-
-
Save tomasnikl/ac2915ee29c323e3863066cd92b37e68 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-02-2021 | |
| Ran by tomas (05-03-2021 10:13:38) | |
| Running from C:\Users\tomas\Downloads | |
| Windows 10 Pro Version 1909 18363.1379 (X64) (2019-06-07 12:23:09) | |
| Boot Mode: Normal | |
| ========================================================== | |
| ==================== Accounts: ============================= | |
| Administrator (S-1-5-21-434153615-1448201401-3235158447-500 - Administrator - Disabled) | |
| DefaultAccount (S-1-5-21-434153615-1448201401-3235158447-503 - Limited - Disabled) | |
| Guest (S-1-5-21-434153615-1448201401-3235158447-501 - Limited - Disabled) | |
| tomas (S-1-5-21-434153615-1448201401-3235158447-1001 - Administrator - Enabled) => C:\Users\tomas | |
| WDAGUtilityAccount (S-1-5-21-434153615-1448201401-3235158447-504 - Limited - Disabled) | |
| ==================== Security Center ======================== | |
| (If an entry is included in the fixlist, it will be removed.) | |
| AV: ESET Security (Enabled - Up to date) {89B55CC4-3881-78B2-11E2-479AE0371896} | |
| AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF} | |
| AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} | |
| FW: ESET Firewall (Enabled) {B066057A-E576-007C-D591-56C163D3B33B} | |
| FW: ESET Firewall (Enabled) {B18EDDE1-72EE-79EA-3ABD-EEAF1EE45FED} | |
| ==================== Installed Programs ====================== | |
| (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) | |
| µTorrent (HKLM-x32\...\uTorrent) (Version: 3.1.3.26837 - emc, uTorrent.CZ) | |
| Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.008.20071 - Adobe Systems Incorporated) | |
| Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 5.0.0.354 - Adobe Systems Incorporated) | |
| Affinity Designer (HKLM\...\{3E33B844-8869-4A57-940E-FF9A5A11C2FC}) (Version: 1.9.0.932 - Serif (Europe) Ltd) | |
| Affinity Photo (HKLM\...\{8A6982C7-05A7-424A-8D6B-83C6E5065A55}) (Version: 1.9.0.932 - Serif (Europe) Ltd) | |
| Aktualizace NVIDIA 36.0.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 36.0.0.0 - NVIDIA Corporation) | |
| Application Verifier x64 External Package (HKLM\...\{B27BC1FC-8474-9E32-73C2-6F7CD58AD1E3}) (Version: 10.1.17763.132 - Microsoft) Hidden | |
| Avast Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.8.1065.0 - AVAST Software) Hidden | |
| Backup and Sync from Google (HKLM\...\{00BA5D43-DC76-4DF2-A38C-5D3B8FABF5E4}) (Version: 3.54.3529.0458 - Google, Inc.) | |
| Binance 1.12.0 (HKLM\...\Binance) (Version: 1.12.0 - BinanceTech) | |
| CCleaner (HKLM\...\CCleaner) (Version: 5.76 - Piriform) | |
| CEWE FOTOLAB fotosvet (HKLM-x32\...\CEWE FOTOLAB fotosvet) (Version: 7.0.4 - CEWE Stiftung u Co. KGaA) | |
| Composer - Php Dependency Manager (HKLM-x32\...\{7315AF68-E777-496A-A6A2-4763A98ED35A}_is1) (Version: - getcomposer.org) | |
| Deluge 1.3.15 (HKLM-x32\...\Deluge) (Version: - ) | |
| Docker Desktop (HKLM\...\Docker Desktop) (Version: 3.2.0 - Docker Inc.) | |
| ElectronReact (HKLM\...\{0AC13197-25D4-4188-BDFD-6BBCBDB24576}) (Version: 1.4.0.0 - Electron React Boilerplate Maintainers) | |
| ElectronReact 1.4.0 (HKU\S-1-5-21-434153615-1448201401-3235158447-1001\...\6bbac5fa-04bd-5b9b-b752-acf42e3ab443) (Version: 1.4.0 - Electron React Boilerplate Maintainers) | |
| electron-webpack-quick-start 0.0.0 (HKU\S-1-5-21-434153615-1448201401-3235158447-1001\...\d4260e26-b407-55de-b82a-15cfe56a87e2) (Version: 0.0.0 - ) | |
| ESET Security (HKLM\...\{3B47BDC5-99BF-4F5C-A303-1F0F9DBC74F6}) (Version: 14.0.22.0 - ESET, spol. s r.o.) | |
| FileZilla Client 3.52.2 (HKLM-x32\...\FileZilla Client) (Version: 3.52.2 - Tim Kosse) | |
| Git version 2.21.0 (HKLM\...\Git_is1) (Version: 2.21.0 - The Git Development Community) | |
| GitHub Desktop (HKU\S-1-5-21-434153615-1448201401-3235158447-1001\...\GitHubDesktop) (Version: 2.5.7 - GitHub, Inc.) | |
| GnuWin32: Make-3.81 (HKLM-x32\...\Make-3.81_is1) (Version: 3.81 - GnuWin32) | |
| Google Chrome (HKLM-x32\...\Google Chrome) (Version: 88.0.4324.190 - Google LLC) | |
| GPU Temp version 1.0 (HKLM-x32\...\{8C8711FD-0FC8-4801-B33E-ED19BB0350B1}_is1) (Version: 1.0 - gputemp.com) | |
| Grand Theft Auto V (HKLM-x32\...\{5EFC6C07-6B87-43FC-9524-F9E967241741}) (Version: 1.0.1737.6 - Rockstar Games) | |
| GRAPHISOFT BIMx Desktop Viewer (HKLM\...\BIMx Viewer 22.0 GEN FULL R1 1) (Version: 2018.2.1534.0 - GRAPHISOFT SE) | |
| GRAPHISOFT License Manager Tool (HKLM\...\License Manager Tool 20.0 INT FULL R1 1) (Version: 20.0.0.4590 - GRAPHISOFT SE) | |
| Hack Fonts version 1.6.0 (HKLM\...\HackWindowsInstaller_is1) (Version: 1.6.0 - Michael Hex / Source Foundry) | |
| HP Deskjet 3520 series Nápověda (HKLM-x32\...\{D259C419-D776-4163-B27C-19722C555237}) (Version: 27.0.0 - Hewlett Packard) | |
| HP Deskjet 3520 series Setup Guide (HKLM-x32\...\{AEEDCEB7-00B8-4BE1-B492-AB04803D5F1E}) (Version: 27.0.0 - Hewlett Packard) | |
| HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP) | |
| HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard) | |
| Chaos Cloud Client (HKU\S-1-5-21-434153615-1448201401-3235158447-1001\...\Chaos Cloud Client) (Version: 1.5.0 - Chaos Software Ltd) | |
| Chaos License Server (HKLM\...\Chaos License Server) (Version: 5.2.3 - Chaos Software Ltd) | |
| iCloud Outlook (HKLM\...\{696A65CA-2720-4D0D-A255-78123E9AC856}) (Version: 11.2.0.18 - Apple Inc.) | |
| Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{3DAC4F8C-80E6-4204-8A58-747FA4CBAA03}) (Version: 16.0.246 - Intel Corporation) | |
| Intel® Optane™ Pinning Explorer Extensions (HKLM\...\{2D79E334-B178-45B9-A2A6-7A60A084C268}) (Version: 16.8.0.1000 - Intel Corporation) | |
| Java 8 Update 261 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180261F0}) (Version: 8.0.2610.12 - Oracle Corporation) | |
| JetBrains Toolbox (HKU\S-1-5-21-434153615-1448201401-3235158447-1001\...\Toolbox) (Version: 1.20.7940 - JetBrains) | |
| Kits Configuration Installer (HKLM-x32\...\{29B915AE-013F-151F-3E61-67F7363C3A09}) (Version: 10.1.17763.132 - Microsoft) Hidden | |
| Kodi (HKU\S-1-5-21-434153615-1448201401-3235158447-1001\...\Kodi) (Version: - XBMC Foundation) | |
| Logitech Options (HKLM\...\LogiOptions) (Version: 8.10.84 - Logitech) | |
| MAXtoA for 3ds Max 2018 (HKLM\...\{471069C7-09E2-4289-8EB7-852237FD867E}) (Version: 1.0.712.0 - Solid Angle) | |
| Microsoft 365 Apps pro velké organizace - cs-cz (HKLM\...\O365ProPlusRetail - cs-cz) (Version: 16.0.13628.20448 - Microsoft Corporation) | |
| Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 88.0.705.81 - Microsoft Corporation) | |
| Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.141.63 - ) | |
| Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 18.151.0729.0013 - Microsoft Corporation) | |
| Microsoft Project - cs-cz (HKLM\...\ProjectPro2019Retail - cs-cz) (Version: 16.0.13628.20448 - Microsoft Corporation) | |
| Microsoft Teams (HKU\S-1-5-21-434153615-1448201401-3235158447-1001\...\Teams) (Version: 1.4.00.2879 - Microsoft Corporation) | |
| Microsoft Update Health Tools (HKLM\...\{BAB9FCC5-1506-4B4F-BFCA-EDE0BDB86C21}) (Version: 2.75.0.0 - Microsoft Corporation) | |
| Microsoft Visio - cs-cz (HKLM\...\VisioPro2019Retail - cs-cz) (Version: 16.0.13628.20448 - Microsoft Corporation) | |
| Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) | |
| Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) | |
| Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) | |
| Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) | |
| Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) | |
| Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) | |
| Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) | |
| Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) | |
| Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) | |
| Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) | |
| Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) | |
| Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation) | |
| Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) | |
| Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation) | |
| Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29325 (HKLM-x32\...\{33628a12-6787-4b9f-95a1-92449f69fae0}) (Version: 14.28.29325.2 - Microsoft Corporation) | |
| Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29325 (HKLM-x32\...\{d7a6435f-ac9a-4af6-8fdc-ca130d13fac9}) (Version: 14.28.29325.2 - Microsoft Corporation) | |
| Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.60724 - Microsoft Corporation) | |
| Microsoft Visual Studio Code (User) (HKU\S-1-5-21-434153615-1448201401-3235158447-1001\...\{771FD6B0-FA20-440A-A002-3B3BAC16DC50}_is1) (Version: 1.53.1 - Microsoft Corporation) | |
| Microsoft Visual Studio Installer (HKLM\...\{6F320B93-EE3C-4826-85E0-ADF79F8D4C61}) (Version: 1.18.1116.1211 - Microsoft Corporation) | |
| Mockoon 1.10.0 (HKU\S-1-5-21-434153615-1448201401-3235158447-1001\...\2136f500-9fea-5551-93ba-324240934487) (Version: 1.10.0 - Guillaume Monnet) | |
| Mozilla Firefox 83.0 (x64 cs) (HKLM\...\Mozilla Firefox 83.0 (x64 cs)) (Version: 83.0 - Mozilla) | |
| Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 78.5.1 - Mozilla) | |
| Mozilla Thunderbird 78.5.1 (x86 cs) (HKLM-x32\...\Mozilla Thunderbird 78.5.1 (x86 cs)) (Version: 78.5.1 - Mozilla) | |
| MSI Development Tools (HKLM-x32\...\{6C961B30-A670-8A05-3BFE-3947E84DD4E4}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden | |
| Node.js (HKLM\...\{AAEBE38E-E418-4D3F-AE36-D6E9C87C4444}) (Version: 12.20.2 - Node.js Foundation) | |
