Additional scan result of Farbar Recovery Scan Tool (x64) Version: 10-08-2019
Ran by tomas (12-08-2019 08:59:01)
Running from C:\Users\tomas\OneDrive\Plocha
Windows 10 Pro Version 1903 18362.267 (X64) (2019-08-01 04:59:56)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-4119164112-2489825935-1381082371-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4119164112-2489825935-1381082371-503 - Limited - Disabled)
Guest (S-1-5-21-4119164112-2489825935-1381082371-501 - Limited - Disabled)
tomas (S-1-5-21-4119164112-2489825935-1381082371-1001 - Administrator - Enabled) => C:\Users\tomas
WDAGUtilityAccount (S-1-5-21-4119164112-2489825935-1381082371-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
FW: Avast Antivirus (Enabled) {B693136B-F6EE-DD1C-A0EF-229B8B0B29C4}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Reader XI (11.0.23) - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.23 - Adobe Systems Incorporated)
Aktualizace NVIDIA 37.0.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 37.0.0.0 - NVIDIA Corporation) Hidden
Apex Legends (HKLM-x32\...\{D7FBF176-382D-484E-863A-DFD1124A2A1C}) (Version: 1.0.0.4 - Electronic Arts, Inc.)
Assassin's Creed Unity (HKLM-x32\...\Uplay Install 720) (Version:  - Ubisoft)
Avast Internet Security (HKLM-x32\...\Avast Antivirus) (Version: 19.6.2383 - AVAST Software)
Backup and Sync from Google (HKLM\...\{768C0072-2FD2-4934-9824-B2A1E81AEA5D}) (Version: 3.45.5545.5747 - Google, Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.1.20.13 - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 5.5.0 - Canon Inc.)
Canon MG5700 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5700_series) (Version: 1.00 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.3.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.8.5 - Canon Inc.)
CPUID CPU-Z 1.84 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.84 - CPUID, Inc.)
CPUID HWMonitor 1.34 (HKLM\...\CPUID HWMonitor_is1) (Version: 1.34 - )
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.9.0.0677 - Disc Soft Ltd)
Destiny 2 (HKLM-x32\...\Destiny 2) (Version:  - Blizzard Entertainment)
Discord (HKU\S-1-5-21-4119164112-2489825935-1381082371-1001\...\Discord) (Version: 0.0.305 - Discord Inc.)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 391.35 - NVIDIA Corporation) Hidden
Epic Games Launcher (HKLM-x32\...\{A398FCC0-8E8B-409E-90E9-ACF4671633F2}) (Version: 1.1.183.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
FORM studio (HKLM-x32\...\FSCZ_is1) (Version:  - KASTNER software s.r.o.)
GOG.com Heroes of Might and Magic 3 (HKLM\...\{1d3c859c-1028-4822-b0a7-da4f7bbc18bc}.sdb) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 76.0.3809.100 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
Heroes of Might and Magic 3 Complete (HKLM-x32\...\GOGPACKHOMM3COMPLETE_is1) (Version: 2.0.0.16 - GOG.com)
Heroes of Might and Magic III HD Edition (HKLM-x32\...\SGVyb2Vzb2ZNaWdodGFuZE1hZ2ljSUlJSERFZGl0aW9u_is1) (Version: 1 - )
Heroes of Might and Magic® III: Horn of the Abyss (HKLM-x32\...\HotA + HD_is1) (Version: 1.5.4 - HotA Crew)
HiSuite (HKLM-x32\...\Hi Suite) (Version: 9.1.0.303 - Huawei Technologies Co.,Ltd)
HyperTerminal Private Edition v6.3 (HKLM-x32\...\HTPE3) (Version:  - )
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKLM-x32\...\League of Legends 1.0) (Version: 1.0 - Riot Games, Inc)
Microsoft Office Professional Plus 2016 - cs-cz (HKLM\...\ProplusRetail - cs-cz) (Version: 16.0.11901.20176 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - en-us (HKLM\...\ProplusRetail - en-us) (Version: 16.0.11901.20176 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4119164112-2489825935-1381082371-1001\...\OneDriveSetup.exe) (Version: 19.131.0704.0007 - Microsoft Corporation)
