mybalance
Napsal: 04 črc 2021 11:13
Dobrý den po odstranění škodlivých kódů (Eset online) mě stále vyskakuje okno /mybalance viz příloha prosím můžete mě zkontrolovat log?
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 03-07-2021
Ran by Vlasta (administrator) on VLASTACOM (Gigabyte Technology Co., Ltd. P67A-D3-B3) (04-07-2021 11:19:01)
Running from C:\Users\Vlasta\Downloads
Loaded Profiles: Vlasta
Platform: Windows 10 Home Version 20H2 19042.1052 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(AutoIt Consulting Ltd -> AutoIt Team) C:\Users\Vlasta\AppData\Roaming\cmsISKibMk\EirpnyrppJ.exe.com
(ESET, spol. s r.o. -> ESET) C:\Users\Vlasta\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <13>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler64.exe
(Malwarebytes Corporation -> Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\SDXHelper.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12104.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe <2>
(Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1385260172-3559240281-4095875997-1001\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
HKU\S-1-5-21-1385260172-3559240281-4095875997-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Bubbles.scr [809472 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Print\Monitors\HP C711 Status Monitor: C:\WINDOWS\system32\hpinkstsC711LM.dll [333496 2012-12-16] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\...\Print\Monitors\HP Discovery Port Monitor (HP Deskjet 3540 series): C:\WINDOWS\system32\HPDiscoPMC711.dll [763912 2014-03-06] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\91.0.4472.124\Installer\chrmstp.exe [2021-07-03] (Google LLC -> Google LLC)
InternetURL: C:\Users\Vlasta\AppData\Local\Temp\b67c9bd46f\\EirpnyrppJ.url -> URL: "C:\Users\Vlasta\AppData\Roaming\cmsISKibMk\DDLKolcpu.js"
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {023457B2-80B7-404A-966F-52342E23F02B} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [147320 2021-06-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {05342AA6-B2A6-42BA-9771-ACF8E69F4AC7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\MpCmdRun.exe [644888 2021-06-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {0EBA201A-F069-40E9-845F-B30B600CDF32} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23124896 2021-06-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {280020AE-E4C2-44BF-9E0D-9A66116BDD4B} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\Vlasta\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [18007968 2021-07-04] (ESET, spol. s r.o. -> ESET)
Task: {35B0F8D3-426C-4B27-BF8F-38D3221D1A6F} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\Vlasta\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [18007968 2021-07-04] (ESET, spol. s r.o. -> ESET)
Task: {4B02465F-EF72-44F7-9FD5-5D3B6F535688} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\MpCmdRun.exe [644888 2021-06-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {7E84A712-8C26-4769-A540-9E701DC484FA} - System32\Tasks\Firefox Default Browser Agent 95A56BF9BF84396D => C:\Users\Vlasta\AppData\Roaming\rfviiab [170496 2021-06-12] () [File not signed] [File is in use] <==== ATTENTION
Task: {CD4A86F9-3135-43FA-87EE-4E12D5C63302} - System32\Tasks\Microsoft\Windows\Autochk\Microsoft.IIS.PowerShelMtpbt => C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe C:\PROGRA~2\COMMON~1\AcerDirect\FjrcCovek\spkb0ufsis_ROP.dll
