Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07-12-2019
Ran by Renata (08-12-2019 15:00:54)
Running from C:\Users\Renata\Desktop
Windows 10 Pro Version 1909 18363.476 (X64) (2019-12-08 11:36:02)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2793046327-3044476953-1100239530-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2793046327-3044476953-1100239530-503 - Limited - Disabled)
Guest (S-1-5-21-2793046327-3044476953-1100239530-501 - Limited - Disabled)
Renata (S-1-5-21-2793046327-3044476953-1100239530-1001 - Administrator - Enabled) => C:\Users\Renata
WDAGUtilityAccount (S-1-5-21-2793046327-3044476953-1100239530-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AV: Kaspersky Free (Enabled - Up to date) {0AB30972-4BAC-7BEE-CBCA-B8F9E68797D8}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Slovak (HKLM-x32\...\{AC76BA86-7AD7-1051-7B44-AC0F074E4100}) (Version: 19.021.20056 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 28.0.0.127 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.293 - Adobe)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.293 - Adobe)
Adobe Shockwave Player 12.3 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.3.1.201 - Adobe Systems, Inc.)
Ashampoo Music Studio 7 (HKLM-x32\...\{91B33C97-6B1A-B73D-D2FE-BFD378F77213}_is1) (Version: 7.0.1 - Ashampoo GmbH & Co. KG)
Bandicam (HKLM-x32\...\Bandicam) (Version: 4.2.0.1439 - Bandicam.com)
Bandicam MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version:  - Bandicam.com)
Bang & Olufsen Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 9.0.232.50 - Conexant)
BatteryBar (remove only) (HKLM\...\BatteryBar) (Version:  - )
Canon MG5300 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5300_series) (Version:  - Canon Inc.)
Canon MP Navigator EX 5.0 (HKLM-x32\...\MP Navigator EX 5.0) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 5.63 - Piriform)
Classic Shell (HKLM\...\{CABCE573-0A86-42FA-A52A-C7EA61D5BE08}) (Version: 4.3.1 - IvoSoft)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.6.0.0283 - Disc Soft Ltd)
Dashlane (HKU\S-1-5-21-2793046327-3044476953-1100239530-1001\...\Dashlane) (Version: 6.1946.0.26096 - Dashlane, Inc.)
FastStone Image Viewer 7.4 (HKLM-x32\...\FastStone Image Viewer) (Version: 7.4 - FastStone Soft)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 78.0.3904.108 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.341 - Google LLC) Hidden
HP Support Assistant (HKLM-x32\...\{33A0B67A-CF04-4F31-B3D0-EEEEDEF7078E}) (Version: 8.8.24.33 - HP Inc.)
HP Support Solutions Framework (HKLM-x32\...\{CA8ECA8D-8A8A-4255-A072-41FC9366F1A9}) (Version: 12.13.42.1 - HP Inc.)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 1932.12.0.1298 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 25.20.100.6472 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.8.7.1051 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1724.2 - Intel Corporation)
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.56.87.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{05817e4d-5f15-49b4-afec-7edb31fc7dd6}) (Version: 1.56.87.0 - Intel Corporation) Hidden
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{EB14CEF0-8F59-47A3-B965-D0C0D6AC0DA3}) (Version: 18.1.1605.3087 - Intel Corporation)
Intel® Chipset Device Software (HKLM-x32\...\{314d4c01-f54b-4125-a71f-1e2722c29050}) (Version: 10.1.1.40 - Intel(R) Corporation) Hidden
Intel® PROSet/Wireless Software (HKLM-x32\...\{cf961541-ca37-4826-a285-3a9cb22cd5a2}) (Version: 21.40.2 - Intel Corporation)
Java 8 Update 231 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180231F0}) (Version: 8.0.2310.11 - Oracle Corporation)
Kaspersky Free (HKLM-x32\...\{D891550B-ACFE-4797-B368-BCFC434BBEB1}) (Version: 20.0.14.1085 - Kaspersky) Hidden
Kaspersky Free (HKLM-x32\...\InstallWIX_{D891550B-ACFE-4797-B368-BCFC434BBEB1}) (Version: 20.0.14.1085 - Kaspersky)
K-Lite Codec Pack 13.7.2 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 13.7.2 - KLCP)
KMSpico (HKLM\...\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1) (Version:  - )
MahJong Suite 2016 v13.0 (HKLM-x32\...\MahJong Suite_is1) (Version: 13.0 - TreeCardGames)
Microsoft Office 2016 Professional Plus (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM-x32\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.11.25325 (HKLM-x32\...\{6c6356fe-cbfa-4944-9bed-a9e99f45cb7a}) (Version: 14.11.25325.0 - Microsoft Corporation)
Minecraft Launcher (HKLM-x32\...\{E154B2C8-2F3E-4763-B3D5-E7D34AE39C6B}) (Version: 1.0.0.0 - Mojang)
Mobile Broadband HL Service (HKLM-x32\...\Mobile Broadband HL Service) (Version: 22.001.10.00.03 - Huawei Technologies Co.,Ltd)
Nástroje kontroly pravopisu pro Microsoft Office 2016 – čeština (HKLM\...\{90160000-001F-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2016 - slovenčina (HKLM\...\{90160000-001F-041B-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 7.6 - Notepad++ Team)
NXPProximityInstaller (HKLM-x32\...\NXPProximityInstaller) (Version: 3.100120.10443.10 - NXP Semiconductors)
Old Calculator for Windows 10 (HKLM-x32\...\OldCalcForWin10) (Version: 1.1 - hxxp://winaero.com)
PotPlayer-64 bit (HKLM\...\PotPlayer64) (Version: 1.7.20977 - Kakao Corp.)
qBittorrent 4.2.0 (HKLM-x32\...\qBittorrent) (Version: 4.2.0 - The qBittorrent project)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.370.151 - Realtek Semiconductor Corp.)
SanDisk SSD Dashboard (HKLM-x32\...\SanDisk SSD Dashboard) (Version: 2.6.0.0 - Western Digital Corporation)
SanDisk SSD Dashboard Service (HKLM-x32\...\{F4D977F4-1480-4F6A-A6BC-B2AB1D9E4F66}) (Version: 1.1.0 - SanDisk Corporation)
SolSuite 2013 v13.0 (HKLM-x32\...\SolSuite_is1) (Version: 13.0 - TreeCardGames)
Sony Vegas Pro 13.0 (HKLM-x32\...\Sony Vegas Pro 13.0 13.0) (Version: 13.0 - Sony)
Spotify (HKU\S-1-5-21-2793046327-3044476953-1100239530-1001\...\Spotify) (Version: 1.1.21.1654.g282a2807 - Spotify AB)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.19.70 - Synaptics Incorporated)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.21a - Ghisler Software GmbH)
Update for Skype for Business 2016 (KB4484133) 64-Bit Edition (HKLM\...\{90160000-0011-0000-1000-0000000FF1CE}_Office16.PROPLUS_{20EC231C-9262-422A-B18B-7822744DA5AB}) (Version:  - Microsoft)
Update for Skype for Business 2016 (KB4484133) 64-Bit Edition (HKLM\...\{90160000-00C1-0000-1000-0000000FF1CE}_Office16.PROPLUS_{20EC231C-9262-422A-B18B-7822744DA5AB}) (Version:  - Microsoft)
Update for Skype for Business 2016 (KB4484133) 64-Bit Edition (HKLM\...\{90160000-012B-041B-1000-0000000FF1CE}_Office16.PROPLUS_{20EC231C-9262-422A-B18B-7822744DA5AB}) (Version:  - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
VEGAS Pro 13.0 (64-bit) (HKLM\...\{F529B5F0-6EBB-11E6-A273-BB95F5A309BD}) (Version: 13.0.545 - VEGAS)
WinRAR 5.71 (64-bitová verzia) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)

