Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-16-2020
Ran by durna (16-11-2020 23:59:11)
Running from C:\Users\durna\OneDrive\Desktop
Windows 10 Home Version 2004 19041.630 (X64) (2020-07-26 21:38:41)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-789869226-119479823-4149404354-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-789869226-119479823-4149404354-503 - Limited - Disabled)
durna (S-1-5-21-789869226-119479823-4149404354-1001 - Administrator - Enabled) => C:\Users\durna
Guest (S-1-5-21-789869226-119479823-4149404354-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-789869226-119479823-4149404354-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 20.013.20064 - Adobe Systems Incorporated)
AXA Studio (HKU\S-1-5-21-789869226-119479823-4149404354-1001\...\be3a3e1a435c5997) (Version: 4.130.34975.0 - AXA životní pojišťovna a.s.)
Brother MFL-Pro Suite DCP-9015CDW (HKLM-x32\...\{E98A9C92-E767-475B-8BC6-8780A86DDC72}) (Version: 1.0.5.0 - Brother Industries, Ltd.)
ČSOBP Kalkulátory 1.27.0.x (HKLM-x32\...\Kalkulátory_is1) (Version:  - )
eModel - MetLife (HKU\S-1-5-21-789869226-119479823-4149404354-1001\...\eModel) (Version: 3.0.0.22 - MetLife)
FLEXI SmartClient (HKU\S-1-5-21-789869226-119479823-4149404354-1001\...\6ed8a04184c5e4e7) (Version: 2.5.73.58779 - Kooperativa)
GIMP 2.10.10 (HKLM\...\GIMP-2_is1) (Version: 2.10.10 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 86.0.4240.198 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.31 - Google LLC) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.5107 - Intel Corporation)
Mafia (HKLM-x32\...\{C72D7008-266D-4DD8-BF3C-296B736127F6}) (Version: 1.02 - )
Mafia II version 1.0 (HKLM-x32\...\{4F5FB47E-14DE-45B4-85E3-11CD5E497KA3}_is1) (Version: 1.0 - 2K Games)
Malwarebytes version 4.2.3.96 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.2.3.96 - Malwarebytes)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 86.0.622.69 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.137.99 - )
Microsoft Flight Simulator X (HKLM-x32\...\InstallShield_{9527A496-5DF9-412A-ADC7-168BA5379CA6}) (Version: 10.0.61355.0 - Microsoft Game Studios)
Microsoft Flight Simulator X Service Pack 1 (HKLM-x32\...\SP1_9527A496-5DF9-412A-ADC7-168BA5379CA6) (Version: 10.0.61355.0 - Microsoft Game Studios)
Microsoft Office 2016 pro podnikatele - cs-cz (HKLM\...\HomeBusinessRetail - cs-cz) (Version: 16.0.13328.20356 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-789869226-119479823-4149404354-1001\...\OneDriveSetup.exe) (Version: 20.169.0823.0008 - Microsoft Corporation)
Microsoft Train Simulator (HKLM-x32\...\Train Simulator 1.0) (Version:  - )
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Mozilla Firefox 82.0.3 (x64 cs) (HKLM\...\Mozilla Firefox 82.0.3 (x64 cs)) (Version: 82.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 77.0.1 - Mozilla)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
NN Blue Expert 3.0 (HKU\S-1-5-21-789869226-119479823-4149404354-1001\...\3db6426070163d6c) (Version: 3.49.2.6 - NN Blue Expert)
NVIDIA PhysX (HKLM-x32\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.13328.20340 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.13328.20340 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.13328.20340 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.13328.20340 - Microsoft Corporation) Hidden
OpenTTD 1.8.0 (HKLM-x32\...\OpenTTD) (Version: 1.8.0 - OpenTTD)
Ovládací panel NVIDIA 388.57 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 388.57 - NVIDIA Corporation) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.255 - Google, Inc.)
Pro Evolution Soccer 2011 (HKLM-x32\...\{9773450C-E2F3-46C3-9464-1D7EDE5EFB63}) (Version: 1.01.0000 - KONAMI)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.14393.31233 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7417 - Realtek Semiconductor Corp.)
RollerCoaster Tycoon 3 Platinum (HKLM-x32\...\GOGPACKRCT3_is1) (Version: 2.0.0.13 - GOG.com)
SimCity 4 Deluxe Edition (HKLM-x32\...\GOGPACKSC4_is1) (Version: 2.0.0.8 - GOG.com)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.4.4445 - TeamViewer)
The Sims 3 - Complete Edition (HKLM-x32\...\The Sims 3 - Complete Edition_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, Panky)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F14FB68A-9188-4036-AD0D-D054BC9C9291}) (Version: 2.59.0.0 - Microsoft Corporation)
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
WinRAR 5.61 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.61.0 - win.rar GmbH)
Xerox Desktop Print Experience 4.5 (HKLM\...\{2A236FE5-829C-316F-B613-3F4E86FEB83C}) (Version: 7.132.20.0 - Xerox Corporation)
Zoom (HKU\S-1-5-21-789869226-119479823-4149404354-1001\...\ZoomUMX) (Version: 5.0 - Zoom Video Communications, Inc.)

