Additional scan result of Farbar Recovery Scan Tool (x64) Version: 3-07-2019
Ran by Admin (07-07-2019 04:26:11)
Running from C:\Users\Adam\Desktop
Windows 10 Pro Version 1903 18362.207 (X64) (2019-06-30 22:57:37)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Admin (S-1-5-21-2391929450-3087242319-1035230424-1001 - Administrator - Enabled) => C:\Users\Adam
Administrator (S-1-5-21-2391929450-3087242319-1035230424-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2391929450-3087242319-1035230424-503 - Limited - Disabled)
Guest (S-1-5-21-2391929450-3087242319-1035230424-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-2391929450-3087242319-1035230424-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AV: Kaspersky Internet Security (Enabled - Up to date) {0AB30972-4BAC-7BEE-CBCA-B8F9E68797D8}
AS: Kaspersky Internet Security (Disabled - Up to date) {B1D2E896-6D96-7460-F17A-838B9D00DD65}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {32888857-01C3-7AB6-E095-11CC1854D0A3}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-2391929450-3087242319-1035230424-1001\...\uTorrent) (Version: 3.5.5.45271 - BitTorrent Inc.)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 19.5.2 - Advanced Micro Devices, Inc.)
Asmedia USB Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.35.1 - Asmedia Technology)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
BCArchive 2.0 (HKLM-x32\...\BCArchive) (Version: 2.07.1.1 - Jetico Inc.)
Branding64 (HKLM\...\{EE2AFCE4-0238-4DE0-A140-1647021627C1}) (Version: 1.00.0001 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (HKLM\...\{E7AA1A02-575C-14C6-FBEF-4BE6D46A5B74}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{36EDC500-E4C0-371C-9865-08450415C1E9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{4C2FB7FD-89FD-BA5C-585A-3811F326AD34}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{D74218A3-C503-57EF-AC9F-2220082E7ADE}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{DA433FCF-90A1-19A5-65A7-FDF82DE4826D}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{949F125B-A6CC-5A5E-EEE7-4AC50305C1FA}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{20D46801-147B-30AD-7C5A-AC4560A79096}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{22C39711-2747-D264-319A-1550BEEAAEC6}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{1DBACFDB-5E43-7882-36BD-53526D34BD22}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{EB6C44F1-0F78-FE10-BC63-90BA50AB0CE9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{B26D75B8-FAB7-6F8B-767F-BAF975383D91}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{A91FC4BF-C1EC-ADCA-79D1-F4F0671F1D60}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{ED75A775-03A7-F214-868D-497748707968}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{07BFBD5C-2F63-6828-1B61-B41A44113F3B}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{E6038D3E-5D87-8DF7-6D05-BE7532C3E73E}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{DFAD9DAC-4768-C8BB-4E0E-5239605A9BEA}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{FFBFBD1F-B160-A119-7C43-8584FA2E5665}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{4D1D5407-9B69-6422-629C-8518A26004A4}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{A8379BAB-59A9-C0A3-8BCC-4852EA403692}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{24DF617A-CD23-6E6A-126B-23630D2781CE}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{83DDDFD8-AD42-72F9-E4F1-5456FDB304C9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Futuremark SystemInfo (HKLM-x32\...\{2B738B9D-A2E2-457E-B2B3-2810D65B1F0D}) (Version: 5.15.699.0 - Futuremark)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 75.0.3770.100 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
