Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-09-2019
Ran by Ota (17-09-2019 07:31:45)
Running from C:\Users\Ota\Desktop
Windows 10 Home Version 1903 18362.356 (X64) (2019-09-14 05:52:49)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-554986064-1367882024-3811459060-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-554986064-1367882024-3811459060-503 - Limited - Disabled)
Guest (S-1-5-21-554986064-1367882024-3811459060-501 - Limited - Disabled)
oem (S-1-5-21-554986064-1367882024-3811459060-1001 - Administrator - Enabled) => C:\Users\oem
Ota (S-1-5-21-554986064-1367882024-3811459060-1005 - Administrator - Enabled) => C:\Users\Ota
WDAGUtilityAccount (S-1-5-21-554986064-1367882024-3811459060-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Norton Security (Enabled - Up to date) {A2708B76-6835-6565-CB96-694212954A75}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Norton Security (Enabled) {9A4B0A53-225A-643D-E0C9-C077EC460D0E}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 15.12 (x64) (HKLM\...\7-Zip) (Version: 15.12 - Igor Pavlov)
ABBYY FineReader 9.0 Sprint (HKLM-x32\...\{F9000000-0018-0000-0000-074957833700}) (Version: 9.00.631.5823 - ABBYY) Hidden
ABBYY FineReader 9.0 Sprint (HKLM-x32\...\ABBYY FineReader 9.0 Sprint) (Version: 9.00.631.5823 - ABBYY)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.012.20040 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.255 - Adobe)
Advertising Center (HKLM-x32\...\{b2ec4a38-b545-4a00-8214-13fe0e915e6d}) (Version: 0.0.0.1 - Nero AG) Hidden
Apple Mobile Device Support (HKLM\...\{5FA8C4BE-8C74-4B9C-9B49-EBF759230189}) (Version: 12.1.0.25 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.71.1081 - AB Team, d.o.o.)
calibre 64bit (HKLM\...\{2C03B986-18B6-456E-BA48-03463D8EB355}) (Version: 2.67.0 - Kovid Goyal)
CCleaner (HKLM\...\CCleaner) (Version: 5.61 - Piriform)
CloneCD (HKLM-x32\...\CloneCD) (Version:  - SlySoft)
CS Codec Solution 1.10 (HKLM-x32\...\CS Codec Solution_is1) (Version: 1.10 - CS Software)
Epson Connect Printer Setup (HKLM-x32\...\{D9B1D51B-EB56-410D-AEB5-1CCFAC4B6C8C}) (Version: 1.3.0 - SEIKO EPSON CORPORATION)
Epson Easy Photo Print 2 (HKLM-x32\...\{02A312B5-1542-47B6-BFE9-F51358C39E86}) (Version: 2.4.0.0 - SEIKO EPSON CORPORATION)
Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) (HKLM-x32\...\{B2D55EB8-32C5-4B43-9006-9E97DECBA178}) (Version: 1.00.0000 - SEIKO EPSON CORPORATION2)
Epson Event Manager (HKLM-x32\...\{8F01524C-0676-4CC1-B4AE-64753C723391}) (Version: 3.01.0005 - Seiko Epson Corporation)
Epson E-Web Print (HKLM-x32\...\{6BF9F374-EC67-4808-A90C-F127DE6D989D}) (Version: 1.23.0000 - SEIKO EPSON CORPORATION)
Epson Print CD (HKLM-x32\...\{D16A31F9-276D-4968-A753-FFEAC56995D0}) (Version: 2.20.00 - SEIKO EPSON CORPORATION)
EPSON Printer Finder (HKLM-x32\...\{B8ECD0D3-AE08-4891-B6C7-32F96B75EB6C}) (Version: 1.0.0 - SEIKO EPSON CORPORATION)
Epson Příručka pro síť XP-600 Series (HKLM-x32\...\XP-600 Series Netg) (Version:  - )
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
Epson Uživatelská příručka XP-600 Series (HKLM-x32\...\XP-600 Series Useg) (Version:  - )
EPSON XP-600 Series Printer Uninstall (HKLM\...\EPSON XP-600 Series) (Version:  - SEIKO EPSON Corporation)
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.6.0 - SEIKO EPSON CORPORATION)
FormApps Signing Extension (HKLM-x32\...\{2246B06F-AED2-42BA-A6D7-B72F591C1116}) (Version: 2.19.1.39 - Software602 a.s.)
FormatFactory 4.0.0.0 (HKLM-x32\...\FormatFactory) (Version: 4.0.0.0 - Free Time)
GOM Audio (HKLM-x32\...\GomAudio) (Version: 2.2.10.0 - GOM & Company)
GOM Player (HKLM-x32\...\GOM Player) (Version: 2.3.44.5306 - GOM & Company)
GOMPLAYERENSETUP 2.2.62.5209 (HKLM-x32\...\GOMPLAYERENSETUP 2.2.62.5209) (Version:  - )
Google Earth Pro (HKLM\...\{70A0F34E-564B-4F93-ADD6-3BAEC6E44075}) (Version: 7.3.2.5776 - Google)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 76.0.3809.132 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
HandBrake 1.0.7 (HKLM-x32\...\HandBrake) (Version: 1.0.7 - )
