Pomalé PC WIN 10

[AndySue]

Zdravím,

mám pomalé PC, místa na SDD dost, paměť jede na 89%.

Prosím o kontrolu logů:

[AndySue]

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 11-09-2023
Ran by admin (administrator) on DESKTOP-OLM3P1O (HP HP Z240 Tower Workstation) (14-09-2023 11:37:38)
Running from C:\Users\admin\Desktop\OSTATNÍ\VIRY.cz\FRST64.exe
Loaded Profiles: admin
Platform: Microsoft Windows 10 Pro Version 22H2 19045.3324 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Acronis, Inc -> Acronis) C:\Program Files (x86)\Acronis\DriveMonitor\adm_tray.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe <2>
(C:\Program Files (x86)\Common Files\iMyFone\Components\Resident\LocalService.exe ->) () [File not signed] C:\Program Files (x86)\Common Files\iMyFone\Components\Resident\MFResident.exe
(C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\EasyPHP-DevServer-14.1VC11.exe ->) () [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\mysql\bin\eds-mysqld.exe
(C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\EasyPHP-DevServer-14.1VC11.exe ->) (Apache Software Foundation) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\bin\eds-httpd.exe <2>
(C:\Program Files\Google\Drive File Stream\79.0.2.0\GoogleDriveFS.exe ->) (Google LLC -> Google, Inc.) C:\Program Files\Google\Drive File Stream\80.0.1.0\GoogleDriveFS.exe <6>
(C:\Program Files\HP\HP Enabling Services\NetworkCap.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\BridgeCommunication.exe <2>
(C:\Program Files\LibreOffice\program\soffice.exe ->) (The Document Foundation -> The Document Foundation) C:\Program Files\LibreOffice\program\soffice.bin
(C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(C:\Program Files\RealVNC\VNC Server\vncserver.exe ->) (RealVNC Ltd -> RealVNC Ltd) C:\Program Files\RealVNC\VNC Server\vncagent.exe
(C:\Program Files\RealVNC\VNC Server\vncserver.exe ->) (RealVNC Ltd -> RealVNC Ltd) C:\Program Files\RealVNC\VNC Server\vncserverui.exe
(C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS\SLDWORKS.exe ->) (Dassault Systemes SolidWorks Corp. -> Dassault Systèmes SolidWorks Corp.) C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS\sldProcMon.exe
(C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS\SLDWORKS.exe ->) (Google LLC -> ) C:\Program Files\Google\Drive File Stream\80.0.1.0\crashpad_handler.exe <4>
(C:\Program Files\totalcmd\TOTALCMD64.EXE ->) (Jan Fiala -> Jan Fiala) C:\Program Files (x86)\PSPad editor\PSPad.exe
(C:\Program Files\WindowsApps\Microsoft.YourPhone_1.23072.150.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.23072.150.0_x64__8wekyb3d8bbwe\YourPhoneAppProxy.exe
(C:\Users\admin\Desktop\OSTATNÍ\VIRY.cz\RSITx64.exe ->) (Trend Micro Inc.) [File not signed] C:\Program Files\trend micro\admin.exe
(cmd.exe ->) (The PHP Group) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\php\php_runningversion\php.exe
(Dassault Systemes SolidWorks Corp. -> Dassault Systèmes SolidWorks Corp.) C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS\SLDWORKS.exe
(explorer.exe ->) () [File not signed] C:\Users\admin\Desktop\OSTATNÍ\VIRY.cz\RSITx64.exe
(explorer.exe ->) (Acronis, Inc -> Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(explorer.exe ->) (Dassault Systemes SolidWorks Corp. -> Dassault Systèmes SolidWorks Corp.) C:\Program Files (x86)\Common Files\Manažer instalací SOLIDWORKS\BackgroundDownloading\sldBgDwld.exe
(explorer.exe ->) (Dassault Systemes SolidWorks Corp. -> Dassault Systèmes SolidWorks Corp.) C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS\sldworks_fs.exe
(explorer.exe ->) (EasyPHP) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\EasyPHP-DevServer-14.1VC11.exe
(explorer.exe ->) (Ghisler Software GmbH -> Ghisler Software GmbH) C:\Program Files\totalcmd\TOTALCMD64.EXE
(explorer.exe ->) (Google LLC -> ) C:\Program Files\Google\Drive File Stream\79.0.2.0\crashpad_handler.exe <3>
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <28>
(explorer.exe ->) (Google LLC -> Google, Inc.) C:\Program Files\Google\Drive File Stream\79.0.2.0\GoogleDriveFS.exe
(explorer.exe ->) (HSMWorks ApS -> HSMWorks ApS hxxp://www.hsmworks.com) C:\Program Files (x86)\Autodesk\HSMWorks Distributed CAM\distributedcam.exe
(explorer.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Pixart Imaging Inc) C:\Windows\System32\TiltWheelMouse.exe
(explorer.exe ->) (Open Source Developer, Phillip Gibbons -> Highresolution Enterprises) C:\Program Files\Highresolution Enterprises\X-Mouse Button Control\XMouseButtonControl.exe
(explorer.exe ->) (Petr Laštovička) [File not signed] C:\Users\admin\Documents\INSTALL\Instalace 2016-10-23\hotkeyp\HotkeyP.exe
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.292\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.292\GoogleCrashHandler64.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MusNotifyIcon.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Thunderbird\thunderbird.exe <4>
(Python Software Foundation -> Python Software Foundation) C:\Users\admin\AppData\Local\Programs\Python\Python311\python.exe <4>
(services.exe ->) (Acronis, Inc -> Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (Flexera Software LLC -> Flexera Software LLC) C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe
(services.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome Remote Desktop\116.0.5845.9\remoting_host.exe <2>
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\AppHelperCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\DiagsCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\NetworkCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\SysInfoCap.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_9949412f65718dfe\LMS.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_670360bdb5a40a0d\WMIRegistrationService.exe
(services.exe ->) (Intel Corporation -> Intel(R) Corporation) C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_45efd8a6478e15ce\lib\TPMProvisioningService.exe
(services.exe ->) (Intel Corporation -> Intel(R) Corporation) C:\Windows\SysWOW64\XtuService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\NisSrv.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvwu.inf_amd64_c034505b1fb1d43e\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvwu.inf_amd64_c034505b1fb1d43e\NVWMI\nvWmi64.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(services.exe ->) (RealVNC Ltd -> RealVNC Ltd) C:\Program Files\RealVNC\VNC Server\vncserver.exe
(services.exe ->) (Shenzhen iMyFone Technology Co., Ltd -> ) C:\Program Files (x86)\Common Files\iMyFone\Components\Resident\LocalService.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(spoolsv.exe ->) (CANON INC. -> CANON INC.) C:\Windows\System32\CNAB4RPD.EXE
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_11.2307.4.0_x64__8wekyb3d8bbwe\CalculatorApp.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe <4>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(The Document Foundation -> The Document Foundation) C:\Program Files\LibreOffice\program\soffice.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18391120 2019-03-04] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [MouseDriver] => C:\WINDOWS\system32\TiltWheelMouse.exe [241152 2013-04-09] (Microsoft Windows Hardware Compatibility Publisher -> Pixart Imaging Inc)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [462328 2009-10-27] (Acronis, Inc -> Acronis)
HKLM\...\Run: [XMouseButtonControl] => C:\Program Files\Highresolution Enterprises\X-Mouse Button Control\XMouseButtonControl.exe [1738088 2023-06-24] (Open Source Developer, Phillip Gibbons -> Highresolution Enterprises)
HKLM-x32\...\Run: [adm_tray.exe] => C:\Program Files (x86)\Acronis\DriveMonitor\adm_tray.exe [530768 2010-06-04] (Acronis, Inc -> Acronis)
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\80.0.1.0\GoogleDriveFS.exe [55747872 2023-08-28] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\80.0.1.0\GoogleDriveFS.exe [55747872 2023-08-28] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-567959055-877555932-3223723616-1000\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\80.0.1.0\GoogleDriveFS.exe [55747872 2023-08-28] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-567959055-877555932-3223723616-1001\...\Run: [EasyPHP] => C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\EasyPHP-DevServer-14.1VC11.exe [279552 2014-01-09] (EasyPHP) [File not signed]
HKU\S-1-5-21-567959055-877555932-3223723616-1001\...\Run: [HotkeyP] => C:\Users\admin\Documents\INSTALL\Instalace 2016-10-23\hotkeyp\HotkeyP.exe [147456 2012-11-20] (Petr Laštovička) [File not signed]
HKU\S-1-5-21-567959055-877555932-3223723616-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\80.0.1.0\GoogleDriveFS.exe [55747872 2023-08-28] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-567959055-877555932-3223723616-1001\...\Run: [HSMWorks Distributed CAM] => C:\Program Files (x86)\Autodesk\HSMWorks Distributed CAM\distributedcam.exe [488576 2012-09-30] (HSMWorks ApS -> HSMWorks ApS hxxp://www.hsmworks.com)
HKU\S-1-5-21-567959055-877555932-3223723616-1001\...\RunOnce: [Application Restart #2] => C:\Program Files\Microsoft Visual Studio\2022\Community\Common7\IDE\devenv.exe [1004480 2023-02-06] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-567959055-877555932-3223723616-1001\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" [64450472 2023-09-07] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-567959055-877555932-3223723616-1001\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\admin\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-567959055-877555932-3223723616-1001\...\RunOnce: [Uninstall 23.153.0724.0003] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\admin\AppData\Local\Microsoft\OneDrive\23.153.0724.0003" [0 2023-08-28] () <==== ATTENTION [zero byte File/Folder]
HKU\S-1-5-21-567959055-877555932-3223723616-1001\...\RunOnce: [Uninstall 23.158.0730.0001\i386] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\admin\AppData\Local\Microsoft\OneDrive\23.158.0730.0001\i386" [0 2023-08-31] () <==== ATTENTION [zero byte File/Folder]
HKU\S-1-5-21-567959055-877555932-3223723616-1001\...\RunOnce: [Uninstall 23.158.0730.0001] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\admin\AppData\Local\Microsoft\OneDrive\23.158.0730.0001" [0 2023-08-31] () <==== ATTENTION [zero byte File/Folder]
HKU\S-1-5-21-567959055-877555932-3223723616-1001\...\MountPoints2: {bc7d3332-a0f9-11ec-b7c8-9457a5edaf40} - "E:\WD SmartWare.exe" autoplay=true
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\80.0.1.0\GoogleDriveFS.exe [55747872 2023-08-28] (Google LLC -> Google, Inc.)
HKLM\...\Windows x64\Print Processors\hpcpp160: C:\Windows\System32\spool\prtprocs\x64\hpcpp160.dll [602912 2013-12-04] (Hewlett-Packard Company -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\CNAB4 Monitor: C:\WINDOWS\system32\CNAB4LMD.DLL [58880 2012-10-10] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\HP Universal Print Monitor: C:\WINDOWS\system32\HPMPW081.DLL [74016 2013-12-04] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM\...\Print\Monitors\HPMLM135: C:\WINDOWS\system32\hpmlm135.dll [237344 2013-12-04] (Hewlett-Packard Company -> Hewlett-Packard Company)
HKLM\...\Print\Monitors\MONVNC: C:\WINDOWS\system32\VNCpm.dll [37704 2017-05-19] (RealVNC Ltd -> RealVNC Ltd)
HKLM\...\Print\Monitors\PrimoMon: C:\WINDOWS\system32\Primomonnt.dll [95008 2015-09-01] (Nitro PDF Software -> )
HKLM\...\Print\Monitors\ZDesigner Language Monitor: C:\WINDOWS\system32\zdnNLM64.dll [645760 2021-02-03] (Microsoft Windows Hardware Compatibility Publisher -> Euro Plus d.o.o.)
HKLM\...\Print\Monitors\ZDesigner Port Monitor: C:\WINDOWS\system32\zdnPMS.dll [206032 2022-08-12] (Euro Plus d.o.o. -> Euro Plus d.o.o.)
HKLM\...\Print\Monitors\ZDesigner2 Language Monitor: C:\WINDOWS\system32\ZDesignerLM.dll [961632 2021-12-24] (Zebra Technologies Corporation -> Zebra Technologies Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] -> C:\Windows\System32\Rundll32.exe C:\Windows\System32\mscories.dll,Install
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\116.0.5845.188\Installer\chrmstp.exe [2023-09-12] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] -> C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
Startup: C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\chrome – zástupce.lnk [2023-01-30]
ShortcutTarget: chrome – zástupce.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
Startup: C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EasyPHP-DevServer-14.1VC11.exe [2014-01-09] (EasyPHP) [File not signed]
Startup: C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LibreOffice 7.1.lnk [2023-05-15]
ShortcutTarget: LibreOffice 7.1.lnk -> C:\Program Files\LibreOffice\program\quickstart.exe (The Document Foundation -> The Document Foundation)
Startup: C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\thunderbird – zástupce.lnk [2022-10-31]
ShortcutTarget: thunderbird – zástupce.lnk -> C:\Program Files\Mozilla Thunderbird\thunderbird.exe (Mozilla Corporation -> Mozilla Corporation)
Startup: C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TOTALCMD64 – zástupce.lnk [2023-01-30]
ShortcutTarget: TOTALCMD64 – zástupce.lnk -> C:\Program Files\totalcmd\TOTALCMD64.EXE (Ghisler Software GmbH -> Ghisler Software GmbH)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Canon LBP2900 Status Window.lnk [2021-12-21]
ShortcutTarget: Canon LBP2900 Status Window.lnk -> C:\Windows\System32\spool\drivers\x64\3\CNAB4LAD.EXE (CANON INC. -> CANON INC.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SOLIDWORKS 2016 Rychlé spuštění.lnk [2021-11-15]
ShortcutTarget: SOLIDWORKS 2016 Rychlé spuštění.lnk -> C:\Windows\Installer\{768F3B65-1695-47B7-9002-B11400CB111D}\NewShortcut2_87EDF6C81D0A4B7B84F42FE0C6A9D608.exe (Flexera Software LLC) [File not signed]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SOLIDWORKS Nástroj pro stahování na pozadí.lnk [2021-11-15]
ShortcutTarget: SOLIDWORKS Nástroj pro stahování na pozadí.lnk -> C:\Program Files (x86)\Common Files\Manažer instalací SOLIDWORKS\BackgroundDownloading\sldBgDwld.exe (Dassault Systemes SolidWorks Corp. -> Dassault Systèmes SolidWorks Corp.)

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {B5650A47-3C00-4695-B5E6-2F8E87D4FBBF} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1566200 2023-08-02] (Adobe Inc. -> Adobe Inc.)
Task: {4BDD8778-2A6F-4962-8EC7-6FF9D27659AC} - System32\Tasks\COMPANY update => C:\Users\admin\Documents\www\www.admin.loc\system\BAT\update_company_loop.bat [393 2023-07-26] () [File not signed]
Task: {6DD44390-8EA1-4D57-B3D6-CF5B7CC125A7} - System32\Tasks\GoogleUpdateTaskMachineCore{BCCDEC18-BA77-484E-8BC6-CEC8D9209833} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2022-04-01] (Google Inc -> Google Inc.)
Task: {1CD5D3D9-24C2-4E37-B143-315F7684E069} - System32\Tasks\GoogleUpdateTaskMachineUA{6BBEFD20-E2F8-4A64-BA01-B256B44C7E8D} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2022-04-01] (Google Inc -> Google Inc.)
Task: {ABEB1A4F-2159-464A-A0DC-321EC2C14041} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Update Notice => C:\Program Files (x86)\HP\HP Support Framework\Resources\BingPopup\BingPopup.exe [703536 2023-08-25] (HP Inc. -> HP Inc.)
Task: {0819FB25-04EC-445F-BE82-9A09B0964AE6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSFReport.exe [138328 2023-08-25] (HP Inc. -> HP Inc.)
Task: {59E4F7B7-CA12-45D5-8AEE-FA53C1495B62} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPPrinterLowInk => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPPrinterLowInk\HPPrinterLowInk.exe [230960 2023-08-25] (HP Inc. -> HP Inc.)
Task: {0FE91EF9-07C2-4C5C-8540-9661871CA0AF} - System32\Tasks\Hewlett-Packard\HP Web Products Detection => C:\Program Files (x86)\HP\HP Support Framework\Modules\HPWPD.exe [310824 2023-08-25] (HP Inc. -> HP Inc.)
Task: {17DE8725-172B-4D83-8BC9-06F8CFD67292} - System32\Tasks\Hewlett-Packard\HPDeviceCheck => C:\Program Files (x86)\HP\HP Support Framework\Modules\HPDeviceCheck\HPDeviceCheck.exe [316456 2023-08-25] (HP Inc. -> )
Task: {80F573B6-B8E6-4BA3-A5BB-B55745971B28} - System32\Tasks\IMAP syncro => C:\Users\admin\Documents\www\www.admin.loc\system\Python\imap_syncro.bat [111 2023-04-12] () [File not signed]
Task: {3198E568-D7A8-4373-931C-F8F46B4A289F} - System32\Tasks\MACHINES_LOG => C:\Users\admin\Documents\www\www.admin.loc\system\BAT\machines_log_loop.bat [429 2023-07-26] () [File not signed]
Task: {147C811D-E8C5-4650-8ADC-661D0FCD0C1B} - System32\Tasks\Microsoft\VisualStudio\Updates\BackgroundDownload => C:\Program Files (x86)\Microsoft Visual Studio\Installer\resources\app\ServiceHub\Services\Microsoft.VisualStudio.Setup.Service\BackgroundDownload.exe [73648 2023-02-06] (Microsoft Corporation -> Microsoft)
Task: {D9409913-96E9-456B-BB38-249B2ECFDB12} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\MpCmdRun.exe [1596304 2023-08-30] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A39AD40C-30BB-43D1-BCE8-AAA184C7408D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\MpCmdRun.exe [1596304 2023-08-30] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {70916F60-3CB6-4A09-B251-0954010A197E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\MpCmdRun.exe [1596304 2023-08-30] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4C6CF929-D415-4CB4-8B82-39A8FADC3139} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\MpCmdRun.exe [1596304 2023-08-30] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {3F955AB3-23DE-4EA6-8BF1-EE07E7F4A253} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [675232 2023-09-13] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {85356A58-CBF9-48C7-897A-7C45CAEBA128} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [722336 2023-09-13] (Mozilla Corporation -> Mozilla Foundation)
Task: {311EB5D0-3570-403E-9A13-DE2B8D670493} - System32\Tasks\npcapwatchdog => C:\Program Files\Npcap\CheckStatus.bat [1145 2021-03-24] () [File not signed]
Task: {EE2C95BB-E303-4CE1-BCCC-6076C278AAD0} - System32\Tasks\nWizard_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [1554120 2022-06-13] (Nvidia Corporation -> NVIDIA Corporation)
Task: {37F185F9-2FD1-4D4E-8054-4C132D4B72D2} - System32\Tasks\Probudit PC 7.45 po-pá => C:\Users\admin\Desktop\wake.bat (No File)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\..\Interfaces\{b9f3719c-ace1-4167-aaa2-85c5dd728a98}: [NameServer] 192.168.11.1,8.8.8.8

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\admin\AppData\Local\Microsoft\Edge\User Data\Default [2023-09-14]
Edge Notifications: Default -> hxxps://teams.microsoft.com
Edge Session Restore: Default -> is enabled.
Edge Extension: (Dokumenty Google offline) - C:\Users\admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-08-30]
Edge Extension: (Edge relevant text changes) - C:\Users\admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-09-14]

FireFox:
========
FF DefaultProfile: tknw74kv.default
FF ProfilePath: C:\Users\admin\AppData\Roaming\Thunderbird___nová instalace\Profiles\tknw74kv.default [not found] <==== ATTENTION
FF DefaultProfile: iQsF42px.default
FF ProfilePath: C:\Users\admin\AppData\Roaming\Thunderbird___nová instalace\Profiles\u0ntw8kz.default-release [2021-11-15]
FF ProfilePath: C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\ntpvq0ak.default-release [2023-09-11]
FF ProfilePath: C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\iQsF42px.default [2023-09-11]
FF Homepage: Mozilla\Firefox\Profiles\iQsF42px.default -> hxxp://localhost/www.admin.loc/index.php?src=b35e&refres ... document=1
FF Session Restore: Mozilla\Firefox\Profiles\iQsF42px.default -> is enabled.
FF Notifications: Mozilla\Firefox\Profiles\iQsF42px.default -> hxxps://calendar.google.com; hxxps://www.digitaltrends.com; hxxps://my.netatmo.com; hxxps://aukro.cz; hxxps://www.machineseeker.co.uk; hxxps://www.heureka.cz; hxxps://r1132100503382-eu1-3dswym.3dexperience.3ds.com; hxxps://www.machineseeker.com
FF Extension: (Avira Browser Safety) - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\iQsF42px.default\Extensions\abs@avira.com.xpi [2022-05-02]
FF Extension: (Bing Search) - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\iQsF42px.default\Extensions\bingsearch.full@microsoft.com.xpi [2016-10-23] [Legacy]
FF Extension: (Český slovník pro kontrolu pravopisu) - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\iQsF42px.default\Extensions\cs@dictionaries.addons.mozilla.org.xpi [2021-06-21]
FF Extension: (Form History Control (II)) - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\iQsF42px.default\Extensions\formhistory@yahoo.com.xpi [2019-12-30]
FF Extension: (Lazarus: Form Recovery) - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\iQsF42px.default\Extensions\lazarus@interclue.com.xpi [2016-04-28] [Legacy]
FF Extension: (Textarea Cache) - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\iQsF42px.default\Extensions\{578e7caa-210f-4967-a0d3-88fe5b59a39f}.xpi [2017-06-05] [Legacy]
FF Extension: (Manipulist 3DViewer) - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\iQsF42px.default\Extensions\{93256482-e41a-49fd-9918-7cfcfe2eec5b}.xpi [2021-03-19]
FF SearchPlugin: C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\iQsF42px.default\searchplugins\bing-.xml [2016-10-23]
FF Plugin: 3ds.com/ComposerPlayerWebPlugin_x86_64 -> C:\PROGRA~1\SOLIDW~1\SOLIDW~3\Bin\NPCOMP~1.DLL [2016-10-13] (DASSAULT SYSTEMES SA -> Dassault Systemes)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2023-08-19] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: 3ds.com/ComposerPlayerWebPlugin -> C:\PROGRA~1\SOLIDW~1\SOLIDW~3\Bin\x86\NPCOMP~1.DLL [2016-10-13] (DASSAULT SYSTEMES SA -> Dassault Systemes)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default [2023-09-14]
CHR Notifications: Default -> hxxps://calendar.google.com; hxxps://teams.microsoft.com; hxxps://www.conrad.cz
CHR Extension: (Tablet Gestures) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\adpfjochlgeifbpfnlchcdcmoaafnoim [2023-07-11]
CHR Extension: (Adblock na Youtube™) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2023-05-30]
CHR Extension: (Type-ahead-find) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpecbmjeidppdiampimghndkikcmoadk [2023-03-23]
CHR Extension: (Typio Form Recovery) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\djkbihbnjhkjahbhjaadbepppbpoedaa [2023-07-18]
CHR Extension: (Thunderbird online Mozilla email client) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\fajkohdialmlcffkdlhdnedoecahkabk [2023-04-03]
CHR Extension: (I don't care about cookies) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\fihnjjcciajhdojfnbdddfaoknhalnja [2023-08-11]
CHR Extension: (AdBlock Suite) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gekoepiplklhniacchbbgbhilidiojmb [2023-09-08]
CHR Extension: (Dokumenty Google offline) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-08-30]
CHR Extension: (RestMan) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihgpcfpkpmdcghlnaofdmjkoemnlijdi [2023-03-21]
CHR Extension: (Chrome Remote Desktop) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\inomeogfingihgjfjlpeplalcfajhgai [2022-12-15]
CHR Extension: (Spouštěč aplikací pro Disk (od Googlu)) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2023-08-15]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-12-15]
CHR Extension: (Open Email Client) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\oofmnabdpcibefadlibdpnnbglcehfpj [2023-04-03]
CHR Profile: C:\Users\admin\AppData\Local\Google\Chrome\User Data\Guest Profile [2023-08-11]
CHR Profile: C:\Users\admin\AppData\Local\Google\Chrome\User Data\Host [2023-07-31] <==== ATTENTION
CHR Extension: (Dokumenty Google offline) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Host\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-07-31]
CHR Extension: (Spouštěč aplikací pro Disk (od Googlu)) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Host\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2023-07-31]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Host\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-07-31]
CHR Profile: C:\Users\admin\AppData\Local\Google\Chrome\User Data\Osoba 1 [2023-07-31] <==== ATTENTION
CHR Extension: (Dokumenty Google offline) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Osoba 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-07-31]
CHR Extension: (Spouštěč aplikací pro Disk (od Googlu)) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Osoba 1\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2023-07-31]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Osoba 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-07-31]
CHR Profile: C:\Users\admin\AppData\Local\Google\Chrome\User Data\Osoba 2 [2023-07-31] <==== ATTENTION
CHR Extension: (Dokumenty Google offline) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Osoba 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-07-31]
CHR Extension: (Spouštěč aplikací pro Disk (od Googlu)) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Osoba 2\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2023-07-31]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Osoba 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-07-31]
CHR Profile: C:\Users\admin\AppData\Local\Google\Chrome\User Data\System Profile [2023-07-31]
CHR HKU\S-1-5-21-567959055-877555932-3223723616-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AcrSch2Svc; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [881688 2009-10-27] (Acronis, Inc -> Acronis)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-08-02] (Adobe Inc. -> Adobe Inc.)
R2 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\116.0.5845.9\remoting_host.exe [74520 2023-06-26] (Google LLC -> Google LLC)
R2 HPAppHelperCap; C:\Program Files\HP\HP Enabling Services\AppHelperCap.exe [888768 2023-08-25] (HP Inc. -> HP Inc.)
R2 HPDiagsCap; C:\Program Files\HP\HP Enabling Services\DiagsCap.exe [887184 2023-08-25] (HP Inc. -> HP Inc.)
R2 HPNetworkCap; C:\Program Files\HP\HP Enabling Services\NetworkCap.exe [883088 2023-08-25] (HP Inc. -> HP Inc.)
R2 HPSysInfoCap; C:\Program Files\HP\HP Enabling Services\SysInfoCap.exe [887696 2023-08-25] (HP Inc. -> HP Inc.)
S2 hsmworksdcs; C:\Program Files (x86)\Autodesk\HSMWorks Distributed CAM\camservices.exe [722048 2012-09-30] (HSMWorks ApS -> HSMWorks ApS hxxp://www.hsmworks.com)
R2 MFLocalService; C:\Program Files (x86)\Common Files\iMyFone\Components\Resident\LocalService.exe [54664 2022-04-28] (Shenzhen iMyFone Technology Co., Ltd -> )
S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [50688 2013-11-15] (Hewlett-Packard) [File not signed]
R2 NVWMI; C:\WINDOWS\System32\DriverStore\FileRepository\nvwu.inf_amd64_c034505b1fb1d43e\NVWMI\nvWmi64.exe [4511232 2023-03-29] (NVIDIA Corporation -> NVIDIA Corporation)
S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [66048 2013-11-15] (Hewlett-Packard) [File not signed]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [402200 2023-08-09] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 SolidWorks Licensing Service; C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [79360 2021-11-15] (SolidWorks) [File not signed]
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [16518456 2022-12-12] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R2 vncserver; C:\Program Files\RealVNC\VNC Server\vncserver.exe [5848656 2017-05-19] (RealVNC Ltd -> RealVNC Ltd)
S3 VSStandardCollectorService150; C:\Program Files (x86)\Microsoft Visual Studio\Shared\Common\DiagnosticsHub.Collection.Service\StandardCollector.Service.exe [142304 2022-06-01] (Microsoft Corporation -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\NisSrv.exe [3121008 2023-08-30] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\MsMpEng.exe [133688 2023-08-30] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvwu.inf_amd64_c034505b1fb1d43e\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvwu.inf_amd64_c034505b1fb1d43e\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R1 googledrivefs31092; C:\WINDOWS\System32\DRIVERS\googledrivefs31092.sys [384600 2023-02-06] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
R3 MpKsl8c0a7f3f; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{C0CDD373-AFAA-4189-856C-77DB3E3CA8F6}\MpKslDrv.sys [222464 2023-09-14] (Microsoft Windows -> Microsoft Corporation)
R1 npcap; C:\WINDOWS\system32\DRIVERS\npcap.sys [71736 2021-08-30] (Insecure.Com LLC -> Insecure.Com LLC.)
S4 npcap_wifi; C:\WINDOWS\system32\DRIVERS\npcap.sys [71736 2021-08-30] (Insecure.Com LLC -> Insecure.Com LLC.)
R3 Ser2pl; C:\WINDOWS\system32\DRIVERS\ser2pl64.sys [92160 2008-10-27] (Microsoft Windows Hardware Compatibility Publisher -> Prolific Technology Inc.)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 t_mouse.sys; C:\WINDOWS\system32\DRIVERS\t_mouse.sys [6144 2013-04-09] (Microsoft Windows Hardware Compatibility Publisher -> )
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [55872 2023-08-30] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [574872 2023-08-30] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105864 2023-08-30] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-09-14 11:35 - 2023-09-14 11:35 - 000000000 ____D C:\rsit
2023-09-14 11:35 - 2023-09-14 11:35 - 000000000 ____D C:\Program Files\trend micro
2023-09-13 05:01 - 2023-09-13 05:01 - 000000000 ___HD C:\$WinREAgent
2023-09-13 03:39 - 2023-09-13 03:40 - 000000000 ____D C:\Program Files\Mozilla Firefox
2023-09-07 07:57 - 2023-09-07 07:57 - 049462417 _____ C:\Users\admin\Downloads\wetransfer_img_20230830_115945-jpg_2023-09-01_0635.zip
2023-09-06 16:43 - 2023-09-06 16:43 - 000092767 _____ C:\Users\admin\Downloads\0392023 Suchomel drevene-podlahy.org - Schody 6.9.2023 .pdf
2023-08-31 21:16 - 2023-08-31 21:18 - 000000000 ____D C:\Users\admin\Desktop\SP
2023-08-31 08:00 - 2023-09-13 07:58 - 000000000 ____D C:\Program Files\Mozilla Thunderbird
2023-08-30 19:11 - 2023-08-30 19:11 - 000016085 _____ C:\Users\admin\Downloads\util_decryptc_1_2.zip
2023-08-30 19:11 - 2023-08-30 19:11 - 000016085 _____ C:\Users\admin\Desktop\util_decryptc_1_2.zip
2023-08-30 19:11 - 2023-08-30 19:11 - 000000000 ____D C:\Users\admin\Desktop\util_decryptc_1_2
2023-08-30 19:07 - 2023-08-30 19:07 - 000000175 _____ C:\Users\admin\Desktop\wcx_ftp_sp_decode.txt
2023-08-30 19:06 - 2023-08-30 19:08 - 000000171 _____ C:\Users\admin\Desktop\wcx_ftp.ini
2023-08-30 18:49 - 2023-08-30 18:51 - 988988861 _____ C:\Users\admin\Downloads\syachting_n0g8.sql
2023-08-29 10:56 - 2023-08-29 10:56 - 000159368 _____ C:\Users\admin\Downloads\TP2 (3).pdf
2023-08-28 18:04 - 2023-08-28 18:04 - 000161305 _____ C:\Users\admin\Downloads\TP3 (1).pdf
2023-08-28 18:03 - 2023-08-28 18:03 - 000161305 _____ C:\Users\admin\Downloads\TP3.pdf
2023-08-28 18:03 - 2023-08-28 18:03 - 000159368 _____ C:\Users\admin\Downloads\TP2.pdf
2023-08-28 18:03 - 2023-08-28 18:03 - 000159368 _____ C:\Users\admin\Downloads\TP2 (2).pdf
2023-08-28 18:03 - 2023-08-28 18:03 - 000159368 _____ C:\Users\admin\Downloads\TP2 (1).pdf
2023-08-28 18:03 - 2023-08-28 18:03 - 000085222 _____ C:\Users\admin\Downloads\TP1 (1).pdf
2023-08-28 18:02 - 2023-08-28 18:02 - 000085222 _____ C:\Users\admin\Downloads\TP1.pdf
2023-08-28 10:33 - 2023-08-28 10:33 - 001262424 _____ C:\Users\admin\Desktop\denso.pdf
2023-08-18 15:24 - 2023-08-18 15:24 - 000233108 _____ C:\Users\admin\Desktop\Exteco s.r.o nabidka 3.pdf
2023-08-15 13:58 - 2023-08-15 13:58 - 000000008 __RSH C:\ProgramData\ntuser.pol

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-09-14 11:39 - 2023-03-13 10:40 - 000000000 ____D C:\FRST
2023-09-14 11:34 - 2021-11-15 13:23 - 000000000 ____D C:\Users\admin\Desktop\OSTATNÍ
2023-09-14 11:31 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-09-14 10:55 - 2022-04-01 06:31 - 000000000 ____D C:\Program Files (x86)\Google
2023-09-14 10:55 - 2021-12-17 09:44 - 000000000 ____D C:\WINDOWS\SystemTemp
2023-09-14 10:53 - 2021-11-15 12:22 - 000000000 ___SD C:\Users\admin\AppData\Roaming\Microsoft\Credentials
2023-09-14 10:19 - 2021-11-15 13:31 - 000000528 _____ C:\Users\admin\Desktop\!zaslat.cz.csv
2023-09-14 09:52 - 2021-11-15 13:31 - 000000153 _____ C:\Users\admin\Desktop\!podani_online.csv
2023-09-14 09:18 - 2020-11-19 00:46 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-09-13 21:41 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-09-13 21:41 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-09-13 10:39 - 2021-11-15 12:46 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2023-09-13 05:12 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-09-13 04:55 - 2021-11-15 16:42 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-09-13 04:51 - 2021-11-15 16:42 - 177941912 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-09-12 23:57 - 2022-12-15 17:32 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-09-12 10:53 - 2021-11-15 12:37 - 000000000 ____D C:\Users\admin\AppData\Local\GHISLER
2023-09-11 09:00 - 2021-11-15 16:52 - 000000000 ____D C:\Users\admin\AppData\Local\TempAdresářZálohySW
2023-09-11 07:55 - 2021-12-06 09:58 - 000000000 ____D C:\Program Files\HP
2023-09-11 07:55 - 2021-11-29 20:48 - 000000000 ____D C:\WINDOWS\system32\Tasks\Hewlett-Packard
2023-09-11 07:54 - 2021-12-03 11:50 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2023-09-11 07:52 - 2020-11-19 01:48 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-09-07 09:05 - 2022-02-14 09:19 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-09-07 09:04 - 2021-11-15 12:38 - 000000000 ____D C:\Users\admin\AppData\LocalLow\Mozilla
2023-09-07 08:01 - 2021-12-13 10:30 - 000003584 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-567959055-877555932-3223723616-1001
2023-09-07 08:01 - 2021-11-20 06:42 - 000003376 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-567959055-877555932-3223723616-1001
2023-09-07 08:01 - 2021-11-20 06:39 - 000002377 _____ C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-09-07 08:01 - 2021-11-15 12:24 - 000000000 ___RD C:\Users\admin\OneDrive
2023-09-04 12:00 - 2021-11-15 12:36 - 000001055 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Thunderbird.lnk
2023-08-30 22:45 - 2021-11-24 13:50 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2023-08-30 22:33 - 2022-04-11 10:14 - 000002382 ____H C:\Users\admin\Documents\Default.rdp
2023-08-30 22:23 - 2019-12-07 16:45 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2023-08-30 20:34 - 2020-11-19 01:46 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2023-08-30 18:27 - 2021-11-15 13:34 - 000000000 ____D C:\Users\admin\Documents\www
2023-08-29 11:31 - 2021-11-22 09:52 - 000000000 ____D C:\Users\admin\AppData\Local\D3DSCache
2023-08-29 10:57 - 2023-04-26 10:14 - 000000000 ____D C:\Users\admin\Desktop\# TEMP mazat
2023-08-28 17:54 - 2022-04-01 06:32 - 000002166 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk
2023-08-28 10:33 - 2021-11-15 17:11 - 000000000 ____D C:\Users\admin\AppData\LocalLow\Temp
2023-08-24 08:16 - 2022-10-14 00:24 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2023-08-21 15:02 - 2022-04-05 12:17 - 000000000 ____D C:\Users\admin\AppData\Roaming\vlc
2023-08-17 14:39 - 2021-11-15 12:36 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2023-08-15 14:03 - 2023-01-13 12:43 - 000000000 ____D C:\Program Files\TeamViewer
2023-08-15 14:03 - 2021-11-20 06:37 - 000008192 ___SH C:\DumpStack.log.tmp
2023-08-15 14:03 - 2021-11-15 12:27 - 000000000 ____D C:\ProgramData\NVIDIA
2023-08-15 14:03 - 2020-11-19 01:46 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-08-15 14:02 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2023-08-15 13:55 - 2016-07-16 13:47 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy

==================== Files in the root of some directories ========

2021-11-15 12:32 - 2016-04-21 08:31 - 000234863 _____ () C:\Program Files\hotkeyp.zip
2023-04-26 09:43 - 2023-04-26 09:43 - 007296506 _____ () C:\Program Files\poppler-0.68.0_x86.7z
2022-09-30 13:57 - 2022-09-30 13:57 - 000001425 _____ () C:\Users\admin\AppData\Local\recently-used.xbel
2023-05-03 18:21 - 2023-05-03 18:21 - 000000017 _____ () C:\Users\admin\AppData\Local\resmon.resmoncfg
2022-01-07 15:21 - 2023-06-14 09:32 - 000000000 _____ () C:\Users\admin\AppData\Local\Temptable.xml

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

[AndySue]

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-09-2023
Ran by admin (14-09-2023 11:43:58)
Running from C:\Users\admin\Desktop\OSTATNÍ\VIRY.cz
Microsoft Windows 10 Pro Version 22H2 19045.3324 (X64) (2021-11-20 04:42:20)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

