Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 05-01-2021
Ran by Martin (administrator) on MARTIN-PC (06-01-2021 10:56:09)
Running from C:\Users\Martin\Desktop
Loaded Profiles: Martin
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Slovenčina (Slovensko)
Default browser: Opera
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Seznam.cz, a.s. -> ) C:\Users\Martin\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
(Seznam.cz, a.s. -> ) C:\Users\Martin\AppData\Roaming\Seznam.cz\bin\szndesktop.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1069296 2018-03-27] (Seznam.cz, a.s. -> )
HKU\S-1-5-21-515885200-768628804-3900138106-1000\...\Run: [Opera Browser Assistant] => C:\Users\Martin\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [3154456 2020-11-25] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-515885200-768628804-3900138106-1000\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Martin\AppData\Roaming\Seznam.cz\szninstall.exe [1069296 2018-03-27] (Seznam.cz, a.s. -> )
HKU\S-1-5-21-515885200-768628804-3900138106-1000\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Martin\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [109808 2018-03-27] (Seznam.cz, a.s. -> )
HKU\S-1-5-21-515885200-768628804-3900138106-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
BootExecute: autocheck autochk * sdnclean64.exe
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {21D966D7-4B33-40BE-8582-0A08D8FEF066} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {2990E96C-8B06-42BE-AD4D-55D150BA7F10} - System32\Tasks\HardDiskSentinel\Hard Disk Sentinel_Martin => F:\1servis\PROGRAMS\Hard Disk Sentinel\HDSentinel.exe
Task: {3BFFBE17-CDFD-4AE4-8309-DEAD81B6E38F} - System32\Tasks\Opera scheduled Autoupdate 1588766768 => C:\Users\Martin\AppData\Local\Programs\Opera\launcher.exe [1583640 2020-12-16] (Opera Software AS -> Opera Software)
Task: {4FCE8287-F99D-421F-A8BB-94F04C6C99A0} - System32\Tasks\Opera scheduled Autoupdate 1477133455 => C:\Program Files (x86)\Opera\launcher.exe
Task: {776464BC-99BD-4D1E-AB41-9CE8D2E4F386} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2016-11-07] (Google Inc -> Google Inc.)
Task: {AD9E773B-3189-4F77-9067-8AB3787B7FB0} - System32\Tasks\Opera scheduled Autoupdate 1497815344 => C:\Program Files (x86)\Opera\launcher.exe
Task: {B63BFCAD-865B-4F42-90A8-A24ABED387A7} - System32\Tasks\Opera scheduled assistant Autoupdate 1588766823 => C:\Users\Martin\AppData\Local\Programs\Opera\launcher.exe [1583640 2020-12-16] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\Martin\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {D037912B-7859-49BC-BFD0-C482F1CF161D} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe
Task: {D685FBD3-3F61-4B51-8098-F5939AE599DB} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\Martin\AppData\Local\Temp\scoped_dir2744_29998\esetonlinescanner_sky.exe <==== ATTENTION
Task: {DA19EA11-F8FD-4C36-9BC5-C92AA6DBE2BE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2016-11-07] (Google Inc -> Google Inc.)