Kaspersky Internet Security (HKLM-x32\...\{718613F4-492D-4272-ACC3-D04A8EF0F883}) (Version: 19.0.0.1088 - Kaspersky Lab) Hidden
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{718613F4-492D-4272-ACC3-D04A8EF0F883}) (Version: 19.0.0.1088 - Kaspersky Lab)
KC Softwares DUMo (HKLM-x32\...\KC Softwares DUMo_is1) (Version: 2.17.3.88 - KC Softwares)
KC Softwares HDDExpert (HKLM-x32\...\KC Softwares HDDExpert_is1) (Version: 1.18.2.41 - KC Softwares)
KC Softwares KCleaner (HKLM-x32\...\KC Softwares KCleaner_is1) (Version: 3.6.2.101 - KC Softwares)
KC Softwares SUMo (HKLM-x32\...\KC Softwares SUMo_is1) (Version: 5.9.4.424 - KC Softwares)
KeePass Password Safe 2.42.1 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.42.1 - Dominik Reichl)
Malwarebytes verze 3.8.3.2965 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.8.3.2965 - Malwarebytes)
MEGAsync (HKLM-x32\...\MEGAsync) (Version:  - Mega Limited)
Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.14.26429 (HKLM-x32\...\{80586c77-db42-44bb-bfc8-7aebbb220c00}) (Version: 14.14.26429.4 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.14.26405 (HKLM-x32\...\{ec9c2282-a836-48a6-9e41-c2f0bf8d678b}) (Version: 14.14.26405.0 - Microsoft Corporation)
Mozilla Firefox 67.0.4 (x64 cs) (HKLM\...\Mozilla Firefox 67.0.4 (x64 cs)) (Version: 67.0.4 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 65.0 - Mozilla)
Nástroje kontroly pravopisu pro Microsoft Office 2016 – čeština (HKLM\...\{90160000-001F-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2016 - slovenčina (HKLM\...\{90160000-001F-041B-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Overwatch (HKLM-x32\...\Overwatch) (Version:  - Blizzard Entertainment)
Pomocník s aktualizací Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22589 - Microsoft Corporation)
PWGen 2.9.0 (HKLM-x32\...\{8A5E6B59-2804-4677-8A5F-DEBC218CE4E0}_is1) (Version:  - Christian Thöing)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7848 - Realtek Semiconductor Corp.)
ShareX (HKLM\...\82E6AC09-0FEF-4390-AD9F-0DD3F5561EFC_is1) (Version: 12.4.1 - ShareX Team)
SpywareBlaster 5.5 (HKLM-x32\...\SpywareBlaster_is1) (Version: 5.5.0 - BrightFort LLC)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SumatraPDF (HKLM\...\SumatraPDF) (Version: 3.1.2 - Krzysztof Kowalczyk)
Transcend SSD Scope version 3.8.0 (HKLM-x32\...\{AD8E7B8B-EAD8-4B9F-882E-7970ABFACE34}_is1) (Version: 3.8.0 - Transcend Information, Inc.)
Update for Skype for Business 2016 (KB4464576) 64-Bit Edition (HKLM\...\{90160000-0011-0000-1000-0000000FF1CE}_Office16.PROPLUS_{FDE43626-A1A9-4441-AE9F-E2B2E024E55E}) (Version:  - Microsoft)
Update for Skype for Business 2016 (KB4464576) 64-Bit Edition (HKLM\...\{90160000-00C1-0000-1000-0000000FF1CE}_Office16.PROPLUS_{FDE43626-A1A9-4441-AE9F-E2B2E024E55E}) (Version:  - Microsoft)
Update for Skype for Business 2016 (KB4464576) 64-Bit Edition (HKLM\...\{90160000-012B-0405-1000-0000000FF1CE}_Office16.PROPLUS_{FDE43626-A1A9-4441-AE9F-E2B2E024E55E}) (Version:  - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F814D094-197F-43C8-87FA-3210BB780486}) (Version: 2.53.0.0 - Microsoft Corporation)
VeraCrypt (HKLM-x32\...\VeraCrypt) (Version: 1.23-Hotfix-2 - IDRIX)
VirusTotal Uploader 2.2 (HKLM-x32\...\VTUploader) (Version:  - )
VLC media player (HKLM\...\VLC media player) (Version: 3.0.7.1 - VideoLAN)
WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)
WinThumbsPreloader (HKLM\...\CF49DD18-AA76-4E79-97C2-4FEAED1AED5F_is1) (Version: 1.0.1 - Dmitry Bruhov)

