VIRY.CZ

Zdravim, poprosil by som o preventivnu kontrolu, dakujem dopredu.

FRST.txt:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 09-01-2021
Ran by cress (administrator) on DESKTOP-DU1T7SB (Micro-Star International Co., Ltd. GL73 8RE) (12-01-2021 03:28:42)
Running from C:\Users\cress\Downloads
Loaded Profiles: cress
Platform: Windows 10 Pro Version 1903 18362.476 (X64) Language: Čeština (Česká republika)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(Even Balance, Inc. -> ) C:\Windows\SysWOW64\PnkBstrA.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler64.exe
(GoPro Media, Inc. -> ) C:\Program Files\GoPro\GoPro Desktop App\GoProDeviceDetection.exe
(IDRIX -> IDRIX) C:\Program Files\VeraCrypt\VeraCrypt.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_6be8e5b7f731a6e5\igfxCUIService.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_6be8e5b7f731a6e5\igfxEM.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_ebdc782d382a3810\IntelCpHDCPSvc.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_ebdc782d382a3810\IntelCpHeciSvc.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Invincea, Inc. -> Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(Logitech Inc -> Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(Logitech Inc -> Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Intune Management Extension\Microsoft.Management.Services.IntuneWindowsAgent.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) [File not signed] C:\Program Files\Windows Defender\MSASCuiL.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1908.0.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12228.20206.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12228.20206.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Micro-Star International CO., LTD. -> ) C:\Program Files (x86)\MSI\Dragon Center\Sendevsvc\Sendevsvc.exe
(Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.) C:\Program Files (x86)\MSI\Dragon Center\MSIAPP_Service\MSIAPService.exe
(Micro-Star International Co., Ltd.) [File not signed] C:\Program Files (x86)\MSI\Dragon Center\Dragon Center.exe
(Micro-Star International Co., Ltd.) [File not signed] C:\Program Files (x86)\SCM\MSIService.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <8>
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvmii.inf_amd64_95d5c45c0ef3de24\Display.NvContainer\NVDisplay.Container.exe <2>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(Skype) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.54.91.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Skype) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.54.91.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPHelper.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(TEFINCOM S.A. -> TEFINCOM S.A.) C:\Program Files\NordVPN\nordvpn-service.exe
(Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\RtkAudUService64.exe [833312 2019-01-23] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320584 2018-02-13] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [SCM] => c:\Program Files (x86)\SCM\SCM.exe [302360 2018-03-09] (Micro-Star International CO., LTD. -> ) [File not signed]
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3402832 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [193024 2019-11-27] (Microsoft Corporation) [File not signed]
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [175504 2020-11-04] (ESET, spol. s r.o. -> ESET)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [18727048 2018-10-05] (Logitech Inc -> Logitech Inc.)
HKLM-x32\...\Run: [WDDiscovery] => C:\Program Files (x86)\Western Digital\Discovery\Current\WD Discovery.exe [81373696 2020-06-20] (Western Digital Technologies, Inc. -> Western Digital Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [644552 2019-07-04] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2091064 2020-06-20] (Adobe Inc. -> Adobe Inc.)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [114824 2020-06-05] (Adobe Inc. -> )
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-3455536620-3738399896-992047778-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3395360 2020-09-03] (Valve -> Valve Corporation)
HKU\S-1-5-21-3455536620-3738399896-992047778-1001\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [915848 2020-03-30] (Nota Inc. -> Nota Inc.)
HKU\S-1-5-21-3455536620-3738399896-992047778-1001\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [3672920 2020-02-20] (Invincea, Inc. -> Sandboxie Holdings, LLC)
HKU\S-1-5-21-3455536620-3738399896-992047778-1001\...\Run: [utweb] => C:\Users\cress\AppData\Roaming\uTorrent Web\utweb.exe [5617792 2020-12-01] (Jenkins Win Client Build CA -> BitTorrent Inc.) [File not signed]
HKU\S-1-5-21-3455536620-3738399896-992047778-1001\...\Run: [CCXProcess] => C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [679048 2020-06-17] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-3455536620-3738399896-992047778-1001\...\Run: [NordVPN] => C:\Program Files\NordVPN\NordVPN.exe [274176 2020-10-16] (TEFINCOM S.A. -> TEFINCOM S.A.)
HKU\S-1-5-21-3455536620-3738399896-992047778-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\cress\AppData\Local\Microsoft\Teams\Update.exe [2452664 2020-11-11] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-3455536620-3738399896-992047778-1001\...\MountPoints2: {b66d2193-a8d4-11ea-a996-d8f2ca0d1b0e} - "G:\WD Drive Unlock.exe" autoplay=true
HKU\S-1-5-21-3455536620-3738399896-992047778-1001\...\MountPoints2: {c323ee43-dbc8-11e9-a836-00d8610781b1} - "G:\WD Drive Unlock.exe" autoplay=true
HKU\S-1-5-18\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe /StartMinimized
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\87.0.4280.141\Installer\chrmstp.exe [2021-01-11] (Google LLC -> Google LLC)
Startup: C:\Users\cress\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Jarvee.lnk [2020-03-20]
ShortcutTarget: Jarvee.lnk -> C:\Users\cress\AppData\Roaming\Jarvee\Jarvee.exe (No File)
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {015CC7CD-6779-47A4-8BED-B83392043416} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23061920 2020-12-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {091523A3-3872-4C54-B68C-CB95013085B4} - System32\Tasks\NahimicSvc64Run => C:\Windows\System32\NahimicSvc64.exe
Task: {10D52777-DDDE-498A-BCA7-356E8B7E9668} - System32\Tasks\Microsoft\Intune\Intune Management Extension Health Evaluation => C:\Program Files (x86)\Microsoft Intune Management Extension\ClientHealthEval.exe [50024 2020-11-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {16026704-6674-440C-A8F6-B3B78AFAF6C0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\MpCmdRun.exe [469928 2019-10-29] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {166CBB20-5A7A-49D3-9D07-C4ED4CC0F37C} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3402832 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {198DB53C-A119-4410-8EE0-8BF900ADD49A} - System32\Tasks\NahimicSvc32Run => C:\Users\cress\Desktop\8612_UAD_WHQL_Nahimic_1230_2019_0111_134708\Win64\ThirdParty\A-Volute APO - SWC\NahimicSvc32.exe [656112 2019-01-09] (A-Volute -> Nahimic)
Task: {1A29B4A5-EBC4-4A92-8806-1131D05F01D1} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\1F615117-212C-405E-9307-2A328BB8D539\OS Edition Upgrade event listener created by enrollment client => C:\Windows\system32\deviceenroller.exe [551424 2019-10-09] (Microsoft Windows -> Microsoft Corporation)
Task: {1C110509-347B-4190-89DD-CDCF7B1A2873} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\cress\Downloads\esetonlinescanner_enu.exe
Task: {1D61699D-BB75-4558-AEF1-BFDD0F1946B6} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [860016 2019-08-27] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {1DA46985-C820-4FEA-91E4-1B548F8C8D08} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\MpCmdRun.exe [469928 2019-10-29] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {25110484-EC5B-4BE8-8816-B9814BA9AF9C} - System32\Tasks\GyazoUpdateTaskMachineDaily => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [6785448 2020-03-30] (Nota Inc. -> Nota Inc.)
Task: {28081A14-EC4F-4D57-ACDB-D9F897D640E1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-03-22] (Google LLC -> Google LLC)
Task: {2891CE16-1729-43A7-808B-C2C46A7D7115} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133608 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3540B1B5-DA52-4ED1-A060-190F3627968F} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [116584 2021-01-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {39B3393A-7E29-4731-8167-0BF18D5F75CA} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\1F615117-212C-405E-9307-2A328BB8D539\PushLaunch => C:\Windows\system32\deviceenroller.exe [551424 2019-10-09] (Microsoft Windows -> Microsoft Corporation)
Task: {44B090CE-2E8C-4269-B98E-D616CE85217E} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [860016 2019-08-27] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {4F6DE537-8E04-42AA-B0F4-FCF2F00E5CEA} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133608 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {4FF111C5-2672-4F35-BF36-D8DB589D968B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4071344 2021-01-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {50FCDAD5-BC5D-4633-9ED4-87F07ADC89B6} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\1F615117-212C-405E-9307-2A328BB8D539\Schedule created by enrollment client for renewal of certificate warning => C:\Windows\system32\deviceenroller.exe [551424 2019-10-09] (Microsoft Windows -> Microsoft Corporation)
Task: {51350E3E-F552-4EEF-8F69-7913A71D22C3} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\1F615117-212C-405E-9307-2A328BB8D539\Schedule #2 created by enrollment client => C:\Windows\system32\deviceenroller.exe [551424 2019-10-09] (Microsoft Windows -> Microsoft Corporation)
Task: {52BC83B1-50AA-445E-9DCE-9C80D14F9C8D} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\1F615117-212C-405E-9307-2A328BB8D539\Schedule to run OMADMClient by server => C:\Windows\system32\omadmclient.exe [330240 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
Task: {546F147A-C6AC-4310-94BE-7026480FBD67} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [693216 2021-01-07] (Mozilla Corporation -> Mozilla Foundation)
Task: {5755325F-97E6-4C00-8D0F-94AE5CBC9EA8} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\1F615117-212C-405E-9307-2A328BB8D539\PushRenewal => C:\Windows\system32\deviceenroller.exe [551424 2019-10-09] (Microsoft Windows -> Microsoft Corporation)
Task: {5F79C9A4-BF55-4E02-8808-337A210459DD} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23061920 2020-12-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {6043B7D2-DFAF-43CD-A741-FE1490E2F7BC} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [913448 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6B177538-7A7B-4789-9C64-79DD018CC36F} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [913448 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {72352C51-2840-4E91-91E1-833E1387A3FE} - System32\Tasks\Dragon_Center_updater => C:\ProgramData\MSI\Dragon [Argument = Center\DragonCenter_Updater.exe DragonCenter]
Task: {79AEAD23-ED3A-4FA6-B232-F190E556C9A0} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\1F615117-212C-405E-9307-2A328BB8D539\Passport for Work alert created by enrollment client => C:\Windows\system32\deviceenroller.exe [551424 2019-10-09] (Microsoft Windows -> Microsoft Corporation)
Task: {7DD201AD-115F-4EB5-BE96-571CE394B1D1} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133608 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {7E283ACD-0BE1-495F-8AC2-1AA4A7925129} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-10-14] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {7E2A50B5-7A86-478C-A184-13D29F9EC651} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\1F615117-212C-405E-9307-2A328BB8D539\Win10 S Mode event listener created by enrollment client => C:\Windows\system32\deviceenroller.exe [551424 2019-10-09] (Microsoft Windows -> Microsoft Corporation)
Task: {7F4D80E3-77BF-4515-ADA0-32E0F115BC51} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [653864 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {83B86C1E-798B-4D75-AD71-8910B0049C48} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_465_Plugin.exe [1504312 2020-12-08] (Adobe Inc. -> Adobe)
Task: {85E93F91-D8CB-4263-9465-D09962B86FA1} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\1F615117-212C-405E-9307-2A328BB8D539\Schedule #3 created by enrollment client => C:\Windows\system32\deviceenroller.exe [551424 2019-10-09] (Microsoft Windows -> Microsoft Corporation)
Task: {923AE985-1150-40A0-922F-97A805ACA912} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4071344 2021-01-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {94B7E62E-5FB8-4580-827B-54444C8EBC49} - System32\Tasks\MSI_Dragon Center => C:\Program Files (x86)\MSI\Dragon Center\Dragon Center.exe [6255104 2020-05-06] (Micro-Star International Co., Ltd.) [File not signed]
Task: {AAF5F7E7-6F43-40E7-9FFD-F54124396511} - System32\Tasks\Opera scheduled assistant Autoupdate 1576852719 => C:\Users\cress\AppData\Local\Programs\Opera\launcher.exe [1776280 2021-01-05] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\cress\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {AB5BB24B-20BE-4AE6-8FD7-4157715542F1} - System32\Tasks\GyazoUpdateTaskMachine => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [6785448 2020-03-30] (Nota Inc. -> Nota Inc.)
Task: {AC7862F8-CB1C-44CB-80D8-5D5ADB7856EF} - System32\Tasks\WD Device Agent Task cress => C:\Program Files (x86)\Western Digital\Discovery\Current\WD Device Agent.exe [717824 2020-06-20] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
Task: {B39C5FF2-16EC-4DF7-823F-860F76935ED3} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\1F615117-212C-405E-9307-2A328BB8D539\Retry Schedule created for incomplete session => C:\Windows\system32\deviceenroller.exe [551424 2019-10-09] (Microsoft Windows -> Microsoft Corporation)
Task: {B47F9453-4E85-4859-B1B4-50A126C3FFB7} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\cress\Downloads\esetonlinescanner_enu.exe
Task: {B685FE15-2D95-48B2-B06E-43B1C5AB989B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-14] (Piriform Software Ltd -> Piriform Ltd)
Task: {B92E6EB7-5E7A-4376-A958-070E57B1F887} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\MpCmdRun.exe [469928 2019-10-29] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B9DA20D3-7841-4849-ABE2-5CA9E1273D97} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-03-22] (Google LLC -> Google LLC)
Task: {BF758DA0-8563-4889-9531-FBCEF02DBD2A} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\1F615117-212C-405E-9307-2A328BB8D539\Schedule to run OMADMClient by client => C:\Windows\system32\omadmclient.exe [330240 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
Task: {C5FD4B34-6C2A-42A4-BC97-9C5F05EDC379} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\1F615117-212C-405E-9307-2A328BB8D539\Schedule #1 created by enrollment client => C:\Windows\system32\deviceenroller.exe [551424 2019-10-09] (Microsoft Windows -> Microsoft Corporation)
Task: {C78646CF-61A5-47CD-B0D6-1081C2FAF126} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133608 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C97F263B-B604-4CC6-8B2A-631F3ABB283D} - System32\Tasks\Opera scheduled Autoupdate 1569184123 => C:\Users\cress\AppData\Local\Programs\Opera\launcher.exe [1776280 2021-01-05] (Opera Software AS -> Opera Software)
Task: {CAFBF536-5C37-40D3-91E0-CA4F5016B15C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-08] (Adobe Inc. -> Adobe)
Task: {DEEE555C-23C6-4B85-BE8E-293A493D5ABD} - System32\Tasks\WD Discovery Service Task cress => C:\Program Files (x86)\Western Digital\Discovery\Current\Service\WDDiscoveryService.exe [72704 2020-06-20] (Western Digital Technologies, Inc. -> )
Task: {E1D6B0FF-8A1F-4EBC-833F-7F87BBFF8877} - System32\Tasks\MSISCMTsk => C:\Program Files (x86)\MSI\MSI Remind Manager\MSISCMTsk.exe [344184 2020-02-13] (Micro-Star International CO., LTD. -> Application)
Task: {E2CAE656-13A7-4FDF-B52F-85686EC75615} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3310688 2019-09-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {EBA9C18C-B7F8-4ADB-9092-559930EA26CE} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [116584 2021-01-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {F6A3EF1A-8713-4807-98F4-BD7A18D357A8} - System32\Tasks\MSI_Help_Desk_Agent => C:\Program Files (x86)\MSI\Help Desk\MSI Update Agent.exe
Task: {F77A2DE6-39F8-4D57-ADA7-082DC2C39E66} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\1F615117-212C-405E-9307-2A328BB8D539\Provisioning initiated session => C:\Windows\system32\deviceenroller.exe [551424 2019-10-09] (Microsoft Windows -> Microsoft Corporation)
Task: {FFBFFB32-04F8-47FE-93FB-E4B0121AC29B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\MpCmdRun.exe [469928 2019-10-29] (Microsoft Windows Publisher -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\..\Interfaces\{04ada37e-a05f-4aeb-ad46-f66a364231bb}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{30e84ff8-0135-421d-9f46-f25e462da540}: [NameServer] 1.1.1.1,1.0.0.1
Tcpip\..\Interfaces\{30e84ff8-0135-421d-9f46-f25e462da540}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{f08e3082-5a47-4b6b-969c-7b4b534dfe8d}: [DhcpNameServer] 192.168.100.1

