Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 09-12-2020
Ran by tatulinek (administrator) on MOJKO (Dell Inc. OptiPlex 790) (12-12-2020 11:15:41)
Running from C:\Users\tatulinek\Desktop
Loaded Profiles: tatulinek
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Čeština (Česká republika)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ABBYY Production LLC -> ABBYY Production LLC) C:\Program Files (x86)\ABBYY FineReader 12\NetworkLicenseServer.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Arvato Digital Services Canada Inc -> arvato digital services llc) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Autodesk, Inc -> Autodesk, Inc.) C:\Program Files\Autodesk\Inventor 2019\Moldflow\bin\mitsijm.exe
(Autodesk, Inc. -> Autodesk Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe
(Autodesk, Inc. -> Autodesk) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AcWebBrowser\AcWebBrowser.exe <3>
(Autodesk, Inc. -> Autodesk) C:\Program Files (x86)\Common Files\Autodesk Shared\AdskLicensing\10.1.0.3194\AdskLicensingService\AdskLicensingService.exe
(Autodesk, Inc. -> Autodesk) C:\Users\tatulinek\AppData\Local\Programs\Autodesk\Genuine Service\GenuineService.exe
(Autodesk, Inc. -> Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe
(Autodesk, Inc. -> Autodesk, Inc.) C:\Program Files\Autodesk\Inventor 2020\Moldflow\bin\mitsijm.exe
(Autodesk, Inc. -> Autodesk, Inc.) C:\Program Files\Autodesk\Inventor 2021\Moldflow\bin\mitsijm.exe
(BinarySense Inc -> BinarySense, Inc.) C:\Program Files (x86)\BinarySense\HDDlife 3\HDDlifePro.exe <2>
(BinarySense Inc -> BinarySense, Inc.) C:\Program Files (x86)\Common Files\BinarySense\hldasvc.exe <2>
(CGM) [File not signed] C:\CGMSERVER\bin\core\cgm.servercore.exe
(CompuGroup Medical Česká republika s.r.o. -> ) [File not signed] C:\AMICUS\server\cgm.amisrv.exe
(CompuGroup Medical Česká republika s.r.o. -> Microsoft) C:\CGMSERVER\bin\ebooking-1\cgm.ebooking-1.exe
(CompuGroup Medical Česká republika s.r.o. -> PostgreSQL Global Development Group) [File not signed] C:\CGMSERVER\bin\pgsql\bin\pg_ctl.exe
(CompuGROUP Medical Česká republika s.r.o. -> PostgreSQL Global Development Group) [File not signed] C:\CGMSERVER\bin\pgsql\bin\postgres.exe <10>
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(FileOpen Systems Inc. -> FileOpen Systems Inc.) C:\Program Files\FileOpen\Services\FileOpenBroker64.exe
(FileOpen Systems Inc. -> FileOpen Systems Inc.) C:\Program Files\FileOpen\Services\FileOpenManagerService64.exe
(Flexera Software LLC -> Flexera Software LLC) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
(Flexera Software LLC -> Flexera) C:\Program Files (x86)\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe
(Fortinet Inc.) [File not signed] C:\Program Files (x86)\Fortinet\FortiClient\FCDBLog.exe
(Fortinet Inc.) [File not signed] C:\Program Files (x86)\Fortinet\FortiClient\FCHelper64.exe
(Fortinet Inc.) [File not signed] C:\Program Files (x86)\Fortinet\FortiClient\FortiESNAC.exe
(Fortinet Inc.) [File not signed] C:\Program Files (x86)\Fortinet\FortiClient\scheduler.exe
(Fortinet Technologies (Canada) Inc. -> Fortinet Inc.) C:\Program Files (x86)\Fortinet\FortiClient\FortiSSLVPNdaemon.exe
(Fortinet Technologies (Canada) Inc. -> Fortinet Inc.) C:\Program Files (x86)\Fortinet\FortiClient\FortiTray.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <36>
(HCS GmbH) [File not signed] C:\CGMSERVER\bin\medical-net\MedConnect.ServiceManager\HCS.MedConnect.ServiceManager.exe
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Intel® Identity Protection Technology Software -> Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(OORT inc. -> oh!soft) C:\Program Files (x86)\oCam\oCamTask.exe
(Oracle America, Inc. -> Oracle Corporation) C:\CGMSERVER\jre\bin\java.exe
(SafeNet, Inc. -> SafeNet Inc.) C:\Windows\System32\hasplms.exe
(SMART Technologies ULC -> SMART Technologies) C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\SMARTHelperService.exe
(Synology Inc. -> ) [File not signed] C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe
(UPEK Inc. -> UPEK Inc.) C:\Program Files\Common Files\SPBA\upeksvr.exe
(Wave Systems Corp. -> Wave Systems Corp.) C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmService.exe
(Wave Systems Corp.) [File not signed] C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Authentication Manager\WaveAMService.exe
(Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
(Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.4.3.237\WsAppService.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [FileOpenBroker] => C:\Program Files\FileOpen\Services\FileOpenBroker64.exe [1092528 2012-10-17] (FileOpen Systems Inc. -> FileOpen Systems Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-01-07] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3325520 2020-05-05] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [175504 2020-10-26] (ESET, spol. s r.o. -> ESET)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Autodesk Desktop App] => C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [664872 2020-03-04] (Autodesk, Inc. -> Autodesk, Inc.)
