Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-12-2020
Ran by bolo0 (17-12-2020 22:42:39)
Running from C:\Users\bolo0\Desktop
Windows 10 Pro Version 2004 19041.685 (X64) (2020-09-22 15:56:38)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-291342364-4220692242-2728702819-500 - Administrator - Disabled)
bolo0 (S-1-5-21-291342364-4220692242-2728702819-1001 - Administrator - Enabled) => C:\Users\bolo0
DefaultAccount (S-1-5-21-291342364-4220692242-2728702819-503 - Limited - Disabled)
Guest (S-1-5-21-291342364-4220692242-2728702819-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-291342364-4220692242-2728702819-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Kaspersky Free (Enabled - Up to date) {0AB30972-4BAC-7BEE-CBCA-B8F9E68797D8}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

ACA & MEP 2021 Object Enabler (HKLM\...\{28B89EEF-4104-0000-5102-CF3F3A09B77D}) (Version: 8.3.51.0 - Autodesk) Hidden
ACAD Private (HKLM\...\{28B89EEF-4101-0000-3102-CF3F3A09B77D}) (Version: 24.0.47.0 - Autodesk) Hidden
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.465 - Adobe)
Aktualizácie NVIDIA 38.0.5.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 38.0.5.0 - NVIDIA Corporation) Hidden
Aplikácie Microsoft 365 pre veľké organizácie - sk-sk (HKLM\...\O365ProPlusRetail - sk-sk) (Version: 16.0.13426.20332 - Microsoft Corporation)
AutoCAD 2021 – Čeština (Czech) (HKLM\...\{28B89EEF-4101-0405-2102-CF3F3A09B77D}) (Version: 24.0.47.0 - Autodesk) Hidden
AutoCAD 2021 (HKLM\...\{28B89EEF-4101-0000-0102-CF3F3A09B77D}) (Version: 24.0.47.0 - Autodesk) Hidden
AutoCAD 2021 Language Pack – Čeština (Czech) (HKLM\...\{28B89EEF-4101-0405-1102-CF3F3A09B77D}) (Version: 24.0.47.0 - Autodesk) Hidden
Autodesk App Manager 2020-2021 (HKLM-x32\...\{DB92FEA7-F78C-469E-B138-E2303220F0C4}) (Version: 3.1.0 - Autodesk)
Autodesk AutoCAD 2021 – Čeština (Czech) (HKLM\...\AutoCAD 2021 – Čeština (Czech)) (Version: 24.0.47.0 - Autodesk)
Autodesk Desktop App (HKLM-x32\...\Autodesk Desktop App) (Version: 8.0.0.46 - Autodesk)
Autodesk Featured Apps 2020-2021 (HKLM-x32\...\{2CBD494D-0A3E-4CB3-AFB3-8CE1734613B0}) (Version: 3.1.0 - Autodesk)
Autodesk Genuine Service (HKLM-x32\...\{54A00624-3EF9-49A2-92A9-7244EADD0212}) (Version: 3.2.18 - Autodesk)
Autodesk Material Library 2021 (HKLM-x32\...\{6774FD60-7D4B-4D57-BE56-2702A07C9701}) (Version: 19.1.22.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2021 (HKLM-x32\...\{6EFAD582-86C1-4AB2-97C5-2070D0B90E08}) (Version: 19.1.22.0 - Autodesk)
Autodesk Save to Web and Mobile (HKLM\...\{A9005AC0-4AD8-4E84-B1F7-EE38BB6BCC2D}) (Version: 3.0.26 - Autodesk)
Autodesk Single Sign On Component (HKLM\...\{951BB060-1350-4C93-BD83-D966C51D4005}) (Version: 11.2.0.1802 - Autodesk)
Blitz 1.13.53 (HKU\S-1-5-21-291342364-4220692242-2728702819-1001\...\153f8ce0-b97a-575b-ba12-4ff8b1481894) (Version: 1.13.53 - Blitz, Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.1.20.13 - Canon Inc.)
Canon MG3600 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG3600_series) (Version:  - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.72 - Piriform)
Discord (HKU\S-1-5-21-291342364-4220692242-2728702819-1001\...\Discord) (Version: 0.0.309 - Discord Inc.)
Epic Games Launcher (HKLM-x32\...\{38032CA4-BABE-44FB-813F-E152455B8FED}) (Version: 1.1.291.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Grand Theft Auto V (HKLM-x32\...\{5EFC6C07-6B87-43FC-9524-F9E967241741}) (Version: 1.0.2060.1 - Rockstar Games)