Packages:
=========
Pošta a Kalendář -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20174.0_x64__8wekyb3d8bbwe [2019-05-30] (Microsoft Corporation) [MS Ad]

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Adam\AppData\Local\MEGAsync\ShellExtX64.dll [2019-06-05] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Adam\AppData\Local\MEGAsync\ShellExtX64.dll [2019-06-05] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Adam\AppData\Local\MEGAsync\ShellExtX64.dll [2019-06-05] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Adam\AppData\Local\MEGAsync\ShellExtX64.dll [2019-06-05] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Adam\AppData\Local\MEGAsync\ShellExtX64.dll [2019-06-05] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Adam\AppData\Local\MEGAsync\ShellExtX64.dll [2019-06-05] (Mega Limited -> )
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> No File
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} =>  -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} =>  -> No File
ContextMenuHandlers1: [BCShellMenu] -> {7850a720-705f-11d0-a9eb-0080488625e5} => C:\Users\Adam\Desktop\Programy\Shared64\BCShExt.dll [2018-08-08] (Jetico, Inc.) [File not signed]
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
ContextMenuHandlers1: [Kaspersky Anti-Virus 19.0.0] -> {755D388B-420B-4692-A974-84AAF0E577D3} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\x64\ShellEx.dll [2019-04-18] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Adam\AppData\Local\MEGAsync\ShellExtX64.dll [2019-06-05] (Mega Limited -> )
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [BCShellMenu] -> {7850a720-705f-11d0-a9eb-0080488625e5} => C:\Users\Adam\Desktop\Programy\Shared64\BCShExt.dll [2018-08-08] (Jetico, Inc.) [File not signed]
ContextMenuHandlers2: [Kaspersky Anti-Virus 19.0.0] -> {755D388B-420B-4692-A974-84AAF0E577D3} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\x64\ShellEx.dll [2019-04-18] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Adam\AppData\Local\MEGAsync\ShellExtX64.dll [2019-06-05] (Mega Limited -> )
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Adam\AppData\Local\MEGAsync\ShellExtX64.dll [2019-06-05] (Mega Limited -> )
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} =>  -> No File
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} =>  -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> No File
ContextMenuHandlers4: [Kaspersky Anti-Virus 19.0.0] -> {755D388B-420B-4692-A974-84AAF0E577D3} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\x64\ShellEx.dll [2019-04-18] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\Adam\AppData\Local\MEGAsync\ShellExtX64.dll [2019-06-05] (Mega Limited -> )
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2019-05-22] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [BCShellMenu] -> {7850a720-705f-11d0-a9eb-0080488625e5} => C:\Users\Adam\Desktop\Programy\Shared64\BCShExt.dll [2018-08-08] (Jetico, Inc.) [File not signed]
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
ContextMenuHandlers6: [Kaspersky Anti-Virus 19.0.0] -> {755D388B-420B-4692-A974-84AAF0E577D3} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\x64\ShellEx.dll [2019-04-18] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2019-01-08 12:59 - 2019-01-08 12:59 - 000017920 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.DLL
2019-01-08 12:59 - 2019-01-08 12:59 - 003598336 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2018-08-08 05:14 - 2018-08-08 05:14 - 000638464 _____ (Jetico, Inc.) [File not signed] C:\Users\Adam\Desktop\Programy\Shared64\BCShExt.dll
2018-08-08 05:10 - 2018-08-08 05:10 - 000083968 _____ (Jetico, Inc.) [File not signed] C:\Users\Adam\Desktop\Programy\Shared64\langfile2.dll
2019-01-08 12:59 - 2019-01-08 12:59 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qgif.dll
2019-01-08 12:59 - 2019-01-08 12:59 - 000040960 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qicns.dll
2019-01-08 12:59 - 2019-01-08 12:59 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qico.dll
2019-01-08 12:59 - 2019-01-08 12:59 - 000414208 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjpeg.dll
2019-01-08 12:59 - 2019-01-08 12:59 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qsvg.dll
2019-01-08 12:59 - 2019-01-08 12:59 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtga.dll
2019-01-08 12:59 - 2019-01-08 12:59 - 000023552 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwbmp.dll
2019-01-08 12:59 - 2019-01-08 12:59 - 000516608 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwebp.dll
2019-01-08 12:59 - 2019-01-08 12:59 - 001441280 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\platforms\qwindows.dll
2019-05-22 09:19 - 2019-05-22 09:19 - 005999104 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2019-01-08 12:58 - 2019-01-08 12:58 - 006413824 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2019-01-08 12:58 - 2019-01-08 12:58 - 001141760 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2019-01-08 12:58 - 2019-01-08 12:58 - 000339968 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Positioning.dll
2019-01-08 12:58 - 2019-01-08 12:58 - 004143104 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2019-01-08 12:58 - 2019-01-08 12:58 - 003840000 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2019-01-08 12:59 - 2019-01-08 12:59 - 000332800 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2019-01-08 12:59 - 2019-01-08 12:59 - 000349184 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngine.dll
2019-01-08 12:59 - 2019-01-08 12:59 - 080959488 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngineCore.dll
2019-01-08 12:59 - 2019-01-08 12:59 - 000113152 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebChannel.dll
2019-01-08 12:59 - 2019-01-08 12:59 - 005622272 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2019-01-08 12:59 - 2019-01-08 12:59 - 000463360 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2019-01-08 12:59 - 2019-01-08 12:59 - 000190464 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
2019-01-08 12:59 - 2019-01-08 12:59 - 002825216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5XmlPatterns.dll
2019-01-08 12:59 - 2019-01-08 12:59 - 000053760 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2019-01-08 12:59 - 2019-01-08 12:59 - 000059392 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2019-01-08 12:59 - 2019-01-08 12:59 - 000017408 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2019-01-08 12:59 - 2019-01-08 12:59 - 000330752 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2019-01-08 12:59 - 2019-01-08 12:59 - 000137216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2019-01-08 12:59 - 2019-01-08 12:59 - 000090112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2019-01-08 12:59 - 2019-01-08 12:59 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2019-01-08 12:59 - 2019-01-08 12:59 - 000136192 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\styles\qwindowsvistastyle.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:5C321E34 [125]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\S-1-5-21-2391929450-3087242319-1035230424-1001\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-2391929450-3087242319-1035230424-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-2391929450-3087242319-1035230424-1001\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-2391929450-3087242319-1035230424-1001\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-2391929450-3087242319-1035230424-1001\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-2391929450-3087242319-1035230424-1001\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-2391929450-3087242319-1035230424-1001\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-2391929450-3087242319-1035230424-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-2391929450-3087242319-1035230424-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-2391929450-3087242319-1035230424-1001\...\0411dd.com -> 0411dd.com
IE restricted site: HKU\S-1-5-21-2391929450-3087242319-1035230424-1001\...\0511zfhl.com -> 0511zfhl.com
IE restricted site: HKU\S-1-5-21-2391929450-3087242319-1035230424-1001\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-2391929450-3087242319-1035230424-1001\...\0632qyw.com -> 0632qyw.com
IE restricted site: HKU\S-1-5-21-2391929450-3087242319-1035230424-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-2391929450-3087242319-1035230424-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-2391929450-3087242319-1035230424-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-2391929450-3087242319-1035230424-1001\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-2391929450-3087242319-1035230424-1001\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-2391929450-3087242319-1035230424-1001\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-2391929450-3087242319-1035230424-1001\...\1-2005-search.com -> www.1-2005-search.com