Packages:
=========
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-06] (Autodesk Inc.)
HP System Information -> C:\Program Files\WindowsApps\AD2F1837.HPSystemInformation_7.0.15.0_x64__v10z8vjag6ke6 [2019-12-08] (HP Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1808.3.0_x64__8wekyb3d8bbwe [2019-12-08] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-03] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-03] (Microsoft Corporation) [MS Ad]
Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.33.13094.0_x64__8wekyb3d8bbwe [2019-11-13] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.11052.0_x64__8wekyb3d8bbwe [2019-11-09] (Microsoft Studios) [MS Ad]
MSN Počasie -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.33.13253.0_x64__8wekyb3d8bbwe [2019-11-24] (Microsoft Corporation) [MS Ad]
Pošta a kalendár -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12228.20276.0_x64__8wekyb3d8bbwe [2019-11-25] (Microsoft Corporation) [MS Ad]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2017-12-05] (Notepad++ -> )
ContextMenuHandlers1: [Kaspersky Anti-Virus 20.0] -> {6E1B4453-548D-4C43-A4AB-DE8D1D3DE17B} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 20.0\x64\ShellEx.dll [2019-12-08] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Kaspersky Anti-Virus 20.0] -> {6E1B4453-548D-4C43-A4AB-DE8D1D3DE17B} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 20.0\x64\ShellEx.dll [2019-12-08] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers4: [Kaspersky Anti-Virus 20.0] -> {6E1B4453-548D-4C43-A4AB-DE8D1D3DE17B} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 20.0\x64\ShellEx.dll [2019-12-08] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\ki130871.inf_amd64_382f7c369d4bf777\igfxDTCM.dll [2019-01-30] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [Kaspersky Anti-Virus 20.0] -> {6E1B4453-548D-4C43-A4AB-DE8D1D3DE17B} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 20.0\x64\ShellEx.dll [2019-12-08] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers6: [StartMenuExt] -> {E595F05F-903F-4318-8B0A-7F633B520D2B} => C:\WINDOWS\System32\StartMenuHelper64.dll [2017-08-10] (Ivaylo Beltchev -> IvoSoft) [File not signed]
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [vidc.mjpg] => C:\WINDOWS\system32\bdmjpeg64.dll [75248 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [vidc.mpeg] => C:\WINDOWS\system32\bdmpegv64.dll [75272 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [msacm.bdmpeg] => C:\WINDOWS\system32\bdmpega64.acm [75784 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [vidc.mjpg] => C:\Windows\SysWOW64\bdmjpeg.dll [71152 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [vidc.mpeg] => C:\Windows\SysWOW64\bdmpegv.dll [71176 2017-01-26] (Bandicam Company -> )
HKLM\...\Drivers32: [msacm.bdmpeg] => C:\Windows\SysWOW64\bdmpega.acm [71176 2017-01-26] (Bandicam Company -> )

