Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17-11-2020
Ran by VladimirK (administrator) on KOCUREK-NTB (Acer Extensa 2519) (18-11-2020 19:26:16)
Running from C:\Users\vladimirk\Downloads
Loaded Profiles: VladimirK
Platform: Windows 8.1 Pro (Update) (X64) Language: Slovenčina (Slovensko)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\RemoteAdministrator\Agent\ERAAgent.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe
(Intel Corporation - pGFX -> ) C:\Windows\System32\igfxTray.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\CCM\CcmExec.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <6>
(Qualcomm Atheros -> ) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(Qualcomm Atheros -> Atheros Communications) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
(Qualcomm Atheros -> Qualcomm Atheros) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtTray.exe
(Qualcomm Atheros -> Windows (R) Win 7 DDK provider) [File not signed] C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13876952 2016-09-06] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [185648 2020-08-06] (ESET, spol. s r.o. -> ESET)
HKLM-x32\...\Run: [Opera Browser Assistant] => C:\Users\vladimirk\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [3152920 2020-11-10] (Opera Software AS -> Opera Software)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [134784 2015-01-31] (Qualcomm Atheros -> Atheros Communications) [File not signed]
HKU\S-1-5-21-1248644485-3150169159-186971291-4134\...\MountPoints2: {450b4348-6b0e-11e9-82ed-548ca08d010e} - "D:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-1248644485-3150169159-186971291-4134\...\MountPoints2: {76e4ab3f-8d22-11e8-82d0-548ca08d010e} - "D:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-1248644485-3150169159-186971291-4134\...\MountPoints2: {8e828d91-c6e0-11e8-82d7-548ca08d010e} - "D:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-1248644485-3150169159-186971291-4134\...\MountPoints2: {b84c24af-52c8-11e8-82c1-548ca08d010e} - "D:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-1248644485-3150169159-186971291-4134\...\MountPoints2: {e72322ca-80f3-11e8-82cb-548ca08d010e} - "D:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-1248644485-3150169159-186971291-4134\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\yowindow.scr [859080 2017-03-23] (RepkaSoft -> repkasoft)
HKLM\...\Windows x64\Print Processors\HP1005PrintProc: C:\Windows\System32\spool\prtprocs\x64\HP1005PP.dll [65024 2013-04-01] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Windows x64\Print Processors\hpfpp03m: C:\Windows\System32\spool\prtprocs\x64\hpfpp03m.dll [253440 2013-11-06] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\HP1005LM: C:\Windows\system32\HP1005LM.DLL [178688 2013-04-01] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\PCL hpf3l03m.dll: C:\Windows\system32\hpf3l03m.dll [138752 2013-11-06] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Company)
HKLM\...\Print\Monitors\rica1Ilm: C:\Windows\system32\rica1Ilm.dll [28160 2013-12-26] (Microsoft Windows Hardware Compatibility Publisher -> RICOH CO.,Ltd.)
HKLM\...\Print\Monitors\rica6Hlm: C:\Windows\system32\rica6Hlm.dll [28160 2013-12-26] (Microsoft Windows Hardware Compatibility Publisher -> RICOH CO.,Ltd.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\87.0.4280.66\Installer\chrmstp.exe [2020-11-18] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\Windows\system32\AthCredentialProvider.dll [2015-01-31] (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed]
HKLM\Software\...\Authentication\Credential Provider Filters: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\Windows\system32\AthCredentialProvider.dll [2015-01-31] (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed]
HKLM\Software\...\Winlogon\GPExtensions: [{346193F5-F2FD-4DBD-860C-B88843475FD3}] -> C:\Windows\system32\CcmUsrCse.dll [2015-04-14] (Microsoft Corporation -> Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CodecPackTrayMenu.lnk [2016-11-07]
ShortcutTarget: CodecPackTrayMenu.lnk -> C:\Windows\SysWOW64\Codecs\TrayMenu.exe (Cole Williams Software Limited -> )
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2016-10-25]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett Packard -> Hewlett-Packard Co.)
GroupPolicy: Restriction ? <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0C468313-79D8-4CCE-8064-5BD2BF496B2F} - System32\Tasks\Microsoft\Configuration Manager\Configuration Manager Idle Detection => {4ca7a766-13d8-4652-8016-b01a03117903}
Task: {19AAF3AC-1B7D-470B-948C-EBE156C69DE3} - System32\Tasks\Opera scheduled assistant Autoupdate 1582785835 => C:\Users\vladimirk\AppData\Local\Programs\Opera\launcher.exe [1721368 2020-11-10] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\vladimirk\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {2423E6C4-7E75-4C98-9066-63C502712931} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {305B74A3-1BC4-493E-AE74-D361EED87DD2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-01-01] (Google Inc -> Google Inc.)