Task: {DE09111B-73DD-4875-876D-C293F20E8F18} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\Martin\AppData\Local\Temp\scoped_dir2744_29998\esetonlinescanner_sky.exe <==== ATTENTION
Task: {F96B2165-AA32-4349-B138-0B738423926C} - System32\Tasks\{F529C778-212F-4A4C-A435-C1F3B293A60A} => C:\Windows\system32\pcalua.exe -a C:\Windows\IsUninst.exe -c -f"d:\Thomb raider 3\Uninst.isu"

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local: [ActivePolicy] SOFTWARE\Policies\Microsoft\Windows\IPSEC\Policy\Local\ipsecPolicy{e8baf6a8-c7f7-43b9-aa58-2a9ac8e1b6e2} <==== ATTENTION (Restriction - IP)
Winsock: Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968 2011-08-30] (Apple Inc. -> Apple Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{0B2F2584-F723-4A83-BF46-B8559A5CFF4A}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{8822FF15-14BC-4210-83C2-B21BB7BFC82D}: [DhcpNameServer] 192.168.0.2 8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{B5844788-BED4-4849-99BF-940E9B612EC4}: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF DefaultProfile: ef26py92.default
FF ProfilePath: C:\Users\Martin\AppData\Roaming\Mozilla\SeaMonkey\Profiles\ii5mfmc2.default [2020-12-31]
FF Homepage: Mozilla\SeaMonkey\Profiles\ii5mfmc2.default -> www.google.com
FF NewTab: Mozilla\SeaMonkey\Profiles\ii5mfmc2.default -> about:newtab
FF Extension: (DOM Inspector) - C:\Users\Martin\AppData\Roaming\Mozilla\SeaMonkey\Profiles\ii5mfmc2.default\Extensions\inspector@mozilla.org [2016-09-22] [Legacy]
FF Extension: (ChatZilla) - C:\Users\Martin\AppData\Roaming\Mozilla\SeaMonkey\Profiles\ii5mfmc2.default\Extensions\{59c81df5-4b7a-477b-912d-4e0fdf64e5f2} [2015-09-30] [Legacy]
FF Extension: (NoScript) - C:\Users\Martin\AppData\Roaming\Mozilla\SeaMonkey\Profiles\ii5mfmc2.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2016-09-23] [Legacy]
FF Extension: (Adblock Plus) - C:\Users\Martin\AppData\Roaming\Mozilla\SeaMonkey\Profiles\ii5mfmc2.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-11-08] [Legacy]
FF Extension: (JavaScript Debugger) - C:\Users\Martin\AppData\Roaming\Mozilla\SeaMonkey\Profiles\ii5mfmc2.default\Extensions\{f13b157f-b174-47e7-a34d-4815ddfdfeb8}.xpi [2016-09-22] [Legacy]
FF ProfilePath: C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\hziuv0tv.default-release-1597237312874 [2020-12-31]
FF ProfilePath: C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\ef26py92.default [2020-12-31]
FF Extension: (MEGA) - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\ef26py92.default\Extensions\firefox@mega.co.nz.xpi [2020-05-01] [UpdateUrl:hxxps://mega.nz/firefox-web-extension-updates.json]
FF Extension: (Seznam doplněk - Esko) - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\ef26py92.default\Extensions\sko-extension@firma.seznam.cz.xpi [2018-12-05]
FF Extension: (Popup Blocker Ultimate) - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\ef26py92.default\Extensions\{60B7679C-BED9-11E5-998D-8526BB8E7F8B}.xpi [2020-03-09]
FF Extension: (Seznam doplněk - Email) - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\ef26py92.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}.xpi [2018-12-05]
FF Extension: (No Name) - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\ef26py92.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [not found]
FF ProfilePath: C:\Users\Martin\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\a8zub8k1.default [2020-12-31]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => not found
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => not found
FF HKU\S-1-5-21-515885200-768628804-3900138106-1000\...\Firefox\Extensions: [acewebextension_unlisted@acestream.org] - C:\Users\Martin\AppData\Roaming\ACEStream\extensions\awe\firefox\acewebextension_unlisted.xpi => not found
FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-04-23] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-04-23] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> D:\Adobe\Reader\AIR\nppdf32.dll [2017-02-17] (Adobe Systems, Incorporated -> Adobe Systems Inc.)