FireFox:
========
FF DefaultProfile: 3tttmlbd.default
FF ProfilePath: C:\Users\cress\AppData\Roaming\Mozilla\Firefox\Profiles\3tttmlbd.default [2019-12-21]
FF ProfilePath: C:\Users\cress\AppData\Roaming\Mozilla\Firefox\Profiles\lpjytsu6.default-release [2021-01-12]
FF NetworkProxy: Mozilla\Firefox\Profiles\lpjytsu6.default-release -> backup.ftp", "46.36.40.73"
FF Extension: (Disable WebRTC) - C:\Users\cress\AppData\Roaming\Mozilla\Firefox\Profiles\lpjytsu6.default-release\Extensions\jid1-5Fs7iTLscUaZBgwr@jetpack.xpi [2020-10-14]
FF Extension: (To Google Translate) - C:\Users\cress\AppData\Roaming\Mozilla\Firefox\Profiles\lpjytsu6.default-release\Extensions\jid1-93WyvpgvxzGATw@jetpack.xpi [2020-11-11]
FF Extension: (Adblock Plus - free ad blocker) - C:\Users\cress\AppData\Roaming\Mozilla\Firefox\Profiles\lpjytsu6.default-release\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2020-12-15]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_465.dll [2020-12-08] (Adobe Inc. -> )
FF Plugin: @java.com/DTPlugin,version=11.221.2 -> C:\Program Files\Java\jre1.8.0_221\bin\dtplugin\npDeployJava1.dll [2019-09-24] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.221.2 -> C:\Program Files\Java\jre1.8.0_221\bin\plugin2\npjp2.dll [2019-09-24] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2020-06-20] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_465.dll [2020-12-08] (Adobe Inc. -> )
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2019-09-23] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2019-09-23] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2019-09-23] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2019-09-23] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-09-13] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2020-06-20] (Adobe Inc. -> Adobe Systems)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\eset_security_config_overlay.js [2021-01-11]

Chrome:
=======
CHR Profile: C:\Users\cress\AppData\Local\Google\Chrome\User Data\Default [2020-12-22]
CHR Extension: (Prezentácie) - C:\Users\cress\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-03-22]
CHR Extension: (Dokumenty) - C:\Users\cress\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-03-22]
CHR Extension: (Disk Google) - C:\Users\cress\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-27]
CHR Extension: (YouTube) - C:\Users\cress\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-03-22]
CHR Extension: (Tabuľky) - C:\Users\cress\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-03-22]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\cress\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-12-22]
CHR Extension: (FleekFramework Cookie Tool) - C:\Users\cress\AppData\Local\Google\Chrome\User Data\Default\Extensions\hjjfkniifopdfpiafnmoncogajgbhncm [2020-03-22]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\cress\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-03-22]
CHR Extension: (Gmail) - C:\Users\cress\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-27]
CHR Extension: (Chrome Media Router) - C:\Users\cress\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-12-22]

