1) Windows Update prestal fungovat - hazi chybu 0x80080005
2) Windows Store is jammed, nejde nainstalovat nebo aktualizovat zadna aplikace (e.g. Citrix, Lenovo Vantage)
3) Windows Security okno (accessed via Settings) se neotevre vubec . Nahodou jsem to zjistil, kdyz jsem si vsimnul, ze v trayi se nezobrazuje ikonka stitu.
Problemy 1) a 2) googlim, jsou na to ruzne navody. Ale pri zjisteni 3) uz jsem pojal vetsi podezreni... Nedelal jsem v PC posledni dobou zadne velke zmeny, o to vic me sokuje, co se najednou deje.
Mohl bych vas poprosit o kontrolu logu? Dekuji predem.
Kód: Vybrat vše
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29-03-2020
Ran by sousedovic (administrator) on SOUSEDOVIC1 (LENOVO 80M5) (30-03-2020 19:27:31)
Running from D:\Koalova slozka\FRST
Loaded Profiles: sousedovic & SQLTELEMETRY$SQLEXPRESS (Available Profiles: sousedovic & SQLTELEMETRY$SQLEXPRESS & MSSQL$SQLEXPRESS)
Platform: Windows 10 Home Version 1909 18363.535 (X64) Language: English (United Kingdom)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApMsgFwd.exe
(Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApntEx.exe
(Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe
(Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\hidfind.exe
(Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\HidMonitorSvc.exe
(Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\Receiver\UpdaterService.exe
(Fortemedia Inc. -> ) C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
(Ghisler Software GmbH -> Ghisler Software GmbH) D:\Program Files on Decko\Total Commander 9 x64\TOTALCMD64.EXE
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel(R) pGFX -> ) C:\Windows\System32\igfxTray.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation -> Microsoft Corporation) D:\Program Files on Decko\Microsoft SQL Server\MSSQL14.SQLEXPRESS\MSSQL\Binn\sqlceip.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.MicrosoftStickyNotes_3.7.71.0_x64__8wekyb3d8bbwe\Microsoft.Notes.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11912.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Users\sousedovic\AppData\Local\Temp\20219A55-84A5-4AFD-A37F-6E32E7188405\DismHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Dism.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\usocoreworker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.18362.471_none_5f12f35059003107\TiWorker.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(PORTRAIT DISPLAYS, INC. -> Portrait Displays, Inc.) D:\Program Files on Decko\AOC G-Menu\CTHelper.exe
(PORTRAIT DISPLAYS, INC. -> Portrait Displays, Inc.) D:\Program Files on Decko\AOC G-Menu\DisplayTune.exe
(PORTRAIT DISPLAYS, INC. -> Portrait Displays, Inc.) D:\Program Files on Decko\AOC G-Menu\DisplayTuneService.exe
(Qualcomm Atheros -> Windows (R) Win 7 DDK provider) C:\Windows\System32\AdminService.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [699728 2015-08-05] (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-04] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-04] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-04] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-04] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3942864 2016-10-13] (Logitech -> Logitech, Inc.)
HKLM\...\Run: [DisplayTune.exe] => D:\Program Files on Decko\AOC G-Menu\DisplayTune.exe [5588768 2019-08-13] (PORTRAIT DISPLAYS, INC. -> Portrait Displays, Inc.)
HKLM\...\Run: [AOC G-Menu] => D:\Program Files on Decko\AOC G-Menu\DisplayTune.exe [5588768 2019-08-13] (PORTRAIT DISPLAYS, INC. -> Portrait Displays, Inc.)
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => D:\Program Files on Decko\Adobe Acrobat 9\Acrobat\Acrobat_sl.exe [37232 2008-06-12] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => D:\Program Files on Decko\Adobe Acrobat 9\Acrobat\Acrotray.exe [640376 2008-06-11] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
HKLM-x32\...\Run: [EaseUS EPM Tray Agent] => D:\Program Files on Decko\EaseUS Partition Master 12.10\bin\TrayPopupE\TrayTipAgentE.exe [255072 2014-11-18] (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed]
HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [795744 2020-03-18] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
HKLM-x32\...\Run: [Redirector] => C:\Program Files (x86)\Citrix\ICA Client\redirector.exe [460384 2020-03-18] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
HKLM-x32\...\Run: [InstallHelper] => C:\ProgramData\Citrix\Citrix Workspace 2002\InstallHelper.exe [429152 2020-03-18] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-247431989-2805255649-28786118-1001\...\RunOnce: [Application Restart #0] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --flag-switches-begin --flag-switches-end --enable-audio-service-sandbox --restore-last-session --flag-switches-begin --flag-switches-end - (the data entry has 102 more characters).
HKU\S-1-5-80-1985561900-798682989-2213159822-1904180398-3434236965\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\80.0.3987.149\Installer\chrmstp.exe [2020-03-20] (Google LLC -> Google LLC)
Startup: C:\Users\sousedovic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk [2020-02-05]
ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> D:\Program Files on Decko\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {27475BC4-3C6E-4F89-B8B4-2189742923AC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-03-04] (Google Inc -> Google Inc.)
Task: {545942CB-14CD-4C2C-ACB9-280D22273A32} - System32\Tasks\MySQL\Installer\ManifestUpdate => C:\Program Files (x86)\MySQL\MySQL Installer for Windows\MySQLInstallerConsole.exe [70688 2019-11-13] (Oracle America, Inc. -> Oracle Corporation)
Task: {8166CC82-E86D-4722-8B7B-5C715128FB20} - System32\Tasks\MySQLNotifierTask => C:\Program Files (x86)\MySQL\MySQL Notifier 1.1MySQLNotifier.exe
Task: {900CCEC7-F371-444C-AB90-A3179BDF51BE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-03-04] (Google Inc -> Google Inc.)
Task: {E0AE94C8-C3DE-4EBA-A523-20D38FBF9CF7} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{cb5dcfa3-ad02-42b8-868d-007837c5d30c}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{fd3c6e85-ff39-4590-86ed-b2e60b2c8594}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: ArcPluginIEBHO Class -> {84BFE29A-8139-402a-B2A4-C23AE9E1A75F} -> D:\Hry\Arc for Star Trek\Arc\Plugins\ArcPluginIE.dll => No File
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> D:\Program Files on Decko\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2020-03-18] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2020-03-18] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2020-03-18] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2020-03-18] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2020-03-18] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2020-03-18] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2020-03-18] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2020-03-18] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2020-03-18] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2020-03-18] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2020-03-18] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2020-03-18] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2020-03-18] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2020-03-18] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2020-03-18] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2020-03-18] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
FireFox:
========
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Citrix.com/npican -> C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll [2020-03-18] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> D:\Program Files on Decko\Microsoft Office\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> D:\Program Files on Decko\Microsoft Office\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-12-29] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-12-29] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: @perfectworld.com/npArcPlayNowPlugin -> D:\Hry\Arc for Star Trek\Arc\Plugins\npArcPluginFF.dll [No File]
FF Plugin HKU\S-1-5-21-247431989-2805255649-28786118-1001: SkypeForBusinessPlugin-15.8 -> C:\Users\sousedovic\AppData\Local\Microsoft\SkypeForBusinessPlugin\15.8.20020.400\npGatewayNpapi.dll [2015-06-15] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin HKU\S-1-5-21-247431989-2805255649-28786118-1001: SkypeForBusinessPlugin-16.2 -> C:\Users\sousedovic\AppData\Local\Microsoft\SkypeForBusinessPlugin\16.2.0.511\npGatewayNpapi.dll [2019-08-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin HKU\S-1-5-21-247431989-2805255649-28786118-1001: SkypeForBusinessPlugin64-15.8 -> C:\Users\sousedovic\AppData\Local\Microsoft\SkypeForBusinessPlugin\15.8.20020.400\npGatewayNpapi-x64.dll [2015-06-15] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin HKU\S-1-5-21-247431989-2805255649-28786118-1001: SkypeForBusinessPlugin64-16.2 -> C:\Users\sousedovic\AppData\Local\Microsoft\SkypeForBusinessPlugin\16.2.0.511\npGatewayNpapi-x64.dll [2019-08-03] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR Profile: C:\Users\sousedovic\AppData\Local\Google\Chrome\User Data\Default [2020-03-30]
CHR DownloadDir: D:\Users\sousedovic\Downloads
CHR Notifications: Default -> hxxps://meet.google.com
CHR HomePage: Default -> hxxp://google.com/
CHR StartupUrls: Default -> "hxxp://google.com/","file:///C:/Users/Public/KPMG/Chrome_homepage/Google_Startup.htm","hxxps://www.google.com/"
CHR Session Restore: Default -> is enabled.