Task: {D51A16AE-B717-42CB-A9BA-5F7AA8A2803D} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23124896 2021-06-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {D95CB0DF-E259-4026-A9CB-A6E78233A213} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [147320 2021-06-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {DD5CE22E-993F-4019-9CBB-D2E3B9996A69} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\MpCmdRun.exe [644888 2021-06-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {FE838445-0869-47B6-947C-ACC02B9D1337} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\MpCmdRun.exe [644888 2021-06-14] (Microsoft Windows Publisher -> Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{f5d61486-b00a-4c04-8724-6eb7aacc2d44}: [DhcpNameServer] 192.168.0.1
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Vlasta\AppData\Local\Microsoft\Edge\User Data\Default [2021-07-04]
Edge Extension: (vSpeedSecure) - C:\ProgramData\Jlpa\Cvqde\E8801A45 [2021-07-04]
FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-05-28] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-05-10] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.14 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-05-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-05-28] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-05-28] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Vlasta\AppData\Local\Google\Chrome\User Data\Default [2021-07-04]
CHR Notifications: Default -> hxxps://www.chess.com
CHR HomePage: Default -> hxxp://seznam.cz/
CHR StartupUrls: Default -> "hxxp://sc2.searchpo.com/searcher/bingsearch"
CHR Extension: (Prezentace) - C:\Users\Vlasta\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-11-03]
CHR Extension: (Dokumenty) - C:\Users\Vlasta\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-11-03]
CHR Extension: (Disk Google) - C:\Users\Vlasta\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-11-03]
CHR Extension: (YouTube) - C:\Users\Vlasta\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-11-03]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\Vlasta\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2021-05-19]
CHR Extension: (Adobe Acrobat) - C:\Users\Vlasta\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2021-07-03]
CHR Extension: (Tabulky) - C:\Users\Vlasta\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-11-03]
CHR Extension: (Dokumenty Google offline) - C:\Users\Vlasta\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-06-29]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Vlasta\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Gmail) - C:\Users\Vlasta\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-11-03]
CHR Extension: (Chrome Media Router) - C:\Users\Vlasta\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-06-04]
CHR Extension: (vSpeedSecure) - C:\ProgramData\Jlpa\Cvqde [2021-07-04]
CHR Profile: C:\Users\Vlasta\AppData\Local\Google\Chrome\User Data\System Profile [2021-07-03]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11279752 2021-06-22] (Microsoft Corporation -> Microsoft Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [452576 2016-02-09] (Malwarebytes Corporation -> Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [901088 2016-02-09] (Malwarebytes Corporation -> Malwarebytes Corporation)
S2 pubgame-updater; C:\WINDOWS\PublicGaming\appsetup.exe [X] <==== ATTENTION
