Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 08-11-2021 02
Ran by Tomáš (administrator) on TOM-PC (SAMSUNG ELECTRONICS CO., LTD. R540/R580/R780/SA41/E452/E852) (08-11-2021 20:42:41)
Running from C:\Users\Tomáš\Desktop
Loaded Profiles: Tomáš
Platform: Microsoft Windows 7 Home Premium  Service Pack 1 (X64) Language: Čeština (Česká republika)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Windows\SysWOW64\Rezip.exe
(Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(BlueStack Systems, Inc. -> BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(BlueStack Systems, Inc. -> BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
(Ghisler Software GmbH -> Ghisler Software GmbH) C:\Program Files\totalcmd\TOTALCMD64.EXE
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <24>
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe <7>
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Tweaking LLC -> Tweaking.com) C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10144288 2010-04-07] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1353680 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [102400 2010-05-04] (Advanced Micro Devices, Inc.) [File not signed]
HKLM-x32\...\Run: [UCam_Menu] => C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink -> CyberLink Corp.)
HKLM-x32\...\Run: [RazerCortex] => C:\Program Files (x86)\Razer\Razer Cortex\CortexLauncher.exe -autorun (No File)
HKU\S-1-5-21-960952882-3187940223-2238644844-1001\...\Run: [EPSON SX100 Series (kopie 2)] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIEDE.EXE [221696 2008-02-05] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2016-01-22] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Print\Monitors\Epson Inbox Language Monitor01: C:\Windows\SYSTEM32\EP0SLM01.DLL [77824 2009-07-14] (Microsoft Windows -> SEIKO EPSON CORPORATION)
HKLM\...\Print\Monitors\EPSON SX100 Series 64MonitorBE: C:\Windows\SYSTEM32\E_ILMEDE.DLL [108032 2007-12-07] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\95.0.4638.69\Installer\chrmstp.exe [2021-11-03] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {04A3CF91-B6DC-4A4F-84ED-CDA91151B4A1} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe /RunningFrom Schedule (No File)
Task: {06683FCA-E830-4AD3-B2ED-1568B7B17890} - System32\Tasks\Opera scheduled assistant Autoupdate 1586188105 => C:\Program Files (x86)\Opera\launcher.exe [1583256 2021-01-05] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Program Files (x86)\Opera\assistant" $(Arg0)
Task: {09E6F68D-1C1E-4D13-BC17-680BC334DEC3} - System32\Tasks\EasySpeedUpManager => Command(1): "%programfiles(x86)%\Samsung\EasySpeedUpManager\EasySpeedUpManager2.exe" -> /s
Task: {09E6F68D-1C1E-4D13-BC17-680BC334DEC3} - System32\Tasks\EasySpeedUpManager => Command(2): C:\Program Files (x86)\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe [719360  [719360 2010-02-10]] (Samsung Electronics Co., Ltd.) [File not signed]
Task: {103A37D6-89FE-4A2D-B9CD-ABF93D8AD0BA} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2020-03-30] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {10C6CCE2-24BA-4148-800E-05E4D652BFBF} - System32\Tasks\{9D01C849-B597-40CC-832E-71ED838295FF} => C:\Windows\system32\pcalua.exe -a C:\Users\Tomáš\Downloads\epson374977eu.exe -d C:\Users\Tomáš\Downloads
Task: {208D0EC0-B348-47C3-8847-A69B9D5680EA} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-960952882-3187940223-2238644844-1001 => C:\Users\Tomáš\AppData\Local\MEGAsync\MEGAupdater.exe [1303800 2020-12-15] (Mega Limited -> Mega Limited)
Task: {222FF528-B895-47F3-A49C-2810C543947A} - System32\Tasks\Mozilla\Firefox Background Update E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla\updates\E7CF176E110C211B\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {292BE1A8-D3FA-446B-9875-FDB554EEEA46} - System32\Tasks\Opera scheduled Autoupdate 1461342973 => C:\Program Files (x86)\Opera\launcher.exe [1583256 2021-01-05] (Opera Software AS -> Opera Software)
Task: {34D2A2EC-B106-4F17-9CCD-AF17A06BDCAF} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe /c (No File)
Task: {3609DD0D-B43D-4693-A79C-08B1591A0CB1} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe /ua /installsource scheduler (No File)
Task: {4E566D5E-FE80-4314-A05E-B7B42007227E} - System32\Tasks\{AEA60A56-D3AC-4E8F-BE93-1659E1BB0D7A} => C:\Users\Tomáš\Downloads\kodi-19.1-Matrix-x64.exe [68718480 2021-09-09] (XBMC Foundation) [File not signed]
Task: {58E1CD83-4D09-4D8C-94C8-C2A279BCE4A5} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [682936 2021-11-04] (Mozilla Corporation -> Mozilla Foundation)
Task: {612C5D9E-5E50-4ED5-A628-0FAE0734E2B5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2016-01-18] (Google Inc -> Google Inc.)
