Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-02-2021
Ran by p-mar (07-02-2021 12:48:06)
Running from C:\Users\p-mar\AppData\Local\Temp\scoped_dir16664_112868203
Windows 10 Home Version 1909 18363.1316 (X64) (2019-12-24 15:59:45)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-294003421-4142935270-3595641249-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-294003421-4142935270-3595641249-503 - Limited - Disabled)
Guest (S-1-5-21-294003421-4142935270-3595641249-501 - Limited - Disabled)
p-mar (S-1-5-21-294003421-4142935270-3595641249-1001 - Administrator - Enabled) => C:\Users\p-mar
WDAGUtilityAccount (S-1-5-21-294003421-4142935270-3595641249-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: F-Secure SAFE (Disabled - Up to date) {8AC831E5-DF57-0DC0-D07B-4DE1A5FFFD9A}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AV: McAfee VirusScan (Enabled - Up to date) {8BCDACFA-D264-3528-5EF8-E94FD0BC1FBC}
FW: McAfee Firewall (Enabled) {B3F62DDF-980B-3470-75A7-407A2E6F58C7}
FW: McAfee Firewall (Enabled) {CEB92439-04C2-6B62-DF3F-10F42A719C72}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

3uTools (HKLM-x32\...\3uTools) (Version: 2.55.012 - ShangHai ZhangZheng Network Technology Co., Ltd.)
Adobe Reader XI (11.0.23) - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.23 - Adobe Systems Incorporated)
AltServer (HKLM-x32\...\{F6FFD3DD-A872-4F18-BD81-334A52EF9BFE}) (Version: 1.4.1 - Riley Testut)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 20.10.2442 - Avast Software)
Balíček ovladače systému Windows - Google, Inc. (WinUSB) AndroidUsbDeviceClass  (01/27/2014 9.0.0000.00000) (HKLM\...\9CA77E2A8332A0824C54DA611BBE4CA24AB1F750) (Version: 01/27/2014 9.0.0000.00000 - Google, Inc.)
BitTorrent Web (HKU\S-1-5-21-294003421-4142935270-3595641249-1001\...\btweb) (Version: 1.1.3 - BitTorrent, Inc.)
BlueStacks App Player (HKLM\...\BlueStacks) (Version: 4.150.11.1001 - BlueStack Systems, Inc.)
BMW Standard Tools (HKLM-x32\...\{ 70994916-61E9-40D2-A30C-89D2C030017F}_is1) (Version: 2.12.0 - BMW Group)
CCleaner (HKLM\...\CCleaner) (Version: 5.76 - Piriform)
CDex - Digital Audio CD Extractor and Converter (HKLM-x32\...\CDex) (Version: 2.24.0.2020 - CDex.mu)
HP Audio Switch (HKLM-x32\...\{20A40E7C-E470-4E9F-9B5C-DDB2C205E856}) (Version: 1.0.154.0 - HP Inc.)
HP Connection Optimizer (HKLM-x32\...\{6468C4A5-E47E-405F-B675-A70A70983EA6}) (Version: 2.0.17.0 - HP Inc.)
HP Documentation (HKLM\...\HP_Documentation) (Version: 1.0.0.0 - HP Inc.)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 17.2.8.1029 - Intel Corporation)
Intel® Chipset Device Software (HKLM-x32\...\{eb0d4a41-3065-42b0-a868-c60d42d3ea98}) (Version: 10.1.17695.8086 - Intel(R) Corporation) Hidden
Intel® Optane™ Pinning Explorer Extensions (HKLM\...\{94979CD2-0904-47DE-A4AC-04F1C4524650}) (Version: 17.2.8.1029 - Intel Corporation)
Java 8 Update 231 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180231F0}) (Version: 8.0.2310.11 - Oracle Corporation)
Mi PC Suite (HKU\S-1-5-21-294003421-4142935270-3595641249-1001\...\MiPhoneManager) (Version:  - Xiaomi Inc.)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 88.0.705.63 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.139.71 - )
Microsoft Office 2019 Professional Plus - sk-sk (HKLM\...\ProPlus2019Retail - sk-sk) (Version: 16.0.13530.20440 - Microsoft Corporation)
Microsoft Office Professional Plus 2019 - cs-cz (HKLM\...\ProPlus2019Retail - cs-cz) (Version: 16.0.13530.20440 - Microsoft Corporation)
Microsoft Office Professional Plus 2019 - en-us (HKLM\...\ProPlus2019Retail - en-us) (Version: 16.0.13530.20440 - Microsoft Corporation)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 18.151.0729.0013 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-294003421-4142935270-3595641249-1001\...\OneDriveSetup.exe) (Version: 20.201.1005.0009 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{0BCA8FBE-0C1C-4C65-98A3-5D34AAF41737}) (Version: 2.70.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.16.27027 (HKLM-x32\...\{39e28474-b67b-4209-af1b-e9ad0a83d8ca}) (Version: 14.16.27027.1 - Microsoft Corporation)
Nero 7 Ultra Edition (HKLM-x32\...\{4F2CE68F-EDBB-4592-BF07-5AC930A51029}) (Version: 7.02.6446 - Nero AG)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.13530.20440 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.13530.20440 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.13530.20440 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.13530.20440 - Microsoft Corporation) Hidden
Opera Stable 73.0.3856.344 (HKU\S-1-5-21-294003421-4142935270-3595641249-1001\...\Opera 73.0.3856.344) (Version: 73.0.3856.344 - Opera Software)
Oracle VM VirtualBox 6.1.10 (HKLM\...\{0359AF05-E674-4ED4-B9FB-B77918617667}) (Version: 6.1.10 - Oracle Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.11 - VideoLAN)
WinRAR 5.91 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.91.0 - win.rar GmbH)
Wondershare Helper Compact 2.5.3 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.5.3 - Wondershare)
Wondershare UniConverter(Build 12.5.0.17) (HKLM\...\UniConverter_is1) (Version: 12.5.0.17 - Wondershare Software)

