Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-07-2022
Ran by drjan_000 (31-07-2022 09:36:48)
Running from C:\Users\drjan_000\Desktop
Microsoft Windows 10 Home Version 1909 18363.1556 (X64) (2019-08-18 15:09:19)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-441044182-2704751091-3235625209-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-441044182-2704751091-3235625209-503 - Limited - Disabled)
drjan_000 (S-1-5-21-441044182-2704751091-3235625209-1001 - Administrator - Enabled) => C:\Users\drjan_000
Guest (S-1-5-21-441044182-2704751091-3235625209-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-441044182-2704751091-3235625209-1006 - Limited - Enabled)
Jan (S-1-5-21-441044182-2704751091-3235625209-1004 - Limited - Enabled)
postgres (S-1-5-21-441044182-2704751091-3235625209-1014 - Limited - Enabled) => C:\Users\postgres
WDAGUtilityAccount (S-1-5-21-441044182-2704751091-3235625209-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: ESET Security (Disabled - Up to date) {DF8BEACB-94C9-218A-73AD-A78362A8C516}
AV: ESET Security (Enabled - Up to date) {89B55CC4-3881-78B2-11E2-479AE0371896}
FW: ESET Firewall (Disabled) {E7B06BEE-DEA6-20D2-58F2-0EB69C7B826D}
FW: ESET Firewall (Enabled) {B18EDDE1-72EE-79EA-3ABD-EEAF1EE45FED}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
4K Video Downloader 4.4 (HKLM-x32\...\{F350AF86-CD2C-45DC-9F5E-9C1A6789E537}) (Version: 4.4.0.2235 - Open Media LLC)
7-Zip 21.06 (x64) (HKLM\...\7-Zip) (Version: 21.06 - Igor Pavlov)
Adobe AIR (HKLM-x32\...\{10E33ABF-D7FB-4F47-900A-7973854AB45A}) (Version: 32.0.0.125 - Adobe) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 32.0.0.125 - Adobe)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.3.0.256 - Adobe Systems Incorporated)
Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version: 7.7.0.35 - Adobe Inc.)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.23) - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.23 - Adobe Systems Incorporated)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-001824458876}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
AirDroid 3.6.4.0 (HKLM-x32\...\AirDroid) (Version: 3.6.4.0 - Sand Studio)
AlterCam (HKLM-x32\...\{358AF097-92D1-4750-80E1-F71904AC8CE2}_is1) (Version: 6.0 - Bolide® Software)
Amazon Kindle (HKU\S-1-5-21-441044182-2704751091-3235625209-1001\...\Amazon Kindle) (Version: 1.19.1.46084 - Amazon)
Any Video Converter 5.7.6 (HKLM-x32\...\Any Video Converter_is1) (Version: - Any-Video-Converter.com)
ApowerREC V1.4.5.78 (HKLM-x32\...\{6F2998B2-21F7-4CEF-94B2-C3919D939CF9}_is1) (Version: 1.4.5.78 - Apowersoft LIMITED)
Apple Mobile Device Support (HKLM\...\{6CECF0FB-EE71-4FE5-8AE0-FA007408934A}) (Version: 13.0.0.38 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A3985C05-7386-411F-A4BF-32A73F37EB44}) (Version: 2.6.3.1 - Apple Inc.)
Assassin's Creed IV Black Flag (HKLM-x32\...\Uplay Install 273) (Version: - Ubisoft)
Audiolibrix Manager (HKLM-x32\...\Audiolibrix Manager) (Version: 2.0.0.0 - Audiolibrix Ltd)
Backup and Sync from Google (HKLM\...\{696895F7-52C7-4C9E-998B-C7E0CC907092}) (Version: 3.57.4256.0809 - Google, Inc.)
Balíček ovladače systému Windows - MediaTek Inc. (wdm_usb) Ports (01/22/2015 3.0.1504.0) (HKLM\...\BD5E2A628C2263FAEC66A4BFF2E88B897427E4C3) (Version: 01/22/2015 3.0.1504.0 - MediaTek Inc.)
BigClown Playground 0.11.0 (HKU\S-1-5-21-441044182-2704751091-3235625209-1001\...\6ce1c186-3dca-5c4b-bfe2-211d4df4c9f8) (Version: 0.11.0 - HARDWARIO s.r.o.)
Bitcoin Core (64-bit) (HKU\S-1-5-21-441044182-2704751091-3235625209-1001\...\Bitcoin Core (64-bit)) (Version: 0.18.1 - Bitcoin Core project)
Blackmagic RAW Common Components (HKLM\...\{60461BA6-AFA0-4D54-AFE1-54EC717AA7D9}) (Version: 1.8.2 - Blackmagic Design)
BlueStacks 5 (HKLM\...\BlueStacks_nxt) (Version: 5.5.100.1040 - BlueStack Systems, Inc.)
BlueStacks X (HKU\S-1-5-21-441044182-2704751091-3235625209-1001\...\BlueStacks X) (Version: 0.13.2.5 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Bookmap 7.3.0 (HKLM-x32\...\Bookmap) (Version: - Bookmap Ltd)
Boxshot (HKLM\...\Boxshot) (Version: 4.12.0 - Appsforlife Ltd)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.70.1080 - AB Team, d.o.o.)
CameraHelperMsi (HKLM-x32\...\{15634701-BACE-4449-8B25-1567DA8C9FD3}) (Version: 13.51.815.0 - Logitech) Hidden
CamStudio version 2.7 (HKLM-x32\...\{04B83666-3A62-452B-85D3-70F8117F2329}_is1) (Version: 2.7 - CamStudio Open Source)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.16.50 - Conexant)
Conexant SmartAudio (HKLM\...\SAII) (Version: 6.0.224.0 - Conexant Systems)
CrystalDiskInfo 8.17.0 (HKLM\...\CrystalDiskInfo_is1) (Version: 8.17.0 - Crystal Dew World)
Czechwealth Market Profit Pack (1.0.210715) pro NinjaTrader 8 verze 1.0.210715 (HKLM-x32\...\{c8bc5b41-4acd-464f-a152-1340f381b3ef}_is1) (Version: 1.0.210715 - CZECHWEALTH)
Czechwealth Market Profit Pack pro NinjaTrader 7 verze 3.3.180427 (HKLM-x32\...\{8959C283-3320-438C-9626-C4B61A6CED2E}_is1) (Version: 3.3.180427 - CZECHWEALTH)
DaVinci Resolve (HKLM\...\{47B30418-F683-4F19-BEF9-BA5E490154BF}) (Version: 16.2.8005 - Blackmagic Design)
DaVinci Resolve Keyboards (HKLM\...\{04F776FB-37A2-4116-84F2-6CF3D731999D}) (Version: 1.0.0.0 - Blackmagic Design)
DaVinci Resolve Panels (HKLM\...\{567706B7-1501-43BC-81AB-C7E306B40C73}) (Version: 1.3.2.0 - Blackmagic Design)
Debut Video Capture Software (HKLM-x32\...\Debut) (Version: 6.60 - NCH Software)
Discord (HKU\S-1-5-21-441044182-2704751091-3235625209-1001\...\Discord) (Version: 1.0.9003 - Discord Inc.)
Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.6.5.1 - Dolby Laboratories Inc)
Dropbox (HKLM-x32\...\Dropbox) (Version: 152.4.4880 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.583.1 - Dropbox, Inc.) Hidden
EdgeDeflector (HKU\S-1-5-21-441044182-2704751091-3235625209-1001\...\EdgeDeflector) (Version: 1.2.3.0 - )
ELAN pointing device (HKLM\...\Elantech) (Version: 11.4.92.1 - ELAN Microelectronic Corp.)
Epic Games Launcher (HKLM-x32\...\{1D4EB18B-0FEE-444E-B4D1-6F2CFBC363E6}) (Version: 1.1.267.0 - Epic Games, Inc.)
EPS File Viewer (HKLM-x32\...\{35B4B5ED-41DE-4CAB-A757-F967474819DC}_is1) (Version: - epsfileviewer.com)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
Epson Software Updater (HKLM-x32\...\{1028AD34-EB8A-4136-9A93-27FC60FD0A40}) (Version: 4.4.11 - Seiko Epson Corporation)
EPSON SX525WD Series Printer Uninstall (HKLM\...\EPSON SX525WD Series) (Version: - SEIKO EPSON Corporation)
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.6.0 - SEIKO EPSON CORPORATION)
EpsonNet Setup 3.3 (HKLM-x32\...\{C9D8A041-2963-4B31-8FFC-1500F3DB9293}) (Version: 3.3b - SEIKO EPSON CORPORATION)
erLT (HKLM-x32\...\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}) (Version: 1.20.138.34 - Logitech, Inc.) Hidden
ESET Security (HKLM\...\{3EB22EED-2263-4174-9F36-09BD15A7AEF8}) (Version: 15.1.12.0 - ESET, spol. s r.o.)
eSpeak version 1.48.04 (HKLM-x32\...\eSpeak_is1) (Version: - )
Eye 312 (HKLM-x32\...\{74F923F2-2B11-4E2E-B638-A1772A9F7B7B}) (Version: 1.0.0.28 - KYE SYSTEMS CORP.)
Fairlight Audio Accelerator Utility (HKLM\...\FairlightAudioAccelerator_is1) (Version: 1.0.13 - Blackmagic Design)
Fairlight Studio Utility (HKLM\...\{6C7FC3A1-DA64-4ACE-8F05-301CBECD5BE9}) (Version: 1.2.0.0 - Blackmagic Design)
Fake Webcam 7.4 (HKLM-x32\...\fakewebcam7.4.0_is1) (Version: 7.4.0 - Web Solution Mart)
Fake Webcam Codecs Pack 1.0.0 (HKLM\...\fwccpsetup_is1) (Version: 1.0.0 - Web Solution Mart)
FoneDog Data Recovery 1.0.6 (HKLM-x32\...\{ABFEA365-28F7-4B3B-A676-7ACD1C8D444B}_is1) (Version: 1.0.6 - FoneDog)
FoneDog Toolkit for Android 2.0.18 (HKLM-x32\...\{7A8C4E7C-62D5-47E6-B93B-80C5DD48CBA4}_is1) (Version: 2.0.18 - FoneDog)
FoneLab for Android 3.1.8 (HKLM-x32\...\{7A7ACBDD-FED6-4ec5-BD26-5549FEB5B968}_is1) (Version: 3.1.8 - Aiseesoft Studio)
FormApps Signing Extension (HKLM-x32\...\{ACA43D91-8B42-4D42-8C8B-A893BD6AA40D}) (Version: 2.8.2.28 - Software602 a.s.)
FormatFactory 4.5.0.0 (HKLM-x32\...\FormatFactory) (Version: 4.5.0.0 - Free Time)
Free Video Flip and Rotate (HKLM-x32\...\Free Video Flip and Rotate_is1) (Version: 1.1.35.831 - Digital Wave Ltd)
FreeCropVideo (HKLM-x32\...\{BAA3FC30-2DC2-47C1-B09D-39D30EB7CEC9}) (Version: 1.06 - Free Crop Video)
GCI MT4 (HKLM-x32\...\GCI MT4) (Version: 4.00 - MetaQuotes Software Corp.)
Goldstarway Trading (remove only) (HKLM-x32\...\Goldstarway Trading) (Version: - )
Google Drive (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 60.0.2.0 - Google LLC)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 103.0.5060.114 - Google LLC)
GoTo Opener (HKLM-x32\...\{C0F33C38-345C-4C02-B161-11389350C2A5}) (Version: 1.0.533 - LogMeIn, Inc.)
GoToMeeting 10.19.0.19950 (HKU\S-1-5-21-441044182-2704751091-3235625209-1001\...\GoToMeeting) (Version: 10.19.0.19950 - LogMeIn, Inc.)
honestech VHS to DVD 3.0 SE (HKLM-x32\...\{2856F5EA-E98A-40E4-BAD6-8C644A4A3F3C}) (Version: 3.0 - honestech)
iCloud (HKLM\...\{8808B208-87D1-4725-8192-76D257E9DEAE}) (Version: 7.21.0.23 - Apple Inc.)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)
iTunes (HKLM\...\{81B253F3-31F6-48CD-96D1-5325EA0E093F}) (Version: 12.11.4.15 - Apple Inc.)
Java(TM) SE Development Kit 11.0.1 (64-bit) (HKLM\...\{F4039C0F-E4C1-5905-9E7D-DDA8EDE365BC}) (Version: 11.0.1.0 - Oracle Corporation)
Kontrola stavu osobního počítače s Windows (HKLM\...\{E496AFB7-CB04-46CF-8FBB-5D665BC8811B}) (Version: 3.3.2110.22002 - Microsoft Corporation)
Lagarith lossless video codec (Remove Only) (HKLM\...\LAGARITH) (Version: - )
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Lenovo Phone Manager (HKLM-x32\...\{400214B1-6B7B-4AA3-B330-96CF76F89D98}) (Version: 1.4.1.10128 - Lenovo)
Lenovo Vantage Service (HKLM-x32\...\VantageSRV_is1) (Version: 3.13.14.0 - Lenovo Group Ltd.)
LenovoUsbDriver 1.1.15 (HKLM-x32\...\LenovoUsbDriver) (Version: 1.1.15 - Lenovo)
Light Image Resizer 5.0.3.0 (HKLM-x32\...\{D5C093E0-D3DF-42D3-AFD6-CAAFB6985CBC}_is1) (Version: 5.0.3.0 - ObviousIdea)
Logitech Webcam Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.80 - Logitech Inc.)