Chrome: 
=======
CHR Profile: C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default [2021-01-03]
CHR Extension: (Dokumenty) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-27]
CHR Extension: (Disk Google) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-10-27]
CHR Extension: (YouTube) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-10-27]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-09-01]
CHR Extension: (Ace Script) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjbepbhonbojpoaenhckjocchgfiaofo [2019-02-01]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-09-01]
CHR Extension: (Gmail) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-09-01]
CHR Extension: (Chrome Media Router) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-09-02]
CHR HKU\S-1-5-21-515885200-768628804-3900138106-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mjbepbhonbojpoaenhckjocchgfiaofo]
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh]

Opera: 
=======
OPR Extension: (AdBlock) - C:\Users\Martin\AppData\Roaming\Opera Software\Opera Stable\Extensions\aobdicepooefnbaeokijohmhjlleamfj [2020-04-28]
OPR Extension: (Rich Hints Agent) - C:\Users\Martin\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2020-10-23]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [83984 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
R2 AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-07-28] (Advanced Micro Devices, Inc.) [File not signed]
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [42096 2016-11-28] (Microsoft Windows Hardware Compatibility Publisher -> Dropbox, Inc.)
S2 MBAMInstallerService; C:\Users\Martin\AppData\Local\Temp\MBAMInstallerService.exe [6716872 2021-01-05] (Malwarebytes Inc -> Malwarebytes) <==== ATTENTION
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Windows -> Microsoft Corporation)
S2 luminati_net_updater_win_hola_org; "C:/Program Files/Hola/app/net_updater64.exe" --updater win_hola.org [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AODDriver4.3; C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27648 2012-04-22] (Microsoft Windows -> Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
R3 athur; C:\Windows\System32\DRIVERS\athurx.sys [1847296 2010-01-05] (Microsoft Windows Hardware Compatibility Publisher -> Atheros Communications, Inc.)
R1 BAPIDRV; C:\Windows\System32\DRIVERS\BAPIDRV64.sys [197240 2017-12-03] (Qihoo 360 Software (Beijing) Company Limited -> 360.cn)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [220160 2021-01-05] (Malwarebytes Inc -> Malwarebytes)
S3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [248968 2021-01-02] (Malwarebytes Inc -> Malwarebytes)
S3 MBAMWebProtection; C:\Windows\System32\DRIVERS\mwac.sys [127088 2021-01-05] (Malwarebytes Inc -> Malwarebytes)
R3 Neo_VPN; C:\Windows\System32\DRIVERS\Neo_0121.sys [38432 2016-09-18] (SoftEther Corporation -> SoftEther Corporation)
S3 RtlWlanu; C:\Windows\System32\DRIVERS\rtwlanu.sys [7947096 2019-01-23] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation)
S1 staport; C:\Windows\System32\Drivers\staport.sys [44568 2021-01-03] (AVAST Software s.r.o. -> )
S3 tap-tb-0901; C:\Windows\System32\DRIVERS\tap-tb-0901.sys [38656 2015-08-10] (TunnelBear, Inc. -> The OpenVPN Project)