CHR Extension: (Docs) - C:\Users\sousedovic\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-03-04]
CHR Extension: (Google Drive) - C:\Users\sousedovic\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-03-04]
CHR Extension: (YouTube) - C:\Users\sousedovic\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-03-04]
CHR Extension: (Sheets) - C:\Users\sousedovic\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-03-04]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\sousedovic\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2020-03-17]
CHR Extension: (Chrome Web Store Payments) - C:\Users\sousedovic\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-04]
CHR Extension: (Gmail) - C:\Users\sousedovic\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-11]
CHR Extension: (Chrome Media Router) - C:\Users\sousedovic\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-03-23]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AOCDTAOCGMenuService; D:\Program Files on Decko\AOC G-Menu\DisplayTuneService.exe [212768 2019-08-13] (PORTRAIT DISPLAYS, INC. -> Portrait Displays, Inc.)
R2 ApHidMonitorService; C:\Program Files\Apoint2K\HidMonitorSvc.exe [90432 2015-08-05] (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.)
S4 ArcService; D:\Hry\Arc for Star Trek\Arc\ArcService.exe [125488 2020-03-03] (Perfect World Entertainment -> Perfect World Entertainment Inc)
R2 CWAUpdaterService; C:\Program Files (x86)\Citrix\ICA Client\Receiver\UpdaterService.exe [40544 2020-03-12] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
S4 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [651720 2019-03-04] (Macrovision Corporation -> Macrovision Europe Ltd.) [File not signed]
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373752 2017-04-24] (Intel(R) pGFX -> Intel Corporation)
S3 MSSQL$SQLEXPRESS; D:\Program Files on Decko\Microsoft SQL Server\MSSQL14.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [484944 2019-06-15] (Microsoft Corporation -> Microsoft Corporation)
S4 MySQL80; C:\Program Files\MySQL\MySQL Server 8.0\bin\mysqld.exe [47603200 2019-12-09] (Oracle America, Inc. -> )
S4 OpenVPNService; D:\Program Files on Decko\OpenVPN\bin\openvpnserv.exe [36352 2009-12-12] () [File not signed]
S4 SQLAgent$SQLEXPRESS; D:\Program Files on Decko\Microsoft SQL Server\MSSQL14.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [578640 2019-06-15] (Microsoft Corporation -> Microsoft Corporation)
R2 SQLTELEMETRY$SQLEXPRESS; D:\Program Files on Decko\Microsoft SQL Server\MSSQL14.SQLEXPRESS\MSSQL\Binn\sqlceip.exe [252704 2019-06-15] (Microsoft Corporation -> Microsoft Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\NisSrv.exe [3206472 2019-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 wuauserv; C:\WINDOWS\system32\svchost.exe [53744 2019-03-19] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S2 wuauserv; C:\WINDOWS\SysWOW64\svchost.exe [45448 2019-03-19] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem"
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 epmntdrv; C:\WINDOWS\system32\epmntdrv.sys [34368 2018-01-17] (CHENGDU YIWO Tech Development Co., Ltd. -> )
R0 EPMVolFlt; C:\WINDOWS\System32\drivers\EPMVolFlt.sys [30280 2018-07-20] (CHENGDU YIWO Tech Development Co., Ltd. -> Windows (R) Codename Longhorn DDK provider)
S3 EuGdiDrv; C:\WINDOWS\system32\EuGdiDrv.sys [10848 2016-07-11] (CHENGDU YIWO Tech Development Co., Ltd. -> ) [File not signed]
S3 LGVirHid; C:\WINDOWS\system32\drivers\LGVirHid.sys [26912 2015-06-11] (Microsoft Windows Hardware Compatibility Publisher -> Logitech Inc.)
S3 logi_joy_bus_enum; C:\WINDOWS\system32\drivers\logi_joy_bus_enum.sys [38136 2019-12-31] (Logitech Inc -> Logitech)
S3 logi_joy_vir_hid; C:\WINDOWS\system32\drivers\logi_joy_vir_hid.sys [20624 2019-12-31] (WDKTestCert sqa,131523902232810150 -> Logitech, Inc.)
S3 logi_joy_xlcore; C:\WINDOWS\system32\drivers\logi_joy_xlcore.sys [66808 2019-12-31] (Logitech Inc -> Logitech)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvltwu.inf_amd64_0221ce4ec0827f74\nvlddmkm.sys [14190520 2017-01-17] (NVIDIA Corporation -> NVIDIA Corporation)
R3 Qcamain10x64; C:\WINDOWS\system32\DRIVERS\Qcamain10x64.sys [2377344 2018-11-13] (WDKTestCert gxia,130717419938108635 -> Qualcomm Atheros, Inc.)
S4 RsFx0501; C:\WINDOWS\System32\DRIVERS\RsFx0501.sys [261784 2019-06-15] (Microsoft Corporation -> Microsoft Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [886528 2015-07-22] (Realtek Semiconductor Corp -> Realtek )
S3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [419576 2015-11-24] (Realtek Semiconductor Corp -> Realsil Semiconductor Corporation)
R3 rtsuvc; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [3068160 2015-06-16] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [31232 2009-12-12] (OpenVPN, Inc. -> The OpenVPN Project)
R1 vbdenum; C:\WINDOWS\System32\drivers\vbdenum.sys [119432 2019-12-17] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45664 2019-12-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [355760 2019-12-04] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54192 2019-12-04] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-03-30 18:20 - 2020-03-30 18:20 - 000002539 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Citrix Workspace.lnk
2020-03-30 17:21 - 2020-03-30 18:20 - 000000000 ____D C:\ProgramData\Citrix
2020-03-30 17:21 - 2020-03-30 18:20 - 000000000 ____D C:\Program Files (x86)\Citrix
2020-03-30 17:21 - 2020-03-30 18:11 - 000000000 ____D C:\Users\sousedovic\AppData\Local\Citrix
2020-03-30 17:21 - 2020-03-30 17:26 - 000000000 ____D C:\Users\sousedovic\AppData\Roaming\ICAClient
2020-03-30 11:06 - 2020-03-30 11:06 - 000000000 ____D C:\Users\sousedovic\AppData\Local\PlaceholderTileLogoFolder
2020-03-29 18:42 - 2020-03-29 18:42 - 000000810 _____ C:\Users\Public\Desktop\AOC G-Menu.lnk
2020-03-29 18:42 - 2020-03-29 18:42 - 000000810 _____ C:\ProgramData\Desktop\AOC G-Menu.lnk
2020-03-29 18:42 - 2020-03-29 18:42 - 000000000 ____D C:\Users\sousedovic\AppData\Roaming\Portrait Displays
2020-03-29 18:42 - 2020-03-29 18:42 - 000000000 ____D C:\Users\sousedovic\AppData\Local\Portrait Displays
2020-03-29 18:42 - 2020-03-29 18:42 - 000000000 ____D C:\ProgramData\Portrait Displays
2020-03-29 18:42 - 2020-03-29 18:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AOC G-Menu
2020-03-29 17:27 - 2020-03-29 17:27 - 001694400 _____ C:\Users\sousedovic\Desktop\AOC 24G2U5 monitor manual.pdf
2020-03-28 12:28 - 2020-03-28 12:28 - 000000000 ____D C:\WINDOWS\Minidump
2020-03-24 21:29 - 2020-03-24 21:29 - 000000000 ____D C:\Users\sousedovic\AppData\Roaming\ArcApp
2020-03-24 21:26 - 2020-03-24 21:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Perfect World Entertainment
2020-03-24 21:26 - 2020-03-24 21:29 - 000000000 ____D C:\Users\sousedovic\AppData\Roaming\Arc
2020-03-23 10:32 - 2020-03-23 10:32 - 000000000 ____D C:\Program Files\Warframe
2020-03-21 11:44 - 2020-03-21 11:44 - 000000225 _____ C:\Users\sousedovic\Desktop\XCOM 2 - Wat of the Chosen.url
2020-03-20 21:47 - 2020-03-20 21:47 - 000000000 ____D C:\Users\sousedovic\AppData\Roaming\FiraxisLive
2020-03-20 21:46 - 2020-03-20 21:46 - 000000000 ____D C:\Users\sousedovic\AppData\Roaming\ModLauncherWPF
2020-03-20 17:05 - 2020-03-30 18:24 - 000000000 ____D C:\Users\sousedovic\Desktop\COBA work
2020-03-18 14:01 - 2020-03-18 17:48 - 000000000 ____D C:\Users\sousedovic\AppData\LocalLow\WebEx
2020-03-18 14:01 - 2020-03-18 16:31 - 000000000 ____D C:\Users\sousedovic\AppData\Roaming\webex