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4835 - Intel Corporation)
iTunes (HKLM\...\{288617D6-B455-4C00-8BFE-46B023202CF1}) (Version: 12.9.2.6 - Apple Inc.)
Java 8 Update 221 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180221F0}) (Version: 8.0.2210.11 - Oracle Corporation)
LanguageLab (HKLM-x32\...\{E6F4BB0D-0239-454C-AA75-03EE8A1D8770}) (Version: 3.9.2.1 - Vitware)
Manažer elektronických podání (HKLM-x32\...\MRP eSubmit) (Version:  - MRP)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM-x32\...\{90110405-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Mozilla Firefox 69.0 (x64 cs) (HKLM\...\Mozilla Firefox 69.0 (x64 cs)) (Version: 69.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 69.0.0.7178 - Mozilla)
Mozilla Thunderbird 60.9.0 (x86 cs) (HKLM-x32\...\Mozilla Thunderbird 60.9.0 (x86 cs)) (Version: 60.9.0 - Mozilla)
MRP Aktualizační manažer (HKLM-x32\...\MRP NetAgent CZ_is1) (Version: 2.3.32 - MRP)
MRP Tiskový manažer (HKLM-x32\...\MRP MRPPRN) (Version:  - MRP)
Multimedia Mouse Driver version 1.2 (HKLM-x32\...\{D1446C63-11CC-46F0-8CC7-6C8E81676DE3}_is1) (Version: 1.2 - SQT)
Nero 9 Essentials (HKLM-x32\...\{7b094e03-cc48-48c3-9089-86b17586bccb}) (Version:  - Nero AG)
Norton Security (HKLM-x32\...\NGC) (Version: 22.18.0.213 - Symantec Corporation)
Ovládací panel NVIDIA 353.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 353.30 - NVIDIA Corporation) Hidden
Ovladače videa společnosti Pinnacle (HKLM\...\{6DE721A5-5E89-4D74-994C-652BB3C0672E}) (Version: 12.1.0.030 - Pinnacle Systems)
PicosmosTools 1.8.5.0 (HKLM-x32\...\PicosmosTools) (Version: 1.8.5.0 - Free Time)
Pinnacle Studio 15 (HKLM-x32\...\{1362E602-9625-42D3-B57F-CDA9D26F9DA8}) (Version: 15.0.0.7593 - Pinnacle Systems)
Pinnale Systems Software Keys (HKLM-x32\...\{616CD10B-1EC7-41D2-8C14-3ECE93E7AEE9}_is1) (Version:  - VPP TEAM)
Podpora aplikací Apple (32bitová) (HKLM-x32\...\{80B42CAA-28C0-4FBD-A46E-D61F45E2F9FC}) (Version: 7.2 - Apple Inc.)
Podpora aplikací Apple (64bitová) (HKLM\...\{466D00D0-E7DE-47C2-8FE5-54A8009F5850}) (Version: 7.2 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7989 - Realtek Semiconductor Corp.)
Sada Compatibility Pack pro systém Office 2007 (HKLM-x32\...\{90120000-0020-0405-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Samsung SCX-3200 Series (HKLM-x32\...\Samsung SCX-3200 Series) (Version:  - Samsung Electronics Co., Ltd.)
Scan Assistant (HKLM-x32\...\{BF6CF460-40C3-49BA-800A-4B934B6498B1}) (Version: 1.01.014 - Samsung Electronics Co., Ltd.)
Shark007 ADVANCED Codecs (HKLM-x32\...\{8C0CAA7A-3272-4991-A808-2C7559DE3409}) (Version: 6.5.2 - Shark007)
Shark007 ADVANCED x64Components (HKLM\...\ADVANCED x64Components_is1) (Version: 6.5.2 - Shark007)
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype verze 8.51 (HKLM-x32\...\Skype_is1) (Version: 8.51 - Skype Technologies S.A.)
Smart Tests - testy, které učí (HKLM-x32\...\Smart Tests) (Version:  - )
Software602 Form Filler (HKLM-x32\...\{00160B3F-653A-4EA7-947E-4000D3551E9E}) (Version: 4.60 - Software602 a.s.)
Spell it out Loud (HKLM-x32\...\Spell it out Loud) (Version: 1.1.0.0 - Vitware.cz)
Sudoku (HKLM-x32\...\Sudoku_is1) (Version: 1.0 - MEDIA TRADE Interactive, s.r.o.)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.0 - Ghisler Software GmbH)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{9CBA860F-7437-4A75-941C-8EF559F2D145}) (Version: 2.52.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{52C1DD03-104E-4AC6-9DC6-21D585721ED1}) (Version: 1.19.0.0 - Microsoft Corporation) Hidden
VDownloader 4.5.2598 (HKLM\...\{A7E19604-93AF-4611-8C9F-CE509C2B286E}_is1) (Version:  - Vitzo Limited)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Web Companion (HKLM-x32\...\{5a02a927-17d7-44bd-919d-215d1f7f60bc}) (Version: 4.7.1987.3881 - Lavasoft)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666  - Nullsoft, Inc)
WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
Word Manager (HKLM-x32\...\Word Manager) (Version: 1.0.1.0 - Vitware.cz)
Zoner Photo Studio 17 (HKLM\...\ZonerPhotoStudio17_CZ_is1) (Version: 17.0.1.12 - ZONER software)

