Additional scan result of Farbar Recovery Scan Tool (x64) Version: 6.02.2019
Ran by Tomáš (08-02-2019 12:05:45)
Running from C:\Users\Tomáš\Desktop
Windows 10 Home Version 1803 17134.523 (X64) (2018-08-13 04:51:55)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-835003961-1480024946-725988966-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-835003961-1480024946-725988966-503 - Limited - Disabled)
Guest (S-1-5-21-835003961-1480024946-725988966-501 - Limited - Disabled)
Tomáš (S-1-5-21-835003961-1480024946-725988966-1001 - Administrator - Enabled) => C:\Users\Tomáš
WDAGUtilityAccount (S-1-5-21-835003961-1480024946-725988966-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
FW: Avast Antivirus (Enabled) {B693136B-F6EE-DD1C-A0EF-229B8B0B29C4}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 18.8.1 - Advanced Micro Devices, Inc.)
Auslogics Registry Cleaner (HKLM-x32\...\{8D8024F1-2945-49A5-9B78-5AB7B11D7942}_is1) (Version: 7.0.21.0 - Auslogics Labs Pty Ltd)
Avast Cleanup Premium (HKLM-x32\...\{075CC190-59EE-499F-828B-0B5C098C8C15}_is1) (Version: 18.3.6507 - AVAST Software)
Avast Premier (HKLM-x32\...\Avast Antivirus) (Version: 19.2.2364 - AVAST Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 71.0.1037.99 - AVAST Software)
Avast Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.4.154.333 - AVAST Software) Hidden
Battlefield™ 1 (HKLM-x32\...\{335B50BC-6130-4BAF-9A6A-F1561270587B}) (Version: 1.0.57.44284 - Electronic Arts)
Battlefield™ V (HKLM-x32\...\{e26b382f-e945-4f70-9318-121b683f1d61}) (Version: 1.0.59.24655 - Electronic Arts)
BitTorrent (HKU\S-1-5-21-835003961-1480024946-725988966-1001\...\BitTorrent) (Version: 7.10.5.44995 - BitTorrent Inc.)
Branding64 (HKLM\...\{EE2AFCE4-0238-4DE0-A140-1647021627C1}) (Version: 1.00.0001 - Advanced Micro Devices, Inc.) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.8.0.0466 - Disc Soft Ltd)
Dead Rising 4 (HKLM-x32\...\Dead Rising 4_is1) (Version:  - )
Driver Booster 6 (HKLM-x32\...\Driver Booster_is1) (Version: 6.1.0 - IObit)
Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games)
Just Cause 4 (HKLM-x32\...\{D1F33AFE-757B-4A27-9F96-D507177C3E40}_is1) (Version:  - Avalanche Studios)
Microsoft OneDrive (HKU\S-1-5-21-835003961-1480024946-725988966-1001\...\OneDriveSetup.exe) (Version: 18.240.1202.0004 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.10.25017 (HKLM-x32\...\{d6f233bd-3f8c-43f6-878b-07bd0568d595}) (Version: 14.10.25017.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25017 (HKLM-x32\...\{cb7c3049-21de-415b-bd85-b65c14e547df}) (Version: 14.10.25017.0 - Microsoft Corporation)
Origin (HKLM-x32\...\Origin) (Version: 10.5.31.17411 - Electronic Arts, Inc.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.4.1 - Rockstar Games)
SpyHunter 5 (HKLM-x32\...\SpyHunter5) (Version: 5.0.30.51 - EnigmaSoft Limited)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
The Sims 4 (HKLM-x32\...\VGhlU2ltczQ=_is1) (Version: 1 - )
The Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.0.732.20 - Electronic Arts Inc.)
Tom Clancy's Rainbow Six Siege (HKLM-x32\...\Uplay Install 635) (Version:  - Ubisoft Montreal)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F814D094-197F-43C8-87FA-3210BB780486}) (Version: 2.53.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{52C1DD03-104E-4AC6-9DC6-21D585721ED1}) (Version: 1.19.0.0 - Microsoft Corporation) Hidden
Uplay (HKLM-x32\...\Uplay) (Version: 66.0 - Ubisoft)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.6 - VideoLAN)
WinRAR 5.60 (64-bitová verzia) (HKLM\...\WinRAR archiver) (Version: 5.60.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-02-07] (AVAST Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-02-07] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} =>  -> No File