HKLM-x32\...\Run: [DriveUtilitiesHelper] => C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe [2311840 2019-10-14] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [Autodesk Genuine Service ] => C:\Users\tatulinek\AppData\Local\Programs\Autodesk\Genuine Service\GenuineService.exe [1077864 2020-01-02] (Autodesk, Inc. -> Autodesk)
HKU\S-1-5-21-3053704680-1182070124-146156013-1000\...\Policies\Explorer: [] 
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\Windows\system32\AdobePDF.dll [55432 2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc)
HKLM\...\Print\Monitors\SMART Local Port: C:\Windows\system32\smrtlocalmon.dll [38336 2019-06-14] (SMART Technologies ULC -> SMART Technologies ULC)
HKLM\...\Print\Monitors\Software602 XPS port monitor: C:\Windows\system32\602localmon.dll [36864 2015-07-14] (Windows (R) Win 7 DDK provider) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\87.0.4280.88\Installer\chrmstp.exe [2020-12-03] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll [2020-05-04] (Adobe Inc. -> Adobe Systems, Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{18CBEEAA-6708-41A1-9379-D08915333CF2}] -> C:\Program Files\Common Files\SPBA\provider.dll [2010-09-15] (UPEK Inc. -> UPEK Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
HKLM\Software\...\Authentication\Credential Provider Filters: [{AE583D93-8D1B-424F-9858-5623FB7824EE}] -> C:\Program Files\Common Files\SPBA\provider.dll [2010-09-15] (UPEK Inc. -> UPEK Inc.)
Startup: C:\Users\tatulinek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HDDlife.lnk [2020-12-12]
ShortcutTarget: HDDlife.lnk -> C:\Program Files (x86)\BinarySense\HDDlife 3\HDDlifePro.exe (BinarySense Inc -> BinarySense, Inc.)
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {12B557BC-0136-40BA-8AA4-0BC634AF0079} - System32\Tasks\WD Device Agent Task tatulinek => C:\Users\tatulinek\AppData\Roaming\WD Discovery\plugins\com.wdc.plugin.catalog\current\library\WD Device Agent.exe [720432 2019-09-26] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
Task: {139D3252-A6D5-4873-A8D7-B5B95EDAA80E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {16ED2C4D-87CF-41BA-80E4-2C8630D6E3C3} - System32\Tasks\BlockchainResearchToolsSvc => C:\Program Files (x86)\BRTSvc\BRTSvc.exe <==== ATTENTION
Task: {322E343E-A696-45D8-98CD-5AC843443243} - System32\Tasks\WD Discovery Service Task tatulinek => C:\Program Files (x86)\Western Digital\Discovery\Current\Service\WDDiscoveryService.exe [75504 2019-11-11] (Western Digital Technologies, Inc. -> )
Task: {4264C43F-DDB3-4CAF-9E4B-DDF884DD18C3} - System32\Tasks\{F0146D5F-E288-4CB1-88BD-6595A2D45DA3} => "c:\program files (x86)\google\chrome\application\chrome.exe" http://ui.skype.com/ui/0/7.3.0.101/cs/abandoninstall?page=tsProgressBar
Task: {4BC38907-EE46-4106-A7E6-E2C73B238D73} - System32\Tasks\{09FEF479-A5D4-4342-9FE8-F25AF91A24BE} => C:\Windows\system32\pcalua.exe -a "C:\_IJJ\Powewr DVD\PowerDVD 13.0.2720.57 Ultra cz.exe" -d "C:\_IJJ\Powewr DVD"
Task: {5AB82C5E-6FED-4F88-AB8F-FA1D91D3EA8B} - System32\Tasks\{EFCEAD15-C6BA-43FE-9DDA-D18E566F822F} => "c:\program files (x86)\google\chrome\application\chrome.exe" http://ui.skype.com/ui/0/6.22.0.107/cs/abandoninstall?page=tsProgressBar
Task: {5F34AB2A-A78B-4680-A4FC-BC8FA8EF5A83} - System32\Tasks\{D3087791-3B74-4584-B6B2-3C721CC8E90B} => "c:\program files (x86)\google\chrome\application\chrome.exe" http://ui.skype.com/ui/0/7.3.0.101/cs/abandoninstall?page=tsProgressBar
Task: {5F969BC6-F60A-403B-9598-0D93A2A2DF06} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-08] (Adobe Inc. -> Adobe)
Task: {68107D6C-D7E5-4784-A933-33562959C5DE} - System32\Tasks\{289BC3F8-39FC-420E-8C8C-157D8ED4F8C3} => C:\Windows\system32\pcalua.exe -a "C:\Users\tatulinek\Downloads\p7vSetup (1).exe" -d C:\Users\tatulinek\Downloads
Task: {75411CE4-FEB1-49D5-877D-DC9B204BA9AA} - System32\Tasks\UMonitor Task => C:\Windows\SysWOW64\UMonit64.exe
Task: {77A6DB2B-AFA0-4ADE-9A3A-36F5FDDDD151} - System32\Tasks\AdobeAAMUpdater-1.0-mojko-tatulinek => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-01-07] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {7A93D043-DA61-4AE7-8502-95E7D658D18A} - System32\Tasks\{B7AC9EDA-04A0-44DC-B467-AE0B08F90951} => C:\Windows\system32\pcalua.exe -a "J:\_\_HOLECEK\Lost Folders\DIR125\Sbírky úloh\Vyukove_materialy.exe" -d "J:\_\_HOLECEK\Lost Folders\DIR125\Sbírky úloh"
Task: {7DC0DFE0-F047-4951-B0F5-F06545C95A5E} - System32\Tasks\oCamTask => C:\Program Files (x86)\oCam\oCamTask.exe [148816 2019-09-06] (OORT inc. -> oh!soft)
Task: {848301AD-D881-4B65-9B72-403AC663F719} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1741416 2020-09-17] (Avast Software s.r.o. -> Avast Software)
Task: {88EC0619-3430-48A2-A4D8-65AD1C2431F3} - System32\Tasks\BlockchainResearchTools => C:\Program Files (x86)\BRTSvc\BRTSvc.exe <==== ATTENTION
Task: {920CAC35-FDF7-4C46-AEF0-8B8A1D1DEDA5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-29] (Google Inc -> Google Inc.)