Packages:
=========
Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.1550.4.0_x86__kgqvnymyfvs32 [2019-07-16] (king.com)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-20] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-20] (Microsoft Corporation) [MS Ad]
Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.31.11905.0_x64__8wekyb3d8bbwe [2019-07-19] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.6132.0_x64__8wekyb3d8bbwe [2019-07-14] (Microsoft Studios) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.31.11905.0_x64__8wekyb3d8bbwe [2019-07-20] (Microsoft Corporation) [MS Ad]
MSN Sport -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.31.11905.0_x64__8wekyb3d8bbwe [2019-07-19] (Microsoft Corporation) [MS Ad]
NotepadX -> C:\Program Files\WindowsApps\27879SnkeKhn.NotepadX_1.7.34.0_x64__xq0nh4s6cn4qe [2019-06-13] (Sönke Köhn)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [  OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Security with Backup\Engine\22.18.0.213\buShell.dll [2019-07-20] (Symantec Corporation -> Symantec Corporation)
ShellIconOverlayIdentifiers: [  OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Security with Backup\Engine\22.18.0.213\buShell.dll [2019-07-20] (Symantec Corporation -> Symantec Corporation)
ShellIconOverlayIdentifiers: [  OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Security with Backup\Engine\22.18.0.213\buShell.dll [2019-07-20] (Symantec Corporation -> Symantec Corporation)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ShellIconOverlayIdentifiers-x32: [  OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Security with Backup\Engine\22.18.0.213\buShell.dll [2019-07-20] (Symantec Corporation -> Symantec Corporation)
ShellIconOverlayIdentifiers-x32: [  OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Security with Backup\Engine\22.18.0.213\buShell.dll [2019-07-20] (Symantec Corporation -> Symantec Corporation)
ShellIconOverlayIdentifiers-x32: [  OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Security with Backup\Engine\22.18.0.213\buShell.dll [2019-07-20] (Symantec Corporation -> Symantec Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2015-11-19] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files (x86)\Norton Security with Backup\Engine\22.18.0.213\buShell.dll [2019-07-20] (Symantec Corporation -> Symantec Corporation)
ContextMenuHandlers1: [PDFConv] -> {919CF7F5-9A8E-40B9-9588-2BECA5927D98} => C:\Program Files (x86)\Software602\602XML\xmlcore\CtxSign64.dll [2013-07-16] (Software602 a. s. -> Software602)
ContextMenuHandlers1: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files (x86)\Norton Security with Backup\Engine\22.18.0.213\NavShExt.dll [2019-07-20] (Symantec Corporation -> Symantec Corporation)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files (x86)\Norton Security with Backup\Engine\22.18.0.213\NavShExt.dll [2019-07-20] (Symantec Corporation -> Symantec Corporation)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2015-11-19] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-10-20] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2015-06-17] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2015-11-19] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files (x86)\Norton Security with Backup\Engine\22.18.0.213\buShell.dll [2019-07-20] (Symantec Corporation -> Symantec Corporation)
ContextMenuHandlers6: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files (x86)\Norton Security with Backup\Engine\22.18.0.213\NavShExt.dll [2019-07-20] (Symantec Corporation -> Symantec Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


