Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-11-2020
Ran by VladimirK (18-11-2020 16:22:06)
Running from C:\Users\vladimirk\Downloads
Windows 8.1 Pro (Update) (X64) (2016-09-06 09:28:40)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

admin (S-1-5-21-1678474182-328064794-2018569793-1001 - Administrator - Enabled) => C:\Users\admin1
Administrator (S-1-5-21-1678474182-328064794-2018569793-500 - Administrator - Disabled)
Guest (S-1-5-21-1678474182-328064794-2018569793-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Security (Enabled - Up to date) {885D845F-AF19-0124-FECE-FFF49D00F440}
AS: ESET Security (Enabled - Up to date) {333C65BB-8923-0EAA-C47E-C486E687BEFD}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (HKLM\...\{FF21C3E6-97FD-474F-9518-8DCBE94C2854}) (Version: 7.2.8 - Hewlett-Packard) Hidden
Adobe Acrobat Reader DC - Slovak (HKLM-x32\...\{AC76BA86-7AD7-1051-7B44-AC0F074E4100}) (Version: 18.011.20040 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.414 - Adobe)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.433 - Adobe)
Avast Driver Updater (HKLM-x32\...\{8804140C-3144-4075-9526-1C662E26CA17}) (Version: 2.5.5 - AVAST Software) Hidden
Avast Driver Updater (HKLM-x32\...\Avast Driver Updater) (Version: 2.5.5 - AVAST Software)
BufferChm (HKLM-x32\...\{FA0FF682-CC70-4C57-93CD-E276F3E7537E}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.46 - Piriform)
Configuration Manager Client (HKLM\...\{343D4507-997F-4553-9F86-2BB81F19A05E}) (Version: 5.00.8239.1000 - Microsoft Corporation) Hidden
CrystalDiskInfo 7.1.1 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 7.1.1 - Crystal Dew World)
Defraggler (HKLM\...\Defraggler) (Version: 2.21 - Piriform)
DeviceDiscovery (HKLM-x32\...\{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden
ESET Endpoint Antivirus (HKLM\...\{D9D12973-95FB-4671-B4D6-CF7CE6EB5094}) (Version: 7.3.2041.0 - ESET, spol. s r.o.)
ESET Management Agent (HKLM\...\{803B32D1-B688-4CF5-AE19-4559D120C299}) (Version: 7.2.1266.0 - ESET, spol. s r.o.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 87.0.4280.66 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.31 - Google LLC) Hidden
HP Dropbox Plugin (HKLM-x32\...\{D12BC084-97D6-438A-AA7C-5962608D17A0}) (Version: 36.0.41.58587 - HP)
HP Google Drive Plugin (HKLM-x32\...\{BFA42100-DB54-467A-BB87-CF70732B4065}) (Version: 36.0.41.58587 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Officejet 100 Mobile L411 14.0 Rel. 6 (HKLM\...\{36419AF2-1B07-4517-984B-ACCA10782FCC}) (Version: 14.0 - HP)
HP OfficeJet 200 Mobile Series Basic Device Software (HKLM\...\{E71E89E5-56FC-4893-BEEB-1341788B3472}) (Version: 40.11.1144.17166 - HP Inc.)
HP OfficeJet 200 Mobile Series Help (HKLM-x32\...\{86067BB4-B1B8-4416-8FBD-738D3A651320}) (Version: 38.0.0 - HP)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.4189 - Intel Corporation)
Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 2.0.0.1036 - Intel Corporation)
Intel(R) USB 3.0 Host Controller Adaptation Driver (HKLM\...\{9472AEE5-5D4D-4329-8BD8-B282FD33B8E0}) (Version: 1.0.0.26 - Intel Corporation)
Intel® Chipset Device Software (HKLM-x32\...\{5a6a5d15-d5af-417c-b08f-f7e5eb1f98af}) (Version: 10.0.26 - Intel(R) Corporation) Hidden
Intel® Security Assist (HKLM-x32\...\{A5830729-36A3-4900-8135-D8A972914342}) (Version: 1.0.0.516 - Intel Corporation)
KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 4.1.5.8 - PandoraTV)
L411 (HKLM-x32\...\{97FC7F51-C03A-49FE-ACCC-242C99475BC2}) (Version: 140.0.001.000 - Hewlett-Packard) Hidden
