prosím o preventivku, Děkuji

[kodl74]

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 24-12-2019 01
Ran by Karlíkxy (administrator) on VELKEJPC (Gigabyte Technology Co., Ltd. GA-MA770T-UD3) (25-12-2019 12:13:58)
Running from C:\Users\Karlíkxy\Desktop
Loaded Profiles: Karlíkxy (Available Profiles: Karlíkxy)
Platform: Windows 10 Pro Version 1903 18362.535 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(DESlock Limited -> DESlock Limited.) C:\Program Files\ESET\ESET Secure Data\dlpsrv.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(Huawei Technologies Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Windows\System32\spool\drivers\x64\3\E_YATIUNE.EXE
(Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
(Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
(Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
(Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
(Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
(TomTom International BV -> TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
(uTorrent.CZ -> BitTorrent, Inc.) [File not signed] C:\Users\Karlíkxy\AppData\Roaming\uTorrent\utorrent.exe
(Winstep Software Technologies) [File not signed] C:\Program Files (x86)\Winstep\Nexus.exe
(Winstep Software Technologies) [File not signed] C:\Program Files (x86)\Winstep\WsxService.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmdS.exe [183088 2019-12-13] (ESET, spol. s r.o. -> ESET)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18391120 2019-04-11] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1319208 2019-05-31] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
HKU\S-1-5-21-4144462506-2486898719-981058799-1001\...\Run: [EsetPasswordManager] => C:\Program Files\ESET\ESET Password Manager\pwm.exe [116464 2019-09-20] (Lamantine Software a.s. -> ESET)
HKU\S-1-5-21-4144462506-2486898719-981058799-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [91503464 2019-12-13] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-4144462506-2486898719-981058799-1001\...\Run: [Nexus] => C:\Program Files (x86)\Winstep\Nexus.exe [17959552 2019-03-01] (Winstep Software Technologies) [File not signed]
HKU\S-1-5-21-4144462506-2486898719-981058799-1001\...\Run: [EPLTarget\P0000000000000002] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIUNE.EXE [416896 2017-09-22] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
HKU\S-1-5-21-4144462506-2486898719-981058799-1001\...\Run: [CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [144008 2019-10-22] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-4144462506-2486898719-981058799-1001\...\MountPoints2: {6bc1cec3-3048-11e9-8543-1c6f658aab67} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-4144462506-2486898719-981058799-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\ssText3d.scr [221184 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
Lsa: [Authentication Packages] msv1_0 SshdPinAuthLsa

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {117D161E-3B2D-4B43-BFAF-0F9CBE4F9A80} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1373592 2019-12-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {12792512-260F-471E-8FC0-2457274DC7AB} - System32\Tasks\RogueKiller Anti-Malware => C:\Users\Karlíkxy\Desktop\RogueKiller_portable64.exe
Task: {16ACF3A4-7A7D-49F9-A458-3A85E0DF42BF} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4321688 2019-12-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {1B4B14F6-0646-4409-A65F-239C12FAA5F5} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [746056 2018-01-10] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {260410B5-EFBF-4C6B-943E-DA811DE02AD3} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {319FA1FC-A537-462E-9C52-131E879F8E49} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1373592 2019-12-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {6E68B87A-8AB0-476A-AFF2-F9DC95A5B568} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24671608 2019-12-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {74FA159E-E053-4936-AF74-665DF40F5B9F} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [112984 2019-12-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {7774F6CA-238B-46E4-A9AC-1DEA4BAC002B} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [112984 2019-12-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {9BED28F9-283E-4A10-84E5-1BC232413309} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4321688 2019-12-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {A110620B-FDDB-455B-B1E0-CC7047CFA86E} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [746056 2018-01-10] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A25F413C-A71E-414E-B3B2-CF93D3D30F7F} - System32\Tasks\EPSON L3150 Series Update {457D917D-54BE-4B41-BCE1-30C3301381B6} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSUNE.EXE [680440 2017-06-07] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
Task: {BAC1CDFC-E33C-436D-B9FD-6A733570FEAE} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24671608 2019-12-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {CA4BBF4E-79AF-42CC-BF56-3AC51F1ADEE5} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [660040 2018-01-10] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {CD3DC142-8B12-4D06-B5A3-64EC72F57AD7} - System32\Tasks\EPSON L3150 Series Update {4F0681C6-99D9-4E4D-8BF5-008279E468D8} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSUNE.EXE [680440 2017-06-07] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
Task: {E7E0A54E-FEAD-4B2E-9848-FD58754EDBE4} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [524360 2018-01-10] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {EE8BBE94-B545-4568-9BE0-39BF260A8A13} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {F0FE289A-9FD9-4D0B-ADEE-6D92C3908F8A} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [660040 2018-01-10] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F17B4E51-D1CD-4A76-8A7A-921EEFE168FA} - System32\Tasks\Opera scheduled Autoupdate 1557004838 => C:\Users\Karlíkxy\AppData\Local\Programs\Opera\launcher.exe [1346584 2019-12-19] (Opera Software AS -> Opera Software)
Task: {F4F43628-A47D-4FB6-AD94-55F3D3EE5FB7} - System32\Tasks\EPSON L3150 Series Update {DB6591C5-FD46-431F-B299-7D40D46186DC} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSUNE.EXE [680440 2017-06-07] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\EPSON L3150 Series Update {457D917D-54BE-4B41-BCE1-30C3301381B6}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSUNE.EXE:/EXE:{457D917D-54BE-4B41-BCE1-30C3301381B6} /F:UpdateWORKGROUP\VELKEJPC$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\EPSON L3150 Series Update {4F0681C6-99D9-4E4D-8BF5-008279E468D8}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSUNE.EXE:/EXE:{4F0681C6-99D9-4E4D-8BF5-008279E468D8} /F:UpdateWORKGROUP\VELKEJPC$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\EPSON L3150 Series Update {DB6591C5-FD46-431F-B299-7D40D46186DC}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSUNE.EXE:/EXE:{DB6591C5-FD46-431F-B299-7D40D46186DC} /F:UpdateWORKGROUP\VELKEJPC$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.100.1
Tcpip\..\Interfaces\{c6eac970-e2c8-4318-998b-1c9e3e635683}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{c6eac970-e2c8-4318-998b-1c9e3e635683}: [DhcpNameServer] 192.168.100.1

Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-4144462506-2486898719-981058799-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2019-12-06] (Microsoft Corporation -> Microsoft Corporation)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll => No File
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2019-12-06] (Microsoft Corporation -> Microsoft Corporation)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll No File
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-12-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-12-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-12-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-12-06] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF DefaultProfile: kmapm4jw.default
FF ProfilePath: C:\Users\Karlíkxy\AppData\Roaming\TomTom\HOME\Profiles\eq9k5pmv.default [2019-12-07]
FF Homepage: TomTom\HOME\Profiles\eq9k5pmv.default -> about:home
FF NewTab: TomTom\HOME\Profiles\eq9k5pmv.default -> about:newtab
FF Extension: (RenaultTheme) - C:\Users\Karlíkxy\AppData\Roaming\TomTom\HOME\Profiles\eq9k5pmv.default\Extensions\RenaultTheme@tomtom.com [2019-03-14] [Legacy] [not signed]
FF Extension: (Map status indicator) - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com [2019-09-14] [Legacy] [not signed]
FF ProfilePath: C:\Users\Karlíkxy\AppData\Roaming\Mozilla\Firefox\Profiles\kmapm4jw.default [2019-12-25]
FF Homepage: Mozilla\Firefox\Profiles\kmapm4jw.default -> hxxps://www.seznam.cz/
FF NewTab: Mozilla\Firefox\Profiles\kmapm4jw.default -> about:newtab
FF Extension: (Blokátor reklam AdGuard) - C:\Users\Karlíkxy\AppData\Roaming\Mozilla\Firefox\Profiles\kmapm4jw.default\Extensions\adguardadblocker@adguard.com.xpi [2019-12-24]
FF Extension: (Český slovník pro kontrolu pravopisu) - C:\Users\Karlíkxy\AppData\Roaming\Mozilla\Firefox\Profiles\kmapm4jw.default\Extensions\cs@dictionaries.addons.mozilla.org.xpi [2019-01-05]
FF Extension: (To Google Translate) - C:\Users\Karlíkxy\AppData\Roaming\Mozilla\Firefox\Profiles\kmapm4jw.default\Extensions\jid1-93WyvpgvxzGATw@jetpack.xpi [2019-12-07]
FF Extension: (Blue Flower Vine by M♥Donna) - C:\Users\Karlíkxy\AppData\Roaming\Mozilla\Firefox\Profiles\kmapm4jw.default\Extensions\{04001c8a-6eff-4659-9196-0a552edd725a}.xpi [2019-05-11]
FF Extension: (tranquil blue) - C:\Users\Karlíkxy\AppData\Roaming\Mozilla\Firefox\Profiles\kmapm4jw.default\Extensions\{0d1802ae-eebf-4526-855b-1879b45e66cb}.xpi [2019-05-14]
FF Extension: (Fantasy of Lights - N.Lights Series 1) - C:\Users\Karlíkxy\AppData\Roaming\Mozilla\Firefox\Profiles\kmapm4jw.default\Extensions\{1a176495-2247-4217-b1fc-139fc11c4324}.xpi [2019-08-10]
FF Extension: (Ship in Lighthouse Reflection) - C:\Users\Karlíkxy\AppData\Roaming\Mozilla\Firefox\Profiles\kmapm4jw.default\Extensions\{2db9f8d0-ee99-4d57-a581-2722da1b573d}.xpi [2019-05-07]
FF Extension: (Dark Cubes) - C:\Users\Karlíkxy\AppData\Roaming\Mozilla\Firefox\Profiles\kmapm4jw.default\Extensions\{2dbb0302-0a64-4964-bb64-d157474dd324}.xpi [2019-05-14]
FF Extension: (Animated A Toon Town Christmas) - C:\Users\Karlíkxy\AppData\Roaming\Mozilla\Firefox\Profiles\kmapm4jw.default\Extensions\{328c92e1-1e11-4985-a74e-96aa60d8d243}.xpi [2019-05-14]
FF Extension: (Deep Dark Blue Forest) - C:\Users\Karlíkxy\AppData\Roaming\Mozilla\Firefox\Profiles\kmapm4jw.default\Extensions\{5db58b6b-6fbc-4be3-b48d-e536ac711a10}.xpi [2019-05-14]
FF Extension: (Tv Firefox) - C:\Users\Karlíkxy\AppData\Roaming\Mozilla\Firefox\Profiles\kmapm4jw.default\Extensions\{6eafd633-df99-4fc0-a515-039ba8f8f253}.xpi [2019-05-14]
FF Extension: (FFX Developer) - C:\Users\Karlíkxy\AppData\Roaming\Mozilla\Firefox\Profiles\kmapm4jw.default\Extensions\{73574968-e44d-401e-8477-43882b7c9f22}.xpi [2019-05-14]
FF Extension: (romantic fox by candelora) - C:\Users\Karlíkxy\AppData\Roaming\Mozilla\Firefox\Profiles\kmapm4jw.default\Extensions\{98e9a154-97f2-4d2b-ae49-6a6ca3d5f256}.xpi [2019-08-13]
FF Extension: (Fox in the Clouds) - C:\Users\Karlíkxy\AppData\Roaming\Mozilla\Firefox\Profiles\kmapm4jw.default\Extensions\{aa842ed2-c0e8-4238-a894-c71e5bb2e97d}.xpi [2019-05-14]
FF Extension: (esafox) - C:\Users\Karlíkxy\AppData\Roaming\Mozilla\Firefox\Profiles\kmapm4jw.default\Extensions\{b526b65f-3165-4dcc-a534-3474d1de766b}.xpi [2019-05-14]
FF Extension: (FamousFox) - C:\Users\Karlíkxy\AppData\Roaming\Mozilla\Firefox\Profiles\kmapm4jw.default\Extensions\{bbf9b829-01fb-4406-8200-7622ed399df5}.xpi [2019-05-14]
FF Extension: (лиса) - C:\Users\Karlíkxy\AppData\Roaming\Mozilla\Firefox\Profiles\kmapm4jw.default\Extensions\{cdfd0c6c-8fc0-4565-ab49-fe3437600595}.xpi [2019-05-14]
FF Extension: (Grayfox) - C:\Users\Karlíkxy\AppData\Roaming\Mozilla\Firefox\Profiles\kmapm4jw.default\Extensions\{ceb971ca-37e6-4c49-ab6e-1d1a97a1eb8c}.xpi [2019-05-14]
FF Extension: (Winter Cabin Collage by M♥Donna) - C:\Users\Karlíkxy\AppData\Roaming\Mozilla\Firefox\Profiles\kmapm4jw.default\Extensions\{dba00d63-b5fe-4363-a4cf-e918ca9db46a}.xpi [2019-05-14]
FF Extension: (FirefoxClassicalBlue) - C:\Users\Karlíkxy\AppData\Roaming\Mozilla\Firefox\Profiles\kmapm4jw.default\Extensions\{dc4152a2-0127-4e36-aaf9-7a0ab4c46dc0}.xpi [2019-05-14]
FF Extension: (Dark Fox) - C:\Users\Karlíkxy\AppData\Roaming\Mozilla\Firefox\Profiles\kmapm4jw.default\Extensions\{e7fe4ffe-f256-4f85-906d-072fdd698585}.xpi [2019-05-14]
FF Extension: (Space Fantasy Redux) - C:\Users\Karlíkxy\AppData\Roaming\Mozilla\Firefox\Profiles\kmapm4jw.default\Extensions\{f5453979-a039-4066-8aee-cb64fc98f936}.xpi [2019-08-13]
FF Extension: (Blue Flow) - C:\Users\Karlíkxy\AppData\Roaming\Mozilla\Firefox\Profiles\kmapm4jw.default\Extensions\{fb1fb250-2fd9-4f24-85ba-23dfcbf9f4e1}.xpi [2019-05-14]
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [1999-12-31] (Tracker Software Products (Canada) Ltd -> Tracker Software Products Ltd.)
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [1999-12-31] (Tracker Software Products (Canada) Ltd -> Tracker Software Products Ltd.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-12-06] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-12-06] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin HKU\S-1-5-21-4144462506-2486898719-981058799-1001: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [1999-12-31] (Tracker Software Products (Canada) Ltd -> Tracker Software Products Ltd.)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\eset_security_config_overlay.js [2019-12-25]