| Notable 1.8.4 (HKU\S-1-5-21-434153615-1448201401-3235158447-1001\...\{f56bec39-737c-580b-a013-d6eaa3ef85f0}) (Version: 1.8.4 - Fabio Spampinato) | |
| NVIDIA mental ray and IRay feature plugins for 3ds Max 2018 (HKLM\...\{C76BBD60-09DB-43B3-B5B0-BF00C80B500C}) (Version: 19.0.0.0 - Autodesk) | |
| NVIDIA Ovladače grafiky 451.67 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 451.67 - NVIDIA Corporation) | |
| NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation) | |
| Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.13628.20274 - Microsoft Corporation) Hidden | |
| Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.13628.20448 - Microsoft Corporation) Hidden | |
| Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.13628.20274 - Microsoft Corporation) Hidden | |
| OnCall Tool 1.4.0 (HKU\S-1-5-21-434153615-1448201401-3235158447-1001\...\f9463696-2088-58e0-9452-77fb6243f0cf) (Version: 1.4.0 - Electron React Boilerplate Maintainers) | |
| OpenOffice 4.1.7 (HKLM-x32\...\{E3E3C1D4-6886-4EDB-9F12-335641465055}) (Version: 4.17.9800 - Apache Software Foundation) | |
| Ovládací panel NVIDIA 425.45 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 425.45 - NVIDIA Corporation) Hidden | |
| Popcorn Time (HKLM-x32\...\Popcorn Time_is1) (Version: 6.2.1.17 - Popcorn Time) <==== ATTENTION | |
| Postman-win64-7.34.0 (HKU\S-1-5-21-434153615-1448201401-3235158447-1001\...\Postman) (Version: 7.34.0 - Postman) | |
| ProtoPie (HKU\S-1-5-21-434153615-1448201401-3235158447-1001\...\{74652C8A-186D-4EF6-90E3-EC60507959A3}_is1) (Version: 4.2.1 - Studio XID, Inc.) | |
| Pulse Application Launcher (HKLM-x32\...\{ABBBE0C6-6C3E-4D28-8DCB-96D17B100B01}) (Version: 9.1.607 - Pulse Secure, LLC) | |
| Pulse Secure (HKLM\...\{9BF8BF6A-F051-42CE-A8D1-FB12C9F7ADB1}) (Version: 9.1.3143 - Pulse Secure, LLC) Hidden | |
| Pulse Secure 9.1 (HKLM-x32\...\Pulse Secure 9.1) (Version: 9.1.3143 - Pulse Secure, LLC) | |
| Pulse Secure Host Checker (HKU\S-1-5-21-434153615-1448201401-3235158447-1001\...\PulseSecure_Host_Checker) (Version: 9.1.1.1505 - Pulse Secure, LLC) | |
| Pulse Secure Network Connect 8.3 (HKLM-x32\...\Pulse Secure Network Connect 8.3) (Version: 8.3.7.65025 - Pulse Secure, LLC) | |
| Pulse Secure Network Connect 9.1 (HKLM-x32\...\Pulse Secure Network Connect 9.1) (Version: 9.1.1.1505 - Pulse Secure, LLC) | |
| Pulse Secure Setup Client (HKU\S-1-5-21-434153615-1448201401-3235158447-1001\...\Pulse_Setup_Client) (Version: 9.1.8.3143 - Pulse Secure, LLC) | |
| Pulse Secure Setup Client 64-bit Activex Control (HKLM\...\Pulse_Setup_Client Activex Control) (Version: 3.1.1.1 - Pulse Secure, LLC) | |
| Pulse Secure Setup Client Activex Control (HKLM-x32\...\Pulse_Setup_Client Activex Control) (Version: 3.1.1.1 - Pulse Secure, LLC) | |
| PuTTY release 0.73 (64-bit) (HKLM\...\{44F7642C-AB7E-4468-B028-E8D08A0CBB0E}) (Version: 0.73.0.0 - Simon Tatham) | |
| Python 3.9.1 (64-bit) (HKU\S-1-5-21-434153615-1448201401-3235158447-1001\...\{b2be55ad-3177-42aa-a6c2-53004684e4ea}) (Version: 3.9.1150.0 - Python Software Foundation) | |
| Python 3.9.1 Add to Path (64-bit) (HKLM\...\{5AD5ED9C-14D1-4CFA-B4B1-A02CE8916D9F}) (Version: 3.9.1150.0 - Python Software Foundation) Hidden | |
| Python 3.9.1 Core Interpreter (64-bit) (HKLM\...\{1C00F581-D5BF-491E-B1BB-72AA3A2250E5}) (Version: 3.9.1150.0 - Python Software Foundation) Hidden | |
| Python 3.9.1 Development Libraries (64-bit) (HKLM\...\{27AD952D-DD9D-4AAC-B486-8AA601BFA064}) (Version: 3.9.1150.0 - Python Software Foundation) Hidden | |
| Python 3.9.1 Documentation (64-bit) (HKLM\...\{5CB3AEED-BB03-47E2-BFF1-0CA58C236895}) (Version: 3.9.1150.0 - Python Software Foundation) Hidden | |
| Python 3.9.1 Executables (64-bit) (HKLM\...\{71A9F41D-A865-46D4-A650-B210150DEF2A}) (Version: 3.9.1150.0 - Python Software Foundation) Hidden | |
| Python 3.9.1 pip Bootstrap (64-bit) (HKLM\...\{EF2B9385-6453-4702-9584-21BA8288D157}) (Version: 3.9.1150.0 - Python Software Foundation) Hidden | |
| Python 3.9.1 Standard Library (64-bit) (HKLM\...\{5DD5C023-790B-4F1B-9B1B-8D1BC48F3057}) (Version: 3.9.1150.0 - Python Software Foundation) Hidden | |
| Python 3.9.1 Tcl/Tk Support (64-bit) (HKLM\...\{414B5372-24FD-4302-8090-B9CE5564A6DD}) (Version: 3.9.1150.0 - Python Software Foundation) Hidden | |
| Python 3.9.1 Test Suite (64-bit) (HKLM\...\{A7EC4DEB-8ABD-471D-BB5B-E579EBC9B043}) (Version: 3.9.1150.0 - Python Software Foundation) Hidden | |
| Python 3.9.1 Utility Scripts (64-bit) (HKLM\...\{47A9647A-A576-4751-9C37-D32EB70285A3}) (Version: 3.9.1150.0 - Python Software Foundation) Hidden | |
| Python Launcher (HKLM-x32\...\{FFC95928-6A14-4FB3-8D73-7A62382F66AC}) (Version: 3.9.7280.0 - Python Software Foundation) | |
| qBittorrent 4.2.1 (HKLM-x32\...\qBittorrent) (Version: 4.2.1 - The qBittorrent project) | |
| RabbitMQ Server 3.8.3 (HKLM-x32\...\RabbitMQ) (Version: 3.8.3 - Pivotal Software, Inc.) | |
| Reflector 3 (HKLM\...\{EC896597-0CED-439F-BD37-7E95408E2E21}) (Version: 3.2.0.0 - Squirrels) | |
| Reflector Teacher (HKLM\...\{A2DB1BCA-C6D6-4FE9-8013-886D205E3E60}) (Version: 3.2.0.0 - Squirrels) | |
| Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.15.182 - Rockstar Games) | |
| Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.4.1 - Rockstar Games) | |
| RoomSketcher (HKLM-x32\...\RoomSketcher 1.0) (Version: 1.0 - RoomSketcher) | |
| Safe Watch (HKU\S-1-5-21-434153615-1448201401-3235158447-1001\...\11b9ea7a-35e8-5cfb-8216-8caab4be266f) (Version: 1.6.24 - ) | |
| SDK ARM Additions (HKLM-x32\...\{0B5D6FB7-05A5-271B-5B99-82384219A471}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden | |
| SDK ARM Redistributables (HKLM-x32\...\{4A5F6E94-7967-A333-8231-CA9AF35E03BD}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden | |
| Sejda PDF Desktop (HKLM\...\{A8A547CC-A62E-4CB0-A290-5EC783558452}) (Version: 5.3.7 - Sejda BV) | |
| SketchUp 2019 (HKLM\...\{E16DD37C-6FBC-F51F-702E-DD6E92D6ED68}) (Version: 19.1.174.20409 - Trimble, Inc.) | |
| SketchUp 2020 (HKLM\...\{821469b9-5f38-38f7-0095-debf7639f5a4}) (Version: 20.1.229.63 - Název společnosti:) Hidden | |
| SketchUp Language Pack [cs] (HKLM\...\{ac21968a-8b5d-9f98-5867-d326c5afb5e2}) (Version: 20.1.229.63 - Název společnosti:) Hidden | |
| SketchUp Pro 2020 (HKLM-x32\...\{522800F1-9FCE-44F2-8D2E-2CEC5B25A9C2}) (Version: 20.1.229 - Trimble, Inc.) | |
| Skype Meetings App (HKLM-x32\...\{BC1D9E47-8927-4AA1-A891-7763BC2475B7}) (Version: 16.2.0.511 - Microsoft Corporation) | |
| Slack (HKU\S-1-5-21-434153615-1448201401-3235158447-1001\...\slack) (Version: 4.14.0-beta1 - Slack Technologies Inc.) | |
| SourceTree (HKU\S-1-5-21-434153615-1448201401-3235158447-1001\...\SourceTree) (Version: 3.1.3 - Atlassian) | |
| Spotify (HKU\S-1-5-21-434153615-1448201401-3235158447-1001\...\Spotify) (Version: 1.1.44.538.g8057de92 - Spotify AB) | |
| Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) | |
| Studie vylepšování produktu HP Deskjet 3520 series (HKLM\...\{B7AED02F-7D1B-4806-831B-C06841A282C4}) (Version: 28.0.1315.0 - Hewlett-Packard Co.) | |
| SU2019 Podium V2.6.041 Plus 2.6.041 (HKLM-x32\...\{F79F91FD-C2D3-4B26-87E2-AF54D6510753}_is1) (Version: 2.6.041 - Cadalog Inc.) | |
| Sublime Text 3 (HKLM\...\Sublime Text 3_is1) (Version: - Sublime HQ Pty Ltd) | |
| Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.3.0.21759 - Microsoft Corporation) | |
| Thunderbolt™ Software (HKLM-x32\...\{30F0067F-DD79-431B-BA5F-6CB4897785A5}) (Version: 17.4.79.510 - Intel Corporation) | |
| Universal CRT Extension SDK (HKLM-x32\...\{7D225043-6CC5-7B56-11DD-AFF90E4C1C0C}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden | |
| Universal CRT Headers Libraries and Sources (HKLM-x32\...\{CB19DBA2-C210-5646-9522-695A1317CD34}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden | |
| Universal CRT Redistributable (HKLM-x32\...\{0460C87B-7F4C-3170-FAC9-B7A6AE5CE4E9}) (Version: 10.0.26624 - Microsoft Corporation) Hidden | |
| Universal CRT Redistributable (HKLM-x32\...\{5F577A45-3C65-352B-061D-D6A57F05402C}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden | |
| Universal CRT Tools x64 (HKLM\...\{3B588BBE-EB02-D1B2-5CD5-7DB85AD8A3E7}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden | |
| Universal CRT Tools x86 (HKLM-x32\...\{D2DC1EDF-EE04-9B5F-BDD7-06645D859EC3}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden | |
| Universal General MIDI DLS Extension SDK (HKLM-x32\...\{CE83D0BD-418A-F3D1-D6CE-687E96D1EBD0}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden | |
| Uplay (HKLM-x32\...\Uplay) (Version: 91.0 - Ubisoft) | |
| USB Multi-Channel Audio Device (HKLM-x32\...\{71B53BA8-4BE3-49AF-BC3E-07F392006206}) (Version: 1.09 - C-Media Electronics, Inc.) | |
| vcpp_crt.redist.clickonce (HKLM-x32\...\{82977EE1-FA8E-422D-80B9-EBF509B0ABD3}) (Version: 14.16.27033 - Microsoft Corporation) Hidden | |
| VIP Access (HKLM-x32\...\{58594A65-ACD7-41A2-B6ED-2597777F2850}) (Version: 2.2.4.44 - Symantec Corporation) | |
| Visual Studio Build Tools 2017 (HKLM-x32\...\d97e27ad) (Version: 15.9.28307.1401 - Microsoft Corporation) | |
| VLC media player (HKLM\...\VLC media player) (Version: 3.0.11 - VideoLAN) | |
| V-Ray for SketchUp (HKLM\...\V-Ray for SketchUp) (Version: 4.10.01 - Chaos Software Ltd) | |
| V-Ray Swarm (HKLM\...\V-Ray Swarm) (Version: 1.4.3 - Chaos Software Ltd) | |
| vs_FileTracker_Singleton (HKLM-x32\...\{A41E138F-5A3F-443C-B72D-957AB994FB5A}) (Version: 15.9.28128 - Microsoft Corporation) Hidden | |
| WhatsApp (HKU\S-1-5-21-434153615-1448201401-3235158447-1001\...\WhatsApp) (Version: 2.2106.10 - WhatsApp) | |
