Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-11-2021
Ran by Georgius (28-11-2021 14:45:41)
Running from C:\Users\Georgius\Desktop
Microsoft Windows 7 Home Premium Service Pack 1 (X64) (2017-12-05 11:13:06)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-3999889357-1238142211-2592065837-500 - Administrator - Disabled)
Georgius (S-1-5-21-3999889357-1238142211-2592065837-1000 - Administrator - Enabled) => C:\Users\Georgius
Guest (S-1-5-21-3999889357-1238142211-2592065837-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3999889357-1238142211-2592065837-1003 - Limited - Enabled)
UpdatusUser (S-1-5-21-3999889357-1238142211-2592065837-1001 - Limited - Enabled) => C:\Users\UpdatusUser
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: ESET Security (Enabled - Up to date) {89B55CC4-3881-78B2-11E2-479AE0371896}
AS: ESET Security (Enabled - Up to date) {32D4BD20-1EBB-773C-2B52-7CE89BB0522B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Firewall (Enabled) {B18EDDE1-72EE-79EA-3ABD-EEAF1EE45FED}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-3999889357-1238142211-2592065837-1000\...\uTorrent) (Version: 3.5.5.45852 - BitTorrent Inc.)
4K Video Downloader 4.11 (HKLM\...\{2DC070EE-D256-4564-BC7C-A78085F22080}) (Version: 4.11.3.3420 - Open Media LLC)
ABBYY FineReader 6.0 Sprint (HKLM-x32\...\{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}) (Version: 6.00.1395.4512 - ABBYY Software House)
ACDSee Pro 9 (64-bit) (HKLM\...\{AAB2B2D2-1B27-4EEC-B033-6F9B6FFEEF4C}) (Version: 9.1.0.453 - ACD Systems International Inc.)
Active WebCam (HKLM-x32\...\Active WebCam) (Version: - )
Adobe Acrobat Reader DC - Slovak (HKLM-x32\...\{AC76BA86-7AD7-1051-7B44-AC0F074E4100}) (Version: 20.013.20064 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.4.1.298 - Adobe Systems Incorporated)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.453 - Adobe)
Adobe Illustrator (HKLM\...\{88D5B37C-D63C-4FB3-84DD-25BFF26DDD9A}) (Version: 1.0.0000 - Adobe Systems Incorporated) Hidden
Adobe Illustrator CC 2018 (HKLM-x32\...\ILST_22_1) (Version: 22.1 - Adobe Systems Incorporated)
Adobe SVG Viewer 3.0 (HKLM-x32\...\Adobe SVG Viewer) (Version: 3.0 - Adobe Systems, Inc.)
AIMP (HKLM-x32\...\AIMP) (Version: v4.51.2084, 01.12.2018 - AIMP DevTeam)
Aktualizácie NVIDIA 1.10.8 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.10.8 - NVIDIA Corporation)
Alternate QR Code Generator 1.760 (HKLM-x32\...\Alternate QR Code Generator_is1) (Version: - Alternate Tools)
ANT Drivers Installer x64 (HKLM\...\{D559687A-60C5-4786-9429-C21EC195789D}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
AnyDesk (HKLM-x32\...\AnyDesk) (Version: ad 6.2.6 - philandro Software GmbH)
Artcut2009 (HKLM-x32\...\{FA01D751-CE47-4533-BB5D-9BB34514A43B}) (Version: 7.0 - Beijing Wentai Technology Co. Ltd)
Audacity 2.3.2 (HKLM-x32\...\Audacity_is1) (Version: 2.3.2 - Audacity Team)
AVS Update Manager 1.0 (HKLM-x32\...\AVS Update Manager_is1) (Version: - Online Media Technologies Ltd.)
AVS Video Converter 12.0.3 (HKLM-x32\...\AVS4YOU Video Converter 7_is1) (Version: 12.0.3.654 - Online Media Technologies Ltd.)
BenVista PhotoZoom Pro Corel Plug-In 4.6.2 (HKU\S-1-5-21-3999889357-1238142211-2592065837-1000\...\PhotoZoom Pro Corel Plug-In 4) (Version: 4.6.2 - BenVista Ltd.)