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 cpuz145; C:\WINDOWS\temp\cpuz145\cpuz145_x64.sys [49968 2020-12-09] (CPUID -> CPUID)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [27008 2016-02-09] (Malwarebytes Corporation -> Malwarebytes Corporation)
S3 MpKslafc50408; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{7F549CC0-789E-495F-A4DD-D6E8AE56D44A}\MpKslDrv.sys [107752 2021-07-03] (Microsoft Windows -> Microsoft Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49568 2021-06-14] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [151184 2016-07-15] (NGO -> MBB)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [76000 2021-06-14] (Microsoft Windows -> Microsoft Corporation)
S3 Imf8HpRegFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win10_amd64\ImfHpRegFilter.sys [X]
S3 ImfHpFileFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win10_amd64\ImfHpFileFilter.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-07-04 11:19 - 2021-07-04 11:20 - 000013625 _____ C:\Users\Vlasta\Downloads\FRST.txt
2021-07-04 11:16 - 2021-07-04 11:16 - 002300928 _____ (Farbar) C:\Users\Vlasta\Downloads\FRST64.exe
2021-07-04 10:09 - 2021-07-04 10:09 - 000388608 _____ (Trend Micro Inc.) C:\Users\Vlasta\Downloads\hijackthis.exe
2021-07-04 10:03 - 2021-07-04 10:03 - 000003724 _____ C:\WINDOWS\system32\Tasks\Firefox Default Browser Agent 95A56BF9BF84396D
2021-07-04 08:52 - 2021-07-04 08:52 - 015728640 _____ C:\WINDOWS\system32\C_32770.NLS
2021-07-04 08:51 - 2021-07-04 08:51 - 015728640 ____N C:\WINDOWS\system32\config\SYSTEM
2021-07-04 08:05 - 2021-07-04 08:05 - 000003850 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onLogOn
2021-07-04 08:05 - 2021-07-04 08:05 - 000003408 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onTime
2021-07-04 07:50 - 2021-07-04 10:41 - 000001438 _____ C:\Users\Vlasta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2021-07-04 07:50 - 2021-07-04 10:41 - 000001332 _____ C:\Users\Vlasta\Desktop\ESET Online Scanner.lnk
2021-07-04 07:50 - 2021-07-04 07:50 - 000000000 ____D C:\Users\Vlasta\AppData\Local\ESET
2021-07-04 07:49 - 2021-07-04 07:49 - 011697056 _____ (ESET) C:\Users\Vlasta\Downloads\esetonlinescanner.exe
2021-07-03 22:27 - 2021-07-04 07:41 - 000000000 ___HD C:\ProgramData\Jlpa
2021-07-03 21:23 - 2021-07-03 21:23 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-07-03 21:23 - 2021-07-03 21:23 - 000003460 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-07-03 11:35 - 2021-07-03 11:35 - 000328208 _____ C:\Users\Vlasta\AppData\Roaming\4596648.exe
2021-07-03 11:34 - 2021-07-03 11:34 - 000000000 ____D C:\Program Files (x86)\Data Finder
2021-07-03 11:29 - 2021-07-04 10:28 - 000000000 ____D C:\ProgramData\Bklngfpngf
2021-07-03 11:29 - 2021-07-04 10:04 - 000000000 ____D C:\Users\Vlasta\AppData\Roaming\cmsISKibMk
2021-07-03 11:29 - 2021-07-03 11:29 - 000916735 _____ (SQLite Development Team) C:\Users\Vlasta\AppData\LocalLow\sqlite3.dll
2021-07-03 11:29 - 2021-07-03 11:29 - 000002411 _____ C:\Users\Vlasta\AppData\LocalLow\machineinfo.txt
2021-07-03 11:29 - 2021-07-03 11:28 - 001245184 _____ C:\Users\Vlasta\AppData\LocalLow\gxIX4a2dRE
2021-07-03 11:29 - 2021-07-03 11:26 - 000163840 _____ C:\Users\Vlasta\AppData\LocalLow\sUCvsp3F3a
2021-07-03 11:29 - 2021-07-03 11:26 - 000118784 _____ C:\Users\Vlasta\AppData\LocalLow\xqr6qkU8Cl