L411_Help (HKLM-x32\...\{5420FFDB-0FF9-4E6F-88BB-2382B586B3C5}) (Version: 140.0.001.000 - Hewlett-Packard) Hidden
L411_Software_Min (HKLM-x32\...\{1C33CD2B-91E8-4623-B5CC-EFB020E9554E}) (Version: 140.0.001.000 - Hewlett-Packard) Hidden
Malwarebytes verzia 3.8.3.2965 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.8.3.2965 - Malwarebytes)
Media Player Codec Pack 4.4.2 (HKLM-x32\...\Media Player - Codec Pack) (Version: 4.4.2 - Media Player Codec Pack)
Microsoft Office 2013 Standard (HKLM-x32\...\Office15.STANDARD) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 81.0 (x64 sk) (HKLM\...\Mozilla Firefox 81.0 (x64 sk)) (Version: 81.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 57.0.1 - Mozilla)
Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština (HKLM-x32\...\{90150000-001F-0405-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2013 - slovenčina (HKLM-x32\...\{90150000-001F-041B-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Opera Stable 72.0.3815.320 (HKLM-x32\...\Opera 72.0.3815.320) (Version: 72.0.3815.320 - Opera Software)
Photomatix Pro version 5.1 (HKLM\...\PhotomatixPro5x64_is1) (Version: 5.1 - HDRsoft Ltd)
Product Improvement Study for HP OfficeJet 200 Mobile Series (HKLM\...\{296F0809-BDA5-4563-B939-CA7A15DCD0D0}) (Version: 40.11.1144.17166 - HP Inc.)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.340 - Qualcomm Atheros Communications)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 12.57 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.39063 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.38.115.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7503 - Realtek Semiconductor Corp.)
Security Task Manager 2.4 (HKLM-x32\...\Security Task Manager) (Version: 2.4 - Neuber Software)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM-x32\...\{90150000-0012-0000-0000-0000000FF1CE}_Office15.STANDARD_{7F6C4883-A18C-459A-82C1-A2F9403F2DA6}) (Version:  - Microsoft)
Status (HKLM-x32\...\{5B025634-7D5B-4B8D-BE2A-7943C1CF2D5D}) (Version: 140.0.342.000 - Hewlett-Packard) Hidden
Toolbox (HKLM-x32\...\{292F0F52-B62D-4E71-921B-89A682402201}) (Version: 140.0.596.000 - Hewlett-Packard) Hidden
TrayApp (HKLM-x32\...\{CD31E63D-47FD-491C-8117-CF201D0AFAB5}) (Version: 140.0.297.000 - Hewlett-Packard) Hidden
Update for Skype for Business 2015 (KB4484289) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.STANDARD_{F97B139A-D8BF-46FF-A6F6-50710FED8644}) (Version:  - Microsoft)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.10 - VideoLAN)
WebReg (HKLM-x32\...\{8EE94FD8-5F52-4463-A340-185D16328158}) (Version: 140.0.297.017 - Hewlett-Packard) Hidden
Windows 8 Codec Pack 2.0.7 (HKLM-x32\...\Windows 8 - Codec Pack) (Version: 2.0.7 - Windows 8 Codec Pack)
Windows Driver Package - Intel Corporation (iagpioe) System  (02/28/2015 603.9600.1920.60719) (HKLM\...\F7BD032DC4815E48C8FFD310F4793B930D5F4837) (Version: 02/28/2015 603.9600.1920.60719 - Intel Corporation)
Windows Driver Package - Intel Corporation (iai2ce) System  (02/28/2015 603.9600.2425.60717) (HKLM\...\358163B8DA80E489A41CAAC6542BF9E6245297EA) (Version: 02/28/2015 603.9600.2425.60717 - Intel Corporation)
Windows Driver Package - Intel Corporation (iauarte) System  (02/16/2015 603.9600.2426.59928) (HKLM\...\EBFE7C1B6A8869998B8883D5FAFEA855A69722C8) (Version: 02/16/2015 603.9600.2426.59928 - Intel Corporation)
WinRAR 5.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)
YoWindow (HKLM-x32\...\yowindow) (Version: 3 - RepkaSoft)

