Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-03-2020
Ran by kosacek (27-03-2020 08:59:11)
Running from C:\Users\kosacek\Desktop
Windows 10 Pro Version 1709 16299.1087 (X64) (2018-04-23 16:09:55)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

admin-kosacek (S-1-5-21-407287996-4117368936-2895187249-1004 - Administrator - Enabled) => C:\Users\admin
Administrator (S-1-5-21-407287996-4117368936-2895187249-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-407287996-4117368936-2895187249-503 - Limited - Disabled)
Guest (S-1-5-21-407287996-4117368936-2895187249-501 - Limited - Disabled)
kosacek (S-1-5-21-407287996-4117368936-2895187249-1003 - Limited - Enabled) => C:\Users\kosacek
q (S-1-5-21-407287996-4117368936-2895187249-1002 - Administrator - Enabled) => C:\Users\q
WDAGUtilityAccount (S-1-5-21-407287996-4117368936-2895187249-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Out of date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Security (Disabled - Out of date) {885D845F-AF19-0124-FECE-FFF49D00F440}
AS: ESET Security (Disabled - Out of date) {333C65BB-8923-0EAA-C47E-C486E687BEFD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Out of date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
FW: ESET Firewall (Enabled) {B066057A-E576-007C-D591-56C163D3B33B}
FW: avast! Antivirus (Enabled) {B693136B-F6EE-DD1C-A0EF-229B8B0B29C4}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

