Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17.03.2019
Ran by Simon (09-04-2019 17:09:37)
Running from E:\Preberanie
Windows 10 Home Version 1809 17763.404 (X64) (2019-01-13 15:21:56)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1582610941-2809078255-2227080442-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1582610941-2809078255-2227080442-503 - Limited - Disabled)
Guest (S-1-5-21-1582610941-2809078255-2227080442-501 - Limited - Disabled)
Simon (S-1-5-21-1582610941-2809078255-2227080442-1001 - Administrator - Enabled) => C:\Users\altai
WDAGUtilityAccount (S-1-5-21-1582610941-2809078255-2227080442-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Antivirus (Enabled - Up to date) {88AE6B46-DC3C-455A-A21B-085F285A3546}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {33CF8AA2-FA06-4AD4-98AB-332D53DD7FFB}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-1582610941-2809078255-2227080442-1001\...\uTorrent) (Version: 3.5.3.44494 - BitTorrent Inc.)
Adobe Acrobat Reader DC - Slovak (HKLM-x32\...\{AC76BA86-7AD7-1051-7B44-AC0F074E4100}) (Version: 19.010.20098 - Adobe Systems Incorporated)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 19.3.3 - Advanced Micro Devices, Inc.)
Avira (HKLM-x32\...\{9c4627af-2a2f-4e06-aa50-e0d70979e4b6}) (Version: 1.2.132.16752 - Avira Operations GmbH & Co. KG)
Avira (HKLM-x32\...\{BE930E27-DF4B-44AF-8037-EB0A1D419787}) (Version: 1.2.132.16752 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.44.143 - Avira Operations GmbH & Co. KG)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Branding64 (HKLM\...\{EE2AFCE4-0238-4DE0-A140-1647021627C1}) (Version: 1.00.0001 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (HKLM\...\{A16E186C-58C4-3BDC-5CCE-714EFEF5F27F}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (HKLM\...\{E7AA1A02-575C-14C6-FBEF-4BE6D46A5B74}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{36EDC500-E4C0-371C-9865-08450415C1E9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{62098A5F-E03B-31A3-5F9C-51A7F7D25744}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{1757AD9B-0E3C-05F9-FE43-4343BED7DA85}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{4C2FB7FD-89FD-BA5C-585A-3811F326AD34}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{66B06F29-EE4F-9130-D96A-754826093FEA}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{D74218A3-C503-57EF-AC9F-2220082E7ADE}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{821D0A0E-F246-BE40-0D68-93883C14C410}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{DA433FCF-90A1-19A5-65A7-FDF82DE4826D}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{88BD74C4-23AB-4554-915C-6E1F0C81F6CD}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{949F125B-A6CC-5A5E-EEE7-4AC50305C1FA}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{20D46801-147B-30AD-7C5A-AC4560A79096}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{A48E2AB0-0866-7783-9657-E1709EB18D02}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{22C39711-2747-D264-319A-1550BEEAAEC6}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{E61CEF9A-BAC3-EAEE-F735-E257D2354DF2}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{1DBACFDB-5E43-7882-36BD-53526D34BD22}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{DA0326BB-657D-AAFC-752C-363E8FA33755}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{E42911E5-48F8-8557-ED20-D72AD1907D25}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{EB6C44F1-0F78-FE10-BC63-90BA50AB0CE9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{B26D75B8-FAB7-6F8B-767F-BAF975383D91}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{B4C30EF4-B2C5-1395-B534-7B63BCB6E8E4}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{A91FC4BF-C1EC-ADCA-79D1-F4F0671F1D60}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{B873A1FB-5EA0-EE5F-A861-1E38880AD08E}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{EC9DF9FF-9D75-4CDD-1D58-A2E887B0A42E}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{ED75A775-03A7-F214-868D-497748707968}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{07BFBD5C-2F63-6828-1B61-B41A44113F3B}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{7ABACA7E-6E59-0EF9-8FA3-6B32E5F58127}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{3E196AAF-F81C-B384-E2AB-28EE2398FE5F}