Packages:
=========
Amazon -> C:\Program Files\WindowsApps\Amazon.com.Amazon_2018.519.2815.0_x64__343d40qqvtj1t [2020-02-24] (Amazon.com)
Booking.com EMEA: Big savings on hotels in 96,000 destinations worldwide -> C:\Program Files\WindowsApps\PricelinePartnerNetwork.Booking.comEMEABigsavingso_2.0.4.0_x64__mgae2k3ys4ra0 [2020-09-25] (Priceline Partner Network)
Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_7.1.17.0_x86__kgqvnymyfvs32 [2020-12-19] (king.com)
Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_1.51.4.0_x86__kgqvnymyfvs32 [2021-01-31] (king.com)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-01-16] (Microsoft Corporation)
Dropbox promotion -> C:\Program Files\WindowsApps\C27EB4BA.DropboxOEM_20.4.3.0_x64__xbfy0k16fey96 [2020-01-20] (Dropbox Inc.)
Energy Star -> C:\Program Files\WindowsApps\AD2F1837.HPInc.EnergyStar_1.2.0.0_x64__v10z8vjag6ke6 [2019-10-31] (HP Inc.)
HP Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.HPAudioControl_1.7.197.0_x64__dt26b99r8h8gj [2020-02-09] (Realtek Semiconductor Corp)
HP JumpStarts -> C:\Program Files\WindowsApps\AD2F1837.HPJumpStarts_1.9.1548.0_x64__v10z8vjag6ke6 [2020-12-19] (HP Inc.)
HP PC Hardware Diagnostics Windows -> C:\Program Files\WindowsApps\AD2F1837.HPPCHardwareDiagnosticsWindows_1.6.8.0_x64__v10z8vjag6ke6 [2021-02-07] (HP Inc.)
HP Privacy Settings -> C:\Program Files\WindowsApps\AD2F1837.HPPrivacySettings_1.0.39.0_x64__v10z8vjag6ke6 [2020-10-03] (HP Inc.)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_122.1.778.0_x64__v10z8vjag6ke6 [2020-12-28] (HP Inc.)
HP Support Assistant -> C:\Program Files\WindowsApps\AD2F1837.HPSupportAssistant_9.6.870.0_x64__v10z8vjag6ke6 [2020-12-09] (HP Inc.)
HP System Event Utility -> C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_1.1.21.0_x64__v10z8vjag6ke6 [2020-09-14] (HP Inc.)
Intel® Graphics Control Panel -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsControlPanel_3.3.0.0_x64__8j3eq9eme6ctt [2020-02-26] (INTEL CORP)
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa [2020-12-23] (Apple Inc.) [Startup Task]
LinkedIn -> C:\Program Files\WindowsApps\7EE7776C.LinkedInforWindows_2.1.7098.0_neutral__w1wdnht996qgy [2019-12-31] (LinkedIn)
McAfee® Personal Security -> C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.54.0_x64__wafk5atnkzcwy [2020-12-03] (McAfee LLC.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-01-01] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-01-01] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.1102.0_x64__8wekyb3d8bbwe [2021-01-15] (Microsoft Studios) [MS Ad]
OfficeSuite Personal Free -> C:\Program Files\WindowsApps\MobiSystems.OfficeSuitePersonalFree_5.10.36816.0_x64__8m57vzdwnbybp [2021-01-31] (Mobisystems) [Startup Task]
Ovládací centrum grafiky Intel® -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3282.0_x64__8j3eq9eme6ctt [2021-01-02] (INTEL CORP) [Startup Task]
sMedio True DVD for HP -> C:\Program Files\WindowsApps\0E3921EB.sMedioTrueDVDforHP_1.1.128.0_x64__agwrg61xdd7p4 [2020-07-25] (sMedio Inc.)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.152.687.0_x86__zpdnekdrzrea0 [2021-02-07] (Spotify AB) [Startup Task]
Synaptics TouchPad -> C:\Program Files\WindowsApps\SynapticsIncorporated.SynHPConsumerDApp_19005.35054.0.0_x64__807d65c4rvak2 [2020-03-29] (Synaptics Incorporated)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [  OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2019-03-27] () [File not signed]
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-01-01] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-01-01] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-01-01] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1-x32: [Cover Designer] -> {73FCA462-9BD5-4065-A73F-A8E5F6904EF7} => C:\Program Files (x86)\Nero\Nero 7\Nero CoverDesigner\CoverEdExtension.dll [2007-02-28] (Nero AG -> Nero AG)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-01-01] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2019-03-27] () [File not signed]