2020-03-18 14:01 - 2020-03-18 14:01 - 000000000 ____D C:\Users\sousedovic\AppData\Local\WebEx
2020-03-18 01:26 - 2020-03-18 01:26 - 000139688 _____ (Citrix Systems, Inc.) C:\WINDOWS\system32\Drivers\ctxusbm.sys
2020-03-17 15:52 - 2020-03-17 15:52 - 002042800 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2020-03-17 15:52 - 2020-03-17 15:52 - 000000469 _____ C:\WINDOWS\ODBCINST.INI
2020-03-17 15:49 - 2020-03-23 11:19 - 000000000 ____D C:\Users\sousedovic\AppData\Roaming\Oracle
2020-03-17 15:49 - 2020-03-17 16:07 - 000000000 ____D C:\Users\sousedovic\AppData\Roaming\MySQL
2020-03-17 15:49 - 2020-03-17 15:49 - 000003632 _____ C:\WINDOWS\system32\Tasks\MySQLNotifierTask
2020-03-17 15:48 - 2020-03-17 15:52 - 000000000 ____D C:\Program Files\MySQL
2020-03-17 15:45 - 2020-03-17 16:07 - 000000000 ____D C:\ProgramData\MySQL
2020-03-17 15:45 - 2020-03-17 15:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MySQL
2020-03-17 15:45 - 2020-03-17 15:52 - 000000000 ____D C:\Program Files (x86)\MySQL
2020-03-17 15:45 - 2020-03-17 15:45 - 000000000 ____D C:\WINDOWS\system32\Tasks\MySQL
2020-03-17 15:23 - 2020-03-17 15:23 - 000000000 ____D C:\Users\sousedovic\AppData\Local\Snowflake
2020-03-17 15:23 - 2020-03-17 15:23 - 000000000 ____D C:\Users\sousedovic\AppData\Local\Arcadia Data
2020-03-17 15:00 - 2020-03-17 15:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Arcadia Instant
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-03-30 19:28 - 2020-01-07 10:19 - 000000000 ____D C:\FRST
2020-03-30 19:19 - 2019-09-01 21:19 - 000838016 _____ C:\WINDOWS\system32\perfh005.dat
2020-03-30 19:19 - 2019-09-01 21:19 - 000196882 _____ C:\WINDOWS\system32\perfc005.dat
2020-03-30 19:19 - 2019-09-01 20:05 - 002025972 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-03-30 19:19 - 2019-03-19 06:50 - 000000000 ____D C:\WINDOWS\INF
2020-03-30 19:17 - 2019-03-19 06:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-03-30 19:15 - 2020-01-08 19:35 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2020-03-30 19:15 - 2019-09-01 20:09 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-03-30 19:15 - 2019-03-19 06:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-03-30 19:15 - 2019-03-04 11:21 - 000000000 __SHD C:\Users\sousedovic\IntelGraphicsProfiles
2020-03-30 19:15 - 2019-03-04 11:15 - 000000000 ____D C:\ProgramData\NVIDIA
2020-03-30 19:14 - 2019-03-19 06:37 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2020-03-30 19:13 - 2019-09-01 19:46 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-03-30 18:40 - 2019-03-21 18:21 - 000000000 ____D C:\Users\sousedovic\AppData\Local\ElevatedDiagnostics
2020-03-30 18:25 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\Catroot2.old
2020-03-30 18:18 - 2019-03-05 12:16 - 000000000 ____D C:\ProgramData\Package Cache
2020-03-30 17:26 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-03-30 17:23 - 2019-03-03 21:30 - 000000000 ____D C:\Users\sousedovic\AppData\Local\VirtualStore
2020-03-30 16:59 - 2019-09-01 20:11 - 000000000 ____D C:\Users\sousedovic\AppData\Local\PackageStaging
2020-03-30 16:59 - 2019-03-03 21:30 - 000000000 ____D C:\Users\sousedovic\AppData\Local\Packages
2020-03-29 18:42 - 2019-03-04 11:56 - 000000000 ____D C:\Users\sousedovic\Desktop\Gamesky
2020-03-29 11:40 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2020-03-28 20:42 - 2019-09-01 19:56 - 000000000 ____D C:\Users\sousedovic
2020-03-28 12:28 - 2019-03-03 21:16 - 000107008 ____N C:\WINDOWS\Minidump\032820-50328-01.dmp
2020-03-27 23:30 - 2019-03-05 12:57 - 000000000 ____D C:\Users\sousedovic\AppData\Local\CrashDumps
2020-03-26 16:15 - 2019-11-25 17:09 - 000000000 ____D C:\Users\sousedovic\AppData\Local\Spotify
2020-03-26 15:56 - 2019-11-25 17:08 - 000000000 ____D C:\Users\sousedovic\AppData\Roaming\Spotify
2020-03-26 10:15 - 2019-03-04 12:36 - 000000000 ____D C:\Users\sousedovic\AppData\Local\Microsoft Help
2020-03-24 21:26 - 2019-03-22 23:38 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2020-03-24 15:46 - 2019-03-06 13:20 - 000000000 ____D C:\Users\sousedovic\AppData\Roaming\Notepad++
2020-03-23 10:34 - 2019-09-02 21:33 - 000000000 ____D C:\Users\sousedovic\AppData\Local\Warframe
2020-03-23 09:58 - 2019-08-08 13:59 - 000000000 ____D C:\Users\sousedovic\AppData\Roaming\Zoom
2020-03-20 23:28 - 2020-02-06 12:17 - 000003420 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2020-03-20 23:28 - 2020-02-06 12:17 - 000003296 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2020-03-20 11:03 - 2019-03-04 11:32 - 000002306 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-03-18 22:58 - 2020-01-23 13:40 - 000000000 ____D C:\Program Files\Rockstar Games
2020-03-18 22:58 - 2020-01-23 13:40 - 000000000 ____D C:\Program Files (x86)\Rockstar Games
2020-03-18 19:48 - 2019-03-05 10:53 - 000000000 ____D C:\Users\sousedovic\AppData\Local\Battle.net
2020-03-13 12:20 - 2019-03-04 11:58 - 000000000 ____D C:\Users\sousedovic\AppData\Roaming\vlc
2020-03-05 23:56 - 2020-01-06 15:26 - 000000000 ____D C:\ProgramData\AVAST Software
2020-03-05 21:33 - 2019-12-03 16:14 - 000002584 _____ C:\WINDOWS\system32\Tasks\CreateExplorerShellUnelevatedTask
2020-03-03 19:20 - 2019-03-19 06:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
==================== Files in the root of some directories ========
2019-05-13 13:28 - 2019-05-13 13:28 - 000007618 _____ () C:\Users\sousedovic\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Kód: Vybrat vše
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-03-2020
Ran by sousedovic (30-03-2020 19:30:58)
Running from D:\Koalova slozka\FRST
Windows 10 Home Version 1909 18363.535 (X64) (2019-09-01 18:10:44)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-247431989-2805255649-28786118-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-247431989-2805255649-28786118-503 - Limited - Disabled)
Guest (S-1-5-21-247431989-2805255649-28786118-501 - Limited - Disabled)
sousedovic (S-1-5-21-247431989-2805255649-28786118-1001 - Administrator - Enabled) => C:\Users\sousedovic
WDAGUtilityAccount (S-1-5-21-247431989-2805255649-28786118-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Active Directory Authentication Library for SQL Server (HKLM\...\{6BF11ECE-3CE8-4FBA-991A-1F55AA6BE5BF}) (Version: 15.0.1300.359 - Microsoft Corporation)
Adobe Acrobat 9 Pro - Czech, Hungarian, Polish, Slovak (HKLM-x32\...\{AC76BA86-1029-4770-7760-000000000004}{AC76BA86-1029-4770-7760-000000000004}) (Version: 9.0.0 - Adobe Systems)
ALPS Touch Pad Driver (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 8.201.1611.250 - Alps Electric)
AOC G-Menu (HKLM\...\{177B7213-4D12-49AD-9746-C532580D6D52}) (Version: 1.2.003 - Portrait Displays, Inc.)
Arc (HKLM-x32\...\{CED8E25B-122A-4E80-B612-7F99B93284B3}) (Version: 1.1.0.17816 - Perfect World Entertainment)
Arcadia Instant (HKLM\...\{E83D4260-A5D0-4558-A10B-3F70FF7AFE43}) (Version: 5.0.1 - Arcadia Data)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Browser for SQL Server 2017 (HKLM-x32\...\{CF8EEB96-E7E7-4EF7-A0A1-559F09953156}) (Version: 14.0.1000.169 - Microsoft Corporation)
Cisco Webex Meetings (HKU\S-1-5-21-247431989-2805255649-28786118-1001\...\ActiveTouchMeetingClient) (Version: - Cisco Webex LLC)
Citrix Workspace 2002 (HKLM-x32\...\CitrixOnlinePluginPackWeb) (Version: 20.2.0.25 - Citrix Systems, Inc.)
Control (HKU\S-1-5-21-247431989-2805255649-28786118-1001\...\Control) (Version: - HOODLUM)
CPUID CPU-Z 1.87 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.87 - CPUID, Inc.)