| WinAppDeploy (HKLM-x32\...\{716AE8F2-1BE3-7657-DF6B-F23DEEC75AF9}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden | |
| Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation) | |
| Windows SDK AddOn (HKLM-x32\...\{1E76DFA7-96F3-4281-8E41-8A226C3E42EE}) (Version: 10.1.0.0 - Microsoft Corporation) | |
| Windows Software Development Kit - Windows 10.0.17763.132 (HKLM-x32\...\{5fe95b9d-9219-4d8b-a031-71323ae48a81}) (Version: 10.1.17763.132 - Microsoft Corporation) | |
| Windows Subsystem for Linux Update (HKLM\...\{18E72D39-392C-419D-9B86-C4C633B4CED9}) (Version: 4.19.128 - Microsoft Corporation) | |
| WinRAR (HKLM-x32\...\WinRAR) (Version: v.6.0 Beta1 64bit CZ - 22.10.2020 - libbi ) | |
| WinRT Intellisense Desktop - en-us (HKLM-x32\...\{00B12DF9-5428-9406-DE2C-8E8A1A062B05}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden | |
| WinRT Intellisense Desktop - Other Languages (HKLM-x32\...\{E82A4A6C-C21C-35FE-B805-3E44318F6D63}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden | |
| WinRT Intellisense IoT - en-us (HKLM-x32\...\{7E898893-9C42-A572-7F57-FDE55CE812F7}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden | |
| WinRT Intellisense IoT - Other Languages (HKLM-x32\...\{E8B1CB29-5C24-D882-3CEF-F8A7263BC63D}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden | |
| WinRT Intellisense Mobile - en-us (HKLM-x32\...\{F6F11150-93DE-0507-FCA0-F746E0207017}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden | |
| WinRT Intellisense PPI - en-us (HKLM-x32\...\{8329C3A0-8582-D1C2-67FF-800654BFDF45}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden | |
| WinRT Intellisense PPI - Other Languages (HKLM-x32\...\{771C9DEF-7C0B-85DA-6426-7A20F06BEC94}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden | |
| WinRT Intellisense UAP - en-us (HKLM-x32\...\{B047C746-63E8-41C7-A5C0-7ABD390CF3E6}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden | |
| WinRT Intellisense UAP - Other Languages (HKLM-x32\...\{0063AF94-397B-9C64-1C71-D404B27C5D96}) (Version: 10.1.17763.132 - Microsoft Corporation) Hidden | |
| Wondershare Helper Compact 2.6.0 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.6.0 - Wondershare) | |
| XAMPP (HKLM\...\xampp) (Version: 7.4.2-0 - Bitnami) | |
| Yarn (HKLM-x32\...\{A2B44B24-D344-4EEF-BB2D-BB80A16CDA61}) (Version: 1.16.0 - Yarn Contributors) | |
| Základní software zařízení HP Deskjet 3520 series (HKLM\...\{7EBD8BA7-DF64-4BF9-9BC1-B0D53984FC6E}) (Version: 28.0.1315.0 - Hewlett-Packard Co.) | |
| Zoom (HKU\S-1-5-21-434153615-1448201401-3235158447-1001\...\ZoomUMX) (Version: 5.0 - Zoom Video Communications, Inc.) | |
| Packages: | |
| ========= | |
| Adobe Notification Client -> C:\Program Files\WindowsApps\AdobeNotificationClient_1.0.1.22_x86__enpm4xejd91yc [2019-07-18] (Adobe Systems Incorporated) | |
| HP DesignJet Print Experience -> C:\Program Files\WindowsApps\AD2F1837.HPDesignjetExperience_1.0.0.12_neutral__v10z8vjag6ke6 [2019-07-20] (HP Inc.) | |
| iCloud -> C:\Program Files\WindowsApps\AppleInc.iCloud_12.2.10.0_x86__nzyj5cx40ttqa [2021-02-22] (Apple Inc.) [Startup Task] | |
| iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa [2020-12-13] (Apple Inc.) [Startup Task] | |
| Killer Control Center -> C:\Program Files\WindowsApps\RivetNetworks.KillerControlCenter_1.6.1858.0_x64__rh07ty8m5nkag [2019-06-10] (Rivet Networks LLC) | |
| KONICA MINOLTA Print Experience -> C:\Program Files\WindowsApps\KONICAMINOLTAINC.KONICAMINOLTAPrintExperience_1.4.1.0_neutral__s63fsn2sety0r [2020-10-29] (KONICA MINOLTA INC) | |
| Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-06-11] (Microsoft Corporation) [MS Ad] | |
| Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-06-11] (Microsoft Corporation) [MS Ad] | |
| Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.1252.0_x64__8wekyb3d8bbwe [2021-01-29] (Microsoft Studios) [MS Ad] | |
| Microsoft To Do -> C:\Program Files\WindowsApps\Microsoft.Todos_2.38.4482.0_x64__8wekyb3d8bbwe [2021-02-20] (Microsoft Corporation) [Startup Task] | |
| NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.960.0_x64__56jybvy8sckqj [2021-01-21] (NVIDIA Corp.) | |
| Ovládací centrum grafiky Intel® -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3282.0_x64__8j3eq9eme6ctt [2021-01-02] (INTEL CORP) [Startup Task] | |
| Simple Video Trim & Merge -> C:\Program Files\WindowsApps\35745bSoftStudio.SimpleVideoTrimMerge_1.1.1.0_x64__376dcxkkpqbxy [2019-11-11] (bSoft Studio) [MS Ad] | |
| Simplenote -> C:\Program Files\WindowsApps\22490Automattic.Simplenote_2.5.0.0_x64__9h07f78gwnchp [2021-02-07] (Automattic, Inc.) | |
| ==================== Custom CLSID (Whitelisted): ============== | |
| (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) | |
| CustomCLSID: HKU\S-1-5-21-434153615-1448201401-3235158447-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-8A525D2769D8} -> [Creative Cloud Files] => C:\Users\tomas\Creative Cloud Files [2019-06-27 11:38] | |
| CustomCLSID: HKU\S-1-5-21-434153615-1448201401-3235158447-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\tomas\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20289.5\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation) | |
| CustomCLSID: HKU\S-1-5-21-434153615-1448201401-3235158447-1001_Classes\CLSID\{3E3AD4BD-346A-460A-80E8-90699B75C00B}\InprocServer32 -> C:\Users\tomas\AppData\Local\Microsoft\SkypeForBusinessPlugin\16.2.0.511\GatewayActiveX-x64.dll (Microsoft Corporation -> Microsoft Corporation) | |
| CustomCLSID: HKU\S-1-5-21-434153615-1448201401-3235158447-1001_Classes\CLSID\{6BE99E87-B6FB-4CC3-AE69-DFCF33303D55} -> [Tiskové exporty z Money S3] => C:\Users\Public\Documents\Solitea\Money S3\PRINT\0 | |
| CustomCLSID: HKU\S-1-5-21-434153615-1448201401-3235158447-1001_Classes\CLSID\{75f92b33-bbaa-b4b4-04ac-a7c07959e5a66}\InprocServer32 -> 0xE83A585D3C95D501BC4056387FCCD601080000000C00000000000000 => No File | |
| CustomCLSID: HKU\S-1-5-21-434153615-1448201401-3235158447-1001_Classes\CLSID\{9486aaf1-0930-362a-962d-8e6908739c817}\InprocServer32 -> 0x6CCE29F3FD93D50187CB55387FCCD6010A0000001000000000000000 => No File | |
| CustomCLSID: HKU\S-1-5-21-434153615-1448201401-3235158447-1001_Classes\CLSID\{a9872fee-5a55-4ecb-9b0f-b06fedcf14d1}\localserver32 -> C:\Windows\System32\DriverStore\FileRepository\wavesapo.inf_amd64_043a570d84e7e965\MaxxAudioPro.exe (Waves Inc -> Waves Audio Ltd) | |
| CustomCLSID: HKU\S-1-5-21-434153615-1448201401-3235158447-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems) | |
| ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => -> No File | |
| ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => -> No File | |
| ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => -> No File | |
| ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2021-01-20] (Google LLC -> Google) | |
| ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2021-01-20] (Google LLC -> Google) | |
| ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2021-01-20] (Google LLC -> Google) | |
| ShellIconOverlayIdentifiers: [ OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2018-12-03] () [File not signed] [File is in use] | |
| ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File | |
| ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File | |
| ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File | |
| ContextMenuHandlers1: [AccExt] -> [CC]{2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => -> No File | |
| ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File | |
| ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File | |
| ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2020-10-26] (ESET, spol. s r.o. -> ESET) | |
| ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2021-01-20] (Google LLC -> Google) | |
| ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-10-22] (win.rar GmbH -> Alexander Roshal) | |
| ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-10-22] (win.rar GmbH -> Alexander Roshal) | |
| ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2020-10-26] (ESET, spol. s r.o. -> ESET) | |
| ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2018-12-03] () [File not signed] [File is in use] | |
| ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File | |
| ContextMenuHandlers4: [ FileSyncEx] -> [CC]{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File | |
| ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File | |
| ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2021-01-20] (Google LLC -> Google) | |
| ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\System32\DriverStore\FileRepository\nvdm.inf_amd64_f49f57063392e9ac\nvshext.dll [2020-09-07] (NVIDIA Corporation -> NVIDIA Corporation) | |
| ContextMenuHandlers6: [AccExt] -> [CC]{2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => -> No File | |
| ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File | |
| ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2020-10-26] (ESET, spol. s r.o. -> ESET) | |
| ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-10-22] (win.rar GmbH -> Alexander Roshal) | |
| ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-10-22] (win.rar GmbH -> Alexander Roshal) | |
| ContextMenuHandlers1_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File | |
| ContextMenuHandlers4_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File | |
| ContextMenuHandlers5_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File | |
| ==================== Codecs (Whitelisted) ==================== | |