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-01-01] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2019-09-04 11:30 - 2019-09-04 11:30 - 000041984 _____ () [File not signed] C:\Program Files (x86)\AltServer\boost_date_time-vc142-mt-x32-1_70.dll
2019-09-04 11:17 - 2019-09-04 11:17 - 000132608 _____ () [File not signed] C:\Program Files (x86)\AltServer\brotlicommon.dll
2019-09-04 11:17 - 2019-09-04 11:17 - 000044032 _____ () [File not signed] C:\Program Files (x86)\AltServer\brotlidec.dll
2019-09-04 11:17 - 2019-09-04 11:17 - 002841088 _____ () [File not signed] C:\Program Files (x86)\AltServer\brotlienc.dll
2019-09-04 11:32 - 2019-09-04 11:32 - 001496064 _____ () [File not signed] C:\Program Files (x86)\AltServer\cpprest_2_10.dll
2020-11-11 11:20 - 2020-11-11 11:20 - 000147456 _____ () [File not signed] C:\Program Files (x86)\AltServer\imobiledevice.dll
2020-11-11 11:20 - 2020-11-11 11:20 - 000164864 _____ () [File not signed] C:\Program Files (x86)\AltServer\ldid.dll
2020-11-11 11:20 - 2020-11-11 11:20 - 000053760 _____ () [File not signed] C:\Program Files (x86)\AltServer\plist.dll
2020-11-11 11:20 - 2020-11-11 11:20 - 000032256 _____ () [File not signed] C:\Program Files (x86)\AltServer\usbmuxd.dll
2019-09-04 11:17 - 2019-09-04 11:17 - 000073216 _____ () [File not signed] C:\Program Files (x86)\AltServer\zlib1.dll
2021-01-01 11:39 - 2016-07-21 10:54 - 000137728 _____ () [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll
2021-01-01 11:39 - 2017-03-23 09:49 - 001506304 _____ () [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll
2020-12-18 20:56 - 2020-12-18 20:56 - 001414656 _____ () [File not signed] C:\Users\p-mar\AppData\Roaming\BitTorrent Web\avcodec-58.dll
2020-12-18 20:56 - 2020-12-18 20:56 - 000898048 _____ () [File not signed] C:\Users\p-mar\AppData\Roaming\BitTorrent Web\avformat-58.dll
2020-12-18 20:56 - 2020-12-18 20:56 - 000451072 _____ () [File not signed] C:\Users\p-mar\AppData\Roaming\BitTorrent Web\avutil-56.dll
2020-12-18 20:56 - 2020-12-18 20:56 - 000151552 _____ () [File not signed] C:\Users\p-mar\AppData\Roaming\BitTorrent Web\swresample-3.dll
2020-12-19 14:58 - 2020-12-19 14:58 - 000138240 _____ () [File not signed] C:\windows\assembly\NativeImages_v4.0.30319_32\Interop.IWs06dcaa36#\0981b715b9751bc5e1b78974fd25036b\Interop.IWshRuntimeLibrary.ni.dll
2019-07-08 19:10 - 2019-07-08 19:10 - 000079360 _____ (GnuWin32 <hxxp://gnuwin32.sourceforge.net>) [File not signed] C:\Program Files (x86)\AltServer\regex2.dll
2020-12-19 14:57 - 2020-12-19 14:57 - 000134656 _____ (hardcodet.net) [File not signed] C:\windows\assembly\NativeImages_v4.0.30319_32\Hardcodet.W6cab32f3#\c5a68414575c523015c8179a766b8d90\Hardcodet.Wpf.TaskbarNotification.ni.dll
2020-06-29 18:03 - 2020-06-29 18:03 - 000014336 _____ (HP Inc.) [File not signed] C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_1.1.21.0_x64__v10z8vjag6ke6\SystemEventUtility\NativeRpcClient.DLL
2019-03-27 15:29 - 2019-03-27 15:29 - 000126976 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\OptaneShellExtensions\iaStorAfsServiceApi.dll
2020-12-19 14:58 - 2020-12-19 14:58 - 001591808 _____ (Mark Heath) [File not signed] C:\windows\assembly\NativeImages_v4.0.30319_32\NAudio\fbcaa7399965b9fbb8f3d29f4c256a8b\NAudio.ni.dll
2020-12-19 14:58 - 2020-12-19 14:58 - 003127808 _____ (Newtonsoft) [File not signed] C:\windows\assembly\NativeImages_v4.0.30319_32\Newtonsoft.Json\25222742aad21e28113128c6562f37e9\Newtonsoft.Json.ni.dll
2020-12-19 14:58 - 2020-12-19 14:58 - 000793088 _____ (The Apache Software Foundation) [File not signed] C:\windows\assembly\NativeImages_v4.0.30319_32\log4net\ed38c2e9fc71e5335a6fbf3bebf2ad34\log4net.ni.dll