Logitech-kameraindstillinger (HKLM-x32\...\LogiUCDPP) (Version: 2.12.20.0 - Logitech Europe S.A.)
LogoStudio (HKLM-x32\...\{60C328AE-1E5D-F3FB-480E-DBD19D5FD908}) (Version: 1.0 - UNKNOWN) Hidden
LogoStudio (HKLM-x32\...\LogoStudio) (Version: 1.0 - UNKNOWN)
LWS Facebook (HKLM-x32\...\{FF167195-9EE4-46C0-8CD7-FBA3457E88AB}) (Version: 13.50.854.0 - Logitech) Hidden
LWS Gallery (HKLM-x32\...\{6F76EC3C-34B1-436E-97FB-48C58D7BEDCD}) (Version: 13.51.827.0 - Logitech) Hidden
LWS Help_main (HKLM-x32\...\{1651216E-E7AD-4250-92A1-FB8ED61391C9}) (Version: 13.51.828.0 - Logitech) Hidden
LWS Launcher (HKLM-x32\...\{83C8FA3C-F4EA-46C4-8392-D3CE353738D6}) (Version: 13.51.828.0 - Logitech) Hidden
LWS Motion Detection (HKLM-x32\...\{71E66D3F-A009-44AB-8784-75E2819BA4BA}) (Version: 13.51.815.0 - Logitech) Hidden
LWS Pictures And Video (HKLM-x32\...\{08610298-29AE-445B-B37D-EFBE05802967}) (Version: 13.51.815.0 - Logitech) Hidden
LWS Twitter (HKLM-x32\...\{174A3B31-4C43-43DD-866F-73C9DB887B48}) (Version: 13.30.1346.0 - Logitech) Hidden
LWS Webcam Software (HKLM-x32\...\{8937D274-C281-42E4-8CDB-A0B2DF979189}) (Version: 13.51.815.0 - Logitech) Hidden
LWS WLM Plugin (HKLM-x32\...\{9DAEA76B-E50F-4272-A595-0124E826553D}) (Version: 1.30.1201.0 - Logitech) Hidden
LWS YouTube Plugin (HKLM-x32\...\{21DF0294-6B9D-4741-AB6F-B2ABFBD2387E}) (Version: 13.31.1038.0 - Logitech) Hidden
LYNX Trading (HKU\S-1-5-21-441044182-2704751091-3235625209-1001\...\5556-0005-2700-0000) (Version: (978.1g) 20191211 16:53:18 - LYNX)
ManyCam 6.3.2 (HKLM-x32\...\ManyCam) (Version: 6.3.2 - Visicom Media Inc.)
MetaTrader 5 (HKLM\...\MetaTrader 5) (Version: 5.00 - MetaQuotes Software Corp.)
Microsoft .NET Host - 6.0.2 (x64) (HKLM\...\{8368577E-2F61-42AC-AF23-46AFAB4217DC}) (Version: 48.11.35878 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.2 (x64) (HKLM\...\{B221F0E1-F6F1-41EC-8197-847829949A54}) (Version: 48.11.35878 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.2 (x64) (HKLM\...\{065DC311-BF3D-4DCD-94CA-D903C6DD4C0A}) (Version: 48.11.35878 - Microsoft Corporation) Hidden
Microsoft Access MUI (Czech) 2013 (HKLM\...\{90150000-0015-0405-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Access MUI (Portuguese (Brazil)) 2013 (HKLM\...\{90150000-0015-0416-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft DCF MUI (Czech) 2013 (HKLM\...\{90150000-0090-0405-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft DCF MUI (Portuguese (Brazil)) 2013 (HKLM\...\{90150000-0090-0416-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 103.0.1264.62 - Microsoft Corporation)
Microsoft Excel MUI (Czech) 2013 (HKLM\...\{90150000-0016-0405-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Excel MUI (Portuguese (Brazil)) 2013 (HKLM\...\{90150000-0016-0416-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Groove MUI (Czech) 2013 (HKLM\...\{90150000-00BA-0405-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Groove MUI (Portuguese (Brazil)) 2013 (HKLM\...\{90150000-00BA-0416-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft HEVC Media Extension Installation for Microsoft.HEVCVideoExtension_1.0.2512.0_x64__8wekyb3d8bbwe (x64) (HKLM\...\{B0169E83-757B-EF66-E2F0-391944D785BC}) (Version: 1.0.0.0 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (Czech) 2013 (HKLM\...\{90150000-0044-0405-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (Portuguese (Brazil)) 2013 (HKLM\...\{90150000-0044-0416-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Lync MUI (Czech) 2013 (HKLM\...\{90150000-012B-0405-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Lync MUI (Portuguese (Brazil)) 2013 (HKLM\...\{90150000-012B-0416-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office 32-bit Components 2013 (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Korrekturhilfen 2013 - Deutsch (HKLM\...\{90150000-001F-0407-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Language Pack 2013 - Czech/čeština (HKLM\...\Office15.OMUI.cs-cz) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office O MUI (Czech) 2013 (HKLM\...\{90150000-0100-0405-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (Czech) 2013 (HKLM\...\{90150000-00E1-0405-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (Portuguese (Brazil)) 2013 (HKLM\...\{90150000-00E1-0416-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (Czech) 2013 (HKLM\...\{90150000-00E2-0405-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (Portuguese (Brazil)) 2013 (HKLM\...\{90150000-00E2-0416-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Proofing (Czech) 2013 (HKLM\...\{90150000-002C-0405-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Portuguese (Brazil)) 2013 (HKLM\...\{90150000-002C-0416-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - English (HKLM\...\{90150000-001F-0409-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - Español (HKLM\...\{90150000-001F-0C0A-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (Czech) 2013 (HKLM\...\{90150000-00C1-0405-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (Portuguese (Brazil)) 2013 (HKLM\...\{90150000-00C1-0416-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Czech) 2013 (HKLM\...\{90150000-006E-0405-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Portuguese (Brazil)) 2013 (HKLM\...\{90150000-006E-0416-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKU\S-1-5-21-441044182-2704751091-3235625209-1001\...\OneDriveSetup.exe) (Version: 22.131.0619.0001 - Microsoft Corporation)
Microsoft OneNote MUI (Czech) 2013 (HKLM\...\{90150000-00A1-0405-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft OneNote MUI (Portuguese (Brazil)) 2013 (HKLM\...\{90150000-00A1-0416-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (Czech) 2013 (HKLM\...\{90150000-001A-0405-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (Portuguese (Brazil)) 2013 (HKLM\...\{90150000-001A-0416-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (Czech) 2013 (HKLM\...\{90150000-0018-0405-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (Portuguese (Brazil)) 2013 (HKLM\...\{90150000-0018-0416-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (Czech) 2013 (HKLM\...\{90150000-0019-0405-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (Portuguese (Brazil)) 2013 (HKLM\...\{90150000-0019-0416-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft SharePoint Designer MUI (Czech) 2013 (HKLM\...\{90150000-0017-0405-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Teams (HKU\S-1-5-21-441044182-2704751091-3235625209-1001\...\Teams) (Version: 1.4.00.11161 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{B5664346-4402-4834-81BE-9687BF653BA2}) (Version: 3.26.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{CA8A885F-E95B-3FC6-BB91-F4D9377C7686}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.29.30135 (HKLM-x32\...\{fa7f6d52-f85e-48ef-8f56-a37268aa5772}) (Version: 14.29.30135.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.22.27821 (HKLM-x32\...\{5bfc1380-fd35-4b85-9715-7351535d077e}) (Version: 14.22.27821.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X64 Additional Runtime - 14.29.30135 (HKLM\...\{34DB4181-0770-4B5A-B561-68758A077B0F}) (Version: 14.29.30135 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.29.30135 (HKLM\...\{40118CD9-A805-400C-864E-041A5B5C01B0}) (Version: 14.29.30135 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.22.27821 (HKLM-x32\...\{3BDE80F7-7EC9-448E-8160-4ADA0CDA8879}) (Version: 14.22.27821 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.22.27821 (HKLM-x32\...\{1E6FC929-567E-4D22-9206-C5B83F0A21B9}) (Version: 14.22.27821 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\{9495AEB4-AB97-39DE-8C42-806EEF75ECA7}) (Version: 10.0.50908 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 6.0.2 (x64) (HKLM\...\{CB054A0F-B342-4BFA-8E1C-1C1277DE89CA}) (Version: 48.11.35878 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.2 (x64) (HKLM-x32\...\{f443bbdb-acaa-4eab-9d5d-098b722891ed}) (Version: 6.0.2.30914 - Microsoft Corporation)
Microsoft Word MUI (Czech) 2013 (HKLM\...\{90150000-001B-0405-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Word MUI (Portuguese (Brazil)) 2013 (HKLM\...\{90150000-001B-0416-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft X MUI (Czech) 2013 (HKLM\...\{90150000-0101-0405-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft_VC80_CRT_x86 (HKLM-x32\...\{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}) (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (HKLM-x32\...\{08D2E121-7F6A-43EB-97FD-629B44903403}) (Version: 1.00.0000 - Adobe) Hidden
Movavi Video Editor 15 (HKU\S-1-5-21-441044182-2704751091-3235625209-1001\...\Movavi Video Editor 15) (Version: 15.4.1 - Movavi)
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 97.0.1 (x64 cs)) (Version: 97.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 69.0.1 - Mozilla)
Mozilla Thunderbird (x64 cs) (HKU\S-1-5-21-441044182-2704751091-3235625209-1001\...\Mozilla Thunderbird 91.9.1 (x64 cs)) (Version: 91.9.1 - Mozilla)
Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština (HKLM\...\{90150000-001F-0405-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2013 - slovenčina (HKLM\...\{90150000-001F-041B-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 23.1.0 - OBS Project)
PDF Settings CS6 (HKLM-x32\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
PhoneCopy for Windows (HKLM-x32\...\{5DAE2597-B5B1-41EA-952B-36CD126E7961}) (Version: 2.4.0 - e-FRACTAL)
PhotoPad Image Editor (HKLM-x32\...\PhotoPad) (Version: 6.74 - NCH Software)
PicPick (HKLM-x32\...\PicPick) (Version: 4.0.7 - NGWIN)
Podpora aplikací Apple (32bitová) (HKLM-x32\...\{CCA8C50D-785B-4896-8675-FFE0C4ECCBC3}) (Version: 8.7 - Apple Inc.)
Podpora aplikací Apple (64bitová) (HKLM\...\{75BEF7E8-4370-4D42-94F3-B5AA77057965}) (Version: 8.7 - Apple Inc.)
Pomocník s aktualizací Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.19041.1555 - Microsoft Corporation)
PostgreSQL 9.5 (HKLM\...\PostgreSQL 9.5) (Version: 9.5 - PostgreSQL Global Development Group)
PSD Viewer (HKLM-x32\...\{D8EEDC94-EE82-46A0-A7DB-812E3C6A0A6E}_is1) (Version: - IdeaMK)
PSPad editor (HKLM-x32\...\PSPad editor_is1) (Version: 4.6.0.2700 - Jan Fiala)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.14393.31228 - Realtek Semiconductor Corp.)
Realtek USB Wireless LAN Driver (HKLM-x32\...\InstallShield_{DBCC4C27-F949-482b-B786-7B3B67587CD2}) (Version: Drv_3.00.0018 - REALTEK Semiconductor Corp.)
Realtek USB Wireless LAN Utility (HKLM-x32\...\{9C049509-055C-4CFF-A116-1D12312225EB}) (Version: UI_1.00.0287 - REALTEK Semiconductor Corp.)
Revisores de Texto do Microsoft Office 2013 – Português do Brasil (HKLM\...\{90150000-001F-0416-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
RogueKiller version 15.5.3.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 15.5.3.0 - Adlice Software)
SageThumbs 2.0.0.22 (HKLM\...\SageThumbs) (Version: 2.0.0.22 - Cherubic Software)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.7.43.0 - Samsung Electronics Co., Ltd.)