Booking (HKLM-x32\...\{13D4CD54-EA09-4FDB-B979-8B2BC0F020CA}_is1) (Version: 2.0.701 - Booking)
CCleaner (HKLM\...\CCleaner) (Version: 5.87 - Piriform)
Corel AfterShot 3 - HDR x64 (HKLM\...\{304BEFF1-0645-4E24-BBBE-71F86AF55169}) (Version: 3.0 - Corel Corporation) Hidden
Corel AfterShot 3 - ICA x64 (HKLM\...\{FE875B02-11A1-4D1E-B57A-8DE2C00C0B51}) (Version: 3.5 - Corel Corporation) Hidden
Corel AfterShot 3 - IPM Content x64 (HKLM\...\{3E064BED-C9D8-4BEF-A2EE-8D67E99C3932}) (Version: 3.4 - Corel Corporation) Hidden
Corel AfterShot 3 - IPM x64 (HKLM\...\{5059B47C-4D7B-46E9-9D7A-1E2FCF5DDBED}) (Version: 3.5.0.365 - Corel Corporation) Hidden
Corel AfterShot 3(64-bit) (HKLM\...\_{FE875B02-11A1-4D1E-B57A-8DE2C00C0B51}) (Version: 3.5.0.365 - Corel Corporation)
Corel Graphics - Windows Shell Extension (HKLM\...\_{39AB9389-ABC5-4603-AFB6-071BB35225E4}) (Version: 21.0.0.581 - Corel Corporation)
Corel Graphics - Windows Shell Extension (HKLM\...\{39AB9389-ABC5-4603-AFB6-071BB35225E4}) (Version: 21.0.581 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 32 Bit Keys (HKLM\...\{95555783-E5F3-40B2-99C7-7345C39EFF76}) (Version: 21.0.581 - Corel Corporation) Hidden
Corel Update Manager (HKLM\...\{9E1EE683-0C7B-46E7-83EC-1F5A1D8F2296}) (Version: 2.10.442 - Corel corporation) Hidden
CorelDRAW Graphics Suite 2017 - IPM (x64) (HKLM\...\{904B10A6-0D9C-4645-9C61-504FA92B9220}) (Version: 19.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2017 - IPM Content (x64) (HKLM\...\{54F024CB-16AF-4CC0-9BC2-D2507E7C6C01}) (Version: 19.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2017 - Writing Tools (x64) (HKLM\...\{E38357D4-1B80-400F-A6D7-B4D5DD83D979}) (Version: 19.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2019 - IPM (x64) (HKLM\...\{A3BA4B57-A263-476E-B787-B5267F35201F}) (Version: 21.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2019 - IPM Content CZ (x64) (HKLM\...\{05FDF5A8-802D-44EF-B475-92EE19B77502}) (Version: 21.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2019 - IPM Content EN (x64) (HKLM\...\{E5A6F812-B03B-4054-BDC9-E92B1BC6B052}) (Version: 21.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2019 - IPM Content PL (x64) (HKLM\...\{52290C71-F654-4B59-9C05-628F24690A22}) (Version: 21.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2019 - IPM Content RU (x64) (HKLM\...\{C0DFC477-D301-4E8C-B439-E57116182B68}) (Version: 21.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2019 - IPM Content TR (x64) (HKLM\...\{EB0B0BB1-4425-4E33-81B0-8F7CFECD94B9}) (Version: 21.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2019 - Writing Tools (x64) (HKLM\...\{F37A71D2-9B69-45E5-B6B1-DE9D98C197FC}) (Version: 21.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite 2019 (64-Bit) (HKLM\...\_{E82C45F0-2C79-47A5-B90B-C514724B1C48}) (Version: 21.0.0.593 - Corel Corporation)
Elevated Installer (HKLM-x32\...\{0BF90608-2F95-4C7C-9A85-E90E0CAF4FE9}) (Version: 6.9.1.0 - Garmin Ltd or its subsidiaries) Hidden
Epson Copy Utility 3.5 (HKLM-x32\...\{AA72FB28-73B4-49E5-B6B4-E78F44BBD0AD}) (Version: 3.5.0.0 - )
EPSON Easy Photo Print (HKLM-x32\...\{B8890B12-4E4C-4E53-9ECB-96193BBA7767}) (Version: 1.4.0.0 - )
Epson Easy Photo Print 2 (HKLM-x32\...\{7E0261C4-8495-4365-BE48-647701D8B9BD}) (Version: 2.8.3.0 - Seiko Epson Corporation)
Epson E-Web Print (HKLM-x32\...\{6BF9F374-EC67-4808-A90C-F127DE6D989D}) (Version: 1.23.0000 - SEIKO EPSON CORPORATION)
EPSON L805 Series Printer Uninstall (HKLM\...\EPSON L805 Series) (Version: - Seiko Epson Corporation)
Epson Print CD (HKLM-x32\...\{D16A31F9-276D-4968-A753-FFEAC56995D0}) (Version: 2.50.00 - Seiko Epson Corporation)
Epson Printer Connection Checker (HKLM-x32\...\{FFA5C174-DB3F-4AFE-B59D-C0FB1744CD76}) (Version: 3.1.0.0 - Seiko Epson Corporation)
EPSON Printer Software (HKLM\...\EPSON Printer and Utilities) (Version: - SEIKO EPSON Corporation)
EPSON Printer Software (HKLM-x32\...\{7612D261-8150-4B33-ADEE-3D3C086F0815}) (Version: 1.000.00.00 - EPSON)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - )
EPSON Scan Assistant (HKLM-x32\...\{2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}) (Version: 1.10.00 - )
Epson Software Updater (HKLM-x32\...\{28C66F35-69BF-4376-BC80-4D5F4808FF3C}) (Version: 4.6.1 - Seiko Epson Corporation)
ESET Security (HKLM\...\{3B47BDC5-99BF-4F5C-A303-1F0F9DBC74F6}) (Version: 14.0.22.0 - ESET, spol. s r.o.)
Free Audio CD to MP3 Converter version 1.3.12.908 (HKLM-x32\...\Free Audio CD to MP3 Converter_is1) (Version: - DVDVideoSoft Ltd.)