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\Renata\Desktop\Patrik\Hry\Crash Bandicoot 3.lnk -> C:\game\Crash Bandicoot 3 Warped\Start.bat ()

==================== Loaded Modules (Whitelisted) =============

2019-12-08 09:44 - 2018-07-03 11:14 - 001348608 _____ (Conexant Systems, Inc.) [File not signed] C:\Program Files\Conexant\SA3\HP-NB-AIO\CxHDAudioAPI.dll
2017-08-10 23:38 - 2017-08-10 23:38 - 003664184 _____ (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicStartMenuDLL.dll
2017-08-10 23:38 - 2017-08-10 23:38 - 000291128 _____ (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\WINDOWS\System32\StartMenuHelper64.dll
2017-12-12 15:17 - 2017-12-12 15:17 - 000189440 ____N (Western Digital Corporation or its affiliates) [File not signed] C:\Program Files (x86)\SanDisk\SSD Dashboard\engine.dll
2017-12-12 15:17 - 2017-12-12 15:17 - 002017792 ____N (Western Digital Corporation or its affiliates) [File not signed] C:\Program Files (x86)\SanDisk\SSD Dashboard\SanMiddle.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2017-09-29 14:46 - 2019-12-08 14:52 - 000002783 ____R C:\WINDOWS\system32\drivers\etc\hosts
0.0.0.0 vortex.data.microsoft.com
0.0.0.0 vortex-win.data.microsoft.com
0.0.0.0 telecommand.telemetry.microsoft.com
0.0.0.0 telecommand.telemetry.microsoft.com.nsatc.net
0.0.0.0 oca.telemetry.microsoft.com
0.0.0.0 oca.telemetry.microsoft.com.nsatc.net
0.0.0.0 sqm.telemetry.microsoft.com
0.0.0.0 sqm.telemetry.microsoft.com.nsatc.net
0.0.0.0 watson.telemetry.microsoft.com
0.0.0.0 watson.telemetry.microsoft.com.nsatc.net
0.0.0.0 redir.metaservices.microsoft.com
0.0.0.0 choice.microsoft.com
0.0.0.0 choice.microsoft.com.nsatc.net
0.0.0.0 df.telemetry.microsoft.com
0.0.0.0 reports.wes.df.telemetry.microsoft.com
0.0.0.0 wes.df.telemetry.microsoft.com
0.0.0.0 services.wes.df.telemetry.microsoft.com
0.0.0.0 sqm.df.telemetry.microsoft.com
0.0.0.0 telemetry.microsoft.com
0.0.0.0 watson.ppe.telemetry.microsoft.com
0.0.0.0 telemetry.appex.bing.net
0.0.0.0 telemetry.urs.microsoft.com
0.0.0.0 telemetry.appex.bing.net:443
0.0.0.0 settings-sandbox.data.microsoft.com
0.0.0.0 vortex-sandbox.data.microsoft.com
0.0.0.0 survey.watson.microsoft.com
0.0.0.0 watson.live.com
0.0.0.0 watson.microsoft.com
0.0.0.0 statsfe2.ws.microsoft.com
0.0.0.0 corpext.msitadfs.glbdns2.microsoft.com