Opera:
=======
OPR Extension: (AdGuard AdBlocker) - C:\Users\Karlíkxy\AppData\Roaming\Opera Software\Opera Stable\Extensions\bopfaehpakahokaelnomggbohfbimcia [2019-12-09]
OPR Extension: (Translator) - C:\Users\Karlíkxy\AppData\Roaming\Opera Software\Opera Stable\Extensions\cnbpedcoekjafichoehopgaaldogogch [2019-12-09]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3147344 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2914896 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11345992 2019-11-28] (Microsoft Corporation -> Microsoft Corporation)
R2 dlpsrv; C:\Program Files\ESET\ESET Secure Data\dlpsrv.exe [542400 2019-10-02] (DESlock Limited -> DESlock Limited.)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2245488 2019-12-13] (ESET, spol. s r.o. -> ESET)
R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [145224 2018-01-29] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [190784 2018-12-12] (Huawei Technologies Co., Ltd. -> ) [File not signed]
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6347056 2018-09-19] (Malwarebytes Corporation -> Malwarebytes)
S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5796168 2019-09-11] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 sshd; C:\WINDOWS\System32\OpenSSH\sshd.exe [974848 2019-03-01] (Microsoft Windows -> )
S3 SshdBroker; C:\WINDOWS\System32\SshdBroker.dll [290816 2019-10-21] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4098056 2019-03-19] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [113992 2019-03-19] (Microsoft Corporation -> Microsoft Corporation)
R2 Winstep Xtreme Service; C:\Program Files (x86)\Winstep\WsxService.exe [775680 2018-06-06] (Winstep Software Technologies) [File not signed]
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 amdide64; C:\WINDOWS\System32\drivers\amdide64.sys [13848 2019-04-11] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices Inc.)
R0 DLMFENC; C:\WINDOWS\System32\DRIVERS\DLMFENC.sys [174152 2019-10-02] (DESlock Limited -> DESlock Ltd.)
R0 DLPCRYPT; C:\WINDOWS\System32\DRIVERS\dlpcrypt.sys [121728 2019-10-02] (DESlock Limited -> DESlock Ltd.)
R0 dlpvdisk; C:\WINDOWS\System32\DRIVERS\dlpvdisk.sys [98296 2019-10-02] (DESlock Limited -> DESlock Ltd.)
S3 dot4; C:\WINDOWS\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Hewlett-Packard Company -> Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\WINDOWS\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Hewlett-Packard Company -> Windows (R) Win 7 DDK provider)
S3 dot4usb; C:\WINDOWS\system32\DRIVERS\dot4usb.sys [49056 2012-10-19] (Hewlett-Packard Company -> Microsoft Corporation)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [149944 2019-10-21] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [103264 2019-10-21] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15800 2019-06-05] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [189512 2019-10-21] (ESET, spol. s r.o. -> ESET)
R2 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [50712 2019-10-21] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [79744 2019-12-13] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [116696 2019-12-13] (ESET, spol. s r.o. -> ESET)
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2018-12-12] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 gdrv; C:\WINDOWS\gdrv.sys [26192 2019-04-26] (Giga-Byte Technology -> Windows (R) Server 2003 DDK provider)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2019-04-11] (Martin Malik - REALiX -> REALiX(tm))
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_db678424d2641c3d\nvlddmkm.sys [22094728 2019-10-04] (NVIDIA Corporation -> NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [1138136 2019-04-11] (Realtek Semiconductor Corp. -> Realtek )
S3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [452008 2019-04-07] (Realtek Semiconductor Corp. -> Realsil Semiconductor Corporation)
R0 VDLPToken2; C:\WINDOWS\System32\DRIVERS\vdlptkn2.sys [135672 2019-10-02] (DESlock Limited -> DESlock Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46472 2019-03-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [333784 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [155632 2015-08-07] (Gionee Communication Equipment Co.Ltd.Shenzhen -> MBB)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [62432 2019-03-19] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-12-25 11:59 - 2019-12-25 12:00 - 000037771 _____ C:\Users\Karlíkxy\Desktop\Addition.txt
2019-12-25 11:56 - 2019-12-25 12:14 - 000027731 _____ C:\Users\Karlíkxy\Desktop\FRST.txt
2019-12-25 11:55 - 2019-12-25 12:14 - 000000000 ____D C:\FRST
2019-12-25 11:55 - 2019-12-25 11:55 - 002271744 _____ (Farbar) C:\Users\Karlíkxy\Desktop\FRST64.exe
2019-12-22 19:08 - 2019-12-22 19:12 - 000000000 ____D C:\Users\Karlíkxy\Desktop\Icony
2019-12-19 14:52 - 2019-12-19 15:04 - 000000000 ____D C:\ESD
2019-12-19 14:51 - 2019-12-19 14:51 - 000000000 ___HD C:\$Windows.~WS
2019-12-19 14:51 - 2019-12-19 14:51 - 000000000 ____D C:\$WINDOWS.~BT
2019-12-18 16:44 - 2019-12-18 17:00 - 000000000 ____D C:\Users\Karlíkxy\AppData\Roaming\SpinTires
2019-12-13 17:43 - 2019-12-13 17:43 - 001610752 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2019-12-13 17:43 - 2019-12-13 17:43 - 001098928 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2019-12-13 17:42 - 2019-12-13 17:43 - 025443840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2019-12-13 17:42 - 2019-12-13 17:42 - 018020352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-12-13 17:42 - 2019-12-13 17:42 - 009927992 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-12-13 17:42 - 2019-12-13 17:42 - 007905000 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-12-13 17:42 - 2019-12-13 17:42 - 007754240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-12-13 17:42 - 2019-12-13 17:42 - 007600448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-12-13 17:42 - 2019-12-13 17:42 - 007278592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-12-13 17:42 - 2019-12-13 17:42 - 007263992 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2019-12-13 17:42 - 2019-12-13 17:42 - 006516648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-12-13 17:42 - 2019-12-13 17:42 - 006083832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-12-13 17:42 - 2019-12-13 17:42 - 005943296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-12-13 17:42 - 2019-12-13 17:42 - 005914112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-12-13 17:42 - 2019-12-13 17:42 - 005764664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2019-12-13 17:42 - 2019-12-13 17:42 - 004129416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2019-12-13 17:42 - 2019-12-13 17:42 - 003729408 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-12-13 17:42 - 2019-12-13 17:42 - 003703296 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-12-13 17:42 - 2019-12-13 17:42 - 002800640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-12-13 17:42 - 2019-12-13 17:42 - 002762296 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-12-13 17:42 - 2019-12-13 17:42 - 002716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-12-13 17:42 - 2019-12-13 17:42 - 002698768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-12-13 17:42 - 2019-12-13 17:42 - 002494432 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2019-12-13 17:42 - 2019-12-13 17:42 - 002284544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-12-13 17:42 - 2019-12-13 17:42 - 002188816 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll
2019-12-13 17:42 - 2019-12-13 17:42 - 002147328 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2019-12-13 17:42 - 2019-12-13 17:42 - 002082208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-12-13 17:42 - 2019-12-13 17:42 - 001757304 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-12-13 17:42 - 2019-12-13 17:42 - 001748480 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-12-13 17:42 - 2019-12-13 17:42 - 001743888 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2019-12-13 17:42 - 2019-12-13 17:42 - 001697280 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-12-13 17:42 - 2019-12-13 17:42 - 001664904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2019-12-13 17:42 - 2019-12-13 17:42 - 001656600 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2019-12-13 17:42 - 2019-12-13 17:42 - 001647072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-12-13 17:42 - 2019-12-13 17:42 - 001539584 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2019-12-13 17:42 - 2019-12-13 17:42 - 001512528 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-12-13 17:42 - 2019-12-13 17:42 - 001496080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll
2019-12-13 17:42 - 2019-12-13 17:42 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-12-13 17:42 - 2019-12-13 17:42 - 001451520 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2019-12-13 17:42 - 2019-12-13 17:42 - 001413840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-12-13 17:42 - 2019-12-13 17:42 - 001399312 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-12-13 17:42 - 2019-12-13 17:42 - 001366128 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-12-13 17:42 - 2019-12-13 17:42 - 001261464 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2019-12-13 17:42 - 2019-12-13 17:42 - 001182448 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-12-13 17:42 - 2019-12-13 17:42 - 001149712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-12-13 17:42 - 2019-12-13 17:42 - 001072952 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-12-13 17:42 - 2019-12-13 17:42 - 001066496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-12-13 17:42 - 2019-12-13 17:42 - 001054864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2019-12-13 17:42 - 2019-12-13 17:42 - 001006904 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2019-12-13 17:42 - 2019-12-13 17:42 - 000986936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refsv1.sys
2019-12-13 17:42 - 2019-12-13 17:42 - 000921600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2019-12-13 17:42 - 2019-12-13 17:42 - 000878080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Service.dll
2019-12-13 17:42 - 2019-12-13 17:42 - 000842552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2019-12-13 17:42 - 2019-12-13 17:42 - 000826368 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelinesvc.exe
2019-12-13 17:42 - 2019-12-13 17:42 - 000822416 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2019-12-13 17:42 - 2019-12-13 17:42 - 000797112 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2019-12-13 17:42 - 2019-12-13 17:42 - 000774456 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2019-12-13 17:42 - 2019-12-13 17:42 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2019-12-13 17:42 - 2019-12-13 17:42 - 000674280 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2019-12-13 17:42 - 2019-12-13 17:42 - 000673456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2019-12-13 17:42 - 2019-12-13 17:42 - 000646144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2019-12-13 17:42 - 2019-12-13 17:42 - 000598016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-12-13 17:42 - 2019-12-13 17:42 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-12-13 17:42 - 2019-12-13 17:42 - 000593128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2019-12-13 17:42 - 2019-12-13 17:42 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2019-12-13 17:42 - 2019-12-13 17:42 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2019-12-13 17:42 - 2019-12-13 17:42 - 000532480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-12-13 17:42 - 2019-12-13 17:42 - 000530944 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll
2019-12-13 17:42 - 2019-12-13 17:42 - 000524264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Enumeration.dll
2019-12-13 17:42 - 2019-12-13 17:42 - 000513536 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2019-12-13 17:42 - 2019-12-13 17:42 - 000511000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
2019-12-13 17:42 - 2019-12-13 17:42 - 000457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2019-12-13 17:42 - 2019-12-13 17:42 - 000430080 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll
2019-12-13 17:42 - 2019-12-13 17:42 - 000422712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2019-12-13 17:42 - 2019-12-13 17:42 - 000406480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Enumeration.dll
2019-12-13 17:42 - 2019-12-13 17:42 - 000404480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\exfat.sys
2019-12-13 17:42 - 2019-12-13 17:42 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys
2019-12-13 17:42 - 2019-12-13 17:42 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2019-12-13 17:42 - 2019-12-13 17:42 - 000210744 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2019-12-13 17:42 - 2019-12-13 17:42 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2019-12-13 17:42 - 2019-12-13 17:42 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2019-12-13 17:42 - 2019-12-13 17:42 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-12-13 17:42 - 2019-12-13 17:42 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2019-12-13 17:42 - 2019-12-13 17:42 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2019-12-13 17:42 - 2019-12-13 17:42 - 000127272 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2019-12-13 17:42 - 2019-12-13 17:42 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2019-12-13 17:42 - 2019-12-13 17:42 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2019-12-13 17:42 - 2019-12-13 17:42 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2019-12-13 17:42 - 2019-12-13 17:42 - 000100352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cdfs.sys
2019-12-13 17:42 - 2019-12-13 17:42 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2019-12-13 17:42 - 2019-12-13 17:42 - 000097080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2019-12-13 17:42 - 2019-12-13 17:42 - 000089536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2019-12-13 17:42 - 2019-12-13 17:42 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\CustomInstallExec.exe
2019-12-13 17:42 - 2019-12-13 17:42 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilot.dll
2019-12-13 17:42 - 2019-12-13 17:42 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
2019-12-13 17:42 - 2019-12-13 17:42 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdProxy.dll
2019-12-13 17:42 - 2019-12-13 17:42 - 000067112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsManagementServiceWinRt.ProxyStub.dll
2019-12-13 17:42 - 2019-12-13 17:42 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelineprxy.dll
2019-12-13 17:42 - 2019-12-13 17:42 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevQueryBroker.dll
2019-12-13 17:42 - 2019-12-13 17:42 - 000032056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpvideominiport.sys
2019-12-13 17:42 - 2019-12-13 17:42 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilotdiag.dll
2019-12-13 17:42 - 2019-12-13 17:42 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2019-12-13 17:42 - 2019-12-13 17:42 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2019-12-13 17:42 - 2019-12-13 17:42 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2019-12-13 17:42 - 2019-12-13 17:42 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll
2019-12-13 17:42 - 2019-12-13 17:42 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2019-12-13 17:42 - 2019-12-13 17:42 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
2019-12-08 17:43 - 2019-12-08 17:43 - 000000000 ____D C:\Users\Karlíkxy\AppData\Local\Notepad++
2019-12-08 14:08 - 2019-12-08 14:08 - 000000000 ____D C:\Users\Karlíkxy\Documents\My Cheat Tables
2019-12-08 11:42 - 2019-12-08 11:42 - 000000000 ____D C:\Users\Karlíkxy\AppData\Local\PeerDistRepub
2019-12-07 23:21 - 2014-02-13 23:59 - 000024064 _____ C:\WINDOWS\zoek-delete.exe
2019-12-06 22:35 - 2019-10-04 16:55 - 000286416 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2019-12-06 22:35 - 2019-10-04 16:55 - 000286416 _____ C:\WINDOWS\system32\vulkaninfo.exe
2019-12-06 22:35 - 2019-10-04 16:55 - 000260304 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2019-12-06 22:35 - 2019-10-04 16:55 - 000260304 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2019-12-06 22:35 - 2019-10-04 16:54 - 011059640 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2019-12-06 22:35 - 2019-10-04 16:54 - 009492896 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2019-12-06 22:35 - 2019-10-04 16:54 - 001006800 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2019-12-06 22:35 - 2019-10-04 16:54 - 001006800 _____ C:\WINDOWS\system32\vulkan-1.dll
2019-12-06 22:35 - 2019-10-04 16:54 - 000870096 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2019-12-06 22:35 - 2019-10-04 16:54 - 000870096 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2019-12-06 22:35 - 2019-10-04 16:54 - 000552328 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2019-12-06 22:35 - 2019-10-04 16:54 - 000456632 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2019-12-06 22:35 - 2019-10-04 16:53 - 002041784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2019-12-06 22:35 - 2019-10-04 16:53 - 001721816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6443200.dll
2019-12-06 22:35 - 2019-10-04 16:53 - 001543424 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2019-12-06 22:35 - 2019-10-04 16:53 - 001472200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2019-12-06 22:35 - 2019-10-04 16:53 - 001468504 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6443200.dll
2019-12-06 22:35 - 2019-10-04 16:53 - 001164160 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2019-12-06 22:35 - 2019-10-04 16:53 - 001135816 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2019-12-06 22:35 - 2019-10-04 16:53 - 000914336 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2019-12-06 22:35 - 2019-10-04 16:53 - 000822232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
2019-12-06 22:35 - 2019-10-04 16:53 - 000810456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2019-12-06 22:35 - 2019-10-04 16:53 - 000676824 _____ C:\WINDOWS\system32\nvofapi64.dll
2019-12-06 22:35 - 2019-10-04 16:53 - 000656344 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2019-12-06 22:35 - 2019-10-04 16:53 - 000633728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2019-12-06 22:35 - 2019-10-04 16:53 - 000544160 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2019-12-06 22:35 - 2019-10-04 16:53 - 000523520 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2019-12-06 22:35 - 2019-10-04 16:53 - 000055448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2019-12-06 22:35 - 2019-10-04 16:52 - 040412760 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2019-12-06 22:35 - 2019-10-04 16:52 - 035269832 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2019-12-06 22:35 - 2019-10-04 16:52 - 020194712 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2019-12-06 22:35 - 2019-10-04 16:52 - 017471576 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2019-12-06 22:35 - 2019-10-04 16:52 - 005425808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2019-12-06 22:35 - 2019-10-04 16:52 - 004768160 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2019-12-06 22:35 - 2019-10-04 16:51 - 004342528 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-12-25 12:14 - 2018-10-13 19:01 - 000000000 ____D C:\Users\Karlíkxy\AppData\Roaming\uTorrent
2019-12-25 12:13 - 2019-09-07 17:44 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-12-25 11:55 - 2017-03-17 11:45 - 000000000 ____D C:\Users\Karlíkxy\AppData\LocalLow\Mozilla
2019-12-24 23:35 - 2018-03-09 23:48 - 000000000 ____D C:\Users\Karlíkxy\AppData\Roaming\vlc
2019-12-24 23:35 - 2017-04-16 16:20 - 000000000 ____D C:\ProgramData\NVIDIA
2019-12-24 23:17 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-12-24 22:48 - 2019-06-14 10:10 - 000000000 ____D C:\Users\Karlíkxy\Documents\Euro Truck Simulator 2
2019-12-24 22:23 - 2017-03-17 12:30 - 000000000 ____D C:\Program Files (x86)\Steam
2019-12-24 21:29 - 2018-02-02 20:52 - 000000000 ___RD C:\Users\Karlíkxy\Desktop\Bordel z plochy
2019-12-24 20:13 - 2019-10-06 13:28 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2019-12-24 20:13 - 2019-10-06 13:28 - 000000000 ___HD C:\ProgramData\Documents\AdobeGCData
2019-12-23 22:11 - 2018-07-04 11:06 - 000000000 ____D C:\Users\Karlíkxy\Documents\American Truck Simulator
2019-12-23 18:05 - 2017-12-10 10:59 - 000000000 ____D C:\Users\Karlíkxy\AppData\Local\CrashDumps
2019-12-23 09:45 - 2019-04-04 22:54 - 000000000 ____D C:\Users\Public\Documents\Winstep
2019-12-23 09:45 - 2019-04-04 22:54 - 000000000 ____D C:\ProgramData\Documents\Winstep
2019-12-21 11:00 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps
2019-12-21 11:00 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-12-21 10:58 - 2019-09-07 18:06 - 000004188 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1557004838
2019-12-21 10:58 - 2019-05-04 22:20 - 000001456 _____ C:\Users\Karlíkxy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2019-12-19 15:04 - 2019-08-30 17:20 - 000000000 ___DC C:\WINDOWS\Panther
2019-12-18 18:36 - 2019-03-19 05:50 - 000000000 ____D C:\WINDOWS\INF
2019-12-18 16:14 - 2019-01-20 09:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2019-12-14 17:28 - 2018-07-13 17:03 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2019-12-14 14:21 - 2017-10-18 17:37 - 000000000 ____D C:\Users\Karlíkxy\AppData\Local\Packages
2019-12-13 18:26 - 2019-09-07 18:01 - 001693640 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-12-13 18:26 - 2019-03-19 12:57 - 000716944 _____ C:\WINDOWS\system32\perfh005.dat
2019-12-13 18:26 - 2019-03-19 12:57 - 000145024 _____ C:\WINDOWS\system32\perfc005.dat
2019-12-13 18:23 - 2017-10-18 17:53 - 000000000 ___RD C:\Users\Karlíkxy\3D Objects
2019-12-13 18:23 - 2016-11-21 05:46 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-12-13 18:22 - 2019-09-07 18:06 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-12-13 18:22 - 2019-09-07 17:43 - 000657096 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-12-13 18:21 - 2019-03-19 05:37 - 000262144 _____ C:\WINDOWS\system32\config\BBI
2019-12-13 18:20 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SystemResources
2019-12-13 18:20 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-12-13 18:20 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-12-13 17:51 - 2017-03-17 13:27 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-12-13 17:47 - 2019-03-19 05:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-12-13 17:47 - 2017-03-17 13:26 - 129221664 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-12-13 17:22 - 2017-10-18 16:36 - 000116696 _____ (ESET) C:\WINDOWS\system32\Drivers\epfwwfp.sys
2019-12-13 17:22 - 2017-10-18 16:36 - 000079744 _____ (ESET) C:\WINDOWS\system32\Drivers\epfw.sys
2019-12-09 15:30 - 2017-03-17 11:45 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2019-12-07 23:22 - 2017-04-28 21:50 - 000000008 __RSH C:\ProgramData\ntuser.pol
2019-12-07 23:16 - 2019-09-07 17:51 - 000000000 ____D C:\Users\Karlíkxy
2019-12-07 23:16 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2019-12-07 23:16 - 2016-07-16 12:47 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2019-12-07 00:37 - 2017-04-16 16:20 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2019-12-06 22:37 - 2017-04-16 16:20 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2019-12-06 22:37 - 2017-04-16 16:20 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2019-12-06 22:30 - 2019-08-24 15:54 - 000000000 ____D C:\ProgramData\Zoner
2019-12-05 20:19 - 2017-03-20 20:23 - 000001228 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-12-01 15:48 - 2018-02-10 21:18 - 000000000 ____D C:\Users\Karlíkxy\Documents\ConvertXToDVD