There are 12757 more sites.


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-02-02 15:29 - 2019-02-24 05:04 - 000456895 ____R C:\WINDOWS\system32\drivers\etc\hosts

127.0.0.1	www.007guard.com
127.0.0.1	007guard.com
127.0.0.1	008i.com
127.0.0.1	www.008k.com
127.0.0.1	008k.com
127.0.0.1	www.00hq.com
127.0.0.1	00hq.com
127.0.0.1	010402.com
127.0.0.1	www.032439.com
127.0.0.1	032439.com
127.0.0.1	www.0scan.com
127.0.0.1	0scan.com
127.0.0.1	1000gratisproben.com
127.0.0.1	www.1000gratisproben.com
127.0.0.1	1001namen.com
127.0.0.1	www.1001namen.com
127.0.0.1	100888290cs.com
127.0.0.1	www.100888290cs.com
127.0.0.1	www.100sexlinks.com
127.0.0.1	100sexlinks.com
127.0.0.1	10sek.com
127.0.0.1	www.10sek.com
127.0.0.1	www.1-2005-search.com
127.0.0.1	1-2005-search.com
127.0.0.1	123fporn.info
127.0.0.1	www.123fporn.info
127.0.0.1	123haustiereundmehr.com
127.0.0.1	www.123haustiereundmehr.com
127.0.0.1	123moviedownload.com
127.0.0.1	www.123moviedownload.com

There are 15678 more lines.