Garmin Express (HKLM-x32\...\{95D0EADA-5123-41C0-931A-F37946BC0E8E}) (Version: 6.9.1.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express (HKLM-x32\...\{eab4691c-4022-41cd-8d39-c3097ba62d4b}) (Version: 6.9.1.0 - Garmin Ltd or its subsidiaries)
Ghostscript GPL 8.64 (Msi Setup) (HKLM-x32\...\_{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation)
Ghostscript GPL 8.64 (Msi Setup) (HKLM-x32\...\{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation) Hidden
Google Chrome (HKLM\...\{04DBEDAC-DFA9-3823-937A-FE754A7AD6F7}) (Version: 75.0.3770.142 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.169 - Google Inc.) Hidden
HPWhale (HKLM-x32\...\HPWhale) (Version: - ) <==== ATTENTION
Chinese Traditional Graphics (HKLM-x32\...\Chinese Traditional Graphics) (Version: - )
Intel(R) C++ Redistributables for Windows* on Intel(R) 64 (HKLM-x32\...\{D2437C5C-2D8C-40D2-8059-689AD7239FA3}) (Version: 11.1.048 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.1.50.1172 - Intel Corporation)
irreptitious version 3.0 (HKLM-x32\...\irreptitious_is1) (Version: 3.0 - )
Java 8 Update 241 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180241F0}) (Version: 8.0.2410.7 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
JDownloader 2 (HKLM\...\jdownloader2-1) (Version: 2.0 - AppWork GmbH)
KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 4.2.2.32 - PandoraTV)
Microsoft .NET Framework 4.8 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft Office Professional Plus 2007 (HKLM-x32\...\PROPLUS) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.14.26429 (HKLM-x32\...\{80586c77-db42-44bb-bfc8-7aebbb220c00}) (Version: 14.14.26429.4 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM-x32\...\{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 Runtime (HKLM-x32\...\{299C0434-4F4E-341F-A916-4E07AEB35E79}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2017 (HKLM-x32\...\{5a7dc0ad-cdb2-43b5-8b82-f81065fe6092}) (Version: 15.0.26717 - Microsoft Corporation)
MWSnap 3 (HKLM-x32\...\MWSnap 3) (Version: 3.0.0.74 - Mirek Wojtowicz)
NVIDIA 3D Vision radič ovládača 306.97 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 306.97 - NVIDIA Corporation)
NVIDIA Grafický ovládač 306.97 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 306.97 - NVIDIA Corporation)
NVIDIA Ovládač 3D Vision 306.97 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 306.97 - NVIDIA Corporation)
NVIDIA Ovládač zvuku HD 1.3.18.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.18.0 - NVIDIA Corporation)
NVIDIA Softvér systému s podporou technológie PhysX 9.12.0604 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0604 - NVIDIA Corporation)
Online Application (HKLM-x32\...\{5266F634-7B7D-4537-BDDC-98DD6CFCBAA1}) (Version: 2.7.0 - Microleaves) Hidden <==== ATTENTION
Opera developer 83.0.4246.0 (HKLM-x32\...\Opera 83.0.4246.0) (Version: 83.0.4246.0 - Opera Software)
PL-2303 USB-to-Serial (HKLM-x32\...\{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}) (Version: 1.2.10 - Prolific Technology INC)
Príručky EPSON (HKLM-x32\...\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}) (Version: 1.57.0.0 - Seiko Epson Corporation)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.107.323.2017 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8010 - Realtek Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.34.0 - Renesas Electronics Corporation) Hidden
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.34.0 - Renesas Electronics Corporation)
Seznam Software (HKU\S-1-5-21-3999889357-1238142211-2592065837-1000\...\SeznamInstall) (Version: 2.1.35 - Seznam.cz)
Skype verzia 8.37 (HKLM-x32\...\Skype_is1) (Version: 8.37 - Skype Technologies S.A.)
TEC-IT QR-Code Studio 1.0 (HKLM-x32\...\{642d31e9-61fd-44a6-874d-3e3c5247a63d}) (Version: 1.0.3.22924 - TEC-IT Datenverarbeitung GmbH)
TEC-IT QR-Code Studio 1.0 (HKLM-x32\...\{A13BEE2E-93C1-493F-B1C1-510EED17A4F4}) (Version: 1.0.3.22924 - TEC-IT Datenverarbeitung GmbH) Hidden
Total Commander 64+32-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.21a - Ghisler Software GmbH)
TP-LINK TL-WN721N_TL-WN722N Driver (HKLM-x32\...\{38A1E3ED-D913-41D2-9953-A93D5ACE3ADF}) (Version: 1.3.1 - TP-LINK)
uTorrent Web (HKU\S-1-5-21-3999889357-1238142211-2592065837-1000\...\utweb) (Version: 1.0.7 - BitTorrent, Inc.)