Microsoft Project Professional 2016 - cs-cz (HKLM\...\ProjectProRetail - cs-cz) (Version: 16.0.11901.20176 - Microsoft Corporation)
Microsoft Project Professional 2016 - en-us (HKLM\...\ProjectProRetail - en-us) (Version: 16.0.11901.20176 - Microsoft Corporation)
Microsoft Visio Professional 2016 - cs-cz (HKLM\...\VisioProRetail - cs-cz) (Version: 16.0.11901.20176 - Microsoft Corporation)
Microsoft Visio Professional 2016 - en-us (HKLM\...\VisioProRetail - en-us) (Version: 16.0.11901.20176 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
MSI Kombustor 3.5.0 (HKLM\...\{9598DA62-2AE8-426D-9C86-BEA96AC6721E}_is1) (Version:  - MSI Co., LTD)
MSI Live Update 6 (HKLM-x32\...\{4F46CF54-47D2-41F4-B230-B0954C544420}}_is1) (Version: 6.2.0.10 - MSI)
MSIRegister (HKLM-x32\...\{80B995A4-3A86-4690-98A6-563F1A788835}_is1) (Version: 2.0.0.07 - MSI)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.15 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.19.0.107 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.19.0.107 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.38.16 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.16 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 431.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 431.60 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.11901.20176 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.11901.20176 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.11901.20176 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.11901.20176 - Microsoft Corporation) Hidden
OpenRA (HKLM-x32\...\OpenRA) (Version: release-20181215 - OpenRA developers)
Origin (HKLM-x32\...\Origin) (Version: 10.5.41.27263 - Electronic Arts, Inc.)
Ovládací panel NVIDIA 431.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 431.60 - NVIDIA Corporation) Hidden
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 3.1.2 - pdfforge GmbH)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.255 - Google, Inc.)
Plantronics RIG Dolby Game Audio (HKLM-x32\...\{1B6D9EA4-D1D6-4225-ADBB-441707C49D02}) (Version: 1.31.35.2 - Plantronics, Inc)
Plantronics® RIG 500 Software for Dolby® Headphone (HKLM-x32\...\{2A01907E-2CD8-4870-B820-DEB03266960C}) (Version: 2.12.01 - Plantronics)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8302 - Realtek Semiconductor Corp.)
Registrace uživatele zařízení Canon MG5700 series (HKLM-x32\...\Registrace uživatele zařízení Canon MG5700 series) (Version:  - ‭Canon Inc.)
Samsung Data Migration (HKLM-x32\...\{3B304604-0BF5-488E-AB95-F2F2E31206F3}) (Version: 3.1 - Samsung)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 5.2.1.1780 - Samsung Electronics)
Serviio (HKLM\...\Serviio) (Version: 1.8 - Six Lines Ltd)
Seznam Software (HKU\S-1-5-21-4119164112-2489825935-1381082371-1001\...\SeznamInstall) (Version: 2.1.31 - Seznam.cz)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.2.1 - TeamSpeak Systems GmbH)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.1.7 - TeamSpeak Systems GmbH)
Tom Clancy's The Division 2 (HKLM-x32\...\Uplay Install 4932) (Version:  - Ubisoft)
TradeSkillMaster Application version 1.0 (HKLM-x32\...\{c44da794-b956-4d50-8733-346d56ae63c7}_is1) (Version: 1.0 - TradeSkillMaster)
Twitch (HKU\S-1-5-21-4119164112-2489825935-1381082371-1001\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 7.0.0.0 - Twitch Interactive, Inc.)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F14FB68A-9188-4036-AD0D-D054BC9C9291}) (Version: 2.59.0.0 - Microsoft Corporation)
Uplay (HKLM-x32\...\Uplay) (Version: 4.8 - Ubisoft)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.7.1 - VideoLAN)
WinRAR 5.70 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)
WTFast 4.0 (HKLM-x32\...\{12B4121D-5221-4AFC-9EDC-63B0CA139856}_is1) (Version: 4.0.7.692 - Initex & AAA Internet Publishing)