0- Metrans a.s. CA pack version 1.0.10 (HKLM-x32\...\0- Metrans a.s. CA pack_is1) (Version: 1.0.10 - )
0- Metrans a.s. FF Policy version 1.0.4 (HKLM-x32\...\0- Metrans a.s. FF Policy_is1) (Version: 1.0.4 - )
0- Metrans a.s. VPN IKEv2 version 1.0.9 (HKU\S-1-5-21-407287996-4117368936-2895187249-1003\...\0- Metrans a.s. VPN IKEv2_is1) (Version: 1.0.9 - )
64 Bit HP CIO Components Installer (HKLM\...\{F8F948EA-5AEA-4158-8821-A2F788ECE936}) (Version: 16.2.1 - Hewlett-Packard) Hidden
7-Zip 18.00 (x64 edition) (HKLM\...\{23170F69-40C1-2702-1800-000001000000}) (Version: 18.00.00.0 - Igor Pavlov)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 20.006.20042 - Adobe Systems Incorporated)
Android Studio (HKLM\...\Android Studio) (Version: 3.4 - Google LLC)
Aplikace Intel® PROSet/Wireless (HKLM-x32\...\{f8c930bd-0a68-425f-8c11-87723d1e2c97}) (Version: 20.90.0 - Intel Corporation)
avast! Endpoint Protection Plus (HKLM-x32\...\avast) (Version: 8.0.1609.0 - AVAST Software)
BattlEye Uninstall (HKLM-x32\...\BattlEye for A2) (Version:  - )
Blender (HKLM\...\{F343C69A-4ABA-434C-9C73-12A519D269CD}) (Version: 2.80.0 - Blender Foundation)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.1.15.23 - Canon Inc.)
Canon MX490 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX490_series) (Version: 1.02 - Canon Inc.)
Community Modpack for Mafia: The City of Lost Heaven (HKLM-x32\...\Community Modpack for Mafia: The City of Lost Heaven_is1) (Version:  - Rimsky)
Conexant ISST Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 9.0.232.1 - Conexant)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.12.0.1152 - Disc Soft Ltd)
DemoForge Mirage Driver for TightVNC 2.0 (HKLM\...\DemoForge Mirage Driver for TightVNC_is1) (Version: 2.0 - DemoForge LLC)
Energy Star (HKLM\...\{5CB22648-35F8-41BC-9C35-1E41FE6E12A5}) (Version: 1.1.1 - HP Inc.)
ESET Security (HKLM\...\{D8E84711-EDFC-4D4E-B579-95AEB40DAA4D}) (Version: 13.0.24.0 - ESET, spol. s r.o.)
GIMP 2.10.8 (HKLM\...\GIMP-2_is1) (Version: 2.10.8 - The GIMP Team)
Google Earth Pro (HKLM\...\{70A0F34E-564B-4F93-ADD6-3BAEC6E44075}) (Version: 7.3.2.5776 - Google)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 80.0.3987.149 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
GSmartControl (HKLM-x32\...\GSmartControl) (Version: 1.1.3 - Alexander Shaduri)
HP 3D DriveGuard (HKLM-x32\...\{1289A5C3-C900-45CB-877D-C3D87ADE018C}) (Version: 6.0.43.1 - HP)
HP Client Security Manager (HKLM\...\HPProtectTools) (Version: 9.3.5.2453 - HP Inc.)
HP Connection Optimizer (HKLM-x32\...\{6468C4A5-E47E-405F-B675-A70A70983EA6}) (Version: 2.0.8.0 - HP Inc.)
HP Device Access Manager (HKLM\...\{77ACDCD1-A6A9-49A2-9F73-76AAF425EA5C}) (Version: 8.4.9.0 - HP Inc.)
HP Documentation (HKLM\...\HP_Documentation) (Version: 1.0.0.1 - HP Inc.)
HP ePrint SW (HKLM-x32\...\{54da9769-2364-4bd3-8139-6400500778b3}) (Version: 5.3.22034 - HP Inc.)
HP ESU for Microsoft Windows 10 (HKLM-x32\...\{94D0EB60-8B2F-4A80-BA74-3D312434415F}) (Version: 11.3.1 - HP)
HP Hotkey Support (HKLM-x32\...\{963F09EA-0B0A-4CFC-B04F-AD9B6614794C}) (Version: 6.2.39.1 - HP)
HP SoftPaq Download Manager (HKLM-x32\...\{fc153673-e23b-4908-93b9-164cc056a3c4}) (Version: 4.3.19.0 - HP)
HP Software Setup (HKLM-x32\...\{C968E860-054F-490F-95C6-C9A29601459E}) (Version: 9.2.3 - HP)
HP Support Assistant (HKLM-x32\...\{05F81C27-62A5-4A0C-8519-60CB66CF87C6}) (Version: 8.4.14.41 - HP Inc.)
HP Support Solutions Framework (HKLM-x32\...\{04442D89-B941-4C8C-B20D-625233B78BB0}) (Version: 12.6.14.19 - HP Inc.)
HP System Default Settings (HKLM-x32\...\{A66E1AC5-F4A9-4DB0-ACB0-90419A8F98D5}) (Version: 1.2.11.2 - HP Inc.)
HP Wireless Button Driver (HKLM-x32\...\{F5852AA8-30EA-495B-84B4-C2403C935D6F}) (Version: 1.1.19.1 - HP)
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.3.10205.4743 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1035 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 26.20.100.7263 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.7.0.1014 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1724.2 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{520F0634-40C0-453F-8C84-4EFAE89989A8}) (Version: 19.60.0 - Intel Corporation)
Intel® Hardware Accelerated Execution Manager (HKLM\...\{7516A945-5FC4-4563-8F5E-EECDBF61E84F}) (Version: 7.5.1 - Intel Corporation)
Intel® Chipset Device Software (HKLM-x32\...\{17408817-d415-4768-a160-ae6d46d6bdb0}) (Version: 10.1.1.44 - Intel(R) Corporation) Hidden
Java 8 Update 181 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180181F0}) (Version: 8.0.1810.13 - Oracle Corporation)
Kerio Outlook Connector (Offline Edition) (HKLM-x32\...\{4A365C62-0B2C-4A5F-ACED-4F059BDDAC59}) (Version: 9.2.3336 - Kerio Technologies Inc.)
Kerio Updater Service (HKLM-x32\...\{c5ca4ec3-10b2-4447-b323-8448aae57a0b}) (Version: 2.0.176 - Kerio Technologies, Inc.) <==== ATTENTION
K-Lite Mega Codec Pack 13.7.5 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 13.7.5 - KLCP)
Microsoft .NET Compact Framework 3.5 (HKLM-x32\...\{291B3A3B-F808-45B8-8113-DF232FCB6C82}) (Version: 3.5.7283 - Microsoft Corporation)
Microsoft Office 2016 pre podnikateľov - sk-sk (HKLM\...\HomeBusinessRetail - sk-sk) (Version: 16.0.12527.20278 - Microsoft Corporation)
Microsoft Office 2016 pro podnikatele - cs-cz (HKLM\...\HomeBusinessRetail - cs-cz) (Version: 16.0.12527.20278 - Microsoft Corporation)
Microsoft Office Home and Business 2016 - en-us (HKLM\...\HomeBusinessRetail - en-us) (Version: 16.0.12527.20278 - Microsoft Corporation)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-407287996-4117368936-2895187249-1003\...\OneDriveSetup.exe) (Version: 19.232.1124.0010 - Microsoft Corporation)
Microsoft Report Viewer 2012 Runtime (HKLM-x32\...\{421B88F8-D7C9-44CB-8B73-166D65B18DCC}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (HKLM-x32\...\{E2082604-4BA5-44BB-BBFB-AF0F3CB8C6AB}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
MIT App Inventor Tools 2.3.0 (HKLM-x32\...\MIT App Inventor Tools) (Version: 2.3.0 - Massachusetts Institute of Technology)
Mozilla Firefox 59.0.2 (x64 cs) (HKLM\...\Mozilla Firefox 59.0.2 (x64 cs)) (Version: 59.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 59.0.2 - Mozilla)
Nox APP Player (HKLM-x32\...\Nox) (Version: 6.2.8.5 - Duodian Technology Co. Ltd.)
NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.12527.20278 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.12527.20278 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.12527.20278 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.12527.20278 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.12527.20278 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenVPN 2.4.4-I601  (HKLM\...\OpenVPN) (Version: 2.4.4-I601 - OpenVPN Technologies, Inc.)
osrss (HKLM-x32\...\{1BA1133B-1C7A-41A0-8CBF-9B993E63D296}) (Version: 1.0.0 - Microsoft Corporation) Hidden
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 3.2.0 - pdfforge GmbH)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.370.154 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.16.323.2017 - Realtek)
RW_Tools version 8.1.16 (HKLM-x32\...\{91668F27-E5CD-42F7-97DD-D7E38E6818AA}_is1) (Version: 8.1.16 - Mike Simpson)
Sailaway version 2.00 (HKLM-x32\...\{3C419200-462C-4BCE-B704-B79267CF08A0}_is1) (Version: 2.00 - Orbcreation BV)
Simt Simulator verze 1.4.90 (HKLM-x32\...\{2BFDE121-8E65-484E-8E5D-EAB57B62C801}_is1) (Version: 1.4.90 - Tomas Faina)
SketchUp 2017 (HKLM\...\{E59BD84C-169B-4F3F-AC5D-85127CF67051}) (Version: 17.2.2555 - Trimble, Inc.)
smartmontools for Windows version 6.5-1 (HKLM\...\{487E2D86-AB76-467B-8EC0-0AF89EC38F5C}_is1) (Version: 6.5-1 - Orsiris de Jong)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Sweet Home 3D version 6.2 (HKLM\...\Sweet Home 3D_is1) (Version: 6.2 - eTeks)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.4.3.23 - Synaptics Incorporated)
TAP-Windows 9.21.2 (HKLM\...\TAP-Windows) (Version: 9.21.2 - )
TightVNC (HKLM\...\{8B9896FC-B4F2-44CD-8B6E-78A0B1851B59}) (Version: 2.8.5.0 - GlavSoft LLC.)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{2E8B8BDD-03DF-4C1C-8C99-E6A4BCBF43CE}) (Version: 2.51.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{F339C545-24DC-4870-AA32-6EB6B0500B95}) (Version: 1.24.0.0 - Microsoft Corporation) Hidden
Vietcong (HKLM-x32\...\Vietcong) (Version:  - )
VLC media player (HKLM\...\VLC media player) (Version: 3.0.1 - VideoLAN)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version:  - )