Packages:
=========
Frameworkuapbase -> C:\Program Files\WindowsApps\48682KiddoTest.Frameworkuapbase_1.0.0.2_neutral__81ffpr532s7pc [2020-03-02] (KiddoTest)
Hudba -> C:\Program Files\WindowsApps\Microsoft.ZuneMusic_2.6.672.0_x64__8wekyb3d8bbwe [2016-10-10] (Microsoft Corporation) [MS Ad]
Knižnica systému Microsoft Windows pre skript JavaScript -> C:\Program Files\WindowsApps\Microsoft.WinJS.Preview.1_1.0.9345.0_neutral__8wekyb3d8bbwe [2020-03-02] (Microsoft Platform Extensions)
Microsoft Windows Library for JavaScript -> C:\Program Files\WindowsApps\Microsoft.WinJS.2.0.Preview.Internal_1.0.9385.3_neutral__8wekyb3d8bbwe [2020-03-02] (Microsoft Platform Extensions)
MSN Zdravie a fitnes -> C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.4.336_x64__8wekyb3d8bbwe [2016-10-10] (Microsoft Corporation) [MS Ad]
TESTFRAMEWORKABO2 -> C:\Program Files\WindowsApps\40538vasetest101.TESTFRAMEWORKABO2_12.0.21005.1_x64__ssm1v0s3df7zc [2020-03-02] (vasetest101)
Video -> C:\Program Files\WindowsApps\Microsoft.ZuneVideo_2.6.446.0_x64__8wekyb3d8bbwe [2016-10-10] (Microsoft Corporation) [MS Ad]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers1: [Atheros] -> {B8952421-0E55-400B-94A6-FA858FC0A39F} => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvAppExt.dll [2015-01-31] (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed]
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2020-08-06] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2014-12-02] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2014-12-02] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2020-08-06] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers3: [FTShellContext] -> {AFF81F7B-6942-40c4-AADA-7214EF7B6DD1} => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ShellContextExt.dll [2015-01-31] (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed]
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2016-09-06] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2020-08-06] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2014-12-02] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2014-12-02] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [vidc.ffds] => C:\Windows\system32\ff_vfw.dll [127488 2014-12-05] () [File not signed]
HKLM\...\Drivers32: [vidc.xvid] => C:\Windows\SysWOW64\xvidvfw.dll [249536 2016-09-21] (Cole Williams Software Limited -> )
HKLM\...\Drivers32: [vidc.x264] => C:\Windows\SysWOW64\x264vfw.dll [3635904 2016-10-03] (Cole Williams Software Limited -> x264vfw project)
HKLM\...\Drivers32: [vidc.lags] => C:\Windows\SysWOW64\lagarith.dll [230080 2016-09-21] (Cole Williams Software Limited -> )
HKLM\...\Drivers32: [msacm.divxa32] => C:\Windows\SysWOW64\DivXa32.acm [291408 2013-12-17] (Packed With Joy !) [File not signed]