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-02-07] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-06-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-06-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\DTShl64.dll [2018-06-20] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-02-07] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\DTShl64.dll [2018-06-20] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2018-08-02] (Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-02-07] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-06-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-06-24] (win.rar GmbH -> Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {09EFE955-9990-488B-A16B-063A207A2CE5} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [2018-08-02] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {18700A2B-EE07-46F2-8A4C-1A3514C8F85D} - System32\Tasks\RogueKiller Anti-Malware => C:\Users\Tomáš\Downloads\RogueKiller_portable64.exe [2019-02-04] (Adlice -> )
Task: {2F9EA34B-9C87-42DE-B2BC-DA3D367306C8} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2019-02-07] (AVAST Software s.r.o. -> AVAST Software)
Task: {33C5459C-50F9-4AED-9954-F4F5BED3F1AB} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2019-02-07] (AVAST Software s.r.o. -> AVAST Software)
Task: {6AA57369-72B3-4DF3-9994-99E5FF05842E} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2019-02-07] (AVAST Software s.r.o. -> AVAST Software)
Task: {B037C8BA-F072-41E5-AFA7-33170AD38398} - System32\Tasks\Avast Cleanup Update => C:\Program Files (x86)\AVAST Software\Avast Cleanup\TUNEUpdate.exe [2019-01-17] (AVAST Software s.r.o. -> AVAST Software)
Task: {B559E842-046C-4DD1-B99B-E7CB4CADF9D8} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [2019-02-07] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.)
Task: {BEC3D958-44B2-4FDB-8E1A-3F58FDB46991} - System32\Tasks\DB Bigupgrade Task ( One Time ) => C:\Program Files (x86)\IObit\Driver Booster\6.1.0\BigUpgrade.exe [2019-01-04] (IObit Information Technology -> IObit)
Task: {CCC87746-8CAD-424C-BAB1-903ED22D0CF4} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2019-02-06] (AVAST Software s.r.o. -> AVAST Software)
Task: {D119F6FF-F364-4705-A425-4D884BC51699} - System32\Tasks\Driver Booster SkipUAC (Tomáš) => C:\Program Files (x86)\IObit\Driver Booster\6.1.0\DriverBooster.exe [2018-11-18] (IObit Information Technology -> IObit)
Task: {D6736F9F-0300-4F44-8828-B9D215D4BF59} - System32\Tasks\ASC12_SkipUac_Tomáš => C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe
Task: {F5EC09C6-3DFC-4639-837D-E5D46139CEAE} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\dvrcmd.exe [2018-08-02] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2019-02-07 05:34 - 2019-02-07 05:34 - 000654216 _____ () c:\program files\avast software\avast\streamback.dll
2019-02-07 05:34 - 2019-02-07 05:34 - 000321928 _____ () C:\Program Files\AVAST Software\Avast\serialization.dll
2018-04-12 00:34 - 2018-04-12 00:34 - 000491744 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2018-10-04 17:55 - 2018-10-04 17:55 - 000009216 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.38.138.0_x64__kzf8qxf38zg5c\ImagePipelineNative.dll
2019-01-31 01:56 - 2019-01-31 01:56 - 000060416 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.38.138.0_x64__kzf8qxf38zg5c\ChakraBridge.dll
2019-01-31 01:56 - 2019-01-31 01:56 - 000182272 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.38.138.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
2019-02-07 05:35 - 2019-02-07 05:35 - 093695912 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2019-01-24 07:52 - 2019-01-24 07:52 - 028012544 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18112.14311.0_x64__8wekyb3d8bbwe\Video.UI.exe
2019-01-24 07:52 - 2019-01-24 07:52 - 000305152 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18112.14311.0_x64__8wekyb3d8bbwe\SharedUI.dll
2018-04-12 18:08 - 2018-04-12 18:08 - 000902656 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18112.14311.0_x64__8wekyb3d8bbwe\Microsoft.Membership.MeControl.UI.Xaml.dll
