Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-10-2019
Ran by Marek (20-10-2019 14:17:25)
Running from C:\Users\Marek\Downloads
Windows 10 Home Version 1903 18362.418 (X64) (2019-09-22 19:23:45)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-527865071-870398866-4242147315-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-527865071-870398866-4242147315-503 - Limited - Disabled)
Guest (S-1-5-21-527865071-870398866-4242147315-501 - Limited - Disabled)
Marek (S-1-5-21-527865071-870398866-4242147315-1001 - Administrator - Enabled) => C:\Users\Marek
WDAGUtilityAccount (S-1-5-21-527865071-870398866-4242147315-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

AMD Radeon Settings (HKLM\...\WUCCCApp) (Version: 2017.1227.456.8869 - Advanced Micro Devices, Inc.)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.8 - Advanced Micro Devices, Inc.)
Catalyst Control Center Next Localization BR (HKLM\...\{32443BDD-5AF8-3A38-4912-D99C7D90B36E}) (Version: 2017.1019.1521.25808 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (HKLM\...\{CCE76752-1A82-EF43-4B55-6C5154F0112E}) (Version: 2017.1227.456.8869 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{720204AE-BEBD-408F-4FCD-871C20DBB23C}) (Version: 2017.1019.1521.25808 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{9C4FCC2E-4E4F-5CDF-1A60-336B5A7E49CB}) (Version: 2017.1227.456.8869 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{1CD64099-7398-3515-ED22-ED9B591DE3C6}) (Version: 2017.1019.1521.25808 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{2A1637CE-9314-EA72-0F2C-E6E8CC805B7B}) (Version: 2017.1227.456.8869 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{74422189-DBC5-FB93-20BF-15D3FDF3BF29}) (Version: 2017.1019.1521.25808 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{A71A7061-5728-3DA3-D58C-CDAFA87AD725}) (Version: 2017.1227.456.8869 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{B53797F9-87A8-1196-36DB-AC4E7AECB8CF}) (Version: 2017.1019.1521.25808 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{EA137731-99F1-E42D-6D5C-49F16BF5F868}) (Version: 2017.1227.456.8869 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{2CFF01A0-C485-8455-B331-0A6B8756E232}) (Version: 2017.1227.456.8869 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{EFFCF29A-A02E-0CCA-70FD-29FEF73E7559}) (Version: 2017.1019.1521.25808 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{29FAE12A-6731-25FD-8ED4-6B7A68753B65}) (Version: 2017.1019.1521.25808 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{A79098E5-9593-F299-470E-571B9F255A48}) (Version: 2017.1227.456.8869 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{18477420-7987-40D0-C825-DBD10FE17597}) (Version: 2017.1019.1521.25808 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{5D8C735C-C28F-E8EF-80B2-96EAF42F401A}) (Version: 2017.1227.456.8869 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{B8255085-FBE7-7C3F-3397-23DC07C21297}) (Version: 2017.1227.456.8869 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{F6B3CCDA-3698-1778-0895-ACA371526857}) (Version: 2017.1019.1521.25808 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{1B8547F2-2E44-C80B-0B1E-AFF48B847EB2}) (Version: 2017.1019.1521.25808 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{5A5539B0-B4EE-3A5E-29F9-63EDF84A79E2}) (Version: 2017.1227.456.8869 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{969B7477-A43D-7408-4A61-337614364756}) (Version: 2017.1019.1521.25808 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{EEF7A56C-6AD1-3176-83D7-9C4AC45A447C}) (Version: 2017.1227.456.8869 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{2DB38A76-FEB0-23AA-92E9-E59F1C9E98BC}) (Version: 2017.1019.1521.25808 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{3A3B6A80-249F-7651-CD12-23FD2E7C1932}) (Version: 2017.1227.456.8869 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{29612BF6-6D8A-4CE8-12AC-777144642135}) (Version: 2017.1227.456.8869 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{D37F6C05-0BCC-D268-26DE-FF26EC0ABE65}) (Version: 2017.1019.1521.25808 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{2350690C-7251-57BB-8C50-46A829CFA32C}) (Version: 2017.1019.1521.25808 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{739859D8-9A12-6540-9B25-EDF09B43C845}) (Version: 2017.1227.456.8869 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{144FC26D-3A27-2608-5C4C-DF59A2A3ACD1}) (Version: 2017.1227.456.8869 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{6C813C62-ACC5-2ECF-A07D-8C61B9A4A0D2}) (Version: 2017.1019.1521.25808 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{B40D1236-0751-4C78-2E4C-A865235BAF52}) (Version: 2017.1227.456.8869 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{B8747BDA-D029-BCE8-5DC8-06A8758F3A84}) (Version: 2017.1019.1521.25808 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{F249A401-550F-5549-8352-C490F8CF1F5E}) (Version: 2017.1019.1521.25808 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{F2F82D32-807F-1214-CB1F-B734B4E26398}) (Version: 2017.1227.456.8869 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{29306290-76E1-BF93-BD39-C548495CC4E4}) (Version: 2017.1227.456.8869 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{91DB626F-C3B4-782C-69DF-74BF08B23345}) (Version: 2017.1019.1521.25808 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{3AE6129D-AEE2-6A23-A335-1804470CE6EA}) (Version: 2017.1227.456.8869 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{7F424A0C-9235-2062-E94C-56C68CC6B6AF}) (Version: 2017.1019.1521.25808 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{4A69C514-703A-ACD2-0C49-7CE38CF62F40}) (Version: 2017.1019.1521.25808 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{91E744CE-5472-1E15-0E89-69187A437656}) (Version: 2017.1227.456.8869 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{040AE1DD-92DF-3870-BE8B-E47EDD36A635}) (Version: 2017.1019.1521.25808 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{6220990C-8452-DB19-A2A8-8F2B81057151}) (Version: 2017.1227.456.8869 - Advanced Micro Devices, Inc.) Hidden
Counter-Strike 1.6 (HKLM-x32\...\Counter-Strike 1.6) (Version: 1.6 - CS-BOOST.LT)
Counter-Strike 1.6 (HKU\S-1-5-21-527865071-870398866-4242147315-1001\...\Counter-Strike 1.6) (Version:  - )
CyberLink PowerDVD 14 (HKLM-x32\...\{32C8E300-BDB4-4398-92C2-E9B7D8A233DB}) (Version: 14.0.1.6929 - CyberLink Corp.)
Dolby Audio X2 Windows API SDK (HKLM\...\{82C288CC-A96D-43E3-9119-944DABF5DD61}) (Version: 0.8.0.74 - Dolby Laboratories, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 77.0.3865.120 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.301 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.169 - Google Inc.) Hidden
Java 8 Update 161 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180161F0}) (Version: 8.0.1610.12 - Oracle Corporation)
LogMeIn Hamachi (HKLM-x32\...\{ECC0FA07-863E-44BC-8B1D-DA22F96E5FB7}) (Version: 2.2.0.633 - LogMeIn, Inc.) Hidden
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.633 - LogMeIn, Inc.)
Malwarebytes verze 3.8.3.2965 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.8.3.2965 - Malwarebytes)
Microsoft Excel 2019 - cs-cz (HKLM\...\Excel2019Retail - cs-cz) (Version: 16.0.12026.20334 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-527865071-870398866-4242147315-1001\...\OneDriveSetup.exe) (Version: 19.152.0927.0012 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.10.25008 (HKLM-x32\...\{f1e7e313-06df-4c56-96a9-99fdfd149c51}) (Version: 14.10.25008.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25008 (HKLM-x32\...\{c239cea1-d49e-4e16-8e87-8c055765f7ec}) (Version: 14.10.25008.0 - Microsoft Corporation)
OEM Application Profile (HKLM-x32\...\{B4B7FD8F-06FC-E277-4F29-8F75F8281D8F}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.12026.20334 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.12026.20334 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.12026.20334 - Microsoft Corporation) Hidden
Pomocník s aktualizací Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22329 - Microsoft Corporation)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8245 - Realtek Semiconductor Corp.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.1.10 - TeamSpeak Systems GmbH)
TeamViewer 14 (HKLM-x32\...\TeamViewer) (Version: 14.6.4835 - TeamViewer)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
Vulkan Run Time Libraries 1.0.37.0 (HKLM\...\VulkanRT1.0.37.0) (Version: 1.0.37.0 - LunarG, Inc.)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version:  - )
WinRAR 5.70 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)