| ==================== Shortcuts & WMI ======================== | |
| (The entries could be listed to be restored or removed.) | |
| ShortcutWithArgument: C:\Users\tomas\Desktop\Messages.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=hpfldicfbfomlpcikngkocigghgafkph | |
| ShortcutWithArgument: C:\Users\tomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Bitford.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=agjcpjkkccmhfopfciohkkfolnjbbdoh | |
| ShortcutWithArgument: C:\Users\tomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\BrowserStack Local.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=mfiddfehmfdojjfdpfngagldgaaafcfo | |
| ShortcutWithArgument: C:\Users\tomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Messages.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=hpfldicfbfomlpcikngkocigghgafkph | |
| ShortcutWithArgument: C:\Users\tomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Videostream for Google Chromecast™.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=cnciopoikihiagdjbjpnocolokfelagl | |
| ShortcutWithArgument: C:\Users\tomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Xdebug.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=nhodjblplijafdpjjfhhanfmchplpfgl | |
| ShortcutWithArgument: C:\Users\tomas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d249d9ddd424b688\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default | |
| ShortcutWithArgument: C:\Users\tomas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\99d7c7ec39e71496\Postman.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=fhbjgbiflinjbdggehcddcbncdddomop | |
| ==================== Loaded Modules (Whitelisted) ============= | |
| 2019-12-02 19:16 - 2019-12-02 19:16 - 000174592 _____ () [File not signed] \\?\C:\Program Files\Chaos Group\V-Ray\Swarm 1.4\node_modules\ffi\build\Release\ffi_bindings.node | |
| 2019-12-02 19:16 - 2019-12-02 19:16 - 000163328 _____ () [File not signed] \\?\C:\Program Files\Chaos Group\V-Ray\Swarm 1.4\node_modules\ref\build\Release\binding.node | |
| 2019-12-02 19:16 - 2019-12-02 19:16 - 000204800 _____ () [File not signed] \\?\C:\Program Files\Chaos Group\V-Ray\Swarm 1.4\node_modules\v8-profiler\build\profiler\v5.6.5\node-v48-win32-x64\profiler.node | |
| 2020-11-09 11:26 - 2020-01-21 21:02 - 002128896 _____ () [File not signed] C:\Users\tomas\AppData\Local\Programs\notable\ffmpeg.dll | |
| 2020-11-09 11:26 - 2020-01-21 21:02 - 000141824 _____ () [File not signed] C:\Users\tomas\AppData\Local\Programs\notable\libegl.dll | |
| 2020-11-09 11:26 - 2020-01-21 21:02 - 007731200 _____ () [File not signed] C:\Users\tomas\AppData\Local\Programs\notable\libglesv2.dll | |
| 2021-03-04 14:51 - 2021-03-04 14:51 - 000114176 _____ () [File not signed] C:\Users\tomas\AppData\Local\Temp\_MEI144482\_ctypes.pyd | |
| 2021-03-04 14:51 - 2021-03-04 14:51 - 000172544 _____ () [File not signed] C:\Users\tomas\AppData\Local\Temp\_MEI144482\_elementtree.pyd | |
| 2021-03-04 14:51 - 2021-03-04 14:51 - 002255872 _____ () [File not signed] C:\Users\tomas\AppData\Local\Temp\_MEI144482\_hashlib.pyd | |
| 2021-03-04 14:51 - 2021-03-04 14:51 - 000032256 _____ () [File not signed] C:\Users\tomas\AppData\Local\Temp\_MEI144482\_multiprocessing.pyd | |
| 2021-03-04 14:51 - 2021-03-04 14:51 - 000046080 _____ () [File not signed] C:\Users\tomas\AppData\Local\Temp\_MEI144482\_psutil_windows.pyd | |
| 2021-03-04 14:51 - 2021-03-04 14:51 - 000047616 _____ () [File not signed] C:\Users\tomas\AppData\Local\Temp\_MEI144482\_socket.pyd | |
| 2021-03-04 14:51 - 2021-03-04 14:51 - 002824704 _____ () [File not signed] C:\Users\tomas\AppData\Local\Temp\_MEI144482\_ssl.pyd | |
| 2021-03-04 14:51 - 2021-03-04 14:51 - 000026112 _____ () [File not signed] C:\Users\tomas\AppData\Local\Temp\_MEI144482\_yappi.pyd | |
| 2021-03-04 14:51 - 2021-03-04 14:51 - 000080896 _____ () [File not signed] C:\Users\tomas\AppData\Local\Temp\_MEI144482\bz2.pyd | |
| 2021-03-04 14:51 - 2021-03-04 14:51 - 000015872 _____ () [File not signed] C:\Users\tomas\AppData\Local\Temp\_MEI144482\common.time34.pyd | |
| 2021-03-04 14:51 - 2021-03-04 14:51 - 000007680 _____ () [File not signed] C:\Users\tomas\AppData\Local\Temp\_MEI144482\hashobjs_ext.pyd | |
| 2021-03-04 14:51 - 2021-03-04 14:51 - 000301568 _____ () [File not signed] C:\Users\tomas\AppData\Local\Temp\_MEI144482\PIL._imaging.pyd | |
| 2021-03-04 14:51 - 2021-03-04 14:51 - 000168448 _____ () [File not signed] C:\Users\tomas\AppData\Local\Temp\_MEI144482\pyexpat.pyd | |
| 2021-03-04 14:51 - 2021-03-04 14:51 - 001084416 _____ () [File not signed] C:\Users\tomas\AppData\Local\Temp\_MEI144482\pysqlite2._sqlite.pyd | |
| 2021-03-04 14:51 - 2021-03-04 14:51 - 000548864 _____ () [File not signed] C:\Users\tomas\AppData\Local\Temp\_MEI144482\pythoncom27.dll | |
| 2021-03-04 14:51 - 2021-03-04 14:51 - 000137728 _____ () [File not signed] C:\Users\tomas\AppData\Local\Temp\_MEI144482\pywintypes27.dll | |
| 2021-03-04 14:51 - 2021-03-04 14:51 - 000010752 _____ () [File not signed] C:\Users\tomas\AppData\Local\Temp\_MEI144482\select.pyd | |
| 2021-03-04 14:51 - 2021-03-04 14:51 - 000020992 _____ () [File not signed] C:\Users\tomas\AppData\Local\Temp\_MEI144482\thumbnails_ext.pyd | |
| 2021-03-04 14:51 - 2021-03-04 14:51 - 000689664 _____ () [File not signed] C:\Users\tomas\AppData\Local\Temp\_MEI144482\unicodedata.pyd | |
| 2021-03-04 14:51 - 2021-03-04 14:51 - 000119808 _____ () [File not signed] C:\Users\tomas\AppData\Local\Temp\_MEI144482\usb_ext.pyd | |
| 2021-03-04 14:51 - 2021-03-04 14:51 - 000128512 _____ () [File not signed] C:\Users\tomas\AppData\Local\Temp\_MEI144482\win32api.pyd | |
| 2021-03-04 14:51 - 2021-03-04 14:51 - 000438784 _____ () [File not signed] C:\Users\tomas\AppData\Local\Temp\_MEI144482\win32com.shell.shell.pyd | |
| 2021-03-04 14:51 - 2021-03-04 14:51 - 000011776 _____ () [File not signed] C:\Users\tomas\AppData\Local\Temp\_MEI144482\win32crypt.pyd | |
| 2021-03-04 14:51 - 2021-03-04 14:51 - 000023040 _____ () [File not signed] C:\Users\tomas\AppData\Local\Temp\_MEI144482\win32event.pyd | |
| 2021-03-04 14:51 - 2021-03-04 14:51 - 000149504 _____ () [File not signed] C:\Users\tomas\AppData\Local\Temp\_MEI144482\win32file.pyd | |
| 2021-03-04 14:51 - 2021-03-04 14:51 - 000223232 _____ () [File not signed] C:\Users\tomas\AppData\Local\Temp\_MEI144482\win32gui.pyd | |
| 2021-03-04 14:51 - 2021-03-04 14:51 - 000048128 _____ () [File not signed] C:\Users\tomas\AppData\Local\Temp\_MEI144482\win32inet.pyd | |
| 2021-03-04 14:51 - 2021-03-04 14:51 - 000029696 _____ () [File not signed] C:\Users\tomas\AppData\Local\Temp\_MEI144482\win32pdh.pyd | |
| 2021-03-04 14:51 - 2021-03-04 14:51 - 000027648 _____ () [File not signed] C:\Users\tomas\AppData\Local\Temp\_MEI144482\win32pipe.pyd | |
| 2021-03-04 14:51 - 2021-03-04 14:51 - 000044032 _____ () [File not signed] C:\Users\tomas\AppData\Local\Temp\_MEI144482\win32process.pyd | |
| 2021-03-04 14:51 - 2021-03-04 14:51 - 000020480 _____ () [File not signed] C:\Users\tomas\AppData\Local\Temp\_MEI144482\win32profile.pyd | |
| 2021-03-04 14:51 - 2021-03-04 14:51 - 000136192 _____ () [File not signed] C:\Users\tomas\AppData\Local\Temp\_MEI144482\win32security.pyd | |
| 2021-03-04 14:51 - 2021-03-04 14:51 - 000026624 _____ () [File not signed] C:\Users\tomas\AppData\Local\Temp\_MEI144482\win32ts.pyd | |
| 2021-03-04 14:52 - 2021-03-04 14:52 - 000034304 _____ () [File not signed] C:\Users\tomas\AppData\Local\Temp\_MEI144482\windows.conditional.pyd | |
| 2021-03-04 14:52 - 2021-03-04 14:52 - 000037888 _____ () [File not signed] C:\Users\tomas\AppData\Local\Temp\_MEI144482\windows.connectivity.pyd | |
| 2021-03-04 14:52 - 2021-03-04 14:52 - 000071680 _____ () [File not signed] C:\Users\tomas\AppData\Local\Temp\_MEI144482\windows.device_monitor.pyd | |
| 2021-03-04 14:52 - 2021-03-04 14:52 - 000103936 _____ () [File not signed] C:\Users\tomas\AppData\Local\Temp\_MEI144482\windows.volumes.pyd | |
| 2021-03-04 14:52 - 2021-03-04 14:52 - 000019968 _____ () [File not signed] C:\Users\tomas\AppData\Local\Temp\_MEI144482\windows.winwrap.pyd | |
| 2021-03-04 14:52 - 2021-03-04 14:52 - 001325056 _____ () [File not signed] C:\Users\tomas\AppData\Local\Temp\_MEI144482\wx._controls_.pyd | |
| 2021-03-04 14:52 - 2021-03-04 14:52 - 001489408 _____ () [File not signed] C:\Users\tomas\AppData\Local\Temp\_MEI144482\wx._core_.pyd | |
| 2021-03-04 14:52 - 2021-03-04 14:52 - 001007104 _____ () [File not signed] C:\Users\tomas\AppData\Local\Temp\_MEI144482\wx._gdi_.pyd | |
| 2021-03-04 14:52 - 2021-03-04 14:52 - 000103424 _____ () [File not signed] C:\Users\tomas\AppData\Local\Temp\_MEI144482\wx._html2.pyd | |
| 2021-03-04 14:52 - 2021-03-04 14:52 - 000916992 _____ () [File not signed] C:\Users\tomas\AppData\Local\Temp\_MEI144482\wx._misc_.pyd | |
| 2021-03-04 14:52 - 2021-03-04 14:52 - 001039872 _____ () [File not signed] C:\Users\tomas\AppData\Local\Temp\_MEI144482\wx._windows_.pyd | |
| 2021-03-04 14:52 - 2021-03-04 14:52 - 001179648 ____N () [File not signed] C:\Users\tomas\AppData\Local\Temp\jna-110543108\jna4127576578250107614.dll | |
| 2019-11-14 09:37 - 2019-11-14 09:37 - 001212232 _____ (Atlassian Pty Ltd -> ) [File not signed] C:\Users\tomas\AppData\Local\SourceTree\app-3.3.4\lib\win32\x64\git2-7ce88e6.dll | |
| 2018-12-03 21:19 - 2018-12-03 21:19 - 000126976 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\OptaneShellExtensions\iaStorAfsServiceApi.dll | |
| 2021-03-04 14:52 - 2021-03-04 14:52 - 000246784 ____N (Java(TM) Native Access (JNA)) [File not signed] C:\Users\tomas\AppData\Local\Temp\jna-110543108\jna14946938552557956587.dll | |