Packages:
=========
Canon Office Printer Utility -> C:\Program Files\WindowsApps\34791E63.CanonOfficePrinterUtility_12.7.0.0_x64__6e5tt8cgb93ep [2019-08-15] (Canon Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-28] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-28] (Microsoft Corporation) [MS Ad]
WinZip Universal -> C:\Program Files\WindowsApps\WinZipComputing.WinZipUniversal_1.5.13516.0_x64__3ykzqggjzj4z0 [2019-06-01] (WinZip Computing)
Xerox Print Experience -> C:\Program Files\WindowsApps\XeroxCorp.PrintExperience_7.132.19.0_x64__f7egpvdyrs2a8 [2020-07-02] (Xerox Corp)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2020-01-16] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-12-04] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2019-12-09 15:06 - 2009-02-27 16:38 - 000139264 ____R () [File not signed] C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2019-12-09 15:06 - 2005-04-22 05:36 - 000143360 _____ () [File not signed] C:\WINDOWS\system32\BrSNMP64.dll
2019-12-09 15:07 - 2013-06-12 19:06 - 000385024 ____R (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\BrMonitor.dll
2019-12-09 15:07 - 2010-09-29 17:07 - 000180224 _____ (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\BroSNMP.dll
2019-12-09 15:07 - 2011-02-28 11:32 - 000208896 _____ (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\Brother\BrFirmUpdateCheck.dll
2019-12-09 15:07 - 2013-10-10 21:55 - 002040320 _____ (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\Brother\BrStMonWRes.dll
2019-12-09 15:07 - 2013-12-05 13:04 - 000137728 _____ (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcAssoc.dll
2019-12-09 15:07 - 2014-02-17 19:24 - 000084480 _____ (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcDlgRc.dll
2019-12-09 15:07 - 2014-02-17 19:24 - 017905152 _____ (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcGrImg.dll
2019-12-09 15:07 - 2013-11-15 10:17 - 000082944 _____ (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcLCze.dll
2019-12-09 15:06 - 2012-07-14 09:53 - 000087040 _____ (Brother Industries, Ltd.) [File not signed] C:\WINDOWS\system32\BrNetSti.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

SearchScopes: HKU\S-1-5-21-789869226-119479823-4149404354-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2020-09-18] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-10-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-10-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-10-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-10-30] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-01-09 13:28 - 2019-01-13 14:40 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1       localhost