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2391929450-3087242319-1035230424-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

MSCONFIG\Services: AMD External Events Utility => 2
MSCONFIG\Services: asComSvc => 2
MSCONFIG\Services: AsSysCtrlService => 2
MSCONFIG\Services: Futuremark SystemInfo Service => 3
HKLM\...\StartupApproved\StartupFolder: => "O&O Defrag Tray.lnk"
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "RTHDVCPL"
HKLM\...\StartupApproved\Run: => "OODefragTray"
HKLM\...\StartupApproved\Run: => "GameSessionsTray"
HKU\S-1-5-21-2391929450-3087242319-1035230424-1001\...\StartupApproved\StartupFolder: => "MEGAsync.lnk"
HKU\S-1-5-21-2391929450-3087242319-1035230424-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2391929450-3087242319-1035230424-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-2391929450-3087242319-1035230424-1001\...\StartupApproved\Run: => "SUPERAntiSpyware"
HKU\S-1-5-21-2391929450-3087242319-1035230424-1001\...\StartupApproved\Run: => "EpicGamesLauncher"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{56FAE12F-C61A-4BCE-9181-74BF32143D96}C:\users\adam\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\adam\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [TCP Query User{2E894200-BEDF-4E1C-A337-CBE9F9BBEE3B}C:\users\adam\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\adam\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{169E72B1-A52C-4974-9B05-2DF094D9335E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\3DMark\bin\x64\3DMark.exe (FUTUREMARK INC -> )
FirewallRules: [{DEC009EB-092A-4196-B49B-D9545EC27764}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\3DMark\bin\x64\3DMark.exe (FUTUREMARK INC -> )
FirewallRules: [{4F9AA09A-0DC5-44A0-8C9D-6179C9B687D2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\3DMark\bin\x86\3DMark.exe (FUTUREMARK INC -> )
FirewallRules: [{6A778C94-D4EB-4237-B46E-40A6686CB4B8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\3DMark\bin\x86\3DMark.exe (FUTUREMARK INC -> )
FirewallRules: [{4A22A86A-2945-4C39-A419-8654C09D74DE}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{1E310547-BBBA-404B-A21F-DE84D36DD615}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{B01F29BE-5F77-4BAF-BAFE-65CE6158D672}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{41A46C84-C043-4388-92C2-35ADB44DC595}] => (Allow) C:\Users\Adam\Desktop\Programy\Security\UltraAdwareKiller64.exe (Da Silva Alfrédo -> Carifred)
FirewallRules: [{65E86CEF-8D84-40BC-AAA1-2FFAC0120752}] => (Allow) C:\Users\Adam\Desktop\Programy\Security\UltraAdwareKiller64.exe (Da Silva Alfrédo -> Carifred)
FirewallRules: [{D00FC218-BFC9-4D38-A1AB-D5C66523E738}] => (Allow) C:\Users\Adam\Desktop\Programy\Security\UltraAdwareKiller.exe (Da Silva Alfrédo -> Carifred)
FirewallRules: [{DAF89888-5376-41D1-9E43-988672D14038}] => (Allow) C:\Users\Adam\Desktop\Programy\Security\UltraAdwareKiller.exe (Da Silva Alfrédo -> Carifred)
FirewallRules: [{85C5A6D7-B942-40AA-9C10-B81D9DEA37FC}] => (Allow) D:\Users\Admin\Desktop\Programy\Security\UltraAdwareKiller64.exe (Da Silva Alfrédo -> Carifred)
FirewallRules: [{50708AB4-0A72-4FCE-B902-3A98DB504E34}] => (Allow) D:\Users\Admin\Desktop\Programy\Security\UltraAdwareKiller64.exe (Da Silva Alfrédo -> Carifred)
FirewallRules: [{60141200-AB69-415C-98BE-4B31D6CD1270}] => (Allow) D:\Users\Admin\Desktop\Programy\Security\UltraAdwareKiller.exe (Da Silva Alfrédo -> Carifred)
FirewallRules: [{F72B8AEE-C0E6-442B-B996-D669294F989C}] => (Allow) D:\Users\Admin\Desktop\Programy\Security\UltraAdwareKiller.exe (Da Silva Alfrédo -> Carifred)
FirewallRules: [{7CD1EE93-BE8C-4B8E-9538-CEC1FF9BF927}] => (Block) C:\WINDOWS\SysWOW64\Wscript.exe
FirewallRules: [{E8E7DD46-32AC-4CD8-A8E3-7FFFFAB5950B}] => (Block) C:\WINDOWS\system32\Wscript.exe
FirewallRules: [{BB861A7C-B99F-4081-A924-E552839A6052}] => (Block) C:\Program Files\Windows NT\Accessories\Wordpad.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{F98A8A2B-B299-4226-A6BE-CBCA93B9C99B}] => (Block) C:\WINDOWS\SysWOW64\wbem\Wmic.exe
FirewallRules: [{37884912-A86D-4AA6-8573-216AA4B30A12}] => (Block) C:\WINDOWS\system32\wbem\Wmic.exe
FirewallRules: [{CF62BBEA-0D16-4132-B696-A1F072588686}] => (Block) C:\WINDOWS\system32\Wininit.exe (Microsoft Windows Publisher -> Microsoft Corporation)
FirewallRules: [{B471E26B-1346-4E22-963F-D1CD107D89CB}] => (Block) C:\WINDOWS\system32\Winlogon.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{F4F8085E-DD2D-4593-AF91-AFDB9BA53017}] => (Block) C:\WINDOWS\system32\Services.exe (Microsoft Windows Publisher -> Microsoft Corporation)