Deus Ex GOTY (HKLM-x32\...\GOGPACKDEUSEX_is1) (Version: 2.0.0.11 - GOG.com)
Deus Ex Human Revolution Directors Cut version 2.0.66.0 (HKLM-x32\...\Deus Ex Human Revolution Directors Cut_is1) (Version: 2.0.66.0 - Mr DJ)
Diablo II (HKLM-x32\...\Diablo II) (Version: - Blizzard Entertainment)
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
Disco Elysium (HKU\S-1-5-21-247431989-2805255649-28786118-1001\...\Disco Elysium) (Version: - HOODLUM)
EaseUS Partition Master 12.10 Trial Edition (HKLM-x32\...\EaseUS Partition Master Trial Edition_is1) (Version: - EaseUS)
Epic Games Launcher (HKLM-x32\...\{DCE27B29-200D-491A-BBC5-98ECEFEC0843}) (Version: 1.1.257.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Fallout 2 (HKLM-x32\...\2_is1) (Version: 2.1.0.17 - GOG.com)
Fallout 3 (HKLM-x32\...\1454315831_is1) (Version: 1.7.0.3 - GOG.com)
Fallout Mod Manager 0.13.21 (HKLM-x32\...\Generic Mod Manager_is1) (Version: - Q, Timeslip)
GDR 2027 for SQL Server 2017 (KB4505224) (64-bit) (HKLM\...\KB4505224) (Version: 14.0.2027.2 - Microsoft Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 80.0.3987.149 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
inSSIDer Home (HKLM-x32\...\{9E54E4AE-B67A-4925-8E92-0E1F9817FD73}) (Version: 3.1.2.1 - MetaGeek, LLC)
Installer (HKLM\...\{E9675998-9B12-4560-8E98-A6CCCDE0BE18}) (Version: 1.0.0 - Default Company Name)
Integration Services (HKLM-x32\...\{D2B37BBC-83A5-4C27-A804-4DC51AFA9E0D}) (Version: 15.0.1900.63 - Microsoft Corporation) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4624 - Intel Corporation)
Into the Breach (HKLM-x32\...\2004253604_is1) (Version: 1.0.17 - GOG.com)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Lenovo EasyCamera (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 6.3.9600.11105 - Realtek Semiconductor Corp.)
Little Big Adventure 2 (HKLM-x32\...\Little Big Adventure 2_is1) (Version: - GOG.com)
Microsoft ASP.NET MVC 2 (HKLM-x32\...\{DD8FF2F3-0D97-4CF3-AF78-FA0E1B242244}) (Version: 2.0.60926.0 - Microsoft Corporation)
Microsoft Help Viewer 2.3 (HKLM-x32\...\Microsoft Help Viewer 2.3) (Version: 2.3.28107 - Microsoft Corporation)
Microsoft ODBC Driver 13 for SQL Server (HKLM\...\{3B280D1C-02F2-4965-8731-C1614E213D25}) (Version: 14.0.2027.2 - Microsoft Corporation)
Microsoft ODBC Driver 17 for SQL Server (HKLM\...\{72AFAF21-33FB-45A5-9468-A9EC07427F82}) (Version: 17.4.1.1 - Microsoft Corporation)
Microsoft Office 2010 pro podnikatele (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Language Pack 2010 - English (HKLM-x32\...\Office14.OMUI.en-us) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft OLE DB Driver for SQL Server (HKLM\...\{9AA0AFFA-EDB6-4B66-9FD7-BBC828D88B47}) (Version: 18.2.3.0 - Microsoft Corporation)
Microsoft PowerBI Desktop (x64) (HKLM-x32\...\{d01f3aeb-9f94-4334-9d92-fffb7d0c65c0}) (Version: 2.75.5649.961 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{9D93D367-A2CC-4378-BD63-79EF3FE76C78}) (Version: 11.4.7462.6 - Microsoft Corporation)
Microsoft SQL Server 2017 (64-bit) (HKLM\...\Microsoft SQL Server SQL2017) (Version: - Microsoft Corporation)
Microsoft SQL Server 2017 LocalDB (HKLM\...\{58180BC0-0DA3-4341-A41F-9A3CF7207EE1}) (Version: 14.0.2027.2 - Microsoft Corporation)
Microsoft SQL Server 2017 Setup (English) (HKLM\...\{05C0EF32-CDE2-4E38-92A1-D82CECECFB39}) (Version: 14.0.2027.2 - Microsoft Corporation)
Microsoft SQL Server 2017 T-SQL Language Service (HKLM\...\{C8A51693-98B9-4AB1-91B8-9A1B86729D5F}) (Version: 14.0.1000.169 - Microsoft Corporation)
Microsoft SQL Server Management Studio - 18.4 (HKLM-x32\...\{7871da56-98b6-4ef8-b4d4-b7c310e14146}) (Version: 15.0.18206.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{a2199617-3609-410f-a8e8-e8806c73545b}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{f0080ca2-80ae-4958-b6eb-e8fa916d744a}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.24.28127 (HKLM-x32\...\{282975d8-55fe-4991-bbbb-06a72581ce58}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.24.28127 (HKLM-x32\...\{e31cb1a4-76b5-46a5-a084-3fa419e82201}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2017 (HKLM-x32\...\{f895a2f1-ae3f-4212-8af1-7fa1f8c212ea}) (Version: 15.0.27520 - Microsoft Corporation)
Microsoft VSS Writer for SQL Server 2017 (HKLM\...\{20B328C9-C6BB-434A-928A-00F05CD820B8}) (Version: 14.0.1000.169 - Microsoft Corporation)
MySQL Connector C++ 8.0 (HKLM\...\{865C0C08-DFC7-4909-9552-03DC8888B960}) (Version: 8.0.19 - Oracle Corporation)
MySQL Connector J (HKLM-x32\...\{C94C18B0-B8E5-44CE-AFB0-A879BF3285AA}) (Version: 8.0.19 - Oracle Corporation)
MySQL Connector Net 8.0.19 (HKLM-x32\...\{AD00B12C-103B-4DED-BC1D-ACC2A87FF24E}) (Version: 8.0.19 - Oracle)
MySQL Connector/ODBC 8.0 (HKLM\...\{7FD27F93-9D73-4E26-8265-A2BAC4BED2A6}) (Version: 8.0.19 - Oracle Corporation)
MySQL Documents 8.0 (HKLM-x32\...\{54ACD35F-F83F-4E82-86D7-1B2CB90916D2}) (Version: 8.0.19 - Oracle Corporation)
MySQL Examples and Samples 8.0 (HKLM-x32\...\{40A0B5BD-62EF-49AB-A4EF-ACB8C8D91AB0}) (Version: 8.0.19 - Oracle Corporation)
MySQL For Excel 1.3.8 (HKLM-x32\...\{925520D3-909C-4E50-8D3C-A651D2CF3E0B}) (Version: 1.3.8 - Oracle)
MySQL Installer - Community (HKLM-x32\...\{AF5CA62C-0DA1-474F-9B4D-4B72D8AC103E}) (Version: 1.4.32.0 - Oracle Corporation)
MySQL Notifier 1.1.8 (HKLM-x32\...\{13397C33-9B69-49D8-81FA-1630D751AEE5}) (Version: 1.1.8 - Oracle)
MySQL Router 8.0 (HKLM\...\{D8463C47-FA65-4E68-9B5A-AB73EED94174}) (Version: 8.0.19 - Oracle Corporation)
MySQL Server 8.0 (HKLM\...\{AC5854C9-9F99-406C-BA38-2368738B508A}) (Version: 8.0.19 - Oracle Corporation)
MySQL Shell 8.0.19 (HKLM\...\{9EF1630F-BA20-40A0-A373-985173822C98}) (Version: 8.0.19 - Oracle and/or its affiliates)
MySQL Workbench 8.0 CE (HKLM\...\{14722904-CD71-4444-93F6-DBBC58E86CDA}) (Version: 8.0.19 - Oracle Corporation)
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.6.3 - Notepad++ Team)
Nox (HKLM-x32\...\GOGPACKNOX_is1) (Version: 2.0.0.20 - GOG.com)
NVIDIA 3D Vision Driver 376.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 376.54 - NVIDIA Corporation)
NVIDIA Graphics Driver 376.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 376.54 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
Online Plug-in (HKLM-x32\...\{5D063E9E-A4B0-4911-A131-2BAF83638386}) (Version: 20.2.0.25 - Citrix Systems, Inc.) Hidden
OpenVPN 2.1.1 (HKLM-x32\...\OpenVPN) (Version: 2.1.1 - )
OpenXcom 1.0 (HKLM-x32\...\OpenXcom) (Version: 1.0.0.0 - OpenXcom Developers)
PlugY, The Survival Kit (HKLM-x32\...\PlugY, The Survival Kit) (Version: 11.02 - )
Qualcomm Atheros 61x4 Wireless LAN Installer (HKLM-x32\...\{20CA507E-24AA-4741-87CF-CC1B250790B7}) (Version: 11.0.0.780M - Qualcomm Atheros)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7525 - Realtek Semiconductor Corp.)