Kaspersky Free (HKLM-x32\...\{D891550B-ACFE-4797-B368-BCFC434BBEB1}) (Version: 20.0.14.1085 - Kaspersky) Hidden
Kaspersky Free (HKLM-x32\...\InstallWIX_{D891550B-ACFE-4797-B368-BCFC434BBEB1}) (Version: 20.0.14.1085 - Kaspersky)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKU\S-1-5-21-291342364-4220692242-2728702819-1001\...\Riot Game league_of_legends.live) (Version:  - Riot Games, Inc)
Logitech Gaming Software 5.10 (HKLM\...\{1444D2EE-C7AD-44A8-844F-2634B49353D1}) (Version: 5.10.127 - Logitech)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 87.0.664.60 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.139.59 - )
Microsoft Teams (HKU\S-1-5-21-291342364-4220692242-2728702819-1001\...\Teams) (Version: 1.3.00.30866 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.24.28127 (HKLM-x32\...\{282975d8-55fe-4991-bbbb-06a72581ce58}) (Version: 14.24.28127.4 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.24.28127 (HKLM-x32\...\{e31cb1a4-76b5-46a5-a084-3fa419e82201}) (Version: 14.24.28127.4 - Microsoft Corporation)
Motorsport Manager Save Game Editor (HKLM-x32\...\{B3C48982-9099-4A29-A90C-E2888BFFDC5E}) (Version: 1.4.6536.39633 - RWSoftware)
Mozilla Firefox 84.0 (x64 sk) (HKLM\...\Mozilla Firefox 84.0 (x64 sk)) (Version: 84.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 78.2.2 - Mozilla)
Mozilla Thunderbird 78.2.2 (x86 sk) (HKLM-x32\...\Mozilla Thunderbird 78.2.2 (x86 sk)) (Version: 78.2.2 - Mozilla)
Mozilla Thunderbird 78.5.1 (x86 sk) (HKU\S-1-5-21-291342364-4220692242-2728702819-1001\...\Mozilla Thunderbird 78.5.1 (x86 sk)) (Version: 78.5.1 - Mozilla)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.27 - NVIDIA Corporation) Hidden
NVIDIA FrameView SDK 1.1.4923.29214634 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29214634 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.20.5.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.5.70 - NVIDIA Corporation)
NVIDIA Grafický ovládač 460.79 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 460.79 - NVIDIA Corporation)
NVIDIA Ovládač zvuku HD 1.3.38.40 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.40 - NVIDIA Corporation)
NVIDIA Softvér systému s podporou technológie PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
NvModuleTracker (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvModuleTracker.Driver) (Version: 6.14.24033.38719 - NVIDIA Corporation) Hidden
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.13426.20332 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.13426.20332 - Microsoft Corporation) Hidden
paint.net (HKLM\...\{B56F4594-AA51-450A-BBD0-2CE48675D33A}) (Version: 4.2.14 - dotPDN LLC)
qBittorrent 4.2.5 (HKLM-x32\...\qBittorrent) (Version: 4.2.5 - The qBittorrent project)
Registrácia používateľa produktu Canon MG3600 series (HKLM-x32\...\Registrácia používateľa produktu Canon MG3600 series) (Version:  - ‭Canon Inc.)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.33.319 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.7.5 - Rockstar Games)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.3.0.21759 - Microsoft Corporation)
TruckersMP Launcher 1.0.0.4 (HKLM\...\{A227B892-C548-4490-9C5D-DB341F8194A6}_is1) (Version: 1.0.0.4 - TruckersMP Team)
TrucksBook Client verze 1.3.6 (HKLM-x32\...\TrucksBook Client_is1) (Version: 1.3.6 - TrucksBook)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.11 - VideoLAN)
WinRAR 5.91 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.91.0 - win.rar GmbH)