Packages:
=========
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [0000-00-00] (Autodesk Inc.)
Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_6.5.9.0_x86__kgqvnymyfvs32 [0000-00-00] (king.com)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.164.200.0_x86__kgqvnymyfvs32 [0000-00-00] (king.com)
Disney Magic Kingdoms -> C:\Program Files\WindowsApps\A278AB0D.DisneyMagicKingdoms_4.9.0.6_x86__h6adky7gbf63m [0000-00-00] (Gameloft SE)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_2.4.2070.0_x64__rz1tebttyb220 [0000-00-00] (Dolby Laboratories)
Doplněk pro Fotky -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2017.39121.36610.0_x64__8wekyb3d8bbwe [0000-00-00] (Microsoft Corporation)
HP JumpStart -> C:\Program Files\WindowsApps\AD2F1837.HPJumpStart_1.3.407.0_x86__v10z8vjag6ke6 [0000-00-00] (HP Inc.)
March of Empires: War of Lords -> C:\Program Files\WindowsApps\A278AB0D.MarchofEmpires_4.6.1.1_x86__h6adky7gbf63m [0000-00-00] (Gameloft SE)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [0000-00-00] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [0000-00-00] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.6.1224.0_x64__8wekyb3d8bbwe [0000-00-00] (Microsoft Studios) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe [0000-00-00] (Microsoft Corporation) [MS Ad]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-407287996-4117368936-2895187249-1003_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-407287996-4117368936-2895187249-1003_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-407287996-4117368936-2895187249-1003_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-407287996-4117368936-2895187249-1003_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-407287996-4117368936-2895187249-1003_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-407287996-4117368936-2895187249-1003_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast Business\ashShA64.dll [2016-10-24] (AVAST Software s.r.o. -> Avast Software s.r.o.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-01-10] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast Business\ashShA64.dll [2016-10-24] (AVAST Software s.r.o. -> Avast Software s.r.o.)
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-11-29] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => C:\Program Files\PDFCreator\PDFCreatorShell.DLL [2017-10-19] (pdfforge GmbH -> pdfforge GmbH)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2020-03-03] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-11-29] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers3: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast Business\ashShA64.dll [2016-10-24] (AVAST Software s.r.o. -> Avast Software s.r.o.)
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2020-03-03] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-01-10] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_862bac15d0efb48d\igfxDTCM.dll [2019-10-17] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-01-10] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast Business\ashShA64.dll [2016-10-24] (AVAST Software s.r.o. -> Avast Software s.r.o.)
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-11-29] (ESET, spol. s r.o. -> ESET)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [VIDC.X264] => C:\WINDOWS\system32\x264vfw64.dll [3799552 2017-07-30] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.LAGS] => C:\WINDOWS\system32\lagarith.dll [148992 2011-12-07] ( ) [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\WINDOWS\system32\xvidvfw.dll [309248 2015-12-18] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\WINDOWS\system32\ac3acm.acm [180736 2012-07-21] (fccHandler) [File not signed]
HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\SysWOW64\x264vfw.dll [3850240 2017-07-30] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\SysWOW64\lagarith.dll [216064 2011-12-07] ( ) [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\SysWOW64\xvidvfw.dll [282112 2015-12-18] () [File not signed]
HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\SysWOW64\ff_vfw.dll [112128 2015-10-24] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\SysWOW64\ac3acm.acm [122880 2012-07-21] (fccHandler) [File not signed]

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\kosacek\Desktop\StellwerkSim.lnk -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\javaws.exe (Oracle Corporation) -> -localfile -J-Djnlp.application.href=hxxp://www.stellwerksim.de/download-jnlp.php?token=005b509b5b7264 "C:\Users\kosacek\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\12\32815e4c-5256dd4a"
ShortcutWithArgument: C:\Users\kosacek\Desktop\kosacek\Desktop\StellwerkSim.lnk -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\javaws.exe (Oracle Corporation) -> -localfile -J-Djnlp.application.href=hxxp://www.stellwerksim.de/download-jnlp.php?token=005b509b5b7264 "C:\Users\kosacek\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\12\32815e4c-5256dd4a"
ShortcutWithArgument: C:\Users\kosacek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StellwerkSim.de\StellwerkSim.lnk -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\javaws.exe (Oracle Corporation) -> -localfile -J-Djnlp.application.href=hxxp://www.stellwerksim.de/download-jnlp.php?token=005b509b5b7264 "C:\Users\kosacek\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\12\32815e4c-5256dd4a"

==================== Loaded Modules (Whitelisted) =============

2019-05-06 20:23 - 2018-12-12 10:54 - 001367040 _____ (Conexant Systems, Inc.) [File not signed] C:\Program Files\Conexant\SA3\HP-NB-AIO\CxHDAudioAPI.dll
2017-06-20 12:56 - 2017-06-20 12:56 - 000284696 _____ (DigitalPersona, Inc. -> Crossmatch, Inc.) [File not signed] C:\WINDOWS\system32\DPFPApiUI.dll
2018-04-24 06:16 - 2012-07-21 12:55 - 000180736 _____ (fccHandler) [File not signed] C:\WINDOWS\SYSTEM32\ac3acm.acm
2018-01-10 17:33 - 2018-01-10 17:33 - 000075776 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2017-04-01 04:07 - 2017-04-01 04:07 - 000000000 ____L (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\AppVIsvSubsystems32.dll
2017-04-01 04:07 - 2017-04-01 04:07 - 000000000 ____L (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\c2r32.dll
2019-05-06 20:23 - 2017-09-06 10:30 - 001431552 _____ (Robert Simpson, et al.) [File not signed] C:\Program Files\CONEXANT\Flow\x64\SQLite.Interop.dll
2018-04-24 06:20 - 2016-10-11 16:14 - 001181696 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\AVAST Software\Avast Business\LIBEAY32.dll
2018-04-24 06:20 - 2016-10-11 16:14 - 000276992 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\AVAST Software\Avast Business\SSLEAY32.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\kosacek:Heroes & Generals [38]
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`28hfm [0]

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2017-03-18 22:03 - 2017-03-18 22:01 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files (x86)\Kerio\Outlook Connector (Offline Edition)\;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\
HKU\S-1-5-21-407287996-4117368936-2895187249-1003\Control Panel\Desktop\\Wallpaper -> 
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

Network Binding:
=============
Ethernet 2: Avast! Firewall Driver -> aswNdisFlt (enabled) 
Wi-Fi: Avast! Firewall Driver -> aswNdisFlt (enabled) 
Ethernet: Avast! Firewall Driver -> aswNdisFlt (enabled) 

