Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 28-03-2020
Ran by Vasek (administrator) on VASEK-PC (Gigabyte Technology Co., Ltd. H87-HD3) (29-03-2020 10:57:31)
Running from C:\Users\Vasek\Desktop
Loaded Profiles: Vasek (Available Profiles: Vasek)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files (x86)\FAHClient\FAHClient.exe
(Arvato Digital Services Canada Inc -> arvato digital services llc) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Autodesk, Inc. -> Autodesk Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe
(Autodesk, Inc. -> Autodesk Inc.) C:\Windows\Temp\AdAppMgrUpdater.exe
(Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(C. Ghisler & Co. -> C. Ghisler & Co.) D:\Total Commander Ultima Prime\Total Commander Ultima Prime\TOTALCMD.EXE
(Elaborate Bytes AG -> Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(EnigmaSoft Limited -> EnigmaSoft Limited) C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe
(EnigmaSoft Limited -> EnigmaSoft Limited) C:\Program Files\EnigmaSoft\SpyHunter\ShMonitor.exe
(EnigmaSoft Limited -> EnigmaSoft Limited) C:\Program Files\EnigmaSoft\SpyHunter\SpyHunter5.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Guillemot Recherche et Développement, Inc -> Thrustmaster®) C:\Program Files (x86)\Thrustmaster\Thrustmaster FFB Driver\drivers\amd64\tmGAInstall.exe
(Huawei Software Technologies Co., LTD. -> ) C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Intel(R) Corporation) [File not signed] C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files (x86)\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files (x86)\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\calc.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Softland SRL -> Microsoft) C:\Program Files\Softland\novaPDF 10\Server\novapdfs.exe
(WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG) C:\Program Files\CodeMeter\Runtime\bin\CmWebAdmin.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16418560 2016-01-27] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [185648 2020-03-28] (ESET, spol. s r.o. -> ESET)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [134616 2013-09-16] (Intel Corporation - Software and Firmware Products -> Intel Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2014-02-21] (Intel Corporation - Software and Firmware Products -> Intel Corporation)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG -> Elaborate Bytes AG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [645648 2019-10-05] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139776 2014-05-22] (Brother Industries, Ltd.) [File not signed]
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4513792 2014-05-22] (Brother Industries, Ltd.) [File not signed]
HKU\S-1-5-21-2552818291-197579583-760428230-1000\...\Run: [AceStream] => C:\Users\Vasek\AppData\Roaming\ACEStream\engine\ace_engine.exe
HKU\S-1-5-21-2552818291-197579583-760428230-1000\...\MountPoints2: {b770eedf-0ad6-11e7-8f7d-74d4358cd386} - G:\autorun.exe
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\80.0.3987.149\Installer\chrmstp.exe [2020-03-28] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.81\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
Startup: C:\Users\Vasek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Folding@home.lnk [2020-03-15]
ShortcutTarget: Folding@home.lnk -> C:\Program Files (x86)\FAHClient\HideConsole.exe () [File not signed]

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {006CACA9-8667-4FFC-BC61-DBEADFB4C712} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [860016 2019-08-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {11B44DE9-AAAE-4E1D-B83F-397DB1C1BD4F} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [654136 2019-08-13] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2BE9F3D6-4384-414F-B767-9F91274E8B8F} - System32\Tasks\doPDF 10 Update => C:\Program Files\Softland\novaPDF 10\Driver\UpdateApplication.exe [99120 2019-10-16] (Softland SRL -> )
Task: {370ABCBA-0F4E-4879-A6EE-3AACA03E42C4} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [913904 2019-08-13] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3FBB588B-89F3-4A18-AD16-D272111B873C} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133552 2019-08-13] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {86D20FED-902A-4588-827A-5513B6026847} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3302384 2019-08-14] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {89409976-A3DA-4C2A-BE8E-FBBB347A35C5} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [860016 2019-08-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {8E445E41-A196-40EF-BBEF-9ED6144F88AC} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133552 2019-08-13] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {97EDCE4B-0809-4EF5-AC9F-9368FC626EEB} - System32\Tasks\{3A6C1645-A5B8-4EB5-9DB4-0A85C977BCA9} => C:\Windows\system32\pcalua.exe -a C:\Users\Vasek\Desktop\zoek.exe -d C:\Users\Vasek\Desktop
