Additional scan result of Farbar Recovery Scan Tool (x64) Version: 31-07-2019
Ran by rkost (02-08-2019 21:01:08)
Running from C:\Users\rkost\OneDrive\Plocha
Windows 10 Pro Version 1903 18362.267 (X64) (2019-08-01 10:49:59)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1898352290-1805531894-2826359755-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1898352290-1805531894-2826359755-503 - Limited - Disabled)
Guest (S-1-5-21-1898352290-1805531894-2826359755-501 - Limited - Disabled)
rkost (S-1-5-21-1898352290-1805531894-2826359755-1001 - Administrator - Enabled) => C:\Users\rkost
WDAGUtilityAccount (S-1-5-21-1898352290-1805531894-2826359755-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: 360 Total Security (Enabled - Up to date) {2ACC6E6C-C52C-B3B4-DA13-A43E20B1E26D}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: 360 Total Security (Enabled - Up to date) {0371CA44-3F80-A1D3-BECE-910620B58D50}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

360 Total Security (HKLM-x32\...\360TotalSecurity) (Version: 10.6.0.1179 - 360 Security Center)
Adobe Acrobat Reader DC - Slovak (HKLM-x32\...\{AC76BA86-7AD7-1051-7B44-AC0F074E4100}) (Version: 19.010.20098 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.3 (HKLM-x32\...\{3BD13111-2F32-4AB7-B9BB-16E07C9AA894}) (Version: 12.3.4.204 - Adobe Systems, Inc)
AMD Settings (HKLM\...\WUCCCApp) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.)
Any Audio Converter 6.3.3 (HKLM-x32\...\Any Audio Converter) (Version: 6.3.3 - Anvsoft)
Ashampoo Photo Commander 12 v.12.0.8 (HKLM-x32\...\{C92AB6F1-691B-9629-9ECD-7291A9DF25A8}_is1) (Version: 12.0.8 - Ashampoo GmbH & Co. KG)
Ashampoo WinOptimizer 17 (HKLM-x32\...\{4209F371-A288-7880-7A7F-D105477C7D11}_is1) (Version: 17.00.23 - Ashampoo GmbH & Co. KG)
Bigasoft Total Video Converter 6.0.4.6443 (HKLM-x32\...\{A72CE741-1F32-4D79-BFFB-A714375C6760}_is1) (Version:  - Bigasoft Corporation)
Catalyst Control Center Next Localization BR (HKLM\...\{E7AA1A02-575C-14C6-FBEF-4BE6D46A5B74}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{36EDC500-E4C0-371C-9865-08450415C1E9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{4C2FB7FD-89FD-BA5C-585A-3811F326AD34}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{D74218A3-C503-57EF-AC9F-2220082E7ADE}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{DA433FCF-90A1-19A5-65A7-FDF82DE4826D}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{949F125B-A6CC-5A5E-EEE7-4AC50305C1FA}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{20D46801-147B-30AD-7C5A-AC4560A79096}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{22C39711-2747-D264-319A-1550BEEAAEC6}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{1DBACFDB-5E43-7882-36BD-53526D34BD22}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{EB6C44F1-0F78-FE10-BC63-90BA50AB0CE9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{B26D75B8-FAB7-6F8B-767F-BAF975383D91}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{A91FC4BF-C1EC-ADCA-79D1-F4F0671F1D60}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{ED75A775-03A7-F214-868D-497748707968}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{07BFBD5C-2F63-6828-1B61-B41A44113F3B}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{E6038D3E-5D87-8DF7-6D05-BE7532C3E73E}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{DFAD9DAC-4768-C8BB-4E0E-5239605A9BEA}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{FFBFBD1F-B160-A119-7C43-8584FA2E5665}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{4D1D5407-9B69-6422-629C-8518A26004A4}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{A8379BAB-59A9-C0A3-8BCC-4852EA403692}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{24DF617A-CD23-6E6A-126B-23630D2781CE}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{83DDDFD8-AD42-72F9-E4F1-5456FDB304C9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Classic Shell (HKLM\...\{CABCE573-0A86-42FA-A52A-C7EA61D5BE08}) (Version: 4.3.1 - IvoSoft)
Defraggler (HKLM\...\Defraggler) (Version: 2.22 - Piriform)
dreamboxEDIT -- The one and only settings editor for your Dreambox (HKLM-x32\...\dreamboxEDIT) (Version:  - )
DVB Dream Trial version 3.7.1 (HKLM-x32\...\DVB Dream_is1) (Version:  - )
DVD Shrink 3.2 (HKLM-x32\...\DVD Shrink_is1) (Version:  - DVD Shrink)
DVDFab (x64) 11.0.4.1 (01/08/2019) (HKLM-x32\...\DVDFab 11(x64)) (Version: 11.0.4.1 - DVDFab Software Inc.)
EaseUS Partition Master 13.5 (HKLM-x32\...\EaseUS Partition Master Trial Edition_is1) (Version:  - EaseUS)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 76.0.3809.87 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
Java 8 Update 221 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180221F0}) (Version: 8.0.2210.11 - Oracle Corporation)
K-Lite Codec Pack 15.0.9 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 15.0.9 - KLCP)
Microsoft Office 2019 Professional Plus - sk-sk (HKLM\...\ProPlus2019Retail - sk-sk) (Version: 16.0.11901.20176 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1898352290-1805531894-2826359755-1001\...\OneDriveSetup.exe) (Version: 19.103.0527.0003 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.14.26429 (HKLM-x32\...\{2019b6a0-8533-4a04-ac0e-b2c10bdb9841}) (Version: 14.14.26429.4 - Microsoft Corporation)
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.7.1 - Notepad++ Team)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.11901.20176 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.11901.20176 - Microsoft Corporation) Hidden
Revo Uninstaller 2.1.0 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.1.0 - VS Revo Group, Ltd.)
Skype verze 8.50 (HKLM-x32\...\Skype_is1) (Version: 8.50 - Skype Technologies S.A.)
TBS 6928 DVBS/S2 &CI BDA driver 1.0.1.6  for windows (HKLM\...\TBS 6928 DVBS/S2 &CI BDA driver for windows_is1) (Version:  - TBS Technologies)
TeamViewer 14 (HKLM-x32\...\TeamViewer) (Version: 14.4.2669 - TeamViewer)
TomTom MyDrive Connect 4.2.5.3770 (HKLM-x32\...\MyDriveConnect) (Version: 4.2.5.3770 - TomTom)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.12 release candidate 3 - Ghisler Software GmbH)
UltraISO Premium V9.66 (HKLM-x32\...\UltraISO_is1) (Version:  - )
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.7.1 - VideoLAN)
WinArchiver (HKLM-x32\...\WinArchiver) (Version: 4.6 - Power Software Ltd)
WinRAR 5.71 (64-bitová verzia) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)
Xilisoft Video Converter Ultimate (HKU\S-1-5-21-1898352290-1805531894-2826359755-1001\...\Xilisoft Video Converter Ultimate) (Version: 7.8.23.20180925 - Xilisoft)