Packages:
=========
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.0.2.0_x64__tf1gferkr813w [2019-05-30] (Autodesk Inc.)
Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_5.8.4.0_x86__kgqvnymyfvs32 [2019-07-18] (king.com)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.145.301.0_x86__kgqvnymyfvs32 [2019-08-10] (king.com)
Canon Inkjet Print Utility -> C:\Program Files\WindowsApps\34791E63.CanonInkjetPrintUtility_2.8.0.1_neutral__6e5tt8cgb93ep [2019-05-24] (Canon Inc.)
Disney Magic Kingdoms -> C:\Program Files\WindowsApps\A278AB0D.DisneyMagicKingdoms_4.2.0.8_x86__h6adky7gbf63m [2019-08-06] (Gameloft.)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.0.2002.0_x64__rz1tebttyb220 [2019-08-01] (Dolby Laboratories)
Gears of War 4 -> C:\Program Files\WindowsApps\Microsoft.SpartaUWP_14.4.0.2_x64__8wekyb3d8bbwe [2019-07-11] (Microsoft Studios)
March of Empires: War of Lords -> C:\Program Files\WindowsApps\A278AB0D.MarchofEmpires_4.2.1.1_x86__h6adky7gbf63m [2019-08-10] (Gameloft.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-09] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-09] (Microsoft Corporation) [MS Ad]
Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.31.12124.0_x64__8wekyb3d8bbwe [2019-08-10] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.6132.0_x64__8wekyb3d8bbwe [2019-06-18] (Microsoft Studios) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.31.11905.0_x64__8wekyb3d8bbwe [2019-07-20] (Microsoft Corporation) [MS Ad]
Pošta a Kalendář -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11901.20184.0_x64__8wekyb3d8bbwe [2019-08-02] (Microsoft Corporation) [MS Ad]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.449.0_x86__zpdnekdrzrea0 [2019-08-02] (Spotify AB)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-4119164112-2489825935-1381082371-1001_Classes\CLSID\{23066764-9BDD-4FBD-8B1F-F4547CF2684F}\InprocServer32 -> C:\Users\tomas\AppData\Local\Microsoft\OneDrive\18.070.0405.0002\amd64\FileSyncShell64.dll => No File
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-06-27] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-06-27] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-06-27] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-07-24] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} =>  -> No File
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-07-24] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2019-06-27] (Google LLC -> Google)
ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => C:/Program Files/PDFCreator/PDFCreatorShell.DLL [2017-10-19] (pdfforge GmbH -> pdfforge GmbH)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\DTShl64.dll [2018-12-17] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-07-24] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\DTShl64.dll [2018-12-17] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} =>  -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> No File
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2019-06-27] (Google LLC -> Google)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2019-07-17] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-07-24] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2018-03-09 01:53 - 2005-07-18 14:43 - 000160256 _____ () [File not signed] C:\Program Files (x86)\MSI\Live Update\unrar.dll
2016-12-05 06:30 - 2016-12-05 06:30 - 000413696 _____ () [File not signed] C:\Program Files\Serviio\bin\ServiioService.exe
2019-08-12 08:31 - 2019-08-12 08:31 - 000113664 _____ () [File not signed] C:\Users\tomas\AppData\Local\Temp\_MEI127802\_ctypes.pyd
2019-08-12 08:31 - 2019-08-12 08:31 - 000173568 _____ () [File not signed] C:\Users\tomas\AppData\Local\Temp\_MEI127802\_elementtree.pyd
2019-08-12 08:31 - 2019-08-12 08:31 - 001800192 _____ () [File not signed] C:\Users\tomas\AppData\Local\Temp\_MEI127802\_hashlib.pyd
2019-08-12 08:31 - 2019-08-12 08:31 - 000032256 _____ () [File not signed] C:\Users\tomas\AppData\Local\Temp\_MEI127802\_multiprocessing.pyd