Task: {38B72E2E-9C7C-4752-ADB9-A0ABBE7297C1} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [23571128 2020-05-01] (Piriform Software Ltd -> Piriform Software Ltd)
"C:\Windows\System32\Tasks\Microsoft\Windows\GroupPolicy\{3E0A038B-D834-4930-9981-E89C9BFF83AA}" was unlocked. <==== ATTENTION
Task: {400A71AE-204A-4F3C-A56B-8177E159E9B5} - System32\Tasks\Microsoft\Windows\GroupPolicy\{3E0A038B-D834-4930-9981-E89C9BFF83AA} => C:\Windows\system32\gpupdate.exe [18432 2014-11-22] (Microsoft Windows -> Microsoft Corporation)
Task: {55D785C2-E867-4E33-ABBE-357EB84D6429} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe
Task: {5C120709-F92C-4D5C-835D-9CD792188694} - System32\Tasks\Microsoft\Configuration Manager\Configuration Manager Maintenance => {4ca7a766-13d8-4652-8016-b01a03117903}
Task: {5FA4E214-1A23-46C5-8868-36BF5B6F6EDE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-01-01] (Google Inc -> Google Inc.)
Task: {63CBDD21-486A-40CE-9CD2-92D9049791D9} - System32\Tasks\HPCustParticipation HP OfficeJet 200 Mobile Series => C:\Program Files\HP\HP OfficeJet 200 Mobile Series\Bin\HPCustPartic.exe [6438536 2017-06-15] (Hewlett Packard -> HP Inc.)
Task: {8131D684-29AC-45E1-83E3-BCFCCAD7EF5F} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_433_pepper.exe [1497656 2020-09-09] (Adobe Inc. -> Adobe)
Task: {829C9AE4-4C95-4750-A2D3-F6FF39D54DE6} - System32\Tasks\GridinSoft Anti-Malware => C:\Program Files\GridinSoft Anti-Malware\gsam.exe
Task: {88EF144A-7842-4D37-B77F-00DA880ADC6A} - System32\Tasks\Microsoft\Configuration Manager\Configuration Manager Health Evaluation => C:\Windows\CCM\ccmeval.exe [1057464 2015-04-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {8ABC62DC-29EB-4A04-8FA6-CBE37ED097C6} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\AVG\AVG PC TuneUp\OneClick.exe
Task: {8B1DFE76-9CD2-4A1D-AF12-7504BD2839C1} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1183256 2018-02-10] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {DC690D47-9067-4B45-9AA8-18EE778AD428} - System32\Tasks\Opera scheduled Autoupdate 1501692119 => C:\Users\vladimirk\AppData\Local\Programs\Opera\launcher.exe [1721368 2020-11-10] (Opera Software AS -> Opera Software)
Task: {E23D0027-02EA-4874-A0C3-5E6B03ED4A38} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-02-11] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {E838F17E-0FBD-4EF8-9F65-53EDD732D14B} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
Task: {F67532EF-A675-47C4-809F-E7EBD7544224} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_414_Plugin.exe [1475640 2020-09-07] (Adobe Inc. -> Adobe)
Task: {F874D190-0BD1-438D-A98E-C3728B74D1AA} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-22] (Microsoft Corporation -> Microsoft Corporation)
"C:\Windows\System32\Tasks\Microsoft\Windows\GroupPolicy\{A7719E0F-10DB-4640-AD8C-490CC6AD5202}" was unlocked. <==== ATTENTION
Task: {FACF3948-7BDE-4731-80A1-5B3421132CC4} - System32\Tasks\Microsoft\Windows\GroupPolicy\{A7719E0F-10DB-4640-AD8C-490CC6AD5202} => C:\Windows\system32\gpupdate.exe [18432 2014-11-22] (Microsoft Windows -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: [S-1-5-21-1248644485-3150169159-186971291-4134] => 192.168.110.2:8080
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{79F4E688-6195-4F94-981F-6C7457EBDBDE}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{880C898F-A3F2-4A60-BD90-D82BFB445EF3}: [DhcpNameServer] 192.168.117.6 192.168.110.4

FireFox:
========
FF DefaultProfile: tu22lukr.default-1506449962233
FF ProfilePath: C:\Users\vladimirk\AppData\Roaming\Mozilla\Firefox\Profiles\tu22lukr.default-1506449962233 [2020-11-18]
FF user.js: detected! => C:\Users\vladimirk\AppData\Roaming\Mozilla\Firefox\Profiles\tu22lukr.default-1506449962233\user.js [2018-06-02]
FF Homepage: Mozilla\Firefox\Profiles\tu22lukr.default-1506449962233 -> www.shmu.sk/
FF Extension: (Facebook Container) - C:\Users\vladimirk\AppData\Roaming\Mozilla\Firefox\Profiles\tu22lukr.default-1506449962233\Extensions\@contain-facebook.xpi [2020-09-30]
FF Extension: (AdGuard blokovač reklamy) - C:\Users\vladimirk\AppData\Roaming\Mozilla\Firefox\Profiles\tu22lukr.default-1506449962233\Extensions\adguardadblocker@adguard.com.xpi [2020-10-30]
FF Extension: (Browsec VPN - Free VPN for Firefox) - C:\Users\vladimirk\AppData\Roaming\Mozilla\Firefox\Profiles\tu22lukr.default-1506449962233\Extensions\browsec@browsec.com.xpi [2020-11-10]
FF Extension: (Forecastfox (fix version)) - C:\Users\vladimirk\AppData\Roaming\Mozilla\Firefox\Profiles\tu22lukr.default-1506449962233\Extensions\forecastfox@s3_fix_version.xpi [2020-05-04]
FF Extension: (To Google Translate) - C:\Users\vladimirk\AppData\Roaming\Mozilla\Firefox\Profiles\tu22lukr.default-1506449962233\Extensions\jid1-93WyvpgvxzGATw@jetpack.xpi [2020-11-11]