Screen Recorder Launcher (HKU\S-1-5-21-441044182-2704751091-3235625209-1001\...\ScreenRecorderLauncher) (Version: 1.7 - )
Seafile 6.1.1 (HKLM-x32\...\{38269809-1417-4275-882B-FB92A69904AC}) (Version: 6.1.1 - HaiWenHuZhi ltd.)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0015-0405-1000-0000000FF1CE}_Office15.OMUI.cs-cz_{010BF41A-4D78-40C3-90BA-117DF64A0AE2}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0015-0416-1000-0000000FF1CE}_Office15.PROPLUS_{8ECA38FB-BA64-4DF3-A770-936F18495B2C}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0016-0405-1000-0000000FF1CE}_Office15.OMUI.cs-cz_{010BF41A-4D78-40C3-90BA-117DF64A0AE2}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0016-0416-1000-0000000FF1CE}_Office15.PROPLUS_{8ECA38FB-BA64-4DF3-A770-936F18495B2C}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0017-0405-1000-0000000FF1CE}_Office15.OMUI.cs-cz_{85EB11C5-7793-4386-8F93-3D15494EC269}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0018-0405-1000-0000000FF1CE}_Office15.OMUI.cs-cz_{010BF41A-4D78-40C3-90BA-117DF64A0AE2}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0018-0416-1000-0000000FF1CE}_Office15.PROPLUS_{8ECA38FB-BA64-4DF3-A770-936F18495B2C}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0019-0405-1000-0000000FF1CE}_Office15.OMUI.cs-cz_{010BF41A-4D78-40C3-90BA-117DF64A0AE2}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0019-0416-1000-0000000FF1CE}_Office15.PROPLUS_{8ECA38FB-BA64-4DF3-A770-936F18495B2C}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-001A-0405-1000-0000000FF1CE}_Office15.OMUI.cs-cz_{010BF41A-4D78-40C3-90BA-117DF64A0AE2}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-001A-0416-1000-0000000FF1CE}_Office15.PROPLUS_{8ECA38FB-BA64-4DF3-A770-936F18495B2C}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-001B-0405-1000-0000000FF1CE}_Office15.OMUI.cs-cz_{010BF41A-4D78-40C3-90BA-117DF64A0AE2}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-001B-0416-1000-0000000FF1CE}_Office15.PROPLUS_{8ECA38FB-BA64-4DF3-A770-936F18495B2C}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-001F-0405-1000-0000000FF1CE}_Office15.OMUI.cs-cz_{1E8252A7-D489-4BB6-9694-93799FFD33ED}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-001F-0407-1000-0000000FF1CE}_Office15.OMUI.cs-cz_{DABB9E2A-F054-4F97-9EB2-6992316C6EC7}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-001F-0409-1000-0000000FF1CE}_Office15.OMUI.cs-cz_{835E4BED-E265-4103-AE14-0B4C70CF3FE8}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-001F-0409-1000-0000000FF1CE}_Office15.PROPLUS_{835E4BED-E265-4103-AE14-0B4C70CF3FE8}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-001F-0416-1000-0000000FF1CE}_Office15.PROPLUS_{72C9E028-F9E7-4172-AC45-0C8029B591D5}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-001F-041B-1000-0000000FF1CE}_Office15.OMUI.cs-cz_{4601BD00-BC9B-4CA2-940C-2552782C7347}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-001F-0C0A-1000-0000000FF1CE}_Office15.PROPLUS_{4BF13B26-3A95-4E42-900A-DEB16FDA75A0}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-002C-0405-1000-0000000FF1CE}_Office15.OMUI.cs-cz_{EC915383-0457-4D83-BE7A-009D7841E9C5}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-002C-0416-1000-0000000FF1CE}_Office15.PROPLUS_{84C4718D-C949-454F-B6D0-E77C212DBF11}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0044-0405-1000-0000000FF1CE}_Office15.OMUI.cs-cz_{010BF41A-4D78-40C3-90BA-117DF64A0AE2}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0044-0416-1000-0000000FF1CE}_Office15.PROPLUS_{8ECA38FB-BA64-4DF3-A770-936F18495B2C}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-006E-0405-1000-0000000FF1CE}_Office15.OMUI.cs-cz_{3F685A71-DF4A-4AC0-A110-0FA0B7FFD86C}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-006E-0416-1000-0000000FF1CE}_Office15.PROPLUS_{67811A68-6D8B-4316-8ACB-4AEADC838509}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0090-0405-1000-0000000FF1CE}_Office15.OMUI.cs-cz_{010BF41A-4D78-40C3-90BA-117DF64A0AE2}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0090-0416-1000-0000000FF1CE}_Office15.PROPLUS_{8ECA38FB-BA64-4DF3-A770-936F18495B2C}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-00A1-0405-1000-0000000FF1CE}_Office15.OMUI.cs-cz_{010BF41A-4D78-40C3-90BA-117DF64A0AE2}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-00A1-0416-1000-0000000FF1CE}_Office15.PROPLUS_{8ECA38FB-BA64-4DF3-A770-936F18495B2C}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-00BA-0405-1000-0000000FF1CE}_Office15.OMUI.cs-cz_{010BF41A-4D78-40C3-90BA-117DF64A0AE2}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-00BA-0416-1000-0000000FF1CE}_Office15.PROPLUS_{8ECA38FB-BA64-4DF3-A770-936F18495B2C}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{1931508C-C004-4983-81E3-70BE6252904B}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-00C1-0405-1000-0000000FF1CE}_Office15.OMUI.cs-cz_{6E88843F-58F2-45EB-8C4A-0DDFE45366E1}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-00C1-0416-1000-0000000FF1CE}_Office15.PROPLUS_{05DE08FE-96EE-4BFE-A731-AE2985231632}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-00E1-0405-1000-0000000FF1CE}_Office15.OMUI.cs-cz_{010BF41A-4D78-40C3-90BA-117DF64A0AE2}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-00E1-0416-1000-0000000FF1CE}_Office15.PROPLUS_{8ECA38FB-BA64-4DF3-A770-936F18495B2C}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-00E2-0405-1000-0000000FF1CE}_Office15.OMUI.cs-cz_{010BF41A-4D78-40C3-90BA-117DF64A0AE2}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-00E2-0416-1000-0000000FF1CE}_Office15.PROPLUS_{8ECA38FB-BA64-4DF3-A770-936F18495B2C}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0100-0405-1000-0000000FF1CE}_Office15.OMUI.cs-cz_{010BF41A-4D78-40C3-90BA-117DF64A0AE2}) (Version: - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0101-0405-1000-0000000FF1CE}_Office15.OMUI.cs-cz_{010BF41A-4D78-40C3-90BA-117DF64A0AE2}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-012B-0405-1000-0000000FF1CE}_Office15.OMUI.cs-cz_{010BF41A-4D78-40C3-90BA-117DF64A0AE2}) (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-012B-0416-1000-0000000FF1CE}_Office15.PROPLUS_{8ECA38FB-BA64-4DF3-A770-936F18495B2C}) (Version: - Microsoft) Hidden
SHAREit (HKLM-x32\...\www.ushareit.com_is1) (Version: 4.0.6.177 - SHAREit Technologies Co.Ltd)
SoftPerfect Network Scanner version 7.0.9 (HKLM\...\{8083C3D9-F400-48FA-B060-CF55F25E2D4B}_is1) (Version: 7.0.9 - SoftPerfect)
Sophos Virus Removal Tool (HKLM-x32\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.9.0 - Sophos Limited)
Spotify (HKU\S-1-5-21-441044182-2704751091-3235625209-1001\...\Spotify) (Version: 1.1.73.517.gbef50fdb - Spotify AB)
TeamViewer 13 (HKLM-x32\...\TeamViewer) (Version: 13.2.26558 - TeamViewer)
Telegram Desktop version 3.7.3 (HKU\S-1-5-21-441044182-2704751091-3235625209-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 3.7.3 - Telegram FZ-LLC)
thinkorswim (HKLM\...\9968-4488-2169-7623) (Version: desktop - thinkorswim, Inc)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.0a - Ghisler Software GmbH)
Total Recorder 8.3 VideoPro Edition (HKLM-x32\...\TotalRecorder) (Version: - )
Trader Workstation (HKU\S-1-5-21-441044182-2704751091-3235625209-1001\...\5889-6375-8446-2021) (Version: latest (983.2j) 20210428 13:17:48 - Interactive Brokers LLC)
Trezor Suite 21.11.2 (HKU\S-1-5-21-441044182-2704751091-3235625209-1001\...\978be57b-9286-5cd7-a60b-54c81352a986) (Version: 21.11.2 - SatoshiLabs)
UE4 Prerequisites (x64) (HKLM\...\{F9EC45F9-074A-48BF-92E9-A8CADD56F693}) (Version: 1.0.11.0 - Epic Games, Inc.) Hidden
UE4 Prerequisites (x64) (HKLM-x32\...\{4e242cc8-5e3c-4b08-9d55-dbc62ddd1208}) (Version: 1.0.13.0 - Epic Games, Inc.) Hidden
Update for Skype for Business 2015 (KB4484289) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{1C76EBD9-0A70-4094-A543-00CAA3B62113}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB4484289) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{1C76EBD9-0A70-4094-A543-00CAA3B62113}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB4484289) 64-Bit Edition (HKLM\...\{90150000-012B-0405-1000-0000000FF1CE}_Office15.OMUI.cs-cz_{1C76EBD9-0A70-4094-A543-00CAA3B62113}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB4484289) 64-Bit Edition (HKLM\...\{90150000-012B-0416-1000-0000000FF1CE}_Office15.PROPLUS_{1C76EBD9-0A70-4094-A543-00CAA3B62113}) (Version: - Microsoft)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{B652B695-C849-4EF2-B09A-72771C7AD2BA}) (Version: 2.71.0.0 - Microsoft Corporation)
VideoPad Video Editor (HKLM-x32\...\VideoPad) (Version: 8.99 - NCH Software)
VideoProc Converter (HKLM-x32\...\VideoProc Converter) (Version: 4.6 - Digiarty, Inc.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.16 - VideoLAN)
WhatsApp (HKU\S-1-5-21-441044182-2704751091-3235625209-1001\...\WhatsApp) (Version: 2.2216.8 - WhatsApp)
WiFi Scanner (HKLM-x32\...\{635E5B4E-A55C-4019-ADBD-557CD79A2FD0}) (Version: 0.5.581 - AccessAgility)
WinHTTrack Website Copier 3.49-2 (x64) (HKLM\...\WinHTTrack Website Copier_is1) (Version: 3.49.2 - HTTrack)
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
Wondershare AllMyTube(Build 4.10.2.3) (HKLM-x32\...\Wondershare AllMyTube_is1) (Version: 4.10.2.3 - Wondershare Software)
Wondershare Helper Compact 2.5.3 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.5.3 - Wondershare)
Wondershare UniConverter 13(Build 13.5.2.126) (HKLM\...\UniConverter 13_is1) (Version: 13.5.2.126 - Wondershare Software)
Zemana AntiMalware verze 3.2.28 (HKLM-x32\...\{4E1F3677-C72E-4F7D-B66E-85467B1A289E}_is1) (Version: 3.2.28 - Zemana)
Zoom (HKU\S-1-5-21-441044182-2704751091-3235625209-1001\...\ZoomUMX) (Version: 5.4.7 (59784.1220) - Zoom Video Communications, Inc.)
Packages:
=========
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-01-12] (Microsoft Corporation)
Doplněk pro Fotky -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-03-13] (Microsoft Corporation)
Drawboard PDF -> C:\Program Files\WindowsApps\DRAWBOARD.DRAWBOARDPDF_6.19.9.0_x64__gqbn7fs4pywxm [2022-07-07] (Drawboard)
Facebook -> C:\Program Files\WindowsApps\FACEBOOK.FACEBOOK_2021.927.0.0_x86__8xx8rvfyw5nnt [2021-09-29] (Facebook Inc)
Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_10.2206.16.0_x64__k1h2ywk1493x8 [2022-06-29] (LENOVO INC.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-21] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-21] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.13.7040.0_x64__8wekyb3d8bbwe [2022-07-08] (Microsoft Studios) [MS Ad]
MSN Cestování -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe [2016-12-17] (Microsoft Corporation) [MS Ad]
MSN Gurmánský svět -> C:\Program Files\WindowsApps\Microsoft.BingFoodAndDrink_3.0.4.336_x64__8wekyb3d8bbwe [2016-12-17] (Microsoft Corporation) [MS Ad]
MSN Zdraví a fitness -> C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.4.336_x64__8wekyb3d8bbwe [2016-12-17] (Microsoft Corporation) [MS Ad]
TuneIn Radio -> C:\Program Files\WindowsApps\TuneIn.TuneInRadio_4.0.7.0_x64__6bhtb546zcxnj [2019-09-22] (TuneIn) [MS Ad]
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.TWITTER_7.0.0.0_x86__wgeqdkkx372wm [2021-06-11] (Twitter Inc.)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-441044182-2704751091-3235625209-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\drjan_000\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.21063.3\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-441044182-2704751091-3235625209-1001_Classes\CLSID\{29F458BE-8866-11D5-A3DD-00B0D0F3BAA7}\localserver32 -> C:\Users\drjan_000\AppData\Local\Mozilla Thunderbird\thunderbird.exe (Mozilla Corporation -> Mozilla Corporation)
CustomCLSID: HKU\S-1-5-21-441044182-2704751091-3235625209-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\drjan_000\AppData\Local\GoToMeeting\19796\G2MOutlookAddin64.dll (LogMeIn, Inc. -> LogMeIn, Inc.)