Packages:
=========
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa [2020-11-18] (Apple Inc.) [Startup Task]
Minecraft for Windows 10 -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.16.20102.0_x64__8wekyb3d8bbwe [2020-12-16] (Microsoft Studios)
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.97.752.0_x64__mcm4njqhnhss8 [2020-09-22] (Netflix, Inc.)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.959.0_x64__56jybvy8sckqj [2020-12-09] (NVIDIA Corp.)
TeamViewer: Remote Control -> C:\Program Files\WindowsApps\TeamViewer.31414B719FA93_15.0.100.0_x86__89446h4zmeyyt [2020-10-06] (TeamViewer)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-291342364-4220692242-2728702819-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\bolo0\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20275.4\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-291342364-4220692242-2728702819-1001_Classes\CLSID\{345D3165-3889-4694-AB75-A91A27B217E8}\localserver32 -> D:\Programy\Autodesk\AutoCAD 2021\acad.exe (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-291342364-4220692242-2728702819-1001_Classes\CLSID\{8B4929F8-076F-4AEC-AFEE-8928747B7AE3}\localserver32 -> D:\Programy\Autodesk\AutoCAD 2021\acad.exe (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-291342364-4220692242-2728702819-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> D:\Programy\Autodesk\AutoCAD 2021\cs-CZ\acadficn.dll (Autodesk Asia Pte. Ltd. -> Autodesk, Inc.)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2020-01-22] (Autodesk, Inc. -> Autodesk, Inc.)
ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2020-01-22] (Autodesk, Inc. -> Autodesk)
ContextMenuHandlers1: [Kaspersky Anti-Virus 20.0] -> {6E1B4453-548D-4C43-A4AB-DE8D1D3DE17B} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 20.0\x64\ShellEx.dll [2020-09-22] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\WinRAR\rarext.dll [2020-08-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\WinRAR\rarext32.dll [2020-08-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Kaspersky Anti-Virus 20.0] -> {6E1B4453-548D-4C43-A4AB-DE8D1D3DE17B} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 20.0\x64\ShellEx.dll [2020-09-22] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers4: [Kaspersky Anti-Virus 20.0] -> {6E1B4453-548D-4C43-A4AB-DE8D1D3DE17B} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 20.0\x64\ShellEx.dll [2020-09-22] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\System32\DriverStore\FileRepository\nvmdi.inf_amd64_acf8aa2f12c482c7\nvshext.dll [2020-12-05] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [Kaspersky Anti-Virus 20.0] -> {6E1B4453-548D-4C43-A4AB-DE8D1D3DE17B} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 20.0\x64\ShellEx.dll [2020-09-22] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\WinRAR\rarext.dll [2020-08-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\WinRAR\rarext32.dll [2020-08-26] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2020-10-17 12:03 - 2020-12-17 07:18 - 000415232 _____ () [File not signed] \\?\C:\Users\bolo0\AppData\Local\Programs\Blitz\resources\app.asar.unpacked\node_modules\leveldown\prebuilds\win32-ia32\node.napi.node
2020-10-17 12:03 - 2020-12-17 07:18 - 001136128 _____ () [File not signed] \\?\C:\Users\bolo0\AppData\Local\Programs\Blitz\resources\helper\electron_overlay.node
2020-10-17 12:03 - 2020-12-17 07:18 - 002663424 _____ () [File not signed] C:\Users\bolo0\AppData\Local\Programs\Blitz\ffmpeg.dll
2020-10-17 12:03 - 2020-12-17 07:18 - 000367104 _____ () [File not signed] C:\Users\bolo0\AppData\Local\Programs\Blitz\libegl.dll
2020-10-17 12:03 - 2020-12-17 07:18 - 006631936 _____ () [File not signed] C:\Users\bolo0\AppData\Local\Programs\Blitz\libglesv2.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [7684]

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\S-1-5-21-291342364-4220692242-2728702819-1001\Software\Classes\.scr: AutoCADScriptFile => C:\Windows\system32\notepad.exe "%1"