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\
HKU\S-1-5-21-2793046327-3044476953-1100239530-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Renata\AppData\Roaming\FastStone\FSIV\FSViewerWallPaper.bmp
DNS Servers: 192.168.5.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "SecurityHealth"
HKU\S-1-5-21-2793046327-3044476953-1100239530-1001\...\StartupApproved\Run: => "OneDriveSetup"
HKU\S-1-5-21-2793046327-3044476953-1100239530-1001\...\StartupApproved\Run: => "Dashlane"
HKU\S-1-5-21-2793046327-3044476953-1100239530-1001\...\StartupApproved\Run: => "DashlanePlugin"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{4BA58BAA-98D3-4849-93A1-4B4AB87E55B9}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{A5858E03-48AE-4B4A-B55D-E9939A2A02F3}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [UDP Query User{D57916A4-35C7-4D55-909B-7DC138986E89}C:\users\renata\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\renata\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{0CB73950-1EC8-4036-B54F-8475466207DA}C:\users\renata\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\renata\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{699BB273-9013-46A8-AC20-9ABE6D0BFC4D}C:\program files\qbittorrent\qbittorrent.exe] => (Allow) C:\program files\qbittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [TCP Query User{C41666FD-DF8C-4F35-89EB-0F70824EE12D}C:\program files\qbittorrent\qbittorrent.exe] => (Allow) C:\program files\qbittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{5BF2441C-1D66-4F77-8E0B-4194C814347A}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{0AD9851E-1169-43F9-8E37-21138B7BD7A7}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{C432E257-3898-4965-98CC-EE0DF0EF6CAA}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{81575E1A-9F7B-4668-9502-5CB1BB575D3D}] => (Allow) C:\Users\Renata\Desktop\AnyDesk.exe (philandro Software GmbH -> )
FirewallRules: [{F056521D-7A98-4D71-8135-7272291E0FD3}] => (Allow) C:\Users\Renata\Desktop\AnyDesk.exe (philandro Software GmbH -> )
FirewallRules: [{D3FD7B67-C285-451B-BA8F-E50673331A62}] => (Allow) C:\Users\Renata\Desktop\AnyDesk.exe (philandro Software GmbH -> )
FirewallRules: [{C22CEE1D-68D8-4704-A5B9-A4D8AFD9F2C9}] => (Allow) C:\Users\Renata\Desktop\AnyDesk.exe (philandro Software GmbH -> )
FirewallRules: [{23AE7166-7781-4C9E-98B7-68A2461FA767}] => (Allow) C:\Users\Renata\Desktop\AnyDesk.exe (philandro Software GmbH -> )
FirewallRules: [{EB97B115-B9FC-44EB-BE96-3DFD039BB19A}] => (Allow) C:\Users\Renata\Desktop\AnyDesk.exe (philandro Software GmbH -> )