Task: {9FF85061-D2A4-45DC-B497-5A0D0168DFE8} - System32\Tasks\CorelUpdateHelperTaskCore => C:\Program Files (x86)\Corel\CUH\v2\CUH.exe [1677600 2019-09-06] (Corel Corporation -> Corel Corporation)
Task: {AAC5D442-8993-448D-B05D-3F27FAF3EEB5} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133552 2019-08-13] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {BD96180D-2623-4CF1-975A-28343A6D6C2D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-03-28] (Google LLC -> Google LLC)
Task: {E7CF4588-489E-4004-8042-C51E777FE431} - System32\Tasks\doPDF 10 Telemetry => C:\Program Files\Softland\novaPDF 10\Driver\GoogleAnalytics.exe [52016 2019-10-16] (Softland SRL -> )
Task: {E841C6F2-446A-48DD-8343-D796657732F6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-03-28] (Google LLC -> Google LLC)
Task: {EC972A8F-B771-464B-A7ED-2100C4C173D1} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1133552 2019-08-13] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {FA505EC1-FC2A-4CA8-B240-2951D5A0CBDD} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [913904 2019-08-13] (NVIDIA Corporation -> NVIDIA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968 2011-08-30] (Apple Inc. -> Apple Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{9655102A-18B6-4324-B0BA-BC9093F774DD}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================

FireFox:
========
FF HKU\S-1-5-21-2552818291-197579583-760428230-1000\...\Firefox\Extensions: [acewebextension_unlisted@acestream.org] - C:\Users\Vasek\AppData\Roaming\ACEStream\extensions\awe\firefox\acewebextension_unlisted.xpi => not found
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2016-04-19] (Tracker Software Products (Canada) Ltd -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2016-04-19] (Tracker Software Products (Canada) Ltd -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-2552818291-197579583-760428230-1000: @acestream.net/acestreamplugin,version=3.1.32 -> C:\Users\Vasek\AppData\Roaming\ACEStream\player\npace_plugin.dll [No File]

Chrome: 
=======
CHR Profile: C:\Users\Vasek\AppData\Local\Google\Chrome\User Data\Default [2020-03-29]
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Session Restore: Default -> is enabled.
CHR Extension: (Prezentace) - C:\Users\Vasek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-03-28]
CHR Extension: (Dokumenty) - C:\Users\Vasek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-03-28]
CHR Extension: (Disk Google) - C:\Users\Vasek\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-03-28]
CHR Extension: (YouTube) - C:\Users\Vasek\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-03-28]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\Vasek\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2020-03-28]
CHR Extension: (Plná Peněženka Lištička) - C:\Users\Vasek\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecmgkhgjmodembdmiimbacpjgcdimiek [2020-03-28]
CHR Extension: (Tabulky) - C:\Users\Vasek\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-03-28]
CHR Extension: (Full Screen Weather) - C:\Users\Vasek\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkkaebihfmbofclegkcfkkemepfehibg [2020-03-28]
CHR Extension: (EditThisCookie) - C:\Users\Vasek\AppData\Local\Google\Chrome\User Data\Default\Extensions\fngmhnnpilhplaeedifhccceomclgfbg [2020-03-28]
CHR Extension: (Dokumenty Google offline) - C:\Users\Vasek\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-03-28]
CHR Extension: (Ace Script) - C:\Users\Vasek\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjbepbhonbojpoaenhckjocchgfiaofo [2020-03-28]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Vasek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-03-28]
CHR Extension: (Gmail) - C:\Users\Vasek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-03-28]
CHR Extension: (Chrome Media Router) - C:\Users\Vasek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-03-28]
CHR Profile: C:\Users\Vasek\AppData\Local\Google\Chrome\User Data\System Profile [2020-03-28]
CHR HKU\S-1-5-21-2552818291-197579583-760428230-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mjbepbhonbojpoaenhckjocchgfiaofo]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1233272 2019-05-14] (Autodesk, Inc. -> Autodesk Inc.)
S4 Autodesk Content Service; C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe [31160 2015-02-05] (Autodesk, Inc -> Autodesk, Inc.)