VirtualDJ 2018 (HKLM-x32\...\{9CE1367A-3C11-4895-99E0-23E511C7DD8C}) (Version: 8.3.4720.0 - Atomix Productions)
VLC media player (HKLM\...\VLC media player) (Version: 4.0.0-dev - VideoLAN)
Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Windows Installer (HKLM-x32\...\{13499434-9821-4E2D-B7DF-7C0867EB1504}) (Version: 5.0.3 - AdvancedWindowsManager)
WiperSoft 1.1.1157.64 (HKLM\...\{AB1C8C91-4D8E-4C28-80E7-FD135FB90515}}_is1) (Version: 1.1.1157.64 - WiperSoft)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3999889357-1238142211-2592065837-1000_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems Incorporated -> Adobe Systems)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-10] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-10] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-10] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [{BFD98515-CD74-48A4-98E2-13D209E3EE4F}] -> {BFD98515-CD74-48A4-98E2-13D209E3EE4F} => -> No File
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-10] (Adobe Systems Incorporated -> )
ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP\System\aimp_menu64.dll [2019-04-21] (Artem Izmaylov -> AIMP DevTeam)
ContextMenuHandlers1-x32: [EPPShellEx] -> {509FE1AF-ADD5-49EC-BC55-7CF81FD16E78} => C:\Program Files (x86)\EPSON\Creativity Suite\Easy Photo Print\EPPShell.dll [2006-04-13] (SEIKO EPSON CORPORATION) [File not signed]
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2020-10-26] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [PicaViewCtxMenuShlExt] -> {F3CBBA61-EE3F-4D6D-B1C6-B3474E579936} => C:\Program Files\Common Files\ACD Systems\PicaView\ACDSeePV.dll [2015-08-28] (ACD Systems International -> ACD Systems International Inc.)
ContextMenuHandlers1: [ShellConverter] -> {30A4E07E-068A-4d91-8F05-691283A1336B} => C:\Program Files (x86)\Common Files\AVSMedia\ActiveX\AVSShellConverter64.dll [2017-12-18] (Online Media Technologies Ltd. -> Online Media Technologies Ltd.) [File not signed]
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2020-10-26] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP\System\aimp_menu64.dll [2019-04-21] (Artem Izmaylov -> AIMP DevTeam)
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2012-10-02] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-10] (Adobe Systems Incorporated -> )
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2020-10-26] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32-x32: [vidc.XVID] => xvidvfw.dll
HKLM\...\Drivers32-x32: [VIDC.VP80] => vp8vfw.dll
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
Shortcut: C:\Users\Georgius\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Intеrnеt Ехрlоrеr (Nо Аdd-оns).lnk -> C:\Program Files (x86)\HPWhale\WhaleStarter.exe (No File) <==== Cyrillic
ShortcutWithArgument: C:\Users\Georgius\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> %SNP%
ShortcutWithArgument: C:\Users\Georgius\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mail.Ru.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> url,FileProtocolHandler "hxxp://
www.mail.ru/cnt/20775012?gp=811550"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> %SNP%
==================== Loaded Modules (Whitelisted) =============
2017-12-05 12:39 - 2012-04-17 10:36 - 001892352 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\xerces-c_2_7.dll
2017-12-05 12:39 - 2012-04-17 10:30 - 000069632 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\StatusStrings.dll
2019-09-07 14:37 - 2019-09-07 14:37 - 000113664 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\amd64_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.6195_none_8a1dd9552ed7f8d8\ATL80.DLL
2019-09-07 14:38 - 2017-12-18 15:35 - 000151024 _____ (Online Media Technologies Ltd. -> Online Media Technologies Ltd.) [File not signed] C:\Program Files (x86)\Common Files\AVSMedia\ActiveX\AVSShellConverter64.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Windows\system32\drivers:ucdrv-x64.sys [25444]
AlternateDataStreams: C:\Windows\system32\drivers:x64 [1498914]
AlternateDataStreams: C:\Windows\system32\drivers:x86 [1223458]
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Version 11) (Whitelisted) ==========
HKU\S-1-5-21-3999889357-1238142211-2592065837-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRHOjYN9_5EdL7qPpMxlQl_qh-lpPVGaot6QfodMAbnVPDKXxgjYYaGKyPDJOHyuAhWzsUG_2RbdmLVTfHqraoNh3nGSjWFV_T4ulT6kfGtimMXIqO-n61I6C8v9bjoRV-7vk0mD9lMIW39e7lPZuXzub8fEkykwjXOXxUmZNQv-nAjFLTHSNo5Ayhl4A,&q={searchTerms}
HKU\S-1-5-21-3999889357-1238142211-2592065837-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://mail.ru/cnt/10445?gp=834423
HKU\S-1-5-21-3999889357-1238142211-2592065837-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRHOjYN9_5EdL7qPpMxlQl_qh-lpPVGaot6QfodMAbnVPDKXxgjYYaGKyPDJOHyuAhWzsUG_2RbdmLVTfHqraoNh3nGSjWFV_T4ulT6kfGtimMXIqO-n61I6C8v9bjoRV-7vk0mD9lMIW39e7lPZuXzub8fEkykwjXOXxUmZNQv-nAjFLTHSNo5Ayhl4A,&q={searchTerms}