2018-11-29 02:23 - 2018-11-29 02:23 - 004202208 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18112.14311.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2019-01-24 07:52 - 2019-01-24 07:52 - 006187520 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18112.14311.0_x64__8wekyb3d8bbwe\EntCommon.dll
2019-01-24 07:52 - 2019-01-24 07:52 - 009388544 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18112.14311.0_x64__8wekyb3d8bbwe\EntPlat.dll
2019-02-02 04:04 - 2019-02-02 04:04 - 000481280 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2019-02-02 04:04 - 2019-02-02 04:04 - 080636416 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2018-08-13 06:10 - 2018-08-13 06:11 - 002523136 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x64__8wekyb3d8bbwe\UnityEngineDelegates.dll
2019-02-02 04:04 - 2019-02-02 04:04 - 003824640 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x64__8wekyb3d8bbwe\MediaEngineCSWrapper.dll
2019-01-15 11:45 - 2019-01-15 11:45 - 000012288 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x64__8wekyb3d8bbwe\RenderingPlugin.dll
2019-02-02 04:04 - 2019-02-02 04:04 - 014225408 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll
2019-02-02 04:04 - 2019-02-02 04:04 - 002871296 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll
2018-08-30 21:13 - 2018-08-30 21:13 - 000973312 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x64__8wekyb3d8bbwe\RuntimeConfiguration.dll
2018-08-13 06:10 - 2018-08-13 06:11 - 004584960 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2019-02-02 04:04 - 2019-02-02 04:04 - 000146432 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x64__8wekyb3d8bbwe\SKU.dll
2018-04-12 00:34 - 2018-04-12 00:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-11-27 22:04 - 2018-11-09 03:17 - 002759680 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2019-01-10 11:39 - 2019-01-01 07:42 - 002185728 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2019-02-01 21:46 - 2018-12-06 00:47 - 001066784 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\SDL2.dll
2019-02-01 21:46 - 2018-11-20 01:56 - 102804768 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libcef.dll
2019-02-01 21:46 - 2018-11-20 01:56 - 004866336 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libglesv2.dll
2019-02-01 21:46 - 2018-11-20 01:56 - 000116000 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libegl.dll
2018-10-31 00:24 - 2018-10-31 00:24 - 003859456 _____ () C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_1.16.1012.0_x64__8wekyb3d8bbwe\GameBar.exe
2019-02-07 05:34 - 2019-02-07 05:34 - 000732552 _____ () C:\Program Files\AVAST Software\Avast\AvastNM.exe
2019-02-01 21:46 - 2018-12-06 00:47 - 000885536 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2018-08-12 08:14 - 2016-09-01 02:02 - 004969248 _____ () C:\Program Files (x86)\Steam\v8.dll
2019-02-03 01:12 - 2019-02-02 18:33 - 002667296 _____ () C:\Program Files (x86)\Steam\video.dll
2018-08-12 08:14 - 2016-09-01 02:02 - 001563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2018-08-12 08:14 - 2016-09-01 02:02 - 001195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2019-02-01 21:46 - 2018-11-05 19:53 - 005137696 _____ () C:\Program Files (x86)\Steam\libavcodec-57.dll
2019-02-01 21:46 - 2018-11-05 19:53 - 000351520 _____ () C:\Program Files (x86)\Steam\libavresample-3.dll
2019-02-01 21:46 - 2018-11-05 19:53 - 000810784 _____ () C:\Program Files (x86)\Steam\libavformat-57.dll
2019-02-01 21:46 - 2018-11-05 19:53 - 000847136 _____ () C:\Program Files (x86)\Steam\libavutil-55.dll
2019-02-01 21:46 - 2018-11-05 19:53 - 000783648 _____ () C:\Program Files (x86)\Steam\libswscale-4.dll
2019-02-03 01:12 - 2019-02-02 18:33 - 001031456 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2018-08-12 08:14 - 2016-07-04 23:17 - 000266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll

==================== Alternate Data Streams (Whitelisted) =========

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-10-30 08:24 - 2019-02-07 10:53 - 000000852 _____ C:\WINDOWS\system32\drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-835003961-1480024946-725988966-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Tomáš\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\anonymous-hd-wallpaper-1920x1080-7297855.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

HKLM\...\StartupApproved\Run: => "Ashampoo WinOptimizer Live-Tuner2"
HKU\S-1-5-21-835003961-1480024946-725988966-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-835003961-1480024946-725988966-1001\...\StartupApproved\Run: => "RogueKiller Anti-Malware"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{1230FE20-B166-4B02-BB74-1BA64642136F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{E895B571-7874-44FA-A492-0DBB2F14E99C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{7D01781A-A565-4508-8FDF-C77E078079FF}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{365D9B7D-9054-471E-8932-E0446EEEBD9F}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{D85466A6-2460-405E-A10A-F5F820A6440A}] => (Allow) E:\Counter Strike Global Offensive\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{91759AD4-518D-450B-893D-D20561587C85}] => (Allow) E:\Counter Strike Global Offensive\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )

==================== Restore Points =========================

03-02-2019 00:15:16 Removing COMODO Client - Security

==================== Faulty Device Manager Devices =============

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (02/07/2019 05:05:02 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3009) (User: DESKTOP-5TKCKME)
Description: Installing the performance counter strings for service .NET CLR Data () failed. The first DWORD in the Data section contains the error code.

Error: (02/07/2019 05:05:02 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3009) (User: DESKTOP-5TKCKME)
Description: Installing the performance counter strings for service .NET CLR Networking () failed. The first DWORD in the Data section contains the error code.

Error: (02/07/2019 05:05:02 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3009) (User: DESKTOP-5TKCKME)
Description: Installing the performance counter strings for service .NET Data Provider for Oracle () failed. The first DWORD in the Data section contains the error code.

Error: (02/07/2019 05:05:02 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3009) (User: DESKTOP-5TKCKME)
Description: Installing the performance counter strings for service .NET Data Provider for SqlServer () failed. The first DWORD in the Data section contains the error code.

Error: (02/07/2019 05:05:02 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3009) (User: DESKTOP-5TKCKME)
Description: Installing the performance counter strings for service .NETFramework () failed. The first DWORD in the Data section contains the error code.

Error: (02/06/2019 06:44:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: svchost.exe_WpnUserService, verzia: 10.0.17134.1, časová značka: 0xa38b9ab2
Názov chybujúceho modulu: NotificationController.dll, verzia: 10.0.17134.165, časová značka: 0xe0385185
Kód výnimky: 0xc0000005
Odstup chyby: 0x000000000007a24d
Identifikácia chybujúceho procesu: 0x299c
Čas spustenia chybujúcej aplikácie: 0x01d4bda50cc22adf
Cesta chybujúcej aplikácie: C:\WINDOWS\system32\svchost.exe
Cesta chybujúceho modulu: C:\Windows\System32\NotificationController.dll
Identifikácia hlásenia: c8018738-652b-4ef4-8df8-a97aec2e4745
Celé meno chybujúceho balíka: 
Identifikácia chybujúcej aplikácie vzhľadom na balík:

Error: (02/05/2019 10:47:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: svchost.exe_WpnUserService, verzia: 10.0.17134.1, časová značka: 0xa38b9ab2
Názov chybujúceho modulu: NotificationController.dll, verzia: 10.0.17134.165, časová značka: 0xe0385185
Kód výnimky: 0xc0000005
Odstup chyby: 0x000000000007c686
Identifikácia chybujúceho procesu: 0x1b50
Čas spustenia chybujúcej aplikácie: 0x01d4bd71a30bfe52
Cesta chybujúcej aplikácie: C:\WINDOWS\system32\svchost.exe
Cesta chybujúceho modulu: C:\Windows\System32\NotificationController.dll
Identifikácia hlásenia: 60c7f269-1073-46af-8be6-a3caaafae1e1
Celé meno chybujúceho balíka: 
Identifikácia chybujúcej aplikácie vzhľadom na balík:

Error: (02/05/2019 12:50:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: svchost.exe_WpnUserService, verzia: 10.0.17134.1, časová značka: 0xa38b9ab2
Názov chybujúceho modulu: NotificationController.dll, verzia: 10.0.17134.165, časová značka: 0xe0385185
Kód výnimky: 0xc0000005
Odstup chyby: 0x000000000007c686
Identifikácia chybujúceho procesu: 0x193c
Čas spustenia chybujúcej aplikácie: 0x01d4bd3459cfbdab
Cesta chybujúcej aplikácie: C:\WINDOWS\system32\svchost.exe
Cesta chybujúceho modulu: C:\Windows\System32\NotificationController.dll
Identifikácia hlásenia: fdd1db01-b8fe-414a-9cac-ec354d20aeee
Celé meno chybujúceho balíka: 
Identifikácia chybujúcej aplikácie vzhľadom na balík:


System errors:
=============
Error: (02/07/2019 10:02:39 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-5TKCKME)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
 and APPID 
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
 to the user DESKTOP-5TKCKME\Tomáš SID (S-1-5-21-835003961-1480024946-725988966-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). This security permission can be modified using the Component Services administrative tool.

Error: (02/07/2019 10:01:40 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-5TKCKME)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user DESKTOP-5TKCKME\Tomáš SID (S-1-5-21-835003961-1480024946-725988966-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (02/07/2019 10:01:29 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-5TKCKME)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
 and APPID 
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
 to the user DESKTOP-5TKCKME\Tomáš SID (S-1-5-21-835003961-1480024946-725988966-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). This security permission can be modified using the Component Services administrative tool.

Error: (02/07/2019 04:08:40 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-5TKCKME)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
 and APPID 
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
 to the user DESKTOP-5TKCKME\Tomáš SID (S-1-5-21-835003961-1480024946-725988966-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). This security permission can be modified using the Component Services administrative tool.

Error: (02/07/2019 02:09:27 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-5TKCKME)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user DESKTOP-5TKCKME\Tomáš SID (S-1-5-21-835003961-1480024946-725988966-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (02/07/2019 01:45:03 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Používateľská služba zobrazovania oznámení vo Windowse_65716 sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 2 krát. O 10000 ms bude vykonaná nasledujúca opravná akcia: Reštartovať službu.

Error: (02/07/2019 01:44:42 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Správca riadenia služieb sa po neočakávanom ukončení služby Používateľská služba zobrazovania oznámení vo Windowse_65716 pokúsil vykonať opravnú akciu (Reštartovať službu), ale táto činnosť zlyhala s nasledujúcou chybou: 
An instance of the service is already running.

Error: (02/07/2019 01:44:32 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Používateľská služba zobrazovania oznámení vo Windowse_65716 sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1 krát. O 10000 ms bude vykonaná nasledujúca opravná akcia: Reštartovať službu.


Windows Defender:
===================================
Date: 2019-01-31 16:34:19.103
Description: 
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:MSIL/Uflooder.C!bit&threatid=2147709445&enterprise=0
Name: HackTool:MSIL/Uflooder.C!bit
ID: 2147709445
Severity: Vysoká
Category: Nástroj
Path: file:_C:\Users\Tomáš\Downloads\LOIC\LOIC.exe
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:\Program Files\WinRAR\WinRAR.exe
Signature Version: AV: 1.285.509.0, AS: 1.285.509.0, NIS: 1.285.509.0
Engine Version: AM: 1.1.15600.4, NIS: 1.1.15600.4

Date: 2019-01-31 11:14:14.094
Description: 
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid=37020&name=SoftwareBundler:Win32/Prepscram&threatid=226289&enterprise=0
Name: SoftwareBundler:Win32/Prepscram
ID: 226289
Severity: Vysoká
Category: Softvérový balík
Path: containerfile:_C:\Users\Tomáš\Downloads\Original keys__crack_Full 2019.zip; file:_C:\Users\Tomáš\Downloads\Original keys__crack_Full 2019.zip->original_keys__crack.zip->original/original_keys__crack.exe; webfile:_C:\Users\Tomáš\Downloads\Original keys__crack_Full 2019.zip|about:internet|pid:4744,ProcessStart:131933998711529703
Detection Origin: Internet
Detection Type: Concrete
Detection Source: Downloads and attachments
Process Name: Unknown
Signature Version: AV: 1.285.509.0, AS: 1.285.509.0, NIS: 1.285.509.0
Engine Version: AM: 1.1.15600.4, NIS: 1.1.15600.4