2021-07-03 11:29 - 2021-07-03 11:26 - 000118784 _____ C:\Users\Vlasta\AppData\LocalLow\Qc1CUgma0s
2021-07-03 11:29 - 2021-07-03 11:25 - 000163840 _____ C:\Users\Vlasta\AppData\LocalLow\rQF69AzBla
2021-07-03 11:29 - 2021-07-03 11:25 - 000163840 _____ C:\Users\Vlasta\AppData\LocalLow\3soLBPh71Y
2021-07-03 11:29 - 2021-07-03 08:35 - 000143360 _____ C:\Users\Vlasta\AppData\LocalLow\frAQBc8Wsa
2021-07-03 11:29 - 2021-04-21 07:32 - 000053248 _____ C:\Users\Vlasta\AppData\LocalLow\fBTxPbQ5dh
2021-07-03 11:29 - 2020-12-10 21:51 - 000090112 _____ C:\Users\Vlasta\AppData\LocalLow\x3CF3EDNhm
2021-07-03 11:29 - 2020-12-10 21:51 - 000090112 _____ C:\Users\Vlasta\AppData\LocalLow\exuieaoEiI
2021-07-03 11:29 - 2020-12-10 21:51 - 000045056 _____ C:\Users\Vlasta\AppData\LocalLow\RYwTiizs2t
2021-07-03 11:29 - 2020-11-08 13:32 - 000020480 _____ C:\Users\Vlasta\AppData\LocalLow\Ry521ZF6Nd
2021-07-03 11:29 - 2019-10-31 08:54 - 000032768 _____ C:\Users\Vlasta\AppData\LocalLow\1xVPfvJcrg
2021-07-03 11:28 - 2021-07-03 12:48 - 000000000 ____D C:\ProgramData\f1a6a48e76c1fd
2021-07-03 11:28 - 2021-07-03 11:28 - 000000000 ____D C:\ProgramData\X8ATT1YMUC9I0FOQ97AE8EM4B
2021-07-03 11:26 - 2021-07-03 12:50 - 000000000 ___HD C:\WINDOWS\rss
2021-07-03 11:26 - 2021-07-03 11:26 - 000000000 ____D C:\Users\Vlasta\AppData\Local\Yandex
2021-07-03 11:26 - 2021-07-03 11:26 - 000000000 ____D C:\ProgramData\Q1P6B6H6X076YEUV3Z9F8XSKU
2021-07-03 11:25 - 2021-07-03 12:48 - 000000000 ____D C:\Program Files (x86)\Company
2021-07-03 11:25 - 2021-07-03 11:29 - 000000330 _____ C:\Users\Vlasta\AppData\LocalLow\outlook.txt
2021-07-03 11:25 - 2021-07-03 11:29 - 000000000 ___HD C:\Users\Vlasta\AppData\Roaming\WinHost
2021-07-03 11:25 - 2021-07-03 11:29 - 000000000 ____D C:\ProgramData\YBJP4U9MVO0GVOGA2GTVGSHS3
2021-07-03 11:25 - 2021-07-03 11:28 - 006727680 ____N C:\WINDOWS\system32\Drivers\P2xCKx.sys
2021-07-03 11:25 - 2021-07-03 11:28 - 000000000 ____D C:\ProgramData\TBSGTNOPPKHIBK5NGFFSW8O3R
2021-07-03 11:25 - 2021-07-03 11:28 - 000000000 ____D C:\ProgramData\LA01LIWFPIIVYHC0QABJG59DP
2021-07-03 11:25 - 2021-07-03 11:26 - 000000000 ____D C:\Users\Vlasta\AppData\LocalLow\nW6mI-7yS1k
2021-07-03 11:25 - 2021-07-03 11:25 - 002431039 _____ (Company ) C:\Users\Vlasta\Documents\JMAECsplJsb5y9z5kmJmsNhN.exe
2021-07-03 11:25 - 2021-07-03 11:25 - 000289280 _____ C:\Users\Vlasta\Documents\VvS_8VWzMKTiqSmhuRQwl9zs.exe
2021-07-03 11:25 - 2021-07-03 11:25 - 000146432 _____ C:\Users\Vlasta\AppData\Local\BingoSearch.dll
2021-07-03 11:25 - 2021-07-03 11:25 - 000000297 _____ C:\Users\Vlasta\Documents\tWuYPdiGzvLn68BHTon1YDux.exe
2021-07-03 11:25 - 2021-07-03 11:25 - 000000223 _____ C:\Users\Vlasta\Documents\MSAfI5qPkng9ZsTJ9Q0WZwIz.exe
2021-07-03 11:25 - 2021-07-03 11:25 - 000000000 ____D C:\Users\Vlasta\AppData\Roaming\Mzule
2021-07-03 11:25 - 2021-07-03 11:25 - 000000000 ____D C:\Users\Vlasta\AppData\Roaming\Browzar
2021-07-03 11:25 - 2021-07-03 11:25 - 000000000 ____D C:\ProgramData\B03A201UEFZRC1TNVPWUT528A
2021-07-03 11:24 - 2021-07-04 07:56 - 000000000 ____D C:\Users\Vlasta\Documents\VlcpVideoV1.0.1
2021-07-03 11:24 - 2021-07-03 11:29 - 000000000 ____D C:\WINDOWS\PublicGaming
2021-07-03 07:23 - 2021-07-03 07:23 - 000000000 ____D C:\Users\Vlasta\Documents\Bandicut
2021-07-03 07:23 - 2021-07-03 07:23 - 000000000 ____D C:\Users\Vlasta\AppData\Roaming\BANDISOFT
2021-07-03 07:23 - 2021-07-03 07:23 - 000000000 ____D C:\ProgramData\BANDISOFT