| 2021-03-04 14:51 - 2021-03-04 14:51 - 003043328 _____ (Python Software Foundation) [File not signed] C:\Users\tomas\AppData\Local\Temp\_MEI144482\python27.dll | |
| 2020-12-08 15:33 - 2020-12-08 15:33 - 003409920 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Program Files\mosquitto\libcrypto-1_1-x64.dll | |
| 2020-12-08 15:33 - 2020-12-08 15:33 - 000682496 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Program Files\mosquitto\libssl-1_1-x64.dll | |
| 2021-03-04 14:52 - 2021-03-04 14:52 - 000202240 _____ (wxWidgets development team) [File not signed] C:\Users\tomas\AppData\Local\Temp\_MEI144482\wxbase30u_net_vc90_x64.dll | |
| 2021-03-04 14:52 - 2021-03-04 14:52 - 002831872 _____ (wxWidgets development team) [File not signed] C:\Users\tomas\AppData\Local\Temp\_MEI144482\wxbase30u_vc90_x64.dll | |
| 2021-03-04 14:52 - 2021-03-04 14:52 - 001654784 _____ (wxWidgets development team) [File not signed] C:\Users\tomas\AppData\Local\Temp\_MEI144482\wxmsw30u_adv_vc90_x64.dll | |
| 2021-03-04 14:52 - 2021-03-04 14:52 - 006542336 _____ (wxWidgets development team) [File not signed] C:\Users\tomas\AppData\Local\Temp\_MEI144482\wxmsw30u_core_vc90_x64.dll | |
| 2021-03-04 14:52 - 2021-03-04 14:52 - 000773632 _____ (wxWidgets development team) [File not signed] C:\Users\tomas\AppData\Local\Temp\_MEI144482\wxmsw30u_html_vc90_x64.dll | |
| 2021-03-04 14:52 - 2021-03-04 14:52 - 000137216 _____ (wxWidgets development team) [File not signed] C:\Users\tomas\AppData\Local\Temp\_MEI144482\wxmsw30u_webview_vc90_x64.dll | |
| ==================== Alternate Data Streams (Whitelisted) ======== | |
| (If an entry is included in the fixlist, only the ADS will be removed.) | |
| AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`20hfm [0] | |
| AlternateDataStreams: C:\Users\tomas\AppData\Local\Temp:com.affinity.designer.2 [366] | |
| AlternateDataStreams: C:\Users\tomas\AppData\Local\Temp:com.affinity.photo.2 [320] | |
| ==================== Safe Mode (Whitelisted) ================== | |
| ==================== Association (Whitelisted) ================= | |
| ==================== Internet Explorer (Whitelisted) ========== | |
| HKU\S-1-5-21-434153615-1448201401-3235158447-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://sslgw.vodafone.cz/ext | |
| BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2021-02-03] (Microsoft Corporation -> Microsoft Corporation) | |
| BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-02-03] (Microsoft Corporation -> Microsoft Corporation) | |
| BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_261\bin\ssv.dll [2020-07-31] (Oracle America, Inc. -> Oracle Corporation) | |
| BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_261\bin\jp2ssv.dll [2020-07-31] (Oracle America, Inc. -> Oracle Corporation) | |
| DPF: HKLM {583C990C-2D38-410c-9A4A-0932D66A754F} hxxps://pulsesecure.net/dana-cached/sc/PulseSetupClient64.cab | |
| DPF: HKLM-x32 {8E375A63-C616-46F1-AC77-59DF78F3A826} hxxps://pulsesecure.net/dana-cached/sc/PulseSetupClient.cab | |
| Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-02-03] (Microsoft Corporation -> Microsoft Corporation) | |
| Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-02-03] (Microsoft Corporation -> Microsoft Corporation) | |
| Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-02-03] (Microsoft Corporation -> Microsoft Corporation) | |
| Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-02-03] (Microsoft Corporation -> Microsoft Corporation) | |
| Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-02-03] (Microsoft Corporation -> Microsoft Corporation) | |
| Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-02-03] (Microsoft Corporation -> Microsoft Corporation) | |
| Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-02-03] (Microsoft Corporation -> Microsoft Corporation) | |
| Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-02-03] (Microsoft Corporation -> Microsoft Corporation) | |
| (If an entry is included in the fixlist, it will be removed from the registry.) | |
| IE trusted site: HKU\S-1-5-21-434153615-1448201401-3235158447-1001\...\sharepoint.com -> hxxps://vodafone-files.sharepoint.com | |
| ==================== Hosts content: ========================= | |
| (If needed Hosts: directive could be included in the fixlist to reset Hosts.) | |
| 2021-03-02 19:54 - 2021-03-04 15:42 - 000000466 _____ C:\Windows\system32\drivers\etc\hosts | |
| 127.0.0.1 vodafone.local | |
| 127.0.0.1 blazena.vodafone.local | |
| 127.0.0.1 wscadmin.vodafone.local | |
| 127.0.0.1 mcare-gateway.vodafone.local | |
| 127.0.0.1 branded-resellers.vodafone.local | |
| 127.0.0.1 starena.vodafone.local | |
| 192.168.0.249 host.docker.internal | |
| 192.168.0.249 gateway.docker.internal | |
| 127.0.0.1 kubernetes.docker.internal | |
| 2020-09-08 13:36 - 2021-03-05 09:52 - 000000448 _____ C:\Windows\system32\drivers\etc\hosts.ics | |
| 192.168.254.145 DESKTOP-CFUMU4V.mshome.net # 2026 3 3 4 8 52 2 317 | |
| ==================== Other Areas =========================== | |
| (Currently there is no automatic fix for this section.) | |
| HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Python39\Scripts\;C:\Python39\;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%INTEL_DEV_REDIST%redist\intel64_win\compiler;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files\Git\cmd;C:\Program Files (x86)\Yarn\bin\;C:\xampp\php;C:\ProgramData\ComposerSetup\bin;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Common Files\Autodesk Shared\;C:\Program Files\PuTTY\;C:\Program Files (x86)\Pulse Secure\VC142.CRT\X64\;C:\Program Files (x86)\Pulse Secure\VC142.CRT\X86\;C:\Program Files (x86)\Symantec\VIP Access Client\;C:\ProgramData\chocolatey\bin;C:\Program Files\nodejs\;C:\Program Files\Docker\Docker\resources\bin;C:\ProgramData\DockerDesktop\version-bin | |
| HKU\S-1-5-21-434153615-1448201401-3235158447-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\tomas\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\104333724_732001884251741_7739740706736490449_o.jpg | |
| DNS Servers: 192.168.0.1 | |
| HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) | |
| HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: ) | |
| Windows Firewall is enabled. | |
| Network Binding: | |
| ============= | |
| vEthernet (Default Switch): Juniper Network Service -> jnprns (enabled) | |
| Ethernet: Juniper Network Service -> jnprns (enabled) | |
| vEthernet (WSL): Juniper Network Service -> jnprns (enabled) | |
| Wi-Fi: Juniper Network Service -> jnprns (enabled) | |
| ==================== MSCONFIG/TASK MANAGER disabled items == | |
| (If an entry is included in the fixlist, it will be removed.) | |
| HKLM\...\StartupApproved\Run: => "LogiOptions" | |
| HKLM\...\StartupApproved\Run: => "Logitech Download Assistant" | |
| HKLM\...\StartupApproved\Run32: => "AdobeGCInvoker-1.0" | |
| HKLM\...\StartupApproved\Run32: => "HP Software Update" | |
| HKLM\...\StartupApproved\Run32: => "GK6XPlus Driver" | |
| HKU\S-1-5-21-434153615-1448201401-3235158447-1001\...\StartupApproved\StartupFolder: => "Poslat do aplikace OneNote.lnk" | |
| HKU\S-1-5-21-434153615-1448201401-3235158447-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams" | |
| HKU\S-1-5-21-434153615-1448201401-3235158447-1001\...\StartupApproved\Run: => "CoronaUninstaller_delete_CoronaRemove_exe" | |
| HKU\S-1-5-21-434153615-1448201401-3235158447-1001\...\StartupApproved\Run: => "CoronaUninstaller_delete_LegionLib_Release_dll" | |
| HKU\S-1-5-21-434153615-1448201401-3235158447-1001\...\StartupApproved\Run: => "CoronaUninstaller_delete_LegionLibWx_Release_dll" | |
| HKU\S-1-5-21-434153615-1448201401-3235158447-1001\...\StartupApproved\Run: => "CoronaUninstaller_delete_LegionOpenImageIo_1_8_10_v142_Release_dll" | |
| HKU\S-1-5-21-434153615-1448201401-3235158447-1001\...\StartupApproved\Run: => "CoronaUninstaller_delete_LegionWxWidgets_3_1_0_v142_Release_dll" | |
| HKU\S-1-5-21-434153615-1448201401-3235158447-1001\...\StartupApproved\Run: => "Facebook.MessengerDesktop" | |
| HKU\S-1-5-21-434153615-1448201401-3235158447-1001\...\StartupApproved\Run: => "Mailbird" | |
| HKU\S-1-5-21-434153615-1448201401-3235158447-1001\...\StartupApproved\Run: => "sws" | |
| HKU\S-1-5-21-434153615-1448201401-3235158447-1001\...\StartupApproved\Run: => "Voicemod" | |
| HKU\S-1-5-21-434153615-1448201401-3235158447-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning" | |
| ==================== FirewallRules (Whitelisted) ================ | |
| (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) | |
| FirewallRules: [{62B7916F-1998-44BD-89E5-1A5F3A96DD46}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation) | |
| FirewallRules: [{E8C0FE4C-7D4B-40CF-9D6F-380C4F92DEFD}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation) | |
| FirewallRules: [TCP Query User{556300DD-3C6F-46D6-B1C2-B150340FAD5F}C:\program files\docker\docker\resources\vpnkit.exe] => (Allow) C:\program files\docker\docker\resources\vpnkit.exe (Docker Inc -> ) | |
| FirewallRules: [UDP Query User{18951924-94E4-40F1-B61E-BC9867151429}C:\program files\docker\docker\resources\vpnkit.exe] => (Allow) C:\program files\docker\docker\resources\vpnkit.exe (Docker Inc -> ) | |
| FirewallRules: [{F786F4A6-3426-4C45-BAD6-910F4138682B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life\hl.exe (Valve -> Valve) | |
| FirewallRules: [{C5606802-BBB8-48BE-A46F-BE7F8E4B5FF3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life\hl.exe (Valve -> Valve) | |