CustomCLSID: HKU\S-1-5-21-441044182-2704751091-3235625209-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\drjan_000\Dropbox [2017-03-05 19:30]
CustomCLSID: HKU\S-1-5-21-441044182-2704751091-3235625209-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems Incorporated -> Adobe Systems)
ShellIconOverlayIdentifiers: [ GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\60.0.2.0\drivefsext.dll [2022-06-21] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\60.0.2.0\drivefsext.dll [2022-06-21] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\60.0.2.0\drivefsext.dll [2022-06-21] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\60.0.2.0\drivefsext.dll [2022-06-21] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-06-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-06-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-06-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-06-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-06-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-06-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-06-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-06-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-06-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-06-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2022-02-01] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2022-02-01] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2022-02-01] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ ".SeafileIconError"] -> {D14BEDD3-4E05-4F2F-B0DE-C0381E6AE609} => C:\Users\drjan_000\AppData\Roaming\Seafile\seafile_shell_ext64.dll -> No File
ShellIconOverlayIdentifiers: [ ".SeafileIconLockedByMe"] -> {D14BEDD3-4E05-4F2F-B0DE-C0381E6AE611} => C:\Users\drjan_000\AppData\Roaming\Seafile\seafile_shell_ext64.dll -> No File
ShellIconOverlayIdentifiers: [ ".SeafileIconLockedByOthers"] -> {D14BEDD3-4E05-4F2F-B0DE-C0381E6AE612} => C:\Users\drjan_000\AppData\Roaming\Seafile\seafile_shell_ext64.dll -> No File
ShellIconOverlayIdentifiers: [ ".SeafileIconNormal"] -> {D14BEDD3-4E05-4F2F-B0DE-C0381E6AE607} => C:\Users\drjan_000\AppData\Roaming\Seafile\seafile_shell_ext64.dll -> No File
ShellIconOverlayIdentifiers: [ ".SeafileIconPaused"] -> {D14BEDD3-4E05-4F2F-B0DE-C0381E6AE610} => C:\Users\drjan_000\AppData\Roaming\Seafile\seafile_shell_ext64.dll -> No File
ShellIconOverlayIdentifiers: [ ".SeafileIconSyncing"] -> {D14BEDD3-4E05-4F2F-B0DE-C0381E6AE608} => C:\Users\drjan_000\AppData\Roaming\Seafile\seafile_shell_ext64.dll -> No File
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-06-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-06-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-06-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-06-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-06-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-06-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-06-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-06-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-06-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-06-07] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana\AntiMalware\AM_ShellExt64.dll [2021-03-30] (Zemana D.O.O. Sarajevo -> Advanced Malware Protection. Copyright 2019.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2021-11-24] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\60.0.2.0\drivefsext.dll [2022-06-21] (Google LLC -> Google, Inc.)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-06-07] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Smart Security\shellExt.dll [2022-04-24] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [FormatFactoryShell] -> {A3888923-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files (x86)\FormatFactory\ShellEx64_105.dll [2018-11-29] (Free Time) [File not signed]
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2022-02-01] (Google LLC -> Google)
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2020-09-08] (Apple Inc. -> Apple Inc.)
ContextMenuHandlers1: [SageThumbs] -> {4A34B3E3-F50E-4FF6-8979-7E4176466FF2} => C:\Program Files (x86)\SageThumbs\64\SageThumbs.dll [2015-03-10] (CherubicSoft) [File not signed]
ContextMenuHandlers1: [Seafile] -> {D14BEDD3-4E05-4F2F-B0DE-C0381E6AE606} => C:\Users\drjan_000\AppData\Roaming\Seafile\seafile_shell_ext64.dll -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Smart Security\shellExt.dll [2022-04-24] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2021-11-24] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\60.0.2.0\drivefsext.dll [2022-06-21] (Google LLC -> Google, Inc.)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-06-07] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers4: [FormatFactoryShell] -> {A3888923-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files (x86)\FormatFactory\ShellEx64_105.dll [2018-11-29] (Free Time) [File not signed]
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2022-02-01] (Google LLC -> Google)
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers4: [Seafile] -> {D14BEDD3-4E05-4F2F-B0DE-C0381E6AE606} => C:\Users\drjan_000\AppData\Roaming\Seafile\seafile_shell_ext64.dll -> No File
ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\60.0.2.0\drivefsext.dll [2022-06-21] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.52.0.dll [2022-06-07] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-06-12] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [Seafile] -> {D14BEDD3-4E05-4F2F-B0DE-C0381E6AE606} => C:\Users\drjan_000\AppData\Roaming\Seafile\seafile_shell_ext64.dll -> No File
ContextMenuHandlers6: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana\AntiMalware\AM_ShellExt64.dll [2021-03-30] (Zemana D.O.O. Sarajevo -> Advanced Malware Protection. Copyright 2019.)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2021-11-24] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Smart Security\shellExt.dll [2022-04-24] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [Seafile] -> {D14BEDD3-4E05-4F2F-B0DE-C0381E6AE606} => C:\Users\drjan_000\AppData\Roaming\Seafile\seafile_shell_ext64.dll -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [vidc.i420] => C:\WINDOWS\system32\lvcod64.dll [175392 2012-10-26] (Logitech, Inc. -> Logitech Inc.)
HKLM\...\Drivers32: [VIDC.LAGS] => C:\WINDOWS\system32\lagarith.dll [148992 2012-05-18] () [File not signed]
HKLM\...\Drivers32: [vidc.i420] => C:\Windows\SysWOW64\lvcodec2.dll [305000 2012-10-26] (Logitech, Inc. -> Logitech Inc.)
Prosím o kontrolu - napadeno Ransomware Vyřešeno
-
Brabenecsiafu
- nováček
- Příspěvky: 28
- Registrován: červenec 22
- Pohlaví:
- Stav:
Offline
-
Brabenecsiafu
- nováček
- Příspěvky: 28
- Registrován: červenec 22
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu - napadeno Ransomware
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\drjan_000\Desktop\SketchUp for Web.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=beodkchghmjjfhojholjdhdfodleinln
ShortcutWithArgument: C:\Users\drjan_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\AirDroid Remote Control Plugin.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=macmgoeeggnlnmpiojbcniblabkdjphe
ShortcutWithArgument: C:\Users\drjan_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\SketchUp for Web.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=beodkchghmjjfhojholjdhdfodleinln
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Your Software Deals.lnk -> C:\ProgramData\Ashampoo\YourDeals.exe () -> hxxp://linktarget.ashampoo.com/linktarg ... -pos=Metro
==================== Loaded Modules (Whitelisted) =============
2021-01-28 17:32 - 2014-04-17 10:54 - 000863232 _____ ( Realtek Semiconductor Corp.) [File not signed] C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\P2PLib.dll
2021-01-28 17:32 - 2014-04-17 10:54 - 000221184 _____ () [File not signed] C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\EnumDevLib.dll
2021-01-12 17:32 - 2016-08-09 07:13 - 000183296 _____ () [File not signed] C:\Program Files\PostgreSQL\9.5\bin\LIBPQ.dll
2021-01-12 17:33 - 2016-07-27 10:08 - 002264576 _____ () [File not signed] C:\Program Files\PostgreSQL\9.5\bin\libxml2.dll
2021-03-26 18:26 - 2021-03-26 18:26 - 000336896 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Interop.CxHef9fb4ae#\df3f31000d02de958b7e95cc455f7b43\Interop.CxHDAudioAPILib.ni.dll
2017-12-19 09:09 - 2013-11-11 13:45 - 000092160 _____ (Conexant Systems, Inc) [File not signed] C:\Program Files\Conexant\SAII\COneKeyAPI.dll
2017-12-19 09:09 - 2014-10-09 14:02 - 001100800 _____ (Conexant Systems, Inc.) [File not signed] [File is in use] C:\Program Files\Conexant\SAII\CxHDAudioAPI.dll
2021-01-12 17:33 - 2015-08-26 10:40 - 001687930 _____ (Free Software Foundation) [File not signed] C:\Program Files\PostgreSQL\9.5\bin\libiconv-2.dll
2021-01-12 17:33 - 2015-08-26 10:40 - 000685350 _____ (Free Software Foundation) [File not signed] C:\Program Files\PostgreSQL\9.5\bin\libintl-8.dll
2015-03-10 17:48 - 2015-03-10 17:48 - 000445952 _____ (CherubicSoft) [File not signed] C:\Program Files (x86)\SageThumbs\64\SageThumbs.dll
2015-03-10 17:47 - 2015-03-10 17:47 - 000765440 _____ (CherubicSoft) [File not signed] C:\Program Files (x86)\SageThumbs\64\sqlite3.dll
2015-08-24 11:11 - 2015-08-24 11:11 - 000109704 _____ (LENOVO -> ) [File not signed] C:\Program Files (x86)\MagicPlus\crashreport.dll
2015-08-24 11:11 - 2015-08-24 11:11 - 000354440 _____ (LENOVO -> ) [File not signed] C:\Program Files (x86)\MagicPlus\UsbHelper.dll
2015-08-24 11:11 - 2015-08-24 11:11 - 000418952 _____ (LENOVO -> Microsoft Corporation) [File not signed] C:\Program Files (x86)\MagicPlus\MSVCP100.dll
2015-08-24 11:11 - 2015-08-24 11:11 - 000771720 _____ (LENOVO -> Microsoft Corporation) [File not signed] C:\Program Files (x86)\MagicPlus\MSVCR100.dll
2021-01-28 17:32 - 2014-04-17 10:54 - 000200704 _____ (Realtek) [File not signed] C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\IpLib.dll
2021-01-28 17:32 - 2014-04-17 10:54 - 000044544 _____ (Realtek) [File not signed] C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RtlQRCode.dll
2017-01-06 18:53 - 2007-09-18 17:44 - 000421888 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBIPDev.dll
2017-01-06 18:53 - 2007-09-10 16:03 - 000110592 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBLPBidiDev.dll
2017-01-06 18:53 - 2006-12-26 15:58 - 000233544 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBMSDev.dll
2017-01-06 18:53 - 2004-11-17 17:56 - 000286720 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBNWDev.dll
2017-01-06 18:53 - 2007-09-10 16:32 - 000135168 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBRSVC.dll
2017-01-06 18:53 - 2006-08-30 02:02 - 000106496 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\Common Files\EPSON\EBAPI\epLocalBidi.dll
2017-01-06 18:28 - 2012-11-12 16:15 - 000558592 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\WINDOWS\System32\enppmon.dll
2017-01-06 18:28 - 2012-10-22 18:19 - 000219648 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\WINDOWS\System32\enpres.dll
2021-01-28 17:32 - 2014-04-17 10:54 - 001122304 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\LIBEAY32.dll
2021-01-12 17:33 - 2016-05-05 08:35 - 001655808 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\PostgreSQL\9.5\bin\LIBEAY32.dll
2021-01-12 17:33 - 2016-05-05 08:35 - 000349696 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\PostgreSQL\9.5\bin\SSLEAY32.dll
2014-02-07 18:47 - 2014-02-07 18:47 - 001519104 _____ (XnView) [File not signed] C:\Program Files (x86)\SageThumbs\64\libgfl340.dll
2014-02-07 18:47 - 2014-02-07 18:47 - 000256000 _____ (XnView) [File not signed] C:\Program Files (x86)\SageThumbs\64\libgfle340.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\amsdk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\amsdk.sys => ""="Driver"
==================== Association (Whitelisted) =================
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
HKLM\...\.scr: SageThumbsImage.scr => "%1" /S <==== ATTENTION
==================== Internet Explorer (Whitelisted) ==========
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2020-04-15] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2018-05-15] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Wondershare AllMyTube 4.9.0 -> {067DF9EC-26B7-40DC-8DB8-CD8BE85AE367} -> C:\ProgramData\Wondershare\AllMyTube\WSBrowserAppMgr.dll [2017-03-29] (Wondershare Technology Co.,Ltd -> )
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2020-04-15] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2018-05-15] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2017-08-15] (Microsoft Corporation -> Microsoft Corporation)
Handler: WSAllMyTubechrome - {0A0C95CF-A116-4C74 - No File
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 15:25 - 2022-07-29 14:59 - 000000841 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;%JAVA_HOME%\bin;C:\Program Files\dotnet\
HKCU\Environment\\Path -> %USERPROFILE%\AppData\Local\Microsoft\WindowsApps
HKU\S-1-5-21-441044182-2704751091-3235625209-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\drjan_000\AppData\Local\Temp\LXT2H924-WC01-GJ56-JG0Z-C65NUKGGWW2N.bmp
HKU\S-1-5-21-441044182-2704751091-3235625209-1014\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
DNS Servers: Media is not connected to internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\StartupFolder: => "TREZOR Bridge.lnk"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "TuneupUI.exe"
HKLM\...\StartupApproved\Run: => "Wondershare Helper Compact.exe"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKLM\...\StartupApproved\Run32: => "DelaypluginInstall"
HKLM\...\StartupApproved\Run32: => "AdobeCS6ServiceManager"
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKLM\...\StartupApproved\Run32: => "LWS"
HKLM\...\StartupApproved\Run32: => "SwitchBoard"
HKLM\...\StartupApproved\Run32: => "VirtualCloneDrive"
HKLM\...\StartupApproved\Run32: => "MagicPlusHelper"
HKLM\...\StartupApproved\Run32: => "WsmUpdater"
HKLM\...\StartupApproved\Run32: => "VCamRun.exe"
HKU\S-1-5-21-441044182-2704751091-3235625209-1001\...\StartupApproved\StartupFolder: => "Odeslat do OneNote.lnk"
HKU\S-1-5-21-441044182-2704751091-3235625209-1001\...\StartupApproved\Run: => "EPSON (Epson Stylus SX525WD)"
HKU\S-1-5-21-441044182-2704751091-3235625209-1001\...\StartupApproved\Run: => "iCloudDrive"
HKU\S-1-5-21-441044182-2704751091-3235625209-1001\...\StartupApproved\Run: => "AppleIEDAV"
HKU\S-1-5-21-441044182-2704751091-3235625209-1001\...\StartupApproved\Run: => "iCloudPhotos"
HKU\S-1-5-21-441044182-2704751091-3235625209-1001\...\StartupApproved\Run: => "ApplePhotoStreams"
HKU\S-1-5-21-441044182-2704751091-3235625209-1001\...\StartupApproved\Run: => "iCloudServices"
HKU\S-1-5-21-441044182-2704751091-3235625209-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-441044182-2704751091-3235625209-1001\...\StartupApproved\Run: => "PicPick Start"
HKU\S-1-5-21-441044182-2704751091-3235625209-1001\...\StartupApproved\Run: => "GoogleDriveSync"
HKU\S-1-5-21-441044182-2704751091-3235625209-1001\...\StartupApproved\Run: => "WarThunderLauncher"
HKU\S-1-5-21-441044182-2704751091-3235625209-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-441044182-2704751091-3235625209-1001\...\StartupApproved\Run: => "I0X5CBZH-T2RV-494B-X1V2-Y0G6W3E1K47L-"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{7FD0A86C-B9D8-4C65-9BD9-30142892F92A}] => (Allow) C:\Program Files (x86)\DroidCam\DroidCamApp.exe (DEV47 APPS -> )
FirewallRules: [{89634D1E-FDAB-46FC-9712-D23FBA5F40EE}] => (Allow) C:\Program Files (x86)\DroidCam\DroidCamApp.exe (DEV47 APPS -> )
FirewallRules: [{1B03D41E-447E-415F-90FB-AF841EF41A82}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{793CD9FB-59B8-41C7-91BA-7A5EE412C3D9}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6D2630EB-5A3E-4E0F-8CF3-1D3940E6F0D6}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{991BBD98-46ED-426E-BA6D-706DB3E6EAB5}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{0A176211-9961-4773-8A89-D392F33EEA8F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{8B627F99-6FB3-4158-B833-1859583E8B37}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{A1DE9F86-0E1D-425C-8623-EE41E53614F5}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{4BF08B99-4E09-4027-87C5-6261E4BC873F}] => (Allow) C:\Users\drjan_000\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{50F87A3D-B073-4E38-8EDE-A8E810EB03F4}] => (Allow) C:\Users\drjan_000\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{A053B14E-6923-47FE-9736-F6E3ADB56C2E}] => (Allow) C:\Program Files\MetaTrader 5\metatester64.exe (MetaQuotes Ltd. -> MetaQuotes Software Corp.)