Shortcut: C:\Users\Ota\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CDex\CDex Site.lnk -> hxxp://cdexos.sourceforge.net

==================== Loaded Modules (Whitelisted) ==============

2018-08-25 11:09 - 2006-05-03 04:49 - 000028672 _____ () [File not signed] C:\Program Files (x86)\Multimedia Mouse Driver\MouseHook.dll
2018-04-16 20:41 - 2014-09-09 13:30 - 000603648 _____ () [File not signed] C:\Program Files\Zoner\Photo Studio 17\Program32\SpiderMonkey.dll
2017-04-24 04:06 - 2017-04-24 04:06 - 001445376 _____ (GOM & Company) [File not signed] C:\Program Files (x86)\GRETECH\GomAudio\MiniBand.dll
2015-11-21 20:42 - 2015-11-19 16:36 - 000076800 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2008-04-11 12:54 - 2008-04-11 12:54 - 000348160 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\MSVCR71.dll
2005-01-13 11:47 - 2005-01-13 11:47 - 000049152 _____ (SEIKO EPSON CORP.) [File not signed] C:\Program Files (x86)\Epson Software\Event Manager\ESPSUTL.dll
2011-04-14 10:25 - 2011-04-14 10:25 - 000206336 _____ (SEIKO EPSON CORP.) [File not signed] C:\Program Files (x86)\Epson Software\Event Manager\ScnCom10.dll
2011-04-14 10:25 - 2011-04-14 10:25 - 000082944 _____ (SEIKO EPSON CORP.) [File not signed] C:\Program Files (x86)\Epson Software\Event Manager\ScnEps25.dll
2011-04-14 10:25 - 2011-04-14 10:25 - 000055808 _____ (SEIKO EPSON CORP.) [File not signed] C:\Program Files (x86)\Epson Software\Event Manager\ScnMgr10.dll
2012-04-02 12:15 - 2012-04-02 12:15 - 000110080 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\Epson Software\Event Manager\epnsm.dll
2009-10-21 18:39 - 2009-10-21 18:39 - 000291328 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\Epson Software\Event Manager\LcMgr.dll
2011-04-14 10:16 - 2011-04-14 10:16 - 000136704 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\Epson Software\Event Manager\ScanEngine30.dll
2015-11-02 20:52 - 2012-11-12 16:15 - 000558592 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\WINDOWS\System32\enppmon.dll
2015-11-02 20:52 - 2012-10-22 18:19 - 000219648 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\WINDOWS\System32\enpres.dll
2015-12-04 20:08 - 2014-02-05 15:51 - 000036864 _____ (Windows (R) Win 7 DDK provider) [File not signed] C:\WINDOWS\System32\602localmon.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-554986064-1367882024-3811459060-1005\...\localhost -> localhost