2018-11-22 15:48 - 2018-11-22 15:48 - 001374208 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\AltServer\LIBEAY32.dll
2018-11-22 15:48 - 2018-11-22 15:48 - 000337920 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\AltServer\SSLEAY32.dll
2020-12-18 20:56 - 2020-12-18 20:56 - 001277952 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Users\p-mar\AppData\Roaming\BitTorrent Web\LIBEAY32.dll
2020-12-18 20:56 - 2020-12-18 20:56 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Users\p-mar\AppData\Roaming\BitTorrent Web\SSLEAY32.dll
2019-05-28 21:35 - 2019-05-28 21:35 - 002507264 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Program Files (x86)\AltServer\libcrypto-1_1.dll
2019-05-28 21:35 - 2019-05-28 21:35 - 000530432 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Program Files (x86)\AltServer\libssl-1_1.dll
2019-12-11 13:21 - 2019-12-11 13:21 - 001930240 _____ (winsparkle.org) [File not signed] C:\Program Files (x86)\AltServer\WinSparkle.dll
2021-01-01 11:39 - 2017-03-23 09:52 - 000708608 _____ (Wondershare) [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSProducstInfo.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp17win10.msn.com/?pc=HCTE
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp17win10.msn.com/?pc=HCTE
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\S-1-5-21-294003421-4142935270-3595641249-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\S-1-5-21-294003421-4142935270-3595641249-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
SearchScopes: HKLM -> {139B9E6C-63AC-4BCD-976F-38E0C0A99B2C} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {139B9E6C-63AC-4BCD-976F-38E0C0A99B2C} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-294003421-4142935270-3595641249-1001 -> {139B9E6C-63AC-4BCD-976F-38E0C0A99B2C} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2021-01-14] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_231\bin\ssv.dll [2019-12-24] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_231\bin\jp2ssv.dll [2019-12-24] (Oracle America, Inc. -> Oracle Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2019-12-31] (HP Inc. -> HP Inc.)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-01-14] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2019-12-31] (HP Inc. -> HP Inc.)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-01-14] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-01-14] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-01-14] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-01-14] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-01-14] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-01-14] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-01-14] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-01-14] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-03-19 05:49 - 2021-01-01 11:54 - 000001756 _____ C:\windows\system32\drivers\etc\hosts
127.0.0.1	www.wondershare.net
127.0.0.1	www.wondershare.com
127.0.0.1	www.wondershare.web
127.0.0.1	filmora.wondershare.com
127.0.0.1	mobilego.wondershare.com
127.0.0.1	support.wondershare.net
127.0.0.1	support.wondershare.com
127.0.0.1	cbs.wondershare.com
127.0.0.1	cbs.wondershare.net
127.0.0.1	platform.wondershare.com
127.0.0.1	statics.was.wondershare.com
127.0.0.1	resource.wondershare.com
127.0.0.1	myphone-download.wondershare.cc
127.0.0.1	antipiracy.wondershare.com
127.0.0.1	cc-antipiracy.wondershare.cc
127.0.0.1	sparrow.wondershare.com
127.0.0.1	dc.wondershare.cc
127.0.0.1	cbs.wondershare.cn
127.0.0.1	api.wondershare.com
127.0.0.1	product-api.wondershare.com
127.0.0.1	myphone-api.wondershare.cc
127.0.0.1	order-api.wondershare.com
127.0.0.1	www.media.io
127.0.0.1	www.keepvid.cc
127.0.0.1	srv1.keepvid.cc
127.0.0.1	pop.wondershare.com
127.0.0.1	pop.iskysoft.com
127.0.0.1	pop.aimersoft.com