FF Extension: (clean-youtube) - C:\Users\vladimirk\AppData\Roaming\Mozilla\Firefox\Profiles\tu22lukr.default-1506449962233\Extensions\jid1-q4sG8pYhq8KGHs@jetpack.xpi [2020-07-14]
FF Extension: (Kaspersky Protection) - C:\Users\vladimirk\AppData\Roaming\Mozilla\Firefox\Profiles\tu22lukr.default-1506449962233\Extensions\light_plugin_B29D4AD94F82454BBC9215BCBD7E80AE@kaspersky.com.xpi [2020-11-10]
FF Extension: (uBlock Origin) - C:\Users\vladimirk\AppData\Roaming\Mozilla\Firefox\Profiles\tu22lukr.default-1506449962233\Extensions\uBlock0@raymondhill.net.xpi [2020-10-21]
FF Extension: (Worldwide Radio) - C:\Users\vladimirk\AppData\Roaming\Mozilla\Firefox\Profiles\tu22lukr.default-1506449962233\Extensions\worldwide@radio.xpi [2020-05-11]
FF Extension: (Autumn in the Mountains) - C:\Users\vladimirk\AppData\Roaming\Mozilla\Firefox\Profiles\tu22lukr.default-1506449962233\Extensions\{106bd4d1-70c5-437b-9594-2d1de52c59d7}.xpi [2019-06-25]
FF Extension: (Autumn by CP) - C:\Users\vladimirk\AppData\Roaming\Mozilla\Firefox\Profiles\tu22lukr.default-1506449962233\Extensions\{14e8938b-08f9-498b-9d1d-d2be642803b4}.xpi [2020-09-28]
FF Extension: (Halloween Witching Hour - animated) - C:\Users\vladimirk\AppData\Roaming\Mozilla\Firefox\Profiles\tu22lukr.default-1506449962233\Extensions\{35825ba7-27b6-40bf-91bc-eb7baf6d39c6}.xpi [2019-06-25]
FF Extension: (Automne en couleurs - Autumn Colours) - C:\Users\vladimirk\AppData\Roaming\Mozilla\Firefox\Profiles\tu22lukr.default-1506449962233\Extensions\{3c10252d-4881-4012-b790-2f09297a3a10}.xpi [2020-09-28]
FF Extension: (Best Bright Christmas by MaDonna) - C:\Users\vladimirk\AppData\Roaming\Mozilla\Firefox\Profiles\tu22lukr.default-1506449962233\Extensions\{3ce68e94-0685-4b09-84c0-0d2cff4301a1}.xpi [2020-03-02]
FF Extension: (Frost-скреж) - C:\Users\vladimirk\AppData\Roaming\Mozilla\Firefox\Profiles\tu22lukr.default-1506449962233\Extensions\{48380a38-0657-4c71-ab5e-f2d302c1a4a1}.xpi [2019-06-25]
FF Extension: (My Garden Tulips) - C:\Users\vladimirk\AppData\Roaming\Mozilla\Firefox\Profiles\tu22lukr.default-1506449962233\Extensions\{4b25dc41-14f4-46c9-b0da-14bc60016100}.xpi [2020-05-15]
FF Extension: (Bird for May) - C:\Users\vladimirk\AppData\Roaming\Mozilla\Firefox\Profiles\tu22lukr.default-1506449962233\Extensions\{4fd7ea0a-fd7a-4591-8d97-985d48b6a2fe}.xpi [2019-06-25]
FF Extension: (autumn path) - C:\Users\vladimirk\AppData\Roaming\Mozilla\Firefox\Profiles\tu22lukr.default-1506449962233\Extensions\{535071e4-c2fd-4292-9006-21d2ac08869d}.xpi [2020-09-28]
FF Extension: (Autumn Morning Serenity by MaDonna) - C:\Users\vladimirk\AppData\Roaming\Mozilla\Firefox\Profiles\tu22lukr.default-1506449962233\Extensions\{6f013887-2c7e-4c48-bea9-082291bc66c7}.xpi [2020-09-10]
FF Extension: (C.E. Spring Mountain Lake) - C:\Users\vladimirk\AppData\Roaming\Mozilla\Firefox\Profiles\tu22lukr.default-1506449962233\Extensions\{708258fe-6c71-421e-8b84-2f217b50538c}.xpi [2020-05-04]
FF Extension: (Fresh Spring by MaDonna) - C:\Users\vladimirk\AppData\Roaming\Mozilla\Firefox\Profiles\tu22lukr.default-1506449962233\Extensions\{73c810a8-1c4b-4767-b6e4-31da45365d81}.xpi [2020-07-14]
FF Extension: (Sunflower Honey Bee) - C:\Users\vladimirk\AppData\Roaming\Mozilla\Firefox\Profiles\tu22lukr.default-1506449962233\Extensions\{80496d75-4e04-4bc8-b4a4-f4c2087fb58b}.xpi [2019-06-25]
FF Extension: (Sakura Blossoms & Birds by MaDonna) - C:\Users\vladimirk\AppData\Roaming\Mozilla\Firefox\Profiles\tu22lukr.default-1506449962233\Extensions\{82f753d5-3a7c-4b9e-9bd3-675331e8250f}.xpi [2020-07-14]
FF Extension: (May Apple) - C:\Users\vladimirk\AppData\Roaming\Mozilla\Firefox\Profiles\tu22lukr.default-1506449962233\Extensions\{9e894d32-ea7c-4ec6-a894-82c8d94862ea}.xpi [2020-05-15]
FF Extension: (Snowing on Bird) - C:\Users\vladimirk\AppData\Roaming\Mozilla\Firefox\Profiles\tu22lukr.default-1506449962233\Extensions\{a2effc89-7b4b-4ef1-9316-05270fea7fc9}.xpi [2019-06-25]
FF Extension: (transparent amber leaves) - C:\Users\vladimirk\AppData\Roaming\Mozilla\Firefox\Profiles\tu22lukr.default-1506449962233\Extensions\{a4502e6b-70ff-4a12-bcd4-7deaac9cbdb2}.xpi [2020-10-05]
FF Extension: (Hay After Harvest) - C:\Users\vladimirk\AppData\Roaming\Mozilla\Firefox\Profiles\tu22lukr.default-1506449962233\Extensions\{ad1a7ca0-8f26-4051-af31-f47e55ab3293}.xpi [2020-08-31]
FF Extension: (Autumn Equinox) - C:\Users\vladimirk\AppData\Roaming\Mozilla\Firefox\Profiles\tu22lukr.default-1506449962233\Extensions\{bfc42827-67f0-409d-921c-d4198ce215a7}.xpi [2019-06-25]
FF Extension: (Wheat Sky) - C:\Users\vladimirk\AppData\Roaming\Mozilla\Firefox\Profiles\tu22lukr.default-1506449962233\Extensions\{ca71d2c0-4472-4ebc-8fec-d11e84d62f0b}.xpi [2019-06-25]
FF Extension: (ANIMATED White Christmas) - C:\Users\vladimirk\AppData\Roaming\Mozilla\Firefox\Profiles\tu22lukr.default-1506449962233\Extensions\{cf5dfd30-5846-42f8-8701-78eec9ca389e}.xpi [2019-06-25]