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-07-10 13:04 - 2016-10-29 20:06 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Pinnacle\Shared Files\;C:\Program Files\Calibre2\;C:\Program Files\VDownloader;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-554986064-1367882024-3811459060-1005\Control Panel\Desktop\\Wallpaper -> C:\screen8.JPG
DNS Servers: 213.46.172.37 - 213.46.172.36
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKU\S-1-5-21-554986064-1367882024-3811459060-1005\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-554986064-1367882024-3811459060-1005\...\StartupApproved\Run: => "VDownloader"
HKU\S-1-5-21-554986064-1367882024-3811459060-1005\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_F11F5C2DD299C8722D30FC5C9E83555A"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{AB7D5940-6F7D-4607-8B6A-8C3BEF46CCE6}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{39FA9347-5343-4BC5-845F-C1EE8425F280}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D194B724-34AA-4A63-81D8-138DA6848A28}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{F947F1FE-C402-48B3-8903-DB75556FC4C1}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{08095423-D65A-4453-B10B-A5BB707DD63A}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{08C0A093-CA2B-4FE8-A6DD-2CE076445DF2}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{A26C369F-B327-466E-B4A0-F11FFD772D4F}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{D1F39393-0C77-4A8D-AB2D-321CF0ABE272}] => (Allow) C:\Program Files\Zoner\Photo Studio 17\Program32\MediaServer.exe (ZONER software, a.s. -> ZONER software)
FirewallRules: [{441F31E9-4A68-49B9-9447-A0DFC25639C9}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Package\PTInstOnline.exe (Free Time Co., Ltd. -> Free Time)
FirewallRules: [{7682E269-2D50-4ADC-AE65-180469DD6F89}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{934044E0-2DA2-4547-AD0F-A33CF03A4E87}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{3A91C414-F84D-4875-9FA1-4D570BF195C5}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{CB0F424E-3C95-4D3C-9A67-5091D23723B8}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{9E2D00E6-6B83-45F3-8CDA-EC0AFDF0759F}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{6CB67587-DE8E-4071-A757-2458F0EF4C42}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{A28922DF-5216-4478-BE30-F324F3C4035B}] => (Allow) C:\Users\Ota\AppData\Local\Apowersoft\Online Video Downloader\Online Video Downloader.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{7625CD51-DE6E-4DFE-8D1A-2D6FF989970A}] => (Allow) C:\Users\Ota\AppData\Local\Apowersoft\Online Video Downloader\Online Video Downloader.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{278877AB-5136-4A19-AC54-78C1E90AF6C8}] => (Allow) C:\Program Files (x86)\Common Files\soft602\langserv.exe (Software602 a.s. -> ) [File not signed]
FirewallRules: [{F833B260-694C-4F35-B2DB-40707E6B2C31}] => (Allow) C:\Program Files (x86)\Common Files\soft602\langserv.exe (Software602 a.s. -> ) [File not signed]
FirewallRules: [{CE1ADA4D-A4E5-450B-8EF0-D7F9C726F2C3}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [{620A1F10-8688-4AD4-B783-5DF276B43258}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [{C51117FC-80FB-48EE-A81C-16595A15F5C8}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{BA39F436-A881-49B7-A9C5-AB228CC2432D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{4137AE0D-9248-49E8-BCFB-FA86E31232AB}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 15\Programs\umi.exe (Avid Technology, Inc. -> Pinnacle Systems)
FirewallRules: [{BFF9D45E-317A-4893-ABE5-F3808BFF8C07}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 15\Programs\umi.exe (Avid Technology, Inc. -> Pinnacle Systems)
FirewallRules: [{78A164AD-51D2-48B6-9395-15A8237F306F}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 15\Programs\Studio.exe (Avid Technology, Inc. -> Pinnacle Systems)
FirewallRules: [{1E44CD42-CDCC-408E-AF86-DF9CA691FB22}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 15\Programs\Studio.exe (Avid Technology, Inc. -> Pinnacle Systems)
FirewallRules: [{CE5C9608-82AA-41D4-A0A4-1139BF57310A}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 15\Programs\RM.exe (Avid Technology, Inc. -> Pinnacle Systems)
FirewallRules: [{6C96FE7E-9607-4CC1-A647-1BA72B2432D8}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 15\Programs\RM.exe (Avid Technology, Inc. -> Pinnacle Systems)
FirewallRules: [UDP Query User{5DDE923A-026B-425C-BC63-51C753D415E7}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
FirewallRules: [TCP Query User{0A1628EA-6982-4EBB-BD50-1796975BCB01}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
FirewallRules: [{77B6BB4E-A7D1-404A-BEE9-7E8D8DDBA778}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{41330990-D406-4B67-93D7-025B1789D5A9}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{593F554C-FC20-41D2-A68E-4A48F415958A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{EF7A3CC6-D980-46C2-9602-4E8937D54400}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{6E8490F2-B498-4E22-B3AF-BFE1351D5F0B}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{E88499BE-39DD-408D-ACD8-C5087B7C5962}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{590ABE12-46F8-413B-865B-53897AEDFC1E}] => (Allow) C:\Windows\twain_32\Samsung\ScanMgr.exe (Samsung Electronics CO., LTD. -> Samsung Electronics) [File not signed]
FirewallRules: [{A53B7D39-424E-41A7-A00C-C2C423E657CD}] => (Allow) C:\Windows\twain_32\Samsung\ScanMgr.exe (Samsung Electronics CO., LTD. -> Samsung Electronics) [File not signed]
FirewallRules: [{11EAB6F5-364C-4480-A248-162948F33121}] => (Allow) C:\Windows\twain_32\Samsung\SCX3200\Scan2Pc.exe () [File not signed]
FirewallRules: [{73F08067-8D58-474C-8B0D-B95C9BBE6753}] => (Allow) C:\Windows\twain_32\Samsung\SCX3200\Scan2Pc.exe () [File not signed]
FirewallRules: [{7E0A140F-725D-45F5-8C58-6C1276FD0436}] => (Allow) C:\Windows\twain_32\Samsung\SCX3200\Sscan2io.exe () [File not signed]
FirewallRules: [{ABCCA373-A80F-4F77-B51A-7B7337B419E6}] => (Allow) C:\Windows\twain_32\Samsung\SCX3200\Sscan2io.exe () [File not signed]