FirewallRules: [{9804B233-3F04-42FE-B627-A25278DF7692}] => (Block) powershell.exe No File
FirewallRules: [{88F87E0E-E157-48D5-8987-35A87D93041D}] => (Block) powershell.exe No File
FirewallRules: [{40A90D5E-DFD6-4CC0-A8B2-4F650E29425F}] => (Block) C:\WINDOWS\SysWOW64\MMC.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{4C8AA287-DC97-427F-AAEE-4FF2AAC7D35A}] => (Block) C:\WINDOWS\system32\MMC.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{E9F9B688-40E2-49B0-88B9-7FD28FFFE6F3}] => (Block) C:\WINDOWS\HH.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{0F86E89C-8D33-4EFE-AFEC-504D46C11629}] => (Block) C:\WINDOWS\Explorer.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{2743D4FA-936E-4D97-9C8A-38434990A336}] => (Block) C:\WINDOWS\SysWOW64\Eventvwr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{8B106165-F153-430B-A42E-39B0CF1498F7}] => (Block) C:\WINDOWS\system32\Eventvwr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{59CC2089-CA22-48CC-9C4B-008ADEA27667}] => (Block) C:\WINDOWS\system32\Dwm.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{129E4080-21DE-47BE-983F-9AD49514B91A}] => (Block) C:\WINDOWS\SysWOW64\Ctfmon.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{272DECD6-6A16-4AB6-A870-C8967B4FBFF2}] => (Block) C:\WINDOWS\system32\Ctfmon.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{30928811-8B23-4AF4-BD75-7C9C19CF6E32}] => (Block) C:\WINDOWS\SysWOW64\Cscript.exe
FirewallRules: [{3E3F31AD-B6C3-4668-A538-28DF16580B39}] => (Block) C:\WINDOWS\system32\Cscript.exe
FirewallRules: [{A75C87DB-00AD-403D-A52A-9D18DE9D779E}] => (Block) C:\WINDOWS\SysWOW64\Control.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{42897431-0422-4197-8A0A-A31EE99ACB0B}] => (Block) C:\WINDOWS\system32\Control.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{81DECB7E-E44A-4521-9229-2BE38A2B9E77}] => (Block) C:\WINDOWS\system32\CompatTelRunner.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{A3DB5C48-2120-43A1-9814-45852A1DDFEA}] => (Block) C:\WINDOWS\SysWOW64\Attrib.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{22D7A12B-9CF2-490B-84C8-9CD4954DF486}] => (Block) C:\WINDOWS\system32\Attrib.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{D0DECABD-70CA-49DE-9EDA-307FF5A58050}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{37C447EC-1403-46C5-88F1-4A29D7028306}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{77B03117-D714-4520-84F6-13BF0774C918}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{F7A7988E-8071-4274-8AFC-C095E9FA2E7B}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{76AABE53-A9F5-4149-BCBA-A60D5B6E1308}] => (Allow) E:\Hry STEAM\steamapps\common\Sonic & All-Stars Racing Transformed\ASN_App_PcDx9_Final.exe (SEGA EUROPE LIMITED -> )
FirewallRules: [{BCE2D941-FD37-4A27-8BDA-B98E45F414A4}] => (Allow) E:\Hry STEAM\steamapps\common\Sonic & All-Stars Racing Transformed\ASN_App_PcDx9_Final.exe (SEGA EUROPE LIMITED -> )
FirewallRules: [{3A12DAF8-B4A2-4B29-87C6-EEE92589B0D5}] => (Allow) E:\Hry STEAM\steamapps\common\Sonic & All-Stars Racing Transformed\Launcher.exe (SEGA EUROPE LIMITED -> )
FirewallRules: [{E8CF0795-83F5-470D-AE03-36138B5CE5BB}] => (Allow) E:\Hry STEAM\steamapps\common\Sonic & All-Stars Racing Transformed\Launcher.exe (SEGA EUROPE LIMITED -> )
FirewallRules: [{8DDE568C-72CA-42F9-9FCC-222C913CBDEE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\3DMark\3DMarkLauncher.exe (FUTUREMARK INC -> Futuremark)
FirewallRules: [{9F76B8BB-FB49-47BF-9234-BC22606098A1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\3DMark\3DMarkLauncher.exe (FUTUREMARK INC -> Futuremark)
FirewallRules: [{05C7BB00-B7FD-43D2-9139-7A244D5ADB9C}] => (Allow) E:\Hry STEAM\steamapps\common\Orcs Must Die 2\build\release\OrcsMustDie2.exe (Robot Entertainment) [File not signed]
FirewallRules: [{9D8A2A6D-E22F-4164-8602-2A9B3748846D}] => (Allow) E:\Hry STEAM\steamapps\common\Orcs Must Die 2\build\release\OrcsMustDie2.exe (Robot Entertainment) [File not signed]
FirewallRules: [TCP Query User{32334661-738D-4537-A8AB-BF041250546D}E:\hry steam\steamapps\common\orcs must die 2\build\game\orcsmustdie2.exe] => (Allow) E:\hry steam\steamapps\common\orcs must die 2\build\game\orcsmustdie2.exe (Robot Entertainment, Inc.) [File not signed]
FirewallRules: [UDP Query User{35030E00-E3E1-4CA6-907D-093808765AC3}E:\hry steam\steamapps\common\orcs must die 2\build\game\orcsmustdie2.exe] => (Allow) E:\hry steam\steamapps\common\orcs must die 2\build\game\orcsmustdie2.exe (Robot Entertainment, Inc.) [File not signed]