Opera:
=======
OPR Extension: (WebRTC Control) - C:\Users\cress\AppData\Roaming\Opera Software\Opera Stable\Extensions\abbdelbgkogfgjkjflgmhebbfjahgalo [2020-10-14]
OPR Extension: (Rich Hints Agent) - C:\Users\cress\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2020-10-23]
OPR Extension: (Adblock Plus - free ad blocker) - C:\Users\cress\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2020-12-15]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AALSvc; C:\AlphaAntiLeak\AAL\bin\server\AALSvc.exe [11444088 2020-03-31] (Constantin Schreiber -> )
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-08] (Adobe Inc. -> Adobe)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [844856 2020-06-20] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3739728 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3511376 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8473200 2019-09-21] (BattlEye Innovations e.K. -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8960904 2020-12-25] (Microsoft Corporation -> Microsoft Corporation)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [803440 2019-09-21] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2595360 2020-11-04] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [2595360 2020-11-04] (ESET, spol. s r.o. -> ESET)
R2 GoProDeviceDetectionService; C:\Program Files\GoPro\GoPro Desktop App\GoProDeviceDetection.exe [38328 2018-08-31] (GoPro Media, Inc. -> )
R2 IntuneManagementExtension; C:\Program Files (x86)\Microsoft Intune Management Extension\Microsoft.Management.Services.IntuneWindowsAgent.exe [170344 2020-11-19] (Microsoft Corporation -> Microsoft Corporation)
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [206472 2018-10-05] (Logitech Inc -> Logitech Inc.)
S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6933272 2020-06-10] (Malwarebytes Inc -> Malwarebytes)
R2 Micro Star SCM; c:\Program Files (x86)\SCM\MSIService.exe [160768 2018-03-09] (Micro-Star International Co., Ltd.) [File not signed]
R2 MSI Foundation Service; C:\Program Files (x86)\MSI\Dragon Center\MSIAPP_Service\MSIAPService.exe [47568 2018-10-29] (Micro-Star International CO., LTD. -> Micro-Star International Co., Ltd.)
R2 nordvpn-service; C:\Program Files\NordVPN\nordvpn-service.exe [275200 2020-10-16] (TEFINCOM S.A. -> TEFINCOM S.A.)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2020-04-27] (Even Balance, Inc. -> )
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [319320 2020-02-20] (Invincea, Inc. -> Sandboxie Holdings, LLC)
R2 Sendevsvc; C:\Program Files (x86)\MSI\Dragon Center\Sendevsvc\Sendevsvc.exe [302888 2019-01-30] (Micro-Star International CO., LTD. -> )
S2 SetupARService; C:\Program Files (x86)\Realtek\Audio\SetupAfterRebootService.exe [10752 2019-10-19] () [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13172752 2020-01-22] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 VBoxSDS; C:\Program Files\Oracle\VirtualBox\VBoxSDS.exe [746504 2020-10-16] (Oracle Corporation -> Oracle Corporation)
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [366720 2019-11-25] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\NisSrv.exe [3201616 2019-10-29] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 wuauserv; C:\Windows\system32\svchost.exe [53744 2019-03-19] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 wuauserv; C:\Windows\SysWOW64\svchost.exe [45448 2019-03-19] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S2 NahimicService; "%SystemRoot%\system32\NahimicService.exe" [X]
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nvmii.inf_amd64_95d5c45c0ef3de24\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nvmii.inf_amd64_95d5c45c0ef3de24\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AALProtect; C:\AlphaAntiLeak\AAL\bin\server\AALProtect.sys [35984 2020-03-31] (OOO AMEKS -> )
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [160992 2020-10-26] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [109360 2020-10-26] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\Windows\System32\DRIVERS\eelam.sys [15288 2020-09-15] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [190464 2020-10-26] (ESET, spol. s r.o. -> ESET)
R2 ekbdflt; C:\Windows\system32\DRIVERS\ekbdflt.sys [43720 2020-10-26] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\Windows\system32\DRIVERS\epfw.sys [70048 2020-10-26] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [107784 2020-10-26] (ESET, spol. s r.o. -> ESET)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech -> Logitech)
R3 LGJoyXlCore; C:\Windows\system32\drivers\LGJoyXlCore.sys [67736 2018-10-05] (Logitech Inc -> Logitech Inc.)
S3 ManyCam; C:\Windows\system32\DRIVERS\mcvidrv.sys [49312 2016-08-25] (ManyCam -> Visicom Media Inc.)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [19912 2020-06-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [248968 2020-06-10] (Malwarebytes Inc -> Malwarebytes)
S3 mcaudrv_simple; C:\Windows\system32\drivers\mcaudrv_x64.sys [35960 2014-12-29] (ManyCam -> Visicom Media Inc.)
R1 MSIO; C:\Windows\system32\drivers\MsIo64.sys [18448 2019-10-17] (Microsoft Windows Hardware Compatibility Publisher -> MICSYS Technology Co., LTd)
R2 NDivert; C:\Windows\System32\drivers\NDivert.sys [101600 2020-12-29] (TEFINCOM S.A. -> )
R3 nlwt; C:\Windows\system32\DRIVERS\nlwt.sys [39360 2020-10-27] (TEFINCOM S.A. -> WireGuard LLC)
R1 nordlwf; C:\Windows\system32\DRIVERS\nordlwf.sys [38608 2020-09-08] (TEFINCOM S.A. -> TEFINCOM S.A.)
S3 RzCommon; C:\Windows\System32\drivers\RzCommon.sys [51776 2020-02-17] (Razer USA Ltd. -> Razer Inc)
S3 RzDev_0306; C:\Windows\System32\drivers\RzDev_0306.sys [52504 2020-02-17] (Razer USA Ltd. -> Razer Inc)
S3 rzendpt; C:\Windows\System32\drivers\rzendpt.sys [50392 2015-08-13] (Razer Inc. -> Razer Inc)
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [224496 2020-02-20] (Invincea, Inc. -> Sandboxie Holdings, LLC)
R3 tapnordvpn; C:\Windows\System32\drivers\tapnordvpn.sys [44896 2018-07-24] (TEFINCOM S.A. -> The OpenVPN Project)
R3 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [239432 2020-10-16] (Oracle Corporation -> Oracle Corporation)
R1 VBoxNetLwf; C:\Windows\system32\DRIVERS\VBoxNetLwf.sys [249344 2020-10-16] (Oracle Corporation -> Oracle Corporation)
R0 veracrypt; C:\Windows\System32\drivers\veracrypt.sys [829320 2019-09-20] (IDRIX -> IDRIX)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [46472 2019-10-29] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\Windows\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [351968 2019-10-29] (Microsoft Windows -> Microsoft Corporation)
R1 wdfsconnect2017; C:\Windows\system32\drivers\wdfsconnect2017.sys [468112 2017-11-21] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies, Inc.)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [53984 2019-10-29] (Microsoft Windows -> Microsoft Corporation)
R3 wdvpnpbus; C:\Windows\System32\drivers\wdvpnpbus.sys [20624 2017-11-21] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies, Inc.)
R3 WINIO; C:\Program Files (x86)\MSI\Dragon Center\winio64.sys [18688 2018-07-18] (WDKTestCert heavenluo,131620253795976757 -> )
S1 EneTechIo; \??\C:\Windows\system32\drivers\ene.sys [X]
S3 NTIOLib_CC_Clock; \??\C:\Program Files (x86)\MSI\One Dragon Center\Lib\NTIOLib_X64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-01-12 03:28 - 2021-01-12 03:29 - 000040593 _____ C:\Users\cress\Downloads\FRST.txt
2021-01-12 03:27 - 2021-01-12 03:27 - 002281472 _____ (Farbar) C:\Users\cress\Downloads\FRST64.exe
2021-01-09 18:02 - 2021-01-09 18:02 - 001121100 _____ C:\Windows\Minidump\010921-33718-01.dmp
2021-01-07 04:19 - 2021-01-07 04:19 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2021-01-07 03:55 - 2020-12-29 17:02 - 000101600 _____ C:\Windows\system32\Drivers\NDivert.sys
2021-01-05 18:05 - 2021-01-05 18:05 - 000001149 _____ C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk
2021-01-05 18:05 - 2021-01-05 18:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
2021-01-05 18:05 - 2021-01-05 18:05 - 000000000 ____D C:\Program Files\Oracle
2021-01-05 18:05 - 2020-10-16 10:04 - 001037392 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxDrv.sys
2021-01-05 18:05 - 2020-10-16 10:04 - 000187456 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys
2021-01-05 18:04 - 2021-01-05 18:04 - 108077072 _____ (Oracle Corporation) C:\Users\cress\Downloads\VirtualBox-6.1.16-140961-Win(1).exe
2021-01-05 03:32 - 2021-01-05 03:32 - 108077072 _____ (Oracle Corporation) C:\Users\cress\Downloads\VirtualBox-6.1.16-140961-Win.exe
2020-12-28 15:55 - 2020-12-28 15:55 - 038510856 _____ C:\Users\cress\Downloads\electrum-4.0.9-portable.exe
2020-12-23 19:28 - 2020-12-23 19:28 - 123468261 _____ C:\Users\cress\Desktop\monero-gui-win-x64-v0.17.1.7.zip
2020-12-22 01:17 - 2020-12-22 01:17 - 000000000 ____D C:\Users\cress\AppData\Local\Logitech
2020-12-22 01:17 - 2020-12-22 01:17 - 000000000 ____D C:\ProgramData\LogiShrd
2020-12-22 01:13 - 2020-12-22 01:14 - 000000000 ____D C:\Program Files\Logitech Gaming Software
2020-12-22 01:13 - 2020-12-22 01:13 - 000000000 ____D C:\Users\cress\AppData\Roaming\Logitech
2020-12-22 01:13 - 2020-12-22 01:13 - 000000000 ____D C:\Users\cress\AppData\Roaming\Logishrd
2020-12-22 01:13 - 2020-12-22 01:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2020-12-22 00:58 - 2020-12-22 00:59 - 125871888 _____ (Logitech Inc.) C:\Users\cress\Desktop\LGS_9.02.65_x64_Logitech.exe
2020-12-19 15:26 - 2020-12-19 15:26 - 000001734 _____ C:\Users\cress\Desktop\certifik.txt
2020-12-14 14:46 - 2020-12-14 14:46 - 000000000 ____D C:\Users\cress\Desktop\Mat
2020-12-14 14:03 - 2020-12-14 14:03 - 000001759 _____ C:\Users\cress\Desktop\3B2E3E0E6F3FADB5F97D2AD7C26E172456A0FF1C.asc
2020-12-14 01:10 - 2020-12-14 01:10 - 000000961 _____ C:\Users\Public\Desktop\GUI Wallet.lnk
2020-12-14 01:10 - 2020-12-14 01:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Monero GUI Wallet
2020-12-14 01:09 - 2020-12-14 01:10 - 000000000 ____D C:\Program Files\Monero GUI Wallet
2020-12-14 01:09 - 2020-12-14 01:09 - 083588019 _____ (The Monero Developer Community ) C:\Users\cress\Downloads\monero-gui-install-win-x64-v0.17.1.6.exe
2020-12-14 01:01 - 2020-12-14 01:35 - 000000000 ____D C:\Users\cress\AppData\Roaming\MyMonero
2020-12-14 01:01 - 2020-12-14 01:01 - 000001898 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyMonero.lnk
2020-12-14 01:01 - 2020-12-14 01:01 - 000001886 _____ C:\Users\Public\Desktop\MyMonero.lnk
2020-12-14 01:01 - 2020-12-14 01:01 - 000000000 ____D C:\Users\cress\AppData\Local\mymonero-updater
2020-12-14 01:01 - 2020-12-14 01:01 - 000000000 ____D C:\Program Files\MyMonero
2020-12-14 00:59 - 2020-12-14 01:00 - 128463712 _____ (MyMonero) C:\Users\cress\Downloads\MyMonero-Setup-1.1.18.exe
2020-12-13 01:00 - 2020-12-13 01:00 - 000095196 _____ C:\Users\cress\Downloads\Doctor-Sleep(0000324245).srt
2020-12-13 00:31 - 2020-12-13 00:31 - 000095923 ____H C:\Users\cress\Downloads\.754b222fb233b335791fc0777b12b13996cbff23.parts
2020-12-13 00:14 - 2020-12-13 00:14 - 000000000 ____D C:\Users\cress\Downloads\Doctor Sleep (2019) [1080p] [WEBRip] [5.1] [YTS.LT]