Packages:
=========
Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_5.8.4.0_x86__kgqvnymyfvs32 [2019-08-01] (king.com)
Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_1.15.13.0_x86__kgqvnymyfvs32 [2019-08-01] (king.com)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-08-01] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-08-01] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.6132.0_x64__8wekyb3d8bbwe [2019-08-01] (Microsoft Studios) [MS Ad]
MSN Počasie -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.31.11905.0_x64__8wekyb3d8bbwe [2019-08-01] (Microsoft Corporation) [MS Ad]
Pošta a kalendár -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11901.20184.0_x64__8wekyb3d8bbwe [2019-08-02] (Microsoft Corporation) [MS Ad]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.449.0_x86__zpdnekdrzrea0 [2019-08-01] (Spotify AB)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2017-08-13] (Ivaylo Beltchev -> IvoSoft) [File not signed]
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2017-08-13] (Ivaylo Beltchev -> IvoSoft) [File not signed]
ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} =>  -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2019-06-17] (Notepad++ -> )
ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers1: [SD360] -> {086F171D-5ED1-4ED2-B736-CFF3AD6A128E} => C:\Program Files (x86)\360\Total Security\MenuEx64.dll [2019-08-01] (QIHU 360 SOFTWARE CO. LIMITED -> )
ContextMenuHandlers1: [WinArchiver] -> {A6630968-27DC-8DB8-9BCE-E12B3198A9B1} => C:\Program Files\WinArchiver\WASHELL.DLL [2018-10-16] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => C:\Program Files (x86)\UltraISO\isoshl64.dll [2015-10-08] (SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO. LTD. -> EZB Systems, Inc.)
ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} =>  -> No File
ContextMenuHandlers4: [SD360] -> {086F171D-5ED1-4ED2-B736-CFF3AD6A128E} => C:\Program Files (x86)\360\Total Security\MenuEx64.dll [2019-08-01] (QIHU 360 SOFTWARE CO. LIMITED -> )
ContextMenuHandlers4: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => C:\Program Files (x86)\UltraISO\isoshl64.dll [2015-10-08] (SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO. LTD. -> EZB Systems, Inc.)
ContextMenuHandlers4: [WinArchiver] -> {A6630968-27DC-8DB8-9BCE-E12B3198A9B1} => C:\Program Files\WinArchiver\WASHELL.DLL [2018-10-16] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2017-04-24] (Advanced Micro Devices, Inc.) [File not signed]
ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2018-05-02] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [SD360] -> {086F171D-5ED1-4ED2-B736-CFF3AD6A128E} => C:\Program Files (x86)\360\Total Security\MenuEx64.dll [2019-08-01] (QIHU 360 SOFTWARE CO. LIMITED -> )
ContextMenuHandlers6: [StartMenuExt] -> {E595F05F-903F-4318-8B0A-7F633B520D2B} => C:\WINDOWS\system32\StartMenuHelper64.dll [2017-08-13] (Ivaylo Beltchev -> IvoSoft) [File not signed]
ContextMenuHandlers6: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => C:\Program Files (x86)\UltraISO\isoshl64.dll [2015-10-08] (SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO. LTD. -> EZB Systems, Inc.)
ContextMenuHandlers6: [WinArchiver] -> {A6630968-27DC-8DB8-9BCE-E12B3198A9B1} => C:\Program Files\WinArchiver\WASHELL.DLL [2018-10-16] (Power Software Limited -> Power Software Ltd)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