==================== Internet Explorer (Whitelisted) ==========

BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2020-09-22] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2020-09-22] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-12-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-12-05] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-12-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-12-05] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-12-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-12-05] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-12-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-12-05] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-291342364-4220692242-2728702819-1001\...\sharepoint.com -> hxxps://uniag1-files.sharepoint.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-12-07 10:14 - 2019-12-07 10:12 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-291342364-4220692242-2728702819-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\windows\img0.jpg
DNS Servers: 192.168.1.1 - 195.146.128.62
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKU\S-1-5-21-291342364-4220692242-2728702819-1001\...\StartupApproved\StartupFolder: => "Odoslanie do aplikácie OneNote.lnk"
HKU\S-1-5-21-291342364-4220692242-2728702819-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-291342364-4220692242-2728702819-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-291342364-4220692242-2728702819-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"
HKU\S-1-5-21-291342364-4220692242-2728702819-1001\...\StartupApproved\Run: => "Lync"
HKU\S-1-5-21-291342364-4220692242-2728702819-1001\...\StartupApproved\Run: => "Steam"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{0D1B2EBC-1770-4ECC-A454-224CF4CDB4DB}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{2FD94298-EBB7-4960-A45F-366F9C40CDC3}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{66EB7450-0AF6-44D1-B946-35B4572A3928}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{D63701F0-EFB4-409E-BBFE-7791792DC470}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{8368F9FE-21B6-401F-920B-962B6F756B58}] => (Allow) D:\Programy\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{D6075C09-3D9E-4F6D-84E9-7563296754BD}] => (Allow) D:\Programy\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{BB803164-0764-46C7-9103-3AA154C14285}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{7B0ED0AF-B418-4873-8D7A-05BB2B64695D}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{80E8E582-ED1B-45CF-AC76-300673E66250}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{32196BE3-6995-48E8-8FB6-C63ED693BBBB}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{8A05BD03-6DEA-472E-9E7F-DA61D8FDEE30}C:\users\bolo0\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\bolo0\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{96DC46A4-F8AC-475C-8395-9F9DF2490847}C:\users\bolo0\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\bolo0\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{38F03380-5DB9-4D4B-B3BC-52224B23FDAA}] => (Block) C:\users\bolo0\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B8B20EFC-4A92-410D-9386-1F7DD59214C3}] => (Block) C:\users\bolo0\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F95375B6-4135-4EE0-94E0-B515EDA86CE0}] => (Allow) D:\Programy\Steam\steamapps\common\Among Us\Among Us.exe () [File not signed]
FirewallRules: [{6CFE43F4-5001-4DD9-9149-615B7CCF493E}] => (Allow) D:\Programy\Steam\steamapps\common\Among Us\Among Us.exe () [File not signed]
FirewallRules: [{81BA8968-5D3C-4AA7-AEE0-75CAE6CE0D5C}] => (Allow) D:\Programy\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{84E5B016-6552-41E2-95A5-2EAC73B76F44}] => (Allow) D:\Programy\qBittorrent\qbittorrent.exe () [File not signed]
FirewallRules: [{456CC381-8922-4A2A-9A48-B7EF96BC76C4}] => (Allow) D:\Programy\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{BC9E89F7-E6BE-429C-AB5C-67C74AF7F2A6}] => (Allow) D:\Programy\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [TCP Query User{7C6FFD87-9EE0-4AC4-8E58-CCBE7DA8B217}D:\hry\rockstar games\grand theft auto v\gta5.exe] => (Allow) D:\hry\rockstar games\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [UDP Query User{877268E6-2663-4A5C-9378-F2C99D5B27C3}D:\hry\rockstar games\grand theft auto v\gta5.exe] => (Allow) D:\hry\rockstar games\grand theft auto v\gta5.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{EB08F256-0D3E-492C-AE72-301D3FD985C7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{B8E532F6-8499-4282-B84E-3073010360A2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{DDE38F42-3588-43BE-8793-71A7EC2CFF6A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{F8DC9F7C-7B6F-4E7A-B763-7A597F76426D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{A348DEBE-DF75-4ACA-A215-4F16B241D0E0}D:\hry\farmingsimulator19\x64\farmingsimulator2019game.exe] => (Allow) D:\hry\farmingsimulator19\x64\farmingsimulator2019game.exe (GIANTS Software GmbH -> GIANTS Software GmbH)
FirewallRules: [UDP Query User{95B944CB-0D94-4934-ACDC-AA65ED352753}D:\hry\farmingsimulator19\x64\farmingsimulator2019game.exe] => (Allow) D:\hry\farmingsimulator19\x64\farmingsimulator2019game.exe (GIANTS Software GmbH -> GIANTS Software GmbH)
FirewallRules: [{08798863-3C27-4C80-A255-7B711A2ABC29}] => (Allow) D:\Programy\Steam\steamapps\common\Car Mechanic Simulator 2018\cms2018.exe () [File not signed]
FirewallRules: [{AEEB7B72-A41C-4056-A5F4-9026E55667E7}] => (Allow) D:\Programy\Steam\steamapps\common\Car Mechanic Simulator 2018\cms2018.exe () [File not signed]
FirewallRules: [{E532A826-DEB0-417C-8925-4CD89FF76BBA}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{132087FE-B6C4-4C7E-A037-EAE8679E1430}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{1CFDB712-434F-4661-8578-68194535D387}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{E6439175-18D6-4C13-B066-35A4270AE801}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{3E3CC0B9-ECA8-4D9A-A6AB-C790576C92BA}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{E151BC70-BF79-4BA9-B7AA-42CCA89C16EC}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{EE747D7A-B52A-4AD6-8B8C-7DBF8F62C836}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{8F19BB7A-6EB2-469C-A37D-9F53225544B9}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{BA9259B3-8FFF-4FA8-9E44-EF185182C107}] => (Allow) D:\Programy\Steam\steamapps\common\WRC 7\WRC7.exe () [File not signed]
FirewallRules: [{59B71F53-99C1-43FE-BF55-724674E6130F}] => (Allow) D:\Programy\Steam\steamapps\common\WRC 7\WRC7.exe () [File not signed]
FirewallRules: [TCP Query User{F6D43C96-E422-4A22-BEAA-DFBBCFDFB3C8}D:\hry\mudrunner\mudrunner.exe] => (Allow) D:\hry\mudrunner\mudrunner.exe (Focus Home Interactive) [File not signed]
FirewallRules: [UDP Query User{7FCA68D1-3641-4838-B92E-9623D05FCC2E}D:\hry\mudrunner\mudrunner.exe] => (Allow) D:\hry\mudrunner\mudrunner.exe (Focus Home Interactive) [File not signed]
FirewallRules: [{7591CC0F-146B-4883-A681-1DAC5EAF9FC1}] => (Allow) D:\Programy\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe () [File not signed]
FirewallRules: [{0F03FF12-3C39-4A00-957A-4B6FFA585ABF}] => (Allow) D:\Programy\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe () [File not signed]
FirewallRules: [{54BF158E-0189-4052-B75E-105AB6E92AE8}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5A7A1465-271D-410F-AADC-2AA962B36257}] => (Allow) D:\Programy\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{6979D028-E911-404E-AB88-3254C08E90B9}] => (Allow) D:\Programy\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{CB5425E7-3540-4F4A-91F5-3F7035C1CAB1}] => (Allow) D:\Programy\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{C03A144F-43E6-4326-B9E9-259E919DC451}] => (Allow) D:\Programy\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{D79EEAA0-3E67-4F3E-8930-E3E2DEA7DCE8}] => (Allow) D:\Programy\Steam\steamapps\common\Motorsport Manager\MM.exe () [File not signed]
FirewallRules: [{D66BA943-EA12-4D8D-848D-82939EDBFBB0}] => (Allow) D:\Programy\Steam\steamapps\common\Motorsport Manager\MM.exe () [File not signed]