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\vladimirk\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d249d9ddd424b688\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default

==================== Loaded Modules (Whitelisted) =============

2015-01-31 03:47 - 2015-01-31 03:47 - 000011264 _____ () [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2015-01-31 03:44 - 2015-01-31 03:44 - 000086016 _____ () [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\Map\MAP.dll
2014-04-22 12:45 - 2014-04-22 12:45 - 000015360 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpotra08.rsc
2011-04-29 18:08 - 2011-04-29 18:08 - 000048128 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.rsc
2015-01-31 03:51 - 2015-01-31 03:51 - 000384128 _____ (Qualcomm Atheros -> ) [File not signed] [File is in use] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ContactsApi.dll
2015-01-31 03:51 - 2015-01-31 03:51 - 000107648 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvAppExt.dll
2015-01-31 03:51 - 2015-01-31 03:51 - 000255104 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvSdkDll.dll
2015-01-31 03:51 - 2015-01-31 03:51 - 000074368 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\CombineAgent.dll
2015-01-31 03:51 - 2015-01-31 03:51 - 000033408 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\CommApi.dll
2015-01-31 03:51 - 2015-01-31 03:51 - 000203392 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\FolderViewImpl.dll
2015-01-31 03:51 - 2015-01-31 03:51 - 000085632 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\GattI.dll
2015-01-31 03:51 - 2015-01-31 03:51 - 000126592 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\gatts.DLL
2015-01-31 03:51 - 2015-01-31 03:51 - 000083072 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Handsfree.dll
2015-01-31 03:52 - 2015-01-31 03:52 - 000034432 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ipc.dll
2015-01-31 03:52 - 2015-01-31 03:52 - 000063104 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ModuleManager.dll
2015-01-31 03:52 - 2015-01-31 03:52 - 001067648 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\OutLookLib.dll
2015-01-31 03:52 - 2015-01-31 03:52 - 000291456 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ShellContextExt.dll
2015-01-31 03:52 - 2015-01-31 03:52 - 000130176 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\skypeagent.dll
2015-01-31 03:52 - 2015-01-31 03:52 - 000027264 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\TCPConnection.dll
2015-01-31 03:52 - 2015-01-31 03:52 - 000116352 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\utils.dll
2015-01-31 03:45 - 2015-01-31 03:45 - 000308224 _____ (Qualcomm Atheros Commnucations) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\LE\LE.dll
2015-01-31 03:46 - 2015-01-31 03:46 - 000210432 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\Audio\audio.dll
2015-01-31 03:47 - 2015-01-31 03:47 - 000162304 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\BasicPrintProfile\BPP.dll
2015-01-31 03:47 - 2015-01-31 03:47 - 000177152 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\BIP\BIP.dll
2015-01-31 03:45 - 2015-01-31 03:45 - 000018432 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\DID\DId.dll
2015-01-31 03:44 - 2015-01-31 03:44 - 000035840 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\FAX\Fax.dll
2015-01-31 03:47 - 2015-01-31 03:47 - 000422400 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\FileTransfer\FileTransfer.dll
2015-01-31 03:47 - 2015-01-31 03:47 - 000096256 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\GapSdp\GapSdp.dll
2015-01-31 03:41 - 2015-01-31 03:41 - 000096768 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\goep\goep.dll
2015-01-31 03:44 - 2015-01-31 03:44 - 000029696 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\HCRP\Hcrp.dll
2015-01-31 03:45 - 2015-01-31 03:45 - 000142848 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\HealthDevice\HDP.dll
2015-01-31 03:48 - 2015-01-31 03:48 - 000091136 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\L2capLib\l2caplib.dll
2015-01-31 03:41 - 2015-01-31 03:41 - 000181248 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\OppOperation\ObjPush.dll
2015-01-31 03:47 - 2015-01-31 03:47 - 000066048 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\OppOperation\OppOperation.dll
2015-01-31 03:47 - 2015-01-31 03:47 - 000067072 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\pbap\pbap.dll
2015-01-31 03:47 - 2015-01-31 03:47 - 000063488 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\RfcommLib\rfcommlib.dll
2015-01-31 03:46 - 2015-01-31 03:46 - 000097280 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\sap\sap.dll
2015-01-31 03:47 - 2015-01-31 03:47 - 000087552 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\SesMgr\sesmgr.dll
2015-01-31 03:46 - 2015-01-31 03:46 - 000055296 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\spp\spp.dll
2015-01-31 03:46 - 2015-01-31 03:46 - 000064512 _____ (Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\Sync\Sync.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2ce.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-1248644485-3150169159-186971291-4134\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/en-xl/?ocid=iehp
DPF: HKLM-x32 {62789780-B744-11D0-986B-00609731A21D} hxxps://mapa.katasterportal.sk/kapor2/lib/mgaxctrl.cab

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

There are 7931 more sites.

IE restricted site: HKU\S-1-5-21-1248644485-3150169159-186971291-4134\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-1248644485-3150169159-186971291-4134\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1248644485-3150169159-186971291-4134\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-1248644485-3150169159-186971291-4134\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-1248644485-3150169159-186971291-4134\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-1248644485-3150169159-186971291-4134\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-1248644485-3150169159-186971291-4134\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-1248644485-3150169159-186971291-4134\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-1248644485-3150169159-186971291-4134\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1248644485-3150169159-186971291-4134\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-1248644485-3150169159-186971291-4134\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-1248644485-3150169159-186971291-4134\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-1248644485-3150169159-186971291-4134\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-1248644485-3150169159-186971291-4134\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-1248644485-3150169159-186971291-4134\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-1248644485-3150169159-186971291-4134\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-1248644485-3150169159-186971291-4134\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-1248644485-3150169159-186971291-4134\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-1248644485-3150169159-186971291-4134\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-1248644485-3150169159-186971291-4134\...\123simsen.com -> www.123simsen.com

There are 7931 more sites.

IE restricted site: HKU\S-1-5-21-1248644485-3150169159-186971291-500\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-1248644485-3150169159-186971291-500\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1248644485-3150169159-186971291-500\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-1248644485-3150169159-186971291-500\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-1248644485-3150169159-186971291-500\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-1248644485-3150169159-186971291-500\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-1248644485-3150169159-186971291-500\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-1248644485-3150169159-186971291-500\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-1248644485-3150169159-186971291-500\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1248644485-3150169159-186971291-500\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-1248644485-3150169159-186971291-500\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-1248644485-3150169159-186971291-500\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-1248644485-3150169159-186971291-500\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-1248644485-3150169159-186971291-500\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-1248644485-3150169159-186971291-500\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-1248644485-3150169159-186971291-500\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-1248644485-3150169159-186971291-500\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-1248644485-3150169159-186971291-500\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-1248644485-3150169159-186971291-500\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-1248644485-3150169159-186971291-500\...\123simsen.com -> www.123simsen.com

There are 7936 more sites.