==================== Restore Points =========================

01-07-2019 01:03:50 AMDCleanupUtility Restore Point
01-07-2019 03:19:02 Orcs Must Die! restore point

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (07/01/2019 01:14:42 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: RadeonInstaller.exe, verze: 9.0.0.8, časové razítko: 0x5ce54951
Název chybujícího modulu: ntdll.dll, verze: 10.0.18362.207, časové razítko: 0xc5943461
Kód výjimky: 0xc0000374
Posun chyby: 0x00000000000f9269
ID chybujícího procesu: 0x1b00
Čas spuštění chybující aplikace: 0x01d52f9849f4838c
Cesta k chybující aplikaci: C:\AMD\radeon-software-adrenalin-2019-19.5.2-minimalsetup-190531_64bit\Bin64\RadeonInstaller.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: c46ad4ef-01b2-45fa-b5b5-65944a978e62
Úplný název chybujícího balíčku: 
ID aplikace související s chybujícím balíčkem:

Error: (07/01/2019 12:47:37 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 256) (User: )
Description: Služba Šifrování neinicializovala databázi katalogu. Chyba: -2147418113 (0x8000ffff) : Katastrofální selhání
.

Error: (07/01/2019 12:47:35 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 256) (User: )
Description: Služba Šifrování neinicializovala databázi katalogu. Chyba: -2147418113 (0x8000ffff) : Katastrofální selhání
.

Error: (07/01/2019 12:47:33 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 256) (User: )
Description: Služba Šifrování neinicializovala databázi katalogu. Chyba: -2147418113 (0x8000ffff) : Katastrofální selhání
.

Error: (07/01/2019 12:47:23 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 256) (User: )
Description: Služba Šifrování neinicializovala databázi katalogu. Chyba: -2147418113 (0x8000ffff) : Katastrofální selhání
.