==================== Restore Points =========================

ATTENTION: System Restore is disabled (Total:111.24 GB) (Free:50.91 GB) (46%)

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (12/16/2020 09:00:37 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program GameBar.exe version 5.420.11102.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 1fc0

Start Time: 01d6d3e4b82d9adb

Termination Time: 4294967295

Application Path: C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.420.11102.0_x64__8wekyb3d8bbwe\GameBar.exe

Report Id: 659e1586-cff9-44fc-81c6-6a59917f86f8

Faulting package full name: Microsoft.XboxGamingOverlay_5.420.11102.0_x64__8wekyb3d8bbwe

Faulting package-relative application ID: App

Hang type: Navigation

Error: (12/16/2020 07:56:17 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiska nemohol dokončiť opätovné vystrihnutie v (E:), pretože: Hardvér, ktorý podporuje tento zväzok, nepodporuje požadovanú operáciu. (0x8900002A)

Error: (12/16/2020 07:55:32 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiska nemohol dokončiť opätovné vystrihnutie v (D:), pretože: Hardvér, ktorý podporuje tento zväzok, nepodporuje požadovanú operáciu. (0x8900002A)


System errors:
=============
Error: (12/17/2020 10:57:12 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-I8S2KDQ)
Description: The server {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} did not register with DCOM within the required timeout.