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://
www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://
www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM-x32 -> DefaultScope {ielnksrch} URL =
SearchScopes: HKLM-x32 -> ielnksrch URL = hxxps://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRHOjYN9_5EdL7qPpMxlQl_qh-lpPVGaot6QfodMAbnVPDKXxgjYYaGKyPDJOHyuAhWzsUG_2RbdmLVTfHqraoNh3nGSjWFV_T4ulT6kfGtimMXIqO-n61I6C8v9bjoRV-7vk0mD9lMIW39e7lPZuXzub8fEkykwjXOXxUmZNQv-nAjFLTHSNo5Ayhl4A,&q={searchTerms}
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://
www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKU\S-1-5-21-3999889357-1238142211-2592065837-1000 -> DefaultScope {FFEBBF0A-C22C-4172-89FF-45215A135AC7} URL = hxxp://go.mail.ru/distib/ep/?q={searchTerms}&fr=ntg&product_id=%7B12C80D2C-2B62-4242-802F-4F648E396C84%7D&gp=811610
SearchScopes: HKU\S-1-5-21-3999889357-1238142211-2592065837-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://
www.bing.com/search?q={searchTerms}&src ... ORM=IESR02
SearchScopes: HKU\S-1-5-21-3999889357-1238142211-2592065837-1000 -> {11C790BD-3411-4C1A-AFF6-237C5D0DA1B5} URL = hxxp://
www.novinky.cz/hledej?w={searchTerms}&s ... arch_37180
SearchScopes: HKU\S-1-5-21-3999889357-1238142211-2592065837-1000 -> {2AACF7F3-B3AC-4381-88EC-FA1F7FB675A8} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_37180
SearchScopes: HKU\S-1-5-21-3999889357-1238142211-2592065837-1000 -> {7114DB86-5F22-4678-8E06-B7D3BD920AB4} URL = hxxp://
www.mapy.cz/?query={searchTerms}&source ... arch_37180
SearchScopes: HKU\S-1-5-21-3999889357-1238142211-2592065837-1000 -> {7977ECCB-DF00-4BA2-9BDA-6C7B28672AE2} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_37180
SearchScopes: HKU\S-1-5-21-3999889357-1238142211-2592065837-1000 -> {97CAF322-BC75-4B87-87DE-411961F7BC1A} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_37180
SearchScopes: HKU\S-1-5-21-3999889357-1238142211-2592065837-1000 -> {A7451444-EEFE-411E-9D9D-523372A962B5} URL = hxxp://
www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_37180
SearchScopes: HKU\S-1-5-21-3999889357-1238142211-2592065837-1000 -> {AAAE39FF-3204-45BA-B814-10C425DC001D} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_37180
SearchScopes: HKU\S-1-5-21-3999889357-1238142211-2592065837-1000 -> {ECAF2A0E-3931-4949-93C5-9702E54E55BA} URL = hxxp://
www.firmy.cz/?q={searchTerms}&sourceid= ... arch_37180
SearchScopes: HKU\S-1-5-21-3999889357-1238142211-2592065837-1000 -> {EDEAA1DC-3871-4503-889D-C40234DA1F86} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_37180
SearchScopes: HKU\S-1-5-21-3999889357-1238142211-2592065837-1000 -> {FFEBBF0A-C22C-4172-89FF-45215A135AC7} URL = hxxp://go.mail.ru/distib/ep/?q={searchTerms}&fr=ntg&product_id=%7B12C80D2C-2B62-4242-802F-4F648E396C84%7D&gp=811610
SearchScopes: HKU\S-1-5-21-3999889357-1238142211-2592065837-1000 -> {ielnksrch} URL = hxxps://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRHOjYN9_5EdL7qPpMxlQl_qh-lpPVGaot6QfodMAbnVPDKXxgjYYaGKyPDJOHyuAhWzsUG_2RbdmLVTfHqraoNh3nGSjWFV_T4ulT6kfGtimMXIqO-n61I6C8v9bjoRV-7vk0mD9lMIW39e7lPZuXzub8fEkykwjXOXxUmZNQv-nAjFLTHSNo5Ayhl4A,&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3999889357-1238142211-2592065837-1001 -> DefaultScope {ielnksrch} URL = hxxps://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRHOjYN9_5EdL7qPpMxlQl_qh-lpPVGaot6QfodMAbnVPDKXxgjYYaGKyPDJOHyuAhWzsUG_2RbdmLVTfHqraoNh3nGSjWFV_T4ulT6kfGtimMXIqO-n61I6C8v9bjoRV-7vk0mD9lMIW39e7lPZuXzub8fEkykwjXOXxUmZNQv-nAjFLTHSNo5Ayhl4A,&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3999889357-1238142211-2592065837-1001 -> {ielnksrch} URL = hxxps://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRHOjYN9_5EdL7qPpMxlQl_qh-lpPVGaot6QfodMAbnVPDKXxgjYYaGKyPDJOHyuAhWzsUG_2RbdmLVTfHqraoNh3nGSjWFV_T4ulT6kfGtimMXIqO-n61I6C8v9bjoRV-7vk0mD9lMIW39e7lPZuXzub8fEkykwjXOXxUmZNQv-nAjFLTHSNo5Ayhl4A,&q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_241\bin\ssv.dll [2020-01-19] (Oracle America, Inc. -> Oracle Corporation)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_241\bin\jp2ssv.dll [2020-01-19] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: E-Web Print -> {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} -> C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
BHO-x32:
Search@Mail.Ru -> {8E8F97CD-60B5-456F-A201-73065652D099} -> C:\Users\Georgius\AppData\Local\Mail.Ru\Sputnik\ie_addon_dll.dll [2019-04-29] (LLC Mail.Ru -> Mail.Ru)
BHO-x32: No Name -> {F9B65201-3D7F-48DA-AAB3-57A6FAD648FD} -> No File
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
Toolbar: HKLM-x32 - E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
Handler: WSKVAllmytubechrome - {91AB862D-07B8-4A85 - No File