2019-08-12 08:31 - 2019-08-12 08:31 - 000046080 _____ () [File not signed] C:\Users\tomas\AppData\Local\Temp\_MEI127802\_psutil_windows.pyd
2019-08-12 08:31 - 2019-08-12 08:31 - 000047616 _____ () [File not signed] C:\Users\tomas\AppData\Local\Temp\_MEI127802\_socket.pyd
2019-08-12 08:31 - 2019-08-12 08:31 - 002230784 _____ () [File not signed] C:\Users\tomas\AppData\Local\Temp\_MEI127802\_ssl.pyd
2019-08-12 08:31 - 2019-08-12 08:31 - 000026112 _____ () [File not signed] C:\Users\tomas\AppData\Local\Temp\_MEI127802\_yappi.pyd
2019-08-12 08:31 - 2019-08-12 08:31 - 000080896 _____ () [File not signed] C:\Users\tomas\AppData\Local\Temp\_MEI127802\bz2.pyd
2019-08-12 08:31 - 2019-08-12 08:31 - 006277632 _____ () [File not signed] C:\Users\tomas\AppData\Local\Temp\_MEI127802\cello.pyd
2019-08-12 08:31 - 2019-08-12 08:31 - 000014848 _____ () [File not signed] C:\Users\tomas\AppData\Local\Temp\_MEI127802\common.time34.pyd
2019-08-12 08:31 - 2019-08-12 08:31 - 000007680 _____ () [File not signed] C:\Users\tomas\AppData\Local\Temp\_MEI127802\hashobjs_ext.pyd
2019-08-12 08:31 - 2019-08-12 08:31 - 000301568 _____ () [File not signed] C:\Users\tomas\AppData\Local\Temp\_MEI127802\PIL._imaging.pyd
2019-08-12 08:31 - 2019-08-12 08:31 - 000169472 _____ () [File not signed] C:\Users\tomas\AppData\Local\Temp\_MEI127802\pyexpat.pyd
2019-08-12 08:31 - 2019-08-12 08:31 - 001084416 _____ () [File not signed] C:\Users\tomas\AppData\Local\Temp\_MEI127802\pysqlite2._sqlite.pyd
2019-08-12 08:31 - 2019-08-12 08:31 - 000548864 _____ () [File not signed] C:\Users\tomas\AppData\Local\Temp\_MEI127802\pythoncom27.dll
2019-08-12 08:31 - 2019-08-12 08:31 - 000137728 _____ () [File not signed] C:\Users\tomas\AppData\Local\Temp\_MEI127802\pywintypes27.dll
2019-08-12 08:31 - 2019-08-12 08:31 - 000010752 _____ () [File not signed] C:\Users\tomas\AppData\Local\Temp\_MEI127802\select.pyd
2019-08-12 08:31 - 2019-08-12 08:31 - 000020992 _____ () [File not signed] C:\Users\tomas\AppData\Local\Temp\_MEI127802\thumbnails_ext.pyd
2019-08-12 08:31 - 2019-08-12 08:31 - 000689664 _____ () [File not signed] C:\Users\tomas\AppData\Local\Temp\_MEI127802\unicodedata.pyd
2019-08-12 08:31 - 2019-08-12 08:31 - 000118784 _____ () [File not signed] C:\Users\tomas\AppData\Local\Temp\_MEI127802\usb_ext.pyd
2019-08-12 08:31 - 2019-08-12 08:31 - 000128512 _____ () [File not signed] C:\Users\tomas\AppData\Local\Temp\_MEI127802\win32api.pyd
2019-08-12 08:31 - 2019-08-12 08:31 - 000438784 _____ () [File not signed] C:\Users\tomas\AppData\Local\Temp\_MEI127802\win32com.shell.shell.pyd
2019-08-12 08:31 - 2019-08-12 08:31 - 000011776 _____ () [File not signed] C:\Users\tomas\AppData\Local\Temp\_MEI127802\win32crypt.pyd
2019-08-12 08:31 - 2019-08-12 08:31 - 000023040 _____ () [File not signed] C:\Users\tomas\AppData\Local\Temp\_MEI127802\win32event.pyd
2019-08-12 08:31 - 2019-08-12 08:31 - 000149504 _____ () [File not signed] C:\Users\tomas\AppData\Local\Temp\_MEI127802\win32file.pyd
2019-08-12 08:31 - 2019-08-12 08:31 - 000223232 _____ () [File not signed] C:\Users\tomas\AppData\Local\Temp\_MEI127802\win32gui.pyd
2019-08-12 08:31 - 2019-08-12 08:31 - 000048128 _____ () [File not signed] C:\Users\tomas\AppData\Local\Temp\_MEI127802\win32inet.pyd
2019-08-12 08:31 - 2019-08-12 08:31 - 000029696 _____ () [File not signed] C:\Users\tomas\AppData\Local\Temp\_MEI127802\win32pdh.pyd
2019-08-12 08:31 - 2019-08-12 08:31 - 000027648 _____ () [File not signed] C:\Users\tomas\AppData\Local\Temp\_MEI127802\win32pipe.pyd
2019-08-12 08:31 - 2019-08-12 08:31 - 000044032 _____ () [File not signed] C:\Users\tomas\AppData\Local\Temp\_MEI127802\win32process.pyd
2019-08-12 08:31 - 2019-08-12 08:31 - 000020480 _____ () [File not signed] C:\Users\tomas\AppData\Local\Temp\_MEI127802\win32profile.pyd
2019-08-12 08:31 - 2019-08-12 08:31 - 000136192 _____ () [File not signed] C:\Users\tomas\AppData\Local\Temp\_MEI127802\win32security.pyd
2019-08-12 08:31 - 2019-08-12 08:31 - 000026624 _____ () [File not signed] C:\Users\tomas\AppData\Local\Temp\_MEI127802\win32ts.pyd