Task: {64DBBA46-1343-452F-8237-2DAF8C724A13} - System32\Tasks\{4F928207-85DC-4821-ACE5-A8D8B34A3ACB} => C:\Program Files\Kodi\kodi.exe [44132352 2021-05-08] (XBMC Foundation) [File not signed]
Task: {6B279485-0971-4973-BADA-9C9DA9B81968} - System32\Tasks\{E7D5A520-6DDD-4604-AF91-D5A6972E466A} => "c:\program files (x86)\google\chrome\application\chrome.exe" http://www.skype.com/go/downloading?source=lightinstaller&ver=7.18.0.111&LastError=404 hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=7.18.0.111&LastError=404 (No File)
Task: {6C51F336-251B-4F57-8BAC-F99EAA88F8B4} - System32\Tasks\{7B32857A-A099-4FAE-BC0F-66970778EF6A} => C:\Windows\system32\pcalua.exe -a C:\Users\Tomáš\AppData\Local\Temp\Rar$EXa0.940\TeamSpeak3-cestina-0.1.-beta2.exe -d C:\Users\TOM~1\AppData\Local\Temp\Rar$EXa0.940 -c -el -s2 "-dC:\Program Files\TeamSpeak 3 Client\" "-p" "-sp" <==== ATTENTION
Task: {6FE89429-371C-4200-A38F-1A515CAAE8A8} - System32\Tasks\Tweaking.com - Windows Repair Tray Icon => C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe [220816 2019-09-30] (Tweaking LLC -> Tweaking.com)
Task: {72279271-F3D3-484A-9BFA-5612F0D6DCEC} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(1): schtasks.exe -> /Change /TN "\CCleanerSkipUAC" /ENABLE
Task: {72279271-F3D3-484A-9BFA-5612F0D6DCEC} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(2): schtasks.exe -> /Change /TN "\AVAST Software\Gaming mode Task Scheduler recovery" /DISABLE
Task: {7AC9B151-DCE2-4748-8C9B-250BCB166036} - System32\Tasks\SamsungSupportCenter => C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe [1749504 2010-05-06] (SAMSUNG Electronics) [File not signed]
Task: {8CA83E2B-FEA4-45D2-AC2E-0CF9C89E5AE8} - System32\Tasks\{6E4EEEA9-FA23-4E99-945B-6F1C0C8C0DEA} => C:\Windows\system32\pcalua.exe -a C:\Users\Tomáš\Downloads\GTA-San-Andreas-Plná-hra-100%.exe -d C:\Users\Tomáš\Downloads
Task: {8D466DEB-CD7E-42B3-A40A-2C2781C7D3E5} - System32\Tasks\PC SpeedUp Service Deactivator => C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe /dev0 /idle (No File) <==== ATTENTION
Task: {9C6C14B7-79EE-4787-887B-486BCE00EF2E} - System32\Tasks\BatteryLifeExtender => C:\Program Files (x86)\Samsung\BatteryLifeExtender\BatteryLifeExtender.exe [6644736 2010-06-01] (Samsung Electronics. Co. Ltd.) [File not signed]
Task: {9CDCC196-ADA9-4A78-83B3-D3F03E698246} - System32\Tasks\{C3C7A10B-6AA5-4B36-9D5B-7B6C3CE95E1B} => C:\Windows\system32\pcalua.exe -a C:\Users\Tomáš\Downloads\epson324827eu.exe -d C:\Users\Tomáš\Downloads
Task: {A2166B52-9EB5-4AA9-8C97-C39772D0AC25} - System32\Tasks\ByteFence => C:\Program Files\ByteFence\ByteFence.exe /a (No File) <==== ATTENTION
Task: {A419F25A-8AE9-4B9F-9615-425A02FC2251} - System32\Tasks\EasyBatteryManager => C:\Program Files (x86)\Samsung\EasyBatteryManager\EasyBatteryMgr4.exe [356352 2010-03-29] (SAMSUNG Electronics co., LTD.) [File not signed]
Task: {A41BCC8B-8954-47A7-8FF8-ADA4E4544F95} - System32\Tasks\EasyDisplayMgr => C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe [847360 2010-06-08] (Samsung Electronics Co., Ltd.) [File not signed]
Task: {A46D6DE3-0757-46F3-8A4E-A80ED0FE00BE} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {A74E54DB-59CC-4C75-B28F-EAC8F62A7D2C} - System32\Tasks\ByteFence Scan => C:\Program Files\ByteFence\ByteFence.exe /schedulescan (No File) <==== ATTENTION