FirewallRules: [{20B6E42C-532D-4EC0-AF1E-4DAF2CA90852}] => (Allow) C:\Program Files (x86)\Apowersoft\ApowerREC\ApowerREC.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{64E15D04-91F1-4C1B-9859-D00D23175E01}] => (Allow) C:\Program Files (x86)\Apowersoft\ApowerREC\ApowerREC.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{0E38B76B-25AA-477A-9EFA-87E41243A1D1}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\Resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [{B2EE53F1-1121-415C-93DF-224104EE8318}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\bmdpaneld.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{B9E37C6D-49CA-4575-8E5B-8C9A3387E0B3}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\DaVinciPanelDaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{61F58795-44CE-40D2-B6C9-5479BCE7B381}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\JLCooperPanelDaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{1633E629-D7A9-4B3D-A774-40A6A1D086E5}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\EuphonixPanelDaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{9C5C45E9-7C95-469C-9ADE-778C2F8CF1F6}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\TangentPanelDaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{7926C32B-28BE-4177-95DC-6C0038C56F14}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\ElementsPanelDaemon.exe => No File
FirewallRules: [{219CE2A7-CE93-44D1-94E0-CD0E5F603B44}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\OxygenPanelDaemon.exe => No File
FirewallRules: [{B24EA98E-5FF6-4E4F-9FD1-637FB16FF549}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\DPDecoder.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{5F3D6BAE-8972-4B99-8F3E-6DC271622856}] => (Allow) C:\ProgramData\Blackmagic Design\DaVinci Resolve\Support\QtDecoder\QTDecoder.exe => No File
FirewallRules: [{9960E72A-5EAC-4A9E-A231-9320EC18ED9A}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5D784A8D-EBC7-47F9-8301-0E77F913DD76}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{0E5F208D-86F0-4E2C-B7FB-627442BF743C}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{58F67246-62C8-4A66-886D-650CCFC9588F}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8D93C808-DE61-4554-8720-549EA7F043C9}] => (Allow) C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RtWLan.exe (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
FirewallRules: [{0BCD1F9F-9E5E-41AD-AE4C-5EF3988BF52E}] => (Allow) LPort=1542
FirewallRules: [{C98B3FCB-8410-4A6D-9B54-1C7548C4B360}] => (Allow) LPort=1542
FirewallRules: [{13C92ED7-EEB1-4E63-8DE8-8AFEF61D03D9}] => (Allow) LPort=53
FirewallRules: [{F827D543-D8AD-4759-B20E-965A62192390}] => (Allow) C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RTLDHCP.exe (Realtek Semiconductor Corp -> Realtek)
FirewallRules: [{AB884F7F-97CD-4FDE-BF5F-E17F219B5EDD}] => (Allow) C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RTLDHCP.exe (Realtek Semiconductor Corp -> Realtek)
FirewallRules: [{1CC73E3C-E68A-415C-B128-565F195FC26B}] => (Allow) C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RTLDHCP.exe (Realtek Semiconductor Corp -> Realtek)
FirewallRules: [{DE9B78F4-B963-4569-B750-A3D82D8BACDB}] => (Allow) LPort=53
FirewallRules: [{2688070A-E953-4D2A-92FB-8CEF7B2CBE2D}] => (Allow) C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RTLDHCP.exe (Realtek Semiconductor Corp -> Realtek)
FirewallRules: [{E233616C-A137-4A93-97A7-7E19A668B6A5}] => (Allow) C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RTLDHCP.exe (Realtek Semiconductor Corp -> Realtek)
FirewallRules: [{DE0C20FE-948E-457D-A4C9-997FB092F605}] => (Allow) C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RTLDHCP.exe (Realtek Semiconductor Corp -> Realtek)
FirewallRules: [{CB23F81F-F253-48D1-AF24-9A721D044107}] => (Allow) C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RTLDHCP.exe (Realtek Semiconductor Corp -> Realtek)
FirewallRules: [{2F1FE644-506B-4B9E-9F06-5B34C20BBA0D}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{C3BE1F6F-C14F-4B38-B0A8-7BCB3D9C8092}] => (Allow) C:\Program Files (x86)\BlueStacks X\BlueStacksWeb.exe (Bluestack Systems, Inc -> Bluestack Systems, Inc.)
FirewallRules: [{44A74D13-A6B1-4B26-873B-E7DA25A7BDBB}] => (Allow) C:\Program Files (x86)\BlueStacks X\Cloud Game.exe (Bluestack Systems, Inc -> Bluestack Systems, Inc.)
FirewallRules: [{8EE71509-A0B8-4478-BAC9-6B335BEBC34F}] => (Allow) C:\Program Files\BlueStacks_nxt\HD-Player.exe (Bluestack Systems, Inc -> BlueStack Systems)
FirewallRules: [{69A6EFFC-1164-4CE4-B78D-4FD7A2690A37}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.85.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F1C25EF6-CC17-485F-A76A-13DC2965C34C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.85.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{BBD0F45E-2CEF-4D32-95F6-6D667DB29D90}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.85.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{5DE0E874-6CEC-4BF6-B480-4EAA581C44F8}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.85.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{537BF425-89E9-4D7F-A9E4-5D62496ABAEC}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{F81E5660-A0AA-4084-AE9F-7E93268910FE}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
==================== Restore Points =========================
27-07-2022 10:22:18 AdwCleaner_BeforeCleaning_27/07/2022_10:22:17
27-07-2022 10:34:37 JRT Pre-Junkware Removal
30-07-2022 08:20:48 AdwCleaner_BeforeCleaning_30/07/2022_08:20:39
==================== Faulty Device Manager Devices ============
Name: Síťový adaptér Ethernet
Description: Síťový adaptér Ethernet
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Intel(R) Management Engine Interface
Description: Intel(R) Management Engine Interface
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: MEIx64
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Síťový adaptér
Description: Síťový adaptér
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: ========================
Application errors:
==================
Error: (07/31/2022 09:13:32 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: backgroundTaskHost.exe, verze: 10.0.18362.1, časové razítko: 0x533f8404
Název chybujícího modulu: biwinrt.dll, verze: 10.0.18362.1316, časové razítko: 0xbe673169
Kód výjimky: 0xc000027b
Posun chyby: 0x0000000000013fc7
ID chybujícího procesu: 0x2540
Čas spuštění chybující aplikace: 0x01d8a4accf519379
Cesta k chybující aplikaci: C:\WINDOWS\system32\backgroundTaskHost.exe
Cesta k chybujícímu modulu: C:\Windows\System32\biwinrt.dll
ID zprávy: c66c3308-e5fa-43cb-b192-ec611c9cd7d1
Úplný název chybujícího balíčku: Microsoft.People_10.2105.4.0_x64__8wekyb3d8bbwe
ID aplikace související s chybujícím balíčkem: x4c7a3b7dy2188y46d4ya362y19ac5a5805e5x
Error: (07/30/2022 10:09:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: backgroundTaskHost.exe, verze: 10.0.18362.1, časové razítko: 0x533f8404
Název chybujícího modulu: biwinrt.dll, verze: 10.0.18362.1316, časové razítko: 0xbe673169
Kód výjimky: 0xc000027b
Posun chyby: 0x0000000000013fc7
ID chybujícího procesu: 0x1f68
Čas spuštění chybující aplikace: 0x01d8a45027b78118
Cesta k chybující aplikaci: C:\WINDOWS\system32\backgroundTaskHost.exe
Cesta k chybujícímu modulu: C:\Windows\System32\biwinrt.dll
ID zprávy: 2a9902ea-2976-4e18-897e-79cb3fd3d2d8
Úplný název chybujícího balíčku: Microsoft.People_10.2105.4.0_x64__8wekyb3d8bbwe
ID aplikace související s chybujícím balíčkem: x4c7a3b7dy2188y46d4ya362y19ac5a5805e5x
Error: (07/30/2022 09:32:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: backgroundTaskHost.exe, verze: 10.0.18362.1, časové razítko: 0x533f8404
Název chybujícího modulu: biwinrt.dll, verze: 10.0.18362.1316, časové razítko: 0xbe673169
Kód výjimky: 0xc000027b
Posun chyby: 0x0000000000013fc7
ID chybujícího procesu: 0x27bc
Čas spuštění chybující aplikace: 0x01d8a44b030b6a1c
Cesta k chybující aplikaci: C:\WINDOWS\system32\backgroundTaskHost.exe
Cesta k chybujícímu modulu: C:\Windows\System32\biwinrt.dll
ID zprávy: c6ece2ca-6ce4-4438-9758-d72db77a671b
Úplný název chybujícího balíčku: Microsoft.People_10.2105.4.0_x64__8wekyb3d8bbwe
ID aplikace související s chybujícím balíčkem: x4c7a3b7dy2188y46d4ya362y19ac5a5805e5x
Error: (07/30/2022 09:06:36 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.
Error: (07/30/2022 09:06:36 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]
Error: (07/30/2022 08:29:30 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (3812,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (07/30/2022 08:09:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: backgroundTaskHost.exe, verze: 10.0.18362.1, časové razítko: 0x533f8404
Název chybujícího modulu: biwinrt.dll, verze: 10.0.18362.1316, časové razítko: 0xbe673169
Kód výjimky: 0xc000027b
Posun chyby: 0x0000000000013fc7
ID chybujícího procesu: 0x2e48
Čas spuštění chybující aplikace: 0x01d8a43f4bb4d060
Cesta k chybující aplikaci: C:\WINDOWS\system32\backgroundTaskHost.exe
Cesta k chybujícímu modulu: C:\Windows\System32\biwinrt.dll
ID zprávy: 84370b9d-060a-4e2e-8c86-26f3a0ebe1d6
Úplný název chybujícího balíčku: Microsoft.People_10.2105.4.0_x64__8wekyb3d8bbwe
ID aplikace související s chybujícím balíčkem: x4c7a3b7dy2188y46d4ya362y19ac5a5805e5x
Error: (07/30/2022 08:08:46 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program explorer.exe verze 10.0.18362.1533 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.
ID procesu: 21b0
Čas spuštění: 01d8a43e8a97562b
Čas ukončení: 36
Cesta k aplikaci: C:\Windows\explorer.exe
ID hlášení: e714db65-c237-4832-a6a1-0a53881433cf
Úplný název balíčku s chybou:
ID aplikace relativní podle balíčku s chybou:
Typ zablokování: Unknown
System errors:
=============
Error: (07/31/2022 09:17:31 AM) (Source: DCOM) (EventID: 10001) (User: HONZA)
Description: Nelze spustit server DCOM: Microsoft.Windows.Photos_2022.30060.30007.0_x64__8wekyb3d8bbwe!App.AppX7jktj9tkq9wvy6vgdmk01c27hm98yt2s.mca jako Není k dispozici/Není k dispozici. Došlo k chybě:
2147958031
při provádění příkazu:
"C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2022.30060.30007.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe" -ServerName:App.AppXzst44mncqdg84v7sv6p7yznqwssy6f7f.mca
Error: (07/31/2022 09:16:05 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Aktualizovat službu Orchestrator přestala během spouštění reagovat.
Error: (07/31/2022 09:13:53 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Zprostředkovatel monitorování Ochrany System Guard v režimu runtime přestala během spouštění reagovat.