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\windows\system32;C:\windows;C:\windows\System32\Wbem;C:\windows\System32\WindowsPowerShell\v1.0\;C:\windows\System32\OpenSSH\;c:\ediabas\bin;C:\Users\p-mar\AppData\Local\Microsoft\WindowsApps;C:\adb
HKU\S-1-5-21-294003421-4142935270-3595641249-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\p-mar\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.101.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

Network Binding:
=============
Ethernet: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled) 
Wi-Fi: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled) 
VirtualBox Host-Only Network: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled) 

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{9ABD1D79-72D7-44CA-9F22-D8DF8931FC22}] => (Allow) C:\Program Files\BlueStacks\HD-Player.exe (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
FirewallRules: [TCP Query User{99A0CBCD-30C7-4184-9634-6DF7E16D6611}C:\users\p-mar\appdata\local\programs\opera\65.0.3467.78_0\opera.exe] => (Allow) C:\users\p-mar\appdata\local\programs\opera\65.0.3467.78_0\opera.exe => No File
FirewallRules: [UDP Query User{713B7F6E-5A4C-481B-8CC2-4301AABCBBB8}C:\users\p-mar\appdata\local\programs\opera\65.0.3467.78_0\opera.exe] => (Allow) C:\users\p-mar\appdata\local\programs\opera\65.0.3467.78_0\opera.exe => No File
FirewallRules: [TCP Query User{004C585A-0B2D-48DF-9A0F-A86154C6E0D9}C:\users\p-mar\appdata\local\programs\opera\66.0.3515.72\opera.exe] => (Block) C:\users\p-mar\appdata\local\programs\opera\66.0.3515.72\opera.exe => No File
FirewallRules: [UDP Query User{7300C360-92E8-465F-B4A4-D8039656E0F9}C:\users\p-mar\appdata\local\programs\opera\66.0.3515.72\opera.exe] => (Block) C:\users\p-mar\appdata\local\programs\opera\66.0.3515.72\opera.exe => No File
FirewallRules: [TCP Query User{29749543-6C04-4635-93EF-ACBAB248A4AC}C:\users\p-mar\appdata\local\programs\opera\66.0.3515.115\opera.exe] => (Allow) C:\users\p-mar\appdata\local\programs\opera\66.0.3515.115\opera.exe => No File
FirewallRules: [UDP Query User{0631C280-BBF1-4EC5-875D-0D793FE9D704}C:\users\p-mar\appdata\local\programs\opera\66.0.3515.115\opera.exe] => (Allow) C:\users\p-mar\appdata\local\programs\opera\66.0.3515.115\opera.exe => No File
FirewallRules: [TCP Query User{6B17F84A-7B82-4FFA-95FC-EA282FBA062C}C:\users\p-mar\appdata\local\programs\opera\67.0.3575.53\opera.exe] => (Allow) C:\users\p-mar\appdata\local\programs\opera\67.0.3575.53\opera.exe => No File
FirewallRules: [UDP Query User{64EA5E07-7372-44EB-B3F9-69414783ED40}C:\users\p-mar\appdata\local\programs\opera\67.0.3575.53\opera.exe] => (Allow) C:\users\p-mar\appdata\local\programs\opera\67.0.3575.53\opera.exe => No File
FirewallRules: [{67113357-C4A0-47EB-B188-7E6924D04D6B}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{74C60A01-44FA-48FE-9A42-A41B940E416A}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{34429CD8-0C62-4AD1-A5F8-B6C43C6FA54F}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5C52DFE5-20DD-4C28-85DF-D884608692B4}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{57680D16-63F7-4B96-A0E4-233D6E46F667}C:\users\p-mar\appdata\local\programs\opera\67.0.3575.115\opera.exe] => (Block) C:\users\p-mar\appdata\local\programs\opera\67.0.3575.115\opera.exe => No File
FirewallRules: [UDP Query User{D3405194-D9F2-42A7-9EF7-52ACC3756D2D}C:\users\p-mar\appdata\local\programs\opera\67.0.3575.115\opera.exe] => (Block) C:\users\p-mar\appdata\local\programs\opera\67.0.3575.115\opera.exe => No File
FirewallRules: [TCP Query User{3598997A-17D1-455D-8406-30AEBD31737A}C:\users\p-mar\appdata\local\programs\opera\67.0.3575.137\opera.exe] => (Allow) C:\users\p-mar\appdata\local\programs\opera\67.0.3575.137\opera.exe => No File
FirewallRules: [UDP Query User{3E5C901B-26BF-43BB-90A3-32DCA90ECAE6}C:\users\p-mar\appdata\local\programs\opera\67.0.3575.137\opera.exe] => (Allow) C:\users\p-mar\appdata\local\programs\opera\67.0.3575.137\opera.exe => No File
FirewallRules: [TCP Query User{718404F9-F2CF-4B06-8268-9A8FAD285C57}C:\users\p-mar\appdata\local\programs\opera\68.0.3618.63\opera.exe] => (Block) C:\users\p-mar\appdata\local\programs\opera\68.0.3618.63\opera.exe => No File