FF Extension: (Spring Singer) - C:\Users\vladimirk\AppData\Roaming\Mozilla\Firefox\Profiles\tu22lukr.default-1506449962233\Extensions\{cfaa60c2-536c-4035-b23b-3b10d9517577}.xpi [2020-07-14]
FF Extension: (Adblock Plus - free ad blocker) - C:\Users\vladimirk\AppData\Roaming\Mozilla\Firefox\Profiles\tu22lukr.default-1506449962233\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2020-11-18]
FF Extension: (Harvest Time by MaDonna) - C:\Users\vladimirk\AppData\Roaming\Mozilla\Firefox\Profiles\tu22lukr.default-1506449962233\Extensions\{df56c75e-95dd-4827-b515-559124a442ee}.xpi [2020-08-28]
FF Extension: (Sakura Sunlight by M♥Donna) - C:\Users\vladimirk\AppData\Roaming\Mozilla\Firefox\Profiles\tu22lukr.default-1506449962233\Extensions\{e292d5d0-f3c8-45d5-b12e-6731ca852f7c}.xpi [2020-05-21]
FF Extension: (Thunderstorm by M♥Donna) - C:\Users\vladimirk\AppData\Roaming\Mozilla\Firefox\Profiles\tu22lukr.default-1506449962233\Extensions\{e453c6be-722b-4d96-a077-378d9f4b30cd}.xpi [2020-07-14]
FF Extension: (Forest in Winter) - C:\Users\vladimirk\AppData\Roaming\Mozilla\Firefox\Profiles\tu22lukr.default-1506449962233\Extensions\{ebbf909c-010a-4f5a-aca7-9eef912b3a97}.xpi [2019-06-25]
FF Extension: (Northern Lake by MaDonna) - C:\Users\vladimirk\AppData\Roaming\Mozilla\Firefox\Profiles\tu22lukr.default-1506449962233\Extensions\{fcebb804-5eb9-43d9-a12a-30f6ca1b9b1b}.xpi [2020-08-10]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_414.dll [2020-09-07] (Adobe Inc. -> )
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_414.dll [2020-09-07] (Adobe Inc. -> )
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\TXE Components\IPT\npIntelWebAPIIPT.dll [2014-07-01] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\TXE Components\IPT\npIntelWebAPIUpdater.dll [2014-07-01] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-04-23] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-04-23] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.10 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-04-23] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-04-23] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-04-23] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-04-23] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-05-11] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\eset_security_config_overlay.js [2020-11-18]

Chrome: 
=======
CHR Profile: C:\Users\vladimirk\AppData\Local\Google\Chrome\User Data\Default [2020-11-16]
CHR Extension: (Slides) - C:\Users\vladimirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-09-18]
CHR Extension: (Docs) - C:\Users\vladimirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-09-18]
CHR Extension: (Google Drive) - C:\Users\vladimirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-07-24]
CHR Extension: (YouTube) - C:\Users\vladimirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-07-24]
CHR Extension: (Google Docs Offline) - C:\Users\vladimirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-10-01]
CHR Extension: (Chrome Web Store Payments) - C:\Users\vladimirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-15]
CHR Extension: (Gmail) - C:\Users\vladimirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-09-18]
CHR Extension: (Chrome Media Router) - C:\Users\vladimirk\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-10-16]

Opera: 
=======
OPR Notifications: hxxps://www.accuweather.com; hxxps://xiaomiplanet.sk
OPR Extension: (Translator) - C:\Users\vladimirk\AppData\Roaming\Opera Software\Opera Stable\Extensions\cnbpedcoekjafichoehopgaaldogogch [2020-08-25]
OPR Extension: (Rich Hints Agent) - C:\Users\vladimirk\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2020-11-18]
OPR Extension: (Super Auto Refresh) - C:\Users\vladimirk\AppData\Roaming\Opera Software\Opera Stable\Extensions\ghjaeanhfafkigkehjgapnlobfhefkme [2017-05-05]
OPR Extension: (Adblock Plus - free ad blocker) - C:\Users\vladimirk\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2020-11-18]
StartMenuInternet: (HKLM) OperaStable - C:\Users\vladimirk\AppData\Local\Programs\Opera\Launcher.exe

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [83984 2018-02-10] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [323200 2015-01-31] (Qualcomm Atheros -> Windows (R) Win 7 DDK provider) [File not signed]
R2 CcmExec; C:\Windows\CCM\CcmExec.exe [1773240 2015-04-14] (Microsoft Corporation -> Microsoft Corporation)
S4 CmRcService; C:\Windows\CCM\RemCtrl\CmRcService.exe [671928 2015-04-14] (Microsoft Corporation -> Microsoft Corporation)