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{E6038D3E-5D87-8DF7-6D05-BE7532C3E73E}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{DAEFFE0C-CD05-1355-6AFC-7B3D4106A820}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{DFAD9DAC-4768-C8BB-4E0E-5239605A9BEA}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{E392A425-53A7-DF90-96A0-E287A75DD3B2}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{FFBFBD1F-B160-A119-7C43-8584FA2E5665}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{4D1D5407-9B69-6422-629C-8518A26004A4}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{D6F47BB4-700A-F612-0671-5F69EA311BB7}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{01FD9A26-3F61-9236-B360-BE5D043D82C0}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{A8379BAB-59A9-C0A3-8BCC-4852EA403692}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{24DF617A-CD23-6E6A-126B-23630D2781CE}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{64D4CCC3-63DF-252D-D29D-03491670225D}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{83DDDFD8-AD42-72F9-E4F1-5456FDB304C9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{8DF90937-B869-9F76-5D45-5A8BDA0A33B6}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.46 - Piriform)
CPUID HWMonitor 1.38 (HKLM\...\CPUID HWMonitor_is1) (Version: 1.38 - CPUID, Inc.)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.8.0.0410 - Disc Soft Ltd)
Far Cry New Dawn (HKLM-x32\...\Far Cry New Dawn_is1) (Version:  - )
Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games)
Installer (HKLM\...\{E9675998-9B12-4560-8E98-A6CCCDE0BE18}) (Version: 1.0.0 - Default Company Name)
Microsoft Office 2016 Professional Plus - sk-sk (HKLM\...\ProPlusRetail - sk-sk) (Version: 16.0.11425.20202 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - en-us (HKLM\...\ProPlusRetail - en-us) (Version: 16.0.11425.20202 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1582610941-2809078255-2227080442-1001\...\OneDriveSetup.exe) (Version: 19.033.0218.0011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.14.26429 (HKLM-x32\...\{80586c77-db42-44bb-bfc8-7aebbb220c00}) (Version: 14.14.26429.4 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25008 (HKLM-x32\...\{c239cea1-d49e-4e16-8e87-8c055765f7ec}) (Version: 14.10.25008.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Mozilla Firefox 66.0.2 (x64 sk) (HKLM\...\Mozilla Firefox 66.0.2 (x64 sk)) (Version: 66.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 60.0 - Mozilla)
NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.11425.20202 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.11425.20202 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.11425.20202 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.11425.20202 - Microsoft Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 10.5.34.21025 - Electronic Arts, Inc.)
Overwatch (HKLM-x32\...\Overwatch) (Version:  - Blizzard Entertainment)
Platform (HKLM-x32\...\{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.43 - VIA Technologies, Inc.) Hidden
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.4.1 - Rockstar Games)
Sekiro Shadows Die Twice version final (HKLM-x32\...\Sekiro Shadows Die Twice_is1) (Version: final - The)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.2.3 - TeamSpeak Systems GmbH)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{9CBA860F-7437-4A75-941C-8EF559F2D145}) (Version: 2.52.0.0 - Microsoft Corporation)
Uplay (HKLM-x32\...\Uplay) (Version: 57.0 - Ubisoft)
VIA Platform Device Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.43 - VIA Technologies, Inc.)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.65.0 (HKLM\...\VulkanRT1.0.65.0) (Version: 1.0.65.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.1.70.0 (HKLM\...\VulkanRT1.1.70.0) (Version: 1.1.70.0 - LunarG, Inc.) Hidden
Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22452 - Microsoft Corporation)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version:  - )
WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1582610941-2809078255-2227080442-1001_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6} -> [OneDrive] => {a52bba46-e9e1-435f-b3d9-28daa648c0f6}