IE restricted site: HKU\S-1-5-21-1678474182-328064794-2018569793-1001\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-1678474182-328064794-2018569793-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1678474182-328064794-2018569793-1001\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-1678474182-328064794-2018569793-1001\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-1678474182-328064794-2018569793-1001\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-1678474182-328064794-2018569793-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-1678474182-328064794-2018569793-1001\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-1678474182-328064794-2018569793-1001\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-1678474182-328064794-2018569793-1001\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1678474182-328064794-2018569793-1001\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-1678474182-328064794-2018569793-1001\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-1678474182-328064794-2018569793-1001\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-1678474182-328064794-2018569793-1001\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-1678474182-328064794-2018569793-1001\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-1678474182-328064794-2018569793-1001\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-1678474182-328064794-2018569793-1001\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-1678474182-328064794-2018569793-1001\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-1678474182-328064794-2018569793-1001\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-1678474182-328064794-2018569793-1001\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-1678474182-328064794-2018569793-1001\...\123simsen.com -> www.123simsen.com

There are 7933 more sites.


==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2017-10-25 16:09 - 000000035 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\TXE Components\TCS\;C:\Program Files\Intel\TXE Components\TCS\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\TXE Components\DAL\;C:\Program Files (x86)\Intel\TXE Components\DAL\;C:\Program Files\Intel\TXE Components\IPT\;C:\Program Files (x86)\Intel\TXE Components\IPT\
HKU\S-1-5-21-1248644485-3150169159-186971291-4134\Control Panel\Desktop\\Wallpaper -> C:\Users\vladimirk\AppData\Roaming\Microsoft\Windows Photo Viewer\Tapeta programu Windows Photo Viewer.jpg
HKU\S-1-5-21-1248644485-3150169159-186971291-500\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
HKU\S-1-5-21-1678474182-328064794-2018569793-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\StartupFolder: => "HP Digital Imaging Monitor.lnk"
HKLM\...\StartupApproved\StartupFolder: => "CodecPackTrayMenu.lnk"
HKLM\...\StartupApproved\Run: => "RTHDVCPL"
HKLM\...\StartupApproved\Run: => "OODefragTray"
HKLM\...\StartupApproved\Run32: => "isa"
HKLM\...\StartupApproved\Run32: => "SDTray"
HKLM\...\StartupApproved\Run32: => "Opera Browser Assistant"
HKU\S-1-5-21-1248644485-3150169159-186971291-4134\...\StartupApproved\Run: => "WeatherWatcherLive"
HKU\S-1-5-21-1248644485-3150169159-186971291-4134\...\StartupApproved\Run: => "BlueStacks Agent"
HKU\S-1-5-21-1248644485-3150169159-186971291-4134\...\StartupApproved\Run: => "Codec Pack Update Checker"
HKU\S-1-5-21-1248644485-3150169159-186971291-4134\...\StartupApproved\Run: => "Zoner Photo Studio Autoupdate"
HKU\S-1-5-21-1248644485-3150169159-186971291-4134\...\StartupApproved\Run: => "FlashPlayerUpdate"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{DA89A9C8-5BD4-44E7-8685-B5C81CEFB444}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{0AF1C106-B24B-4B49-916F-B33717478FDA}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{9A2FEFC1-6354-4D98-A1E0-EB750A346B61}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{D986BCEF-8DA6-4FC0-95DE-2B8519A59433}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [TCP Query User{5A5D8C16-AEA3-4DE7-846A-2A480E1D3E77}C:\program files (x86)\call of duty\mohaa.exe] => (Allow) C:\program files (x86)\call of duty\mohaa.exe () [File not signed]
FirewallRules: [UDP Query User{E0508AB9-0C7F-4CF3-938E-A04F3F7CC836}C:\program files (x86)\call of duty\mohaa.exe] => (Allow) C:\program files (x86)\call of duty\mohaa.exe () [File not signed]
FirewallRules: [TCP Query User{8FAC01B4-BAB0-4557-B382-37FDEA6F7E75}C:\program files (x86)\call of duty\mohaa.exe] => (Allow) C:\program files (x86)\call of duty\mohaa.exe () [File not signed]
FirewallRules: [UDP Query User{90788585-A6CE-416B-96F0-82F637CFE169}C:\program files (x86)\call of duty\mohaa.exe] => (Allow) C:\program files (x86)\call of duty\mohaa.exe () [File not signed]
FirewallRules: [{FEBD768C-2530-4FAA-B117-A19F6F40F45F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{0DF259E5-C505-4730-862B-FB66314B9778}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{DA4E67E3-D9B6-49B2-8F60-A83C899C499E}C:\program files (x86)\call of duty\mohaa.exe] => (Allow) C:\program files (x86)\call of duty\mohaa.exe () [File not signed]
FirewallRules: [UDP Query User{1D827732-2347-4E01-8BDC-10C5E007D757}C:\program files (x86)\call of duty\mohaa.exe] => (Allow) C:\program files (x86)\call of duty\mohaa.exe () [File not signed]
FirewallRules: [{351A78B2-BACF-460E-8C34-F9F060D73DC6}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{D7B73A1B-2C5D-43E7-B408-33D05CCF8A50}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{5D2DF4A8-6B51-4D92-A79B-4D381EF56BE2}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{484889C9-E971-49FA-BBD8-4AC8020C8E58}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{FE01E2ED-D798-4D55-A4A3-023EE6EBD25D}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{2901F451-C197-473D-8F98-9873E30D996F}] => (Allow) C:\Program Files\HP\HP OfficeJet 200 Mobile Series\Bin\DeviceSetup.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{1EA9B5C2-5DF9-4EF3-B900-2575B7F832E2}] => (Allow) LPort=5357
FirewallRules: [{00DAC5ED-1196-4E81-B92D-B8D2CE71E9BA}] => (Allow) C:\Program Files\HP\HP OfficeJet 200 Mobile Series\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [TCP Query User{A37AC838-80A6-4C2F-830D-030C551C86FE}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{ED0AF665-F5E2-4932-9820-418E6FC98E42}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{343FF7EB-20E1-4F03-86DC-5A5768FBD413}] => (Allow) C:\Users\vladimirk\AppData\Local\Programs\Opera\72.0.3815.186\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{CD361913-F414-4AA1-9FEA-572B1999EE71}] => (Allow) C:\Users\vladimirk\AppData\Local\Programs\Opera\72.0.3815.320\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{AC9066BE-398E-4208-A700-ADA0D75E3E63}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================