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{ADF9BEB4-9674-44D6-B111-0BF9290AD711}] => (Allow) C:\Program Files\TightVNC\tvnserver.exe (GlavSoft LLC -> GlavSoft LLC.)
FirewallRules: [{4BD7E3E4-D68D-4564-8AFF-F0F2246F7F4B}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe No File
FirewallRules: [{F5AA026F-670A-412C-8394-64E2B3D30A9F}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe No File
FirewallRules: [{6F318F58-078D-4E37-A028-BF56ADA46A9A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe No File
FirewallRules: [{5523AF1B-0B43-4D81-B4B7-64CE2585D576}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe No File
FirewallRules: [{1F8CDF8B-8D74-4AD6-AE05-E667EEB94F8C}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{54F3E74C-D259-443D-B115-1534CFAB5D5A}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{6D096D1B-D321-4987-BDA7-BE8BCC4EDE01}] => (Allow) LPort=25322
FirewallRules: [{290CF790-15F9-480A-B6BD-20BDB791F0FF}] => (Allow) LPort=25322
FirewallRules: [{CE7D33DC-397B-480B-B5D2-A7857526DDF5}] => (Allow) LPort=5900
FirewallRules: [{BAA020A6-02AB-4FCD-B466-8CAFD1BC0C9E}] => (Allow) LPort=11000
FirewallRules: [{A0D9CFBA-99DA-4755-A015-AD3C1F6866CB}] => (Allow) LPort=138
FirewallRules: [{2FFDA00B-AC01-42E0-A138-4A7BF27D6889}] => (Allow) LPort=445
FirewallRules: [{BEB97BF8-1858-4501-8456-F387B452B94A}] => (Allow) E:\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{B767F29F-186B-411E-BA5A-B7DE7A1662B5}] => (Allow) E:\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{05F53780-1D30-4EA0-8AB9-DB1ADC6F939C}] => (Allow) E:\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{A199474A-1620-48B3-9A82-93C97444575B}] => (Allow) E:\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{11BC579C-2E97-4EA1-AC0D-6ED0998C7802}] => (Allow) E:\Steam\steamapps\common\OMSI 2\Omsi.exe (MR-Software) [File not signed]
FirewallRules: [{32E81C59-9F62-4B3D-972F-B5095C649306}] => (Allow) E:\Steam\steamapps\common\OMSI 2\Omsi.exe (MR-Software) [File not signed]
FirewallRules: [{23427FB4-A13C-4E68-BE5B-086722280C7B}] => (Allow) E:\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe No File
FirewallRules: [{04CE970D-9511-470F-B721-51F302772458}] => (Allow) E:\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe No File
FirewallRules: [{01C5311B-59C3-447E-9EC9-CC654FD6CE40}] => (Allow) E:\Steam\steamapps\common\Farming Simulator 17\x64\FarmingSimulator2017Game.exe (GIANTS Software GmbH -> GIANTS Software GmbH)
FirewallRules: [{A55D85AA-E187-456F-8A8E-44946DF45483}] => (Allow) E:\Steam\steamapps\common\Farming Simulator 17\x64\FarmingSimulator2017Game.exe (GIANTS Software GmbH -> GIANTS Software GmbH)
FirewallRules: [{BACF44A7-1572-4E7B-ADC0-CD1FD1BF8969}] => (Allow) E:\Steam\steamapps\common\Farming Simulator 17\x86\FarmingSimulator2017Game.exe (GIANTS Software GmbH -> GIANTS Software GmbH)
FirewallRules: [{56BDCC92-4438-4943-9218-2A68759CD4A0}] => (Allow) E:\Steam\steamapps\common\Farming Simulator 17\x86\FarmingSimulator2017Game.exe (GIANTS Software GmbH -> GIANTS Software GmbH)
FirewallRules: [{51E09A4E-142C-488E-8C55-B891753716E2}] => (Allow) E:\Steam\steamapps\common\Stronghold 2\FFLauncher.exe () [File not signed]
FirewallRules: [{688F78A2-C93E-4BD3-AB25-5181C0256136}] => (Allow) E:\Steam\steamapps\common\Stronghold 2\FFLauncher.exe () [File not signed]
FirewallRules: [{259CFBB7-7C26-4AED-8B9B-D41BCF97619F}] => (Allow) E:\Steam\steamapps\common\Stronghold Legends\FFLauncher.exe () [File not signed]
FirewallRules: [{D836884E-3C00-4E12-8AB9-B88DFC1B0A08}] => (Allow) E:\Steam\steamapps\common\Stronghold Legends\FFLauncher.exe () [File not signed]
FirewallRules: [{A29FBF80-D5F0-4AD3-8AC8-F945A99DB7DB}] => (Allow) E:\Steam\steamapps\common\Stronghold\Stronghold.exe () [File not signed]
FirewallRules: [{8ED93765-3533-44E8-A8B4-3C4FFA635935}] => (Allow) E:\Steam\steamapps\common\Stronghold\Stronghold.exe () [File not signed]
FirewallRules: [{FB6E079B-AC0A-43AD-97CC-114A41AFF927}] => (Allow) E:\Steam\steamapps\common\Stronghold Crusader Extreme\Stronghold Crusader.exe ( ) [File not signed]
FirewallRules: [{AE98FC36-963E-4389-95F7-2C8F34E7790C}] => (Allow) E:\Steam\steamapps\common\Stronghold Crusader Extreme\Stronghold Crusader.exe ( ) [File not signed]
FirewallRules: [{485CB11E-14A6-4D2F-BCAF-6F6FAF023F0F}] => (Allow) E:\Steam\steamapps\common\Stronghold Crusader Extreme\Stronghold_Crusader_Extreme.exe ( ) [File not signed]
FirewallRules: [{755967B9-6F44-4FC0-A27E-988E3554E8FF}] => (Allow) E:\Steam\steamapps\common\Stronghold Crusader Extreme\Stronghold_Crusader_Extreme.exe ( ) [File not signed]
FirewallRules: [{A4D885C3-3280-44A2-9558-87BE30012B9D}] => (Allow) E:\Steam\steamapps\common\Stronghold 2\Stronghold2.exe (Firefly Studios) [File not signed]