ContextMenuHandlers1: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2019-02-26] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => E:\Programy\Winrar\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => E:\Programy\Winrar\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => E:\Programy\Daemon\DAEMON Tools Lite\DTShl64.dll [2018-04-03] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => E:\Programy\Daemon\DAEMON Tools Lite\DTShl64.dll [2018-04-03] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2019-03-18] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2019-02-26] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => E:\Programy\Winrar\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => E:\Programy\Winrar\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {052A8AE6-C272-474D-A623-7AE89C04786E} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {16F0C574-FAE2-43F3-A4A8-522BD27D450A} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {23234578-A2DD-4D25-B90B-5985C27A90EE} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe (Advanced Micro Devices, Inc.) [File not signed]
Task: {458AFAD4-2F66-4833-8EFA-3E574D240C75} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {4DD7463D-3D8D-4A32-9DF4-22AFBC52FF90} - System32\Tasks\Microsoft\Windows\Setup\EOSNotify => C:\WINDOWS\system32\EOSNotify.exe
Task: {54A44C58-74F9-4AA1-94E1-77E76CF70ACB} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {6A441BB2-9919-4446-8512-3F56B99B9D86} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {6A518A63-3BC5-4EEE-9E50-3155271B0A6B} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {72E47EDA-5747-4503-A0BD-27807FDAA516} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\dvrcmd.exe
Task: {751D4DC0-4CD4-46E0-8E74-E3E39F795BBD} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {755E9A86-D052-495A-96F0-8C8FF9D551FC} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {7A95A190-716A-4932-B4D3-5D1BF63119AE} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {839B9EF6-E420-4D72-87B2-F540F09B8C6B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {8661DE0C-40AB-4F26-8E17-ED5E311EC601} - System32\Tasks\S-1-5-21-1582610941-2809078255-2227080442-1001\DataSenseLiveTileTask => C:\WINDOWS\System32\DataUsageLiveTileTask.exe (Microsoft Windows -> Microsoft Corporation)
Task: {8EB1950C-0C78-4348-9196-7E697FA56A05} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe (Piriform Ltd -> Piriform Ltd)
Task: {9D8A1916-7F71-44DC-AFC2-A67FAACD9442} - System32\Tasks\Avast Software\Overseer => C:\Program Files\AVAST Software\Avast\setup\overseer.exe
Task: {9E092371-0F5F-4AFE-8B17-2FAC5584AD2D} - System32\Tasks\StartCNBM => C:\Program Files\AMD\CNext\CNext\cncmd.exe (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {ACB88ADE-183F-470F-92C4-CFA28B90AC1D} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {CF93B511-96B7-473A-AAD6-FA31C33EA38A} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\BIN64\InstallManagerApp.exe (Advanced Micro Devices, Inc.) [File not signed]
Task: {E2215B29-7C80-4794-8AF1-6407EDA2AC33} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2018-11-14 13:40 - 2018-11-14 13:40 - 000355328 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngine.dll
2018-11-14 13:40 - 2018-11-14 13:40 - 003699712 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2018-11-14 13:40 - 2018-11-14 13:40 - 005590528 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2018-11-14 13:40 - 2018-11-14 13:40 - 000461312 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2018-11-14 13:40 - 2018-11-14 13:40 - 002821632 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5XmlPatterns.dll
2018-11-14 13:40 - 2018-11-14 13:40 - 001077248 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2018-11-14 13:40 - 2018-11-14 13:40 - 000189952 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
2019-03-18 19:32 - 2019-03-18 19:32 - 005786112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2018-11-14 13:40 - 2018-11-14 13:40 - 076171264 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngineCore.dll
2018-11-14 13:40 - 2018-11-14 13:40 - 006303232 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2018-11-14 13:40 - 2018-11-14 13:40 - 003556352 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2018-11-14 13:40 - 2018-11-14 13:40 - 000113152 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebChannel.dll