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-01-12 03:28 - 2020-11-03 17:57 - 000000000 ____D C:\ProgramData\Common
2021-01-12 03:28 - 2019-12-18 14:21 - 000000000 ____D C:\FRST
2021-01-12 03:28 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-01-12 03:21 - 2019-09-23 15:50 - 000000000 ____D C:\Users\cress\.VirtualBox
2021-01-12 03:21 - 2019-09-20 16:53 - 000000000 ____D C:\Users\cress\AppData\Local\CrashDumps
2021-01-12 03:21 - 2019-09-20 16:14 - 000000000 ____D C:\Users\cress\AppData\LocalLow\Mozilla
2021-01-12 02:54 - 2019-09-20 13:49 - 000000000 ____D C:\Windows\system32\SleepStudy
2021-01-11 23:43 - 2019-09-23 15:50 - 000000000 ____D C:\ProgramData\VirtualBox
2021-01-11 22:45 - 2019-09-20 17:51 - 000000000 ____D C:\Users\cress\AppData\Roaming\Telegram Desktop
2021-01-11 22:14 - 2019-09-20 13:54 - 001801832 _____ C:\Windows\system32\PerfStringBackup.INI
2021-01-11 22:14 - 2019-03-19 12:57 - 000753708 _____ C:\Windows\system32\perfh005.dat
2021-01-11 22:14 - 2019-03-19 12:57 - 000163666 _____ C:\Windows\system32\perfc005.dat
2021-01-11 22:14 - 2019-03-19 05:50 - 000000000 ____D C:\Windows\INF
2021-01-11 22:11 - 2020-03-22 23:57 - 000002313 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-01-11 22:11 - 2020-03-22 23:57 - 000002272 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-01-11 22:11 - 2019-09-20 14:04 - 000000000 ____D C:\ProgramData\NVIDIA
2021-01-11 22:09 - 2019-09-20 14:18 - 000000000 __SHD C:\Users\cress\IntelGraphicsProfiles
2021-01-11 22:08 - 2019-09-23 19:04 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2021-01-11 22:08 - 2019-09-20 13:49 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2021-01-11 16:33 - 2019-09-20 17:31 - 000017434 _____ C:\ProgramData\NVDisplayContainerWatchdog.log_backup1
2021-01-11 16:33 - 2019-09-20 17:31 - 000013428 _____ C:\ProgramData\NVDisplay.ContainerLocalSystem.log_backup1
2021-01-11 16:33 - 2019-09-20 17:31 - 000008582 _____ C:\ProgramData\DisplaySessionContainer1.log_backup1
2021-01-11 16:33 - 2019-03-19 05:37 - 000786432 _____ C:\Windows\system32\config\BBI
2021-01-11 14:54 - 2019-09-29 22:31 - 000000000 ____D C:\Users\cress\Documents\Simple Sticky Notes
2021-01-11 14:29 - 2019-09-21 17:08 - 000000001 _____ C:\Users\Public\Documents\dgc_DC.txt
2021-01-11 13:23 - 2019-11-14 15:52 - 000000000 ____D C:\Users\cress\AppData\Roaming\Exodus
2021-01-11 12:57 - 2019-09-22 21:29 - 000000000 ____D C:\Users\cress\AppData\Roaming\Authy Desktop
2021-01-11 01:08 - 2019-11-13 21:33 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2021-01-10 05:45 - 2019-09-20 13:57 - 000000000 ____D C:\Users\cress
2021-01-10 01:37 - 2019-09-24 13:45 - 000000000 ____D C:\Users\cress\AppData\Roaming\Discord
2021-01-09 18:14 - 2019-09-20 17:49 - 000000000 ____D C:\Users\cress\AppData\Local\cache
2021-01-09 18:05 - 2020-04-13 18:30 - 000000000 ____D C:\Users\cress\AppData\Roaming\TS3Client
2021-01-09 18:02 - 2020-04-05 21:52 - 1445592352 _____ C:\Windows\MEMORY.DMP
2021-01-09 18:02 - 2019-09-20 13:50 - 000000000 ____D C:\Windows\minidump
2021-01-09 14:45 - 2020-09-13 14:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2021-01-09 14:45 - 2019-09-24 18:22 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2021-01-08 18:02 - 2019-09-22 21:28 - 000004218 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1569184123
2021-01-08 18:02 - 2019-09-22 21:28 - 000001405 _____ C:\Users\cress\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Prehliadač Opera.lnk
2021-01-08 01:30 - 2020-01-20 14:41 - 000000000 ____D C:\Users\cress\AppData\Roaming\gnupg
2021-01-07 21:40 - 2020-01-20 14:41 - 000000000 ____D C:\Users\cress\AppData\Roaming\kleopatra
2021-01-07 20:29 - 2020-09-18 15:49 - 000003195 _____ C:\Users\cress\key.asc
2021-01-07 16:38 - 2019-12-19 23:37 - 000004210 _____ C:\Windows\system32\Tasks\CCleaner Update
2021-01-07 16:34 - 2019-09-20 16:13 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-01-07 16:34 - 2019-09-20 16:13 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-01-07 04:19 - 2019-09-20 16:13 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-01-07 03:55 - 2020-09-26 23:36 - 000001800 _____ C:\Users\cress\Desktop\NordVPN.lnk
2021-01-07 03:55 - 2020-09-26 23:36 - 000000000 ____D C:\ProgramData\NordVPN
2021-01-07 03:55 - 2020-09-26 23:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NordSec
2021-01-07 03:55 - 2020-09-26 23:36 - 000000000 ____D C:\Program Files\NordVPN
2021-01-07 03:55 - 2019-09-21 13:06 - 000000000 ____D C:\Users\cress\AppData\Local\NordVPN
2021-01-05 15:48 - 2019-12-29 21:10 - 000007611 _____ C:\Users\cress\AppData\Local\Resmon.ResmonCfg
2020-12-31 00:11 - 2019-09-24 14:46 - 000000000 ____D C:\Users\cress\Downloads\Telegram Desktop
2020-12-26 20:24 - 2019-03-19 05:52 - 000000000 ____D C:\Windows\system32\NDF
2020-12-23 20:15 - 2020-09-17 20:13 - 000000000 ____D C:\Users\cress\AppData\Roaming\monero-wallet-gui
2020-12-22 01:21 - 2020-05-24 17:43 - 000000000 ____D C:\Users\cress\AppData\Local\ElevatedDiagnostics
2020-12-21 15:47 - 2020-10-30 19:02 - 000000000 ____D C:\Users\cress\AppData\Roaming\Ledger Live
2020-12-16 19:56 - 2019-09-24 18:25 - 000003378 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3455536620-3738399896-992047778-1001
2020-12-16 19:56 - 2019-09-24 18:25 - 000002351 _____ C:\Users\cress\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-12-16 19:56 - 2019-09-20 14:20 - 000000000 ___RD C:\Users\cress\OneDrive
2020-12-13 01:24 - 2020-02-09 00:34 - 000000000 ____D C:\Users\cress\AppData\Roaming\uTorrent Web
2020-12-13 00:41 - 2019-09-24 23:17 - 000000000 ____D C:\Users\cress\AppData\Local\BitTorrentHelper

==================== Files in the root of some directories ========

2020-07-26 02:03 - 2020-07-26 21:01 - 000001456 _____ () C:\Users\cress\AppData\Local\Adobe Save for Web 13.0 Prefs
2019-11-14 13:10 - 2019-11-14 13:10 - 000000000 _____ () C:\Users\cress\AppData\Local\oobelibMkey.log
2020-03-10 20:25 - 2020-04-09 11:19 - 000000128 _____ () C:\Users\cress\AppData\Local\PUTTY.RND
2019-12-29 21:10 - 2021-01-05 15:48 - 000007611 _____ () C:\Users\cress\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================