admin (S-1-5-21-567959055-877555932-3223723616-1001 - Administrator - Enabled) => C:\Users\admin
Administrator (S-1-5-21-567959055-877555932-3223723616-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-567959055-877555932-3223723616-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-567959055-877555932-3223723616-1000 - Limited - Disabled) => C:\Users\defaultuser0
Guest (S-1-5-21-567959055-877555932-3223723616-501 - Limited - Disabled)
printman (S-1-5-21-567959055-877555932-3223723616-1002 - Limited - Enabled)
WDAGUtilityAccount (S-1-5-21-567959055-877555932-3223723616-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (HKLM\...\{F8F948EA-5AEA-4158-8821-A2F788ECE936}) (Version: 16.2.1 - Hewlett-Packard) Hidden
Acronis Drive Monitor (HKLM-x32\...\{706AE61D-40A4-4F50-8359-FE8F6F7FA461}) (Version: 1.0.187 - Acronis)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1029-1033-7760-BC15014EA700}) (Version: 23.003.20284 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601052}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Application Verifier x64 External Package (HKLM\...\{2CBA883F-51A6-3D7D-DBB9-0527D39433CB}) (Version: 10.1.22000.832 - Microsoft) Hidden
Autodesk HSMWorks Distributed CAM 6.1.0.32486 (HKLM-x32\...\{E89D13F6-515E-46D9-A15E-EFC24FD051B4}_is1) (Version: - Autodesk, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Canon LBP2900 (HKLM\...\Canon LBP2900) (Version: - )
ClickOnce Bootstrapper Package for Microsoft .NET Framework (HKLM-x32\...\{22E13608-4DB0-4977-A267-3AAFA09CD54A}) (Version: 4.8.09037 - Microsoft Corporation) Hidden
CrystalDiskInfo 8.17.12 (HKLM\...\CrystalDiskInfo_is1) (Version: 8.17.12 - Crystal Dew World)
DiagnosticsHub_CollectionService (HKLM\...\{FECAFEB5-8D0E-4AE4-8FA0-745BAA835C35}) (Version: 17.3.32601 - Microsoft Corporation) Hidden
Dynamic Application Loader Host Interface Service (HKLM\...\{E3AB2E94-D548-48A7-9F0E-A44D82ED1D7A}) (Version: 1.0.0.0 - Intel Corporation) Hidden
eDrawings (HKLM\...\{99FC8D5C-67F0-4087-9BDF-FA5CC6702AEF}) (Version: 30.40.0011 - Společnost Dassault Systemes SolidWorks Corp)
Entity Framework 6.2.0 Tools for Visual Studio 2022 (HKLM-x32\...\{6D5C07E3-6A4D-4126-A7A7-8B6EFFE16E51}) (Version: 6.2.0.0 - Microsoft Corporation) Hidden
FreeCAD 0.20.0 (HKLM\...\FreeCAD0200) (Version: 0.20.0 - FreeCAD Team)
Google Drive (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 80.0.1.0 - Google LLC)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 116.0.5845.188 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.31.5 - Google Inc.) Hidden
HSMWorks x64 2016 R2.40513 (HKLM\...\{07404224-03A7-4ffc-9AFB-EC32BD898C55}_is1) (Version: 2016 R2.40513 - Autodesk, Inc.)
Chrome Remote Desktop Host (HKLM-x32\...\{C17C2857-FF33-4EA0-8220-14A17DF82668}) (Version: 116.0.5845.9 - Google LLC)
icecap_collection_neutral (HKLM-x32\...\{90819A24-C7DD-4956-8CBE-AE50B43D020D}) (Version: 17.4.33006 - Microsoft Corporation) Hidden
icecap_collection_x64 (HKLM\...\{7D6A7B92-A26B-4DC6-A51F-0D741C9BC70F}) (Version: 17.4.33006 - Microsoft Corporation) Hidden
icecap_collectionresources (HKLM-x32\...\{278641ED-D56B-43E0-AEDC-FFC14B038C74}) (Version: 17.4.33006 - Microsoft Corporation) Hidden
icecap_collectionresourcesx64 (HKLM-x32\...\{D8998F76-2D74-42E3-BCA4-D8D0F5D369CF}) (Version: 17.4.33006 - Microsoft Corporation) Hidden
iCtrl Desktop (HKU\S-1-5-21-567959055-877555932-3223723616-1001\...\ictrl-desktop-client) (Version: 6.4.4 - Junhao Liao)
Inkscape (HKLM-x32\...\Inkscape) (Version: 1.2.1- - Inkscape)
Intel(R) Chipset Device Software (HKLM\...\{66F00951-0E74-43E7-9182-084A681734D0}) (Version: 10.1.18228.8176 - Intel Corporation) Hidden
Intel(R) Icls (HKLM\...\{57640D80-A187-4A4F-BB91-7F2EF7AB5FE9}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) LMS (HKLM\...\{62609178-ECD7-473C-9D1F-9E0CF6927E45}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 2242.3.34.0 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{939DFEE4-2675-4B42-904B-B213B857E347}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{E4697D8A-D9C0-4BCE-AC7F-5A56DD250529}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Driver (HKLM\...\{EC8B054F-9D60-4AFC-9920-25ABFF987B29}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) ME WMI Provider (HKLM\...\{3C66C597-3BAA-403D-9BCD-561ED78B0F1B}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) SOL LMS Extension (HKLM\...\{D36619E0-ADBA-41C6-A5AC-222FCFBF762B}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel® Chipset Device Software (HKLM-x32\...\{c4a581e8-a702-448c-80c7-4b6192985db2}) (Version: 10.1.18228.8176 - Intel(R) Corporation)
IntelliTraceProfilerProxy (HKLM\...\{F8B9E8C8-61E8-4E9E-879D-F3F498AD0230}) (Version: 15.0.21225.01 - Microsoft Corporation) Hidden
IntelliTraceProfilerProxy (HKLM-x32\...\{C8891AD2-C223-45CD-A9BE-617A68923B61}) (Version: 15.0.21225.01 - Microsoft Corporation) Hidden
IrfanView 64 (remove only) (HKLM\...\IrfanView64) (Version: 4.42 - Irfan Skiljan)
Kits Configuration Installer (HKLM-x32\...\{CF83D17D-FB70-21A1-36E4-37EE7EC1B587}) (Version: 10.1.22000.832 - Microsoft) Hidden
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
LibreOffice 7.1.7.2 (HKLM\...\{9ED995EA-19B1-40AE-886A-339A3BECA977}) (Version: 7.1.7.2 - The Document Foundation)
Microsoft .NET 6.0 Templates 7.0.102 (x64) (HKLM\...\{48C24F32-A313-4B3C-B2C0-692D05461628}) (Version: 24.7.49407 - Microsoft Corporation) Hidden
Microsoft .NET 7.0 Templates 7.0.102 (x64) (HKLM\...\{406BB598-E5A9-454A-8719-82644CB09B03}) (Version: 28.5.33023 - Microsoft Corporation) Hidden
Microsoft .NET AppHost Pack - 6.0.13 (x64) (HKLM\...\{F612BCA2-6E26-4F93-834B-8877939C0293}) (Version: 48.55.52137 - Microsoft Corporation) Hidden
Microsoft .NET AppHost Pack - 6.0.13 (x64_arm) (HKLM\...\{93A17F63-9B12-48F6-86BD-84535F2955FA}) (Version: 48.55.52137 - Microsoft Corporation) Hidden
Microsoft .NET AppHost Pack - 6.0.13 (x64_arm64) (HKLM\...\{CC2A595B-74D2-45E6-8B53-45F20215850D}) (Version: 48.55.52137 - Microsoft Corporation) Hidden
Microsoft .NET AppHost Pack - 6.0.13 (x64_x86) (HKLM\...\{F285BA87-F560-4587-8C08-7BF5A4A68762}) (Version: 48.55.52137 - Microsoft Corporation) Hidden
Microsoft .NET AppHost Pack - 7.0.2 (x64) (HKLM\...\{D7A77FBE-E0E7-47D7-86B4-51CB65B502C0}) (Version: 56.11.53349 - Microsoft Corporation) Hidden
Microsoft .NET AppHost Pack - 7.0.2 (x64_arm) (HKLM\...\{A4CCC742-818F-4C8C-8B56-631F6F76C7C6}) (Version: 56.11.53349 - Microsoft Corporation) Hidden
Microsoft .NET AppHost Pack - 7.0.2 (x64_arm64) (HKLM\...\{BEB46B9B-6D72-46E5-968C-CDED3C01896B}) (Version: 56.11.53349 - Microsoft Corporation) Hidden
Microsoft .NET AppHost Pack - 7.0.2 (x64_x86) (HKLM\...\{8C89D103-57BE-4509-9752-B1CD9F12D0B9}) (Version: 56.11.53349 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.7.2 Targeting Pack (čeština) (HKLM-x32\...\{3DC65636-1EBB-41E9-836B-10174949883C}) (Version: 4.7.03062 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.7.2 Targeting Pack (HKLM-x32\...\{1784A8CD-F7FE-47E2-A87D-1F31E7242D0D}) (Version: 4.7.03062 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.8 SDK (čeština) (HKLM-x32\...\{84224644-1FA0-496E-8941-B1553C004E7A}) (Version: 4.8.03761 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.8 SDK (HKLM-x32\...\{949C0535-171C-480F-9CF4-D25C9E60FE88}) (Version: 4.8.03928 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.8 Targeting Pack (čeština) (HKLM-x32\...\{33D8579D-AE2C-45ED-9D16-08451BCC9B45}) (Version: 4.8.03761 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.8 Targeting Pack (HKLM-x32\...\{BAAF5851-0759-422D-A1E9-90061B597188}) (Version: 4.8.03761 - Microsoft Corporation) Hidden
Microsoft .NET Framework Cumulative Intellisense Pack for Visual Studio (čeština) (HKLM-x32\...\{EABEB841-5C97-4CE3-A4CF-64F5978D13B2}) (Version: 4.8.09037 - Microsoft Corporation) Hidden
Microsoft .NET Host - 7.0.2 (x64) (HKLM\...\{F0719345-342D-4A57-8EE4-30BF4FA3FBE9}) (Version: 56.11.53349 - Microsoft Corporation) Hidden
Microsoft .NET Host - 7.0.2 (x86) (HKLM-x32\...\{BDC8107C-65E1-41C2-BE5E-8E27D70AB3B4}) (Version: 56.11.53349 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 7.0.2 (x64) (HKLM\...\{BE394B10-AD5D-4503-9AA9-E79F953B30E3}) (Version: 56.11.53349 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 7.0.2 (x86) (HKLM-x32\...\{4FFCA92E-5974-473C-9239-516D02E11AEA}) (Version: 56.11.53349 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.13 (x64) (HKLM\...\{5F0DB006-2AE3-4D36-8077-65247FD687D4}) (Version: 48.55.52137 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.13 (x86) (HKLM-x32\...\{87EA745D-32DA-4DCA-9ED4-BF4BA6232E1E}) (Version: 48.55.52137 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 7.0.2 (x64) (HKLM\...\{AE2D80C7-F19D-463F-B48F-3F343806721C}) (Version: 56.11.53349 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 7.0.2 (x86) (HKLM-x32\...\{4B87C1C9-F1F5-4308-BE65-E23B51BACC60}) (Version: 56.11.53349 - Microsoft Corporation) Hidden
Microsoft .NET SDK 7.0.102 (x64) from Visual Studio (HKLM\...\{B3A63F4D-11C4-46FF-94C1-695633384F54}) (Version: 7.1.222.60703 - Microsoft Corporation)
Microsoft .NET Standard Targeting Pack - 2.1.0 (x64) (HKLM\...\{A7036CFB-B403-4598-85FF-D397ABB88173}) (Version: 24.0.28113 - Microsoft Corporation) Hidden
Microsoft .NET Targeting Pack - 6.0.13 (x64) (HKLM\...\{62E8F7DA-76C4-46BC-AB40-581C42EC5AFA}) (Version: 48.55.52137 - Microsoft Corporation) Hidden
Microsoft .NET Targeting Pack - 6.0.13 (x86) (HKLM-x32\...\{22AC2DC4-99C8-469F-837B-03AE342E3827}) (Version: 48.55.52137 - Microsoft Corporation) Hidden
Microsoft .NET Targeting Pack - 7.0.2 (x64) (HKLM\...\{C0E951A8-6B2D-45CB-869D-EC4BC950D1E7}) (Version: 56.11.53349 - Microsoft Corporation) Hidden
Microsoft .NET Targeting Pack - 7.0.2 (x86) (HKLM-x32\...\{6FE1E993-8813-44E5-945A-612BB76A99FA}) (Version: 56.11.53349 - Microsoft Corporation) Hidden
Microsoft .NET Toolset 7.0.102 (x64) (HKLM\...\{CD3AD81A-A806-473F-BB60-A402AFAD8D84}) (Version: 28.5.33023 - Microsoft Corporation) Hidden
Microsoft ASP.NET Core 6.0.13 Shared Framework (x64) (HKLM\...\{A6500837-F3BE-357E-9A21-6A78D098659F}) (Version: 6.0.13.22580 - Microsoft Corporation) Hidden
Microsoft ASP.NET Core 6.0.13 Shared Framework (x86) (HKLM-x32\...\{43E10FF2-0E80-3E13-8AD8-302355855BB3}) (Version: 6.0.13.22580 - Microsoft Corporation) Hidden
Microsoft ASP.NET Core 6.0.13 Targeting Pack (x64) (HKLM\...\{BED7E006-DA64-3E61-8836-A231C2F7DD81}) (Version: 6.0.13.22580 - Microsoft Corporation) Hidden
Microsoft ASP.NET Core 6.0.13 Targeting Pack (x86) (HKLM-x32\...\{A58EBFF5-0BF1-3F07-889B-31B20843BA1C}) (Version: 6.0.13.22580 - Microsoft Corporation) Hidden
Microsoft ASP.NET Core 7.0.2 Shared Framework (x64) (HKLM\...\{210A496F-E6CA-39C1-8FA4-1004059ED4E3}) (Version: 7.0.2.22606 - Microsoft Corporation) Hidden
Microsoft ASP.NET Core 7.0.2 Shared Framework (x86) (HKLM-x32\...\{4EDC2B14-E02A-37B9-810B-336C3DDA6424}) (Version: 7.0.2.22606 - Microsoft Corporation) Hidden
Microsoft ASP.NET Core 7.0.2 Targeting Pack (x64) (HKLM\...\{0C082AC1-36AD-3E86-B72D-16EF3A4D907F}) (Version: 7.0.2.22606 - Microsoft Corporation) Hidden
Microsoft ASP.NET Core 7.0.2 Targeting Pack (x86) (HKLM-x32\...\{85CECCAF-91AA-3D0E-8AA5-B68904EEBB85}) (Version: 7.0.2.22606 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 116.0.1938.76 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 116.0.1938.76 - Microsoft Corporation)
Microsoft Office 2003 Web Components (HKLM-x32\...\{90120000-00A4-0409-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-567959055-877555932-3223723616-1001\...\OneDriveSetup.exe) (Version: 23.174.0820.0003 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2019 (HKLM\...\{5BC7E9EB-13E8-45DB-8A60-F2481FEB4595}) (Version: 15.0.2000.5 - Microsoft Corporation)
Microsoft TestPlatform SDK Local Feed (HKLM-x32\...\{839C2D45-DDF6-432C-A6A2-C6AF2EF281BF}) (Version: 17.0.0.5175695 - Microsoft) Hidden
Microsoft Update Health Tools (HKLM\...\{2953E19B-9F91-4A49-A23B-7E25970A1951}) (Version: 3.73.0.0 - Microsoft Corporation)
Microsoft Visual Basic for Applications 7.1 (x64) (HKLM\...\{90120064-0070-0000-0000-4000000FF1CE}) (Version: 7.1.00.00 - Microsoft Corporation) Hidden
Microsoft Visual Basic for Applications 7.1 (x64) English (HKLM\...\{90F60409-7000-11D3-8CFE-0150048383C9}) (Version: 7.1.0.0 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.34.31931 (HKLM-x32\...\{d4cecf3b-b68f-4995-8840-52ea0fab646e}) (Version: 14.34.31931.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.34.31931 (HKLM-x32\...\{6ba9fb5e-8366-4cc4-bf65-25fe9819b2fc}) (Version: 14.34.31931.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.34.31931 (HKLM\...\{EAE242B1-0A26-485A-BFEB-0292EE9F03CB}) (Version: 14.34.31931 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Debug Runtime - 14.34.31931 (HKLM\...\{28E7B326-6E09-4960-88C1-AF305A11665C}) (Version: 14.34.31931 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.34.31931 (HKLM\...\{CF4C347D-954E-4543-88D2-EC17F07F466F}) (Version: 14.34.31931 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.34.31931 (HKLM-x32\...\{C2662EFF-06E6-4FD1-9D6D-FDCA91025757}) (Version: 14.34.31931 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Debug Runtime - 14.34.31931 (HKLM-x32\...\{26D20F81-7672-441B-9092-88E0D2409992}) (Version: 14.34.31931 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.34.31931 (HKLM-x32\...\{AB1BDF73-7393-42CE-812D-9A90918814D5}) (Version: 14.34.31931 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU (HKLM\...\Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU) (Version: - Microsoft Corporation)
Microsoft Visual Studio Installer (HKLM\...\{6F320B93-EE3C-4826-85E0-ADF79F8D4C61}) (Version: 3.4.2246.31370 - Microsoft Corporation)
Microsoft Visual Studio Setup Configuration (HKLM-x32\...\{B1CFE19E-298A-4D14-BACD-CAA36AC4895B}) (Version: 3.4.1128.26111 - Microsoft Corporation) Hidden
Microsoft Visual Studio Setup WMI Provider (HKLM-x32\...\{85516DED-4402-44CD-9D01-1D1F3D0C0178}) (Version: 3.4.1128.26111 - Microsoft Corporation) Hidden
Microsoft Web Deploy 4.0 (HKLM\...\{0C85743B-48E7-4948-96D6-C3BB90246418}) (Version: 10.0.5923 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 6.0.13 (x64) (HKLM\...\{8484730A-68A4-4C63-93B4-52628D3B488D}) (Version: 48.55.53270 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.13 (x86) (HKLM-x32\...\{ACFA81A9-FD2F-4731-BE64-9163E3E9FF58}) (Version: 48.55.53270 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 7.0.2 (x64) (HKLM\...\{B7177578-AF27-44BF-A0B1-8B9D6AF7ECC3}) (Version: 56.11.53361 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 7.0.2 (x86) (HKLM-x32\...\{B5CB1A18-CEB8-464B-B83C-556D1DDBF3B5}) (Version: 56.11.53361 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Targeting Pack - 6.0.13 (x64) (HKLM\...\{F3E2081B-744C-4023-A61E-EEAB556A2A33}) (Version: 48.55.53270 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Targeting Pack - 6.0.13 (x86) (HKLM-x32\...\{D73590E4-7314-4E3D-B2CB-B308B256D8AF}) (Version: 48.55.53270 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Targeting Pack - 7.0.2 (x64) (HKLM\...\{2505676D-0245-4775-B7BE-F4C1DDC902D8}) (Version: 56.11.53361 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Targeting Pack - 7.0.2 (x86) (HKLM-x32\...\{C6DF1343-B58A-44E4-B3FB-4C05649A7B59}) (Version: 56.11.53361 - Microsoft Corporation) Hidden
Microsoft.NET.Sdk.Android.Manifest-7.0.100 (x64) (HKLM\...\{FE768F65-89B5-40E5-9CE5-25D002197AE7}) (Version: 33.0.4 - Microsoft Corporation) Hidden
Microsoft.NET.Sdk.iOS.Manifest-7.0.100 (x64) (HKLM\...\{4491220D-21E8-4C34-84FC-F2659E08BF7E}) (Version: 16.1.17 - Microsoft Corporation) Hidden
Microsoft.NET.Sdk.MacCatalyst.Manifest-7.0.100 (x64) (HKLM\...\{C20CF802-93E3-4BF8-B2F0-8D0B9C826C00}) (Version: 16.1.17 - Microsoft Corporation) Hidden
Microsoft.NET.Sdk.macOS.Manifest-7.0.100 (x64) (HKLM\...\{1E665F2B-6760-42E4-8E97-02B10B97FBA2}) (Version: 13.0.17 - Microsoft Corporation) Hidden
Microsoft.NET.Sdk.Maui.Manifest-7.0.100 (x64) (HKLM\...\{B0FBA6B7-B985-4D20-AC10-7E16D4D8C9CB}) (Version: 7.0.52 - Microsoft Corporation) Hidden
Microsoft.NET.Sdk.tvOS.Manifest-7.0.100 (x64) (HKLM\...\{D98B986D-3D40-4E37-A584-F82381A3E74B}) (Version: 16.1.17 - Microsoft Corporation) Hidden
Microsoft.NET.Workload.Emscripten.net6.Manifest (x64) (HKLM\...\{754E7936-D264-406F-A76D-1C4E0102AE39}) (Version: 56.31.52114 - Microsoft Corporation) Hidden
Microsoft.NET.Workload.Emscripten.net7.Manifest (x64) (HKLM\...\{F99D901B-F288-4D79-ACAA-E31BE48D789D}) (Version: 56.31.52114 - Microsoft Corporation) Hidden
Microsoft.NET.Workload.Mono.Toolchain.net6.Manifest (x64) (HKLM\...\{8A4F7CD9-8D41-414C-8F68-6A3D291C16A4}) (Version: 56.3.53349 - Microsoft Corporation) Hidden
Microsoft.NET.Workload.Mono.Toolchain.net7.Manifest (x64) (HKLM\...\{A0F31B66-D366-4C0E-86B1-511DE274FE2D}) (Version: 56.3.53349 - Microsoft Corporation) Hidden
MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version: - Pavel Cvrcek)
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 117.0.1 (x64 cs)) (Version: 117.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 94.0.1 - Mozilla)
Mozilla Thunderbird (x64 cs) (HKLM\...\Mozilla Thunderbird 102.15.0 (x64 cs)) (Version: 102.15.0 - Mozilla)
MSI Development Tools (HKLM-x32\...\{95A498A9-5E6E-5779-1523-876224F41F94}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Npcap (HKLM-x32\...\NpcapInst) (Version: 1.55 - Nmap Project)
NVIDIA Ovladač HD audia 1.3.39.16 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.39.16 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 528.89 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 528.89 - NVIDIA Corporation)
NVIDIA RTX Desktop Manager 202.85 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView) (Version: 202.85 - NVIDIA Corporation)
PL-2303 USB-to-Serial (HKLM-x32\...\{A9111573-EF12-4D80-A5B9-55F620D5BCA1}) (Version: 1.00.000 - Prolific Technology INC)
PrimoPDF -- brought to you by Nitro PDF Software (HKLM-x32\...\PrimoPDF) (Version: 5 - Nitro PDF Software)
PSPad editor (HKLM-x32\...\PSPad editor_is1) (Version: 4.6.1.2730 - Jan Fiala)
PuTTY release 0.71 (64-bit) (HKLM\...\{B27534DB-4F72-4F49-A3AD-5EC1B6901E5E}) (Version: 0.71.0.0 - Simon Tatham)
Python 2.7.18 (64-bit) (HKLM\...\{A5F504DF-2ED9-4A2D-A2F3-9D2750DD42D6}) (Version: 2.7.18150 - Python Software Foundation)
Python 3.10.0 (64-bit) (HKU\S-1-5-21-567959055-877555932-3223723616-1001\...\{21b42743-c8f9-49d7-b8b6-b5855317c7ed}) (Version: 3.10.150.0 - Python Software Foundation)
Python 3.10.0 Core Interpreter (64-bit) (HKLM\...\{B137EFE9-BD8A-4138-AC7F-360461C4EEAF}) (Version: 3.10.150.0 - Python Software Foundation) Hidden
Python 3.10.0 Development Libraries (64-bit) (HKLM\...\{A8E320AF-B8C7-493C-97D8-6328C1CE721B}) (Version: 3.10.150.0 - Python Software Foundation) Hidden
Python 3.10.0 Documentation (64-bit) (HKLM\...\{23A78F0F-0B41-497A-BB67-7E9AC3C20351}) (Version: 3.10.150.0 - Python Software Foundation) Hidden
Python 3.10.0 Executables (64-bit) (HKLM\...\{D623791F-7EBA-4794-BF56-79D4CFC6BE65}) (Version: 3.10.150.0 - Python Software Foundation) Hidden
Python 3.10.0 pip Bootstrap (64-bit) (HKLM\...\{D545AFB9-E0E8-4B43-897A-0EB97ED46859}) (Version: 3.10.150.0 - Python Software Foundation) Hidden
Python 3.10.0 Standard Library (64-bit) (HKLM\...\{BB3BA776-4C84-43FB-9CE6-5A37FFC23032}) (Version: 3.10.150.0 - Python Software Foundation) Hidden
Python 3.10.0 Tcl/Tk Support (64-bit) (HKLM\...\{AE37C7FB-835D-4E31-851E-801D5C659A3E}) (Version: 3.10.150.0 - Python Software Foundation) Hidden
Python 3.10.0 Test Suite (64-bit) (HKLM\...\{6B61C3C6-43DE-4D58-BDC4-76170C7C7C32}) (Version: 3.10.150.0 - Python Software Foundation) Hidden
Python 3.10.0 Utility Scripts (64-bit) (HKLM\...\{578C5B87-CBE0-4720-90C0-46A917C4FE5C}) (Version: 3.10.150.0 - Python Software Foundation) Hidden
Python 3.11.0 (32-bit) (HKU\S-1-5-21-567959055-877555932-3223723616-1001\...\{8bb2e8e4-a699-403d-be05-4e00aa0632fd}) (Version: 3.11.150.0 - Python Software Foundation)
Python 3.11.0 Core Interpreter (32-bit) (HKLM-x32\...\{71EC41D8-507E-40C8-AF95-53FE5BA4ED34}) (Version: 3.11.150.0 - Python Software Foundation) Hidden
Python 3.11.0 Development Libraries (32-bit) (HKLM-x32\...\{DDE3E99C-F86A-436D-91F9-304F3C00370C}) (Version: 3.11.150.0 - Python Software Foundation) Hidden
Python 3.11.0 Documentation (32-bit) (HKLM-x32\...\{5E6FBC90-4180-491B-8DF3-387E9C505621}) (Version: 3.11.150.0 - Python Software Foundation) Hidden
Python 3.11.0 Executables (32-bit) (HKLM-x32\...\{869D67C8-AE2E-43F3-96C2-85927E4A7380}) (Version: 3.11.150.0 - Python Software Foundation) Hidden
Python 3.11.0 pip Bootstrap (32-bit) (HKLM-x32\...\{D070AAAA-0D89-4DCA-901A-BC79F5E2276F}) (Version: 3.11.150.0 - Python Software Foundation) Hidden
Python 3.11.0 Standard Library (32-bit) (HKLM-x32\...\{7565E13F-F118-44FD-B7E9-6E673A6B3A9D}) (Version: 3.11.150.0 - Python Software Foundation) Hidden
Python 3.11.0 Tcl/Tk Support (32-bit) (HKLM-x32\...\{0D26C541-D790-4E31-9B16-0C65969AA44C}) (Version: 3.11.150.0 - Python Software Foundation) Hidden
Python 3.11.0 Test Suite (32-bit) (HKLM-x32\...\{2652ADDA-74F2-4C40-BC75-E049A19BEE3F}) (Version: 3.11.150.0 - Python Software Foundation) Hidden
Python 3.11.0 Utility Scripts (32-bit) (HKLM-x32\...\{EFE290C7-EDE6-4C22-A11F-71D3E45C3305}) (Version: 3.11.150.0 - Python Software Foundation) Hidden
Python 3.11.1 (64-bit) (HKU\S-1-5-21-567959055-877555932-3223723616-1001\...\{fca95908-8c70-405d-9e72-cd746e2f7786}) (Version: 3.11.1150.0 - Python Software Foundation)
Python 3.11.1 Core Interpreter (64-bit) (HKLM\...\{5D1EFF51-4740-4E62-8E49-11C13DEC34C3}) (Version: 3.11.1150.0 - Python Software Foundation) Hidden
Python 3.11.1 Development Libraries (64-bit) (HKLM\...\{988799D6-A7CE-4F51-89AF-1E4A64FA7ECA}) (Version: 3.11.1150.0 - Python Software Foundation) Hidden
Python 3.11.1 Documentation (64-bit) (HKLM\...\{5EB7FFE8-5B05-4DD3-9DE0-D0F20D93FA6C}) (Version: 3.11.1150.0 - Python Software Foundation) Hidden
Python 3.11.1 Executables (64-bit) (HKLM\...\{A7DE96A8-2F75-44B2-B46E-5D50DE5B1B80}) (Version: 3.11.1150.0 - Python Software Foundation) Hidden
Python 3.11.1 pip Bootstrap (64-bit) (HKLM\...\{C5FAF3D9-A03D-4F6A-AAC9-87735DDA5DCF}) (Version: 3.11.1150.0 - Python Software Foundation) Hidden
Python 3.11.1 Standard Library (64-bit) (HKLM\...\{21EEFB31-6A96-4CAE-9A3B-B7FD6374C155}) (Version: 3.11.1150.0 - Python Software Foundation) Hidden
Python 3.11.1 Tcl/Tk Support (64-bit) (HKLM\...\{66CA643F-68B2-4063-8F87-34D48A2C49ED}) (Version: 3.11.1150.0 - Python Software Foundation) Hidden
Python 3.11.1 Test Suite (64-bit) (HKLM\...\{EFFC2C23-AEE2-4867-998C-5F5A902496C0}) (Version: 3.11.1150.0 - Python Software Foundation) Hidden
Python 3.11.1 Utility Scripts (64-bit) (HKLM\...\{E63D4F21-1B1F-43DC-9347-4FB51A71704C}) (Version: 3.11.1150.0 - Python Software Foundation) Hidden
Python 3.9.7 (64-bit) (HKU\S-1-5-21-567959055-877555932-3223723616-1001\...\{0f0bf1a5-3ec1-459b-ab7c-916db941f50d}) (Version: 3.9.7150.0 - Python Software Foundation)
Python 3.9.7 Core Interpreter (64-bit symbols) (HKLM\...\{19CCBF82-F32C-4F9B-A25A-C18CA0229930}) (Version: 3.9.7150.0 - Python Software Foundation) Hidden
Python 3.9.7 Core Interpreter (64-bit) (HKLM\...\{88D4EF59-607D-43AD-B7C7-F5A753740FD1}) (Version: 3.9.7150.0 - Python Software Foundation) Hidden
Python 3.9.7 Development Libraries (64-bit) (HKLM\...\{97496FC6-5044-4A2A-BACD-40A44F38D483}) (Version: 3.9.7150.0 - Python Software Foundation) Hidden
Python 3.9.7 Documentation (64-bit) (HKLM\...\{AA408E09-EBB3-470F-8D63-5AA0C46C2DA2}) (Version: 3.9.7150.0 - Python Software Foundation) Hidden
Python 3.9.7 Executables (64-bit symbols) (HKLM\...\{FA525B0C-1DC4-4733-895E-FC0BB30229C9}) (Version: 3.9.7150.0 - Python Software Foundation) Hidden
Python 3.9.7 Executables (64-bit) (HKLM\...\{870EC220-FEAE-481D-8B29-B4B0DF5402FA}) (Version: 3.9.7150.0 - Python Software Foundation) Hidden
Python 3.9.7 pip Bootstrap (64-bit) (HKLM\...\{F1280AA2-AAC3-41AB-9616-CCF00814E626}) (Version: 3.9.7150.0 - Python Software Foundation) Hidden
Python 3.9.7 Standard Library (64-bit symbols) (HKLM\...\{AB1F1505-63F0-4E88-874D-55448A1020C4}) (Version: 3.9.7150.0 - Python Software Foundation) Hidden
Python 3.9.7 Standard Library (64-bit) (HKLM\...\{05903EEF-72A2-4C1A-AD35-41AD6C7094A8}) (Version: 3.9.7150.0 - Python Software Foundation) Hidden
Python 3.9.7 Tcl/Tk Support (64-bit symbols) (HKLM\...\{F9100C91-CF07-4FAE-A017-7E6A57FAF41D}) (Version: 3.9.7150.0 - Python Software Foundation) Hidden
Python 3.9.7 Tcl/Tk Support (64-bit) (HKLM\...\{6E8EAD3C-6F0C-494C-9C12-E10C5B5EE7EA}) (Version: 3.9.7150.0 - Python Software Foundation) Hidden
Python 3.9.7 Test Suite (64-bit symbols) (HKLM\...\{EA4833F1-B32B-4D49-81C8-E28B67E87590}) (Version: 3.9.7150.0 - Python Software Foundation) Hidden
Python 3.9.7 Test Suite (64-bit) (HKLM\...\{67D79D6E-8497-4EE6-850B-834D3A27553F}) (Version: 3.9.7150.0 - Python Software Foundation) Hidden
Python 3.9.7 Utility Scripts (64-bit) (HKLM\...\{4110826A-903C-410C-9785-7848A51B9CC9}) (Version: 3.9.7150.0 - Python Software Foundation) Hidden
Python Launcher (HKLM-x32\...\{8A19B72D-62A8-4198-BEBD-CAEF117194C8}) (Version: 3.11.8009.0 - Python Software Foundation)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8644 - Realtek Semiconductor Corp.)
SDK ARM Additions (HKLM-x32\...\{BD786819-AA80-7B18-125D-AA03AAF2759B}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
SDK ARM Redistributables (HKLM-x32\...\{4349F57C-0C9C-C16B-9A40-E7B406C451E2}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
SOLIDWORKS 2016 x64 Czech Resources (HKLM\...\{BD37B53B-592C-41B4-BECA-D156E3D0B058}) (Version: 24.150.58 - Dassault Systemes SolidWorks Corp) Hidden
SOLIDWORKS 2016 x64 Edition SP05 (HKLM\...\{768F3B65-1695-47B7-9002-B11400CB111D}) (Version: 24.150.58 - Dassault Systemes SolidWorks Corp) Hidden
SOLIDWORKS 2016 x64 Edition SP05 (HKLM-x32\...\SolidWorks Installation Manager 20160-40500-1100-100) (Version: 24.5.0.58 - SolidWorks Corporation)
SOLIDWORKS Composer Player 2016 SP05 x64 Edition (HKLM\...\{8537E059-C18B-4DE6-AED6-CD9B90240C35}) (Version: 24.50.58 - Dassault Systemes SolidWorks Corp) Hidden
SOLIDWORKS eDrawings 2016 x64 Edition SP05 (HKLM\...\{12339098-76B6-47CD-B52A-52E4809108F6}) (Version: 16.5.0084 - Společnost Dassault Systemes SolidWorks Corp) Hidden
SOLIDWORKS Explorer 2016 SP05 x64 Edition (HKLM\...\{41E08694-1890-4B39-9D1C-B9D27A1D67B3}) (Version: 24.50.58 - Společnost Dassault Systemes SolidWorks Corp) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.19.63 - Synaptics Incorporated)
TeamViewer (HKLM\...\TeamViewer) (Version: 15.37.3 - TeamViewer)
Tesseract-OCR - open source OCR engine (HKLM\...\Tesseract-OCR) (Version: 5.3.0.20221222 - Tesseract-OCR community)
Tesseract-OCR - open source OCR engine (HKLM-x32\...\Tesseract-OCR) (Version: 5.3.0.20221222 - Tesseract-OCR community)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 10.00 - Ghisler Software GmbH)
UltraVnc (HKLM\...\Ultravnc2_is1) (Version: 1.3.8.1 - uvnc bvba)
Universal CRT Extension SDK (HKLM-x32\...\{90AAE845-42CE-EC12-4041-8ADF7BE765E7}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (HKLM-x32\...\{98D5C5AA-993C-1371-C7AF-8F8A0E8CAF86}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Universal CRT Redistributable (HKLM-x32\...\{0460C87B-7F4C-3170-FAC9-B7A6AE5CE4E9}) (Version: 10.0.26624 - Microsoft Corporation) Hidden
Universal CRT Redistributable (HKLM-x32\...\{8EC1DC78-0A65-B6AC-664D-DFB3AC8E9736}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Universal CRT Tools x64 (HKLM\...\{82F9F289-6088-8F39-1918-A45315FEF99A}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Universal CRT Tools x86 (HKLM-x32\...\{A829BD53-4BE5-23F2-C4A8-026CB5D47ECF}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Universal General MIDI DLS Extension SDK (HKLM-x32\...\{D62BC488-4C4A-BF17-A0CE-21B4BF8F9B30}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{0746492E-47B6-4251-940C-44462DFD74BB}) (Version: 2.55.0.0 - Microsoft Corporation)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{C270D21B-2327-49B8-85F7-395133A93C75}) (Version: 8.92.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{76A22428-2400-4521-96AF-7AC4A6174CA5}) (Version: 1.25.0.0 - Microsoft Corporation) Hidden
vcpp_crt.redist.clickonce (HKLM-x32\...\{CFF203A1-51CB-42FE-9997-B6B01371AF30}) (Version: 14.34.31931 - Microsoft Corporation) Hidden
Visual Studio Community 2022 (HKLM-x32\...\f3f14e08) (Version: 17.4.4 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.16 - VideoLAN)
VNC Server 6.1.1 (HKLM\...\{BF68FC97-1CBA-49D5-88EB-3E0CDC3D379D}) (Version: 6.1.1.28093 - RealVNC Ltd)
VNC Viewer 6.1.1 (HKLM\...\{1B14F26D-AAC9-4781-A468-5DFD5DF5FF91}) (Version: 6.1.1.28093 - RealVNC Ltd)
VS Immersive Activate Helper (HKLM-x32\...\{0B826206-3626-4E96-A675-0BDE6B8711B6}) (Version: 17.0.118.0 - Microsoft Corporation) Hidden
VS JIT Debugger (HKLM\...\{7B8542BA-01E4-43EB-A172-1DA975AFD00B}) (Version: 17.0.118.0 - Microsoft Corporation) Hidden
VS Script Debugging Common (HKLM\...\{C8EA234A-FC2F-4EEC-BF7F-DB14C28C84D2}) (Version: 17.0.118.0 - Microsoft Corporation) Hidden
vs_BlendMsi (HKLM-x32\...\{8C14D3DF-69AD-443A-A607-B4B1BE9575CC}) (Version: 17.4.33006 - Microsoft Corporation) Hidden
vs_clickoncebootstrappermsi (HKLM-x32\...\{6AF210BE-348B-4156-8B2E-CD57FC573ABD}) (Version: 17.4.33006 - Microsoft Corporation) Hidden
vs_clickoncebootstrappermsires (HKLM-x32\...\{3826E149-22D5-470D-B8A7-D11244EA2720}) (Version: 17.4.33006 - Microsoft Corporation) Hidden
vs_clickoncesigntoolmsi (HKLM-x32\...\{7B907A0B-2606-42EB-A880-80E1F6AA4C48}) (Version: 17.4.33006 - Microsoft Corporation) Hidden
vs_communitymsires (HKLM-x32\...\{F48F6538-AB3C-4FD1-8ACE-0E5A861EC43C}) (Version: 17.4.33006 - Microsoft Corporation) Hidden
vs_communitysharedmsi (HKLM-x32\...\{B56EF9C1-B982-45B1-BEB5-3C8F50B21CF2}) (Version: 17.4.33006 - Microsoft Corporation) Hidden
vs_communityx64msi (HKLM\...\{9BF7BDD3-62E8-4E47-AF96-13EA1EB853AD}) (Version: 17.4.33006 - Microsoft Corporation) Hidden
vs_CoreEditorFonts (HKLM-x32\...\{667150AA-8DA3-433E-91EC-88BD8730D32A}) (Version: 17.4.33213 - Microsoft Corporation)
vs_devenvsharedmsi (HKLM-x32\...\{04D84C30-B442-49D2-A139-B8AAA7ACD445}) (Version: 17.4.33006 - Microsoft Corporation) Hidden
vs_devenx64vmsi (HKLM\...\{0DE775A3-1C63-4210-9CDC-D23F5330D715}) (Version: 17.4.33006 - Microsoft Corporation) Hidden
vs_filehandler_amd64 (HKLM-x32\...\{12B0A225-610B-43DA-8585-E2EAD563D611}) (Version: 17.4.33006 - Microsoft Corporation) Hidden
vs_filehandler_x86 (HKLM-x32\...\{56373DD6-9A8E-4C0C-95F6-F64DF2054A6F}) (Version: 17.4.33006 - Microsoft Corporation) Hidden
vs_FileTracker_Singleton (HKLM-x32\...\{49559293-3192-40D3-864C-5AB88E744A79}) (Version: 17.4.33006 - Microsoft Corporation) Hidden
vs_Graphics_Singletonx64 (HKLM\...\{9138874C-2D20-46BC-84BC-A13B31DF8955}) (Version: 17.4.33006 - Microsoft Corporation) Hidden
vs_Graphics_Singletonx86 (HKLM-x32\...\{9D4033AD-2990-469B-A2CC-CEE9A707106A}) (Version: 17.4.33006 - Microsoft Corporation) Hidden
vs_minshellinteropsharedmsi (HKLM-x32\...\{1EF48E65-5B07-4502-B6C2-43BC8311DAC3}) (Version: 17.4.33006 - Microsoft Corporation) Hidden
vs_minshellinteropx64msi (HKLM\...\{5691C5AB-0847-4862-8C49-43245E7DCE2C}) (Version: 17.4.33006 - Microsoft Corporation) Hidden
vs_minshellmsires (HKLM-x32\...\{988A9E72-24DF-4FC8-9F94-E2BFDAE40397}) (Version: 17.4.33006 - Microsoft Corporation) Hidden
vs_minshellsharedmsi (HKLM-x32\...\{C32CB038-8A83-4860-853F-9168214E3536}) (Version: 17.4.33006 - Microsoft Corporation) Hidden
vs_minshellx64msi (HKLM\...\{1AB2F81F-A360-4BE1-B68F-B50F0609A1AE}) (Version: 17.4.33006 - Microsoft Corporation) Hidden
vs_SQLClickOnceBootstrappermsi (HKLM-x32\...\{8C352959-35A5-40CA-A49C-91B349AB2778}) (Version: 17.4.33006 - Microsoft Corporation) Hidden
vs_tipsmsi (HKLM-x32\...\{6A7EA630-41A1-455D-849D-2AA2D1420236}) (Version: 17.4.33006 - Microsoft Corporation) Hidden
vs_vswebprotocolselectormsi (HKLM-x32\...\{ACBBFCA9-A48A-425A-BF50-B6FB8EFE7934}) (Version: 17.4.33006 - Microsoft Corporation) Hidden
vs_vswebprotocolselectormsires (HKLM-x32\...\{2BC745F0-9928-46F2-949C-0966D3826611}) (Version: 17.4.33006 - Microsoft Corporation) Hidden
Vzdálená plocha Chrome (HKU\S-1-5-21-567959055-877555932-3223723616-1001\...\b6c3e8b3f73bd926a7cca588d89cd991) (Version: 1.0 - Google\Chrome)
WinAppDeploy (HKLM-x32\...\{8E3AB865-9E38-1E5F-7B49-C8E3A70C6303}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Windows App Certification Kit Native Components (HKLM\...\{69331A50-908A-0745-CFCF-8413360C5B96}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Windows App Certification Kit SupportedApiList x86 (HKLM-x32\...\{81D4E442-F6C5-DF4B-DEF8-76E51ACC56F8}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Windows App Certification Kit x64 (HKLM-x32\...\{FD68622A-634F-FB49-6E94-E21A451A3B5A}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Windows Desktop Extension SDK (HKLM-x32\...\{3F737DA8-C5B7-8740-6B07-BA73B5E62CDF}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Windows Desktop Extension SDK Contracts (HKLM-x32\...\{D54B24F7-43DE-C7BF-3A5C-83F9E8E0700D}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Windows IoT Extension SDK (HKLM-x32\...\{5B64C01B-2798-A2F6-89C3-AC03906F8788}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Windows IoT Extension SDK Contracts (HKLM-x32\...\{1FF69612-5A91-3565-7EE3-0539A04E3B8D}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Windows Mobile Extension SDK (HKLM-x32\...\{DF2A6855-DB81-9047-3033-8D6AC6055AEF}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Windows Mobile Extension SDK Contracts (HKLM-x32\...\{8EDE105B-885A-D173-50F8-F50F39C51CF9}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Windows SDK (HKLM-x32\...\{2D2EBB11-484D-8F73-FA25-3FFABCE371F0}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Windows SDK AddOn (HKLM-x32\...\{15941C7F-810D-41DF-8C5A-8D0490277AFB}) (Version: 10.1.0.0 - Microsoft Corporation)
Windows SDK ARM Desktop Tools (HKLM-x32\...\{A99B19D4-7F87-03E5-B4A8-80420ECD7F53}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Windows SDK Desktop Headers arm (HKLM-x32\...\{C7C68DA0-8501-16DD-1E6A-6C34AAA28F21}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Windows SDK Desktop Headers arm64 (HKLM-x32\...\{30092A0E-1D50-8D66-E5EB-01F6AA8C1FFE}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Windows SDK Desktop Headers x64 (HKLM-x32\...\{C47F0820-6424-AE53-6BAF-2D41E829C855}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Windows SDK Desktop Headers x86 (HKLM-x32\...\{6F1B1243-7C12-5398-F575-5102906569A6}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Windows SDK Desktop Libs arm (HKLM-x32\...\{6221E085-FE37-1068-E6D7-9D08ABD32AE2}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Windows SDK Desktop Libs arm64 (HKLM-x32\...\{82931C8D-83CC-CF2E-F4FA-9AF0829BCA22}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Windows SDK Desktop Libs x64 (HKLM-x32\...\{1A457607-6262-3949-63D4-E1F85A3D95FD}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Windows SDK Desktop Libs x86 (HKLM-x32\...\{7CAF3DA2-79F6-C0DB-6C56-2462C8C4914C}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Windows SDK Desktop Tools arm64 (HKLM-x32\...\{54E5E684-132E-23D3-CBF6-962122E2C568}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Windows SDK Desktop Tools x64 (HKLM-x32\...\{E5715C32-34B0-6F8E-81B8-13FB19B1B682}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Windows SDK Desktop Tools x86 (HKLM-x32\...\{02594FB6-9905-CBB9-10E8-EFCFB7122D7C}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Windows SDK DirectX x64 Remote (HKLM\...\{0B12F7E3-EDAA-AF92-20BB-88540FEF54BA}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Windows SDK DirectX x86 Remote (HKLM-x32\...\{B9A2EE66-E1B9-ED85-E75B-041A348EB46D}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Windows SDK EULA (HKLM-x32\...\{93F9D7FA-F2FD-837D-E53F-D79767071E44}) (Version: 10.1.22000.832 - Microsoft Corporations) Hidden
Windows SDK Facade Windows WinMD Versioned (HKLM-x32\...\{31B6D021-BC97-82C5-9C42-16AB86C37215}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Windows SDK for Windows Store Apps (HKLM-x32\...\{CFC51C75-8F08-1968-BC86-70A396D353D9}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Windows SDK for Windows Store Apps Contracts (HKLM-x32\...\{AD3B32A0-5F71-DE89-B55A-9E85964186D8}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Windows SDK for Windows Store Apps DirectX x86 Remote (HKLM-x32\...\{31A3EB09-E226-B0E5-FA70-FF4B3CAD2ECF}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Windows SDK for Windows Store Apps Headers (HKLM-x32\...\{A1DA436A-2FA4-FDC2-9B0A-FBB40CF0499D}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Windows SDK for Windows Store Apps Libs (HKLM-x32\...\{C8977C7D-F685-8282-3C78-6276E03E3B32}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Windows SDK for Windows Store Apps Metadata (HKLM-x32\...\{7907F380-3CFD-247C-9DFC-A23CED2012F8}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Windows SDK for Windows Store Apps Tools (HKLM-x32\...\{68F11757-8C35-BEB6-2AED-6F7C6CC5B8C0}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Windows SDK for Windows Store Managed Apps Libs (HKLM-x32\...\{B0CB401F-F1EF-E63C-8191-9A447FC24C58}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Windows SDK Modern Non-Versioned Developer Tools (HKLM-x32\...\{FA582B75-7D9C-2717-5E64-1A8CC5E46ABD}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Windows SDK Modern Versioned Developer Tools (HKLM-x32\...\{EA338ECA-C63F-4BD6-B66F-274433C75A49}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Windows SDK Redistributables (HKLM-x32\...\{7DBE357D-2AA2-7B68-267E-F8DAEB182D6F}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Windows SDK Signing Tools (HKLM-x32\...\{0F5E7D7D-8969-DC1B-205D-024FB54A0417}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Windows Software Development Kit - Windows 10.0.22000.832 (HKLM-x32\...\{d6a76ead-c762-4d93-9c24-1fa3efa1e12d}) (Version: 10.1.22000.832 - Microsoft Corporation)
Windows Team Extension SDK (HKLM-x32\...\{14705B25-5AC2-82AC-DB79-A35219016ABB}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Windows Team Extension SDK Contracts (HKLM-x32\...\{5F1D4DE5-BFF3-503B-D05F-40ED6927DE17}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
WinRT Intellisense Desktop - en-us (HKLM-x32\...\{FBF034E1-563E-1F9D-DC45-491BB88E9B9E}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
WinRT Intellisense Desktop - Other Languages (HKLM-x32\...\{837DD890-14CE-9EB3-E8E1-F96A7EE5CFE5}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - en-us (HKLM-x32\...\{823E92A6-7572-174D-0671-95A55785F991}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - Other Languages (HKLM-x32\...\{3A8F388C-D0F7-0A66-0EDE-D477B1B1B2F4}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
WinRT Intellisense Mobile - en-us (HKLM-x32\...\{0F2D2736-F436-3F10-FB30-9D279F58305B}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - en-us (HKLM-x32\...\{FEAF2203-A2AC-080C-9D55-9F09623F38C3}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - Other Languages (HKLM-x32\...\{A06212FE-3C20-31C7-F88A-46673EF72E83}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - en-us (HKLM-x32\...\{4308116D-A763-144D-DC81-6243BE6B2ADF}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - Other Languages (HKLM-x32\...\{D307C8A5-7335-056E-6E64-E28544674EFD}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Wireshark 3.6.3 64-bit (HKLM-x32\...\Wireshark) (Version: 3.6.3 - The Wireshark developer community, hxxps://www.wireshark.org)
wkhtmltox 0.12.6-1 (HKLM\...\wkhtmltopdf) (Version: - )
WPTx64 (HKLM-x32\...\{0B2C58EB-67A2-225B-60B2-D1990E55DD33}) (Version: 8.100.26866 - Microsoft)
X-Mouse Button Control 2.20.5 (HKLM-x32\...\X-Mouse Button Control) (Version: 2.20.5 - Highresolution Enterprises)
Zebra Setup Utilities (HKLM-x32\...\{9207A8EC-3B2D-4A4A-8BF7-957FC19BB3DE}) (Version: 1.1.9.1290 - Zebra Technologies) Hidden
Zebra Setup Utilities (HKLM-x32\...\Zebra Setup Utilities) (Version: 1.1.9.1290 - Zebra Technologies)

Packages:
=========
Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_7.38.11.0_x64__kgqvnymyfvs32 [2023-09-12] (king.com)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.251.1000.0_x64__kgqvnymyfvs32 [2023-09-12] (king.com)
Cortana -> C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_4.2308.1005.0_x64__8wekyb3d8bbwe [2023-08-11] (Microsoft Corporation)
Hidden City: Hidden Object Adventure -> C:\Program Files\WindowsApps\828B5831.HiddenCityMysteryofShadows_1.62.6200.0_x86__ytsefhwckbdv6 [2023-09-11] (G5 Entertainment AB)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_149.1.1056.0_x64__v10z8vjag6ke6 [2023-09-12] (HP Inc.)
HP Support Assistant -> C:\Program Files\WindowsApps\AD2F1837.HPSupportAssistant_9.29.24.0_x64__v10z8vjag6ke6 [2023-09-11] (HP Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-11-15] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-11-15] (Microsoft Corporation) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.964.0_x64__56jybvy8sckqj [2023-03-10] (NVIDIA Corp.)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.17.8180.0_x64__8wekyb3d8bbwe [2023-08-25] (Microsoft Studios) [MS Ad]
WinZip Universal -> C:\Program Files\WindowsApps\WinZipComputing.WinZipUniversal_1.5.13516.0_x64__3ykzqggjzj4z0 [2023-08-14] (WinZip Computing)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-567959055-877555932-3223723616-1001_Classes\CLSID\{13357088-9834-0409-1600-134951500000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-567959055-877555932-3223723616-1001_Classes\CLSID\{d1b22d3d-8585-53a6-acb3-0e803c7e8d2a}\localserver32 -> "C:\Users\admin\AppData\Local\Microsoft\Teams\current\Teams.exe" --toast => No File
ShellIconOverlayIdentifiers: [ GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\80.0.1.0\drivefsext.dll [2023-08-28] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\80.0.1.0\drivefsext.dll [2023-08-28] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\80.0.1.0\drivefsext.dll [2023-08-28] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\80.0.1.0\drivefsext.dll [2023-08-28] (Google LLC -> Google, Inc.)
ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\80.0.1.0\drivefsext.dll [2023-08-28] (Google LLC -> Google, Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\80.0.1.0\drivefsext.dll [2023-08-28] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\80.0.1.0\drivefsext.dll [2023-08-28] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvwu.inf_amd64_c034505b1fb1d43e\nvshext.dll [2023-03-29] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers5: [NvQuadroView] -> {1E9B04FB-F9E5-4718-997B-B8DA88302A48} => C:\Program Files\NVIDIA Corporation\nview\nvshell.dll [2022-06-13] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\admin\Documents\www\_dev_GD_230427\Python\WakeOnLAN\wake_up_OS.lnk -> G:\Můj disk\#dev\Python\WakeOnLAN\wake_up_OS.bat ()
Shortcut: C:\Users\admin\Documents\www\_dev_GD_230427\Python\WakeOnLAN\wake_up_PS.lnk -> G:\Můj disk\#dev\Python\WakeOnLAN\wake_up_PS.bat ()
Shortcut: C:\Users\admin\Desktop\wake_up_PS.lnk -> G:\Můj disk\#dev\Python\WakeOnLAN\wake_up_PS.bat ()
ShortcutWithArgument: C:\Users\admin\Documents\www\_dev_GD_230427\SolidWorks\Macros\SLDWORKS.lnk -> C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS\SLDWORKS.exe (Dassault Systèmes SolidWorks Corp.) -> /m "C:\Users\admin\Documents\www\www.admin.loc\modules\_dev\require\SolidWorks\Macros\analysis_pictures-v1.10.swp"
ShortcutWithArgument: C:\Users\admin\Documents\www\www.admin.loc\modules\_dev\require\SolidWorks\Macros\SLDWORKS.lnk -> C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS\SLDWORKS.exe (Dassault Systèmes SolidWorks Corp.) -> /m "C:\Users\admin\Documents\www\www.admin.loc\modules\_dev\require\SolidWorks\Macros\analysis_pictures-v1.10.swp"
ShortcutWithArgument: C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Vzdálená plocha Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=efmjfjelnicpmdcmfikempdhlmainjcb
ShortcutWithArgument: C:\Users\admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\e2b8b17f80771afa\Osoba 4 - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Host
ShortcutWithArgument: C:\Users\admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\1c6cec50a98a467d\Osoba 2 - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Osoba 1"

==================== Loaded Modules (Whitelisted) =============

2021-11-15 12:51 - 2013-07-08 19:34 - 000114688 _____ () [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\bin\pcre.dll
2023-01-13 13:37 - 2015-08-05 19:21 - 017864192 _____ () [File not signed] C:\Program Files\HSMWorks\machineworks.dll
2023-01-13 13:37 - 2014-01-30 17:38 - 003328512 _____ () [File not signed] C:\Program Files\HSMWorks\mozjs.dll
2023-08-12 15:05 - 2023-08-12 15:05 - 000369152 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\annotationcplu\02acfae7c2a9f8a45b7f0a961fa9e284\annotationcplu.ni.dll
2023-08-12 15:06 - 2023-08-12 15:06 - 000723968 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\asmfeaturecplu\5ed8653c18687c01ce814d4cb393c063\asmfeaturecplu.ni.dll
2023-08-11 18:47 - 2023-08-11 18:47 - 000160256 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\clrloadu\75027fc5101bac4de600da46a75abc7e\clrloadu.ni.dll
2023-08-12 15:06 - 2023-08-12 15:06 - 000743936 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\contentcplu\ced827296f1121cadaf8324a09d882e6\contentcplu.ni.dll
2023-08-12 15:06 - 2023-08-12 15:06 - 001688064 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\couplingBase\13dd28d89b74fb53fce1bd45d94b2946\couplingBase.ni.dll
2023-08-12 15:06 - 2023-08-12 15:06 - 000395776 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\featurecplu\44058cd891525d444f81f22fe8e84707\featurecplu.ni.dll
2023-08-12 15:06 - 2023-08-12 15:06 - 000256000 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\refgeomcplu\06e9577090d1beee98c4c6c975be2885\refgeomcplu.ni.dll
2023-08-12 15:06 - 2023-08-12 15:06 - 000736256 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\sheetmetalcplu\698d684590b177afa6f07ad7ca736817\sheetmetalcplu.ni.dll
2023-08-12 15:06 - 2023-08-12 15:06 - 001113600 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Sketchcplu\5c6fe2847a1a371b1502739d5ae2b727\Sketchcplu.ni.dll
2021-11-15 12:51 - 2013-11-22 04:12 - 000152576 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\bin\libapr-1.dll
2021-11-15 12:51 - 2013-11-22 04:12 - 000027136 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\bin\libapriconv-1.dll
2021-11-15 12:51 - 2013-11-22 04:12 - 000206848 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\bin\libaprutil-1.dll
2021-11-15 12:51 - 2013-11-22 04:13 - 000328192 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\bin\libhttpd.dll
2021-11-15 12:51 - 2013-11-22 04:07 - 000012288 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\modules\mod_access_compat.so
2021-11-15 12:51 - 2013-11-22 04:07 - 000011264 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\modules\mod_actions.so
2021-11-15 12:51 - 2013-11-22 04:07 - 000013824 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\modules\mod_alias.so
2021-11-15 12:51 - 2013-11-22 04:07 - 000009728 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\modules\mod_allowmethods.so
2021-11-15 12:51 - 2013-11-22 04:07 - 000010752 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\modules\mod_asis.so
2021-11-15 12:51 - 2013-11-22 04:07 - 000014336 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\modules\mod_auth_basic.so
2021-11-15 12:51 - 2013-11-22 04:07 - 000011776 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\modules\mod_authn_core.so
2021-11-15 12:51 - 2013-11-22 04:07 - 000011264 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\modules\mod_authn_file.so
2021-11-15 12:51 - 2013-11-22 04:07 - 000018944 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\modules\mod_authz_core.so
2021-11-15 12:51 - 2013-11-22 04:07 - 000011776 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\modules\mod_authz_groupfile.so
2021-11-15 12:51 - 2013-11-22 04:07 - 000011264 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\modules\mod_authz_host.so
2021-11-15 12:51 - 2013-11-22 04:07 - 000009728 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\modules\mod_authz_user.so
2021-11-15 12:51 - 2013-11-22 04:07 - 000030208 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\modules\mod_autoindex.so
2021-11-15 12:51 - 2013-11-22 04:07 - 000020480 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\modules\mod_cgi.so
2021-11-15 12:51 - 2013-11-22 04:07 - 000012288 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\modules\mod_dir.so
2021-11-15 12:51 - 2013-11-22 04:07 - 000010752 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\modules\mod_env.so
2021-11-15 12:51 - 2013-11-22 04:08 - 000039424 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\modules\mod_include.so
2021-11-15 12:51 - 2013-11-22 04:08 - 000024064 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\modules\mod_isapi.so
2021-11-15 12:51 - 2013-11-22 04:08 - 000024576 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\modules\mod_log_config.so
2021-11-15 12:51 - 2013-11-22 04:08 - 000016896 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\modules\mod_mime.so
2021-11-15 12:51 - 2013-11-22 04:08 - 000029184 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\modules\mod_negotiation.so
2021-11-15 12:51 - 2013-11-22 04:08 - 000051200 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\modules\mod_rewrite.so
2021-11-15 12:51 - 2013-11-22 04:08 - 000013824 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\modules\mod_setenvif.so
2023-08-12 15:05 - 2023-08-12 15:05 - 000020992 _____ (Dassault Systèmes SolidWorks Corporation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\AnnotationOperation\37b8c5cec2f6c19c18024994f2031f6c\AnnotationOperation.ni.dll
2023-08-12 15:06 - 2023-08-12 15:06 - 000026112 _____ (Dassault Systèmes SolidWorks Corporation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\AnnotationUI\b36a5f75d7bbe9c4bf9ad9299e25fb1a\AnnotationUI.ni.dll
2023-08-12 15:06 - 2023-08-12 15:06 - 000260608 _____ (Dassault Systèmes SolidWorks Corporation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\AnnotationWPF\d30e7c3fe11cd84a5b0f1c27368fd957\AnnotationWPF.ni.dll
2023-08-12 15:06 - 2023-08-12 15:06 - 000024576 _____ (Dassault Systèmes SolidWorks Corporation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\AsmFeatureOperation\5eef819967b340d165ce8c92ae099235\AsmFeatureOperation.ni.dll
2023-08-12 15:06 - 2023-08-12 15:06 - 000034304 _____ (Dassault Systèmes SolidWorks Corporation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\asmfeatureui\076fc01943e68c4e2052bc381c8d55b6\asmfeatureui.ni.dll
2023-08-12 15:06 - 2023-08-12 15:06 - 000046592 _____ (Dassault Systèmes SolidWorks Corporation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\asmfeaturewpf\8b1eed4c71f96d636df5a9faae616d2e\asmfeaturewpf.ni.dll
2023-08-12 15:06 - 2023-08-12 15:06 - 000203264 _____ (Dassault Systèmes SolidWorks Corporation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CmdInterface\2a88839849c2864d9c2152e92530279c\CmdInterface.ni.dll
2023-08-12 15:06 - 2023-08-12 15:06 - 000029696 _____ (Dassault Systèmes SolidWorks Corporation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\ContentOperation\91dab147483fa701492d42449b4d6b33\ContentOperation.ni.dll
2023-08-12 15:06 - 2023-08-12 15:06 - 000028672 _____ (Dassault Systèmes SolidWorks Corporation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\ContentUI\8eb069e86df2a0f15bb13af34055c2a5\ContentUI.ni.dll
2023-08-12 15:06 - 2023-08-12 15:06 - 000592384 _____ (Dassault Systèmes SolidWorks Corporation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Controls\433e5a61ea27493065af24a81e6740ce\Controls.ni.dll
2023-08-12 15:05 - 2023-08-12 15:05 - 000063488 _____ (Dassault Systèmes SolidWorks Corporation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CoreInterface\8a88d501acc746b26f4cad675c41f529\CoreInterface.ni.dll
2023-08-12 15:06 - 2023-08-12 15:06 - 000099328 _____ (Dassault Systèmes SolidWorks Corporation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DveSupport\2c5a73b42d80f7626b9153df4bece81a\DveSupport.ni.dll
2023-08-12 15:06 - 2023-08-12 15:06 - 000028672 _____ (Dassault Systèmes SolidWorks Corporation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\FeatureOperation\97cda9b93c677103e6a1ebd688db5d17\FeatureOperation.ni.dll
2023-08-12 15:06 - 2023-08-12 15:06 - 000067072 _____ (Dassault Systèmes SolidWorks Corporation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\FeatureUI\11cd8f37d467989c80d4034b11fcc693\FeatureUI.ni.dll
2023-08-12 15:06 - 2023-08-12 15:06 - 000114688 _____ (Dassault Systèmes SolidWorks Corporation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\FeatureWPF\284a59c6f939ce5d8abbb1c31b46afd9\FeatureWPF.ni.dll
2023-08-12 15:06 - 2023-08-12 15:06 - 000023552 _____ (Dassault Systèmes SolidWorks Corporation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\RefGeomOperation\2025da2daf72af461cb23e7066ca8701\RefGeomOperation.ni.dll
2023-08-12 15:06 - 2023-08-12 15:06 - 000091648 _____ (Dassault Systèmes SolidWorks Corporation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\RefGeomUI\e3814d20bf5587864bb669aa4bd02dd0\RefGeomUI.ni.dll
2023-08-12 15:06 - 2023-08-12 15:06 - 000078336 _____ (Dassault Systèmes SolidWorks Corporation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\RefPlaneWPF\badd8e0b079e9b143b8daeb4eba72ed2\RefPlaneWPF.ni.dll
2023-08-12 15:06 - 2023-08-12 15:06 - 000024576 _____ (Dassault Systèmes SolidWorks Corporation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\SheetMetalOperation\6967240b57e056c4454fca2efb88801f\SheetMetalOperation.ni.dll
2023-08-12 15:06 - 2023-08-12 15:06 - 000180736 _____ (Dassault Systèmes SolidWorks Corporation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\SheetMetalUi\d257e03ba34e32278fdbcc5f6f2a09dd\SheetMetalUi.ni.dll
2023-08-12 15:06 - 2023-08-12 15:06 - 000102912 _____ (Dassault Systèmes SolidWorks Corporation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\SheetMetalWPF\b086941520f606312aa6646d7a1e4e68\SheetMetalWPF.ni.dll
2023-08-12 15:06 - 2023-08-12 15:06 - 000027648 _____ (Dassault Systèmes SolidWorks Corporation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\SketchOperation\3e08c2c6fff33807e1c2abb853d5ed5f\SketchOperation.ni.dll
2023-08-12 15:06 - 2023-08-12 15:06 - 000057344 _____ (Dassault Systèmes SolidWorks Corporation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\SketchUI\2d4758698626978ab1c2f1447fcfa350\SketchUI.ni.dll
2023-08-12 15:06 - 2023-08-12 15:06 - 000095744 _____ (Dassault Systèmes SolidWorks Corporation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\SketchWPF\1e27937f57fb8f3e0e09d13e37fa1469\SketchWPF.ni.dll
2023-08-12 15:06 - 2023-08-12 15:06 - 000150016 _____ (Dassault Systèmes SolidWorks Corporation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\UiBase\318ab14d3f0e77903311de4155bb624c\UiBase.ni.dll
2023-08-12 15:06 - 2023-08-12 15:06 - 002051072 _____ (Dassault Systèmes SolidWorks Corporation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\WPFRes\cd6a1fcd7992bbdd3ff48d6b6e1fc1b0\WPFRes.ni.dll
2018-01-20 10:34 - 2018-01-20 10:34 - 000373248 _____ (IntelleSoft) [File not signed] C:\Program Files\Highresolution Enterprises\X-Mouse Button Control\BugTrapU-x64.dll
2021-10-27 22:28 - 2021-10-27 22:28 - 000073728 _____ (Python Software Foundation) [File not signed] C:\Program Files\LibreOffice\program\python-core-3.8.8\lib\_socket.pyd
2021-10-27 22:28 - 2021-10-27 22:28 - 000020992 _____ (Python Software Foundation) [File not signed] C:\Program Files\LibreOffice\program\python-core-3.8.8\lib\select.pyd
2021-10-28 01:41 - 2021-10-28 01:41 - 000476160 _____ (The Document Foundation) [File not signed] C:\Program Files\LibreOffice\program\pyuno.pyd
2021-11-15 12:51 - 2013-07-08 19:29 - 001175040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\bin\libeay32.dll
2021-11-15 12:51 - 2013-07-08 19:29 - 000269312 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\bin\ssleay32.dll
2021-11-15 13:28 - 2014-01-09 08:37 - 001169920 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\php\php_runningversion\LIBEAY32.dll
2021-11-15 13:28 - 2014-01-09 08:37 - 000269312 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\php\php_runningversion\SSLEAY32.dll
2021-11-15 13:28 - 2014-01-09 08:37 - 000066560 _____ (The PHP Group) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\php\php_runningversion\ext\php_bz2.dll
2021-11-15 13:28 - 2014-01-09 08:37 - 000492032 _____ (The PHP Group) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\php\php_runningversion\ext\php_curl.dll
2021-11-15 13:28 - 2014-01-09 08:37 - 001348096 _____ (The PHP Group) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\php\php_runningversion\ext\php_gd2.dll
2021-11-15 13:28 - 2014-01-09 08:37 - 000831488 _____ (The PHP Group) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\php\php_runningversion\ext\php_imap.dll
2021-11-15 13:28 - 2014-01-09 08:37 - 001239552 _____ (The PHP Group) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\php\php_runningversion\ext\php_mbstring.dll
2021-11-15 13:28 - 2014-01-09 08:37 - 000036864 _____ (The PHP Group) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\php\php_runningversion\ext\php_mysql.dll
2021-11-15 13:28 - 2014-01-09 08:37 - 000088576 _____ (The PHP Group) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\php\php_runningversion\ext\php_mysqli.dll
2021-11-15 13:28 - 2014-01-09 08:37 - 000072704 _____ (The PHP Group) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\php\php_runningversion\ext\php_openssl.dll
2021-11-15 13:28 - 2014-01-09 08:37 - 000024576 _____ (The PHP Group) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\php\php_runningversion\ext\php_pdo_mysql.dll
2021-11-15 13:28 - 2014-01-09 08:37 - 000399872 _____ (The PHP Group) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\php\php_runningversion\ext\php_pdo_sqlite.dll
2021-11-15 13:28 - 2014-01-09 08:37 - 000054784 _____ (The PHP Group) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\php\php_runningversion\ext\php_sockets.dll
2021-11-15 13:28 - 2014-01-09 08:37 - 000553472 _____ (The PHP Group) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\php\php_runningversion\ext\php_sqlite3.dll
2021-11-15 13:28 - 2014-01-09 08:37 - 000231936 _____ (The PHP Group) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\php\php_runningversion\ext\php_xsl.dll
2021-11-15 13:28 - 2014-01-09 08:37 - 000026624 _____ (The PHP Group) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\php\php_runningversion\php5apache2_4.dll
2021-11-15 13:28 - 2014-01-09 08:37 - 006155264 _____ (The PHP Group) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\php\php_runningversion\php5ts.dll
2023-02-16 13:37 - 2017-09-14 08:46 - 001012224 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Common Files\iMyFone\Components\Resident\platforms\qwindows.dll
2023-02-16 13:37 - 2022-04-28 22:21 - 004694016 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Common Files\iMyFone\Components\Resident\Qt5Core.dll
2023-02-16 13:37 - 2022-04-28 22:21 - 005032960 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Common Files\iMyFone\Components\Resident\Qt5Gui.dll
2023-02-16 13:37 - 2022-04-28 22:21 - 000856064 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Common Files\iMyFone\Components\Resident\Qt5Network.dll
2023-02-16 13:37 - 2022-04-28 22:21 - 004483072 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Common Files\iMyFone\Components\Resident\Qt5Widgets.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2023-08-25] (HP Inc. -> HP Inc.)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2023-08-25] (HP Inc. -> HP Inc.)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2016-07-16 13:47 - 2016-07-16 13:45 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\php\php_runningversion;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit\;C:\Program Files\PuTTY\;c:\Users\admin\AppData\Local\Programs\Python\Python311\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\dotnet\;c:\Program Files\wkhtmltopdf\bin\;
HKU\S-1-5-21-567959055-877555932-3223723616-1000\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-567959055-877555932-3223723616-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\windows\img0.jpg
DNS Servers: 192.168.11.1 - 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost => (EnableWebContentEvaluation: 1)
Windows Firewall is enabled.