Error: (07/31/2022 09:11:57 AM) (Source: DCOM) (EventID: 10001) (User: HONZA)
Description: Nelze spustit server DCOM: Microsoft.YourPhone_1.22052.136.0_x64__8wekyb3d8bbwe!App.AppX91kdh3ds06x33j6rj4xkzvqbn983mp49.mca jako Není k dispozici/Není k dispozici. Došlo k chybě:
2147958031
při provádění příkazu:
"C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:App.AppXfkd8mejksk4ancwf4vtyhmkvtzn1jcbs.mca
Error: (07/31/2022 09:11:56 AM) (Source: DCOM) (EventID: 10001) (User: HONZA)
Description: Nelze spustit server DCOM: Microsoft.Windows.Photos_2022.30060.30007.0_x64__8wekyb3d8bbwe!App.AppX7jktj9tkq9wvy6vgdmk01c27hm98yt2s.mca jako Není k dispozici/Není k dispozici. Došlo k chybě:
2147958031
při provádění příkazu:
"C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2022.30060.30007.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe" -ServerName:App.AppXzst44mncqdg84v7sv6p7yznqwssy6f7f.mca
Error: (07/31/2022 09:11:54 AM) (Source: DCOM) (EventID: 10001) (User: HONZA)
Description: Nelze spustit server DCOM: Microsoft.YourPhone_1.22052.136.0_x64__8wekyb3d8bbwe!App.AppXvctmff39365zg14pgmystcwtys462fpa.mca jako Není k dispozici/Není k dispozici. Došlo k chybě:
2147958031
při provádění příkazu:
"C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22052.136.0_x64__8wekyb3d8bbwe\YourPhone.exe" -ServerName:App.AppX9yct9q388jvt4h7y0gn06smzkxcsnt8m.mca
Error: (07/31/2022 09:11:47 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Správce stažených map přestala během spouštění reagovat.
Error: (07/31/2022 09:05:33 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Realtek DHCP Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
==================== Memory info ===========================
BIOS: LENOVO 9ACN29WW 10/20/2014
Motherboard: LENOVO Lancer 5A2
Processor: Intel(R) Core(TM) i7-4510U CPU @ 2.00GHz
Percentage of memory in use: 42%
Total physical RAM: 8100.27 MB
Available physical RAM: 4687.7 MB
Total Virtual: 9700.27 MB
Available Virtual: 6217.01 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:930.2 GB) (Free:294.12 GB) (Model: ST1000LM024 HN-M101MBB) NTFS
Drive d: () (Removable) (Total:3.8 GB) (Free:2.94 GB) FAT32
\\?\Volume{5922363b-3d8f-4844-8c32-3b78de90dfa8}\ (Recovery) (Fixed) (Total:0.29 GB) (Free:0.06 GB) NTFS
\\?\Volume{8ad169b1-e419-4830-b1a3-f2a8dd7673ae}\ () (Fixed) (Total:0.79 GB) (Free:0.3 GB) NTFS
\\?\Volume{21b46fe0-8e42-41f7-8a61-98a9c225f336}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)
Partition: GPT.
==========================================================
Disk: 1 (Protective MBR) (Size: 3.8 GB) (Disk ID: 00000000)
Partition: GPT.
==================== End of Addition.txt =======================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\drjan_000\Desktop\SketchUp for Web.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=beodkchghmjjfhojholjdhdfodleinln
ShortcutWithArgument: C:\Users\drjan_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\AirDroid Remote Control Plugin.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=macmgoeeggnlnmpiojbcniblabkdjphe
ShortcutWithArgument: C:\Users\drjan_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\SketchUp for Web.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=beodkchghmjjfhojholjdhdfodleinln
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Your Software Deals.lnk -> C:\ProgramData\Ashampoo\YourDeals.exe () -> hxxp://linktarget.ashampoo.com/linktarg ... -pos=Metro
==================== Loaded Modules (Whitelisted) =============
2021-01-28 17:32 - 2014-04-17 10:54 - 000863232 _____ ( Realtek Semiconductor Corp.) [File not signed] C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\P2PLib.dll
2021-01-28 17:32 - 2014-04-17 10:54 - 000221184 _____ () [File not signed] C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\EnumDevLib.dll
2021-01-12 17:32 - 2016-08-09 07:13 - 000183296 _____ () [File not signed] C:\Program Files\PostgreSQL\9.5\bin\LIBPQ.dll
2021-01-12 17:33 - 2016-07-27 10:08 - 002264576 _____ () [File not signed] C:\Program Files\PostgreSQL\9.5\bin\libxml2.dll
2021-03-26 18:26 - 2021-03-26 18:26 - 000336896 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Interop.CxHef9fb4ae#\df3f31000d02de958b7e95cc455f7b43\Interop.CxHDAudioAPILib.ni.dll
2017-12-19 09:09 - 2013-11-11 13:45 - 000092160 _____ (Conexant Systems, Inc) [File not signed] C:\Program Files\Conexant\SAII\COneKeyAPI.dll
2017-12-19 09:09 - 2014-10-09 14:02 - 001100800 _____ (Conexant Systems, Inc.) [File not signed] [File is in use] C:\Program Files\Conexant\SAII\CxHDAudioAPI.dll
2021-01-12 17:33 - 2015-08-26 10:40 - 001687930 _____ (Free Software Foundation) [File not signed] C:\Program Files\PostgreSQL\9.5\bin\libiconv-2.dll
2021-01-12 17:33 - 2015-08-26 10:40 - 000685350 _____ (Free Software Foundation) [File not signed] C:\Program Files\PostgreSQL\9.5\bin\libintl-8.dll
2015-03-10 17:48 - 2015-03-10 17:48 - 000445952 _____ (CherubicSoft) [File not signed] C:\Program Files (x86)\SageThumbs\64\SageThumbs.dll
2015-03-10 17:47 - 2015-03-10 17:47 - 000765440 _____ (CherubicSoft) [File not signed] C:\Program Files (x86)\SageThumbs\64\sqlite3.dll
2015-08-24 11:11 - 2015-08-24 11:11 - 000109704 _____ (LENOVO -> ) [File not signed] C:\Program Files (x86)\MagicPlus\crashreport.dll
2015-08-24 11:11 - 2015-08-24 11:11 - 000354440 _____ (LENOVO -> ) [File not signed] C:\Program Files (x86)\MagicPlus\UsbHelper.dll
2015-08-24 11:11 - 2015-08-24 11:11 - 000418952 _____ (LENOVO -> Microsoft Corporation) [File not signed] C:\Program Files (x86)\MagicPlus\MSVCP100.dll
2015-08-24 11:11 - 2015-08-24 11:11 - 000771720 _____ (LENOVO -> Microsoft Corporation) [File not signed] C:\Program Files (x86)\MagicPlus\MSVCR100.dll
2021-01-28 17:32 - 2014-04-17 10:54 - 000200704 _____ (Realtek) [File not signed] C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\IpLib.dll
2021-01-28 17:32 - 2014-04-17 10:54 - 000044544 _____ (Realtek) [File not signed] C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RtlQRCode.dll
2017-01-06 18:53 - 2007-09-18 17:44 - 000421888 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBIPDev.dll
2017-01-06 18:53 - 2007-09-10 16:03 - 000110592 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBLPBidiDev.dll
2017-01-06 18:53 - 2006-12-26 15:58 - 000233544 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBMSDev.dll
2017-01-06 18:53 - 2004-11-17 17:56 - 000286720 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBNWDev.dll
2017-01-06 18:53 - 2007-09-10 16:32 - 000135168 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBRSVC.dll
2017-01-06 18:53 - 2006-08-30 02:02 - 000106496 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\Common Files\EPSON\EBAPI\epLocalBidi.dll
2017-01-06 18:28 - 2012-11-12 16:15 - 000558592 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\WINDOWS\System32\enppmon.dll
2017-01-06 18:28 - 2012-10-22 18:19 - 000219648 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\WINDOWS\System32\enpres.dll
2021-01-28 17:32 - 2014-04-17 10:54 - 001122304 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\LIBEAY32.dll
2021-01-12 17:33 - 2016-05-05 08:35 - 001655808 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\PostgreSQL\9.5\bin\LIBEAY32.dll
2021-01-12 17:33 - 2016-05-05 08:35 - 000349696 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\PostgreSQL\9.5\bin\SSLEAY32.dll
2014-02-07 18:47 - 2014-02-07 18:47 - 001519104 _____ (XnView) [File not signed] C:\Program Files (x86)\SageThumbs\64\libgfl340.dll
2014-02-07 18:47 - 2014-02-07 18:47 - 000256000 _____ (XnView) [File not signed] C:\Program Files (x86)\SageThumbs\64\libgfle340.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\amsdk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\amsdk.sys => ""="Driver"
==================== Association (Whitelisted) =================
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
HKLM\...\.scr: SageThumbsImage.scr => "%1" /S <==== ATTENTION
==================== Internet Explorer (Whitelisted) ==========
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2020-04-15] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2018-05-15] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Wondershare AllMyTube 4.9.0 -> {067DF9EC-26B7-40DC-8DB8-CD8BE85AE367} -> C:\ProgramData\Wondershare\AllMyTube\WSBrowserAppMgr.dll [2017-03-29] (Wondershare Technology Co.,Ltd -> )
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2020-04-15] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2018-05-15] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2017-08-15] (Microsoft Corporation -> Microsoft Corporation)
Handler: WSAllMyTubechrome - {0A0C95CF-A116-4C74 - No File
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 15:25 - 2022-07-29 14:59 - 000000841 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;%JAVA_HOME%\bin;C:\Program Files\dotnet\
HKCU\Environment\\Path -> %USERPROFILE%\AppData\Local\Microsoft\WindowsApps
HKU\S-1-5-21-441044182-2704751091-3235625209-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\drjan_000\AppData\Local\Temp\LXT2H924-WC01-GJ56-JG0Z-C65NUKGGWW2N.bmp
HKU\S-1-5-21-441044182-2704751091-3235625209-1014\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
DNS Servers: Media is not connected to internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\StartupFolder: => "TREZOR Bridge.lnk"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "TuneupUI.exe"
HKLM\...\StartupApproved\Run: => "Wondershare Helper Compact.exe"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKLM\...\StartupApproved\Run32: => "DelaypluginInstall"
HKLM\...\StartupApproved\Run32: => "AdobeCS6ServiceManager"
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKLM\...\StartupApproved\Run32: => "LWS"
HKLM\...\StartupApproved\Run32: => "SwitchBoard"
HKLM\...\StartupApproved\Run32: => "VirtualCloneDrive"
HKLM\...\StartupApproved\Run32: => "MagicPlusHelper"
HKLM\...\StartupApproved\Run32: => "WsmUpdater"
HKLM\...\StartupApproved\Run32: => "VCamRun.exe"
HKU\S-1-5-21-441044182-2704751091-3235625209-1001\...\StartupApproved\StartupFolder: => "Odeslat do OneNote.lnk"
HKU\S-1-5-21-441044182-2704751091-3235625209-1001\...\StartupApproved\Run: => "EPSON (Epson Stylus SX525WD)"
HKU\S-1-5-21-441044182-2704751091-3235625209-1001\...\StartupApproved\Run: => "iCloudDrive"
HKU\S-1-5-21-441044182-2704751091-3235625209-1001\...\StartupApproved\Run: => "AppleIEDAV"
HKU\S-1-5-21-441044182-2704751091-3235625209-1001\...\StartupApproved\Run: => "iCloudPhotos"
HKU\S-1-5-21-441044182-2704751091-3235625209-1001\...\StartupApproved\Run: => "ApplePhotoStreams"
HKU\S-1-5-21-441044182-2704751091-3235625209-1001\...\StartupApproved\Run: => "iCloudServices"
HKU\S-1-5-21-441044182-2704751091-3235625209-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-441044182-2704751091-3235625209-1001\...\StartupApproved\Run: => "PicPick Start"
HKU\S-1-5-21-441044182-2704751091-3235625209-1001\...\StartupApproved\Run: => "GoogleDriveSync"
HKU\S-1-5-21-441044182-2704751091-3235625209-1001\...\StartupApproved\Run: => "WarThunderLauncher"
HKU\S-1-5-21-441044182-2704751091-3235625209-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-441044182-2704751091-3235625209-1001\...\StartupApproved\Run: => "I0X5CBZH-T2RV-494B-X1V2-Y0G6W3E1K47L-"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{7FD0A86C-B9D8-4C65-9BD9-30142892F92A}] => (Allow) C:\Program Files (x86)\DroidCam\DroidCamApp.exe (DEV47 APPS -> )
FirewallRules: [{89634D1E-FDAB-46FC-9712-D23FBA5F40EE}] => (Allow) C:\Program Files (x86)\DroidCam\DroidCamApp.exe (DEV47 APPS -> )
FirewallRules: [{1B03D41E-447E-415F-90FB-AF841EF41A82}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{793CD9FB-59B8-41C7-91BA-7A5EE412C3D9}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6D2630EB-5A3E-4E0F-8CF3-1D3940E6F0D6}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{991BBD98-46ED-426E-BA6D-706DB3E6EAB5}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{0A176211-9961-4773-8A89-D392F33EEA8F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{8B627F99-6FB3-4158-B833-1859583E8B37}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{A1DE9F86-0E1D-425C-8623-EE41E53614F5}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{4BF08B99-4E09-4027-87C5-6261E4BC873F}] => (Allow) C:\Users\drjan_000\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{50F87A3D-B073-4E38-8EDE-A8E810EB03F4}] => (Allow) C:\Users\drjan_000\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{A053B14E-6923-47FE-9736-F6E3ADB56C2E}] => (Allow) C:\Program Files\MetaTrader 5\metatester64.exe (MetaQuotes Ltd. -> MetaQuotes Software Corp.)