==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (11/13/2020 04:03:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: AdwCleaner.exe, verzia: 7.4.0.0, časová značka: 0x5d3760f2
Názov chybujúceho modulu: AdwCleaner.exe, verzia: 7.4.0.0, časová značka: 0x5d3760f2
Kód výnimky: 0xc0000005
Odstup chyby: 0x0041f4eb
Identifikácia chybujúceho procesu: 0xd44
Čas spustenia chybujúcej aplikácie: 0x01d6b9ce24033cdd
Cesta chybujúcej aplikácie: C:\Users\vladimirk\Desktop\AdwCleaner.exe
Cesta chybujúceho modulu: C:\Users\vladimirk\Desktop\AdwCleaner.exe
Identifikácia hlásenia: 6c587a87-25c1-11eb-8348-548ca08d010e
Celé meno chybujúceho balíka: 
Identifikácia chybujúcej aplikácie vzhľadom na balík:

Error: (11/13/2020 03:58:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: AdwCleaner.exe, verzia: 7.4.0.0, časová značka: 0x5d3760f2
Názov chybujúceho modulu: AdwCleaner.exe, verzia: 7.4.0.0, časová značka: 0x5d3760f2
Kód výnimky: 0xc0000005
Odstup chyby: 0x0041f4eb
Identifikácia chybujúceho procesu: 0x13bc
Čas spustenia chybujúcej aplikácie: 0x01d6b9cd728e1626
Cesta chybujúcej aplikácie: C:\Users\vladimirk\Desktop\AdwCleaner.exe
Cesta chybujúceho modulu: C:\Users\vladimirk\Desktop\AdwCleaner.exe
Identifikácia hlásenia: b2d6e1cc-25c0-11eb-8348-548ca08d010e
Celé meno chybujúceho balíka: 
Identifikácia chybujúcej aplikácie vzhľadom na balík:

Error: (11/13/2020 03:57:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: AdwCleaner.exe, verzia: 7.4.0.0, časová značka: 0x5d3760f2
Názov chybujúceho modulu: AdwCleaner.exe, verzia: 7.4.0.0, časová značka: 0x5d3760f2
Kód výnimky: 0xc0000005
Odstup chyby: 0x0041f4eb
Identifikácia chybujúceho procesu: 0xcf8
Čas spustenia chybujúcej aplikácie: 0x01d6b9cd598bb3e1
Cesta chybujúcej aplikácie: C:\Users\vladimirk\Desktop\AdwCleaner.exe
Cesta chybujúceho modulu: C:\Users\vladimirk\Desktop\AdwCleaner.exe
Identifikácia hlásenia: 9e2459fc-25c0-11eb-8348-548ca08d010e
Celé meno chybujúceho balíka: 
Identifikácia chybujúcej aplikácie vzhľadom na balík:

Error: (11/13/2020 03:53:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: mbamservice.exe, verzia: 3.2.0.845, časová značka: 0x5d10ed55
Názov chybujúceho modulu: CleanControllerImpl.dll, verzia: 3.2.0.522, časová značka: 0x5cf92c6c
Kód výnimky: 0xc0000409
Odstup chyby: 0x0000000000312ced
Identifikácia chybujúceho procesu: 0xee4
Čas spustenia chybujúcej aplikácie: 0x01d6b9c6cee63b5c
Cesta chybujúcej aplikácie: C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
Cesta chybujúceho modulu: C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\CleanControllerImpl.dll
Identifikácia hlásenia: f8915456-25bf-11eb-8348-548ca08d010e
Celé meno chybujúceho balíka: 
Identifikácia chybujúcej aplikácie vzhľadom na balík:

Error: (11/13/2020 02:06:43 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program AcroRd32.exe version 18.11.20040.19174 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 12e4

Start Time: 01d6b9acd4fbd15f

Termination Time: 1921

Application Path: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe

Report Id: f3465cd3-25b0-11eb-8348-548ca08d010e

Faulting package full name: 

Faulting package-relative application ID:

Error: (10/30/2020 12:41:22 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program firefox.exe version 81.0.0.7565 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 7e4

Start Time: 01d6ae8903025649

Termination Time: 4294967295

Application Path: C:\Program Files\Mozilla Firefox\firefox.exe

Report Id: d19b5258-1aa4-11eb-8346-548ca08d010e

Faulting package full name: 

Faulting package-relative application ID:

Error: (10/30/2020 08:49:25 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program SystemSettings.exe version 6.3.9600.17489 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1988

Start Time: 01d6add4a5a21004

Termination Time: 4294967295

Application Path: C:\Windows\ImmersiveControlPanel\SystemSettings.exe

Report Id: 6672fdca-1a84-11eb-8346-548ca08d010e

Faulting package full name: windows.immersivecontrolpanel_6.2.0.0_neutral_neutral_cw5n1h2txyewy

Faulting package-relative application ID: microsoft.windows.immersivecontrolpanel

Error: (10/30/2020 08:49:12 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: SOI)
Description: Balík windows.immersivecontrolpanel_6.2.0.0_neutral_neutral_cw5n1h2txyewy+microsoft.windows.immersivecontrolpanel sa ukončil, pretože jeho odstavenie trvalo príliš dlho.


System errors:
=============
Error: (11/18/2020 04:23:21 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID 
{B019CAE0-D910-410F-AD15-5AFA0E58DF61}
 and APPID 
{AD65A69D-3831-40D7-9629-9B0B50A93843}
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (11/18/2020 04:23:21 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID 
{05D1D5D8-18D1-4B83-85ED-A0F99D53C885}
 and APPID 
{AD65A69D-3831-40D7-9629-9B0B50A93843}
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (11/18/2020 04:18:18 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba SMS Agent Host sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 5 krát. O 300000 ms bude vykonaná nasledujúca opravná akcia: Reštartovať službu.

Error: (11/18/2020 04:09:13 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID 
{B019CAE0-D910-410F-AD15-5AFA0E58DF61}
 and APPID 
{AD65A69D-3831-40D7-9629-9B0B50A93843}
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (11/18/2020 04:09:13 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID 
{05D1D5D8-18D1-4B83-85ED-A0F99D53C885}
 and APPID 
{AD65A69D-3831-40D7-9629-9B0B50A93843}
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (11/18/2020 04:03:58 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba SMS Agent Host sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 4 krát. O 300000 ms bude vykonaná nasledujúca opravná akcia: Reštartovať službu.