==================== Files in the root of some directories ========

2018-02-10 21:18 - 2018-02-10 21:18 - 000099384 _____ () C:\Users\Karlíkxy\AppData\Roaming\inst.exe
2018-02-10 21:18 - 2018-02-10 21:18 - 000007859 _____ () C:\Users\Karlíkxy\AppData\Roaming\pcouffin.cat
2018-02-10 21:18 - 2018-02-10 21:18 - 000001167 _____ () C:\Users\Karlíkxy\AppData\Roaming\pcouffin.inf
2018-02-10 21:18 - 2018-02-10 21:18 - 000000055 _____ () C:\Users\Karlíkxy\AppData\Roaming\pcouffin.log
2018-02-10 21:18 - 2018-02-10 21:18 - 000082816 _____ (VSO Software) C:\Users\Karlíkxy\AppData\Roaming\pcouffin.sys
2019-03-28 18:04 - 2019-03-28 18:04 - 000000208 _____ () C:\Users\Karlíkxy\AppData\Roaming\VELKEJPC.MTBF.txt
2019-03-28 18:05 - 2019-03-28 18:05 - 000003584 _____ () C:\Users\Karlíkxy\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-07-26 14:40 - 2017-07-26 14:40 - 000000017 _____ () C:\Users\Karlíkxy\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-12-2019 01
Ran by Karlíkxy (25-12-2019 12:15:05)
Running from C:\Users\Karlíkxy\Desktop
Windows 10 Pro Version 1903 18362.535 (X64) (2019-09-07 17:07:31)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-4144462506-2486898719-981058799-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4144462506-2486898719-981058799-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-4144462506-2486898719-981058799-1000 - Limited - Disabled)
Guest (S-1-5-21-4144462506-2486898719-981058799-501 - Limited - Disabled)
Karlíkxy (S-1-5-21-4144462506-2486898719-981058799-1001 - Administrator - Enabled) => C:\Users\Karlíkxy
WDAGUtilityAccount (S-1-5-21-4144462506-2486898719-981058799-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Security (Enabled - Up to date) {885D845F-AF19-0124-FECE-FFF49D00F440}
AV: ESET Security (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET Security (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Firewall (Enabled) {B066057A-E576-007C-D591-56C163D3B33B}
FW: ESET Firewall (Enabled) {D426EE12-AE7E-4602-F40F-BBCA8137EB0B}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKLM-x32\...\uTorrent) (Version: 2.2.1.25534 - emc, uTorrent.CZ)
64 Bit HP CIO Components Installer (HKLM\...\{FF21C3E6-97FD-474F-9518-8DCBE94C2854}) (Version: 7.2.8 - Hewlett-Packard) Hidden
Adobe Photoshop 2020 (HKLM-x32\...\PHSP_21_0_1) (Version: 21.0.1 - Adobe Systems Incorporated)
Ashampoo Burning Studio 20 (HKLM-x32\...\{91B33C97-155F-C10C-D4D6-CABA03805EE4}_is1) (Version: 20.0.2 - Ashampoo GmbH & Co. KG)
Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch (HKLM-x32\...\InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}) (Version: - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch (HKLM-x32\...\InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}) (Version: - ) Hidden
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 391.01 - NVIDIA Corporation) Hidden
DjVuLibre+DjView (HKLM-x32\...\DjVuLibre+DjView) (Version: 3.5.22+4.5 - DjVuZone)
Easy Photo Scan (HKLM-x32\...\{9E3F2EC3-7E4F-4F20-A56F-7A24D6E3D39B}) (Version: 1.00.0017 - Seiko Epson Corporation)
Epson Event Manager (HKLM-x32\...\{49048EBF-3803-4AA4-8943-675E6E8D5B30}) (Version: 3.11.0030 - Seiko Epson Corporation)
EPSON L3150 Series Printer Uninstall (HKLM\...\EPSON L3150 Series) (Version: - Seiko Epson Corporation)
Epson Photo+ (HKLM-x32\...\{5874C85E-A911-4A7E-8643-DB2C4322CBBF}) (Version: 3.1.0.0 - Seiko Epson Corporation)
Epson Printer Connection Checker (HKLM-x32\...\{FFA5C174-DB3F-4AFE-B59D-C0FB1744CD76}) (Version: 3.1.0.0 - Seiko Epson Corporation)
Epson Scan 2 (HKLM-x32\...\Epson Scan 2) (Version: - Seiko Epson Corporation)
EPSON Scan OCR Component (HKLM-x32\...\{563B99D8-8895-4E3E-AE8D-15BE8C05F1C1}) (Version: 3.00.04 - SEIKO EPSON Corp.)
EPSON Scan PDF Extensions (HKLM-x32\...\{F9956472-6E16-4F83-BF9A-F887EF4A45B7}) (Version: 1.03.0001 - SEIKO EPSON Corp.)
Epson ScanSmart (HKLM-x32\...\{C22B4EC7-9C8A-4465-AD84-F88DE59E1F9F}) (Version: 2.5.1 - Seiko Epson Corporation)
EpsonNet Print (HKLM\...\{96ED1D58-440C-4345-8FEE-C4781366C67F}) (Version: 3.1.4.0 - SEIKO EPSON Corporation)
ESET Premium Line Encryption (HKLM\...\{9A6F6D1F-CEBC-4338-87EC-D7F208CFCED1}) (Version: 1.0.19 - ESET) Hidden
ESET Security (HKLM\...\{0F462EFA-8AE8-4C2A-BC94-0AFFF17A8245}) (Version: 13.0.24.0 - ESET, spol. s r.o.)
FinePrint (HKLM\...\FinePrint) (Version: 10.02 - FinePrint Software, LLC)
Fotogalerie (HKLM-x32\...\{F37D360D-9308-4BB1-8515-DC6B637B9486}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
HiSuite (HKLM-x32\...\Hi Suite) (Version: 9.0.3.300 - Huawei Technologies Co.,Ltd)
Mac Blu-ray Player (HKLM-x32\...\Mac Blu-ray Player) (Version: 2.17.4.3289 - Macgo Inc.)
Malwarebytes verze 3.6.1.2711 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.6.1.2711 - Malwarebytes)
Metro 2033 Redux (HKLM-x32\...\1436434037_is1) (Version: 2.0.0.2 - GOG.com)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - cs-cz (HKLM\...\ProPlusRetail - cs-cz) (Version: 16.0.12228.20364 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x64 8.0.61000 (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x86 8.0.61001 (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{a2199617-3609-410f-a8e8-e8806c73545b}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{f0080ca2-80ae-4958-b6eb-e8fa916d744a}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{0513c9cf-7191-45a7-ace9-ecdad03c93a4}) (Version: 12.0.40660.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{10dc8dbf-d3d7-4e23-be07-120fe5c66b78}) (Version: 12.0.40660.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2017 RC Redistributable (x64) - 14.10.24728 (HKLM-x32\...\{197f8e1a-7e93-4cb4-a4f9-19dc2c2c4ee2}) (Version: 14.10.24728.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 RC Redistributable (x86) - 14.10.24728 (HKLM-x32\...\{38602f72-a7f8-456b-84e5-6e200dc99917}) (Version: 14.10.24728.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.14.26429 (HKLM-x32\...\{80586c77-db42-44bb-bfc8-7aebbb220c00}) (Version: 14.14.26429.4 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.16.27012 (HKLM-x32\...\{427ada59-85e7-4bc8-b8d5-ebf59db60423}) (Version: 14.16.27012.6 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.14.26429 (HKLM-x32\...\{2019b6a0-8533-4a04-ac0e-b2c10bdb9841}) (Version: 14.14.26429.4 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.15.26706 (HKLM-x32\...\{7e9fae12-5bbf-47fb-b944-09c49e75c061}) (Version: 14.15.26706.0 - Microsoft Corporation)
Moorfrosch XXL (HKLM-x32\...\{852DBAD9-ECAC-48FD-99D8-775CF9BFD42C}) (Version: - )
Movie Maker (HKLM-x32\...\{3D2CF65C-B544-4308-B996-700D3E5F6C4C}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version: - Pavel Cvrcek)
Mozilla Firefox 71.0 (x64 cs) (HKLM\...\Mozilla Firefox 71.0 (x64 cs)) (Version: 71.0 - Mozilla)
Next Generation Visualisations (HKLM-x32\...\{2E376AD9-5C49-4F7D-A0BA-6A44E8FA5A3B}) (Version: 1.0.0 - Microsoft)
Nexus (HKLM-x32\...\Winstep Xtreme_is1) (Version: - )
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 7.5.8 - Notepad++ Team)
NVIDIA Ovladač HD audia 1.3.38.16 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.16 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 432.00 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 432.00 - NVIDIA Corporation)
NVIDIA PhysX (Legacy) (HKLM-x32\...\{FAAC26AD-73BA-40CE-86AA-C9213F9E064A}) (Version: 9.13.0604 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.12228.20364 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.12228.20364 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.12228.20364 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.12228.20364 - Microsoft Corporation) Hidden
Opera Stable 65.0.3467.78 (HKU\S-1-5-21-4144462506-2486898719-981058799-1001\...\Opera 65.0.3467.78) (Version: 65.0.3467.78 - Opera Software)
Ovládací panel NVIDIA 432.00 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 432.00 - NVIDIA Corporation) Hidden
PDF-XChange 4 Pro (HKLM\...\{E38531EE-318C-4EFB-A36B-1A57BFBDAB3C}_is1) (Version: 4.200.200.0 - Tracker Software Products Ltd)
Print Passport Photo 1.2.0 (HKLM-x32\...\Print Passport Photo_is1) (Version: 1.2.0 - Marcello Pietrelli & Gianni Baini)
Příručky společnosti EPSON (HKLM-x32\...\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}) (Version: 1.56.1.0 - Seiko Epson Corporation)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8581 - Realtek Semiconductor Corp.)
Revo Uninstaller Pro 4.2.1 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 4.2.1 - VS Revo Group, Ltd.)
Skype verze 8.55 (HKLM-x32\...\Skype_is1) (Version: 8.55 - Skype Technologies S.A.)
SolSuite 2011 v11.1 (HKLM-x32\...\SolSuite_is1) (Version: - TreeCardGames)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TomTom HOME (HKLM-x32\...\{D4CE8CC5-B7D1-4A6A-907E-57A060F4A0E0}) (Version: 2.11.8 - Název společnosti:)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.21a - Ghisler Software GmbH)
Trine 4 CZ GoG v.1.0.7998 (HKLM-x32\...\Trine 4 CZ GoG v.1.0.7998) (Version: GoG v.1.0.7998 - Libbi)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F814D094-197F-43C8-87FA-3210BB780486}) (Version: 2.53.0.0 - Microsoft Corporation)
uRage Reaper nxt. version 1.0.3 (HKLM-x32\...\{2F606408-495F-4772-A3A7-BE0A31C4B261}_is1) (Version: 1.0.3 - )
VLC media player (HKLM\...\VLC media player) (Version: 3.0.4 - VideoLAN)
VSO ConvertXToDVD 7 (HKLM-x32\...\{A021D003-6933-4EA4-B582-F1D0C3E52409}_is1) (Version: 7.0.0.52 - VSO Software)
Wargaming.net Game Center (HKU\S-1-5-21-4144462506-2486898719-981058799-1001\...\Wargaming.net Game Center) (Version: 19.7.0.7412 - Wargaming.net)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.70 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)
Wondershare Filmora9(Build 9.1.0) (HKLM\...\Wondershare Filmora9_is1) (Version: - Wondershare Software)
Wondershare Helper Compact 2.6.0 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.6.0 - Wondershare)
World of Tanks EU (HKU\S-1-5-21-4144462506-2486898719-981058799-1001\...\WOT.EU.PRODUCTION) (Version: - Wargaming.net)
YouTube By Click 2.2.119 (HKLM-x32\...\YouTube By Click_is1) (Version: 2.2.119 - lrepacks.ru)
Zoner Photo Studio X CS (HKU\S-1-5-21-4144462506-2486898719-981058799-1001\...\ZPS X) (Version: 19.1909.2.195 - ZONER software)