| FirewallRules: [{FD52983D-7D9E-46FF-B380-1895D0570F71}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> ) | |
| FirewallRules: [{3041706F-FFCB-4594-B0B1-CEE55326040A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> ) | |
| FirewallRules: [{CE7E016A-66CE-474E-BDA6-E2BEB3D6B474}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3launcher.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive) | |
| FirewallRules: [{F2472A4F-DC21-48EB-BE7C-E395272F543F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3launcher.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive) | |
| FirewallRules: [TCP Query User{0C6593FB-761A-4FC3-904C-7C63A36E8D8B}C:\program files (x86)\smartbear\soapui-5.5.0\bin\soapui-5.5.0.exe] => (Allow) C:\program files (x86)\smartbear\soapui-5.5.0\bin\soapui-5.5.0.exe => No File | |
| FirewallRules: [UDP Query User{C7FB411D-60DF-426B-869B-3B246B3ED62F}C:\program files (x86)\smartbear\soapui-5.5.0\bin\soapui-5.5.0.exe] => (Allow) C:\program files (x86)\smartbear\soapui-5.5.0\bin\soapui-5.5.0.exe => No File | |
| FirewallRules: [{4568B312-F571-4526-9C62-518D612B2D79}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) | |
| FirewallRules: [{3DAF3F12-4B64-4E49-9F84-376388F438D0}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) | |
| FirewallRules: [{0C2DA01A-AC4C-4EE0-B51A-54C9FE5852E6}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) | |
| FirewallRules: [{869A3A02-B482-41F2-966C-89AC7A53A7CA}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) | |
| FirewallRules: [TCP Query User{9EDAF14D-4EAF-4A87-867C-A8A28E567893}C:\program files\nodejs\node.exe] => (Allow) C:\program files\nodejs\node.exe (OpenJS Foundation -> Node.js) | |
| FirewallRules: [UDP Query User{CC11B5BA-1D5A-43DF-A5CA-A29B4BC6BB47}C:\program files\nodejs\node.exe] => (Allow) C:\program files\nodejs\node.exe (OpenJS Foundation -> Node.js) | |
| FirewallRules: [{524283A3-6481-4F49-8C88-44B015F6B79A}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) | |
| FirewallRules: [{EE720B57-28BA-4F54-B005-AE1851B66423}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) | |
| FirewallRules: [{04C09FA6-73AE-43E9-80D5-033273F787E9}] => (Allow) C:\Program Files\Rockstar Games\Grand Theft Auto V\GTA5.exe (Rockstar Games, Inc. -> Rockstar Games) | |
| FirewallRules: [{ADEBDCAB-0CB8-4071-9A84-AF16709E87A6}] => (Allow) C:\Program Files\Rockstar Games\Grand Theft Auto V\GTA5.exe (Rockstar Games, Inc. -> Rockstar Games) | |
| FirewallRules: [TCP Query User{4CDC5E30-372C-41D9-A933-FCBBA64B704E}C:\users\tomas\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\tomas\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd) | |
| FirewallRules: [UDP Query User{F39B30A4-F69F-47C9-A965-2DE5CBAED9F6}C:\users\tomas\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\tomas\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd) | |
| FirewallRules: [TCP Query User{6CDE5B45-5359-4470-AB25-388D4A5B7F1C}C:\program files\sketchup\sketchup 2019\sketchup.exe] => (Allow) C:\program files\sketchup\sketchup 2019\sketchup.exe (Trimble Inc. -> Trimble, Inc.) [File not signed] | |
| FirewallRules: [UDP Query User{B66F7E61-84AF-42EB-81B6-F68102461B3A}C:\program files\sketchup\sketchup 2019\sketchup.exe] => (Allow) C:\program files\sketchup\sketchup 2019\sketchup.exe (Trimble Inc. -> Trimble, Inc.) [File not signed] | |
| FirewallRules: [TCP Query User{A18DA8B7-9DCD-459D-AB0D-39917828CB6B}C:\program files\jetbrains\phpstorm 192.5728.26\bin\phpstorm64.exe] => (Allow) C:\program files\jetbrains\phpstorm 192.5728.26\bin\phpstorm64.exe => No File | |
| FirewallRules: [UDP Query User{37DE0E24-AA4C-4ACF-8DCA-7BAF06022DDE}C:\program files\jetbrains\phpstorm 192.5728.26\bin\phpstorm64.exe] => (Allow) C:\program files\jetbrains\phpstorm 192.5728.26\bin\phpstorm64.exe => No File | |
| FirewallRules: [TCP Query User{C3FA8DA0-D887-4664-A9ED-A577791921AA}C:\users\tomas\appdata\local\jetbrains\toolbox\apps\phpstorm\ch-0\192.5728.108\bin\phpstorm64.exe] => (Allow) C:\users\tomas\appdata\local\jetbrains\toolbox\apps\phpstorm\ch-0\192.5728.108\bin\phpstorm64.exe (JetBrains s.r.o. -> JetBrains s.r.o.) | |
| FirewallRules: [UDP Query User{07610693-C56F-4F4B-8D80-5EEBF176EE98}C:\users\tomas\appdata\local\jetbrains\toolbox\apps\phpstorm\ch-0\192.5728.108\bin\phpstorm64.exe] => (Allow) C:\users\tomas\appdata\local\jetbrains\toolbox\apps\phpstorm\ch-0\192.5728.108\bin\phpstorm64.exe (JetBrains s.r.o. -> JetBrains s.r.o.) | |
| FirewallRules: [{4A658233-0261-4B76-A425-1ACE343D03E2}] => (Block) C:\users\tomas\appdata\local\jetbrains\toolbox\apps\phpstorm\ch-0\192.5728.108\bin\phpstorm64.exe (JetBrains s.r.o. -> JetBrains s.r.o.) | |
| FirewallRules: [{C3DD925F-51A3-4DB0-B9F4-2AA83763E71A}] => (Block) C:\users\tomas\appdata\local\jetbrains\toolbox\apps\phpstorm\ch-0\192.5728.108\bin\phpstorm64.exe (JetBrains s.r.o. -> JetBrains s.r.o.) | |
| FirewallRules: [TCP Query User{6D4BF6FD-A584-41A0-A0A9-1BF17ABF8209}C:\users\tomas\appdata\local\programs\mockoon\mockoon.exe] => (Allow) C:\users\tomas\appdata\local\programs\mockoon\mockoon.exe (Guillaume Monnet -> Guillaume Monnet) | |
| FirewallRules: [UDP Query User{A9524C92-015E-4A78-903D-E51AEEA6A9AF}C:\users\tomas\appdata\local\programs\mockoon\mockoon.exe] => (Allow) C:\users\tomas\appdata\local\programs\mockoon\mockoon.exe (Guillaume Monnet -> Guillaume Monnet) | |
| FirewallRules: [TCP Query User{D734F69C-E810-4C41-944E-8F1A2407ADAF}C:\users\tomas\appdata\local\jetbrains\toolbox\apps\phpstorm\ch-0\192.5728.108\jbr\bin\java.exe] => (Allow) C:\users\tomas\appdata\local\jetbrains\toolbox\apps\phpstorm\ch-0\192.5728.108\jbr\bin\java.exe | |
| FirewallRules: [UDP Query User{D615AE57-4312-4906-AD15-CE262948B1E9}C:\users\tomas\appdata\local\jetbrains\toolbox\apps\phpstorm\ch-0\192.5728.108\jbr\bin\java.exe] => (Allow) C:\users\tomas\appdata\local\jetbrains\toolbox\apps\phpstorm\ch-0\192.5728.108\jbr\bin\java.exe | |
| FirewallRules: [TCP Query User{1658F27A-FEE4-46DA-AAA6-1708F8379A50}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe (Apache Software Foundation) [File not signed] | |
| FirewallRules: [UDP Query User{298BF328-B21E-4925-BFF7-270368F4C381}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe (Apache Software Foundation) [File not signed] | |
| FirewallRules: [{BE949A9C-651F-4EEE-84B4-74E01E2320BC}] => (Allow) C:\Program Files\Chaos Group\V-Ray\V-Ray for SketchUp\extension\vrayneui-win32-x64\vrayneui.exe (Chaos Software, Ltd) [File not signed] | |
| FirewallRules: [{3D6C18A4-A7CA-46AF-B10D-36C1DB63FA15}] => (Allow) C:\Program Files\Chaos Group\V-Ray\V-Ray for SketchUp\extension\vrayneui-win32-x64\vrayneui.exe (Chaos Software, Ltd) [File not signed] | |
| FirewallRules: [{3892B395-3D48-42D7-A685-814B1BCDD4F8}] => (Allow) C:\Program Files\Chaos Group\VRLService\OLS\vrol.exe (Chaos Software Ltd. -> ) | |
| FirewallRules: [{EFAED645-FA8F-4DEA-84B7-56B23AC1DAE3}] => (Allow) C:\Program Files\Chaos Group\VRLService\OLS\vrol.exe (Chaos Software Ltd. -> ) | |
| FirewallRules: [{284BA671-AC16-4EF7-9A43-4AF9F3727327}] => (Allow) LPort=20208 | |
| FirewallRules: [{E42763CB-13C6-4A35-8A56-97CFB2BB25D6}] => (Allow) LPort=20208 | |
| FirewallRules: [{30E5962D-D439-4AB7-8E20-AC21E8F8D71E}] => (Allow) C:\Program Files\Chaos Group\V-Ray\Swarm 1.4\swrm.exe (Chaos Software Ltd.) [File not signed] | |
| FirewallRules: [{0DF38314-2933-45DD-A9E0-32AFFFCEDBFD}] => (Allow) C:\Program Files\Chaos Group\V-Ray\Swarm 1.4\swrm.exe (Chaos Software Ltd.) [File not signed] | |
| FirewallRules: [TCP Query User{049B0EC8-BC53-40EE-9D9C-EF5827F5911F}C:\users\tomas\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\tomas\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed] | |
| FirewallRules: [UDP Query User{5526D139-F382-43AD-A15F-BA09C62E4430}C:\users\tomas\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\tomas\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed] | |
| FirewallRules: [TCP Query User{D0AC76FD-9FB6-4471-A60E-FCDC731C5969}C:\users\tomas\appdata\local\programs\protopie\resources\bin\server.exe] => (Allow) C:\users\tomas\appdata\local\programs\protopie\resources\bin\server.exe (Studio XID, Inc. -> Node.js) | |
| FirewallRules: [UDP Query User{45BE4B11-A99C-4775-B91F-012A49BDDF7D}C:\users\tomas\appdata\local\programs\protopie\resources\bin\server.exe] => (Allow) C:\users\tomas\appdata\local\programs\protopie\resources\bin\server.exe (Studio XID, Inc. -> Node.js) | |
| FirewallRules: [TCP Query User{96301919-7B43-41F7-8B62-04A26A4A9618}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe (MariaDB Corporation Ab -> ) | |
| FirewallRules: [UDP Query User{6F4B09D1-BC27-4DE0-AA32-FD544F6CD397}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe (MariaDB Corporation Ab -> ) | |
| FirewallRules: [TCP Query User{1C4A388F-02B8-43D8-990B-ABC258263CAA}C:\users\tomas\downloads\utorrent-portable (1)\utorrent\utorrent\utorrent.exe] => (Allow) C:\users\tomas\downloads\utorrent-portable (1)\utorrent\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed] | |
| FirewallRules: [UDP Query User{4B07CA32-B6E8-45DC-A101-E40CE59E490E}C:\users\tomas\downloads\utorrent-portable (1)\utorrent\utorrent\utorrent.exe] => (Allow) C:\users\tomas\downloads\utorrent-portable (1)\utorrent\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed] | |
| FirewallRules: [{C0418361-70D0-4FCA-94D9-E4BF1A764453}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [File not signed] | |
| FirewallRules: [{7F812767-1F8E-47FD-A535-D5CF94933B69}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [File not signed] | |