Self-service Plug-in (HKLM-x32\...\{EF7338E4-1CCD-479D-ABF8-846CEF9A9A81}) (Version: 20.2.0.9 - Citrix Systems, Inc.) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 Language Pack (KB2687449) 32-Bit Edition (HKLM-x32\...\{90140000-0100-0409-0000-0000000FF1CE}_Office14.OMUI.en-us_{840912CB-128E-4A73-9CD9-F807BC9B7684}) (Version: - Microsoft)
Skype for Business Web App Plug-in (HKLM-x32\...\{37C8167B-B653-4955-A6E8-EBB8DE937DDD}) (Version: 15.8.20020.400 - Microsoft Corporation)
Skype Meetings App (HKLM-x32\...\{BC1D9E47-8927-4AA1-A891-7763BC2475B7}) (Version: 16.2.0.511 - Microsoft Corporation)
Spotify (HKU\S-1-5-21-247431989-2805255649-28786118-1001\...\Spotify) (Version: 1.1.28.721.g5b5ee660 - Spotify AB)
SQL Server 2017 Batch Parser (HKLM\...\{2C6E8311-28BD-4615-9545-6E39E8E83A4B}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Client Tools (HKLM\...\{A6A9EFA1-AFEB-4209-B25D-3CFF2E6FAE2C}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Client Tools (HKLM\...\{BD1502B1-778B-44B6-B2B4-0B77BD0366A1}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Client Tools Extensions (HKLM\...\{06324A5D-66BB-4FAC-8D0B-9FEC1B230FFF}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Client Tools Extensions (HKLM\...\{200F38B2-1492-4576-B08C-78F2C2C953FC}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Common Files (HKLM\...\{9D1C0509-D490-4E9E-ACF5-A73E5C53742D}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Common Files (HKLM\...\{B777C4C0-A1CD-4AB9-99B1-AD5FBED6F8E5}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Connection Info (HKLM\...\{89A7644F-E056-4EC1-BFDE-9D1A531D6855}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Connection Info (HKLM\...\{A9A443F5-56E1-4FC6-937C-5F481345A843}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Database Engine Services (HKLM\...\{28EEF6BA-A23A-42D2-86BA-A6BEE723B969}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Database Engine Services (HKLM\...\{DED314CA-0EFE-4593-9D66-EF75E5289A4C}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Database Engine Shared (HKLM\...\{0E22DBB4-691B-400C-B52D-8DFE8EC421AA}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Database Engine Shared (HKLM\...\{793F1C1E-5C83-4E33-A29B-6EAA7C1E791C}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 DMF (HKLM\...\{B9998A13-5563-496C-B95E-597FFC70B670}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 DMF (HKLM\...\{D7D28BBF-3B0E-43F0-A457-331F1CD9E9EB}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Shared Management Objects (HKLM\...\{10855B1A-F7F2-4D8A-A725-9287C73BED5A}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Shared Management Objects (HKLM\...\{6CBBF624-696C-499E-948D-ADBAFFA2F548}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Shared Management Objects Extensions (HKLM\...\{8C515C22-BE07-4908-985C-0AA9349E1ED4}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 Shared Management Objects Extensions (HKLM\...\{C6D92730-3EC0-47B1-8F6C-6F5635D1EFAC}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 SQL Diagnostics (HKLM\...\{DFA6A906-3024-49DE-87AD-750EAED2FA49}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 XEvent (HKLM\...\{12D2DB8D-80FF-4152-8F51-EDB3BD3C6976}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server 2017 XEvent (HKLM\...\{AA2A015C-C210-413B-95F6-BF9D3CDD6E0D}) (Version: 14.0.1000.169 - Microsoft Corporation) Hidden
SQL Server Management Studio (HKLM\...\{3E532AF4-B9B1-4DE0-9511-7ACEB14C8D6D}) (Version: 15.0.18206.0 - Microsoft Corporation) Hidden
SQL Server Management Studio (HKLM\...\{98D7AA09-44E1-4469-AB34-BFDC9A6890DD}) (Version: 15.0.18206.0 - Microsoft Corporation) Hidden
SQL Server Management Studio for Analysis Services (HKLM\...\{3D53F8BD-E78B-41E1-A4B5-0AC3F1ED50EF}) (Version: 15.0.18206.0 - Microsoft Corporation) Hidden
SQL Server Management Studio for Reporting Services (HKLM\...\{1B1BC009-AA81-48C1-AE01-321DAD884FBB}) (Version: 15.0.18206.0 - Microsoft Corporation) Hidden
SSMS Post Install Tasks (HKLM\...\{872C7FD8-1063-4CA8-8CE2-B34E206602FC}) (Version: 15.0.18206.0 - Microsoft Corporation) Hidden
StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment)
StarCraft II Legacy of the Void (HKLM\...\U3RhckNyYWZ0SUk=_is1) (Version: 1 - )
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
StrongDC++ 2.41 (HKLM-x32\...\StrongDC++) (Version: 2.41 - Big Muscle)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.21a - Ghisler Software GmbH)
Transistor (HKLM-x32\...\1429612159_is1) (Version: 2.1.0.2 - GOG.com)
Updated Unofficial Fallout 3 Patch v2.3.2 (HKLM-x32\...\Updated Unofficial Fallout 3 Patch_is1) (Version: 2.3.2 - )
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.4 - VideoLAN)
Vortex (HKLM\...\57979c68-f490-55b8-8fed-8b017a5af2fe) (Version: 1.1.5 - Black Tree Gaming Ltd.)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
Vuze (HKLM\...\8461-7759-5462-8226) (Version: 5.7.6.0 - Azureus Software, Inc.)
X-COM - UFO Defense (HKLM-x32\...\1445250340_is1) (Version: 2.0.0.4 - GOG.com)
Zoner Photo Studio 17 (HKLM\...\ZonerPhotoStudio17_CZ_is1) (Version: 17.0.1.3 - ZONER software)
Packages:
=========
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.1.3842.0_x64__rz1tebttyb220 [2019-12-20] (Dolby Laboratories)
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa [2019-12-13] (Apple Inc.) [Startup Task]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-03-04] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-03-04] (Microsoft Corporation) [MS Ad]
MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.34.13393.0_x64__8wekyb3d8bbwe [2019-12-20] (Microsoft Corporation) [MS Ad]
Samsung Printer Experience -> C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCO.LTD.SamsungPrinterExperience_1.3.15.0_x64__3c1yjt4zspk6g [2019-08-07] (Samsung Electronics Co. Ltd.)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-247431989-2805255649-28786118-1001_Classes\CLSID\{3E3AD4BD-346A-460A-80E8-90699B75C00B}\InprocServer32 -> C:\Users\sousedovic\AppData\Local\Microsoft\SkypeForBusinessPlugin\16.2.0.511\GatewayActiveX-x64.dll (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} => D:\Program Files on Decko\Adobe Acrobat 9\Acrobat Elements\ContextMenu64.dll [2008-06-12] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => D:\Program Files on Decko\Notepad++\NppShell_06.dll [2019-01-27] (Notepad++ -> )
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-04-24] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2016-12-29] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} => D:\Program Files on Decko\Adobe Acrobat 9\Acrobat Elements\ContextMenu64.dll [2008-06-12] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
Shortcut: C:\Users\sousedovic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OpenVPN\Utilities\Add a new TAP virtual ethernet adapter.lnk -> D:\Program Files on Decko\OpenVPN\bin\addtap.bat ()
Shortcut: C:\Users\sousedovic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OpenVPN\Utilities\Delete ALL TAP virtual ethernet adapters.lnk -> D:\Program Files on Decko\OpenVPN\bin\deltapall.bat ()
ShortcutWithArgument: C:\Users\sousedovic\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d249d9ddd424b688\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default
==================== Loaded Modules (Whitelisted) =============
2008-08-08 06:50 - 2008-08-08 06:50 - 000334848 _____ (Adobe Systems Inc.) [File not signed] D:\Program Files on Decko\Adobe Acrobat 9\Acrobat Elements\ContextMenu64.cze
2019-09-01 19:52 - 2016-12-29 14:29 - 000339072 _____ (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed] C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem\_nvstapisvr64.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer trusted/restricted ==========