Task: {AAEB3920-CC13-4574-A63A-0BE06C503EC5} - System32\Tasks\{CF458A7B-AA3F-4339-8606-C74D99F462B0} => C:\Windows\system32\pcalua.exe -a C:\Users\Tomáš\Downloads\epson374977eu(1).exe -d C:\Users\Tomáš\Downloads
Task: {AC1381B6-0987-47CC-882E-B9605C0DD6B7} - System32\Tasks\{B4823D11-E461-45E8-9284-BFF35AB30FF0} => D:\Rust Legacy 1.8.5\rust.exe (No File)
Task: {BDF77D3F-B888-4E09-9FE4-49EF0C779AA1} - System32\Tasks\advSRS4 => C:\Program Files (x86)\Samsung\Samsung Recovery Solution 4\WCScheduler.exe [2201192 2010-01-19] (Samsung Electronics CO., LTD. -> SEC) [File not signed]
Task: {C824CA07-54D2-4144-93A3-3F25A5008491} - System32\Tasks\SUPBackground => C:\Program Files\Samsung\Samsung Update Plus\SUPBackground.exe (No File)
Task: {D81B75E7-48CA-4F92-92B8-A238EC0C32F8} - System32\Tasks\{59B05EA4-E185-49BE-BE69-C5E22C955F87} => C:\Windows\system32\pcalua.exe -a C:\PROGRA~2\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe -c /M{ABFE9B50-BA4B-4FDF-A943-EA025119DBED}
Task: {DB869619-EBD9-41DA-801A-6E5651CC0829} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [13797712 2020-03-30] (Piriform Ltd -> Piriform Ltd)
Task: {E1F5CB56-A06A-4568-9697-17936B66B61B} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_465_Plugin.exe [1504312 2020-12-15] (Adobe Inc. -> Adobe)
Task: {E3DE3247-24E2-407B-AF8D-22CBC30C9A53} - System32\Tasks\{51617BFA-3BC3-4FD5-990A-A21B799FA310} => C:\Windows\system32\pcalua.exe -a "D:\Rust Legacy 1.8.5\Install\vcredist_x86.exe" -d "D:\Rust Legacy 1.8.5\Install\" -c /quiet /norestart
Task: {E9A5FF5A-DB86-4349-9737-71398574079A} - System32\Tasks\{A10B57A6-1121-4F56-B646-0CA7E5BB8189} => C:\Windows\system32\pcalua.exe -a C:\Users\Tomáš\Downloads\epson374977eu(2).exe -d C:\Users\Tomáš\Downloads
Task: {EF26248A-22C7-45CF-AD69-EFA6EE3CBA4E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-15] (Adobe Inc. -> Adobe)
Task: {FC8B8C63-D217-43A0-9E47-125E5E262578} - System32\Tasks\ChkWiz4VistaWin7 => C:\Sysprep\ChkWiz4VistaWin7.exe /Output:$CHKRPT$ (No File)
Task: {FDE20AD0-923B-491A-B16B-51BA553D614C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2016-01-18] (Google Inc -> Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\PC SpeedUp Service Deactivator.job => C:\Program Files (x86)\Zrychleni Pocitace\PCSUSD.exe <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

AutoConfigURL: [S-1-5-21-960952882-3187940223-2238644844-1001] => hxxp://stoppblock.com/wpad.dat?56449dcfde185041980f83b1a85c876612923872
Winsock: Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648 2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648 2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5-x64 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760 2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5-x64 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760 2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
Tcpip\Parameters: [DhcpNameServer] 78.157.167.7 8.8.8.8
Tcpip\..\Interfaces\{AB1DAA86-3717-4A24-AA89-2DED3408310C}: [DhcpNameServer] 78.157.167.7 8.8.8.8
Tcpip\..\Interfaces\{C932B377-4F63-4734-88E7-F9A326CF1CE6}: [DhcpNameServer] 78.157.167.7 8.8.8.8