2018-11-14 13:40 - 2018-11-14 13:40 - 000323584 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Positioning.dll
2018-11-14 13:41 - 2018-11-14 13:41 - 001413632 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\platforms\qwindows.dll
2018-11-14 13:41 - 2018-11-14 13:41 - 000135680 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\styles\qwindowsvistastyle.dll
2018-11-14 13:40 - 2018-11-14 13:40 - 000014336 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.DLL
2018-11-14 13:40 - 2018-11-14 13:40 - 002551808 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2018-11-14 13:41 - 2018-11-14 13:41 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qgif.dll
2018-11-14 13:41 - 2018-11-14 13:41 - 000040960 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qicns.dll
2018-11-14 13:41 - 2018-11-14 13:41 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qico.dll
2018-11-14 13:41 - 2018-11-14 13:41 - 000345600 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjpeg.dll
2018-11-14 13:41 - 2018-11-14 13:41 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qsvg.dll
2018-11-14 13:40 - 2018-11-14 13:40 - 000331264 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2018-11-14 13:41 - 2018-11-14 13:41 - 000024576 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtga.dll
2018-11-14 13:41 - 2018-11-14 13:41 - 000023552 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwbmp.dll
2018-11-14 13:41 - 2018-11-14 13:41 - 000502784 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwebp.dll
2018-11-14 13:41 - 2018-11-14 13:41 - 000017408 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2018-11-14 13:41 - 2018-11-14 13:41 - 000327680 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2018-11-14 13:41 - 2018-11-14 13:41 - 000059392 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2018-11-14 13:41 - 2018-11-14 13:41 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2018-11-14 13:41 - 2018-11-14 13:41 - 000053760 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2018-11-14 13:41 - 2018-11-14 13:41 - 000089600 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2018-11-14 13:41 - 2018-11-14 13:41 - 000137728 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2019-03-18 19:23 - 2019-03-18 19:23 - 000256512 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\WirelessVR-windesktop64.dll
2019-03-18 19:23 - 2019-03-18 19:23 - 000043008 _____ (AMD) [File not signed] C:\Program Files\AMD\Performance Profile Client\AUEPLauncher.exe
2019-03-18 19:23 - 2019-03-18 19:23 - 000572928 _____ (AMD) [File not signed] C:\Program Files\AMD\Performance Profile Client\AUEPMaster.exe
2018-03-13 05:47 - 2018-03-13 05:47 - 000912896 _____ () [File not signed] C:\Program Files\AMD\Performance Profile Client\aws-cpp-sdk-core.dll
2018-03-13 05:47 - 2018-03-13 05:47 - 003109888 _____ () [File not signed] C:\Program Files\AMD\Performance Profile Client\aws-cpp-sdk-s3.dll
2015-02-19 02:13 - 2015-02-19 02:13 - 003650560 _____ () [File not signed] C:\Program Files\AMD\Performance Profile Client\Platform.dll
2015-02-19 02:13 - 2015-02-19 02:13 - 000817152 _____ () [File not signed] C:\Program Files\AMD\Performance Profile Client\Device.dll
2019-03-18 19:23 - 2019-03-18 19:23 - 000159232 _____ (AMD) [File not signed] C:\Program Files\AMD\Performance Profile Client\AUEPUF.exe
2019-02-01 22:29 - 2018-09-21 11:32 - 000184832 _____ (The Qt Company Ltd) [File not signed] E:\Programy\Origin\Qt5Xml.dll
2019-02-01 22:29 - 2018-09-21 11:32 - 001177600 _____ (The Qt Company Ltd) [File not signed] E:\Programy\Origin\Qt5Network.dll
2019-02-01 22:29 - 2018-09-21 11:32 - 005487104 _____ (The Qt Company Ltd) [File not signed] E:\Programy\Origin\Qt5Core.dll
2019-02-01 22:29 - 2018-09-21 11:32 - 005089792 _____ (The Qt Company Ltd) [File not signed] E:\Programy\Origin\Qt5Widgets.dll
2019-02-01 22:29 - 2018-09-21 11:32 - 001548288 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] E:\Programy\Origin\LIBEAY32.dll
2019-02-01 22:29 - 2018-09-21 11:32 - 005841920 _____ (The Qt Company Ltd) [File not signed] E:\Programy\Origin\Qt5Gui.dll
2019-02-01 22:29 - 2018-09-21 11:32 - 001611264 _____ (The Qt Company Ltd) [File not signed] E:\Programy\Origin\platforms\qwindows.dll
2019-02-01 22:29 - 2018-09-21 11:32 - 000395776 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] E:\Programy\Origin\ssleay32.dll