FirewallRules: [{973C70DE-03AE-4E77-AA2E-A4AB62A29F10}] => (Allow) E:\Steam\steamapps\common\Stronghold 2\Stronghold2.exe (Firefly Studios) [File not signed]
FirewallRules: [TCP Query User{BA569B91-CA42-4667-A601-3457608D932F}E:\steam\steamapps\common\war thunder\win64\aces.exe] => (Allow) E:\steam\steamapps\common\war thunder\win64\aces.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [UDP Query User{F08B40FE-E6D2-4C4F-A005-F977AE9704E2}E:\steam\steamapps\common\war thunder\win64\aces.exe] => (Allow) E:\steam\steamapps\common\war thunder\win64\aces.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [TCP Query User{948485DE-8E4B-4543-BDFA-AFBEC9D09E0A}C:\program files (x86)\java\jre1.8.0_181\bin\jp2launcher.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_181\bin\jp2launcher.exe (Oracle America, Inc. -> Oracle Corporation)
FirewallRules: [UDP Query User{DAAE2F15-BEA5-4DD8-B250-504A1E8A0929}C:\program files (x86)\java\jre1.8.0_181\bin\jp2launcher.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_181\bin\jp2launcher.exe (Oracle America, Inc. -> Oracle Corporation)
FirewallRules: [{9F8E1E7A-92F1-4531-B543-2330D20D6A2C}] => (Allow) C:\Program Files\AVAST Software\Avast Business\AvastEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{59F3547C-5982-40E1-93C6-F80403A5B6E4}] => (Allow) C:\Program Files\AVAST Software\Avast Business\AvastEmUpdate.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{E81B33B0-F1FA-460B-9F22-30F61B91D735}] => (Allow) E:\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{9FA51EAF-5837-498E-8D23-1A9469CB0D04}] => (Allow) E:\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{D6D5B378-AE03-4F8D-BE54-9AC8A6C2B756}] => (Allow) E:\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{C6924979-6AFA-4DE9-B81C-9E3F02F276E9}] => (Allow) E:\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{0D3B956F-2ED8-48A3-A1DF-69221BE57BD9}] => (Allow) E:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{6BDA48EB-31D3-4AB9-A54A-623D5B1E93EC}] => (Allow) E:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{3B96A5BE-D293-4AA5-80EC-F3D0922D7B3E}] => (Allow) E:\Steam\steamapps\common\RailWorks\RailWorks.exe () [File not signed]
FirewallRules: [{3B741040-97BB-43B5-85EE-015743780233}] => (Allow) E:\Steam\steamapps\common\RailWorks\RailWorks.exe () [File not signed]
FirewallRules: [{9C1AB37A-EB2E-424F-9FE8-281579F9A510}] => (Allow) E:\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{B9C70FDD-48AA-417F-AF21-F9C47B005C88}] => (Allow) E:\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{457F1797-F431-42AE-A760-0399D0713928}] => (Allow) E:\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{5829BB4E-F99B-4507-858F-9E0AFEEAA8D9}] => (Allow) E:\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{0B386CCF-04DE-41B2-A66D-6512627E38B3}] => (Allow) E:\Steam\steamapps\common\American Truck Simulator\bin\win_x64\amtrucks.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{8687297C-5DF9-4171-8AFB-EB08304E6538}] => (Allow) E:\Steam\steamapps\common\American Truck Simulator\bin\win_x64\amtrucks.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{5FDA68FB-BE7F-4F01-98D7-D7FC8EE8E302}] => (Allow) E:\Steam\steamapps\common\Path of Exile\PathOfExileSteam.exe (Grinding Gear Games Limited -> )
FirewallRules: [{8052EEFE-8D6D-4BFF-827A-925579233004}] => (Allow) E:\Steam\steamapps\common\Path of Exile\PathOfExileSteam.exe (Grinding Gear Games Limited -> )
FirewallRules: [{E4BF8FA7-55AC-4780-BC52-07637DAD2B5D}] => (Allow) E:\Steam\steamapps\common\Mafia II\pc\mafia2.exe (Valve Corp. -> 2K Czech) [File not signed]
FirewallRules: [{D339D065-1F06-4E37-A6BC-5916C3EFE344}] => (Allow) E:\Steam\steamapps\common\Mafia II\pc\mafia2.exe (Valve Corp. -> 2K Czech) [File not signed]
FirewallRules: [{BA2BDECD-455F-4BA8-BDEA-43797FFC7582}] => (Allow) E:\Steam\steamapps\common\RailWorks\RailWorks64.exe () [File not signed]
FirewallRules: [{D031B542-0C91-4EC8-BB09-2F63C1510F28}] => (Allow) E:\Steam\steamapps\common\RailWorks\RailWorks64.exe () [File not signed]
FirewallRules: [{D9D6F87F-3C92-421F-9221-4E1FD5D4A017}] => (Allow) E:\Steam\steamapps\common\Arma 2\arma2.exe (Bohemia Interactive a.s. -> Bohemia Interactive) [File not signed]
FirewallRules: [{F520742E-79B7-461E-ADA4-5807C311844B}] => (Allow) E:\Steam\steamapps\common\Arma 2\arma2.exe (Bohemia Interactive a.s. -> Bohemia Interactive) [File not signed]
FirewallRules: [{94301218-2378-4BD5-83C8-EB58861DE09B}] => (Allow) E:\Steam\steamapps\common\Call of Duty 4\iw3sp.exe () [File not signed]
FirewallRules: [{6E2BF361-020B-4C60-8D13-A61BD3844603}] => (Allow) E:\Steam\steamapps\common\Call of Duty 4\iw3sp.exe () [File not signed]
FirewallRules: [{2965C808-1645-4456-B1F7-4BC3BA030631}] => (Allow) E:\Steam\steamapps\common\Call of Duty 4\iw3mp.exe () [File not signed]
