time) - C:\Users\Vali\AppData\Local\Google\Chrome\User Data\Default\Extensions\fploionmjgeclbkemipmkogoaohcdbig [2022-12-13]
CHR Extension: (Vzdálená plocha Chrome) - C:\Users\Vali\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2019-07-18]
CHR Extension: (HTTPS Everywhere) - C:\Users\Vali\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcbommkclmclpchllfjekcdonpmejbdp [2022-06-26]
CHR Extension: (Dokumenty Google offline) - C:\Users\Vali\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-09-07]
CHR Extension: (Page Ruler Redux) - C:\Users\Vali\AppData\Local\Google\Chrome\User Data\Default\Extensions\giejhjebcalaheckengmchjekofhhmal [2022-03-24]
CHR Extension: (AdBlock - nejlepší blokátor reklam) - C:\Users\Vali\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2023-09-07]
CHR Extension: (Reklamy blokátor pro YouTube ™) - C:\Users\Vali\AppData\Local\Google\Chrome\User Data\Default\Extensions\hflefjhkfeiaignkclmphmokmmbhbhik [2019-07-08]
CHR Extension: (FormApps Extension) - C:\Users\Vali\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilfoopambfaclfjmpiaijnccgcmbeigi [2022-10-11]
CHR Extension: (Boční lišta záložek) - C:\Users\Vali\AppData\Local\Google\Chrome\User Data\Default\Extensions\jdbnofccmhefkmjbkkdkfiicjkgofkdh [2023-09-07]
CHR Extension: (Disconnect) - C:\Users\Vali\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeoacafpbcihiomhlakheieifhpjdfeo [2020-11-11]
CHR Extension: (ChroPath) - C:\Users\Vali\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljngjbnaijcbncmcnjfhigebomdlkcjo [2021-11-06]
CHR Extension: (Spouštěč aplikací pro Disk (od Googlu)) - C:\Users\Vali\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2023-09-07]
CHR Extension: (Mapy Google) - C:\Users\Vali\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2019-07-08]
CHR Extension: (MD Reader) - C:\Users\Vali\AppData\Local\Google\Chrome\User Data\Default\Extensions\medapdbncneneejhbgcjceippjlfkmkg [2023-09-07]
CHR Extension: (MindMup 2.0 - Free Mind Map web site) - C:\Users\Vali\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkgkheknpfngchmoaognoilfanomldfl [2019-07-08]
CHR Extension: (Ghostery – Privacy Ad Blocker) - C:\Users\Vali\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2023-09-07]
CHR Extension: (SingleFile) - C:\Users\Vali\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpiodijhokgodhhofbcjdecpffjipkle [2023-09-07]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Vali\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Privacy Badger) - C:\Users\Vali\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkehgijcmpdhfbdbbnkijodmdjhbjlgp [2023-07-09]
CHR HKU\S-1-5-21-4123483902-689985857-2153118612-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKU\S-1-5-21-4123483902-689985857-2153118612-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKU\S-1-5-21-4123483902-689985857-2153118612-1003\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKU\S-1-5-21-4123483902-689985857-2153118612-1003\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]

Opera:
=======
OPR Profile: C:\Users\Vali\AppData\Roaming\Opera Software\Opera Stable [2023-09-11]
OPR DefaultSearchURL: Opera Stable -> hxxps://www.google.com/search?client=opera&q={s ... utEncoding}
OPR DefaultSearchKeyword: Opera Stable -> g
OPR Extension: (AdBlocker for YouTube™) - C:\Users\Vali\AppData\Roaming\Opera Software\Opera Stable\Extensions\cgdogbijachehheddakopmfjahhgmmma [2023-02-09]
OPR Extension: (Rich Hints Agent) - C:\Users\Vali\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2023-03-25]
OPR Extension: (Opera Wallet) - C:\Users\Vali\AppData\Roaming\Opera Software\Opera Stable\Extensions\gojhcdgcpbpfigcaejpfhfegekdgiblk [2023-03-25]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\Vali\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2022-01-11]
OPR Extension: (Tampermonkey) - C:\Users\Vali\AppData\Roaming\Opera Software\Opera Stable\Extensions\mfdhdgbonjidekjkjmjaneanmdmpmidf [2023-02-09]