Error: (11/18/2020 04:03:29 PM) (Source: Microsoft-Windows-GroupPolicy) (EventID: 1129) (User: SOI)
Description: Spracovanie skupinovej politiky zlyhalo v dôsledku chýbajúceho sieťového pripojenia na radič domény. Tento stav môže byť prechodný. Po pripojení počítača na radič domény a úspešnom spracovaní skupinovej politiky sa vygeneruje hlásenie o úspešnom spracovaní. Ak sa toto hlásenie nezobrazí ani po uplynutí viacerých hodín, obráťte sa na správcu.

Error: (11/18/2020 03:57:17 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID 
{B019CAE0-D910-410F-AD15-5AFA0E58DF61}
 and APPID 
{AD65A69D-3831-40D7-9629-9B0B50A93843}
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.


Windows Defender:
===================================
Date: 2020-09-10 08:30:17.877
Description: 
Windows Defender scan has been stopped before completion.
Scan ID: {5B868C22-24BC-40F9-BC00-C8D4E7E35769}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2020-09-09 08:10:16.748
Description: 
Windows Defender scan has been stopped before completion.
Scan ID: {EA06B693-EDF7-46E3-91F5-E4F677D1DAFD}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2020-09-03 08:43:46.709
Description: 
Windows Defender scan has been stopped before completion.
Scan ID: {BE381955-27D7-45A7-B0B2-211A09D83DFC}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2020-09-02 11:01:23.562
Description: 
Windows Defender scan has been stopped before completion.
Scan ID: {C6BDEF27-448D-4EBF-A8B0-279283F4B815}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2020-09-02 10:45:16.897
Description: 
Windows Defender scan has been stopped before completion.
Scan ID: {B94AC2A6-49F6-4DE7-AD2E-3A68499A177F}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2020-08-24 12:16:29.423
Description: 
Windows Defender Real-Time Protection feature has encountered an error and failed.
Feature: On Access
Error Code: 0x80004005
Error description: Neznáma chyba 
Reason: The filter driver skipped scanning items and is in pass through mode. This may be due to low resource conditions.

Date: 2020-07-22 11:43:38.754
Description: 
Windows Defender Real-Time Protection feature has encountered an error and failed.
Feature: On Access
Error Code: 0x80004005
Error description: Neznáma chyba 
Reason: The filter driver skipped scanning items and is in pass through mode. This may be due to low resource conditions.

Date: 2020-04-08 16:55:22.285
Description: 
Windows Defender has encountered an error trying to update signatures.
New Signature Version: 
Previous Signature Version: 1.313.413.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.16900.4
Error code: 0x80080005
Error description: Operácia vykonávaná serverom zlyhala 

Date: 2020-03-04 11:35:12.589
Description: 
Windows Defender Real-Time Protection feature has encountered an error and failed.
Feature: On Access
Error Code: 0x80004005
Error description: Neznáma chyba 
Reason: The filter driver skipped scanning items and is in pass through mode. This may be due to low resource conditions.

Date: 2020-02-10 08:27:51.292
Description: 
Windows Defender Real-Time Protection feature has encountered an error and failed.
Feature: On Access
Error Code: 0x80004005
Error description: Neznáma chyba 
Reason: The filter driver skipped scanning items and is in pass through mode. This may be due to low resource conditions.

CodeIntegrity:
===================================

Date: 2020-09-10 08:36:36.350
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-09-03 08:48:04.852
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-09-02 10:32:08.666
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-08-26 08:11:30.701
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-08-24 11:47:44.463
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-08-13 11:08:05.043
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-07-23 09:57:18.016
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2020-07-22 08:55:29.460
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

==================== Memory info =========================== 

BIOS: Insyde Corp. V1.18 06/14/2016
Motherboard: Acer Extensa 2519
Processor: Intel(R) Celeron(R) CPU N3160 @ 1.60GHz
Percentage of memory in use: 72%
Total physical RAM: 3921.61 MB
Available physical RAM: 1081.25 MB
Total Virtual: 7421.61 MB
Available Virtual: 2530.74 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:194.97 GB) (Free:128.73 GB) NTFS
Drive e: () (Fixed) (Total:270.45 GB) (Free:122.64 GB) NTFS

\\?\Volume{25cc169f-7412-11e6-824f-806e6f6e6963}\ (Vyhradené systémom) (Fixed) (Total:0.34 GB) (Free:0.06 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: BC658CCE)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=195 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=270.4 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================