Packages:
=========
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.0.2.0_x64__tf1gferkr813w [2019-06-01] (Autodesk Inc.)
Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_6.1.4.0_x86__kgqvnymyfvs32 [2019-09-29] (king.com)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.149.100.0_x86__kgqvnymyfvs32 [2019-10-12] (king.com)
Disney Magic Kingdoms -> C:\Program Files\WindowsApps\A278AB0D.DisneyMagicKingdoms_4.3.0.7_x86__h6adky7gbf63m [2019-09-14] (Gameloft.)
Lenovo Settings -> C:\Program Files\WindowsApps\LenovoCorporation.LenovoSettings_3.177.0.0_x86__4642shxvsv8s2 [2018-02-17] (LENOVO INCORPORATED.)
Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_4.27.32.0_x86__k1h2ywk1493x8 [2019-03-26] (LENOVO INC.)
March of Empires: War of Lords -> C:\Program Files\WindowsApps\A278AB0D.MarchofEmpires_4.3.1.1_x86__h6adky7gbf63m [2019-09-14] (Gameloft.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-21] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-21] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.10022.0_x64__8wekyb3d8bbwe [2019-10-12] (Microsoft Studios) [MS Ad]
Microsoft Zprávy -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.32.12463.0_x64__8wekyb3d8bbwe [2019-09-14] (Microsoft Corporation) [MS Ad]
Minecraft for Windows 10 -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.12.101.0_x64__8wekyb3d8bbwe [2019-09-09] (Microsoft Studios)
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.32.12463.0_x64__8wekyb3d8bbwe [2019-09-14] (Microsoft Corporation) [MS Ad]
Pošta a Kalendář -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12026.20218.0_x64__8wekyb3d8bbwe [2019-09-29] (Microsoft Corporation) [MS Ad]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.115.448.0_x86__zpdnekdrzrea0 [2019-09-16] (Spotify AB)
Uživatelský portál Lenovo -> C:\Program Files\WindowsApps\LenovoCorporation.LenovoID_2.0.37.0_x86__4642shxvsv8s2 [2018-02-17] (LENOVO INCORPORATED.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} =>  -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} =>  -> No File
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2017-12-27] (Advanced Micro Devices, Inc.) [File not signed]
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ==================


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


ShortcutWithArgument: C:\Users\Marek\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d249d9ddd424b688\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default