| FirewallRules: [TCP Query User{8FD0EDBA-96A2-4F32-95EA-8DD8B643D10F}C:\program files (x86)\deluge\deluge.exe] => (Allow) C:\program files (x86)\deluge\deluge.exe (Deluge Team) [File not signed] | |
| FirewallRules: [UDP Query User{5B5C220F-4E01-4770-9B57-6CD8126100C3}C:\program files (x86)\deluge\deluge.exe] => (Allow) C:\program files (x86)\deluge\deluge.exe (Deluge Team) [File not signed] | |
| FirewallRules: [TCP Query User{9249F945-3033-4975-AD08-1B7EBB4DAF5C}C:\users\tomas\appdata\local\microsoft\skypeforbusinessplugin\16.2.0.511\pluginhost.exe] => (Allow) C:\users\tomas\appdata\local\microsoft\skypeforbusinessplugin\16.2.0.511\pluginhost.exe (Microsoft Corporation -> Microsoft Corporation) | |
| FirewallRules: [UDP Query User{EDFC475A-C500-4792-B927-CDD13356D1B3}C:\users\tomas\appdata\local\microsoft\skypeforbusinessplugin\16.2.0.511\pluginhost.exe] => (Allow) C:\users\tomas\appdata\local\microsoft\skypeforbusinessplugin\16.2.0.511\pluginhost.exe (Microsoft Corporation -> Microsoft Corporation) | |
| FirewallRules: [TCP Query User{7B59A30E-9455-41CE-806A-A3E87FAAACF1}C:\program files\docker\docker\resources\com.docker.backend.exe] => (Allow) C:\program files\docker\docker\resources\com.docker.backend.exe (Docker Inc -> Docker Inc.) | |
| FirewallRules: [UDP Query User{C24BCCA3-4950-46A0-80BF-FB70A2E88030}C:\program files\docker\docker\resources\com.docker.backend.exe] => (Allow) C:\program files\docker\docker\resources\com.docker.backend.exe (Docker Inc -> Docker Inc.) | |
| FirewallRules: [TCP Query User{37835758-C547-4235-AB46-20F00979B69F}C:\xampp\mercurymail\mercury.exe] => (Allow) C:\xampp\mercurymail\mercury.exe (David Harris) [File not signed] | |
| FirewallRules: [UDP Query User{550F4A6F-74BA-40E6-93F8-B80B68CB7E24}C:\xampp\mercurymail\mercury.exe] => (Allow) C:\xampp\mercurymail\mercury.exe (David Harris) [File not signed] | |
| FirewallRules: [{16DE5B90-C2E6-48C9-8D3B-C6598CE493CF}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) | |
| FirewallRules: [{0C1ECD0F-CE30-431B-B3B8-FF5728E96822}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) | |
| FirewallRules: [TCP Query User{6B4EDA8F-98A6-4AC0-9B23-46927CBAD41E}C:\program files\erl10.6\erts-10.6\bin\epmd.exe] => (Allow) C:\program files\erl10.6\erts-10.6\bin\epmd.exe () [File not signed] | |
| FirewallRules: [UDP Query User{BF7F54C6-F211-4FEE-92BE-DB22CE51895A}C:\program files\erl10.6\erts-10.6\bin\epmd.exe] => (Allow) C:\program files\erl10.6\erts-10.6\bin\epmd.exe () [File not signed] | |
| FirewallRules: [TCP Query User{E1CBBDA6-FCE3-4C04-90B8-E0B0DF5E93AC}C:\program files (x86)\steam\steamapps\common\arma 3\arma3_x64.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\arma 3\arma3_x64.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive) | |
| FirewallRules: [UDP Query User{8BD95D2D-ABE8-4DDE-B9E4-5163876763AD}C:\program files (x86)\steam\steamapps\common\arma 3\arma3_x64.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\arma 3\arma3_x64.exe (BOHEMIA INTERACTIVE a.s. -> Bohemia Interactive) | |
| FirewallRules: [{24BC1D2F-65C5-42E0-9889-4A2647714636}] => (Allow) C:\Users\tomas\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) | |
| FirewallRules: [{4B61077C-8CA4-4D30-AA2C-174850EEF2DD}] => (Allow) C:\Users\tomas\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) | |
| FirewallRules: [TCP Query User{1F9DB63D-5FB2-4686-8B59-F92200B8A5F7}C:\xampp\php\php.exe] => (Allow) C:\xampp\php\php.exe (The PHP Group) [File not signed] | |
| FirewallRules: [UDP Query User{E871908A-1127-42E5-95ED-AFC778248700}C:\xampp\php\php.exe] => (Allow) C:\xampp\php\php.exe (The PHP Group) [File not signed] | |
| FirewallRules: [{B2E023CD-9CBB-4EEA-830A-58814BD3BB38}] => (Allow) C:\Program Files\HP\HP Deskjet 3520 series\Bin\DeviceSetup.exe (Hewlett Packard -> Hewlett-Packard Co.) | |
| FirewallRules: [{2E73B335-1026-450A-B1B7-FBEE99762E5C}] => (Allow) C:\Program Files\HP\HP Deskjet 3520 series\Bin\HPNetworkCommunicator.exe (Hewlett Packard -> Hewlett-Packard Co.) | |
| FirewallRules: [{3E145133-BFD1-40BB-9A99-7305C581F467}] => (Allow) C:\Program Files\HP\HP Deskjet 3520 series\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> Hewlett-Packard Co.) | |
| FirewallRules: [TCP Query User{060525D2-EC47-44F3-A21F-1FBB7CDDC01F}C:\program files (x86)\java\jre1.8.0_261\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_261\bin\javaw.exe | |
| FirewallRules: [UDP Query User{B82D33AE-BDE8-48C8-B99E-E5F10D82E7F2}C:\program files (x86)\java\jre1.8.0_261\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_261\bin\javaw.exe | |
| FirewallRules: [{533A8ECB-F010-43F3-B4F3-1F8DF0EFF6C4}] => (Allow) C:\Program Files (x86)\Java\jre1.8.0_261\bin\java.exe | |
| FirewallRules: [{21EA71C3-1F9D-41A6-BC1B-194ADDBAD887}] => (Allow) C:\Program Files (x86)\Java\jre1.8.0_261\bin\java.exe | |
| FirewallRules: [{C9E01CD2-3128-449D-B477-4D8AE0400A34}] => (Allow) C:\Program Files\Reflector Teacher\ReflectorTeacher.exe (Squirrels LLC -> Squirrels) | |
| FirewallRules: [{DE5FF01E-BB62-437C-BD13-3FC1CE534A61}] => (Allow) C:\Program Files\Reflector 3\Reflector3.exe (Squirrels LLC -> Squirrels) | |
| FirewallRules: [TCP Query User{E834CAF8-CE8F-4CFF-A309-ACFC14987171}C:\program files\jetbrains\webstorm 2020.2.3\bin\webstorm64.exe] => (Block) C:\program files\jetbrains\webstorm 2020.2.3\bin\webstorm64.exe => No File | |
| FirewallRules: [UDP Query User{56A73FA9-FA38-4719-8AD3-8902A5DC82BC}C:\program files\jetbrains\webstorm 2020.2.3\bin\webstorm64.exe] => (Block) C:\program files\jetbrains\webstorm 2020.2.3\bin\webstorm64.exe => No File | |
| FirewallRules: [{E5150D84-ECD8-42F6-A7E9-95F1EA929740}] => (Allow) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.EXE (Logitech Inc -> Logitech, Inc.) | |
| FirewallRules: [{2E8C000D-8C48-46D1-82FF-8B287E7B9470}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.) | |
| FirewallRules: [{960E2A34-9379-4175-B24E-46054AA7DB0B}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.) | |
| FirewallRules: [{E459E415-19D9-4176-913A-CE37D4983E6B}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.) | |
| FirewallRules: [{28315A79-B141-4EC2-BC9F-3C3D0FD16DB3}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.) | |
| FirewallRules: [{A463E329-0AF5-45B4-9C4E-0590C2DCCB1B}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.) | |
| FirewallRules: [{FC9F83AC-28A8-4692-84B6-6956826C3296}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.) | |
| FirewallRules: [{18ECB446-FB90-4AFC-B85F-3360BF26BEFE}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.) | |
| FirewallRules: [{07E2BC71-53C9-44EA-843E-BBC5F514A18E}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.) | |
| FirewallRules: [{86B223A1-4648-45C0-9A8A-82F2BCAC31D5}] => (Allow) C:\Program Files (x86)\Popcorn Time\Updater.exe (Popcorn Time) [File not signed] | |
| FirewallRules: [{7C69ABA5-400D-40D9-ACD8-650A9ABA225E}] => (Allow) C:\Program Files (x86)\Popcorn Time\Updater.exe (Popcorn Time) [File not signed] | |
| FirewallRules: [{FDEFAB96-905B-4239-8841-2AE5D9B5C110}] => (Allow) C:\Program Files (x86)\Popcorn Time\PopcornTimeDesktop.exe () [File not signed] | |
| FirewallRules: [{96EC85CA-3D33-4372-B84A-C7DCE787BFF4}] => (Allow) C:\Program Files (x86)\Popcorn Time\PopcornTimeDesktop.exe () [File not signed] | |
| FirewallRules: [{00365D2D-A706-439A-9EB2-F6472E20D4C0}] => (Allow) C:\Program Files (x86)\Popcorn Time\nodejs\node.exe (Node.js Foundation -> Node.js) | |
| FirewallRules: [{1BCDFE68-CF00-4277-92C6-4DF370C2F381}] => (Allow) C:\Program Files (x86)\Popcorn Time\nodejs\node.exe (Node.js Foundation -> Node.js) | |
| FirewallRules: [{7A439A49-0925-4EAE-8656-85618262744A}] => (Allow) C:\Program Files (x86)\Popcorn Time\chromecast\node.exe (Joyent Inc -> Joyent, Inc) | |
| FirewallRules: [{B8832BAD-6F85-421E-A791-A16F5F3524C6}] => (Allow) C:\Program Files (x86)\Popcorn Time\chromecast\node.exe (Joyent Inc -> Joyent, Inc) | |
| FirewallRules: [{9F9FBB31-B586-4764-9461-6DAC810CE2BE}] => (Allow) C:\Users\tomas\AppData\Local\Programs\safe-watch\safe-watch.exe (OPEN VIDEO, TOV -> GitHub, Inc.) | |
| FirewallRules: [TCP Query User{DFAA4C3F-8A71-4566-9E97-AD49D17845E5}C:\users\tomas\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\tomas\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation) | |
| FirewallRules: [UDP Query User{D008747D-9480-4220-8C35-FD8D8A20140E}C:\users\tomas\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\tomas\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation) | |
| FirewallRules: [{803D5ADD-006B-45A0-AB4B-BED3E6C3424D}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation) | |
| FirewallRules: [{1C2DFE24-9593-4416-9F37-DB7D82B7E41E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) | |
| FirewallRules: [{DB3C57F2-0558-4D2B-AA38-66110D937515}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) | |
| FirewallRules: [{D536A9F9-AA08-4B4F-B514-4A086CA31E76}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) | |
| FirewallRules: [{8C2E2373-9641-4C37-BA36-FF2FDDC9A399}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) | |
| FirewallRules: [TCP Query User{CCB28F9C-286B-40BB-A3CB-C5FBE2DA7F04}C:\program files\qbittorrent\qbittorrent.exe] => (Block) C:\program files\qbittorrent\qbittorrent.exe () [File not signed] | |
| FirewallRules: [UDP Query User{DF818E6B-4057-433B-9612-0C9FF187ED54}C:\program files\qbittorrent\qbittorrent.exe] => (Block) C:\program files\qbittorrent\qbittorrent.exe () [File not signed] | |