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-789869226-119479823-4149404354-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\windows\img0.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKU\S-1-5-21-789869226-119479823-4149404354-1001\...\StartupApproved\StartupFolder: => "Poslat do aplikace OneNote.lnk"
HKU\S-1-5-21-789869226-119479823-4149404354-1001\...\StartupApproved\Run: => "Steam"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{B5181B72-3F19-4EE5-8785-A468C94DDCBB}C:\program files (x86)\steam\steamapps\common\ts2012\bin\taddaemon.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\ts2012\bin\taddaemon.exe => No File
FirewallRules: [TCP Query User{E43FA9BF-297A-4AA4-97A0-388D5ECF467E}C:\program files (x86)\steam\steamapps\common\ts2012\bin\taddaemon.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\ts2012\bin\taddaemon.exe => No File
FirewallRules: [{61788CC5-C234-49AF-BF70-20549B376EFB}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{8627870F-8961-4E25-ACF4-43B29792CA88}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{EE4EEA78-ACED-4E1D-89B4-A015CF6FD129}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{099ED908-30F0-437E-803B-F51255AE5B77}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{B5831A54-8DA7-4CE3-8110-A207878DDDAE}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{214BD614-5394-424D-8BD9-3AF37535308A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{D7688359-345D-4CDC-A8C6-FF501B012B0F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{60D066DC-FA50-4D3B-BF9F-507614E56CE0}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{D3F2F2B6-FD99-44E4-BD14-27A3D3B6C1D2}] => (Allow) C:\Users\durna\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{EB968FEA-7C96-4B12-BCA9-C01902480164}] => (Allow) C:\Users\durna\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{C68242CE-99B8-48AE-A228-22A1F6DB4E17}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{90D8D201-9859-4C86-B292-C892428F0ADE}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{D5BCCED1-E4A4-482A-8C4E-98B294DD6CE3}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{9BD12663-F0CE-46B0-8491-B2A4D4A58023}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{3D2E20A7-A348-4A77-9846-820499B761C3}] => (Allow) C:\Program Files (x86)\Browny02\Brother\BrotherNetTool.exe (Brother Industries, Ltd. -> Brother Industries, Ltd.)
FirewallRules: [{029ABB37-718D-4361-B710-BF3ECD36BBDE}] => (Allow) C:\Program Files (x86)\Browny02\Brother\BrotherNetTool.exe (Brother Industries, Ltd. -> Brother Industries, Ltd.)
FirewallRules: [{756281F9-F78B-4235-A01D-48A8B7B39710}] => (Allow) LPort=54925
FirewallRules: [{58E24F8C-4692-4852-95A9-A781950B400F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{6B8721A0-DD3E-4462-AE47-5BCEB3B729E0}D:\dominik dokumety\programy a hry\hry\train simulator 2018\train.simulator.2018\railworks\railworks.exe] => (Allow) D:\dominik dokumety\programy a hry\hry\train simulator 2018\train.simulator.2018\railworks\railworks.exe => No File
FirewallRules: [UDP Query User{C6F3FA70-7D70-493E-964F-76ABD9033AB0}D:\dominik dokumety\programy a hry\hry\train simulator 2018\train.simulator.2018\railworks\railworks.exe] => (Allow) D:\dominik dokumety\programy a hry\hry\train simulator 2018\train.simulator.2018\railworks\railworks.exe => No File
FirewallRules: [TCP Query User{E4CE9A85-2FCC-468C-81A3-C5F164734E31}D:\dominik dokumety\programy a hry\hry\train simulator 2017\train-simulator-2017\train simulator 2017\railworks.exe] => (Allow) D:\dominik dokumety\programy a hry\hry\train simulator 2017\train-simulator-2017\train simulator 2017\railworks.exe => No File
FirewallRules: [UDP Query User{3CD6EED9-6725-42AB-A2CA-C190B4291AB0}D:\dominik dokumety\programy a hry\hry\train simulator 2017\train-simulator-2017\train simulator 2017\railworks.exe] => (Allow) D:\dominik dokumety\programy a hry\hry\train simulator 2017\train-simulator-2017\train simulator 2017\railworks.exe => No File
FirewallRules: [{CC492EE7-0725-4F80-9C40-1BD1ADDB9616}] => (Allow) C:\Users\durna\AppData\Roaming\uTorrent\uTorrent.exe => No File
FirewallRules: [{69A476A7-70AC-4A94-BA78-934AE6CF7FB1}] => (Allow) C:\Users\durna\AppData\Roaming\uTorrent\uTorrent.exe => No File
FirewallRules: [TCP Query User{7A1365D2-5E63-409D-B1EE-1CD3DC83715F}D:\dominik dokumety\programy a hry\hry\train simulator 2017\train simulator 2017\railworks.exe] => (Block) D:\dominik dokumety\programy a hry\hry\train simulator 2017\train simulator 2017\railworks.exe () [File not signed]
FirewallRules: [UDP Query User{C031ECDB-6757-4CCF-A72F-AF9EBA82B76F}D:\dominik dokumety\programy a hry\hry\train simulator 2017\train simulator 2017\railworks.exe] => (Block) D:\dominik dokumety\programy a hry\hry\train simulator 2017\train simulator 2017\railworks.exe () [File not signed]
FirewallRules: [TCP Query User{6ACE0B21-328B-4482-A4FE-7CDB79FAA2B3}D:\dominik dokumety\programy a hry\hry\train simulator 2017\train simulator 2017\railworks.exe] => (Block) D:\dominik dokumety\programy a hry\hry\train simulator 2017\train simulator 2017\railworks.exe () [File not signed]
FirewallRules: [UDP Query User{616E8F69-D513-4464-8B83-33648449B6E4}D:\dominik dokumety\programy a hry\hry\train simulator 2017\train simulator 2017\railworks.exe] => (Block) D:\dominik dokumety\programy a hry\hry\train simulator 2017\train simulator 2017\railworks.exe () [File not signed]
FirewallRules: [{ACBCC6BF-5C77-4F11-B214-4404BE7EFFBF}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A8E3E820-CA76-49F8-94ED-80459B0CA9CF}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{C80898EB-6D33-4A1F-AD32-5030BB8A102C}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{7F1C70DA-0A2A-45E0-ACFF-4191CDBEB097}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)