==================== Alternate Data Streams (Whitelisted) =========

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-04-12 01:38 - 2015-07-10 13:02 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-1582610941-2809078255-2227080442-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\altai\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 93.115.85.211 - 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

HKU\S-1-5-21-1582610941-2809078255-2227080442-1001\...\StartupApproved\StartupFolder: => "f.lux.lnk"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{63C773EA-E514-41C2-8A40-B1625C5E03EC}E:\steam\steamapps\common\minion masters\minionmasters.exe] => (Allow) E:\steam\steamapps\common\minion masters\minionmasters.exe No File
FirewallRules: [TCP Query User{4F716329-D8EF-48FC-95A8-AC6AF8F7C1D0}E:\steam\steamapps\common\minion masters\minionmasters.exe] => (Allow) E:\steam\steamapps\common\minion masters\minionmasters.exe No File
FirewallRules: [UDP Query User{C7F1D122-85F4-4AA5-8595-7C0AF63FDCEC}E:\hry\destiny 2\destiny2.exe] => (Allow) E:\hry\destiny 2\destiny2.exe No File
FirewallRules: [TCP Query User{B6C4916F-71B9-4211-8562-37AFD1A1AF47}E:\hry\destiny 2\destiny2.exe] => (Allow) E:\hry\destiny 2\destiny2.exe No File
FirewallRules: [{DF4C986D-2CDE-42BA-9FF6-A26B53A08AE7}] => (Block) E:\Hry\FO4\Fallout 4 GOTY\Fallout4.exe No File
FirewallRules: [{8D1DE15F-850B-41D8-9D4C-262F545650C6}] => (Allow) E:\Steam\steamapps\common\Life is Strange 2\LIS2\Binaries\Win64\LIS2-Win64-Shipping.exe (Square Enix) [File not signed]
FirewallRules: [{DE910E6C-CEA4-470F-BCDC-3EDAA6014058}] => (Allow) E:\Steam\steamapps\common\Life is Strange 2\LIS2\Binaries\Win64\LIS2-Win64-Shipping.exe (Square Enix) [File not signed]
FirewallRules: [UDP Query User{3697F2BA-4375-4EA0-A3E7-0EFCB04E1B61}E:\steam\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe] => (Allow) E:\steam\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe No File
FirewallRules: [TCP Query User{25B3A914-878D-40CF-B598-6CBAEBCE74F1}E:\steam\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe] => (Allow) E:\steam\steamapps\common\borderlandspresequel\binaries\win32\borderlandspresequel.exe No File
FirewallRules: [{8EF2E2AB-84F4-4E3A-BBEE-3202CB506C41}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{D8995AC6-1402-4752-A35A-7F537FABCC88}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{EE6EFF7D-E6F1-404A-8ABA-11175CF3F33C}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{35A94FA8-1D11-4F25-B38D-C22EEBFEE753}] => (Allow) E:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{835B4FD7-63F6-4610-8220-02441EFF592F}] => (Allow) E:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [UDP Query User{8D58C6F6-3428-423C-95A8-F437807B6574}E:\hry\crash\crash bandicoot n sane trilogy\crashbandicootnsanetrilogy.exe] => (Allow) E:\hry\crash\crash bandicoot n sane trilogy\crashbandicootnsanetrilogy.exe No File
FirewallRules: [TCP Query User{B5C0BC93-CAA0-474D-800A-8C0ED841E83C}E:\hry\crash\crash bandicoot n sane trilogy\crashbandicootnsanetrilogy.exe] => (Allow) E:\hry\crash\crash bandicoot n sane trilogy\crashbandicootnsanetrilogy.exe No File
FirewallRules: [{A385D6CE-B388-41C0-BEDA-E0BED37AC0E8}] => (Allow) E:\Steam\steamapps\common\Hot Lava\archive\build\hotlava.exe No File