Task: {9276E868-15C7-44FB-9E55-A724D55D17F2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-29] (Google Inc -> Google Inc.)
Task: {93DAFAA8-E1C4-4CF8-82C2-A36FED5393BD} - System32\Tasks\Intel\Intel Telemetry 2 => C:\Program Files\Intel\Telemetry 2.0\lrio.exe [1741576 2016-03-17] (Intel(R) Software -> Intel Corporation)
Task: {A1E986AE-6B12-4DD0-B708-06B01086D0B8} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {A9641E58-7582-44CB-9211-7FA8C93FD4A5} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => "C:\Windows\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\task.vbs"
Task: {B05022D8-4FB2-49E2-A35F-0D7C387648D1} - System32\Tasks\{E875264D-9FE1-43AA-8E85-53BEE662A99B} => C:\Windows\system32\pcalua.exe -a "C:\Users\tatulinek\Downloads\chromeinstall-8u25 (6).exe" -d C:\Users\tatulinek\Downloads
Task: {BA0BEB20-D910-4D71-BA17-BD5317E9C5EA} - System32\Tasks\{6D1631FF-B144-4774-A3A3-7C326FF253B4} => "c:\users\tatulinek\appdata\local\google\chrome\application\chrome.exe" http://ui.skype.com/ui/0/5.10.0.116/cs/abandoninstall?source=lightinstaller&page=tsMain
Task: {BA20F728-7CB8-45DA-9CF2-E73E67BB1A58} - System32\Tasks\G2MUploadTask-S-1-5-21-3053704680-1182070124-146156013-1000 => C:\Users\tatulinek\AppData\Local\GoToMeeting\18962\g2mupload.exe [31320 2020-10-22] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {BF78B29A-C07C-43A0-ADC6-301134357645} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {C7136F49-EA7C-4C73-B41B-F213553295CC} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [123600 2020-11-21] (Mozilla Corporation -> Mozilla Foundation)
Task: {D4E1F5BE-4F98-4E2D-AC2A-39B27EFF2F3C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1349200 2020-11-03] (Adobe Inc. -> Adobe Inc.)
Task: {D5201392-6252-452B-84E0-2D2075F74E3A} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [3683824 2015-05-06] (Nero AG -> Nero AG)
Task: {D79C1F0D-A56C-4DE8-A60F-BFC0EEE5A56A} - System32\Tasks\{D54530BF-7706-47DC-A150-CF00BBD84F91} => C:\Windows\system32\pcalua.exe -a "J:\_\_HOLECEK\Lost Folders\DIR125\Sbírky úloh\Sbirka_prikladu_a_testu.exe" -d "J:\_\_HOLECEK\Lost Folders\DIR125\Sbírky úloh"
Task: {D98119C4-E359-404F-B2AB-8CB2B6C733BC} - System32\Tasks\G2MUpdateTask-S-1-5-21-3053704680-1182070124-146156013-1000 => C:\Users\tatulinek\AppData\Local\GoToMeeting\18962\g2mupdate.exe [31320 2020-10-22] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {DAD5DABF-F7B8-4963-BF55-FFB37EF566FB} - System32\Tasks\CorelUpdateHelperTaskCore => C:\Program Files (x86)\Corel\CUH\v2\CUH.exe [3583264 2020-06-03] (Corel Corporation -> Corel Corporation)
Task: {E89788F6-DAF4-4B09-956B-4CE8BC22D07E} - System32\Tasks\{304E60D6-5BCC-4F09-B3C8-F43EFA00D5F5} => "c:\users\tatulinek\appdata\local\google\chrome\application\chrome.exe" http://ui.skype.com/ui/0/6.1.0.129.272/cs/abandoninstall?page=tsProgressBar
Task: {EB3FC03A-61F1-4B20-8227-5768B922FC0A} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3325520 2020-05-05] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {F4F6D8DF-2E7F-4BC0-9751-63F25B071B7D} - System32\Tasks\{46768762-4592-44D3-973E-775429CF486B} => C:\Windows\system32\pcalua.exe -a "D:\Sys\SW\Hry\Strilecky a bomby\Moorhuhn apod\Moorhuhn2\moorhuhn2.exe" -d "D:\Sys\SW\Hry\Strilecky a bomby\Moorhuhn apod\Moorhuhn2"
Task: {F5862CB3-3170-4FAF-AD28-7078E9B4D6A6} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_465_pepper.exe [1499704 2020-12-08] (Adobe Inc. -> Adobe)
Task: {F898F09C-4E27-4AFC-A325-8F5CC5E9A0BF} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-3053704680-1182070124-146156013-1000.job => C:\Users\tatulinek\AppData\Local\GoToMeeting\18962\g2mupdate.exe
Task: C:\Windows\Tasks\G2MUploadTask-S-1-5-21-3053704680-1182070124-146156013-1000.job => C:\Users\tatulinek\AppData\Local\GoToMeeting\18962\g2mupload.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280 2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280 2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5-x64 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968 2011-08-30] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880 2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5-x64 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880 2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.254
Tcpip\..\Interfaces\{91DE08B8-B7F6-48C3-9AB5-DCEB3044AA7D}: [DhcpNameServer] 192.168.2.254

FireFox:
========
FF DefaultProfile: mr66dfm9.default
FF ProfilePath: C:\Users\tatulinek\AppData\Roaming\Mozilla\Firefox\Profiles\mr66dfm9.default [2020-12-12]
FF Homepage: Mozilla\Firefox\Profiles\mr66dfm9.default -> hxxps://www.google.cz/?gws_rd=ssl|hxxps://www.seznam.cz/
FF Extension: (Gmail S/MIME) - C:\Users\tatulinek\AppData\Roaming\Mozilla\Firefox\Profiles\mr66dfm9.default\Extensions\{4c197c8f-a50f-4b49-a2d2-ed922c95612f}.xpi [2016-05-01] [Legacy]
FF Extension: (Video DownloadHelper) - C:\Users\tatulinek\AppData\Roaming\Mozilla\Firefox\Profiles\mr66dfm9.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2020-03-31]
FF Extension: (Easy YouTube Video Downloader) - C:\Users\tatulinek\AppData\Roaming\Mozilla\Firefox\Profiles\mr66dfm9.default\Extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi [2013-07-25] [Legacy] [not signed]
FF Extension: (Skype) - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2016-05-25] [Legacy]
FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2017-11-01]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: @java.com/DTPlugin,version=10.9.2 -> C:\Windows\system32\npDeployJava1.dll [2012-12-08] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-08-06] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @FortinetCacheClean -> C:\Program Files (x86)\Fortinet\FortiClient\npccplugin.dll [2016-11-10] (Fortinet Inc.) [File not signed]
FF Plugin-x32: @FortinetCacheCleanEx -> C:\Program Files (x86)\Fortinet\FortiClient\npccpluginex.dll [2016-11-10] (Fortinet Inc.) [File not signed]
FF Plugin-x32: @FortinetTunnelControl -> C:\Program Files (x86)\Fortinet\FortiClient\nptcplugin.dll [2016-11-10] (Fortinet Inc.) [File not signed]
FF Plugin-x32: @java.com/DTPlugin,version=11.161.2 -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\dtplugin\npDeployJava1.dll [2018-01-23] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.161.2 -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\plugin2\npjp2.dll [2018-01-23] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-12-17] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2015-04-10] (Nero AG -> Nero AG)
FF Plugin-x32: @software602.cz/602XML Filler -> C:\Program Files (x86)\Software602\602XML\Filler\npfiller.dll [2012-08-06] (Software602 a.s. -> Software602 a.s.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2012-12-13] (VideoLAN) [File not signed]
FF Plugin-x32: @wolfram.com/Mathematica -> C:\Program Files (x86)\Common Files\Wolfram Research\Browser\9.0.1.4055459\npmathplugin.dll [2013-01-24] (Wolfram Research, Inc. -> Wolfram Research, Inc.)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2017-11-01] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-12-07] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-08-06] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin HKU\S-1-5-21-3053704680-1182070124-146156013-1000: LWA64Plugin15.8 -> C:\Users\tatulinek\AppData\Local\Microsoft\LWAPlugin\15.8.20018.735\npLWAPlugin15.8-x64.dll [2015-02-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin HKU\S-1-5-21-3053704680-1182070124-146156013-1000: LWAPlugin15.8 -> C:\Users\tatulinek\AppData\Local\Microsoft\LWAPlugin\15.8.20018.735\npLWAPlugin15.8.dll [2015-02-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Users\tatulinek\AppData\Roaming\mozilla\plugins\npatgpc.dll [2020-04-22]
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\eset_security_config_overlay.js [2020-12-12]

Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\tatulinek\AppData\Local\Google\Chrome\User Data\Default [2020-12-12]
CHR DownloadDir: D:\Downloadssss
CHR Notifications: Default -> hxxps://drive.google.com; hxxps://plus.google.com; hxxps://www.milujemefotografii.cz
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\tatulinek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-04]
CHR Extension: (Chrome Media Router) - C:\Users\tatulinek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-11-21]
CHR HKU\S-1-5-21-3053704680-1182070124-146156013-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [dhdgffkkebhmkfjojejmpbldmpobfkfo]
CHR HKU\S-1-5-21-3053704680-1182070124-146156013-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2017-11-01]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [pkijdmeepjhpenmighhaodgfoogncnlk] - C:\Program Files (x86)\Offline Explorer Pro\mpoe.crx [2014-01-29]
StartMenuInternet: Google Chrome.AHSBODP63WOPXUKKLDWU6FOYAA - C:\Users\tatulinek\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 602XML Updater; C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [85344 2011-10-10] (Software602 a.s. -> Software602 a.s.)
R2 ABBYY.Licensing.FineReader.Professional.12.0; C:\Program Files (x86)\ABBYY FineReader 12\NetworkLicenseServer.exe [961744 2014-07-13] (ABBYY Production LLC -> ABBYY Production LLC)
S4 ABBYY.Licensing.FineReader.Professional.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe [759072 2008-10-27] (ABBYY Software House -> ABBYY (BIT Software))
S4 AcrSch2Svc; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [1276216 2016-09-13] (Acronis International GmbH -> )
R2 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1046904 2020-03-04] (Autodesk, Inc. -> Autodesk Inc.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [170056 2020-11-03] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-08] (Adobe Inc. -> Adobe)
R2 AdskLicensingService; C:\Program Files (x86)\Common Files\Autodesk Shared\AdskLicensing\Current\AdskLicensingService\AdskLicensingService.exe [16930616 2019-12-18] (Autodesk, Inc. -> Autodesk)
S4 afcdpsrv; C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [6086232 2017-01-19] (Acronis International GmbH -> )
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3673680 2020-05-05] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3406416 2020-05-05] (Adobe Inc. -> Adobe Systems, Incorporated)
S4 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1364096 2016-05-25] (Skype Software Sarl -> Microsoft Corporation)
S4 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1687680 2016-05-25] (Skype Software Sarl -> Microsoft Corporation)
R2 CGM.AMISRV; C:\AMICUS\server\cgm.amisrv.exe [26720 2017-06-09] (CompuGroup Medical Česká republika s.r.o. -> ) [File not signed]
R2 cgm.ebooking-1; C:\CGMSERVER\bin\ebooking-1\cgm.ebooking-1.exe [36704 2018-03-21] (CompuGroup Medical Česká republika s.r.o. -> Microsoft)
S4 cgm.ecommunication-1; C:\CGMSERVER\bin\ecommunication-1\cgm.ecommunication-1.exe [88328 2018-01-16] (CompuGroup Medical Česká republika s.r.o. -> CompuGroup Medical Česká republika s.r.o.)