FirewallRules: [UDP Query User{6AE984FD-D12C-423D-B3A6-E16189E5D412}C:\users\p-mar\appdata\local\programs\opera\68.0.3618.63\opera.exe] => (Block) C:\users\p-mar\appdata\local\programs\opera\68.0.3618.63\opera.exe => No File
FirewallRules: [TCP Query User{E6EFB769-7A76-4D15-ACBC-3CF6B48FABF0}C:\users\p-mar\appdata\local\programs\opera\68.0.3618.125\opera.exe] => (Block) C:\users\p-mar\appdata\local\programs\opera\68.0.3618.125\opera.exe => No File
FirewallRules: [UDP Query User{9D191DBA-6723-4F5C-B686-51A956388629}C:\users\p-mar\appdata\local\programs\opera\68.0.3618.125\opera.exe] => (Block) C:\users\p-mar\appdata\local\programs\opera\68.0.3618.125\opera.exe => No File
FirewallRules: [TCP Query User{52413527-8730-47AF-B13A-96A0D1CC2051}C:\ediabas\bin\dr gini.exe] => (Allow) C:\ediabas\bin\dr gini.exe (GiniTeck GmbH) [File not signed]
FirewallRules: [UDP Query User{2731EE0F-A0D6-43A1-BC8B-DF630D24AE94}C:\ediabas\bin\dr gini.exe] => (Allow) C:\ediabas\bin\dr gini.exe (GiniTeck GmbH) [File not signed]
FirewallRules: [{3CFBBBD9-ABD6-4684-89B0-449A6CD26B8B}] => (Allow) C:\Users\p-mar\AppData\Roaming\uTorrent\uTorrent.exe => No File
FirewallRules: [{2F54B8C9-5007-4B0C-AAF7-1FF278E7CE28}] => (Allow) C:\Users\p-mar\AppData\Roaming\uTorrent\uTorrent.exe => No File
FirewallRules: [TCP Query User{A937B9C6-5A09-40B5-B66C-88C1A1598338}C:\users\p-mar\appdata\local\programs\opera\68.0.3618.173\opera.exe] => (Allow) C:\users\p-mar\appdata\local\programs\opera\68.0.3618.173\opera.exe => No File
FirewallRules: [UDP Query User{F3D00265-4060-41CE-8BB3-F79E7C0FB77F}C:\users\p-mar\appdata\local\programs\opera\68.0.3618.173\opera.exe] => (Allow) C:\users\p-mar\appdata\local\programs\opera\68.0.3618.173\opera.exe => No File
FirewallRules: [TCP Query User{82AB8704-982A-4A92-9416-4A67AA58EE63}C:\users\p-mar\appdata\local\programs\opera\69.0.3686.77\opera.exe] => (Allow) C:\users\p-mar\appdata\local\programs\opera\69.0.3686.77\opera.exe => No File
FirewallRules: [UDP Query User{E5948CB3-45A6-4989-9C26-B7973F20F2D2}C:\users\p-mar\appdata\local\programs\opera\69.0.3686.77\opera.exe] => (Allow) C:\users\p-mar\appdata\local\programs\opera\69.0.3686.77\opera.exe => No File
FirewallRules: [{0DDCBABC-FF03-4393-ADC2-42CE77E7D0B4}] => (Allow) C:\Users\p-mar\AppData\Roaming\BitTorrent Web\btweb.exe (Jenkins Win Client Build CA -> BitTorrent Inc.) [File not signed]
FirewallRules: [{1B4DC356-17FD-4688-BF1B-B0F0ABD05A87}] => (Allow) C:\Users\p-mar\AppData\Roaming\BitTorrent Web\btweb.exe (Jenkins Win Client Build CA -> BitTorrent Inc.) [File not signed]
FirewallRules: [TCP Query User{DB143CC2-FFE3-4A42-8F27-96FD8279E662}C:\users\p-mar\appdata\local\programs\opera\69.0.3686.95\opera.exe] => (Allow) C:\users\p-mar\appdata\local\programs\opera\69.0.3686.95\opera.exe => No File
FirewallRules: [UDP Query User{82E302A5-8777-4D51-84DA-0D7E4C7EDBDC}C:\users\p-mar\appdata\local\programs\opera\69.0.3686.95\opera.exe] => (Allow) C:\users\p-mar\appdata\local\programs\opera\69.0.3686.95\opera.exe => No File
FirewallRules: [TCP Query User{EB855D37-447E-46FC-9DED-7A58D0C6F7F3}C:\users\p-mar\appdata\local\programs\opera\70.0.3728.106\opera.exe] => (Block) C:\users\p-mar\appdata\local\programs\opera\70.0.3728.106\opera.exe => No File
FirewallRules: [UDP Query User{FF0E0277-F282-4861-816D-EE12A80188FC}C:\users\p-mar\appdata\local\programs\opera\70.0.3728.106\opera.exe] => (Block) C:\users\p-mar\appdata\local\programs\opera\70.0.3728.106\opera.exe => No File
FirewallRules: [{D91D34A8-EE2D-4C15-8551-97D08CF8207C}] => (Allow) C:\Users\p-mar\AppData\Local\MiPhoneManager\main\MiPCSuite.exe (Xiaomi Technology Inc -> Xiaomi.Inc)
FirewallRules: [TCP Query User{E946C08D-5733-455F-A241-C9876348CC83}C:\users\p-mar\appdata\roaming\xiaomi\miphonemanager\plugin\xunlei\download\minithunderplatform.exe] => (Allow) C:\users\p-mar\appdata\roaming\xiaomi\miphonemanager\plugin\xunlei\download\minithunderplatform.exe (ShenZhen Thunder Networking Technologies Ltd. -> 深圳市迅雷网络技术有限公司)