Network Binding:
=============
Ethernet: Npcap Packet Driver (NPCAP) -> INSECURE_NPCAP (enabled)

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIG\Services: wuauserv => 3

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{5D14C625-87C3-4153-AC53-C93FFF761FAF}] => (Allow) C:\Windows\System32\CNAB4RPD.EXE (CANON INC. -> CANON INC.)
FirewallRules: [{8E5CF802-BB1B-43F5-8FCA-D5F61A19C477}] => (Allow) C:\Windows\System32\CNAB4RPD.EXE (CANON INC. -> CANON INC.)
FirewallRules: [{1B0A0BCC-3E66-4897-ACC3-79BF35E01190}] => (Allow) C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS\swScheduler\DTSCoordinatorService.exe (Dassault Systemes SolidWorks Corp. -> Dassault Systèmes SolidWorks Corporation)
FirewallRules: [{67A51E73-3B44-446E-9D84-7F13870902DF}] => (Allow) C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS\swScheduler\DTSCoordinatorService.exe (Dassault Systemes SolidWorks Corp. -> Dassault Systèmes SolidWorks Corporation)
FirewallRules: [{4F3D12E4-D95C-4358-9F76-F16C805D31C3}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{D2AA0281-ED6E-4235-AF1B-74DB8209717A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{A310AA8D-88F9-4287-BD5F-6A302EA24BA2}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{F4798396-E301-4EF4-9058-B61A151CFAEB}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [UDP Query User{26A6BC19-30E9-4F42-B025-B9D7AE4C719A}C:\program files (x86)\easyphp-devserver-14.1vc11\binaries\apache\bin\eds-httpd.exe] => (Allow) C:\program files (x86)\easyphp-devserver-14.1vc11\binaries\apache\bin\eds-httpd.exe (Apache Software Foundation) [File not signed]
FirewallRules: [TCP Query User{A4ED5F5F-2EC8-4330-BE8F-8C96E9BECA58}C:\program files (x86)\easyphp-devserver-14.1vc11\binaries\apache\bin\eds-httpd.exe] => (Allow) C:\program files (x86)\easyphp-devserver-14.1vc11\binaries\apache\bin\eds-httpd.exe (Apache Software Foundation) [File not signed]
FirewallRules: [{437E47C2-7168-4588-8F90-5A36FBAC2486}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{7A9C115C-6F64-4936-95AC-BF8BBAEFCE07}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{AB0CE918-2D94-4E15-AAC2-829DEAA1A2F6}] => (Allow) C:\HP\Diagnostics\PSDR\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [{71C12985-9416-49AD-BCF2-FAFEA0788A58}] => (Allow) C:\HP\Diagnostics\PSDR\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [TCP Query User{B5FB24A2-BF19-42C3-82A9-C79478EE2360}C:\program files (x86)\easyphp-devserver-14.1vc11\binaries\php\php_runningversion\php.exe] => (Allow) C:\program files (x86)\easyphp-devserver-14.1vc11\binaries\php\php_runningversion\php.exe (The PHP Group) [File not signed]
FirewallRules: [UDP Query User{D0C5EEB4-8299-46B1-BEB4-4843163BEC15}C:\program files (x86)\easyphp-devserver-14.1vc11\binaries\php\php_runningversion\php.exe] => (Allow) C:\program files (x86)\easyphp-devserver-14.1vc11\binaries\php\php_runningversion\php.exe (The PHP Group) [File not signed]
FirewallRules: [{507FB27B-ACA9-4145-9E17-16AC2ECDAED4}] => (Allow) LPort=5900
FirewallRules: [{A3F5CC0E-1786-471E-83E0-B94A107CED61}] => (Allow) LPort=5800
FirewallRules: [{F0A1A67F-461E-4854-A4D1-3A3A65A9BBDA}] => (Allow) C:\Program Files\uvnc bvba\UltraVNC\winvnc.exe (uvnc bvba -> UltraVNC)
FirewallRules: [{878CEB91-B51C-4B21-8431-DBAEEAA81CC7}] => (Allow) C:\Program Files\uvnc bvba\UltraVNC\winvnc.exe (uvnc bvba -> UltraVNC)
FirewallRules: [{9D91615D-9128-4B77-B56B-5198A26BC88C}] => (Allow) C:\Program Files\uvnc bvba\UltraVNC\vncviewer.exe (uvnc bvba -> UltraVNC)
FirewallRules: [{D9AF2464-FCF4-4DF8-8BE6-A36C3C6AB147}] => (Allow) C:\Program Files\uvnc bvba\UltraVNC\vncviewer.exe (uvnc bvba -> UltraVNC)
FirewallRules: [TCP Query User{FA773161-33E7-4496-8652-CAF829D25749}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{9F67C77A-C336-4A5D-8A36-B0BF4EA91F7E}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [TCP Query User{F4B5E456-ACF9-4065-BC13-9EAD3CBE6ABA}C:\users\admin\documents\install\mikroftp\mikroftp.exe] => (Allow) C:\users\admin\documents\install\mikroftp\mikroftp.exe () [File not signed]
FirewallRules: [UDP Query User{64571B73-78E2-4892-9AE3-3C0A7AB0D2AB}C:\users\admin\documents\install\mikroftp\mikroftp.exe] => (Allow) C:\users\admin\documents\install\mikroftp\mikroftp.exe () [File not signed]
FirewallRules: [TCP Query User{8B007BE5-9DD1-476D-A4F0-59B473BA7810}C:\program files (x86)\pspad editor\pspad.exe] => (Allow) C:\program files (x86)\pspad editor\pspad.exe (Jan Fiala -> Jan Fiala)
FirewallRules: [UDP Query User{1BF4BA17-D5E8-4CD3-984C-62E796B770E2}C:\program files (x86)\pspad editor\pspad.exe] => (Allow) C:\program files (x86)\pspad editor\pspad.exe (Jan Fiala -> Jan Fiala)
FirewallRules: [TCP Query User{5ABDECA2-32CC-4CCE-AE5C-B41AD1A428C0}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{0BA7EC0E-3D3F-44B4-BC6C-8409230CE900}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{9308BD71-6C0E-44AA-BA9E-72957EC22BD5}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{280CB6D8-3C86-4F91-AB29-B146B215F3A8}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{F0621917-8433-41C1-8DD3-FFB7908CC066}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{AEF668C5-62DB-47F9-B064-2BB28B48E9FA}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{24E6C7A4-4426-4D9B-B28A-C6B4CB3FF89E}] => (Allow) C:\Program Files (x86)\Autodesk\HSMWorks Distributed CAM\camservices.exe (HSMWorks ApS -> HSMWorks ApS hxxp://www.hsmworks.com)
FirewallRules: [{72C788FE-0A33-41E9-B2FC-1CB1D6D38090}] => (Allow) C:\Program Files (x86)\Autodesk\HSMWorks Distributed CAM\camservices.exe (HSMWorks ApS -> HSMWorks ApS hxxp://www.hsmworks.com)
FirewallRules: [{2A60D1AB-6202-4ED7-BF5C-4BBAF86CD6EE}] => (Allow) LPort=7387
FirewallRules: [{5CEFA152-8EC1-4608-B5BF-46814CB08CE6}] => (Allow) LPort=7388
FirewallRules: [{1F7E7FBA-0BED-4571-8F98-F7C3C851B54E}] => (Allow) C:\Program Files (x86)\Google\Chrome Remote Desktop\116.0.5845.9\remoting_host.exe (Google LLC -> Google LLC)
FirewallRules: [{6B8A8B8F-A110-4EC0-9A8B-B78F165E5C26}] => (Allow) C:\Program Files\RealVNC\VNC Server\vncserver.exe (RealVNC Ltd -> RealVNC Ltd)
FirewallRules: [{0AA04B33-6157-4492-9BF6-E85AFBF78D0C}] => (Allow) C:\Program Files\RealVNC\VNC Server\vncserver.exe (RealVNC Ltd -> RealVNC Ltd)
FirewallRules: [TCP Query User{588E412D-9C86-4574-85CF-072C05AC50AF}C:\users\admin\appdata\local\ictrl-desktop-client\app-6.4.3\ictrl-desktop-client.exe] => (Allow) C:\users\admin\appdata\local\ictrl-desktop-client\app-6.4.3\ictrl-desktop-client.exe (Junhao Liao -> iCtrl)
FirewallRules: [UDP Query User{1070AC7F-CAB1-43C4-A2CF-C57609A0DF7C}C:\users\admin\appdata\local\ictrl-desktop-client\app-6.4.3\ictrl-desktop-client.exe] => (Allow) C:\users\admin\appdata\local\ictrl-desktop-client\app-6.4.3\ictrl-desktop-client.exe (Junhao Liao -> iCtrl)
FirewallRules: [TCP Query User{1C79B48F-FD6E-437E-A2FD-4E8E8E521DA5}C:\users\admin\appdata\local\ictrl-desktop-client\app-6.4.3\resources\app\ictrl_be\ictrl_be.exe] => (Allow) C:\users\admin\appdata\local\ictrl-desktop-client\app-6.4.3\resources\app\ictrl_be\ictrl_be.exe (Junhao Liao -> )
FirewallRules: [UDP Query User{2BEDC195-4C30-4960-B9E1-EDEC14850471}C:\users\admin\appdata\local\ictrl-desktop-client\app-6.4.3\resources\app\ictrl_be\ictrl_be.exe] => (Allow) C:\users\admin\appdata\local\ictrl-desktop-client\app-6.4.3\resources\app\ictrl_be\ictrl_be.exe (Junhao Liao -> )
FirewallRules: [{C64D8D2D-57E0-460A-AAF6-3DA0364C9D82}] => (Block) C:\users\admin\appdata\local\ictrl-desktop-client\app-6.4.3\resources\app\ictrl_be\ictrl_be.exe (Junhao Liao -> )
FirewallRules: [{A05E3356-92F0-4E57-BF0D-BC4ACB7C5092}] => (Block) C:\users\admin\appdata\local\ictrl-desktop-client\app-6.4.3\resources\app\ictrl_be\ictrl_be.exe (Junhao Liao -> )
FirewallRules: [{6CD24B63-C48C-44F8-ADB8-430A0A4FF9F2}] => (Block) C:\users\admin\appdata\local\ictrl-desktop-client\app-6.4.3\ictrl-desktop-client.exe (Junhao Liao -> iCtrl)
FirewallRules: [{4344CF39-5FE8-49D8-8FE0-54D9D848E597}] => (Block) C:\users\admin\appdata\local\ictrl-desktop-client\app-6.4.3\ictrl-desktop-client.exe (Junhao Liao -> iCtrl)
FirewallRules: [TCP Query User{87AE8450-2BFD-42A2-B880-80735AD857E7}C:\users\admin\appdata\local\programs\python\python311\python.exe] => (Allow) C:\users\admin\appdata\local\programs\python\python311\python.exe (Python Software Foundation -> Python Software Foundation)
FirewallRules: [UDP Query User{4C6448C7-1B45-45C8-A1F0-5216E00F1734}C:\users\admin\appdata\local\programs\python\python311\python.exe] => (Allow) C:\users\admin\appdata\local\programs\python\python311\python.exe (Python Software Foundation -> Python Software Foundation)
FirewallRules: [TCP Query User{EDD23638-1C84-4E24-97C7-B1DDDBCE2E20}C:\program files\totalcmd\totalcmd64.exe] => (Allow) C:\program files\totalcmd\totalcmd64.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [UDP Query User{172A1507-B6BE-4631-94BD-185A1C891ACA}C:\program files\totalcmd\totalcmd64.exe] => (Allow) C:\program files\totalcmd\totalcmd64.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [{62647DB8-1E2B-44F2-A000-2562F50B0D8A}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\116.0.1938.76\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{33220FF6-89D8-46AC-AD67-9D017D64EECA}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.103.3208.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{123C6666-FE95-4BFC-AB73-6D5389E47454}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.103.3208.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{713092BB-72FD-4828-83FE-EA5C9FAB7EDA}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.103.3208.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E32BBB2D-0165-4755-B905-696E9FC2101F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.103.3208.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B421BD66-1043-4E4A-AC3F-727AD296CE9A}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

13-09-2023 04:55:46 Instalační služba modulů systému Windows

==================== Faulty Device Manager Devices ============

Name: Synaptics PS/2 Port TouchPad
Description: Synaptics PS/2 Port TouchPad
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Synaptics
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Neznámé zařízení USB (reset portu se nezdařil)
Description: Neznámé zařízení USB (reset portu se nezdařil)
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standardní hostitelský řadič USB)
Service:
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation.

Name: Standardní klávesnice PS/2
Description: Standardní klávesnice PS/2
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardní klávesnice)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: ========================

Application errors:
==================
Error: (09/14/2023 11:39:22 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (2086768,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (09/14/2023 11:37:58 AM) (Source: MySQL) (EventID: 100) (User: )
Description: Event-ID 100

Error: (09/14/2023 11:37:58 AM) (Source: MySQL) (EventID: 100) (User: )
Description: Event-ID 100

Error: (09/14/2023 11:37:58 AM) (Source: MySQL) (EventID: 100) (User: )
Description: Event-ID 100

Error: (09/14/2023 11:37:52 AM) (Source: MySQL) (EventID: 100) (User: )
Description: Event-ID 100

Error: (09/14/2023 11:37:52 AM) (Source: MySQL) (EventID: 100) (User: )
Description: Event-ID 100

Error: (09/14/2023 11:37:52 AM) (Source: MySQL) (EventID: 100) (User: )
Description: Event-ID 100

Error: (09/14/2023 11:37:52 AM) (Source: MySQL) (EventID: 100) (User: )
Description: Event-ID 100


System errors:
=============
Error: (09/13/2023 10:50:31 AM) (Source: bowser) (EventID: 8003) (User: )
Description: Hlavní prohledávač přijal oznámení serveru od počítače OPENHABIAN,
který se považuje za hlavní prohledávač domény pro přenos NetBT_Tcpip_{B9F3719C-ACE1-4167-AAA2-85C5DD728A98}.
Hlavní prohledávač bude ukončen nebo bude vyvolána volba.

Error: (09/11/2023 07:54:08 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9NMPJ99VJBWV-Microsoft.YourPhone.

Error: (09/11/2023 07:50:42 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-OLM3P1O)
Description: Server Microsoft.YourPhone_1.23062.153.0_x64__8wekyb3d8bbwe!App.AppX3vhsrrrr4az9vb3h5mjdzkhtshkg5v0x.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (09/07/2023 06:44:05 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9NMPJ99VJBWV-Microsoft.YourPhone.

Error: (09/06/2023 07:53:58 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9NMPJ99VJBWV-Microsoft.YourPhone.

Error: (08/31/2023 12:40:40 AM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4

Error: (08/18/2023 01:43:49 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Stínové kopie svazku C: byly přerušeny, protože z důvodu limitu stanoveného uživatelem se nepodařilo zvětšit úložiště stínové kopie.

Error: (08/15/2023 02:03:21 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Služba Autodesk HSMWorks Distributed CAM Services skončila s následující chybou specifickou pro službu:
Nesprávná funkce.


Windows Defender:
================
Date: 2023-09-11 22:03:21
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {BD42C737-BAAA-4736-971F-2112DF56EF86}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2023-09-11 18:53:34
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {DCF7C8D8-896D-48A5-B279-A70884301957}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2023-09-06 22:03:21
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {70962439-8FAF-43E3-800F-88BA51B4FBE5}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2023-09-06 08:03:56
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {E858437A-0399-444B-9A1A-6AEFEEB381BC}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2023-09-05 08:04:52
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {032A6B48-0D7C-47E4-A7E1-021AD0BB9F4D}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Event[0]:

Date: 2023-05-11 09:02:28
Description:
Antivirová ochrana v programu Microsoft Defender narazil na kritickou chybu při provádění akce s malwarem nebo jiným potenciálně nežádoucím softwarem.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Lokibot.ANRB!MTB
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\admin\AppData\Roaming\Thunderbird\Profiles\30stodzh.default\ImapMail\imap.snackhost-1.eu\Junk->(part0515:110500_AS003_2022_5240041771_1.7z)->110500_AS003_2022_5240041771_1.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: Unknown
Akce: Karanténa
Stav akce: No additional actions required
Kód chyby: 0x800700de
Popis chyby: Ukládaný nebo načítaný typ souboru byl zablokován.
Verze bezpečnostních informací: AV: 1.389.880.0, AS: 1.389.880.0, NIS: 1.389.880.0
Verze modulu: AM: 1.1.20300.3, NIS: 1.1.20300.3

Date: 2023-05-11 09:02:28
Description:
Antivirová ochrana v programu Microsoft Defender narazil na kritickou chybu při provádění akce s malwarem nebo jiným potenciálně nežádoucím softwarem.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Lokibot.ANRB!MTB
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\admin\AppData\Roaming\Thunderbird\Profiles\30stodzh.default\ImapMail\imap.snackhost-1.eu\Junk->(part0515:110500_AS003_2022_5240041771_1.7z)->110500_AS003_2022_5240041771_1.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: Unknown
Akce: Karanténa
Stav akce: No additional actions required
Kód chyby: 0x800700de
Popis chyby: Ukládaný nebo načítaný typ souboru byl zablokován.
Verze bezpečnostních informací: AV: 1.389.880.0, AS: 1.389.880.0, NIS: 1.389.880.0
Verze modulu: AM: 1.1.20300.3, NIS: 1.1.20300.3

Date: 2023-05-04 14:03:04
Description:
Antivirová ochrana v programu Microsoft Defender narazil na kritickou chybu při provádění akce s malwarem nebo jiným potenciálně nežádoucím softwarem.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Lokibot.ANRB!MTB
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\admin\AppData\Roaming\Thunderbird\Profiles\30stodzh.default\ImapMail\imap.snackhost-1.eu\Junk->(part0515:110500_AS003_2022_5240041771_1.7z)->110500_AS003_2022_5240041771_1.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: Unknown
Akce: Karanténa
Stav akce: No additional actions required
Kód chyby: 0x800700de
Popis chyby: Ukládaný nebo načítaný typ souboru byl zablokován.
Verze bezpečnostních informací: AV: 1.389.140.0, AS: 1.389.140.0, NIS: 1.389.140.0
Verze modulu: AM: 1.1.20300.3, NIS: 1.1.20300.3

Date: 2023-05-04 14:03:04
Description:
Antivirová ochrana v programu Microsoft Defender narazil na kritickou chybu při provádění akce s malwarem nebo jiným potenciálně nežádoucím softwarem.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Lokibot.ANRB!MTB
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\admin\AppData\Roaming\Thunderbird\Profiles\30stodzh.default\ImapMail\imap.snackhost-1.eu\Junk->(part0515:110500_AS003_2022_5240041771_1.7z)->110500_AS003_2022_5240041771_1.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: Unknown
Akce: Karanténa
Stav akce: No additional actions required
Kód chyby: 0x800700de
Popis chyby: Ukládaný nebo načítaný typ souboru byl zablokován.
Verze bezpečnostních informací: AV: 1.389.140.0, AS: 1.389.140.0, NIS: 1.389.140.0
Verze modulu: AM: 1.1.20300.3, NIS: 1.1.20300.3

Date: 2023-05-02 14:04:16
Description:
Antivirová ochrana v programu Microsoft Defender narazil na kritickou chybu při provádění akce s malwarem nebo jiným potenciálně nežádoucím softwarem.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Lokibot.ANRB!MTB
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\admin\AppData\Roaming\Thunderbird\Profiles\30stodzh.default\ImapMail\imap.snackhost-1.eu\Junk->(part0515:110500_AS003_2022_5240041771_1.7z)->110500_AS003_2022_5240041771_1.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: Unknown
Akce: Karanténa
Stav akce: No additional actions required
Kód chyby: 0x800700de
Popis chyby: Ukládaný nebo načítaný typ souboru byl zablokován.
Verze bezpečnostních informací: AV: 1.387.2922.0, AS: 1.387.2922.0, NIS: 1.387.2922.0
Verze modulu: AM: 1.1.20200.4, NIS: 1.1.20200.4

CodeIntegrity:
===============
Date: 2023-03-20 08:25:58
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\ImmersiveControlPanel\SystemSettings.exe) attempted to load \Device\HarddiskVolume4\Program Files\Google\Drive File Stream\72.0.2.0\crashpad_handler.exe that did not meet the Microsoft signing level requirements.

Date: 2023-02-16 13:16:57
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\ImmersiveControlPanel\SystemSettings.exe) attempted to load \Device\HarddiskVolume4\Program Files\Google\Drive File Stream\70.0.2.0\crashpad_handler.exe that did not meet the Microsoft signing level requirements.

Date: 2023-01-30 07:44:17
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\ImmersiveControlPanel\SystemSettings.exe) attempted to load \Device\HarddiskVolume4\Program Files\Google\Drive File Stream\69.0.0.0\crashpad_handler.exe that did not meet the Microsoft signing level requirements.

Date: 2022-12-14 18:13:36
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Mozilla Firefox\firefox.exe) attempted to load \Device\HarddiskVolume4\Program Files\Mozilla Firefox\mozavcodec.dll that did not meet the Microsoft signing level requirements.

Date: 2022-12-14 18:13:36
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Mozilla Firefox\firefox.exe) attempted to load \Device\HarddiskVolume4\Program Files\Mozilla Firefox\mozavutil.dll that did not meet the Microsoft signing level requirements.


==================== Memory info ===========================

BIOS: HP N51 Ver. 01.24 04/27/2016
Motherboard: HP 802F
Processor: Intel(R) Core(TM) i7-6700 CPU @ 3.40GHz
Percentage of memory in use: 84%
Total physical RAM: 32688.59 MB
Available physical RAM: 4964.64 MB
Total Virtual: 64352.43 MB
Available Virtual: 28199.63 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:475.75 GB) (Free:23.11 GB) (Model: MTFDDAK512MBF-1AN1ZABHA) NTFS
Drive d: (Nový svazek) (Fixed) (Total:931.39 GB) (Free:145.29 GB) (Model: WDC WD10EZEX-60WN4A0) NTFS
Drive e: (My Book) (Fixed) (Total:5589 GB) (Free:1626.82 GB) (Model: WD My Book 25EE USB Device) exFAT
Drive g: (Google Drive) (Fixed) (Total:200 GB) (Free:21.96 GB) (Model: MTFDDAK512MBF-1AN1ZABHA) FAT32

\\?\Volume{2d11b580-00ec-446f-8c28-fccb217c6554}\ (Obnovení) (Fixed) (Total:0.44 GB) (Free:0.43 GB) NTFS
\\?\Volume{8cece581-d353-4b03-a381-f10bd18e0060}\ () (Fixed) (Total:0.63 GB) (Free:0.08 GB) NTFS
\\?\Volume{a70e0bb1-edf6-4ce0-9565-b1fe5b665825}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 476.9 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 1 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 2 (Size: 5589 GB) (Disk ID: 16F2A91F)

Partition: GPT.

==================== End of Addition.txt =======================

[Rudy]

Zdravím!
Spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

[AndySue]

info.txt logfile of random's system information tool 1.10 2023-09-14 11:55:38

======MBR======

0x000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200EEFEFF3301000000FFFFFFFF00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000055AA