FirewallRules: [{B8A79267-437A-4A11-AEFE-DE51F5C9CB47}] => (Allow) E:\Steam\steamapps\common\Call of Duty 4\iw3mp.exe () [File not signed]
FirewallRules: [{C559C815-B8FB-4A79-AEA1-C9BCE153F625}] => (Allow) E:\Steam\steamapps\common\Call of Duty Modern Warfare 2\iw4sp.exe (Valve Corp. -> ) [File not signed]
FirewallRules: [{DA982F83-BF97-4147-BE7B-DFDDEEDA727B}] => (Allow) E:\Steam\steamapps\common\Call of Duty Modern Warfare 2\iw4sp.exe (Valve Corp. -> ) [File not signed]
FirewallRules: [TCP Query User{DFA62699-DFF6-4E76-A740-56ED74F40A04}E:\steam\steamapps\common\war thunder\launcher.exe] => (Block) E:\steam\steamapps\common\war thunder\launcher.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [UDP Query User{3376307C-B249-4B60-A524-7A3F58F34E61}E:\steam\steamapps\common\war thunder\launcher.exe] => (Block) E:\steam\steamapps\common\war thunder\launcher.exe (Gaijin Network LTD -> Gaijin Entertainment)
FirewallRules: [{F72CA205-6340-4A09-A1E8-27575D31D375}] => (Allow) E:\Steam\steamapps\common\World Ship Simulator\WSS.exe () [File not signed]
FirewallRules: [{E88A9979-2A37-46E2-99B3-6BE81A83921D}] => (Allow) E:\Steam\steamapps\common\World Ship Simulator\WSS.exe () [File not signed]
FirewallRules: [{0BA74FB7-EBAD-41EA-8C0F-D8ACF0952732}] => (Allow) E:\Steam\steamapps\common\Mafia\Mafia\Game.exe (Illusion Softworks) [File not signed]
FirewallRules: [{52422563-98F0-40D1-9ED8-8FB0597ADE94}] => (Allow) E:\Steam\steamapps\common\Mafia\Mafia\Game.exe (Illusion Softworks) [File not signed]
FirewallRules: [{F30C27DA-66E7-4F23-965B-D3AC59FA4A6B}] => (Allow) E:\Steam\steamapps\common\Mafia\Mafia\Setup.exe () [File not signed]
FirewallRules: [{88CD8532-507D-427E-A663-07FA2F4434E7}] => (Allow) E:\Steam\steamapps\common\Mafia\Mafia\Setup.exe () [File not signed]
FirewallRules: [{9D390EAC-4D40-4905-AA11-B558A33B247E}] => (Allow) E:\Steam\steamapps\common\European Ship Simulator\ess.exe () [File not signed]
FirewallRules: [{247D2C76-08B8-4431-9FEF-54FDD89B1485}] => (Allow) E:\Steam\steamapps\common\European Ship Simulator\ess.exe () [File not signed]
FirewallRules: [{3D46B6A1-689F-4A60-A66D-41EFF2548FE2}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation -> )
FirewallRules: [TCP Query User{B083751C-E598-4E85-816B-177D55849487}C:\program files\android\android studio\jre\bin\java.exe] => (Allow) C:\program files\android\android studio\jre\bin\java.exe
FirewallRules: [UDP Query User{CD2C2A6E-9DC8-4653-B6FC-17115F5A4C56}C:\program files\android\android studio\jre\bin\java.exe] => (Allow) C:\program files\android\android studio\jre\bin\java.exe
FirewallRules: [{B70551E1-D344-4C58-93CB-AC2412AA0F1D}] => (Allow) D:\Program Files\Nox\bin\Nox.exe (Nox Limited -> Duodian Technology Co. Ltd.)
FirewallRules: [{37C3DA11-8B4E-45DD-BC60-A26A869834B6}] => (Allow) C:\Program Files (x86)\\Bignox\\BigNoxVM\\RT\NoxVMHandle.exe (Nox Limited -> BigNox Corporation)
FirewallRules: [{72415E61-2719-4B7F-B3C7-936CA2252542}] => (Allow) E:\Steam\steamapps\common\Stronghold Legends\StrongholdLegends.exe (Firefly Studios) [File not signed]
FirewallRules: [{7A0DE795-FEC0-454C-BF85-38B8B36DD56B}] => (Allow) E:\Steam\steamapps\common\Stronghold Legends\StrongholdLegends.exe (Firefly Studios) [File not signed]
FirewallRules: [{E584153D-9EAC-4514-8FB9-EAA2AF375252}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{DBFE85FF-67DB-44A8-8E3D-8F59AB61FB9A}] => (Allow) E:\Steam\steamapps\common\World of Subways 2 – Berlin Line 7\WoS.exe (TML-Edition) [File not signed]
FirewallRules: [{ADF9C780-8E05-434D-8399-E436FC5D6548}] => (Allow) E:\Steam\steamapps\common\World of Subways 2 – Berlin Line 7\WoS.exe (TML-Edition) [File not signed]
FirewallRules: [{017922F2-974E-4AB2-BF84-7AF71DF34C3A}] => (Allow) E:\Steam\steamapps\common\eSail\eSail.exe () [File not signed]
FirewallRules: [{DC3FF4C0-CE0E-4FD0-BD37-020FCF747D89}] => (Allow) E:\Steam\steamapps\common\eSail\eSail.exe () [File not signed]
FirewallRules: [{8E90429E-F518-4728-BB0B-00727D1ACFD3}] => (Allow) E:\Steam\steamapps\common\The Pirate Caribbean Hunt\ThePirate.exe () [File not signed]
FirewallRules: [{35244DA5-8920-4892-B1B9-352D0B64F18B}] => (Allow) E:\Steam\steamapps\common\The Pirate Caribbean Hunt\ThePirate.exe () [File not signed]
FirewallRules: [{B44C2CCB-6BAA-4F3A-ABD6-088F51951877}] => (Allow) E:\Steam\steamapps\common\The Pirate Plague of the Dead\ThePirate2.exe () [File not signed]
FirewallRules: [{13ED073A-79A2-465B-8330-2AD54C26398C}] => (Allow) E:\Steam\steamapps\common\The Pirate Plague of the Dead\ThePirate2.exe () [File not signed]
FirewallRules: [{38B3D1DA-072A-4BD8-8B04-30949E731EFD}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{40273F28-64C6-455E-BF16-B10944CF022B}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{4915335C-EC3F-412D-98BE-3D4F2BBF7FAD}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