==================== Loaded Modules (Whitelisted) ==============

2017-07-20 16:04 - 2017-07-20 16:04 - 000011776 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.dll
2017-07-20 16:04 - 2017-07-20 16:04 - 002013696 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2017-07-20 16:04 - 2017-07-20 16:04 - 000014336 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2017-07-20 16:04 - 2017-07-20 16:04 - 000739840 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2017-07-20 16:04 - 2017-07-20 16:04 - 000191488 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2017-07-20 16:04 - 2017-07-20 16:04 - 000071168 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2017-07-20 16:04 - 2017-07-20 16:04 - 000014336 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2017-07-20 16:04 - 2017-07-20 16:04 - 000049664 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qdds.dll
2017-07-20 16:04 - 2017-07-20 16:04 - 000029696 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qgif.dll
2017-07-20 16:04 - 2017-07-20 16:04 - 000037376 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qicns.dll
2017-07-20 16:04 - 2017-07-20 16:04 - 000030208 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qico.dll
2017-07-20 16:04 - 2017-07-20 16:04 - 000459776 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjp2.dll
2017-07-20 16:04 - 2017-07-20 16:04 - 000236544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjpeg.dll
2017-07-20 16:04 - 2017-07-20 16:04 - 000275456 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qmng.dll
2017-07-20 16:04 - 2017-07-20 16:04 - 000023552 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qsvg.dll
2017-07-20 16:04 - 2017-07-20 16:04 - 000022528 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtga.dll
2017-07-20 16:04 - 2017-07-20 16:04 - 000351744 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtiff.dll
2017-07-20 16:04 - 2017-07-20 16:04 - 000021504 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwbmp.dll
2017-07-20 16:04 - 2017-07-20 16:04 - 000374784 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwebp.dll
2017-07-20 16:04 - 2017-07-20 16:04 - 001212416 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\platforms\qwindows.dll
2017-07-20 16:04 - 2017-07-20 16:04 - 005496320 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2017-07-20 16:04 - 2017-07-20 16:04 - 005804544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2017-07-20 16:04 - 2017-07-20 16:04 - 000912384 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Charts.dll
2017-07-20 16:04 - 2017-07-20 16:04 - 001061376 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2017-07-20 16:04 - 2017-07-20 16:04 - 003187712 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2017-07-20 16:04 - 2017-07-20 16:04 - 002924544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2017-07-20 16:04 - 2017-07-20 16:04 - 000310784 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2017-07-20 16:04 - 2017-07-20 16:04 - 005444608 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2017-07-20 16:04 - 2017-07-20 16:04 - 000277504 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2017-07-20 16:04 - 2017-07-20 16:04 - 000193024 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2016-07-16 13:47 - 2016-07-16 13:45 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-527865071-870398866-4242147315-1001\Control Panel\Desktop\\Wallpaper -> 
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
HKU\S-1-5-21-527865071-870398866-4242147315-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-527865071-870398866-4242147315-1001\...\StartupApproved\Run: => "Steam"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{24A006C6-9DDA-44D8-AE34-BAAD110982F2}C:\users\marek\appdata\local\temp\rarsfx44\hlds.exe] => (Block) C:\users\marek\appdata\local\temp\rarsfx44\hlds.exe No File
FirewallRules: [TCP Query User{3A383BFD-9B63-44D0-B390-449E6CE7256E}C:\users\marek\appdata\local\temp\rarsfx44\hlds.exe] => (Block) C:\users\marek\appdata\local\temp\rarsfx44\hlds.exe No File
FirewallRules: [{14DF7907-BE53-4350-8780-2335A517094B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.115.448.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{9C536E70-693C-4D84-9611-94DCC91C84D2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.115.448.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1AF7C08D-AEF5-4C52-B4CF-596FC24E838E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.115.448.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{517F145B-E8B5-4271-A726-CC70525D5787}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.115.448.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{BE3C8E8B-93D7-4A92-87C5-20F1BD5E6122}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.115.448.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{EB130A4D-52CE-40DE-91CD-D831EAF0D396}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.115.448.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{7AFB1CD4-B014-4698-9D22-475F31962FFE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.115.448.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{F9B952CC-BB27-4D5A-AC86-A99CC3B4B94D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.115.448.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{401C65FD-893F-42FD-BFE7-4EF3D46D84A3}C:\users\marek\appdata\local\temp\rarsfx43\hlds.exe] => (Block) C:\users\marek\appdata\local\temp\rarsfx43\hlds.exe No File