S3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
R3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42064 2016-06-28] (AnchorFree Inc -> Anchorfree Inc.)
U5 UnlockerDriver5; D:\Nový priečinok\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] (Empty Loop -> )
S3 WsAudioDevice_383S(1); C:\Windows\System32\drivers\WsAudioDevice_383S(1).sys [29288 2016-10-13] (Wondershare Software Co., Ltd.  -> Wondershare)
U3 aswbdisk; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-01-06 10:54 - 2021-01-06 10:56 - 000033886 _____ C:\Users\Martin\Desktop\Addition.txt
2021-01-06 10:53 - 2021-01-06 10:56 - 000015584 _____ C:\Users\Martin\Desktop\FRST.txt
2021-01-06 10:53 - 2021-01-06 10:56 - 000000000 ____D C:\FRST
2021-01-06 10:50 - 2021-01-06 10:50 - 002282496 _____ (Farbar) C:\Users\Martin\Desktop\FRST64.exe
2021-01-05 11:00 - 2021-01-05 11:00 - 000000000 ____D C:\Program Files (x86)\Seznam.cz
2021-01-05 10:59 - 2021-01-06 10:35 - 000000000 ____D C:\Users\Martin\AppData\Roaming\Seznam.cz
2021-01-05 10:59 - 2021-01-05 11:26 - 000004476 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2021-01-05 10:59 - 2021-01-05 11:10 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-01-05 10:59 - 2021-01-05 10:59 - 000001530 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2021-01-05 10:59 - 2021-01-05 10:59 - 000001530 _____ C:\ProgramData\Desktop\Acrobat Reader DC.lnk
2021-01-05 10:57 - 2021-01-05 10:58 - 062087952 _____ C:\Users\Martin\Downloads\AcroRdrDC1500720033_cs_CZ.exe
2021-01-03 10:48 - 2021-01-03 10:01 - 000585330 _____ C:\Users\Martin\Documents\TDSSKiller.3.1.0.28_03.01.2021_09.56.41_log.txt
2021-01-03 10:08 - 2021-01-04 12:20 - 000000000 ____D C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2021-01-03 10:08 - 2021-01-04 12:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2021-01-03 09:41 - 2021-01-03 09:44 - 000000000 ____D C:\Program Files (x86)\GUM144B.tmp
2020-12-31 15:11 - 2020-12-31 15:12 - 006922240 _____ C:\Program Files (x86)\GUT6C89.tmp
2020-12-31 15:11 - 2020-12-31 15:11 - 000000000 ____D C:\Program Files (x86)\GUM6C78.tmp
2020-12-31 15:09 - 2021-01-03 09:39 - 000044568 _____ () C:\Windows\system32\Drivers\staport.sys
2020-12-31 15:06 - 2020-12-31 15:06 - 000000000 ____D C:\Users\Public\Security Sessions
2020-12-31 14:52 - 2021-01-01 11:39 - 000000000 ____D C:\Program Files\trend micro
2020-12-31 14:49 - 2020-12-31 15:08 - 000000000 ____D C:\Program Files\WinPcap
2020-12-31 14:46 - 2020-12-31 14:46 - 000000000 ____D C:\Users\Martin\AppData\Local\Avira
2020-12-31 12:29 - 2021-01-05 10:17 - 000220160 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2020-12-31 12:29 - 2021-01-05 10:17 - 000127088 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2020-12-31 12:29 - 2021-01-02 13:44 - 000248968 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2020-12-31 12:18 - 2020-12-31 12:18 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-12-30 17:46 - 2020-12-30 17:51 - 000000000 ____D C:\Users\Martin\AppData\LocalLow\nb98wqnehe8bw89hb
2020-12-18 15:35 - 2020-12-18 16:17 - 000000000 ____D C:\Users\Martin\AppData\Local\Maxthon
2020-12-15 12:22 - 2020-12-15 13:25 - 069089254 _____ C:\Users\Martin\Downloads\MOJO - February.pdf