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2013-09-25] (Brother Industries, Ltd.) [File not signed]
R2 CmWebAdmin.exe; C:\Program Files\CodeMeter\Runtime\bin\CmWebAdmin.exe [9199512 2018-02-26] (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG)
S3 Disc Soft Ultra Bus Service; C:\Program Files\DAEMON Tools Ultra\DiscSoftBusService.exe [1439424 2016-02-02] (Disc Soft Ltd -> Disc Soft Ltd)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2358784 2020-03-28] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [2358784 2020-03-28] (ESET, spol. s r.o. -> ESET)
R2 EsgShKernel; C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe [11963616 2020-03-28] (EnigmaSoft Limited -> EnigmaSoft Limited)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [192200 2017-07-26] (Huawei Software Technologies Co., LTD. -> )
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [355232 2015-08-09] (Intel Corporation - pGFX -> Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel® Trusted Connect Service -> Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes\Anti-Malware\MBAMService.exe [6933272 2020-03-28] (Malwarebytes Inc -> Malwarebytes)
R2 NovaPdf10Server; C:\Program Files\Softland\novaPDF 10\Server\novapdfs.exe [53040 2019-10-16] (Softland SRL -> Microsoft)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [860016 2019-08-05] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [860016 2019-08-05] (NVIDIA Corporation -> NVIDIA Corporation)
S4 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [66872 2017-04-30] (Even Balance, Inc. -> )
R2 PSI_SVC_2; C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [277360 2014-04-30] (Arvato Digital Services Canada Inc -> arvato digital services llc)
R2 ShMonitor; C:\Program Files\EnigmaSoft\SpyHunter\ShMonitor.exe [524512 2020-03-28] (EnigmaSoft Limited -> EnigmaSoft Limited)
R2 tmGAInstall; C:\Program Files (x86)\Thrustmaster\Thrustmaster FFB Driver\drivers\amd64\tmGAInstall.EXE [48128 2018-09-17] (Guillemot Recherche et Développement, Inc -> Thrustmaster®)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2015-09-05] (Microsoft Windows -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000 
S2 NvTelemetryContainer; "C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 cdcacmzebra_x64; C:\Windows\System32\DRIVERS\cdcacmzebra_x64.sys [82704 2017-07-20] (Thesycon Systemsoftware Consulting GmbH -> )
R3 dtultrascsibus; C:\Windows\System32\DRIVERS\dtultrascsibus.sys [30264 2016-11-14] (Disc Soft Ltd -> Disc Soft Ltd)
R3 dtultrausbbus; C:\Windows\System32\DRIVERS\dtultrausbbus.sys [47672 2016-11-14] (Disc Soft Ltd -> Disc Soft Ltd)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [154328 2020-03-28] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [106840 2020-03-28] (ESET, spol. s r.o. -> ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [188872 2020-03-28] (ESET, spol. s r.o. -> ESET)
S4 ekbdflt; C:\Windows\System32\DRIVERS\ekbdflt.sys [53048 2020-03-28] (ESET, spol. s r.o. -> ESET)
R3 EnigmaFileMonDriver; C:\Windows\System32\drivers\EnigmaFileMonDriver.sys [68424 2020-03-29] (EnigmaSoft Limited -> EnigmaSoft Limited)
R1 epfw; C:\Windows\System32\DRIVERS\epfw.sys [79520 2020-03-28] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [115960 2020-03-28] (ESET, spol. s r.o. -> ESET)
S3 FTDIBUS; C:\Windows\System32\drivers\ftdibus.sys [129456 2017-08-24] (Future Technology Devices International Ltd -> Future Technology Devices International Ltd.)
S3 FTSER2K; C:\Windows\System32\drivers\ftser2k.sys [89792 2017-09-19] (Future Technology Devices International Ltd -> Future Technology Devices International Ltd.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2017-07-26] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [214496 2020-03-29] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [248968 2020-03-29] (Malwarebytes Inc -> Malwarebytes)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2019-07-23] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [69840 2019-04-17] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\DRIVERS\nvvhci.sys [75600 2019-04-17] (NVIDIA Corporation -> NVIDIA Corporation)