FirewallRules: [TCP Query User{2FFE59E1-035D-45A2-A0F0-8BA3490C1326}C:\users\marek\appdata\local\temp\rarsfx43\hlds.exe] => (Block) C:\users\marek\appdata\local\temp\rarsfx43\hlds.exe No File
FirewallRules: [UDP Query User{95055784-B06D-4CA4-9D76-8908D78409F8}C:\users\marek\appdata\local\temp\rarsfx42\hlds.exe] => (Block) C:\users\marek\appdata\local\temp\rarsfx42\hlds.exe No File
FirewallRules: [TCP Query User{2362C5A8-A021-4B8F-A76B-C116B19CF1A1}C:\users\marek\appdata\local\temp\rarsfx42\hlds.exe] => (Block) C:\users\marek\appdata\local\temp\rarsfx42\hlds.exe No File
FirewallRules: [UDP Query User{2542C469-F567-4D2E-95DE-0D6740CCC41A}C:\users\marek\appdata\local\temp\rarsfx41\hlds.exe] => (Block) C:\users\marek\appdata\local\temp\rarsfx41\hlds.exe No File
FirewallRules: [TCP Query User{D74C1CE4-3DF1-4A63-ACC9-C74F89C06075}C:\users\marek\appdata\local\temp\rarsfx41\hlds.exe] => (Block) C:\users\marek\appdata\local\temp\rarsfx41\hlds.exe No File
FirewallRules: [UDP Query User{F447D741-2ACA-46DF-8155-31E4339391BB}C:\users\marek\appdata\local\temp\rarsfx40\hlds.exe] => (Block) C:\users\marek\appdata\local\temp\rarsfx40\hlds.exe No File
FirewallRules: [TCP Query User{FCBAD6EA-9D96-4A40-A4C6-7D3B01C1EF15}C:\users\marek\appdata\local\temp\rarsfx40\hlds.exe] => (Block) C:\users\marek\appdata\local\temp\rarsfx40\hlds.exe No File
FirewallRules: [UDP Query User{F0D479DC-E9E8-4A80-9F04-E926E014702B}C:\users\marek\appdata\local\temp\rarsfx39\hlds.exe] => (Block) C:\users\marek\appdata\local\temp\rarsfx39\hlds.exe No File
FirewallRules: [TCP Query User{8B58DD20-20B9-4AB9-8A17-CA35105369DF}C:\users\marek\appdata\local\temp\rarsfx39\hlds.exe] => (Block) C:\users\marek\appdata\local\temp\rarsfx39\hlds.exe No File
FirewallRules: [UDP Query User{D59C4EB8-6012-4EF8-BB2F-5350DE543309}C:\users\marek\appdata\local\temp\rarsfx38\hlds.exe] => (Block) C:\users\marek\appdata\local\temp\rarsfx38\hlds.exe No File
FirewallRules: [TCP Query User{9AEF3C2A-EF35-4FEF-BC9C-970AFB4F0FE5}C:\users\marek\appdata\local\temp\rarsfx38\hlds.exe] => (Block) C:\users\marek\appdata\local\temp\rarsfx38\hlds.exe No File
FirewallRules: [UDP Query User{8E35D6EE-A8E1-4806-BA47-C088CA6D7E20}C:\users\marek\appdata\local\temp\rarsfx37\hlds.exe] => (Block) C:\users\marek\appdata\local\temp\rarsfx37\hlds.exe No File
FirewallRules: [TCP Query User{432D6E74-9F16-49C6-A79D-836DB7068206}C:\users\marek\appdata\local\temp\rarsfx37\hlds.exe] => (Block) C:\users\marek\appdata\local\temp\rarsfx37\hlds.exe No File
FirewallRules: [UDP Query User{64A3BE3D-4C75-429A-A595-3CC2BBC47365}C:\users\marek\appdata\local\temp\rarsfx36\hlds.exe] => (Block) C:\users\marek\appdata\local\temp\rarsfx36\hlds.exe No File
FirewallRules: [TCP Query User{1AE119DE-E6EE-40E4-B3E8-1F425FE351C3}C:\users\marek\appdata\local\temp\rarsfx36\hlds.exe] => (Block) C:\users\marek\appdata\local\temp\rarsfx36\hlds.exe No File
FirewallRules: [UDP Query User{236E628A-8B7D-4B9F-A46A-1CEBC71F92F7}C:\users\marek\appdata\local\temp\rarsfx35\hlds.exe] => (Block) C:\users\marek\appdata\local\temp\rarsfx35\hlds.exe No File
FirewallRules: [TCP Query User{C790E45F-4A47-4AF9-91E9-A0CD21C8587B}C:\users\marek\appdata\local\temp\rarsfx35\hlds.exe] => (Block) C:\users\marek\appdata\local\temp\rarsfx35\hlds.exe No File
FirewallRules: [UDP Query User{5AE5656E-DF85-4EDE-988D-EEC14BEDDB42}C:\users\marek\appdata\local\temp\rarsfx34\hlds.exe] => (Block) C:\users\marek\appdata\local\temp\rarsfx34\hlds.exe No File
FirewallRules: [TCP Query User{937D0A55-152E-4666-A17F-9E0AB74C6CB4}C:\users\marek\appdata\local\temp\rarsfx34\hlds.exe] => (Block) C:\users\marek\appdata\local\temp\rarsfx34\hlds.exe No File
FirewallRules: [UDP Query User{1FF46676-3F45-40AF-AD81-86939867A9AB}C:\users\marek\appdata\local\temp\rarsfx33\hlds.exe] => (Block) C:\users\marek\appdata\local\temp\rarsfx33\hlds.exe No File
FirewallRules: [TCP Query User{04D494AA-43A2-4379-9E22-CC418C4827AD}C:\users\marek\appdata\local\temp\rarsfx33\hlds.exe] => (Block) C:\users\marek\appdata\local\temp\rarsfx33\hlds.exe No File
FirewallRules: [UDP Query User{C8793677-FF9A-48F2-8B72-12B88D0F6183}C:\users\marek\appdata\local\temp\rarsfx32\hlds.exe] => (Block) C:\users\marek\appdata\local\temp\rarsfx32\hlds.exe No File
FirewallRules: [TCP Query User{49AEC985-6C92-4591-8B7F-D8FF94852CF6}C:\users\marek\appdata\local\temp\rarsfx32\hlds.exe] => (Block) C:\users\marek\appdata\local\temp\rarsfx32\hlds.exe No File
FirewallRules: [UDP Query User{DFE89072-AB6E-4907-98AB-2CE332CFF72C}C:\users\marek\appdata\local\temp\rarsfx31\hlds.exe] => (Block) C:\users\marek\appdata\local\temp\rarsfx31\hlds.exe No File
FirewallRules: [TCP Query User{A2DC94DB-5448-488B-BE01-F842C4BFC0D3}C:\users\marek\appdata\local\temp\rarsfx31\hlds.exe] => (Block) C:\users\marek\appdata\local\temp\rarsfx31\hlds.exe No File
FirewallRules: [UDP Query User{230926BF-580A-4CA0-B1B2-1E534B7439AB}C:\users\marek\appdata\local\temp\rarsfx30\hlds.exe] => (Block) C:\users\marek\appdata\local\temp\rarsfx30\hlds.exe No File