Addition.txt:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-01-2021
Ran by cress (12-01-2021 03:29:32)
Running from C:\Users\cress\Downloads
Windows 10 Pro Version 1903 18362.476 (X64) (2019-09-20 12:50:44)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3455536620-3738399896-992047778-500 - Administrator - Disabled)
cress (S-1-5-21-3455536620-3738399896-992047778-1001 - Administrator - Enabled) => C:\Users\cress
DefaultAccount (S-1-5-21-3455536620-3738399896-992047778-503 - Limited - Disabled)
Guest (S-1-5-21-3455536620-3738399896-992047778-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-3455536620-3738399896-992047778-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET Security (Enabled - Up to date) {89B55CC4-3881-78B2-11E2-479AE0371896}
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Security (Enabled - Up to date) {885D845F-AF19-0124-FECE-FFF49D00F440}
FW: ESET Firewall (Enabled) {B066057A-E576-007C-D591-56C163D3B33B}
FW: ESET Firewall (Enabled) {B18EDDE1-72EE-79EA-3ABD-EEAF1EE45FED}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-3455536620-3738399896-992047778-1001\...\uTorrent) (Version: 3.5.5.45395 - BitTorrent Inc.)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 5.2.0.436 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.465 - Adobe)
Adobe Photoshop CC 2019 (HKLM-x32\...\PHSP_20_0) (Version: 20.0.0 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2019 (HKLM-x32\...\PPRO_13_0_1) (Version: 13.0.1 - Adobe Systems Incorporated)
Aktualizácie NVIDIA 38.0.1.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 38.0.1.0 - NVIDIA Corporation) Hidden
AR8171 Driver Installation (HKLM-x32\...\{1E672F6A-B698-48A2-AE8C-427F97AF8F0E}) (Version: 1.0.0.39 - Rivet Networks)
AR8171 Drivers (HKLM\...\{414126AA-E74D-4C26-85E7-68B2840BD138}) (Version: 1.0.0.39 - Rivet Networks) Hidden
Authy Desktop (HKU\S-1-5-21-3455536620-3738399896-992047778-1001\...\authy-electron) (Version: 1.8.3 - Twilio Inc.)
Bisq (HKU\S-1-5-21-3455536620-3738399896-992047778-1001\...\{bisq}}_is1) (Version: 1.4.2 - Bisq)
CCleaner (HKLM\...\CCleaner) (Version: 5.63 - Piriform)
CPUID HWMonitor 1.42 (HKLM\...\CPUID HWMonitor_is1) (Version: 1.42 - CPUID, Inc.)
CrystalDiskMark 6.0.2 (HKLM\...\CrystalDiskMark6_is1) (Version: 6.0.2 - Crystal Dew World)
Discord (HKU\S-1-5-21-3455536620-3738399896-992047778-1001\...\Discord) (Version: 0.0.309 - Discord Inc.)
Dragon Center (HKLM-x32\...\{C65B26BC-5A6F-4135-9678-55A877655471}) (Version: 2.6.2005.0601 - Micro-Star International Co., Ltd.) Hidden
Dragon Center (HKLM-x32\...\InstallShield_{C65B26BC-5A6F-4135-9678-55A877655471}) (Version: 2.6.2005.0601 - Micro-Star International Co., Ltd.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
ESET Security (HKLM\...\{D8E84711-EDFC-4D4E-B579-95AEB40DAA4D}) (Version: 14.0.22.0 - ESET, spol. s r.o.)
Exodus (HKU\S-1-5-21-3455536620-3738399896-992047778-1001\...\exodus) (Version: 20.10.23 - Exodus Movement Inc)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 9.7.0.29455 - Foxit Software Inc.)
GNU Privacy Guard (HKLM-x32\...\GnuPG) (Version: 2.2.19 - The GnuPG Project)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 87.0.4280.141 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.51 - Google LLC) Hidden
GoPro Quik (HKLM\...\{AA5F7FCE-311C-46D8-B93A-ABF4DDCAB832}) (Version: 0.1.945 - GoPro, Inc.) Hidden
GoPro Quik (HKLM-x32\...\{a23df978-67ca-4fe3-a740-a7b5ae7ec82f}) (Version: 2.7.0.945 - GoPro, Inc.)
Gpg4win (3.1.11) (HKLM-x32\...\Gpg4win) (Version: 3.1.11 - The Gpg4win Project)
Gyazo 4.1.2.0 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version: - Nota Inc.)
Help Desk (HKLM-x32\...\{7E8181AF-9679-49B3-B133-C265709B6927}) (Version: 2.0.1803.1301 - Micro-Star International Co., Ltd.) Hidden
Help Desk (HKLM-x32\...\InstallShield_{7E8181AF-9679-49B3-B133-C265709B6927}) (Version: 2.0.1803.1301 - Micro-Star International Co., Ltd.)
IIS 10.0 Express (HKLM\...\{643F2A3F-960C-4914-BD67-9490B4484108}) (Version: 10.0.03203 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{08274920-8908-45c2-9258-8ad67ff77b09}.sdb) (Version: - ) Hidden
IIS Express Application Compatibility Database for x86 (HKLM\...\{ad846bae-d44b-4722-abad-f7420e08bcd9}.sdb) (Version: - ) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 1805.12.0.1097 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 25.20.100.6471 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 16.0.2.1086 - Intel Corporation)
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.48.197.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{66129f84-d3f0-4884-ac54-369ae6fc2cf6}) (Version: 1.48.197.0 - Intel Corporation) Hidden
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00000030-0200-1033-84C8-B8D95FA3C8C3}) (Version: 20.30.0 - Intel Corporation)
Intel® Chipset Device Software (HKLM-x32\...\{55d73ea7-6354-42db-8831-02d048ae57f8}) (Version: 10.1.17541.8066 - Intel(R) Corporation) Hidden
Intel® PROSet/Wireless Software (HKLM-x32\...\{1b0a7381-5728-4546-9094-0200ee7f5668}) (Version: 21.30.3 - Intel Corporation)
Java 8 Update 221 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180221F0}) (Version: 8.0.2210.11 - Oracle Corporation)
KB9X Radio Switch Driver (HKLM\...\F90C96996934A140F2B051F65B2D97EF0FB1A2C5) (Version: 1.1.6.0 - ENE TECHNOLOGY INC.)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Ledger Live 2.15.0 (HKLM\...\c62032b2-0bca-5abc-b458-fd67cfc9e49b) (Version: 2.15.0 - Ledger Live Team)
Logitech Gaming Software 9.02 (HKLM\...\Logitech Gaming Software) (Version: 9.02.65 - Logitech Inc.)
Malwarebytes version 4.1.0.56 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.1.0.56 - Malwarebytes)
Microsoft Intune Management Extension (HKLM-x32\...\{2C8049EE-D931-44CF-A59C-AAB2E3A6D810}) (Version: 1.37.200.8 - Microsoft Corporation)
Microsoft Intune Management Extension (HKLM-x32\...\{E4DC7B28-2245-404F-A9E9-CF96254033AE}) (Version: 1.37.200.3 - Microsoft Corporation)
Microsoft Office 2019 Professional Plus - sk-sk (HKLM\...\ProPlus2019Retail - sk-sk) (Version: 16.0.13530.20316 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3455536620-3738399896-992047778-1001\...\OneDriveSetup.exe) (Version: 20.201.1005.0009 - Microsoft Corporation)
Microsoft SQL Server 2016 LocalDB (HKLM\...\{9097BF1A-13A0-4A4A-A1F8-473E2A669863}) (Version: 13.1.4001.0 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-3455536620-3738399896-992047778-1001\...\Teams) (Version: 1.3.00.28779 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.23.27820 (HKLM-x32\...\{852adda4-4c78-4a38-b583-c0b360a329d6}) (Version: 14.23.27820.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.23.27820 (HKLM-x32\...\{45231ab4-69fd-486a-859d-7a59fcd11013}) (Version: 14.23.27820.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Web Deploy 4.0 (HKLM\...\{BBCDB523-F5B7-4E53-A911-C85191E3BDF0}) (Version: 10.0.2606 - Microsoft Corporation)
Monero GUI Wallet version 0.17.1.6 (HKLM\...\Monero GUI Wallet_is1) (Version: 0.17.1.6 - The Monero Developer Community)
Mozilla Firefox 84.0.2 (x64 sk) (HKLM\...\Mozilla Firefox 84.0.2 (x64 sk)) (Version: 84.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 69.0.1 - Mozilla)
MSI Feature Navigator (HKLM-x32\...\{2BD90BC2-5B5C-4493-8633-66D0CADF8B33}) (Version: 1.0.1709.1301 - Micro-Star International Co., Ltd.) Hidden
MSI Feature Navigator (HKLM-x32\...\InstallShield_{2BD90BC2-5B5C-4493-8633-66D0CADF8B33}) (Version: 1.0.1709.1301 - Micro-Star International Co., Ltd.)
MyMonero 1.1.18 (HKLM\...\8b526942-c25b-5a90-b515-e6b3530b2c2b) (Version: 1.1.18 - MyMonero)
NordVPN (HKLM\...\{19465C24-3D5D-4327-B99F-3CC0A1D38151}_is1) (Version: 6.33.10.0 - TEFINCOM S.A.)
NordVPN network TAP (HKLM-x32\...\{97DEC5D6-2BE9-45BB-BFC5-274B851B486B}) (Version: 1.0.1 - NordVPN)
NordVPN network TUN (HKLM\...\{BD0E4F38-D3F6-452D-A32E-B14D721839AC}) (Version: 1.0.1 - NordVPN)
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 7.7.1 - Notepad++ Team)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.19 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.20.0.118 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.0.118 - NVIDIA Corporation)
NVIDIA Grafický ovládač 436.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 436.30 - NVIDIA Corporation)
NVIDIA Ovládač zvuku HD 1.3.38.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.21 - NVIDIA Corporation)
NVIDIA Softvér systému s podporou technológie PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.13530.20218 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.13530.20218 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.13530.20218 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Opera Stable 73.0.3856.329 (HKU\S-1-5-21-3455536620-3738399896-992047778-1001\...\Opera 73.0.3856.329) (Version: 73.0.3856.329 - Opera Software)
Oracle VM VirtualBox 6.1.16 (HKLM\...\{8979282D-1F43-4810-B819-AA1B06F2C085}) (Version: 6.1.16 - Oracle Corporation)
ProjectDestroyer (HKU\S-1-5-21-3455536620-3738399896-992047778-1001\...\ProjectDestroyer) (Version: 3.8.31 - REAL BIG TIME LLC)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Python 3.8.1 (64-bit) (HKU\S-1-5-21-3455536620-3738399896-992047778-1001\...\{edfa99b7-1514-493a-aeaf-a37eeec724d2}) (Version: 3.8.1150.0 - Python Software Foundation)
Python 3.8.1 Add to Path (64-bit) (HKLM\...\{63F5D8C4-D931-4B71-8B2D-FAAC7A862CC7}) (Version: 3.8.1150.0 - Python Software Foundation) Hidden
Python 3.8.1 Core Interpreter (64-bit) (HKLM\...\{F94E2016-28A6-4FCC-B5A1-D2D9757AF26A}) (Version: 3.8.1150.0 - Python Software Foundation) Hidden
Python 3.8.1 Development Libraries (64-bit) (HKLM\...\{913F572C-BF38-4E44-9065-7E1B024D43FB}) (Version: 3.8.1150.0 - Python Software Foundation) Hidden
Python 3.8.1 Documentation (64-bit) (HKLM\...\{3FE61A1E-16AE-4702-81A6-C9F6CE3586EB}) (Version: 3.8.1150.0 - Python Software Foundation) Hidden
Python 3.8.1 Executables (64-bit) (HKLM\...\{D6160A7A-D48F-48A6-8E5D-FECBE5901D82}) (Version: 3.8.1150.0 - Python Software Foundation) Hidden
Python 3.8.1 pip Bootstrap (64-bit) (HKLM\...\{912206BD-EA52-4586-8A89-BD7716E5BD50}) (Version: 3.8.1150.0 - Python Software Foundation) Hidden
Python 3.8.1 Standard Library (64-bit) (HKLM\...\{7E83F4DD-B376-4158-90C3-4E9AE54D0AB3}) (Version: 3.8.1150.0 - Python Software Foundation) Hidden
Python 3.8.1 Tcl/Tk Support (64-bit) (HKLM\...\{96BBA29C-F949-4DF7-9221-EEE7F7D66377}) (Version: 3.8.1150.0 - Python Software Foundation) Hidden
Python 3.8.1 Test Suite (64-bit) (HKLM\...\{64A5FC80-95DB-4CA0-AA8A-C4D652BBC96E}) (Version: 3.8.1150.0 - Python Software Foundation) Hidden
Python 3.8.1 Utility Scripts (64-bit) (HKLM\...\{F0D5C7E7-4ECE-425F-BD33-8091DB57A31F}) (Version: 3.8.1150.0 - Python Software Foundation) Hidden
Python Launcher (HKLM-x32\...\{41A9BB87-60B8-47C3-BB79-6EC186827EC7}) (Version: 3.8.6925.0 - Python Software Foundation)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.16299.31241 - Realtek Semiconductor Corp.)
Sandboxie 5.33.3 (64-bit) (HKLM\...\Sandboxie) (Version: 5.33.3 - Sandboxie Holdings, LLC)
SCM (HKLM\...\{61C9E087-AEEC-4D47-81A4-0A4999751A5E}) (Version: 13.018.03063 - Application)
Simple Sticky Notes 4.7 (HKLM-x32\...\Simple Sticky Notes_is1) (Version: - Simnet Ltd.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.5.2 - TeamSpeak Systems GmbH)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.2.2756 - TeamViewer)
Telegram Desktop version 2.5.1 (HKU\S-1-5-21-3455536620-3738399896-992047778-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 2.5.1 - Telegram FZ-LLC)
uTorrent Web (HKU\S-1-5-21-3455536620-3738399896-992047778-1001\...\utweb) (Version: 1.1.2 - BitTorrent, Inc.)
VeraCrypt (HKLM-x32\...\VeraCrypt) (Version: 1.23-Hotfix-2 - IDRIX)
WD Desktop App 2.1.0.311 (HKLM-x32\...\{b8265583-535c-49a9-9196-e2e835af56a4}) (Version: 2.1.0.311 - Western Digital Corporation) Hidden
WD Desktop App 2.1.0.311 (x64) (HKLM\...\{CA7F7232-526E-41BD-971A-47BE28C18516}) (Version: 2.1.0.311 - Western Digital Corporation) Hidden
WD Discovery (HKLM-x32\...\WDDiscovery) (Version: 4.0.251 - Western Digital Technologies, Inc.)
WD Security (HKLM-x32\...\{3add5d6a-ee06-4eba-aea0-cbd8eb1486d4}) (Version: 2.0.0.70 - Western Digital Technologies, Inc.)
WD Security (HKLM-x32\...\{5E3EE4AF-4D3A-4A65-9E04-8F50E9A3AC76}) (Version: 2.0.0.70 - Western Digital Technologies, Inc.) Hidden
WD SES Driver Setup (HKLM-x32\...\{924A274D-38B6-4930-8859-F3F51CFA8DDD}) (Version: 1.1.0.25 - Western Digital) Hidden
WickrMe (HKLM\...\{22AFCB07-477E-43CF-BDDC-A3304F33570C}) (Version: 5.66.14 - Wickr Inc.)
Windows SDK AddOn (HKLM-x32\...\{E6F877A1-2F65-4BF0-87B6-A4071B7663D3}) (Version: 10.1.0.0 - Microsoft Corporation)
WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH)
Workflow Manager Client 1.0 (HKLM\...\{69CD1F2D-DF68-4E23-9108-1B70783F2855}) (Version: 2.1.10525.2 - Microsoft Corporation) Hidden