======Uninstall list======

64 Bit HP CIO Components Installer-->MsiExec.exe /I{F8F948EA-5AEA-4158-8821-A2F788ECE936}
Acronis Drive Monitor-->MsiExec.exe /X{706AE61D-40A4-4F50-8359-FE8F6F7FA461}
Adobe Acrobat (64-bit)-->MsiExec.exe /I{AC76BA86-1029-1033-7760-BC15014EA700}
Adobe Refresh Manager-->MsiExec.exe /I{AC76BA86-0804-1033-1959-018244601052}
Application Verifier x64 External Package-->MsiExec.exe /I{2CBA883F-51A6-3D7D-DBB9-0527D39433CB}
Autodesk HSMWorks Distributed CAM 6.1.0.32486-->"C:\Program Files (x86)\Autodesk\HSMWorks Distributed CAM\unins000.exe"
Bonjour-->MsiExec.exe /X{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}
Canon LBP2900-->C:\Program Files\Canon\PrnUninstall\Canon LBP2900\CNAB4UND.EXE
ClickOnce Bootstrapper Package for Microsoft .NET Framework-->MsiExec.exe /X{22E13608-4DB0-4977-A267-3AAFA09CD54A}
CrystalDiskInfo 8.17.12-->"C:\Program Files\CrystalDiskInfo\unins000.exe"
DiagnosticsHub_CollectionService-->MsiExec.exe /I{FECAFEB5-8D0E-4AE4-8FA0-745BAA835C35}
Dynamic Application Loader Host Interface Service-->MsiExec.exe /I{E3AB2E94-D548-48A7-9F0E-A44D82ED1D7A}
eDrawings-->MsiExec.exe /I{99FC8D5C-67F0-4087-9BDF-FA5CC6702AEF}
Entity Framework 6.2.0 Tools for Visual Studio 2022-->MsiExec.exe /X{6D5C07E3-6A4D-4126-A7A7-8B6EFFE16E51}
FreeCAD 0.20.0-->"C:\Program Files\FreeCAD 0.20\Uninstall-FreeCAD.exe"
Google Drive-->C:\Program Files\Google\Drive File Stream\80.0.1.0\uninstall.exe
Google Chrome-->"C:\Program Files\Google\Chrome\Application\116.0.5845.188\Installer\setup.exe" --uninstall --channel=stable --system-level --verbose-logging
Google Update Helper-->MsiExec.exe /I{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}
HSMWorks x64 2016 R2.40513-->"C:\Program Files\HSMWorks\unins000.exe"
Chrome Remote Desktop Host-->MsiExec.exe /I{C17C2857-FF33-4EA0-8220-14A17DF82668}
icecap_collection_neutral-->MsiExec.exe /I{90819A24-C7DD-4956-8CBE-AE50B43D020D}
icecap_collection_x64-->MsiExec.exe /I{7D6A7B92-A26B-4DC6-A51F-0D741C9BC70F}
icecap_collectionresources-->MsiExec.exe /I{278641ED-D56B-43E0-AEDC-FFC14B038C74}
icecap_collectionresourcesx64-->MsiExec.exe /I{D8998F76-2D74-42E3-BCA4-D8D0F5D369CF}
Inkscape-->"C:\Program Files\Inkscape\Uninstall.exe"
Intel(R) Chipset Device Software-->MsiExec.exe /X{66F00951-0E74-43E7-9182-084A681734D0}
Intel(R) Icls-->MsiExec.exe /I{57640D80-A187-4A4F-BB91-7F2EF7AB5FE9}
Intel(R) LMS-->MsiExec.exe /I{62609178-ECD7-473C-9D1F-9E0CF6927E45}
Intel(R) Management Engine Components-->"C:\ProgramData\Intel Package Cache {1CEAC85D-2590-4760-800F-8DE5E91F3700}\Setup.exe" -uninstall
Intel(R) Management Engine Components-->MsiExec.exe /I{939DFEE4-2675-4B42-904B-B213B857E347}
Intel(R) Management Engine Components-->MsiExec.exe /I{E4697D8A-D9C0-4BCE-AC7F-5A56DD250529}
Intel(R) Management Engine Driver-->MsiExec.exe /I{EC8B054F-9D60-4AFC-9920-25ABFF987B29}
Intel(R) ME WMI Provider-->MsiExec.exe /I{3C66C597-3BAA-403D-9BCD-561ED78B0F1B}
Intel(R) SOL LMS Extension-->MsiExec.exe /I{D36619E0-ADBA-41C6-A5AC-222FCFBF762B}
Intel® Chipset Device Software-->"C:\ProgramData\Package Cache\{c4a581e8-a702-448c-80c7-4b6192985db2}\SetupChipset.exe" /uninstall
IntelliTraceProfilerProxy-->MsiExec.exe /I{C8891AD2-C223-45CD-A9BE-617A68923B61}
IntelliTraceProfilerProxy-->MsiExec.exe /I{F8B9E8C8-61E8-4E9E-879D-F3F498AD0230}
IrfanView 64 (remove only)-->"C:\Program Files\IrfanView\iv_uninstall.exe"
Kits Configuration Installer-->MsiExec.exe /I{CF83D17D-FB70-21A1-36E4-37EE7EC1B587}
Kontrola stavu osobního počítače s Windows-->MsiExec.exe /X{D1F15F7A-707A-42BD-BE6B-3380616F796D}
LibreOffice 7.1.7.2-->MsiExec.exe /I{9ED995EA-19B1-40AE-886A-339A3BECA977}
Microsoft .NET 6.0 Templates 7.0.102 (x64)-->MsiExec.exe /I{48C24F32-A313-4B3C-B2C0-692D05461628}
Microsoft .NET 7.0 Templates 7.0.102 (x64)-->MsiExec.exe /I{406BB598-E5A9-454A-8719-82644CB09B03}
Microsoft .NET AppHost Pack - 6.0.13 (x64)-->MsiExec.exe /X{F612BCA2-6E26-4F93-834B-8877939C0293}
Microsoft .NET AppHost Pack - 6.0.13 (x64_arm)-->MsiExec.exe /X{93A17F63-9B12-48F6-86BD-84535F2955FA}
Microsoft .NET AppHost Pack - 6.0.13 (x64_arm64)-->MsiExec.exe /X{CC2A595B-74D2-45E6-8B53-45F20215850D}
Microsoft .NET AppHost Pack - 6.0.13 (x64_x86)-->MsiExec.exe /X{F285BA87-F560-4587-8C08-7BF5A4A68762}
Microsoft .NET AppHost Pack - 7.0.2 (x64)-->MsiExec.exe /X{D7A77FBE-E0E7-47D7-86B4-51CB65B502C0}
Microsoft .NET AppHost Pack - 7.0.2 (x64_arm)-->MsiExec.exe /X{A4CCC742-818F-4C8C-8B56-631F6F76C7C6}
Microsoft .NET AppHost Pack - 7.0.2 (x64_arm64)-->MsiExec.exe /X{BEB46B9B-6D72-46E5-968C-CDED3C01896B}
Microsoft .NET AppHost Pack - 7.0.2 (x64_x86)-->MsiExec.exe /X{8C89D103-57BE-4509-9752-B1CD9F12D0B9}
Microsoft .NET Framework 4.7.2 Targeting Pack (čeština)-->MsiExec.exe /X{3DC65636-1EBB-41E9-836B-10174949883C}
Microsoft .NET Framework 4.7.2 Targeting Pack-->MsiExec.exe /X{1784A8CD-F7FE-47E2-A87D-1F31E7242D0D}
Microsoft .NET Framework 4.8 SDK (čeština)-->MsiExec.exe /X{84224644-1FA0-496E-8941-B1553C004E7A}
Microsoft .NET Framework 4.8 SDK-->MsiExec.exe /X{949C0535-171C-480F-9CF4-D25C9E60FE88}
Microsoft .NET Framework 4.8 Targeting Pack (čeština)-->MsiExec.exe /X{33D8579D-AE2C-45ED-9D16-08451BCC9B45}
Microsoft .NET Framework 4.8 Targeting Pack-->MsiExec.exe /X{BAAF5851-0759-422D-A1E9-90061B597188}
Microsoft .NET Framework Cumulative Intellisense Pack for Visual Studio (čeština)-->MsiExec.exe /X{EABEB841-5C97-4CE3-A4CF-64F5978D13B2}
Microsoft .NET Host - 7.0.2 (x64)-->MsiExec.exe /X{F0719345-342D-4A57-8EE4-30BF4FA3FBE9}
Microsoft .NET Host - 7.0.2 (x86)-->MsiExec.exe /X{BDC8107C-65E1-41C2-BE5E-8E27D70AB3B4}
Microsoft .NET Host FX Resolver - 7.0.2 (x64)-->MsiExec.exe /X{BE394B10-AD5D-4503-9AA9-E79F953B30E3}
Microsoft .NET Host FX Resolver - 7.0.2 (x86)-->MsiExec.exe /X{4FFCA92E-5974-473C-9239-516D02E11AEA}
Microsoft .NET Runtime - 6.0.13 (x64)-->MsiExec.exe /X{5F0DB006-2AE3-4D36-8077-65247FD687D4}
Microsoft .NET Runtime - 6.0.13 (x86)-->MsiExec.exe /X{87EA745D-32DA-4DCA-9ED4-BF4BA6232E1E}
Microsoft .NET Runtime - 7.0.2 (x64)-->MsiExec.exe /X{AE2D80C7-F19D-463F-B48F-3F343806721C}
Microsoft .NET Runtime - 7.0.2 (x86)-->MsiExec.exe /X{4B87C1C9-F1F5-4308-BE65-E23B51BACC60}
Microsoft .NET SDK 7.0.102 (x64) from Visual Studio-->MsiExec.exe /X{B3A63F4D-11C4-46FF-94C1-695633384F54}
Microsoft .NET Standard Targeting Pack - 2.1.0 (x64)-->MsiExec.exe /X{A7036CFB-B403-4598-85FF-D397ABB88173}
Microsoft .NET Targeting Pack - 6.0.13 (x64)-->MsiExec.exe /X{62E8F7DA-76C4-46BC-AB40-581C42EC5AFA}
Microsoft .NET Targeting Pack - 6.0.13 (x86)-->MsiExec.exe /X{22AC2DC4-99C8-469F-837B-03AE342E3827}
Microsoft .NET Targeting Pack - 7.0.2 (x64)-->MsiExec.exe /X{C0E951A8-6B2D-45CB-869D-EC4BC950D1E7}
Microsoft .NET Targeting Pack - 7.0.2 (x86)-->MsiExec.exe /X{6FE1E993-8813-44E5-945A-612BB76A99FA}
Microsoft .NET Toolset 7.0.102 (x64)-->MsiExec.exe /X{CD3AD81A-A806-473F-BB60-A402AFAD8D84}
Microsoft ASP.NET Core 6.0.13 Shared Framework (x64)-->MsiExec.exe /X{A6500837-F3BE-357E-9A21-6A78D098659F}
Microsoft ASP.NET Core 6.0.13 Shared Framework (x86)-->MsiExec.exe /X{43E10FF2-0E80-3E13-8AD8-302355855BB3}
Microsoft ASP.NET Core 6.0.13 Targeting Pack (x64)-->MsiExec.exe /X{BED7E006-DA64-3E61-8836-A231C2F7DD81}
Microsoft ASP.NET Core 6.0.13 Targeting Pack (x86)-->MsiExec.exe /X{A58EBFF5-0BF1-3F07-889B-31B20843BA1C}
Microsoft ASP.NET Core 7.0.2 Shared Framework (x64)-->MsiExec.exe /X{210A496F-E6CA-39C1-8FA4-1004059ED4E3}
Microsoft ASP.NET Core 7.0.2 Shared Framework (x86)-->MsiExec.exe /X{4EDC2B14-E02A-37B9-810B-336C3DDA6424}
Microsoft ASP.NET Core 7.0.2 Targeting Pack (x64)-->MsiExec.exe /X{0C082AC1-36AD-3E86-B72D-16EF3A4D907F}
Microsoft ASP.NET Core 7.0.2 Targeting Pack (x86)-->MsiExec.exe /X{85CECCAF-91AA-3D0E-8AA5-B68904EEBB85}
Microsoft Edge WebView2 Runtime-->"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\116.0.1938.76\Installer\setup.exe" --uninstall --msedgewebview --system-level --verbose-logging
Microsoft Edge-->"C:\Program Files (x86)\Microsoft\Edge\Application\116.0.1938.76\Installer\setup.exe" --uninstall --msedge --channel=stable --system-level --verbose-logging
Microsoft Office 2003 Web Components-->MsiExec.exe /I{90120000-00A4-0409-0000-0000000FF1CE}
Microsoft System CLR Types for SQL Server 2019-->MsiExec.exe /I{5BC7E9EB-13E8-45DB-8A60-F2481FEB4595}
Microsoft TestPlatform SDK Local Feed-->MsiExec.exe /I{839C2D45-DDF6-432C-A6A2-C6AF2EF281BF}
Microsoft Update Health Tools-->MsiExec.exe /X{2953E19B-9F91-4A49-A23B-7E25970A1951}
Microsoft Visual Basic for Applications 7.1 (x64) English-->MsiExec.exe /I{90F60409-7000-11D3-8CFE-0150048383C9}
Microsoft Visual Basic for Applications 7.1 (x64)-->MsiExec.exe /I{90120064-0070-0000-0000-4000000FF1CE}
Microsoft Visual C++ 2005 Redistributable (x64)-->MsiExec.exe /X{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161-->MsiExec.exe /X{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F}
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219-->MsiExec.exe /X{1D8E6291-B0D5-35EC-8441-6616F567A0F7}
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219-->MsiExec.exe /X{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030-->"C:\ProgramData\Package Cache\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}\vcredist_x64.exe" /uninstall
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030-->"C:\ProgramData\Package Cache\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}\vcredist_x86.exe" /uninstall
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030-->MsiExec.exe /X{37B8F9C7-03FB-3253-8781-2517C99D7C00}
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030-->MsiExec.exe /X{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030-->MsiExec.exe /X{B175520C-86A2-35A7-8619-86DC379688B9}
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030-->MsiExec.exe /X{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.34.31931-->"C:\ProgramData\Package Cache\{d4cecf3b-b68f-4995-8840-52ea0fab646e}\VC_redist.x64.exe" /uninstall
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.34.31931-->"C:\ProgramData\Package Cache\{6ba9fb5e-8366-4cc4-bf65-25fe9819b2fc}\VC_redist.x86.exe" /uninstall
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.34.31931-->MsiExec.exe /I{EAE242B1-0A26-485A-BFEB-0292EE9F03CB}
Microsoft Visual C++ 2022 X64 Debug Runtime - 14.34.31931-->MsiExec.exe /I{28E7B326-6E09-4960-88C1-AF305A11665C}
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.34.31931-->MsiExec.exe /I{CF4C347D-954E-4543-88D2-EC17F07F466F}
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.34.31931-->MsiExec.exe /I{C2662EFF-06E6-4FD1-9D6D-FDCA91025757}
Microsoft Visual C++ 2022 X86 Debug Runtime - 14.34.31931-->MsiExec.exe /I{26D20F81-7672-441B-9092-88E0D2409992}
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.34.31931-->MsiExec.exe /I{AB1BDF73-7393-42CE-812D-9A90918814D5}
Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU-->C:\Program Files\Microsoft Visual Studio 8\Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU\install.exe
Microsoft Visual Studio Installer-->"C:\Program Files (x86)\Microsoft Visual Studio\Installer\setup.exe" /uninstall
Microsoft Visual Studio Setup Configuration-->MsiExec.exe /I{B1CFE19E-298A-4D14-BACD-CAA36AC4895B}
Microsoft Visual Studio Setup WMI Provider-->MsiExec.exe /I{85516DED-4402-44CD-9D01-1D1F3D0C0178}
Microsoft Web Deploy 4.0-->MsiExec.exe /I{0C85743B-48E7-4948-96D6-C3BB90246418}
Microsoft Windows Desktop Runtime - 6.0.13 (x64)-->MsiExec.exe /X{8484730A-68A4-4C63-93B4-52628D3B488D}
Microsoft Windows Desktop Runtime - 6.0.13 (x86)-->MsiExec.exe /X{ACFA81A9-FD2F-4731-BE64-9163E3E9FF58}
Microsoft Windows Desktop Runtime - 7.0.2 (x64)-->MsiExec.exe /X{B7177578-AF27-44BF-A0B1-8B9D6AF7ECC3}
Microsoft Windows Desktop Runtime - 7.0.2 (x86)-->MsiExec.exe /X{B5CB1A18-CEB8-464B-B83C-556D1DDBF3B5}
Microsoft Windows Desktop Targeting Pack - 6.0.13 (x64)-->MsiExec.exe /X{F3E2081B-744C-4023-A61E-EEAB556A2A33}
Microsoft Windows Desktop Targeting Pack - 6.0.13 (x86)-->MsiExec.exe /X{D73590E4-7314-4E3D-B2CB-B308B256D8AF}
Microsoft Windows Desktop Targeting Pack - 7.0.2 (x64)-->MsiExec.exe /X{2505676D-0245-4775-B7BE-F4C1DDC902D8}
Microsoft Windows Desktop Targeting Pack - 7.0.2 (x86)-->MsiExec.exe /X{C6DF1343-B58A-44E4-B3FB-4C05649A7B59}
Microsoft.NET.Sdk.Android.Manifest-7.0.100 (x64)-->MsiExec.exe /X{FE768F65-89B5-40E5-9CE5-25D002197AE7}
Microsoft.NET.Sdk.iOS.Manifest-7.0.100 (x64)-->MsiExec.exe /X{4491220D-21E8-4C34-84FC-F2659E08BF7E}
Microsoft.NET.Sdk.MacCatalyst.Manifest-7.0.100 (x64)-->MsiExec.exe /X{C20CF802-93E3-4BF8-B2F0-8D0B9C826C00}
Microsoft.NET.Sdk.macOS.Manifest-7.0.100 (x64)-->MsiExec.exe /X{1E665F2B-6760-42E4-8E97-02B10B97FBA2}
Microsoft.NET.Sdk.Maui.Manifest-7.0.100 (x64)-->MsiExec.exe /X{B0FBA6B7-B985-4D20-AC10-7E16D4D8C9CB}
Microsoft.NET.Sdk.tvOS.Manifest-7.0.100 (x64)-->MsiExec.exe /X{D98B986D-3D40-4E37-A584-F82381A3E74B}
Microsoft.NET.Workload.Emscripten.net6.Manifest (x64)-->MsiExec.exe /X{754E7936-D264-406F-A76D-1C4E0102AE39}
Microsoft.NET.Workload.Emscripten.net7.Manifest (x64)-->MsiExec.exe /X{F99D901B-F288-4D79-ACAA-E31BE48D789D}
Microsoft.NET.Workload.Mono.Toolchain.net6.Manifest (x64)-->MsiExec.exe /X{8A4F7CD9-8D41-414C-8F68-6A3D291C16A4}
Microsoft.NET.Workload.Mono.Toolchain.net7.Manifest (x64)-->MsiExec.exe /X{A0F31B66-D366-4C0E-86B1-511DE274FE2D}
MozBackup 1.5.1-->C:\Program Files (x86)\MozBackup\Uninstall.exe
Mozilla Firefox (x64 cs)-->"C:\Program Files\Mozilla Firefox\uninstall\helper.exe"
Mozilla Maintenance Service-->"C:\Program Files (x86)\Mozilla Maintenance Service\uninstall.exe"
Mozilla Thunderbird (x64 cs)-->"C:\Program Files\Mozilla Thunderbird\uninstall\helper.exe"
MSI Development Tools-->MsiExec.exe /I{95A498A9-5E6E-5779-1523-876224F41F94}
Npcap-->"C:\Program Files\Npcap\uninstall.exe"
NVIDIA Ovladač HD audia 1.3.39.16-->"C:\WINDOWS\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage HDAudio.Driver
NVIDIA Ovladače grafiky 528.89-->"C:\WINDOWS\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.Driver
NVIDIA RTX Desktop Manager 202.85-->"C:\WINDOWS\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.NView
PL-2303 USB-to-Serial-->"C:\Program Files (x86)\InstallShield Installation Information\{A9111573-EF12-4D80-A5B9-55F620D5BCA1}\setup.exe" -runfromtemp -l0x0009 -removeonly
PrimoPDF -- brought to you by Nitro PDF Software-->"C:\Program Files (x86)\Nitro PDF\PrimoPDF\uninstaller.exe"
PSPad editor-->"C:\Program Files (x86)\PSPad editor\Uninst\unins000.exe"
PuTTY release 0.71 (64-bit)-->MsiExec.exe /X{B27534DB-4F72-4F49-A3AD-5EC1B6901E5E}
Python 2.7.18 (64-bit)-->MsiExec.exe /I{A5F504DF-2ED9-4A2D-A2F3-9D2750DD42D6}
Python 3.10.0 Core Interpreter (64-bit)-->MsiExec.exe /I{B137EFE9-BD8A-4138-AC7F-360461C4EEAF}
Python 3.10.0 Development Libraries (64-bit)-->MsiExec.exe /I{A8E320AF-B8C7-493C-97D8-6328C1CE721B}
Python 3.10.0 Documentation (64-bit)-->MsiExec.exe /I{23A78F0F-0B41-497A-BB67-7E9AC3C20351}
Python 3.10.0 Executables (64-bit)-->MsiExec.exe /I{D623791F-7EBA-4794-BF56-79D4CFC6BE65}
Python 3.10.0 pip Bootstrap (64-bit)-->MsiExec.exe /I{D545AFB9-E0E8-4B43-897A-0EB97ED46859}
Python 3.10.0 Standard Library (64-bit)-->MsiExec.exe /I{BB3BA776-4C84-43FB-9CE6-5A37FFC23032}
Python 3.10.0 Tcl/Tk Support (64-bit)-->MsiExec.exe /I{AE37C7FB-835D-4E31-851E-801D5C659A3E}
Python 3.10.0 Test Suite (64-bit)-->MsiExec.exe /I{6B61C3C6-43DE-4D58-BDC4-76170C7C7C32}
Python 3.10.0 Utility Scripts (64-bit)-->MsiExec.exe /I{578C5B87-CBE0-4720-90C0-46A917C4FE5C}
Python 3.11.0 Core Interpreter (32-bit)-->MsiExec.exe /I{71EC41D8-507E-40C8-AF95-53FE5BA4ED34}
Python 3.11.0 Development Libraries (32-bit)-->MsiExec.exe /I{DDE3E99C-F86A-436D-91F9-304F3C00370C}
Python 3.11.0 Documentation (32-bit)-->MsiExec.exe /I{5E6FBC90-4180-491B-8DF3-387E9C505621}
Python 3.11.0 Executables (32-bit)-->MsiExec.exe /I{869D67C8-AE2E-43F3-96C2-85927E4A7380}
Python 3.11.0 pip Bootstrap (32-bit)-->MsiExec.exe /I{D070AAAA-0D89-4DCA-901A-BC79F5E2276F}
Python 3.11.0 Standard Library (32-bit)-->MsiExec.exe /I{7565E13F-F118-44FD-B7E9-6E673A6B3A9D}
Python 3.11.0 Tcl/Tk Support (32-bit)-->MsiExec.exe /I{0D26C541-D790-4E31-9B16-0C65969AA44C}
Python 3.11.0 Test Suite (32-bit)-->MsiExec.exe /I{2652ADDA-74F2-4C40-BC75-E049A19BEE3F}
Python 3.11.0 Utility Scripts (32-bit)-->MsiExec.exe /I{EFE290C7-EDE6-4C22-A11F-71D3E45C3305}
Python 3.11.1 Core Interpreter (64-bit)-->MsiExec.exe /I{5D1EFF51-4740-4E62-8E49-11C13DEC34C3}
Python 3.11.1 Development Libraries (64-bit)-->MsiExec.exe /I{988799D6-A7CE-4F51-89AF-1E4A64FA7ECA}
Python 3.11.1 Documentation (64-bit)-->MsiExec.exe /I{5EB7FFE8-5B05-4DD3-9DE0-D0F20D93FA6C}
Python 3.11.1 Executables (64-bit)-->MsiExec.exe /I{A7DE96A8-2F75-44B2-B46E-5D50DE5B1B80}
Python 3.11.1 pip Bootstrap (64-bit)-->MsiExec.exe /I{C5FAF3D9-A03D-4F6A-AAC9-87735DDA5DCF}
Python 3.11.1 Standard Library (64-bit)-->MsiExec.exe /I{21EEFB31-6A96-4CAE-9A3B-B7FD6374C155}
Python 3.11.1 Tcl/Tk Support (64-bit)-->MsiExec.exe /I{66CA643F-68B2-4063-8F87-34D48A2C49ED}
Python 3.11.1 Test Suite (64-bit)-->MsiExec.exe /I{EFFC2C23-AEE2-4867-998C-5F5A902496C0}
Python 3.11.1 Utility Scripts (64-bit)-->MsiExec.exe /I{E63D4F21-1B1F-43DC-9347-4FB51A71704C}
Python 3.9.7 Core Interpreter (64-bit symbols)-->MsiExec.exe /I{19CCBF82-F32C-4F9B-A25A-C18CA0229930}
Python 3.9.7 Core Interpreter (64-bit)-->MsiExec.exe /I{88D4EF59-607D-43AD-B7C7-F5A753740FD1}
Python 3.9.7 Development Libraries (64-bit)-->MsiExec.exe /I{97496FC6-5044-4A2A-BACD-40A44F38D483}
Python 3.9.7 Documentation (64-bit)-->MsiExec.exe /I{AA408E09-EBB3-470F-8D63-5AA0C46C2DA2}
Python 3.9.7 Executables (64-bit symbols)-->MsiExec.exe /I{FA525B0C-1DC4-4733-895E-FC0BB30229C9}
Python 3.9.7 Executables (64-bit)-->MsiExec.exe /I{870EC220-FEAE-481D-8B29-B4B0DF5402FA}
Python 3.9.7 pip Bootstrap (64-bit)-->MsiExec.exe /I{F1280AA2-AAC3-41AB-9616-CCF00814E626}
Python 3.9.7 Standard Library (64-bit symbols)-->MsiExec.exe /I{AB1F1505-63F0-4E88-874D-55448A1020C4}
Python 3.9.7 Standard Library (64-bit)-->MsiExec.exe /I{05903EEF-72A2-4C1A-AD35-41AD6C7094A8}
Python 3.9.7 Tcl/Tk Support (64-bit symbols)-->MsiExec.exe /I{F9100C91-CF07-4FAE-A017-7E6A57FAF41D}
Python 3.9.7 Tcl/Tk Support (64-bit)-->MsiExec.exe /I{6E8EAD3C-6F0C-494C-9C12-E10C5B5EE7EA}
Python 3.9.7 Test Suite (64-bit symbols)-->MsiExec.exe /I{EA4833F1-B32B-4D49-81C8-E28B67E87590}
Python 3.9.7 Test Suite (64-bit)-->MsiExec.exe /I{67D79D6E-8497-4EE6-850B-834D3A27553F}
Python 3.9.7 Utility Scripts (64-bit)-->MsiExec.exe /I{4110826A-903C-410C-9785-7848A51B9CC9}
Python Launcher-->MsiExec.exe /X{8A19B72D-62A8-4198-BEBD-CAEF117194C8}
Realtek High Definition Audio Driver-->"C:\Program Files\Realtek\Audio\HDA\RtlUpd64.exe" -r -m -nrg2709
SDK ARM Additions-->MsiExec.exe /I{BD786819-AA80-7B18-125D-AA03AAF2759B}
SDK ARM Redistributables-->MsiExec.exe /I{4349F57C-0C9C-C16B-9A40-E7B406C451E2}
SOLIDWORKS 2016 x64 Czech Resources-->MsiExec.exe /X{BD37B53B-592C-41B4-BECA-D156E3D0B058}
SOLIDWORKS 2016 x64 Edition SP05-->"C:\Windows\SolidWorks\IM_20160-40500-1100-100\sldim\sldIM.exe" /remove "C:\Windows\SolidWorks\IM_20160-40500-1100-100\sldim\sldIM_installed.xml"
SOLIDWORKS 2016 x64 Edition SP05-->MsiExec.exe /X{768F3B65-1695-47B7-9002-B11400CB111D}
SOLIDWORKS Composer Player 2016 SP05 x64 Edition-->MsiExec.exe /I{8537E059-C18B-4DE6-AED6-CD9B90240C35}
SOLIDWORKS eDrawings 2016 x64 Edition SP05-->MsiExec.exe /I{12339098-76B6-47CD-B52A-52E4809108F6}
SOLIDWORKS Explorer 2016 SP05 x64 Edition-->MsiExec.exe /I{41E08694-1890-4B39-9D1C-B9D27A1D67B3}
Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
TeamViewer-->"C:\Program Files\TeamViewer\uninstall.exe"
Tesseract-OCR - open source OCR engine-->C:\Program Files (x86)\Tesseract-OCR\tesseract-uninstall.exe
Tesseract-OCR - open source OCR engine-->C:\Program Files\Tesseract-OCR\tesseract-uninstall.exe
Total Commander 64-bit (Remove or Repair)-->C:\Program Files\totalcmd\tcunin64.exe
UltraVnc-->"C:\Program Files\uvnc bvba\UltraVNC\unins000.exe"
Universal CRT Extension SDK-->MsiExec.exe /I{90AAE845-42CE-EC12-4041-8ADF7BE765E7}
Universal CRT Headers Libraries and Sources-->MsiExec.exe /I{98D5C5AA-993C-1371-C7AF-8F8A0E8CAF86}
Universal CRT Redistributable-->MsiExec.exe /I{0460C87B-7F4C-3170-FAC9-B7A6AE5CE4E9}
Universal CRT Redistributable-->MsiExec.exe /I{8EC1DC78-0A65-B6AC-664D-DFB3AC8E9736}
Universal CRT Tools x64-->MsiExec.exe /I{82F9F289-6088-8F39-1918-A45315FEF99A}
Universal CRT Tools x86-->MsiExec.exe /I{A829BD53-4BE5-23F2-C4A8-026CB5D47ECF}
Universal General MIDI DLS Extension SDK-->MsiExec.exe /I{D62BC488-4C4A-BF17-A0CE-21B4BF8F9B30}
Update for Windows 10 for x64-based Systems (KB4480730)-->MsiExec.exe /X{0746492E-47B6-4251-940C-44462DFD74BB}
Update for Windows 10 for x64-based Systems (KB5001716)-->MsiExec.exe /X{C270D21B-2327-49B8-85F7-395133A93C75}
UpdateAssistant-->MsiExec.exe /I{76A22428-2400-4521-96AF-7AC4A6174CA5}
vcpp_crt.redist.clickonce-->MsiExec.exe /I{CFF203A1-51CB-42FE-9997-B6B01371AF30}
Visual Studio Community 2022-->"C:\Program Files (x86)\Microsoft Visual Studio\Installer\setup.exe" uninstall --installPath "C:\Program Files\Microsoft Visual Studio\2022\Community"
VLC media player-->"C:\Program Files\VideoLAN\VLC\uninstall.exe"
VNC Server 6.1.1-->MsiExec.exe /I{BF68FC97-1CBA-49D5-88EB-3E0CDC3D379D}
VNC Viewer 6.1.1-->MsiExec.exe /I{1B14F26D-AAC9-4781-A468-5DFD5DF5FF91}
VS Immersive Activate Helper-->MsiExec.exe /I{0B826206-3626-4E96-A675-0BDE6B8711B6}
VS JIT Debugger-->MsiExec.exe /I{7B8542BA-01E4-43EB-A172-1DA975AFD00B}
VS Script Debugging Common-->MsiExec.exe /I{C8EA234A-FC2F-4EEC-BF7F-DB14C28C84D2}
vs_BlendMsi-->MsiExec.exe /I{8C14D3DF-69AD-443A-A607-B4B1BE9575CC}
vs_clickoncebootstrappermsi-->MsiExec.exe /I{6AF210BE-348B-4156-8B2E-CD57FC573ABD}
vs_clickoncebootstrappermsires-->MsiExec.exe /I{3826E149-22D5-470D-B8A7-D11244EA2720}
vs_clickoncesigntoolmsi-->MsiExec.exe /I{7B907A0B-2606-42EB-A880-80E1F6AA4C48}
vs_communitymsires-->MsiExec.exe /I{F48F6538-AB3C-4FD1-8ACE-0E5A861EC43C}
vs_communitysharedmsi-->MsiExec.exe /I{B56EF9C1-B982-45B1-BEB5-3C8F50B21CF2}
vs_communityx64msi-->MsiExec.exe /I{9BF7BDD3-62E8-4E47-AF96-13EA1EB853AD}
vs_CoreEditorFonts-->MsiExec.exe /I{667150AA-8DA3-433E-91EC-88BD8730D32A}
vs_devenvsharedmsi-->MsiExec.exe /I{04D84C30-B442-49D2-A139-B8AAA7ACD445}
vs_devenx64vmsi-->MsiExec.exe /I{0DE775A3-1C63-4210-9CDC-D23F5330D715}
vs_filehandler_amd64-->MsiExec.exe /I{12B0A225-610B-43DA-8585-E2EAD563D611}
vs_filehandler_x86-->MsiExec.exe /I{56373DD6-9A8E-4C0C-95F6-F64DF2054A6F}
vs_FileTracker_Singleton-->MsiExec.exe /I{49559293-3192-40D3-864C-5AB88E744A79}
vs_Graphics_Singletonx64-->MsiExec.exe /I{9138874C-2D20-46BC-84BC-A13B31DF8955}
vs_Graphics_Singletonx86-->MsiExec.exe /I{9D4033AD-2990-469B-A2CC-CEE9A707106A}
vs_minshellinteropsharedmsi-->MsiExec.exe /I{1EF48E65-5B07-4502-B6C2-43BC8311DAC3}
vs_minshellinteropx64msi-->MsiExec.exe /I{5691C5AB-0847-4862-8C49-43245E7DCE2C}
vs_minshellmsires-->MsiExec.exe /I{988A9E72-24DF-4FC8-9F94-E2BFDAE40397}
vs_minshellsharedmsi-->MsiExec.exe /I{C32CB038-8A83-4860-853F-9168214E3536}
vs_minshellx64msi-->MsiExec.exe /I{1AB2F81F-A360-4BE1-B68F-B50F0609A1AE}
vs_SQLClickOnceBootstrappermsi-->MsiExec.exe /I{8C352959-35A5-40CA-A49C-91B349AB2778}
vs_tipsmsi-->MsiExec.exe /I{6A7EA630-41A1-455D-849D-2AA2D1420236}
vs_vswebprotocolselectormsi-->MsiExec.exe /I{ACBBFCA9-A48A-425A-BF50-B6FB8EFE7934}
vs_vswebprotocolselectormsires-->MsiExec.exe /I{2BC745F0-9928-46F2-949C-0966D3826611}
WinAppDeploy-->MsiExec.exe /I{8E3AB865-9E38-1E5F-7B49-C8E3A70C6303}
Windows App Certification Kit Native Components-->MsiExec.exe /I{69331A50-908A-0745-CFCF-8413360C5B96}
Windows App Certification Kit SupportedApiList x86-->MsiExec.exe /I{81D4E442-F6C5-DF4B-DEF8-76E51ACC56F8}
Windows App Certification Kit x64-->MsiExec.exe /I{FD68622A-634F-FB49-6E94-E21A451A3B5A}
Windows Desktop Extension SDK Contracts-->MsiExec.exe /I{D54B24F7-43DE-C7BF-3A5C-83F9E8E0700D}
Windows Desktop Extension SDK-->MsiExec.exe /I{3F737DA8-C5B7-8740-6B07-BA73B5E62CDF}
Windows IoT Extension SDK Contracts-->MsiExec.exe /I{1FF69612-5A91-3565-7EE3-0539A04E3B8D}
Windows IoT Extension SDK-->MsiExec.exe /I{5B64C01B-2798-A2F6-89C3-AC03906F8788}
Windows Mobile Extension SDK Contracts-->MsiExec.exe /I{8EDE105B-885A-D173-50F8-F50F39C51CF9}
Windows Mobile Extension SDK-->MsiExec.exe /I{DF2A6855-DB81-9047-3033-8D6AC6055AEF}
Windows SDK AddOn-->MsiExec.exe /I{15941C7F-810D-41DF-8C5A-8D0490277AFB}
Windows SDK ARM Desktop Tools-->MsiExec.exe /I{A99B19D4-7F87-03E5-B4A8-80420ECD7F53}
Windows SDK Desktop Headers arm-->MsiExec.exe /I{C7C68DA0-8501-16DD-1E6A-6C34AAA28F21}
Windows SDK Desktop Headers arm64-->MsiExec.exe /I{30092A0E-1D50-8D66-E5EB-01F6AA8C1FFE}
Windows SDK Desktop Headers x64-->MsiExec.exe /I{C47F0820-6424-AE53-6BAF-2D41E829C855}
Windows SDK Desktop Headers x86-->MsiExec.exe /I{6F1B1243-7C12-5398-F575-5102906569A6}
Windows SDK Desktop Libs arm-->MsiExec.exe /I{6221E085-FE37-1068-E6D7-9D08ABD32AE2}
Windows SDK Desktop Libs arm64-->MsiExec.exe /I{82931C8D-83CC-CF2E-F4FA-9AF0829BCA22}
Windows SDK Desktop Libs x64-->MsiExec.exe /I{1A457607-6262-3949-63D4-E1F85A3D95FD}
Windows SDK Desktop Libs x86-->MsiExec.exe /I{7CAF3DA2-79F6-C0DB-6C56-2462C8C4914C}
Windows SDK Desktop Tools arm64-->MsiExec.exe /I{54E5E684-132E-23D3-CBF6-962122E2C568}
Windows SDK Desktop Tools x64-->MsiExec.exe /I{E5715C32-34B0-6F8E-81B8-13FB19B1B682}
Windows SDK Desktop Tools x86-->MsiExec.exe /I{02594FB6-9905-CBB9-10E8-EFCFB7122D7C}
Windows SDK DirectX x64 Remote-->MsiExec.exe /I{0B12F7E3-EDAA-AF92-20BB-88540FEF54BA}
Windows SDK DirectX x86 Remote-->MsiExec.exe /I{B9A2EE66-E1B9-ED85-E75B-041A348EB46D}
Windows SDK EULA-->MsiExec.exe /I{93F9D7FA-F2FD-837D-E53F-D79767071E44}
Windows SDK Facade Windows WinMD Versioned-->MsiExec.exe /I{31B6D021-BC97-82C5-9C42-16AB86C37215}
Windows SDK for Windows Store Apps Contracts-->MsiExec.exe /I{AD3B32A0-5F71-DE89-B55A-9E85964186D8}
Windows SDK for Windows Store Apps DirectX x86 Remote-->MsiExec.exe /I{31A3EB09-E226-B0E5-FA70-FF4B3CAD2ECF}
Windows SDK for Windows Store Apps Headers-->MsiExec.exe /I{A1DA436A-2FA4-FDC2-9B0A-FBB40CF0499D}
Windows SDK for Windows Store Apps Libs-->MsiExec.exe /I{C8977C7D-F685-8282-3C78-6276E03E3B32}
Windows SDK for Windows Store Apps Metadata-->MsiExec.exe /I{7907F380-3CFD-247C-9DFC-A23CED2012F8}
Windows SDK for Windows Store Apps Tools-->MsiExec.exe /I{68F11757-8C35-BEB6-2AED-6F7C6CC5B8C0}
Windows SDK for Windows Store Apps-->MsiExec.exe /I{CFC51C75-8F08-1968-BC86-70A396D353D9}
Windows SDK for Windows Store Managed Apps Libs-->MsiExec.exe /I{B0CB401F-F1EF-E63C-8191-9A447FC24C58}
Windows SDK Modern Non-Versioned Developer Tools-->MsiExec.exe /I{FA582B75-7D9C-2717-5E64-1A8CC5E46ABD}
Windows SDK Modern Versioned Developer Tools-->MsiExec.exe /I{EA338ECA-C63F-4BD6-B66F-274433C75A49}
Windows SDK Redistributables-->MsiExec.exe /I{7DBE357D-2AA2-7B68-267E-F8DAEB182D6F}
Windows SDK Signing Tools-->MsiExec.exe /I{0F5E7D7D-8969-DC1B-205D-024FB54A0417}
Windows SDK-->MsiExec.exe /I{2D2EBB11-484D-8F73-FA25-3FFABCE371F0}
Windows Software Development Kit - Windows 10.0.22000.832-->"C:\ProgramData\Package Cache\{d6a76ead-c762-4d93-9c24-1fa3efa1e12d}\winsdksetup.exe" /uninstall
Windows Team Extension SDK Contracts-->MsiExec.exe /I{5F1D4DE5-BFF3-503B-D05F-40ED6927DE17}
Windows Team Extension SDK-->MsiExec.exe /I{14705B25-5AC2-82AC-DB79-A35219016ABB}
WinRAR 5.40 (64-bit)-->C:\Program Files\WinRAR\uninstall.exe
WinRT Intellisense Desktop - en-us-->MsiExec.exe /I{FBF034E1-563E-1F9D-DC45-491BB88E9B9E}
WinRT Intellisense Desktop - Other Languages-->MsiExec.exe /I{837DD890-14CE-9EB3-E8E1-F96A7EE5CFE5}
WinRT Intellisense IoT - en-us-->MsiExec.exe /I{823E92A6-7572-174D-0671-95A55785F991}
WinRT Intellisense IoT - Other Languages-->MsiExec.exe /I{3A8F388C-D0F7-0A66-0EDE-D477B1B1B2F4}
WinRT Intellisense Mobile - en-us-->MsiExec.exe /I{0F2D2736-F436-3F10-FB30-9D279F58305B}
WinRT Intellisense PPI - en-us-->MsiExec.exe /I{FEAF2203-A2AC-080C-9D55-9F09623F38C3}
WinRT Intellisense PPI - Other Languages-->MsiExec.exe /I{A06212FE-3C20-31C7-F88A-46673EF72E83}
WinRT Intellisense UAP - en-us-->MsiExec.exe /I{4308116D-A763-144D-DC81-6243BE6B2ADF}
WinRT Intellisense UAP - Other Languages-->MsiExec.exe /I{D307C8A5-7335-056E-6E64-E28544674EFD}
Wireshark 3.6.3 64-bit-->"C:\Program Files\Wireshark\uninstall.exe"
wkhtmltox 0.12.6-1-->"C:\Program Files\wkhtmltopdf\uninstall.exe"
WPTx64-->MsiExec.exe /I{0B2C58EB-67A2-225B-60B2-D1990E55DD33}
X-Mouse Button Control 2.20.5-->C:\Program Files\Highresolution Enterprises\X-Mouse Button Control\uninstaller.exe
Zebra Setup Utilities-->"C:\ProgramData\{AE94F872-39B7-45FC-AC9B-0F6601591D4B}\zsu-1-1-9-1290.exe" REMOVE=TRUE MODIFY=FALSE
Zebra Setup Utilities-->C:\ProgramData\{AE94F872-39B7-45FC-AC9B-0F6601591D4B}\zsu-1-1-9-1290.exe

======System event log======

Computer Name: DESKTOP-OLM3P1O
Event Code: 1
Message:
Record Number: 8369
Source Name: googledrivefs3758
Time Written: 20220419070945.536062-000
Event Type: Informace
User:

Computer Name: DESKTOP-OLM3P1O
Event Code: 1
Message:
Record Number: 8368
Source Name: googledrivefs3758
Time Written: 20220419070945.536062-000
Event Type: Informace
User:

Computer Name: DESKTOP-OLM3P1O
Event Code: 1
Message:
Record Number: 8367
Source Name: googledrivefs3758
Time Written: 20220419070945.536062-000
Event Type: Informace
User:

Computer Name: DESKTOP-OLM3P1O
Event Code: 1
Message:
Record Number: 8366
Source Name: googledrivefs3758
Time Written: 20220419070945.536062-000
Event Type: Informace
User:

Computer Name: DESKTOP-OLM3P1O
Event Code: 1
Message:
Record Number: 8365
Source Name: googledrivefs3758
Time Written: 20220419070945.536062-000
Event Type: Informace
User:

=====Application event log=====

Computer Name: DESKTOP-OLM3P1O
Event Code: 0
Message: Operace byla dokončena úspěšně.
Record Number: 5097310
Source Name: SynTPEnhService
Time Written: 20230912004833.943629-000
Event Type: Informace
User:

Computer Name: DESKTOP-OLM3P1O
Event Code: 0
Message: Operace byla dokončena úspěšně.
Record Number: 5097309
Source Name: SynTPEnhService
Time Written: 20230912004828.915733-000
Event Type: Informace
User:

Computer Name: DESKTOP-OLM3P1O
Event Code: 0
Message: Operace byla dokončena úspěšně.
Record Number: 5097308
Source Name: SynTPEnhService
Time Written: 20230912004823.897066-000
Event Type: Informace
User:

Computer Name: DESKTOP-OLM3P1O
Event Code: 0
Message: Operace byla dokončena úspěšně.
Record Number: 5097307
Source Name: SynTPEnhService
Time Written: 20230912004818.885087-000
Event Type: Informace
User:

Computer Name: DESKTOP-OLM3P1O
Event Code: 0
Message: Operace byla dokončena úspěšně.
Record Number: 5097306
Source Name: SynTPEnhService
Time Written: 20230912004813.871825-000
Event Type: Informace
User:

=====Security event log=====

Computer Name: DESKTOP-OLM3P1O
Event Code: 5379
Message: Přihlašovací údaje Správce přihlašovacích údajů byly přečteny.

Subjekt:
ID zabezpečení: S-1-5-18
Název účtu: DESKTOP-OLM3P1O$
Doména účtu: WORKGROUP
Přihlašovací ID: 0x3E7
Operace čtení: Vytvořit výčet přihlašovacích údajů

K této události dochází, když uživatel provede operaci čtení u uložených přihlašovacích údajů ve Správci přihlašovacích údajů.
Record Number: 760803
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20230830171113.959050-000
Event Type: Úspěšný audit
User:

Computer Name: DESKTOP-OLM3P1O
Event Code: 5379
Message: Přihlašovací údaje Správce přihlašovacích údajů byly přečteny.

Subjekt:
ID zabezpečení: S-1-5-18
Název účtu: DESKTOP-OLM3P1O$
Doména účtu: WORKGROUP
Přihlašovací ID: 0x3E7
Operace čtení: Vytvořit výčet přihlašovacích údajů

K této události dochází, když uživatel provede operaci čtení u uložených přihlašovacích údajů ve Správci přihlašovacích údajů.
Record Number: 760802
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20230830171113.958863-000
Event Type: Úspěšný audit
User:

Computer Name: DESKTOP-OLM3P1O
Event Code: 5379
Message: Přihlašovací údaje Správce přihlašovacích údajů byly přečteny.

Subjekt:
ID zabezpečení: S-1-5-18
Název účtu: DESKTOP-OLM3P1O$
Doména účtu: WORKGROUP
Přihlašovací ID: 0x3E7
Operace čtení: Vytvořit výčet přihlašovacích údajů

K této události dochází, když uživatel provede operaci čtení u uložených přihlašovacích údajů ve Správci přihlašovacích údajů.
Record Number: 760801
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20230830171113.958707-000
Event Type: Úspěšný audit
User:

Computer Name: DESKTOP-OLM3P1O
Event Code: 5379
Message: Přihlašovací údaje Správce přihlašovacích údajů byly přečteny.

Subjekt:
ID zabezpečení: S-1-5-18
Název účtu: DESKTOP-OLM3P1O$
Doména účtu: WORKGROUP
Přihlašovací ID: 0x3E7
Operace čtení: Vytvořit výčet přihlašovacích údajů

K této události dochází, když uživatel provede operaci čtení u uložených přihlašovacích údajů ve Správci přihlašovacích údajů.
Record Number: 760800
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20230830171113.958298-000
Event Type: Úspěšný audit
User:

Computer Name: DESKTOP-OLM3P1O
Event Code: 5379
Message: Přihlašovací údaje Správce přihlašovacích údajů byly přečteny.

Subjekt:
ID zabezpečení: S-1-5-18
Název účtu: DESKTOP-OLM3P1O$
Doména účtu: WORKGROUP
Přihlašovací ID: 0x3E7
Operace čtení: Vytvořit výčet přihlašovacích údajů

K této události dochází, když uživatel provede operaci čtení u uložených přihlašovacích údajů ve Správci přihlašovacích údajů.
Record Number: 760799
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20230830171113.958131-000
Event Type: Úspěšný audit
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"DriverData"=C:\Windows\System32\Drivers\DriverData
"NUMBER_OF_PROCESSORS"=8
"OS"=Windows_NT
"Path"=C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\php\php_runningversion;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit\;C:\Program Files\PuTTY\;c:\Users\admin\AppData\Local\Programs\Python\Python311\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\dotnet\;c:\Program Files\wkhtmltopdf\bin\;
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=AMD64
"PROCESSOR_IDENTIFIER"=Intel64 Family 6 Model 94 Stepping 3, GenuineIntel
"PROCESSOR_LEVEL"=6
"PROCESSOR_REVISION"=5e03
"PSModulePath"=%ProgramFiles%\WindowsPowerShell\Modules;%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%

-----------------EOF-----------------

[AndySue]

Logfile of random's system information tool 1.10 (written by random/random)
Run by admin at 2023-09-14 11:55:29
Microsoft Windows 10 Pro
System drive C: has 24 GB (5%) free of 487 GB
Total RAM: 32689 MB (17% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:55:34, on 14.09.2023
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Unable to get Internet Explorer version!
Boot mode: Normal

Running processes:
C:\Windows\System32\TiltWheelMouse.exe
C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\EasyPHP-DevServer-14.1VC11.exe
C:\Users\admin\Documents\INSTALL\Instalace 2016-10-23\hotkeyp\HotkeyP.exe
C:\PROGRA~2\EASYPH~1.1VC\binaries\apache\bin\eds-httpd.exe
C:\PROGRA~2\EASYPH~1.1VC\binaries\mysql\bin\eds-mysqld.exe
C:\Program Files (x86)\Autodesk\HSMWorks Distributed CAM\distributedcam.exe
C:\Program Files (x86)\Common Files\Manažer instalací SOLIDWORKS\BackgroundDownloading\sldBgDwld.exe
C:\Program Files (x86)\Acronis\DriveMonitor\adm_tray.exe
C:\Program Files (x86)\PSPad editor\PSPad.exe
C:\WINDOWS\SysWOW64\cmd.exe
C:\Program Files (x86)\Common Files\iMyFone\Components\Resident\MFResident.exe
C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\php\php_runningversion\php.exe
C:\PROGRA~2\EASYPH~1.1VC\binaries\apache\bin\eds-httpd.exe
C:\Program Files\trend micro\admin.exe
C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\php\php_runningversion\php.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: IEToEdge BHO - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\116.0.1938.76\BHO\ie_to_edge_bho.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O4 - HKLM\..\Run: [adm_tray.exe] C:\Program Files (x86)\Acronis\DriveMonitor\adm_tray.exe
O4 - HKCU\..\Run: [OneDrive] "C:\Users\admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [EasyPHP] "C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\EasyPHP-DevServer-14.1VC11.exe"
O4 - HKCU\..\Run: [HotkeyP] C:\Users\admin\Documents\INSTALL\Instalace 2016-10-23\hotkeyp\HotkeyP.exe 0
O4 - HKCU\..\Run: [GoogleDriveFS] "C:\Program Files\Google\Drive File Stream\80.0.1.0\GoogleDriveFS.exe" --startup_mode
O4 - HKCU\..\Run: [HSMWorks Distributed CAM] "C:\Program Files (x86)\Autodesk\HSMWorks Distributed CAM\distributedcam.exe"
O4 - HKCU\..\RunOnce: [Application Restart #2] C:\Program Files\Microsoft Visual Studio\2022\Community\Common7\IDE\devenv.exe "G:\Můj disk\#dev\SolidWorks\API\PartAnalysis\PartAnalysis\PartAnalysis.sln" /restartManager /recoveryFile "C:\Users\admin\AppData\Roaming\Microsoft\VisualStudio\17.0_f3f14e08\AutoRecoverDat\648028.dat;C:\Users\admin\AppData\Roaming\Microsoft\VisualStudio\17.0_f3f14e08\AutoRecoverDat\648028.suodat"
O4 - HKCU\..\RunOnce: [Delete Cached Update Binary] C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\admin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe"
O4 - HKCU\..\RunOnce: [Delete Cached Standalone Update Binary] C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\admin\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe"
O4 - HKCU\..\RunOnce: [Uninstall 23.153.0724.0003] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\admin\AppData\Local\Microsoft\OneDrive\23.153.0724.0003"
O4 - HKCU\..\RunOnce: [Uninstall 23.158.0730.0001\i386] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\admin\AppData\Local\Microsoft\OneDrive\23.158.0730.0001\i386"
O4 - HKCU\..\RunOnce: [Uninstall 23.158.0730.0001] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\admin\AppData\Local\Microsoft\OneDrive\23.158.0730.0001"
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [GoogleDriveFS] C:\Program Files\Google\Drive File Stream\80.0.1.0\GoogleDriveFS.exe --startup_mode (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-567959055-877555932-3223723616-1000\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'defaultuser0')
O4 - HKUS\S-1-5-21-567959055-877555932-3223723616-1000\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'defaultuser0')
O4 - HKUS\S-1-5-18\..\Run: [GoogleDriveFS] C:\Program Files\Google\Drive File Stream\80.0.1.0\GoogleDriveFS.exe --startup_mode (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [GoogleDriveFS] C:\Program Files\Google\Drive File Stream\80.0.1.0\GoogleDriveFS.exe --startup_mode (User 'Default user')
O4 - Startup: chrome – zástupce.lnk = C:\Program Files\Google\Chrome\Application\chrome.exe
O4 - Startup: EasyPHP-DevServer-14.1VC11.exe
O4 - Startup: LibreOffice 7.1.lnk = C:\Program Files\LibreOffice\program\quickstart.exe
O4 - Startup: thunderbird – zástupce.lnk = C:\Program Files\Mozilla Thunderbird\thunderbird.exe
O4 - Startup: TOTALCMD64 – zástupce.lnk = C:\Program Files\totalcmd\TOTALCMD64.EXE
O4 - Global Startup: Canon LBP2900 Status Window.lnk = C:\Windows\System32\spool\drivers\x64\3\CNAB4LAD.EXE
O4 - Global Startup: SOLIDWORKS 2016 Rychlé spuštění.lnk = ?
O4 - Global Startup: SOLIDWORKS Nástroj pro stahování na pozadí.lnk = ?
O9 - Extra button: @C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{b9f3719c-ace1-4167-aaa2-85c5dd728a98}: NameServer = 192.168.11.1,8.8.8.8
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Inc. - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Služba Vzdálené plochy Chrome (chromoting) - Google LLC - C:\Program Files (x86)\Google\Chrome Remote Desktop\116.0.5845.9\remoting_host.exe
O23 - Service: DTSInterops (CoordinatorServiceHost) - Dassault Systemes SolidWorks Corporation - C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS\swScheduler\DTSCoordinatorService.exe
O23 - Service: @%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100 (CredentialEnrollmentManagerUserSvc) - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: CredentialEnrollmentManagerUserSvc_a4f8c - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: FlexNet Licensing Service - Flexera Software LLC - C:\Program Files (x86)\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe
O23 - Service: FlexNet Licensing Service 64 - Flexera Software LLC - C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) (GoogleChromeElevationService) - Google LLC - C:\Program Files\Google\Chrome\Application\116.0.5845.188\elevation_service.exe
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP App Helper HSA Service (HPAppHelperCap) - HP Inc. - C:\Program Files\HP\HP Enabling Services\AppHelperCap.exe
O23 - Service: HP Diagnostics HSA Service (HPDiagsCap) - HP Inc. - C:\Program Files\HP\HP Enabling Services\DiagsCap.exe
O23 - Service: HP Network HSA Service (HPNetworkCap) - HP Inc. - C:\Program Files\HP\HP Enabling Services\NetworkCap.exe
O23 - Service: HP System Info HSA Service (HPSysInfoCap) - HP Inc. - C:\Program Files\HP\HP Enabling Services\SysInfoCap.exe
O23 - Service: Autodesk HSMWorks Distributed CAM Services (hsmworksdcs) - HSMWorks ApS http://www.hsmworks.com - C:\Program Files (x86)\Autodesk\HSMWorks Distributed CAM\camservices.exe
O23 - Service: @oem30.inf,%SocketHECIServiceName%;Intel(R) Capability Licensing Service TCP IP Interface (Intel(R) Capability Licensing Service TCP IP Interface) - Intel(R) Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_45efd8a6478e15ce\lib\SocketHeciServer.exe
O23 - Service: @oem30.inf,%TPMProvisioningServiceName%;Intel(R) TPM Provisioning Service (Intel(R) TPM Provisioning Service) - Intel(R) Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_45efd8a6478e15ce\lib\TPMProvisioningService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\lms.inf_amd64_9949412f65718dfe\LMS.exe
O23 - Service: MFLocalService - Unknown owner - C:\Program Files (x86)\Common Files\iMyFone\Components\Resident\LocalService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\nvwu.inf_amd64_c034505b1fb1d43e\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: NVWMI - NVIDIA Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\nvwu.inf_amd64_c034505b1fb1d43e\NVWMI\nvWmi64.exe
O23 - Service: @%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101 (perceptionsimulation) - Unknown owner - C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001 (Sense) - Unknown owner - C:\Program Files (x86)\Windows Defender Advanced Threat Protection\MsSense.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\WINDOWS\system32\SgrmBroker.exe (file missing)
O23 - Service: @firewallapi.dll,-50323 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: SolidWorks Licensing Service - SolidWorks - C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: SynTPEnh Caller Service (SynTPEnhService) - Synaptics Incorporated - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
O23 - Service: TeamViewer - TeamViewer Germany GmbH - C:\Program Files\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: VNC Server (vncserver) - RealVNC Ltd - C:\Program Files\RealVNC\VNC Server\vncserver.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: Intel(R) Management Engine WMI Provider Registration (WMIRegistrationService) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_670360bdb5a40a0d\WMIRegistrationService.exe
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: @oem25.inf,%OCServiceName%;XTUOCDriverService (XTU3SERVICE) - Intel(R) Corporation - C:\WINDOWS\SysWOW64\XtuService.exe

--
End of file - 16076 bytes

======Listing Processes======









C:\WINDOWS\system32\lsass.exe
winlogon.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p
"fontdrvhost.exe"
"fontdrvhost.exe"
C:\WINDOWS\system32\svchost.exe -k RPCSS -p
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p -s LSM
"dwm.exe"
C:\WINDOWS\System32\svchost.exe -k NetworkService -s TermService
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s NcbService
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s TimeBrokerSvc
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s Schedule
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s hidserv
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s ProfSvc
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s EventLog
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork -p
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s UserManager
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s lfsvc
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s nsi
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s Dhcp
C:\WINDOWS\System32\DriverStore\FileRepository\nvwu.inf_amd64_c034505b1fb1d43e\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvwu.inf_amd64_c034505b1fb1d43e\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s UmRdpService
C:\WINDOWS\System32\svchost.exe -k NetworkService -p -s NlaSvc
C:\WINDOWS\system32\svchost.exe -k netsvcs -s CertPropSvc
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s SysMain
C:\WINDOWS\System32\svchost.exe -k netsvcs -p -s Themes
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s EventSystem
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s DispBrokerDesktopSvc
C:\WINDOWS\System32\svchost.exe -k LocalService -p -s netprofm

C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s SENS
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s AudioEndpointBuilder
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s FontCache
C:\WINDOWS\System32\svchost.exe -k NetworkService -p -s LanmanWorkstation
C:\WINDOWS\system32\svchost.exe -k LocalService -p
C:\WINDOWS\System32\svchost.exe -k netsvcs -p -s SessionEnv
C:\WINDOWS\system32\svchost.exe -k NetworkService -p -s Dnscache
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
"C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe"
"C:\WINDOWS\System32\DriverStore\FileRepository\nvwu.inf_amd64_c034505b1fb1d43e\Display.NvContainer\NVDisplay.Container.exe" -f %ProgramData%\NVIDIA\DisplaySessionContainer%d.log -d C:\WINDOWS\System32\DriverStore\FileRepository\nvwu.inf_amd64_c034505b1fb1d43e\Display.NvContainer\plugins\Session -r -l 3 -p 30000 -cfg NVDisplay.ContainerLocalSystem\Session -c
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s Winmgmt
C:\WINDOWS\system32\svchost.exe -k appmodel -p -s StateRepository
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetworkFirewall -p
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\System32\svchost.exe -k netsvcs -p -s ShellHWDetection
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe -k NetSvcs -p -s iphlpsvc
C:\WINDOWS\system32\svchost.exe -k NetworkService -p -s CryptSvc
"C:\Program Files (x86)\Google\Chrome Remote Desktop\116.0.5845.9\remoting_host.exe" --type=daemon --host-config="C:\ProgramData\Google\Chrome Remote Desktop\host.json"
C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork -p -s DPS
"C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe"
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DeviceAssociationService
C:\WINDOWS\System32\svchost.exe -k utcsvc -p
"C:\Program Files\Bonjour\mDNSResponder.exe"
C:\WINDOWS\System32\svchost.exe -k NetworkService -p -s TapiSrv
"C:\Program Files (x86)\Common Files\iMyFone\Components\Resident\LocalService.exe"
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_45efd8a6478e15ce\lib\TPMProvisioningService.exe
C:\WINDOWS\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
C:\WINDOWS\System32\DriverStore\FileRepository\nvwu.inf_amd64_c034505b1fb1d43e\NVWMI\nvWmi64.exe
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s TrkWks
"C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe"
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s WpnService
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s LanmanServer
C:\WINDOWS\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_670360bdb5a40a0d\WMIRegistrationService.exe
C:\WINDOWS\SysWOW64\XtuService.exe
"C:\Program Files\RealVNC\VNC Server\vncserver.exe" -service
C:\WINDOWS\System32\DriverStore\FileRepository\lms.inf_amd64_9949412f65718dfe\LMS.exe
"C:\Program Files\TeamViewer\TeamViewer_Service.exe"
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s SstpSvc
C:\WINDOWS\System32\svchost.exe -k LocalService -p -s WdiServiceHost
dashost.exe {43c27e69-c6e7-47af-9cdba10fb3332ee1}
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SRSPS
"C:\Program Files\RealVNC\VNC Server\vncagent.exe" service RealVNC.SYSTEM.vncserver.vncagent.1849729121 -_hash 68c85152873a4e3b15ea25422ab4e364ca67749b78befdf959c0e8e5f347a78c
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Google\Chrome Remote Desktop\116.0.5845.9\remoting_host.exe" --type=host --mojo-pipe-token=6856711048477230187 --mojo-platform-channel-handle=796
C:\WINDOWS\System32\svchost.exe -k netsvcs -p -s Browser
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted -p -s PolicyAgent
dashost.exe {6ede9fbf-1f5d-4593-92b972229820b551}
C:\WINDOWS\system32\CNAB4RPD.EXE
sihost.exe
C:\Windows\System32\DriverStore\FileRepository\nvwu.inf_amd64_c034505b1fb1d43e\NVWMI\nvWmi64.exe -spawnprovider
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup -s CDPUserSvc
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup -s WpnUserService
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s TokenBroker
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s TabletInputService
"ctfmon.exe"
"C:\Program Files\RealVNC\VNC Server\vncserverui.exe" service -hash 74d52b417c6cc31d888cd5207e37d68822f9f9f44f3d756f5be7d7030062a10d RealVNC.SYSTEM.vncserver.vncpipehelper.1098763283
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s CDPSvc
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -s RmSvc
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s UsoSvc
C:\Windows\System32\mousocoreworker.exe -Embedding
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s PcaSvc
C:\WINDOWS\system32\svchost.exe -k ClipboardSvcGroup -p -s cbdhsvc
"C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe" -ServerName:App.AppXywbrabmsek0gm3tkwpr5kwzbs55tkqay.mca
"C:\Program Files\Google\Drive File Stream\79.0.2.0\crashpad_handler.exe" --database=C:\Users\admin\AppData\Local\Google\DriveFS\Crashpad --url=https://clients2.google.com/cr/report --annotation=application=Explorer.EXE --annotation=prod=DriveFS --annotation=ver=79.0.2.0 --initial-client-data=0x1a40,0x1a44,0x1a48,0x1a3c,0x1a4c,0x7ffdb6b3eff0,0x7ffdb6b3f000,0x7ffdb6b3f010
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files (x86)\Google\Update\1.3.36.292\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.36.292\GoogleCrashHandler64.exe"
"C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe" -ServerName:WindowsDefaultLockScreen.AppX7y4nbzq37zn4ks9k7amqjywdat7d3j2z.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s BthAvctpSvc
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\WINDOWS\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TextInputHost.exe" -ServerName:InputApp.AppXjd5de1g66v206tj52m9d0dtpppx4cgpn.mca
"C:\Windows\System32\SecurityHealthSystray.exe"

"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Windows\System32\TiltWheelMouse.exe"
"C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe"
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s Appinfo
"C:\Program Files\Highresolution Enterprises\X-Mouse Button Control\XMouseButtonControl.exe" /notportable /delay
C:\WINDOWS\System32\svchost.exe -k netsvcs -p -s BITS
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation -p -s SSDPSRV
"C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\EasyPHP-DevServer-14.1VC11.exe"
"C:\Users\admin\Documents\INSTALL\Instalace 2016-10-23\hotkeyp\HotkeyP.exe" 0
"C:\Program Files\Google\Drive File Stream\79.0.2.0\GoogleDriveFS.exe" --startup_mode
"C:\Program Files\Google\Drive File Stream\79.0.2.0\crashpad_handler.exe" --database=C:\Users\admin\AppData\Local\Google\DriveFS\Crashpad --url=https://clients2.google.com/cr/report --annotation=add_shortcut_menu=on --annotation=aggregation_interval_ms=0 --annotation=allow_multiple_smb_connections=off --annotation=allow_search=on --annotation=allow_url_parameter_when_opening_gdoc=off --annotation=anonymous_feedback_submit_api_key=AIzaSyCejQEszExWuVHsgk8YElDTlbbrhzeRISc --annotation=anonymous_feedback_submit_url=https://feedback-pa.googleapis.com/v1/f ... ous_submit --annotation=ask_to_copy_files_for_pending_uploads=on --annotation=bandwidth_throttling=on --annotation=browser_auth_wait_for_client_timeout_ms=300000 --annotation=cancel_com_calls=on --annotation=com_api_thread_stuck_threshold_sec=0 --annotation=confirm_quit_during_system_logout=off --annotation=context_menu_create_editor_files=off --annotation=context_menu_force_refresh_folder=on --annotation=context_menu_show_create_new_shared_drive_dialog=on --annotation=crash_oom_threshold_mb=1048576 --annotation=crash_throttle_percentage=0 --annotation=create_gsuite_file=on --annotation=current_drive_fs_version=79.0.2.0 --annotation=current_os_version=Windows/10.0.19045 --annotation=dedupe_interval_ms=2000 --annotation=deprecation_date=2024-07-31 --annotation=deprecation_warning_threshold=30 --annotation=directory_log_max_byte_size=104857600 --annotation=disable_non_static_file_provider_event_metrics=off --annotation=disable_unified_buffer_cache=off --annotation=dokan_set_internal_file_index=on --annotation=drive_dot=on --annotation=enable_curl_request_body_seek=on --annotation=enable_file_provider_migration=on --annotation=enable_metrics=on --annotation=enable_mirror_roots_context=on --annotation=enable_modern_feature_flags=on --annotation=enable_mount_in_sidebar_setting=on --annotation=enable_search_hot_key=on --annotation=encrypt_and_upload=off --annotation=encrypt_and_upload_folder=on --annotation=exception_enabled_apps=.* --annotation=file_provider_add_items_to_ws_on_listing=on --annotation=file_provider_create_existing_dir_id_succeeds=off --annotation=file_provider_create_existing_file_id_succeeds=off --annotation=file_provider_disable_movein_user_interaction=off --annotation=file_provider_disable_moveout_user_interaction=off --annotation=file_provider_disabled_notification_interval_mins=0 --annotation=file_provider_enable_deny_copy_activation_rule=on --annotation=file_provider_enable_deny_shared_drive_root_manipulation=on --annotation=file_provider_enable_ipc_root_symlink=on --annotation=file_provider_enable_read_ahead=off --annotation=file_provider_exclude_from_sync_direct_create_trash=off --annotation=file_provider_failover_for_home_dir_fs_type=on --annotation=file_provider_failover_for_invalid_euid=on --annotation=file_provider_handle_exact_existing_create_as_reimport=on --annotation=file_provider_min_partial_read_size=4294967296 --annotation=file_provider_mirror_switch_unpinned_item_batch_size=2000 --annotation=file_provider_notify_mount_point_changed=on --annotation=file_provider_notify_mount_point_changed_with_mirror=off --annotation=file_provider_pause_syncing_option=on --annotation=file_provider_quick_access_polling_interval_sec=43200 --annotation=file_provider_quit_grace_period_ms=0 --annotation=file_provider_remove_domain_flush_timeout_ms=300000 --annotation=file_provider_resume_network_interrupted_push=on --annotation=file_provider_retry_network_interrupted_fetch=on --annotation=file_provider_show_migration_notification_based_on_volume=on --annotation=file_provider_signal_failure_retry_schedule_ms=1000 --annotation=file_provider_upload_completion_on_activity_notification=off --annotation=file_revisions_file_provider=on --annotation=file_revisions_virtual_folder=on --annotation=fileprovider_signal_debounce_ms=250 --annotation=finish_syncing_files_option=on --annotation=force_file_provider_materialization=on --annotation=force_refresh_folder_normal_menu=off --annotation=gui_autostart_option=on --annotation=gui_reset_preferences_menu_option=on --annotation=include_user_email_in_feedback=on --annotation=inform_users_of_pending_uploads=on --annotation=instrument_http_client=on --annotation=local_file_reading_buffer_size=8388608 --annotation=logging_on_cello_thread_startup=off --annotation=mac_disk_arbitration_unmount=on --annotation=mac_smb_dialect_mode=0 --annotation=mac_smb_mount_by_ip=on --annotation=mac_smb_nobrowse=on --annotation=mac_smb_nodatacache=on --annotation=mac_smb_port=-1 --annotation=max_connection_idle_time_msec=600000 --annotation=max_core_restarts_after_db_corruption=10 --annotation=max_file_provider_ipc_connections=100 --annotation=max_metrics_per_event_code_per_batch=200 --annotation=max_status_source_locations_count_per_metric_event=3 --annotation=meet_live_stream_info_uri= --annotation=meet_outlook_addin=off --annotation=meet_uri=https://meetings.clients6.google.com/v1/spaces --annotation=metrics_store_reset_counter=0 --annotation=min_duration_hours_between_any_surveys=24 --annotation=min_duration_hours_between_same_surveys=720 --annotation=min_duration_seconds_wait_after_close_for_survey=30 --annotation=min_supported_os_version=6.2.0 --annotation=mojave_overlays_fix=off --annotation=multi_account_max_accounts=4 --annotation=nondownloadable_files_as_gdrive_files=on --annotation=nondownloadable_files_as_gdrive_files_file_provider=off --annotation=nondownloadable_files_as_gdrive_files_migration=on --annotation=num_metrics_batches_per_request=70 --annotation=osxfuse_lock_abort_test=off --annotation=osxfuse_process_blacklist=esets_daemon;scep_daemon --annotation=osxfuse_sched_flags_offset_override=4294967295 --annotation=osxfuse_sched_flags_offset_override_arm=4294967295 --annotation=outlook_addin=off --annotation=pause_syncing_option=on --annotation=persistent_smb_port_auto_selection=on --annotation=prod=DriveFS --annotation=read_only_mode=off --annotation=reconnected_nas_polling_interval_seconds=60 --annotation=replace_local_id_with_cloud_id_when_pushing_update=on --annotation=same_content_dedupe_interval_ms=600000 --annotation=seconds_per_metrics_batch=20 --annotation=share_dialog=on --annotation=show_bulk_actions_in_file_stats_dialog=off --annotation=show_live_stream_frame_in_outlook_onboarding=off --annotation=show_offline_files_menu_option=on --annotation=show_quick_access_in_search_dialog=on --annotation=slurp_poll_path_frequency_min=240 --annotation=smb_allowed=on --annotation=soon_to_be_min_supported_os_version=10.0.0 --annotation=soon_to_be_unsupported_os_learn_more=https://support.google.com/drive/answer/2375082 --annotation=special_folder_change_notification=on --annotation=spotlight_timestamp_fsctl_support=on --annotation=status_window_click_show_file_in_file_manager=on --annotation=structured_log_max_file_count=5 --annotation=structured_log_max_file_size_kbytes=2048 --annotation=structured_logging=on --annotation=support_status_notification=on --annotation=survey_api_key=AIzaSyAWGrfCCr7albM3lmCc937gx4uIphbpeKQ --annotation=survey_configurations= --annotation=survey_listnr_product_id=1633926 --annotation=survey_url=https://www.gstatic.com/drive-fs/survey.html --annotation=switchblade_dss=off --annotation=switchblade_on_websockets=on --annotation=thread_stuck_threshold_sec=0 --annotation=trim_parents_during_cloud_merge=on --annotation=trim_parents_during_commit=on --annotation=unlocked_mac_buf_unmap=on --annotation=unlocked_mac_getxattr_v2=off --annotation=upload_folder=off --annotation=use_cros_http_client=off --annotation=use_mac_fileprovider=off --annotation=use_moonshine=on --annotation=use_new_onboarding=off --annotation=ver=79.0.2.0 --annotation=windows_32_bit_unsupported_now=off --annotation=windows_32_bit_unsupported_soon=on --attachment=C:\Users\admin\AppData\Local\Google\DriveFS\Crashpad\account_features --initial-client-data=0x3b4,0x3b8,0x3bc,0x38c,0x3c0,0x7ff6ba52c588,0x7ff6ba52c598,0x7ff6ba52c5a8
C:\PROGRA~2\EASYPH~1.1VC\binaries\apache\bin\eds-httpd.exe
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\PROGRA~2\EASYPH~1.1VC\binaries\mysql\bin\eds-mysqld.exe --defaults-file="C:\PROGRA~2\EASYPH~1.1VC\binaries\mysql\my.ini" --language=english
"C:\Program Files (x86)\Autodesk\HSMWorks Distributed CAM\distributedcam.exe"
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s PhoneSvc
C:\WINDOWS\System32\svchost.exe -k LocalService -p -s LicenseManager
C:\WINDOWS\System32\svchost.exe -k netsvcs -p
"C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS\sldworks_fs.exe"
"C:\Program Files (x86)\Common Files\Manažer instalací SOLIDWORKS\BackgroundDownloading\sldBgDwld.exe" /launch_from 0
"C:\Program Files (x86)\Acronis\DriveMonitor\adm_tray.exe"
C:\Windows\System32\CompPkgSrv.exe -Embedding
"C:\Program Files\LibreOffice\program\soffice.exe" --quickstart
"C:\Program Files\LibreOffice\program\soffice.exe" "--quickstart" "-env:OOO_CWD=2C:\\Program Files\\LibreOffice\\program"
"C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding
C:\Windows\System32\oobe\UserOOBEBroker.exe -Embedding
C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s StorSvc