==================== Restore Points =========================

05-11-2020 12:28:59 Naplánovaný kontrolní bod
13-11-2020 09:47:55 Instalační služba modulů systému Windows

==================== Faulty Device Manager Devices ============

Name: ASUS Wireless Radio Control
Description: ASUS Wireless Radio Control
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: ASUS
Service: HIDSwitch
Problem: : Windows cannot load the device driver for this hardware. The driver may be corrupted or missing. (Code 39)
Resolution: Reasons for this error include a driver that is not present; a binary file that is corrupt; a file I/O problem, or a driver that references an entry point in another binary file that could not be loaded.
Uninstall the driver, and then click "Scan for hardware changes" to reinstall or upgrade the driver.


==================== Event log errors: ========================

Application errors:
==================
Error: (11/16/2020 10:02:29 PM) (Source: Firefox Default Browser Agent) (EventID: 12007) (User: )
Description: Event-ID 12007

Error: (11/16/2020 10:02:29 PM) (Source: Firefox Default Browser Agent) (EventID: 0) (User: )
Description: Event-ID 0

Error: (11/16/2020 09:59:18 PM) (Source: DPTF) (EventID: 256) (User: )
Description: Event-ID 256

Error: (11/16/2020 09:59:18 PM) (Source: DPTF) (EventID: 256) (User: )
Description: Event-ID 256

Error: (11/16/2020 01:57:20 PM) (Source: DPTF) (EventID: 256) (User: )
Description: Event-ID 256

Error: (11/16/2020 01:57:20 PM) (Source: DPTF) (EventID: 256) (User: )
Description: Event-ID 256

Error: (11/13/2020 06:01:03 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.

Error: (11/13/2020 06:01:03 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]


System errors:
=============
Error: (11/16/2020 11:48:12 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA Display Container LS byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 1000 milisekund: Restartovat službu.

Error: (11/16/2020 11:47:49 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Presentation Foundation Font Cache 3.0.0.0 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.

Error: (11/16/2020 11:47:47 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) HD Graphics Control Panel Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (11/16/2020 11:47:47 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Služba Správce událostí tiskových úloh Xerox byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (11/16/2020 11:47:45 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Microsoft Office Klikni a spusť byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.