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2018-09-15 09:31 - 2018-09-15 09:31 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;D:\Program Files on Decko\Microsoft SQL Server (x86)\140\DTS\Binn\;D:\Program Files on Decko\Microsoft SQL Server\140\DTS\Binn\;D:\Program Files on Decko\Microsoft SQL Server\140\Tools\Binn\;D:\Program Files on Decko\Microsoft SQL Server (x86)\150\DTS\Binn\;D:\Program Files on Decko\Microsoft SQL Server\Client SDK\ODBC\130\Tools\Binn\;D:\Program Files on Decko\Microsoft SQL Server (x86)\140\Tools\Binn\
HKU\S-1-5-21-247431989-2805255649-28786118-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\sousedovic\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\water.jpg
HKU\S-1-5-80-1985561900-798682989-2213159822-1904180398-3434236965\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
MSCONFIG\Services: ArcService => 3
MSCONFIG\Services: FLEXnet Licensing Service => 3
MSCONFIG\Services: GoogleChromeElevationService => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: MySQL80 => 3
MSCONFIG\Services: OpenVPNService => 3
MSCONFIG\Services: Steam Client Service => 3
HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
HKLM\...\StartupApproved\Run: => "Apoint"
HKLM\...\StartupApproved\Run: => "RtHDVBg_LENOVO_MICPKEY"
HKLM\...\StartupApproved\Run: => "RtHDVBg_LENOVO_DOLBYDRAGON"
HKLM\...\StartupApproved\Run: => "RtHDVBg_Dolby"
HKLM\...\StartupApproved\Run: => "DisplayTune.exe"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKLM\...\StartupApproved\Run32: => "Adobe Acrobat Speed Launcher"
HKLM\...\StartupApproved\Run32: => "EaseUS EPM Tray Agent"
HKLM\...\StartupApproved\Run32: => "Redirector"
HKLM\...\StartupApproved\Run32: => "ConnectionCenter"
HKU\S-1-5-21-247431989-2805255649-28786118-1001\...\StartupApproved\StartupFolder: => "OneNote 2010 Screen Clipper and Launcher.lnk"
HKU\S-1-5-21-247431989-2805255649-28786118-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-247431989-2805255649-28786118-1001\...\StartupApproved\Run: => "Zoner Photo Studio Autoupdate"
HKU\S-1-5-21-247431989-2805255649-28786118-1001\...\StartupApproved\Run: => "MySQL Notifier"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [UDP Query User{AEE4CB31-F0DD-4678-AC1A-D1FF71A5BF13}D:\program files on decko\vuze\azureus.exe] => (Allow) D:\program files on decko\vuze\azureus.exe (Azureus Software, Inc. -> Azureus Software, Inc)
FirewallRules: [TCP Query User{F248ECE4-8C67-474D-BA6A-84C15C922D9B}D:\program files on decko\vuze\azureus.exe] => (Allow) D:\program files on decko\vuze\azureus.exe (Azureus Software, Inc. -> Azureus Software, Inc)
FirewallRules: [UDP Query User{9D782CCC-C77A-4B33-9FE0-873FC4860DCE}D:\hry\into the breach\breach.exe] => (Allow) D:\hry\into the breach\breach.exe () [File not signed]
FirewallRules: [TCP Query User{FE4216BA-9252-425A-8A16-7820C78995CC}D:\hry\into the breach\breach.exe] => (Allow) D:\hry\into the breach\breach.exe () [File not signed]
FirewallRules: [{A7BA426C-3F3B-4BE6-8951-8812BB78F35A}] => (Block) D:\program files on decko\strongdc++\strongdc.exe () [File not signed]
FirewallRules: [{8563786C-B156-4FD4-AC4C-389E96387D16}] => (Block) D:\program files on decko\strongdc++\strongdc.exe () [File not signed]
FirewallRules: [UDP Query User{2A1BDD2C-6156-4B29-B873-EF66A4849F69}D:\program files on decko\strongdc++\strongdc.exe] => (Allow) D:\program files on decko\strongdc++\strongdc.exe () [File not signed]
FirewallRules: [TCP Query User{57D3E071-03F3-463C-82AB-9AD66D22300C}D:\program files on decko\strongdc++\strongdc.exe] => (Allow) D:\program files on decko\strongdc++\strongdc.exe () [File not signed]
FirewallRules: [{DA390157-36E2-495F-9E9C-A4B2BF056D4C}] => (Allow) D:\Program Files on Decko\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{23A0E3F2-0BC7-49D5-83FD-9D2D8E04EDD6}] => (Allow) D:\Program Files on Decko\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{B23C99F8-6F1D-41C3-836E-5380BBE6B72A}] => (Allow) D:\Program Files on Decko\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{B6EB687D-4C58-4286-8217-6FFA7892C6A6}] => (Allow) D:\Program Files on Decko\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{FB001767-9D6D-44D7-B30B-EC459B9E3A31}] => (Allow) D:\Program Files on Decko\Microsoft Office\Office14\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{DF1007EF-DCC1-4266-A43A-0FEF36922422}] => (Allow) D:\Program Files on Decko\Microsoft Office\Office14\ONENOTE.EXE (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A6152F47-E322-4390-A2B4-20D696F915CB}] => (Allow) D:\Program Files on Decko\Microsoft Office\Office14\ONENOTE.EXE (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{79AB0461-E357-44BF-93B4-3C0C430F4F61}] => (Allow) D:\Program Files on Decko\Zoner Photo Studio 17\Program32\MediaServer.exe (ZONER software, a.s. -> ZONER software)
FirewallRules: [{FB078E3C-8A7F-4410-9830-4DBA8A63DC88}] => (Allow) D:\Program Files on Decko\Vuze\Azureus.exe (Azureus Software, Inc. -> Azureus Software, Inc)
FirewallRules: [{C8E73FD8-CEB7-485C-8430-BEBD30D0DD16}] => (Allow) D:\Program Files on Decko\Vuze\Azureus.exe (Azureus Software, Inc. -> Azureus Software, Inc)
FirewallRules: [TCP Query User{C9225A0A-245E-4193-8530-5E37D9AC3EC2}D:\hry\diablo iii\x64\diablo iii64.exe] => (Allow) D:\hry\diablo iii\x64\diablo iii64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{86D18726-D6CD-483E-A8FB-DE2D61DDD69A}D:\hry\diablo iii\x64\diablo iii64.exe] => (Allow) D:\hry\diablo iii\x64\diablo iii64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{404E2E85-F2A7-4EB1-8CEA-0863F6DB35F6}] => (Allow) D:\Hry\Dishonored GOTY\Binaries\Win32\Dishonored.exe No File
FirewallRules: [{0CED5BE0-2A8B-47E3-AEB1-9EC76A752ECC}] => (Allow) D:\Hry\Dishonored GOTY\Binaries\Win32\Dishonored.exe No File
FirewallRules: [TCP Query User{97B2BAAE-5949-4648-90A2-6AAB73C47E08}D:\hry\diablo ii\game.exe] => (Allow) D:\hry\diablo ii\game.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{EE87633A-ABD0-441A-AEE9-A47A0A8B4F21}D:\hry\diablo ii\game.exe] => (Allow) D:\hry\diablo ii\game.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [TCP Query User{DE7E992C-9D54-499D-8067-EBE71EDF53EA}C:\users\sousedovic\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\sousedovic\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{0BE494E1-5539-4568-A694-83715601430B}C:\users\sousedovic\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\sousedovic\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{F5CA5F9E-5D98-44C3-B3B7-0A2C8C0D34DD}C:\users\sousedovic\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\sousedovic\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{43B8C1E8-32B5-4BE8-B463-D7D34ADCF587}C:\users\sousedovic\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\sousedovic\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{9FA61215-EDBB-451A-BCD9-3877C3B760C6}C:\users\sousedovic\appdata\local\microsoft\skypeforbusinessplugin\15.8.20020.400\pluginhost.exe] => (Allow) C:\users\sousedovic\appdata\local\microsoft\skypeforbusinessplugin\15.8.20020.400\pluginhost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{6C867705-1A25-4A9D-84F8-F603AECE2DF2}C:\users\sousedovic\appdata\local\microsoft\skypeforbusinessplugin\15.8.20020.400\pluginhost.exe] => (Allow) C:\users\sousedovic\appdata\local\microsoft\skypeforbusinessplugin\15.8.20020.400\pluginhost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6CE4DCEF-5F1A-40CE-8104-BA68AE47B9B0}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{CD361D9A-CDF5-436E-A6C6-284E3CF56C8F}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{76525913-0FB9-4B15-87C6-DD34F20DEAF7}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{127A2CE5-9E31-40FC-A10E-51EF1C56411D}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{606C2874-85A1-41FE-896C-10F07E460B3A}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{8D7D8575-00D5-47A5-A0F6-DE10B5877E3D}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{0CDCB53D-BC84-4B1C-8E86-0A6A761BA407}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{A93E57F4-DC53-4A40-B787-13DA4E14ABAB}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{97B82355-D094-4506-BBBE-144151135A7D}] => (Allow) D:\Program Files on Decko\Power BI\bin\msmdsrv.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{01FD9B02-B76D-4C60-942B-5FE59B96568E}D:\hry\starcraft ii\versions\base77661\sc2_x64.exe] => (Allow) D:\hry\starcraft ii\versions\base77661\sc2_x64.exe No File