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2020-11-05 22:19 - 000000625 _____ C:\Windows\system32\drivers\etc\hosts
127.0.0.1 space1.adminpressure.space
127.0.0.1 trackpressure.website
127.0.0.1 htagzdownload.pw
127.0.0.1 texttotalk.org
127.0.0.1 360devtraking.website
127.0.0.1 room1.360dev.info
127.0.0.1 djapp.info
127.0.0.1 technologievimy.com
127.0.0.1 sharefolder.online
127.0.0.1 install.portmdfmoon.com
127.0.0.1 adkqow01283.pw
127.0.0.1 telechargini.com
127.0.0.1 rothsiLehyaome.pw
127.0.0.1 fffffk.xyz
127.0.0.1 smarttrackk.xyz
127.0.0.1 discretdan.com
0.0.0.0 apps.corel.com
0.0.0.0 mc.corel.com
0.0.0.0 origin-mc.corel.com
0.0.0.0 iws.corel.com
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%C_EM64T_REDIST11%bin\Intel64;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\nodejs\
HKU\S-1-5-21-3999889357-1238142211-2592065837-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Georgius\AppData\Roaming\ACD Systems\ACDSee\ACD Wallpaper.bmp
DNS Servers: 192.168.22.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^AnyDesk.lnk => C:\Windows\pss\AnyDesk.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Georgius^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Google Updater.lnk => C:\Windows\pss\Google Updater.lnk.Startup
MSCONFIG\startupreg: ACDSeeCommanderPro9 => C:\Program Files\ACD Systems\ACDSee Pro\9.0\ACDSeeCommanderPro9.exe
MSCONFIG\startupreg: ACPW09EN => "C:\Program Files\ACD Systems\ACDSee Pro\9.0\acdIDInTouch2.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeGCInvoker-1.0 => "C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe"
MSCONFIG\startupreg: CCleaner Smart Cleaning => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: Chromium => "c:\users\georgius\appdata\local\chromium\application\chrome.exe" --auto-launch-at-startup --profile-directory=Default --restore-last-session
MSCONFIG\startupreg: Client => "C:\Users\Georgius\AppData\Roaming\Client\nircmd.exe" exec hide "C:\Users\Georgius\AppData\Roaming\Client\cnf.bat"
MSCONFIG\startupreg: cz.seznam.software.autoupdate => "C:\Users\Georgius\AppData\Roaming\Seznam.cz\szninstall.exe" -c
MSCONFIG\startupreg: cz.seznam.software.szndesktop => "C:\Users\Georgius\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
MSCONFIG\startupreg: electron.app.Filesafer => C:\Users\Georgius\AppData\Local\Temp\nskAB5.tmp\app\Filesafer.exe
MSCONFIG\startupreg: EPLTarget =>
MSCONFIG\startupreg: EPSDNMON => ""
MSCONFIG\startupreg: EPSON Stylus Photo R260 Series => C:\Windows\system32\spool\DRIVERS\x64\3\E_FATIBNA.EXE /FU "C:\Windows\TEMP\E_S2DA5.tmp" /EF "HKCU"
MSCONFIG\startupreg: Opera Browser Assistant => C:\Program Files\Opera developer\assistant\browser_assistant.exe
MSCONFIG\startupreg: RTHDVCPL => "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
MSCONFIG\startupreg: SERVICE =>
MSCONFIG\startupreg: SESMPSP => "C:\Program Files\EPSON_P2\Status Monitor\SEPSPZ.EXE"
MSCONFIG\startupreg: seznam-listicka-distribuce => "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
MSCONFIG\startupreg: systemservicesmain => C:\Users\Georgius\Documents\SystemServices Inc\systemservices.exe.lnk
MSCONFIG\startupreg: transactionservicesmain => C:\Users\Georgius\Documents\TransactionServices Inc\transactionservices.exe.lnk
MSCONFIG\startupreg: uTorrent => "C:\Users\Georgius\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{7CD3EB34-9BDD-4FB7-83E9-8811B5A581DB}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{BE8BF330-28DF-42EA-863B-BE689B96367E}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{7BB34197-36C3-42D8-A160-225B089CDB4F}] => (Allow) C:\Users\Georgius\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{8F5C3CD8-1A96-40BF-8CD0-34D3FB4F1960}] => (Allow) C:\Users\Georgius\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{DE7E5AF2-0D45-47AA-B6BE-552BA694B092}] => (Allow) C:\Users\Georgius\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{BC486F6D-E4C0-4A04-8839-A891E9E5975E}] => (Allow) C:\Users\Georgius\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{C42330B4-004B-4062-931D-AD371A1A8A66}] => (Allow) C:\Users\Georgius\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{56DAEFD3-A5AB-4A07-9372-14B9FCDCCB5A}] => (Allow) C:\Users\Georgius\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{5C76F7B7-A465-4E99-82DA-291CA0BFE198}] => (Allow) 㩃啜敳獲䝜潥杲畩屳灁䑰瑡屡潒浡湩屧潮整慰㍤屫潮整慰㍤硥e => No File
FirewallRules: [{35A9598C-37E4-4D9E-9025-2CB8C7C2D6A0}] => (Allow) 㩃啜敳獲䝜潥杲畩屳灁䑰瑡屡潒浡湩屧潮整慰㍤屫潮整灵硥e => No File
FirewallRules: [{C286FD14-7F3B-47C8-B08A-909B945B17D9}] => (Allow) 㩃啜敳獲䝜潥杲畩屳灁䑰瑡屡潒浡湩屧潮整慰㍤屫潮整慰㍤硥e => No File
FirewallRules: [{3046634D-6A99-4A09-A4BB-5A7120D305B9}] => (Allow) 㩃啜敳獲䝜潥杲畩屳灁䑰瑡屡潒浡湩屧潮整慰㍤屫潮整灵硥e => No File