FirewallRules: [UDP Query User{F9D18C86-C728-404D-9D77-C3D1F0AE6A02}C:\users\p-mar\appdata\roaming\xiaomi\miphonemanager\plugin\xunlei\download\minithunderplatform.exe] => (Allow) C:\users\p-mar\appdata\roaming\xiaomi\miphonemanager\plugin\xunlei\download\minithunderplatform.exe (ShenZhen Thunder Networking Technologies Ltd. -> 深圳市迅雷网络技术有限公司)
FirewallRules: [{98D9B840-0CFD-40F6-9994-F66B862AB26E}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{DEC314D4-ACC0-4EC2-AA89-9BD2ED33DD5B}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{6BA3B64D-D122-4D48-AC31-3BD88DF15BE5}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{5FE2CA74-B5A7-4CBE-AF0E-C580480D5DAF}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{1236ED6E-4586-4E14-85AA-4B04BAE475C1}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{AA6C1575-7579-4035-B229-89BAF33E636A}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{7FABE439-0CF0-4E02-A7B4-D445C64AD2FA}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{77703A27-49CA-454A-A5A5-B1C888384BB2}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{62C59FDB-5FE1-4CE8-8E96-47BE1808B159}C:\program files\java\jre1.8.0_231\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_231\bin\javaw.exe
FirewallRules: [UDP Query User{3D758F0A-90EE-48F8-A5ED-1CADDD57D202}C:\program files\java\jre1.8.0_231\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_231\bin\javaw.exe
FirewallRules: [{6DF497EB-2273-49CE-963A-6E900A3E2542}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{52FE1E53-B20C-4244-8137-D85169F886A3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{BC56F927-7793-4BCE-8D41-BBED2202C425}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{36F2EE7D-34D5-4EB0-B3C6-813946A37B36}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A45E0E7B-2EB2-4787-B679-A814B0BFA9FB}] => (Allow) C:\Program Files (x86)\3uTools\libXunlei\Download\MiniThunderPlatform.exe (ShenZhen Thunder Networking Technologies Ltd. -> 深圳市迅雷网络技术有限公司)
FirewallRules: [{0C015C89-8C7C-4E8D-907C-017B6190F769}] => (Allow) C:\Program Files (x86)\3uTools\libXunlei\Download\MiniThunderPlatform.exe (ShenZhen Thunder Networking Technologies Ltd. -> 深圳市迅雷网络技术有限公司)
FirewallRules: [{09542549-6C89-4FBF-8711-5A601B1EFA1E}] => (Allow) LPort=80
FirewallRules: [{1A88B479-60CD-4113-A5E0-BBB13073C03A}] => (Allow) c:\users\p-mar\appdata\local\programs\opera\73.0.3856.329\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{8E676F32-A286-438C-B5F1-BD0DCAB246E3}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C131A77D-B270-43BA-9A41-8D5AE9692D7A}] => (Allow) c:\users\p-mar\appdata\local\programs\opera\73.0.3856.344\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [TCP Query User{294A0245-530A-4029-900D-A9428533EB3B}C:\program files (x86)\altserver\altserver.exe] => (Allow) C:\program files (x86)\altserver\altserver.exe (AltStore LLC) [File not signed]
FirewallRules: [UDP Query User{676A2D6C-1AFB-4C0B-B73C-0419ED1D96D6}C:\program files (x86)\altserver\altserver.exe] => (Allow) C:\program files (x86)\altserver\altserver.exe (AltStore LLC) [File not signed]
FirewallRules: [{E546D73A-67E9-4E76-B1CB-E865D672139E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.152.687.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{74CE1FA1-A217-4F34-8497-E96704C70F9D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.152.687.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{E92114D3-A59C-48BD-A721-B8A6BF87372A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.152.687.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{F6DDE5D3-5FDE-4773-9992-B064E811F463}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.152.687.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{0A9E9050-5939-47A6-91BF-9A321E282421}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.152.687.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{7CCF0601-FBE6-4645-9755-846AF4BEB9C9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.152.687.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{E897B51B-C42B-4A26-9574-7FD3480A8CF3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.152.687.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{DA307660-4AE2-4296-B2AD-AF07F0748659}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.152.687.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)