ATTENTION: System Restore is disabled (Total:217.55 GB) (Free:24.3 GB) (11%)
Check "VSS" service


==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (03/26/2020 09:41:43 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: Procedura Open pro službu BITS v knihovně DLL C:\Windows\System32\bitsperf.dll se nezdařila. Výkonnostní data pro tuto službu nebudou k dispozici. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.

Error: (03/26/2020 09:39:42 AM) (Source: RasClient) (EventID: 20227) (User: )
Description: CoId={2181D95B-7E15-4698-8A85-D1354DFCB70C}: The user MTR-N1049\kosacek dialed a connection named Metrans VPN which has failed. The error code returned on failure is 868.

Error: (03/26/2020 09:39:29 AM) (Source: RasClient) (EventID: 20227) (User: )
Description: CoId={32D308BB-AAA7-48C0-8891-9A791F4AFDB0}: The user MTR-N1049\kosacek dialed a connection named Metrans VPN which has failed. The error code returned on failure is 868.

Error: (03/26/2020 09:38:48 AM) (Source: HP Comm Recovery) (EventID: 0) (User: )
Description: Zpracování události PowerEvent se nezdařilo. Chyba, ke které došlo: System.IO.IOException: Proces nemůže přistupovat k souboru C:\Windows\Temp\signtool.exe, protože soubor je využíván jiným procesem.
   v System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath)
   v System.IO.FileStream.Init(String path, FileMode mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy, Boolean useLongPath, Boolean checkHost)
   v System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options, String msgPath, Boolean bFromProxy)
   v System.IO.FileStream..ctor(String path, FileMode mode)
   v _HPCommRecovery.Tools.Signtool.ExtractSignTool()
   v _HPCommRecovery.Tools.Signtool.Verify(String arg)
   v _HPCommRecovery.HPAHAgent.CallAgent()
   v _HPCommRecovery.AppSession..ctor(DateTime Current, String LogPath)
   v _HPCommRecovery.HPAHLogger.NewSession()
   v _HPCommRecovery.HPCommRecove....

Error: (03/26/2020 09:38:43 AM) (Source: HP Comm Recovery) (EventID: 0) (User: )
Description: Zpracování události PowerEvent se nezdařilo. Chyba, ke které došlo: System.Exception: StartProcessAsCurrentUser: GetSessionUserToken failed.
   v _HPCommRecovery.ProcessExtensions.StartProcessAsCurrentUser(String appPath, String cmdLine, String workDir, Boolean visible)
   v _HPCommRecovery.HPAHAgent.CallAgent()
   v _HPCommRecovery.AppSession..ctor(DateTime Current, String LogPath)
   v _HPCommRecovery.HPAHLogger.NewSession()
   v _HPCommRecovery.HPCommRecovery.OnPowerEvent(PowerBroadcastStatus powerStatus)
   v System.ServiceProcess.ServiceBase.DeferredPowerEvent(Int32 eventType, IntPtr eventData).

Error: (03/25/2020 10:46:44 PM) (Source: HP Comm Recovery) (EventID: 0) (User: )
Description: Zpracování události PowerEvent se nezdařilo. Chyba, ke které došlo: System.IO.IOException: Proces nemůže přistupovat k souboru C:\Windows\Temp\signtool.exe, protože soubor je využíván jiným procesem.
   v System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath)
   v System.IO.File.InternalDelete(String path, Boolean checkHost)
   v _HPCommRecovery.Tools.Signtool.Verify(String arg)
   v _HPCommRecovery.HPAHAgent.CallAgent()
   v _HPCommRecovery.AppSession..ctor(DateTime Current, String LogPath)
   v _HPCommRecovery.HPAHLogger.NewSession()
   v _HPCommRecovery.HPCommRecovery.OnPowerEvent(PowerBroadcastStatus powerStatus)
   v System.ServiceProcess.ServiceBase.DeferredPowerEvent(Int32 eventType, IntPtr eventData).

Error: (03/25/2020 10:46:43 PM) (Source: HP Comm Recovery) (EventID: 0) (User: )
Description: Zpracování události PowerEvent se nezdařilo. Chyba, ke které došlo: System.IO.IOException: Proces nemůže přistupovat k souboru C:\Windows\Temp\signtool.exe, protože soubor je využíván jiným procesem.
   v System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath)
   v System.IO.FileStream.Init(String path, FileMode mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy, Boolean useLongPath, Boolean checkHost)
   v System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options, String msgPath, Boolean bFromProxy)
   v System.IO.FileStream..ctor(String path, FileMode mode)
   v _HPCommRecovery.Tools.Signtool.ExtractSignTool()
   v _HPCommRecovery.Tools.Signtool.Verify(String arg)
   v _HPCommRecovery.HPAHAgent.CallAgent()
   v _HPCommRecovery.AppSession..ctor(DateTime Current, String LogPath)
   v _HPCommRecovery.HPAHLogger.NewSession()
   v _HPCommRecovery.HPCommRecove....

Error: (03/23/2020 08:24:17 AM) (Source: HP Comm Recovery) (EventID: 0) (User: )
Description: Zpracování události PowerEvent se nezdařilo. Chyba, ke které došlo: System.IO.IOException: Proces nemůže přistupovat k souboru C:\Windows\Temp\signtool.exe, protože soubor je využíván jiným procesem.
   v System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath)
   v System.IO.FileStream.Init(String path, FileMode mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy, Boolean useLongPath, Boolean checkHost)
   v System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions options, String msgPath, Boolean bFromProxy)
   v System.IO.FileStream..ctor(String path, FileMode mode)
   v _HPCommRecovery.Tools.Signtool.ExtractSignTool()
   v _HPCommRecovery.Tools.Signtool.Verify(String arg)
   v _HPCommRecovery.HPAHAgent.CallAgent()
   v _HPCommRecovery.AppSession..ctor(DateTime Current, String LogPath)
   v _HPCommRecovery.HPAHLogger.NewSession()
   v _HPCommRecovery.HPCommRecove....