Date: 2019-01-31 11:14:14.093
Description: 
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Woreflint.A!cl&threatid=2147723317&enterprise=0
Name: Trojan:Win32/Woreflint.A!cl
ID: 2147723317
Severity: Závažná
Category: Trójsky kôň
Path: containerfile:_C:\Users\Tomáš\Downloads\Original keys__crack_Full 2019.zip; file:_C:\Users\Tomáš\Downloads\Original keys__crack_Full 2019.zip->original_keys_crack.zip->original_keys.exe; webfile:_C:\Users\Tomáš\Downloads\Original keys__crack_Full 2019.zip|about:internet|pid:4744,ProcessStart:131933998711529703
Detection Origin: Internet
Detection Type: FastPath
Detection Source: Downloads and attachments
Process Name: Unknown
Signature Version: AV: 1.285.509.0, AS: 1.285.509.0, NIS: 1.285.509.0
Engine Version: AM: 1.1.15600.4, NIS: 1.1.15600.4

Date: 2019-01-31 10:06:25.188
Description: 
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Occamy.C&threatid=2147726780&enterprise=0
Name: Trojan:Win32/Occamy.C
ID: 2147726780
Severity: Závažná
Category: Trójsky kôň
Path: file:_C:\Users\Tomáš\Desktop\Cheaty\New cheats 7.12.18 Glow Esp-KUB4Z\glow esp 12.7.2018 (Danger Zone Update).exe
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:\Windows\explorer.exe
Signature Version: AV: 1.285.509.0, AS: 1.285.509.0, NIS: 1.285.509.0
Engine Version: AM: 1.1.15600.4, NIS: 1.1.15600.4

Date: 2019-01-29 21:56:09.617
Description: 
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid=37020&name=SoftwareBundler:Win32/Prepscram.D&threatid=239500&enterprise=0
Name: SoftwareBundler:Win32/Prepscram.D
ID: 239500
Severity: Vysoká
Category: Softvérový balík
Path: file:_C:\Users\Tomáš\Downloads\Auslogics Anti-Malware 1190 License Key Download HERE.exe.rename; webfile:_C:\Users\Tomáš\Downloads\Auslogics Anti-Malware 1190 License Key Download HERE.exe.rename|http://popcorn.directioncable.pw/31140384f7403393d390cfccf5371b730951b4.ren|pid:11068,ProcessStart:131931978632208481
Detection Origin: Internet
Detection Type: FastPath
Detection Source: Downloads and attachments
Process Name: Unknown
Signature Version: AV: 1.285.398.0, AS: 1.285.398.0, NIS: 1.285.398.0
Engine Version: AM: 1.1.15600.4, NIS: 1.1.15600.4

CodeIntegrity:
===================================

Date: 2019-02-07 05:43:11.418
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\amdihk64.dll that did not meet the Store signing level requirements.

Date: 2019-02-07 05:43:10.427
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\amdihk64.dll that did not meet the Store signing level requirements.

Date: 2019-02-03 00:14:03.644
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-02-03 00:04:17.302
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-02-02 23:50:16.619
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-02-02 23:47:46.792
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-02-02 23:42:16.563
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-02-02 23:37:35.389
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info =========================== 

Processor: AMD Ryzen 7 1700 Eight-Core Processor 
Percentage of memory in use: 19%
Total physical RAM: 16335.98 MB
Available physical RAM: 13087.22 MB
Total Virtual: 18767.98 MB
Available Virtual: 14435.75 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:111.24 GB) (Free:34.72 GB) NTFS
Drive e: () (Fixed) (Total:931.5 GB) (Free:215.85 GB) NTFS

\\?\Volume{b409df67-447f-4090-b71c-035c8eaa3d4a}\ (Obnovenie) (Fixed) (Total:0.44 GB) (Free:0.06 GB) NTFS
\\?\Volume{a2ef93c4-b627-407e-9fbf-e88d55849c0d}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Protective MBR) (Size: 111.8 GB) (Disk ID: 00000000)

Partition: GPT.

========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 1BD81BD8)

Partition: GPT.

==================== End of Addition.txt ============================