==================== Restore Points =========================

08-12-2019 12:54:40 Windows Update

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (12/08/2019 02:58:18 PM) (Source: NtServicePack) (EventID: 4373) (User: )
Description: Event-ID 4373

Error: (12/08/2019 02:46:04 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4176,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (12/08/2019 02:36:39 PM) (Source: NtServicePack) (EventID: 4373) (User: )
Description: Event-ID 4373

Error: (12/08/2019 02:31:23 PM) (Source: NtServicePack) (EventID: 4373) (User: )
Description: Event-ID 4373

Error: (12/08/2019 02:27:49 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (3540,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (12/08/2019 02:02:38 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (5000,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (12/08/2019 01:52:52 PM) (Source: NtServicePack) (EventID: 4373) (User: )
Description: Event-ID 4373

Error: (12/08/2019 01:47:41 PM) (Source: NtServicePack) (EventID: 4373) (User: )
Description: Event-ID 4373


System errors:
=============
Error: (12/08/2019 02:58:09 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 14:57:04 on ‎8. ‎12. ‎2019 was unexpected.

Error: (12/08/2019 02:57:52 PM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 29) (User: NT AUTHORITY)
Description: 3221225684A fatal error occurred processing the restoration data.

Error: (12/08/2019 02:36:31 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Služba HitmanPro38CrusaderBoot bola ukončená s nasledujúcou chybou služby: 
The operation completed successfully.

Error: (12/08/2019 02:35:52 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Volanie ScRegSetValueExW zlyhalo pre DeleteFlag s nasledujúcou chybou: 
Access is denied.

Error: (12/08/2019 02:35:52 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Service KMSELDI sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.

Error: (12/08/2019 01:47:27 PM) (Source: SCardSvr) (EventID: 621) (User: )
Description: Ovládaniu servera sa nepodarilo získať prístup k udalosti spustenia: Access is denied.

Error: (12/08/2019 01:44:17 PM) (Source: DCOM) (EventID: 10000) (User: DESKTOP-0O4IN03)
Description: Unable to start a DCOM Server: {0358B920-0AC7-461F-98F4-58E32CD89148}. The error:
"2147942767"
Happened while starting this command:
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}

Error: (12/08/2019 01:27:16 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby AVP20.0 zlyhalo kvôli nasledujúcej chybe: 
The system cannot find the file specified.


Windows Defender:
===================================
Date: 2019-12-08 13:00:02.314
Description: 
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:MSIL/AutoKMS&threatid=2147711767&enterprise=0
Name: HackTool:MSIL/AutoKMS
ID: 2147711767
Severity: Stredná
Category: Nástroj
Path: file:_C:\Program Files\KMSpico\KMSELDI.exe
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:\Program Files\KMSpico\Service_KMS.exe
Security intelligence Version: AV: 1.259.203.0, AS: 1.259.203.0, NIS: 1.259.203.0
Engine Version: AM: 1.1.14405.2, NIS: 1.1.14405.2

Date: 2019-12-08 13:00:02.312
Description: 
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/AutoKMS&threatid=2147685180&enterprise=0
Name: HackTool:Win32/AutoKMS
ID: 2147685180
Severity: Stredná
Category: Nástroj
Path: file:_C:\Program Files\KMSpico\scripts\Install_Service.cmd
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: System
Process Name: Unknown
Security intelligence Version: AV: 1.259.203.0, AS: 1.259.203.0, NIS: 1.259.203.0
Engine Version: AM: 1.1.14405.2, NIS: 1.1.14405.2

Date: 2019-12-08 12:59:21.125
Description: 
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:MSIL/AutoKMS&threatid=2147711767&enterprise=0
Name: HackTool:MSIL/AutoKMS
ID: 2147711767
Severity: Stredná
Category: Nástroj
Path: file:_C:\Program Files\KMSpico\Service_KMS.exe
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:\Program Files\AVAST Software\Avast\aswidsagent.exe
Security intelligence Version: AV: 1.259.203.0, AS: 1.259.203.0, NIS: 1.259.203.0
Engine Version: AM: 1.1.14405.2, NIS: 1.1.14405.2