ManualProxies: 0hxxp://stoppblock.com/wpad.dat?56449dcfde185041980f83b1a85c876612923872

FireFox:
========
FF DefaultProfile: 7y8ifzzr.default
FF ProfilePath: C:\Users\Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\7y8ifzzr.default [2021-11-08]
FF Homepage: Mozilla\Firefox\Profiles\7y8ifzzr.default -> hxxp://hp.myway.com/filesharefanatic/ttab02/index.html?coId=314bcca854db4556b170afdfd23a1e84&subId=1064042&ln=cs&n=782b6a63&ptb=643ADF79-8C95-41AC-8086-B72084E2F979&st=tab&p2=%5EAYW%5Exdm404%5ETTAB02%5Ecz&si=1064042
FF NewTab: Mozilla\Firefox\Profiles\7y8ifzzr.default -> about:newtab
FF Extension: (Teoma Media Search App) - C:\Users\Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\7y8ifzzr.default\Extensions\toolbar_TeoMediaTB@apn.ask.com.xpi [2020-03-30] [UpdateUrl:hxxps://secure-apnmedia.ask.com/media/toolbar/everest/genericxpi/TeoMediaTB/YY/update.json]
FF SearchPlugin: C:\Users\Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\7y8ifzzr.default\searchplugins\APN_Teoma.xml [2016-04-22]
FF SearchPlugin: C:\Users\Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\7y8ifzzr.default\searchplugins\seznam-avast.xml [2016-10-01]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_465.dll [2020-12-15] (Adobe Inc. -> )
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin: @unity3d.com/UnityPlayer64,version=1.0 -> C:\Program Files\Unity\WebPlayer64\loader-x64\npUnity3D64.dll [2015-06-08] (Unity Technologies ApS -> Unity Technologies ApS)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_465.dll [2020-12-15] (Adobe Inc. -> )
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1224194.dll [2016-02-19] (Adobe Systems, Inc.) [File not signed]
FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-05-11] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-05-11] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=3 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [No File]
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=9 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [No File]
FF Plugin HKU\S-1-5-21-960952882-3187940223-2238644844-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Tomáš\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2016-02-19] (Unity Technologies SF -> Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-960952882-3187940223-2238644844-1001: @zoom.us/ZoomVideoPlugin -> C:\Users\Tomáš\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2020-05-07] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)

Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default [2021-11-08]
CHR Notifications: Default -> hxxps://meet.google.com
CHR HomePage: Default -> msn.com
CHR DefaultSearchURL: Default -> hxxps://www.bing.com/search?FORM=__PARAM__DF&PC=__PARAM__&q={searchTerms}
CHR DefaultSuggestURL: Default -> hxxps://www.bing.com/osjson.aspx?FORM=__PARAM__DF&PC=__PARAM__&query={searchTerms}
CHR Extension: (Prezentace) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-02-07]
CHR Extension: (Dokumenty) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-02-07]
CHR Extension: (Disk Google) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-02-07]
CHR Extension: (YouTube) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-02-07]