FirewallRules: [{20B6E42C-532D-4EC0-AF1E-4DAF2CA90852}] => (Allow) C:\Program Files (x86)\Apowersoft\ApowerREC\ApowerREC.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{64E15D04-91F1-4C1B-9859-D00D23175E01}] => (Allow) C:\Program Files (x86)\Apowersoft\ApowerREC\ApowerREC.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{0E38B76B-25AA-477A-9EFA-87E41243A1D1}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\Resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [{B2EE53F1-1121-415C-93DF-224104EE8318}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\bmdpaneld.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{B9E37C6D-49CA-4575-8E5B-8C9A3387E0B3}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\DaVinciPanelDaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{61F58795-44CE-40D2-B6C9-5479BCE7B381}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\JLCooperPanelDaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{1633E629-D7A9-4B3D-A774-40A6A1D086E5}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\EuphonixPanelDaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{9C5C45E9-7C95-469C-9ADE-778C2F8CF1F6}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\TangentPanelDaemon.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{7926C32B-28BE-4177-95DC-6C0038C56F14}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\ElementsPanelDaemon.exe => No File
FirewallRules: [{219CE2A7-CE93-44D1-94E0-CD0E5F603B44}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\OxygenPanelDaemon.exe => No File
FirewallRules: [{B24EA98E-5FF6-4E4F-9FD1-637FB16FF549}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\DPDecoder.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [{5F3D6BAE-8972-4B99-8F3E-6DC271622856}] => (Allow) C:\ProgramData\Blackmagic Design\DaVinci Resolve\Support\QtDecoder\QTDecoder.exe => No File
FirewallRules: [{9960E72A-5EAC-4A9E-A231-9320EC18ED9A}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5D784A8D-EBC7-47F9-8301-0E77F913DD76}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{0E5F208D-86F0-4E2C-B7FB-627442BF743C}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{58F67246-62C8-4A66-886D-650CCFC9588F}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8D93C808-DE61-4554-8720-549EA7F043C9}] => (Allow) C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RtWLan.exe (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
FirewallRules: [{0BCD1F9F-9E5E-41AD-AE4C-5EF3988BF52E}] => (Allow) LPort=1542
FirewallRules: [{C98B3FCB-8410-4A6D-9B54-1C7548C4B360}] => (Allow) LPort=1542
FirewallRules: [{13C92ED7-EEB1-4E63-8DE8-8AFEF61D03D9}] => (Allow) LPort=53
FirewallRules: [{F827D543-D8AD-4759-B20E-965A62192390}] => (Allow) C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RTLDHCP.exe (Realtek Semiconductor Corp -> Realtek)
FirewallRules: [{AB884F7F-97CD-4FDE-BF5F-E17F219B5EDD}] => (Allow) C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RTLDHCP.exe (Realtek Semiconductor Corp -> Realtek)
FirewallRules: [{1CC73E3C-E68A-415C-B128-565F195FC26B}] => (Allow) C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RTLDHCP.exe (Realtek Semiconductor Corp -> Realtek)
FirewallRules: [{DE9B78F4-B963-4569-B750-A3D82D8BACDB}] => (Allow) LPort=53
FirewallRules: [{2688070A-E953-4D2A-92FB-8CEF7B2CBE2D}] => (Allow) C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RTLDHCP.exe (Realtek Semiconductor Corp -> Realtek)
FirewallRules: [{E233616C-A137-4A93-97A7-7E19A668B6A5}] => (Allow) C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RTLDHCP.exe (Realtek Semiconductor Corp -> Realtek)
FirewallRules: [{DE0C20FE-948E-457D-A4C9-997FB092F605}] => (Allow) C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RTLDHCP.exe (Realtek Semiconductor Corp -> Realtek)
FirewallRules: [{CB23F81F-F253-48D1-AF24-9A721D044107}] => (Allow) C:\Program Files (x86)\Realtek\USB Wireless LAN Utility\RTLDHCP.exe (Realtek Semiconductor Corp -> Realtek)
FirewallRules: [{2F1FE644-506B-4B9E-9F06-5B34C20BBA0D}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{C3BE1F6F-C14F-4B38-B0A8-7BCB3D9C8092}] => (Allow) C:\Program Files (x86)\BlueStacks X\BlueStacksWeb.exe (Bluestack Systems, Inc -> Bluestack Systems, Inc.)
FirewallRules: [{44A74D13-A6B1-4B26-873B-E7DA25A7BDBB}] => (Allow) C:\Program Files (x86)\BlueStacks X\Cloud Game.exe (Bluestack Systems, Inc -> Bluestack Systems, Inc.)
FirewallRules: [{8EE71509-A0B8-4478-BAC9-6B335BEBC34F}] => (Allow) C:\Program Files\BlueStacks_nxt\HD-Player.exe (Bluestack Systems, Inc -> BlueStack Systems)
FirewallRules: [{69A6EFFC-1164-4CE4-B78D-4FD7A2690A37}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.85.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F1C25EF6-CC17-485F-A76A-13DC2965C34C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.85.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{BBD0F45E-2CEF-4D32-95F6-6D667DB29D90}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.85.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{5DE0E874-6CEC-4BF6-B480-4EAA581C44F8}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.85.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{537BF425-89E9-4D7F-A9E4-5D62496ABAEC}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{F81E5660-A0AA-4084-AE9F-7E93268910FE}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
==================== Restore Points =========================
27-07-2022 10:22:18 AdwCleaner_BeforeCleaning_27/07/2022_10:22:17
27-07-2022 10:34:37 JRT Pre-Junkware Removal
30-07-2022 08:20:48 AdwCleaner_BeforeCleaning_30/07/2022_08:20:39
==================== Faulty Device Manager Devices ============
Name: Síťový adaptér Ethernet
Description: Síťový adaptér Ethernet
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Intel(R) Management Engine Interface
Description: Intel(R) Management Engine Interface
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: MEIx64
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Síťový adaptér
Description: Síťový adaptér
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: ========================
Application errors:
==================
Error: (07/31/2022 09:13:32 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: backgroundTaskHost.exe, verze: 10.0.18362.1, časové razítko: 0x533f8404
Název chybujícího modulu: biwinrt.dll, verze: 10.0.18362.1316, časové razítko: 0xbe673169
Kód výjimky: 0xc000027b
Posun chyby: 0x0000000000013fc7
ID chybujícího procesu: 0x2540
Čas spuštění chybující aplikace: 0x01d8a4accf519379
Cesta k chybující aplikaci: C:\WINDOWS\system32\backgroundTaskHost.exe
Cesta k chybujícímu modulu: C:\Windows\System32\biwinrt.dll
ID zprávy: c66c3308-e5fa-43cb-b192-ec611c9cd7d1
Úplný název chybujícího balíčku: Microsoft.People_10.2105.4.0_x64__8wekyb3d8bbwe
ID aplikace související s chybujícím balíčkem: x4c7a3b7dy2188y46d4ya362y19ac5a5805e5x
Error: (07/30/2022 10:09:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: backgroundTaskHost.exe, verze: 10.0.18362.1, časové razítko: 0x533f8404
Název chybujícího modulu: biwinrt.dll, verze: 10.0.18362.1316, časové razítko: 0xbe673169
Kód výjimky: 0xc000027b
Posun chyby: 0x0000000000013fc7
ID chybujícího procesu: 0x1f68
Čas spuštění chybující aplikace: 0x01d8a45027b78118
Cesta k chybující aplikaci: C:\WINDOWS\system32\backgroundTaskHost.exe
Cesta k chybujícímu modulu: C:\Windows\System32\biwinrt.dll
ID zprávy: 2a9902ea-2976-4e18-897e-79cb3fd3d2d8
Úplný název chybujícího balíčku: Microsoft.People_10.2105.4.0_x64__8wekyb3d8bbwe
ID aplikace související s chybujícím balíčkem: x4c7a3b7dy2188y46d4ya362y19ac5a5805e5x
Error: (07/30/2022 09:32:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: backgroundTaskHost.exe, verze: 10.0.18362.1, časové razítko: 0x533f8404
Název chybujícího modulu: biwinrt.dll, verze: 10.0.18362.1316, časové razítko: 0xbe673169
Kód výjimky: 0xc000027b
Posun chyby: 0x0000000000013fc7
ID chybujícího procesu: 0x27bc
Čas spuštění chybující aplikace: 0x01d8a44b030b6a1c
Cesta k chybující aplikaci: C:\WINDOWS\system32\backgroundTaskHost.exe
Cesta k chybujícímu modulu: C:\Windows\System32\biwinrt.dll
ID zprávy: c6ece2ca-6ce4-4438-9758-d72db77a671b
Úplný název chybujícího balíčku: Microsoft.People_10.2105.4.0_x64__8wekyb3d8bbwe
ID aplikace související s chybujícím balíčkem: x4c7a3b7dy2188y46d4ya362y19ac5a5805e5x
Error: (07/30/2022 09:06:36 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.
Error: (07/30/2022 09:06:36 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]
Error: (07/30/2022 08:29:30 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (3812,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).
Error: (07/30/2022 08:09:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: backgroundTaskHost.exe, verze: 10.0.18362.1, časové razítko: 0x533f8404
Název chybujícího modulu: biwinrt.dll, verze: 10.0.18362.1316, časové razítko: 0xbe673169
Kód výjimky: 0xc000027b
Posun chyby: 0x0000000000013fc7
ID chybujícího procesu: 0x2e48
Čas spuštění chybující aplikace: 0x01d8a43f4bb4d060
Cesta k chybující aplikaci: C:\WINDOWS\system32\backgroundTaskHost.exe
Cesta k chybujícímu modulu: C:\Windows\System32\biwinrt.dll
ID zprávy: 84370b9d-060a-4e2e-8c86-26f3a0ebe1d6
Úplný název chybujícího balíčku: Microsoft.People_10.2105.4.0_x64__8wekyb3d8bbwe
ID aplikace související s chybujícím balíčkem: x4c7a3b7dy2188y46d4ya362y19ac5a5805e5x
Error: (07/30/2022 08:08:46 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program explorer.exe verze 10.0.18362.1533 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.
ID procesu: 21b0
Čas spuštění: 01d8a43e8a97562b
Čas ukončení: 36
Cesta k aplikaci: C:\Windows\explorer.exe
ID hlášení: e714db65-c237-4832-a6a1-0a53881433cf
Úplný název balíčku s chybou:
ID aplikace relativní podle balíčku s chybou:
Typ zablokování: Unknown
System errors:
=============
Error: (07/31/2022 09:17:31 AM) (Source: DCOM) (EventID: 10001) (User: HONZA)
Description: Nelze spustit server DCOM: Microsoft.Windows.Photos_2022.30060.30007.0_x64__8wekyb3d8bbwe!App.AppX7jktj9tkq9wvy6vgdmk01c27hm98yt2s.mca jako Není k dispozici/Není k dispozici. Došlo k chybě:
2147958031
při provádění příkazu:
"C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2022.30060.30007.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe" -ServerName:App.AppXzst44mncqdg84v7sv6p7yznqwssy6f7f.mca
Error: (07/31/2022 09:16:05 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Aktualizovat službu Orchestrator přestala během spouštění reagovat.
Error: (07/31/2022 09:13:53 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Zprostředkovatel monitorování Ochrany System Guard v režimu runtime přestala během spouštění reagovat.
Error: (07/31/2022 09:11:57 AM) (Source: DCOM) (EventID: 10001) (User: HONZA)
Description: Nelze spustit server DCOM: Microsoft.YourPhone_1.22052.136.0_x64__8wekyb3d8bbwe!App.AppX91kdh3ds06x33j6rj4xkzvqbn983mp49.mca jako Není k dispozici/Není k dispozici. Došlo k chybě:
2147958031
při provádění příkazu:
"C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:App.AppXfkd8mejksk4ancwf4vtyhmkvtzn1jcbs.mca
Error: (07/31/2022 09:11:56 AM) (Source: DCOM) (EventID: 10001) (User: HONZA)
Description: Nelze spustit server DCOM: Microsoft.Windows.Photos_2022.30060.30007.0_x64__8wekyb3d8bbwe!App.AppX7jktj9tkq9wvy6vgdmk01c27hm98yt2s.mca jako Není k dispozici/Není k dispozici. Došlo k chybě:
2147958031
při provádění příkazu:
"C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2022.30060.30007.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe" -ServerName:App.AppXzst44mncqdg84v7sv6p7yznqwssy6f7f.mca
Error: (07/31/2022 09:11:54 AM) (Source: DCOM) (EventID: 10001) (User: HONZA)
Description: Nelze spustit server DCOM: Microsoft.YourPhone_1.22052.136.0_x64__8wekyb3d8bbwe!App.AppXvctmff39365zg14pgmystcwtys462fpa.mca jako Není k dispozici/Není k dispozici. Došlo k chybě:
2147958031
při provádění příkazu:
"C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22052.136.0_x64__8wekyb3d8bbwe\YourPhone.exe" -ServerName:App.AppX9yct9q388jvt4h7y0gn06smzkxcsnt8m.mca
Error: (07/31/2022 09:11:47 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Správce stažených map přestala během spouštění reagovat.