==================== Restore Points =========================

07-01-2021 18:32:05 HPSF Applying updates
15-01-2021 18:57:58 Windows Update
23-01-2021 12:40:46 Installed AltServer

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (02/07/2021 12:33:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: BridgeCommunication.exe, verze: 1.28.2197.0, časové razítko: 0x5fd25f2f
Název chybujícího modulu: ntmarta.dll, verze: 10.0.18362.1, časové razítko: 0xd95e6299
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000001fe26
ID chybujícího procesu: 0x40a4
Čas spuštění chybující aplikace: 0x01d6fd451a38eaa9
Cesta k chybující aplikaci: C:\windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_06530f962635deac\x64\BridgeCommunication.exe
Cesta k chybujícímu modulu: C:\windows\SYSTEM32\ntmarta.dll
ID zprávy: ed9e88f8-fe9a-49aa-a471-d417993d56d2
Úplný název chybujícího balíčku: 
ID aplikace související s chybujícím balíčkem:

Error: (01/23/2021 12:44:59 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.

Error: (01/23/2021 12:44:59 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]

Error: (01/23/2021 12:44:59 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.

Error: (01/23/2021 12:44:59 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]

Error: (01/23/2021 12:44:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: AppleMobileDeviceProcess.exe, verze: 486.0.2.23, časové razítko: 0x5f4a4460
Název chybujícího modulu: ntdll.dll, verze: 10.0.18362.1316, časové razítko: 0x45a49e53
Kód výjimky: 0xc0000374
Posun chyby: 0x00000000000f9059
ID chybujícího procesu: 0x3e44
Čas spuštění chybující aplikace: 0x01d6f17cf3edaac9
Cesta k chybující aplikaci: C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe
Cesta k chybujícímu modulu: C:\windows\SYSTEM32\ntdll.dll
ID zprávy: 267e3329-20dd-4894-94af-da88e0de5faf
Úplný název chybujícího balíčku: AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa
ID aplikace související s chybujícím balíčkem: iTunes

Error: (01/23/2021 12:42:39 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program iTunes.exe verze 12.11.0.26 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 2594

Čas spuštění: 01d6f17cacc5face

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Program Files\WindowsApps\AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa\iTunes.exe

ID hlášení: b167bc1e-ea72-4033-97a2-e3c81575d6bc

Úplný název balíčku s chybou: AppleInc.iTunes_12110.26.53016.0_x64__nzyj5cx40ttqa

ID aplikace relativní podle balíčku s chybou: iTunes

Typ zablokování: Cross-thread

Error: (01/23/2021 12:23:46 PM) (Source: Microsoft-Windows-AppModel-State) (EventID: 12) (User: LAPTOP-36VMAMV7)
Description: Microsoft.YourPhone_8wekyb3d8bbwe-2147023878


System errors:
=============
Error: (02/07/2021 12:35:32 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-36VMAMV7)
Description: Server Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (02/05/2021 02:33:54 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-36VMAMV7)
Description: Server Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (02/04/2021 01:41:42 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-36VMAMV7)
Description: Server Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (02/02/2021 11:24:37 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-36VMAMV7)
Description: Server Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (02/01/2021 03:20:06 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-36VMAMV7)
Description: Server Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (01/31/2021 06:42:02 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-36VMAMV7)
Description: Server {FD06603A-2BDF-4BB1-B7DF-5DC68F353601} se v daném časovém limitu neregistroval u služby DCOM.

Error: (01/31/2021 06:40:30 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9MWK7RN11C5Z-MobiSystems.OfficeSuitePersonalFree.

Error: (01/31/2021 06:36:24 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-36VMAMV7)
Description: Server Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca se v daném časovém limitu neregistroval u služby DCOM.


Windows Defender:
===================================
Date: 2020-06-05 12:58:46.212
Description: 
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 
Předchozí verze bezpečnostních informací: 1.307.2559.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu: 
Předchozí verze modulu: 1.1.16600.7
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru. 

Date: 2020-06-05 12:58:46.211
Description: 
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 
Předchozí verze bezpečnostních informací: 1.307.2559.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu: 
Předchozí verze modulu: 1.1.16600.7
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru. 

Date: 2020-06-05 12:58:46.211
Description: 
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 
Předchozí verze bezpečnostních informací: 1.307.2559.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu: 
Předchozí verze modulu: 1.1.16600.7
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru. 

Date: 2020-06-05 12:58:46.199
Description: 
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 
Předchozí verze bezpečnostních informací: 1.307.2559.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu: 
Předchozí verze modulu: 1.1.16600.7
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru. 

Date: 2020-06-05 12:58:46.199
Description: 
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 
Předchozí verze bezpečnostních informací: 1.307.2559.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu: 
Předchozí verze modulu: 1.1.16600.7
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru. 

CodeIntegrity:
===================================

Date: 2021-02-07 12:34:43.497
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2021-02-07 12:34:43.450
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2021-02-07 12:34:11.282
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2021-02-07 12:34:11.267
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2021-02-07 12:34:11.255
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2021-02-07 12:34:11.245
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2021-02-07 12:34:11.228
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2021-02-05 14:32:49.725
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

==================== Memory info =========================== 

BIOS: Insyde F.22 08/28/2019
Motherboard: HP 8532
Processor: Intel(R) Core(TM) i5-8265U CPU @ 1.60GHz
Percentage of memory in use: 70%
Total physical RAM: 8078.3 MB
Available physical RAM: 2383.61 MB
Total Virtual: 9358.3 MB
Available Virtual: 3100.61 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:237.72 GB) (Free:129.48 GB) NTFS

\\?\Volume{606aa89a-24cb-4b35-acae-68425e7f8193}\ (Windows RE tools) (Fixed) (Total:0.48 GB) (Free:0.06 GB) NTFS
\\?\Volume{c202b877-7fe5-4b10-bb8f-af6edbc8faa3}\ () (Removable) (Total:0 GB) (Free:0 GB) 
\\?\Volume{c202b877-7fe5-4b10-bb8a-af6edbc8faa3}\ () (Removable) (Total:0 GB) (Free:0 GB) 
\\?\Volume{b2f0c256-ce2f-4531-912f-92243ab1fcef}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.19 GB) FAT32
\\?\Volume{c202b877-7fe5-4b10-bb8c-af6edbc8faa3}\ () (Removable) (Total:0 GB) (Free:0 GB) FAT

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: 19FCEDE9)

Partition: GPT.

==========================================================
Disk: 1 (Protective MBR) (Size: 7.3 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================