R2 WIBUKEY; C:\Windows\System32\DRIVERS\WibuKey64.sys [118200 2016-12-22] (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG)
R3 XtuAcpiDriver; C:\Windows\System32\DRIVERS\XtuAcpiDriver.sys [54344 2016-11-22] (Intel Corporation -> Intel Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-03-29 10:57 - 2020-03-29 10:57 - 000024691 _____ C:\Users\Vasek\Desktop\FRST.txt
2020-03-29 10:56 - 2020-03-29 10:56 - 002280448 _____ (Farbar) C:\Users\Vasek\Desktop\FRST64.exe
2020-03-29 09:01 - 2020-03-29 09:01 - 000214496 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2020-03-29 09:00 - 2020-03-29 09:00 - 000248968 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2020-03-29 09:00 - 2020-03-29 09:00 - 000068424 _____ (EnigmaSoft Limited) C:\Windows\system32\Drivers\EnigmaFileMonDriver.sys
2020-03-28 22:29 - 2020-03-28 22:29 - 000003108 _____ C:\Windows\system32\Tasks\{3A6C1645-A5B8-4EB5-9DB4-0A85C977BCA9}
2020-03-28 22:28 - 2020-03-28 22:28 - 000000002 _____ C:\runcheck.txt
2020-03-28 22:28 - 2020-03-28 22:28 - 000000000 ____D C:\zoek_backup
2020-03-28 22:26 - 2020-03-28 22:26 - 002038755 _____ C:\Users\Vasek\Desktop\zoek.exe
2020-03-28 22:25 - 2020-03-28 22:25 - 000001868 _____ C:\Users\Vasek\Desktop\JRT.txt
2020-03-28 22:22 - 2020-03-28 22:22 - 001790024 _____ (Malwarebytes) C:\Users\Vasek\Desktop\JRT.exe
2020-03-28 22:16 - 2020-03-28 22:16 - 008199856 _____ (Malwarebytes) C:\Users\Vasek\Desktop\adwcleaner_8.0.3.exe
2020-03-28 15:23 - 2020-03-28 15:23 - 000000000 ____D C:\rsit
2020-03-28 15:23 - 2020-03-28 15:23 - 000000000 ____D C:\Program Files\trend micro
2020-03-28 12:13 - 2020-03-28 12:13 - 000001017 _____ C:\Users\Public\Desktop\SpyHunter5.lnk
2020-03-28 12:13 - 2020-03-28 12:13 - 000001017 _____ C:\ProgramData\Desktop\SpyHunter5.lnk
2020-03-28 12:13 - 2020-03-28 12:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EnigmaSoft
2020-03-28 12:13 - 2020-03-28 12:13 - 000000000 ____D C:\ProgramData\EnigmaSoft Limited
2020-03-28 12:12 - 2020-03-28 12:13 - 000000000 ____D C:\sh5ldr
2020-03-28 12:12 - 2020-03-28 12:12 - 000000000 ____D C:\Program Files\EnigmaSoft
2020-03-28 11:43 - 2020-03-28 11:43 - 000000000 ____D C:\Users\Vasek\AppData\Local\mbam
2020-03-28 11:42 - 2020-03-28 11:50 - 000002015 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2020-03-28 11:42 - 2020-03-28 11:50 - 000002015 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2020-03-28 11:42 - 2020-03-28 11:48 - 000153312 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2020-03-28 11:42 - 2020-03-28 11:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2020-03-28 11:41 - 2020-03-28 11:41 - 000000000 ____D C:\Program Files (x86)\Malwarebytes
2020-03-28 10:30 - 2020-03-28 10:30 - 000002309 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-03-28 10:30 - 2020-03-28 10:30 - 000002268 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-03-28 10:30 - 2020-03-28 10:30 - 000002268 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-03-28 10:29 - 2020-03-28 10:35 - 000003388 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2020-03-28 10:29 - 2020-03-28 10:35 - 000003260 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2020-03-22 22:23 - 2020-03-24 22:21 - 000012778 _____ C:\Users\Vasek\Desktop\vozíky.xlsx
2020-03-15 14:33 - 2020-03-29 09:00 - 000000000 ____D C:\Users\Vasek\AppData\Roaming\FAHClient
2020-03-15 14:33 - 2020-03-15 14:33 - 000002076 _____ C:\Users\Vasek\Desktop\Folding@home.lnk
2020-03-15 14:33 - 2020-03-15 14:33 - 000000000 ____D C:\Users\Vasek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FAHClient
2020-03-15 14:33 - 2020-03-15 14:33 - 000000000 ____D C:\Program Files (x86)\FAHClient

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-03-29 10:57 - 2019-02-03 10:49 - 000000000 ____D C:\FRST
2020-03-29 09:49 - 2011-04-12 10:34 - 005142366 _____ C:\Windows\system32\perfh005.dat