FirewallRules: [{92B965CE-8536-4AF6-826A-A2A1602A0D9F}] => (Allow) E:\Steam\steamapps\common\Hot Lava\archive\build\hotlava.exe No File
FirewallRules: [UDP Query User{1C31F496-A194-4928-A53A-88D26DCFD4D0}E:\hry\vampyr\vampyr\avgame\binaries\win64\avgame-win64-shipping.exe] => (Allow) E:\hry\vampyr\vampyr\avgame\binaries\win64\avgame-win64-shipping.exe No File
FirewallRules: [TCP Query User{27802E61-14E1-4A70-93E3-5E5FF8154619}E:\hry\vampyr\vampyr\avgame\binaries\win64\avgame-win64-shipping.exe] => (Allow) E:\hry\vampyr\vampyr\avgame\binaries\win64\avgame-win64-shipping.exe No File
FirewallRules: [{E3EDACC5-DCB6-470C-ADB5-4838481B8ED8}] => (Allow) E:\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe No File
FirewallRules: [{3B0DDA99-241B-4B28-B1FD-1B962B3C6C2F}] => (Allow) E:\Steam\steamapps\common\Don't Starve Together\bin\dontstarve_steam.exe No File
FirewallRules: [{381352DA-F91E-44CD-92C7-A66425FEA691}] => (Allow) E:\Hry\GTA5\PlayGTAV.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{AD804D24-2C2C-46F9-A238-DFCAD776748A}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{03CC6F5A-8292-4BC0-83C8-974D5735A695}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{58F8366B-4CAE-498B-BF68-3B26ED02D686}] => (Allow) E:\Programy\Daemon\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{24770475-5DDB-48C7-9728-9C039851443D}] => (Allow) E:\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{ECFF0831-F525-4101-B62B-113FF3552D3D}] => (Allow) E:\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{B33F3E69-9CF7-4B16-A827-AD5BD37D7F9E}] => (Allow) E:\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{3FDA82E4-1846-4AE9-828B-C3B2DF9AC76F}] => (Allow) E:\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{F2B04D4E-5D66-4DB2-93BC-194B59CBE29C}] => (Allow) E:\Steam\steamapps\common\Team Fortress 2\hl2.exe (Valve -> )
FirewallRules: [{EC74A9F0-B3AD-45C3-A6F1-5B1253E161E5}] => (Allow) E:\Steam\steamapps\common\Team Fortress 2\hl2.exe (Valve -> )
FirewallRules: [{81441CC9-C680-4A5F-A1B5-A2514B0C65FC}] => (Allow) C:\Users\altai\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{FA1C0956-CE49-4B0A-B4EE-813BBB0B8C8E}] => (Allow) C:\Users\altai\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{9BECEFE8-D434-4391-8A28-7E312D08266B}] => (Allow) LPort=1688
FirewallRules: [{FF724566-88E3-462B-9602-AA15D461CD22}] => (Allow) E:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{EF2562A0-C3B0-4F4D-BD50-61E643CAE031}] => (Allow) E:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve -> )
FirewallRules: [{C5974F6B-EE12-420E-8A45-EB52287E9E72}] => (Allow) E:\Steam\steamapps\common\Warframe\Warframe.exe No File
FirewallRules: [{24377A34-EAAC-45E3-BF6C-2C8C94E037F4}] => (Allow) E:\Steam\steamapps\common\Warframe\Warframe.x64.exe (Digital Extremes Ltd. -> Digital Extremes)
FirewallRules: [{CE360631-5DD1-4753-8319-A72FD560EACD}] => (Allow) E:\Steam\steamapps\common\Warframe\Warframe.exe No File
FirewallRules: [{20A98F65-2B40-40CF-88BC-082731889165}] => (Allow) E:\Steam\steamapps\common\Warframe\Warframe.x64.exe (Digital Extremes Ltd. -> Digital Extremes)
FirewallRules: [{060FD4BB-6965-44F3-94D2-651CD66D791D}] => (Allow) E:\Steam\steamapps\common\Warframe\Tools\Launcher.exe (Digital Extremes Ltd. -> Digital Extremes)