S3 EHttpSrv; C:\Program Files\ESET\ESET Security\ehttpsrv.exe [57952 2020-08-06] (ESET, spol. s r.o. -> ESET)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2364472 2020-08-06] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [2364472 2020-08-06] (ESET, spol. s r.o. -> ESET)
R2 EraAgentSvc; C:\Program Files\ESET\RemoteAdministrator\Agent\ERAAgent.exe [1450080 2020-05-29] (ESET, spol. s r.o. -> ESET)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [330240 2015-02-18] () [File not signed]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-02-18] () [File not signed]
S3 lpasvc; C:\Program Files\Microsoft Policy Platform\policyHost.exe [50280 2012-08-02] (Microsoft Corporation -> Microsoft Corporation)
S3 lppsvc; C:\Program Files\Microsoft Policy Platform\policyHost.exe [50280 2012-08-02] (Microsoft Corporation -> Microsoft Corporation)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6744288 2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
S3 smstsmgr; C:\Windows\CCM\TSManager.exe [316600 2015-04-14] (Microsoft Corporation -> Microsoft Corporation)
S3 ss_conn_launcher_service; C:\Windows\System32\Samsung\EasySetup\ss_conn_launcher.exe [182328 2020-04-24] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
S2 HuaweiHiSuiteService64.exe; "C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe" -/service [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [4267008 2015-01-11] (Microsoft Windows Hardware Compatibility Publisher -> Qualcomm Atheros Communications, Inc.)
S3 BTHprint; C:\Windows\system32\DRIVERS\bthprint.sys [62976 2013-08-22] (Microsoft Windows -> Microsoft Corporation)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [154344 2020-08-06] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [106848 2020-07-07] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\Windows\System32\DRIVERS\eelam.sys [15288 2020-10-22] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [195464 2020-08-06] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\Windows\system32\DRIVERS\epfw.sys [79536 2020-08-06] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [115976 2020-08-06] (ESET, spol. s r.o. -> ESET)
S3 ew_usbccgpfilter; C:\Windows\System32\drivers\ew_usbccgpfilter.sys [18944 2018-04-20] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2018-04-20] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R3 iagpioe; C:\Windows\System32\drivers\iagpioe.sys [32256 2015-02-28] (Microsoft Windows Hardware Compatibility Publisher -> Intel(R) Corporation)
R3 iai2ce; C:\Windows\System32\drivers\iai2ce.sys [95224 2015-11-17] (Microsoft Windows Hardware Compatibility Publisher -> Intel(R) Corporation)
R3 iusb3adp; C:\Windows\System32\drivers\iusb3adp.sys [23824 2015-03-27] (Intel Corporation - Client Components Group -> Intel)
S3 prepdrvr; C:\Windows\system32\DRIVERS\prepdrv.sys [26984 2015-04-14] (Microsoft Corporation -> Microsoft Corporation)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [166760 2020-04-24] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:\Windows\System32\Drivers\ss_conn_usb_driver2.sys [43368 2020-04-24] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
S3 SWDUMon; \SystemRoot\system32\DRIVERS\SWDUMon.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-11-18 19:26 - 2020-11-18 19:29 - 000030063 _____ C:\Users\vladimirk\Downloads\FRST.txt
2020-11-18 17:49 - 2020-11-18 17:50 - 008447152 _____ (Malwarebytes) C:\Users\vladimirk\Desktop\adwcleaner_8.0.8.exe
2020-11-18 16:13 - 2020-11-18 19:27 - 000000000 ____D C:\FRST
2020-11-18 16:13 - 2020-11-18 16:13 - 002294784 _____ (Farbar) C:\Users\vladimirk\Downloads\FRST64.exe
2020-11-18 14:12 - 2020-11-18 15:51 - 000000000 ____D C:\ProgramData\SecTaskMan
2020-11-18 14:12 - 2020-11-18 14:12 - 000001170 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spy Protector.lnk
2020-11-18 14:12 - 2020-11-18 14:12 - 000001159 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security Task Manager.lnk
2020-11-18 14:12 - 2020-11-18 14:12 - 000001147 _____ C:\Users\Public\Desktop\Security Task Manager.lnk
2020-11-18 14:12 - 2020-11-18 14:12 - 000001147 _____ C:\ProgramData\Desktop\Security Task Manager.lnk
2020-11-18 14:12 - 2020-11-18 14:12 - 000000000 ____D C:\Program Files (x86)\Security Task Manager
2020-11-18 14:11 - 2020-11-18 14:11 - 003034016 _____ C:\Users\vladimirk\Downloads\SecurityTaskManager_Setup.exe
2020-11-16 18:13 - 2020-11-16 18:34 - 000000795 _____ C:\Users\vladimirk\Desktop\ESET Online Scanner.lnk
2020-11-16 18:13 - 2020-11-16 18:13 - 015012440 _____ (ESET spol. s r.o.) C:\Users\vladimirk\Downloads\esetonlinescanner.exe
2020-11-13 16:02 - 2020-11-13 16:03 - 008447152 _____ (Malwarebytes) C:\Users\vladimirk\Downloads\adwcleaner_8.0.8.exe
2020-10-28 09:01 - 2020-09-30 08:20 - 000135240 _____ (Microsoft Corporation) C:\Windows\system32\gpapi.dll