Date: 2019-12-08 12:45:58.601
Description: 
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:MSIL/AutoKMS&threatid=2147711767&enterprise=0
Name: HackTool:MSIL/AutoKMS
ID: 2147711767
Severity: Stredná
Category: Nástroj
Path: file:_C:\Program Files\KMSpico\KMSELDI.exe
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: System
Process Name: C:\Windows\ImmersiveControlPanel\SystemSettings.exe
Security intelligence Version: AV: 1.259.203.0, AS: 1.259.203.0, NIS: 1.259.203.0
Engine Version: AM: 1.1.14405.2, NIS: 1.1.14405.2

Date: 2019-12-08 12:42:00.010
Description: 
Windows Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:MSIL/AutoKMS&threatid=2147711767&enterprise=0
Name: HackTool:MSIL/AutoKMS
ID: 2147711767
Severity: Stredná
Category: Nástroj
Path: file:_C:\Program Files\KMSpico\KMSELDI.exe
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: System
Process Name: C:\Windows\explorer.exe
Security intelligence Version: AV: 1.259.203.0, AS: 1.259.203.0, NIS: 1.259.203.0
Engine Version: AM: 1.1.14405.2, NIS: 1.1.14405.2

Date: 2019-12-08 14:58:13.079
Description: 
Windows Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: Behavior Monitoring
Error Code: 0x80004005
Error description: Unspecified error 
Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest security intelligence updates in order to enable real-time protection.

Date: 2019-12-08 14:36:34.787
Description: 
Windows Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: Behavior Monitoring
Error Code: 0x80004005
Error description: Unspecified error 
Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest security intelligence updates in order to enable real-time protection.

Date: 2019-12-08 14:31:18.415
Description: 
Windows Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: Behavior Monitoring
Error Code: 0x80004005
Error description: Unspecified error 
Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest security intelligence updates in order to enable real-time protection.

Date: 2019-12-08 13:52:48.301
Description: 
Windows Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: Behavior Monitoring
Error Code: 0x80004005
Error description: Unspecified error 
Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest security intelligence updates in order to enable real-time protection.

Date: 2019-12-08 13:47:34.418
Description: 
Windows Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: Behavior Monitoring
Error Code: 0x80004005
Error description: Unspecified error 
Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest security intelligence updates in order to enable real-time protection.

CodeIntegrity:
===================================

Date: 2019-12-08 15:01:16.175
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Free 20.0\x64\antimalware_provider.dll that did not meet the Microsoft signing level requirements.

Date: 2019-12-08 15:01:16.134
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Free 20.0\x64\antimalware_provider.dll that did not meet the Microsoft signing level requirements.

Date: 2019-12-08 15:00:15.905
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Free 20.0\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.

Date: 2019-12-08 15:00:12.523
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Free 20.0\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.

Date: 2019-12-08 15:00:12.482
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Free 20.0\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.

Date: 2019-12-08 14:39:37.704
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Free 20.0\x64\antimalware_provider.dll that did not meet the Microsoft signing level requirements.

Date: 2019-12-08 14:39:37.669
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Free 20.0\x64\antimalware_provider.dll that did not meet the Microsoft signing level requirements.

Date: 2019-12-08 14:38:37.402
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Free 20.0\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.

==================== Memory info =========================== 

BIOS: HP N75 Ver. 01.18 10/17/2017
Motherboard: HP 807C
Processor: Intel(R) Core(TM) i7-6600U CPU @ 2.60GHz
Percentage of memory in use: 48%
Total physical RAM: 7848.59 MB
Available physical RAM: 4023.09 MB
Total Virtual: 9064.59 MB
Available Virtual: 5245.71 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:96.26 GB) (Free:39.43 GB) NTFS
Drive d: () (Fixed) (Total:379.28 GB) (Free:82.89 GB) NTFS

\\?\Volume{c58b4d28-0000-0000-0000-100000000000}\ (Vyhradené systémom) (Fixed) (Total:0.54 GB) (Free:0.5 GB) NTFS
\\?\Volume{c58b4d28-0000-0000-0000-e03218000000}\ () (Fixed) (Total:0.86 GB) (Free:0.15 GB) NTFS

==================== MBR & Partition Table ====================

==================== End of Addition.txt =======================