FirewallRules: [{D56FE2DE-CECB-48B8-A6AB-ED3F93B613C5}] => (Allow) E:\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe (Digital Extremes Ltd. -> )
FirewallRules: [{DDCCB6ED-A726-4330-824A-B84E095F607F}] => (Allow) E:\Steam\steamapps\common\Warframe\Warframe.exe No File
FirewallRules: [{9698483D-9E89-47A9-B943-E76098E33783}] => (Allow) E:\Steam\steamapps\common\Warframe\Warframe.x64.exe (Digital Extremes Ltd. -> Digital Extremes)
FirewallRules: [{2FD500ED-F31C-4B9D-BC00-E26B89016BF3}] => (Allow) E:\Steam\steamapps\common\Warframe\Warframe.exe No File
FirewallRules: [{5BC08E1F-4BD8-4447-B721-703631482B1B}] => (Allow) E:\Steam\steamapps\common\Warframe\Warframe.x64.exe (Digital Extremes Ltd. -> Digital Extremes)
FirewallRules: [{D99059D6-0C0C-4458-B7EE-A92F14E9BD0D}] => (Allow) E:\Steam\steamapps\common\Warframe\Tools\Launcher.exe (Digital Extremes Ltd. -> Digital Extremes)
FirewallRules: [{5159CFB4-FB1C-441C-A5FE-036F88E251A8}] => (Allow) E:\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe (Digital Extremes Ltd. -> )
FirewallRules: [TCP Query User{3CCF76F6-20DD-4A14-9039-BA36BFFD215C}E:\hry\overwatch\overwatch.exe] => (Allow) E:\hry\overwatch\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{4A4FA82D-BCCD-417A-A6A6-2E5E0A8CF5A5}E:\hry\overwatch\overwatch.exe] => (Allow) E:\hry\overwatch\overwatch.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [TCP Query User{D0EFD9F8-7D66-4F1D-A9FD-26081094957C}E:\hry\gta5\gta5.exe] => (Allow) E:\hry\gta5\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [UDP Query User{C75DB230-3847-4345-B239-7EF7AA9EFC6D}E:\hry\gta5\gta5.exe] => (Allow) E:\hry\gta5\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [TCP Query User{0F051937-B51E-4D38-B8F1-12070CB75B13}E:\steam\steamapps\common\what never was\whatneverwas\binaries\win64\whatneverwas-win64-shipping.exe] => (Allow) E:\steam\steamapps\common\what never was\whatneverwas\binaries\win64\whatneverwas-win64-shipping.exe No File
FirewallRules: [UDP Query User{9E140313-F543-41EE-94CF-D8DC9B18F580}E:\steam\steamapps\common\what never was\whatneverwas\binaries\win64\whatneverwas-win64-shipping.exe] => (Allow) E:\steam\steamapps\common\what never was\whatneverwas\binaries\win64\whatneverwas-win64-shipping.exe No File
FirewallRules: [TCP Query User{EF76FE59-BB77-4CF2-B726-459372AD9125}E:\hry\apex\apex\r5apex.exe] => (Allow) E:\hry\apex\apex\r5apex.exe No File
FirewallRules: [UDP Query User{D1A46836-1A24-45BA-B30D-E3142C1F7A4B}E:\hry\apex\apex\r5apex.exe] => (Allow) E:\hry\apex\apex\r5apex.exe No File
FirewallRules: [TCP Query User{05F53688-C2A4-4936-A2A5-41932DF37875}C:\program files (x86)\gigabyte\et6\updexe.exe] => (Allow) C:\program files (x86)\gigabyte\et6\updexe.exe No File
FirewallRules: [UDP Query User{3E098AAD-5FC8-4047-BB9A-E9CCD51C16A5}C:\program files (x86)\gigabyte\et6\updexe.exe] => (Allow) C:\program files (x86)\gigabyte\et6\updexe.exe No File
FirewallRules: [{B7EF7173-4D3B-4270-959C-EC233A715DCA}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{72FDFC2C-E601-4996-A575-FFB4B94DBBA6}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{9BD9BCA9-01AC-42D6-8D1F-441645CD6840}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{82BB851E-F8FE-4EEA-98F0-44A3FAEE03CD}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================