FirewallRules: [{436149AC-3D8E-4C9E-A349-11EAA92F6882}] => (Allow) C:\Users\Georgius\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{BB963F39-0BD3-4CCD-AB06-C27AF0F14D44}] => (Allow) C:\Users\Georgius\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{BD536F7A-033B-48CE-8CF2-2F364292953C}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [{95325E32-2357-4379-86D4-41C3FFB519EF}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform)
FirewallRules: [{80C34C32-473E-4D5E-AAE0-73A1488FB0C1}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C1454359-1D52-4F40-B827-6AED55734937}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{EF9A61CE-FCF6-490E-BFEC-2091FBE7F6F5}] => (Allow) 㩃啜敳獲䝜潥杲畩屳灁䑰瑡屡潒浡湩屧湩潦楓屷湩潦楓硥e => No File
FirewallRules: [{DB01C9D7-7E2B-442F-94C7-E4BF69E8F2A4}] => (Allow) 㩃啜敳獲䝜潥杲畩屳灁䑰瑡屡潒浡湩屧湩潦楓屷畒卮⹉硥e => No File
FirewallRules: [{129428C1-58E1-4701-A022-4EBD46097E0D}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{7D435FD3-EFB6-4122-9DE6-412546E8B690}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{03A6560B-D679-4BBC-9ACD-1865FD2C634E}] => (Allow) 㩃啜敳獲䝜潥杲畩屳灁䑰瑡屡潒浡湩屧湩潦楓屷湩潦楓硥e => No File
FirewallRules: [{E3C5FDA6-0CA8-4D11-A132-68AB350CF707}] => (Allow) 㩃啜敳獲䝜潥杲畩屳灁䑰瑡屡潒浡湩屧湩潦楓屷畒卮⹉硥e => No File
FirewallRules: [{CEB1DC04-6A0B-4ED5-9994-1C3F581708D8}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite 2019\Programs64\CorelDrw.exe (Corel Corporation -> Corel Corporation)
FirewallRules: [{23B9D72C-0F46-4BBF-91D0-0EB2E4EB6728}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite 2019\Programs64\CorelPP.exe (Corel Corporation -> Corel Corporation)
FirewallRules: [{175E0EBD-1744-4A62-9C1E-694FD6E450B0}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{F9277231-42B3-4BA5-8B7B-9BEAADA75D4A}] => (Allow) C:\Program Files\Opera developer\74.0.3870.0\opera.exe => No File
FirewallRules: [{D87F7471-CE87-4CA5-9796-49F4EF271E8B}] => (Allow) C:\Program Files\Opera developer\75.0.3967.0\opera.exe (Opera Software AS -> Opera Software)
FirewallRules: [{9425185A-3BD9-4AF4-A630-5FBB755D8FC6}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH)
FirewallRules: [{0F2DF008-685A-4697-A13C-1249E4144395}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH)
FirewallRules: [{4AC30D80-D644-44D0-8B1F-E59235C3B3ED}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH)
FirewallRules: [{510664A8-D208-4BE2-A0C6-B85FCA831507}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH)
FirewallRules: [{55ED5DFD-F255-4B80-8031-990A497EA514}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH)
FirewallRules: [{93E60809-BC83-48EB-BD9C-997F770C4B76}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH)
FirewallRules: [{C98B8528-AA5A-4F25-B4D3-2049713E7CA5}] => (Allow) C:\Program Files\Opera developer\83.0.4246.0\opera.exe (Opera Software AS -> Opera Software)
==================== Restore Points =========================
22-11-2020 15:08:54 Operácia obnovovania
==================== Faulty Device Manager Devices ============
Name: WinmonProcessMonitor
Description: WinmonProcessMonitor
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: WinmonProcessMonitor
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: ucdrv
Description: ucdrv
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: ucdrv
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Event log errors: ========================
Application errors:
==================
Error: (11/28/2021 02:47:01 PM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: Zálohovanie sa nedokončilo v dôsledku chyby zápisu do umiestnenia zálohy F:\. Vyskytla sa chyba: Umiestnenie zálohy sa nedá nájsť alebo nie je platné. Skontrolujte svoje nastavenie zálohovania a umiestnenie zálohy. (0x81000006).
Error: (11/28/2021 02:42:25 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.
Error: (11/28/2021 02:42:25 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.
Error: (11/28/2021 02:38:10 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (11/25/2021 04:58:51 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.
Error: (11/25/2021 04:58:50 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.
Error: (11/25/2021 04:54:52 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (11/25/2021 04:42:26 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.
System errors:
=============
Error: (11/28/2021 02:48:38 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: The server {BB6DF56B-CACE-11DC-9992-0019B93A3A84} did not register with DCOM within the required timeout.
Error: (11/28/2021 02:48:19 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 70.
Error: (11/28/2021 02:48:16 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 70.
Error: (11/28/2021 02:48:16 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 70.
Error: (11/28/2021 02:48:16 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 70.
Error: (11/28/2021 02:48:14 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 70.