FirewallRules: [UDP Query User{FF487AE0-E9D3-476D-A4A0-EBD7F19196F7}D:\hry\starcraft ii\versions\base77661\sc2_x64.exe] => (Allow) D:\hry\starcraft ii\versions\base77661\sc2_x64.exe No File
FirewallRules: [TCP Query User{729FD98A-D42F-46B9-AC56-742EEF50CACA}D:\hry\into the breach\breach.exe] => (Allow) D:\hry\into the breach\breach.exe () [File not signed]
FirewallRules: [UDP Query User{32486840-6523-43B2-BC00-AABDF81EB5CE}D:\hry\into the breach\breach.exe] => (Allow) D:\hry\into the breach\breach.exe () [File not signed]
FirewallRules: [TCP Query User{764F2108-FAA9-4940-8193-4E5582EC2A5E}D:\hry\star wars - jedi fallen order\swgame\binaries\win64\starwarsjedifallenorder.exe] => (Block) D:\hry\star wars - jedi fallen order\swgame\binaries\win64\starwarsjedifallenorder.exe No File
FirewallRules: [UDP Query User{3AD3D14A-0BE2-4E72-BE32-DA2FD7027E8A}D:\hry\star wars - jedi fallen order\swgame\binaries\win64\starwarsjedifallenorder.exe] => (Block) D:\hry\star wars - jedi fallen order\swgame\binaries\win64\starwarsjedifallenorder.exe No File
FirewallRules: [{E82DB852-B3AA-473F-9824-621F3745DD94}] => (Allow) D:\Hry\Deus Ex Human Revolution Directors Cut\DXHRDC.exe (Square Enix Ltd. -> Square Enix Limited)
FirewallRules: [{3D79A6DD-32BA-4D8E-81F8-7FF408BFBD62}] => (Allow) D:\Hry\Deus Ex Human Revolution Directors Cut\DXHRDC.exe (Square Enix Ltd. -> Square Enix Limited)
FirewallRules: [TCP Query User{CC036ADD-F7F5-495E-A275-3213753CCA5F}C:\users\sousedovic\appdata\local\microsoft\skypeforbusinessplugin\16.2.0.511\pluginhost.exe] => (Allow) C:\users\sousedovic\appdata\local\microsoft\skypeforbusinessplugin\16.2.0.511\pluginhost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{9295E82E-5845-4C6F-A648-0411B081A09D}C:\users\sousedovic\appdata\local\microsoft\skypeforbusinessplugin\16.2.0.511\pluginhost.exe] => (Allow) C:\users\sousedovic\appdata\local\microsoft\skypeforbusinessplugin\16.2.0.511\pluginhost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{7DF2FE2C-576D-4D0A-82BC-36915AD4E38F}] => (Allow) D:\Program Files on Decko\Epic Games\Launcher\Engine\Binaries\Win64\EpicGamesLauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{7EECD5D8-0182-40AB-B4AF-19196FD97E36}] => (Allow) D:\Program Files on Decko\Epic Games\Launcher\Engine\Binaries\Win64\EpicGamesLauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{B3B1D5E1-AC4A-4779-A54C-86BB34EBF06C}] => (Allow) D:\Program Files on Decko\Epic Games\Launcher\Engine\Binaries\Win64\EpicGamesLauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{2F274E56-F194-465E-AA2F-973FFB9EF060}] => (Allow) D:\Program Files on Decko\Epic Games\Launcher\Engine\Binaries\Win64\EpicGamesLauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{D6677704-A122-4DC6-B67C-7CE3A2BD326F}] => (Allow) D:\Program Files on Decko\Epic Games\Launcher\Engine\Binaries\Win32\EpicGamesLauncher.exe No File
FirewallRules: [{65DD2ED1-206C-42A2-8F2F-B964E1424D46}] => (Allow) D:\Program Files on Decko\Epic Games\Launcher\Engine\Binaries\Win32\EpicGamesLauncher.exe No File
FirewallRules: [{788DE7BC-63C3-4C0D-BB55-A6893192B70D}] => (Allow) D:\Program Files on Decko\Epic Games\Launcher\Engine\Binaries\Win32\EpicGamesLauncher.exe No File
FirewallRules: [{E65D2F04-476A-470E-BDC8-69AF55D682C6}] => (Allow) D:\Program Files on Decko\Epic Games\Launcher\Engine\Binaries\Win32\EpicGamesLauncher.exe No File
FirewallRules: [{1329EB3C-01E7-4058-B03C-29B19A5B59E0}] => (Allow) C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win32\EpicGamesLauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{2EF44DF5-EEC1-43F6-8836-5AE553B74ACE}] => (Allow) C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win32\EpicGamesLauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{1A91D228-6DB9-467A-8BA6-DE79AC334488}] => (Allow) C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win32\EpicGamesLauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{79CAF350-BC7F-4C13-B647-FAE1B9C36D20}] => (Allow) C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win32\EpicGamesLauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{D5EF2EA7-FFC0-4FA9-8ACE-3DA14FF28FFA}] => (Allow) C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\EpicGamesLauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{0649831B-B2B6-4D39-8391-E634292371A8}] => (Allow) C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\EpicGamesLauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{5118314B-C294-4455-A99F-C34A861EE086}] => (Allow) C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\EpicGamesLauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{658BBCFA-8B3D-4997-AFD5-4B8206C8535C}] => (Allow) C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\EpicGamesLauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{3E66E797-000F-4CF1-A145-02E5C54E89A0}] => (Allow) C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\UnrealEngineLauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{64ED9AFD-9923-48E1-9D4E-3FC194413979}] => (Allow) C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\UnrealEngineLauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{107E72BC-E095-460B-A82C-033CDDE2C5D2}] => (Allow) C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\UnrealEngineLauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [{39434E2C-A3D6-4FF8-AE02-EFFDAB0D47F0}] => (Allow) C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\UnrealEngineLauncher.exe (Epic Games Inc. -> Epic Games, Inc.)
FirewallRules: [TCP Query User{B9112079-7FC6-42C0-9AB7-0F98FEF16AF9}D:\hry\starcraft ii\versions\base78285\sc2_x64.exe] => (Allow) D:\hry\starcraft ii\versions\base78285\sc2_x64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc.)
FirewallRules: [UDP Query User{28D484DD-C93F-4BF6-B0AA-C9EFE23D4A97}D:\hry\starcraft ii\versions\base78285\sc2_x64.exe] => (Allow) D:\hry\starcraft ii\versions\base78285\sc2_x64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc.)
FirewallRules: [TCP Query User{1AC6C769-5716-41BE-AF31-8D6417046795}D:\program files on decko\battle.net\battle.net.exe] => (Allow) D:\program files on decko\battle.net\battle.net.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{14870355-8241-4AD8-A1DB-F0CE71950375}D:\program files on decko\battle.net\battle.net.exe] => (Allow) D:\program files on decko\battle.net\battle.net.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [TCP Query User{6528990D-C3BF-486F-BFD1-B923C5BCB7BE}D:\hry\starcraft ii\support64\sc2editor_x64.exe] => (Allow) D:\hry\starcraft ii\support64\sc2editor_x64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc.)
FirewallRules: [UDP Query User{9530BA9D-3005-42A9-A6E4-B0F34661EB37}D:\hry\starcraft ii\support64\sc2editor_x64.exe] => (Allow) D:\hry\starcraft ii\support64\sc2editor_x64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment, Inc.)