FirewallRules: [TCP Query User{C3FB87E9-8A0C-4F06-94C3-ACC235C96411}C:\users\marek\appdata\local\temp\rarsfx30\hlds.exe] => (Block) C:\users\marek\appdata\local\temp\rarsfx30\hlds.exe No File
FirewallRules: [UDP Query User{D04C8D50-7C8A-4926-B221-745AF9310DA2}C:\users\marek\appdata\local\temp\rarsfx29\hlds.exe] => (Block) C:\users\marek\appdata\local\temp\rarsfx29\hlds.exe No File
FirewallRules: [TCP Query User{0DFA1FDF-4A6F-4CAB-926D-A165E22E07F5}C:\users\marek\appdata\local\temp\rarsfx29\hlds.exe] => (Block) C:\users\marek\appdata\local\temp\rarsfx29\hlds.exe No File
FirewallRules: [UDP Query User{A16085B0-68D5-45C6-8D08-4E113106F09C}C:\users\marek\appdata\local\temp\rarsfx28\hlds.exe] => (Block) C:\users\marek\appdata\local\temp\rarsfx28\hlds.exe No File
FirewallRules: [TCP Query User{AB06B927-362B-4163-962E-0647A2CCDF38}C:\users\marek\appdata\local\temp\rarsfx28\hlds.exe] => (Block) C:\users\marek\appdata\local\temp\rarsfx28\hlds.exe No File
FirewallRules: [UDP Query User{4CC9498F-3D88-4C0F-B55C-0421A6E52783}C:\users\marek\appdata\local\temp\rarsfx27\hlds.exe] => (Allow) C:\users\marek\appdata\local\temp\rarsfx27\hlds.exe No File
FirewallRules: [TCP Query User{4BE45DF5-FCFD-45D6-83B6-9CA6B267624F}C:\users\marek\appdata\local\temp\rarsfx27\hlds.exe] => (Allow) C:\users\marek\appdata\local\temp\rarsfx27\hlds.exe No File
FirewallRules: [UDP Query User{057F042D-2AA6-48D4-AF69-BB3E4630EA26}C:\users\marek\appdata\local\temp\rarsfx26\hlds.exe] => (Allow) C:\users\marek\appdata\local\temp\rarsfx26\hlds.exe No File
FirewallRules: [TCP Query User{2C6C575E-1131-4043-9DB4-96097A8DE31C}C:\users\marek\appdata\local\temp\rarsfx26\hlds.exe] => (Allow) C:\users\marek\appdata\local\temp\rarsfx26\hlds.exe No File
FirewallRules: [UDP Query User{CACDD5DD-5977-4210-A53F-D27EE1236418}C:\users\marek\appdata\local\temp\rarsfx25\hlds.exe] => (Block) C:\users\marek\appdata\local\temp\rarsfx25\hlds.exe No File
FirewallRules: [TCP Query User{2CF8C336-A7BD-4316-BFCE-732BEAB0B10E}C:\users\marek\appdata\local\temp\rarsfx25\hlds.exe] => (Block) C:\users\marek\appdata\local\temp\rarsfx25\hlds.exe No File
FirewallRules: [UDP Query User{A4474775-E46A-4F89-8899-385EF83DD25A}C:\users\marek\appdata\local\temp\rarsfx24\hlds.exe] => (Block) C:\users\marek\appdata\local\temp\rarsfx24\hlds.exe No File
FirewallRules: [TCP Query User{738772B8-37E8-4CB3-80F5-7AB013A9BADD}C:\users\marek\appdata\local\temp\rarsfx24\hlds.exe] => (Block) C:\users\marek\appdata\local\temp\rarsfx24\hlds.exe No File
FirewallRules: [UDP Query User{99C76DAF-5DF4-40D2-91C9-1A53D78EFEC7}C:\users\marek\appdata\local\temp\rarsfx23\hlds.exe] => (Allow) C:\users\marek\appdata\local\temp\rarsfx23\hlds.exe No File
FirewallRules: [TCP Query User{D63350D3-609C-49A7-B729-B49979322072}C:\users\marek\appdata\local\temp\rarsfx23\hlds.exe] => (Allow) C:\users\marek\appdata\local\temp\rarsfx23\hlds.exe No File
FirewallRules: [UDP Query User{4C58E901-8E77-4809-A4C1-DA506534D2D7}C:\users\marek\appdata\local\temp\rarsfx22\hlds.exe] => (Allow) C:\users\marek\appdata\local\temp\rarsfx22\hlds.exe No File
FirewallRules: [TCP Query User{7A0D0AE7-7E75-42FD-AD1B-18D0731E4DE5}C:\users\marek\appdata\local\temp\rarsfx22\hlds.exe] => (Allow) C:\users\marek\appdata\local\temp\rarsfx22\hlds.exe No File
FirewallRules: [UDP Query User{64ED0301-8888-4904-A786-760BEAE079B2}C:\users\marek\appdata\local\temp\rarsfx21\hlds.exe] => (Block) C:\users\marek\appdata\local\temp\rarsfx21\hlds.exe No File
FirewallRules: [TCP Query User{F6D1EB2D-967C-462A-9754-468DB858E84B}C:\users\marek\appdata\local\temp\rarsfx21\hlds.exe] => (Block) C:\users\marek\appdata\local\temp\rarsfx21\hlds.exe No File
FirewallRules: [UDP Query User{CFEE0E18-3FFF-42C0-B89C-88A62055AF76}C:\users\marek\appdata\local\temp\rarsfx20\hlds.exe] => (Allow) C:\users\marek\appdata\local\temp\rarsfx20\hlds.exe No File
FirewallRules: [TCP Query User{BFF3FC7A-3C9A-49C4-8C17-105A49AA1E38}C:\users\marek\appdata\local\temp\rarsfx20\hlds.exe] => (Allow) C:\users\marek\appdata\local\temp\rarsfx20\hlds.exe No File
FirewallRules: [UDP Query User{70656A2A-BE8A-4455-9528-A562B76227D7}C:\users\marek\appdata\local\temp\rarsfx19\hlds.exe] => (Block) C:\users\marek\appdata\local\temp\rarsfx19\hlds.exe No File
FirewallRules: [TCP Query User{3556D31A-7DF3-4E85-A145-9BF2839DC241}C:\users\marek\appdata\local\temp\rarsfx19\hlds.exe] => (Block) C:\users\marek\appdata\local\temp\rarsfx19\hlds.exe No File
FirewallRules: [UDP Query User{E47AA738-C496-4813-AE82-B5A87B3B5C8C}C:\users\marek\appdata\local\temp\rarsfx18\hlds.exe] => (Block) C:\users\marek\appdata\local\temp\rarsfx18\hlds.exe No File
FirewallRules: [TCP Query User{AE804D43-149E-4733-BF96-A5FB9218360E}C:\users\marek\appdata\local\temp\rarsfx18\hlds.exe] => (Block) C:\users\marek\appdata\local\temp\rarsfx18\hlds.exe No File
FirewallRules: [UDP Query User{B5A69B24-E56D-4A99-8EE9-CC4CB30A8878}C:\users\marek\appdata\local\temp\rarsfx17\hlds.exe] => (Block) C:\users\marek\appdata\local\temp\rarsfx17\hlds.exe No File
FirewallRules: [TCP Query User{E5895AEA-E53E-4F6C-964F-A736242C11CA}C:\users\marek\appdata\local\temp\rarsfx17\hlds.exe] => (Block) C:\users\marek\appdata\local\temp\rarsfx17\hlds.exe No File