S4 cgm.etrzby-1; C:\CGMSERVER\bin\etrzby-1\cgm.etrzby-1.exe [22112 2017-07-26] (CompuGroup Medical Česká republika s.r.o. -> CompuGroup Medical Česká republika s.r.o.) [File not signed]
R2 cgm.servercore; C:\CGMSERVER\bin\core\cgm.servercore.exe [51200 2016-12-15] (CGM) [File not signed]
S4 CyberLink PowerDVD 13 Media Server Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD13\Kernel\DMS\CLMSMonitorServicePDVD13.exe [77576 2013-03-20] (CyberLink Corp. -> CyberLink)
S4 CyberLink PowerDVD 13 Media Server Service; C:\Program Files (x86)\CyberLink\PowerDVD13\Kernel\DMS\CLMSServerPDVD13.exe [323336 2013-03-20] (CyberLink Corp. -> CyberLink)
S4 dlpsrv; C:\Program Files\DESlock+\dlpsrv.exe [1549504 2018-04-30] (DESlock Limited -> DESlock Limited.)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2595360 2020-10-26] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [2595360 2020-10-26] (ESET, spol. s r.o. -> ESET)
R2 FA_Scheduler; C:\Program Files (x86)\Fortinet\FortiClient\scheduler.exe [114194 2016-11-10] (Fortinet Inc.) [File not signed]
R2 FileOpenManagerService; C:\Program Files\FileOpen\Services\FileOpenManagerService64.exe [335288 2012-10-17] (FileOpen Systems Inc. -> FileOpen Systems Inc.)
R2 hasplms; C:\Windows\system32\hasplms.exe [4180576 2010-09-27] (SafeNet, Inc. -> SafeNet Inc.)
S3 HCS.MedConnect.Service; C:\CGMSERVER\bin\medical-net\MedConnect\HCS.MedConnect.Service.exe [46080 2016-11-03] (HCS GmbH) [File not signed]
R2 HCS.MEDCONNECT.SERVICEMANAGER; C:\CGMSERVER\bin\medical-net\MedConnect.ServiceManager\HCS.MedConnect.ServiceManager.exe [91648 2016-11-03] (HCS GmbH) [File not signed]
R2 HDDlife HDD Access service; C:\Program Files (x86)\Common Files\BinarySense\hldasvc.exe [820472 2007-12-13] (BinarySense Inc -> BinarySense, Inc.)
R2 mitsijm2018; C:\Program Files\Autodesk\Inventor 2019\Moldflow\bin\mitsijm.exe [967664 2016-09-26] (Autodesk, Inc -> Autodesk, Inc.)
R2 mitsijm2020; C:\Program Files\Autodesk\Inventor 2020\Moldflow\bin\mitsijm.exe [844088 2019-01-31] (Autodesk, Inc. -> Autodesk, Inc.)
R2 mitsijm2021; C:\Program Files\Autodesk\Inventor 2021\Moldflow\bin\mitsijm.exe [844088 2019-12-04] (Autodesk, Inc. -> Autodesk, Inc.)
S4 mmsminisrv; C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe [4692840 2016-08-15] (Acronis International GmbH -> Acronis International GmbH)
S4 mobile_backup_server; C:\Program Files (x86)\Common Files\Acronis\MobileBackupServer\mobile_backup_server.exe [7717528 2016-07-18] (Acronis International GmbH -> Acronis International GmbH)
S4 mobile_backup_status_server; C:\Program Files (x86)\Acronis\TrueImageHome\mobile_backup_status_server.exe [1510712 2016-09-13] (Acronis International GmbH -> )
R2 PSI_SVC_2; C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [277360 2014-04-30] (Arvato Digital Services Canada Inc -> arvato digital services llc)
S4 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [336824 2010-11-30] (Arvato Digital Services Canada Inc -> arvato digital services llc)
R2 RapiMgr; C:\Windows\WindowsMobile\rapimgr.dll [225672 2007-05-31] (Microsoft Corporation -> Microsoft Corporation)
R2 SMARTHelperService; C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\SMARTHelperService.exe [632768 2019-05-14] (SMART Technologies ULC -> SMART Technologies)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
S4 syncagentsrv; C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [9729272 2016-08-11] (Acronis International GmbH -> )
R2 UsbClientService; C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe [248736 2015-05-11] (Synology Inc. -> ) [File not signed]
R2 Wave Authentication Manager Service; C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Authentication Manager\WaveAMService.exe [1600000 2011-07-01] (Wave Systems Corp.) [File not signed]
R2 WcesComm; C:\Windows\WindowsMobile\wcescomm.dll [443784 2007-05-31] (Microsoft Corporation -> Microsoft Corporation)
S2 WDBackup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [1042808 2014-12-02] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [366720 2019-10-14] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
R2 wlidsvc; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2286976 2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.237\WsAppService.exe [495720 2018-07-04] (Wondershare Technology Co.,Ltd -> Wondershare)
S2 WsDrvInst; C:\Program Files (x86)\Wondershare\dr.fone\Library\DriverInstaller\DriverInstall.exe [120016 2018-07-04] (Wondershare Technology Co.,Ltd -> Wondershare)
R2 cgm.postgres; C:/CGMSERVER/bin/pgsql/bin/pg_ctl.exe runservice -N "cgm.postgres" -D "C:/CGMSERVER/data/pgsql" [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aksdf; C:\Windows\system32\drivers\aksdf.sys [75648 2010-07-27] (Microsoft Windows Hardware Compatibility Publisher -> SafeNet Inc.)