C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s DsSvc
"C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.22091.10041.0_x64__8wekyb3d8bbwe\Video.UI.exe" -ServerName:Microsoft.ZuneVideo.AppX758ya5sqdjd98rx6z7g95nw6jy7bqx9y.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2023.10070.17002.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe" -ServerName:App.AppXzst44mncqdg84v7sv6p7yznqwssy6f7f.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\system32\svchost.exe -k DevicesFlow -s DevicesFlowUserSvc
C:\WINDOWS\system32\svchost.exe -k DevicesFlow -s DevicePickerUserSvc
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s WFDSConMgrSvc
C:\WINDOWS\system32\DllHost.exe /Processid:{B21858C6-9711-4257-99C8-5C0084BEBCE1}
dashost.exe {6f95cdb9-5bb1-4c6a-bf3f8236ce0fd5c5}
/QuitInfo:0000000000000260;0000000000000254;
"C:\Program Files\Google\Drive File Stream\79.0.2.0\crashpad_handler.exe" --database=C:\Users\admin\AppData\Local\Google\DriveFS\Crashpad --url=https://clients2.google.com/cr/report --annotation=application=soffice.bin --annotation=prod=DriveFS --annotation=ver=79.0.2.0 --initial-client-data=0xca8,0x1134,0x1138,0x1054,0x1144,0x7ffdb6b3eff0,0x7ffdb6b3f000,0x7ffdb6b3f010
C:\WINDOWS\system32\DllHost.exe /Processid:{973D20D7-562D-44B9-B70B-5A0F49CCDF3F}
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DisplayEnhancementService
C:\WINDOWS\system32\svchost.exe -k WbioSvcGroup -s WbioSrvc
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-686b90d1-d255-4a38-bcc5-5ff3c03b0c81 -SystemEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-edea93e7-eb9e-4835-95f3-e35c391f2ae5 -IoCancelEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-111f4c97-7c7c-4762-8262-8fdef3abfd30 -NonStateChangingEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-de152e32-741f-49b8-91b5-1a5d3ade8c5b -LifetimeId:c5278f57-d90e-44a1-940d-5771ad7398e2 -DeviceGroupId:WpdFsGroup -HostArg:0
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
C:\WINDOWS\system32\svchost.exe -k PrintWorkflow -s PrintWorkflowUserSvc
"C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS\sldworks.exe"
"C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS\sldProcMon.exe" --ppid=862720
"C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe"
"C:\Program Files\Google\Drive File Stream\80.0.1.0\crashpad_handler.exe" --database=C:\Users\admin\AppData\Local\Google\DriveFS\Crashpad --url=https://clients2.google.com/cr/report --annotation=application=sldworks.exe --annotation=prod=DriveFS --annotation=ver=80.0.1.0 --initial-client-data=0x20f4,0x20c8,0x2094,0x20b0,0x20b8,0x7ffd351ae470,0x7ffd351ae480,0x7ffd351ae490
C:\Windows\System32\RuntimeBroker.exe -Embedding
taskhostw.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s AppMgmt
"C:\Program Files\Google\Drive File Stream\80.0.1.0\GoogleDriveFS.exe" --crash_handler_token=\\.\pipe\crashpad_11596_FDMKZFWFOAZHVBVT --parent_version=79.0.2.0 --startup_mode
"C:\Program Files\Google\Drive File Stream\80.0.1.0\crashpad_handler.exe" --database=C:\Users\admin\AppData\Local\Google\DriveFS\Crashpad --url=https://clients2.google.com/cr/report --annotation=add_shortcut_menu=on --annotation=aggregation_interval_ms=0 --annotation=allow_multiple_smb_connections=off --annotation=allow_search=on --annotation=allow_url_parameter_when_opening_gdoc=off --annotation=anonymous_feedback_submit_api_key=AIzaSyCejQEszExWuVHsgk8YElDTlbbrhzeRISc --annotation=anonymous_feedback_submit_url=https://feedback-pa.googleapis.com/v1/f ... ous_submit --annotation=ask_to_copy_files_for_pending_uploads=on --annotation=bandwidth_throttling=on --annotation=browser_auth_wait_for_client_timeout_ms=300000 --annotation=cancel_com_calls=on --annotation=com_api_thread_stuck_threshold_sec=0 --annotation=confirm_quit_during_system_logout=off --annotation=context_menu_create_editor_files=off --annotation=context_menu_force_refresh_folder=on --annotation=context_menu_show_create_new_shared_drive_dialog=on --annotation=crash_oom_threshold_mb=1048576 --annotation=crash_throttle_percentage=0 --annotation=create_gsuite_file=on --annotation=current_drive_fs_version=80.0.1.0 --annotation=current_os_version=Windows/10.0.19045 --annotation=dedupe_interval_ms=2000 --annotation=deprecation_date=2024-08-22 --annotation=deprecation_warning_threshold=30 --annotation=directory_log_max_byte_size=104857600 --annotation=disable_non_static_file_provider_event_metrics=off --annotation=disable_unified_buffer_cache=off --annotation=dokan_set_internal_file_index=on --annotation=drive_dot=on --annotation=enable_curl_request_body_seek=on --annotation=enable_file_provider_migration=on --annotation=enable_metrics=on --annotation=enable_mirror_roots_context=on --annotation=enable_mount_in_sidebar_setting=on --annotation=enable_search_hot_key=on --annotation=encrypt_and_upload=off --annotation=encrypt_and_upload_folder=on --annotation=exception_enabled_apps=.* --annotation=file_provider_add_items_to_ws_on_listing=on --annotation=file_provider_create_existing_dir_id_succeeds=off --annotation=file_provider_create_existing_file_id_succeeds=off --annotation=file_provider_disable_movein_user_interaction=off --annotation=file_provider_disable_moveout_user_interaction=off --annotation=file_provider_disabled_notification_interval_mins=0 --annotation=file_provider_enable_deny_copy_activation_rule=on --annotation=file_provider_enable_deny_shared_drive_root_manipulation=on --annotation=file_provider_enable_ipc_root_symlink=on --annotation=file_provider_enable_read_ahead=off --annotation=file_provider_exclude_from_sync_direct_create_trash=off --annotation=file_provider_failover_for_home_dir_fs_type=on --annotation=file_provider_failover_for_invalid_euid=on --annotation=file_provider_handle_exact_existing_create_as_reimport=on --annotation=file_provider_max_retry_backoff_per_api_call_ms=30000 --annotation=file_provider_min_partial_read_size=4294967296 --annotation=file_provider_mirror_switch_unpinned_item_batch_size=2000 --annotation=file_provider_notify_mount_point_changed=on --annotation=file_provider_notify_mount_point_changed_with_mirror=off --annotation=file_provider_pause_syncing_option=on --annotation=file_provider_quick_access_polling_interval_sec=43200 --annotation=file_provider_quit_grace_period_ms=0 --annotation=file_provider_remove_domain_flush_timeout_ms=300000 --annotation=file_provider_resume_network_interrupted_push=on --annotation=file_provider_retry_network_interrupted_fetch=on --annotation=file_provider_show_migration_notification_based_on_volume=on --annotation=file_provider_upload_completion_on_activity_notification=off --annotation=file_revisions_file_provider=on --annotation=file_revisions_virtual_folder=on --annotation=fileprovider_signal_debounce_ms=250 --annotation=finish_syncing_files_option=on --annotation=force_file_provider_materialization=on --annotation=force_refresh_folder_normal_menu=off --annotation=gui_autostart_option=on --annotation=gui_reset_preferences_menu_option=on --annotation=include_user_email_in_feedback=on --annotation=inform_users_of_pending_uploads=on --annotation=instrument_http_client=on --annotation=local_file_reading_buffer_size=8388608 --annotation=logging_on_cello_thread_startup=off --annotation=mac_disk_arbitration_unmount=on --annotation=mac_smb_dialect_mode=0 --annotation=mac_smb_mount_by_ip=on --annotation=mac_smb_nobrowse=on --annotation=mac_smb_nodatacache=on --annotation=mac_smb_port=-1 --annotation=max_connection_idle_time_msec=600000 --annotation=max_core_restarts_after_db_corruption=10 --annotation=max_file_provider_ipc_connections=100 --annotation=max_metrics_per_event_code_per_batch=200 --annotation=max_status_source_locations_count_per_metric_event=3 --annotation=meet_live_stream_info_uri= --annotation=meet_outlook_addin=off --annotation=meet_uri=https://meetings.clients6.google.com/v1/spaces --annotation=metrics_store_reset_counter=0 --annotation=min_duration_hours_between_any_surveys=24 --annotation=min_duration_hours_between_same_surveys=720 --annotation=min_duration_seconds_wait_after_close_for_survey=30 --annotation=min_supported_os_version=10.0.0 --annotation=mojave_overlays_fix=off --annotation=multi_account_max_accounts=4 --annotation=nondownloadable_files_as_gdrive_files=on --annotation=nondownloadable_files_as_gdrive_files_file_provider=off --annotation=nondownloadable_files_as_gdrive_files_migration=on --annotation=num_metrics_batches_per_request=70 --annotation=osxfuse_lock_abort_test=off --annotation=osxfuse_process_blacklist=esets_daemon;scep_daemon --annotation=osxfuse_sched_flags_offset_override=4294967295 --annotation=osxfuse_sched_flags_offset_override_arm=4294967295 --annotation=outlook_addin=off --annotation=pause_syncing_option=on --annotation=persistent_smb_port_auto_selection=on --annotation=photos_check_apl_icloud_import=off --annotation=prod=DriveFS --annotation=read_only_mode=off --annotation=reconnected_nas_polling_interval_seconds=60 --annotation=replace_local_id_with_cloud_id_when_pushing_update=on --annotation=same_content_dedupe_interval_ms=600000 --annotation=seconds_per_metrics_batch=20 --annotation=share_dialog=on --annotation=show_bulk_actions_in_file_stats_dialog=off --annotation=show_live_stream_frame_in_outlook_onboarding=off --annotation=show_offline_files_menu_option=on --annotation=show_quick_access_in_search_dialog=on --annotation=slurp_poll_path_frequency_min=240 --annotation=smb_allowed=on --annotation=soon_to_be_min_supported_os_version=10.0.0 --annotation=soon_to_be_unsupported_os_learn_more=https://support.google.com/drive/answer/2375082 --annotation=special_folder_change_notification=on --annotation=spotlight_timestamp_fsctl_support=on --annotation=status_window_click_show_file_in_file_manager=on --annotation=structured_log_max_file_count=5 --annotation=structured_log_max_file_size_kbytes=2048 --annotation=structured_logging=on --annotation=support_status_notification=on --annotation=survey_api_key=AIzaSyAWGrfCCr7albM3lmCc937gx4uIphbpeKQ --annotation=survey_configurations= --annotation=survey_listnr_product_id=1633926 --annotation=survey_url=https://www.gstatic.com/drive-fs/survey.html --annotation=switchblade_dss=off --annotation=switchblade_on_websockets=on --annotation=thread_stuck_threshold_sec=0 --annotation=throttling_algorithm=0 --annotation=trim_parents_during_cloud_merge=on --annotation=trim_parents_during_commit=on --annotation=unlocked_mac_buf_unmap=on --annotation=unlocked_mac_getxattr_v2=off --annotation=upload_folder=off --annotation=use_cros_http_client=off --annotation=use_mac_fileprovider=off --annotation=use_moonshine=on --annotation=use_new_onboarding=off --annotation=ver=80.0.1.0 --annotation=windows_32_bit_unsupported_now=on --annotation=windows_32_bit_unsupported_soon=on --attachment=C:\Users\admin\AppData\Local\Google\DriveFS\Crashpad\account_features --initial-client-data=0x394,0x398,0x39c,0xa4,0x3a0,0x7ff76d122898,0x7ff76d1228a8,0x7ff76d1228b8
"C:\Program Files\Google\Drive File Stream\80.0.1.0\GoogleDriveFS.exe" --type=gpu-process --no-sandbox --log-severity=info --lang=cs --user-data-dir="C:\Users\admin\AppData\Local\CEF\User Data" --gpu-preferences=UAAAAAAAAADgACAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --log-file="C:\Users\admin\AppData\Local\Google\DriveFS\Logs\chrome_debug.log" --mojo-platform-channel-handle=1668 --field-trial-handle=1688,i,15673751252191192839,10534243368912857519,131072 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,WinUseBrowserSpellChecker /prefetch:2
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files\Google\Drive File Stream\80.0.1.0\GoogleDriveFS.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=cs --service-sandbox-type=utility --no-sandbox --log-severity=info --lang=cs --user-data-dir="C:\Users\admin\AppData\Local\CEF\User Data" --log-file="C:\Users\admin\AppData\Local\Google\DriveFS\Logs\chrome_debug.log" --mojo-platform-channel-handle=2080 --field-trial-handle=1688,i,15673751252191192839,10534243368912857519,131072 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,WinUseBrowserSpellChecker /prefetch:8
"C:\Program Files\Google\Drive File Stream\80.0.1.0\GoogleDriveFS.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=cs --service-sandbox-type=none --no-sandbox --log-severity=info --lang=cs --user-data-dir="C:\Users\admin\AppData\Local\CEF\User Data" --log-file="C:\Users\admin\AppData\Local\Google\DriveFS\Logs\chrome_debug.log" --mojo-platform-channel-handle=2116 --field-trial-handle=1688,i,15673751252191192839,10534243368912857519,131072 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,WinUseBrowserSpellChecker /prefetch:8
"C:\Program Files\Google\Drive File Stream\80.0.1.0\GoogleDriveFS.exe" --type=renderer --log-severity=info --user-data-dir="C:\Users\admin\AppData\Local\CEF\User Data" --first-renderer-process --no-sandbox --log-file="C:\Users\admin\AppData\Local\Google\DriveFS\Logs\chrome_debug.log" --lang=cs --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --launch-time-ticks=1200460180233 --mojo-platform-channel-handle=2476 --field-trial-handle=1688,i,15673751252191192839,10534243368912857519,131072 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,WinUseBrowserSpellChecker /prefetch:1
"C:\Program Files\Google\Drive File Stream\80.0.1.0\GoogleDriveFS.exe" --type=renderer --log-severity=info --user-data-dir="C:\Users\admin\AppData\Local\CEF\User Data" --no-sandbox --log-file="C:\Users\admin\AppData\Local\Google\DriveFS\Logs\chrome_debug.log" --lang=cs --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --launch-time-ticks=1200460190383 --mojo-platform-channel-handle=2492 --field-trial-handle=1688,i,15673751252191192839,10534243368912857519,131072 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,WinUseBrowserSpellChecker /prefetch:1
"C:\Windows\ImmersiveControlPanel\SystemSettings.exe" -ServerName:microsoft.windows.immersivecontrolpanel
"C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe" -c
"C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe" -c --type=collab-renderer --proc=1003360
"C:\Program Files\totalcmd\TOTALCMD64.EXE"


"C:\Program Files\Google\Drive File Stream\80.0.1.0\crashpad_handler.exe" --database=C:\Users\admin\AppData\Local\Google\DriveFS\Crashpad --url=https://clients2.google.com/cr/report --annotation=application=TOTALCMD64.EXE --annotation=prod=DriveFS --annotation=ver=80.0.1.0 --initial-client-data=0xd44,0xd48,0xd4c,0xd40,0xd50,0x7ffd351ae470,0x7ffd351ae480,0x7ffd351ae490
"C:\Program Files (x86)\PSPad editor\PSPad.exe" "D:\ZÁLOHOVÁNÍ\www\www.rebelsracing.cz\www\!connection\connection.php"
C:\WINDOWS\system32\DllHost.exe /Processid:{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s WinHttpAutoProxySvc
/updateInstalled /background
"C:\Program Files\Mozilla Thunderbird\thunderbird.exe"
"C:\Program Files\Mozilla Thunderbird\thunderbird.exe" -contentproc --channel="1527284.0.1064596370\159179479" -parentBuildID 20230826133440 -prefsHandle 1768 -prefMapHandle 1760 -prefsLen 37278 -prefMapSize 271837 -appDir "C:\Program Files\Mozilla Thunderbird" - 1527284 "\\.\pipe\gecko-crash-server-pipe.1527284" 1848 1e9a9341f48 gpu
"C:\Program Files\Mozilla Thunderbird\thunderbird.exe" -contentproc --channel="1527284.1.965551762\1260122117" -childID 1 -isForBrowser -prefsHandle 2644 -prefMapHandle 2640 -prefsLen 37582 -prefMapSize 271837 -jsInitHandle 1352 -jsInitLen 277276 -parentBuildID 20230826133440 -win32kLockedDown -appDir "C:\Program Files\Mozilla Thunderbird" - 1527284 "\\.\pipe\gecko-crash-server-pipe.1527284" 2656 1e9afbe6848 tab
"C:\Program Files\Mozilla Thunderbird\thunderbird.exe" -contentproc --channel="1527284.2.1385863644\2072811739" -childID 2 -isForBrowser -prefsHandle 3472 -prefMapHandle 3468 -prefsLen 37620 -prefMapSize 271837 -jsInitHandle 1352 -jsInitLen 277276 -parentBuildID 20230826133440 -win32kLockedDown -appDir "C:\Program Files\Mozilla Thunderbird" - 1527284 "\\.\pipe\gecko-crash-server-pipe.1527284" 3420 1e9b2f29e48 tab
"C:\Program Files\Google\Drive File Stream\80.0.1.0\crashpad_handler.exe" --database=C:\Users\admin\AppData\Local\Google\DriveFS\Crashpad --url=https://clients2.google.com/cr/report --annotation=application=thunderbird.exe --annotation=prod=DriveFS --annotation=ver=80.0.1.0 --initial-client-data=0x1d58,0x1d5c,0x1d60,0x1d54,0x640,0x7ffd351ae470,0x7ffd351ae480,0x7ffd351ae490
"C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_11.2307.4.0_x64__8wekyb3d8bbwe\CalculatorApp.exe" -ServerName:App.AppXjvs2nbwryyqjz1h8d8v70f70g3rgdcyb.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
taskhostw.exe
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s lmhosts
"C:\WINDOWS\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe" -ServerName:CortanaUI.AppX8z9r6jm96hw4bsbneegw0kyxx296wr9t.mca
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\HP\HP Enabling Services\SysInfoCap.exe"
"C:\Program Files\HP\HP Enabling Services\AppHelperCap.exe"
"C:\Program Files\HP\HP Enabling Services\NetworkCap.exe"
"C:\Program Files\HP\HP Enabling Services\DiagsCap.exe"
"C:\Program Files\HP\HP Enabling Services\BridgeCommunication.exe" 10a8f227-5d2d-4ee2-b9c8-175a06f35388 Global\4024748f-1df2-4a2e-9536-a60698b4de33 1784
"C:\Program Files\Google\Chrome\Application\chrome.exe"
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=116.0.5845.180 --initial-client-data=0x1fc,0x200,0x204,0x1d8,0x208,0x7ffd8cd74dc0,0x7ffd8cd74dd0,0x7ffd8cd74de0
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --mojo-platform-channel-handle=2024 --field-trial-handle=2000,i,13885713995765823684,5563492961799358449,262144 /prefetch:2
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=cs --service-sandbox-type=none --mojo-platform-channel-handle=2212 --field-trial-handle=2000,i,13885713995765823684,5563492961799358449,262144 /prefetch:8
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=cs --service-sandbox-type=service --mojo-platform-channel-handle=2368 --field-trial-handle=2000,i,13885713995765823684,5563492961799358449,262144 /prefetch:8
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --origin-trial-disabled-features=WebGPU --first-renderer-process --lang=cs --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --time-ticks-at-unix-epoch=-1692100720803938 --launch-time-ticks=2313481096979 --mojo-platform-channel-handle=3204 --field-trial-handle=2000,i,13885713995765823684,5563492961799358449,262144 /prefetch:1
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --origin-trial-disabled-features=WebGPU --lang=cs --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --time-ticks-at-unix-epoch=-1692100720803938 --launch-time-ticks=2313481569314 --mojo-platform-channel-handle=4484 --field-trial-handle=2000,i,13885713995765823684,5563492961799358449,262144 /prefetch:1
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --origin-trial-disabled-features=WebGPU --lang=cs --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --time-ticks-at-unix-epoch=-1692100720803938 --launch-time-ticks=2313481743941 --mojo-platform-channel-handle=4880 --field-trial-handle=2000,i,13885713995765823684,5563492961799358449,262144 /prefetch:1
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --origin-trial-disabled-features=WebGPU --lang=cs --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --time-ticks-at-unix-epoch=-1692100720803938 --launch-time-ticks=2313481937762 --mojo-platform-channel-handle=5416 --field-trial-handle=2000,i,13885713995765823684,5563492961799358449,262144 /prefetch:1
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --origin-trial-disabled-features=WebGPU --lang=cs --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --time-ticks-at-unix-epoch=-1692100720803938 --launch-time-ticks=2313482128247 --mojo-platform-channel-handle=5792 --field-trial-handle=2000,i,13885713995765823684,5563492961799358449,262144 /prefetch:1
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --origin-trial-disabled-features=WebGPU --lang=cs --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --time-ticks-at-unix-epoch=-1692100720803938 --launch-time-ticks=2313482220982 --mojo-platform-channel-handle=5924 --field-trial-handle=2000,i,13885713995765823684,5563492961799358449,262144 /prefetch:1
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --origin-trial-disabled-features=WebGPU --lang=cs --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --time-ticks-at-unix-epoch=-1692100720803938 --launch-time-ticks=2313482491261 --mojo-platform-channel-handle=5992 --field-trial-handle=2000,i,13885713995765823684,5563492961799358449,262144 /prefetch:1
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --origin-trial-disabled-features=WebGPU --lang=cs --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --time-ticks-at-unix-epoch=-1692100720803938 --launch-time-ticks=2313482506243 --mojo-platform-channel-handle=6216 --field-trial-handle=2000,i,13885713995765823684,5563492961799358449,262144 /prefetch:1
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --origin-trial-disabled-features=WebGPU --lang=cs --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --time-ticks-at-unix-epoch=-1692100720803938 --launch-time-ticks=2313482532489 --mojo-platform-channel-handle=6416 --field-trial-handle=2000,i,13885713995765823684,5563492961799358449,262144 /prefetch:1
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --extension-process --origin-trial-disabled-features=WebGPU --lang=cs --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --time-ticks-at-unix-epoch=-1692100720803938 --launch-time-ticks=2313483177306 --mojo-platform-channel-handle=6704 --field-trial-handle=2000,i,13885713995765823684,5563492961799358449,262144 /prefetch:1
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --extension-process --origin-trial-disabled-features=WebGPU --lang=cs --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --time-ticks-at-unix-epoch=-1692100720803938 --launch-time-ticks=2313483816605 --mojo-platform-channel-handle=7136 --field-trial-handle=2000,i,13885713995765823684,5563492961799358449,262144 /prefetch:1
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --extension-process --origin-trial-disabled-features=WebGPU --lang=cs --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --time-ticks-at-unix-epoch=-1692100720803938 --launch-time-ticks=2313484680327 --mojo-platform-channel-handle=7532 --field-trial-handle=2000,i,13885713995765823684,5563492961799358449,262144 /prefetch:1
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --extension-process --origin-trial-disabled-features=WebGPU --lang=cs --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --time-ticks-at-unix-epoch=-1692100720803938 --launch-time-ticks=2313485338523 --mojo-platform-channel-handle=7896 --field-trial-handle=2000,i,13885713995765823684,5563492961799358449,262144 /prefetch:1
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --extension-process --origin-trial-disabled-features=WebGPU --lang=cs --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --time-ticks-at-unix-epoch=-1692100720803938 --launch-time-ticks=2313485574319 --mojo-platform-channel-handle=8076 --field-trial-handle=2000,i,13885713995765823684,5563492961799358449,262144 /prefetch:1
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --origin-trial-disabled-features=WebGPU --lang=cs --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --time-ticks-at-unix-epoch=-1692100720803938 --launch-time-ticks=2313486957703 --mojo-platform-channel-handle=6688 --field-trial-handle=2000,i,13885713995765823684,5563492961799358449,262144 /prefetch:1
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=cs --service-sandbox-type=audio --mojo-platform-channel-handle=8220 --field-trial-handle=2000,i,13885713995765823684,5563492961799358449,262144 /prefetch:8
"C:\Program Files\HP\HP Enabling Services\BridgeCommunication.exe" 4d907680-72c3-42b0-b573-6a905ee481cf Global\b2aa7672-eba1-4058-ad50-0e2006847371 2608
\??\C:\WINDOWS\system32\conhost.exe 0x4
python imap_syncro.py
C:\WINDOWS\SYSTEM32\cmd.exe /c ""C:\Users\admin\Documents\www\www.admin.loc\system\Python\imap_syncro.bat""
\??\C:\WINDOWS\system32\conhost.exe 0x4
python imap_syncro.py
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --origin-trial-disabled-features=WebGPU --lang=cs --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=818 --time-ticks-at-unix-epoch=-1692100720803938 --launch-time-ticks=2406438818086 --mojo-platform-channel-handle=13696 --field-trial-handle=2000,i,13885713995765823684,5563492961799358449,262144 /prefetch:1
"C:\Program Files\WindowsApps\Microsoft.YourPhone_1.23072.150.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe" -Restart:{DE30DDAC-F7A1-45DC-AB67-4E903016CF50}
"C:\Program Files\WindowsApps\Microsoft.YourPhone_1.23072.150.0_x64__8wekyb3d8bbwe\YourPhoneAppProxy.exe" "PreProcess" "Microsoft.YourPhone.PreProcess"
C:\Windows\System32\RuntimeBroker.exe -Embedding
%systemroot%\system32\MusNotifyIcon.exe NotifyTrayIcon 9
cmd.exe /c "python "C:\Users\admin\Documents\www\www.admin.loc\modules\manufacture\system\Python\read_scales.py" > NUL"
\??\C:\WINDOWS\system32\conhost.exe 0x4
python "C:\Users\admin\Documents\www\www.admin.loc\modules\manufacture\system\Python\read_scales.py"
C:\WINDOWS\SYSTEM32\cmd.exe /c ""C:\Users\admin\Documents\www\www.admin.loc\system\Python\imap_syncro.bat""
\??\C:\WINDOWS\system32\conhost.exe 0x4
python imap_syncro.py
"C:/Program Files (x86)/Common Files/iMyFone/Components/Resident/MFResident.exe"
C:\WINDOWS\SYSTEM32\cmd.exe /c ""C:\Users\admin\Documents\www\www.admin.loc\system\BAT\machines_log_loop.bat""
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\WINDOWS\SYSTEM32\cmd.exe /c ""C:\Users\admin\Documents\www\www.admin.loc\system\BAT\update_company_loop.bat""
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\php\php_runningversion\php.exe" -f update_company_loop.php -c "C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\php\php_runningversion\php.ini"
C:\PROGRA~2\EASYPH~1.1VC\binaries\apache\bin\eds-httpd.exe -d "C:/Program Files (x86)/EasyPHP-DevServer-14.1VC11/binaries/apache"
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s WdiSystemHost
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --origin-trial-disabled-features=WebGPU --lang=cs --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=2637 --time-ticks-at-unix-epoch=-1692100720803938 --launch-time-ticks=2583149806330 --mojo-platform-channel-handle=14472 --field-trial-handle=2000,i,13885713995765823684,5563492961799358449,262144 /prefetch:1
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --origin-trial-disabled-features=WebGPU --lang=cs --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=2685 --time-ticks-at-unix-epoch=-1692100720803938 --launch-time-ticks=2583217467612 --mojo-platform-channel-handle=8740 --field-trial-handle=2000,i,13885713995765823684,5563492961799358449,262144 /prefetch:1
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\AUDIODG.EXE 0x5d4
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe63_ Global\UsGthrCtrlFltPipeMssGthrPipe63 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --extension-process --origin-trial-disabled-features=WebGPU --lang=cs --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=2705 --time-ticks-at-unix-epoch=-1692100720803938 --launch-time-ticks=2584010387843 --mojo-platform-channel-handle=11192 --field-trial-handle=2000,i,13885713995765823684,5563492961799358449,262144 /prefetch:1
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --origin-trial-disabled-features=WebGPU --lang=cs --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=2706 --time-ticks-at-unix-epoch=-1692100720803938 --launch-time-ticks=2584013457714 --mojo-platform-channel-handle=15716 --field-trial-handle=2000,i,13885713995765823684,5563492961799358449,262144 /prefetch:1
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --origin-trial-disabled-features=WebGPU --lang=cs --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=2712 --time-ticks-at-unix-epoch=-1692100720803938 --launch-time-ticks=2584289947780 --mojo-platform-channel-handle=9036 --field-trial-handle=2000,i,13885713995765823684,5563492961799358449,262144 /prefetch:1
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --origin-trial-disabled-features=WebGPU --lang=cs --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=2713 --time-ticks-at-unix-epoch=-1692100720803938 --launch-time-ticks=2584292625394 --mojo-platform-channel-handle=4740 --field-trial-handle=2000,i,13885713995765823684,5563492961799358449,262144 /prefetch:1
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --origin-trial-disabled-features=WebGPU --lang=cs --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=2714 --time-ticks-at-unix-epoch=-1692100720803938 --launch-time-ticks=2584293921112 --mojo-platform-channel-handle=9792 --field-trial-handle=2000,i,13885713995765823684,5563492961799358449,262144 /prefetch:1
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --origin-trial-disabled-features=WebGPU --lang=cs --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=2717 --time-ticks-at-unix-epoch=-1692100720803938 --launch-time-ticks=2584313853336 --mojo-platform-channel-handle=4504 --field-trial-handle=2000,i,13885713995765823684,5563492961799358449,262144 /prefetch:1
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-567959055-877555932-3223723616-100165_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-567959055-877555932-3223723616-100165 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "1"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 800 804 812 8192 808 784
C:\WINDOWS\system32\wbem\WmiApSrv.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Windows\System32\smartscreen.exe -Embedding
"C:\Users\admin\Desktop\OSTATNÍ\VIRY.cz\RSITx64.exe"
"C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\php\php_runningversion\php.exe" -f "c:\Users\admin\Documents\www\www.admin.loc\modules\manufacture\require\b35e_cmd.php" -c "C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\php\php_runningversion\php.ini"

=========Mozilla firefox=========

ProfilePath - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\iQsF42px.default

prefs.js - "browser.startup.homepage" - "http://localhost/www.admin.loc/index.ph ... document=1"
prefs.js - "keyword.URL" - "http://www.bing.com/search?FORM=SK216DF&PC=SK216&q="

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\3ds.com/ComposerPlayerWebPlugin]
"Description"=
"Path"=C:\PROGRA~1\SOLIDW~1\SOLIDW~3\Bin\x86\NPCOMP~1.DLL


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\3ds.com/ComposerPlayerWebPlugin_x86_64]
"Description"=
"Path"=C:\PROGRA~1\SOLIDW~1\SOLIDW~3\Bin\NPCOMP~1.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=3.0.16]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Acrobat]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll


C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\iQsF42px.default\searchplugins\
bing-.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}]
IEToEdge BHO - C:\Program Files (x86)\Microsoft\Edge\Application\116.0.1938.76\BHO\ie_to_edge_bho_64.dll [2023-09-07 587816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2023-08-25 439160]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}]
IEToEdge BHO - C:\Program Files (x86)\Microsoft\Edge\Application\116.0.1938.76\BHO\ie_to_edge_bho.dll [2023-09-07 456232]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2023-08-25 414584]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\WINDOWS\system32\SecurityHealthSystray.exe [2019-12-07 86016]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2019-03-04 18391120]
"MouseDriver"=C:\WINDOWS\system32\TiltWheelMouse.exe [2013-04-09 241152]
"Acronis Scheduler2 Service"=C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [2009-10-27 462328]
"XMouseButtonControl"=C:\Program Files\Highresolution Enterprises\X-Mouse Button Control\XMouseButtonControl.exe [2023-06-24 1738088]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"=C:\Users\admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2023-09-07 2607632]
"EasyPHP"=C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\EasyPHP-DevServer-14.1VC11.exe [2014-01-09 279552]
"HotkeyP"=C:\Users\admin\Documents\INSTALL\Instalace 2016-10-23\hotkeyp\HotkeyP.exe [2012-11-20 147456]
"GoogleDriveFS"=C:\Program Files\Google\Drive File Stream\80.0.1.0\GoogleDriveFS.exe [2023-08-28 55747872]
"HSMWorks Distributed CAM"=C:\Program Files (x86)\Autodesk\HSMWorks Distributed CAM\distributedcam.exe [2012-09-30 488576]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Application Restart #2"=C:\Program Files\Microsoft Visual Studio\2022\Community\Common7\IDE\devenv.exe [2023-02-06 1004480]
"Delete Cached Update Binary"=C:\WINDOWS\system32\cmd.exe [2021-11-20 289792]
"Delete Cached Standalone Update Binary"=C:\WINDOWS\system32\cmd.exe [2021-11-20 289792]
"Uninstall 23.153.0724.0003"=C:\WINDOWS\system32\cmd.exe [2021-11-20 289792]
"Uninstall 23.158.0730.0001\i386"=C:\WINDOWS\system32\cmd.exe [2021-11-20 289792]
"Uninstall 23.158.0730.0001"=C:\WINDOWS\system32\cmd.exe [2021-11-20 289792]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"adm_tray.exe"=C:\Program Files (x86)\Acronis\DriveMonitor\adm_tray.exe [2010-06-04 530768]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Canon LBP2900 Status Window.lnk - C:\Windows\System32\spool\drivers\x64\3\CNAB4LAD.EXE
SOLIDWORKS 2016 Rychlé spuštění.lnk - C:\Windows\Installer\{768F3B65-1695-47B7-9002-B11400CB111D}\NewShortcut2_87EDF6C81D0A4B7B84F42FE0C6A9D608.exe
SOLIDWORKS Nástroj pro stahování na pozadí.lnk - C:\Program Files (x86)\Common Files\Manažer instalací SOLIDWORKS\BackgroundDownloading\sldBgDwld.exe

C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
chrome – zástupce.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe
EasyPHP-DevServer-14.1VC11.exe
LibreOffice 7.1.lnk - C:\Program Files\LibreOffice\program\quickstart.exe
thunderbird – zástupce.lnk - C:\Program Files\Mozilla Thunderbird\thunderbird.exe
TOTALCMD64 – zástupce.lnk - C:\Program Files\totalcmd\TOTALCMD64.EXE

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CBDHSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HidSpiCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NgcCtnrSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NgcSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioEndpointBuilder]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioSrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CBDHSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudAddService.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudBus.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HidSpiCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsQuic]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NgcCtnrSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NgcSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\usbaudio.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96C-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"EnableFullTrustStartupTasks"=2
"EnableUwpStartupTasks"=2
"SupportFullTrustStartupTasks"=1
"SupportUwpStartupTasks"=1
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"aux"=wdmaud.drv
"midi"=wdmaud.drv
"midimapper"=midimap.dll
"mixer"=wdmaud.drv
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wave"=wdmaud.drv
"wavemapper"=msacm32.drv
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"aux1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave2"=wdmaud.drv

======File associations======

.inf - install -
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.txt - open - C:\WINDOWS\NOTEPAD.EXE %1

======List of files/folders created in the last 1 month======

2023-09-14 11:35:13 ----D---- C:\Program Files\trend micro
2023-09-14 11:35:12 ----D---- C:\rsit
2023-09-13 05:01:04 ----HD---- C:\$WinREAgent
2023-09-13 05:00:47 ----A---- C:\WINDOWS\SYSWOW64\poqexec.exe
2023-09-13 05:00:46 ----A---- C:\WINDOWS\system32\poqexec.exe
2023-09-13 03:39:59 ----D---- C:\Program Files\Mozilla Firefox
2023-08-31 08:00:19 ----D---- C:\Program Files\Mozilla Thunderbird

======List of files/folders modified in the last 1 month======

2023-09-14 11:55:01 ----D---- C:\WINDOWS\system32\sru
2023-09-14 11:54:01 ----D---- C:\WINDOWS\Temp
2023-09-14 11:39:26 ----D---- C:\FRST
2023-09-14 11:39:19 ----SHD---- C:\System Volume Information
2023-09-14 11:35:28 ----D---- C:\WINDOWS\Prefetch
2023-09-14 11:35:13 ----RD---- C:\Program Files
2023-09-14 11:31:49 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2023-09-14 10:55:55 ----D---- C:\WINDOWS\SystemTemp
2023-09-14 10:55:55 ----D---- C:\Program Files (x86)\Google
2023-09-14 09:18:53 ----D---- C:\WINDOWS\system32\SleepStudy
2023-09-13 21:41:21 ----HD---- C:\Program Files\WindowsApps
2023-09-13 21:41:21 ----D---- C:\WINDOWS\AppReadiness
2023-09-13 13:53:37 ----D---- C:\WINDOWS\system32\config
2023-09-13 05:12:45 ----D---- C:\WINDOWS\CbsTemp
2023-09-13 05:12:43 ----D---- C:\WINDOWS\WinSxS
2023-09-13 05:08:06 ----D---- C:\WINDOWS\system32\catroot2
2023-09-13 05:01:03 ----D---- C:\WINDOWS\SysWOW64
2023-09-13 05:01:03 ----D---- C:\WINDOWS\System32
2023-09-13 05:00:44 ----SHD---- C:\Recovery
2023-09-13 04:55:17 ----D---- C:\WINDOWS\system32\MRT
2023-09-13 04:51:27 ----AC---- C:\WINDOWS\system32\MRT.exe
2023-09-12 05:30:52 ----RD---- C:\WINDOWS\Microsoft.NET
2023-09-11 18:54:24 ----D---- C:\Windows
2023-09-11 07:55:54 ----D---- C:\Program Files\HP
2023-09-11 07:54:12 ----SHD---- C:\WINDOWS\Installer
2023-09-11 07:54:12 ----D---- C:\WINDOWS\system32\Tasks
2023-09-07 09:05:06 ----D---- C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-08-31 01:12:21 ----D---- C:\WINDOWS\Logs
2023-08-30 22:45:29 ----D---- C:\WINDOWS\system32\Logs
2023-08-30 22:45:29 ----D---- C:\Program Files\Microsoft Update Health Tools
2023-08-30 22:23:09 ----D---- C:\WINDOWS\system32\FxsTmp
2023-08-30 20:34:09 ----D---- C:\WINDOWS\system32\drivers\wd
2023-08-21 15:02:02 ----D---- C:\Users\admin\AppData\Roaming\vlc
2023-08-17 14:39:59 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2023-08-15 14:03:15 ----D---- C:\Program Files\TeamViewer
2023-08-15 14:03:14 ----D---- C:\ProgramData\NVIDIA
2023-08-15 14:03:12 ----ASH---- C:\DumpStack.log.tmp
2023-08-15 13:58:17 ----HD---- C:\ProgramData
2023-08-15 13:55:24 ----HD---- C:\WINDOWS\system32\GroupPolicy