CHR Extension: (MSN Homepage & Bing Search Engine) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcfenmboojpjinhpgggodefccipikbpd [2021-02-07]
CHR Extension: (Tabulky) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-02-07]
CHR Extension: (Dokumenty Google offline) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-10-19]
CHR Extension: (Avast Online Security & Privacy) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2021-11-03]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-07]
CHR Extension: (Gmail) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-02-07]
CHR Profile: C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Profile 2 [2021-09-05]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-07]
CHR Extension: (Chrome Media Router) - C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-02-07]
CHR Profile: C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\System Profile [2021-09-05]
CHR HKU\S-1-5-21-960952882-3187940223-2238644844-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>

Opera: 
=======
OPR Profile: C:\Users\Tomáš\AppData\Roaming\Opera Software\Opera Stable [2021-09-05]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding}

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-15] (Adobe Inc. -> Adobe)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1447944 2016-12-16] (BattlEye Innovations e.K. -> )
S3 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [437784 2016-04-26] (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [417304 2016-04-26] (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
S3 BstHdPlusAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Plus-Service.exe [437784 2016-04-26] (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [921112 2016-04-26] (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [245544 2016-03-17] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [119864 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [361816 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [4011064 2016-03-08] (INCA Internet Co.,Ltd. -> INCA Internet Co., Ltd.)
R2 Rezip; C:\Windows\SysWOW64\Rezip.exe [311296 2009-03-05] () [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
R2 wlidsvc; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2292480 2012-07-17] (Microsoft Corporation -> Microsoft Corp.)
S2 avast; "C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe" /svc [X]
S3 avastm; "C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe" /medsvc [X]
S3 OverwolfUpdater; "C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe" /RunningFrom SCM" [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AtiHdmiService; C:\Windows\System32\drivers\AtiHdmi.sys [116736 2010-01-29] (Microsoft Windows Hardware Compatibility Publisher -> ATI Technologies, Inc.)
S3 atikmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [6789632 2010-05-05] (Microsoft Windows Hardware Compatibility Publisher -> ATI Technologies Inc.)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [154168 2016-04-26] (Bluestack Systems, Inc. -> BlueStack Systems)
R2 BstkDrv; C:\Program Files (x86)\BlueStacks\BstkDrv.sys [270904 2016-04-06] (Bluestack Systems, Inc. -> Bluestack System Inc.)