Error: (12/16/2020 10:30:57 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-I8S2KDQ)
Description: The server {A463FCB9-6B1C-4E0D-A80B-A2CA7999E25D} did not register with DCOM within the required timeout.

Error: (12/16/2020 10:30:57 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-I8S2KDQ)
Description: The server {A463FCB9-6B1C-4E0D-A80B-A2CA7999E25D} did not register with DCOM within the required timeout.

Error: (12/16/2020 10:30:57 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-I8S2KDQ)
Description: The server {A463FCB9-6B1C-4E0D-A80B-A2CA7999E25D} did not register with DCOM within the required timeout.

Error: (12/16/2020 07:50:42 AM) (Source: DCOM) (EventID: 10000) (User: DESKTOP-I8S2KDQ)
Description: Unable to start a DCOM Server: {0358B920-0AC7-461F-98F4-58E32CD89148}. The error:
"2147942767"
Happened while starting this command:
C:\Windows\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}

Error: (12/13/2020 07:47:35 PM) (Source: DCOM) (EventID: 10000) (User: DESKTOP-I8S2KDQ)
Description: Unable to start a DCOM Server: {0358B920-0AC7-461F-98F4-58E32CD89148}. The error:
"2147942767"
Happened while starting this command:
C:\Windows\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}

Error: (12/13/2020 01:34:14 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-I8S2KDQ)
Description: The server {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} did not register with DCOM within the required timeout.

Error: (12/12/2020 01:27:42 PM) (Source: DCOM) (EventID: 10000) (User: DESKTOP-I8S2KDQ)
Description: Unable to start a DCOM Server: {0358B920-0AC7-461F-98F4-58E32CD89148}. The error:
"2147942767"
Happened while starting this command:
C:\Windows\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}


CodeIntegrity:
===================================

Date: 2020-12-17 21:08:27.2870000Z
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Free 20.0\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.

Date: 2020-12-17 21:08:27.2650000Z
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Free 20.0\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.

Date: 2020-12-17 21:08:27.1590000Z
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Free 20.0\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.

Date: 2020-12-17 21:04:35.2380000Z
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Free 20.0\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.

Date: 2020-12-17 21:04:24.3270000Z
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Free 20.0\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.

Date: 2020-12-17 21:04:23.8670000Z
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Free 20.0\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.

Date: 2020-12-17 21:04:22.2930000Z
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Free 20.0\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.

Date: 2020-12-17 21:04:20.2590000Z
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Free 20.0\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.

==================== Memory info =========================== 

BIOS: Award Software International, Inc. F7 11/24/2010
Motherboard: Gigabyte Technology Co., Ltd. GA-880GA-UD3H
Processor: AMD Phenom(tm) II X4 965 Processor
Percentage of memory in use: 44%
Total physical RAM: 8188.53 MB
Available physical RAM: 4534.83 MB
Total Virtual: 12540.53 MB
Available Virtual: 6307.11 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:111.24 GB) (Free:50.91 GB) NTFS
Drive d: () (Fixed) (Total:454.1 GB) (Free:207.62 GB) NTFS
Drive e: () (Fixed) (Total:477.41 GB) (Free:382.3 GB) NTFS

\\?\Volume{2dbdbcbe-0000-0000-0000-100000000000}\ (Vyhradené systémom) (Fixed) (Total:0.05 GB) (Free:0.02 GB) NTFS
\\?\Volume{2dbdbcbe-0000-0000-0000-d0d21b000000}\ () (Fixed) (Total:0.49 GB) (Free:0.08 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 111.8 GB) (Disk ID: 2DBDBCBE)
Partition 1: (Active) - (Size=50 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=506 MB) - (Type=27)

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 6C90B5D4)
Partition 1: (Not Active) - (Size=454.1 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=477.4 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================