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStorAVC;@iastorav.inf,%iaStorAVC.DeviceDesc%;Intel Chipset SATA RAID Controller; C:\WINDOWS\System32\drivers\iaStorAVC.sys [2019-12-07 884752]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\WINDOWS\system32\drivers\iorate.sys [2021-11-20 57168]
R0 MsSecCore;@%SystemRoot%\System32\Drivers\msseccore.sys,-1001; C:\WINDOWS\system32\drivers\msseccore.sys [2023-07-12 26496]
R1 afunix;afunix; C:\WINDOWS\system32\drivers\afunix.sys [2022-08-09 44032]
R1 bam;@%SystemRoot%\system32\drivers\bam.sys,-100; C:\WINDOWS\system32\drivers\bam.sys [2019-12-07 78136]
R1 CimFS;CimFS; C:\WINDOWS\system32\drivers\CimFS.sys [2023-02-16 95232]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2019-12-07 59392]
R1 googledrivefs31092;googledrivefs31092; C:\WINDOWS\system32\DRIVERS\googledrivefs31092.sys [2023-02-06 384600]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2019-12-07 8704]
R1 npcap;@oem39.inf,%NPF_Desc_Standard%;Npcap Packet Driver (NPCAP); C:\WINDOWS\system32\DRIVERS\npcap.sys [2021-08-30 71736]
R2 bindflt;@%systemroot%\system32\drivers\bindflt.sys,-100; C:\WINDOWS\system32\drivers\bindflt.sys [2023-01-11 145760]
R2 CldFlt;Windows Cloud Files Filter Driver; C:\WINDOWS\system32\drivers\cldflt.sys [2023-08-09 497664]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2020-11-19 53248]
R3 e1i65x64;@net1ic64.inf,%e1iExpress.Service.DispName%;Intel(R) PRO/1000 PCI Express Network Connection Driver I; C:\WINDOWS\System32\drivers\e1i65x64.sys [2019-12-07 553984]
R3 ICCWDT;@oem22.inf,%ICCWDT.SVCDESC%;Intel(R) Watchdog Timer Driver (Intel(R) WDT); C:\WINDOWS\System32\drivers\ICCWDT.sys [2021-02-10 41144]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2019-03-04 6755320]
R3 MEIx64;@oem3.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\DriverStore\FileRepository\heci.inf_amd64_233f304c63bedbe1\x64\TeeDriverW10x64.sys [2022-10-12 319624]
R3 MpKsl8c0a7f3f;MpKsl8c0a7f3f; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{C0CDD373-AFAA-4189-856C-77DB3E3CA8F6}\MpKslDrv.sys [2023-09-14 222464]
R3 MsQuic;@%SystemRoot%\system32\drivers\msquic.sys,-1; C:\WINDOWS\system32\drivers\msquic.sys [2020-11-19 322376]
R3 NVHDA;@oem46.inf,%NVHDA.SvcDesc%;Service for NVIDIA High Definition Audio Driver; C:\WINDOWS\system32\drivers\nvhda64v.sys [2022-08-03 129000]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvwu.inf_amd64_c034505b1fb1d43e\nvlddmkm.sys [2023-03-29 58114088]
R3 RTSUER;@oem20.inf,%RtsUER%;Realtek USB Card Reader - UER; C:\WINDOWS\system32\Drivers\RtsUer.sys [2019-04-02 451792]
S0 bttflt;@virtdisk.inf,%service_desc%;Microsoft Hyper-V VHDPMEM BTT Filter; C:\WINDOWS\System32\drivers\bttflt.sys [2019-12-07 43832]
S0 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2019-12-07 319800]
S0 ItSas35i;ItSas35i; C:\WINDOWS\System32\drivers\ItSas35i.sys [2019-12-07 172344]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2019-12-07 124216]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2019-12-07 135992]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2019-12-07 81720]
S0 megasas35i;megasas35i; C:\WINDOWS\System32\drivers\megasas35i.sys [2019-12-07 105480]
S0 nvdimm;@nvdimm.inf,%nvdimm.SvcDesc%;Microsoft NVDIMM device driver; C:\WINDOWS\System32\drivers\nvdimm.sys [2019-12-07 168464]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2019-12-07 58680]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2019-12-07 68408]
S0 pmem;@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver; C:\WINDOWS\System32\drivers\pmem.sys [2022-09-14 142176]
S0 Ramdisk;Windows RAM Disk Driver; C:\WINDOWS\system32\DRIVERS\ramdisk.sys [2019-12-07 42296]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2022-02-11 158520]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2019-12-07 23040]
S3 Acx01000;@%SystemRoot%\system32\drivers\Acx01000.sys,-1000; C:\WINDOWS\system32\drivers\Acx01000.sys [2022-02-11 694272]
S3 amdgpio2;@amdgpio2.inf,%GPIO.SvcDesc%;AMD GPIO Client Driver; C:\WINDOWS\System32\drivers\amdgpio2.sys [2019-12-07 18432]
S3 amdi2c;@amdi2c.inf,%amdi2c.SVCDESC%;AMD I2C Controller Service; C:\WINDOWS\System32\drivers\amdi2c.sys [2019-12-07 45568]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2023-03-15 18432]
S3 AppvStrm;@%systemroot%\system32\drivers\AppvStrm.sys,-101; C:\WINDOWS\system32\drivers\AppvStrm.sys [2023-07-12 140160]
S3 AppvVemgr;@%systemroot%\system32\drivers\AppvVemgr.sys,-101; C:\WINDOWS\system32\drivers\AppvVemgr.sys [2023-07-12 175432]
S3 AppvVfs;@%systemroot%\system32\drivers\AppvVfs.sys,-101; C:\WINDOWS\system32\drivers\AppvVfs.sys [2023-07-12 155992]
S3 BthA2dp;@microsoft_bluetooth_a2dp.inf,%BthA2dp.ServiceDescription%;Microsoft Bluetooth A2dp driver; C:\WINDOWS\System32\drivers\BthA2dp.sys [2019-12-07 279040]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\WINDOWS\System32\drivers\BthEnum.sys [2023-05-10 113664]
S3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [2020-11-19 106496]
S3 BthMini;@bth.inf,%BTHMINI.SvcDesc%;Bluetooth Radio Driver; C:\WINDOWS\System32\drivers\BTHMINI.sys [2023-05-10 45568]
S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2023-04-12 133632]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\WINDOWS\System32\drivers\BTHport.sys [2023-05-10 1565696]
S3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\WINDOWS\System32\drivers\BTHUSB.sys [2023-05-10 110592]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2019-12-07 44032]
S3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\WINDOWS\System32\drivers\CAD.sys [2019-12-07 66576]
S3 dg_ssudbus;@oem43.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [2022-09-30 167440]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\DriverStore\FileRepository\genericusbfn.inf_amd64_53931f0ae21d6d2c\genericusbfn.sys [2019-12-07 23040]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2019-12-07 55824]
S3 hidspi;@hidspi_km.inf,%hidspi.SVCDESC%;Microsoft SPI HID Miniport Driver; C:\WINDOWS\System32\drivers\hidspi.sys [2023-06-13 104448]
S3 HidSpiCx;HidSpi KMDF Class Extension; C:\WINDOWS\system32\drivers\HidSpiCx.sys [2023-06-13 98304]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2023-03-15 96112]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver; C:\WINDOWS\System32\Drivers\mshwnclx.sys [2019-12-07 30208]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2019-12-07 1853752]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2019-12-07 36352]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2019-12-07 91136]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2019-12-07 79360]
S3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2019-12-07 93184]
S3 iaLPSS2i_GPIO2_CNL;@iaLPSS2i_GPIO2_CNL.inf,%iaLPSS2i_GPIO2_CNL.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_CNL.sys [2019-12-07 112128]
S3 iaLPSS2i_GPIO2_GLK;@iaLPSS2i_GPIO2_GLK.inf,%iaLPSS2i_GPIO2_GLK.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_GLK.sys [2019-12-07 96256]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2019-12-07 171520]
S3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2019-12-07 175104]
S3 iaLPSS2i_I2C_CNL;@iaLPSS2i_I2C_CNL.inf,%iaLPSS2i_I2C_CNL.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_CNL.sys [2019-12-07 177152]
S3 iaLPSS2i_I2C_GLK;@iaLPSS2i_I2C_GLK.inf,%iaLPSS2i_I2C_GLK.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_GLK.sys [2019-12-07 177664]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2019-12-07 558904]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2020-11-19 47104]
S3 intelpmax;@intelpmax.inf,%SvcDesc%;Intel(R) Dynamic Device Peak Power Manager Driver; C:\WINDOWS\System32\drivers\intelpmax.sys [2019-12-07 30720]
S3 IPT;IPT; C:\WINDOWS\System32\drivers\ipt.sys [2019-12-07 59704]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\WINDOWS\System32\drivers\mausbhost.sys [2019-12-07 537608]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\WINDOWS\System32\drivers\mausbip.sys [2019-12-07 64016]
S3 MbbCx;MBB Network Adapter Class Extension; C:\WINDOWS\system32\drivers\MbbCx.sys [2022-04-13 386048]
S3 Microsoft_Bluetooth_AvrcpTransport;@microsoft_bluetooth_avrcptransport.inf,%Microsoft_Bluetooth_AvrcpTransport.ServiceDescription%;Microsoft Bluetooth Avrcp Transport Driver; C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.AvrcpTransport.sys [2019-12-07 65024]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2019-12-07 1131320]
S3 MsSecFlt;@%SystemRoot%\System32\Drivers\mssecflt.sys,-1001; C:\WINDOWS\system32\drivers\mssecflt.sys [2023-07-12 406848]
S3 MsSecWfp;@%SystemRoot%\System32\Drivers\mssecwfp.sys,-1001; C:\WINDOWS\system32\drivers\mssecwfp.sys [2023-07-12 66944]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2019-12-07 146232]
S3 NDKPing;NDKPing Driver; C:\WINDOWS\system32\drivers\NDKPing.sys [2019-12-07 72720]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2022-04-13 210944]
S3 PktMon;Packet Monitor Driver; C:\WINDOWS\system32\drivers\PktMon.sys [2023-07-12 131392]
S3 PNPMEM;@memory.inf,%PNPMEM.SvcDesc%;Microsoft Memory Module Driver; C:\WINDOWS\System32\drivers\pnpmem.sys [2019-12-07 17408]
S3 portcfg;portcfg; C:\WINDOWS\System32\drivers\portcfg.sys [2019-12-07 27136]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2022-01-14 990536]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2019-12-07 213504]
S3 rhproxy;@rhproxy.inf,%rhproxy.SVCDESC%;Resource Hub proxy driver; C:\WINDOWS\System32\drivers\rhproxy.sys [2019-12-07 115712]
S3 SDFRd;@SDFRd.inf,%SDFRd.ServiceDesc%;SDF Reflector; C:\WINDOWS\System32\drivers\SDFRd.sys [2019-12-07 35128]
S4 hvcrash;hvcrash; C:\WINDOWS\System32\drivers\hvcrash.sys [2019-12-07 35128]
S4 npcap_wifi;@oem39.inf,%NPF_Desc_WiFi%;Npcap Packet Driver (NPCAP) (Wi-Fi); C:\WINDOWS\system32\DRIVERS\npcap.sys [2021-08-30 71736]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AcrSch2Svc;Acronis Scheduler2 Service; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [2009-10-27 881688]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2023-08-02 173040]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-31 462184]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2022-07-14 55320]
R2 CDPUserSvc_a4f8c;Uživatelská služba platformy připojených zařízení_a4f8c; C:\WINDOWS\system32\svchost.exe [2022-07-14 55320]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2022-07-14 55320]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2022-07-14 55320]
R2 DispBrokerDesktopSvc;@%SystemRoot%\system32\dispbroker.desktop.dll,-101; C:\WINDOWS\system32\svchost.exe [2022-07-14 55320]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; C:\WINDOWS\System32\svchost.exe [2022-07-14 55320]
R2 HPAppHelperCap;HP App Helper HSA Service; C:\Program Files\HP\HP Enabling Services\AppHelperCap.exe [2023-08-25 888768]
R2 HPDiagsCap;HP Diagnostics HSA Service; C:\Program Files\HP\HP Enabling Services\DiagsCap.exe [2023-08-25 887184]
R2 HPNetworkCap;HP Network HSA Service; C:\Program Files\HP\HP Enabling Services\NetworkCap.exe [2023-08-25 883088]
R2 HPSysInfoCap;HP System Info HSA Service; C:\Program Files\HP\HP Enabling Services\SysInfoCap.exe [2023-08-25 887696]
R2 chromoting;Služba Vzdálené plochy Chrome; C:\Program Files (x86)\Google\Chrome Remote Desktop\116.0.5845.9\remoting_host.exe [2023-06-26 74520]
R2 Intel(R) TPM Provisioning Service;@oem30.inf,%TPMProvisioningServiceName%;Intel(R) TPM Provisioning Service; C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_45efd8a6478e15ce\lib\TPMProvisioningService.exe [2022-10-12 768472]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\WINDOWS\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe [2022-10-12 629672]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\WINDOWS\System32\DriverStore\FileRepository\lms.inf_amd64_9949412f65718dfe\LMS.exe [2022-10-12 4644440]
R2 MFLocalService;MFLocalService; C:\Program Files (x86)\Common Files\iMyFone\Components\Resident\LocalService.exe [2022-04-28 54664]
R2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS; C:\WINDOWS\System32\DriverStore\FileRepository\nvwu.inf_amd64_c034505b1fb1d43e\Display.NvContainer\NVDisplay.Container.exe [2023-03-29 1014808]
R2 NVWMI;NVWMI; C:\WINDOWS\System32\DriverStore\FileRepository\nvwu.inf_amd64_c034505b1fb1d43e\NVWMI\nvWmi64.exe [2023-03-29 4511232]
R2 OneSyncSvc_a4f8c;Hostitel synchronizace_a4f8c; C:\WINDOWS\system32\svchost.exe [2022-07-14 55320]
R2 RtkAudioService;Realtek Audio Service; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2019-03-04 267792]
R3 BthAvctpSvc;@%SystemRoot%\system32\BthAvctpSvc.dll,-101; C:\WINDOWS\system32\svchost.exe [2022-07-14 55320]
R3 cbdhsvc_a4f8c;Uživatelská služba schránky_a4f8c; C:\WINDOWS\system32\svchost.exe [2022-07-14 55320]
R3 DevicePickerUserSvc_a4f8c;DevicePicker_a4f8c; C:\WINDOWS\system32\svchost.exe [2022-07-14 55320]
R3 DevicesFlowUserSvc_a4f8c;Tok zařízení_a4f8c; C:\WINDOWS\system32\svchost.exe [2022-07-14 55320]
R3 DisplayEnhancementService;@%SystemRoot%\System32\Microsoft.Graphics.Display.DisplayEnhancementService.dll,-1000; C:\WINDOWS\system32\svchost.exe [2022-07-14 55320]
R3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2022-07-14 55320]
R3 FlexNet Licensing Service 64;FlexNet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe [2015-10-06 1369856]
R3 InstallService;@%SystemRoot%\system32\InstallService.dll,-200; C:\WINDOWS\System32\svchost.exe [2022-07-14 55320]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2022-07-14 55320]
R3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2022-07-14 55320]
R3 PimIndexMaintenanceSvc_a4f8c;Data kontaktů_a4f8c; C:\WINDOWS\system32\svchost.exe [2022-07-14 55320]
R3 PrintWorkflowUserSvc_a4f8c;PrintWorkflow_a4f8c; C:\WINDOWS\system32\svchost.exe [2022-07-14 55320]
R3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\WINDOWS\System32\svchost.exe [2022-07-14 55320]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2022-07-14 55320]
S2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2022-07-14 55320]
S2 edgeupdate;Služba Microsoft Edge Update (edgeupdate); C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [2020-11-19 213392]
S2 gupdate;Služba Aktualizace Google (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2022-04-01 153752]
S2 hsmworksdcs;Autodesk HSMWorks Distributed CAM Services; C:\Program Files (x86)\Autodesk\HSMWorks Distributed CAM\camservices.exe [2012-09-30 722048]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2022-07-14 55320]
S2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2022-07-14 55320]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2022-07-14 55320]
S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2022-07-14 55320]
S3 AarSvc;@%SystemRoot%\system32\AarSvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2022-07-14 55320]
S3 AarSvc_a4f8c;Agent Activation Runtime_a4f8c; C:\WINDOWS\system32\svchost.exe [2022-07-14 55320]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2022-07-14 55320]
S3 AssignedAccessManagerSvc;@%SystemRoot%\system32\assignedaccessmanagersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2022-07-14 55320]
S3 autotimesvc;@%SystemRoot%\System32\autotimesvc.dll,-6; C:\WINDOWS\system32\svchost.exe [2022-07-14 55320]
S3 BcastDVRUserService;@%SystemRoot%\system32\BcastDVRUserService.dll,-100; C:\WINDOWS\system32\svchost.exe [2022-07-14 55320]
S3 BcastDVRUserService_a4f8c;Uživatelská služba pro GameDVR a vysílání her_a4f8c; C:\WINDOWS\system32\svchost.exe [2022-07-14 55320]
S3 BluetoothUserService;@%SystemRoot%\system32\Microsoft.Bluetooth.UserService.dll,-101; C:\WINDOWS\system32\svchost.exe [2022-07-14 55320]
S3 BluetoothUserService_a4f8c;Služba pro podporu uživatelů Bluetooth_a4f8c; C:\WINDOWS\system32\svchost.exe [2022-07-14 55320]
S3 BTAGService;@%SystemRoot%\system32\BTAGService.dll,-101; C:\WINDOWS\system32\svchost.exe [2022-07-14 55320]
S3 camsvc;@%SystemRoot%\system32\CapabilityAccessManager.dll,-1; C:\WINDOWS\system32\svchost.exe [2022-07-14 55320]
S3 CaptureService;@%SystemRoot%\system32\CaptureService.dll,-100; C:\WINDOWS\system32\svchost.exe [2022-07-14 55320]
S3 CaptureService_a4f8c;CaptureService_a4f8c; C:\WINDOWS\system32\svchost.exe [2022-07-14 55320]
S3 cbdhsvc;@%SystemRoot%\system32\cbdhsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2022-07-14 55320]
S3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2022-07-14 55320]
S3 cloudidsvc;@%SystemRoot%\system32\cloudidsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2022-07-14 55320]
S3 ConsentUxUserSvc;@%SystemRoot%\system32\ConsentUxClient.dll,-100; C:\WINDOWS\system32\svchost.exe [2022-07-14 55320]
S3 ConsentUxUserSvc_a4f8c;ConsentUX_a4f8c; C:\WINDOWS\system32\svchost.exe [2022-07-14 55320]
S3 CoordinatorServiceHost;DTSInterops; C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS\swScheduler\DTSCoordinatorService.exe [2016-10-13 80792]
S3 CredentialEnrollmentManagerUserSvc;@%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100; C:\WINDOWS\system32\CredentialEnrollmentManager.exe [2021-11-20 382696]
S3 CredentialEnrollmentManagerUserSvc_a4f8c;CredentialEnrollmentManagerUserSvc_a4f8c; C:\WINDOWS\system32\CredentialEnrollmentManager.exe [2021-11-20 382696]
S3 dcsvc;@%systemroot%\system32\dcsvc,-100; C:\WINDOWS\system32\svchost.exe [2022-07-14 55320]
S3 DeviceAssociationBrokerSvc;@%SystemRoot%\system32\deviceaccess.dll,-107; C:\WINDOWS\system32\svchost.exe [2022-07-14 55320]
S3 DeviceAssociationBrokerSvc_a4f8c;DeviceAssociationBroker_a4f8c; C:\WINDOWS\system32\svchost.exe [2022-07-14 55320]
S3 DevicePickerUserSvc;@%SystemRoot%\system32\Windows.Devices.Picker.dll,-1006; C:\WINDOWS\system32\svchost.exe [2022-07-14 55320]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; C:\WINDOWS\system32\svchost.exe [2022-07-14 55320]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2022-07-14 55320]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2022-01-14 94208]
S3 diagsvc;@%systemroot%\system32\DiagSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2022-07-14 55320]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2022-07-14 55320]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2022-07-14 55320]
S3 edgeupdatem;Služba Microsoft Edge Update (edgeupdatem); C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [2020-11-19 213392]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\WINDOWS\System32\svchost.exe [2022-07-14 55320]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2022-07-14 55320]
S3 FlexNet Licensing Service;FlexNet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe [2021-11-15 1074480]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2019-11-08 46184]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2022-07-14 55320]
S3 GoogleChromeElevationService;Google Chrome Elevation Service (GoogleChromeElevationService); C:\Program Files\Google\Chrome\Application\116.0.5845.188\elevation_service.exe [2023-09-09 1760032]
S3 GraphicsPerfSvc;@%SystemRoot%\system32\GraphicsPerfSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2022-07-14 55320]
S3 gupdatem;Služba Aktualizace Google (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2022-04-01 153752]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2022-07-14 55320]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2022-07-14 55320]
S3 Intel(R) Capability Licensing Service TCP IP Interface;@oem30.inf,%SocketHECIServiceName%;Intel(R) Capability Licensing Service TCP IP Interface; C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_45efd8a6478e15ce\lib\SocketHeciServer.exe [2022-10-12 805848]
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; C:\WINDOWS\System32\svchost.exe [2022-07-14 55320]
S3 LxpSvc;@%SystemRoot%\system32\LanguageOverlayServer.dll,-100; C:\WINDOWS\system32\svchost.exe [2022-07-14 55320]
S3 McpManagementService;@%SystemRoot%\system32\McpManagementService.dll,-100; C:\WINDOWS\system32\svchost.exe [2022-07-14 55320]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2022-07-14 55320]
S3 MessagingService_a4f8c;Služba zasílání zpráv_a4f8c; C:\WINDOWS\system32\svchost.exe [2022-07-14 55320]
S3 MicrosoftEdgeElevationService;Microsoft Edge Elevation Service (MicrosoftEdgeElevationService); C:\Program Files (x86)\Microsoft\Edge\Application\116.0.1938.76\elevation_service.exe [2023-09-07 1764904]
S3 MixedRealityOpenXRSvc;@%SystemRoot%\system32\MixedRealityRuntime.dll,-101; C:\WINDOWS\system32\svchost.exe [2022-07-14 55320]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2023-09-13 239008]
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; C:\WINDOWS\system32\svchost.exe [2022-07-14 55320]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2022-07-14 55320]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2022-07-14 55320]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2022-07-14 55320]
S3 perceptionsimulation;@%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101; C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe [2021-11-20 106496]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2022-07-14 55320]
S3 PrintWorkflowUserSvc;@%SystemRoot%\system32\PrintWorkflowService.dll,-100; C:\WINDOWS\system32\svchost.exe [2022-07-14 55320]
S3 PushToInstall;@%SystemRoot%\system32\pushtoinstall.dll,-200; C:\WINDOWS\System32\svchost.exe [2022-07-14 55320]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2022-07-14 55320]
S4 AppVClient;@%systemroot%\system32\AppVClient.exe,-102; C:\WINDOWS\system32\AppVClient.exe [2023-08-09 777088]
S4 DialogBlockingService;@%SystemRoot%\system32\DialogBlockingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2022-07-14 55320]

-----------------EOF-----------------

[Rudy]

Toto je ADWCleaner?. Nepotřebuji vidět log z něčeho, co ani není adekvátní pro souč. 64b oper systémy. Dejte log z ADWCleaner a pak bideme poračovat.

[AndySue]

# -------------------------------
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build: 08-30-2022
# Database: 2023-07-19.3 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 09-14-2023
# Duration: 00:00:01
# OS: Windows 10 (Build 19045.3324)
# Cleaned: 5
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

Deleted Preinstalled.HPSupportAssistant Folder C:\ProgramData\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Deleted Preinstalled.HPSupportAssistant Registry HKLM\Software\Classes\CLSID\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Deleted Preinstalled.HPSupportAssistant Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Deleted Preinstalled.HPSupportAssistant Registry HKLM\Software\Wow6432Node\\Classes\CLSID\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Deleted Preinstalled.HPSupportAssistant Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [2505 octets] - [13/03/2023 10:57:16]
AdwCleaner[C00].txt - [2777 octets] - [13/03/2023 10:58:18]
AdwCleaner[S01].txt - [2190 octets] - [14/09/2023 15:21:46]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########

[Rudy]

OK. Restartujte a dejte nové logy FRST+Addition.

[AndySue]

Sorry, za delší reakce. Stěhování. Addition:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-09-2023
Ran by admin (05-10-2023 19:00:34)
Running from C:\Users\admin\Desktop\OSTATNÍ\VIRY.cz
Microsoft Windows 10 Pro Version 22H2 19045.3448 (X64) (2021-11-20 04:42:20)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

admin (S-1-5-21-567959055-877555932-3223723616-1001 - Administrator - Enabled) => C:\Users\admin
Administrator (S-1-5-21-567959055-877555932-3223723616-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-567959055-877555932-3223723616-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-567959055-877555932-3223723616-1000 - Limited - Disabled) => C:\Users\defaultuser0
Guest (S-1-5-21-567959055-877555932-3223723616-501 - Limited - Disabled)
printman (S-1-5-21-567959055-877555932-3223723616-1002 - Limited - Enabled)
WDAGUtilityAccount (S-1-5-21-567959055-877555932-3223723616-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (HKLM\...\{F8F948EA-5AEA-4158-8821-A2F788ECE936}) (Version: 16.2.1 - Hewlett-Packard) Hidden
Acronis Drive Monitor (HKLM-x32\...\{706AE61D-40A4-4F50-8359-FE8F6F7FA461}) (Version: 1.0.187 - Acronis)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1029-1033-7760-BC15014EA700}) (Version: 23.006.20320 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601052}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Application Verifier x64 External Package (HKLM\...\{2CBA883F-51A6-3D7D-DBB9-0527D39433CB}) (Version: 10.1.22000.832 - Microsoft) Hidden
Autodesk HSMWorks Distributed CAM 6.1.0.32486 (HKLM-x32\...\{E89D13F6-515E-46D9-A15E-EFC24FD051B4}_is1) (Version: - Autodesk, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Canon LBP2900 (HKLM\...\Canon LBP2900) (Version: - )
ClickOnce Bootstrapper Package for Microsoft .NET Framework (HKLM-x32\...\{22E13608-4DB0-4977-A267-3AAFA09CD54A}) (Version: 4.8.09037 - Microsoft Corporation) Hidden
CrystalDiskInfo 8.17.12 (HKLM\...\CrystalDiskInfo_is1) (Version: 8.17.12 - Crystal Dew World)
DiagnosticsHub_CollectionService (HKLM\...\{FECAFEB5-8D0E-4AE4-8FA0-745BAA835C35}) (Version: 17.3.32601 - Microsoft Corporation) Hidden
Dynamic Application Loader Host Interface Service (HKLM\...\{E3AB2E94-D548-48A7-9F0E-A44D82ED1D7A}) (Version: 1.0.0.0 - Intel Corporation) Hidden
eDrawings (HKLM\...\{99FC8D5C-67F0-4087-9BDF-FA5CC6702AEF}) (Version: 30.40.0011 - Společnost Dassault Systemes SolidWorks Corp)
Entity Framework 6.2.0 Tools for Visual Studio 2022 (HKLM-x32\...\{6D5C07E3-6A4D-4126-A7A7-8B6EFFE16E51}) (Version: 6.2.0.0 - Microsoft Corporation) Hidden
FreeCAD 0.20.0 (HKLM\...\FreeCAD0200) (Version: 0.20.0 - FreeCAD Team)
Google Drive (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 81.0.5.0 - Google LLC)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 117.0.5938.149 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.31.5 - Google Inc.) Hidden
HSMWorks x64 2016 R2.40513 (HKLM\...\{07404224-03A7-4ffc-9AFB-EC32BD898C55}_is1) (Version: 2016 R2.40513 - Autodesk, Inc.)
Chrome Remote Desktop Host (HKLM-x32\...\{C17C2857-FF33-4EA0-8220-14A17DF82668}) (Version: 116.0.5845.9 - Google LLC)
icecap_collection_neutral (HKLM-x32\...\{90819A24-C7DD-4956-8CBE-AE50B43D020D}) (Version: 17.4.33006 - Microsoft Corporation) Hidden
icecap_collection_x64 (HKLM\...\{7D6A7B92-A26B-4DC6-A51F-0D741C9BC70F}) (Version: 17.4.33006 - Microsoft Corporation) Hidden
icecap_collectionresources (HKLM-x32\...\{278641ED-D56B-43E0-AEDC-FFC14B038C74}) (Version: 17.4.33006 - Microsoft Corporation) Hidden
icecap_collectionresourcesx64 (HKLM-x32\...\{D8998F76-2D74-42E3-BCA4-D8D0F5D369CF}) (Version: 17.4.33006 - Microsoft Corporation) Hidden
iCtrl Desktop (HKU\S-1-5-21-567959055-877555932-3223723616-1001\...\ictrl-desktop-client) (Version: 6.4.4 - Junhao Liao)
Inkscape (HKLM-x32\...\Inkscape) (Version: 1.2.1- - Inkscape)
Intel(R) Chipset Device Software (HKLM\...\{66F00951-0E74-43E7-9182-084A681734D0}) (Version: 10.1.18228.8176 - Intel Corporation) Hidden
Intel(R) Icls (HKLM\...\{57640D80-A187-4A4F-BB91-7F2EF7AB5FE9}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) LMS (HKLM\...\{62609178-ECD7-473C-9D1F-9E0CF6927E45}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 2242.3.34.0 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{939DFEE4-2675-4B42-904B-B213B857E347}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{E4697D8A-D9C0-4BCE-AC7F-5A56DD250529}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Driver (HKLM\...\{EC8B054F-9D60-4AFC-9920-25ABFF987B29}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) ME WMI Provider (HKLM\...\{3C66C597-3BAA-403D-9BCD-561ED78B0F1B}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) SOL LMS Extension (HKLM\...\{D36619E0-ADBA-41C6-A5AC-222FCFBF762B}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel® Chipset Device Software (HKLM-x32\...\{c4a581e8-a702-448c-80c7-4b6192985db2}) (Version: 10.1.18228.8176 - Intel(R) Corporation)
IntelliTraceProfilerProxy (HKLM\...\{F8B9E8C8-61E8-4E9E-879D-F3F498AD0230}) (Version: 15.0.21225.01 - Microsoft Corporation) Hidden
IntelliTraceProfilerProxy (HKLM-x32\...\{C8891AD2-C223-45CD-A9BE-617A68923B61}) (Version: 15.0.21225.01 - Microsoft Corporation) Hidden
IrfanView 64 (remove only) (HKLM\...\IrfanView64) (Version: 4.42 - Irfan Skiljan)
Kits Configuration Installer (HKLM-x32\...\{CF83D17D-FB70-21A1-36E4-37EE7EC1B587}) (Version: 10.1.22000.832 - Microsoft) Hidden
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
LibreOffice 7.1.7.2 (HKLM\...\{9ED995EA-19B1-40AE-886A-339A3BECA977}) (Version: 7.1.7.2 - The Document Foundation)
Microsoft .NET 6.0 Templates 7.0.102 (x64) (HKLM\...\{48C24F32-A313-4B3C-B2C0-692D05461628}) (Version: 24.7.49407 - Microsoft Corporation) Hidden
Microsoft .NET 7.0 Templates 7.0.102 (x64) (HKLM\...\{406BB598-E5A9-454A-8719-82644CB09B03}) (Version: 28.5.33023 - Microsoft Corporation) Hidden
Microsoft .NET AppHost Pack - 6.0.13 (x64) (HKLM\...\{F612BCA2-6E26-4F93-834B-8877939C0293}) (Version: 48.55.52137 - Microsoft Corporation) Hidden
Microsoft .NET AppHost Pack - 6.0.13 (x64_arm) (HKLM\...\{93A17F63-9B12-48F6-86BD-84535F2955FA}) (Version: 48.55.52137 - Microsoft Corporation) Hidden
Microsoft .NET AppHost Pack - 6.0.13 (x64_arm64) (HKLM\...\{CC2A595B-74D2-45E6-8B53-45F20215850D}) (Version: 48.55.52137 - Microsoft Corporation) Hidden
Microsoft .NET AppHost Pack - 6.0.13 (x64_x86) (HKLM\...\{F285BA87-F560-4587-8C08-7BF5A4A68762}) (Version: 48.55.52137 - Microsoft Corporation) Hidden
Microsoft .NET AppHost Pack - 7.0.2 (x64) (HKLM\...\{D7A77FBE-E0E7-47D7-86B4-51CB65B502C0}) (Version: 56.11.53349 - Microsoft Corporation) Hidden
Microsoft .NET AppHost Pack - 7.0.2 (x64_arm) (HKLM\...\{A4CCC742-818F-4C8C-8B56-631F6F76C7C6}) (Version: 56.11.53349 - Microsoft Corporation) Hidden
Microsoft .NET AppHost Pack - 7.0.2 (x64_arm64) (HKLM\...\{BEB46B9B-6D72-46E5-968C-CDED3C01896B}) (Version: 56.11.53349 - Microsoft Corporation) Hidden
Microsoft .NET AppHost Pack - 7.0.2 (x64_x86) (HKLM\...\{8C89D103-57BE-4509-9752-B1CD9F12D0B9}) (Version: 56.11.53349 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.7.2 Targeting Pack (čeština) (HKLM-x32\...\{3DC65636-1EBB-41E9-836B-10174949883C}) (Version: 4.7.03062 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.7.2 Targeting Pack (HKLM-x32\...\{1784A8CD-F7FE-47E2-A87D-1F31E7242D0D}) (Version: 4.7.03062 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.8 SDK (čeština) (HKLM-x32\...\{84224644-1FA0-496E-8941-B1553C004E7A}) (Version: 4.8.03761 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.8 SDK (HKLM-x32\...\{949C0535-171C-480F-9CF4-D25C9E60FE88}) (Version: 4.8.03928 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.8 Targeting Pack (čeština) (HKLM-x32\...\{33D8579D-AE2C-45ED-9D16-08451BCC9B45}) (Version: 4.8.03761 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.8 Targeting Pack (HKLM-x32\...\{BAAF5851-0759-422D-A1E9-90061B597188}) (Version: 4.8.03761 - Microsoft Corporation) Hidden
Microsoft .NET Framework Cumulative Intellisense Pack for Visual Studio (čeština) (HKLM-x32\...\{EABEB841-5C97-4CE3-A4CF-64F5978D13B2}) (Version: 4.8.09037 - Microsoft Corporation) Hidden
Microsoft .NET Host - 7.0.2 (x64) (HKLM\...\{F0719345-342D-4A57-8EE4-30BF4FA3FBE9}) (Version: 56.11.53349 - Microsoft Corporation) Hidden
Microsoft .NET Host - 7.0.2 (x86) (HKLM-x32\...\{BDC8107C-65E1-41C2-BE5E-8E27D70AB3B4}) (Version: 56.11.53349 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 7.0.2 (x64) (HKLM\...\{BE394B10-AD5D-4503-9AA9-E79F953B30E3}) (Version: 56.11.53349 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 7.0.2 (x86) (HKLM-x32\...\{4FFCA92E-5974-473C-9239-516D02E11AEA}) (Version: 56.11.53349 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.13 (x64) (HKLM\...\{5F0DB006-2AE3-4D36-8077-65247FD687D4}) (Version: 48.55.52137 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.13 (x86) (HKLM-x32\...\{87EA745D-32DA-4DCA-9ED4-BF4BA6232E1E}) (Version: 48.55.52137 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 7.0.2 (x64) (HKLM\...\{AE2D80C7-F19D-463F-B48F-3F343806721C}) (Version: 56.11.53349 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 7.0.2 (x86) (HKLM-x32\...\{4B87C1C9-F1F5-4308-BE65-E23B51BACC60}) (Version: 56.11.53349 - Microsoft Corporation) Hidden
Microsoft .NET SDK 7.0.102 (x64) from Visual Studio (HKLM\...\{B3A63F4D-11C4-46FF-94C1-695633384F54}) (Version: 7.1.222.60703 - Microsoft Corporation)
Microsoft .NET Standard Targeting Pack - 2.1.0 (x64) (HKLM\...\{A7036CFB-B403-4598-85FF-D397ABB88173}) (Version: 24.0.28113 - Microsoft Corporation) Hidden
Microsoft .NET Targeting Pack - 6.0.13 (x64) (HKLM\...\{62E8F7DA-76C4-46BC-AB40-581C42EC5AFA}) (Version: 48.55.52137 - Microsoft Corporation) Hidden
Microsoft .NET Targeting Pack - 6.0.13 (x86) (HKLM-x32\...\{22AC2DC4-99C8-469F-837B-03AE342E3827}) (Version: 48.55.52137 - Microsoft Corporation) Hidden
Microsoft .NET Targeting Pack - 7.0.2 (x64) (HKLM\...\{C0E951A8-6B2D-45CB-869D-EC4BC950D1E7}) (Version: 56.11.53349 - Microsoft Corporation) Hidden
Microsoft .NET Targeting Pack - 7.0.2 (x86) (HKLM-x32\...\{6FE1E993-8813-44E5-945A-612BB76A99FA}) (Version: 56.11.53349 - Microsoft Corporation) Hidden
Microsoft .NET Toolset 7.0.102 (x64) (HKLM\...\{CD3AD81A-A806-473F-BB60-A402AFAD8D84}) (Version: 28.5.33023 - Microsoft Corporation) Hidden
Microsoft ASP.NET Core 6.0.13 Shared Framework (x64) (HKLM\...\{A6500837-F3BE-357E-9A21-6A78D098659F}) (Version: 6.0.13.22580 - Microsoft Corporation) Hidden
Microsoft ASP.NET Core 6.0.13 Shared Framework (x86) (HKLM-x32\...\{43E10FF2-0E80-3E13-8AD8-302355855BB3}) (Version: 6.0.13.22580 - Microsoft Corporation) Hidden
Microsoft ASP.NET Core 6.0.13 Targeting Pack (x64) (HKLM\...\{BED7E006-DA64-3E61-8836-A231C2F7DD81}) (Version: 6.0.13.22580 - Microsoft Corporation) Hidden
Microsoft ASP.NET Core 6.0.13 Targeting Pack (x86) (HKLM-x32\...\{A58EBFF5-0BF1-3F07-889B-31B20843BA1C}) (Version: 6.0.13.22580 - Microsoft Corporation) Hidden
Microsoft ASP.NET Core 7.0.2 Shared Framework (x64) (HKLM\...\{210A496F-E6CA-39C1-8FA4-1004059ED4E3}) (Version: 7.0.2.22606 - Microsoft Corporation) Hidden
Microsoft ASP.NET Core 7.0.2 Shared Framework (x86) (HKLM-x32\...\{4EDC2B14-E02A-37B9-810B-336C3DDA6424}) (Version: 7.0.2.22606 - Microsoft Corporation) Hidden
Microsoft ASP.NET Core 7.0.2 Targeting Pack (x64) (HKLM\...\{0C082AC1-36AD-3E86-B72D-16EF3A4D907F}) (Version: 7.0.2.22606 - Microsoft Corporation) Hidden
Microsoft ASP.NET Core 7.0.2 Targeting Pack (x86) (HKLM-x32\...\{85CECCAF-91AA-3D0E-8AA5-B68904EEBB85}) (Version: 7.0.2.22606 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 117.0.2045.47 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 117.0.2045.47 - Microsoft Corporation)
Microsoft Office 2003 Web Components (HKLM-x32\...\{90120000-00A4-0409-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-567959055-877555932-3223723616-1001\...\OneDriveSetup.exe) (Version: 23.189.0910.0001 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2019 (HKLM\...\{5BC7E9EB-13E8-45DB-8A60-F2481FEB4595}) (Version: 15.0.2000.5 - Microsoft Corporation)
Microsoft TestPlatform SDK Local Feed (HKLM-x32\...\{839C2D45-DDF6-432C-A6A2-C6AF2EF281BF}) (Version: 17.0.0.5175695 - Microsoft) Hidden
Microsoft Update Health Tools (HKLM\...\{2953E19B-9F91-4A49-A23B-7E25970A1951}) (Version: 3.73.0.0 - Microsoft Corporation)
Microsoft Visual Basic for Applications 7.1 (x64) (HKLM\...\{90120064-0070-0000-0000-4000000FF1CE}) (Version: 7.1.00.00 - Microsoft Corporation) Hidden
Microsoft Visual Basic for Applications 7.1 (x64) English (HKLM\...\{90F60409-7000-11D3-8CFE-0150048383C9}) (Version: 7.1.0.0 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.34.31931 (HKLM-x32\...\{d4cecf3b-b68f-4995-8840-52ea0fab646e}) (Version: 14.34.31931.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.34.31931 (HKLM-x32\...\{6ba9fb5e-8366-4cc4-bf65-25fe9819b2fc}) (Version: 14.34.31931.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.34.31931 (HKLM\...\{EAE242B1-0A26-485A-BFEB-0292EE9F03CB}) (Version: 14.34.31931 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Debug Runtime - 14.34.31931 (HKLM\...\{28E7B326-6E09-4960-88C1-AF305A11665C}) (Version: 14.34.31931 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.34.31931 (HKLM\...\{CF4C347D-954E-4543-88D2-EC17F07F466F}) (Version: 14.34.31931 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.34.31931 (HKLM-x32\...\{C2662EFF-06E6-4FD1-9D6D-FDCA91025757}) (Version: 14.34.31931 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Debug Runtime - 14.34.31931 (HKLM-x32\...\{26D20F81-7672-441B-9092-88E0D2409992}) (Version: 14.34.31931 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.34.31931 (HKLM-x32\...\{AB1BDF73-7393-42CE-812D-9A90918814D5}) (Version: 14.34.31931 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU (HKLM\...\Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU) (Version: - Microsoft Corporation)
Microsoft Visual Studio Installer (HKLM\...\{6F320B93-EE3C-4826-85E0-ADF79F8D4C61}) (Version: 3.4.2246.31370 - Microsoft Corporation)
Microsoft Visual Studio Setup Configuration (HKLM-x32\...\{B1CFE19E-298A-4D14-BACD-CAA36AC4895B}) (Version: 3.4.1128.26111 - Microsoft Corporation) Hidden
Microsoft Visual Studio Setup WMI Provider (HKLM-x32\...\{85516DED-4402-44CD-9D01-1D1F3D0C0178}) (Version: 3.4.1128.26111 - Microsoft Corporation) Hidden
Microsoft Web Deploy 4.0 (HKLM\...\{0C85743B-48E7-4948-96D6-C3BB90246418}) (Version: 10.0.5923 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 6.0.13 (x64) (HKLM\...\{8484730A-68A4-4C63-93B4-52628D3B488D}) (Version: 48.55.53270 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.13 (x86) (HKLM-x32\...\{ACFA81A9-FD2F-4731-BE64-9163E3E9FF58}) (Version: 48.55.53270 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 7.0.2 (x64) (HKLM\...\{B7177578-AF27-44BF-A0B1-8B9D6AF7ECC3}) (Version: 56.11.53361 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 7.0.2 (x86) (HKLM-x32\...\{B5CB1A18-CEB8-464B-B83C-556D1DDBF3B5}) (Version: 56.11.53361 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Targeting Pack - 6.0.13 (x64) (HKLM\...\{F3E2081B-744C-4023-A61E-EEAB556A2A33}) (Version: 48.55.53270 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Targeting Pack - 6.0.13 (x86) (HKLM-x32\...\{D73590E4-7314-4E3D-B2CB-B308B256D8AF}) (Version: 48.55.53270 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Targeting Pack - 7.0.2 (x64) (HKLM\...\{2505676D-0245-4775-B7BE-F4C1DDC902D8}) (Version: 56.11.53361 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Targeting Pack - 7.0.2 (x86) (HKLM-x32\...\{C6DF1343-B58A-44E4-B3FB-4C05649A7B59}) (Version: 56.11.53361 - Microsoft Corporation) Hidden
Microsoft.NET.Sdk.Android.Manifest-7.0.100 (x64) (HKLM\...\{FE768F65-89B5-40E5-9CE5-25D002197AE7}) (Version: 33.0.4 - Microsoft Corporation) Hidden
Microsoft.NET.Sdk.iOS.Manifest-7.0.100 (x64) (HKLM\...\{4491220D-21E8-4C34-84FC-F2659E08BF7E}) (Version: 16.1.17 - Microsoft Corporation) Hidden
Microsoft.NET.Sdk.MacCatalyst.Manifest-7.0.100 (x64) (HKLM\...\{C20CF802-93E3-4BF8-B2F0-8D0B9C826C00}) (Version: 16.1.17 - Microsoft Corporation) Hidden
Microsoft.NET.Sdk.macOS.Manifest-7.0.100 (x64) (HKLM\...\{1E665F2B-6760-42E4-8E97-02B10B97FBA2}) (Version: 13.0.17 - Microsoft Corporation) Hidden
Microsoft.NET.Sdk.Maui.Manifest-7.0.100 (x64) (HKLM\...\{B0FBA6B7-B985-4D20-AC10-7E16D4D8C9CB}) (Version: 7.0.52 - Microsoft Corporation) Hidden
Microsoft.NET.Sdk.tvOS.Manifest-7.0.100 (x64) (HKLM\...\{D98B986D-3D40-4E37-A584-F82381A3E74B}) (Version: 16.1.17 - Microsoft Corporation) Hidden
Microsoft.NET.Workload.Emscripten.net6.Manifest (x64) (HKLM\...\{754E7936-D264-406F-A76D-1C4E0102AE39}) (Version: 56.31.52114 - Microsoft Corporation) Hidden
Microsoft.NET.Workload.Emscripten.net7.Manifest (x64) (HKLM\...\{F99D901B-F288-4D79-ACAA-E31BE48D789D}) (Version: 56.31.52114 - Microsoft Corporation) Hidden
Microsoft.NET.Workload.Mono.Toolchain.net6.Manifest (x64) (HKLM\...\{8A4F7CD9-8D41-414C-8F68-6A3D291C16A4}) (Version: 56.3.53349 - Microsoft Corporation) Hidden
Microsoft.NET.Workload.Mono.Toolchain.net7.Manifest (x64) (HKLM\...\{A0F31B66-D366-4C0E-86B1-511DE274FE2D}) (Version: 56.3.53349 - Microsoft Corporation) Hidden
MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version: - Pavel Cvrcek)
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 118.0.1 (x64 cs)) (Version: 118.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 94.0.1 - Mozilla)
Mozilla Thunderbird (x64 cs) (HKLM\...\Mozilla Thunderbird 102.15.1 (x64 cs)) (Version: 102.15.1 - Mozilla)
MSI Development Tools (HKLM-x32\...\{95A498A9-5E6E-5779-1523-876224F41F94}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Npcap (HKLM-x32\...\NpcapInst) (Version: 1.55 - Nmap Project)
NVIDIA Ovladač HD audia 1.3.39.16 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.39.16 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 528.89 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 528.89 - NVIDIA Corporation)
NVIDIA RTX Desktop Manager 202.85 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView) (Version: 202.85 - NVIDIA Corporation)
PL-2303 USB-to-Serial (HKLM-x32\...\{A9111573-EF12-4D80-A5B9-55F620D5BCA1}) (Version: 1.00.000 - Prolific Technology INC)
PrimoPDF -- brought to you by Nitro PDF Software (HKLM-x32\...\PrimoPDF) (Version: 5 - Nitro PDF Software)
PSPad editor (HKLM-x32\...\PSPad editor_is1) (Version: 4.6.1.2730 - Jan Fiala)
PuTTY release 0.71 (64-bit) (HKLM\...\{B27534DB-4F72-4F49-A3AD-5EC1B6901E5E}) (Version: 0.71.0.0 - Simon Tatham)
Python 2.7.18 (64-bit) (HKLM\...\{A5F504DF-2ED9-4A2D-A2F3-9D2750DD42D6}) (Version: 2.7.18150 - Python Software Foundation)
Python 3.10.0 (64-bit) (HKU\S-1-5-21-567959055-877555932-3223723616-1001\...\{21b42743-c8f9-49d7-b8b6-b5855317c7ed}) (Version: 3.10.150.0 - Python Software Foundation)
Python 3.10.0 Core Interpreter (64-bit) (HKLM\...\{B137EFE9-BD8A-4138-AC7F-360461C4EEAF}) (Version: 3.10.150.0 - Python Software Foundation) Hidden
Python 3.10.0 Development Libraries (64-bit) (HKLM\...\{A8E320AF-B8C7-493C-97D8-6328C1CE721B}) (Version: 3.10.150.0 - Python Software Foundation) Hidden
Python 3.10.0 Documentation (64-bit) (HKLM\...\{23A78F0F-0B41-497A-BB67-7E9AC3C20351}) (Version: 3.10.150.0 - Python Software Foundation) Hidden
Python 3.10.0 Executables (64-bit) (HKLM\...\{D623791F-7EBA-4794-BF56-79D4CFC6BE65}) (Version: 3.10.150.0 - Python Software Foundation) Hidden
Python 3.10.0 pip Bootstrap (64-bit) (HKLM\...\{D545AFB9-E0E8-4B43-897A-0EB97ED46859}) (Version: 3.10.150.0 - Python Software Foundation) Hidden
Python 3.10.0 Standard Library (64-bit) (HKLM\...\{BB3BA776-4C84-43FB-9CE6-5A37FFC23032}) (Version: 3.10.150.0 - Python Software Foundation) Hidden
Python 3.10.0 Tcl/Tk Support (64-bit) (HKLM\...\{AE37C7FB-835D-4E31-851E-801D5C659A3E}) (Version: 3.10.150.0 - Python Software Foundation) Hidden
Python 3.10.0 Test Suite (64-bit) (HKLM\...\{6B61C3C6-43DE-4D58-BDC4-76170C7C7C32}) (Version: 3.10.150.0 - Python Software Foundation) Hidden
Python 3.10.0 Utility Scripts (64-bit) (HKLM\...\{578C5B87-CBE0-4720-90C0-46A917C4FE5C}) (Version: 3.10.150.0 - Python Software Foundation) Hidden
Python 3.11.0 (32-bit) (HKU\S-1-5-21-567959055-877555932-3223723616-1001\...\{8bb2e8e4-a699-403d-be05-4e00aa0632fd}) (Version: 3.11.150.0 - Python Software Foundation)
Python 3.11.0 Core Interpreter (32-bit) (HKLM-x32\...\{71EC41D8-507E-40C8-AF95-53FE5BA4ED34}) (Version: 3.11.150.0 - Python Software Foundation) Hidden
Python 3.11.0 Development Libraries (32-bit) (HKLM-x32\...\{DDE3E99C-F86A-436D-91F9-304F3C00370C}) (Version: 3.11.150.0 - Python Software Foundation) Hidden
Python 3.11.0 Documentation (32-bit) (HKLM-x32\...\{5E6FBC90-4180-491B-8DF3-387E9C505621}) (Version: 3.11.150.0 - Python Software Foundation) Hidden
Python 3.11.0 Executables (32-bit) (HKLM-x32\...\{869D67C8-AE2E-43F3-96C2-85927E4A7380}) (Version: 3.11.150.0 - Python Software Foundation) Hidden
Python 3.11.0 pip Bootstrap (32-bit) (HKLM-x32\...\{D070AAAA-0D89-4DCA-901A-BC79F5E2276F}) (Version: 3.11.150.0 - Python Software Foundation) Hidden
Python 3.11.0 Standard Library (32-bit) (HKLM-x32\...\{7565E13F-F118-44FD-B7E9-6E673A6B3A9D}) (Version: 3.11.150.0 - Python Software Foundation) Hidden
Python 3.11.0 Tcl/Tk Support (32-bit) (HKLM-x32\...\{0D26C541-D790-4E31-9B16-0C65969AA44C}) (Version: 3.11.150.0 - Python Software Foundation) Hidden
Python 3.11.0 Test Suite (32-bit) (HKLM-x32\...\{2652ADDA-74F2-4C40-BC75-E049A19BEE3F}) (Version: 3.11.150.0 - Python Software Foundation) Hidden
Python 3.11.0 Utility Scripts (32-bit) (HKLM-x32\...\{EFE290C7-EDE6-4C22-A11F-71D3E45C3305}) (Version: 3.11.150.0 - Python Software Foundation) Hidden
Python 3.11.1 (64-bit) (HKU\S-1-5-21-567959055-877555932-3223723616-1001\...\{fca95908-8c70-405d-9e72-cd746e2f7786}) (Version: 3.11.1150.0 - Python Software Foundation)
Python 3.11.1 Core Interpreter (64-bit) (HKLM\...\{5D1EFF51-4740-4E62-8E49-11C13DEC34C3}) (Version: 3.11.1150.0 - Python Software Foundation) Hidden
Python 3.11.1 Development Libraries (64-bit) (HKLM\...\{988799D6-A7CE-4F51-89AF-1E4A64FA7ECA}) (Version: 3.11.1150.0 - Python Software Foundation) Hidden
Python 3.11.1 Documentation (64-bit) (HKLM\...\{5EB7FFE8-5B05-4DD3-9DE0-D0F20D93FA6C}) (Version: 3.11.1150.0 - Python Software Foundation) Hidden
Python 3.11.1 Executables (64-bit) (HKLM\...\{A7DE96A8-2F75-44B2-B46E-5D50DE5B1B80}) (Version: 3.11.1150.0 - Python Software Foundation) Hidden
Python 3.11.1 pip Bootstrap (64-bit) (HKLM\...\{C5FAF3D9-A03D-4F6A-AAC9-87735DDA5DCF}) (Version: 3.11.1150.0 - Python Software Foundation) Hidden
Python 3.11.1 Standard Library (64-bit) (HKLM\...\{21EEFB31-6A96-4CAE-9A3B-B7FD6374C155}) (Version: 3.11.1150.0 - Python Software Foundation) Hidden
Python 3.11.1 Tcl/Tk Support (64-bit) (HKLM\...\{66CA643F-68B2-4063-8F87-34D48A2C49ED}) (Version: 3.11.1150.0 - Python Software Foundation) Hidden
Python 3.11.1 Test Suite (64-bit) (HKLM\...\{EFFC2C23-AEE2-4867-998C-5F5A902496C0}) (Version: 3.11.1150.0 - Python Software Foundation) Hidden
Python 3.11.1 Utility Scripts (64-bit) (HKLM\...\{E63D4F21-1B1F-43DC-9347-4FB51A71704C}) (Version: 3.11.1150.0 - Python Software Foundation) Hidden
Python 3.9.7 (64-bit) (HKU\S-1-5-21-567959055-877555932-3223723616-1001\...\{0f0bf1a5-3ec1-459b-ab7c-916db941f50d}) (Version: 3.9.7150.0 - Python Software Foundation)
Python 3.9.7 Core Interpreter (64-bit symbols) (HKLM\...\{19CCBF82-F32C-4F9B-A25A-C18CA0229930}) (Version: 3.9.7150.0 - Python Software Foundation) Hidden
Python 3.9.7 Core Interpreter (64-bit) (HKLM\...\{88D4EF59-607D-43AD-B7C7-F5A753740FD1}) (Version: 3.9.7150.0 - Python Software Foundation) Hidden
Python 3.9.7 Development Libraries (64-bit) (HKLM\...\{97496FC6-5044-4A2A-BACD-40A44F38D483}) (Version: 3.9.7150.0 - Python Software Foundation) Hidden
Python 3.9.7 Documentation (64-bit) (HKLM\...\{AA408E09-EBB3-470F-8D63-5AA0C46C2DA2}) (Version: 3.9.7150.0 - Python Software Foundation) Hidden
Python 3.9.7 Executables (64-bit symbols) (HKLM\...\{FA525B0C-1DC4-4733-895E-FC0BB30229C9}) (Version: 3.9.7150.0 - Python Software Foundation) Hidden
Python 3.9.7 Executables (64-bit) (HKLM\...\{870EC220-FEAE-481D-8B29-B4B0DF5402FA}) (Version: 3.9.7150.0 - Python Software Foundation) Hidden
Python 3.9.7 pip Bootstrap (64-bit) (HKLM\...\{F1280AA2-AAC3-41AB-9616-CCF00814E626}) (Version: 3.9.7150.0 - Python Software Foundation) Hidden
Python 3.9.7 Standard Library (64-bit symbols) (HKLM\...\{AB1F1505-63F0-4E88-874D-55448A1020C4}) (Version: 3.9.7150.0 - Python Software Foundation) Hidden
Python 3.9.7 Standard Library (64-bit) (HKLM\...\{05903EEF-72A2-4C1A-AD35-41AD6C7094A8}) (Version: 3.9.7150.0 - Python Software Foundation) Hidden
Python 3.9.7 Tcl/Tk Support (64-bit symbols) (HKLM\...\{F9100C91-CF07-4FAE-A017-7E6A57FAF41D}) (Version: 3.9.7150.0 - Python Software Foundation) Hidden
Python 3.9.7 Tcl/Tk Support (64-bit) (HKLM\...\{6E8EAD3C-6F0C-494C-9C12-E10C5B5EE7EA}) (Version: 3.9.7150.0 - Python Software Foundation) Hidden
Python 3.9.7 Test Suite (64-bit symbols) (HKLM\...\{EA4833F1-B32B-4D49-81C8-E28B67E87590}) (Version: 3.9.7150.0 - Python Software Foundation) Hidden
Python 3.9.7 Test Suite (64-bit) (HKLM\...\{67D79D6E-8497-4EE6-850B-834D3A27553F}) (Version: 3.9.7150.0 - Python Software Foundation) Hidden
Python 3.9.7 Utility Scripts (64-bit) (HKLM\...\{4110826A-903C-410C-9785-7848A51B9CC9}) (Version: 3.9.7150.0 - Python Software Foundation) Hidden
Python Launcher (HKLM-x32\...\{8A19B72D-62A8-4198-BEBD-CAEF117194C8}) (Version: 3.11.8009.0 - Python Software Foundation)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8644 - Realtek Semiconductor Corp.)
SDK ARM Additions (HKLM-x32\...\{BD786819-AA80-7B18-125D-AA03AAF2759B}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
SDK ARM Redistributables (HKLM-x32\...\{4349F57C-0C9C-C16B-9A40-E7B406C451E2}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
SOLIDWORKS 2016 x64 Czech Resources (HKLM\...\{BD37B53B-592C-41B4-BECA-D156E3D0B058}) (Version: 24.150.58 - Dassault Systemes SolidWorks Corp) Hidden
SOLIDWORKS 2016 x64 Edition SP05 (HKLM\...\{768F3B65-1695-47B7-9002-B11400CB111D}) (Version: 24.150.58 - Dassault Systemes SolidWorks Corp) Hidden
SOLIDWORKS 2016 x64 Edition SP05 (HKLM-x32\...\SolidWorks Installation Manager 20160-40500-1100-100) (Version: 24.5.0.58 - SolidWorks Corporation)
SOLIDWORKS Composer Player 2016 SP05 x64 Edition (HKLM\...\{8537E059-C18B-4DE6-AED6-CD9B90240C35}) (Version: 24.50.58 - Dassault Systemes SolidWorks Corp) Hidden
SOLIDWORKS eDrawings 2016 x64 Edition SP05 (HKLM\...\{12339098-76B6-47CD-B52A-52E4809108F6}) (Version: 16.5.0084 - Společnost Dassault Systemes SolidWorks Corp) Hidden
SOLIDWORKS Explorer 2016 SP05 x64 Edition (HKLM\...\{41E08694-1890-4B39-9D1C-B9D27A1D67B3}) (Version: 24.50.58 - Společnost Dassault Systemes SolidWorks Corp) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.19.63 - Synaptics Incorporated)
TeamViewer (HKLM\...\TeamViewer) (Version: 15.37.3 - TeamViewer)
Tesseract-OCR - open source OCR engine (HKLM\...\Tesseract-OCR) (Version: 5.3.0.20221222 - Tesseract-OCR community)
Tesseract-OCR - open source OCR engine (HKLM-x32\...\Tesseract-OCR) (Version: 5.3.0.20221222 - Tesseract-OCR community)
TightVNC (HKLM\...\{20B44B5F-5DDC-4261-BA3E-3EE3D3F2B106}) (Version: 2.8.81.0 - GlavSoft LLC.)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 10.00 - Ghisler Software GmbH)
UltraVnc (HKLM\...\Ultravnc2_is1) (Version: 1.3.8.1 - uvnc bvba)
Universal CRT Extension SDK (HKLM-x32\...\{90AAE845-42CE-EC12-4041-8ADF7BE765E7}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (HKLM-x32\...\{98D5C5AA-993C-1371-C7AF-8F8A0E8CAF86}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Universal CRT Redistributable (HKLM-x32\...\{0460C87B-7F4C-3170-FAC9-B7A6AE5CE4E9}) (Version: 10.0.26624 - Microsoft Corporation) Hidden
Universal CRT Redistributable (HKLM-x32\...\{8EC1DC78-0A65-B6AC-664D-DFB3AC8E9736}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Universal CRT Tools x64 (HKLM\...\{82F9F289-6088-8F39-1918-A45315FEF99A}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Universal CRT Tools x86 (HKLM-x32\...\{A829BD53-4BE5-23F2-C4A8-026CB5D47ECF}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Universal General MIDI DLS Extension SDK (HKLM-x32\...\{D62BC488-4C4A-BF17-A0CE-21B4BF8F9B30}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{0746492E-47B6-4251-940C-44462DFD74BB}) (Version: 2.55.0.0 - Microsoft Corporation)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{C270D21B-2327-49B8-85F7-395133A93C75}) (Version: 8.92.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{76A22428-2400-4521-96AF-7AC4A6174CA5}) (Version: 1.25.0.0 - Microsoft Corporation) Hidden
vcpp_crt.redist.clickonce (HKLM-x32\...\{CFF203A1-51CB-42FE-9997-B6B01371AF30}) (Version: 14.34.31931 - Microsoft Corporation) Hidden
Visual Studio Community 2022 (HKLM-x32\...\f3f14e08) (Version: 17.4.4 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.16 - VideoLAN)
VNC Server 6.1.1 (HKLM\...\{BF68FC97-1CBA-49D5-88EB-3E0CDC3D379D}) (Version: 6.1.1.28093 - RealVNC Ltd)
VNC Viewer 6.1.1 (HKLM\...\{1B14F26D-AAC9-4781-A468-5DFD5DF5FF91}) (Version: 6.1.1.28093 - RealVNC Ltd)
VS Immersive Activate Helper (HKLM-x32\...\{0B826206-3626-4E96-A675-0BDE6B8711B6}) (Version: 17.0.118.0 - Microsoft Corporation) Hidden
VS JIT Debugger (HKLM\...\{7B8542BA-01E4-43EB-A172-1DA975AFD00B}) (Version: 17.0.118.0 - Microsoft Corporation) Hidden
VS Script Debugging Common (HKLM\...\{C8EA234A-FC2F-4EEC-BF7F-DB14C28C84D2}) (Version: 17.0.118.0 - Microsoft Corporation) Hidden
vs_BlendMsi (HKLM-x32\...\{8C14D3DF-69AD-443A-A607-B4B1BE9575CC}) (Version: 17.4.33006 - Microsoft Corporation) Hidden
vs_clickoncebootstrappermsi (HKLM-x32\...\{6AF210BE-348B-4156-8B2E-CD57FC573ABD}) (Version: 17.4.33006 - Microsoft Corporation) Hidden
vs_clickoncebootstrappermsires (HKLM-x32\...\{3826E149-22D5-470D-B8A7-D11244EA2720}) (Version: 17.4.33006 - Microsoft Corporation) Hidden
vs_clickoncesigntoolmsi (HKLM-x32\...\{7B907A0B-2606-42EB-A880-80E1F6AA4C48}) (Version: 17.4.33006 - Microsoft Corporation) Hidden
vs_communitymsires (HKLM-x32\...\{F48F6538-AB3C-4FD1-8ACE-0E5A861EC43C}) (Version: 17.4.33006 - Microsoft Corporation) Hidden
vs_communitysharedmsi (HKLM-x32\...\{B56EF9C1-B982-45B1-BEB5-3C8F50B21CF2}) (Version: 17.4.33006 - Microsoft Corporation) Hidden
vs_communityx64msi (HKLM\...\{9BF7BDD3-62E8-4E47-AF96-13EA1EB853AD}) (Version: 17.4.33006 - Microsoft Corporation) Hidden
vs_CoreEditorFonts (HKLM-x32\...\{667150AA-8DA3-433E-91EC-88BD8730D32A}) (Version: 17.4.33213 - Microsoft Corporation)
vs_devenvsharedmsi (HKLM-x32\...\{04D84C30-B442-49D2-A139-B8AAA7ACD445}) (Version: 17.4.33006 - Microsoft Corporation) Hidden
vs_devenx64vmsi (HKLM\...\{0DE775A3-1C63-4210-9CDC-D23F5330D715}) (Version: 17.4.33006 - Microsoft Corporation) Hidden
vs_filehandler_amd64 (HKLM-x32\...\{12B0A225-610B-43DA-8585-E2EAD563D611}) (Version: 17.4.33006 - Microsoft Corporation) Hidden
vs_filehandler_x86 (HKLM-x32\...\{56373DD6-9A8E-4C0C-95F6-F64DF2054A6F}) (Version: 17.4.33006 - Microsoft Corporation) Hidden
vs_FileTracker_Singleton (HKLM-x32\...\{49559293-3192-40D3-864C-5AB88E744A79}) (Version: 17.4.33006 - Microsoft Corporation) Hidden
vs_Graphics_Singletonx64 (HKLM\...\{9138874C-2D20-46BC-84BC-A13B31DF8955}) (Version: 17.4.33006 - Microsoft Corporation) Hidden
vs_Graphics_Singletonx86 (HKLM-x32\...\{9D4033AD-2990-469B-A2CC-CEE9A707106A}) (Version: 17.4.33006 - Microsoft Corporation) Hidden
vs_minshellinteropsharedmsi (HKLM-x32\...\{1EF48E65-5B07-4502-B6C2-43BC8311DAC3}) (Version: 17.4.33006 - Microsoft Corporation) Hidden
vs_minshellinteropx64msi (HKLM\...\{5691C5AB-0847-4862-8C49-43245E7DCE2C}) (Version: 17.4.33006 - Microsoft Corporation) Hidden
vs_minshellmsires (HKLM-x32\...\{988A9E72-24DF-4FC8-9F94-E2BFDAE40397}) (Version: 17.4.33006 - Microsoft Corporation) Hidden
vs_minshellsharedmsi (HKLM-x32\...\{C32CB038-8A83-4860-853F-9168214E3536}) (Version: 17.4.33006 - Microsoft Corporation) Hidden
vs_minshellx64msi (HKLM\...\{1AB2F81F-A360-4BE1-B68F-B50F0609A1AE}) (Version: 17.4.33006 - Microsoft Corporation) Hidden
vs_SQLClickOnceBootstrappermsi (HKLM-x32\...\{8C352959-35A5-40CA-A49C-91B349AB2778}) (Version: 17.4.33006 - Microsoft Corporation) Hidden
vs_tipsmsi (HKLM-x32\...\{6A7EA630-41A1-455D-849D-2AA2D1420236}) (Version: 17.4.33006 - Microsoft Corporation) Hidden
vs_vswebprotocolselectormsi (HKLM-x32\...\{ACBBFCA9-A48A-425A-BF50-B6FB8EFE7934}) (Version: 17.4.33006 - Microsoft Corporation) Hidden
vs_vswebprotocolselectormsires (HKLM-x32\...\{2BC745F0-9928-46F2-949C-0966D3826611}) (Version: 17.4.33006 - Microsoft Corporation) Hidden
Vzdálená plocha Chrome (HKU\S-1-5-21-567959055-877555932-3223723616-1001\...\b6c3e8b3f73bd926a7cca588d89cd991) (Version: 1.0 - Google\Chrome)
WinAppDeploy (HKLM-x32\...\{8E3AB865-9E38-1E5F-7B49-C8E3A70C6303}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Windows App Certification Kit Native Components (HKLM\...\{69331A50-908A-0745-CFCF-8413360C5B96}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Windows App Certification Kit SupportedApiList x86 (HKLM-x32\...\{81D4E442-F6C5-DF4B-DEF8-76E51ACC56F8}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Windows App Certification Kit x64 (HKLM-x32\...\{FD68622A-634F-FB49-6E94-E21A451A3B5A}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Windows Desktop Extension SDK (HKLM-x32\...\{3F737DA8-C5B7-8740-6B07-BA73B5E62CDF}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Windows Desktop Extension SDK Contracts (HKLM-x32\...\{D54B24F7-43DE-C7BF-3A5C-83F9E8E0700D}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Windows IoT Extension SDK (HKLM-x32\...\{5B64C01B-2798-A2F6-89C3-AC03906F8788}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Windows IoT Extension SDK Contracts (HKLM-x32\...\{1FF69612-5A91-3565-7EE3-0539A04E3B8D}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Windows Mobile Extension SDK (HKLM-x32\...\{DF2A6855-DB81-9047-3033-8D6AC6055AEF}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Windows Mobile Extension SDK Contracts (HKLM-x32\...\{8EDE105B-885A-D173-50F8-F50F39C51CF9}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Windows SDK (HKLM-x32\...\{2D2EBB11-484D-8F73-FA25-3FFABCE371F0}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Windows SDK AddOn (HKLM-x32\...\{15941C7F-810D-41DF-8C5A-8D0490277AFB}) (Version: 10.1.0.0 - Microsoft Corporation)
Windows SDK ARM Desktop Tools (HKLM-x32\...\{A99B19D4-7F87-03E5-B4A8-80420ECD7F53}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Windows SDK Desktop Headers arm (HKLM-x32\...\{C7C68DA0-8501-16DD-1E6A-6C34AAA28F21}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Windows SDK Desktop Headers arm64 (HKLM-x32\...\{30092A0E-1D50-8D66-E5EB-01F6AA8C1FFE}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Windows SDK Desktop Headers x64 (HKLM-x32\...\{C47F0820-6424-AE53-6BAF-2D41E829C855}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Windows SDK Desktop Headers x86 (HKLM-x32\...\{6F1B1243-7C12-5398-F575-5102906569A6}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Windows SDK Desktop Libs arm (HKLM-x32\...\{6221E085-FE37-1068-E6D7-9D08ABD32AE2}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Windows SDK Desktop Libs arm64 (HKLM-x32\...\{82931C8D-83CC-CF2E-F4FA-9AF0829BCA22}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Windows SDK Desktop Libs x64 (HKLM-x32\...\{1A457607-6262-3949-63D4-E1F85A3D95FD}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Windows SDK Desktop Libs x86 (HKLM-x32\...\{7CAF3DA2-79F6-C0DB-6C56-2462C8C4914C}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Windows SDK Desktop Tools arm64 (HKLM-x32\...\{54E5E684-132E-23D3-CBF6-962122E2C568}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Windows SDK Desktop Tools x64 (HKLM-x32\...\{E5715C32-34B0-6F8E-81B8-13FB19B1B682}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Windows SDK Desktop Tools x86 (HKLM-x32\...\{02594FB6-9905-CBB9-10E8-EFCFB7122D7C}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Windows SDK DirectX x64 Remote (HKLM\...\{0B12F7E3-EDAA-AF92-20BB-88540FEF54BA}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Windows SDK DirectX x86 Remote (HKLM-x32\...\{B9A2EE66-E1B9-ED85-E75B-041A348EB46D}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Windows SDK EULA (HKLM-x32\...\{93F9D7FA-F2FD-837D-E53F-D79767071E44}) (Version: 10.1.22000.832 - Microsoft Corporations) Hidden
Windows SDK Facade Windows WinMD Versioned (HKLM-x32\...\{31B6D021-BC97-82C5-9C42-16AB86C37215}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Windows SDK for Windows Store Apps (HKLM-x32\...\{CFC51C75-8F08-1968-BC86-70A396D353D9}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Windows SDK for Windows Store Apps Contracts (HKLM-x32\...\{AD3B32A0-5F71-DE89-B55A-9E85964186D8}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Windows SDK for Windows Store Apps DirectX x86 Remote (HKLM-x32\...\{31A3EB09-E226-B0E5-FA70-FF4B3CAD2ECF}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Windows SDK for Windows Store Apps Headers (HKLM-x32\...\{A1DA436A-2FA4-FDC2-9B0A-FBB40CF0499D}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Windows SDK for Windows Store Apps Libs (HKLM-x32\...\{C8977C7D-F685-8282-3C78-6276E03E3B32}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Windows SDK for Windows Store Apps Metadata (HKLM-x32\...\{7907F380-3CFD-247C-9DFC-A23CED2012F8}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Windows SDK for Windows Store Apps Tools (HKLM-x32\...\{68F11757-8C35-BEB6-2AED-6F7C6CC5B8C0}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Windows SDK for Windows Store Managed Apps Libs (HKLM-x32\...\{B0CB401F-F1EF-E63C-8191-9A447FC24C58}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Windows SDK Modern Non-Versioned Developer Tools (HKLM-x32\...\{FA582B75-7D9C-2717-5E64-1A8CC5E46ABD}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Windows SDK Modern Versioned Developer Tools (HKLM-x32\...\{EA338ECA-C63F-4BD6-B66F-274433C75A49}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Windows SDK Redistributables (HKLM-x32\...\{7DBE357D-2AA2-7B68-267E-F8DAEB182D6F}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Windows SDK Signing Tools (HKLM-x32\...\{0F5E7D7D-8969-DC1B-205D-024FB54A0417}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Windows Software Development Kit - Windows 10.0.22000.832 (HKLM-x32\...\{d6a76ead-c762-4d93-9c24-1fa3efa1e12d}) (Version: 10.1.22000.832 - Microsoft Corporation)
Windows Team Extension SDK (HKLM-x32\...\{14705B25-5AC2-82AC-DB79-A35219016ABB}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Windows Team Extension SDK Contracts (HKLM-x32\...\{5F1D4DE5-BFF3-503B-D05F-40ED6927DE17}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
WinRT Intellisense Desktop - en-us (HKLM-x32\...\{FBF034E1-563E-1F9D-DC45-491BB88E9B9E}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
WinRT Intellisense Desktop - Other Languages (HKLM-x32\...\{837DD890-14CE-9EB3-E8E1-F96A7EE5CFE5}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - en-us (HKLM-x32\...\{823E92A6-7572-174D-0671-95A55785F991}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - Other Languages (HKLM-x32\...\{3A8F388C-D0F7-0A66-0EDE-D477B1B1B2F4}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
WinRT Intellisense Mobile - en-us (HKLM-x32\...\{0F2D2736-F436-3F10-FB30-9D279F58305B}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - en-us (HKLM-x32\...\{FEAF2203-A2AC-080C-9D55-9F09623F38C3}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - Other Languages (HKLM-x32\...\{A06212FE-3C20-31C7-F88A-46673EF72E83}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - en-us (HKLM-x32\...\{4308116D-A763-144D-DC81-6243BE6B2ADF}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - Other Languages (HKLM-x32\...\{D307C8A5-7335-056E-6E64-E28544674EFD}) (Version: 10.1.22000.832 - Microsoft Corporation) Hidden
Wireshark 3.6.3 64-bit (HKLM-x32\...\Wireshark) (Version: 3.6.3 - The Wireshark developer community, hxxps://www.wireshark.org)
wkhtmltox 0.12.6-1 (HKLM\...\wkhtmltopdf) (Version: - )
WPTx64 (HKLM-x32\...\{0B2C58EB-67A2-225B-60B2-D1990E55DD33}) (Version: 8.100.26866 - Microsoft)
X-Mouse Button Control 2.20.5 (HKLM-x32\...\X-Mouse Button Control) (Version: 2.20.5 - Highresolution Enterprises)
Zebra Setup Utilities (HKLM-x32\...\{9207A8EC-3B2D-4A4A-8BF7-957FC19BB3DE}) (Version: 1.1.9.1290 - Zebra Technologies) Hidden
Zebra Setup Utilities (HKLM-x32\...\Zebra Setup Utilities) (Version: 1.1.9.1290 - Zebra Technologies)