Error: (11/16/2020 11:47:44 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba BrYNSvc byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (11/16/2020 11:47:40 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Adobe Acrobat Update Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (11/16/2020 12:18:14 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Optimalizace doručení přestala během spouštění reagovat.


Windows Defender:
===================================
Date: 2020-11-16 22:18:16.5480000Z
Description: 
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {00F496C4-890A-4DEC-934C-DA0202CD5D47}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2020-11-13 13:46:47.1510000Z
Description: 
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {4277D578-42C6-4B8F-9A21-86B529FB0551}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2020-11-12 13:39:19.1770000Z
Description: 
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {5FDA9F28-CE03-4491-B5A0-A67F99561D41}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2020-11-11 17:47:44.4970000Z
Description: 
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {258DC7AD-F029-47F4-BE81-C2AE4DEA2692}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2020-11-10 15:23:57.9380000Z
Description: 
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {9BD468E7-DA04-4B88-B88E-7CB588A5E91A}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2020-11-16 12:34:19.9820000Z
Description: 
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 
Předchozí verze bezpečnostních informací: 1.327.998.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu: 
Předchozí verze modulu: 1.1.17600.5
Kód chyby: 0x8050a003
Popis chyby: Balíček neobsahuje aktuální soubor definic pro tento program. Další informace naleznete v nápovědě a podpoře. 

Date: 2020-11-16 12:34:19.9790000Z
Description: 
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 
Předchozí verze bezpečnostních informací: 1.327.998.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu: 
Předchozí verze modulu: 1.1.17600.5
Kód chyby: 0x8050a003
Popis chyby: Balíček neobsahuje aktuální soubor definic pro tento program. Další informace naleznete v nápovědě a podpoře. 

Date: 2020-11-16 12:34:19.9760000Z
Description: 
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 
Předchozí verze bezpečnostních informací: 1.327.998.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu: 
Předchozí verze modulu: 1.1.17600.5
Kód chyby: 0x8050a003
Popis chyby: Balíček neobsahuje aktuální soubor definic pro tento program. Další informace naleznete v nápovědě a podpoře. 

Date: 2020-11-16 12:30:33.1040000Z
Description: 
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 
Předchozí verze bezpečnostních informací: 1.327.840.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 
Předchozí verze modulu: 1.1.17600.5
Kód chyby: 0x80070102
Popis chyby: Vypršel časový limit operace čekání. 

Date: 2020-11-16 12:30:33.0840000Z
Description: 
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 
Předchozí verze bezpečnostních informací: 1.327.840.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 
Předchozí verze modulu: 1.1.17600.5
Kód chyby: 0x80070102
Popis chyby: Vypršel časový limit operace čekání. 

==================== Memory info =========================== 

BIOS: American Megatrends Inc. X555LJ.304 05/07/2015
Motherboard: ASUSTeK COMPUTER INC. X555LJ
Processor: Intel(R) Core(TM) i3-5005U CPU @ 2.00GHz
Percentage of memory in use: 59%
Total physical RAM: 3998.8 MB
Available physical RAM: 1606.02 MB
Total Virtual: 7534.8 MB
Available Virtual: 5213.57 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:372.6 GB) (Free:280.76 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (Data) (Fixed) (Total:542.8 GB) (Free:146.17 GB) NTFS

\\?\Volume{a639c1ae-c88d-4028-b0c9-085e8d2bf0f4}\ (Recovery) (Fixed) (Total:0.88 GB) (Free:0.59 GB) NTFS
\\?\Volume{89e7f35f-713b-4dc9-9828-b43654de8b05}\ (Restore) (Fixed) (Total:15.01 GB) (Free:1.99 GB) NTFS
\\?\Volume{95c4b4cd-caf2-447f-a8b9-3c44f74a5c2b}\ (SYSTEM) (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 087F9B46)

Partition: GPT.

==================== End of Addition.txt =======================