| FirewallRules: [TCP Query User{9319591A-38B2-4E75-BD45-248D33BF6BF2}C:\users\tomas\downloads\mocs16\mosquitto.exe] => (Allow) C:\users\tomas\downloads\mocs16\mosquitto.exe () [File not signed] | |
| FirewallRules: [UDP Query User{C5C327F5-BD1C-4276-9255-2BCD7E3FE5FD}C:\users\tomas\downloads\mocs16\mosquitto.exe] => (Allow) C:\users\tomas\downloads\mocs16\mosquitto.exe () [File not signed] | |
| FirewallRules: [TCP Query User{9B890801-482F-48A6-BEB9-36143377BFB2}C:\users\tomas\appdata\local\jetbrains\toolbox\apps\webstorm\ch-0\211.5787.16\bin\webstorm64.exe] => (Allow) C:\users\tomas\appdata\local\jetbrains\toolbox\apps\webstorm\ch-0\211.5787.16\bin\webstorm64.exe (JetBrains s.r.o. -> JetBrains s.r.o.) | |
| FirewallRules: [UDP Query User{0F15C073-C203-462A-A60C-670774422492}C:\users\tomas\appdata\local\jetbrains\toolbox\apps\webstorm\ch-0\211.5787.16\bin\webstorm64.exe] => (Allow) C:\users\tomas\appdata\local\jetbrains\toolbox\apps\webstorm\ch-0\211.5787.16\bin\webstorm64.exe (JetBrains s.r.o. -> JetBrains s.r.o.) | |
| FirewallRules: [TCP Query User{F75A7914-A03C-4E92-8573-05B2D2186A2E}C:\users\tomas\appdata\local\jetbrains\toolbox\apps\phpstorm\ch-0\203.7148.74\bin\phpstorm64.exe] => (Allow) C:\users\tomas\appdata\local\jetbrains\toolbox\apps\phpstorm\ch-0\203.7148.74\bin\phpstorm64.exe (JetBrains s.r.o. -> JetBrains s.r.o.) | |
| FirewallRules: [UDP Query User{B41E0095-D706-42D3-97AB-8E32FD0BCA72}C:\users\tomas\appdata\local\jetbrains\toolbox\apps\phpstorm\ch-0\203.7148.74\bin\phpstorm64.exe] => (Allow) C:\users\tomas\appdata\local\jetbrains\toolbox\apps\phpstorm\ch-0\203.7148.74\bin\phpstorm64.exe (JetBrains s.r.o. -> JetBrains s.r.o.) | |
| FirewallRules: [{452596D8-B544-42F2-BEDB-5C0724E5591A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) | |
| ==================== Restore Points ========================= | |
| 04-03-2021 15:08:49 Naplánovaný kontrolní bod | |
| ==================== Faulty Device Manager Devices ============ | |
| Name: Intel(R) Dynamic Platform and Thermal Framework Manager | |
| Description: Intel(R) Dynamic Platform and Thermal Framework Manager | |
| Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318} | |
| Manufacturer: Intel | |
| Service: esif_lf | |
| Problem: : Windows has stopped this device because it has reported problems. (Code 43) | |
| Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation. | |
| ==================== Event log errors: ======================== | |
| Application errors: | |
| ================== | |
| Error: (03/05/2021 09:52:51 AM) (Source: ESENT) (EventID: 447) (User: ) | |
| Description: svchost (4832,D,27) SRUJet: A bad page link (error -327) has been detected in a B-Tree (ObjectId: 28, PgnoRoot: 207) of database C:\Windows\system32\SRU\SRUDB.dat (10297 => 10298, 11696). | |
| Tag: BtNextBadPgnoNextOrBacklink | |
| Fatal: 1 | |
| Error: (03/05/2021 09:52:05 AM) (Source: Application Hang) (EventID: 1002) (User: ) | |
| Description: Program dwm.exe verze 10.0.18362.387 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba. | |
| ID procesu: 648 | |
| Čas spuštění: 01d710fd795d0db2 | |
| Čas ukončení: 2474 | |
| Cesta k aplikaci: C:\Windows\System32\dwm.exe | |
| ID hlášení: 155b8482-27cc-4c5b-9502-fb2ba325061f | |
| Úplný název balíčku s chybou: | |
| ID aplikace relativní podle balíčku s chybou: | |
| Typ zablokování: Unknown | |
| Error: (03/05/2021 02:58:51 AM) (Source: ESENT) (EventID: 447) (User: ) | |
| Description: svchost (4832,D,27) SRUJet: A bad page link (error -327) has been detected in a B-Tree (ObjectId: 28, PgnoRoot: 207) of database C:\Windows\system32\SRU\SRUDB.dat (10297 => 10298, 11696). | |
| Tag: BtNextBadPgnoNextOrBacklink | |
| Fatal: 1 | |
| Error: (03/04/2021 11:20:01 PM) (Source: ESENT) (EventID: 447) (User: ) | |
| Description: svchost (4832,D,27) SRUJet: A bad page link (error -327) has been detected in a B-Tree (ObjectId: 28, PgnoRoot: 207) of database C:\Windows\system32\SRU\SRUDB.dat (10297 => 10298, 11696). | |
| Tag: BtNextBadPgnoNextOrBacklink | |
| Fatal: 1 | |
| Error: (03/04/2021 10:19:01 PM) (Source: ESENT) (EventID: 447) (User: ) | |
| Description: svchost (4832,D,27) SRUJet: A bad page link (error -327) has been detected in a B-Tree (ObjectId: 28, PgnoRoot: 207) of database C:\Windows\system32\SRU\SRUDB.dat (10297 => 10298, 11696). | |
| Tag: BtNextBadPgnoNextOrBacklink | |
| Fatal: 1 | |
| Error: (03/04/2021 09:19:10 PM) (Source: ESENT) (EventID: 447) (User: ) | |
| Description: svchost (4832,D,27) SRUJet: A bad page link (error -327) has been detected in a B-Tree (ObjectId: 28, PgnoRoot: 207) of database C:\Windows\system32\SRU\SRUDB.dat (10297 => 10298, 11696). | |
| Tag: BtNextBadPgnoNextOrBacklink | |
| Fatal: 1 | |
| Error: (03/04/2021 05:54:01 PM) (Source: ESENT) (EventID: 447) (User: ) | |
| Description: svchost (4832,D,27) SRUJet: A bad page link (error -327) has been detected in a B-Tree (ObjectId: 28, PgnoRoot: 207) of database C:\Windows\system32\SRU\SRUDB.dat (10297 => 10298, 11696). | |
| Tag: BtNextBadPgnoNextOrBacklink | |
| Fatal: 1 | |
| Error: (03/04/2021 04:53:01 PM) (Source: ESENT) (EventID: 447) (User: ) | |
| Description: svchost (4832,D,27) SRUJet: A bad page link (error -327) has been detected in a B-Tree (ObjectId: 28, PgnoRoot: 207) of database C:\Windows\system32\SRU\SRUDB.dat (10297 => 10298, 11696). | |
| Tag: BtNextBadPgnoNextOrBacklink | |
| Fatal: 1 | |
| System errors: | |
| ============= | |
| Error: (03/05/2021 02:57:48 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-CFUMU4V) | |
| Description: Server Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM. | |
| Error: (03/04/2021 03:21:40 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-CFUMU4V) | |
| Description: Server Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM. | |
| Error: (03/04/2021 02:56:45 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-CFUMU4V) | |
| Description: Server Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM. | |
| Error: (03/04/2021 02:52:07 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-CFUMU4V) | |
| Description: Server Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM. | |
| Error: (03/04/2021 02:51:30 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) | |
| Description: Služba RabbitMQ byla ukončena s následující chybou: | |
| Proces neočekávaně skončil. | |
| Error: (03/04/2021 02:51:30 PM) (Source: ErlSrv) (EventID: 17) (User: ) | |
| Description: RabbitMQ: Erlang machine stopped instantly (distribution name conflict?). The service is not restarted, ignoring OnFail option. | |
| Error: (03/04/2021 02:51:29 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) | |
| Description: Služba WIBUKEY neuspěla při spuštění v důsledku následující chyby: | |
| Systém nemůže nalézt uvedený soubor. | |
| Error: (03/04/2021 01:32:49 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-CFUMU4V) | |
| Description: Server Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM. | |
| Windows Defender: | |
| ================ | |
| Date: 2021-03-01 10:26:32.429 | |
| Description: | |
| Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software. | |
| Další informace: | |
| https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Script/Phonzy.A!ml&threatid=2147772966&enterprise=1 | |
| Název: Trojan:Script/Phonzy.A!ml | |
| Závažnost: Vážné | |
| Kategorie: Trojský kůň | |
| Cesta: file:_C:\Users\tomas\Downloads\setup_x86_x64_install.exe | |
| Původ detekce: Místní počítač | |
| Typ detekce: FastPath | |
| Zdroj detekce: Systém | |
| Uživatel: NT AUTHORITY\SYSTEM | |
| Název procesu: Unknown | |
| Verze bezpečnostních informací: AV: 1.331.2087.0, AS: 1.331.2087.0, NIS: 1.331.2087.0 | |
| Verze modulu: AM: 1.1.17800.5, NIS: 1.1.17800.5 | |
| Date: 2020-10-27 09:56:32.196 | |
| Description: | |
| Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací. | |
| Nová verze bezpečnostních informací: | |
| Předchozí verze bezpečnostních informací: 1.325.1481.0 | |
| Zdroj aktualizace: Server Microsoft Update | |
| Typ bezpečnostních informací: Antivirový program | |
| Typ aktualizace: Úplné | |
| Uživatel: NT AUTHORITY\SYSTEM | |
| Aktuální verze modulu: | |
| Předchozí verze modulu: 1.1.17500.4 | |
| Kód chyby: 0x80240016 | |
| Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře. | |
| ==================== Memory info =========================== | |
| BIOS: Dell Inc. 1.9.0 02/11/2019 | |
| Motherboard: Dell Inc. 0M2MWX | |
| Processor: Intel(R) Core(TM) i7-8750H CPU @ 2.20GHz | |
| Percentage of memory in use: 76% | |
| Total physical RAM: 16178.28 MB | |
| Available physical RAM: 3740.89 MB | |
| Total Virtual: 37682.28 MB | |
| Available Virtual: 13767.2 MB | |
| ==================== Drives ================================ | |
| Drive c: () (Fixed) (Total:953.24 GB) (Free:117.97 GB) NTFS | |
| Drive d: (DATA) (Fixed) (Total:931.51 GB) (Free:710.08 GB) NTFS | |
| \\?\Volume{3007718a-57f7-49db-9ef3-425993f63379}\ (Obnovení) (Fixed) (Total:0.52 GB) (Free:0.14 GB) NTFS | |
| \\?\Volume{261d9569-2f5f-475f-8448-120b770cacba}\ () (Fixed) (Total:0.09 GB) (Free:0.06 GB) FAT32 | |
| ==================== MBR & Partition Table ==================== | |
| ========================================================== | |
| Disk: 0 (Size: 931.5 GB) (Disk ID: 25C3EBDD) | |
| Partition: GPT. | |
| ========================================================== | |
| Disk: 1 (Protective MBR) (Size: 953.9 GB) (Disk ID: 00000000) | |
| Partition: GPT. | |
| ==================== End of Addition.txt ======================= |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment