Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-04-2021
Ran by xschi (21-04-2021 14:48:42)
Running from C:\Users\xschi\Desktop
Windows 10 Home Version 20H2 19042.928 (X64) (2020-11-03 14:16:07)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3039489114-2094619844-3197177633-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3039489114-2094619844-3197177633-503 - Limited - Disabled)
Guest (S-1-5-21-3039489114-2094619844-3197177633-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-3039489114-2094619844-3197177633-504 - Limited - Disabled)
xschi (S-1-5-21-3039489114-2094619844-3197177633-1001 - Administrator - Enabled) => C:\Users\xschi

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Spybot - Search and Destroy (Disabled - Out of date) {F77C7796-45C4-531E-0DAE-B4A8229B11C8}
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

4K YouTube to MP3 (HKLM\...\{516E02FE-F641-4DA4-88B7-A54C85C02212}) (Version: 3.15.0.4160 - Open Media LLC) Hidden
4K YouTube to MP3 (HKLM-x32\...\{2e4d2628-f757-4e9f-928d-e4df69e086ce}) (Version: 3.15.0.4160 - Open Media LLC)
Active Directory Authentication Library for SQL Server (HKLM\...\{6BF11ECE-3CE8-4FBA-991A-1F55AA6BE5BF}) (Version: 15.0.1300.359 - Microsoft Corporation) Hidden
Application Verifier x64 External Package (HKLM\...\{10CA1677-8F02-3131-F25C-780BAB52E468}) (Version: 10.1.18362.1 - Microsoft) Hidden
Azure Data Studio (HKLM\...\{6591F69E-6588-4980-81ED-C8FCBD7EC4B8}_is1) (Version: 1.23.0 - Microsoft Corporation)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Bitwarden (HKLM\...\173a9bac-6f0d-50c4-8202-4744c69d091a) (Version: 1.25.1 - Bitwarden Inc.)
Browser for SQL Server 2019 (HKLM-x32\...\{5E366957-8D78-4BB5-A790-96F97A9766BD}) (Version: 15.0.2000.5 - Microsoft Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 5.75 - Piriform)
ClickOnce Bootstrapper Package for Microsoft .NET Framework (HKLM-x32\...\{0243F145-076D-423A-8F77-218DC8840261}) (Version: 4.8.04119 - Microsoft Corporation) Hidden
ClickOnce Bootstrapper Package for Microsoft .NET Framework 4.8 on Visual Studio 2017 (HKLM-x32\...\{A89F4446-3B75-433B-91B3-C88868CA8544}) (Version: 4.8.03928 - Microsoft Corporation)
Color Cop 5.4.3 (HKLM-x32\...\Color Cop_is1) (Version:  - Jay Prall)
CurseForge (HKU\S-1-5-21-3039489114-2094619844-3197177633-1001\...\Overwolf_cchhcaiapeikjbdbpfplgmpobbcdkdaphclbmkbj) (Version: 0.170.1.2 - Overwolf app)
DiagnosticsHub_CollectionService (HKLM\...\{1F3C3AAC-9F7A-47DA-A082-0ACE770041BE}) (Version: 16.1.28901 - Microsoft Corporation) Hidden
Discord (HKU\S-1-5-21-3039489114-2094619844-3197177633-1001\...\Discord) (Version: 0.0.309 - Discord Inc.)
Docker Desktop (HKLM\...\Docker Desktop) (Version: 2.5.0.0 - Docker Inc.)
Entity Framework 6.2.0 Tools  for Visual Studio 2019 (HKLM-x32\...\{7C2070BF-8E07-4B5F-A182-FADB0B95AB39}) (Version: 6.2.0.0 - Microsoft Corporation) Hidden
Epic Games Launcher (HKLM-x32\...\{FEF3A9BA-A962-4469-AD62-04839D4BB847}) (Version: 1.1.298.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
f.lux (HKU\S-1-5-21-3039489114-2094619844-3197177633-1001\...\Flux) (Version:  - f.lux Software LLC)
FortiClient (HKLM\...\{4B553DAB-DE27-4424-B32E-E849A3517AA2}) (Version: 6.4.3.1608 - Fortinet Technologies Inc)
FreeCommander XE (HKLM-x32\...\FreeCommander XE_is1) (Version:  - Marek Jasinski)
GDR 2070 for SQL Server 2019 (KB4517790) (64-bit) (HKLM\...\KB4517790) (Version: 15.0.2070.41 - Microsoft Corporation)
GDR 2080 for SQL Server 2019 (KB4583458) (64-bit) (HKLM\...\KB4583458) (Version: 15.0.2080.9 - Microsoft Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 89.0.4389.128 - Google LLC)
icecap_collection_neutral (HKLM-x32\...\{7C703135-98AC-4EB9-86C0-0C3169C99649}) (Version: 16.8.30509 - Microsoft Corporation) Hidden
icecap_collection_x64 (HKLM\...\{7C914878-C64B-4CA6-8E41-91308877A586}) (Version: 16.8.30509 - Microsoft Corporation) Hidden
icecap_collectionresources (HKLM-x32\...\{CDD0EC5B-EBEE-4822-B994-78AD30D90874}) (Version: 16.8.30607 - Microsoft Corporation) Hidden
icecap_collectionresources (HKLM-x32\...\{D3902E63-1FC9-4F66-953E-839733B26270}) (Version: 16.8.30607 - Microsoft Corporation) Hidden
icecap_collectionresourcesx64 (HKLM-x32\...\{4F864505-C6D3-43A3-BB76-347F5E858E59}) (Version: 16.8.30530 - Microsoft Corporation) Hidden
icecap_collectionresourcesx64 (HKLM-x32\...\{8A64881A-8735-4C75-91BE-BCE0A45BCDB0}) (Version: 16.8.30530 - Microsoft Corporation) Hidden
IIS 10.0 Express (HKLM\...\{0307C98E-AE82-4A4F-A950-A72FBD805338}) (Version: 10.0.04403 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{08274920-8908-45c2-9258-8ad67ff77b09}.sdb) (Version:  - ) Hidden
IIS Express Application Compatibility Database for x86 (HKLM\...\{ad846bae-d44b-4722-abad-f7420e08bcd9}.sdb) (Version:  - ) Hidden
Integration Services (HKLM-x32\...\{1BA4F809-5F3E-4882-8481-861A05921A1A}) (Version: 15.0.2000.128 - Microsoft Corporation) Hidden
Intel(R) Extreme Tuning Utility (HKLM-x32\...\{a52e99c3-4440-4ee8-b9f7-3e0a4033bbc4}) (Version: 7.0.1.4 - Intel Corporation)
IntelliTraceProfilerProxy (HKLM-x32\...\{7D94CF67-6666-4111-B027-D7AB7F189F70}) (Version: 15.0.18198.01 - Microsoft Corporation) Hidden
KeePass Password Safe 2.46 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.46 - Dominik Reichl)
Kits Configuration Installer (HKLM-x32\...\{63AAA877-5536-9481-2385-28A082100D78}) (Version: 10.1.18362.1 - Microsoft) Hidden
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Malwarebytes version 4.3.0.98 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.3.0.98 - Malwarebytes)
Memurai Developer (HKLM\...\{A7BF8192-AA43-448A-A39A-EF9B1D2572D9}) (Version: 2.0.2 - Janea Systems)
Microsoft .NET Core Runtime - 2.1.27 (x64) (HKLM-x32\...\{97bb42dd-49e0-4bc8-ad46-8130c8fef79a}) (Version: 2.1.27.29916 - Microsoft Corporation)
Microsoft .NET Core SDK 3.1.408 (x64) (HKLM-x32\...\{7f96e513-2c4b-4650-b9e3-2d1eef62b7c7}) (Version: 3.1.408.15681 - Microsoft Corporation)
Microsoft .NET Framework 4.8 Targeting Pack (ENU) (HKLM-x32\...\{A4EA9EE5-7CFF-4C5F-B159-B9B4E5D2BDE2}) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft .NET Framework 4.8 Targeting Pack (HKLM-x32\...\{BAAF5851-0759-422D-A1E9-90061B597188}) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft .NET SDK 5.0.100 (x64) from Visual Studio (HKLM\...\{16D58CBE-8F79-46C3-821C-7534E7218D29}) (Version: 5.1.20.52605 - Microsoft Corporation)
Microsoft .NET SDK 5.0.104 (x64) (HKLM-x32\...\{ffd9c013-1ec9-45ed-8ca2-104e6a0800b7}) (Version: 5.1.421.11822 - Microsoft Corporation)
Microsoft 365 Apps pro velké organizace - cs-cz (HKLM\...\O365ProPlusRetail - cs-cz) (Version: 16.0.13929.20216 - Microsoft Corporation)
Microsoft ASP.NET Core 2.1.27 - Shared Framework (HKLM-x32\...\{7c0c8d9a-9266-429b-8a02-ce7a9b28e435}) (Version: 2.1.27.49112 - Microsoft Corporation)
Microsoft ASP.NET Core 3.1.14 - Shared Framework (HKLM-x32\...\{14937385-d104-412c-872e-05ac23a92441}) (Version: 3.1.14.21166 - Microsoft Corporation)
Microsoft ASP.NET Core 5.0.5 - Shared Framework (HKLM-x32\...\{2d9c970f-7e49-454b-81bf-6eca1b48fcea}) (Version: 5.0.5.21167 - Microsoft Corporation)
Microsoft ASP.NET Core 5.0.5 - Shared Framework (HKLM-x32\...\{5c2e0298-7665-4d5e-8602-52dc3694d24f}) (Version: 5.0.5.21167 - Microsoft Corporation)
Microsoft Azure Authoring Tools - v2.9.6 (HKLM\...\{EDADFA19-7F96-4075-A4AB-2209910626C5}) (Version: 2.9.8899.26 - Microsoft Corporation)
Microsoft Azure Compute Emulator - v2.9.6 (HKLM\...\Microsoft Azure Compute Emulator - v2.9.6) (Version: 2.9.8899.26 - Microsoft Corporation)
Microsoft Azure Libraries for .NET – v2.9 (HKLM\...\{C5C91AA6-3E83-430E-8B7A-6B790083F28D}) (Version: 3.0.0127.060 - Microsoft Corporation)
Microsoft Azure PowerShell - April 2018 (HKLM\...\{3BA7CAA9-97BA-4528-B7E1-B640910BB149}) (Version: 5.7.0.18831 - Microsoft Corporation)
Microsoft Azure Storage Emulator - v5.10 (HKLM-x32\...\Microsoft Azure Storage Emulator - v5.10) (Version: 5.10.19227.2113 - Microsoft Corporation)
Microsoft Azure Storage Explorer version 1.16.0 (HKLM-x32\...\{8E14ADF3-1B18-4711-87BD-E3827D395466}_is1) (Version: 1.16.0 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 90.0.818.42 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 89.0.774.77 - Microsoft Corporation)
Microsoft Help Viewer 2.3 (HKLM-x32\...\Microsoft Help Viewer 2.3) (Version: 2.3.28107 - Microsoft Corporation)
Microsoft ODBC Driver 17 for SQL Server (HKLM\...\{E36FFC78-D25E-4962-872B-9CE0E50E62CD}) (Version: 17.5.1.1 - Microsoft Corporation)
Microsoft OLE DB Driver for SQL Server (HKLM\...\{74A97B61-DE37-40DF-9E00-B302E5D3C4CE}) (Version: 18.3.0.0 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3039489114-2094619844-3197177633-1001\...\OneDriveSetup.exe) (Version: 21.067.0404.0001 - Microsoft Corporation)
Microsoft Report Builder (HKLM-x32\...\{A8171ACF-6124-408A-9B0D-5E9773ED90CA}) (Version: 15.0.19210.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{9D93D367-A2CC-4378-BD63-79EF3FE76C78}) (Version: 11.4.7462.6 - Microsoft Corporation)
Microsoft SQL Server 2016 LocalDB  (HKLM\...\{9097BF1A-13A0-4A4A-A1F8-473E2A669863}) (Version: 13.1.4001.0 - Microsoft Corporation)
Microsoft SQL Server 2019 (64-bit) (HKLM\...\Microsoft SQL Server SQL2019) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2019 Setup (English) (HKLM\...\{17DCED0E-5B27-453A-B2B4-E487B869B28A}) (Version: 15.0.4013.40 - Microsoft Corporation)
Microsoft SQL Server 2019 T-SQL Language Service  (HKLM\...\{31D27B41-A051-49D8-907A-62E0F4A2188C}) (Version: 15.0.2000.5 - Microsoft Corporation)
Microsoft SQL Server Management Studio - 18.7.1 (HKLM-x32\...\{a83fd35c-47e3-4877-b7aa-427fc7de02c7}) (Version: 15.0.18358.0 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2019 CTP2.2 (HKLM\...\{8D7CE3B0-5379-46FE-9F4B-A65D9F4CC1F1}) (Version: 15.0.1200.24 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2019 CTP2.2 (HKLM-x32\...\{725CC962-98BD-42C7-87D8-51C680FB1779}) (Version: 15.0.1200.24 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-3039489114-2094619844-3197177633-1001\...\Teams) (Version: 1.4.00.8872 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{99FAF70F-9B61-4AB0-9EC0-B31F98FFDC4A}) (Version: 2.75.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29334 (HKLM-x32\...\{a9cfe9c7-e54f-46cd-9c5c-542ff8e3e8c4}) (Version: 14.28.29334.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29334 (HKLM-x32\...\{b2d0f752-adc5-496e-8f70-8669de01f746}) (Version: 14.28.29334.0 - Microsoft Corporation)
Microsoft Visual Studio Code (User) (HKU\S-1-5-21-3039489114-2094619844-3197177633-1001\...\{771FD6B0-FA20-440A-A002-3B3BAC16DC50}_is1) (Version: 1.52.1 - Microsoft Corporation)
Microsoft Visual Studio Installer (HKLM\...\{6F320B93-EE3C-4826-85E0-ADF79F8D4C61}) (Version: 2.9.3365.38425 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2017 (HKLM-x32\...\{f895a2f1-ae3f-4212-8af1-7fa1f8c212ea}) (Version: 15.0.27520 - Microsoft Corporation)
Microsoft VSS Writer for SQL Server 2019 (HKLM\...\{2C33F4D4-E9A5-4DE1-ACFE-3A13464E6703}) (Version: 15.0.2000.5 - Microsoft Corporation)
Microsoft Web Deploy 4.0 (HKLM\...\{2EC26D34-FB67-4C58-AC20-235697551222}) (Version: 10.0.3802 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 3.1.14 (x86) (HKLM-x32\...\{910975ce-2379-434d-8e20-b36e068df1a9}) (Version: 3.1.14.29915 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 5.0.5 (x64) (HKLM-x32\...\{97a0c33d-cb7d-4cff-8239-c7704b60e698}) (Version: 5.0.5.29917 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 5.0.5 (x86) (HKLM-x32\...\{fc569924-0ab1-4665-b4e4-72bbd3fdda97}) (Version: 5.0.5.29917 - Microsoft Corporation)
Mozilla Firefox 84.0.2 (x64 cs) (HKLM\...\Mozilla Firefox 84.0.2 (x64 cs)) (Version: 84.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 83.0 - Mozilla)
mRemoteNG (HKLM-x32\...\{6CAD3681-0B2E-4B2D-89D0-2DFF4D35A3DE}) (Version: 1.77.1.27654 - Next Generation Software)
MSI Development Tools (HKLM-x32\...\{DB4DB790-64DD-1902-4BF2-833B3B6DBCA1}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 7.9.1 - Notepad++ Team)
NVIDIA Ovladač HD audia 1.3.38.40 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.40 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 466.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 466.11 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.13929.20216 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.13929.20216 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.13929.20216 - Microsoft Corporation) Hidden
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.168.0.12 - Overwolf Ltd.)
Postman Agent-win64-0.2.5 (HKU\S-1-5-21-3039489114-2094619844-3197177633-1001\...\PostmanAgent) (Version: 0.2.5 - Postman)
PotPlayer-64 bit (HKLM\...\PotPlayer64) (Version: 210318 - Kakao Corp.)
RDM (HKLM-x32\...\RDM) (Version: 2020.7.0 - Kany.me)
Roblox Player for xschi (HKU\S-1-5-21-3039489114-2094619844-3197177633-1001\...\roblox-player) (Version:  - Roblox Corporation)
Roblox Studio for xschi (HKU\S-1-5-21-3039489114-2094619844-3197177633-1001\...\roblox-studio) (Version:  - Roblox Corporation)
SDK ARM Additions (HKLM-x32\...\{73681F86-CD86-4208-572F-959B45430B04}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
SDK ARM Redistributables (HKLM-x32\...\{67EE3804-9642-62BA-EBF1-B1561FB4ECBE}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)
SQL Server 2019 Batch Parser (HKLM\...\{D459615B-83B0-408F-8F39-6CC07C277BA6}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden
SQL Server 2019 Common Files (HKLM\...\{0FB552DD-543E-48E7-A6F4-2F8D82723C6A}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden
SQL Server 2019 Common Files (HKLM\...\{5E4344C9-8B97-4ED9-8760-57E221C240F4}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden
SQL Server 2019 Connection Info (HKLM\...\{99B940D5-1A49-4B6C-B26C-6A88B2C061CA}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden
SQL Server 2019 Connection Info (HKLM\...\{FD730873-33D1-4D1F-9AE0-E259586F8827}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden
SQL Server 2019 Database Engine Services (HKLM\...\{A60B3D8E-5311-4BF1-AF7A-D1AC15F9152E}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden
SQL Server 2019 Database Engine Services (HKLM\...\{E3E84B2C-FCF6-469F-9FE7-5E8934DB69AD}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden
SQL Server 2019 Database Engine Shared (HKLM\...\{619F0B6C-C802-422A-B4E5-294E61F68473}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden
SQL Server 2019 Database Engine Shared (HKLM\...\{DE5B7937-D5B5-4157-BC30-BB87F021CFF0}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden
SQL Server 2019 DMF (HKLM\...\{814D5077-C93F-42E2-B875-717007C186B9}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden
SQL Server 2019 DMF (HKLM\...\{FC8DC283-4A85-467F-8D0E-2FE4606DCCA1}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden
SQL Server 2019 Full text search (HKLM\...\{BFF9440C-BC5B-4326-A861-916CC3788A4A}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden
SQL Server 2019 Shared Management Objects (HKLM\...\{6213D6CB-D258-47A3-B1A0-EE1E5C080DCF}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden
SQL Server 2019 Shared Management Objects (HKLM\...\{A8581199-F913-443B-B058-8E8BF317E71C}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden
SQL Server 2019 Shared Management Objects Extensions (HKLM\...\{8DDAEBCA-4267-4E16-9FE0-D87F21D36891}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden
SQL Server 2019 Shared Management Objects Extensions (HKLM\...\{C7E6D4B7-CB10-4239-BA04-D9339B39D0BD}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden
SQL Server 2019 SQL Diagnostics (HKLM\...\{28ED6838-D8E5-454C-A813-12C5EB447CAB}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden
SQL Server 2019 XEvent (HKLM\...\{2129312E-5204-4F3A-9039-B6D34DBB00FB}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden
SQL Server 2019 XEvent (HKLM\...\{228C3DC2-695E-4FC7-87E4-6A9CE905DA9B}) (Version: 15.0.2000.5 - Microsoft Corporation) Hidden
SQL Server Management Studio (HKLM\...\{66C26B42-AE10-45D8-A105-3DACBE959F3A}) (Version: 15.0.18358.0 - Microsoft Corporation) Hidden
SQL Server Management Studio (HKLM\...\{E98F3E26-D9C6-41B7-9004-90E06D45807B}) (Version: 15.0.18358.0 - Microsoft Corporation) Hidden
SQL Server Management Studio for Analysis Services (HKLM\...\{690C4976-A775-41F7-88B1-F67677DE05F1}) (Version: 15.0.18358.0 - Microsoft Corporation) Hidden
SQL Server Management Studio for Reporting Services (HKLM\...\{1A77173C-B256-4063-9EC1-CCBD9C42DF64}) (Version: 15.0.18358.0 - Microsoft Corporation) Hidden
SSMS Post Install Tasks (HKLM\...\{1E3117FE-AB81-4155-8CA1-58C467652C79}) (Version: 15.0.18358.0 - Microsoft Corporation) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.3.0.21759 - Microsoft Corporation)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.11.6 - TeamViewer)
TradeSkillMaster Application version 1.0 (HKLM-x32\...\{c44da794-b956-4d50-8733-346d56ae63c7}_is1) (Version: 1.0 - TradeSkillMaster)
Twitch (HKU\S-1-5-21-3039489114-2094619844-3197177633-1001\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 8.0.0 - Twitch Interactive, Inc.)
TypeScript SDK (HKLM-x32\...\{873B2737-D587-4FC9-993D-086DBF507461}) (Version: 4.0.3.0 - Microsoft Corporation) Hidden
Universal CRT Extension SDK (HKLM-x32\...\{13952D7A-B7B3-F4F8-5F29-5CD18E8168B7}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (HKLM-x32\...\{74CBC330-ED16-31B9-E8BE-0C6A8E67DE32}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
Universal CRT Redistributable (HKLM-x32\...\{847D4DAF-0182-265B-324F-406462E8A90D}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
Universal CRT Tools x64 (HKLM\...\{54FE4D23-11A2-F1C4-76E9-79C8FB40A4A1}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
Universal CRT Tools x86 (HKLM-x32\...\{9F7B0D96-881D-8850-C303-43F3A08E6902}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
Universal General MIDI DLS Extension SDK (HKLM-x32\...\{6F54BF87-2EE6-FA6D-431D-33A665992D49}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
Update for  (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
vcpp_crt.redist.clickonce (HKLM-x32\...\{10D9FDCA-0D16-4C80-91DD-EDDA62A0F29D}) (Version: 14.28.29334 - Microsoft Corporation) Hidden
vcpp_crt.redist.clickonce (HKLM-x32\...\{7C6166AB-7B4D-47A1-840D-723D2B6A1DAC}) (Version: 14.28.29334 - Microsoft Corporation) Hidden
Visual Studio Professional 2019 (HKLM-x32\...\74ec209c) (Version: 16.8.30717.126 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.12 - VideoLAN)
VS Immersive Activate Helper (HKLM-x32\...\{A71406B5-E487-4B01-8E59-D466841350F5}) (Version: 16.0.102.0 - Microsoft Corporation) Hidden
VS JIT Debugger (HKLM\...\{C7E8A4F2-EF09-42A8-B892-69D5ED99D965}) (Version: 16.0.102.0 - Microsoft Corporation) Hidden
VS Script Debugging Common (HKLM\...\{A4272808-82F5-410F-A5F9-1BF6F63F6B9A}) (Version: 16.0.102.0 - Microsoft Corporation) Hidden
VS WCF Debugging (HKLM\...\{E90279BA-36B4-4477-A1B7-C81B571172F2}) (Version: 16.0.102.0 - Microsoft Corporation) Hidden
vs_BlendMsi (HKLM-x32\...\{B5E3A3E1-1529-4D5A-9E95-34971FA07825}) (Version: 16.0.28329 - Microsoft Corporation) Hidden
vs_clickoncebootstrappermsi (HKLM-x32\...\{78696386-A4B6-4F69-B558-2667CD3A579D}) (Version: 16.8.30530 - Microsoft Corporation) Hidden
vs_clickoncebootstrappermsires (HKLM-x32\...\{271F1F42-B547-4498-825F-590DBB1774F7}) (Version: 16.0.28329 - Microsoft Corporation) Hidden
vs_clickoncesigntoolmsi (HKLM-x32\...\{30D97A69-3C0F-4552-9A72-60E591B210C7}) (Version: 16.0.28329 - Microsoft Corporation) Hidden
vs_communitymsi (HKLM-x32\...\{DEB11EB7-B61A-4883-8CB0-99013A4873AB}) (Version: 16.8.30608 - Microsoft Corporation) Hidden
vs_communitymsires (HKLM-x32\...\{72E86320-AFF2-44F8-9C8B-0BD51E5B14DE}) (Version: 16.0.28329 - Microsoft Corporation) Hidden
vs_communitymsires (HKLM-x32\...\{95E79BBC-97FD-4FEB-91B5-CC0231324812}) (Version: 16.0.28329 - Microsoft Corporation) Hidden
vs_devenvmsi (HKLM-x32\...\{AD0C92A4-1514-4BC1-A723-A272A8343924}) (Version: 16.0.28329 - Microsoft Corporation) Hidden
vs_filehandler_amd64 (HKLM-x32\...\{E9439DB7-BF01-4820-8CB1-80957150AB86}) (Version: 16.8.30530 - Microsoft Corporation) Hidden
vs_filehandler_x86 (HKLM-x32\...\{8990F1B6-F880-4E73-A2D9-7A611F4C38A1}) (Version: 16.8.30530 - Microsoft Corporation) Hidden
vs_FileTracker_Singleton (HKLM-x32\...\{3C4B2ED3-2296-4203-A420-AC042BE8484D}) (Version: 16.8.30509 - Microsoft Corporation) Hidden
vs_minshellinteropmsi (HKLM-x32\...\{27B16914-BC5D-4018-8074-071262A27F6D}) (Version: 16.2.28917 - Microsoft Corporation) Hidden
vs_minshellmsi (HKLM-x32\...\{08AF5DA9-F3BD-4B59-8D99-C47CC4D53CAD}) (Version: 16.8.30530 - Microsoft Corporation) Hidden
vs_minshellmsires (HKLM-x32\...\{4A143624-67D1-42E7-BADA-E3574DB7157E}) (Version: 16.8.30530 - Microsoft Corporation) Hidden
vs_minshellmsires (HKLM-x32\...\{DE982ACB-A44E-44A5-BEA5-F0816490312C}) (Version: 16.8.30530 - Microsoft Corporation) Hidden
vs_SQLClickOnceBootstrappermsi (HKLM-x32\...\{E1FD1D9D-0611-4DE5-826F-37FAC17706AC}) (Version: 16.8.30615 - Microsoft Corporation) Hidden
vs_tipsmsi (HKLM-x32\...\{E208E682-50EE-4F2F-9860-C91B906B8A03}) (Version: 16.0.28329 - Microsoft Corporation) Hidden
vs_vswebprotocolselectormsi (HKLM-x32\...\{BEEB2E56-91DB-4AFB-AC88-8E98B18DD889}) (Version: 16.8.30509 - Microsoft Corporation) Hidden
vs_vswebprotocolselectormsires (HKLM-x32\...\{1E54D106-5773-4D9E-AEDF-AC5AFEAF1395}) (Version: 16.8.30509 - Microsoft Corporation) Hidden
WinAppDeploy (HKLM-x32\...\{8E3AE0EF-D067-700C-BDB4-10D5552155DC}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
Windows SDK AddOn (HKLM-x32\...\{E6F877A1-2F65-4BF0-87B6-A4071B7663D3}) (Version: 10.1.0.0 - Microsoft Corporation)
Windows Software Development Kit - Windows 10.0.18362.1 (HKLM-x32\...\{126dedf0-cc0e-4b48-9ece-806b0e437195}) (Version: 10.1.18362.1 - Microsoft Corporation)
Windows Subsystem for Linux Update (HKLM\...\{8D646799-DB00-4000-AE7A-756A05A4F1D8}) (Version: 5.4.72 - Microsoft Corporation)
WinRAR 5.91 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.91.0 - win.rar GmbH)
WinRT Intellisense Desktop - en-us (HKLM-x32\...\{E67F1F03-FB4A-3D61-8999-E6A4C4B26F34}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
WinRT Intellisense Desktop - Other Languages (HKLM-x32\...\{7EF010FF-7800-28BA-FF49-2D219EC7BA82}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - en-us (HKLM-x32\...\{36AE12FB-4349-6EAA-B6E4-5F4E06FA8AE8}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - Other Languages (HKLM-x32\...\{6B03A6A4-643C-57CE-CA6F-4E19BF47497A}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
WinRT Intellisense Mobile - en-us (HKLM-x32\...\{918A448F-59E8-FBF5-B087-D3F07160C7E0}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - en-us (HKLM-x32\...\{66483041-F590-EC46-4AF0-EE39C62FB680}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - Other Languages (HKLM-x32\...\{9C61E6D2-C43E-6746-B519-6185558C4A24}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - en-us (HKLM-x32\...\{6B37CC5B-78DF-5050-2215-68479716A587}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - Other Languages (HKLM-x32\...\{250D5341-0879-4016-399C-BBCD87B80E95}) (Version: 10.1.18362.1 - Microsoft Corporation) Hidden
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)
World of Warcraft Classic (HKLM-x32\...\World of Warcraft Classic) (Version:  - Blizzard Entertainment)

Packages:
=========
Bang ＆ Olufsen Audio Control -> C:\Program Files\WindowsApps\AD2F1837.BangOlufsenAudioControl_1.3.181.0_x64__v10z8vjag6ke6 [2021-03-26] (HP Inc.)
HP Support Assistant -> C:\Program Files\WindowsApps\AD2F1837.HPSupportAssistant_9.7.276.0_x64__v10z8vjag6ke6 [2021-03-20] (HP Inc.)
Intel® Graphics Control Panel -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsControlPanel_3.3.0.0_x64__8j3eq9eme6ctt [2020-11-03] (INTEL CORP)
Intel® Optane™ Memory and Storage Management -> C:\Program Files\WindowsApps\AppUp.IntelOptaneMemoryandStorageManagement_18.1.1015.0_x64__8j3eq9eme6ctt [2021-03-26] (INTEL CORP)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-11-04] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-11-04] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.4072.0_x64__8wekyb3d8bbwe [2021-04-17] (Microsoft Studios) [MS Ad]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.97.752.0_x64__mcm4njqhnhss8 [2020-11-03] (Netflix, Inc.)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.960.0_x64__56jybvy8sckqj [2021-04-21] (NVIDIA Corp.)
Samsung Printer Experience -> C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCO.LTD.SamsungPrinterExperience_1.3.15.0_x64__3c1yjt4zspk6g [2021-03-02] (Samsung Electronics Co. Ltd.)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.156.595.0_x86__zpdnekdrzrea0 [2021-04-01] (Spotify AB) [Startup Task]
Thunderbolt Control Center -> C:\Program Files\WindowsApps\AppUp.ThunderboltControlCenter_1.0.30.0_x64__8j3eq9eme6ctt [2021-01-05] (INTEL CORP)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3039489114-2094619844-3197177633-1001_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6} -> [OneDrive - Personal] => {a52bba46-e9e1-435f-b3d9-28daa648c0f6}0
CustomCLSID: HKU\S-1-5-21-3039489114-2094619844-3197177633-1001_Classes\CLSID\{04271989-C4D2-1B52-E51C-C84295F60CA2} -> [Lotraco s.r.o] => C:\Users\xschi\Lotraco s.r.o [2020-11-03 17:30]
CustomCLSID: HKU\S-1-5-21-3039489114-2094619844-3197177633-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\xschi\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20339.4\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2020-11-02] (Notepad++ -> )
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-08-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-08-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-04-21] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\System32\DriverStore\FileRepository\nvhmi.inf_amd64_a15bbc31588a3c38\nvshext.dll [2021-04-13] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-04-21] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-08-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-08-26] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2020-11-03 17:04 - 2020-11-03 17:04 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\AppVIsvSubsystems64.dll
2020-11-03 17:04 - 2020-11-03 17:04 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\c2r64.dll
2021-03-17 17:18 - 2021-03-17 17:18 - 003923456 _____ (Newtonsoft) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\Newtonsoft.Json\956845921c93e054065d978f97bdf320\Newtonsoft.Json.ni.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2021-02-09] (Microsoft Corporation -> Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2020-12-26] (HP Inc. -> HP Inc.)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-02-09] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2020-12-26] (HP Inc. -> HP Inc.)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-04-20] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-04-20] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-04-20] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-04-20] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-04-20] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-04-20] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-04-20] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-04-20] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-3039489114-2094619844-3197177633-1001\...\sharepoint.com -> hxxps://lotraco-files.sharepoint.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-12-07 11:14 - 2021-04-21 14:39 - 000001264 _____ C:\Windows\system32\drivers\etc\hosts
127.0.0.1 login.tscdev.com
127.0.0.1 develop01.tscdev.com
127.0.0.1 develop02.tscdev.com
127.0.0.1 develop03.tscdev.com
127.0.0.1 develop04.tscdev.com
127.0.0.1 develop05.tscdev.com
192.168.0.150 host.docker.internal
192.168.0.150 gateway.docker.internal
127.0.0.1 kubernetes.docker.internal

2020-11-04 23:42 - 2020-11-09 09:34 - 000000436 _____ C:\Windows\system32\drivers\etc\hosts.ics
172.30.128.1 nbhorak.mshome.net # 2025 11 6 8 7 34 2 62
24

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3039489114-2094619844-3197177633-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\xschi\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img0.jpg
HKU\S-1-5-80-2652535364-2169709536-2857650723-2622804123-1107741775\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-80-3263513310-3392720605-1798839546-683002060-3227631582\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-80-3880718306-3832830129-1677859214-2598158968-1052248003\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
DNS Servers: 10.35.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

Network Binding:
=============
Wi-Fi: FortiClient NDIS 6.3 Packet Filter Driver -> ft_fortifilter (enabled) 
Ethernet 2: FortiClient NDIS 6.3 Packet Filter Driver -> ft_fortifilter (enabled) 
Ethernet: FortiClient NDIS 6.3 Packet Filter Driver -> ft_fortifilter (enabled) 

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "TechSmithSnagit"
HKLM\...\StartupApproved\Run32: => "TeamsMachineInstaller"
HKU\S-1-5-21-3039489114-2094619844-3197177633-1001\...\StartupApproved\StartupFolder: => "Poslat do aplikace OneNote.lnk"
HKU\S-1-5-21-3039489114-2094619844-3197177633-1001\...\StartupApproved\Run: => "Docker Desktop"
HKU\S-1-5-21-3039489114-2094619844-3197177633-1001\...\StartupApproved\Run: => "TSMApplication"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{C9E05E41-E8AE-4C2F-A958-3D616B3B3E77}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E63202D7-B551-48E7-B86F-4CDED1B51261}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{AB4D7F03-7967-4D72-AC2A-857B110670C3}] => (Allow) D:\Games\Steam\steam.exe (Valve -> Valve Corporation)
FirewallRules: [{7075969E-3573-4016-BA36-8CFBF0CE6CB6}] => (Allow) D:\Games\Steam\steam.exe (Valve -> Valve Corporation)
FirewallRules: [{95B0BCB2-5D14-42AE-9A77-886E17F6C95C}] => (Allow) D:\Games\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{22ACC426-ECDE-4478-9389-957E38D13380}] => (Allow) D:\Games\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{6158ABB7-3C70-47C6-B960-7EB40439383C}] => (Allow) C:\Program Files\Memurai\memurai.exe (Janea Systems, Inc. -> Janea Systems, Inc.)
FirewallRules: [TCP Query User{2A2BC52C-034E-49BB-A69F-E4E7A9A9954E}C:\users\xschi\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\xschi\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{870F1D59-FA36-402A-8DF8-4E96E5553F01}C:\users\xschi\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\xschi\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{77FE288E-8E4A-4E60-BE1C-70ACC066B6B6}C:\program files\docker\docker\resources\com.docker.backend.exe] => (Allow) C:\program files\docker\docker\resources\com.docker.backend.exe (Docker Inc -> )
FirewallRules: [UDP Query User{36809422-4659-449C-AAC5-10D363C1F298}C:\program files\docker\docker\resources\com.docker.backend.exe] => (Allow) C:\program files\docker\docker\resources\com.docker.backend.exe (Docker Inc -> )
FirewallRules: [{B224E10F-857D-4147-B536-9B179AE6CDAB}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{3DF4C6B1-B06A-4F2A-96A0-4F4424F657AA}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{5F1ED673-2FEF-40D3-B05C-2511C9D4C852}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{AB9B0EA3-FA87-4024-AA03-851827F5926E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{ED3D5D5F-3ABC-41D6-B851-C7CB64BB1EB8}] => (Allow) D:\Games\Steam\steamapps\common\Satisfactory\FactoryGame.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [{5A89A069-CDFA-4211-9D21-160421B4CF5C}] => (Allow) D:\Games\Steam\steamapps\common\Satisfactory\FactoryGame.exe (Epic Games, Inc.) [File not signed]
FirewallRules: [TCP Query User{59CF2490-35C6-49A2-927B-541EDC2C5757}C:\program files (x86)\microsoft visual studio\2019\professional\msbuild\microsoft\visualstudio\nodejs\win-x64\node.exe] => (Allow) C:\program files (x86)\microsoft visual studio\2019\professional\msbuild\microsoft\visualstudio\nodejs\win-x64\node.exe (Node.js Foundation -> Node.js)
FirewallRules: [UDP Query User{ED300E49-31B1-4CA1-A473-48171ED92A25}C:\program files (x86)\microsoft visual studio\2019\professional\msbuild\microsoft\visualstudio\nodejs\win-x64\node.exe] => (Allow) C:\program files (x86)\microsoft visual studio\2019\professional\msbuild\microsoft\visualstudio\nodejs\win-x64\node.exe (Node.js Foundation -> Node.js)
FirewallRules: [{61A4688A-E398-411D-96D7-5FEDACA0CDE4}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{27A4302C-9E5D-4BD4-848D-48D12CB74CC5}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{08693775-69B6-4DED-9E64-DC466C5CDB41}D:\games\epic\darkestdungeon\_windowsnosteam\darkest.exe] => (Allow) D:\games\epic\darkestdungeon\_windowsnosteam\darkest.exe () [File not signed]
FirewallRules: [UDP Query User{F7890613-9620-4B15-B3E6-C2386E8D06CB}D:\games\epic\darkestdungeon\_windowsnosteam\darkest.exe] => (Allow) D:\games\epic\darkestdungeon\_windowsnosteam\darkest.exe () [File not signed]
FirewallRules: [TCP Query User{F1940AC3-6194-46A1-9900-32E63EFBA083}C:\program files (x86)\microsoft visual studio\2019\professional\common7\ide\extensions\microsoft\liveshare\agent\vsls-agent.exe] => (Allow) C:\program files (x86)\microsoft visual studio\2019\professional\common7\ide\extensions\microsoft\liveshare\agent\vsls-agent.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{7F10D26B-627F-4AD6-B49F-02E63237AA69}C:\program files (x86)\microsoft visual studio\2019\professional\common7\ide\extensions\microsoft\liveshare\agent\vsls-agent.exe] => (Allow) C:\program files (x86)\microsoft visual studio\2019\professional\common7\ide\extensions\microsoft\liveshare\agent\vsls-agent.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{57D7B1CD-B726-4D8D-AEED-EC99B421DCA9}D:\games\call of duty 2\cod2mp_s.exe] => (Allow) D:\games\call of duty 2\cod2mp_s.exe () [File not signed]
FirewallRules: [UDP Query User{8197C53B-98E0-4B4E-B3AB-244E47EECED0}D:\games\call of duty 2\cod2mp_s.exe] => (Allow) D:\games\call of duty 2\cod2mp_s.exe () [File not signed]
FirewallRules: [{F259F5F0-5BCE-47C0-A2FB-BFB0F2516F9D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{5EE34F44-70EB-4DB7-8290-8DAE0F4849B8}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{6AE828DA-DA26-43A3-872A-0A7FA8400F1B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{FE988A6B-91CE-491A-B4C8-30996E33E890}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{97DFD32D-CE9D-4350-B15A-100EC15132EA}] => (Allow) D:\Games\Steam\steamapps\common\Stardew Valley\Stardew Valley.exe (ConcernedApe) [File not signed]
FirewallRules: [{51D421C7-E3D7-47B1-908A-F262E68E30F6}] => (Allow) D:\Games\Steam\steamapps\common\Stardew Valley\Stardew Valley.exe (ConcernedApe) [File not signed]
FirewallRules: [{35FF294E-066E-45B0-88B5-6C95C5E5E9FA}] => (Allow) D:\Games\Steam\steamapps\common\Valheim\valheim.exe () [File not signed]
FirewallRules: [{BAA64E19-30F5-4A7F-AA32-757DFBED5C71}] => (Allow) D:\Games\Steam\steamapps\common\Valheim\valheim.exe () [File not signed]
FirewallRules: [TCP Query User{11A7628E-34ED-4422-970B-B1A7169C633B}C:\program files (x86)\microsoft visual studio\2019\professional\msbuild\microsoft\visualstudio\nodejs\win-x64\node.exe] => (Allow) C:\program files (x86)\microsoft visual studio\2019\professional\msbuild\microsoft\visualstudio\nodejs\win-x64\node.exe (Node.js Foundation -> Node.js)
FirewallRules: [UDP Query User{A82BD145-8021-46F0-92D8-82744F2D83EE}C:\program files (x86)\microsoft visual studio\2019\professional\msbuild\microsoft\visualstudio\nodejs\win-x64\node.exe] => (Allow) C:\program files (x86)\microsoft visual studio\2019\professional\msbuild\microsoft\visualstudio\nodejs\win-x64\node.exe (Node.js Foundation -> Node.js)
FirewallRules: [TCP Query User{700535D4-BF5E-4763-B5ED-9F3162412C41}C:\users\xschi\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\xschi\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{F5D2E904-EA9C-474C-9F7E-034B7123CAEB}C:\users\xschi\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\xschi\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{D3CE443D-2792-43AC-9C6F-99A4279C349C}D:\games\call of duty 2\cod2mp_s.exe] => (Allow) D:\games\call of duty 2\cod2mp_s.exe () [File not signed]
FirewallRules: [UDP Query User{39E77DFB-3D1F-45F0-AD74-782CA67DCEAC}D:\games\call of duty 2\cod2mp_s.exe] => (Allow) D:\games\call of duty 2\cod2mp_s.exe () [File not signed]
FirewallRules: [TCP Query User{D759582E-D047-45BB-AD7E-17FA96D71511}D:\programs\utorrent\utorrent.exe] => (Allow) D:\programs\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [UDP Query User{4657D8D6-3927-4556-8844-1DAACE394A77}D:\programs\utorrent\utorrent.exe] => (Allow) D:\programs\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{530D9175-A873-480B-A8FB-24AE9367AE58}] => (Allow) D:\Games\Steam\steamapps\common\Kerbal Space Program\KSP_x64.exe (Take-Two Interactive Software, Inc. -> )
FirewallRules: [{8C14AE81-6FBD-438D-A479-757F6B6904A3}] => (Allow) D:\Games\Steam\steamapps\common\Kerbal Space Program\KSP_x64.exe (Take-Two Interactive Software, Inc. -> )
FirewallRules: [{8542A2D2-0071-4F9A-8A6C-A41CE710440B}] => (Block) C:\Program Files (x86)\Overwolf\0.168.0.12\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{50187F2C-E62F-40F2-979B-959A82E5F915}] => (Allow) C:\Program Files (x86)\Overwolf\0.168.0.12\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{4D18595B-A51A-4B4A-BB48-CBDF3F218D77}] => (Block) C:\Program Files (x86)\Overwolf\0.166.1.16\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{F652F862-8FC7-4F0B-B1A2-DB47DC90E646}] => (Allow) C:\Program Files (x86)\Overwolf\0.168.0.12\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{20F245E8-C572-460C-A2C7-CFA09BAC5E2E}] => (Block) C:\Program Files (x86)\Overwolf\0.166.1.16\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{DEAC6432-58AE-4D8C-8AA5-CB394564F12A}] => (Block) C:\Program Files (x86)\Overwolf\0.166.1.16\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{569E0CE2-FA11-4A3E-A067-7E1C0DAD31B6}] => (Block) C:\Program Files (x86)\Overwolf\0.166.1.16\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{C24362E8-A2ED-4633-9283-51C4B476643C}] => (Block) C:\Program Files (x86)\Overwolf\0.166.1.16\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{C79AF64C-2D2B-4D0B-A3E0-02FADFBA4818}] => (Block) C:\Program Files (x86)\Overwolf\0.166.1.16\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{EDFA1814-D694-48FF-BA4A-469F24BC2885}] => (Block) C:\Program Files (x86)\Overwolf\0.166.1.16\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{5D25CE5C-83D8-45F3-904E-8CB28FDD06F3}] => (Block) C:\Program Files (x86)\Overwolf\0.166.1.16\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{22D071C8-AFF4-4537-8BA2-1DDFA2CE2058}] => (Block) C:\Program Files (x86)\Overwolf\0.166.1.16\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{1694FFAA-38AC-4B28-B91C-2CEEE68C9569}] => (Block) C:\Program Files (x86)\Overwolf\0.168.0.12\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{AC70EF1A-6A99-4194-9701-D6F1DBC95406}] => (Block) C:\Program Files (x86)\Overwolf\0.166.1.16\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{601107A3-AC23-42A7-BBB7-E11D2897FB06}] => (Block) C:\Program Files (x86)\Overwolf\0.168.0.12\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{F1DB1DE7-82ED-42C4-B2D1-DD9B6486F64A}] => (Block) C:\Program Files (x86)\Overwolf\0.168.0.12\OverwolfBrowser.exe (Overwolf Ltd -> Overwolf LTD)
FirewallRules: [{C3F5B87C-9632-47F9-B23D-3E5CF4DA7845}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.156.595.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{55847996-643D-4D06-8F14-D88B695ED6C2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.156.595.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{94426B71-B800-4FE3-A468-B3B48A0588CA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.156.595.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{D418ED83-4E06-4922-A5CC-68AFC2BE4E0C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.156.595.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{2858709D-D0D5-4DE4-9C92-7FA7D3753E64}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.156.595.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{09BFC2EE-D022-4E56-A52B-E3572530243C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.156.595.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{2DE51C43-066B-4960-AA83-C613608732A2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.156.595.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{7BF75D77-DA29-4E4E-9AC0-0FEF20AB7AAB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.156.595.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{504D2867-375F-43FB-B07D-51B241A4F089}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{8F4FCD79-0B5B-4453-B645-1E10C924DB74}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\89.0.774.77\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D49636B4-B441-469A-9782-439A048BD241}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{59D75FD5-052F-4059-B146-D5559A4475E1}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C3BC657F-64D2-4F45-9159-407FAD87C90F}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================

16-04-2021 16:13:11 Microsoft ASP.NET Core 2.1.27 - Shared Framework

==================== Faulty Device Manager Devices ============

Name: Detection Verification
Description: Detection Verification
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Fortinet SSL VPN Virtual Ethernet Adapter
Description: Fortinet SSL VPN Virtual Ethernet Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Fortinet Inc.
Service: ftsvnic
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: ========================

Application errors:
==================
Error: (04/21/2021 01:29:31 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.

Error: (04/21/2021 01:29:31 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]

Error: (04/21/2021 01:08:04 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: NBHORAK)
Description: Nelze otevřít objekt výkonu služby serveru. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.

Error: (04/21/2021 01:07:37 PM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: NBHORAK)
Description: Nelze otevřít objekt výkonu služby serveru. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.

Error: (04/21/2021 01:07:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: wwahost.exe, verze: 10.0.19041.789, časové razítko: 0x9bbd7506
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000409
Posun chyby: 0x000000000000040d
ID chybujícího procesu: 0x5898
Čas spuštění chybující aplikace: 0x01d7369e745a5185
Cesta k chybující aplikaci: C:\Windows\System32\wwahost.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 3dd16f43-f9ad-45b5-a679-242a20c8ff44
Úplný název chybujícího balíčku: Microsoft.Win32WebViewHost_10.0.19041.423_neutral_neutral_cw5n1h2txyewy
ID aplikace související s chybujícím balíčkem: DPI.SystemAware

Error: (04/21/2021 12:34:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: NiceHashQuickMinerInstaller.exe, verze: 0.5.1.3, časové razítko: 0xb496b851
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.906, časové razítko: 0x2f2f77bf
Kód výjimky: 0xe0434352
Posun chyby: 0x0000000000034b59
ID chybujícího procesu: 0xc60
Čas spuštění chybující aplikace: 0x01d73699e4a76761
Cesta k chybující aplikaci: D:\NiceHashQuickMinerInstaller.exe
Cesta k chybujícímu modulu: C:\Windows\System32\KERNELBASE.dll
ID zprávy: 07c2e37d-f720-4958-8c28-5b4bc4ec8fb3
Úplný název chybujícího balíčku: 
ID aplikace související s chybujícím balíčkem:

Error: (04/21/2021 12:34:22 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: NiceHashQuickMinerInstaller.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.IO.FileNotFoundException
   na watchdog2.Logger.LogEvent(SeverityLevel, System.String, System.String)
   na watchdog2.config.parse_config_file()
   na watchdog2.UI.lang.language.Initialize(System.String)
   na watchdog2.UI.lang.language.GetAvailableLanguages()
   na watchdog2.Form3.UpdateLanguageComboBox()
   na watchdog2.Form3..ctor(watchdog2.latest_version, watchdog2.latest_version, Boolean)
   na watchdog2.installer.try_install(System.String, Boolean)
   na watchdog2.Program.Main(System.String[])

Error: (04/21/2021 12:31:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: NiceHashQuickMinerInstaller.exe, verze: 0.5.1.3, časové razítko: 0xb496b851
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.906, časové razítko: 0x2f2f77bf
Kód výjimky: 0xe0434352
Posun chyby: 0x0000000000034b59
ID chybujícího procesu: 0x7458
Čas spuštění chybující aplikace: 0x01d7369980156c47
Cesta k chybující aplikaci: D:\NiceHashQuickMinerInstaller.exe
Cesta k chybujícímu modulu: C:\Windows\System32\KERNELBASE.dll
ID zprávy: 1e786ce2-3354-489e-bf24-3e1b0e1a926a
Úplný název chybujícího balíčku: 
ID aplikace související s chybujícím balíčkem:


System errors:
=============
Error: (04/21/2021 01:29:29 PM) (Source: DCOM) (EventID: 10010) (User: NBHORAK)
Description: Server {FD06603A-2BDF-4BB1-B7DF-5DC68F353601} se v daném časovém limitu neregistroval u služby DCOM.

Error: (04/20/2021 11:58:36 PM) (Source: MTConfig) (EventID: 1) (User: )
Description: Pokus o konfiguraci vstupního režimu vícedotykového zařízení se nezdařil.

Error: (04/20/2021 11:58:36 PM) (Source: MTConfig) (EventID: 1) (User: )
Description: Pokus o konfiguraci vstupního režimu vícedotykového zařízení se nezdařil.

Error: (04/19/2021 09:58:51 AM) (Source: DCOM) (EventID: 10028) (User: NBHORAK)
Description: Služba DCOM nemohla komunikovat s počítačem tsc-sql-prod-01.662cb3a844e2.database.windows.net pomocí žádného z nakonfigurovaných protokolů; požadováno na základě identifikátoru PID     3b24 (C:\Program Files (x86)\Microsoft SQL Server Management Studio 18\Common7\IDE\Ssms.exe) při aktivaci identifikátoru CLSID {8BC3F05E-D86B-11D0-A075-00C04FB68820}.

Error: (04/19/2021 09:58:30 AM) (Source: DCOM) (EventID: 10028) (User: NBHORAK)
Description: Služba DCOM nemohla komunikovat s počítačem tsc-sql-prod-01.662cb3a844e2.database.windows.net pomocí žádného z nakonfigurovaných protokolů; požadováno na základě identifikátoru PID     3b24 (C:\Program Files (x86)\Microsoft SQL Server Management Studio 18\Common7\IDE\Ssms.exe) při aktivaci identifikátoru CLSID {8BC3F05E-D86B-11D0-A075-00C04FB68820}.

Error: (04/18/2021 12:50:41 PM) (Source: MTConfig) (EventID: 1) (User: )
Description: Pokus o konfiguraci vstupního režimu vícedotykového zařízení se nezdařil.

Error: (04/18/2021 12:50:41 PM) (Source: MTConfig) (EventID: 1) (User: )
Description: Pokus o konfiguraci vstupního režimu vícedotykového zařízení se nezdařil.

Error: (04/18/2021 03:54:35 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Memurai byla ukončena s následující chybou: 
Systém nenalezl zadanou možnost prostředí.


Windows Defender:
================
Date: 2021-04-21 13:10:56
Description: 
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid=37020&name=PUA:Win64/CoinMiner&threatid=238862&enterprise=0
Název: PUA:Win64/CoinMiner
Závažnost: Nízké
Kategorie: Potenciálně nežádoucí software
Cesta: file:_D:\NiceHash Miner\miner_plugins\f683f550-94eb-11ea-a64d-17be303ea466\bins\16.0\NBMiner_Win\nbminer.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: NBHORAK\xschi
Název procesu: D:\NiceHash Miner\app_3.0.6.5\app_nhm.exe
Verze bezpečnostních informací: AV: 1.335.1322.0, AS: 1.335.1322.0, NIS: 1.335.1322.0
Verze modulu: AM: 1.1.18000.5, NIS: 1.1.18000.5

Date: 2021-04-21 13:10:54
Description: 
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid=37020&name=PUA:Win64/NiceHashMiner&threatid=258400&enterprise=0
Název: PUA:Win64/NiceHashMiner
Závažnost: Nízké
Kategorie: Potenciálně nežádoucí software
Cesta: amsi:_D:\NiceHash Miner\app_3.0.6.5\app_nhm.exe; file:_C:\Users\xschi\Desktop\NiceHashQuickMinerInstaller.exe; file:_D:\NiceHashQuickMinerInstaller.exe; webfile:_C:\Users\xschi\Desktop\NiceHashQuickMinerInstaller.exe|https://github-releases.githubusercontent.com/335101508/756dba80-a1da-11eb-9502-ad48982ece5e?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAIWNJYAX4CSVEH53A4.18.2103.7F202104214.18.2103.7Fus-east-14.18.2103.7Fs34.18.2103.7Faws4_request&X-Amz-Date=20210421T102541Z&X-Amz-Expires=300&X-Amz-Signature=ca59783c011863fa9d5fb73dd5391a2c0dd40ca7523786967eb289790c8310e7&X-Amz-SignedHeaders=host&actor_id=47105957&key_id=0&repo_id=335101508&response-content-disposition=attachment{556CDDA5-FC57-4397-B67F-C774E03ADB67}BNBHORAK\xschifilename{556CDDA5-FC57-4397-B67F-C774E03ADB67}DNiceHashQuickMinerInstaller.exe&response-content-type=application4.18.2103.7Foctet-stream|pid:7564,ProcessStart:132634743439839667; webfile:_D:\NiceHashQuickMinerInstaller.exe|https://github-releases.githubusercontent.com/335101508/756dba80-a1da-11eb-9502-ad48982ece5e?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAIWNJYAX4CSVEH53A4.18.2103.7F202104214.18.2103.7Fus
Původ detekce: Internet
Typ detekce: Konkrétní
Zdroj detekce: Soubory ke stažení a přílohy
Uživatel: NBHORAK\xschi
Název procesu: D:\NiceHash Miner\app_3.0.6.5\app_nhm.exe
Verze bezpečnostních informací: AV: 1.335.1322.0, AS: 1.335.1322.0, NIS: 1.335.1322.0
Verze modulu: AM: 1.1.18000.5, NIS: 1.1.18000.5