Shortcut: C:\Users\rkost\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DVDFab 11 (x64)\DVDFab Online.lnk -> hxxp://www.dvdfab.cn/?s=dvdfab11&p=x64&v=11.0.4.

ShortcutWithArgument: C:\Users\rkost\OneDrive\Plocha\Rastislav - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"
ShortcutWithArgument: C:\Users\rkost\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Rastislav - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"

==================== Loaded Modules (Whitelisted) ==============

2016-09-14 02:59 - 2016-09-14 02:59 - 000011776 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.dll
2016-09-14 02:59 - 2016-09-14 02:59 - 002013696 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000014336 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000739840 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000191488 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000071168 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000014336 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2017-04-24 21:17 - 2017-04-24 21:17 - 000851456 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\AMD\CNext\CNext\atiacm64.dll
2017-04-24 21:17 - 2017-04-24 21:17 - 000005120 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\AMD\CNext\CNext\atiamcsy.dll
2017-08-13 08:49 - 2017-08-13 08:49 - 000163640 _____ (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicStartMenu.exe
2017-08-13 08:49 - 2017-08-13 08:49 - 003664184 _____ (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicStartMenuDLL.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000049664 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qdds.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000029696 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qgif.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000037376 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qicns.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000030208 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qico.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000459776 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjp2.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000236544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjpeg.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000275456 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qmng.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000023552 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qsvg.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000022528 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtga.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000351744 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtiff.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000021504 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwbmp.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000374784 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwebp.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 001212416 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\platforms\qwindows.dll
2016-09-14 02:59 - 2016-09-14 02:59 - 005496320 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2016-09-14 02:59 - 2016-09-14 02:59 - 005804544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2016-09-14 02:59 - 2016-09-14 02:59 - 000912384 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Charts.dll
2016-09-14 02:59 - 2016-09-14 02:59 - 001061376 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2016-09-14 02:59 - 2016-09-14 02:59 - 003187712 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2016-09-14 02:59 - 2016-09-14 02:59 - 002924544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2016-09-14 02:59 - 2016-09-14 02:59 - 000310784 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2016-09-14 02:59 - 2016-09-14 02:59 - 005444608 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2016-09-14 02:59 - 2016-09-14 02:59 - 000277504 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2016-09-14 02:59 - 2016-09-14 02:59 - 000193024 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll

==================== Alternate Data Streams (Whitelisted) =========

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-03-19 06:49 - 2019-03-19 06:49 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-1898352290-1805531894-2826359755-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\rkost\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKU\S-1-5-21-1898352290-1805531894-2826359755-1001\...\StartupApproved\Run: => "OneDrive"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{D56D4AFC-5E40-4667-945F-9BA0DE9C4955}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{3546AC0F-F44B-4AE9-B347-063A9126B4D2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.449.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{B7D27D73-C5DD-42A5-B49E-0E352F64F071}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.449.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{AB5A0ABA-55B9-4551-93A2-4C1D8CB53807}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.449.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{673F73BD-8DE9-4368-8035-8B6630C10345}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.449.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{3FAC2DD9-ADE4-43D8-BA5A-B787F189520A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.449.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{1E89B11B-C7F0-4C02-9039-64DE268BE6FF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.449.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{34A7BCC7-EC38-4160-8368-FD73C8E5ED68}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.449.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{83BC2CB5-D593-48C8-83DC-172BD3B9D866}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.112.449.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{E4F6E10C-B91A-484E-B64A-0F9C59C7E163}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{CA0AEA8E-6496-4610-A757-FA51D4178D6B}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{17CAA302-ECC6-4105-A46D-90285840BF7F}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E773D9F6-5271-4307-BD55-0BDBFE846AE7}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{FB663D57-ECD4-4363-9AAA-DBE828F5C602}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{DE2B1B7E-6641-4243-84D0-294D5C965E66}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{3E5BD42A-C423-47EB-8B1D-2A39F121E1A5}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5CC9CCBA-4637-484B-97DD-2EF1408C1169}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{C43C7C00-1F67-4F26-A3B9-72AD23A56D97}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{BFA76301-9E2E-4152-BCDF-79C8B85C924F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{08816B57-AA09-48C7-8F22-4713CF0386E2}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{FFEEC5F5-78CF-4313-BA84-E59892FC4A83}] => (Allow) C:\Program Files (x86)\360\Total Security\softmgr\360InstantSetup.exe (QIHU 360 SOFTWARE CO. LIMITED -> Qihoo 360 Technology Co. Ltd.)
FirewallRules: [{FA98AC27-4F61-445E-B5D1-0A32E8A3F593}] => (Allow) C:\Program Files (x86)\360\Total Security\softmgr\360InstantSetup.exe (QIHU 360 SOFTWARE CO. LIMITED -> Qihoo 360 Technology Co. Ltd.)
FirewallRules: [{782D0CCA-54D7-4189-9A3F-42A231A55587}] => (Allow) C:\Program Files (x86)\360\Total Security\LiveUpdate360.exe (Beijing Qihu Technology Co., Ltd. -> Qihoo 360 Technology Co. Ltd.)
FirewallRules: [{7E6F9F1F-6666-4BCB-A1B4-2E2DCF60D1CF}] => (Allow) C:\Program Files (x86)\360\Total Security\LiveUpdate360.exe (Beijing Qihu Technology Co., Ltd. -> Qihoo 360 Technology Co. Ltd.)
FirewallRules: [{F1DB24E7-D059-4E32-B7CA-33903E404596}] => (Allow) C:\Program Files (x86)\MyDrive Connect\TomTom MyDrive Connect.exe (TomTom International BV -> TomTom)
FirewallRules: [TCP Query User{15829F44-5446-4078-83AE-EC5F079F83A2}C:\program files\dcc e2 1.50\dcc_e2.exe] => (Allow) C:\program files\dcc e2 1.50\dcc_e2.exe (BernyR) [File not signed]
FirewallRules: [UDP Query User{51081257-435D-4784-8DBC-D2908AC8384C}C:\program files\dcc e2 1.50\dcc_e2.exe] => (Allow) C:\program files\dcc e2 1.50\dcc_e2.exe (BernyR) [File not signed]
FirewallRules: [TCP Query User{801C7487-8D9E-4283-A0A5-000773643DC0}C:\program files\dcc e2 2.96\dcc.exe] => (Allow) C:\program files\dcc e2 2.96\dcc.exe (BernyR) [File not signed]
FirewallRules: [UDP Query User{D618F3D5-6325-46DD-8FBB-40631B1CF439}C:\program files\dcc e2 2.96\dcc.exe] => (Allow) C:\program files\dcc e2 2.96\dcc.exe (BernyR) [File not signed]
FirewallRules: [TCP Query User{9B9BC92A-CE64-41D0-B013-772CA7D5CFEC}C:\program files\dvdfab 11\dvdfab64.exe] => (Allow) C:\program files\dvdfab 11\dvdfab64.exe (DVDFab Software Inc. -> DVDFab.cn)
FirewallRules: [UDP Query User{95B947B5-7666-4D16-B870-08061B0F6BAC}C:\program files\dvdfab 11\dvdfab64.exe] => (Allow) C:\program files\dvdfab 11\dvdfab64.exe (DVDFab Software Inc. -> DVDFab.cn)
FirewallRules: [{83ADFDD2-0F65-4CB1-800C-F05FC62184BE}] => (Allow) C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe (Beijing Qihu Technology Co., Ltd. -> Qihoo 360 Technology Co. Ltd.)
FirewallRules: [{84EA2DAC-6B09-4F88-8C82-9423B63025A4}] => (Allow) C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe (Beijing Qihu Technology Co., Ltd. -> Qihoo 360 Technology Co. Ltd.)