==================== Restore Points =========================

16-09-2019 18:04:53 Windows Update

==================== Faulty Device Manager Devices =============

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (09/14/2019 07:42:27 AM) (Source: MSDTC Client 2) (EventID: 4104) (User: )
Description: Pokus získat stav uzlu clusteru  se nezdařil. Vrácený kód chyby: 0x8007085A

Error: (09/14/2019 07:42:17 AM) (Source: MSDTC Client 2) (EventID: 4104) (User: )
Description: Pokus získat stav uzlu clusteru  se nezdařil. Vrácený kód chyby: 0x8007085A

Error: (09/14/2019 07:42:17 AM) (Source: MSDTC 2) (EventID: 4104) (User: )
Description: Pokus získat stav uzlu clusteru  se nezdařil. Vrácený kód chyby: 0x8007085A

Error: (09/14/2019 07:42:16 AM) (Source: MSDTC Client 2) (EventID: 4104) (User: )
Description: Pokus získat stav uzlu clusteru  se nezdařil. Vrácený kód chyby: 0x8007085A

Error: (09/14/2019 07:23:47 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 256) (User: )
Description: Služba Šifrování neinicializovala databázi katalogu. Chyba: -2147418113 (0x8000ffff) : Katastrofální selhání
.

Error: (09/14/2019 07:23:45 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 256) (User: )
Description: Služba Šifrování neinicializovala databázi katalogu. Chyba: -2147418113 (0x8000ffff) : Katastrofální selhání
.

Error: (09/14/2019 07:23:42 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 256) (User: )
Description: Služba Šifrování neinicializovala databázi katalogu. Chyba: -2147418113 (0x8000ffff) : Katastrofální selhání
.

Error: (09/14/2019 07:23:29 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 256) (User: )
Description: Služba Šifrování neinicializovala databázi katalogu. Chyba: -2147418113 (0x8000ffff) : Katastrofální selhání
.


System errors:
=============
Error: (09/16/2019 06:23:01 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Bonjour Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (09/16/2019 06:23:01 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Epson Scanner Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (09/16/2019 06:23:01 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Nero BackItUp Scheduler 4.0 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 500 milisekund: Restartovat službu.

Error: (09/16/2019 06:23:01 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Presentation Foundation Font Cache 3.0.0.0 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.

Error: (09/16/2019 06:23:01 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba tbaseprovisioning byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (09/16/2019 06:23:01 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Adobe Acrobat Update Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (09/16/2019 06:23:01 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba ABBYY FineReader 9.0 Sprint Licensing Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (09/16/2019 06:23:01 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba 602Updater byla neočekávaně ukončena. Tento stav nastal již 1krát.


CodeIntegrity:
===================================

Date: 2019-09-16 18:11:40.730
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Norton Security with Backup\Engine\22.18.0.213\WSCStub.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-09-16 18:11:40.598
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Norton Security with Backup\Engine\22.18.0.213\WSCStub.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-09-16 18:11:40.494
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Norton Security with Backup\Engine\22.18.0.213\WSCStub.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-09-16 18:11:39.927
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Norton Security with Backup\Engine\22.18.0.213\WSCStub.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info =========================== 

BIOS: American Megatrends Inc. V1.7 07/18/2014
Motherboard: MSI H81M-P33 (MS-7817)
Processor: Intel(R) Core(TM) i5-4460 CPU @ 3.20GHz
Percentage of memory in use: 37%
Total physical RAM: 8070.02 MB
Available physical RAM: 5009.49 MB
Total Virtual: 9990.02 MB
Available Virtual: 7280.54 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:930.89 GB) (Free:120.43 GB) NTFS

\\?\Volume{d511e935-e4e0-4f94-8fc9-1e8c041b4eb5}\ () (Fixed) (Total:0.5 GB) (Free:0.08 GB) NTFS
\\?\Volume{4c41a681-d607-44ea-a7ee-74bdc898fc68}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt ============================