System errors:
=============
Error: (07/07/2019 02:55:03 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba FDResPub byla ukončena s následující chybou: 
%%2147952442 = Byla určena neznámá, neplatná nebo nepodporovaná možnost nebo úroveň při volání getsockopt nebo setsockopt.

Error: (07/07/2019 02:55:01 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (2:29:13, ‎07.‎07.‎2019) bylo neočekávané.

Error: (07/06/2019 11:45:46 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Publikování prostředků rozpoznávání funkcí byla ukončena s následující chybou: 
%%2147952442 = Byla určena neznámá, neplatná nebo nepodporovaná možnost nebo úroveň při volání getsockopt nebo setsockopt.

Error: (07/06/2019 12:36:35 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Publikování prostředků rozpoznávání funkcí byla ukončena s následující chybou: 
%%2147952442 = Byla určena neznámá, neplatná nebo nepodporovaná možnost nebo úroveň při volání getsockopt nebo setsockopt.

Error: (07/05/2019 03:16:48 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba FDResPub byla ukončena s následující chybou: 
%%2147952442 = Byla určena neznámá, neplatná nebo nepodporovaná možnost nebo úroveň při volání getsockopt nebo setsockopt.

Error: (07/05/2019 03:16:46 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (13:16:44, ‎05.‎07.‎2019) bylo neočekávané.

Error: (07/05/2019 03:16:29 PM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 29) (User: NT AUTHORITY)
Description: 3221225684Při zpracování obnovovacích dat došlo k závažné chybě.

Error: (07/05/2019 10:46:46 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba FDResPub byla ukončena s následující chybou: 
%%2147952442 = Byla určena neznámá, neplatná nebo nepodporovaná možnost nebo úroveň při volání getsockopt nebo setsockopt.


CodeIntegrity:
===================================

Date: 2019-07-07 02:57:06.594
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume7\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume7\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.

Date: 2019-07-07 02:57:06.574
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume7\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume7\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.

Date: 2019-07-07 02:57:05.870
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume7\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume7\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.

Date: 2019-07-07 02:57:05.860
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume7\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume7\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.

Date: 2019-07-06 20:05:32.710
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume7\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume7\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.

Date: 2019-07-06 20:05:32.670
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume7\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume7\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.

Date: 2019-07-06 20:05:32.485
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume7\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume7\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.

Date: 2019-07-06 20:05:32.401
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume7\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume7\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.

==================== Memory info =========================== 

BIOS: American Megatrends Inc. 2701 03/24/2016
Motherboard: ASUSTeK COMPUTER INC. M5A97 LE R2.0
Processor: AMD FX(tm)-6300 Six-Core Processor 
Percentage of memory in use: 50%
Total physical RAM: 3995.06 MB
Available physical RAM: 1971.97 MB
Total Virtual: 16015.16 MB
Available Virtual: 5006 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:222.97 GB) (Free:26.83 GB) NTFS
Drive d: () (Fixed) (Total:241.68 GB) (Free:65.09 GB) NTFS
Drive e: () (Fixed) (Total:931.51 GB) (Free:192.75 GB) NTFS
Drive f: (X) (Fixed) (Total:689.05 GB) (Free:75.49 GB) NTFS
Drive g: () (Fixed) (Total:931.48 GB) (Free:183.21 GB) NTFS
Drive k: () (Fixed) (Total:465.76 GB) (Free:160.53 GB) NTFS

\\?\Volume{f384da2e-f2b4-410b-af8f-821e2d83fc57}\ () (Fixed) (Total:0.44 GB) (Free:0.07 GB) NTFS
\\?\Volume{80231367-7759-4ed1-9fae-5a5cada5ffd8}\ () (Fixed) (Total:0.47 GB) (Free:0.05 GB) NTFS
\\?\Volume{63ec582b-decc-4a72-b7e0-7abf3c029684}\ () (Fixed) (Total:0.34 GB) (Free:0.31 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: E3B86E78)

Partition: GPT.

========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: B7F7BA07)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (Protective MBR) (Size: 223.6 GB) (Disk ID: 00000000)

Partition: GPT.

========================================================
Disk: 3 (Size: 931.5 GB) (Disk ID: 16F2A91F)

Partition: GPT.

========================================================
Disk: 4 (Size: 465.8 GB) (Disk ID: 000AC553)
Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================