2021-07-03 07:19 - 2021-07-03 07:19 - 021109568 _____ (Bandicam Company) C:\Users\Vlasta\Downloads\bandicut-setup.exe
2021-07-02 18:37 - 2021-07-04 00:41 - 000000000 ____D C:\Users\Vlasta\Documents\Bandicam
2021-07-02 18:37 - 2021-07-02 18:37 - 000000000 ____D C:\Users\Vlasta\AppData\Roaming\Bandicam Company
2021-07-02 18:35 - 2021-07-02 18:35 - 022451488 _____ (Bandicam Company) C:\Users\Vlasta\Downloads\bdcamsetup.exe
2021-07-02 18:23 - 2021-07-02 18:23 - 000000000 ____D C:\ProgramData\DigitalWave.ApplicationUpdater_files
2021-07-02 18:23 - 2021-07-02 18:23 - 000000000 ____D C:\Program Files (x86)\FreeCodecPack
2021-06-29 21:10 - 2021-06-29 21:10 - 000000000 ____D C:\Users\Vlasta\Downloads\Photos (7)
2021-06-29 21:07 - 2021-06-29 21:09 - 520207512 _____ C:\Users\Vlasta\Downloads\Photos (7).zip
2021-06-24 20:39 - 2021-06-24 20:39 - 000002423 _____ C:\Users\Vlasta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-06-16 19:59 - 2021-06-16 20:47 - 000000000 ____D C:\Users\Vlasta\Downloads\Photos (6)
2021-06-16 19:59 - 2021-06-16 20:13 - 000000000 ____D C:\Users\Vlasta\Downloads\Photos (5)
2021-06-16 19:57 - 2021-06-16 19:57 - 184867262 _____ C:\Users\Vlasta\Downloads\Photos (5).zip
2021-06-16 19:57 - 2021-06-16 19:57 - 028419216 _____ C:\Users\Vlasta\Downloads\Photos (6).zip
2021-06-12 22:00 - 2021-06-12 22:00 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-06-12 22:00 - 2021-06-12 22:00 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-06-12 22:00 - 2021-06-12 22:00 - 001314120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-06-12 22:00 - 2021-06-12 22:00 - 000568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2021-06-12 22:00 - 2021-06-12 22:00 - 000451072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2021-06-12 22:00 - 2021-06-12 22:00 - 000011353 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-06-12 21:59 - 2021-06-12 21:59 - 001864192 _____ (The ICU Project) C:\WINDOWS\SysWOW64\icu.dll
2021-06-12 21:59 - 2021-06-12 21:59 - 000468440 _____ C:\WINDOWS\SysWOW64\WindowManagementAPI.dll
2021-06-12 21:59 - 2021-06-12 21:59 - 000423936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-06-12 21:59 - 2021-06-12 21:59 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2021-06-12 21:58 - 2021-06-12 21:58 - 002260480 _____ (The ICU Project) C:\WINDOWS\system32\icu.dll
2021-06-12 21:58 - 2021-06-12 21:58 - 001823792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-06-12 21:58 - 2021-06-12 21:58 - 001393496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-06-12 21:58 - 2021-06-12 21:58 - 000657464 _____ C:\WINDOWS\system32\WindowManagementAPI.dll
2021-06-12 21:58 - 2021-06-12 21:58 - 000097280 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-06-12 21:57 - 2021-06-12 21:57 - 000563712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-06-12 21:57 - 2021-06-12 21:57 - 000287232 _____ C:\WINDOWS\system32\CoreMas.dll
2021-06-12 21:57 - 2021-06-12 21:57 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe
2021-06-12 21:57 - 2021-06-12 21:57 - 000170496 ___SH C:\Users\Vlasta\AppData\Roaming\rfviiab
2021-06-12 21:16 - 2021-06-12 21:16 - 000128357 _____ C:\Users\Vlasta\Downloads\VS396_OckovaciCertifikat.zip
2021-06-10 08:45 - 2021-06-10 08:45 - 000002144 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-06-06 10:53 - 2021-06-06 10:55 - 000000000 ____D C:\Users\Vlasta\Desktop\JPEG - Archivační kvalita