2019-08-12 08:31 - 2019-08-12 08:31 - 000034304 _____ () [File not signed] C:\Users\tomas\AppData\Local\Temp\_MEI127802\windows.conditional.pyd
2019-08-12 08:31 - 2019-08-12 08:31 - 000038400 _____ () [File not signed] C:\Users\tomas\AppData\Local\Temp\_MEI127802\windows.connectivity.pyd
2019-08-12 08:31 - 2019-08-12 08:31 - 000073216 _____ () [File not signed] C:\Users\tomas\AppData\Local\Temp\_MEI127802\windows.device_monitor.pyd
2019-08-12 08:31 - 2019-08-12 08:31 - 000110592 _____ () [File not signed] C:\Users\tomas\AppData\Local\Temp\_MEI127802\windows.volumes.pyd
2019-08-12 08:31 - 2019-08-12 08:31 - 000020480 _____ () [File not signed] C:\Users\tomas\AppData\Local\Temp\_MEI127802\windows.winwrap.pyd
2019-08-12 08:31 - 2019-08-12 08:31 - 001325056 _____ () [File not signed] C:\Users\tomas\AppData\Local\Temp\_MEI127802\wx._controls_.pyd
2019-08-12 08:31 - 2019-08-12 08:31 - 001489408 _____ () [File not signed] C:\Users\tomas\AppData\Local\Temp\_MEI127802\wx._core_.pyd
2019-08-12 08:31 - 2019-08-12 08:31 - 001007104 _____ () [File not signed] C:\Users\tomas\AppData\Local\Temp\_MEI127802\wx._gdi_.pyd
2019-08-12 08:31 - 2019-08-12 08:31 - 000103424 _____ () [File not signed] C:\Users\tomas\AppData\Local\Temp\_MEI127802\wx._html2.pyd
2019-08-12 08:31 - 2019-08-12 08:31 - 000916992 _____ () [File not signed] C:\Users\tomas\AppData\Local\Temp\_MEI127802\wx._misc_.pyd
2019-08-12 08:31 - 2019-08-12 08:31 - 001039872 _____ () [File not signed] C:\Users\tomas\AppData\Local\Temp\_MEI127802\wx._windows_.pyd
2019-07-03 05:44 - 2019-07-03 05:44 - 000190784 _____ (Huawei Technologies Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
2018-04-20 22:38 - 2018-04-20 22:38 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\AppvIsvSubsystems64.dll
2018-04-20 22:38 - 2018-04-20 22:38 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\c2r64.dll
2018-04-20 16:02 - 2018-04-20 16:02 - 000117248 _____ (pdfforge GmbH) [File not signed] C:\WINDOWS\System32\pdfcmon.dll
2019-08-12 08:31 - 2019-08-12 08:31 - 003042304 _____ (Python Software Foundation) [File not signed] C:\Users\tomas\AppData\Local\Temp\_MEI127802\python27.dll
2019-02-01 21:23 - 2019-07-09 13:32 - 001277440 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\LIBEAY32.dll
2019-02-01 21:23 - 2019-07-09 13:32 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\ssleay32.dll
2019-02-01 21:23 - 2019-07-09 13:32 - 001611264 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2019-02-01 21:23 - 2019-07-09 13:32 - 005487104 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Core.dll
2019-02-01 21:23 - 2019-07-09 13:32 - 005841920 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Gui.dll
2019-02-01 21:23 - 2019-07-09 13:32 - 001179136 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Network.dll
2019-02-01 21:23 - 2019-07-09 13:32 - 005089792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2019-02-01 21:23 - 2019-07-09 13:32 - 000184832 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Xml.dll
2019-08-12 08:31 - 2019-08-12 08:31 - 000202240 _____ (wxWidgets development team) [File not signed] C:\Users\tomas\AppData\Local\Temp\_MEI127802\wxbase30u_net_vc90_x64.dll
2019-08-12 08:31 - 2019-08-12 08:31 - 002831872 _____ (wxWidgets development team) [File not signed] C:\Users\tomas\AppData\Local\Temp\_MEI127802\wxbase30u_vc90_x64.dll
2019-08-12 08:31 - 2019-08-12 08:31 - 001654784 _____ (wxWidgets development team) [File not signed] C:\Users\tomas\AppData\Local\Temp\_MEI127802\wxmsw30u_adv_vc90_x64.dll
2019-08-12 08:31 - 2019-08-12 08:31 - 006542336 _____ (wxWidgets development team) [File not signed] C:\Users\tomas\AppData\Local\Temp\_MEI127802\wxmsw30u_core_vc90_x64.dll
2019-08-12 08:31 - 2019-08-12 08:31 - 000773632 _____ (wxWidgets development team) [File not signed] C:\Users\tomas\AppData\Local\Temp\_MEI127802\wxmsw30u_html_vc90_x64.dll