Packages:
=========
EdgeDevtoolsPlugin -> C:\WINDOWS\SystemApps\Microsoft.EdgeDevtoolsPlugin_cw5n1h2txyewy [2019-11-15] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-15] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-15] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.5.12061.0_x64__8wekyb3d8bbwe [2019-12-18] (Microsoft Studios) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.34.13393.0_x64__8wekyb3d8bbwe [2019-12-18] (Microsoft Corporation) [MS Ad]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers: [ESD Shell Icon Overlay Identifier] -> {AF106685-9C86-48AF-8524-8F485C459E17} => C:\Program Files\ESET\ESET Secure Data\esdovrly.dll [2019-10-02] (DESlock Limited -> DESlock Limited)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-12-13] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-12-13] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2019-10-02] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-12-13] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2019-03-29] (VS Revo Group Ltd. -> VS Revo Group)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2019-01-20 09:47 - 2019-12-13 17:52 - 001899520 _____ () [File not signed] C:\Program Files (x86)\Microsoft\Skype for Desktop\ffmpeg.dll
2019-01-20 09:47 - 2019-12-13 17:52 - 000115712 _____ () [File not signed] C:\Program Files (x86)\Microsoft\Skype for Desktop\libegl.dll
2019-01-20 09:47 - 2019-12-13 17:52 - 006668800 _____ () [File not signed] C:\Program Files (x86)\Microsoft\Skype for Desktop\libglesv2.dll
2016-09-14 14:31 - 2016-09-14 14:31 - 000500736 ____S (SEIKO EPSON CORPORATION) [File not signed] C:\WINDOWS\System32\enppmon.dll
2019-04-04 22:54 - 2017-11-24 16:43 - 000026624 _____ (Winstep Software Technologies) [File not signed] C:\Program Files (x86)\Winstep\WsxMMTimer.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2016-07-16 12:47 - 2019-12-07 22:58 - 000000841 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4144462506-2486898719-981058799-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Karlíkxy\AppData\Roaming\Microsoft\Windows Photo Viewer\Tapeta programu Windows Prohlížeč fotografií.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Prompt)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\StartupFolder: => "HP Digital Imaging Monitor.lnk"
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run32: => "HP Software Update"
HKLM\...\StartupApproved\Run32: => "VICTORY Gaming Keyboard"
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKLM\...\StartupApproved\Run32: => "EEventManager"
HKU\S-1-5-21-4144462506-2486898719-981058799-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-4144462506-2486898719-981058799-1001\...\StartupApproved\Run: => "World of Tanks"
HKU\S-1-5-21-4144462506-2486898719-981058799-1001\...\StartupApproved\Run: => "OneDriveSetup"
HKU\S-1-5-21-4144462506-2486898719-981058799-1001\...\StartupApproved\Run: => "Zoner Photo Studio Autoupdate"
HKU\S-1-5-21-4144462506-2486898719-981058799-1001\...\StartupApproved\Run: => "EPLTarget\P0000000000000000"
HKU\S-1-5-21-4144462506-2486898719-981058799-1001\...\StartupApproved\Run: => "CCXProcess"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{3A9568C2-645F-4B71-860C-4F6C734323F0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{16E6CAE4-7E58-4EE2-8E71-B186580B7D66}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{752C98D7-A728-488B-8973-33396BB923D1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{64DCB0CB-E45A-4780-B046-72F6B398E416}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{C5A1CC65-5AB7-424C-B64B-81A30A910B3A}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8CC510C8-D80E-48D1-A965-157C005FEDF3}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{9884D73C-19C3-4A00-9126-DD5FE7C6F0CB}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{723BF365-56E5-4D73-A4F3-675F0B62185D}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F935528C-D008-436E-B687-B38761AD25E3}] => (Allow) C:\Program Files\ESET\ESET Password Manager\pwm.exe (Lamantine Software a.s. -> ESET)
FirewallRules: [{AF030326-15D3-4A13-9C16-E96F3507C4A0}] => (Allow) C:\Program Files\ESET\ESET Password Manager\pwm.exe (Lamantine Software a.s. -> ESET)
FirewallRules: [{C2616D4C-3EB1-45F8-B105-054D73BB85A7}] => (Allow) LPort=25555
FirewallRules: [{F1FFE5FB-F7C5-4662-83F6-DD8A1FFCA21F}] => (Allow) C:\Games\World_of_Tanks\worldoftanks.exe No File
FirewallRules: [{60A9EC4B-304B-40DE-B906-94D2B3DA2C07}] => (Allow) C:\Games\World_of_Tanks\worldoftanks.exe No File
FirewallRules: [{7B4CAD1C-19B2-4142-A311-01552FB0F6B7}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe No File
FirewallRules: [{98F31C6E-1DF3-4CB6-A489-2FC269F011EB}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe No File
FirewallRules: [{0F1A8D5D-FE51-4E92-ABBC-EF7544B74EC8}] => (Allow) LPort=1900
FirewallRules: [{EDE30928-5C09-48CF-88D9-47E0F7C3BCF9}] => (Allow) LPort=2869
FirewallRules: [{83645A7A-432E-433B-AD8C-280F6DDC22B7}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6FF1C4D7-3E08-4198-883D-A8A9C71E0D42}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{24F51C10-AA83-4F70-A059-063830C359C8}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{0F4D0B95-289E-4C7A-A59C-1D739F690F9D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{55956298-0CC4-42F9-A381-3A363AD7B3AB}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe No File
FirewallRules: [{4811A3ED-2B2D-45A1-B9BB-6E559B80D33F}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe No File
FirewallRules: [{E5B277B2-0316-489D-9CCA-3D9B9876674E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe No File
FirewallRules: [{8B292744-2DAD-4661-92F2-09066939A79B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe No File
FirewallRules: [{B477C140-B135-4E27-AFFC-F4323A6093A7}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe No File
FirewallRules: [{CE5B9646-F00F-45D8-9963-DBC6929EE062}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe No File
FirewallRules: [{B7F8B695-221D-4381-8D74-66B071639127}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe No File
FirewallRules: [{B060137E-6733-479F-8504-321B8AD3D833}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe No File
FirewallRules: [{6FB32F5F-B2BE-4689-A1B8-D1B275064CA6}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe No File
FirewallRules: [{D1C6C491-7B26-41E8-B550-5EAD7545F94F}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{72F6EFCC-54A5-4238-871C-FD5D8FA79F89}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [OpenSSH-Server-In-TCP] => (Allow) %SystemRoot%\system32\OpenSSH\sshd.exe No File
FirewallRules: [{A2E9F3B2-14AA-4403-88D4-C05824D419E5}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
FirewallRules: [{2D3EEACA-008C-4658-81C2-E23478492004}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
FirewallRules: [{A45F9EAB-7EE6-4244-815B-62BB53DDC234}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D1FE3E2C-3281-48A5-A3BD-267BA8CA1978}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{4D843C1A-6E4D-47C4-8984-675645237C5C}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{85F1ECD2-0D4C-414B-87B5-D46F82193E30}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\American Truck Simulator\bin\win_x64\amtrucks.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{1F9DD09F-2DBD-4D0C-89F2-5E7143B65B1F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\American Truck Simulator\bin\win_x64\amtrucks.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{B97D65D3-C4EF-4873-B59A-B820CA47FD2B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Spintires\SpinTires.exe (Oovee Ltd.) [File not signed]
FirewallRules: [{4DBE00DB-9867-4067-B1E2-CB4394CDC7F9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Spintires\SpinTires.exe (Oovee Ltd.) [File not signed]
FirewallRules: [{19833CF2-C9C8-4381-8885-FC819106E0A1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{139304F1-9452-4A5D-BACA-64FC5AD9F818}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{855CF97E-F1EE-45B5-830D-6C03538AE306}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{8CCE236B-3962-4B89-AB5F-41A7594C034D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)

==================== Restore Points =========================

19-12-2019 12:21:20 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (12/25/2019 12:00:01 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4872,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (12/25/2019 11:52:56 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (10892,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (12/24/2019 11:33:50 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (8252,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (12/24/2019 11:22:26 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (7064,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (12/24/2019 10:54:20 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (1144,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (12/24/2019 09:50:52 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (10088,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (12/24/2019 09:13:34 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4756,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (12/24/2019 08:18:55 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (8340,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).


System errors:
=============
Error: (12/22/2019 11:19:00 PM) (Source: DCOM) (EventID: 10010) (User: VELKEJPC)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

Error: (12/22/2019 11:19:00 PM) (Source: DCOM) (EventID: 10010) (User: VELKEJPC)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

Error: (12/19/2019 11:55:17 PM) (Source: DCOM) (EventID: 10010) (User: VELKEJPC)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

Error: (12/19/2019 11:55:17 PM) (Source: DCOM) (EventID: 10010) (User: VELKEJPC)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

Error: (12/18/2019 04:35:44 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Steam Client Service neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (12/18/2019 04:35:44 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Steam Client Service bylo dosaženo časového limitu (30000 ms).

Error: (12/14/2019 10:22:14 PM) (Source: DCOM) (EventID: 10010) (User: VELKEJPC)
Description: Server Microsoft.Windows.ContentDeliveryManager_10.0.18362.449_neutral_neutral_cw5n1h2txyewy!App.AppXw3qcpc7p849541dp39vvqd01bn7z9ybh.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (12/14/2019 04:04:07 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Stínové kopie svazku C: byly přerušeny, protože z důvodu limitu stanoveného uživatelem se nepodařilo zvětšit úložiště stínové kopie.


CodeIntegrity:
===================================

Date: 2019-12-25 11:45:03.911
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume2\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Windows signing level requirements.

Date: 2019-12-25 11:45:03.908
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume2\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Windows signing level requirements.

Date: 2019-12-25 11:45:03.902
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume2\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Windows signing level requirements.

Date: 2019-12-25 11:45:03.899
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume2\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Windows signing level requirements.

Date: 2019-12-25 11:45:02.717
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume2\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Windows signing level requirements.

Date: 2019-12-24 18:12:29.451
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Windows signing level requirements.

Date: 2019-12-24 18:12:29.448
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Windows signing level requirements.

Date: 2019-12-24 18:12:29.405
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Windows signing level requirements.

==================== Memory info ===========================

BIOS: Award Software International, Inc. F8 10/18/2010
Motherboard: Gigabyte Technology Co., Ltd. GA-MA770T-UD3
Processor: AMD Phenom(tm) II X4 965 Processor
Percentage of memory in use: 21%
Total physical RAM: 16381.55 MB
Available physical RAM: 12796.87 MB
Total Virtual: 17405.55 MB
Available Virtual: 12629.87 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:930.56 GB) (Free:658 GB) NTFS
Drive d: (Místní disk) (Fixed) (Total:931.51 GB) (Free:394.57 GB) NTFS

\\?\Volume{61d92415-0000-0000-0000-100000000000}\ (Rezervováno systémem) (Fixed) (Total:0.49 GB) (Free:0.45 GB) NTFS
\\?\Volume{61d92415-0000-0000-0000-60c3e8000000}\ () (Fixed) (Total:0.46 GB) (Free:0.03 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 61D92415)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=930.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=469 MB) - (Type=27)

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 2EFF3D7B)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================

[Conder]

Ahoj

Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/

• Uloz na plochu a ukonci vsetky programy
• Spusti AdwCleaner ako spravca
• Odsuhlas licencne podmienky
• Klikni na Skenovat nyni (Scan now) a pockaj na dokoncenie
• Nechaj zaskrtnute vsetky nalezy
• Klikni na Cisteni a opravy (Clean and Repair) a potvrd restart PC teraz
• Po restartovani PC sa otvori AdwCleaner, klikni na Zobrazit soubor protokolu
• Otvori sa log, jeho obsah sem skopiruj

[kodl74]

# -------------------------------
# Malwarebytes AdwCleaner 8.0.1.0
# -------------------------------
# Build: 12-17-2019
# Database: 2019-12-17.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 12-26-2019
# Duration: 00:00:27
# OS: Windows 10 Pro
# Scanned: 35232
# Detected: 0


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Preinstalled Software ] *****

No Preinstalled Software found.



########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########

[Conder]

Poprosim o obidva nove logy z FRST.

[kodl74]

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 28-12-2019
Ran by Karlíkxy (administrator) on VELKEJPC (Gigabyte Technology Co., Ltd. GA-MA770T-UD3) (29-12-2019 15:55:11)
Running from C:\Users\Karlíkxy\Desktop
Loaded Profiles: Karlíkxy (Available Profiles: Karlíkxy)
Platform: Windows 10 Pro Version 1903 18362.535 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(DESlock Limited -> DESlock Limited.) C:\Program Files\ESET\ESET Secure Data\dlpsrv.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(Huawei Technologies Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Windows\System32\spool\drivers\x64\3\E_YATIUNE.EXE
(Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
(Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
(Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
(Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
(Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
(TomTom International BV -> TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
(uTorrent.CZ -> BitTorrent, Inc.) [File not signed] C:\Users\Karlíkxy\AppData\Roaming\uTorrent\utorrent.exe
(Winstep Software Technologies) [File not signed] C:\Program Files (x86)\Winstep\Nexus.exe
(Winstep Software Technologies) [File not signed] C:\Program Files (x86)\Winstep\WsxService.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmdS.exe [183088 2019-12-13] (ESET, spol. s r.o. -> ESET)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18391120 2019-04-11] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1319208 2019-05-31] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
HKU\S-1-5-21-4144462506-2486898719-981058799-1001\...\Run: [EsetPasswordManager] => C:\Program Files\ESET\ESET Password Manager\pwm.exe [116464 2019-09-20] (Lamantine Software a.s. -> ESET)
HKU\S-1-5-21-4144462506-2486898719-981058799-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [91503464 2019-12-13] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-4144462506-2486898719-981058799-1001\...\Run: [Nexus] => C:\Program Files (x86)\Winstep\Nexus.exe [17959552 2019-03-01] (Winstep Software Technologies) [File not signed]
HKU\S-1-5-21-4144462506-2486898719-981058799-1001\...\Run: [EPLTarget\P0000000000000002] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIUNE.EXE [416896 2017-09-22] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
HKU\S-1-5-21-4144462506-2486898719-981058799-1001\...\Run: [CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [144008 2019-10-22] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-4144462506-2486898719-981058799-1001\...\MountPoints2: {6bc1cec3-3048-11e9-8543-1c6f658aab67} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-4144462506-2486898719-981058799-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\ssText3d.scr [221184 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
Lsa: [Authentication Packages] msv1_0 SshdPinAuthLsa