Packages:
=========
Adobe Notification Client -> C:\Program Files\WindowsApps\AdobeNotificationClient_1.0.1.22_x86__enpm4xejd91yc [2020-06-21] (Adobe Systems Incorporated)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.0.3587.0_x64__rz1tebttyb220 [2019-10-06] (Dolby Laboratories)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-09-22] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-09-22] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.11052.0_x64__8wekyb3d8bbwe [2019-11-11] (Microsoft Studios) [MS Ad]
MSN Počasie -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.33.13253.0_x64__8wekyb3d8bbwe [2019-11-24] (Microsoft Corporation) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.956.0_x64__56jybvy8sckqj [2019-10-02] (NVIDIA Corp.)
Pošta a kalendár -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12228.20206.0_x64__8wekyb3d8bbwe [2019-11-20] (Microsoft Corporation) [MS Ad]
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.2.168.0_x64__dt26b99r8h8gj [2019-10-21] (Realtek Semiconductor Corp)
Skype -> C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.54.91.0_x64__kzf8qxf38zg5c [2019-11-15] (Skype)
SynMsiDApp -> C:\Program Files\WindowsApps\SynapticsIncorporated.SynMsiDApp_19005.31005.0.0_x64__807d65c4rvak2 [2019-11-14] (Synaptics Incorporated)
Váš telefón -> C:\Program Files\WindowsApps\Microsoft.YourPhone_1.19102.525.0_x64__8wekyb3d8bbwe [2019-11-16] (Microsoft Corporation)
Xbox One SmartGlass -> C:\Program Files\WindowsApps\Microsoft.XboxOneSmartGlass_2.2.1702.2004_x64__8wekyb3d8bbwe [2019-10-07] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3455536620-3738399896-992047778-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-5641937B8A30} -> [Creative Cloud Files] => C:\Users\cress\Creative Cloud Files [2020-06-21 02:04]
CustomCLSID: HKU\S-1-5-21-3455536620-3738399896-992047778-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\cress\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20275.4\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3455536620-3738399896-992047778-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\cress\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20244.4\x64\Microsoft.Teams.AddinLoader.dll => No File
CustomCLSID: HKU\S-1-5-21-3455536620-3738399896-992047778-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems)
SSODL: WDFSMountNotificator-wdfsconnect2017 - {AF1967EC-AF8F-4C1B-8354-85227585B989} - C:\Windows\system32\wdfsconnectMntNtf2017.dll (Western Digital Technologies, Inc.) [File not signed]
SSODL-x32: WDFSMountNotificator-wdfsconnect2017 - {AF1967EC-AF8F-4C1B-8354-85227585B989} - C:\Windows\SysWOW64\wdfsconnectMntNtf2017.dll (Western Digital Technologies, Inc.) [File not signed]
ShellServiceObjects: Virtual Storage Mount Notification -> {AF1967EC-AF8F-4C1B-8354-85227585B989} => C:\Windows\system32\wdfsconnectMntNtf2017.dll [2017-11-10] (Western Digital Technologies, Inc.) [File not signed]
ShellServiceObjects-x32: Virtual Storage Mount Notification -> {AF1967EC-AF8F-4C1B-8354-85227585B989} => C:\Windows\SysWOW64\wdfsconnectMntNtf2017.dll [2017-11-10] (Western Digital Technologies, Inc.) [File not signed]
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-01-07] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-01-07] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-01-07] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ WDDesktopIconOverlay01] -> {4F8A325E-9DAF-44B8-A825-1A14DFA0FA78} => C:\Program Files\WD Desktop App\kda.DLL [2020-05-04] (Western Digital Technologies, Inc. -> Western Digital Corporation)
ShellIconOverlayIdentifiers: [ WDDesktopIconOverlay02] -> {0176BDDE-B59A-4A1E-808B-CAD461415CCA} => C:\Program Files\WD Desktop App\kda.DLL [2020-05-04] (Western Digital Technologies, Inc. -> Western Digital Corporation)
ShellIconOverlayIdentifiers: [ WDDesktopIconOverlay03] -> {B65909D1-57AF-41F5-AB94-BEB733F62B35} => C:\Program Files\WD Desktop App\kda.DLL [2020-05-04] (Western Digital Technologies, Inc. -> Western Digital Corporation)
ShellIconOverlayIdentifiers: [ WDDesktopIconOverlay04] -> {C6C2397D-8238-4332-8935-86C39C7C165F} => C:\Program Files\WD Desktop App\kda.DLL [2020-05-04] (Western Digital Technologies, Inc. -> Western Digital Corporation)
ShellIconOverlayIdentifiers: [ WDDesktopIconOverlay05] -> {E7B3BCF9-0386-4B5F-AE6A-91B9F1423973} => C:\Program Files\WD Desktop App\kda.DLL [2020-05-04] (Western Digital Technologies, Inc. -> Western Digital Corporation)
ShellIconOverlayIdentifiers: [ WDDesktopIconOverlay06] -> {564EA121-D9DA-485D-82C2-C2ED7BFCCEAD} => C:\Program Files\WD Desktop App\kda.DLL [2020-05-04] (Western Digital Technologies, Inc. -> Western Digital Corporation)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-01-07] (Adobe Inc. -> )
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2019-06-16] (Notepad++ -> )
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2020-11-04] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2019-09-23] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
ContextMenuHandlers1: [WDDesktopContextMenu] -> {2ee48016-4a5c-3824-9366-b8a472c09382} => C:\Program Files\WD Desktop App\kda.DLL [2020-05-04] (Western Digital Technologies, Inc. -> Western Digital Corporation)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2020-11-04] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-06-10] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [WDDesktopContextMenu] -> {2ee48016-4a5c-3824-9366-b8a472c09382} => C:\Program Files\WD Desktop App\kda.DLL [2020-05-04] (Western Digital Technologies, Inc. -> Western Digital Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\System32\DriverStore\FileRepository\nvmii.inf_amd64_95d5c45c0ef3de24\nvshext.dll [2019-09-06] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2020-01-07] (Adobe Inc. -> )
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2020-11-04] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2019-09-23] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-06-10] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2018-11-23 07:01 - 2018-11-23 07:01 - 000438784 _____ (A-Volute) [File not signed] C:\Program Files (x86)\MSI\Dragon Center\YooMixCOM.dll
2016-08-10 20:34 - 2016-08-10 20:34 - 000047816 _____ (MICRO-STAR INTERNATIONAL CO., LTD -> www.internals.com) [File not signed] C:\Program Files (x86)\MSI\Dragon Center\MSIAPP_Service\WinIo64.dll
2015-06-11 19:35 - 2015-06-11 19:35 - 000047816 _____ (MICRO-STAR INTERNATIONAL CO., LTD -> www.internals.com) [File not signed] C:\Program Files (x86)\MSI\Dragon Center\WinIo64.dll
2018-03-09 13:37 - 2018-03-09 13:37 - 001598464 _____ (Micro-Star International Co., Ltd.) [File not signed] c:\Program Files (x86)\SCM\MSIWmiAcpi.dll
2018-04-06 19:29 - 2018-04-06 19:29 - 002286747 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\Logitech Gaming Software\LIBEAY32.dll
2018-04-06 19:29 - 2018-04-06 19:29 - 000416627 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\Logitech Gaming Software\ssleay32.dll
2019-09-23 15:51 - 2017-11-10 11:51 - 000180224 _____ (Western Digital Technologies, Inc.) [File not signed] C:\Windows\system32\wdfsconnectMntNtf2017.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [480]

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3455536620-3738399896-992047778-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src ... ORM=IESR02
SearchScopes: HKU\S-1-5-21-3455536620-3738399896-992047778-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src ... ORM=IESR02
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2021-01-09] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_221\bin\ssv.dll [2019-09-24] (Oracle America, Inc. -> Oracle Corporation)
BHO: No Name -> {AF1967EC-AF8F-4C1B-8354-85227585B989}' -> No File
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_221\bin\jp2ssv.dll [2019-09-24] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2021-01-09] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: No Name -> {AF1967EC-AF8F-4C1B-8354-85227585B989}' -> No File
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-01-09] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-01-09] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-01-09] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-01-09] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-3455536620-3738399896-992047778-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-3455536620-3738399896-992047778-1001\...\sharepoint.com -> hxxps://eubask-files.sharepoint.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-03-19 05:49 - 2020-03-26 00:54 - 000001064 _____ C:\Windows\system32\drivers\etc\hosts
127.0.0.1 dsgsg.test # WinNMP local project
127.0.0.1 captcha.footpatrol.com
127.0.0.1 captcha.footdistrict.com
127.0.0.1 captcha.bstn.com
127.0.0.1 captcha.43einhalb.com
127.0.0.1 captcha.courir.com
127.0.0.1 captcha.kickz.com

2019-09-22 19:34 - 2020-11-11 20:42 - 000000527 _____ C:\Windows\system32\drivers\etc\hosts.ics
192.168.137.67 android-bd025e45f95ff48d.mshome.net # 2020 11 3 18 19 42 15 133
192.168.137.1 DESKTOP-DU1T7SB.mshome.net # 2025 11 1 10 19 42 15 133