2020-12-14 17:28 - 2020-12-28 13:31 - 000000000 ____D C:\Users\Martin\AppData\Local\vback
2020-12-14 17:28 - 2020-12-14 17:28 - 000000000 ____D C:\Users\Martin\AppData\Roaming\VBox
2020-12-10 14:01 - 2020-12-10 14:21 - 036670946 _____ C:\Users\Martin\Downloads\UNCUT - February.pdf

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-01-06 10:37 - 2009-07-14 05:45 - 000021392 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2021-01-06 10:37 - 2009-07-14 05:45 - 000021392 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2021-01-06 10:35 - 2009-07-14 06:13 - 000785302 _____ C:\Windows\system32\PerfStringBackup.INI
2021-01-06 10:35 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2021-01-06 10:29 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2021-01-05 10:51 - 2020-08-12 14:01 - 000000000 ____D C:\Users\Martin\AppData\Local\CrashDumps
2021-01-05 10:41 - 2014-07-30 18:56 - 000000000 ____D C:\ProgramData\Adobe
2021-01-05 10:10 - 2020-07-30 08:47 - 000000522 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-01-05 10:09 - 2020-07-30 08:47 - 000153312 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2021-01-04 12:20 - 2014-07-28 18:11 - 000000000 ____D C:\Program Files\WinRAR
2021-01-03 14:11 - 2020-05-06 13:07 - 000004308 _____ C:\Windows\system32\Tasks\Opera scheduled assistant Autoupdate 1588766823
2021-01-03 14:11 - 2020-05-06 13:06 - 000004084 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1588766768
2021-01-03 14:11 - 2019-07-21 10:54 - 000003782 _____ C:\Windows\system32\Tasks\EOSv3 Scheduler onLogOn
2021-01-03 14:11 - 2019-07-21 10:54 - 000003342 _____ C:\Windows\system32\Tasks\EOSv3 Scheduler onTime
2021-01-03 14:11 - 2017-06-18 20:49 - 000003860 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1497815344
2021-01-03 14:11 - 2016-11-07 16:20 - 000003370 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2021-01-03 14:11 - 2016-11-07 16:20 - 000003242 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2021-01-03 14:11 - 2016-10-22 11:50 - 000003836 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1477133455
2021-01-03 14:11 - 2015-01-08 22:31 - 000003116 _____ C:\Windows\system32\Tasks\{F529C778-212F-4A4C-A435-C1F3B293A60A}
2021-01-03 09:44 - 2015-01-27 12:23 - 000000000 ____D C:\Program Files (x86)\Google
2020-12-31 15:27 - 2015-12-04 19:17 - 000000000 ____D C:\Program Files (x86)\Adobe
2020-12-31 15:13 - 2015-09-03 09:08 - 000413936 _____ C:\Windows\system32\FNTCACHE.DAT
2020-12-31 15:06 - 2015-12-11 18:15 - 000000000 ____D C:\ProgramData\Package Cache
2020-12-31 15:05 - 2018-09-04 13:28 - 000000000 ____D C:\Windows\system32\Tasks\Avira
2020-12-31 14:51 - 2015-09-03 09:10 - 000108008 _____ C:\Users\Martin\AppData\Local\GDIPFONTCACHEV1.DAT
2020-12-31 14:39 - 2014-07-28 18:02 - 000767122 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2020-12-31 12:44 - 2014-11-01 16:21 - 000000000 ____D C:\Windows\Minidump
2020-12-27 10:50 - 2014-07-29 12:15 - 000000000 ____D C:\Windows\system32\Macromed
2020-12-27 10:49 - 2014-07-29 12:15 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2020-12-22 13:16 - 2014-11-20 19:21 - 000000193 _____ C:\Windows\WORDPAD.INI
2020-12-20 11:45 - 2020-03-18 13:28 - 000000000 ____D C:\Users\Martin\AppData\Local\TP-Link

==================== Files in the root of some directories ========