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {117D161E-3B2D-4B43-BFAF-0F9CBE4F9A80} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1373592 2019-12-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {12792512-260F-471E-8FC0-2457274DC7AB} - System32\Tasks\RogueKiller Anti-Malware => C:\Users\Karlíkxy\Desktop\RogueKiller_portable64.exe
Task: {16ACF3A4-7A7D-49F9-A458-3A85E0DF42BF} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4321688 2019-12-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {1B4B14F6-0646-4409-A65F-239C12FAA5F5} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [746056 2018-01-10] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {260410B5-EFBF-4C6B-943E-DA811DE02AD3} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {319FA1FC-A537-462E-9C52-131E879F8E49} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1373592 2019-12-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {69CEEB16-3DA3-4DC0-A924-F33B2564A9F5} - System32\Tasks\Zoner.Updater.S-1-5-21-4144462506-2486898719-981058799-1001 => C:\ProgramData\Zoner\Zoner.Installer.Core\Updater.exe [2631424 2019-12-25] (ZONER software, a.s. -> ZONER software, a.s.)
Task: {6E68B87A-8AB0-476A-AFF2-F9DC95A5B568} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24671608 2019-12-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {74FA159E-E053-4936-AF74-665DF40F5B9F} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [112984 2019-12-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {7774F6CA-238B-46E4-A9AC-1DEA4BAC002B} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [112984 2019-12-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {9BED28F9-283E-4A10-84E5-1BC232413309} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4321688 2019-12-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {A110620B-FDDB-455B-B1E0-CC7047CFA86E} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [746056 2018-01-10] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A25F413C-A71E-414E-B3B2-CF93D3D30F7F} - System32\Tasks\EPSON L3150 Series Update {457D917D-54BE-4B41-BCE1-30C3301381B6} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSUNE.EXE [680440 2017-06-07] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
Task: {BAC1CDFC-E33C-436D-B9FD-6A733570FEAE} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24671608 2019-12-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {CA4BBF4E-79AF-42CC-BF56-3AC51F1ADEE5} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [660040 2018-01-10] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {CD3DC142-8B12-4D06-B5A3-64EC72F57AD7} - System32\Tasks\EPSON L3150 Series Update {4F0681C6-99D9-4E4D-8BF5-008279E468D8} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSUNE.EXE [680440 2017-06-07] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
Task: {E7E0A54E-FEAD-4B2E-9848-FD58754EDBE4} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [524360 2018-01-10] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {EE8BBE94-B545-4568-9BE0-39BF260A8A13} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {F0FE289A-9FD9-4D0B-ADEE-6D92C3908F8A} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [660040 2018-01-10] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F17B4E51-D1CD-4A76-8A7A-921EEFE168FA} - System32\Tasks\Opera scheduled Autoupdate 1557004838 => C:\Users\Karlíkxy\AppData\Local\Programs\Opera\launcher.exe [1346584 2019-12-19] (Opera Software AS -> Opera Software)
Task: {F4F43628-A47D-4FB6-AD94-55F3D3EE5FB7} - System32\Tasks\EPSON L3150 Series Update {DB6591C5-FD46-431F-B299-7D40D46186DC} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSUNE.EXE [680440 2017-06-07] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\EPSON L3150 Series Update {457D917D-54BE-4B41-BCE1-30C3301381B6}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSUNE.EXE:/EXE:{457D917D-54BE-4B41-BCE1-30C3301381B6} /F:UpdateWORKGROUP\VELKEJPC$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\EPSON L3150 Series Update {4F0681C6-99D9-4E4D-8BF5-008279E468D8}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSUNE.EXE:/EXE:{4F0681C6-99D9-4E4D-8BF5-008279E468D8} /F:UpdateWORKGROUP\VELKEJPC$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\EPSON L3150 Series Update {DB6591C5-FD46-431F-B299-7D40D46186DC}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSUNE.EXE:/EXE:{DB6591C5-FD46-431F-B299-7D40D46186DC} /F:UpdateWORKGROUP\VELKEJPC$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.100.1
Tcpip\..\Interfaces\{c6eac970-e2c8-4318-998b-1c9e3e635683}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{c6eac970-e2c8-4318-998b-1c9e3e635683}: [DhcpNameServer] 192.168.100.1

Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-4144462506-2486898719-981058799-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2019-12-06] (Microsoft Corporation -> Microsoft Corporation)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll => No File
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2019-12-06] (Microsoft Corporation -> Microsoft Corporation)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll No File
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-12-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-12-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-12-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-12-06] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF DefaultProfile: kmapm4jw.default
FF ProfilePath: C:\Users\Karlíkxy\AppData\Roaming\TomTom\HOME\Profiles\eq9k5pmv.default [2019-12-07]
FF Homepage: TomTom\HOME\Profiles\eq9k5pmv.default -> about:home
FF NewTab: TomTom\HOME\Profiles\eq9k5pmv.default -> about:newtab
FF Extension: (RenaultTheme) - C:\Users\Karlíkxy\AppData\Roaming\TomTom\HOME\Profiles\eq9k5pmv.default\Extensions\RenaultTheme@tomtom.com [2019-03-14] [Legacy] [not signed]
FF Extension: (Map status indicator) - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com [2019-09-14] [Legacy] [not signed]
FF ProfilePath: C:\Users\Karlíkxy\AppData\Roaming\Mozilla\Firefox\Profiles\kmapm4jw.default [2019-12-29]
FF Homepage: Mozilla\Firefox\Profiles\kmapm4jw.default -> hxxps://www.seznam.cz/
FF NewTab: Mozilla\Firefox\Profiles\kmapm4jw.default -> about:newtab
FF Extension: (Blokátor reklam AdGuard) - C:\Users\Karlíkxy\AppData\Roaming\Mozilla\Firefox\Profiles\kmapm4jw.default\Extensions\adguardadblocker@adguard.com.xpi [2019-12-24]
FF Extension: (Český slovník pro kontrolu pravopisu) - C:\Users\Karlíkxy\AppData\Roaming\Mozilla\Firefox\Profiles\kmapm4jw.default\Extensions\cs@dictionaries.addons.mozilla.org.xpi [2019-01-05]
FF Extension: (To Google Translate) - C:\Users\Karlíkxy\AppData\Roaming\Mozilla\Firefox\Profiles\kmapm4jw.default\Extensions\jid1-93WyvpgvxzGATw@jetpack.xpi [2019-12-07]
FF Extension: (Blue Flower Vine by M♥Donna) - C:\Users\Karlíkxy\AppData\Roaming\Mozilla\Firefox\Profiles\kmapm4jw.default\Extensions\{04001c8a-6eff-4659-9196-0a552edd725a}.xpi [2019-05-11]
FF Extension: (tranquil blue) - C:\Users\Karlíkxy\AppData\Roaming\Mozilla\Firefox\Profiles\kmapm4jw.default\Extensions\{0d1802ae-eebf-4526-855b-1879b45e66cb}.xpi [2019-05-14]
FF Extension: (Fantasy of Lights - N.Lights Series 1) - C:\Users\Karlíkxy\AppData\Roaming\Mozilla\Firefox\Profiles\kmapm4jw.default\Extensions\{1a176495-2247-4217-b1fc-139fc11c4324}.xpi [2019-08-10]
FF Extension: (Ship in Lighthouse Reflection) - C:\Users\Karlíkxy\AppData\Roaming\Mozilla\Firefox\Profiles\kmapm4jw.default\Extensions\{2db9f8d0-ee99-4d57-a581-2722da1b573d}.xpi [2019-05-07]
FF Extension: (Dark Cubes) - C:\Users\Karlíkxy\AppData\Roaming\Mozilla\Firefox\Profiles\kmapm4jw.default\Extensions\{2dbb0302-0a64-4964-bb64-d157474dd324}.xpi [2019-05-14]
FF Extension: (Animated A Toon Town Christmas) - C:\Users\Karlíkxy\AppData\Roaming\Mozilla\Firefox\Profiles\kmapm4jw.default\Extensions\{328c92e1-1e11-4985-a74e-96aa60d8d243}.xpi [2019-05-14]
FF Extension: (Deep Dark Blue Forest) - C:\Users\Karlíkxy\AppData\Roaming\Mozilla\Firefox\Profiles\kmapm4jw.default\Extensions\{5db58b6b-6fbc-4be3-b48d-e536ac711a10}.xpi [2019-05-14]
FF Extension: (Tv Firefox) - C:\Users\Karlíkxy\AppData\Roaming\Mozilla\Firefox\Profiles\kmapm4jw.default\Extensions\{6eafd633-df99-4fc0-a515-039ba8f8f253}.xpi [2019-05-14]
FF Extension: (FFX Developer) - C:\Users\Karlíkxy\AppData\Roaming\Mozilla\Firefox\Profiles\kmapm4jw.default\Extensions\{73574968-e44d-401e-8477-43882b7c9f22}.xpi [2019-05-14]
FF Extension: (romantic fox by candelora) - C:\Users\Karlíkxy\AppData\Roaming\Mozilla\Firefox\Profiles\kmapm4jw.default\Extensions\{98e9a154-97f2-4d2b-ae49-6a6ca3d5f256}.xpi [2019-08-13]
FF Extension: (Fox in the Clouds) - C:\Users\Karlíkxy\AppData\Roaming\Mozilla\Firefox\Profiles\kmapm4jw.default\Extensions\{aa842ed2-c0e8-4238-a894-c71e5bb2e97d}.xpi [2019-05-14]
FF Extension: (esafox) - C:\Users\Karlíkxy\AppData\Roaming\Mozilla\Firefox\Profiles\kmapm4jw.default\Extensions\{b526b65f-3165-4dcc-a534-3474d1de766b}.xpi [2019-05-14]
FF Extension: (FamousFox) - C:\Users\Karlíkxy\AppData\Roaming\Mozilla\Firefox\Profiles\kmapm4jw.default\Extensions\{bbf9b829-01fb-4406-8200-7622ed399df5}.xpi [2019-05-14]
FF Extension: (лиса) - C:\Users\Karlíkxy\AppData\Roaming\Mozilla\Firefox\Profiles\kmapm4jw.default\Extensions\{cdfd0c6c-8fc0-4565-ab49-fe3437600595}.xpi [2019-05-14]
FF Extension: (Grayfox) - C:\Users\Karlíkxy\AppData\Roaming\Mozilla\Firefox\Profiles\kmapm4jw.default\Extensions\{ceb971ca-37e6-4c49-ab6e-1d1a97a1eb8c}.xpi [2019-05-14]
FF Extension: (Winter Cabin Collage by M♥Donna) - C:\Users\Karlíkxy\AppData\Roaming\Mozilla\Firefox\Profiles\kmapm4jw.default\Extensions\{dba00d63-b5fe-4363-a4cf-e918ca9db46a}.xpi [2019-05-14]
FF Extension: (FirefoxClassicalBlue) - C:\Users\Karlíkxy\AppData\Roaming\Mozilla\Firefox\Profiles\kmapm4jw.default\Extensions\{dc4152a2-0127-4e36-aaf9-7a0ab4c46dc0}.xpi [2019-05-14]
FF Extension: (Dark Fox) - C:\Users\Karlíkxy\AppData\Roaming\Mozilla\Firefox\Profiles\kmapm4jw.default\Extensions\{e7fe4ffe-f256-4f85-906d-072fdd698585}.xpi [2019-05-14]
FF Extension: (Space Fantasy Redux) - C:\Users\Karlíkxy\AppData\Roaming\Mozilla\Firefox\Profiles\kmapm4jw.default\Extensions\{f5453979-a039-4066-8aee-cb64fc98f936}.xpi [2019-08-13]
FF Extension: (Blue Flow) - C:\Users\Karlíkxy\AppData\Roaming\Mozilla\Firefox\Profiles\kmapm4jw.default\Extensions\{fb1fb250-2fd9-4f24-85ba-23dfcbf9f4e1}.xpi [2019-05-14]
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [1999-12-31] (Tracker Software Products (Canada) Ltd -> Tracker Software Products Ltd.)
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [1999-12-31] (Tracker Software Products (Canada) Ltd -> Tracker Software Products Ltd.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-12-06] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-12-06] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin HKU\S-1-5-21-4144462506-2486898719-981058799-1001: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [1999-12-31] (Tracker Software Products (Canada) Ltd -> Tracker Software Products Ltd.)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\eset_security_config_overlay.js [2019-12-29]