System errors:
=============
Error: (03/27/2020 08:58:14 AM) (Source: DCOM) (EventID: 10016) (User: MTR-N1049)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{E579AB5F-1CC4-44B4-BED9-DE0991FF0623}
 a APPID 
{56BE716B-2F76-4DFA-8702-67AE10044F0B}
 uživateli MTR-N1049\kosacek (SID: S-1-5-21-407287996-4117368936-2895187249-1003) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/27/2020 08:58:14 AM) (Source: DCOM) (EventID: 10016) (User: MTR-N1049)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{E579AB5F-1CC4-44B4-BED9-DE0991FF0623}
 a APPID 
{56BE716B-2F76-4DFA-8702-67AE10044F0B}
 uživateli MTR-N1049\kosacek (SID: S-1-5-21-407287996-4117368936-2895187249-1003) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/27/2020 08:58:14 AM) (Source: DCOM) (EventID: 10016) (User: MTR-N1049)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{E579AB5F-1CC4-44B4-BED9-DE0991FF0623}
 a APPID 
{56BE716B-2F76-4DFA-8702-67AE10044F0B}
 uživateli MTR-N1049\kosacek (SID: S-1-5-21-407287996-4117368936-2895187249-1003) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/27/2020 08:54:12 AM) (Source: DCOM) (EventID: 10016) (User: MTR-N1049)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{E579AB5F-1CC4-44B4-BED9-DE0991FF0623}
 a APPID 
{56BE716B-2F76-4DFA-8702-67AE10044F0B}
 uživateli MTR-N1049\kosacek (SID: S-1-5-21-407287996-4117368936-2895187249-1003) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/27/2020 08:54:12 AM) (Source: DCOM) (EventID: 10016) (User: MTR-N1049)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{E579AB5F-1CC4-44B4-BED9-DE0991FF0623}
 a APPID 
{56BE716B-2F76-4DFA-8702-67AE10044F0B}
 uživateli MTR-N1049\kosacek (SID: S-1-5-21-407287996-4117368936-2895187249-1003) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/27/2020 08:54:12 AM) (Source: DCOM) (EventID: 10016) (User: MTR-N1049)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{E579AB5F-1CC4-44B4-BED9-DE0991FF0623}
 a APPID 
{56BE716B-2F76-4DFA-8702-67AE10044F0B}
 uživateli MTR-N1049\kosacek (SID: S-1-5-21-407287996-4117368936-2895187249-1003) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/27/2020 08:53:37 AM) (Source: DCOM) (EventID: 10016) (User: MTR-N1049)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{E579AB5F-1CC4-44B4-BED9-DE0991FF0623}
 a APPID 
{56BE716B-2F76-4DFA-8702-67AE10044F0B}
 uživateli MTR-N1049\kosacek (SID: S-1-5-21-407287996-4117368936-2895187249-1003) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/27/2020 08:53:37 AM) (Source: DCOM) (EventID: 10016) (User: MTR-N1049)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID 
{E579AB5F-1CC4-44B4-BED9-DE0991FF0623}
 a APPID 
{56BE716B-2F76-4DFA-8702-67AE10044F0B}
 uživateli MTR-N1049\kosacek (SID: S-1-5-21-407287996-4117368936-2895187249-1003) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.


Windows Defender:
===================================
Date: 2020-03-17 08:39:10.648
Description: 
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {6E73ECBF-FB28-49C4-8914-39F13549891D}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2020-03-17 08:33:34.522
Description: 
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {986DCB72-CAD6-4235-84D7-039E6AB36700}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2020-03-14 19:25:55.669
Description: 
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {B5EE032B-6212-4E9D-92C1-A1B86362A7D6}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2020-03-14 18:42:28.413
Description: 
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {B8C8A7D5-7374-4E75-9A82-134566C3B5B7}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2020-03-14 18:38:21.080
Description: 
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {8ED18732-24B8-43A9-85C7-FA95A1F1BE47}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2020-01-30 20:15:35.012
Description: 
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu: 
Předchozí verze podpisu: 1.307.2369.0
Zdroj aktualizace: Server Microsoft Update
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 
Předchozí verze modulu: 1.1.16600.7
Kód chyby: 0x80240017
Popis chyby :Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře. 

CodeIntegrity:
===================================

Date: 2020-03-27 08:56:22.885
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVAST Software\Avast Business\snxhk64.dll that did not meet the Microsoft signing level requirements.

Date: 2020-03-27 08:56:21.974
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVAST Software\Avast Business\snxhk64.dll that did not meet the Microsoft signing level requirements.

Date: 2020-03-27 08:53:20.833
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVAST Software\Avast Business\snxhk64.dll that did not meet the Microsoft signing level requirements.

Date: 2020-03-27 08:53:20.732
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVAST Software\Avast Business\snxhk64.dll that did not meet the Microsoft signing level requirements.

Date: 2020-03-27 08:53:02.102
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVAST Software\Avast Business\snxhk64.dll that did not meet the Microsoft signing level requirements.

Date: 2020-03-27 08:53:01.659
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVAST Software\Avast Business\snxhk64.dll that did not meet the Microsoft signing level requirements.

Date: 2020-03-27 08:53:01.269
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVAST Software\Avast Business\snxhk64.dll that did not meet the Microsoft signing level requirements.

Date: 2020-03-27 08:53:00.978
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume5\Program Files\AVAST Software\Avast Business\snxhk64.dll that did not meet the Microsoft signing level requirements.

==================== Memory info =========================== 

BIOS: HP Q85 Ver. 01.01.07 10/17/2017
Motherboard: HP 837D
Processor: Intel(R) Core(TM) i5-8250U CPU @ 1.60GHz
Percentage of memory in use: 69%
Total physical RAM: 8087.2 MB
Available physical RAM: 2496.4 MB
Total Virtual: 10647.2 MB
Available Virtual: 2629.52 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:217.55 GB) (Free:24.3 GB) NTFS
Drive d: (Recovery Image) (Fixed) (Total:18.77 GB) (Free:0.22 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive e: (DATADRIVE1) (Fixed) (Total:931.39 GB) (Free:684.27 GB) NTFS

\\?\Volume{009318c6-d322-4a75-94ff-526e5fcc4875}\ (SYSTEM) (Fixed) (Total:0.35 GB) (Free:0.28 GB) FAT32
\\?\Volume{4331cb5b-142f-4534-a13a-ff98698a50ee}\ (Windows RE tools) (Fixed) (Total:1.68 GB) (Free:1.2 GB) NTFS

==================== MBR & Partition Table ====================

==================== End of Addition.txt =======================