Error: (07/31/2022 09:05:33 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Realtek DHCP Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
==================== Memory info ===========================
BIOS: LENOVO 9ACN29WW 10/20/2014
Motherboard: LENOVO Lancer 5A2
Processor: Intel(R) Core(TM) i7-4510U CPU @ 2.00GHz
Percentage of memory in use: 42%
Total physical RAM: 8100.27 MB
Available physical RAM: 4687.7 MB
Total Virtual: 9700.27 MB
Available Virtual: 6217.01 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:930.2 GB) (Free:294.12 GB) (Model: ST1000LM024 HN-M101MBB) NTFS
Drive d: () (Removable) (Total:3.8 GB) (Free:2.94 GB) FAT32
\\?\Volume{5922363b-3d8f-4844-8c32-3b78de90dfa8}\ (Recovery) (Fixed) (Total:0.29 GB) (Free:0.06 GB) NTFS
\\?\Volume{8ad169b1-e419-4830-b1a3-f2a8dd7673ae}\ () (Fixed) (Total:0.79 GB) (Free:0.3 GB) NTFS
\\?\Volume{21b46fe0-8e42-41f7-8a61-98a9c225f336}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)
Partition: GPT.
==========================================================
Disk: 1 (Protective MBR) (Size: 3.8 GB) (Disk ID: 00000000)
Partition: GPT.
==================== End of Addition.txt =======================
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43062
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu - napadeno Ransomware
Prosím, postupuj následujícím způsobem:
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.
(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).
Ulož jej na na plochu jako fixlist.txt
Spusťt FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.
Hodně programů a ještě více rozšíření prohlížečů!
Tohle Ti něco říká?
FF NetworkProxy: Mozilla\Firefox\Profiles\tb5us2gz.default-release -> http", "fe80::2c61:2976:f8f9:75b2"
Vytvořil si sám ty ikony?
C:\Users\drjan_000\Desktop\Honza (Siafu).lnk
C:\Users\drjan_000\Desktop\Osoba 1.lnk
Zkontroluj si síťovou kartu , ovladače , konfiguraci!
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.
Kód: Vybrat vše
Start
CreateRestorePoint:
CloseProcesses:
HKLM\...\Run: [PAC7302_Monitor] => C:\WINDOWS\PixArt\PAC7302\Monitor.exe (No File)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKU\S-1-5-21-441044182-2704751091-3235625209-1001\...\Run: [Keybase.Keybase.GUI] => C:\Users\drjan_000\AppData\Local\Keybase\Gui\Keybase.exe (No File)
HKU\S-1-5-21-441044182-2704751091-3235625209-1001\...\MountPoints2: E - "E:\autorun.exe"
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe join (No File)
Task: {1E65D644-88F7-4D42-AA6C-1A264402C510} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2016-12-24] (Google Inc -> Google Inc.)
Task: {293B8C50-54A8-412B-9153-F72A323933EA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2016-12-24] (Google Inc -> Google Inc.)
Task: {B7DF0718-983A-4232-93E9-D913ECFD5521} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {E628919D-0BEF-471E-9E76-1DAC3836AC7D} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe (No File)
Task: {EEA309C0-3B39-44C9-8D28-DB7B74E1FBC0} - System32\Tasks\Lenovo\Vantage\Schedule\VantageTelemetryAddinTask => C:\Program Files (x86)\Lenovo\VantageService\3.6.15.0\ScheduleEventAction.exe VantageTelemetryAddinTask (No File)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
CHR Extension: (No Name) - C:\Users\drjan_000\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gbkeegbaiigmenfmjfclcdgdpimamgkj [2022-06-19]
CHR HKLM\...\Chrome\Extension: [kaebhgioafceeldhgjmendlfhbfjefmo] - C:\Program Files (x86)\EagleGet\addon\eagleget_cext@eagleget.com.crx <not found>
CHR HKU\S-1-5-21-441044182-2704751091-3235625209-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\DRJAN_~1\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx <not found>
CHR HKU\S-1-5-21-441044182-2704751091-3235625209-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
ShellIconOverlayIdentifiers: [ ".SeafileIconError"] -> {D14BEDD3-4E05-4F2F-B0DE-C0381E6AE609} => C:\Users\drjan_000\AppData\Roaming\Seafile\seafile_shell_ext64.dll -> No File
ShellIconOverlayIdentifiers: [ ".SeafileIconLockedByMe"] -> {D14BEDD3-4E05-4F2F-B0DE-C0381E6AE611} => C:\Users\drjan_000\AppData\Roaming\Seafile\seafile_shell_ext64.dll -> No File
ShellIconOverlayIdentifiers: [ ".SeafileIconLockedByOthers"] -> {D14BEDD3-4E05-4F2F-B0DE-C0381E6AE612} => C:\Users\drjan_000\AppData\Roaming\Seafile\seafile_shell_ext64.dll -> No File
ShellIconOverlayIdentifiers: [ ".SeafileIconNormal"] -> {D14BEDD3-4E05-4F2F-B0DE-C0381E6AE607} => C:\Users\drjan_000\AppData\Roaming\Seafile\seafile_shell_ext64.dll -> No File
ShellIconOverlayIdentifiers: [ ".SeafileIconPaused"] -> {D14BEDD3-4E05-4F2F-B0DE-C0381E6AE610} => C:\Users\drjan_000\AppData\Roaming\Seafile\seafile_shell_ext64.dll -> No File
ShellIconOverlayIdentifiers: [ ".SeafileIconSyncing"] -> {D14BEDD3-4E05-4F2F-B0DE-C0381E6AE608} => C:\Users\drjan_000\AppData\Roaming\Seafile\seafile_shell_ext64.dll -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [Seafile] -> {D14BEDD3-4E05-4F2F-B0DE-C0381E6AE606} => C:\Users\drjan_000\AppData\Roaming\Seafile\seafile_shell_ext64.dll -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers4: [Seafile] -> {D14BEDD3-4E05-4F2F-B0DE-C0381E6AE606} => C:\Users\drjan_000\AppData\Roaming\Seafile\seafile_shell_ext64.dll -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [Seafile] -> {D14BEDD3-4E05-4F2F-B0DE-C0381E6AE606} => C:\Users\drjan_000\AppData\Roaming\Seafile\seafile_shell_ext64.dll -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [Seafile] -> {D14BEDD3-4E05-4F2F-B0DE-C0381E6AE606} => C:\Users\drjan_000\AppData\Roaming\Seafile\seafile_shell_ext64.dll -> No File
FirewallRules: [{7926C32B-28BE-4177-95DC-6C0038C56F14}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\ElementsPanelDaemon.exe => No File
FirewallRules: [{219CE2A7-CE93-44D1-94E0-CD0E5F603B44}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\OxygenPanelDaemon.exe => No File
FirewallRules: [{5F3D6BAE-8972-4B99-8F3E-6DC271622856}] => (Allow) C:\ProgramData\Blackmagic Design\DaVinci Resolve\Support\QtDecoder\QTDecoder.exe => No File
Virustotal: C:\Users\drjan_000\AppData\Local\DD864547-3188-4778-99D0-AC4139A280D4.aplzod
Virustotal: C:\Users\drjan_000\AppData\Roaming\msconfig\5SNHK5ZZ-5SEA-XCLG-C13X-1FWCLL2UBN13.exe
EmptyTemp:
End(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).
Ulož jej na na plochu jako fixlist.txt
Spusťt FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.
Hodně programů a ještě více rozšíření prohlížečů!
Tohle Ti něco říká?
FF NetworkProxy: Mozilla\Firefox\Profiles\tb5us2gz.default-release -> http", "fe80::2c61:2976:f8f9:75b2"
Vytvořil si sám ty ikony?
C:\Users\drjan_000\Desktop\Honza (Siafu).lnk
C:\Users\drjan_000\Desktop\Osoba 1.lnk
Name: Síťový adaptér Ethernet
Description: Síťový adaptér Ethernet
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Intel(R) Management Engine Interface
Description: Intel(R) Management Engine Interface
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: MEIx64
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Síťový adaptér
Description: Síťový adaptér
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Zkontroluj si síťovou kartu , ovladače , konfiguraci!
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
-
Brabenecsiafu
- nováček
- Příspěvky: 28
- Registrován: červenec 22
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu - napadeno Ransomware
Udělal jsem novou instalaci Win,dle tvého návodu a vše funguje. Na původní soubory se dostanu ve Windows.old a otevřu je. Asi tam je i ten vir, který napadl nějak celý systém Windows. Nemohl jsem ani instalovat síťovou kartu, wi-fi, BT. Nešlo udělat ani tovární nastavení. Nepustilo mě to dál do přeinstalace,požadovalo to heslo, které bylo zadáno správně, ale hlásilo to, že není.
Děkuji za tvůj čas. Myslíš, že bych mohl ten disk nějak úplně vyčistit, udělat novou instalaci a potřebná data použít ze zálohy? Nebo, myslíš, že je ještě šance to nějak zpět obnovit, bez toho viru z Windows.old?
FF NetworkProxy: Mozilla\Firefox\Profiles\tb5us2gz.default-release -> http", "fe80::2c61:2976:f8f9:75b2"
Toto mi neříká nic. Já Firefox nepoužívám. Měl jsem to jen na zkoušku, jak to funguje.
Ikony jsem na Siafu asi dělal, ale na Osoba1 určitě ne.
Má smysl pouštět ještě ten FRST, když je vše ve Windows.old? Mám změnit cesty v tom fixlistu?
Děkuji.
Děkuji za tvůj čas. Myslíš, že bych mohl ten disk nějak úplně vyčistit, udělat novou instalaci a potřebná data použít ze zálohy? Nebo, myslíš, že je ještě šance to nějak zpět obnovit, bez toho viru z Windows.old?
FF NetworkProxy: Mozilla\Firefox\Profiles\tb5us2gz.default-release -> http", "fe80::2c61:2976:f8f9:75b2"
Toto mi neříká nic. Já Firefox nepoužívám. Měl jsem to jen na zkoušku, jak to funguje.
Ikony jsem na Siafu asi dělal, ale na Osoba1 určitě ne.
Má smysl pouštět ještě ten FRST, když je vše ve Windows.old? Mám změnit cesty v tom fixlistu?
Děkuji.
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43062
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu - napadeno Ransomware
Pokud si udělal novou instalaci windows , tak nemá smysl pouštět frst.
Mohl bys použít nějaký on-line scanner , třeba od Esetu , který by Ti vyčistil celý disk . To by smysl mělo.
https://www.eset.com/cz/online-scanner/
Tedy vše již nyní funguje? Pokud ano , udělej nejprve ten on-line Scanner , a pak teprve použij co potřebuješ ze složky windows.old.
Mohl bys použít nějaký on-line scanner , třeba od Esetu , který by Ti vyčistil celý disk . To by smysl mělo.
https://www.eset.com/cz/online-scanner/
Tedy vše již nyní funguje? Pokud ano , udělej nejprve ten on-line Scanner , a pak teprve použij co potřebuješ ze složky windows.old.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
-
Brabenecsiafu
- nováček
- Příspěvky: 28
- Registrován: červenec 22
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu - napadeno Ransomware
OK, projedu to tím Esetem, ale to je právě on, který mi ten vir pustil. Tak si myslím, že nic nenajde.
Myslíš, že je zbytečné ten disk celý čistit a udělat úplně čistou instalaci?
Myslíš, že je zbytečné ten disk celý čistit a udělat úplně čistou instalaci?
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43062
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu - napadeno Ransomware
To je těžký. Čistá instalace je nejlepší. Ale začneš přetahovat něco z té zálohy..
Mohli jsme udělat to frst.exe dříve.
Záleží na Tobě. Buď čistou nebo po nainstalování a přetažení té zálohy můžeme frst udělat ještě jednou po té přeinstalaci.
Mohli jsme udělat to frst.exe dříve.
Záleží na Tobě. Buď čistou nebo po nainstalování a přetažení té zálohy můžeme frst udělat ještě jednou po té přeinstalaci.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
-
Brabenecsiafu
- nováček
- Příspěvky: 28
- Registrován: červenec 22
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu - napadeno Ransomware
Ted to projíždím tím Esetem. Následně si zprovozním poštu a další věci. Ty soubory nechám v záloze a natáhnu si jen co budu potřebovat. Pak udělám FRST a dám vědět.
Děkuji za tvůj čas.
Děkuji za tvůj čas.
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43062
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu - napadeno Ransomware
FRST udělej zítra či pozítří , až budeš mít natáhnuto potřebné zpátky. Pokud tam bude trojan , chybějící části si stáhne.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
-
Brabenecsiafu
- nováček
- Příspěvky: 28
- Registrován: červenec 22
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu - napadeno Ransomware
ESET nic nenašel.
Překopíruju si do nové instalace data z windows.old a pak spustím FRST a uvidíme co se stane.
Zatím to tedy funguje. Myslím si, že to bude někde v systému, který je teď nový, tak snad toho vira nic nevzbudí :)
Díky.
Překopíruju si do nové instalace data z windows.old a pak spustím FRST a uvidíme co se stane.
Zatím to tedy funguje. Myslím si, že to bude někde v systému, který je teď nový, tak snad toho vira nic nevzbudí :)
Díky.
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43062
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu - napadeno Ransomware
Uvidíme.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
-
Brabenecsiafu
- nováček
- Příspěvky: 28
- Registrován: červenec 22
- Pohlaví:
- Stav:
Offline
Re: Prosím o kontrolu - napadeno Ransomware
Tak jsem udělal FRST a přikládám vytvořené logy.
Kdo je online
Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 4 hosti