FirewallRules: [UDP Query User{BB0B00E6-4150-4252-A130-580487E9BCC4}C:\users\marek\appdata\local\temp\rarsfx16\hlds.exe] => (Allow) C:\users\marek\appdata\local\temp\rarsfx16\hlds.exe No File
FirewallRules: [TCP Query User{A52256B5-26F7-4DC9-86B7-150F72A73EC2}C:\users\marek\appdata\local\temp\rarsfx16\hlds.exe] => (Allow) C:\users\marek\appdata\local\temp\rarsfx16\hlds.exe No File
FirewallRules: [UDP Query User{32B39514-2B9A-4740-9BE4-AD66C7A7E5E6}C:\users\marek\appdata\local\temp\rarsfx15\hlds.exe] => (Block) C:\users\marek\appdata\local\temp\rarsfx15\hlds.exe No File
FirewallRules: [TCP Query User{7B645C2F-6E8F-41AF-91F1-A5DCBEF17634}C:\users\marek\appdata\local\temp\rarsfx15\hlds.exe] => (Block) C:\users\marek\appdata\local\temp\rarsfx15\hlds.exe No File
FirewallRules: [UDP Query User{5C490052-E17B-496C-B286-F5CE11856341}C:\users\marek\appdata\local\temp\rarsfx14\hlds.exe] => (Block) C:\users\marek\appdata\local\temp\rarsfx14\hlds.exe No File
FirewallRules: [TCP Query User{B8E83E36-B263-4C41-AD4B-CE28158D52BD}C:\users\marek\appdata\local\temp\rarsfx14\hlds.exe] => (Block) C:\users\marek\appdata\local\temp\rarsfx14\hlds.exe No File
FirewallRules: [UDP Query User{6D4309B0-75EC-44CB-9CB7-1FD6222F6F65}C:\users\marek\appdata\local\temp\rarsfx13\hlds.exe] => (Block) C:\users\marek\appdata\local\temp\rarsfx13\hlds.exe No File
FirewallRules: [TCP Query User{ED8600FE-BB13-4BEA-B8C4-6D800B6E8264}C:\users\marek\appdata\local\temp\rarsfx13\hlds.exe] => (Block) C:\users\marek\appdata\local\temp\rarsfx13\hlds.exe No File
FirewallRules: [UDP Query User{77A56C5C-783B-426C-B6DE-15472DF20890}C:\users\marek\appdata\local\temp\rarsfx12\hlds.exe] => (Block) C:\users\marek\appdata\local\temp\rarsfx12\hlds.exe No File
FirewallRules: [TCP Query User{F7C5DB55-AF0F-4C03-9196-94833994AE3C}C:\users\marek\appdata\local\temp\rarsfx12\hlds.exe] => (Block) C:\users\marek\appdata\local\temp\rarsfx12\hlds.exe No File
FirewallRules: [UDP Query User{AA4B95A8-FC1B-46EB-B3B5-4A7090424838}C:\users\marek\appdata\local\temp\rarsfx11\hlds.exe] => (Block) C:\users\marek\appdata\local\temp\rarsfx11\hlds.exe No File
FirewallRules: [TCP Query User{78B758E0-F8A1-4A09-8FEC-B787D1CFC8B1}C:\users\marek\appdata\local\temp\rarsfx11\hlds.exe] => (Block) C:\users\marek\appdata\local\temp\rarsfx11\hlds.exe No File
FirewallRules: [UDP Query User{B046FCD4-2A13-4D5C-9460-9EDB79D11F63}C:\users\marek\appdata\local\temp\rarsfx9\hlds.exe] => (Allow) C:\users\marek\appdata\local\temp\rarsfx9\hlds.exe No File
FirewallRules: [TCP Query User{15F02975-AF2B-42E2-88CA-71A5276DB410}C:\users\marek\appdata\local\temp\rarsfx9\hlds.exe] => (Allow) C:\users\marek\appdata\local\temp\rarsfx9\hlds.exe No File
FirewallRules: [{0CAE86CA-D930-473B-8707-37E8AE4B0553}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sven Co-op\svends.exe (Sven Co-op Team) [File not signed]
FirewallRules: [{991F81C1-BF63-4F68-A2E0-7D70DC44EC8D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sven Co-op\svends.exe (Sven Co-op Team) [File not signed]
FirewallRules: [{A59CACB9-8EE5-4618-A20B-B68DEB44F2C0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sven Co-op\svencoop.exe (Sven Co-op Team) [File not signed]
FirewallRules: [{F871B5D4-FF16-4711-B421-92BD09FB6BBE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sven Co-op\svencoop.exe (Sven Co-op Team) [File not signed]
FirewallRules: [UDP Query User{DE0D7B31-CB49-4275-B27C-CD10EAD8F3A2}C:\users\marek\appdata\local\temp\rarsfx8\hlds.exe] => (Block) C:\users\marek\appdata\local\temp\rarsfx8\hlds.exe No File
FirewallRules: [TCP Query User{9279B07F-91B1-46F4-BDC4-F452BBD4D931}C:\users\marek\appdata\local\temp\rarsfx8\hlds.exe] => (Block) C:\users\marek\appdata\local\temp\rarsfx8\hlds.exe No File
FirewallRules: [UDP Query User{130ED9F4-C15A-48D4-801F-1BEACE8E5F29}C:\users\marek\appdata\local\temp\rarsfx7\hlds.exe] => (Block) C:\users\marek\appdata\local\temp\rarsfx7\hlds.exe No File
FirewallRules: [TCP Query User{1D2F8991-C8B1-4309-8FF4-CA1D3680F9EF}C:\users\marek\appdata\local\temp\rarsfx7\hlds.exe] => (Block) C:\users\marek\appdata\local\temp\rarsfx7\hlds.exe No File
FirewallRules: [UDP Query User{5B4243B2-89B3-4A9B-9DCB-D1427704EE13}C:\users\marek\appdata\local\temp\rarsfx6\hlds.exe] => (Block) C:\users\marek\appdata\local\temp\rarsfx6\hlds.exe No File
FirewallRules: [TCP Query User{0711905B-84EF-43F9-BCBD-0A76B773342A}C:\users\marek\appdata\local\temp\rarsfx6\hlds.exe] => (Block) C:\users\marek\appdata\local\temp\rarsfx6\hlds.exe No File
FirewallRules: [UDP Query User{092D5595-0461-49E8-8207-2C4DE585FBED}C:\users\marek\appdata\local\temp\rarsfx5\hlds.exe] => (Block) C:\users\marek\appdata\local\temp\rarsfx5\hlds.exe No File
FirewallRules: [TCP Query User{645130DB-7C40-4655-A557-866A1396BA5D}C:\users\marek\appdata\local\temp\rarsfx5\hlds.exe] => (Block) C:\users\marek\appdata\local\temp\rarsfx5\hlds.exe No File
FirewallRules: [{74F56A44-D552-4006-A911-7AF1DF29B8C6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Business Tour\BusinessTour.exe () [File not signed]
FirewallRules: [{90372AEB-9993-411F-882B-F96F11887378}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Business Tour\BusinessTour.exe () [File not signed]