Packages:
=========
Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_7.38.11.0_x64__kgqvnymyfvs32 [2023-09-12] (king.com)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.253.100.0_x64__kgqvnymyfvs32 [2023-10-04] (king.com)
Cortana -> C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_4.2308.1005.0_x64__8wekyb3d8bbwe [2023-08-11] (Microsoft Corporation)
Hidden City: Hidden Object Adventure -> C:\Program Files\WindowsApps\828B5831.HiddenCityMysteryofShadows_1.62.6202.0_x86__ytsefhwckbdv6 [2023-09-15] (G5 Entertainment AB)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_149.1.1056.0_x64__v10z8vjag6ke6 [2023-09-12] (HP Inc.)
HP Support Assistant -> C:\Program Files\WindowsApps\AD2F1837.HPSupportAssistant_9.30.18.0_x64__v10z8vjag6ke6 [2023-09-26] (HP Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-11-15] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-11-15] (Microsoft Corporation) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.964.0_x64__56jybvy8sckqj [2023-03-10] (NVIDIA Corp.)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.17.8180.0_x64__8wekyb3d8bbwe [2023-08-25] (Microsoft Studios) [MS Ad]
Windows Package Manager Source (winget) -> C:\Program Files\WindowsApps\Microsoft.Winget.Source_2023.925.1430.215_neutral__8wekyb3d8bbwe [2023-09-25] (Microsoft Corporation)
WinZip Universal -> C:\Program Files\WindowsApps\WinZipComputing.WinZipUniversal_1.5.13516.0_x64__3ykzqggjzj4z0 [2023-08-14] (WinZip Computing)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-567959055-877555932-3223723616-1001_Classes\CLSID\{13357088-9834-0409-1600-134951500000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-567959055-877555932-3223723616-1001_Classes\CLSID\{d1b22d3d-8585-53a6-acb3-0e803c7e8d2a}\localserver32 -> "C:\Users\admin\AppData\Local\Microsoft\Teams\current\Teams.exe" --toast => No File
ShellIconOverlayIdentifiers: [ GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\81.0.5.0\drivefsext.dll [2023-09-19] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\81.0.5.0\drivefsext.dll [2023-09-19] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\81.0.5.0\drivefsext.dll [2023-09-19] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\81.0.5.0\drivefsext.dll [2023-09-19] (Google LLC -> Google, Inc.)
ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\81.0.5.0\drivefsext.dll [2023-09-19] (Google LLC -> Google, Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\81.0.5.0\drivefsext.dll [2023-09-19] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\81.0.5.0\drivefsext.dll [2023-09-19] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvwu.inf_amd64_c034505b1fb1d43e\nvshext.dll [2023-03-29] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers5: [NvQuadroView] -> {1E9B04FB-F9E5-4718-997B-B8DA88302A48} => C:\Program Files\NVIDIA Corporation\nview\nvshell.dll [2022-06-13] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\admin\Documents\www\_dev_GD_230427\Python\WakeOnLAN\wake_up_OS.lnk -> G:\Můj disk\#dev\Python\WakeOnLAN\wake_up_OS.bat ()
Shortcut: C:\Users\admin\Documents\www\_dev_GD_230427\Python\WakeOnLAN\wake_up_PS.lnk -> G:\Můj disk\#dev\Python\WakeOnLAN\wake_up_PS.bat ()
Shortcut: C:\Users\admin\Desktop\wake_up_PS.lnk -> G:\Můj disk\#dev\Python\WakeOnLAN\wake_up_PS.bat ()
ShortcutWithArgument: C:\Users\admin\Documents\www\_dev_GD_230427\SolidWorks\Macros\SLDWORKS.lnk -> C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS\SLDWORKS.exe (Dassault Systèmes SolidWorks Corp.) -> /m "C:\Users\admin\Documents\www\www.admin.loc\modules\_dev\require\SolidWorks\Macros\analysis_pictures-v1.10.swp"
ShortcutWithArgument: C:\Users\admin\Documents\www\www.admin.loc\modules\_dev\require\SolidWorks\Macros\SLDWORKS.lnk -> C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS\SLDWORKS.exe (Dassault Systèmes SolidWorks Corp.) -> /m "C:\Users\admin\Documents\www\www.admin.loc\modules\_dev\require\SolidWorks\Macros\analysis_pictures-v1.10.swp"
ShortcutWithArgument: C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Vzdálená plocha Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=efmjfjelnicpmdcmfikempdhlmainjcb
ShortcutWithArgument: C:\Users\admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\e2b8b17f80771afa\Osoba 4 - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Host
ShortcutWithArgument: C:\Users\admin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\1c6cec50a98a467d\Osoba 2 - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Osoba 1"

==================== Loaded Modules (Whitelisted) =============

2021-11-15 12:51 - 2013-07-08 19:34 - 000114688 _____ () [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\bin\pcre.dll
2023-01-13 13:37 - 2015-08-05 19:21 - 017864192 _____ () [File not signed] C:\Program Files\HSMWorks\machineworks.dll
2023-01-13 13:37 - 2014-01-30 17:38 - 003328512 _____ () [File not signed] C:\Program Files\HSMWorks\mozjs.dll
2023-09-15 08:23 - 2023-09-15 08:23 - 000369152 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\annotationcplu\655e32de0980cf500dba8598fcc167fa\annotationcplu.ni.dll
2023-09-15 08:24 - 2023-09-15 08:24 - 000723968 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\asmfeaturecplu\141989fb6999cfa1c785e5f0338b4634\asmfeaturecplu.ni.dll
2023-09-15 08:24 - 2023-09-15 08:24 - 000160256 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\clrloadu\2dfc9088f9c8b90e9be8dc0732b42e14\clrloadu.ni.dll
2023-09-15 08:24 - 2023-09-15 08:24 - 000743936 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\contentcplu\9b9ff8ee9d678150c82361d1854407ee\contentcplu.ni.dll
2023-09-15 08:24 - 2023-09-15 08:24 - 001688064 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\couplingBase\a6b7a7232fc53b9ac700df9694b2f39f\couplingBase.ni.dll
2023-09-15 08:24 - 2023-09-15 08:24 - 000395776 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\featurecplu\5934f7e408cdab8ca40d2cc6d2663709\featurecplu.ni.dll
2023-09-15 08:24 - 2023-09-15 08:24 - 000256000 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\refgeomcplu\77d53ead7f392edc2f3a170400ff4b3e\refgeomcplu.ni.dll
2023-09-15 08:24 - 2023-09-15 08:24 - 000736256 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\sheetmetalcplu\6e22b7becf21ebd838ccf16687979dc0\sheetmetalcplu.ni.dll
2023-09-15 08:24 - 2023-09-15 08:24 - 001113600 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Sketchcplu\08c4b5a8639beec56d1d9c19e7866418\Sketchcplu.ni.dll
2021-11-15 12:51 - 2013-11-22 04:12 - 000152576 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\bin\libapr-1.dll
2021-11-15 12:51 - 2013-11-22 04:12 - 000027136 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\bin\libapriconv-1.dll
2021-11-15 12:51 - 2013-11-22 04:12 - 000206848 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\bin\libaprutil-1.dll
2021-11-15 12:51 - 2013-11-22 04:13 - 000328192 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\bin\libhttpd.dll
2021-11-15 12:51 - 2013-11-22 04:07 - 000012288 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\modules\mod_access_compat.so
2021-11-15 12:51 - 2013-11-22 04:07 - 000011264 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\modules\mod_actions.so
2021-11-15 12:51 - 2013-11-22 04:07 - 000013824 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\modules\mod_alias.so
2021-11-15 12:51 - 2013-11-22 04:07 - 000009728 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\modules\mod_allowmethods.so
2021-11-15 12:51 - 2013-11-22 04:07 - 000010752 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\modules\mod_asis.so
2021-11-15 12:51 - 2013-11-22 04:07 - 000014336 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\modules\mod_auth_basic.so
2021-11-15 12:51 - 2013-11-22 04:07 - 000011776 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\modules\mod_authn_core.so
2021-11-15 12:51 - 2013-11-22 04:07 - 000011264 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\modules\mod_authn_file.so
2021-11-15 12:51 - 2013-11-22 04:07 - 000018944 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\modules\mod_authz_core.so
2021-11-15 12:51 - 2013-11-22 04:07 - 000011776 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\modules\mod_authz_groupfile.so
2021-11-15 12:51 - 2013-11-22 04:07 - 000011264 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\modules\mod_authz_host.so
2021-11-15 12:51 - 2013-11-22 04:07 - 000009728 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\modules\mod_authz_user.so
2021-11-15 12:51 - 2013-11-22 04:07 - 000030208 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\modules\mod_autoindex.so
2021-11-15 12:51 - 2013-11-22 04:07 - 000020480 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\modules\mod_cgi.so
2021-11-15 12:51 - 2013-11-22 04:07 - 000012288 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\modules\mod_dir.so
2021-11-15 12:51 - 2013-11-22 04:07 - 000010752 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\modules\mod_env.so
2021-11-15 12:51 - 2013-11-22 04:08 - 000039424 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\modules\mod_include.so
2021-11-15 12:51 - 2013-11-22 04:08 - 000024064 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\modules\mod_isapi.so
2021-11-15 12:51 - 2013-11-22 04:08 - 000024576 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\modules\mod_log_config.so
2021-11-15 12:51 - 2013-11-22 04:08 - 000016896 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\modules\mod_mime.so
2021-11-15 12:51 - 2013-11-22 04:08 - 000029184 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\modules\mod_negotiation.so
2021-11-15 12:51 - 2013-11-22 04:08 - 000051200 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\modules\mod_rewrite.so
2021-11-15 12:51 - 2013-11-22 04:08 - 000013824 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\modules\mod_setenvif.so
2023-09-15 08:23 - 2023-09-15 08:23 - 000020992 _____ (Dassault Systèmes SolidWorks Corporation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\AnnotationOperation\910ae3806351f20cc61ffbde9b5cf872\AnnotationOperation.ni.dll
2023-09-15 08:23 - 2023-09-15 08:23 - 000026112 _____ (Dassault Systèmes SolidWorks Corporation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\AnnotationUI\0681b06689d9e91655d00a5c8768b571\AnnotationUI.ni.dll
2023-09-15 08:24 - 2023-09-15 08:24 - 000260608 _____ (Dassault Systèmes SolidWorks Corporation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\AnnotationWPF\03cc485142670a4f1bb34e6781a4b4dd\AnnotationWPF.ni.dll
2023-09-15 08:24 - 2023-09-15 08:24 - 000024576 _____ (Dassault Systèmes SolidWorks Corporation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\AsmFeatureOperation\f4836c4a936e392ad3191a3bdaa55432\AsmFeatureOperation.ni.dll
2023-09-15 08:24 - 2023-09-15 08:24 - 000034304 _____ (Dassault Systèmes SolidWorks Corporation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\asmfeatureui\f640df4b3cacf8e390239f11d9eee7dc\asmfeatureui.ni.dll
2023-09-15 08:24 - 2023-09-15 08:24 - 000046592 _____ (Dassault Systèmes SolidWorks Corporation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\asmfeaturewpf\374592b0ba2fbe057df0b5c433081f90\asmfeaturewpf.ni.dll
2023-09-15 08:23 - 2023-09-15 08:23 - 000203264 _____ (Dassault Systèmes SolidWorks Corporation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CmdInterface\9618f8e144e9369de727cc83aa0a8adf\CmdInterface.ni.dll
2023-09-15 08:24 - 2023-09-15 08:24 - 000029696 _____ (Dassault Systèmes SolidWorks Corporation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\ContentOperation\4a61e537961e4096ba7bd413efb4697f\ContentOperation.ni.dll
2023-09-15 08:24 - 2023-09-15 08:24 - 000028672 _____ (Dassault Systèmes SolidWorks Corporation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\ContentUI\43ffcd373ab4e121f2cec093bbddfff9\ContentUI.ni.dll
2023-09-15 08:24 - 2023-09-15 08:24 - 000592384 _____ (Dassault Systèmes SolidWorks Corporation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Controls\483bae9c8bde78455b864fc48144bec2\Controls.ni.dll
2023-09-15 08:23 - 2023-09-15 08:23 - 000063488 _____ (Dassault Systèmes SolidWorks Corporation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\CoreInterface\d152c1b2c3a1974c33c6630e4fa58cec\CoreInterface.ni.dll
2023-09-15 08:24 - 2023-09-15 08:24 - 000099328 _____ (Dassault Systèmes SolidWorks Corporation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\DveSupport\82d6ad1d905e5a9db9cf9d8aacbca695\DveSupport.ni.dll
2023-09-15 08:24 - 2023-09-15 08:24 - 000028672 _____ (Dassault Systèmes SolidWorks Corporation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\FeatureOperation\a7ef7e99e9072a5d26d1b1c947d2cf5d\FeatureOperation.ni.dll
2023-09-15 08:24 - 2023-09-15 08:24 - 000067072 _____ (Dassault Systèmes SolidWorks Corporation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\FeatureUI\aac264e9428d318260b77e8209beb656\FeatureUI.ni.dll
2023-09-15 08:24 - 2023-09-15 08:24 - 000114688 _____ (Dassault Systèmes SolidWorks Corporation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\FeatureWPF\6bd0ecb2f031cc8a014f09e41d92854a\FeatureWPF.ni.dll
2023-09-15 08:24 - 2023-09-15 08:24 - 000023552 _____ (Dassault Systèmes SolidWorks Corporation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\RefGeomOperation\4e6e1ab65f6dfb03970ea42adcc980c7\RefGeomOperation.ni.dll
2023-09-15 08:24 - 2023-09-15 08:24 - 000091648 _____ (Dassault Systèmes SolidWorks Corporation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\RefGeomUI\6fbdab167e6707b7b6f0e9a0c2282780\RefGeomUI.ni.dll
2023-09-15 08:24 - 2023-09-15 08:24 - 000078336 _____ (Dassault Systèmes SolidWorks Corporation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\RefPlaneWPF\8b0c571ef5d956f93d60fa167590a0d3\RefPlaneWPF.ni.dll
2023-09-15 08:24 - 2023-09-15 08:24 - 000024576 _____ (Dassault Systèmes SolidWorks Corporation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\SheetMetalOperation\8a153bec8ad03515fef90121fb78e154\SheetMetalOperation.ni.dll
2023-09-15 08:24 - 2023-09-15 08:24 - 000180736 _____ (Dassault Systèmes SolidWorks Corporation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\SheetMetalUi\842caed653781ad5402f846cb1b25488\SheetMetalUi.ni.dll
2023-09-15 08:24 - 2023-09-15 08:24 - 000102912 _____ (Dassault Systèmes SolidWorks Corporation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\SheetMetalWPF\b5f199885953e9220b65abf5ddda57a7\SheetMetalWPF.ni.dll
2023-09-15 08:24 - 2023-09-15 08:24 - 000027648 _____ (Dassault Systèmes SolidWorks Corporation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\SketchOperation\bcd223c538a7a1de68d53f761f7788bc\SketchOperation.ni.dll
2023-09-15 08:24 - 2023-09-15 08:24 - 000057344 _____ (Dassault Systèmes SolidWorks Corporation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\SketchUI\3300361b73ccfb1334c9ff9472b503b6\SketchUI.ni.dll
2023-09-15 08:24 - 2023-09-15 08:24 - 000095744 _____ (Dassault Systèmes SolidWorks Corporation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\SketchWPF\13212d35c4cc544b31818be1a7d8fb6a\SketchWPF.ni.dll
2023-09-15 08:23 - 2023-09-15 08:23 - 000150016 _____ (Dassault Systèmes SolidWorks Corporation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\UiBase\6ef2ff13bee443c7c96f6f183b00c107\UiBase.ni.dll
2023-09-15 08:24 - 2023-09-15 08:24 - 002051072 _____ (Dassault Systèmes SolidWorks Corporation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\WPFRes\e97751103407499304f05500084a00f2\WPFRes.ni.dll
2018-01-20 10:34 - 2018-01-20 10:34 - 000373248 _____ (IntelleSoft) [File not signed] C:\Program Files\Highresolution Enterprises\X-Mouse Button Control\BugTrapU-x64.dll
2021-10-27 22:28 - 2021-10-27 22:28 - 000073728 _____ (Python Software Foundation) [File not signed] C:\Program Files\LibreOffice\program\python-core-3.8.8\lib\_socket.pyd
2021-10-27 22:28 - 2021-10-27 22:28 - 000020992 _____ (Python Software Foundation) [File not signed] C:\Program Files\LibreOffice\program\python-core-3.8.8\lib\select.pyd
2021-02-01 22:49 - 2021-02-01 22:49 - 000266240 _____ (RSA - The Security Division of EMC) [File not signed] C:\Program Files\Adobe\Acrobat DC\Acrobat\ccme_asym.dll
2021-02-01 22:49 - 2021-02-01 22:49 - 000450560 _____ (RSA - The Security Division of EMC) [File not signed] C:\Program Files\Adobe\Acrobat DC\Acrobat\ccme_base.dll
2021-02-01 22:49 - 2021-02-01 22:49 - 000399360 _____ (RSA - The Security Division of EMC) [File not signed] C:\Program Files\Adobe\Acrobat DC\Acrobat\ccme_base_non_fips.dll
2021-02-01 22:49 - 2021-02-01 22:49 - 000561664 _____ (RSA - The Security Division of EMC) [File not signed] C:\Program Files\Adobe\Acrobat DC\Acrobat\ccme_ecc.dll
2021-02-01 22:49 - 2021-02-01 22:49 - 000292352 _____ (RSA - The Security Division of EMC) [File not signed] C:\Program Files\Adobe\Acrobat DC\Acrobat\cryptocme.dll
2021-10-28 01:41 - 2021-10-28 01:41 - 000476160 _____ (The Document Foundation) [File not signed] C:\Program Files\LibreOffice\program\pyuno.pyd
2021-11-15 12:51 - 2013-07-08 19:29 - 001175040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\bin\libeay32.dll
2021-11-15 12:51 - 2013-07-08 19:29 - 000269312 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\bin\ssleay32.dll
2021-11-15 13:28 - 2014-01-09 08:37 - 001169920 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\php\php_runningversion\LIBEAY32.dll
2021-11-15 13:28 - 2014-01-09 08:37 - 000269312 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\php\php_runningversion\SSLEAY32.dll
2021-11-15 13:28 - 2014-01-09 08:37 - 000066560 _____ (The PHP Group) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\php\php_runningversion\ext\php_bz2.dll
2021-11-15 13:28 - 2014-01-09 08:37 - 000492032 _____ (The PHP Group) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\php\php_runningversion\ext\php_curl.dll
2021-11-15 13:28 - 2014-01-09 08:37 - 001348096 _____ (The PHP Group) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\php\php_runningversion\ext\php_gd2.dll
2021-11-15 13:28 - 2014-01-09 08:37 - 000831488 _____ (The PHP Group) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\php\php_runningversion\ext\php_imap.dll
2021-11-15 13:28 - 2014-01-09 08:37 - 001239552 _____ (The PHP Group) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\php\php_runningversion\ext\php_mbstring.dll
2021-11-15 13:28 - 2014-01-09 08:37 - 000036864 _____ (The PHP Group) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\php\php_runningversion\ext\php_mysql.dll
2021-11-15 13:28 - 2014-01-09 08:37 - 000088576 _____ (The PHP Group) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\php\php_runningversion\ext\php_mysqli.dll
2021-11-15 13:28 - 2014-01-09 08:37 - 000072704 _____ (The PHP Group) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\php\php_runningversion\ext\php_openssl.dll
2021-11-15 13:28 - 2014-01-09 08:37 - 000024576 _____ (The PHP Group) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\php\php_runningversion\ext\php_pdo_mysql.dll
2021-11-15 13:28 - 2014-01-09 08:37 - 000399872 _____ (The PHP Group) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\php\php_runningversion\ext\php_pdo_sqlite.dll
2021-11-15 13:28 - 2014-01-09 08:37 - 000054784 _____ (The PHP Group) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\php\php_runningversion\ext\php_sockets.dll
2021-11-15 13:28 - 2014-01-09 08:37 - 000553472 _____ (The PHP Group) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\php\php_runningversion\ext\php_sqlite3.dll
2021-11-15 13:28 - 2014-01-09 08:37 - 000231936 _____ (The PHP Group) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\php\php_runningversion\ext\php_xsl.dll
2021-11-15 13:28 - 2014-01-09 08:37 - 000026624 _____ (The PHP Group) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\php\php_runningversion\php5apache2_4.dll
2021-11-15 13:28 - 2014-01-09 08:37 - 006155264 _____ (The PHP Group) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\php\php_runningversion\php5ts.dll
2023-02-16 13:37 - 2017-09-14 08:46 - 001012224 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Common Files\iMyFone\Components\Resident\platforms\qwindows.dll
2023-02-16 13:37 - 2022-04-28 22:21 - 004694016 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Common Files\iMyFone\Components\Resident\Qt5Core.dll
2023-02-16 13:37 - 2022-04-28 22:21 - 005032960 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Common Files\iMyFone\Components\Resident\Qt5Gui.dll
2023-02-16 13:37 - 2022-04-28 22:21 - 000856064 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Common Files\iMyFone\Components\Resident\Qt5Network.dll
2023-02-16 13:37 - 2022-04-28 22:21 - 004483072 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Common Files\iMyFone\Components\Resident\Qt5Widgets.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2023-09-15] (HP Inc. -> HP Inc.)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2023-09-15] (HP Inc. -> HP Inc.)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2016-07-16 13:47 - 2016-07-16 13:45 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\php\php_runningversion;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Windows Kits\8.1\Windows Performance Toolkit\;C:\Program Files\PuTTY\;c:\Users\admin\AppData\Local\Programs\Python\Python311\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\dotnet\;c:\Program Files\wkhtmltopdf\bin\;
HKU\S-1-5-21-567959055-877555932-3223723616-1000\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-567959055-877555932-3223723616-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\windows\img0.jpg
DNS Servers: 192.168.11.1 - 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost => (EnableWebContentEvaluation: 1)
Windows Firewall is enabled.

Network Binding:
=============
Ethernet: Npcap Packet Driver (NPCAP) -> INSECURE_NPCAP (enabled)

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIG\Services: wuauserv => 3

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{5D14C625-87C3-4153-AC53-C93FFF761FAF}] => (Allow) C:\Windows\System32\CNAB4RPD.EXE (CANON INC. -> CANON INC.)
FirewallRules: [{8E5CF802-BB1B-43F5-8FCA-D5F61A19C477}] => (Allow) C:\Windows\System32\CNAB4RPD.EXE (CANON INC. -> CANON INC.)
FirewallRules: [{1B0A0BCC-3E66-4897-ACC3-79BF35E01190}] => (Allow) C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS\swScheduler\DTSCoordinatorService.exe (Dassault Systemes SolidWorks Corp. -> Dassault Systèmes SolidWorks Corporation)
FirewallRules: [{67A51E73-3B44-446E-9D84-7F13870902DF}] => (Allow) C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS\swScheduler\DTSCoordinatorService.exe (Dassault Systemes SolidWorks Corp. -> Dassault Systèmes SolidWorks Corporation)
FirewallRules: [{4F3D12E4-D95C-4358-9F76-F16C805D31C3}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{D2AA0281-ED6E-4235-AF1B-74DB8209717A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{A310AA8D-88F9-4287-BD5F-6A302EA24BA2}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{F4798396-E301-4EF4-9058-B61A151CFAEB}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [UDP Query User{26A6BC19-30E9-4F42-B025-B9D7AE4C719A}C:\program files (x86)\easyphp-devserver-14.1vc11\binaries\apache\bin\eds-httpd.exe] => (Allow) C:\program files (x86)\easyphp-devserver-14.1vc11\binaries\apache\bin\eds-httpd.exe (Apache Software Foundation) [File not signed]
FirewallRules: [TCP Query User{A4ED5F5F-2EC8-4330-BE8F-8C96E9BECA58}C:\program files (x86)\easyphp-devserver-14.1vc11\binaries\apache\bin\eds-httpd.exe] => (Allow) C:\program files (x86)\easyphp-devserver-14.1vc11\binaries\apache\bin\eds-httpd.exe (Apache Software Foundation) [File not signed]
FirewallRules: [{437E47C2-7168-4588-8F90-5A36FBAC2486}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{7A9C115C-6F64-4936-95AC-BF8BBAEFCE07}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{AB0CE918-2D94-4E15-AAC2-829DEAA1A2F6}] => (Allow) C:\HP\Diagnostics\PSDR\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [{71C12985-9416-49AD-BCF2-FAFEA0788A58}] => (Allow) C:\HP\Diagnostics\PSDR\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [TCP Query User{B5FB24A2-BF19-42C3-82A9-C79478EE2360}C:\program files (x86)\easyphp-devserver-14.1vc11\binaries\php\php_runningversion\php.exe] => (Allow) C:\program files (x86)\easyphp-devserver-14.1vc11\binaries\php\php_runningversion\php.exe (The PHP Group) [File not signed]
FirewallRules: [UDP Query User{D0C5EEB4-8299-46B1-BEB4-4843163BEC15}C:\program files (x86)\easyphp-devserver-14.1vc11\binaries\php\php_runningversion\php.exe] => (Allow) C:\program files (x86)\easyphp-devserver-14.1vc11\binaries\php\php_runningversion\php.exe (The PHP Group) [File not signed]
FirewallRules: [{507FB27B-ACA9-4145-9E17-16AC2ECDAED4}] => (Allow) LPort=5900
FirewallRules: [{A3F5CC0E-1786-471E-83E0-B94A107CED61}] => (Allow) LPort=5800
FirewallRules: [{F0A1A67F-461E-4854-A4D1-3A3A65A9BBDA}] => (Allow) C:\Program Files\uvnc bvba\UltraVNC\winvnc.exe (uvnc bvba -> UltraVNC)
FirewallRules: [{878CEB91-B51C-4B21-8431-DBAEEAA81CC7}] => (Allow) C:\Program Files\uvnc bvba\UltraVNC\winvnc.exe (uvnc bvba -> UltraVNC)
FirewallRules: [{9D91615D-9128-4B77-B56B-5198A26BC88C}] => (Allow) C:\Program Files\uvnc bvba\UltraVNC\vncviewer.exe (uvnc bvba -> UltraVNC)
FirewallRules: [{D9AF2464-FCF4-4DF8-8BE6-A36C3C6AB147}] => (Allow) C:\Program Files\uvnc bvba\UltraVNC\vncviewer.exe (uvnc bvba -> UltraVNC)
FirewallRules: [TCP Query User{FA773161-33E7-4496-8652-CAF829D25749}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{9F67C77A-C336-4A5D-8A36-B0BF4EA91F7E}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [TCP Query User{F4B5E456-ACF9-4065-BC13-9EAD3CBE6ABA}C:\users\admin\documents\install\mikroftp\mikroftp.exe] => (Allow) C:\users\admin\documents\install\mikroftp\mikroftp.exe () [File not signed]
FirewallRules: [UDP Query User{64571B73-78E2-4892-9AE3-3C0A7AB0D2AB}C:\users\admin\documents\install\mikroftp\mikroftp.exe] => (Allow) C:\users\admin\documents\install\mikroftp\mikroftp.exe () [File not signed]
FirewallRules: [TCP Query User{8B007BE5-9DD1-476D-A4F0-59B473BA7810}C:\program files (x86)\pspad editor\pspad.exe] => (Allow) C:\program files (x86)\pspad editor\pspad.exe (Jan Fiala -> Jan Fiala)
FirewallRules: [UDP Query User{1BF4BA17-D5E8-4CD3-984C-62E796B770E2}C:\program files (x86)\pspad editor\pspad.exe] => (Allow) C:\program files (x86)\pspad editor\pspad.exe (Jan Fiala -> Jan Fiala)
FirewallRules: [TCP Query User{5ABDECA2-32CC-4CCE-AE5C-B41AD1A428C0}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{0BA7EC0E-3D3F-44B4-BC6C-8409230CE900}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{9308BD71-6C0E-44AA-BA9E-72957EC22BD5}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{280CB6D8-3C86-4F91-AB29-B146B215F3A8}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{F0621917-8433-41C1-8DD3-FFB7908CC066}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{AEF668C5-62DB-47F9-B064-2BB28B48E9FA}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{24E6C7A4-4426-4D9B-B28A-C6B4CB3FF89E}] => (Allow) C:\Program Files (x86)\Autodesk\HSMWorks Distributed CAM\camservices.exe (HSMWorks ApS -> HSMWorks ApS hxxp://www.hsmworks.com)
FirewallRules: [{72C788FE-0A33-41E9-B2FC-1CB1D6D38090}] => (Allow) C:\Program Files (x86)\Autodesk\HSMWorks Distributed CAM\camservices.exe (HSMWorks ApS -> HSMWorks ApS hxxp://www.hsmworks.com)
FirewallRules: [{2A60D1AB-6202-4ED7-BF5C-4BBAF86CD6EE}] => (Allow) LPort=7387
FirewallRules: [{5CEFA152-8EC1-4608-B5BF-46814CB08CE6}] => (Allow) LPort=7388
FirewallRules: [{1F7E7FBA-0BED-4571-8F98-F7C3C851B54E}] => (Allow) C:\Program Files (x86)\Google\Chrome Remote Desktop\116.0.5845.9\remoting_host.exe (Google LLC -> Google LLC)
FirewallRules: [{6B8A8B8F-A110-4EC0-9A8B-B78F165E5C26}] => (Allow) C:\Program Files\RealVNC\VNC Server\vncserver.exe (RealVNC Ltd -> RealVNC Ltd)
FirewallRules: [{0AA04B33-6157-4492-9BF6-E85AFBF78D0C}] => (Allow) C:\Program Files\RealVNC\VNC Server\vncserver.exe (RealVNC Ltd -> RealVNC Ltd)
FirewallRules: [TCP Query User{588E412D-9C86-4574-85CF-072C05AC50AF}C:\users\admin\appdata\local\ictrl-desktop-client\app-6.4.3\ictrl-desktop-client.exe] => (Allow) C:\users\admin\appdata\local\ictrl-desktop-client\app-6.4.3\ictrl-desktop-client.exe (Junhao Liao -> iCtrl)
FirewallRules: [UDP Query User{1070AC7F-CAB1-43C4-A2CF-C57609A0DF7C}C:\users\admin\appdata\local\ictrl-desktop-client\app-6.4.3\ictrl-desktop-client.exe] => (Allow) C:\users\admin\appdata\local\ictrl-desktop-client\app-6.4.3\ictrl-desktop-client.exe (Junhao Liao -> iCtrl)
FirewallRules: [TCP Query User{1C79B48F-FD6E-437E-A2FD-4E8E8E521DA5}C:\users\admin\appdata\local\ictrl-desktop-client\app-6.4.3\resources\app\ictrl_be\ictrl_be.exe] => (Allow) C:\users\admin\appdata\local\ictrl-desktop-client\app-6.4.3\resources\app\ictrl_be\ictrl_be.exe (Junhao Liao -> )
FirewallRules: [UDP Query User{2BEDC195-4C30-4960-B9E1-EDEC14850471}C:\users\admin\appdata\local\ictrl-desktop-client\app-6.4.3\resources\app\ictrl_be\ictrl_be.exe] => (Allow) C:\users\admin\appdata\local\ictrl-desktop-client\app-6.4.3\resources\app\ictrl_be\ictrl_be.exe (Junhao Liao -> )
FirewallRules: [{C64D8D2D-57E0-460A-AAF6-3DA0364C9D82}] => (Block) C:\users\admin\appdata\local\ictrl-desktop-client\app-6.4.3\resources\app\ictrl_be\ictrl_be.exe (Junhao Liao -> )
FirewallRules: [{A05E3356-92F0-4E57-BF0D-BC4ACB7C5092}] => (Block) C:\users\admin\appdata\local\ictrl-desktop-client\app-6.4.3\resources\app\ictrl_be\ictrl_be.exe (Junhao Liao -> )
FirewallRules: [{6CD24B63-C48C-44F8-ADB8-430A0A4FF9F2}] => (Block) C:\users\admin\appdata\local\ictrl-desktop-client\app-6.4.3\ictrl-desktop-client.exe (Junhao Liao -> iCtrl)
FirewallRules: [{4344CF39-5FE8-49D8-8FE0-54D9D848E597}] => (Block) C:\users\admin\appdata\local\ictrl-desktop-client\app-6.4.3\ictrl-desktop-client.exe (Junhao Liao -> iCtrl)
FirewallRules: [TCP Query User{87AE8450-2BFD-42A2-B880-80735AD857E7}C:\users\admin\appdata\local\programs\python\python311\python.exe] => (Allow) C:\users\admin\appdata\local\programs\python\python311\python.exe (Python Software Foundation -> Python Software Foundation)
FirewallRules: [UDP Query User{4C6448C7-1B45-45C8-A1F0-5216E00F1734}C:\users\admin\appdata\local\programs\python\python311\python.exe] => (Allow) C:\users\admin\appdata\local\programs\python\python311\python.exe (Python Software Foundation -> Python Software Foundation)
FirewallRules: [TCP Query User{EDD23638-1C84-4E24-97C7-B1DDDBCE2E20}C:\program files\totalcmd\totalcmd64.exe] => (Allow) C:\program files\totalcmd\totalcmd64.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [UDP Query User{172A1507-B6BE-4631-94BD-185A1C891ACA}C:\program files\totalcmd\totalcmd64.exe] => (Allow) C:\program files\totalcmd\totalcmd64.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [{C3C9D802-D71E-45BF-ABCB-1A54EAB16B28}] => (Allow) C:\Program Files\TightVNC\tvnserver.exe (GLAVSOFT, OOO -> GlavSoft LLC.)
FirewallRules: [{5D477670-AB5E-43C0-AE13-571F1DE6AD06}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{16DD719D-D39D-4BF4-B922-81AC7F4E91D0}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{9EC1C5CC-1BD9-4489-B517-0C987BD09AE6}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.105.3211.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A02A1D4A-F023-46D2-B101-29B0AEB0F279}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.105.3211.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{5A25E2D4-5951-43E1-B7E4-A7BF683C4889}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.105.3211.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{7760CB34-C920-4F32-B887-86819B1468B4}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.105.3211.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)

==================== Restore Points =========================

01-10-2023 19:59:06 Windows Update
03-10-2023 21:38:11 Instalační služba modulů systému Windows

==================== Faulty Device Manager Devices ============

Name: Synaptics PS/2 Port TouchPad
Description: Synaptics PS/2 Port TouchPad
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Synaptics
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Neznámé zařízení USB (reset portu se nezdařil)
Description: Neznámé zařízení USB (reset portu se nezdařil)
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standardní hostitelský řadič USB)
Service:
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation.