2019-08-12 08:31 - 2019-08-12 08:31 - 000137216 _____ (wxWidgets development team) [File not signed] C:\Users\tomas\AppData\Local\Temp\_MEI127802\wxmsw30u_webview_vc90_x64.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2017-09-29 15:46 - 2019-01-07 11:49 - 000000832 _____ C:\WINDOWS\system32\drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4119164112-2489825935-1381082371-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\windows\img0.jpg
DNS Servers: 192.168.1.1 - 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "ShadowPlay"
HKLM\...\StartupApproved\Run: => "GamecomSound"
HKLM\...\StartupApproved\Run32: => "Live Update"
HKLM\...\StartupApproved\Run32: => "MSIRegister"
HKLM\...\StartupApproved\Run32: => "CanonQuickMenu"
HKLM\...\StartupApproved\Run32: => "seznam-listicka-distribuce"
HKLM\...\StartupApproved\Run32: => "RazerCortex"
HKU\S-1-5-21-4119164112-2489825935-1381082371-1001\...\StartupApproved\StartupFolder: => "Twitch.lnk"
HKU\S-1-5-21-4119164112-2489825935-1381082371-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-4119164112-2489825935-1381082371-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-4119164112-2489825935-1381082371-1001\...\StartupApproved\Run: => "WTFast Tray"
HKU\S-1-5-21-4119164112-2489825935-1381082371-1001\...\StartupApproved\Run: => "cz.seznam.software.autoupdate"
HKU\S-1-5-21-4119164112-2489825935-1381082371-1001\...\StartupApproved\Run: => "Ubisoft Game Launcher"
HKU\S-1-5-21-4119164112-2489825935-1381082371-1001\...\StartupApproved\Run: => "cz.seznam.software.szndesktop"
HKU\S-1-5-21-4119164112-2489825935-1381082371-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-4119164112-2489825935-1381082371-1001\...\StartupApproved\Run: => "TSMApplication"
HKU\S-1-5-21-4119164112-2489825935-1381082371-1001\...\StartupApproved\Run: => "Synapse3"
HKU\S-1-5-21-4119164112-2489825935-1381082371-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-4119164112-2489825935-1381082371-1001\...\StartupApproved\Run: => "EADM"
HKU\S-1-5-21-4119164112-2489825935-1381082371-1001\...\StartupApproved\Run: => "EpicGamesLauncher"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{95415F9B-A765-42D0-89A6-6E6355844421}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6644B65A-0410-4C6D-A101-32A815101C41}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed Unity\ACU.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{C7FC3EFB-FB52-4302-9AF0-BE574A37A200}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed Unity\ACU.exe (UBISOFT ENTERTAINMENT INC. -> )
FirewallRules: [{522B3C27-BA3C-41FD-A649-0027D212C930}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{16BDF191-16BA-45DD-B8C7-D8BC814541BE}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{47017A9D-B8B1-4207-A3AA-D8848E4E5EC8}] => (Allow) C:\Program Files (x86)\Origin Games\Apex\EasyAntiCheat_launcher.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{AFBACB99-FD8A-45CA-8D6E-FD65C0FDF21B}] => (Allow) C:\Program Files (x86)\Origin Games\Apex\EasyAntiCheat_launcher.exe (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
FirewallRules: [{9F0120BE-CAE7-4B16-AEED-91AB2D90974B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DARK SOULS III\Game\DarkSoulsIII.exe No File
FirewallRules: [{548D2A3A-32BB-489D-BDA5-67266313DE5B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DARK SOULS III\Game\DarkSoulsIII.exe No File
FirewallRules: [{BC03D9AD-6774-4431-987B-4BB8490246CB}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{658B1334-20E8-45F7-BA6A-6E186C82F68E}] => (Allow) C:\Users\tomas\AppData\Local\Programs\Opera\58.0.3135.47\opera.exe No File
FirewallRules: [UDP Query User{63436532-7121-47A2-9FAD-A9C0151FA20A}C:\program files (x86)\destiny 2\destiny2.exe] => (Block) C:\program files (x86)\destiny 2\destiny2.exe (Bungie Inc. -> Bungie)
FirewallRules: [TCP Query User{0C320BD7-6BA3-46F4-AE6F-B87E667F2AFA}C:\program files (x86)\destiny 2\destiny2.exe] => (Block) C:\program files (x86)\destiny 2\destiny2.exe (Bungie Inc. -> Bungie)
FirewallRules: [{71F40794-DB51-46D7-BC14-B5B1BBB6EB0C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Metro 2033\metro2033.exe (THQ, Inc. -> 4A Games)