FirewallRules: [UDP Query User{69B747E7-686A-4445-A197-779268F5A408}C:\users\marek\appdata\local\temp\rarsfx4\hlds.exe] => (Block) C:\users\marek\appdata\local\temp\rarsfx4\hlds.exe No File
FirewallRules: [TCP Query User{82A65F00-7D75-4975-B653-9FE0D63C419F}C:\users\marek\appdata\local\temp\rarsfx4\hlds.exe] => (Block) C:\users\marek\appdata\local\temp\rarsfx4\hlds.exe No File
FirewallRules: [UDP Query User{E81192E9-3DE7-4A02-985E-CFB60D046916}C:\users\marek\appdata\local\temp\rarsfx1\hlds.exe] => (Block) C:\users\marek\appdata\local\temp\rarsfx1\hlds.exe No File
FirewallRules: [TCP Query User{F1F3AB40-ACF9-4A2D-81E8-3053D419CAE2}C:\users\marek\appdata\local\temp\rarsfx1\hlds.exe] => (Block) C:\users\marek\appdata\local\temp\rarsfx1\hlds.exe No File
FirewallRules: [UDP Query User{F03B7A31-3465-4DD8-9EF7-29E4B0E55F97}C:\program files\java\jre1.8.0_161\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_161\bin\javaw.exe
FirewallRules: [TCP Query User{EB27F636-D5BD-4313-956B-C0FD006C0EE0}C:\program files\java\jre1.8.0_161\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_161\bin\javaw.exe
FirewallRules: [UDP Query User{B5A9E97A-E134-460E-AA8F-A8F2B7FA893F}C:\users\marek\appdata\local\temp\rarsfx3\hlds.exe] => (Block) C:\users\marek\appdata\local\temp\rarsfx3\hlds.exe No File
FirewallRules: [TCP Query User{8FE08C97-75CC-41CB-9A6D-FA76FF33E459}C:\users\marek\appdata\local\temp\rarsfx3\hlds.exe] => (Block) C:\users\marek\appdata\local\temp\rarsfx3\hlds.exe No File
FirewallRules: [UDP Query User{7EF0941E-87BD-4F9E-8153-FDDE9E3EA46D}C:\users\marek\appdata\local\temp\rarsfx2\hlds.exe] => (Block) C:\users\marek\appdata\local\temp\rarsfx2\hlds.exe No File
FirewallRules: [TCP Query User{9560ED34-75BB-45F3-87B2-E994FCFEFC6F}C:\users\marek\appdata\local\temp\rarsfx2\hlds.exe] => (Block) C:\users\marek\appdata\local\temp\rarsfx2\hlds.exe No File
FirewallRules: [UDP Query User{4F36256E-DF64-4C73-8486-BAC2A17DBA47}C:\users\marek\appdata\local\temp\rarsfx1\hlds.exe] => (Block) C:\users\marek\appdata\local\temp\rarsfx1\hlds.exe No File
FirewallRules: [TCP Query User{27787BD5-8B89-4F9D-8A47-24722714BE33}C:\users\marek\appdata\local\temp\rarsfx1\hlds.exe] => (Block) C:\users\marek\appdata\local\temp\rarsfx1\hlds.exe No File
FirewallRules: [UDP Query User{8404BE64-351E-4764-9E0B-7CE373B55B89}C:\users\marek\appdata\local\temp\rarsfx0\hlds.exe] => (Block) C:\users\marek\appdata\local\temp\rarsfx0\hlds.exe No File
FirewallRules: [TCP Query User{5810894A-0FA3-40DE-B6CF-281F4D3142F3}C:\users\marek\appdata\local\temp\rarsfx0\hlds.exe] => (Block) C:\users\marek\appdata\local\temp\rarsfx0\hlds.exe No File
FirewallRules: [{3BAA011F-0B02-49A9-9058-30F734E47A8D}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{ED5F0482-AFBA-4FE2-9FA5-EC05896CA48E}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{2EFDEACE-E90D-4B66-A58B-DC944682A705}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Movie\PowerDVD Cinema\PowerDVDCinema.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{D01CF10A-5925-4E97-BE61-480AF3EE9B18}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Movie\PowerDVDMovie.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{60D15E53-87D5-4DB4-AEB4-1F69235FB15C}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD14Agent.exe No File
FirewallRules: [{7AE4D236-ED80-410E-BE4F-D9E3F65B37BA}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Kernel\DMS\CLMSServerPDVD14.exe No File
FirewallRules: [{B2E23472-8566-44C4-BA32-B87A152900E2}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [TCP Query User{54EA58DE-DCEC-419D-B224-4F4538B77990}C:\counter-strike\hl.exe] => (Block) C:\counter-strike\hl.exe (Valve) [File not signed]
FirewallRules: [UDP Query User{779C749E-120D-4CF0-9D85-1F00E402681B}C:\counter-strike\hl.exe] => (Block) C:\counter-strike\hl.exe (Valve) [File not signed]
FirewallRules: [{F07118FF-61AB-49B4-874F-A2AFF8D1DA60}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{210CB720-564D-4497-86E8-4BA1E42B3EA1}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{5574BB8D-4A56-4F76-9247-93DB321C9807}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{7C5F1B66-9395-4EBC-BC9C-6E9C84653BCF}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{F692D39A-8A1D-4547-A494-121017064508}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{8D332C84-6221-4FD0-B05C-E4AB05A5C19D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [TCP Query User{F688BAC2-6F7A-4B57-BB1B-CFB5C2DEF430}C:\program files\java\jre1.8.0_161\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_161\bin\javaw.exe
FirewallRules: [UDP Query User{3B3FE74E-DA0B-436E-AB22-6E5D2036B5EA}C:\program files\java\jre1.8.0_161\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_161\bin\javaw.exe
FirewallRules: [{1E99847F-F2FE-47C6-A99E-BC186EEAC38C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{D9364379-23FC-4C81-81D2-8D66AC86C57A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{99176D3A-5594-4891-AE05-3DD19FA30249}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{32093719-D39E-48A6-AAE1-AC81ED6077ED}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{8AC971E1-2C5C-43DC-A270-B99F4A665DD0}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)