==================== Restore Points =========================

01-08-2019 14:17:04 Installed Classic Shell
02-08-2019 15:24:29 Installed Adobe Shockwave Player 12.3.

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (08/02/2019 08:47:18 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program SystemSettings.exe verze 10.0.18362.1 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 27c8

Čas spuštění: 01d5496260e476cf

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Windows\ImmersiveControlPanel\SystemSettings.exe

ID hlášení: 969e3955-52f2-483d-b71f-9a0d1fbbf78e

Úplný název balíčku s chybou: windows.immersivecontrolpanel_10.0.2.1000_neutral_neutral_cw5n1h2txyewy

ID aplikace relativní podle balíčku s chybou: microsoft.windows.immersivecontrolpanel

Typ zablokování: Cross-process

Error: (08/02/2019 08:37:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: SystemSettings.exe, verze: 10.0.18362.1, časové razítko: 0x066bf1a5
Název chybujícího modulu: Windows.UI.Xaml.dll, verze: 10.0.18362.267, časové razítko: 0x3e916038
Kód výjimky: 0xc000027b
Posun chyby: 0x00000000007126f0
ID chybujícího procesu: 0x13ac
Čas spuštění chybující aplikace: 0x01d549609da4a80c
Cesta k chybující aplikaci: C:\Windows\ImmersiveControlPanel\SystemSettings.exe
Cesta k chybujícímu modulu: C:\Windows\System32\Windows.UI.Xaml.dll
ID zprávy: 8075041b-d4b7-4649-b397-276f35c6cd32
Úplný název chybujícího balíčku: windows.immersivecontrolpanel_10.0.2.1000_neutral_neutral_cw5n1h2txyewy
ID aplikace související s chybujícím balíčkem: microsoft.windows.immersivecontrolpanel

Error: (08/02/2019 08:19:32 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.

Error: (08/02/2019 08:19:32 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]

Error: (08/02/2019 08:06:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: SystemSettings.exe, verze: 10.0.18362.1, časové razítko: 0x066bf1a5
Název chybujícího modulu: Windows.UI.Xaml.dll, verze: 10.0.18362.267, časové razítko: 0x3e916038
Kód výjimky: 0xc000027b
Posun chyby: 0x00000000007126f0
ID chybujícího procesu: 0xee0
Čas spuštění chybující aplikace: 0x01d5495d067c884f
Cesta k chybující aplikaci: C:\Windows\ImmersiveControlPanel\SystemSettings.exe
Cesta k chybujícímu modulu: C:\Windows\System32\Windows.UI.Xaml.dll
ID zprávy: 84abbe71-f91f-48a8-9a6d-b268d658e990
Úplný název chybujícího balíčku: windows.immersivecontrolpanel_10.0.2.1000_neutral_neutral_cw5n1h2txyewy
ID aplikace související s chybujícím balíčkem: microsoft.windows.immersivecontrolpanel

Error: (08/02/2019 07:48:00 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program SystemSettings.exe verze 10.0.18362.1 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 2340

Čas spuštění: 01d5495a54125cee

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Windows\ImmersiveControlPanel\SystemSettings.exe

ID hlášení: 910e9e16-d186-4093-9f01-1e82cbc56adc

Úplný název balíčku s chybou: windows.immersivecontrolpanel_10.0.2.1000_neutral_neutral_cw5n1h2txyewy

ID aplikace relativní podle balíčku s chybou: microsoft.windows.immersivecontrolpanel

Typ zablokování: Quiesce

Error: (08/02/2019 07:37:45 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program SystemSettings.exe verze 10.0.18362.1 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 13e8

Čas spuštění: 01d54958bee27114

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Windows\ImmersiveControlPanel\SystemSettings.exe

ID hlášení: e9f33435-8951-4663-a3d2-78f0dd2fe6b7

Úplný název balíčku s chybou: windows.immersivecontrolpanel_10.0.2.1000_neutral_neutral_cw5n1h2txyewy

ID aplikace relativní podle balíčku s chybou: microsoft.windows.immersivecontrolpanel

Typ zablokování: Cross-thread

Error: (08/02/2019 07:12:42 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program SystemSettings.exe verze 10.0.18362.1 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 1fc0

Čas spuštění: 01d54954d09bee9a

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Windows\ImmersiveControlPanel\SystemSettings.exe

ID hlášení: 1efae74d-39ac-4ebf-b2cf-171bd886e235

Úplný název balíčku s chybou: windows.immersivecontrolpanel_10.0.2.1000_neutral_neutral_cw5n1h2txyewy

ID aplikace relativní podle balíčku s chybou: microsoft.windows.immersivecontrolpanel

Typ zablokování: Cross-process


System errors:
=============
Error: (08/02/2019 08:19:16 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Microsoft Office Klikni a spusti byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.

Error: (08/02/2019 08:19:16 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba AMD External Events Utility byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (08/02/2019 08:19:16 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Adobe Acrobat Update Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (08/02/2019 08:19:16 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba WinArchiver Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (08/02/2019 06:56:56 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-T7BQ9JE)
Description: Služba DCOM zjistila chybu 1084 při pokusu o spuštění služby ShellHWDetection s argumenty Není k dispozici za účelem spuštění serveru: 
{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (08/02/2019 06:56:50 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-T7BQ9JE)
Description: Služba DCOM zjistila chybu 1084 při pokusu o spuštění služby ShellHWDetection s argumenty Není k dispozici za účelem spuštění serveru: 
{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (08/02/2019 06:56:45 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-T7BQ9JE)
Description: Služba DCOM zjistila chybu 1084 při pokusu o spuštění služby ShellHWDetection s argumenty Není k dispozici za účelem spuštění serveru: 
{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (08/02/2019 06:56:38 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-T7BQ9JE)
Description: Služba DCOM zjistila chybu 1084 při pokusu o spuštění služby ShellHWDetection s argumenty Není k dispozici za účelem spuštění serveru: 
{DD522ACC-F821-461A-A407-50B198B896DC}


Windows Defender:
===================================
Date: 2019-08-01 15:19:29.180
Description: 
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win64/AutoKMS&threatid=2147723334&enterprise=0
Název: HackTool:Win64/AutoKMS
ID: 2147723334
Závažnost: Vysoké
Kategorie: Nástroj
Cesta: file:_C:\Windows\System32\SppExtComObjHook.dll
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-T7BQ9JE\rkost
Název procesu: C:\Users\rkost\AppData\Local\TempAAct.exe
Verze bezpečnostních informací: AV: 1.299.1006.0, AS: 1.299.1006.0, NIS: 1.299.1006.0
Verze modulu: AM: 1.1.16200.1, NIS: 1.1.16200.1

Date: 2019-08-01 15:19:29.056
Description: 
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/AutoKMS&threatid=2147685180&enterprise=0
Název: HackTool:Win32/AutoKMS
ID: 2147685180
Závažnost: Vysoké
Kategorie: Nástroj
Cesta: file:_C:\Windows\System32\SppExtComObjPatcher.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-T7BQ9JE\rkost
Název procesu: C:\Users\rkost\AppData\Local\TempAAct.exe
Verze bezpečnostních informací: AV: 1.299.1006.0, AS: 1.299.1006.0, NIS: 1.299.1006.0
Verze modulu: AM: 1.1.16200.1, NIS: 1.1.16200.1