R3 ETD; C:\Windows\System32\DRIVERS\ETD.sys [136192 2010-04-01] (Microsoft Windows Hardware Compatibility Publisher -> ELAN Microelectronics Corp.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [295000 2016-08-25] (Microsoft Corporation -> Microsoft Corporation)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation -> Microsoft Corporation)
R1 SABI; C:\Windows\system32\Drivers\SABI.sys [13824 2010-03-31] (Microsoft Windows Hardware Compatibility Publisher -> SAMSUNG ELECTRONICS)
S3 wdm_usb; C:\Windows\System32\DRIVERS\usb2ser.sys [159936 2016-08-16] (NGO -> MBB)
R3 yukonw7; C:\Windows\System32\DRIVERS\yk62x64.sys [395264 2009-09-28] (Microsoft Windows Hardware Compatibility Publisher -> )
S3 btwampfl; system32\drivers\btwampfl.sys [X]
S3 btwaudio; system32\drivers\btwaudio.sys [X]
S3 btwavdt; system32\DRIVERS\btwavdt.sys [X]
S3 btwl2cap; system32\DRIVERS\btwl2cap.sys [X]
S3 btwrchid; system32\DRIVERS\btwrchid.sys [X]
S3 taphss6; system32\DRIVERS\taphss6.sys [X]
S3 X6va062; \??\C:\Windows\SysWOW64\Drivers\X6va062 [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-11-08 20:42 - 2021-11-08 20:44 - 000026997 _____ C:\Users\Tomáš\Desktop\FRST.txt
2021-11-08 20:41 - 2021-11-08 20:43 - 000000000 ____D C:\FRST
2021-11-08 20:41 - 2021-11-08 20:39 - 001222144 _____ C:\Users\Tomáš\Desktop\RSITx64.exe
2021-11-08 20:41 - 2021-11-08 20:37 - 002312192 _____ (Farbar) C:\Users\Tomáš\Desktop\FRST64.exe
2021-11-08 20:39 - 2021-11-08 20:39 - 001222144 _____ C:\Users\Tomáš\Downloads\RSITx64.exe
2021-11-08 20:37 - 2021-11-08 20:37 - 002312192 _____ (Farbar) C:\Users\Tomáš\Downloads\FRST64.exe
2021-11-04 22:58 - 2021-11-04 22:58 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2021-11-03 18:24 - 2021-11-03 18:24 - 010023495 _____ C:\Users\Tomáš\Downloads\AW2021.pdf
2021-10-27 15:53 - 2021-10-27 15:58 - 334392538 _____ C:\Users\Tomáš\Downloads\Kačeří příběhy 04x03 - Kačer, který věděl příliš mnoho.avi
2021-10-27 15:53 - 2021-10-27 15:58 - 331410642 _____ C:\Users\Tomáš\Downloads\Kačeří příběhy 04x01 - Vysoko v Kačeřích horách.avi
2021-10-27 15:52 - 2021-10-27 15:57 - 331722650 _____ C:\Users\Tomáš\Downloads\Kačeří příběhy 02x08 - Kačer ze železa.avi
2021-10-27 15:45 - 2021-10-27 15:49 - 319224584 _____ C:\Users\Tomáš\Downloads\Kačeří příběhy 02x03 - Kačeři na útěku.avi
2021-10-27 15:41 - 2021-10-27 15:43 - 170335688 _____ C:\Users\Tomáš\Downloads\Kačeří příběhy - 038. Kačeři na dně (DVDRip-Cz SS23 bt).avi
2021-10-27 15:38 - 2021-10-27 15:40 - 183822336 _____ C:\Users\Tomáš\Downloads\Kačeří příběhy 01x46 - Správný kačer (Kačer na správném místě).avi
2021-10-27 15:35 - 2021-10-27 15:38 - 183379968 _____ C:\Users\Tomáš\Downloads\Kačeří příběhy 01x08 - Kam noha Kačeří ještě nevkročila (Kam kačeří noha nevkročila).avi
2021-10-27 15:33 - 2021-10-27 16:03 - 560712176 _____ C:\Users\Tomáš\Downloads\TRI SESTRY - Platinum Maxxximum (CZ 3CD 2020)[MP3.CBR.320].rar
2021-10-27 15:25 - 2021-10-27 15:29 - 294305792 _____ C:\Users\Tomáš\Downloads\Rychlá rota 01 - Kočičárny.avi