R2 aksfridge; C:\Windows\system32\drivers\aksfridge.sys [131072 2010-09-27] (Microsoft Windows Hardware Compatibility Publisher -> SafeNet Inc.)
R3 busenum; C:\Windows\System32\DRIVERS\busenum.sys [55776 2012-08-03] (Synology Inc. -> Windows (R) Win 7 DDK provider)
S3 cmnxusbser; C:\Windows\System32\DRIVERS\cmnxusbser.sys [146424 2015-11-24] (西安博汇电子科技有限公司 -> Wireless Data Device)
R0 DLMFENC; C:\Windows\System32\DRIVERS\DLMFENC.sys [174152 2018-04-30] (DESlock Limited -> DESlock Ltd.)
R0 DlpACFlt; C:\Windows\System32\DRIVERS\DlpACFlt.sys [32400 2018-04-30] (DESlock Limited -> DESlock Ltd.)
R0 DLPCRYPT; C:\Windows\System32\DRIVERS\dlpcrypt.sys [110944 2018-04-30] (DESlock Limited -> DESlock Ltd.)
R0 dlpfde; C:\Windows\System32\Drivers\dlpfde.sys [329800 2018-04-30] (DESlock Limited -> DESlock Ltd.)
R0 dlpvdisk; C:\Windows\System32\DRIVERS\dlpvdisk.sys [95864 2018-04-30] (DESlock Limited -> DESlock Ltd.)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [160992 2020-10-26] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [109360 2020-10-26] (ESET, spol. s r.o. -> ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [190464 2020-10-26] (ESET, spol. s r.o. -> ESET)
R2 ekbdflt; C:\Windows\System32\DRIVERS\ekbdflt.sys [43720 2020-10-26] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\Windows\System32\DRIVERS\epfw.sys [70048 2020-10-26] (ESET, spol. s r.o. -> ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [56152 2020-10-26] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [107784 2020-10-26] (ESET, spol. s r.o. -> ESET)
R0 file_tracker; C:\Windows\System32\DRIVERS\file_tracker.sys [375136 2017-01-19] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH)
S3 fortiapd; C:\Windows\System32\drivers\fortiapd.sys [18000 2016-11-10] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc)
R1 FortiFilter; C:\Windows\System32\DRIVERS\FortiFilter.sys [25312 2014-12-11] (Fortinet Technologies -> Fortinet Inc)
S1 FortiFW; C:\Windows\System32\drivers\FortiFW2.sys [37456 2016-11-10] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc)
S3 Fortips; C:\Windows\System32\drivers\fortips.sys [147536 2016-11-10] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc)
S3 fortisniff; C:\Windows\System32\drivers\fortisniff2.sys [40528 2016-11-10] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc)
R3 ft_vnic; C:\Windows\System32\DRIVERS\ftvnic.sys [16928 2018-10-18] (Fortinet Technologies -> Fortinet Inc.)
S3 GeneStor; C:\Windows\System32\DRIVERS\GeneStor.sys [215608 2016-08-22] (GENESYS LOGIC, INC. -> GenesysLogic)
R2 hardlock; C:\Windows\system32\drivers\hardlock.sys [318464 2009-03-13] (Microsoft Windows Hardware Compatibility Publisher -> Aladdin Knowledge Systems Ltd.)
R3 MarvinBus; C:\Windows\System32\DRIVERS\MarvinBus64.sys [261120 2005-09-23] (Microsoft Windows Hardware Compatibility Publisher -> Pinnacle Systems GmbH)
S3 massfilter_hs; C:\Windows\System32\drivers\massfilter_hs.sys [18456 2011-03-07] (ZTE CORPORATION  -> HandSet Incorporated)
S3 nmwcd; C:\Windows\System32\drivers\ccdcmbx64.sys [19968 2012-01-09] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 nmwcdc; C:\Windows\System32\drivers\ccdcmbox64.sys [27136 2011-08-17] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 pccsmcfd; C:\Windows\System32\DRIVERS\pccsmcfdx64.sys [26112 2012-06-11] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 PinnacleMarvinAVS; C:\Windows\System32\DRIVERS\MarvinAVS64.sys [484736 2007-05-09] (Microsoft Windows Hardware Compatibility Publisher -> Pinnacle a division of Avid Technology, Inc.)
R3 pppop; C:\Windows\System32\DRIVERS\pppop64.sys [54344 2016-03-29] (Fortinet Technologies (Canada) Inc. -> Fortinet Inc.)
R3 SMARTMouseFilterx64; C:\Windows\System32\DRIVERS\SMARTMouseFilterx64.sys [18952 2019-05-14] (Microsoft Windows Hardware Compatibility Publisher -> SMART Technologies)
R3 SMARTVHidMiniVistaAmd64; C:\Windows\System32\DRIVERS\SMARTVHidMiniVistaAmd64.sys [28168 2019-05-14] (Microsoft Windows Hardware Compatibility Publisher -> SMART Technologies)
R0 tib; C:\Windows\System32\DRIVERS\tib.sys [1267544 2017-01-19] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH)
R2 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [212320 2017-01-19] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH)
S3 tnd; C:\Windows\System32\DRIVERS\tnd.sys [687968 2017-01-19] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH)
S3 upperdev; C:\Windows\System32\DRIVERS\usbser_lowerfltx64.sys [9216 2011-08-17] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2019-12-28] (Shenzhen Wondershare Information Technology Co., Ltd. -> Apple, Inc.)
S3 UsbserFilt; C:\Windows\System32\DRIVERS\usbser_lowerfltjx64.sys [9216 2011-08-17] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
R0 VDLPToken2; C:\Windows\System32\DRIVERS\vdlptkn2.sys [126104 2018-04-30] (DESlock Limited -> DESlock Ltd.)