Name: Standardní klávesnice PS/2
Description: Standardní klávesnice PS/2
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardní klávesnice)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: ========================

Application errors:
==================
Error: (10/05/2023 07:04:23 PM) (Source: MySQL) (EventID: 100) (User: )
Description: Event-ID 100

Error: (10/05/2023 07:04:23 PM) (Source: MySQL) (EventID: 100) (User: )
Description: Event-ID 100

Error: (10/05/2023 07:04:23 PM) (Source: MySQL) (EventID: 100) (User: )
Description: Event-ID 100

Error: (10/05/2023 07:04:15 PM) (Source: MySQL) (EventID: 100) (User: )
Description: Event-ID 100

Error: (10/05/2023 07:04:15 PM) (Source: MySQL) (EventID: 100) (User: )
Description: Event-ID 100

Error: (10/05/2023 07:04:15 PM) (Source: MySQL) (EventID: 100) (User: )
Description: Event-ID 100

Error: (10/05/2023 07:04:15 PM) (Source: MySQL) (EventID: 100) (User: )
Description: Event-ID 100

Error: (10/05/2023 07:04:15 PM) (Source: MySQL) (EventID: 100) (User: )
Description: Event-ID 100


System errors:
=============
Error: (10/03/2023 09:28:50 AM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Služba Autodesk HSMWorks Distributed CAM Services skončila s následující chybou specifickou pro službu:
Nesprávná funkce.

Error: (10/01/2023 11:08:31 PM) (Source: DCOM) (EventID: 10001) (User: DESKTOP-OLM3P1O)
Description: Nelze spustit server DCOM: Microsoft.MicrosoftEdge_44.19041.1266.0_neutral__8wekyb3d8bbwe!MicrosoftEdge jako Není k dispozici/Není k dispozici. Došlo k chybě:
2147942402
při provádění příkazu:
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe" -ServerName:MicrosoftEdge.AppXdnhjhccw3zf0j06tkg3jtqr00qdm0khc.mca

Error: (10/01/2023 06:01:06 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Služba Autodesk HSMWorks Distributed CAM Services skončila s následující chybou specifickou pro službu:
Nesprávná funkce.

Error: (10/01/2023 05:13:40 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Služba Autodesk HSMWorks Distributed CAM Services skončila s následující chybou specifickou pro službu:
Nesprávná funkce.

Error: (10/01/2023 05:13:34 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (11:50:18, ‎27.‎09.‎2023) bylo neočekávané.

Error: (09/25/2023 09:58:02 PM) (Source: volsnap) (EventID: 25) (User: )
Description: Stínové kopie svazku C: byly smazány, protože úložiště stínové kopie nebylo možné včas zvětšit. Zvažte možnost snížení vstupně-výstupního zatížení systému nebo zvolte svazek úložiště stínové kopie, pro který není vytvářena stínová kopie.

Error: (09/14/2023 03:28:25 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Služba Autodesk HSMWorks Distributed CAM Services skončila s následující chybou specifickou pro službu:
Nesprávná funkce.

Error: (09/14/2023 03:22:52 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba SynTPEnh Caller Service byla neočekávaně ukončena. Tento stav nastal již 1krát.


Windows Defender:
================
Date: 2023-10-04 21:31:57
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {0849ED42-F35A-4DB8-9B96-74DEA1A9F8EE}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2023-10-04 08:45:25
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {AA6D3DC6-AD76-4BB8-A982-0AF4956BA583}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2023-10-04 07:50:38
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {29CC9AAF-B377-4C2A-9390-4FE6D9E3477F}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2023-10-03 09:03:13
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {9D0BDB88-AE87-4506-92ED-C753FC5C4BF6}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2023-09-27 07:58:15
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {A8457A60-4E4C-4452-BDB8-534B1E12BCE8}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Event[0]:

Date: 2023-10-01 18:11:17
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.397.1634.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.23080.2005
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.

Date: 2023-10-01 18:11:17
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.397.1634.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.23080.2005
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.

Date: 2023-10-01 18:11:17
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.397.1634.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.23080.2005
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.

Date: 2023-10-01 18:11:17
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.397.1634.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.23080.2005
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.

Date: 2023-10-01 18:11:17
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.397.1634.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.23080.2005
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.

CodeIntegrity:
===============
Date: 2023-03-20 08:25:58
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\ImmersiveControlPanel\SystemSettings.exe) attempted to load \Device\HarddiskVolume4\Program Files\Google\Drive File Stream\72.0.2.0\crashpad_handler.exe that did not meet the Microsoft signing level requirements.

Date: 2023-02-16 13:16:57
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\ImmersiveControlPanel\SystemSettings.exe) attempted to load \Device\HarddiskVolume4\Program Files\Google\Drive File Stream\70.0.2.0\crashpad_handler.exe that did not meet the Microsoft signing level requirements.

Date: 2023-01-30 07:44:17
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\ImmersiveControlPanel\SystemSettings.exe) attempted to load \Device\HarddiskVolume4\Program Files\Google\Drive File Stream\69.0.0.0\crashpad_handler.exe that did not meet the Microsoft signing level requirements.

Date: 2022-12-14 18:13:36
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Mozilla Firefox\firefox.exe) attempted to load \Device\HarddiskVolume4\Program Files\Mozilla Firefox\mozavcodec.dll that did not meet the Microsoft signing level requirements.

Date: 2022-12-14 18:13:36
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Mozilla Firefox\firefox.exe) attempted to load \Device\HarddiskVolume4\Program Files\Mozilla Firefox\mozavutil.dll that did not meet the Microsoft signing level requirements.


==================== Memory info ===========================

BIOS: HP N51 Ver. 01.24 04/27/2016
Motherboard: HP 802F
Processor: Intel(R) Core(TM) i7-6700 CPU @ 3.40GHz
Percentage of memory in use: 45%
Total physical RAM: 32688.59 MB
Available physical RAM: 17950.89 MB
Total Virtual: 41904.59 MB
Available Virtual: 25360.75 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:475.75 GB) (Free:35.27 GB) (Model: MTFDDAK512MBF-1AN1ZABHA) NTFS
Drive d: (Nový svazek) (Fixed) (Total:931.39 GB) (Free:145.29 GB) (Model: WDC WD10EZEX-60WN4A0) NTFS
Drive g: (Google Drive) (Fixed) (Total:200 GB) (Free:33.51 GB) (Model: MTFDDAK512MBF-1AN1ZABHA) FAT32

\\?\Volume{2d11b580-00ec-446f-8c28-fccb217c6554}\ (Obnovení) (Fixed) (Total:0.44 GB) (Free:0.43 GB) NTFS
\\?\Volume{8cece581-d353-4b03-a381-f10bd18e0060}\ () (Fixed) (Total:0.63 GB) (Free:0.08 GB) NTFS
\\?\Volume{a70e0bb1-edf6-4ce0-9565-b1fe5b665825}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 476.9 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 1 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================

[AndySue]

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 25-09-2023
Ran by admin (administrator) on DESKTOP-OLM3P1O (HP HP Z240 Tower Workstation) (05-10-2023 18:58:41)
Running from C:\Users\admin\Desktop\OSTATNÍ\VIRY.cz\FRST64.exe
Loaded Profiles: admin
Platform: Microsoft Windows 10 Pro Version 22H2 19045.3448 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Acronis, Inc -> Acronis) C:\Program Files (x86)\Acronis\DriveMonitor\adm_tray.exe
(C:\Program Files (x86)\Common Files\iMyFone\Components\Resident\LocalService.exe ->) () [File not signed] C:\Program Files (x86)\Common Files\iMyFone\Components\Resident\MFResident.exe
(C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\bin\eds-httpd.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\EasyPHP-DevServer-14.1VC11.exe ->) () [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\mysql\bin\eds-mysqld.exe
(C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\EasyPHP-DevServer-14.1VC11.exe ->) (Apache Software Foundation) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\apache\bin\eds-httpd.exe <2>
(C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe ->) (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_2\AcroCEF.exe <13>
(C:\Program Files\Google\Drive File Stream\81.0.5.0\GoogleDriveFS.exe ->) (Google LLC -> ) C:\Program Files\Google\Drive File Stream\81.0.5.0\crashpad_handler.exe
(C:\Program Files\Google\Chrome\Application\chrome.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <40>
(C:\Program Files\LibreOffice\program\soffice.exe ->) (The Document Foundation -> The Document Foundation) C:\Program Files\LibreOffice\program\soffice.bin
(C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(C:\Program Files\RealVNC\VNC Server\vncserver.exe ->) (RealVNC Ltd -> RealVNC Ltd) C:\Program Files\RealVNC\VNC Server\vncagent.exe
(C:\Program Files\RealVNC\VNC Server\vncserver.exe ->) (RealVNC Ltd -> RealVNC Ltd) C:\Program Files\RealVNC\VNC Server\vncserverui.exe
(C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS\SLDWORKS.exe ->) (Dassault Systemes SolidWorks Corp. -> Dassault Systèmes SolidWorks Corp.) C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS\sldProcMon.exe
(C:\Program Files\totalcmd\TOTALCMD64.EXE ->) (Jan Fiala -> Jan Fiala) C:\Program Files (x86)\PSPad editor\PSPad.exe
(C:\Program Files\WindowsApps\Microsoft.YourPhone_1.23082.131.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.23082.131.0_x64__8wekyb3d8bbwe\YourPhoneAppProxy.exe
(C:\Windows\SysWOW64\cmd.exe ->) (Python Software Foundation -> Python Software Foundation) C:\Users\admin\AppData\Local\Programs\Python\Python311\python.exe
(cmd.exe ->) (The PHP Group) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\binaries\php\php_runningversion\php.exe <2>
(Dassault Systemes SolidWorks Corp. -> Dassault Systèmes SolidWorks Corp.) C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS\SLDWORKS.exe
(explorer.exe ->) (Acronis, Inc -> Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(explorer.exe ->) (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe <2>
(explorer.exe ->) (Dassault Systemes SolidWorks Corp. -> Dassault Systèmes SolidWorks Corp.) C:\Program Files (x86)\Common Files\Manažer instalací SOLIDWORKS\BackgroundDownloading\sldBgDwld.exe
(explorer.exe ->) (Dassault Systemes SolidWorks Corp. -> Dassault Systèmes SolidWorks Corp.) C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS\sldworks_fs.exe
(explorer.exe ->) (EasyPHP) [File not signed] C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\EasyPHP-DevServer-14.1VC11.exe
(explorer.exe ->) (Ghisler Software GmbH -> Ghisler Software GmbH) C:\Program Files\totalcmd\TOTALCMD64.EXE
(explorer.exe ->) (Google LLC -> Google, Inc.) C:\Program Files\Google\Drive File Stream\81.0.5.0\GoogleDriveFS.exe <7>
(explorer.exe ->) (HSMWorks ApS -> HSMWorks ApS hxxp://www.hsmworks.com) C:\Program Files (x86)\Autodesk\HSMWorks Distributed CAM\distributedcam.exe
(explorer.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Pixart Imaging Inc) C:\Windows\System32\TiltWheelMouse.exe
(explorer.exe ->) (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Thunderbird\thunderbird.exe <4>
(explorer.exe ->) (Open Source Developer, Phillip Gibbons -> Highresolution Enterprises) C:\Program Files\Highresolution Enterprises\X-Mouse Button Control\XMouseButtonControl.exe
(explorer.exe ->) (Petr Laštovička) [File not signed] C:\Users\admin\Documents\INSTALL\Instalace 2016-10-23\hotkeyp\HotkeyP.exe
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.312\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.312\GoogleCrashHandler64.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(services.exe ->) (Acronis, Inc -> Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (Flexera Software LLC -> Flexera Software LLC) C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe
(services.exe ->) (GLAVSOFT, OOO -> GlavSoft LLC.) C:\Program Files\TightVNC\tvnserver.exe <2>
(services.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome Remote Desktop\116.0.5845.9\remoting_host.exe <2>
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\AppHelperCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\DiagsCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\NetworkCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\SysInfoCap.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_9949412f65718dfe\LMS.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_670360bdb5a40a0d\WMIRegistrationService.exe
(services.exe ->) (Intel Corporation -> Intel(R) Corporation) C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_45efd8a6478e15ce\lib\TPMProvisioningService.exe
(services.exe ->) (Intel Corporation -> Intel(R) Corporation) C:\Windows\SysWOW64\XtuService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\NisSrv.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvwu.inf_amd64_c034505b1fb1d43e\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvwu.inf_amd64_c034505b1fb1d43e\NVWMI\nvWmi64.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(services.exe ->) (RealVNC Ltd -> RealVNC Ltd) C:\Program Files\RealVNC\VNC Server\vncserver.exe
(services.exe ->) (Shenzhen iMyFone Technology Co., Ltd -> ) C:\Program Files (x86)\Common Files\iMyFone\Components\Resident\LocalService.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(spoolsv.exe ->) (CANON INC. -> CANON INC.) C:\Windows\System32\CNAB4RPD.EXE
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_11.2307.4.0_x64__8wekyb3d8bbwe\CalculatorApp.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\admin\AppData\Local\Microsoft\OneDrive\23.189.0910.0001\FileCoAuth.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\HelpPane.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe <7>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(The Document Foundation -> The Document Foundation) C:\Program Files\LibreOffice\program\soffice.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18391120 2019-03-04] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [MouseDriver] => C:\WINDOWS\system32\TiltWheelMouse.exe [241152 2013-04-09] (Microsoft Windows Hardware Compatibility Publisher -> Pixart Imaging Inc)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [462328 2009-10-27] (Acronis, Inc -> Acronis)
HKLM\...\Run: [XMouseButtonControl] => C:\Program Files\Highresolution Enterprises\X-Mouse Button Control\XMouseButtonControl.exe [1738088 2023-06-24] (Open Source Developer, Phillip Gibbons -> Highresolution Enterprises)
HKLM\...\Run: [tvncontrol] => C:\Program Files\TightVNC\tvnserver.exe [1826232 2023-05-02] (GLAVSOFT, OOO -> GlavSoft LLC.)
HKLM-x32\...\Run: [adm_tray.exe] => C:\Program Files (x86)\Acronis\DriveMonitor\adm_tray.exe [530768 2010-06-04] (Acronis, Inc -> Acronis)
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\81.0.5.0\GoogleDriveFS.exe [55259936 2023-09-19] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\81.0.5.0\GoogleDriveFS.exe [55259936 2023-09-19] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-567959055-877555932-3223723616-1000\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\81.0.5.0\GoogleDriveFS.exe [55259936 2023-09-19] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-567959055-877555932-3223723616-1001\...\Run: [EasyPHP] => C:\Program Files (x86)\EasyPHP-DevServer-14.1VC11\EasyPHP-DevServer-14.1VC11.exe [279552 2014-01-09] (EasyPHP) [File not signed]
HKU\S-1-5-21-567959055-877555932-3223723616-1001\...\Run: [HotkeyP] => C:\Users\admin\Documents\INSTALL\Instalace 2016-10-23\hotkeyp\HotkeyP.exe [147456 2012-11-20] (Petr Laštovička) [File not signed]
HKU\S-1-5-21-567959055-877555932-3223723616-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\81.0.5.0\GoogleDriveFS.exe [55259936 2023-09-19] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-567959055-877555932-3223723616-1001\...\Run: [HSMWorks Distributed CAM] => C:\Program Files (x86)\Autodesk\HSMWorks Distributed CAM\distributedcam.exe [488576 2012-09-30] (HSMWorks ApS -> HSMWorks ApS hxxp://www.hsmworks.com)
HKU\S-1-5-21-567959055-877555932-3223723616-1001\...\Run: [MicrosoftEdgeAutoLaunch_29EBC4579851B72EE312C449CF839B1A] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4210216 2023-09-29] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-567959055-877555932-3223723616-1001\...\RunOnce: [Application Restart #2] => C:\Program Files\Microsoft Visual Studio\2022\Community\Common7\IDE\devenv.exe [1004480 2023-02-06] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-567959055-877555932-3223723616-1001\...\MountPoints2: {bc7d3332-a0f9-11ec-b7c8-9457a5edaf40} - "E:\WD SmartWare.exe" autoplay=true
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\81.0.5.0\GoogleDriveFS.exe [55259936 2023-09-19] (Google LLC -> Google, Inc.)
HKLM\...\Windows x64\Print Processors\hpcpp160: C:\Windows\System32\spool\prtprocs\x64\hpcpp160.dll [602912 2013-12-04] (Hewlett-Packard Company -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\CNAB4 Monitor: C:\WINDOWS\system32\CNAB4LMD.DLL [58880 2012-10-10] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\HP Universal Print Monitor: C:\WINDOWS\system32\HPMPW081.DLL [74016 2013-12-04] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM\...\Print\Monitors\HPMLM135: C:\WINDOWS\system32\hpmlm135.dll [237344 2013-12-04] (Hewlett-Packard Company -> Hewlett-Packard Company)
HKLM\...\Print\Monitors\MONVNC: C:\WINDOWS\system32\VNCpm.dll [37704 2017-05-19] (RealVNC Ltd -> RealVNC Ltd)
HKLM\...\Print\Monitors\PrimoMon: C:\WINDOWS\system32\Primomonnt.dll [95008 2015-09-01] (Nitro PDF Software -> )
HKLM\...\Print\Monitors\ZDesigner Language Monitor: C:\WINDOWS\system32\zdnNLM64.dll [645760 2021-02-03] (Microsoft Windows Hardware Compatibility Publisher -> Euro Plus d.o.o.)
HKLM\...\Print\Monitors\ZDesigner Port Monitor: C:\WINDOWS\system32\zdnPMS.dll [206032 2022-08-12] (Euro Plus d.o.o. -> Euro Plus d.o.o.)
HKLM\...\Print\Monitors\ZDesigner2 Language Monitor: C:\WINDOWS\system32\ZDesignerLM.dll [961632 2021-12-24] (Zebra Technologies Corporation -> Zebra Technologies Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\117.0.5938.149\Installer\chrmstp.exe [2023-10-04] (Google LLC -> Google LLC)
Startup: C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\chrome – zástupce.lnk [2023-01-30]
ShortcutTarget: chrome – zástupce.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
Startup: C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EasyPHP-DevServer-14.1VC11.exe [2014-01-09] (EasyPHP) [File not signed]
Startup: C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LibreOffice 7.1.lnk [2023-05-15]
ShortcutTarget: LibreOffice 7.1.lnk -> C:\Program Files\LibreOffice\program\quickstart.exe (The Document Foundation -> The Document Foundation)
Startup: C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\thunderbird – zástupce.lnk [2022-10-31]
ShortcutTarget: thunderbird – zástupce.lnk -> C:\Program Files\Mozilla Thunderbird\thunderbird.exe (Mozilla Corporation -> Mozilla Corporation)
Startup: C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TOTALCMD64 – zástupce.lnk [2023-01-30]
ShortcutTarget: TOTALCMD64 – zástupce.lnk -> C:\Program Files\totalcmd\TOTALCMD64.EXE (Ghisler Software GmbH -> Ghisler Software GmbH)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Canon LBP2900 Status Window.lnk [2021-12-21]
ShortcutTarget: Canon LBP2900 Status Window.lnk -> C:\Windows\System32\spool\drivers\x64\3\CNAB4LAD.EXE (CANON INC. -> CANON INC.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SOLIDWORKS 2016 Rychlé spuštění.lnk [2021-11-15]
ShortcutTarget: SOLIDWORKS 2016 Rychlé spuštění.lnk -> C:\Windows\Installer\{768F3B65-1695-47B7-9002-B11400CB111D}\NewShortcut2_87EDF6C81D0A4B7B84F42FE0C6A9D608.exe (Flexera Software LLC) [File not signed]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SOLIDWORKS Nástroj pro stahování na pozadí.lnk [2021-11-15]
ShortcutTarget: SOLIDWORKS Nástroj pro stahování na pozadí.lnk -> C:\Program Files (x86)\Common Files\Manažer instalací SOLIDWORKS\BackgroundDownloading\sldBgDwld.exe (Dassault Systemes SolidWorks Corp. -> Dassault Systèmes SolidWorks Corp.)

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {97552992-A13A-4A7B-ACD5-D7B14794BC78} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1566200 2023-08-02] (Adobe Inc. -> Adobe Inc.)
Task: {4BDD8778-2A6F-4962-8EC7-6FF9D27659AC} - System32\Tasks\COMPANY update => C:\Users\admin\Documents\www\www.admin.loc\system\BAT\update_company_loop.bat [393 2023-07-26] () [File not signed]
Task: {6DD44390-8EA1-4D57-B3D6-CF5B7CC125A7} - System32\Tasks\GoogleUpdateTaskMachineCore{BCCDEC18-BA77-484E-8BC6-CEC8D9209833} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2022-04-01] (Google Inc -> Google Inc.)
Task: {1CD5D3D9-24C2-4E37-B143-315F7684E069} - System32\Tasks\GoogleUpdateTaskMachineUA{6BBEFD20-E2F8-4A64-BA01-B256B44C7E8D} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2022-04-01] (Google Inc -> Google Inc.)
Task: {ABEB1A4F-2159-464A-A0DC-321EC2C14041} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Update Notice => C:\Program Files (x86)\HP\HP Support Framework\Resources\BingPopup\BingPopup.exe [703536 2023-09-15] (HP Inc. -> HP Inc.)
Task: {0819FB25-04EC-445F-BE82-9A09B0964AE6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSFReport.exe [138328 2023-09-15] (HP Inc. -> HP Inc.)
Task: {59E4F7B7-CA12-45D5-8AEE-FA53C1495B62} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPPrinterLowInk => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPPrinterLowInk\HPPrinterLowInk.exe [231472 2023-09-15] (HP Inc. -> HP Inc.)
Task: {80F573B6-B8E6-4BA3-A5BB-B55745971B28} - System32\Tasks\IMAP syncro => C:\Users\admin\Documents\www\www.admin.loc\system\Python\imap_syncro.bat [111 2023-04-12] () [File not signed]
Task: {3198E568-D7A8-4373-931C-F8F46B4A289F} - System32\Tasks\MACHINES_LOG => C:\Users\admin\Documents\www\www.admin.loc\system\BAT\machines_log_loop.bat [429 2023-07-26] () [File not signed]
Task: {147C811D-E8C5-4650-8ADC-661D0FCD0C1B} - System32\Tasks\Microsoft\VisualStudio\Updates\BackgroundDownload => C:\Program Files (x86)\Microsoft Visual Studio\Installer\resources\app\ServiceHub\Services\Microsoft.VisualStudio.Setup.Service\BackgroundDownload.exe [73648 2023-02-06] (Microsoft Corporation -> Microsoft)
Task: {75EDCFD6-C063-4D79-8BF6-345F78D125AB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MpCmdRun.exe [1596304 2023-10-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {CF010DBF-B83A-48BD-8024-975037E8B311} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MpCmdRun.exe [1596304 2023-10-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5A35F2A1-909D-4D81-8EBE-991BDCAA3C05} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MpCmdRun.exe [1596304 2023-10-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5F241E56-5A9C-4EC1-B6AC-A9C03C654D85} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MpCmdRun.exe [1596304 2023-10-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {3F955AB3-23DE-4EA6-8BF1-EE07E7F4A253} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [676768 2023-10-02] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {85356A58-CBF9-48C7-897A-7C45CAEBA128} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [717728 2023-10-02] (Mozilla Corporation -> Mozilla Foundation)
Task: {311EB5D0-3570-403E-9A13-DE2B8D670493} - System32\Tasks\npcapwatchdog => C:\Program Files\Npcap\CheckStatus.bat [1145 2021-03-24] () [File not signed]
Task: {EE2C95BB-E303-4CE1-BCCC-6076C278AAD0} - System32\Tasks\nWizard_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [1554120 2022-06-13] (Nvidia Corporation -> NVIDIA Corporation)
Task: {37F185F9-2FD1-4D4E-8054-4C132D4B72D2} - System32\Tasks\Probudit PC 7.45 po-pá => C:\Users\admin\Desktop\wake.bat (No File)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.194.189
Tcpip\..\Interfaces\{8e547a01-0e70-4778-bc13-ea39ec216040}: [DhcpNameServer] 192.168.194.189
Tcpip\..\Interfaces\{b9f3719c-ace1-4167-aaa2-85c5dd728a98}: [NameServer] 192.168.11.1,8.8.8.8

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\admin\AppData\Local\Microsoft\Edge\User Data\Default [2023-10-05]
Edge Session Restore: Default -> is enabled.
Edge Extension: (Dokumenty Google offline) - C:\Users\admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-08-30]
Edge Extension: (Edge relevant text changes) - C:\Users\admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-09-14]

FireFox:
========
FF DefaultProfile: tknw74kv.default
FF ProfilePath: C:\Users\admin\AppData\Roaming\Thunderbird___nová instalace\Profiles\tknw74kv.default [not found] <==== ATTENTION
FF DefaultProfile: iQsF42px.default
FF ProfilePath: C:\Users\admin\AppData\Roaming\Thunderbird___nová instalace\Profiles\u0ntw8kz.default-release [2021-11-15]
FF ProfilePath: C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\ntpvq0ak.default-release [2023-09-26]
FF ProfilePath: C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\iQsF42px.default [2023-09-26]
FF Homepage: Mozilla\Firefox\Profiles\iQsF42px.default -> hxxp://localhost/www.admin.loc/index.php?src=b35e&refres ... document=1
FF Session Restore: Mozilla\Firefox\Profiles\iQsF42px.default -> is enabled.
FF Notifications: Mozilla\Firefox\Profiles\iQsF42px.default -> hxxps://calendar.google.com; hxxps://www.digitaltrends.com; hxxps://my.netatmo.com; hxxps://aukro.cz; hxxps://www.machineseeker.co.uk; hxxps://www.heureka.cz; hxxps://r1132100503382-eu1-3dswym.3dexperience.3ds.com; hxxps://www.machineseeker.com
FF Extension: (Avira Browser Safety) - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\iQsF42px.default\Extensions\abs@avira.com.xpi [2022-05-02]
FF Extension: (Bing Search) - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\iQsF42px.default\Extensions\bingsearch.full@microsoft.com.xpi [2016-10-23] [Legacy]
FF Extension: (Český slovník pro kontrolu pravopisu) - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\iQsF42px.default\Extensions\cs@dictionaries.addons.mozilla.org.xpi [2021-06-21]
FF Extension: (Form History Control (II)) - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\iQsF42px.default\Extensions\formhistory@yahoo.com.xpi [2019-12-30]
FF Extension: (Lazarus: Form Recovery) - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\iQsF42px.default\Extensions\lazarus@interclue.com.xpi [2016-04-28] [Legacy]
FF Extension: (Textarea Cache) - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\iQsF42px.default\Extensions\{578e7caa-210f-4967-a0d3-88fe5b59a39f}.xpi [2017-06-05] [Legacy]
FF Extension: (Manipulist 3DViewer) - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\iQsF42px.default\Extensions\{93256482-e41a-49fd-9918-7cfcfe2eec5b}.xpi [2021-03-19]
FF SearchPlugin: C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\iQsF42px.default\searchplugins\bing-.xml [2016-10-23]
FF Plugin: 3ds.com/ComposerPlayerWebPlugin_x86_64 -> C:\PROGRA~1\SOLIDW~1\SOLIDW~3\Bin\NPCOMP~1.DLL [2016-10-13] (DASSAULT SYSTEMES SA -> Dassault Systemes)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2023-09-07] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: 3ds.com/ComposerPlayerWebPlugin -> C:\PROGRA~1\SOLIDW~1\SOLIDW~3\Bin\x86\NPCOMP~1.DLL [2016-10-13] (DASSAULT SYSTEMES SA -> Dassault Systemes)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default [2023-10-05]
CHR Notifications: Default -> hxxps://calendar.google.com; hxxps://teams.microsoft.com; hxxps://www.conrad.cz
CHR Extension: (Tablet Gestures) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\adpfjochlgeifbpfnlchcdcmoaafnoim [2023-07-11]
CHR Extension: (Adblock na Youtube™) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2023-05-30]
CHR Extension: (Type-ahead-find) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpecbmjeidppdiampimghndkikcmoadk [2023-03-23]
CHR Extension: (Typio Form Recovery) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\djkbihbnjhkjahbhjaadbepppbpoedaa [2023-07-18]
CHR Extension: (Thunderbird online Mozilla email client) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\fajkohdialmlcffkdlhdnedoecahkabk [2023-04-03]
CHR Extension: (I don't care about cookies) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\fihnjjcciajhdojfnbdddfaoknhalnja [2023-09-26]
CHR Extension: (AdBlock Suite) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gekoepiplklhniacchbbgbhilidiojmb [2023-09-08]
CHR Extension: (Dokumenty Google offline) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-08-30]
CHR Extension: (RestMan) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihgpcfpkpmdcghlnaofdmjkoemnlijdi [2023-03-21]
CHR Extension: (Chrome Remote Desktop) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\inomeogfingihgjfjlpeplalcfajhgai [2022-12-15]
CHR Extension: (Spouštěč aplikací pro Disk (od Googlu)) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2023-08-15]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-12-15]
CHR Extension: (Open Email Client) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\oofmnabdpcibefadlibdpnnbglcehfpj [2023-04-03]
CHR Profile: C:\Users\admin\AppData\Local\Google\Chrome\User Data\Guest Profile [2023-08-11]
CHR Profile: C:\Users\admin\AppData\Local\Google\Chrome\User Data\Host [2023-07-31] <==== ATTENTION
CHR Extension: (Dokumenty Google offline) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Host\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-07-31]
CHR Extension: (Spouštěč aplikací pro Disk (od Googlu)) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Host\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2023-07-31]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Host\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-07-31]
CHR Profile: C:\Users\admin\AppData\Local\Google\Chrome\User Data\Osoba 1 [2023-07-31] <==== ATTENTION
CHR Extension: (Dokumenty Google offline) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Osoba 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-07-31]
CHR Extension: (Spouštěč aplikací pro Disk (od Googlu)) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Osoba 1\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2023-07-31]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Osoba 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-07-31]
CHR Profile: C:\Users\admin\AppData\Local\Google\Chrome\User Data\Osoba 2 [2023-07-31] <==== ATTENTION
CHR Extension: (Dokumenty Google offline) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Osoba 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-07-31]
CHR Extension: (Spouštěč aplikací pro Disk (od Googlu)) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Osoba 2\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2023-07-31]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Osoba 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-07-31]
CHR Profile: C:\Users\admin\AppData\Local\Google\Chrome\User Data\System Profile [2023-07-31]
CHR HKU\S-1-5-21-567959055-877555932-3223723616-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AcrSch2Svc; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [881688 2009-10-27] (Acronis, Inc -> Acronis)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-08-02] (Adobe Inc. -> Adobe Inc.)
R2 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\116.0.5845.9\remoting_host.exe [74520 2023-06-26] (Google LLC -> Google LLC)
R2 HPAppHelperCap; C:\Program Files\HP\HP Enabling Services\AppHelperCap.exe [888360 2023-09-15] (HP Inc. -> HP Inc.)
R2 HPDiagsCap; C:\Program Files\HP\HP Enabling Services\DiagsCap.exe [886824 2023-09-15] (HP Inc. -> HP Inc.)
R2 HPNetworkCap; C:\Program Files\HP\HP Enabling Services\NetworkCap.exe [883136 2023-09-15] (HP Inc. -> HP Inc.)
R2 HPSysInfoCap; C:\Program Files\HP\HP Enabling Services\SysInfoCap.exe [886824 2023-09-15] (HP Inc. -> HP Inc.)
S2 hsmworksdcs; C:\Program Files (x86)\Autodesk\HSMWorks Distributed CAM\camservices.exe [722048 2012-09-30] (HSMWorks ApS -> HSMWorks ApS hxxp://www.hsmworks.com)
R2 MFLocalService; C:\Program Files (x86)\Common Files\iMyFone\Components\Resident\LocalService.exe [54664 2022-04-28] (Shenzhen iMyFone Technology Co., Ltd -> )
S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [50688 2013-11-15] (Hewlett-Packard) [File not signed]
R2 NVWMI; C:\WINDOWS\System32\DriverStore\FileRepository\nvwu.inf_amd64_c034505b1fb1d43e\NVWMI\nvWmi64.exe [4511232 2023-03-29] (NVIDIA Corporation -> NVIDIA Corporation)
S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [66048 2013-11-15] (Hewlett-Packard) [File not signed]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [402264 2023-09-13] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 SolidWorks Licensing Service; C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [79360 2021-11-15] (SolidWorks) [File not signed]
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [16518456 2022-12-12] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R2 tvnserver; C:\Program Files\TightVNC\tvnserver.exe [1826232 2023-05-02] (GLAVSOFT, OOO -> GlavSoft LLC.)
R2 vncserver; C:\Program Files\RealVNC\VNC Server\vncserver.exe [5848656 2017-05-19] (RealVNC Ltd -> RealVNC Ltd)
S3 VSStandardCollectorService150; C:\Program Files (x86)\Microsoft Visual Studio\Shared\Common\DiagnosticsHub.Collection.Service\StandardCollector.Service.exe [142304 2022-06-01] (Microsoft Corporation -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\NisSrv.exe [3116904 2023-10-05] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MsMpEng.exe [133584 2023-10-05] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvwu.inf_amd64_c034505b1fb1d43e\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvwu.inf_amd64_c034505b1fb1d43e\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R1 googledrivefs31092; C:\WINDOWS\System32\DRIVERS\googledrivefs31092.sys [384600 2023-02-06] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
R3 MpKslfb809e10; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{3B733B95-35B1-47DE-9357-0DF37A4FEB23}\MpKslDrv.sys [263560 2023-10-05] (Microsoft Windows -> Microsoft Corporation)
R1 npcap; C:\WINDOWS\system32\DRIVERS\npcap.sys [71736 2021-08-30] (Insecure.Com LLC -> Insecure.Com LLC.)
S4 npcap_wifi; C:\WINDOWS\system32\DRIVERS\npcap.sys [71736 2021-08-30] (Insecure.Com LLC -> Insecure.Com LLC.)
R3 Ser2pl; C:\WINDOWS\system32\DRIVERS\ser2pl64.sys [92160 2008-10-27] (Microsoft Windows Hardware Compatibility Publisher -> Prolific Technology Inc.)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 t_mouse.sys; C:\WINDOWS\system32\DRIVERS\t_mouse.sys [6144 2013-04-09] (Microsoft Windows Hardware Compatibility Publisher -> )
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [55856 2023-10-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [572712 2023-10-05] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105872 2023-10-05] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-10-04 14:20 - 2023-10-04 14:20 - 000147997 _____ C:\Users\admin\Downloads\23FP165_Vyuctovani_59456691_2309.pdf
2023-10-03 21:40 - 2023-10-03 21:40 - 000000000 ____D C:\WINDOWS\LastGood
2023-10-03 16:01 - 2023-10-03 16:01 - 000006408 _____ C:\Users\admin\Desktop\TP-link 230110 conf wifi vypnut Mikrotik.bin
2023-10-03 15:04 - 2023-10-03 15:04 - 000118529 _____ C:\Users\admin\Downloads\V_Mokrinach-Filosofska.pdf
2023-10-03 13:35 - 2023-10-03 13:35 - 008237342 _____ C:\Users\admin\Downloads\chromedriver-win64.zip
2023-10-03 13:35 - 2023-10-03 13:35 - 000000000 ____D C:\Users\admin\Downloads\chromedriver-win64
2023-10-03 11:14 - 2023-10-03 11:14 - 000156144 _____ C:\Users\admin\Desktop\POLIMID A SG NATUR - TDS.pdf
2023-10-02 07:53 - 2023-10-03 09:28 - 000000000 ____D C:\Program Files\Mozilla Firefox
2023-10-02 00:47 - 2023-10-02 00:47 - 000000000 ____D C:\Users\admin\AppData\Roaming\TightVNC
2023-10-02 00:46 - 2023-10-02 00:46 - 000000000 ____D C:\ProgramData\TightVNC
2023-10-02 00:46 - 2023-10-02 00:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TightVNC
2023-10-02 00:46 - 2023-10-02 00:46 - 000000000 ____D C:\Program Files\TightVNC
2023-10-02 00:45 - 2023-10-02 00:46 - 002523136 _____ C:\Users\admin\Downloads\tightvnc-2.8.81-gpl-setup-64bit.msi
2023-10-01 19:59 - 2021-07-08 07:55 - 000274944 _____ (FTDI Ltd.) C:\WINDOWS\system32\FTLang.dll
2023-10-01 19:59 - 2021-07-08 07:55 - 000168456 _____ (FTDI Ltd.) C:\WINDOWS\system32\ftbusui.dll
2023-10-01 19:59 - 2021-07-08 07:55 - 000145192 _____ (Future Technology Devices International Ltd.) C:\WINDOWS\system32\Drivers\ftdibus.sys
2023-10-01 19:59 - 2021-07-08 07:55 - 000099296 _____ (Future Technology Devices International Ltd.) C:\WINDOWS\system32\Drivers\ftser2k.sys
2023-10-01 19:59 - 2021-07-08 07:55 - 000075272 _____ (FTDI Ltd.) C:\WINDOWS\system32\ftcserco.dll
2023-10-01 19:59 - 2021-07-08 07:55 - 000065544 _____ (FTDI Ltd.) C:\WINDOWS\system32\ftserui2.dll
2023-09-19 09:09 - 2023-09-19 09:09 - 000497793 _____ C:\Users\admin\Downloads\Vydaná faktura - 20230042.pdf
2023-09-14 12:03 - 2023-09-14 12:03 - 002606880 _____ (Malwarebytes) C:\Users\admin\Downloads\MBSetup (1).exe
2023-09-14 11:35 - 2023-09-14 11:55 - 000000000 ____D C:\rsit
2023-09-14 11:35 - 2023-09-14 11:55 - 000000000 ____D C:\Program Files\trend micro
2023-09-13 07:58 - 2023-10-01 17:13 - 000000000 ____D C:\Program Files\Mozilla Thunderbird
2023-09-13 05:01 - 2023-09-13 05:01 - 000000000 ___HD C:\$WinREAgent
2023-09-07 07:57 - 2023-09-07 07:57 - 049462417 _____ C:\Users\admin\Downloads\wetransfer_img_20230830_115945-jpg_2023-09-01_0635.zip
2023-09-06 16:43 - 2023-09-06 16:43 - 000092767 _____ C:\Users\admin\Downloads\0392023 Suchomel drevene-podlahy.org - Schody 6.9.2023 .pdf

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-10-05 18:59 - 2023-03-13 10:40 - 000000000 ____D C:\FRST
2023-10-05 18:41 - 2020-11-19 00:46 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-10-05 18:41 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-10-05 18:11 - 2021-11-15 12:22 - 000000000 ___SD C:\Users\admin\AppData\Roaming\Microsoft\Credentials
2023-10-05 18:01 - 2022-04-01 06:31 - 000000000 ____D C:\Program Files (x86)\Google
2023-10-05 18:01 - 2021-12-17 09:44 - 000000000 ____D C:\WINDOWS\SystemTemp
2023-10-05 15:03 - 2020-11-19 01:55 - 001693576 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-10-05 15:03 - 2019-12-07 16:43 - 000716874 _____ C:\WINDOWS\system32\perfh005.dat
2023-10-05 15:03 - 2019-12-07 16:43 - 000145052 _____ C:\WINDOWS\system32\perfc005.dat
2023-10-05 15:03 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2023-10-05 12:12 - 2021-11-15 16:52 - 000000000 ____D C:\Users\admin\AppData\Local\TempAdresářZálohySW
2023-10-05 06:18 - 2020-11-19 01:46 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2023-10-04 22:07 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-10-04 22:07 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-10-04 10:26 - 2021-11-15 13:31 - 000000372 _____ C:\Users\admin\Desktop\!zaslat.cz.csv
2023-10-04 07:10 - 2022-12-15 17:32 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-10-03 21:38 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-10-03 15:42 - 2023-04-26 10:14 - 000000000 ____D C:\Users\admin\Desktop\# TEMP mazat
2023-10-03 15:41 - 2021-11-15 12:37 - 000000000 ____D C:\Users\admin\AppData\Local\GHISLER
2023-10-03 15:41 - 2021-11-15 12:31 - 000000000 ____D C:\Users\admin\Documents\INSTALL
2023-10-03 09:32 - 2021-11-15 12:24 - 000000000 ___RD C:\Users\admin\OneDrive
2023-10-03 09:30 - 2022-02-14 09:19 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-10-03 09:29 - 2021-11-15 12:38 - 000000000 ____D C:\Users\admin\AppData\LocalLow\Mozilla
2023-10-03 09:28 - 2023-01-13 12:43 - 000000000 ____D C:\Program Files\TeamViewer
2023-10-03 09:28 - 2021-11-20 06:37 - 000008192 ___SH C:\DumpStack.log.tmp
2023-10-03 09:28 - 2021-11-15 12:36 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2023-10-03 09:28 - 2021-11-15 12:27 - 000000000 ____D C:\ProgramData\NVIDIA
2023-10-03 09:28 - 2020-11-19 01:46 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-10-03 09:28 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2023-10-02 11:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2023-10-02 09:39 - 2021-11-15 12:46 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2023-10-02 08:15 - 2021-12-13 10:30 - 000003584 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-567959055-877555932-3223723616-1001
2023-10-02 08:15 - 2021-11-20 06:42 - 000003376 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-567959055-877555932-3223723616-1001
2023-10-02 08:15 - 2021-11-20 06:39 - 000002377 _____ C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-10-01 18:57 - 2020-11-19 01:48 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-10-01 18:34 - 2021-11-15 13:23 - 000000000 ____D C:\Users\admin\Desktop\OSTATNÍ
2023-10-01 18:00 - 2021-11-20 06:39 - 000000000 ____D C:\Users\admin
2023-09-27 07:45 - 2021-11-29 20:48 - 000000000 ____D C:\WINDOWS\system32\Tasks\Hewlett-Packard
2023-09-26 10:24 - 2021-12-06 09:58 - 000000000 ____D C:\Program Files\HP
2023-09-26 10:23 - 2020-11-19 01:50 - 000000000 ____D C:\ProgramData\Packages
2023-09-25 17:31 - 2021-11-24 11:35 - 000000000 ____D C:\WINDOWS\Minidump
2023-09-22 16:12 - 2021-11-15 13:31 - 000000138 _____ C:\Users\admin\Desktop\!podani_online.csv
2023-09-21 08:13 - 2022-01-07 15:21 - 000000000 _____ C:\Users\admin\AppData\Local\Temptable.xml
2023-09-19 18:02 - 2022-04-01 06:32 - 000002166 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk
2023-09-19 17:56 - 2023-04-11 18:19 - 000003844 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA{6BBEFD20-E2F8-4A64-BA01-B256B44C7E8D}
2023-09-19 17:56 - 2023-04-11 18:19 - 000003720 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore{BCCDEC18-BA77-484E-8BC6-CEC8D9209833}
2023-09-15 09:49 - 2021-11-29 20:48 - 000000000 ____D C:\ProgramData\Hewlett-Packard
2023-09-14 16:40 - 2021-11-15 12:22 - 000000000 ____D C:\Users\admin\AppData\Local\Packages
2023-09-14 15:50 - 2022-04-11 10:14 - 000002382 ____H C:\Users\admin\Documents\Default.rdp
2023-09-14 15:31 - 2019-12-07 16:45 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2023-09-14 15:30 - 2021-11-15 12:36 - 000001055 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Thunderbird.lnk
2023-09-14 15:28 - 2020-11-19 00:46 - 001438448 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-09-14 15:27 - 2019-12-07 16:47 - 000000000 ___SD C:\WINDOWS\system32\AppV
2023-09-14 15:27 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2023-09-14 15:27 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2023-09-14 15:27 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2023-09-14 15:27 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-09-14 15:27 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2023-09-14 15:26 - 2019-12-07 16:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2023-09-14 15:26 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2023-09-14 15:26 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-09-14 15:26 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2023-09-14 15:26 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2023-09-14 15:26 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-09-14 12:51 - 2022-10-14 00:24 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2023-09-14 12:51 - 2021-12-03 11:50 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2023-09-13 05:08 - 2020-11-19 01:48 - 003014144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-09-13 04:55 - 2021-11-15 16:42 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-09-13 04:51 - 2021-11-15 16:42 - 177941912 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

==================== Files in the root of some directories ========

2021-11-15 12:32 - 2016-04-21 08:31 - 000234863 _____ () C:\Program Files\hotkeyp.zip
2023-04-26 09:43 - 2023-04-26 09:43 - 007296506 _____ () C:\Program Files\poppler-0.68.0_x86.7z
2022-09-30 13:57 - 2022-09-30 13:57 - 000001425 _____ () C:\Users\admin\AppData\Local\recently-used.xbel
2023-05-03 18:21 - 2023-05-03 18:21 - 000000017 _____ () C:\Users\admin\AppData\Local\resmon.resmoncfg
2022-01-07 15:21 - 2023-09-21 08:13 - 000000000 _____ () C:\Users\admin\AppData\Local\Temptable.xml

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

[Rudy]

Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
HKU\S-1-5-21-567959055-877555932-3223723616-1001\...\MountPoints2: {bc7d3332-a0f9-11ec-b7c8-9457a5edaf40} - "E:\WD SmartWare.exe" autoplay=true
Task: {6DD44390-8EA1-4D57-B3D6-CF5B7CC125A7} - System32\Tasks\GoogleUpdateTaskMachineCore{BCCDEC18-BA77-484E-8BC6-CEC8D9209833} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2022-04-01] (Google Inc -> Google Inc.)
Task: {1CD5D3D9-24C2-4E37-B143-315F7684E069} - System32\Tasks\GoogleUpdateTaskMachineUA{6BBEFD20-E2F8-4A64-BA01-B256B44C7E8D} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2022-04-01] (Google Inc -> Google Inc.)
CHR Profile: C:\Users\admin\AppData\Local\Google\Chrome\User Data\Host [2023-07-31] <==== ATTENTION
CHR Profile: C:\Users\admin\AppData\Local\Google\Chrome\User Data\Osoba 1 [2023-07-31] <==== ATTENTION
CHR Profile: C:\Users\admin\AppData\Local\Google\Chrome\User Data\Osoba 2 [2023-07-31] <==== ATTENTION
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA{6BBEFD20-E2F8-4A64-BA01-B256B44C7E8D}
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore{BCCDEC18-BA77-484E-8BC6-CEC8D9209833}
CustomCLSID: HKU\S-1-5-21-567959055-877555932-3223723616-1001_Classes\CLSID\{d1b22d3d-8585-53a6-acb3-0e803c7e8d2a}\localserver32 -> "C:\Users\admin\AppData\Local\Microsoft\Teams\current\Teams.exe" --toast => No File

EmptyTemp:
End

Uložte do C:\Users\admin\Desktop\OSTATNÍ\VIRY.cz jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

[AndySue]

Fix result of Farbar Recovery Scan Tool (x64) Version: 25-09-2023
Ran by admin (06-10-2023 08:16:00) Run:2
Running from C:\Users\admin\Desktop\OSTATNÍ\VIRY.cz
Loaded Profiles: defaultuser0 & admin
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKU\S-1-5-21-567959055-877555932-3223723616-1001\...\MountPoints2: {bc7d3332-a0f9-11ec-b7c8-9457a5edaf40} - "E:\WD SmartWare.exe" autoplay=true
Task: {6DD44390-8EA1-4D57-B3D6-CF5B7CC125A7} - System32\Tasks\GoogleUpdateTaskMachineCore{BCCDEC18-BA77-484E-8BC6-CEC8D9209833} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2022-04-01] (Google Inc -> Google Inc.)
Task: {1CD5D3D9-24C2-4E37-B143-315F7684E069} - System32\Tasks\GoogleUpdateTaskMachineUA{6BBEFD20-E2F8-4A64-BA01-B256B44C7E8D} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2022-04-01] (Google Inc -> Google Inc.)
CHR Profile: C:\Users\admin\AppData\Local\Google\Chrome\User Data\Host [2023-07-31] <==== ATTENTION
CHR Profile: C:\Users\admin\AppData\Local\Google\Chrome\User Data\Osoba 1 [2023-07-31] <==== ATTENTION
CHR Profile: C:\Users\admin\AppData\Local\Google\Chrome\User Data\Osoba 2 [2023-07-31] <==== ATTENTION
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA{6BBEFD20-E2F8-4A64-BA01-B256B44C7E8D}
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore{BCCDEC18-BA77-484E-8BC6-CEC8D9209833}
CustomCLSID: HKU\S-1-5-21-567959055-877555932-3223723616-1001_Classes\CLSID\{d1b22d3d-8585-53a6-acb3-0e803c7e8d2a}\localserver32 -> "C:\Users\admin\AppData\Local\Microsoft\Teams\current\Teams.exe" --toast => No File

EmptyTemp:
End
*****************

Processes closed successfully.
HKU\S-1-5-21-567959055-877555932-3223723616-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{bc7d3332-a0f9-11ec-b7c8-9457a5edaf40} => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{6DD44390-8EA1-4D57-B3D6-CF5B7CC125A7}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6DD44390-8EA1-4D57-B3D6-CF5B7CC125A7}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore{BCCDEC18-BA77-484E-8BC6-CEC8D9209833} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore{BCCDEC18-BA77-484E-8BC6-CEC8D9209833}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1CD5D3D9-24C2-4E37-B143-315F7684E069}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1CD5D3D9-24C2-4E37-B143-315F7684E069}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA{6BBEFD20-E2F8-4A64-BA01-B256B44C7E8D} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA{6BBEFD20-E2F8-4A64-BA01-B256B44C7E8D}" => removed successfully

"C:\Users\admin\AppData\Local\Google\Chrome\User Data\Host" folder move:

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Host => moved successfully

"C:\Users\admin\AppData\Local\Google\Chrome\User Data\Osoba 1" folder move:

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Osoba 1 => moved successfully

"C:\Users\admin\AppData\Local\Google\Chrome\User Data\Osoba 2" folder move:

C:\Users\admin\AppData\Local\Google\Chrome\User Data\Osoba 2 => moved successfully
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA{6BBEFD20-E2F8-4A64-BA01-B256B44C7E8D}" => not found
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore{BCCDEC18-BA77-484E-8BC6-CEC8D9209833}" => not found
HKU\S-1-5-21-567959055-877555932-3223723616-1001_Classes\CLSID\{d1b22d3d-8585-53a6-acb3-0e803c7e8d2a} => removed successfully

=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 234403843 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 0 B
Windows/system/drivers => 7211836 B
Edge => 0 B
Chrome => 2909532583 B
Firefox => 56476908 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 191618 B
defaultuser0 => 191618 B
admin => 3948544667 B

RecycleBin => 1620839244 B
EmptyTemp: => 8.2 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 08:29:26 ====

[Rudy]

Smazáno. Zrychlil se chod?

[AndySue]

Zatím to vypadá dobře, díky!

Krachovali mi tabulky v MySQL, tak jsem zvědav, jestli to skončí nebo to s tím nesouviselo.