Brave:
=======
BRA Profile: C:\Users\Vali\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2023-09-11]
BRA Notifications: Default -> hxxps://calendar.google.com; hxxps://www.facebook.com
BRA HomePage: Default -> hxxps://mail.google.com/mail/u/0/#inbox
BRA Extension: (Překladač Google) - C:\Users\Vali\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2023-03-23]
BRA Extension: (lock) - C:\Users\Vali\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\aeblfdkhhhdcdjpifhhbdiojplfjncoa [2023-09-07]
BRA Extension: (GCVote) - C:\Users\Vali\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\boingbkmoapffongfpcancmephhnmehp [2021-05-14]
BRA Extension: (Markdown Viewer) - C:\Users\Vali\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\ckkdlimhmcjmikdlpkmbgfkaikojcbjk [2023-03-15]
BRA Extension: (Adblock na Youtube™) - C:\Users\Vali\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2023-05-30]
BRA Extension: (Tampermonkey) - C:\Users\Vali\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2023-06-01]
BRA Extension: (Adobe Acrobat: nástroje pro úpravu, převod a podpis souborů PDF) - C:\Users\Vali\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2023-09-07]
BRA Extension: (HTTPS Everywhere) - C:\Users\Vali\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\gcbommkclmclpchllfjekcdonpmejbdp [2022-06-14]
BRA Extension: (AdBlock - nejlepší blokátor reklam) - C:\Users\Vali\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2023-09-07]
BRA Extension: (QR Scanner) - C:\Users\Vali\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\gmloihcgbhbonllenincdakeijmikcne [2022-06-26]
BRA Extension: (Najít na mapy.cz) - C:\Users\Vali\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\gmogjpphjifpompcibhiafmlkhdmbbkb [2022-01-24]
BRA Extension: (FormApps Extension) - C:\Users\Vali\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\ilfoopambfaclfjmpiaijnccgcmbeigi [2022-10-11]
BRA Extension: (Boční lišta záložek) - C:\Users\Vali\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\jdbnofccmhefkmjbkkdkfiicjkgofkdh [2023-09-07]
BRA Extension: (Disconnect) - C:\Users\Vali\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\jeoacafpbcihiomhlakheieifhpjdfeo [2021-05-14]
BRA Extension: (Protractor) - C:\Users\Vali\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\kpjldaeddnfokhmgdlmpdlecmobaonnj [2022-01-24]
BRA Extension: (ChroPath) - C:\Users\Vali\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\ljngjbnaijcbncmcnjfhigebomdlkcjo [2021-08-03]
BRA Extension: (Spouštěč aplikací pro Disk (od Googlu)) - C:\Users\Vali\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2023-09-07]
BRA Extension: (Ghostery – Privacy Ad Blocker) - C:\Users\Vali\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2023-07-15]
BRA Extension: (Material Theme Dark [blue-grey]) - C:\Users\Vali\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\paoafodbgcjnmijjepmpgnlhnogaahme [2021-11-17]
BRA Extension: (Brave Ad Block Updater (Exception-exceptions (plaintext))) - C:\Users\Vali\AppData\Local\BraveSoftware\Brave-Browser\User Data\adcocjohghhfpidemphmcmlmhnfgikei [2023-09-07]
BRA Extension: (Brave Local Data Files Updater) - C:\Users\Vali\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2023-09-10]
BRA Extension: (Brave NTP background images) - C:\Users\Vali\AppData\Local\BraveSoftware\Brave-Browser\User Data\aoojcmojmmcbpfgoecoadbdpnagfchel [2023-09-07]
BRA Extension: (Brave Ad Block Updater (Fanboy's Mobile Notifications (plaintext))) - C:\Users\Vali\AppData\Local\BraveSoftware\Brave-Browser\User Data\bfpgedeaaibpoidldhjcknekahbikncb [2023-09-11]
BRA Extension: (Wallet Data Files Updater) - C:\Users\Vali\AppData\Local\BraveSoftware\Brave-Browser\User Data\BraveWallet [2023-09-11]
BRA Extension: (Brave Ad Block Updater (EasyList Cookie (plaintext))) - C:\Users\Vali\AppData\Local\BraveSoftware\Brave-Browser\User Data\cdbbhgbmjhfnhnmgeddbliobbofkgdhe [2023-09-11]
BRA Extension: (Brave Ad Block Updater (Default)) - C:\Users\Vali\AppData\Local\BraveSoftware\Brave-Browser\User Data\cffkpbalmllkdoenhmdmpbkajipdjfam [2022-12-04]
BRA Extension: (Brave NTP sponsored images) - C:\Users\Vali\AppData\Local\BraveSoftware\Brave-Browser\User Data\efkihffiamafhbhefjaljejgdpkelpal [2023-09-11]
BRA Extension: (Brave Ad Block Updater (Regional Catalog)) - C:\Users\Vali\AppData\Local\BraveSoftware\Brave-Browser\User Data\gkboaolpopklhgplhaaiboijnklogmbc [2023-09-07]
BRA Extension: (Brave Ads Resources) - C:\Users\Vali\AppData\Local\BraveSoftware\Brave-Browser\User Data\iejekkikpddbbockoldagmfcdbffomfc [2023-09-07]
BRA Extension: (Brave Ad Block Updater (Default (plaintext))) - C:\Users\Vali\AppData\Local\BraveSoftware\Brave-Browser\User Data\iodkpdagapdfkphljnddpjlldadblomo [2023-09-11]
BRA Extension: (Brave SpeedReader Updater) - C:\Users\Vali\AppData\Local\BraveSoftware\Brave-Browser\User Data\jicbkmdloagakknpihibphagfckhjdih [2022-03-10]
BRA Extension: (Brave Ad Block Updater (Resources)) - C:\Users\Vali\AppData\Local\BraveSoftware\Brave-Browser\User Data\mfddibmblmbccpadfndgakiopmmhebop [2023-09-10]
BRA Extension: (Brave Ad Block Updater (EasyList Czech and Slovak (plaintext))) - C:\Users\Vali\AppData\Local\BraveSoftware\Brave-Browser\User Data\oegebjahecghlckbhkmojgnpcgdeajdi [2023-07-11]
BRA Extension: (Brave Ad Block Updater (CZE, SVK: EasyList Czech and Slovak)) - C:\Users\Vali\AppData\Local\BraveSoftware\Brave-Browser\User Data\omkkefoeihpbpebhhbhmjekpnegokpbj [2022-12-04]
BRA Extension: (Brave HTTPS Everywhere Updater) - C:\Users\Vali\AppData\Local\BraveSoftware\Brave-Browser\User Data\oofiananboodjbbmdelgdommihjbkfag [2023-09-07]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1050920 2021-05-11] (Autodesk, Inc. -> Autodesk Inc.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-08-02] (Adobe Inc. -> Adobe Inc.)
S4 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [852024 2020-11-01] (Adobe Inc. -> Adobe Inc.)
R2 AdskLicensingService; C:\Program Files (x86)\Common Files\Autodesk Shared\AdskLicensing\Current\AdskLicensingService\AdskLicensingService.exe [18673448 2020-11-17] (Autodesk, Inc. -> Autodesk)
S2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3966432 2023-06-14] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 almservice; C:\Program Files\Common Files\Siemens\sws\almsrv\almsrv64x.exe [2209144 2018-01-17] (Siemens AG -> SIEMENS AG)
S2 Autodesk Content Service; C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe [31160 2015-02-05] (Autodesk, Inc -> Autodesk, Inc.)
S2 brave; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162400 2021-05-14] (Brave Software, Inc. -> BraveSoftware Inc.)
S3 bravem; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162400 2021-05-14] (Brave Software, Inc. -> BraveSoftware Inc.)
S3 BraveVpnService; C:\Program Files\BraveSoftware\Brave-Browser\Application\116.1.57.62\brave_vpn_helper.exe [3171864 2023-09-06] (Brave Software, Inc. -> Brave Software, Inc.)
S3 BraveVpnWireguardService; C:\Program Files\BraveSoftware\Brave-Browser\Application\116.1.57.62\BraveVpnWireguardService\brave_vpn_wireguard_service.exe [2183192 2023-09-06] (Brave Software, Inc. -> Brave Software, Inc.)
R2 CCBService; C:\Program Files\Chaos Group\Chaos Cosmos\cbservice.exe [41120623 2021-08-05] (ChaosGroup) [File not signed]
S2 CmWebAdmin.exe; C:\Program Files\CodeMeter\Runtime\bin\CmWebAdmin.exe [9550744 2018-07-19] (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG)
S4 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-14] (Dropbox, Inc -> Dropbox, Inc.)
S4 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-14] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [46824 2023-09-06] (Dropbox, Inc -> Dropbox, Inc.)
R3 Disc Soft Ultra Bus Service; C:\Program Files\DAEMON Tools Ultra\DiscSoftBusServiceUltra.exe [7208816 2019-11-21] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R2 efwd; C:\Program Files\ESET\ESET Security\efwd.exe [2528888 2023-09-07] (ESET, spol. s r.o. -> ESET)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [3860792 2023-09-07] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [3860792 2023-09-07] (ESET, spol. s r.o. -> ESET)
S2 EvoDriverUpdateService; C:\Program Files (x86)\Evoluent\Evoluent Mouse Manager\EvoDriverUpdateService.exe [40864 2021-07-21] (Evoluent (Jack Lo) -> Evoluent) [File not signed]
R2 MSSQL$TEW_SQLEXPRESS; C:\ProgramData\SOLIDWORKS Electrical\MSSQL12.TEW_SQLEXPRESS\MSSQL\Binn\sqlservr.exe [366512 2023-01-04] (Microsoft Corporation -> Microsoft Corporation)
S2 PSI_SVC_2_x64; C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [337776 2014-04-30] (Arvato Digital Services Canada Inc -> arvato digital services llc)
S2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [737984 2015-08-30] (@ByELDI -> @ByELDI) [File not signed]