FirewallRules: [{0890611E-C63D-416C-AE42-B6645833735D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Metro 2033\metro2033.exe (THQ, Inc. -> 4A Games)
FirewallRules: [{7F3AC44A-6A0E-4926-A1EA-5F2E0EFA86F4}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{093E3E36-1108-4BC4-B5AD-93DE90807BB8}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{96774A55-2E7E-4039-8748-E753BD272D23}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{E02E9153-B3E4-4DAB-9C11-A82FB06DAD92}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{B55D074E-83E3-41DB-BE81-D77D36052A9D}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{26462B09-4766-4E5B-BB9E-21B4B232D703}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{9FCBFAC3-76A9-4B75-B853-32C8E0FE1A7F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{48E126C6-37CA-47FE-A649-2D634E9F2914}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{9143ED54-7E8C-4D46-B85E-9D2EEEFB3D4D}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{7FE6F210-ED95-41D8-8A78-968CBE5D766C}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{BB07AFD3-01D9-4014-8D4B-43532859564B}] => (Allow) C:\Program Files (x86)\WTFast\WTFast.exe (AAA Internet Publishing, Inc. -> AAA Internet Publishing, Inc.)
FirewallRules: [{A4D05A7D-962E-4CB7-BE70-644A0718B5AD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\KingdomComeDeliverance\Bin\Win64\KingdomCome.exe No File
FirewallRules: [{A598B512-2C1B-4279-BCAF-1F6E40C31EF6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\KingdomComeDeliverance\Bin\Win64\KingdomCome.exe No File
FirewallRules: [{1021301F-6960-4634-AB7E-E3E7FAFE1CE2}] => (Allow) C:\Program Files\Serviio\bin\ServiioService.exe () [File not signed]
FirewallRules: [{1CD4E995-63DE-4362-8005-A46677802AFB}] => (Allow) C:\Program Files\Serviio\bin\ServiioService.exe () [File not signed]
FirewallRules: [{165BDFCD-38A9-4AA5-BB3D-6F8580C4BC0C}] => (Allow) C:\Program Files\Serviio\console\ServiioConsole.exe (Six Lines Ltd) [File not signed]
FirewallRules: [{4724B108-4727-45E0-BF2D-756720D1E398}] => (Allow) F:\SteamLibrary\steamapps\common\KingdomComeDeliverance\Bin\Win64\KingdomCome.exe No File
FirewallRules: [{476E7D2B-27A3-4C35-BAAD-4B3D50C20260}] => (Allow) F:\SteamLibrary\steamapps\common\KingdomComeDeliverance\Bin\Win64\KingdomCome.exe No File
FirewallRules: [{A79E4051-6FA4-48E2-ACD4-4A96845AE9E4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.449.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{51029786-DB91-42A7-9CC0-DF5D02727BEB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.449.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{BE05D36E-D0E4-4A77-B5BC-73F498FD2456}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.449.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{83E30DA4-E0D6-4DBD-995F-EE201AF423E7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.449.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{EEC01C72-140C-4472-86B4-AE2A75BDF05A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.449.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{83EF2846-51FB-4561-ADAD-9F5ADCE2B102}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.449.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1B9E2E10-C2F6-4A76-BB65-24BA1C736234}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.449.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{3ED60572-9711-47F6-A846-31F75355387A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.449.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{60DDB433-4D88-45A1-A314-B7CA1EFAADAC}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{CB079D55-A197-4CDE-8860-71364A07A6B9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{4BE638EB-4089-44FA-BA0E-6A5B8A29EE1C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{F0AAF19E-F044-4D14-B661-EB7486573176}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{EA9941D6-FE8B-40C1-A82D-9BE5F0A33196}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)