2021-10-27 15:04 - 2021-10-27 15:09 - 296953856 _____ C:\Users\Tomáš\Downloads\Rychla-rota-42---Rychla-rota-zasahuje-cast-druha.avi
2021-10-27 15:03 - 2021-10-27 15:06 - 160263680 _____ C:\Users\Tomáš\Downloads\Rychla rota 45 - Rychla rota zasahuje cast 5.avi
2021-10-27 15:03 - 2021-10-27 15:06 - 160084480 _____ C:\Users\Tomáš\Downloads\Rychla rota 44 - Rychla rota zasahuje cast 4.avi
2021-10-27 15:03 - 2021-10-27 15:05 - 159973376 _____ C:\Users\Tomáš\Downloads\Rychla rota 43 - Rychla rota zasahuje cast 3.avi
2021-10-27 15:01 - 2021-10-27 15:03 - 159903232 _____ C:\Users\Tomáš\Downloads\Rychla rota 41 - Rychla rota zasahuje cast 1.avi
2021-10-27 12:05 - 2021-10-27 12:23 - 839628006 _____ C:\Users\Tomáš\Downloads\Auta 3 (2017 CZ Dabing) .avi
2021-10-27 12:02 - 2021-10-27 12:12 - 733853030 _____ C:\Users\Tomáš\Downloads\Auta 2 Cars 2 (2011) cz dabing.avi
2021-10-27 12:01 - 2021-10-27 12:18 - 725692556 _____ C:\Users\Tomáš\Downloads\Auta 2006 cz dabing.avi
2021-10-27 11:57 - 2021-11-08 20:00 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2021-10-26 18:20 - 2021-10-26 18:22 - 000000000 ____D C:\Users\Tomáš\Downloads\prilohy_65004
2021-10-26 18:20 - 2021-10-26 18:20 - 000162895 _____ C:\Users\Tomáš\Downloads\prilohy_65004.zip
2021-10-26 18:14 - 2021-10-26 18:16 - 000000000 ____D C:\Users\Tomáš\Downloads\prilohy_66355
2021-10-26 18:13 - 2021-10-26 18:13 - 000238348 _____ C:\Users\Tomáš\Downloads\prilohy_66355.zip
2021-10-26 18:10 - 2021-10-26 18:10 - 000141737 _____ C:\Users\Tomáš\Downloads\prilohy_67925.zip
2021-10-26 18:10 - 2021-10-26 18:10 - 000000000 ____D C:\Users\Tomáš\Downloads\prilohy_67925
2021-10-26 18:08 - 2021-10-26 18:08 - 000340025 _____ C:\Users\Tomáš\Downloads\prilohy_68118.zip
2021-10-26 18:08 - 2021-10-26 18:08 - 000000000 ____D C:\Users\Tomáš\Downloads\prilohy_68118
2021-10-26 18:06 - 2021-10-26 18:07 - 000000000 ____D C:\Users\Tomáš\Downloads\prilohy_68614
2021-10-26 18:06 - 2021-10-26 18:06 - 000164370 _____ C:\Users\Tomáš\Downloads\prilohy_68614.zip
2021-10-26 18:04 - 2021-10-26 18:05 - 000000000 ____D C:\Users\Tomáš\Downloads\prilohy_68961
2021-10-26 18:04 - 2021-10-26 18:04 - 000078572 _____ C:\Users\Tomáš\Downloads\prilohy_68961.zip
2021-10-26 18:02 - 2021-10-26 18:04 - 000000000 ____D C:\Users\Tomáš\Downloads\prilohy_69141
2021-10-26 18:01 - 2021-10-26 18:01 - 000179029 _____ C:\Users\Tomáš\Downloads\prilohy_69141.zip
2021-10-26 17:59 - 2021-10-26 18:01 - 000000000 ____D C:\Users\Tomáš\Downloads\prilohy_69559
2021-10-26 17:59 - 2021-10-26 17:59 - 000141073 _____ C:\Users\Tomáš\Downloads\prilohy_69559.zip
2021-10-26 17:58 - 2021-10-26 17:58 - 000179378 _____ C:\Users\Tomáš\Downloads\prilohy_70171.zip
2021-10-26 17:58 - 2021-10-26 17:58 - 000000000 ____D C:\Users\Tomáš\Downloads\prilohy_70171
2021-10-26 17:48 - 2021-10-26 17:51 - 000000000 ____D C:\Users\Tomáš\Downloads\prilohy_70654
2021-10-26 17:48 - 2021-10-26 17:48 - 000158062 _____ C:\Users\Tomáš\Downloads\prilohy_70654.zip