S4 SQLAgent$TEW_SQLEXPRESS; C:\ProgramData\SOLIDWORKS Electrical\MSSQL12.TEW_SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [607152 2023-01-04] (Microsoft Corporation -> Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [15212856 2023-01-18] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 VBoxSDS; C:\Program Files\Oracle\VirtualBox\VBoxSDS.exe [744968 2020-02-18] (Oracle Corporation -> Oracle Corporation)
R2 VRLService; C:\Program Files\Chaos Group\VRLService\OLS\vrol.exe [20309016 2021-05-31] (Chaos Software Ltd. -> )
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [2909208 2022-05-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [128376 2022-05-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvhdc.inf_amd64_21fb5c984e3a7ddf\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvhdc.inf_amd64_21fb5c984e3a7ddf\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BTHMODEM; C:\WINDOWS\System32\drivers\bthmodem.sys [106496 2022-05-07] (Microsoft Corporation) [File not signed]
S3 CH341SER_A64; C:\WINDOWS\System32\Drivers\CH341S64.SYS [84640 2023-03-21] (Microsoft Windows Hardware Compatibility Publisher -> wch.cn)
R1 dokan1; C:\WINDOWS\System32\DRIVERS\dokan1.sys [131080 2019-07-24] (D3L -> Dokan Project)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [208704 2023-09-07] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [118904 2023-09-07] (ESET, spol. s r.o. -> ESET)
R1 edevmonm; C:\WINDOWS\System32\DRIVERS\edevmonm.sys [122560 2023-09-07] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [16336 2022-08-23] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [249544 2023-09-07] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [123040 2023-09-07] (ESET, spol. s r.o. -> ESET)
S3 EvoMouseDriverFilterHidUsb; C:\WINDOWS\System32\drivers\EvoMouseDriverFilterHidUsb.sys [29616 2020-07-29] (Microsoft Windows Hardware Compatibility Publisher -> Evoluent)
R3 EvoMouseDriverMini; C:\WINDOWS\system32\drivers\EvoMouseDriverMini.sys [25952 2018-09-20] (Microsoft Windows Hardware Compatibility Publisher -> Evoluent)
R1 npcap; C:\WINDOWS\system32\DRIVERS\npcap.sys [71736 2021-08-30] (Insecure.Com LLC -> Insecure.Com LLC.)
S4 npcap_wifi; C:\WINDOWS\system32\DRIVERS\npcap.sys [71736 2021-08-30] (Insecure.Com LLC -> Insecure.Com LLC.)
R2 NPF; C:\Windows\SysWow64\drivers\npf.sys [35344 2014-06-06] (CACE Technologies, Inc. -> CACE Technologies, Inc.)
R3 NvModuleTracker; C:\WINDOWS\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys [45656 2022-07-14] (Nvidia Corporation -> NVIDIA Corporation)
R0 pwdrvio; C:\WINDOWS\System32\pwdrvio.sys [19152 2019-11-08] (MiniTool Solution Ltd -> )
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2019-11-08] (MiniTool Solution Ltd -> )
S4 RsFx0321; C:\WINDOWS\System32\DRIVERS\RsFx0321.sys [258720 2018-07-25] (Microsoft Corporation -> Microsoft Corporation)
R3 rtcx21; C:\WINDOWS\System32\DriverStore\FileRepository\rtcx21x64.inf_amd64_516e5c9b75c49dc2\rtcx21x64.sys [539648 2022-05-06] (Microsoft Windows -> Realtek)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2018-02-05] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
R1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [247224 2020-02-19] (Oracle Corporation -> Oracle Corporation)
R1 VD_FileDisk; C:\Windows\System32\Drivers\VD_FileDisk.sys [30312 2011-01-26] (Ghisler Software GmbH -> CaptainFlint Software)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [48536 2022-05-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [438544 2022-05-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [90384 2022-05-07] (Microsoft Windows -> Microsoft Corporation)
R2 WIBUKEY; C:\WINDOWS\System32\DRIVERS\WibuKey64.sys [97792 2011-09-22] (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-09-11 20:40 - 2023-09-11 20:42 - 000000000 ____D C:\AdwCleaner
2023-09-11 20:40 - 2023-09-11 20:40 - 008791352 _____ (Malwarebytes) C:\Users\Vali\Desktop\AdwCleaner.exe
2023-09-10 19:43 - 2023-09-10 19:43 - 000163084 _____ C:\Users\Vali\Desktop\determinant_3.stl
2023-09-10 17:21 - 2023-09-10 17:21 - 000830592 _____ C:\WINDOWS\system32\perfh005.dat
2023-09-10 17:21 - 2023-09-10 17:21 - 000192138 _____ C:\WINDOWS\system32\perfc005.dat
2023-09-10 16:55 - 2023-08-03 21:36 - 001487368 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2023-09-10 16:55 - 2023-08-03 21:36 - 001227288 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2023-09-10 16:55 - 2023-08-03 21:36 - 000848976 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2023-09-10 16:55 - 2023-08-03 21:36 - 000848976 _____ C:\WINDOWS\system32\vulkaninfo.exe
2023-09-10 16:55 - 2023-08-03 21:36 - 000713808 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2023-09-10 16:55 - 2023-08-03 21:36 - 000713808 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2023-09-10 16:55 - 2023-08-03 21:36 - 000653400 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2023-09-10 16:55 - 2023-08-03 21:36 - 000653400 _____ C:\WINDOWS\system32\vulkan-1.dll
2023-09-10 16:55 - 2023-08-03 21:36 - 000637008 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2023-09-10 16:55 - 2023-08-03 21:36 - 000637008 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2023-09-10 16:52 - 2023-08-03 21:32 - 059010568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2023-09-10 16:52 - 2023-08-03 21:32 - 000934432 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2023-09-10 16:52 - 2023-08-03 21:32 - 000669208 _____ C:\WINDOWS\system32\nvofapi64.dll
2023-09-10 16:52 - 2023-08-03 21:32 - 000504344 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2023-09-10 16:52 - 2023-08-03 21:31 - 002168456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2023-09-10 16:52 - 2023-08-03 21:31 - 001621624 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2023-09-10 16:52 - 2023-08-03 21:31 - 001538184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2023-09-10 16:52 - 2023-08-03 21:31 - 001195544 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2023-09-10 16:52 - 2023-08-03 21:31 - 000992904 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2023-09-10 16:52 - 2023-08-03 21:31 - 000777352 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2023-09-10 16:52 - 2023-08-03 21:31 - 000769160 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2023-09-10 16:52 - 2023-08-03 21:30 - 014520328 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2023-09-10 16:52 - 2023-08-03 21:30 - 012066424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2023-09-10 16:52 - 2023-08-03 21:30 - 006190728 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2023-09-10 16:52 - 2023-08-03 21:30 - 005550616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcudadebugger.dll
2023-09-10 16:52 - 2023-08-03 21:30 - 003482744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2023-09-10 16:52 - 2023-08-03 21:30 - 000459384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2023-09-10 16:52 - 2023-08-03 21:29 - 005844488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2023-09-10 16:52 - 2023-08-03 21:29 - 000853112 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2023-09-10 16:52 - 2023-08-03 21:28 - 006737096 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2023-09-10 16:52 - 2023-08-03 20:56 - 000107938 _____ C:\WINDOWS\system32\nvinfo.pb
2023-09-10 16:13 - 2023-09-10 16:19 - 000000000 ___HD C:\$WinREAgent
2023-09-10 15:50 - 2023-09-10 15:53 - 000140781 _____ C:\Users\Vali\Desktop\Addition.txt
2023-09-10 15:37 - 2023-09-11 21:33 - 000049757 _____ C:\Users\Vali\Desktop\FRST.txt
2023-09-10 15:33 - 2023-09-11 21:33 - 002382848 _____ (Farbar) C:\Users\Vali\Desktop\FRST64.exe
2023-09-07 22:14 - 2023-09-07 22:14 - 001372712 _____ (Google LLC) C:\Users\Vali\Downloads\ChromeSetup.exe
2023-09-07 22:05 - 2023-09-07 22:05 - 000003530 _____ C:\WINDOWS\system32\Tasks\Adobe-Genuine-Software-Integrity-Scheduler-1.0
2023-09-07 21:53 - 2023-09-07 22:12 - 000000000 ____D C:\rsit
2023-09-07 21:53 - 2023-09-07 22:12 - 000000000 ____D C:\Program Files\trend micro
2023-09-07 21:51 - 2023-09-07 21:51 - 001222144 _____ C:\Users\Vali\Desktop\RSITx64.exe
2023-09-07 21:48 - 2023-09-07 21:48 - 000000087 _____ C:\Users\Vali\.git-credentials
2023-09-07 21:46 - 2023-09-07 21:46 - 000001351 _____ C:\Users\Vali\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\1Password.lnk
2023-09-07 21:35 - 2023-09-07 21:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2023-09-06 00:17 - 2023-09-06 00:17 - 000046824 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-09-11 21:33 - 2020-06-27 14:20 - 000000000 ____D C:\FRST
2023-09-11 21:28 - 2022-05-07 07:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-09-11 21:19 - 2021-03-02 21:08 - 000000000 ____D C:\Users\Vali\AppData\Roaming\Code
2023-09-11 21:18 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SystemTemp
2023-09-11 21:18 - 2019-07-08 17:44 - 000000000 ____D C:\Program Files (x86)\Google
2023-09-11 21:10 - 2022-05-07 07:24 - 000000000 ___HD C:\Program Files\WindowsApps
2023-09-11 21:10 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-09-11 20:55 - 2019-06-26 10:06 - 000000000 ____D C:\ProgramData\NVIDIA