2020-10-28 09:01 - 2020-09-30 04:04 - 003332608 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2020-10-28 09:01 - 2020-09-30 03:56 - 000445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2020-10-28 09:01 - 2020-09-30 03:48 - 001118720 _____ (Microsoft Corporation) C:\Windows\system32\gpedit.dll
2020-10-28 09:01 - 2020-09-30 03:15 - 001381888 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2020-10-28 09:01 - 2020-09-29 06:32 - 000115616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpapi.dll
2020-10-28 09:01 - 2020-09-29 05:11 - 003642368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2020-10-28 09:01 - 2020-09-29 05:00 - 000324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2020-10-28 09:01 - 2020-09-29 04:54 - 001067520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpedit.dll
2020-10-28 09:01 - 2020-09-24 07:47 - 000120832 _____ (Microsoft Corporation) C:\Windows\system32\userenv.dll
2020-10-28 09:01 - 2020-09-24 07:43 - 002535968 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2020-10-28 09:01 - 2020-09-24 07:36 - 007363320 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2020-10-28 09:01 - 2020-09-24 07:36 - 002173392 _____ (Microsoft Corporation) C:\Windows\system32\combase.dll
2020-10-28 09:01 - 2020-09-24 07:01 - 025759232 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2020-10-28 09:01 - 2020-09-24 06:01 - 000098104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\userenv.dll
2020-10-28 09:01 - 2020-09-24 06:00 - 001902240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2020-10-28 09:01 - 2020-09-24 05:53 - 001561296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll
2020-10-28 09:01 - 2020-09-24 05:28 - 002914304 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2020-10-28 09:01 - 2020-09-24 05:25 - 000581120 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2020-10-28 09:01 - 2020-09-24 05:25 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2020-10-28 09:01 - 2020-09-24 05:16 - 005500416 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2020-10-28 09:01 - 2020-09-24 05:14 - 000785408 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2020-10-28 09:01 - 2020-09-24 05:13 - 020293632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2020-10-28 09:01 - 2020-09-24 05:04 - 000517120 _____ (Microsoft Corporation) C:\Windows\system32\cmdial32.dll
2020-10-28 09:01 - 2020-09-24 04:57 - 000498176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2020-10-28 09:01 - 2020-09-24 04:55 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2020-10-28 09:01 - 2020-09-24 04:54 - 002306048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2020-10-28 09:01 - 2020-09-24 04:53 - 000477696 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2020-10-28 09:01 - 2020-09-24 04:53 - 000092672 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2020-10-28 09:01 - 2020-09-24 04:52 - 000145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2020-10-28 09:01 - 2020-09-24 04:51 - 000315904 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2020-10-28 09:01 - 2020-09-24 04:47 - 001033216 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2020-10-28 09:01 - 2020-09-24 04:47 - 000653824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2020-10-28 09:01 - 2020-09-24 04:41 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2020-10-28 09:01 - 2020-09-24 04:40 - 015494144 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2020-10-28 09:01 - 2020-09-24 04:39 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2020-10-28 09:01 - 2020-09-24 04:39 - 000484352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cmdial32.dll
2020-10-28 09:01 - 2020-09-24 04:39 - 000381952 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2020-10-28 09:01 - 2020-09-24 04:38 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2020-10-28 09:01 - 2020-09-24 04:37 - 002132992 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2020-10-28 09:01 - 2020-09-24 04:33 - 003631616 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2020-10-28 09:01 - 2020-09-24 04:32 - 000392192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2020-10-28 09:01 - 2020-09-24 04:32 - 000272896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2020-10-28 09:01 - 2020-09-24 04:31 - 000076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2020-10-28 09:01 - 2020-09-24 04:30 - 000279552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2020-10-28 09:01 - 2020-09-24 04:30 - 000128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2020-10-28 09:01 - 2020-09-24 04:29 - 002750464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2020-10-28 09:01 - 2020-09-24 04:27 - 000880640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2020-10-28 09:01 - 2020-09-24 04:27 - 000230400 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2020-10-28 09:01 - 2020-09-24 04:26 - 004859904 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2020-10-28 09:01 - 2020-09-24 04:26 - 000699392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2020-10-28 09:01 - 2020-09-24 04:26 - 000110080 _____ (Microsoft Corporation) C:\Windows\system32\fdSSDP.dll