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Razer Chroma SDK\bin;C:\Program Files\Razer Chroma SDK\bin;C:\Program Files (x86)\Razer\ChromaBroadcast\bin;C:\Program Files\Razer\ChromaBroadcast\bin;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\iCLS\;C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files\Microsoft SQL Server\130\Tools\Binn\;C:\Program Files (x86)\Gpg4win\..\GnuPG\bin;C:\Users\cress\AppData\Local\Programs\Python\Python38\Scripts\;C:\Users\cress\AppData\Local\Programs\Python\Python38\;C:\Users\cress\AppData\Local\Microsoft\WindowsApps;C:\WinNMP\bin;C:\Users\cress\AppData\Roaming\npm;C:\Users\cress\.dotnet\tools
HKU\S-1-5-21-3455536620-3738399896-992047778-1001\Control Panel\Desktop\\Wallpaper -> c:\users\cress\downloads\x290-63s-int-sd-amg17077_sx012_1920x1080.jpg
DNS Servers: 1.1.1.1 - 1.0.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

Network Binding:
=============
Wi-Fi: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled)
Wi-Fi: NordVPN LightWeight Firewall -> NordLwf (enabled)
VirtualBox Host-Only Network: NordVPN LightWeight Firewall -> NordLwf (enabled)
VirtualBox Host-Only Network: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled)
Připojení k místní síti* 3: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled)
Připojení k místní síti* 3: NordVPN LightWeight Firewall -> NordLwf (enabled)
Ethernet 2: NordVPN LightWeight Firewall -> NordLwf (enabled)
Ethernet 2: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled)
Ethernet: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled)
Ethernet: NordVPN LightWeight Firewall -> NordLwf (enabled)

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "SCM"
HKLM\...\StartupApproved\Run: => "IAStorIcon"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "Riot Vanguard"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "WDDiscovery"
HKLM\...\StartupApproved\Run32: => "WDDriveAgent"
HKLM\...\StartupApproved\Run32: => "Fitbit Connect"
HKLM\...\StartupApproved\Run32: => "Razer Synapse"
HKLM\...\StartupApproved\Run32: => "Adobe CCXProcess"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKU\S-1-5-21-3455536620-3738399896-992047778-1001\...\StartupApproved\StartupFolder: => "Jarvee.lnk"
HKU\S-1-5-21-3455536620-3738399896-992047778-1001\...\StartupApproved\Run: => "NordVPN"
HKU\S-1-5-21-3455536620-3738399896-992047778-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-3455536620-3738399896-992047778-1001\...\StartupApproved\Run: => "EpicGamesLauncher"
HKU\S-1-5-21-3455536620-3738399896-992047778-1001\...\StartupApproved\Run: => "Gyazo"
HKU\S-1-5-21-3455536620-3738399896-992047778-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-3455536620-3738399896-992047778-1001\...\StartupApproved\Run: => "Opera Browser Assistant"
HKU\S-1-5-21-3455536620-3738399896-992047778-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-3455536620-3738399896-992047778-1001\...\StartupApproved\Run: => "Synapse3"
HKU\S-1-5-21-3455536620-3738399896-992047778-1001\...\StartupApproved\Run: => "Fitbit Connect"
HKU\S-1-5-21-3455536620-3738399896-992047778-1001\...\StartupApproved\Run: => "SandboxieControl"
HKU\S-1-5-21-3455536620-3738399896-992047778-1001\...\StartupApproved\Run: => "CCXProcess"
HKU\S-1-5-21-3455536620-3738399896-992047778-1001\...\StartupApproved\Run: => "utweb"
HKU\S-1-5-21-3455536620-3738399896-992047778-1001\...\StartupApproved\Run: => "ManyCam"
HKU\S-1-5-21-3455536620-3738399896-992047778-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{4DD8148A-20B3-464A-9476-FEFB2593BA0F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{799CC783-0103-4F84-A233-6779E1404788}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{BDD07936-A496-4D3E-962F-9D97C6C16F53}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{A5FF147D-0E6D-40EC-B709-2747614EB3E8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{E23558D9-EF77-477D-B8B9-7EECA5BBE960}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{E6E1ED25-5676-458E-809F-A05041068E05}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{069532C5-C17C-4DBC-A343-960FA05B200F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{F8228E3A-34A9-44EA-B955-BFEDA93E8C89}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{0B6EC48C-ADB9-4169-BFDD-D9A4F41071DE}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{F1FCBDF0-B50F-4C36-A399-1CB09A7377E5}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{B094CD8D-0F48-4623-900D-08981825508A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{FD68E7D1-57E8-4C55-AEC6-7376A555C396}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{1AA16847-46BF-4448-8A2B-0481E60AE448}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B0F070E9-D73E-40AE-A212-D2E88DC79A73}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4F0141E1-75F2-4DE7-A617-EFA228DA6B6F}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{0D0FF3D1-C5F3-4BA7-BA60-2CB330D0EC4B}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{69369527-A410-495B-882E-2E3BC7ED759F}] => (Allow) C:\Users\cress\AppData\Roaming\uTorrent\uTorrent.exe => No File
FirewallRules: [{9134C304-B8A1-435C-8DE6-16804DAA200B}] => (Allow) C:\Users\cress\AppData\Roaming\uTorrent\uTorrent.exe => No File
FirewallRules: [TCP Query User{4852653F-E895-4201-B917-951514BDA1C1}C:\users\cress\appdata\roaming\telegram desktop\telegram.exe] => (Allow) C:\users\cress\appdata\roaming\telegram desktop\telegram.exe (Telegram FZ-LLC -> Telegram FZ-LLC)
FirewallRules: [UDP Query User{E5CE321A-9466-4D00-8199-FC88960F3A8A}C:\users\cress\appdata\roaming\telegram desktop\telegram.exe] => (Allow) C:\users\cress\appdata\roaming\telegram desktop\telegram.exe (Telegram FZ-LLC -> Telegram FZ-LLC)
FirewallRules: [TCP Query User{412618CF-9A78-4422-8380-D3596BFD1A5F}C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe => No File
FirewallRules: [UDP Query User{1BF6A15B-A468-4A10-BB16-D46FA251CF48}C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft launcher\runtime\jre-x64\bin\javaw.exe => No File
FirewallRules: [TCP Query User{374CD6B4-F9F4-4806-9FAC-3AB7141815E7}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe => No File
FirewallRules: [UDP Query User{B0E8695D-36BA-4689-B91E-237F54C757CA}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe => No File
FirewallRules: [TCP Query User{5EED9D55-1D1A-43A9-B1DB-06D429D09F09}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe => No File
FirewallRules: [UDP Query User{D2566759-1D13-4DCF-9D12-90EE19EF3387}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe => No File
FirewallRules: [TCP Query User{341992FD-9A22-4C56-AF65-22EBF6070114}C:\users\cress\appdata\local\programs\opera\65.0.3467.48\opera.exe] => (Allow) C:\users\cress\appdata\local\programs\opera\65.0.3467.48\opera.exe => No File
FirewallRules: [UDP Query User{8D8F70AA-AF98-4744-BDAB-44E0EC308DB9}C:\users\cress\appdata\local\programs\opera\65.0.3467.48\opera.exe] => (Allow) C:\users\cress\appdata\local\programs\opera\65.0.3467.48\opera.exe => No File
FirewallRules: [{1545CFD0-1390-414D-86E9-3E1467D4BEF0}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{5906DC63-F761-4BF2-A0EE-CA653B5560EA}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{80CB8069-A052-452A-9654-4EAFCA8CBE7D}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{883BE32B-8EE4-4FC3-B459-26F798226B8B}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [TCP Query User{15C17F15-23B2-460B-A2C8-E3BBDD738FD1}C:\users\cress\appdata\local\programs\opera\65.0.3467.72\opera.exe] => (Allow) C:\users\cress\appdata\local\programs\opera\65.0.3467.72\opera.exe => No File
FirewallRules: [UDP Query User{B75596E5-EB53-4354-9984-F6841324618B}C:\users\cress\appdata\local\programs\opera\65.0.3467.72\opera.exe] => (Allow) C:\users\cress\appdata\local\programs\opera\65.0.3467.72\opera.exe => No File
FirewallRules: [TCP Query User{C245C202-2746-4795-A5C0-F74E522D586D}C:\users\cress\appdata\local\programs\opera\65.0.3467.78\opera.exe] => (Allow) C:\users\cress\appdata\local\programs\opera\65.0.3467.78\opera.exe => No File
FirewallRules: [UDP Query User{87786C75-372F-4F97-A109-63FE3C40E8B8}C:\users\cress\appdata\local\programs\opera\65.0.3467.78\opera.exe] => (Allow) C:\users\cress\appdata\local\programs\opera\65.0.3467.78\opera.exe => No File
FirewallRules: [{2BDA4700-B4E4-487C-927A-0E071F9D9242}] => (Allow) C:\Users\cress\AppData\Roaming\uTorrent Web\utweb.exe (Jenkins Win Client Build CA -> BitTorrent Inc.) [File not signed]
FirewallRules: [{997ED9CB-BADA-4F08-8BFE-A10595070848}] => (Allow) C:\Users\cress\AppData\Roaming\uTorrent Web\utweb.exe (Jenkins Win Client Build CA -> BitTorrent Inc.) [File not signed]
FirewallRules: [{15194BF6-2B06-4E09-96FC-9F87931FE873}] => (Allow) C:\Program Files\BlueStacks\HD-Player.exe => No File
FirewallRules: [{31B57CF5-4AAF-4CE4-8115-8AE6481612A7}] => (Allow) C:\Program Files\uvnc bvba\UltraVNC\winvnc.exe => No File
FirewallRules: [{28828AA4-3E49-456B-AE9D-BB45698CBD22}] => (Allow) C:\Program Files\uvnc bvba\UltraVNC\winvnc.exe => No File
FirewallRules: [{1C9D58EC-74EC-4D43-A3E7-EADE7BD83B43}] => (Allow) C:\Program Files\uvnc bvba\UltraVNC\vncviewer.exe => No File
FirewallRules: [{8A1449E3-D1B6-405C-90BC-2BE19B968EED}] => (Allow) C:\Program Files\uvnc bvba\UltraVNC\vncviewer.exe => No File
FirewallRules: [{F7B14517-BFF1-49C6-8592-B265E59E3521}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{14EC0496-E933-4F16-8359-DE7C0CD7E869}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe (Even Balance, Inc. -> )
FirewallRules: [{3056813E-9F81-40E1-AAE0-E696198FBE83}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{39BBA9B3-4B73-412E-B989-861AB57C85C7}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe (Even Balance, Inc. -> )
FirewallRules: [{6566352A-317C-4A5F-B13A-D7AE10054655}] => (Allow) C:\Program Files\GoPro\GoPro Desktop App\GoPro Quik.exe (GoPro Media, Inc. -> )
FirewallRules: [{3A57C85F-8B26-4B3A-B7A5-C26237A15887}] => (Allow) C:\Program Files\GoPro\GoPro Desktop App\GoProMsgBus.exe (GoPro Media, Inc. -> )
FirewallRules: [{C6813A76-FE20-4A86-A28A-3A69119E2601}] => (Allow) C:\Program Files\GoPro\GoPro Desktop App\GoProIDService.exe (GoPro Media, Inc. -> )
FirewallRules: [{02F11B73-BD1B-437D-A8FE-89787DF1470F}] => (Allow) C:\Program Files\GoPro\GoPro Desktop App\GoProLauncher.exe (GoPro Media, Inc. -> )
FirewallRules: [{6725EC55-FB92-4004-B8EC-9B4B6C3FE753}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{5685E310-BC4D-419B-935E-3D0C86CE4761}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{C9E1E2C4-977D-4985-9F38-1956DC273D9B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{1B81DABC-2312-4972-9CB2-E3AB19E040D2}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{70E68065-67F0-409C-AEF4-731EA0E4B65F}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{57C72C61-2A22-4EEC-BD30-9B2AD32F9284}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{9928F525-2647-4403-8CBE-2B50FDB96771}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Among Us\Among Us.exe () [File not signed]
FirewallRules: [{9677A417-DFB2-4EE7-9DD4-97830A905056}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Among Us\Among Us.exe () [File not signed]
FirewallRules: [{9EB7029E-A173-457F-8AED-15D751487E01}] => (Allow) LPort=32682
FirewallRules: [{D40C8782-5752-4EBC-AA01-7595D9FE7EEC}] => (Allow) C:\Windows\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{31CC9B52-47D0-412A-A4B5-825DEBC832E5}] => (Allow) C:\Windows\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{1D2190C1-FEC3-4E86-864F-5554911278DB}] => (Allow) C:\Windows\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{15C217AC-F61E-41C8-A54E-B35D0567B245}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{BA4ED2AD-1930-406A-B3C4-EE72199BE330}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