2021-10-26 17:26 - 2021-10-26 17:48 - 000000000 ____D C:\Users\Tomáš\Downloads\prilohy_70727
2021-10-26 17:25 - 2021-10-26 17:25 - 000349199 _____ C:\Users\Tomáš\Downloads\prilohy_70727.zip
2021-10-26 17:25 - 2021-10-26 17:25 - 000000000 ____D C:\Users\Tomáš\Downloads\prilohy_71355
2021-10-26 17:24 - 2021-10-26 17:24 - 000312161 _____ C:\Users\Tomáš\Downloads\prilohy_71355.zip
2021-10-26 17:22 - 2021-10-26 17:23 - 000000000 ____D C:\Users\Tomáš\Downloads\prilohy_71414
2021-10-26 17:21 - 2021-10-26 17:21 - 000312161 _____ C:\Users\Tomáš\Downloads\prilohy_71414.zip
2021-10-26 17:18 - 2021-10-26 17:20 - 000000000 ____D C:\Users\Tomáš\Downloads\prilohy_72172
2021-10-26 17:18 - 2021-10-26 17:18 - 000264087 _____ C:\Users\Tomáš\Downloads\prilohy_72172.zip
2021-10-26 17:15 - 2021-10-26 17:16 - 000000000 ____D C:\Users\Tomáš\Downloads\prilohy_72405
2021-10-26 17:15 - 2021-10-26 17:15 - 000219152 _____ C:\Users\Tomáš\Downloads\prilohy_72405.zip
2021-10-26 17:12 - 2021-10-26 17:14 - 000000000 ____D C:\Users\Tomáš\Downloads\prilohy_72603
2021-10-26 17:11 - 2021-10-26 17:11 - 000317838 _____ C:\Users\Tomáš\Downloads\prilohy_72603.zip
2021-10-26 17:04 - 2021-10-26 17:10 - 000000000 ____D C:\Users\Tomáš\Downloads\prilohy_73100
2021-10-26 17:02 - 2021-10-26 17:02 - 000216804 _____ C:\Users\Tomáš\Downloads\prilohy_73100.zip

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-11-08 20:39 - 2020-04-10 17:38 - 000000000 ____D C:\ProgramData\Mozilla
2021-11-08 20:38 - 2016-11-18 14:44 - 000000000 ____D C:\Users\Tomáš\AppData\LocalLow\Mozilla
2021-11-08 20:09 - 2009-07-14 05:45 - 000022976 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2021-11-08 20:09 - 2009-07-14 05:45 - 000022976 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2021-11-08 20:01 - 2016-01-18 21:01 - 000000000 ____D C:\Program Files (x86)\Google
2021-11-04 03:52 - 2016-02-26 20:56 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-11-03 17:37 - 2016-01-18 21:02 - 000002422 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-11-03 17:37 - 2016-01-18 21:02 - 000002381 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-11-01 07:48 - 2010-08-09 20:43 - 000634620 _____ C:\Windows\system32\perfh005.dat
2021-11-01 07:48 - 2010-08-09 20:43 - 000128434 _____ C:\Windows\system32\perfc005.dat
2021-11-01 07:48 - 2009-07-14 06:13 - 001488216 _____ C:\Windows\system32\PerfStringBackup.INI
2021-11-01 07:48 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2021-11-01 07:43 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2021-10-27 22:57 - 2021-02-07 20:28 - 000000000 ____D C:\Users\Tomáš\AppData\Local\GHISLER

==================== Files in the root of some directories ========

2016-02-01 20:34 - 2016-02-01 20:34 - 000000000 ___SH () C:\Users\Tomáš\AppData\Local\LumaEmu
2021-01-02 17:32 - 2021-01-02 17:32 - 000000000 _____ () C:\Users\Tomáš\AppData\Local\{44127682-94AC-41E2-89E6-C7A48E261441}

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2021-11-01 09:02
==================== End of FRST.txt ========================