2020-10-28 09:01 - 2020-09-24 04:25 - 004112384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2020-10-28 09:01 - 2020-09-24 04:23 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2020-10-28 09:01 - 2020-09-24 04:22 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2020-10-28 09:01 - 2020-09-24 04:22 - 000333312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2020-10-28 09:01 - 2020-09-24 04:21 - 002058752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2020-10-28 09:01 - 2020-09-24 04:20 - 013872640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2020-10-28 09:01 - 2020-09-24 04:18 - 000172032 _____ (Microsoft Corporation) C:\Windows\system32\fdWSD.dll
2020-10-28 09:01 - 2020-09-24 04:15 - 001566720 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2020-10-28 09:01 - 2020-09-24 04:13 - 000092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fdSSDP.dll
2020-10-28 09:01 - 2020-09-24 04:10 - 000133120 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2020-10-28 09:01 - 2020-09-24 04:08 - 000905728 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2020-10-28 09:01 - 2020-09-24 04:08 - 000145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fdWSD.dll
2020-10-28 09:01 - 2020-09-24 04:07 - 002551808 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2020-10-28 09:01 - 2020-09-24 04:07 - 001099264 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2020-10-28 09:01 - 2020-09-24 04:06 - 000866304 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2020-10-28 09:01 - 2020-09-24 04:04 - 004387840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2020-10-28 09:01 - 2020-09-24 04:03 - 000801280 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2020-10-28 09:01 - 2020-09-24 04:01 - 001920512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2020-10-28 09:01 - 2020-09-24 04:00 - 001341952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2020-10-28 09:01 - 2020-09-24 04:00 - 000711168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2020-10-28 09:01 - 2020-09-24 03:59 - 000710656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2020-10-28 09:01 - 2020-09-24 03:55 - 003826176 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2020-10-28 09:01 - 2020-09-24 03:55 - 003551744 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2020-10-28 09:01 - 2020-09-24 03:53 - 001684992 _____ (Microsoft Corporation) C:\Windows\system32\workfolderssvc.dll
2020-10-28 09:01 - 2020-09-24 03:52 - 003278848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2020-10-28 09:01 - 2020-09-15 08:06 - 001311776 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2020-10-28 09:01 - 2020-09-15 07:57 - 000325320 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2020-10-28 09:01 - 2020-09-15 06:24 - 000245752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2020-10-28 09:01 - 2020-09-15 05:49 - 000281088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
2020-10-28 09:01 - 2020-09-15 05:15 - 001040384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2020-10-28 09:01 - 2020-09-11 17:31 - 000367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\es.dll
2020-10-28 09:01 - 2020-09-11 10:39 - 000288768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys
2020-10-28 09:01 - 2020-09-11 09:23 - 000516608 _____ (Microsoft Corporation) C:\Windows\system32\es.dll
2020-10-28 09:01 - 2020-09-11 00:49 - 001370680 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2020-10-28 09:01 - 2020-09-10 22:27 - 000564224 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2020-10-28 09:01 - 2020-09-10 21:51 - 000642560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2020-10-28 09:01 - 2020-09-10 21:51 - 000005632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll
2020-10-28 09:01 - 2020-09-10 21:20 - 001757184 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2020-10-28 09:01 - 2020-09-10 21:14 - 002349056 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2020-10-28 09:01 - 2020-09-10 21:11 - 001088512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2020-10-28 09:01 - 2020-09-10 21:02 - 001495040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2020-10-28 09:01 - 2020-09-10 20:56 - 001551360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2020-10-28 09:01 - 2020-09-10 02:24 - 000353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd3x40.dll

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-11-18 18:02 - 2018-01-15 09:49 - 000000629 _____ C:\Windows\SMSCFG.ini