R2 virtual_file; C:\Windows\System32\DRIVERS\virtual_file.sys [331104 2017-01-19] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH)
S3 WDC_SAM; C:\Windows\System32\DRIVERS\wdcsam64_prewin8.sys [31920 2018-02-26] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies)
R1 wdfsconnect2017; C:\Windows\system32\drivers\wdfsconnect2017.sys [468096 2017-11-21] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
R3 wdvpnpbus; C:\Windows\System32\DRIVERS\wdvpnpbus.sys [20608 2017-11-21] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
R2 {09F57980-3432-4AFC-957D-27AC45FAE1F5}; C:\Program Files (x86)\CyberLink\PowerDVD13\Common\NavFilter\000.fcl [130320 2013-03-19] (CyberLink Corp. -> CyberLink Corp.)
U3 aswbdisk; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-12-12 11:15 - 2020-12-12 11:17 - 000041710 _____ C:\Users\tatulinek\Desktop\FRST.txt
2020-12-12 11:15 - 2020-12-12 11:16 - 000000000 ____D C:\FRST
2020-12-12 11:13 - 2020-12-12 11:13 - 002288640 _____ (Farbar) C:\Users\tatulinek\Desktop\FRST64.exe
2020-12-12 11:01 - 2020-12-12 11:01 - 001271618 _____ C:\Users\tatulinek\Documents\cc_20201212_110108.reg
2020-12-12 10:48 - 2020-12-12 10:57 - 000000000 ____D C:\Program Files\AVAST Software
2020-12-08 20:02 - 2020-12-08 20:02 - 005089848 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2020-11-27 23:17 - 2020-12-09 22:31 - 000000000 ____D C:\_data z disku D
2020-11-27 20:41 - 2020-12-08 17:37 - 000008192 _____ C:\Windows\SysWOW64\WDPABKP.dat
2020-11-22 21:29 - 2020-11-22 21:29 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2020-11-21 21:04 - 2020-11-23 08:19 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2020-11-20 09:02 - 2020-11-20 09:02 - 000000000 ____D C:\Users\tatulinek\Documents\AutoCAD Sady listů
2020-11-18 09:30 - 2020-11-18 09:30 - 000000000 ____D C:\Users\tatulinek\AppData\Roaming\Zoom
2020-11-12 18:34 - 2020-11-12 18:34 - 000001945 _____ C:\Users\Public\Desktop\ESET Ochrana bankovnictví a online plateb.lnk
2020-11-12 18:34 - 2020-11-12 18:34 - 000001945 _____ C:\ProgramData\Desktop\ESET Ochrana bankovnictví a online plateb.lnk
2020-11-12 18:31 - 2020-11-12 18:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2020-11-12 18:31 - 2020-11-12 18:31 - 000000000 ____D C:\ProgramData\ESET
2020-11-12 18:31 - 2020-11-12 18:31 - 000000000 ____D C:\Program Files\ESET

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-12-12 11:02 - 2019-03-17 20:31 - 000000000 ____D C:\Temp
2020-12-12 11:02 - 2009-07-14 05:45 - 000038560 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2020-12-12 11:02 - 2009-07-14 05:45 - 000038560 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2020-12-12 10:59 - 2018-02-24 11:58 - 000000000 ____D C:\Users\tatulinek\AppData\Roaming\TeamViewer
2020-12-12 10:58 - 2014-07-24 15:40 - 000000000 ____D C:\Users\tatulinek\AppData\Roaming\TS3Client
2020-12-12 10:57 - 2019-01-09 21:31 - 000000000 ____D C:\ProgramData\AVAST Software
2020-12-12 10:55 - 2014-11-17 21:17 - 000000000 ____D C:\Windows\Minidump
2020-12-12 10:55 - 2012-09-19 21:07 - 000000000 ____D C:\Users\tatulinek\AppData\Local\CrashDumps
2020-12-12 10:55 - 2011-02-15 14:59 - 000000000 ____D C:\Windows\panther
2020-12-12 10:55 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2020-12-12 10:38 - 2020-03-26 09:00 - 000000562 _____ C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-3053704680-1182070124-146156013-1000.job
2020-12-12 10:38 - 2012-10-11 22:49 - 000000000 ____D C:\ProgramData\Autodesk
2020-12-12 10:14 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\tracing
2020-12-12 10:10 - 2013-02-15 20:04 - 000065536 _____ C:\Windows\system32\Ikeext.etl
2020-12-12 10:10 - 2011-11-16 23:02 - 000000000 ____D C:\ProgramData\Temp
2020-12-12 10:09 - 2019-01-11 18:45 - 000000000 ____D C:\ProgramData\NVIDIA
2020-12-12 10:09 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-12-11 23:30 - 2020-03-26 09:00 - 000000658 _____ C:\Windows\Tasks\G2MUploadTask-S-1-5-21-3053704680-1182070124-146156013-1000.job
2020-12-11 22:02 - 2016-12-09 04:43 - 000000000 ____D C:\Users\tatulinek\AppData\LocalLow\Mozilla
2020-12-11 15:30 - 2012-09-06 20:43 - 000000000 ____D C:\Users\tatulinek\AppData\Local\Deployment
2020-12-11 15:00 - 2020-10-18 13:23 - 000000000 ____D C:\fffffffffff
2020-12-11 13:17 - 2014-06-19 20:56 - 000000000 ____D C:\Users\tatulinek\AppData\Local\Adobe
2020-12-10 21:40 - 2016-09-17 19:43 - 000000000 ____D C:\ProgramData\boost_interprocess
2020-12-10 20:24 - 2019-10-03 23:42 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2020-12-10 20:24 - 2019-10-03 23:42 - 000000000 ___HD C:\ProgramData\Documents\AdobeGCData