2023-09-11 20:51 - 2022-10-05 16:07 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2023-09-11 20:45 - 2022-05-05 17:10 - 000000000 ____D C:\Users\Vali\AppData\Roaming\1Password
2023-09-11 20:44 - 2022-05-05 17:09 - 000000000 ____D C:\Users\Vali\AppData\Local\1Password
2023-09-11 20:44 - 2020-07-19 20:46 - 000000000 ____D C:\Users\Vali\AppData\Local\D3DSCache
2023-09-11 20:39 - 2020-04-29 09:25 - 000000068 __RSH C:\WINDOWS\system32\Drivers\xinputhid.winsecurity
2023-09-11 20:39 - 2020-04-29 09:25 - 000000068 __RSH C:\WINDOWS\system32\Drivers\winusb.winsecurity
2023-09-10 20:51 - 2022-10-05 15:50 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-09-10 20:06 - 2019-08-16 09:15 - 000000000 ____D C:\Users\Vali\AppData\Roaming\Microsoft\Word
2023-09-10 20:06 - 2019-07-25 14:22 - 000000000 ____D C:\Users\Vali\AppData\Roaming\Microsoft\Šablony
2023-09-10 19:44 - 2019-07-08 17:39 - 000000000 ____D C:\Users\Vali\AppData\Local\Packages
2023-09-10 19:43 - 2023-02-20 22:51 - 000000000 ____D C:\Users\Vali\AppData\Roaming\PrusaSlicer
2023-09-10 19:36 - 2019-07-10 19:46 - 000000000 ____D C:\Users\Vali\AppData\Local\Autodesk
2023-09-10 17:36 - 2022-05-07 07:24 - 000000000 ____D C:\ProgramData\USOPrivate
2023-09-10 17:36 - 2019-10-04 18:51 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2023-09-10 17:21 - 2022-10-05 16:07 - 002006634 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-09-10 17:21 - 2022-05-07 07:22 - 000000000 ____D C:\WINDOWS\INF
2023-09-10 17:13 - 2022-10-05 16:07 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-09-10 17:13 - 2022-10-05 15:50 - 001960656 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-09-10 17:13 - 2022-05-07 07:17 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2023-09-10 17:13 - 2020-07-19 20:31 - 000012288 ___SH C:\DumpStack.log.tmp
2023-09-10 17:13 - 2019-10-14 17:09 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2023-09-10 17:12 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\UUS
2023-09-10 17:12 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2023-09-10 17:12 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SysWOW64\vi-VN
2023-09-10 17:12 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2023-09-10 17:12 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2023-09-10 17:12 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2023-09-10 17:12 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SysWOW64\id-ID
2023-09-10 17:12 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SysWOW64\gl-ES
2023-09-10 17:12 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SysWOW64\eu-ES
2023-09-10 17:12 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2023-09-10 17:12 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2023-09-10 17:12 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2023-09-10 17:12 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SysWOW64\ca-ES
2023-09-10 17:11 - 2022-05-07 07:24 - 000000000 ___SD C:\WINDOWS\system32\lxss
2023-09-10 17:11 - 2022-05-07 07:24 - 000000000 ___RD C:\WINDOWS\PrintDialog
2023-09-10 17:11 - 2022-05-07 07:24 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-09-10 17:11 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SystemResources
2023-09-10 17:11 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SystemApps
2023-09-10 17:11 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2023-09-10 17:11 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2023-09-10 17:11 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\vi-VN
2023-09-10 17:11 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\Sgrm
2023-09-10 17:11 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\setup
2023-09-10 17:11 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2023-09-10 17:11 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-09-10 17:11 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\migwiz
2023-09-10 17:11 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2023-09-10 17:11 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2023-09-10 17:11 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\id-ID
2023-09-10 17:11 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\HealthAttestationClient
2023-09-10 17:11 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\gl-ES
2023-09-10 17:11 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\eu-ES
2023-09-10 17:11 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\et-EE
2023-09-10 17:11 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\es-MX
2023-09-10 17:11 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\Dism
2023-09-10 17:11 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\ca-ES
2023-09-10 17:11 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\appraiser
2023-09-10 17:11 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\ShellExperiences
2023-09-10 17:11 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\ShellComponents
2023-09-10 17:11 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-09-10 17:11 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\appcompat
2023-09-10 17:03 - 2019-07-21 21:21 - 000000000 ____D C:\Users\Vali\Documents\_CCleaner_registry
2023-09-10 17:00 - 2019-07-10 06:28 - 000000000 ____D C:\Program Files\CCleaner
2023-09-10 17:00 - 2019-06-26 10:06 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2023-09-10 16:59 - 2023-06-14 20:09 - 000000000 ____D C:\Users\Vali\Desktop\cornovova
2023-09-10 16:48 - 2020-11-23 23:37 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2023-09-10 16:48 - 2019-06-26 10:19 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-09-10 16:39 - 2019-06-26 10:19 - 175983240 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-09-10 16:35 - 2022-05-07 07:17 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-09-10 16:27 - 2022-10-05 15:55 - 003210752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-09-10 16:21 - 2023-06-24 22:07 - 000002374 _____ C:\Users\Vali\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-09-10 16:21 - 2022-10-05 16:07 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-4123483902-689985857-2153118612-1002
2023-09-10 16:21 - 2022-10-05 16:07 - 000003358 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4123483902-689985857-2153118612-1002
2023-09-10 15:45 - 2020-08-26 17:03 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-09-07 22:18 - 2019-07-08 17:44 - 000002437 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-09-07 22:05 - 2022-10-05 16:07 - 000003506 _____ C:\WINDOWS\system32\Tasks\AdobeGCInvoker-1.0
2023-09-07 22:02 - 2022-10-16 19:07 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader.lnk
2023-09-07 21:53 - 2022-10-05 16:07 - 000004144 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1562600925
2023-09-07 21:53 - 2022-01-17 17:00 - 000001402 _____ C:\Users\Vali\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2023-09-07 21:49 - 2020-04-17 16:19 - 000003816 _____ C:\Users\Vali\.bash_history
2023-09-07 21:48 - 2022-10-05 15:56 - 000000000 ____D C:\Users\Vali
2023-09-07 21:44 - 2022-09-29 17:12 - 000000760 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2023-09-07 21:35 - 2019-07-18 20:54 - 000000000 ____D C:\Program Files (x86)\Dropbox
2023-09-07 21:28 - 2022-12-15 12:24 - 000003474 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2023-09-07 21:28 - 2019-12-09 18:08 - 000000000 ____D C:\Users\Vali\AppData\Local\CrashDumps
2023-09-07 21:27 - 2022-10-05 16:07 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2023-09-07 21:27 - 2019-12-09 17:31 - 000000000 ____D C:\Users\Vali\AppData\Local\NVIDIA Corporation
2023-09-07 21:23 - 2021-05-14 20:06 - 000002364 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brave.lnk
2023-09-07 21:23 - 2019-03-19 06:49 - 000000167 _____ C:\WINDOWS\win.ini
2023-09-07 21:17 - 2023-07-15 19:16 - 000000000 ____D C:\Program Files\Mozilla Firefox
2023-09-07 21:17 - 2021-11-11 20:22 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2023-09-07 21:14 - 2022-10-05 16:07 - 000003496 _____ C:\WINDOWS\system32\Tasks\BraveSoftwareUpdateTaskMachineUA
2023-09-07 21:14 - 2022-10-05 16:07 - 000003372 _____ C:\WINDOWS\system32\Tasks\BraveSoftwareUpdateTaskMachineCore
2023-09-07 21:14 - 2022-09-23 20:18 - 000118904 _____ (ESET) C:\WINDOWS\system32\Drivers\edevmon.sys
2023-09-07 21:14 - 2022-04-03 18:57 - 000122560 _____ (ESET) C:\WINDOWS\system32\Drivers\edevmonm.sys
2023-09-07 21:14 - 2019-04-05 11:37 - 000249544 _____ (ESET) C:\WINDOWS\system32\Drivers\ehdrv.sys
2023-09-07 21:14 - 2019-04-05 11:37 - 000208704 _____ (ESET) C:\WINDOWS\system32\Drivers\eamonm.sys
2023-09-07 21:14 - 2019-04-05 11:37 - 000123040 _____ (ESET) C:\WINDOWS\system32\Drivers\epfwwfp.sys
2023-09-07 21:13 - 2022-10-05 16:07 - 000003768 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2023-09-07 21:13 - 2022-10-05 16:07 - 000003644 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore

==================== Files in the root of some directories ========

2019-07-10 20:27 - 2023-06-27 20:05 - 000000033 _____ () C:\Users\Vali\AppData\Roaming\AdobeWLCMCache.dat
2020-08-23 19:15 - 2020-08-23 19:20 - 000001140 _____ () C:\Users\Vali\AppData\Roaming\javascriptobfuscator.jsop
2020-09-24 20:11 - 2023-02-12 17:14 - 000001480 _____ () C:\Users\Vali\AppData\Local\Adobe Uložit pro web 13.0 Prefs
2020-08-13 17:27 - 2022-09-08 21:09 - 000002733 _____ () C:\Users\Vali\AppData\Local\meld.log
2019-07-10 20:19 - 2019-07-10 20:19 - 000000410 _____ () C:\Users\Vali\AppData\Local\oobelibMkey.log
2022-10-04 14:54 - 2023-04-02 20:54 - 000000128 _____ () C:\Users\Vali\AppData\Local\PUTTY.RND
2023-06-23 21:43 - 2023-06-23 21:43 - 000000218 _____ () C:\Users\Vali\AppData\Local\recently-used.xbel

==================== FLock ==============================

2021-11-30 21:50 C:\Users\Tami\AppData\Roaming\FileZilla
2021-11-30 21:48 C:\Users\Tami\AppData\Local\FileZilla

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Addition:

Addition.zip

(33.81 KiB) Staženo 37 x

[Rudy]

Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [646776 2020-03-12] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-4123483902-689985857-2153118612-1002\...\MountPoints2: {5046f8b5-0033-11ee-be8f-d89c67923162} - "D:\Lenovo_Suite.exe"
HKU\S-1-5-21-4123483902-689985857-2153118612-1003\...\MountPoints2: {5046f8b5-0033-11ee-be8f-d89c67923162} - "D:\Lenovo_Suite.exe"
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
Task: {29F8F79B-88C6-4F19-8ED8-9EC1516CE808} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-07-08] (Google Inc -> Google LLC)
Task: {040D3F70-C727-4270-9868-9D15F318F46E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-07-08] (Google Inc -> Google LLC)
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => %SystemRoot%\System32\MbaeParserTask.exe (No File)
Task: {082CF432-5DC7-44DB-9042-0A31D108824F} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => %systemroot%\system32\MusNotification.exe /RunOnAC RebootDialog (No File)
Task: {131690E8-FD7A-4B71-B336-B26D5841983A} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => %systemroot%\system32\MusNotification.exe /RunOnBattery RebootDialog (No File)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{0215A4C0-5431-4FD0-9B06-46589B5C4939}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{048ED0E0-12CF-4C0F-9FFA-947C2FBE8C8E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{071339A1-1946-44B2-B63E-50459B15DB86}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{08A60FF7-BB37-44F4-9759-0ADA6C7B9CC9}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{0B38CACA-3D3C-48EA-BEB5-7D95F4F6EE15}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{0C3393F8-94F5-4B79-8C01-49A2D0CC0FE9}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{0D555CE0-304A-47A6-858B-B145209A3982}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{12545889-6D32-4424-9967-1E1D7BD1F809}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{14679E3B-C952-4998-8E13-4B1286E6DD99}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{1481B385-759A-4B00-9257-E96357563999}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{162EF0A1-5A33-46F2-ACCF-CA388B084A09}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{1D625598-C876-4C51-8EF5-F9D8F96F62AA}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{1D6DFD6A-9E16-435A-9327-6FFEC6BA372F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{1E5724EA-3423-4BD3-ABD6-46E650D2DC66}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{1E8A29BA-827D-4031-A4A3-AE7999B402F6}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{1EA072EE-57FD-495E-889C-8243C3BDBDBC}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{1FD7F53F-7ED5-439C-9A77-A3821CD09E98}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{20E47D5B-529A-45BD-8E77-BF1A3064A008}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{2709544A-5B24-4F9F-A5DA-CEC7297D3A4E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{2BCA857B-A18B-4AFA-B183-CC0E49C12058}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{2C74F89E-7421-46B4-BA54-F86F1BD9F237}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{2C7D1157-7D50-4A88-9777-5EBBA3189AB8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{3497C2EC-5684-4B21-AF74-F6760E0221DC}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{38C8B14E-7879-4DA9-8C3F-8CAAC359293A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{3FCEB42C-9B98-486A-BED7-FD7F3ADB7291}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{40770568-0D5E-49D4-BE47-BC47A4F0B0A4}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{44A52280-AE56-490D-890C-89FB7279ED6B}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{46C56738-39C6-4240-8B9B-008CCD769A84}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{47179DDE-10AC-4737-97C9-8CE5379343EA}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{475C7B4A-6964-4F9E-9708-05A16EAC31D0}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{48270F9E-CCF6-4C79-B6FF-267C960E6425}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{48FEFCD7-5D7C-4E4A-9F11-60E69A31D4B1}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{49998808-648A-4A9C-A7A5-B1672775D9AB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{4A756F5F-CBA4-428B-B17F-AF80C0C8502D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{4B40437B-8972-4444-BBE3-1588FF55F203}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{4BD03680-3C0F-4501-AFF7-3D008586917F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{5544903C-2CCC-487C-91BB-F310B72A8E9B}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{59A224A2-BEF8-4C89-96E0-83A5411ABB6C}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{622F6193-E4DD-46E6-BC66-2ED88E9FD28D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{6451051B-AD22-4C6A-ACCE-013A0E1DDBC3}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{64B99FDB-1D85-447F-98C7-569DBDA723DB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{6BCE6F6E-C050-4F39-BD98-E2743949F724}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{6F56D7C9-18DD-4C15-9FA8-C54E3610EC40}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{70DBCAE8-8C2B-450C-9E1D-43E4686C6512}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{713C0E8A-5AE8-4695-B442-5ED6C4FE5C42}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{7293E009-3015-4AD3-96EC-D42C36B5FCE3}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{72EFC580-D085-4B81-8C55-26A79E445338}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{750AEC19-2E4C-4ED9-9B9F-F9CAFCD060F3}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{794199C5-827C-41C8-8CB2-3A1EA056AF5E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{798391FE-4AF2-4851-9DDA-1F0D70C02A9E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{7BA16B3F-1AB3-4BD7-B959-52C4B8504EE9}\InprocServer32 -> AcInetUI.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{7C239DAB-BC87-45F3-B7B1-FCC1541A235B}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{834CE679-2E47-49DE-9E41-FEC87E9192EB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{849AFB5B-D6C9-4924-A712-F7118FF9611F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{85452F88-5071-492E-B850-2E3C586DCBD8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{87F5CF8F-A06D-498F-A05F-E520E6B570DB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{89F0FC31-3B1D-494B-A75B-6BD4FA527B8A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{8AA16DFC-DFC6-4B51-8FA2-A5D812BE33BF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{8ED07FEF-E1B0-4CC3-B2BA-D354828AB952}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{988F4102-E6E3-4282-ACAC-55270827F2A8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{9906CDFC-DB2C-4126-9422-13139B148495}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{9A21C6C5-27FC-4442-8590-575E7AFD73BB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{9ECF83FB-23C5-43B6-83DE-93CFBDD74D4A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{A58F47CC-FF65-4152-B0B1-666C643A5BFC}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{A6A3D586-44CF-44C2-A92C-620BB713B4F2}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{ABBE3F83-D585-4A50-9B69-198B0F566F2E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{AC5CECFA-F03A-41D2-A89C-704C44935941}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{B1560245-190E-4BBD-81DF-9B642D0E5325}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{B2A579E0-A797-40B1-8AEE-A8F6404719F8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{B47196BC-D4AB-41BB-A771-543D67CFC9F5}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{B53CEF4B-1A13-49DE-BBC5-A7100FB2F38C}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{B5EE2B68-9A23-4BCD-BB77-FEA6DFB24DD6}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{B80687F9-FA4C-4735-9DC4-E5715F2BC698}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{BAE5802A-CF21-4F9C-AE04-D98F4036AC31}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{BBF6A206-CB04-479D-96AE-349E1E83319A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{BC71DEA1-D6FB-48B8-AB06-D151C81BBCDD}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{BF224DC3-B602-4EEE-BFE9-9E4E0AED6837}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{BF4CC07E-E9BB-40D6-873F-855B211033B9}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{C061C82C-D041-4214-BB07-B608107CEFCB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{C2D4ACCC-A3D1-4A0A-AD59-0DD8BA3D5EE1}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{C8C18F89-794D-466B-8B97-95634D9890EF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{C8EC7647-1E79-4F13-81D7-2EED803D0D22}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{CC23CA32-9892-4FBA-A108-FE31CA0F35A6}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{CD865713-70D6-4E15-BB7B-9B99AD9DEB85}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{D56F5AB3-9C4D-4F1A-A851-A671D9FE8C22}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{D66873EA-AAE5-41CC-8DD2-8CE3228E9F89}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{D86B6C47-11F2-4D95-B635-EA575F0892FC}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{DB207560-8449-4FAF-BDC2-61676EB012D4}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{DE74F5AD-DA2F-429F-BAF9-850A2808D585}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{DF6525C2-6358-4B07-813D-708120C5FE1A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{E177A457-9EAA-43C3-A3CE-84874A28F6CA}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{E29F6C45-6927-4508-8F3F-34105FD3FC5F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{E4222C78-3670-4BB1-9AD4-7D8F3E581F2D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{E70DE962-842A-4488-9481-1D0FD72A020F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{E9C07CEC-7B82-49E4-BBA2-7533B88E9D64}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{EA34A0C0-5CE7-4701-A6FA-117D25CD5EBB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{C2D4ACCC-A3D1-4A0A-AD59-0DD8BA3D5EE1}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{C8C18F89-794D-466B-8B97-95634D9890EF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{C8EC7647-1E79-4F13-81D7-2EED803D0D22}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{CC23CA32-9892-4FBA-A108-FE31CA0F35A6}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{CD865713-70D6-4E15-BB7B-9B99AD9DEB85}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{D56F5AB3-9C4D-4F1A-A851-A671D9FE8C22}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{D66873EA-AAE5-41CC-8DD2-8CE3228E9F89}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{D86B6C47-11F2-4D95-B635-EA575F0892FC}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{DB207560-8449-4FAF-BDC2-61676EB012D4}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{DE74F5AD-DA2F-429F-BAF9-850A2808D585}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{DF6525C2-6358-4B07-813D-708120C5FE1A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{E177A457-9EAA-43C3-A3CE-84874A28F6CA}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{E29F6C45-6927-4508-8F3F-34105FD3FC5F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{EF01D98A-747B-4522-AD70-991B90855DBF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{F196F03F-651A-43AF-BE34-D11942F24445}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{F2DB0EE3-7137-4CB0-8349-483C4FF2143A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{F40E2FF0-4D77-40B2-9A44-A3AEECCE8EFF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{F5522F0C-962A-48AC-9992-E81B07628F1F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{F78DCF7C-043D-45FC-9D21-676FC307BA3F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{F868EAEC-1B73-4F5E-BA73-90EBA94E75BE}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{FA97F7A7-FD19-4D55-ABF2-CFEFFF777426}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{FD51ED8A-D518-4554-B236-B6E9D234FD03}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{FE054BB2-AF94-40AC-88AA-2F59F7018B1D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{FE317223-8EDE-4684-B424-E48B9EA90220}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{FE718E8F-C3AA-4F30-9103-432450CF1DA1}\InprocServer32 -> axdb.dll => No File
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => AcSignIcon.dll -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => -> No File
ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6_S-1-5-21-4123483902-689985857-2153118612-1002: [InventorMenu] -> {6FDE7A70-351B-11d6-988B-0010B57A8BB7} => -> No File
AlternateDataStreams: C:\Windows:CM_2fc6bb5911f8ec497148a890945a6514141ed49d2c744fd5c5eb1f84b9f6aca2 [74]
AlternateDataStreams: C:\Windows:CM_907695013ca08992cd58feb07e0251af0db243016da7741a2963bd09f47d77f4 [74]
AlternateDataStreams: C:\ProgramData\TEMP:CD30FA91 [133]