2020-12-31 15:11 - 2020-12-31 15:12 - 006922240 _____ () C:\Program Files (x86)\GUT6C89.tmp
2014-05-08 05:05 - 2014-05-08 05:05 - 000000524 _____ () C:\Users\Martin\AppData\Roaming\159 dk orange bl 4.ADO
2015-02-12 06:07 - 2015-02-12 06:07 - 000000213 _____ () C:\Users\Martin\AppData\Roaming\3BSYBS1_DDVW_ErrLog.txt
2013-10-02 03:55 - 2013-10-02 03:55 - 000000940 _____ () C:\Users\Martin\AppData\Roaming\admon.graphics.extension.xml
2014-05-08 06:44 - 2014-05-08 06:44 - 000003523 _____ () C:\Users\Martin\AppData\Roaming\Adobe-Japan1-0
2013-10-02 03:54 - 2013-10-02 03:54 - 000000453 _____ () C:\Users\Martin\AppData\Roaming\Aqtau
2013-10-02 03:54 - 2013-10-02 03:54 - 000000065 _____ () C:\Users\Martin\AppData\Roaming\Bangui
2014-05-08 05:05 - 2014-05-08 05:05 - 000000524 _____ () C:\Users\Martin\AppData\Roaming\BMC blue 4.ADO
2010-07-19 22:16 - 2010-07-19 22:16 - 000004751 _____ () C:\Users\Martin\AppData\Roaming\b_no.jpg
2013-10-02 03:54 - 2013-10-02 03:54 - 000000549 _____ () C:\Users\Martin\AppData\Roaming\Catamarca
2013-10-02 03:55 - 2013-10-02 03:55 - 000001978 _____ () C:\Users\Martin\AppData\Roaming\caution.tif
2014-05-08 06:44 - 2014-05-08 06:44 - 000002828 _____ () C:\Users\Martin\AppData\Roaming\CNS2-V
2013-10-02 03:56 - 2013-10-02 03:56 - 000001266 _____ () C:\Users\Martin\AppData\Roaming\compact.list.item.spacing.xml
2014-05-08 05:05 - 2014-05-08 05:05 - 000000524 _____ () C:\Users\Martin\AppData\Roaming\Cool Gray 9 bl 4.ADO
2015-05-20 02:28 - 2015-05-20 02:28 - 000002176 _____ () C:\Users\Martin\AppData\Roaming\C_Enabled.png
2011-03-21 17:48 - 2011-03-21 17:48 - 000000512 _____ () C:\Users\Martin\AppData\Roaming\data2.cab
2013-10-02 03:55 - 2013-10-02 03:55 - 000002654 _____ () C:\Users\Martin\AppData\Roaming\dbtoepub
2013-10-02 03:56 - 2013-10-02 03:56 - 000001013 _____ () C:\Users\Martin\AppData\Roaming\double.sided.xml
2015-05-20 02:28 - 2015-05-20 02:28 - 000004817 _____ () C:\Users\Martin\AppData\Roaming\dsc_checkup_tile.png
2015-05-20 02:28 - 2015-05-20 02:28 - 000004997 _____ () C:\Users\Martin\AppData\Roaming\dsc_drivers_tile.png
2014-05-08 06:44 - 2014-05-08 06:44 - 000002862 _____ () C:\Users\Martin\AppData\Roaming\dut1995phon.env
2015-05-20 02:28 - 2015-05-20 02:28 - 000004279 _____ () C:\Users\Martin\AppData\Roaming\dxdiag.png
2007-01-16 01:00 - 2007-01-16 01:00 - 000003294 _____ () C:\Users\Martin\AppData\Roaming\Extravagancy.Y
2015-05-20 02:28 - 2015-05-20 02:28 - 000001592 _____ () C:\Users\Martin\AppData\Roaming\forward32.png
2013-10-02 03:54 - 2013-10-02 03:54 - 000001676 _____ () C:\Users\Martin\AppData\Roaming\Gibraltar
2013-10-02 03:56 - 2013-10-02 03:56 - 000005030 _____ () C:\Users\Martin\AppData\Roaming\graphics.xsl
2014-05-08 06:44 - 2014-05-08 06:44 - 000000672 _____ () C:\Users\Martin\AppData\Roaming\gre.fca
2013-10-02 03:54 - 2013-10-02 03:54 - 000000137 _____ () C:\Users\Martin\AppData\Roaming\Guatemala
2015-05-20 02:28 - 2015-05-20 02:28 - 000003291 _____ () C:\Users\Martin\AppData\Roaming\history_report_gray.png
2013-10-02 03:56 - 2013-10-02 03:56 - 000000941 _____ () C:\Users\Martin\AppData\Roaming\htmlhelp.autolabel.xml
2013-10-02 03:56 - 2013-10-02 03:56 - 000000963 _____ () C:\Users\Martin\AppData\Roaming\ignore.image.scaling.xml