==================== Restore Points =========================

01-08-2019 16:42:32 Windows Update

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (08/11/2019 05:47:46 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.

Error: (08/11/2019 05:47:46 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]

Error: (08/11/2019 01:10:47 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1020) (User: NT AUTHORITY)
Description: Velikost požadované vyrovnávací paměti je větší než velikost vyrovnávací paměti předané do funkce Collect knihovny DLL rozšiřitelných čítačů C:\Windows\System32\perfts.dll pro službu LSM. Velikost dané vyrovnávací paměti: 31832; požadovaná velikost: 31936.

Error: (08/09/2019 04:16:53 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1020) (User: NT AUTHORITY)
Description: Velikost požadované vyrovnávací paměti je větší než velikost vyrovnávací paměti předané do funkce Collect knihovny DLL rozšiřitelných čítačů C:\Windows\System32\perfts.dll pro službu LSM. Velikost dané vyrovnávací paměti: 31728; požadovaná velikost: 32120.

Error: (08/06/2019 10:04:07 AM) (Source: Microsoft-Windows-Perflib) (EventID: 1020) (User: NT AUTHORITY)
Description: Velikost požadované vyrovnávací paměti je větší než velikost vyrovnávací paměti předané do funkce Collect knihovny DLL rozšiřitelných čítačů C:\Windows\System32\perfts.dll pro službu LSM. Velikost dané vyrovnávací paměti: 28264; požadovaná velikost: 34512.

Error: (08/02/2019 06:56:49 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1020) (User: NT AUTHORITY)
Description: Velikost požadované vyrovnávací paměti je větší než velikost vyrovnávací paměti předané do funkce Collect knihovny DLL rozšiřitelných čítačů C:\Windows\System32\perfts.dll pro službu LSM. Velikost dané vyrovnávací paměti: 31776; požadovaná velikost: 32856.

Error: (08/01/2019 11:23:02 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.

Error: (08/01/2019 11:23:02 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]


System errors:
=============
Error: (08/12/2019 08:31:22 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba cbdhsvc_25026 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 3000 milisekund: Restartovat službu.

Error: (08/11/2019 08:09:46 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA LocalSystem Container byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.

Error: (08/11/2019 08:09:46 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba NVIDIA LocalSystem Container byla ukončena s následující chybou: 
Obecný spustitelný příkaz vrátil výsledek označující selhání.

Error: (08/11/2019 03:57:52 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Uživatelská služba nabízených oznámení Windows_138ff23c byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.

Error: (08/10/2019 12:57:59 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Uživatelská služba schránky_4390435 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 3000 milisekund: Restartovat službu.

Error: (08/06/2019 04:02:46 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Uživatelská služba schránky_1ae3889 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 3000 milisekund: Restartovat službu.

Error: (08/06/2019 10:42:46 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-093KJEC)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

Error: (08/06/2019 10:42:46 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-093KJEC)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.


CodeIntegrity:
===================================

Date: 2019-08-11 17:50:29.734
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2019-08-11 17:50:29.729
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2019-08-11 17:50:29.716
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2019-08-11 17:49:23.281
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.

Date: 2019-08-11 17:49:23.275
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.

Date: 2019-08-11 17:49:23.270
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.

Date: 2019-08-11 17:49:23.264
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.

Date: 2019-08-11 17:49:23.257
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.

==================== Memory info =========================== 

BIOS: American Megatrends Inc. V10.5 05/12/2015
Motherboard: MSI 970A-G43 (MS-7693)
Processor: AMD FX(tm)-8350 Eight-Core Processor 
Percentage of memory in use: 27%
Total physical RAM: 16332.04 MB
Available physical RAM: 11775.64 MB
Total Virtual: 18764.04 MB
Available Virtual: 12689.73 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.26 GB) (Free:104.76 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive f: () (Fixed) (Total:1861.58 GB) (Free:1661.98 GB) NTFS

\\?\Volume{79900573-0000-0000-0000-806bd1010000}\ () (Fixed) (Total:0.46 GB) (Free:0.08 GB) NTFS
\\?\Volume{79900573-0000-0000-0000-b088d1010000}\ () (Fixed) (Total:0.44 GB) (Free:0.06 GB) NTFS
\\?\Volume{e4769826-0000-0000-0000-f05074000000}\ () (Fixed) (Total:0.5 GB) (Free:0.08 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: 79900573)
Partition 1: (Active) - (Size=1861.6 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=466 MB) - (Type=27)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)

========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: E4769826)
Partition 1: (Active) - (Size=465.3 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=508 MB) - (Type=27)

==================== End of Addition.txt ============================