EmptyTemp:
Hosts:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

[Lancre]

Fix result of Farbar Recovery Scan Tool (x64) Version: 11-09-2023
Ran by Vali (12-09-2023 16:59:23) Run:3
Running from C:\Users\Vali\Desktop
Loaded Profiles: Vali & Tami
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [646776 2020-03-12] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-4123483902-689985857-2153118612-1002\...\MountPoints2: {5046f8b5-0033-11ee-be8f-d89c67923162} - "D:\Lenovo_Suite.exe"
HKU\S-1-5-21-4123483902-689985857-2153118612-1003\...\MountPoints2: {5046f8b5-0033-11ee-be8f-d89c67923162} - "D:\Lenovo_Suite.exe"
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
Task: {29F8F79B-88C6-4F19-8ED8-9EC1516CE808} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-07-08] (Google Inc -> Google LLC)
Task: {040D3F70-C727-4270-9868-9D15F318F46E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-07-08] (Google Inc -> Google LLC)
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => %SystemRoot%\System32\MbaeParserTask.exe (No File)
Task: {082CF432-5DC7-44DB-9042-0A31D108824F} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => %systemroot%\system32\MusNotification.exe /RunOnAC RebootDialog (No File)
Task: {131690E8-FD7A-4B71-B336-B26D5841983A} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => %systemroot%\system32\MusNotification.exe /RunOnBattery RebootDialog (No File)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{0215A4C0-5431-4FD0-9B06-46589B5C4939}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{048ED0E0-12CF-4C0F-9FFA-947C2FBE8C8E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{071339A1-1946-44B2-B63E-50459B15DB86}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{08A60FF7-BB37-44F4-9759-0ADA6C7B9CC9}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{0B38CACA-3D3C-48EA-BEB5-7D95F4F6EE15}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{0C3393F8-94F5-4B79-8C01-49A2D0CC0FE9}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{0D555CE0-304A-47A6-858B-B145209A3982}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{12545889-6D32-4424-9967-1E1D7BD1F809}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{14679E3B-C952-4998-8E13-4B1286E6DD99}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{1481B385-759A-4B00-9257-E96357563999}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{162EF0A1-5A33-46F2-ACCF-CA388B084A09}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{1D625598-C876-4C51-8EF5-F9D8F96F62AA}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{1D6DFD6A-9E16-435A-9327-6FFEC6BA372F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{1E5724EA-3423-4BD3-ABD6-46E650D2DC66}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{1E8A29BA-827D-4031-A4A3-AE7999B402F6}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{1EA072EE-57FD-495E-889C-8243C3BDBDBC}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{1FD7F53F-7ED5-439C-9A77-A3821CD09E98}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{20E47D5B-529A-45BD-8E77-BF1A3064A008}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{2709544A-5B24-4F9F-A5DA-CEC7297D3A4E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{2BCA857B-A18B-4AFA-B183-CC0E49C12058}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{2C74F89E-7421-46B4-BA54-F86F1BD9F237}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{2C7D1157-7D50-4A88-9777-5EBBA3189AB8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{3497C2EC-5684-4B21-AF74-F6760E0221DC}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{38C8B14E-7879-4DA9-8C3F-8CAAC359293A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{3FCEB42C-9B98-486A-BED7-FD7F3ADB7291}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{40770568-0D5E-49D4-BE47-BC47A4F0B0A4}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{44A52280-AE56-490D-890C-89FB7279ED6B}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{46C56738-39C6-4240-8B9B-008CCD769A84}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{47179DDE-10AC-4737-97C9-8CE5379343EA}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{475C7B4A-6964-4F9E-9708-05A16EAC31D0}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{48270F9E-CCF6-4C79-B6FF-267C960E6425}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{48FEFCD7-5D7C-4E4A-9F11-60E69A31D4B1}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{49998808-648A-4A9C-A7A5-B1672775D9AB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{4A756F5F-CBA4-428B-B17F-AF80C0C8502D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{4B40437B-8972-4444-BBE3-1588FF55F203}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{4BD03680-3C0F-4501-AFF7-3D008586917F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{5544903C-2CCC-487C-91BB-F310B72A8E9B}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{59A224A2-BEF8-4C89-96E0-83A5411ABB6C}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{622F6193-E4DD-46E6-BC66-2ED88E9FD28D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{6451051B-AD22-4C6A-ACCE-013A0E1DDBC3}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{64B99FDB-1D85-447F-98C7-569DBDA723DB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{6BCE6F6E-C050-4F39-BD98-E2743949F724}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{6F56D7C9-18DD-4C15-9FA8-C54E3610EC40}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{70DBCAE8-8C2B-450C-9E1D-43E4686C6512}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{713C0E8A-5AE8-4695-B442-5ED6C4FE5C42}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{7293E009-3015-4AD3-96EC-D42C36B5FCE3}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{72EFC580-D085-4B81-8C55-26A79E445338}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{750AEC19-2E4C-4ED9-9B9F-F9CAFCD060F3}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{794199C5-827C-41C8-8CB2-3A1EA056AF5E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{798391FE-4AF2-4851-9DDA-1F0D70C02A9E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{7BA16B3F-1AB3-4BD7-B959-52C4B8504EE9}\InprocServer32 -> AcInetUI.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{7C239DAB-BC87-45F3-B7B1-FCC1541A235B}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{834CE679-2E47-49DE-9E41-FEC87E9192EB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{849AFB5B-D6C9-4924-A712-F7118FF9611F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{85452F88-5071-492E-B850-2E3C586DCBD8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{87F5CF8F-A06D-498F-A05F-E520E6B570DB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{89F0FC31-3B1D-494B-A75B-6BD4FA527B8A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{8AA16DFC-DFC6-4B51-8FA2-A5D812BE33BF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{8ED07FEF-E1B0-4CC3-B2BA-D354828AB952}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{988F4102-E6E3-4282-ACAC-55270827F2A8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{9906CDFC-DB2C-4126-9422-13139B148495}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{9A21C6C5-27FC-4442-8590-575E7AFD73BB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{9ECF83FB-23C5-43B6-83DE-93CFBDD74D4A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{A58F47CC-FF65-4152-B0B1-666C643A5BFC}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{A6A3D586-44CF-44C2-A92C-620BB713B4F2}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{ABBE3F83-D585-4A50-9B69-198B0F566F2E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{AC5CECFA-F03A-41D2-A89C-704C44935941}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{B1560245-190E-4BBD-81DF-9B642D0E5325}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{B2A579E0-A797-40B1-8AEE-A8F6404719F8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{B47196BC-D4AB-41BB-A771-543D67CFC9F5}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{B53CEF4B-1A13-49DE-BBC5-A7100FB2F38C}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{B5EE2B68-9A23-4BCD-BB77-FEA6DFB24DD6}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{B80687F9-FA4C-4735-9DC4-E5715F2BC698}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{BAE5802A-CF21-4F9C-AE04-D98F4036AC31}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{BBF6A206-CB04-479D-96AE-349E1E83319A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{BC71DEA1-D6FB-48B8-AB06-D151C81BBCDD}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{BF224DC3-B602-4EEE-BFE9-9E4E0AED6837}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{BF4CC07E-E9BB-40D6-873F-855B211033B9}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{C061C82C-D041-4214-BB07-B608107CEFCB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{C2D4ACCC-A3D1-4A0A-AD59-0DD8BA3D5EE1}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{C8C18F89-794D-466B-8B97-95634D9890EF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{C8EC7647-1E79-4F13-81D7-2EED803D0D22}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{CC23CA32-9892-4FBA-A108-FE31CA0F35A6}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{CD865713-70D6-4E15-BB7B-9B99AD9DEB85}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{D56F5AB3-9C4D-4F1A-A851-A671D9FE8C22}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{D66873EA-AAE5-41CC-8DD2-8CE3228E9F89}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{D86B6C47-11F2-4D95-B635-EA575F0892FC}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{DB207560-8449-4FAF-BDC2-61676EB012D4}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{DE74F5AD-DA2F-429F-BAF9-850A2808D585}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{DF6525C2-6358-4B07-813D-708120C5FE1A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{E177A457-9EAA-43C3-A3CE-84874A28F6CA}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{E29F6C45-6927-4508-8F3F-34105FD3FC5F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{E4222C78-3670-4BB1-9AD4-7D8F3E581F2D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{E70DE962-842A-4488-9481-1D0FD72A020F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{E9C07CEC-7B82-49E4-BBA2-7533B88E9D64}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{EA34A0C0-5CE7-4701-A6FA-117D25CD5EBB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{C2D4ACCC-A3D1-4A0A-AD59-0DD8BA3D5EE1}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{C8C18F89-794D-466B-8B97-95634D9890EF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{C8EC7647-1E79-4F13-81D7-2EED803D0D22}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{CC23CA32-9892-4FBA-A108-FE31CA0F35A6}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{CD865713-70D6-4E15-BB7B-9B99AD9DEB85}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{D56F5AB3-9C4D-4F1A-A851-A671D9FE8C22}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{D66873EA-AAE5-41CC-8DD2-8CE3228E9F89}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{D86B6C47-11F2-4D95-B635-EA575F0892FC}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{DB207560-8449-4FAF-BDC2-61676EB012D4}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{DE74F5AD-DA2F-429F-BAF9-850A2808D585}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{DF6525C2-6358-4B07-813D-708120C5FE1A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{E177A457-9EAA-43C3-A3CE-84874A28F6CA}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{E29F6C45-6927-4508-8F3F-34105FD3FC5F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{EF01D98A-747B-4522-AD70-991B90855DBF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{F196F03F-651A-43AF-BE34-D11942F24445}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{F2DB0EE3-7137-4CB0-8349-483C4FF2143A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{F40E2FF0-4D77-40B2-9A44-A3AEECCE8EFF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{F5522F0C-962A-48AC-9992-E81B07628F1F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{F78DCF7C-043D-45FC-9D21-676FC307BA3F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{F868EAEC-1B73-4F5E-BA73-90EBA94E75BE}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{FA97F7A7-FD19-4D55-ABF2-CFEFFF777426}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{FD51ED8A-D518-4554-B236-B6E9D234FD03}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{FE054BB2-AF94-40AC-88AA-2F59F7018B1D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{FE317223-8EDE-4684-B424-E48B9EA90220}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{FE718E8F-C3AA-4F30-9103-432450CF1DA1}\InprocServer32 -> axdb.dll => No File
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => AcSignIcon.dll -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => -> No File
ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6_S-1-5-21-4123483902-689985857-2153118612-1002: [InventorMenu] -> {6FDE7A70-351B-11d6-988B-0010B57A8BB7} => -> No File
AlternateDataStreams: C:\Windows:CM_2fc6bb5911f8ec497148a890945a6514141ed49d2c744fd5c5eb1f84b9f6aca2 [74]
AlternateDataStreams: C:\Windows:CM_907695013ca08992cd58feb07e0251af0db243016da7741a2963bd09f47d77f4 [74]
AlternateDataStreams: C:\ProgramData\TEMP:CD30FA91 [133]