2015-05-20 02:28 - 2015-05-20 02:28 - 000002116 _____ () C:\Users\Martin\AppData\Roaming\internetProperties.png
1987-02-02 01:00 - 1987-02-02 01:00 - 000046203 _____ () C:\Users\Martin\AppData\Roaming\Introvert.j6a
2013-10-02 03:56 - 2013-10-02 03:56 - 000001015 _____ () C:\Users\Martin\AppData\Roaming\javahelp.encoding.xml
2015-05-20 02:28 - 2015-05-20 02:28 - 000004676 _____ () C:\Users\Martin\AppData\Roaming\lid_closure.png
2014-05-08 05:05 - 2014-05-08 05:05 - 000000117 _____ () C:\Users\Martin\AppData\Roaming\More Saturated.hdt
2013-10-02 03:54 - 2013-10-02 03:54 - 000000097 _____ () C:\Users\Martin\AppData\Roaming\Nairobi
2013-10-02 03:56 - 2013-10-02 03:56 - 000001093 _____ () C:\Users\Martin\AppData\Roaming\navig.graphics.xml
2015-05-20 02:28 - 2015-05-20 02:28 - 000001519 _____ () C:\Users\Martin\AppData\Roaming\not_applicable_2.png
2015-05-20 02:28 - 2015-05-20 02:28 - 000001315 _____ () C:\Users\Martin\AppData\Roaming\pcdrfingerprintreader.p5m
2015-05-20 02:28 - 2015-05-20 02:28 - 000000781 _____ () C:\Users\Martin\AppData\Roaming\phone.png
2014-05-08 05:08 - 2014-05-08 05:08 - 000001433 _____ () C:\Users\Martin\AppData\Roaming\Plastic - Violet Purple, Strong & Flexible.3PP
2014-05-08 06:44 - 2014-05-08 06:44 - 000000972 _____ () C:\Users\Martin\AppData\Roaming\pol.fca
2013-10-02 03:55 - 2013-10-02 03:55 - 000001597 _____ () C:\Users\Martin\AppData\Roaming\projectteam.xml
2013-10-02 03:56 - 2013-10-02 03:56 - 000001085 _____ () C:\Users\Martin\AppData\Roaming\qanda.inherit.numeration.xml
2015-05-20 02:28 - 2015-05-20 02:28 - 000004156 _____ () C:\Users\Martin\AppData\Roaming\quick-test.png
2014-05-08 06:44 - 2014-05-08 06:44 - 000000889 _____ () C:\Users\Martin\AppData\Roaming\README_gu.txt
2014-05-08 06:44 - 2014-05-08 06:44 - 000001614 _____ () C:\Users\Martin\AppData\Roaming\s29.png
2015-05-20 02:28 - 2015-05-20 02:28 - 000003676 _____ () C:\Users\Martin\AppData\Roaming\save.png
2013-10-02 03:56 - 2013-10-02 03:56 - 000000883 _____ () C:\Users\Martin\AppData\Roaming\section.autolabel.xml
2013-10-02 03:56 - 2013-10-02 03:56 - 000001102 _____ () C:\Users\Martin\AppData\Roaming\section.title.level5.properties.xml
2015-05-20 02:28 - 2015-05-20 02:28 - 000001421 _____ () C:\Users\Martin\AppData\Roaming\security.png
2015-05-20 02:28 - 2015-05-20 02:28 - 000002649 _____ () C:\Users\Martin\AppData\Roaming\sysinfopage_forfile.css
2015-05-20 02:14 - 2015-05-20 02:14 - 000000110 _____ () C:\Users\Martin\AppData\Roaming\tweakChkDsk_ar.p5p
2015-05-20 02:14 - 2015-05-20 02:14 - 000000095 _____ () C:\Users\Martin\AppData\Roaming\tweakChkDsk_it.p5p
2015-05-20 02:14 - 2015-05-20 02:14 - 000000112 _____ () C:\Users\Martin\AppData\Roaming\tweakChkDsk_nl.p5p
2015-05-20 02:14 - 2015-05-20 02:14 - 000001728 _____ () C:\Users\Martin\AppData\Roaming\tweakNetworkingManual_ko.p5p
2013-10-02 03:56 - 2013-10-02 03:56 - 000001323 _____ () C:\Users\Martin\AppData\Roaming\ulink.show.xml
2015-05-20 02:28 - 2015-05-20 02:28 - 000001543 _____ () C:\Users\Martin\AppData\Roaming\user_attention.png
2017-10-17 20:40 - 2017-10-17 20:40 - 000009029 _____ () C:\Users\Martin\AppData\Local\recently-used.xbel
2015-06-16 16:54 - 2015-06-16 16:54 - 000000000 _____ () C:\Users\Martin\AppData\Local\Temp.dat

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================