FirewallRules: [{4EDB3C17-05E9-476D-AE91-B374E2FA2F7C}] => (Allow) LPort=3306
FirewallRules: [{BA9057D5-1D10-410F-B053-A1181ABAFA8F}] => (Allow) LPort=33060
FirewallRules: [{98D7B36C-5521-4319-B340-8F0E93B36D50}] => (Allow) C:\Users\sousedovic\AppData\Roaming\Zoom\bin\Zoom.exe No File
FirewallRules: [{5CA1FB6F-65E9-4DF4-99B0-0F5049DBB8AF}] => (Allow) C:\Users\sousedovic\AppData\Roaming\Zoom\bin\airhost.exe No File
FirewallRules: [{E84A268D-C71D-43D9-9585-1D7D234F60FE}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{1863ECFF-1F5B-40B7-9939-B2130B6E885A}] => (Allow) D:\Program Files on Decko\Steam\steamapps\common\XCOM 2\Binaries\Win64\Launcher\ModLauncherWPF.exe (Microsoft) [File not signed]
FirewallRules: [{9504E8E9-C93C-4F56-A001-4AE82E34D5B0}] => (Allow) D:\Program Files on Decko\Steam\steamapps\common\XCOM 2\Binaries\Win64\Launcher\ModLauncherWPF.exe (Microsoft) [File not signed]
FirewallRules: [TCP Query User{8604A7DA-FAEE-4B12-8D65-AB2A24649552}D:\program files on decko\steam\steamapps\common\xcom 2\xcom2-warofthechosen\binaries\win64\xcom2.exe] => (Allow) D:\program files on decko\steam\steamapps\common\xcom 2\xcom2-warofthechosen\binaries\win64\xcom2.exe (Firaxis Games) [File not signed]
FirewallRules: [UDP Query User{D82FC681-1879-445F-B69D-A76C52183313}D:\program files on decko\steam\steamapps\common\xcom 2\xcom2-warofthechosen\binaries\win64\xcom2.exe] => (Allow) D:\program files on decko\steam\steamapps\common\xcom 2\xcom2-warofthechosen\binaries\win64\xcom2.exe (Firaxis Games) [File not signed]
FirewallRules: [{D1B44F90-B9DD-48D7-B61B-6340E4869D94}] => (Allow) C:\Program Files\Warframe\Downloaded\Public\Warframe.x64.exe No File
FirewallRules: [{3C49EAFB-391C-486E-BA18-C58BEC7F87D0}] => (Allow) C:\Program Files\Warframe\Downloaded\Public\Warframe.x64.exe No File
FirewallRules: [{F9D388B7-AC82-44B3-A90E-7196FADAB006}] => (Allow) C:\Users\sousedovic\AppData\Local\Warframe\Downloaded\Public\Tools\Launcher.exe No File
FirewallRules: [{58E6E9A6-8902-4A5E-A758-C7EC3062391E}] => (Allow) C:\Program Files\Warframe\Downloaded\Public\Tools\RemoteCrashSender.exe No File
FirewallRules: [{BC8D1597-EE33-4BA3-8E01-FDB3C77F7B77}] => (Allow) C:\Program Files\Warframe\Downloaded\Public\Warframe.x64.exe No File
FirewallRules: [{EDCB69E2-E748-4A75-85AA-F762008B525B}] => (Allow) C:\Program Files\Warframe\Downloaded\Public\Warframe.x64.exe No File
FirewallRules: [{6F4690A3-4CBE-468B-A93F-CC92AA14E714}] => (Allow) C:\Users\sousedovic\AppData\Local\Warframe\Downloaded\Public\Tools\Launcher.exe No File
FirewallRules: [{2B46DCE2-355B-453E-B504-D3C10122898E}] => (Allow) C:\Program Files\Warframe\Downloaded\Public\Tools\RemoteCrashSender.exe No File
FirewallRules: [TCP Query User{67AE569E-673A-43E6-B42F-2928AB72632B}D:\hry\arc for star trek\star trek online_en\star trek online\live\x64\gameclient.exe] => (Allow) D:\hry\arc for star trek\star trek online_en\star trek online\live\x64\gameclient.exe (Cryptic Studios Inc. -> )
FirewallRules: [UDP Query User{148810A6-D3A3-4E10-8DBF-D54B34D09089}D:\hry\arc for star trek\star trek online_en\star trek online\live\x64\gameclient.exe] => (Allow) D:\hry\arc for star trek\star trek online_en\star trek online\live\x64\gameclient.exe (Cryptic Studios Inc. -> )
==================== Restore Points =========================
ATTENTION: System Restore is disabled (Total:100.14 GB) (Free:45.96 GB) (46%)
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (03/30/2020 07:27:21 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4128,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (03/30/2020 07:17:46 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program SystemSettings.exe version 10.0.18362.449 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
Process ID: 9e0
Start Time: 01d606b6f778120b
Termination Time: 4294967295
Application Path: C:\Windows\ImmersiveControlPanel\SystemSettings.exe
Report Id: e79e48a5-64a2-4f9b-a8e2-2b503df6cec0
Faulting package full name: windows.immersivecontrolpanel_10.0.2.1000_neutral_neutral_cw5n1h2txyewy
Faulting package-relative application ID: microsoft.windows.immersivecontrolpanel
Hang type: Cross-process
Error: (03/30/2020 07:14:23 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x8007045b, A system shutdown is in progress.
.
Error: (03/30/2020 07:14:23 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]
Error: (03/30/2020 07:14:23 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x8007045b, A system shutdown is in progress.
.
Error: (03/30/2020 07:14:23 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress.
]
Error: (03/30/2020 07:13:37 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program SystemSettings.exe version 10.0.18362.449 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
Process ID: 2584
Start Time: 01d606b3c2ca6b9e
Termination Time: 4294967295
Application Path: C:\Windows\ImmersiveControlPanel\SystemSettings.exe
Report Id: 6b6ded5f-ec45-4359-b7aa-fcb231244068
Faulting package full name: windows.immersivecontrolpanel_10.0.2.1000_neutral_neutral_cw5n1h2txyewy
Faulting package-relative application ID: microsoft.windows.immersivecontrolpanel
Hang type: Cross-process
Error: (03/30/2020 07:01:07 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (3344,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
System errors:
=============
Error: (03/30/2020 07:34:20 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The wuauserv service terminated with the following error:
The system cannot find the file specified.
Error: (03/30/2020 07:34:20 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {E60687F7-01A1-40AA-86AC-DB1CBF673334} did not register with DCOM within the required timeout.
Error: (03/30/2020 07:32:20 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The wuauserv service terminated with the following error:
The system cannot find the file specified.
Error: (03/30/2020 07:32:20 PM) (Source: DCOM) (EventID: 10010) (User: SOUSEDOVIC1)
Description: The server {E60687F7-01A1-40AA-86AC-DB1CBF673334} did not register with DCOM within the required timeout.
Error: (03/30/2020 07:30:20 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The wuauserv service terminated with the following error:
The system cannot find the file specified.
Error: (03/30/2020 07:30:20 PM) (Source: DCOM) (EventID: 10010) (User: SOUSEDOVIC1)
Description: The server {E60687F7-01A1-40AA-86AC-DB1CBF673334} did not register with DCOM within the required timeout.
Error: (03/30/2020 07:28:20 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The wuauserv service terminated with the following error:
The system cannot find the file specified.
Error: (03/30/2020 07:28:20 PM) (Source: DCOM) (EventID: 10010) (User: SOUSEDOVIC1)
Description: The server {E60687F7-01A1-40AA-86AC-DB1CBF673334} did not register with DCOM within the required timeout.
Windows Defender:
===================================
Date: 2020-01-04 19:32:32.334
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {41DC6138-AB95-413B-8D29-5BAF7C18D98A}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2019-12-26 16:41:26.026
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {8E069509-B740-4792-A4E8-499F471BE9FA}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2019-12-26 12:16:32.377
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {21693A42-179E-4FC2-ADA1-91D6D1132532}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2019-12-19 16:25:16.589
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {28598E74-7B51-4650-AD1F-96D718A5945F}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2019-12-19 16:00:44.342
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {F0C8478C-5747-4CD8-88C0-C95C7BBFCCDF}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2019-12-17 11:41:11.549
Description:
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.307.557.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.16600.7
Error code: 0x80240022
Error description: The program can't check for definition updates.
Date: 2019-12-14 10:37:33.413
Description:
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.307.356.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.16600.7
Error code: 0x80240016
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
Date: 2019-11-27 14:45:55.852
Description:
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.305.2789.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.16500.1
Error code: 0x80072ee7
Error description: The server name or address could not be resolved
Date: 2019-11-27 14:45:55.851
Description:
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.305.2789.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiSpyware
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.16500.1
Error code: 0x80072ee7
Error description: The server name or address could not be resolved
Date: 2019-11-27 14:45:55.850
Description:
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.305.2789.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.16500.1
Error code: 0x80072ee7
Error description: The server name or address could not be resolved
CodeIntegrity:
===================================
Date: 2020-03-05 20:29:22.000
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume5\Program Files on Decko\AVAST\aswAMSI.dll that did not meet the Microsoft signing level requirements.
Date: 2020-03-05 20:29:21.975
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume5\Program Files on Decko\AVAST\aswAMSI.dll that did not meet the Microsoft signing level requirements.
Date: 2020-03-05 20:29:21.950
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume5\Program Files on Decko\AVAST\aswAMSI.dll that did not meet the Microsoft signing level requirements.
Date: 2020-03-05 20:29:21.926
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume5\Program Files on Decko\AVAST\aswAMSI.dll that did not meet the Microsoft signing level requirements.
Date: 2020-03-05 20:29:21.899
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume5\Program Files on Decko\AVAST\aswAMSI.dll that did not meet the Microsoft signing level requirements.
Date: 2020-03-05 20:29:21.869
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume5\Program Files on Decko\AVAST\aswAMSI.dll that did not meet the Microsoft signing level requirements.
Date: 2020-03-05 20:29:21.843
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume5\Program Files on Decko\AVAST\aswAMSI.dll that did not meet the Microsoft signing level requirements.
Date: 2020-03-05 20:29:21.815
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume5\Program Files on Decko\AVAST\aswAMSI.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: LENOVO AFCN21WW(V1.08) 04/21/2015
Motherboard: LENOVO Lenovo U31-70
Processor: Intel(R) Core(TM) i5-5200U CPU @ 2.20GHz
Percentage of memory in use: 54%
Total physical RAM: 8105.84 MB
Available physical RAM: 3665.28 MB
Total Virtual: 13225.84 MB
Available Virtual: 8512.98 MB
==================== Drives ================================
Drive c: (Cecko) (Fixed) (Total:100.14 GB) (Free:45.96 GB) NTFS
Drive d: (Decko) (Fixed) (Total:830 GB) (Free:44.7 GB) NTFS
Drive z: (EFI_SYS_PAR) (Fixed) (Total:0.29 GB) (Free:0.27 GB) FAT32
\\?\Volume{7ab96f1f-2710-0000-f75e-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.54 GB) (Free:0.18 GB) NTFS
\\?\Volume{10dec59d-ea23-40a5-833f-3c8eb1023adb}\ () (Fixed) (Total:0.54 GB) (Free:0.08 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 0F3A2E73)
Partition: GPT.
==================== End of Addition.txt =======================