Error: (11/28/2021 02:37:09 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Nasledujúce ovládače pre spustenie zavedenia alebo spustenie systému zlyhali pri načítaní:
ucdrv
Error: (11/28/2021 02:37:06 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby wifi support zlyhalo kvôli nasledujúcej chybe:
Systém nemôže nájsť zadaný súbor.
Windows Defender:
================
Date: 2020-11-22 14:04:08.747
Description:
Windows Defender has detected spyware or other potentially unwanted software.
For more information please see the following:
http://go.microsoft.com/fwlink/?linkid= ... tid=261552
Name:PWS:Win32/Fareit.VV!MTB
Severity:Závažná
Category:Program na odcudzenie hesiel
Path Found:file:C:\Users\Georgius\AppData\Local\8aec164c-f579-45d4-bce6-3b55d0094ad1\updatewin1.exe;process:pid:3564;process:pid:3768
Detection Type:Concrete
Detection Source:Real-Time Protection
Status:Unknown
Process Name:
Date: 2020-11-22 14:04:08.733
Description:
Windows Defender has detected spyware or other potentially unwanted software.
For more information please see the following:
http://go.microsoft.com/fwlink/?linkid= ... tid=261552
Name:PWS:Win32/Fareit.VV!MTB
Severity:Závažná
Category:Program na odcudzenie hesiel
Path Found:file:C:\Users\Georgius\AppData\Local\8aec164c-f579-45d4-bce6-3b55d0094ad1\updatewin1.exe;process:pid:3768
Detection Type:Concrete
Detection Source:Real-Time Protection
Status:Unknown
Process Name:
Date: 2020-11-05 22:19:06.787
Description:
Windows Defender has detected spyware or other potentially unwanted software.
For more information please see the following:
http://go.microsoft.com/fwlink/?linkid= ... tid=272037
Name:Misleading:Win32/Fybents
Severity:Vysoká
Category:Potenciálne nežiaduci softvér
Path Found:file:C:\Program Files\ByteFence\ByteFence.exe;file:C:\Program Files\ByteFence\ByteFenceService.exe;process:pid:8072;process:pid:9164;process:pid:9336;process:pid:9452;process:pid:9508,ProcessStart:132490837478818687;process:pid:9544;process:pid:9944,ProcessStart:132490837314479287
Detection Type:Concrete
Detection Source:Real-Time Protection
Status:Unknown
Process Name:
Date: 2020-11-05 22:19:02.917
Description:
Windows Defender has detected spyware or other potentially unwanted software.
For more information please see the following:
http://go.microsoft.com/fwlink/?linkid= ... tid=272037
Name:Misleading:Win32/Fybents
Severity:Vysoká
Category:Potenciálne nežiaduci softvér
Path Found:file:C:\Program Files\ByteFence\ByteFence.exe;file:C:\Program Files\ByteFence\ByteFenceService.exe;process:pid:9164;process:pid:9336;process:pid:9452;process:pid:9508,ProcessStart:132490837478818687;process:pid:9544;process:pid:9944,ProcessStart:132490837314479287
Detection Type:Concrete
Detection Source:Real-Time Protection
Status:Unknown
Process Name:
Date: 2020-11-05 22:18:56.192
Description:
Windows Defender has detected spyware or other potentially unwanted software.
For more information please see the following:
http://go.microsoft.com/fwlink/?linkid= ... tid=272037
Name:Misleading:Win32/Fybents
Severity:Vysoká
Category:Potenciálne nežiaduci softvér
Path Found:file:C:\Program Files\ByteFence\ByteFence.exe;file:C:\Program Files\ByteFence\ByteFenceService.exe;process:pid:9164;process:pid:9452;process:pid:9508,ProcessStart:132490837478818687;process:pid:9544;process:pid:9944,ProcessStart:132490837314479287
Detection Type:Concrete
Detection Source:Real-Time Protection
Status:Unknown
Process Name:
Event[0]:
Date: 2020-11-22 14:04:14.418
Description:
Windows Defender Real-Time Protection feature has encountered an error and failed.
Feature:On Access
Error Code:0x80501002
Error description:Program nenašiel súbory definícií, ktoré pomáhajú pri zisťovaní nežiaduceho softvéru. Vyhľadajte aktualizácie súborov definícií a potom skúste operáciu zopakovať. Informácie o inštalácii aktualizácií nájdete v Pomoci a technickej podpore.
Reason:Real Time Monitoring has stopped functioning for an unknown reason. Restart the service in order to recover.
==================== Memory info ===========================
BIOS: American Megatrends Inc. V4.2 01/11/2012
Motherboard: MSI Z68A-G43 (G3) (MS-7750)
Processor: Intel(R) Core(TM) i5-2380P CPU @ 3.10GHz
Percentage of memory in use: 66%
Total physical RAM: 8164.95 MB
Available physical RAM: 2724.26 MB
Total Virtual: 16328.04 MB
Available Virtual: 10833.54 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:97.56 GB) (Free:19.69 GB) NTFS
Drive d: () (Fixed) (Total:368.1 GB) (Free:82.59 GB) NTFS
\\?\Volume{9c1f78c4-d9ac-11e7-b8f8-806e6f6e6963}\ (Vyhradené systémom) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 973CEC0B)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=97.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=368.1 GB) - (Type=07 NTFS)
==================== End of Addition.txt =======================