Date: 2019-08-01 15:18:02.144
Description: 
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win64/AutoKMS&threatid=2147723334&enterprise=0
Název: HackTool:Win64/AutoKMS
ID: 2147723334
Závažnost: Vysoké
Kategorie: Nástroj
Cesta: file:_C:\Windows\System32\SppExtComObjHook.dll
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-T7BQ9JE\rkost
Název procesu: C:\Users\rkost\AppData\Local\TempAAct.exe
Verze bezpečnostních informací: AV: 1.299.1002.0, AS: 1.299.1002.0, NIS: 1.299.1002.0
Verze modulu: AM: 1.1.16200.1, NIS: 1.1.16200.1

Date: 2019-08-01 15:18:01.968
Description: 
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/AutoKMS&threatid=2147685180&enterprise=0
Název: HackTool:Win32/AutoKMS
ID: 2147685180
Závažnost: Vysoké
Kategorie: Nástroj
Cesta: file:_C:\Windows\System32\SppExtComObjPatcher.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-T7BQ9JE\rkost
Název procesu: C:\Users\rkost\AppData\Local\TempAAct.exe
Verze bezpečnostních informací: AV: 1.299.1002.0, AS: 1.299.1002.0, NIS: 1.299.1002.0
Verze modulu: AM: 1.1.16200.1, NIS: 1.1.16200.1

Date: 2019-08-01 15:13:32.966
Description: 
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win64/AutoKMS&threatid=2147723334&enterprise=0
Název: HackTool:Win64/AutoKMS
ID: 2147723334
Závažnost: Vysoké
Kategorie: Nástroj
Cesta: file:_C:\Windows\System32\SppExtComObjHook.dll
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-T7BQ9JE\rkost
Název procesu: C:\Users\rkost\AppData\Local\TempAAct.exe
Verze bezpečnostních informací: AV: 1.299.1002.0, AS: 1.299.1002.0, NIS: 1.299.1002.0
Verze modulu: AM: 1.1.16200.1, NIS: 1.1.16200.1

CodeIntegrity:
===================================

Date: 2019-08-02 20:43:08.294
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\360\Total Security\I18N64.dll that did not meet the Store signing level requirements.

Date: 2019-08-02 20:42:09.661
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\360\Total Security\I18N64.dll that did not meet the Store signing level requirements.

Date: 2019-08-02 20:42:08.745
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\360\Total Security\I18N64.dll that did not meet the Store signing level requirements.

Date: 2019-08-02 20:42:08.552
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\360\Total Security\I18N64.dll that did not meet the Store signing level requirements.

Date: 2019-08-02 20:41:52.649
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\360\Total Security\I18N64.dll that did not meet the Store signing level requirements.

Date: 2019-08-02 20:41:36.190
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\360\Total Security\I18N64.dll that did not meet the Store signing level requirements.

Date: 2019-08-02 20:34:16.410
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\360\Total Security\I18N64.dll that did not meet the Store signing level requirements.

Date: 2019-08-02 20:34:12.292
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\360\Total Security\I18N64.dll that did not meet the Store signing level requirements.

==================== Memory info =========================== 

BIOS: Intel Corp. BLH6710H.86A.0155.2012.0509.1620 05/09/2012
Motherboard: Intel Corporation DH67CL
Processor: Intel(R) Core(TM) i3-2120 CPU @ 3.30GHz
Percentage of memory in use: 45%
Total physical RAM: 8161.4 MB
Available physical RAM: 4486.93 MB
Total Virtual: 10081.4 MB
Available Virtual: 6175.47 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:930.35 GB) (Free:845.96 GB) NTFS
Drive k: (WD 500GB) (Fixed) (Total:465.76 GB) (Free:190.32 GB) NTFS
Drive l: (KINGSTON8GB) (Removable) (Total:7.22 GB) (Free:6.6 GB) NTFS
Drive n: (Seagate 1TB) (Fixed) (Total:931.51 GB) (Free:678.37 GB) NTFS

\\?\Volume{0005645a-0000-0000-0000-100000000000}\ () (Fixed) (Total:0.34 GB) (Free:0.29 GB) NTFS
\\?\Volume{0005645a-0000-0000-0000-50ace8000000}\ () (Fixed) (Total:0.82 GB) (Free:0.42 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 0005645A)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=930.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=839 MB) - (Type=27)

========================================================
Disk: 1 (Size: 7.2 GB) (Disk ID: C7DB7C37)
Partition 1: (Not Active) - (Size=7.2 GB) - (Type=07 NTFS)

========================================================
Disk: 7 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 23A49E84)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 8 (Size: 465.8 GB) (Disk ID: 027BA94F)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================