2020-12-09 22:57 - 2015-11-11 21:16 - 000002061 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-12-09 00:58 - 2013-04-13 15:50 - 000000000 ____D C:\Users\tatulinek\AppData\Roaming\vlc
2020-12-08 20:02 - 2020-09-05 20:30 - 000842296 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe
2020-12-08 20:02 - 2020-09-05 20:30 - 000175160 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2020-12-08 20:02 - 2020-09-05 20:30 - 000004500 _____ C:\Windows\system32\Tasks\Adobe Flash Player PPAPI Notifier
2020-12-08 20:02 - 2020-09-05 20:30 - 000004366 _____ C:\Windows\system32\Tasks\Adobe Flash Player Updater
2020-12-08 20:02 - 2012-08-27 20:45 - 000000000 ____D C:\Windows\system32\Macromed
2020-12-08 20:02 - 2011-11-16 22:40 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2020-12-07 21:18 - 2012-08-31 19:16 - 000000000 ____D C:\_IJJ
2020-12-06 15:17 - 2012-12-06 20:59 - 000000000 ____D C:\Users\tatulinek\Documents\Soubory aplikace Outlook
2020-12-04 16:12 - 2014-06-16 10:33 - 000003386 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2020-12-04 16:12 - 2014-06-16 10:33 - 000003258 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2020-12-03 00:36 - 2014-06-16 10:34 - 000002226 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-12-02 18:04 - 2019-01-05 18:15 - 000000000 ___HD C:\_WIN
2020-11-30 21:07 - 2018-05-21 15:22 - 000002300 ____H C:\Users\tatulinek\Documents\Default.rdp
2020-11-27 15:55 - 2010-11-21 10:27 - 000668866 _____ C:\Windows\system32\perfh005.dat
2020-11-27 15:55 - 2010-11-21 10:27 - 000141526 _____ C:\Windows\system32\perfc005.dat
2020-11-27 15:55 - 2009-07-14 06:13 - 001584554 _____ C:\Windows\system32\PerfStringBackup.INI
2020-11-27 14:51 - 2009-07-14 06:08 - 000032538 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2020-11-24 14:40 - 2014-12-23 22:54 - 000004476 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2020-11-23 08:19 - 2012-08-25 11:04 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-11-19 00:10 - 2012-11-10 00:08 - 000000000 ____D C:\Users\tatulinek\AppData\Local\Autodesk,_Inc
2020-11-18 23:57 - 2012-11-09 22:59 - 000000000 ____D C:\Users\tatulinek\Documents\Inventor
2020-11-14 19:00 - 2016-03-07 23:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2020-11-13 01:52 - 2018-01-15 23:04 - 000000000 ____D C:\Program Files (x86)\BRTSvc
2020-11-12 18:32 - 2012-08-25 11:32 - 000000000 ____D C:\Users\tatulinek\AppData\Local\ESET
2020-11-12 14:29 - 2017-05-16 19:42 - 000000000 ____D C:\Autodesk
2020-11-12 07:53 - 2012-08-25 10:17 - 000264664 _____ C:\Users\tatulinek\AppData\Local\GDIPFONTCACHEV1.DAT

==================== Files in the root of some directories ========

2013-11-01 00:11 - 2013-11-01 00:15 - 000000100 _____ () C:\Users\tatulinek\AppData\Roaming\Camdata.ini
2013-11-01 00:11 - 2013-11-01 00:15 - 000000408 _____ () C:\Users\tatulinek\AppData\Roaming\CamLayout.ini
2013-11-01 00:11 - 2013-11-01 00:15 - 000000408 _____ () C:\Users\tatulinek\AppData\Roaming\CamShapes.ini
2013-10-31 23:45 - 2013-11-01 00:15 - 000004519 _____ () C:\Users\tatulinek\AppData\Roaming\CamStudio.cfg
2014-02-11 21:30 - 2014-02-11 21:55 - 000060265 _____ () C:\Users\tatulinek\AppData\Roaming\Hodnoty oddělené čárkami (Windows).ADR
2013-02-01 18:19 - 2020-03-09 11:38 - 000009585 _____ () C:\Users\tatulinek\AppData\Roaming\MOJKO.MTBF.txt
2012-08-25 11:01 - 2015-05-08 18:19 - 000000600 _____ () C:\Users\tatulinek\AppData\Roaming\winscp.rnd
2013-02-01 18:20 - 2020-03-09 11:38 - 000000674 _____ () C:\Users\tatulinek\AppData\Roaming\__AvidCloudManager.log
2013-02-01 18:20 - 2019-03-07 00:08 - 000001844 _____ () C:\Users\tatulinek\AppData\Roaming\__AvidCloudManagerPrevious.log
2018-05-19 07:50 - 2018-05-19 07:50 - 055115776 _____ () C:\Users\tatulinek\AppData\Local\AcronisTrueImage2017_8058.exe
2019-02-21 19:33 - 2019-04-17 17:31 - 000004608 _____ () C:\Users\tatulinek\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2018-09-28 07:57 - 2018-09-28 07:57 - 000000000 _____ () C:\Users\tatulinek\AppData\Local\oobelibMkey.log
2014-06-26 15:28 - 2020-02-01 22:58 - 000007666 _____ () C:\Users\tatulinek\AppData\Local\resmon.resmoncfg
2018-10-15 17:46 - 2018-10-15 17:46 - 000000000 _____ () C:\Users\tatulinek\AppData\Local\rx_image32.Cache
2013-11-04 17:27 - 2013-11-04 17:28 - 000001064 _____ () C:\Users\tatulinek\AppData\Local\SRDownloader.nast

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2020-12-03 13:48
==================== End of FRST.txt ========================