Opera:
=======
OPR Extension: (AdGuard AdBlocker) - C:\Users\Karlíkxy\AppData\Roaming\Opera Software\Opera Stable\Extensions\bopfaehpakahokaelnomggbohfbimcia [2019-12-09]
OPR Extension: (Translator) - C:\Users\Karlíkxy\AppData\Roaming\Opera Software\Opera Stable\Extensions\cnbpedcoekjafichoehopgaaldogogch [2019-12-09]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3147344 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2914896 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11345992 2019-11-28] (Microsoft Corporation -> Microsoft Corporation)
R2 dlpsrv; C:\Program Files\ESET\ESET Secure Data\dlpsrv.exe [542400 2019-10-02] (DESlock Limited -> DESlock Limited.)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2245488 2019-12-13] (ESET, spol. s r.o. -> ESET)
R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [145224 2018-01-29] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [190784 2018-12-12] (Huawei Technologies Co., Ltd. -> ) [File not signed]
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6347056 2018-09-19] (Malwarebytes Corporation -> Malwarebytes)
S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5796168 2019-09-11] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 sshd; C:\WINDOWS\System32\OpenSSH\sshd.exe [974848 2019-03-01] (Microsoft Windows -> )
S3 SshdBroker; C:\WINDOWS\System32\SshdBroker.dll [290816 2019-10-21] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4098056 2019-03-19] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [113992 2019-03-19] (Microsoft Corporation -> Microsoft Corporation)
R2 Winstep Xtreme Service; C:\Program Files (x86)\Winstep\WsxService.exe [775680 2018-06-06] (Winstep Software Technologies) [File not signed]
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 amdide64; C:\WINDOWS\System32\drivers\amdide64.sys [13848 2019-04-11] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices Inc.)
R0 DLMFENC; C:\WINDOWS\System32\DRIVERS\DLMFENC.sys [174152 2019-10-02] (DESlock Limited -> DESlock Ltd.)
R0 DLPCRYPT; C:\WINDOWS\System32\DRIVERS\dlpcrypt.sys [121728 2019-10-02] (DESlock Limited -> DESlock Ltd.)
R0 dlpvdisk; C:\WINDOWS\System32\DRIVERS\dlpvdisk.sys [98296 2019-10-02] (DESlock Limited -> DESlock Ltd.)
S3 dot4; C:\WINDOWS\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Hewlett-Packard Company -> Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\WINDOWS\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Hewlett-Packard Company -> Windows (R) Win 7 DDK provider)
S3 dot4usb; C:\WINDOWS\system32\DRIVERS\dot4usb.sys [49056 2012-10-19] (Hewlett-Packard Company -> Microsoft Corporation)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [149944 2019-10-21] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [103264 2019-10-21] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15800 2019-06-05] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [189512 2019-10-21] (ESET, spol. s r.o. -> ESET)
R2 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [50712 2019-10-21] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [79744 2019-12-13] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [116696 2019-12-13] (ESET, spol. s r.o. -> ESET)
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2018-12-12] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 gdrv; C:\WINDOWS\gdrv.sys [26192 2019-04-26] (Giga-Byte Technology -> Windows (R) Server 2003 DDK provider)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2019-04-11] (Martin Malik - REALiX -> REALiX(tm))
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_db678424d2641c3d\nvlddmkm.sys [22094728 2019-10-04] (NVIDIA Corporation -> NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [1138136 2019-04-11] (Realtek Semiconductor Corp. -> Realtek )
S3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [452008 2019-04-07] (Realtek Semiconductor Corp. -> Realsil Semiconductor Corporation)
R0 VDLPToken2; C:\WINDOWS\System32\DRIVERS\vdlptkn2.sys [135672 2019-10-02] (DESlock Limited -> DESlock Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46472 2019-03-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [333784 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [155632 2015-08-07] (Gionee Communication Equipment Co.Ltd.Shenzhen -> MBB)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [62432 2019-03-19] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-12-29 15:54 - 2019-12-29 15:54 - 000000000 ____D C:\Users\Karlíkxy\Desktop\FRST-OlderVersion
2019-12-26 22:34 - 2019-12-26 22:40 - 723953333 _____ C:\Users\Karlíkxy\Desktop\Ledové království.mkv
2019-12-26 21:58 - 2019-12-26 21:58 - 000001325 _____ C:\Users\Karlíkxy\Desktop\AdwCleaner[S00].txt
2019-12-26 21:54 - 2019-12-26 21:55 - 000000000 ____D C:\AdwCleaner
2019-12-26 21:53 - 2019-12-26 21:53 - 008237744 _____ (Malwarebytes) C:\Users\Karlíkxy\Desktop\adwcleaner_8.0.1.exe
2019-12-25 20:02 - 2019-12-25 20:02 - 000003796 _____ C:\WINDOWS\system32\Tasks\Zoner.Updater.S-1-5-21-4144462506-2486898719-981058799-1001
2019-12-25 11:59 - 2019-12-25 12:15 - 000037468 _____ C:\Users\Karlíkxy\Desktop\Addition.txt
2019-12-25 11:56 - 2019-12-29 15:56 - 000028058 _____ C:\Users\Karlíkxy\Desktop\FRST.txt
2019-12-25 11:55 - 2019-12-29 15:56 - 000000000 ____D C:\FRST
2019-12-25 11:55 - 2019-12-29 15:54 - 002272256 _____ (Farbar) C:\Users\Karlíkxy\Desktop\FRST64.exe
2019-12-22 19:08 - 2019-12-22 19:12 - 000000000 ____D C:\Users\Karlíkxy\Desktop\Icony
2019-12-19 14:52 - 2019-12-19 15:04 - 000000000 ____D C:\ESD
2019-12-19 14:51 - 2019-12-19 14:51 - 000000000 ___HD C:\$Windows.~WS
2019-12-19 14:51 - 2019-12-19 14:51 - 000000000 ____D C:\$WINDOWS.~BT
2019-12-18 16:44 - 2019-12-18 17:00 - 000000000 ____D C:\Users\Karlíkxy\AppData\Roaming\SpinTires
2019-12-13 17:43 - 2019-12-13 17:43 - 001610752 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2019-12-13 17:43 - 2019-12-13 17:43 - 001098928 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2019-12-13 17:42 - 2019-12-13 17:43 - 025443840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2019-12-13 17:42 - 2019-12-13 17:42 - 018020352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-12-13 17:42 - 2019-12-13 17:42 - 009927992 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-12-13 17:42 - 2019-12-13 17:42 - 007905000 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-12-13 17:42 - 2019-12-13 17:42 - 007754240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-12-13 17:42 - 2019-12-13 17:42 - 007600448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-12-13 17:42 - 2019-12-13 17:42 - 007278592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-12-13 17:42 - 2019-12-13 17:42 - 007263992 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2019-12-13 17:42 - 2019-12-13 17:42 - 006516648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-12-13 17:42 - 2019-12-13 17:42 - 006083832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-12-13 17:42 - 2019-12-13 17:42 - 005943296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-12-13 17:42 - 2019-12-13 17:42 - 005914112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-12-13 17:42 - 2019-12-13 17:42 - 005764664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2019-12-13 17:42 - 2019-12-13 17:42 - 004129416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2019-12-13 17:42 - 2019-12-13 17:42 - 003729408 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-12-13 17:42 - 2019-12-13 17:42 - 003703296 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-12-13 17:42 - 2019-12-13 17:42 - 002800640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-12-13 17:42 - 2019-12-13 17:42 - 002762296 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-12-13 17:42 - 2019-12-13 17:42 - 002716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-12-13 17:42 - 2019-12-13 17:42 - 002698768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-12-13 17:42 - 2019-12-13 17:42 - 002494432 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2019-12-13 17:42 - 2019-12-13 17:42 - 002284544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-12-13 17:42 - 2019-12-13 17:42 - 002188816 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll
2019-12-13 17:42 - 2019-12-13 17:42 - 002147328 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2019-12-13 17:42 - 2019-12-13 17:42 - 002082208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-12-13 17:42 - 2019-12-13 17:42 - 001757304 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-12-13 17:42 - 2019-12-13 17:42 - 001748480 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-12-13 17:42 - 2019-12-13 17:42 - 001743888 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2019-12-13 17:42 - 2019-12-13 17:42 - 001697280 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-12-13 17:42 - 2019-12-13 17:42 - 001664904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2019-12-13 17:42 - 2019-12-13 17:42 - 001656600 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2019-12-13 17:42 - 2019-12-13 17:42 - 001647072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-12-13 17:42 - 2019-12-13 17:42 - 001539584 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2019-12-13 17:42 - 2019-12-13 17:42 - 001512528 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-12-13 17:42 - 2019-12-13 17:42 - 001496080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll
2019-12-13 17:42 - 2019-12-13 17:42 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-12-13 17:42 - 2019-12-13 17:42 - 001451520 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2019-12-13 17:42 - 2019-12-13 17:42 - 001413840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-12-13 17:42 - 2019-12-13 17:42 - 001399312 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-12-13 17:42 - 2019-12-13 17:42 - 001366128 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-12-13 17:42 - 2019-12-13 17:42 - 001261464 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2019-12-13 17:42 - 2019-12-13 17:42 - 001182448 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-12-13 17:42 - 2019-12-13 17:42 - 001149712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-12-13 17:42 - 2019-12-13 17:42 - 001072952 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-12-13 17:42 - 2019-12-13 17:42 - 001066496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-12-13 17:42 - 2019-12-13 17:42 - 001054864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2019-12-13 17:42 - 2019-12-13 17:42 - 001006904 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2019-12-13 17:42 - 2019-12-13 17:42 - 000986936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refsv1.sys
2019-12-13 17:42 - 2019-12-13 17:42 - 000921600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2019-12-13 17:42 - 2019-12-13 17:42 - 000878080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Service.dll
2019-12-13 17:42 - 2019-12-13 17:42 - 000842552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2019-12-13 17:42 - 2019-12-13 17:42 - 000826368 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelinesvc.exe
2019-12-13 17:42 - 2019-12-13 17:42 - 000822416 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2019-12-13 17:42 - 2019-12-13 17:42 - 000797112 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2019-12-13 17:42 - 2019-12-13 17:42 - 000774456 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2019-12-13 17:42 - 2019-12-13 17:42 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2019-12-13 17:42 - 2019-12-13 17:42 - 000674280 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2019-12-13 17:42 - 2019-12-13 17:42 - 000673456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2019-12-13 17:42 - 2019-12-13 17:42 - 000646144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2019-12-13 17:42 - 2019-12-13 17:42 - 000598016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-12-13 17:42 - 2019-12-13 17:42 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-12-13 17:42 - 2019-12-13 17:42 - 000593128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2019-12-13 17:42 - 2019-12-13 17:42 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2019-12-13 17:42 - 2019-12-13 17:42 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2019-12-13 17:42 - 2019-12-13 17:42 - 000532480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-12-13 17:42 - 2019-12-13 17:42 - 000530944 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll
2019-12-13 17:42 - 2019-12-13 17:42 - 000524264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Enumeration.dll
2019-12-13 17:42 - 2019-12-13 17:42 - 000513536 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2019-12-13 17:42 - 2019-12-13 17:42 - 000511000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
2019-12-13 17:42 - 2019-12-13 17:42 - 000457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2019-12-13 17:42 - 2019-12-13 17:42 - 000430080 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll
2019-12-13 17:42 - 2019-12-13 17:42 - 000422712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2019-12-13 17:42 - 2019-12-13 17:42 - 000406480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Enumeration.dll
2019-12-13 17:42 - 2019-12-13 17:42 - 000404480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\exfat.sys
2019-12-13 17:42 - 2019-12-13 17:42 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys
2019-12-13 17:42 - 2019-12-13 17:42 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2019-12-13 17:42 - 2019-12-13 17:42 - 000210744 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2019-12-13 17:42 - 2019-12-13 17:42 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2019-12-13 17:42 - 2019-12-13 17:42 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2019-12-13 17:42 - 2019-12-13 17:42 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-12-13 17:42 - 2019-12-13 17:42 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2019-12-13 17:42 - 2019-12-13 17:42 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2019-12-13 17:42 - 2019-12-13 17:42 - 000127272 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2019-12-13 17:42 - 2019-12-13 17:42 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2019-12-13 17:42 - 2019-12-13 17:42 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2019-12-13 17:42 - 2019-12-13 17:42 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2019-12-13 17:42 - 2019-12-13 17:42 - 000100352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cdfs.sys
2019-12-13 17:42 - 2019-12-13 17:42 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2019-12-13 17:42 - 2019-12-13 17:42 - 000097080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2019-12-13 17:42 - 2019-12-13 17:42 - 000089536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2019-12-13 17:42 - 2019-12-13 17:42 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\CustomInstallExec.exe
2019-12-13 17:42 - 2019-12-13 17:42 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilot.dll
2019-12-13 17:42 - 2019-12-13 17:42 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
2019-12-13 17:42 - 2019-12-13 17:42 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdProxy.dll
2019-12-13 17:42 - 2019-12-13 17:42 - 000067112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsManagementServiceWinRt.ProxyStub.dll
2019-12-13 17:42 - 2019-12-13 17:42 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelineprxy.dll
2019-12-13 17:42 - 2019-12-13 17:42 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevQueryBroker.dll
2019-12-13 17:42 - 2019-12-13 17:42 - 000032056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpvideominiport.sys
2019-12-13 17:42 - 2019-12-13 17:42 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilotdiag.dll
2019-12-13 17:42 - 2019-12-13 17:42 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2019-12-13 17:42 - 2019-12-13 17:42 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2019-12-13 17:42 - 2019-12-13 17:42 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2019-12-13 17:42 - 2019-12-13 17:42 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll
2019-12-13 17:42 - 2019-12-13 17:42 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2019-12-13 17:42 - 2019-12-13 17:42 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
2019-12-08 17:43 - 2019-12-08 17:43 - 000000000 ____D C:\Users\Karlíkxy\AppData\Local\Notepad++
2019-12-08 14:08 - 2019-12-08 14:08 - 000000000 ____D C:\Users\Karlíkxy\Documents\My Cheat Tables
2019-12-08 11:42 - 2019-12-08 11:42 - 000000000 ____D C:\Users\Karlíkxy\AppData\Local\PeerDistRepub
2019-12-07 23:21 - 2014-02-13 23:59 - 000024064 _____ C:\WINDOWS\zoek-delete.exe
2019-12-06 22:35 - 2019-10-04 16:55 - 000286416 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2019-12-06 22:35 - 2019-10-04 16:55 - 000286416 _____ C:\WINDOWS\system32\vulkaninfo.exe
2019-12-06 22:35 - 2019-10-04 16:55 - 000260304 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2019-12-06 22:35 - 2019-10-04 16:55 - 000260304 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2019-12-06 22:35 - 2019-10-04 16:54 - 011059640 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2019-12-06 22:35 - 2019-10-04 16:54 - 009492896 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2019-12-06 22:35 - 2019-10-04 16:54 - 001006800 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2019-12-06 22:35 - 2019-10-04 16:54 - 001006800 _____ C:\WINDOWS\system32\vulkan-1.dll
2019-12-06 22:35 - 2019-10-04 16:54 - 000870096 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2019-12-06 22:35 - 2019-10-04 16:54 - 000870096 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2019-12-06 22:35 - 2019-10-04 16:54 - 000552328 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2019-12-06 22:35 - 2019-10-04 16:54 - 000456632 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2019-12-06 22:35 - 2019-10-04 16:53 - 002041784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2019-12-06 22:35 - 2019-10-04 16:53 - 001721816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6443200.dll
2019-12-06 22:35 - 2019-10-04 16:53 - 001543424 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2019-12-06 22:35 - 2019-10-04 16:53 - 001472200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2019-12-06 22:35 - 2019-10-04 16:53 - 001468504 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6443200.dll
2019-12-06 22:35 - 2019-10-04 16:53 - 001164160 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2019-12-06 22:35 - 2019-10-04 16:53 - 001135816 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2019-12-06 22:35 - 2019-10-04 16:53 - 000914336 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2019-12-06 22:35 - 2019-10-04 16:53 - 000822232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
2019-12-06 22:35 - 2019-10-04 16:53 - 000810456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2019-12-06 22:35 - 2019-10-04 16:53 - 000676824 _____ C:\WINDOWS\system32\nvofapi64.dll
2019-12-06 22:35 - 2019-10-04 16:53 - 000656344 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2019-12-06 22:35 - 2019-10-04 16:53 - 000633728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2019-12-06 22:35 - 2019-10-04 16:53 - 000544160 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2019-12-06 22:35 - 2019-10-04 16:53 - 000523520 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2019-12-06 22:35 - 2019-10-04 16:53 - 000055448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2019-12-06 22:35 - 2019-10-04 16:52 - 040412760 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2019-12-06 22:35 - 2019-10-04 16:52 - 035269832 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2019-12-06 22:35 - 2019-10-04 16:52 - 020194712 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2019-12-06 22:35 - 2019-10-04 16:52 - 017471576 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2019-12-06 22:35 - 2019-10-04 16:52 - 005425808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2019-12-06 22:35 - 2019-10-04 16:52 - 004768160 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2019-12-06 22:35 - 2019-10-04 16:51 - 004342528 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-12-29 15:58 - 2018-10-13 19:01 - 000000000 ____D C:\Users\Karlíkxy\AppData\Roaming\uTorrent
2019-12-29 15:53 - 2017-03-17 11:45 - 000000000 ____D C:\Users\Karlíkxy\AppData\LocalLow\Mozilla
2019-12-29 15:49 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-12-26 22:53 - 2017-04-16 16:20 - 000000000 ____D C:\ProgramData\NVIDIA
2019-12-26 22:52 - 2018-03-09 23:48 - 000000000 ____D C:\Users\Karlíkxy\AppData\Roaming\vlc
2019-12-26 21:54 - 2019-04-04 22:54 - 000000000 ____D C:\Users\Public\Documents\Winstep
2019-12-26 21:54 - 2019-04-04 22:54 - 000000000 ____D C:\ProgramData\Documents\Winstep
2019-12-26 21:54 - 2017-12-10 10:59 - 000000000 ____D C:\Users\Karlíkxy\AppData\Local\CrashDumps
2019-12-26 21:38 - 2019-09-07 17:44 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-12-26 19:59 - 2019-06-14 10:10 - 000000000 ____D C:\Users\Karlíkxy\Documents\Euro Truck Simulator 2
2019-12-26 19:31 - 2017-03-17 12:30 - 000000000 ____D C:\Program Files (x86)\Steam
2019-12-26 18:08 - 2018-07-04 11:06 - 000000000 ____D C:\Users\Karlíkxy\Documents\American Truck Simulator
2019-12-26 16:46 - 2019-10-06 13:28 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2019-12-26 16:46 - 2019-10-06 13:28 - 000000000 ___HD C:\ProgramData\Documents\AdobeGCData
2019-12-25 20:02 - 2019-08-24 15:55 - 000001562 _____ C:\Users\Karlíkxy\AppData\Roaming\Microsoft\Windows\Start Menu\Zoner Photo Studio X.lnk
2019-12-25 20:02 - 2019-08-24 15:54 - 000000000 ____D C:\ProgramData\Zoner
2019-12-24 21:29 - 2018-02-02 20:52 - 000000000 ___RD C:\Users\Karlíkxy\Desktop\Bordel z plochy
2019-12-21 11:00 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps
2019-12-21 11:00 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-12-21 10:58 - 2019-09-07 18:06 - 000004188 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1557004838
2019-12-21 10:58 - 2019-05-04 22:20 - 000001456 _____ C:\Users\Karlíkxy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2019-12-19 15:04 - 2019-08-30 17:20 - 000000000 ___DC C:\WINDOWS\Panther
2019-12-18 18:36 - 2019-03-19 05:50 - 000000000 ____D C:\WINDOWS\INF
2019-12-18 16:14 - 2019-01-20 09:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2019-12-14 17:28 - 2018-07-13 17:03 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2019-12-14 14:21 - 2017-10-18 17:37 - 000000000 ____D C:\Users\Karlíkxy\AppData\Local\Packages
2019-12-13 18:26 - 2019-09-07 18:01 - 001693640 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-12-13 18:26 - 2019-03-19 12:57 - 000716944 _____ C:\WINDOWS\system32\perfh005.dat
2019-12-13 18:26 - 2019-03-19 12:57 - 000145024 _____ C:\WINDOWS\system32\perfc005.dat
2019-12-13 18:23 - 2017-10-18 17:53 - 000000000 ___RD C:\Users\Karlíkxy\3D Objects
2019-12-13 18:23 - 2016-11-21 05:46 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-12-13 18:22 - 2019-09-07 18:06 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-12-13 18:22 - 2019-09-07 17:43 - 000657096 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-12-13 18:21 - 2019-03-19 05:37 - 000262144 _____ C:\WINDOWS\system32\config\BBI
2019-12-13 18:20 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SystemResources
2019-12-13 18:20 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-12-13 18:20 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-12-13 17:51 - 2017-03-17 13:27 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-12-13 17:47 - 2019-03-19 05:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-12-13 17:47 - 2017-03-17 13:26 - 129221664 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-12-13 17:22 - 2017-10-18 16:36 - 000116696 _____ (ESET) C:\WINDOWS\system32\Drivers\epfwwfp.sys
2019-12-13 17:22 - 2017-10-18 16:36 - 000079744 _____ (ESET) C:\WINDOWS\system32\Drivers\epfw.sys
2019-12-09 15:30 - 2017-03-17 11:45 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2019-12-07 23:22 - 2017-04-28 21:50 - 000000008 __RSH C:\ProgramData\ntuser.pol
2019-12-07 23:16 - 2019-09-07 17:51 - 000000000 ____D C:\Users\Karlíkxy
2019-12-07 23:16 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2019-12-07 23:16 - 2016-07-16 12:47 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2019-12-07 00:37 - 2017-04-16 16:20 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2019-12-06 22:37 - 2017-04-16 16:20 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2019-12-06 22:37 - 2017-04-16 16:20 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2019-12-05 20:19 - 2017-03-20 20:23 - 000001228 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-12-01 15:48 - 2018-02-10 21:18 - 000000000 ____D C:\Users\Karlíkxy\Documents\ConvertXToDVD