==================== Restore Points =========================

10-10-2019 16:52:06 Windows Update
19-10-2019 22:15:04 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices =============

Name: Zařízení Bluetooth HID
Description: Zařízení Bluetooth HID
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: Microsoft
Service: HidBth
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: LogMeIn Hamachi Virtual Ethernet Adapter
Description: LogMeIn Hamachi Virtual Ethernet Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: LogMeIn Inc.
Service: Hamachi
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (10/20/2019 02:15:36 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4496,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (10/20/2019 01:40:59 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (9680,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (10/20/2019 01:25:34 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (7076,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (10/20/2019 01:06:56 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (9364,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (10/20/2019 12:54:36 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4376,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (10/20/2019 12:33:27 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (9604,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (10/20/2019 12:26:26 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (2680,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (10/20/2019 07:26:14 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (1296,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).


System errors:
=============
Error: (10/20/2019 12:53:13 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba System Interface Foundation Service neuspěla při spuštění v důsledku následující chyby: 
Systém nemůže nalézt uvedený soubor.

Error: (10/20/2019 12:40:23 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba System Interface Foundation Service neuspěla při spuštění v důsledku následující chyby: 
Systém nemůže nalézt uvedený soubor.

Error: (10/20/2019 12:40:21 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba CCSDK neuspěla při spuštění v důsledku následující chyby: 
Systém nemůže nalézt uvedený soubor.

Error: (10/20/2019 12:39:13 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba System Interface Foundation Service neuspěla při spuštění v důsledku následující chyby: 
Systém nemůže nalézt uvedený soubor.

Error: (10/20/2019 12:38:21 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Dolby DAX2 API Service bylo dosaženo časového limitu (45000 ms).

Error: (10/20/2019 12:38:15 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba ImControllerService neuspěla při spuštění v důsledku následující chyby: 
Systém nemůže nalézt uvedený soubor.

Error: (10/20/2019 12:35:36 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba System Interface Foundation Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (10/20/2019 12:35:36 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Lokátor vzdáleného volání procedur (RPC) byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 120000 milisekund: Restartovat službu.


Windows Defender:
===================================
Date: 2019-10-20 12:44:02.615
Description: 
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:VBS/Mountsi.A!ml&threatid=2147726485&enterprise=0
Název: Trojan:VBS/Mountsi.A!ml
ID: 2147726485
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: amsi:_C:\Windows\System32\wscript.exe
Původ detekce: Neznámý
Typ detekce: FastPath
Zdroj detekce: AMSI
Uživatel: LAPTOP-BRV6UJ5V\Marek
Název procesu: C:\Windows\System32\wscript.exe
Verze bezpečnostních informací: AV: 1.305.158.0, AS: 1.305.158.0, NIS: 1.305.158.0
Verze modulu: AM: 1.1.16500.1, NIS: 1.1.16500.1

Date: 2019-10-20 07:14:10.250
Description: 
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:VBS/Mountsi.A!ml&threatid=2147726485&enterprise=0
Název: Trojan:VBS/Mountsi.A!ml
ID: 2147726485
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: amsi:_C:\Windows\System32\wscript.exe
Původ detekce: Neznámý
Typ detekce: FastPath
Zdroj detekce: AMSI
Uživatel: LAPTOP-BRV6UJ5V\Marek
Název procesu: C:\Windows\System32\wscript.exe
Verze bezpečnostních informací: AV: 1.305.158.0, AS: 1.305.158.0, NIS: 1.305.158.0
Verze modulu: AM: 1.1.16500.1, NIS: 1.1.16500.1

Date: 2019-10-12 17:43:54.507
Description: 
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {0BEA04E2-230D-4A49-B7C7-D63B0013B2D5}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-10-12 16:56:38.739
Description: 
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 
Předchozí verze bezpečnostních informací: 1.303.1350.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 
Předchozí verze modulu: 1.1.16400.2
Kód chyby: 0x80240016
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře. 

Date: 2019-09-28 23:05:28.232
Description: 
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 
Předchozí verze bezpečnostních informací: 1.301.1996.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 
Předchozí verze modulu: 1.1.16300.1
Kód chyby: 0x80240016
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře. 

==================== Memory info =========================== 

BIOS: LENOVO 5PCN17WW 07/13/2017
Motherboard: LENOVO LNVNB161216
Processor: AMD A4-9120 RADEON R3, 4 COMPUTE CORES 2C+2G 
Percentage of memory in use: 48%
Total physical RAM: 7567.98 MB
Available physical RAM: 3865.6 MB
Total Virtual: 8783.98 MB
Available Virtual: 4675.24 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:905.27 GB) (Free:610.05 GB) NTFS
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:23.72 GB) NTFS

\\?\Volume{8bd8c79a-9f7b-4645-83b4-b24c387a8417}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.51 GB) NTFS
\\?\Volume{4fea40cc-d795-4378-9992-8cc8b6f704d3}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 55FC8733)

Partition: GPT.

==================== End of Addition.txt ============================