2020-11-18 18:02 - 2016-10-10 13:12 - 000003596 _____ C:\Windows\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1248644485-3150169159-186971291-4134
2020-11-18 17:58 - 2017-04-30 11:04 - 000000000 ____D C:\Users\vladimirk\AppData\LocalLow\Mozilla
2020-11-18 17:57 - 2016-10-10 13:06 - 000000000 __SHD C:\Users\vladimirk\IntelGraphicsProfiles
2020-11-18 17:56 - 2013-08-22 15:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-11-18 17:55 - 2016-11-27 14:14 - 000000000 ____D C:\Users\vladimirk\AppData\Local\ESET
2020-11-18 15:48 - 2016-10-17 10:04 - 000003966 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{B0DFEE00-22C8-4A88-BE67-443DBF79182F}
2020-11-18 14:27 - 2018-05-01 07:20 - 000057394 _____ C:\Windows\system32\perfh01B.dat
2020-11-18 14:27 - 2018-05-01 07:20 - 000015922 _____ C:\Windows\system32\perfc01B.dat
2020-11-18 14:27 - 2014-11-22 04:14 - 000928066 _____ C:\Windows\system32\PerfStringBackup.INI
2020-11-18 14:27 - 2013-08-22 14:36 - 000000000 ____D C:\Windows\Inf
2020-11-18 10:03 - 2017-07-24 19:27 - 000002256 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-11-18 10:03 - 2017-07-24 19:27 - 000002215 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-11-18 10:03 - 2017-07-24 19:27 - 000002215 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-11-16 14:36 - 2020-05-15 11:40 - 000003890 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1501692119
2020-11-16 14:36 - 2020-05-15 11:40 - 000001550 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Prehliadač Opera.lnk
2020-11-15 07:05 - 2013-08-22 16:36 - 000000000 ____D C:\Windows\AppReadiness
2020-11-13 16:08 - 2016-10-10 13:06 - 000000000 ____D C:\Users\vladimirk
2020-11-13 16:03 - 2018-07-05 20:01 - 000000000 ____D C:\Users\vladimirk\AppData\Local\CrashDumps
2020-11-13 15:49 - 2019-01-17 16:21 - 000000000 ____D C:\Program Files (x86)\Avast Driver Updater
2020-11-13 15:00 - 2017-03-26 17:54 - 000000000 ____D C:\Windows\Minidump
2020-11-13 14:25 - 2013-08-22 16:20 - 000000000 ____D C:\Windows\CbsTemp
2020-11-13 14:04 - 2020-06-01 14:11 - 000000000 ____D C:\Users\vladimirk\Desktop\ESHOPY
2020-11-13 11:18 - 2016-10-10 13:07 - 000000000 ____D C:\Users\vladimirk\AppData\Roaming\Atheros
2020-11-12 14:57 - 2013-08-22 16:36 - 000000000 ___HD C:\Program Files\WindowsApps
2020-11-11 12:45 - 2017-10-25 18:41 - 000004128 _____ C:\Windows\system32\Tasks\CCleaner Update
2020-11-11 10:43 - 2020-08-13 09:29 - 000004120 _____ C:\Windows\system32\Tasks\Opera scheduled assistant Autoupdate 1582785835
2020-11-05 14:10 - 2016-10-10 13:06 - 000000000 ____D C:\Users\vladimirk\AppData\Local\Packages
2020-11-02 15:21 - 2016-10-10 13:07 - 000000000 ____D C:\Users\vladimirk\Documents\Bluetooth Folder
2020-10-30 13:42 - 2016-09-06 10:40 - 000000104 _____ C:\Windows\system32\config\netlogon.ftl
2020-10-30 08:57 - 2013-08-22 16:36 - 000000000 ____D C:\Windows\rescache
2020-10-28 09:27 - 2013-08-22 16:36 - 000000000 ___RD C:\Windows\ToastData
2020-10-28 09:14 - 2016-09-06 11:48 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2020-10-28 09:12 - 2013-08-22 14:25 - 000000167 _____ C:\Windows\win.ini
2020-10-22 08:35 - 2020-07-07 07:50 - 000015288 _____ (ESET) C:\Windows\system32\Drivers\eelam.sys
2020-10-22 08:32 - 2016-09-06 11:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2020-10-22 08:32 - 2016-09-06 11:58 - 000000000 ____D C:\ProgramData\ESET
2020-10-22 08:32 - 2016-09-06 11:58 - 000000000 ____D C:\Program Files\ESET
2020-10-19 13:25 - 2013-08-22 14:25 - 000524288 ___SH C:\Windows\system32\config\BBI

==================== Files in the root of some directories ========

2016-11-12 18:08 - 2016-11-12 18:08 - 000000057 _____ () C:\Users\vladimirk\AppData\Roaming\Camdata.ini
2016-11-12 18:08 - 2016-11-12 18:08 - 000000408 _____ () C:\Users\vladimirk\AppData\Roaming\CamLayout.ini
2016-11-12 18:08 - 2016-11-12 18:08 - 000000408 _____ () C:\Users\vladimirk\AppData\Roaming\CamShapes.ini
2016-11-12 18:08 - 2016-11-12 18:08 - 000004547 _____ () C:\Users\vladimirk\AppData\Roaming\CamStudio.cfg
2016-11-12 18:04 - 2016-11-12 18:04 - 000000096 _____ () C:\Users\vladimirk\AppData\Roaming\version2.xml
2016-11-01 14:43 - 2016-11-01 17:01 - 000000000 _____ () C:\Users\vladimirk\AppData\Roaming\Vocals
2016-10-17 09:39 - 2016-10-17 09:39 - 000000017 _____ () C:\Users\vladimirk\AppData\Local\resmon.resmoncfg
2016-11-28 12:22 - 2016-11-23 13:19 - 000000570 _____ () C:\Users\vladimirk\AppData\Local\TroubleshooterConfig.json
2018-04-25 09:23 - 2018-04-25 09:23 - 000000000 _____ () C:\Users\vladimirk\AppData\Local\{29443D9F-4572-49D9-9C04-89D488B7A191}
2018-04-17 08:19 - 2018-04-17 08:19 - 000000000 _____ () C:\Users\vladimirk\AppData\Local\{70B5190D-519A-4809-B6E3-903077A913BA}

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2020-10-30 08:15
==================== End of FRST.txt ========================