==================== Files in the root of some directories ========

2018-02-10 21:18 - 2018-02-10 21:18 - 000099384 _____ () C:\Users\Karlíkxy\AppData\Roaming\inst.exe
2018-02-10 21:18 - 2018-02-10 21:18 - 000007859 _____ () C:\Users\Karlíkxy\AppData\Roaming\pcouffin.cat
2018-02-10 21:18 - 2018-02-10 21:18 - 000001167 _____ () C:\Users\Karlíkxy\AppData\Roaming\pcouffin.inf
2018-02-10 21:18 - 2018-02-10 21:18 - 000000055 _____ () C:\Users\Karlíkxy\AppData\Roaming\pcouffin.log
2018-02-10 21:18 - 2018-02-10 21:18 - 000082816 _____ (VSO Software) C:\Users\Karlíkxy\AppData\Roaming\pcouffin.sys
2019-03-28 18:04 - 2019-03-28 18:04 - 000000208 _____ () C:\Users\Karlíkxy\AppData\Roaming\VELKEJPC.MTBF.txt
2019-03-28 18:05 - 2019-03-28 18:05 - 000003584 _____ () C:\Users\Karlíkxy\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-07-26 14:40 - 2017-07-26 14:40 - 000000017 _____ () C:\Users\Karlíkxy\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-12-2019
Ran by Karlíkxy (29-12-2019 15:58:38)
Running from C:\Users\Karlíkxy\Desktop
Windows 10 Pro Version 1903 18362.535 (X64) (2019-09-07 17:07:31)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-4144462506-2486898719-981058799-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4144462506-2486898719-981058799-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-4144462506-2486898719-981058799-1000 - Limited - Disabled)
Guest (S-1-5-21-4144462506-2486898719-981058799-501 - Limited - Disabled)
Karlíkxy (S-1-5-21-4144462506-2486898719-981058799-1001 - Administrator - Enabled) => C:\Users\Karlíkxy
WDAGUtilityAccount (S-1-5-21-4144462506-2486898719-981058799-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Security (Enabled - Up to date) {885D845F-AF19-0124-FECE-FFF49D00F440}
AV: ESET Security (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET Security (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Firewall (Enabled) {B066057A-E576-007C-D591-56C163D3B33B}
FW: ESET Firewall (Enabled) {D426EE12-AE7E-4602-F40F-BBCA8137EB0B}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKLM-x32\...\uTorrent) (Version: 2.2.1.25534 - emc, uTorrent.CZ)
64 Bit HP CIO Components Installer (HKLM\...\{FF21C3E6-97FD-474F-9518-8DCBE94C2854}) (Version: 7.2.8 - Hewlett-Packard) Hidden
Adobe Photoshop 2020 (HKLM-x32\...\PHSP_21_0_1) (Version: 21.0.1 - Adobe Systems Incorporated)
Ashampoo Burning Studio 20 (HKLM-x32\...\{91B33C97-155F-C10C-D4D6-CABA03805EE4}_is1) (Version: 20.0.2 - Ashampoo GmbH & Co. KG)
Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch (HKLM-x32\...\InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}) (Version: - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch (HKLM-x32\...\InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}) (Version: - ) Hidden
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 391.01 - NVIDIA Corporation) Hidden
DjVuLibre+DjView (HKLM-x32\...\DjVuLibre+DjView) (Version: 3.5.22+4.5 - DjVuZone)
Easy Photo Scan (HKLM-x32\...\{9E3F2EC3-7E4F-4F20-A56F-7A24D6E3D39B}) (Version: 1.00.0017 - Seiko Epson Corporation)
Epson Event Manager (HKLM-x32\...\{49048EBF-3803-4AA4-8943-675E6E8D5B30}) (Version: 3.11.0030 - Seiko Epson Corporation)
EPSON L3150 Series Printer Uninstall (HKLM\...\EPSON L3150 Series) (Version: - Seiko Epson Corporation)
Epson Photo+ (HKLM-x32\...\{5874C85E-A911-4A7E-8643-DB2C4322CBBF}) (Version: 3.1.0.0 - Seiko Epson Corporation)
Epson Printer Connection Checker (HKLM-x32\...\{FFA5C174-DB3F-4AFE-B59D-C0FB1744CD76}) (Version: 3.1.0.0 - Seiko Epson Corporation)
Epson Scan 2 (HKLM-x32\...\Epson Scan 2) (Version: - Seiko Epson Corporation)
EPSON Scan OCR Component (HKLM-x32\...\{563B99D8-8895-4E3E-AE8D-15BE8C05F1C1}) (Version: 3.00.04 - SEIKO EPSON Corp.)
EPSON Scan PDF Extensions (HKLM-x32\...\{F9956472-6E16-4F83-BF9A-F887EF4A45B7}) (Version: 1.03.0001 - SEIKO EPSON Corp.)
Epson ScanSmart (HKLM-x32\...\{C22B4EC7-9C8A-4465-AD84-F88DE59E1F9F}) (Version: 2.5.1 - Seiko Epson Corporation)
EpsonNet Print (HKLM\...\{96ED1D58-440C-4345-8FEE-C4781366C67F}) (Version: 3.1.4.0 - SEIKO EPSON Corporation)
ESET Premium Line Encryption (HKLM\...\{9A6F6D1F-CEBC-4338-87EC-D7F208CFCED1}) (Version: 1.0.19 - ESET) Hidden
ESET Security (HKLM\...\{0F462EFA-8AE8-4C2A-BC94-0AFFF17A8245}) (Version: 13.0.24.0 - ESET, spol. s r.o.)
FinePrint (HKLM\...\FinePrint) (Version: 10.02 - FinePrint Software, LLC)
Fotogalerie (HKLM-x32\...\{F37D360D-9308-4BB1-8515-DC6B637B9486}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
HiSuite (HKLM-x32\...\Hi Suite) (Version: 9.0.3.300 - Huawei Technologies Co.,Ltd)
Mac Blu-ray Player (HKLM-x32\...\Mac Blu-ray Player) (Version: 2.17.4.3289 - Macgo Inc.)
Malwarebytes verze 3.6.1.2711 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.6.1.2711 - Malwarebytes)
Metro 2033 Redux (HKLM-x32\...\1436434037_is1) (Version: 2.0.0.2 - GOG.com)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - cs-cz (HKLM\...\ProPlusRetail - cs-cz) (Version: 16.0.12228.20364 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x64 8.0.61000 (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x86 8.0.61001 (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{a2199617-3609-410f-a8e8-e8806c73545b}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{f0080ca2-80ae-4958-b6eb-e8fa916d744a}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{0513c9cf-7191-45a7-ace9-ecdad03c93a4}) (Version: 12.0.40660.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{10dc8dbf-d3d7-4e23-be07-120fe5c66b78}) (Version: 12.0.40660.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2017 RC Redistributable (x64) - 14.10.24728 (HKLM-x32\...\{197f8e1a-7e93-4cb4-a4f9-19dc2c2c4ee2}) (Version: 14.10.24728.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 RC Redistributable (x86) - 14.10.24728 (HKLM-x32\...\{38602f72-a7f8-456b-84e5-6e200dc99917}) (Version: 14.10.24728.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.14.26429 (HKLM-x32\...\{80586c77-db42-44bb-bfc8-7aebbb220c00}) (Version: 14.14.26429.4 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.16.27012 (HKLM-x32\...\{427ada59-85e7-4bc8-b8d5-ebf59db60423}) (Version: 14.16.27012.6 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.14.26429 (HKLM-x32\...\{2019b6a0-8533-4a04-ac0e-b2c10bdb9841}) (Version: 14.14.26429.4 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.15.26706 (HKLM-x32\...\{7e9fae12-5bbf-47fb-b944-09c49e75c061}) (Version: 14.15.26706.0 - Microsoft Corporation)
Moorfrosch XXL (HKLM-x32\...\{852DBAD9-ECAC-48FD-99D8-775CF9BFD42C}) (Version: - )
Movie Maker (HKLM-x32\...\{3D2CF65C-B544-4308-B996-700D3E5F6C4C}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version: - Pavel Cvrcek)
Mozilla Firefox 71.0 (x64 cs) (HKLM\...\Mozilla Firefox 71.0 (x64 cs)) (Version: 71.0 - Mozilla)
Next Generation Visualisations (HKLM-x32\...\{2E376AD9-5C49-4F7D-A0BA-6A44E8FA5A3B}) (Version: 1.0.0 - Microsoft)
Nexus (HKLM-x32\...\Winstep Xtreme_is1) (Version: - )
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 7.5.8 - Notepad++ Team)
NVIDIA Ovladač HD audia 1.3.38.16 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.16 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 432.00 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 432.00 - NVIDIA Corporation)
NVIDIA PhysX (Legacy) (HKLM-x32\...\{FAAC26AD-73BA-40CE-86AA-C9213F9E064A}) (Version: 9.13.0604 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.12228.20364 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.12228.20364 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.12228.20364 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.12228.20364 - Microsoft Corporation) Hidden
Opera Stable 65.0.3467.78 (HKU\S-1-5-21-4144462506-2486898719-981058799-1001\...\Opera 65.0.3467.78) (Version: 65.0.3467.78 - Opera Software)
Ovládací panel NVIDIA 432.00 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 432.00 - NVIDIA Corporation) Hidden
PDF-XChange 4 Pro (HKLM\...\{E38531EE-318C-4EFB-A36B-1A57BFBDAB3C}_is1) (Version: 4.200.200.0 - Tracker Software Products Ltd)
Print Passport Photo 1.2.0 (HKLM-x32\...\Print Passport Photo_is1) (Version: 1.2.0 - Marcello Pietrelli & Gianni Baini)
Příručky společnosti EPSON (HKLM-x32\...\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}) (Version: 1.56.1.0 - Seiko Epson Corporation)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8581 - Realtek Semiconductor Corp.)
Revo Uninstaller Pro 4.2.1 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 4.2.1 - VS Revo Group, Ltd.)
Skype verze 8.55 (HKLM-x32\...\Skype_is1) (Version: 8.55 - Skype Technologies S.A.)
SolSuite 2011 v11.1 (HKLM-x32\...\SolSuite_is1) (Version: - TreeCardGames)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TomTom HOME (HKLM-x32\...\{D4CE8CC5-B7D1-4A6A-907E-57A060F4A0E0}) (Version: 2.11.8 - Název společnosti:)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.21a - Ghisler Software GmbH)
Trine 4 CZ GoG v.1.0.7998 (HKLM-x32\...\Trine 4 CZ GoG v.1.0.7998) (Version: GoG v.1.0.7998 - Libbi)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F814D094-197F-43C8-87FA-3210BB780486}) (Version: 2.53.0.0 - Microsoft Corporation)
uRage Reaper nxt. version 1.0.3 (HKLM-x32\...\{2F606408-495F-4772-A3A7-BE0A31C4B261}_is1) (Version: 1.0.3 - )
VLC media player (HKLM\...\VLC media player) (Version: 3.0.4 - VideoLAN)
VSO ConvertXToDVD 7 (HKLM-x32\...\{A021D003-6933-4EA4-B582-F1D0C3E52409}_is1) (Version: 7.0.0.52 - VSO Software)
Wargaming.net Game Center (HKU\S-1-5-21-4144462506-2486898719-981058799-1001\...\Wargaming.net Game Center) (Version: 19.7.0.7412 - Wargaming.net)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.70 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)
Wondershare Filmora9(Build 9.1.0) (HKLM\...\Wondershare Filmora9_is1) (Version: - Wondershare Software)
Wondershare Helper Compact 2.6.0 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.6.0 - Wondershare)
World of Tanks EU (HKU\S-1-5-21-4144462506-2486898719-981058799-1001\...\WOT.EU.PRODUCTION) (Version: - Wargaming.net)
YouTube By Click 2.2.119 (HKLM-x32\...\YouTube By Click_is1) (Version: 2.2.119 - lrepacks.ru)
Zoner Photo Studio X CS (HKU\S-1-5-21-4144462506-2486898719-981058799-1001\...\ZPS X) (Version: 19.1909.2.198 - ZONER software)