EmptyTemp:
Hosts:
End
*****************

Processes closed successfully.
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched" => removed successfully
HKU\S-1-5-21-4123483902-689985857-2153118612-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5046f8b5-0033-11ee-be8f-d89c67923162} => removed successfully
HKU\S-1-5-21-4123483902-689985857-2153118612-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5046f8b5-0033-11ee-be8f-d89c67923162} => removed successfully
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers\{C885AA15-1764-4293-B82A-0586ADD46B35} => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{29F8F79B-88C6-4F19-8ED8-9EC1516CE808}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{29F8F79B-88C6-4F19-8ED8-9EC1516CE808}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{040D3F70-C727-4270-9868-9D15F318F46E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{040D3F70-C727-4270-9868-9D15F318F46E}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CCDFC0B8-01A3-4E74-A820-4F13F51D269E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CCDFC0B8-01A3-4E74-A820-4F13F51D269E}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{082CF432-5DC7-44DB-9042-0A31D108824F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{082CF432-5DC7-44DB-9042-0A31D108824F}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\Reboot_AC" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{131690E8-FD7A-4B71-B336-B26D5841983A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{131690E8-FD7A-4B71-B336-B26D5841983A}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E0F10DCF-44AD-40E8-9370-FB5DA59F93FB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E0F10DCF-44AD-40E8-9370-FB5DA59F93FB}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker" => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\BookReader_B171F20233094AC88D05A8EF7B9763E8 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => removed successfully
HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{0215A4C0-5431-4FD0-9B06-46589B5C4939} => removed successfully
HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{048ED0E0-12CF-4C0F-9FFA-947C2FBE8C8E} => removed successfully
HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{071339A1-1946-44B2-B63E-50459B15DB86} => removed successfully
HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{08A60FF7-BB37-44F4-9759-0ADA6C7B9CC9} => removed successfully
HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{0B38CACA-3D3C-48EA-BEB5-7D95F4F6EE15} => removed successfully
HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{0C3393F8-94F5-4B79-8C01-49A2D0CC0FE9} => removed successfully
HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{0D555CE0-304A-47A6-858B-B145209A3982} => removed successfully
HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{12545889-6D32-4424-9967-1E1D7BD1F809} => removed successfully
HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{14679E3B-C952-4998-8E13-4B1286E6DD99} => removed successfully
HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{1481B385-759A-4B00-9257-E96357563999} => removed successfully
HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{162EF0A1-5A33-46F2-ACCF-CA388B084A09} => removed successfully
HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{1D625598-C876-4C51-8EF5-F9D8F96F62AA} => removed successfully
HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{1D6DFD6A-9E16-435A-9327-6FFEC6BA372F} => removed successfully
HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{1E5724EA-3423-4BD3-ABD6-46E650D2DC66} => removed successfully
HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{1E8A29BA-827D-4031-A4A3-AE7999B402F6} => removed successfully
HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{1EA072EE-57FD-495E-889C-8243C3BDBDBC} => removed successfully
HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{1FD7F53F-7ED5-439C-9A77-A3821CD09E98} => removed successfully
HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{20E47D5B-529A-45BD-8E77-BF1A3064A008} => removed successfully
HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{2709544A-5B24-4F9F-A5DA-CEC7297D3A4E} => removed successfully
HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{2BCA857B-A18B-4AFA-B183-CC0E49C12058} => removed successfully
HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{2C74F89E-7421-46B4-BA54-F86F1BD9F237} => removed successfully
HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{2C7D1157-7D50-4A88-9777-5EBBA3189AB8} => removed successfully
HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{3497C2EC-5684-4B21-AF74-F6760E0221DC} => removed successfully
HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{38C8B14E-7879-4DA9-8C3F-8CAAC359293A} => removed successfully
HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{3FCEB42C-9B98-486A-BED7-FD7F3ADB7291} => removed successfully
HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{40770568-0D5E-49D4-BE47-BC47A4F0B0A4} => removed successfully
HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{44A52280-AE56-490D-890C-89FB7279ED6B} => removed successfully
HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{46C56738-39C6-4240-8B9B-008CCD769A84} => removed successfully
HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{47179DDE-10AC-4737-97C9-8CE5379343EA} => removed successfully
HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{475C7B4A-6964-4F9E-9708-05A16EAC31D0} => removed successfully
HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{48270F9E-CCF6-4C79-B6FF-267C960E6425} => removed successfully
HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{48FEFCD7-5D7C-4E4A-9F11-60E69A31D4B1} => removed successfully
HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{49998808-648A-4A9C-A7A5-B1672775D9AB} => removed successfully
HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{4A756F5F-CBA4-428B-B17F-AF80C0C8502D} => removed successfully
HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{4B40437B-8972-4444-BBE3-1588FF55F203} => removed successfully
HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{4BD03680-3C0F-4501-AFF7-3D008586917F} => removed successfully
HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{5544903C-2CCC-487C-91BB-F310B72A8E9B} => removed successfully
HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{59A224A2-BEF8-4C89-96E0-83A5411ABB6C} => removed successfully
HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{622F6193-E4DD-46E6-BC66-2ED88E9FD28D} => removed successfully
HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{6451051B-AD22-4C6A-ACCE-013A0E1DDBC3} => removed successfully
HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{64B99FDB-1D85-447F-98C7-569DBDA723DB} => removed successfully
HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{6BCE6F6E-C050-4F39-BD98-E2743949F724} => removed successfully
HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{6F56D7C9-18DD-4C15-9FA8-C54E3610EC40} => removed successfully
HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{70DBCAE8-8C2B-450C-9E1D-43E4686C6512} => removed successfully
HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{713C0E8A-5AE8-4695-B442-5ED6C4FE5C42} => removed successfully
HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{7293E009-3015-4AD3-96EC-D42C36B5FCE3} => removed successfully
HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{72EFC580-D085-4B81-8C55-26A79E445338} => removed successfully
HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{750AEC19-2E4C-4ED9-9B9F-F9CAFCD060F3} => removed successfully
HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{794199C5-827C-41C8-8CB2-3A1EA056AF5E} => removed successfully
HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{798391FE-4AF2-4851-9DDA-1F0D70C02A9E} => removed successfully
HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{7BA16B3F-1AB3-4BD7-B959-52C4B8504EE9} => removed successfully
HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{7C239DAB-BC87-45F3-B7B1-FCC1541A235B} => removed successfully
HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{834CE679-2E47-49DE-9E41-FEC87E9192EB} => removed successfully
HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{849AFB5B-D6C9-4924-A712-F7118FF9611F} => removed successfully
HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{85452F88-5071-492E-B850-2E3C586DCBD8} => removed successfully
HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{87F5CF8F-A06D-498F-A05F-E520E6B570DB} => removed successfully
HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{89F0FC31-3B1D-494B-A75B-6BD4FA527B8A} => removed successfully
HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{8AA16DFC-DFC6-4B51-8FA2-A5D812BE33BF} => removed successfully
HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{8ED07FEF-E1B0-4CC3-B2BA-D354828AB952} => removed successfully
HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{988F4102-E6E3-4282-ACAC-55270827F2A8} => removed successfully
HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{9906CDFC-DB2C-4126-9422-13139B148495} => removed successfully
HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{9A21C6C5-27FC-4442-8590-575E7AFD73BB} => removed successfully
HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{9ECF83FB-23C5-43B6-83DE-93CFBDD74D4A} => removed successfully
HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{A58F47CC-FF65-4152-B0B1-666C643A5BFC} => removed successfully
HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{A6A3D586-44CF-44C2-A92C-620BB713B4F2} => removed successfully
HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{ABBE3F83-D585-4A50-9B69-198B0F566F2E} => removed successfully
HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{AC5CECFA-F03A-41D2-A89C-704C44935941} => removed successfully
HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{B1560245-190E-4BBD-81DF-9B642D0E5325} => removed successfully
HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{B2A579E0-A797-40B1-8AEE-A8F6404719F8} => removed successfully
HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{B47196BC-D4AB-41BB-A771-543D67CFC9F5} => removed successfully
HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{B53CEF4B-1A13-49DE-BBC5-A7100FB2F38C} => removed successfully
HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{B5EE2B68-9A23-4BCD-BB77-FEA6DFB24DD6} => removed successfully
HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{B80687F9-FA4C-4735-9DC4-E5715F2BC698} => removed successfully
HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{BAE5802A-CF21-4F9C-AE04-D98F4036AC31} => removed successfully
HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{BBF6A206-CB04-479D-96AE-349E1E83319A} => removed successfully
HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{BC71DEA1-D6FB-48B8-AB06-D151C81BBCDD} => removed successfully
HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{BF224DC3-B602-4EEE-BFE9-9E4E0AED6837} => removed successfully
HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{BF4CC07E-E9BB-40D6-873F-855B211033B9} => removed successfully
HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{C061C82C-D041-4214-BB07-B608107CEFCB} => removed successfully
HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{C2D4ACCC-A3D1-4A0A-AD59-0DD8BA3D5EE1} => removed successfully
HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{C8C18F89-794D-466B-8B97-95634D9890EF} => removed successfully
HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{C8EC7647-1E79-4F13-81D7-2EED803D0D22} => removed successfully
HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{CC23CA32-9892-4FBA-A108-FE31CA0F35A6} => removed successfully
HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{CD865713-70D6-4E15-BB7B-9B99AD9DEB85} => removed successfully
HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{D56F5AB3-9C4D-4F1A-A851-A671D9FE8C22} => removed successfully
HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{D66873EA-AAE5-41CC-8DD2-8CE3228E9F89} => removed successfully
HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{D86B6C47-11F2-4D95-B635-EA575F0892FC} => removed successfully
HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{DB207560-8449-4FAF-BDC2-61676EB012D4} => removed successfully
HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{DE74F5AD-DA2F-429F-BAF9-850A2808D585} => removed successfully
HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{DF6525C2-6358-4B07-813D-708120C5FE1A} => removed successfully
HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{E177A457-9EAA-43C3-A3CE-84874A28F6CA} => removed successfully
HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{E29F6C45-6927-4508-8F3F-34105FD3FC5F} => removed successfully
HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{E4222C78-3670-4BB1-9AD4-7D8F3E581F2D} => removed successfully
HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{E70DE962-842A-4488-9481-1D0FD72A020F} => removed successfully
HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{E9C07CEC-7B82-49E4-BBA2-7533B88E9D64} => removed successfully
HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{EA34A0C0-5CE7-4701-A6FA-117D25CD5EBB} => removed successfully
HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{C2D4ACCC-A3D1-4A0A-AD59-0DD8BA3D5EE1} => not found
HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{C8C18F89-794D-466B-8B97-95634D9890EF} => not found
HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{C8EC7647-1E79-4F13-81D7-2EED803D0D22} => not found
HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{CC23CA32-9892-4FBA-A108-FE31CA0F35A6} => not found
HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{CD865713-70D6-4E15-BB7B-9B99AD9DEB85} => not found
HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{D56F5AB3-9C4D-4F1A-A851-A671D9FE8C22} => not found
HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{D66873EA-AAE5-41CC-8DD2-8CE3228E9F89} => not found
HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{D86B6C47-11F2-4D95-B635-EA575F0892FC} => not found
HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{DB207560-8449-4FAF-BDC2-61676EB012D4} => not found
HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{DE74F5AD-DA2F-429F-BAF9-850A2808D585} => not found
HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{DF6525C2-6358-4B07-813D-708120C5FE1A} => not found
HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{E177A457-9EAA-43C3-A3CE-84874A28F6CA} => not found
HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{E29F6C45-6927-4508-8F3F-34105FD3FC5F} => not found
HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{EF01D98A-747B-4522-AD70-991B90855DBF} => removed successfully
HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{F196F03F-651A-43AF-BE34-D11942F24445} => removed successfully
HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{F2DB0EE3-7137-4CB0-8349-483C4FF2143A} => removed successfully
HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{F40E2FF0-4D77-40B2-9A44-A3AEECCE8EFF} => removed successfully
HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{F5522F0C-962A-48AC-9992-E81B07628F1F} => removed successfully
HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{F78DCF7C-043D-45FC-9D21-676FC307BA3F} => removed successfully
HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{F868EAEC-1B73-4F5E-BA73-90EBA94E75BE} => removed successfully
HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{FA97F7A7-FD19-4D55-ABF2-CFEFFF777426} => removed successfully
HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{FD51ED8A-D518-4554-B236-B6E9D234FD03} => removed successfully
HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{FE054BB2-AF94-40AC-88AA-2F59F7018B1D} => removed successfully
HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{FE317223-8EDE-4684-B424-E48B9EA90220} => removed successfully
HKU\S-1-5-21-4123483902-689985857-2153118612-1002_Classes\CLSID\{FE718E8F-C3AA-4F30-9103-432450CF1DA1} => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\AutoCAD Digital Signatures Icon Overlay Handler => removed successfully
HKLM\Software\Classes\CLSID\{36A21736-36C2-4C11-8ACB-D4136F2B57BD} => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\7-Zip => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
"HKLM\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D}" => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\DriveFS 28 or later => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\PDFCreator.ShellContextMenu => removed successfully
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\{4A7C4306-57E0-4C0C-83A9-78C1528F618C} => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\7-Zip => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\DriveFS 28 or later => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\Offline Files => removed successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\DriveFS 28 or later => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\Offline Files => removed successfully
HKU\S-1-5-21-4123483902-689985857-2153118612-1002\Software\Classes\Folder\ShellEx\ContextMenuHandlers\InventorMenu => removed successfully
C:\Windows => ":CM_2fc6bb5911f8ec497148a890945a6514141ed49d2c744fd5c5eb1f84b9f6aca2" ADS removed successfully
C:\Windows => ":CM_907695013ca08992cd58feb07e0251af0db243016da7741a2963bd09f47d77f4" ADS removed successfully
C:\ProgramData\TEMP => ":CD30FA91" ADS removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 23595847 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 0 B
Windows/system/drivers => 6440408 B
Edge => 0 B
Chrome => 380805849 B
Brave => 397084856 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 705506 B
NetworkService => 705506 B
Vali => 207485556 B
Tami => 281010156 B

RecycleBin => 68815633 B
EmptyTemp: => 1.3 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 16:59:55 ====

[Rudy]

Smazáno. Nastala nějaká změna?

[Lancre]

Bohužel ne, viz printscreen.

[Rudy]

OK. Otevřte správce úloh a podívejte se, který proces nejvíce zatěžuje disk.

[Lancre]

Běželo několik procesů "NVIDIA Container". Po jejich ukončení využití disku pokleslo na jednotky procent.

[Rudy]

Zkuste přeinstalovat ovladač grafiky nejnovější verzí. Pokud problém nezmizí, použijte jednu z metod zde: https://tech4gamers-com.translate.goog/ ... _tr_pto=sc .

[Lancre]

Dobře. Moc děkuji za pomoc.