23-03-2019 21:56:45 Microsoft Visual C++ 2017 Redistributable (x64) - 14.14.26429
02-04-2019 17:13:45 Scheduled Checkpoint
08-04-2019 15:13:55 Installed uRage Illuminated

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (04/09/2019 04:30:17 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine QueryFullProcessImageNameW.  hr = 0x80070006, The handle is invalid.
.


Operation:
   Executing Asynchronous Operation

Context:
   Current State: DoSnapshotSet

Error: (04/09/2019 04:29:48 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
   Gathering Writer Data

Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {3d8c3ba9-b780-4113-af2d-2ec81466d58e}

Error: (04/08/2019 03:37:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Monitor.exe, version: 1.0.0.1, time stamp: 0x50f75f80
Faulting module name: ntdll.dll, version: 10.0.17763.292, time stamp: 0xf3450dbf
Exception code: 0xc000041d
Fault offset: 0x00045702
Faulting process id: 0x2bb0
Faulting application start time: 0x01d4ee0f94e225de
Faulting application path: E:\Programy\myš\Monitor.exe
Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll
Report Id: 795ec9b6-51c8-47e3-8321-7582202dfb33
Faulting package full name: 
Faulting package-relative application ID:

Error: (04/08/2019 03:37:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Monitor.exe, version: 1.0.0.1, time stamp: 0x50f75f80
Faulting module name: ntdll.dll, version: 10.0.17763.292, time stamp: 0xf3450dbf
Exception code: 0xc0000005
Fault offset: 0x00045702
Faulting process id: 0x2bb0
Faulting application start time: 0x01d4ee0f94e225de
Faulting application path: E:\Programy\myš\Monitor.exe
Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll
Report Id: 8cab3bec-51b2-4ec8-b51f-ba034272921b
Faulting package full name: 
Faulting package-relative application ID:

Error: (04/08/2019 03:28:44 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Monitor.exe version 1.0.0.1 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 2aa8

Start Time: 01d4ee0ee6d519dc

Termination Time: 17

Application Path: E:\Programy\myš\Monitor.exe

Report Id: 47838af9-cccd-4582-b039-ceeab2ca114f

Faulting package full name: 

Faulting package-relative application ID: 

Hang type: Cross-process

Error: (04/08/2019 03:27:58 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Monitor.exe version 1.0.0.1 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 4a8

Start Time: 01d4ee0e9ecb922f

Termination Time: 13

Application Path: E:\Programy\myš\Monitor.exe

Report Id: 417aa01e-f318-47ec-b9c9-555d6de08221

Faulting package full name: 

Faulting package-relative application ID: 

Hang type: Cross-process

Error: (04/07/2019 01:09:42 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest".Error in manifest or policy file "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" on line 1.
Component identity found in manifest does not match the identity of the component requested.
Reference is UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition is UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Please use sxstrace.exe for detailed diagnosis.

Error: (04/06/2019 01:47:07 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Steam.exe version 5.2.59.97 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 15e0

Start Time: 01d4eb8864d369b5

Termination Time: 58

Application Path: E:\Steam\Steam.exe

Report Id: 69c76067-9125-443f-9471-5f89f1c0b8ae

Faulting package full name: 

Faulting package-relative application ID: 

Hang type: Cross-thread


System errors:
=============
Error: (04/09/2019 04:40:58 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-IIMA3GV)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
 and APPID 
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
 to the user DESKTOP-IIMA3GV\Simon SID (S-1-5-21-1582610941-2809078255-2227080442-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (04/09/2019 04:36:39 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID 
Windows.SecurityCenter.SecurityAppBroker
 and APPID 
Unavailable
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (04/09/2019 04:30:17 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Search service, but this action failed with the following error: 
An instance of the service is already running.

Error: (04/09/2019 04:29:47 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Disc Soft Lite Bus Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (04/09/2019 04:29:47 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The AMD User Experience Program Launcher service terminated unexpectedly.  It has done this 1 time(s).

Error: (04/09/2019 04:29:47 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Search service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.

Error: (04/09/2019 04:29:47 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Origin Web Helper Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (04/09/2019 04:29:47 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Service KMSELDI service terminated unexpectedly.  It has done this 1 time(s).


==================== Memory info =========================== 

Processor: AMD FX(tm)-6300 Six-Core Processor 
Percentage of memory in use: 34%
Total physical RAM: 8156.64 MB
Available physical RAM: 5304.09 MB
Total Virtual: 15324.64 MB
Available Virtual: 11236.23 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:194.76 GB) (Free:137.47 GB) NTFS
Drive e: () (Fixed) (Total:736.2 GB) (Free:478.08 GB) NTFS

\\?\Volume{f55c78f9-0000-0000-0000-100000000000}\ (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
\\?\Volume{f55c78f9-0000-0000-0000-30b730000000}\ () (Fixed) (Total:0.45 GB) (Free:0.06 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: F55C78F9)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=194.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=461 MB) - (Type=27)
Partition 4: (Not Active) - (Size=736.2 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================