Packages:
=========
EdgeDevtoolsPlugin -> C:\WINDOWS\SystemApps\Microsoft.EdgeDevtoolsPlugin_cw5n1h2txyewy [2019-11-15] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-15] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-15] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.5.12061.0_x64__8wekyb3d8bbwe [2019-12-18] (Microsoft Studios) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.34.13393.0_x64__8wekyb3d8bbwe [2019-12-18] (Microsoft Corporation) [MS Ad]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers: [ESD Shell Icon Overlay Identifier] -> {AF106685-9C86-48AF-8524-8F485C459E17} => C:\Program Files\ESET\ESET Secure Data\esdovrly.dll [2019-10-02] (DESlock Limited -> DESlock Limited)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-12-13] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-12-13] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2019-10-02] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-12-13] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2019-03-29] (VS Revo Group Ltd. -> VS Revo Group)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2019-01-20 09:47 - 2019-12-13 17:52 - 001899520 _____ () [File not signed] C:\Program Files (x86)\Microsoft\Skype for Desktop\ffmpeg.dll
2019-01-20 09:47 - 2019-12-13 17:52 - 000115712 _____ () [File not signed] C:\Program Files (x86)\Microsoft\Skype for Desktop\libegl.dll
2019-01-20 09:47 - 2019-12-13 17:52 - 006668800 _____ () [File not signed] C:\Program Files (x86)\Microsoft\Skype for Desktop\libglesv2.dll
2015-12-11 16:14 - 2015-12-11 16:14 - 004968448 _____ (Seiko Epson Corporation) [File not signed] C:\Program Files\EpsonNet\EpsonNet Print\ENSTRMAPIe.dll
2016-09-14 14:31 - 2016-09-14 14:31 - 000500736 ____S (SEIKO EPSON CORPORATION) [File not signed] C:\WINDOWS\System32\enppmon.dll
2019-04-04 22:54 - 2017-11-24 16:43 - 000026624 _____ (Winstep Software Technologies) [File not signed] C:\Program Files (x86)\Winstep\WsxMMTimer.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2016-07-16 12:47 - 2019-12-07 22:58 - 000000841 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4144462506-2486898719-981058799-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Karlíkxy\AppData\Roaming\Microsoft\Windows Photo Viewer\Tapeta programu Windows Prohlížeč fotografií.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Prompt)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\StartupFolder: => "HP Digital Imaging Monitor.lnk"
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run32: => "HP Software Update"
HKLM\...\StartupApproved\Run32: => "VICTORY Gaming Keyboard"
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKLM\...\StartupApproved\Run32: => "EEventManager"
HKU\S-1-5-21-4144462506-2486898719-981058799-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-4144462506-2486898719-981058799-1001\...\StartupApproved\Run: => "World of Tanks"
HKU\S-1-5-21-4144462506-2486898719-981058799-1001\...\StartupApproved\Run: => "OneDriveSetup"
HKU\S-1-5-21-4144462506-2486898719-981058799-1001\...\StartupApproved\Run: => "Zoner Photo Studio Autoupdate"
HKU\S-1-5-21-4144462506-2486898719-981058799-1001\...\StartupApproved\Run: => "EPLTarget\P0000000000000000"
HKU\S-1-5-21-4144462506-2486898719-981058799-1001\...\StartupApproved\Run: => "CCXProcess"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{3A9568C2-645F-4B71-860C-4F6C734323F0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{16E6CAE4-7E58-4EE2-8E71-B186580B7D66}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{752C98D7-A728-488B-8973-33396BB923D1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{64DCB0CB-E45A-4780-B046-72F6B398E416}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{C5A1CC65-5AB7-424C-B64B-81A30A910B3A}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8CC510C8-D80E-48D1-A965-157C005FEDF3}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{9884D73C-19C3-4A00-9126-DD5FE7C6F0CB}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{723BF365-56E5-4D73-A4F3-675F0B62185D}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F935528C-D008-436E-B687-B38761AD25E3}] => (Allow) C:\Program Files\ESET\ESET Password Manager\pwm.exe (Lamantine Software a.s. -> ESET)
FirewallRules: [{AF030326-15D3-4A13-9C16-E96F3507C4A0}] => (Allow) C:\Program Files\ESET\ESET Password Manager\pwm.exe (Lamantine Software a.s. -> ESET)
FirewallRules: [{C2616D4C-3EB1-45F8-B105-054D73BB85A7}] => (Allow) LPort=25555
FirewallRules: [{F1FFE5FB-F7C5-4662-83F6-DD8A1FFCA21F}] => (Allow) C:\Games\World_of_Tanks\worldoftanks.exe No File
FirewallRules: [{60A9EC4B-304B-40DE-B906-94D2B3DA2C07}] => (Allow) C:\Games\World_of_Tanks\worldoftanks.exe No File
FirewallRules: [{7B4CAD1C-19B2-4142-A311-01552FB0F6B7}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe No File
FirewallRules: [{98F31C6E-1DF3-4CB6-A489-2FC269F011EB}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe No File
FirewallRules: [{0F1A8D5D-FE51-4E92-ABBC-EF7544B74EC8}] => (Allow) LPort=1900
FirewallRules: [{EDE30928-5C09-48CF-88D9-47E0F7C3BCF9}] => (Allow) LPort=2869
FirewallRules: [{83645A7A-432E-433B-AD8C-280F6DDC22B7}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6FF1C4D7-3E08-4198-883D-A8A9C71E0D42}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{24F51C10-AA83-4F70-A059-063830C359C8}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{0F4D0B95-289E-4C7A-A59C-1D739F690F9D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{55956298-0CC4-42F9-A381-3A363AD7B3AB}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe No File
FirewallRules: [{4811A3ED-2B2D-45A1-B9BB-6E559B80D33F}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe No File
FirewallRules: [{E5B277B2-0316-489D-9CCA-3D9B9876674E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe No File
FirewallRules: [{8B292744-2DAD-4661-92F2-09066939A79B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe No File
FirewallRules: [{B477C140-B135-4E27-AFFC-F4323A6093A7}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe No File
FirewallRules: [{CE5B9646-F00F-45D8-9963-DBC6929EE062}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe No File
FirewallRules: [{B7F8B695-221D-4381-8D74-66B071639127}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe No File
FirewallRules: [{B060137E-6733-479F-8504-321B8AD3D833}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe No File
FirewallRules: [{6FB32F5F-B2BE-4689-A1B8-D1B275064CA6}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe No File
FirewallRules: [{D1C6C491-7B26-41E8-B550-5EAD7545F94F}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{72F6EFCC-54A5-4238-871C-FD5D8FA79F89}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [OpenSSH-Server-In-TCP] => (Allow) %SystemRoot%\system32\OpenSSH\sshd.exe No File
FirewallRules: [{A2E9F3B2-14AA-4403-88D4-C05824D419E5}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
FirewallRules: [{2D3EEACA-008C-4658-81C2-E23478492004}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
FirewallRules: [{A45F9EAB-7EE6-4244-815B-62BB53DDC234}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D1FE3E2C-3281-48A5-A3BD-267BA8CA1978}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{4D843C1A-6E4D-47C4-8984-675645237C5C}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{85F1ECD2-0D4C-414B-87B5-D46F82193E30}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\American Truck Simulator\bin\win_x64\amtrucks.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{1F9DD09F-2DBD-4D0C-89F2-5E7143B65B1F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\American Truck Simulator\bin\win_x64\amtrucks.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{B97D65D3-C4EF-4873-B59A-B820CA47FD2B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Spintires\SpinTires.exe (Oovee Ltd.) [File not signed]
FirewallRules: [{4DBE00DB-9867-4067-B1E2-CB4394CDC7F9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Spintires\SpinTires.exe (Oovee Ltd.) [File not signed]
FirewallRules: [{19833CF2-C9C8-4381-8885-FC819106E0A1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{139304F1-9452-4A5D-BACA-64FC5AD9F818}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{855CF97E-F1EE-45B5-830D-6C03538AE306}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{8CCE236B-3962-4B89-AB5F-41A7594C034D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)

==================== Restore Points =========================

19-12-2019 12:21:20 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (12/29/2019 03:55:55 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (5472,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (12/26/2019 10:45:38 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (8364,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (12/26/2019 10:33:29 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (10460,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (12/26/2019 10:17:11 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (9680,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (12/26/2019 10:06:35 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (10424,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (12/26/2019 09:54:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: utorrent.exe, verze: 2.2.1.25534, časové razítko: 0x4e4594ce
Název chybujícího modulu: GDI32.dll, verze: 10.0.18362.1, časové razítko: 0x527faf7f
Kód výjimky: 0xc000041d
Posun chyby: 0x00004647
ID chybujícího procesu: 0xc74
Čas spuštění chybující aplikace: 0x01d5bc26433b8044
Cesta k chybující aplikaci: C:\Users\Karlíkxy\AppData\Roaming\uTorrent\utorrent.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\GDI32.dll
ID zprávy: 19985b60-6ddc-47b3-8822-1dab51f04545
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (12/26/2019 09:47:57 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (2360,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (12/26/2019 09:08:40 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (7060,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).


System errors:
=============
Error: (12/22/2019 11:19:00 PM) (Source: DCOM) (EventID: 10010) (User: VELKEJPC)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

Error: (12/22/2019 11:19:00 PM) (Source: DCOM) (EventID: 10010) (User: VELKEJPC)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

Error: (12/19/2019 11:55:17 PM) (Source: DCOM) (EventID: 10010) (User: VELKEJPC)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

Error: (12/19/2019 11:55:17 PM) (Source: DCOM) (EventID: 10010) (User: VELKEJPC)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

Error: (12/18/2019 04:35:44 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Steam Client Service neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (12/18/2019 04:35:44 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Steam Client Service bylo dosaženo časového limitu (30000 ms).

Error: (12/14/2019 10:22:14 PM) (Source: DCOM) (EventID: 10010) (User: VELKEJPC)
Description: Server Microsoft.Windows.ContentDeliveryManager_10.0.18362.449_neutral_neutral_cw5n1h2txyewy!App.AppXw3qcpc7p849541dp39vvqd01bn7z9ybh.mca se v daném časovém limitu neregistroval u služby DCOM.

Error: (12/14/2019 04:04:07 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Stínové kopie svazku C: byly přerušeny, protože z důvodu limitu stanoveného uživatelem se nepodařilo zvětšit úložiště stínové kopie.


CodeIntegrity:
===================================

Date: 2019-12-29 15:50:50.125
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Windows signing level requirements.

Date: 2019-12-29 15:50:50.122
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Windows signing level requirements.

Date: 2019-12-29 15:50:50.028
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Windows signing level requirements.

Date: 2019-12-29 15:46:57.365
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume2\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Windows signing level requirements.

Date: 2019-12-29 15:46:57.362
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume2\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Windows signing level requirements.

Date: 2019-12-29 15:46:57.355
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume2\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Windows signing level requirements.

Date: 2019-12-29 15:46:57.352
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume2\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Windows signing level requirements.

Date: 2019-12-29 15:46:57.105
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume2\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Windows signing level requirements.

==================== Memory info ===========================

BIOS: Award Software International, Inc. F8 10/18/2010
Motherboard: Gigabyte Technology Co., Ltd. GA-MA770T-UD3
Processor: AMD Phenom(tm) II X4 965 Processor
Percentage of memory in use: 20%
Total physical RAM: 16381.55 MB
Available physical RAM: 13002.24 MB
Total Virtual: 17405.55 MB
Available Virtual: 12746.2 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:930.56 GB) (Free:644.49 GB) NTFS
Drive d: (Místní disk) (Fixed) (Total:931.51 GB) (Free:360.85 GB) NTFS

\\?\Volume{61d92415-0000-0000-0000-100000000000}\ (Rezervováno systémem) (Fixed) (Total:0.49 GB) (Free:0.45 GB) NTFS
\\?\Volume{61d92415-0000-0000-0000-60c3e8000000}\ () (Fixed) (Total:0.46 GB) (Free:0.03 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 61D92415)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=930.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=469 MB) - (Type=27)

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 2EFF3D7B)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================

[Conder]

Otvor poznamkovy blok (Win+R -> notepad -> enter)

• Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

  Kód: Vybrat vše

  Start
  CloseProcesses:
  CreateRestorePoint:
  
  PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
  Task: {12792512-260F-471E-8FC0-2457274DC7AB} - System32\Tasks\RogueKiller Anti-Malware => C:\Users\Karlíkxy\Desktop\RogueKiller_portable64.exe
  BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll => No File
  Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll No File
  2019-12-29 15:54 - 2019-12-29 15:54 - 000000000 ____D C:\Users\Karlíkxy\Desktop\FRST-OlderVersion
  ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> No File
  ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> No File
  ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> No File
  ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> No File
  ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> No File
  ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> No File
  ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> No File
  ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> No File
  ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> No File
  ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> No File
  ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> No File
  ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> No File
  ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> No File
  ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> No File
  ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} =>  -> No File
  ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> No File
  ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} =>  -> No File
  ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
  ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} =>  -> No File
  ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} =>  -> No File
  ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> No File
  ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
  
  Hosts:
  EmptyTemp:
  End

• Uloz na plochu s nazvom fixlist.txt
• Spusti znovu FRST a klikni na Fix
• Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
• Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj

[kodl74]

Fix result of Farbar Recovery Scan Tool (x64) Version: 28-12-2019
Ran by Karlíkxy (30-12-2019 12:58:37) Run:1
Running from C:\Users\Karlíkxy\Desktop
Loaded Profiles: Karlíkxy (Available Profiles: Karlíkxy)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
Task: {12792512-260F-471E-8FC0-2457274DC7AB} - System32\Tasks\RogueKiller Anti-Malware => C:\Users\Karlíkxy\Desktop\RogueKiller_portable64.exe
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll => No File
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll No File
2019-12-29 15:54 - 2019-12-29 15:54 - 000000000 ____D C:\Users\Karlíkxy\Desktop\FRST-OlderVersion
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File

Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
Restore point was successfully created.

========= Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum =========



Count : 11557
Average :
Sum : 136613551392
Maximum :
Minimum :
Property : Length




========= End of Powershell: =========

"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{12792512-260F-471E-8FC0-2457274DC7AB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{12792512-260F-471E-8FC0-2457274DC7AB}" => removed successfully
C:\WINDOWS\System32\Tasks\RogueKiller Anti-Malware => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RogueKiller Anti-Malware" => removed successfully
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9421DD08-935F-4701-A9CA-22DF90AC4EA6} => removed successfully
HKLM\Software\Classes\CLSID\{9421DD08-935F-4701-A9CA-22DF90AC4EA6} => removed successfully
"HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{9421DD08-935F-4701-A9CA-22DF90AC4EA6}" => removed successfully
"C:\Users\Karlíkxy\Desktop\FRST-OlderVersion" => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ FileSyncEx => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\7-Zip => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ANotepad++64 => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
"HKLM\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D}" => removed successfully
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\{4A7C4306-57E0-4C0C-83A9-78C1528F618C} => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\ FileSyncEx => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\7-Zip => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 9199616 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 1150695879 B
Java, Flash, Steam htmlcache => 419994397 B
Windows/system/drivers => 5710099 B
Edge => 3072 B
Chrome => 0 B
Firefox => 1116581823 B
Opera => 99407585 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 10118 B
NetworkService => 10118 B
Karlíkxy => 7983017 B

RecycleBin => 11542485005 B
EmptyTemp: => 13.4 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 13:00:34 ====

[Conder]

Plocha ma vyse 120 GB, co je prilis vela. Odporucam presunut vsetky subory a zlozky z plochy do dokumentov a na ploche nechat iba odkazy/zastupcov. Prilis velka velkost plochy moze sposobit spomalenie systemu.

Vo Firefoxe je nainstalovanych pomerne vela doplnkov. Odporucam ich skontrolovat a odstranit (alebo aspon zakazat) tie, ktore nepouzivas. Ako blokovac reklam odporucam pouzivat skor uBlock Origin.

Inak to vyzera OK. Su s PC nejake problemy?

[kodl74]

Plocha uklizena, vytvořen zástupce. Doplňky odinstalovány, zůstali jen ty co používám. PC jede bez problémů.děkuji za kontrolu a krásný nový rok přeji celému týmu VIRY.CZ

[Conder]

Dakujeme za prianie a taktiez zelam vsetko dobre do noveho roku

Tak este upraceme po pouzitych nastrojoch:

• Stiahni DelFix: https://toolslib.net/downloads/finish/2-delfix/
• Uloz na plochu a spusti
• Nechaj oznacenu moznost "Remove disinfection tools"
• Klikni na "Run"

[kodl74]

Ještě jednou dík, uděláno, hotovo.

[Conder]

Nie je zaco, rad som pomohol