22-12-2020 01:13:30 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
01-01-2021 15:43:58 Scheduled Checkpoint
05-01-2021 03:35:34 Installed Oracle VM VirtualBox 6.1.16

==================== Faulty Device Manager Devices ============

Name: Microsoft Wi-Fi Direct Virtual Adapter #2
Description: Microsoft Wi-Fi Direct Virtual Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Bluetooth Device (Personal Area Network)
Description: Bluetooth Device (Personal Area Network)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: BthPan
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: ========================

Application errors:
==================
Error: (01/12/2021 03:21:29 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: electrum-4.0.9-portable.exe, verzia: 0.0.0.0, časová značka: 0x00000000
Názov chybujúceho modulu: unknown, verzia: 0.0.0.0, časová značka: 0x00000000
Kód výnimky: 0xc0000005
Odstup chyby: 0x4344faec
Identifikácia chybujúceho procesu: 0x2e5c
Čas spustenia chybujúcej aplikácie: 0x01d6e8751c515575
Cesta chybujúcej aplikácie: J:\electrum-4.0.9-portable.exe
Cesta chybujúceho modulu: unknown
Identifikácia hlásenia: 67cdfbfb-a3ed-42ae-9ce0-b6c3e5329832
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:

Error: (01/12/2021 03:10:01 AM) (Source: ESENT) (EventID: 467) (User: )
Description: svchost (9732,D,22) Unistore: Database C:\Users\cress\AppData\Local\Comms\UnistoreDB\store.vol: Index 00000003 of table EmailMetadata is corrupted (0).

Error: (01/12/2021 03:10:01 AM) (Source: ESENT) (EventID: 467) (User: )
Description: svchost (9732,D,22) Unistore: Database C:\Users\cress\AppData\Local\Comms\UnistoreDB\store.vol: Index 00000003 of table EmailMetadata is corrupted (0).

Error: (01/12/2021 03:10:01 AM) (Source: ESENT) (EventID: 467) (User: )
Description: svchost (9732,D,22) Unistore: Database C:\Users\cress\AppData\Local\Comms\UnistoreDB\store.vol: Index 00000003 of table EmailMetadata is corrupted (0).

Error: (01/12/2021 03:10:01 AM) (Source: ESENT) (EventID: 467) (User: )
Description: svchost (9732,D,22) Unistore: Database C:\Users\cress\AppData\Local\Comms\UnistoreDB\store.vol: Index 00000003 of table EmailMetadata is corrupted (0).

Error: (01/12/2021 01:40:02 AM) (Source: ESENT) (EventID: 467) (User: )
Description: svchost (9732,D,22) Unistore: Database C:\Users\cress\AppData\Local\Comms\UnistoreDB\store.vol: Index 00000003 of table EmailMetadata is corrupted (0).

Error: (01/12/2021 01:40:02 AM) (Source: ESENT) (EventID: 467) (User: )
Description: svchost (9732,D,22) Unistore: Database C:\Users\cress\AppData\Local\Comms\UnistoreDB\store.vol: Index 00000003 of table EmailMetadata is corrupted (0).

Error: (01/12/2021 01:40:02 AM) (Source: ESENT) (EventID: 467) (User: )
Description: svchost (9732,D,22) Unistore: Database C:\Users\cress\AppData\Local\Comms\UnistoreDB\store.vol: Index 00000003 of table EmailMetadata is corrupted (0).


System errors:
=============
Error: (01/12/2021 03:29:22 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba wuauserv bola ukončená s nasledujúcou chybou:
The system cannot find the file specified.

Error: (01/12/2021 03:29:22 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-DU1T7SB)
Description: The server {E60687F7-01A1-40AA-86AC-DB1CBF673334} did not register with DCOM within the required timeout.

Error: (01/12/2021 03:27:22 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba wuauserv bola ukončená s nasledujúcou chybou:
The system cannot find the file specified.

Error: (01/12/2021 03:21:35 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {E60687F7-01A1-40AA-86AC-DB1CBF673334} did not register with DCOM within the required timeout.

Error: (01/12/2021 03:19:35 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba wuauserv bola ukončená s nasledujúcou chybou:
The system cannot find the file specified.

Error: (01/12/2021 02:56:14 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-DU1T7SB)
Description: The server {E60687F7-01A1-40AA-86AC-DB1CBF673334} did not register with DCOM within the required timeout.

Error: (01/12/2021 02:54:14 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba wuauserv bola ukončená s nasledujúcou chybou:
The system cannot find the file specified.

Error: (01/12/2021 02:52:30 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {E60687F7-01A1-40AA-86AC-DB1CBF673334} did not register with DCOM within the required timeout.


Windows Defender:
===================================
Date: 2019-11-17 19:15:14.189
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {359B0B42-77EC-4950-A118-0EA62FAC8479}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2019-11-14 21:28:53.950
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {87A933D0-0EF2-4D0F-8E37-619DAA357311}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2019-11-12 18:12:09.192
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {807EF7EE-FC59-4478-977D-422F2C79CFB3}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2019-11-08 19:39:31.413
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {70287F94-928D-4BB8-8820-190FFDCF11C2}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2019-11-08 18:37:57.130
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {D8E0C1B7-7E55-48D7-9889-0E8882137510}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2019-11-27 13:38:48.463
Description:
Windows Defender Antivirus Real-Time Protection feature has encountered an error and failed.
Feature: On Access
Error Code: 0x8007043c
Error description: This service cannot be started in Safe Mode
Reason: Antimalware security intelligence has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.

Date: 2019-10-10 10:58:59.271
Description:
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.301.1812.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.16300.1
Error code: 0x80240017
Error description: Počas vyhľadávania aktualizácií sa vyskytol neočakávaný problém. Informácie o inštalácii aktualizácií a riešení problémov s aktualizáciami nájdete v Pomoci a technickej podpore.

CodeIntegrity:
===================================

Date: 2021-01-12 01:39:51.410
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume7\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2021-01-12 01:39:51.398
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume7\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2021-01-11 22:10:18.507
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume7\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2021-01-11 22:09:40.132
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume7\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2021-01-11 12:57:10.671
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume7\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2021-01-11 03:46:26.168
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume7\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2021-01-11 03:46:26.125
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume7\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2021-01-11 01:08:16.888
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume7\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

BIOS: American Megatrends Inc. E17C5IMS.10D 10/18/2018
Motherboard: Micro-Star International Co., Ltd. MS-17C5
Processor: Intel(R) Core(TM) i7-8750H CPU @ 2.20GHz
Percentage of memory in use: 33%
Total physical RAM: 16227.93 MB
Available physical RAM: 10808.89 MB
Total Virtual: 20195.93 MB
Available Virtual: 11789.7 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:476.31 GB) (Free:355.04 GB) NTFS
Drive d: (EFI) (Fixed) (Total:0.34 GB) (Free:0.34 GB) FAT32
Drive f: (DriverCD) (Fixed) (Total:10 GB) (Free:5.6 GB) NTFS

\\?\Volume{fe77aca9-e971-4a4d-8357-a99310c22fd3}\ (Obnovení) (Fixed) (Total:0.52 GB) (Free:0.11 GB) NTFS
\\?\Volume{49751851-4910-40d2-b879-442dcbd8d2da}\ () (Fixed) (Total:0.09 GB) (Free:0.06 GB) FAT32
\\?\Volume{c323f095-dbc8-11e9-a836-00d8610781b1}\ () () (Total:0 GB) (Free:0 GB)
\\?\Volume{a2894d25-2335-11ea-a873-00d8610781b1}\ () () (Total:0 GB) (Free:0 GB)

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: CDC3DF88)

Partition: GPT.

==========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 7D51BCAF)

Partition: GPT.

==========================================================
Disk: 2 (Size: 953.9 GB) (Disk ID: EBABC8A3)

Partition: GPT.

==================== End of Addition.txt =======================

Zdravím!
Spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

# -------------------------------
# Malwarebytes AdwCleaner 8.0.9.0
# -------------------------------
# Build: 01-11-2021
# Database: 2021-01-11.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 01-15-2021
# Duration: 00:00:00
# OS: Windows 10 Pro
# Cleaned: 1
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\SOFTWARE\Mozilla\NativeMessagingHosts\com.webcompanion.native

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [2441 octets] - [18/12/2019 14:12:13]
AdwCleaner[C00].txt - [2438 octets] - [18/12/2019 14:12:38]
AdwCleaner[S01].txt - [1589 octets] - [15/01/2021 03:33:42]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########

Dejte nové logy FRST+Addition.