2020-03-29 09:49 - 2011-04-12 10:34 - 001697298 _____ C:\Windows\system32\perfc005.dat
2020-03-29 09:49 - 2009-07-14 07:13 - 000006224 _____ C:\Windows\system32\PerfStringBackup.INI
2020-03-29 09:15 - 2009-07-14 06:45 - 000030288 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2020-03-29 09:15 - 2009-07-14 06:45 - 000030288 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2020-03-29 09:02 - 2016-11-02 18:55 - 000000000 ____D C:\ProgramData\NVIDIA
2020-03-29 09:01 - 2019-04-21 18:34 - 000000000 ____D C:\Users\Vasek\Documents\Assassin's Creed Unity
2020-03-29 09:00 - 2018-01-04 18:06 - 000000000 ____D C:\ProgramData\Autodesk
2020-03-29 09:00 - 2016-11-15 10:01 - 000000000 __SHD C:\Users\Vasek\IntelGraphicsProfiles
2020-03-29 09:00 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-03-28 11:51 - 2018-03-07 18:14 - 000000000 ____D C:\Users\Vasek\AppData\Local\cache
2020-03-28 11:42 - 2019-01-26 09:18 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-03-28 10:41 - 2019-11-29 09:30 - 000188872 _____ (ESET) C:\Windows\system32\Drivers\ehdrv.sys
2020-03-28 10:41 - 2019-11-29 09:30 - 000154328 _____ (ESET) C:\Windows\system32\Drivers\eamonm.sys
2020-03-28 10:41 - 2019-11-29 09:30 - 000115960 _____ (ESET) C:\Windows\system32\Drivers\epfwwfp.sys
2020-03-28 10:41 - 2019-11-29 09:30 - 000106840 _____ (ESET) C:\Windows\system32\Drivers\edevmon.sys
2020-03-28 10:41 - 2019-11-29 09:30 - 000079520 _____ (ESET) C:\Windows\system32\Drivers\epfw.sys
2020-03-28 10:41 - 2019-11-29 09:30 - 000053048 _____ (ESET) C:\Windows\system32\Drivers\ekbdflt.sys
2020-03-28 10:41 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2020-03-28 10:30 - 2016-11-02 18:30 - 000000000 ____D C:\Users\Vasek\AppData\Local\Google
2020-03-28 10:29 - 2016-11-02 18:30 - 000000000 ____D C:\Program Files (x86)\Google
2020-03-28 10:25 - 2016-11-14 10:51 - 000001041 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2020-03-28 10:25 - 2016-11-14 10:51 - 000001041 _____ C:\ProgramData\Desktop\Revo Uninstaller.lnk
2020-03-28 10:25 - 2016-11-14 10:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2020-03-28 09:56 - 2019-05-22 17:51 - 000000000 ____D C:\Users\Vasek\AppData\Roaming\PrusaSlicer
2020-03-28 09:55 - 2019-05-22 17:48 - 000000982 _____ C:\Users\Public\Desktop\PrusaSlicer.lnk
2020-03-28 09:55 - 2019-05-22 17:48 - 000000982 _____ C:\ProgramData\Desktop\PrusaSlicer.lnk
2020-03-28 09:55 - 2018-01-04 18:23 - 000000977 _____ C:\Users\Public\Desktop\Pronterface.lnk
2020-03-28 09:55 - 2018-01-04 18:23 - 000000977 _____ C:\ProgramData\Desktop\Pronterface.lnk
2020-03-28 09:55 - 2018-01-04 18:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Prusa3D
2020-03-28 09:55 - 2018-01-04 18:22 - 000000000 ____D C:\Program Files\Prusa3D
2020-03-28 09:55 - 2016-11-02 18:01 - 000000000 ____D C:\Users\Vasek
2020-03-23 20:24 - 2018-01-04 18:53 - 000000000 ____D C:\Users\Vasek\AppData\Local\Autodesk
2020-03-23 19:55 - 2018-01-04 18:06 - 000000000 ____D C:\Users\Vasek\AppData\Roaming\Autodesk
2020-03-22 22:23 - 2018-01-04 19:15 - 000000959 _____ C:\Users\Vasek\printrunconf.ini~bak
2020-03-21 10:48 - 2019-12-27 21:44 - 000007666 _____ C:\Users\Vasek\AppData\Local\Resmon.ResmonCfg
2020-03-11 15:41 - 2016-11-08 20:06 - 000000000 ____D C:\Windows\system32\MRT
2020-03-11 15:38 - 2016-11-08 20:06 - 121542864 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2020-03-01 12:21 - 2017-03-14 16:42 - 000000000 ____D C:\Users\Vasek\AppData\Local\CrashDumps

==================== Files in the root of some directories ========

2018-08-31 16:15 - 2018-08-31 16:15 - 000000027 _____ () C:\Users\Vasek\AppData\Local\.sdpl-system-config4
2019-11-24 23:10 - 2019-11-24 23:10 - 000000716 _____ () C:\Users\Vasek\AppData\Local\recently-used.xbel
2019-12-27 21:44 - 2020-03-21 10:48 - 000007666 _____ () C:\Users\Vasek\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2020-03-28 15:57
==================== End of FRST.txt ========================