Date: 2021-04-21 13:10:54
Description: 
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid=37020&name=PUA:Win64/NiceHashMiner&threatid=258400&enterprise=0
Název: PUA:Win64/NiceHashMiner
Závažnost: Nízké
Kategorie: Potenciálně nežádoucí software
Cesta: amsi:_D:\NiceHash Miner\app_3.0.6.5\app_nhm.exe; file:_C:\Users\xschi\Desktop\NiceHashQuickMinerInstaller.exe; file:_D:\NiceHashQuickMinerInstaller.exe; webfile:_C:\Users\xschi\Desktop\NiceHashQuickMinerInstaller.exe|https://github-releases.githubusercontent.com/335101508/756dba80-a1da-11eb-9502-ad48982ece5e?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAIWNJYAX4CSVEH53A4.18.2103.7F202104214.18.2103.7Fus-east-14.18.2103.7Fs34.18.2103.7Faws4_request&X-Amz-Date=20210421T102541Z&X-Amz-Expires=300&X-Amz-Signature=ca59783c011863fa9d5fb73dd5391a2c0dd40ca7523786967eb289790c8310e7&X-Amz-SignedHeaders=host&actor_id=47105957&key_id=0&repo_id=335101508&response-content-disposition=attachment{556CDDA5-FC57-4397-B67F-C774E03ADB67}BNBHORAK\xschifilename{556CDDA5-FC57-4397-B67F-C774E03ADB67}DNiceHashQuickMinerInstaller.exe&response-content-type=application4.18.2103.7Foctet-stream|pid:7564,ProcessStart:132634743439839667; webfile:_D:\NiceHashQuickMinerInstaller.exe|https://github-releases.githubusercontent.com/335101508/756dba80-a1da-11eb-9502-ad48982ece5e?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAIWNJYAX4CSVEH53A4.18.2103.7F202104214.18.2103.7Fus
Původ detekce: Internet
Typ detekce: Konkrétní
Zdroj detekce: Soubory ke stažení a přílohy
Uživatel: NBHORAK\xschi
Název procesu: D:\NiceHash Miner\app_3.0.6.5\app_nhm.exe
Verze bezpečnostních informací: AV: 1.335.1322.0, AS: 1.335.1322.0, NIS: 1.335.1322.0
Verze modulu: AM: 1.1.18000.5, NIS: 1.1.18000.5

Date: 2021-04-21 13:10:53
Description: 
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid=37020&name=PUA:Win64/NiceHashMiner&threatid=258400&enterprise=0
Název: PUA:Win64/NiceHashMiner
Závažnost: Nízké
Kategorie: Potenciálně nežádoucí software
Cesta: amsi:_D:\NiceHash Miner\app_3.0.6.5\app_nhm.exe; file:_C:\Users\xschi\Desktop\NiceHashQuickMinerInstaller.exe; file:_D:\NiceHashQuickMinerInstaller.exe; webfile:_C:\Users\xschi\Desktop\NiceHashQuickMinerInstaller.exe|https://github-releases.githubusercontent.com/335101508/756dba80-a1da-11eb-9502-ad48982ece5e?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAIWNJYAX4CSVEH53A4.18.2103.7F202104214.18.2103.7Fus-east-14.18.2103.7Fs34.18.2103.7Faws4_request&X-Amz-Date=20210421T102541Z&X-Amz-Expires=300&X-Amz-Signature=ca59783c011863fa9d5fb73dd5391a2c0dd40ca7523786967eb289790c8310e7&X-Amz-SignedHeaders=host&actor_id=47105957&key_id=0&repo_id=335101508&response-content-disposition=attachment{556CDDA5-FC57-4397-B67F-C774E03ADB67}BNBHORAK\xschifilename{556CDDA5-FC57-4397-B67F-C774E03ADB67}DNiceHashQuickMinerInstaller.exe&response-content-type=application4.18.2103.7Foctet-stream|pid:7564,ProcessStart:132634743439839667; webfile:_D:\NiceHashQuickMinerInstaller.exe|https://github-releases.githubusercontent.com/335101508/756dba80-a1da-11eb-9502-ad48982ece5e?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAIWNJYAX4CSVEH53A4.18.2103.7F202104214.18.2103.7Fus
Původ detekce: Internet
Typ detekce: Konkrétní
Zdroj detekce: Soubory ke stažení a přílohy
Uživatel: NBHORAK\xschi
Název procesu: D:\NiceHash Miner\app_3.0.6.5\app_nhm.exe
Verze bezpečnostních informací: AV: 1.335.1322.0, AS: 1.335.1322.0, NIS: 1.335.1322.0
Verze modulu: AM: 1.1.18000.5, NIS: 1.1.18000.5

Date: 2021-04-21 13:10:53
Description: 
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid=37020&name=PUA:Win64/NiceHashMiner&threatid=258400&enterprise=0
Název: PUA:Win64/NiceHashMiner
Závažnost: Nízké
Kategorie: Potenciálně nežádoucí software
Cesta: amsi:_D:\NiceHash Miner\app_3.0.6.5\app_nhm.exe; file:_C:\Users\xschi\Desktop\NiceHashQuickMinerInstaller.exe; file:_D:\NiceHashQuickMinerInstaller.exe; webfile:_C:\Users\xschi\Desktop\NiceHashQuickMinerInstaller.exe|https://github-releases.githubusercontent.com/335101508/756dba80-a1da-11eb-9502-ad48982ece5e?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAIWNJYAX4CSVEH53A4.18.2103.7F202104214.18.2103.7Fus-east-14.18.2103.7Fs34.18.2103.7Faws4_request&X-Amz-Date=20210421T102541Z&X-Amz-Expires=300&X-Amz-Signature=ca59783c011863fa9d5fb73dd5391a2c0dd40ca7523786967eb289790c8310e7&X-Amz-SignedHeaders=host&actor_id=47105957&key_id=0&repo_id=335101508&response-content-disposition=attachment{556CDDA5-FC57-4397-B67F-C774E03ADB67}BNBHORAK\xschifilename{556CDDA5-FC57-4397-B67F-C774E03ADB67}DNiceHashQuickMinerInstaller.exe&response-content-type=application4.18.2103.7Foctet-stream|pid:7564,ProcessStart:132634743439839667; webfile:_D:\NiceHashQuickMinerInstaller.exe|https://github-releases.githubusercontent.com/335101508/756dba80-a1da-11eb-9502-ad48982ece5e?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAIWNJYAX4CSVEH53A4.18.2103.7F202104214.18.2103.7Fus
Původ detekce: Internet
Typ detekce: Konkrétní
Zdroj detekce: Soubory ke stažení a přílohy
Uživatel: NBHORAK\xschi
Název procesu: D:\NiceHash Miner\app_3.0.6.5\app_nhm.exe
Verze bezpečnostních informací: AV: 1.335.1322.0, AS: 1.335.1322.0, NIS: 1.335.1322.0
Verze modulu: AM: 1.1.18000.5, NIS: 1.1.18000.5
﻿
CodeIntegrity:
===============
Date: 2021-03-23 12:54:01
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Users\xschi\AppData\Local\Microsoft\Teams\current\Teams.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Overwolf\0.166.1.16\OWExplorer.dll that did not meet the Microsoft signing level requirements.

Date: 2021-03-20 08:53:22
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2021-03-20 08:53:22
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Spybot - Search & Destroy 2\SDLicense.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2021-03-12 09:07:59
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2021-03-10 11:25:10
Description: 
Windows blocked file \Device\HarddiskVolume3\Windows\System32\scrobj.dll which has been disallowed for protected processes.


==================== Memory info =========================== 

BIOS: AMI F.23 08/13/2020
Motherboard: HP 863E
Processor: Intel(R) Core(TM) i7-9750H CPU @ 2.60GHz
Percentage of memory in use: 50%
Total physical RAM: 16088.96 MB
Available physical RAM: 8023.47 MB
Total Virtual: 29912.96 MB
Available Virtual: 19336.32 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:231.27 GB) (Free:79.37 GB) (Protected) NTFS
Drive d: () (Fixed) (Total:244.14 GB) (Free:101.99 GB) (Protected) NTFS

\\?\Volume{9f55ba7a-803a-4afe-bf9a-567d5f6e019c}\ () (Fixed) (Total:0.77 GB) (Free:0.37 GB) NTFS
\\?\Volume{188225e1-0e0c-4760-9408-2517fe0c99c4}\ () (Fixed) (Total:0.48 GB) (Free:0.47 GB) NTFS
\\?\Volume{3f479e33-4871-4270-b12a-39fc497ff7da}\ () (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: DE5656AA)

Partition: GPT.

==================== End of Addition.txt =======================