2021-06-06 10:35 - 2021-06-06 10:39 - 000002545 _____ C:\Users\Vlasta\Downloads\IMG_20210322_181031_3.jpg.data-zps
2021-06-05 12:42 - 2021-06-05 12:42 - 000291023 _____ C:\Users\Vlasta\Downloads\let_REICO_CS_LONG_LEASE_CS.pdf
2021-06-04 13:02 - 2021-06-06 10:54 - 000000000 ____D C:\Users\Vlasta\Downloads\Photos (4)
2021-06-04 13:02 - 2021-06-04 13:02 - 000504063 _____ C:\Users\Vlasta\Downloads\Photos (4).zip
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-07-04 11:19 - 2020-10-22 21:17 - 000000000 ____D C:\FRST
2021-07-04 10:57 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-07-04 10:03 - 2020-05-29 20:10 - 001706960 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-07-04 10:03 - 2019-12-07 16:41 - 000721302 _____ C:\WINDOWS\system32\perfh005.dat
2021-07-04 10:03 - 2019-12-07 16:41 - 000147092 _____ C:\WINDOWS\system32\perfc005.dat
2021-07-04 10:03 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-07-04 08:56 - 2018-01-31 20:13 - 000000000 ____D C:\ProgramData\NVIDIA
2021-07-04 08:53 - 2020-05-29 20:25 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-07-04 08:53 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Registration
2021-07-04 08:52 - 2020-05-29 19:58 - 000008192 ___SH C:\DumpStack.log.tmp
2021-07-04 08:51 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-07-04 08:50 - 2020-05-29 19:58 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-07-04 01:18 - 2020-01-28 11:06 - 000000000 ____D C:\Program Files (x86)\IIS Express
2021-07-04 01:18 - 2018-02-02 20:34 - 000000000 ____D C:\Program Files (x86)\GuerillaSoft
2021-07-04 00:49 - 2019-03-10 20:41 - 000192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2021-07-03 21:57 - 2018-06-04 21:23 - 000000000 ____D C:\Users\Vlasta\AppData\Local\D3DSCache
2021-07-03 12:57 - 2018-01-31 20:56 - 000002377 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-07-03 12:53 - 2018-01-31 20:18 - 000000000 ___RD C:\Users\Vlasta\OneDrive
2021-07-03 12:50 - 2020-05-29 20:49 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2021-07-03 11:34 - 2021-02-22 16:54 - 000000000 ____D C:\Program Files\Avidemux 2.7 VC++ 64bits
2021-07-03 11:30 - 2019-12-07 11:03 - 015466496 _____ C:\WINDOWS\system32\config\BCD00000000
2021-07-03 11:25 - 2018-11-17 08:40 - 000000000 ____D C:\Program Files\rempl
2021-07-03 07:18 - 2020-08-08 12:33 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-07-03 07:18 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-07-03 07:18 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-07-02 23:02 - 2021-02-01 20:13 - 000000000 ____D C:\Users\Vlasta\AppData\Roaming\vlc
2021-07-02 19:17 - 2019-08-06 09:47 - 000000000 ____D C:\Users\Vlasta\AppData\Roaming\DVDVideoSoft
2021-07-01 20:07 - 2021-02-12 10:37 - 000000000 ____D C:\Users\Vlasta\AppData\Roaming\MAGIX
2021-06-27 21:34 - 2018-01-31 20:16 - 000000000 ____D C:\Users\Vlasta\AppData\Local\Packages
2021-06-22 10:44 - 2018-01-31 21:04 - 000000000 ____D C:\Program Files\Microsoft Office
2021-06-22 10:33 - 2021-02-22 15:12 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-06-14 08:15 - 2018-03-02 18:00 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-06-14 08:02 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-06-12 23:00 - 2020-05-29 19:58 - 000467048 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-06-12 22:56 - 2020-05-29 20:33 - 000000000 ____D C:\WINDOWS\system32\Drivers\en-GB
2021-06-12 22:56 - 2020-05-29 20:33 - 000000000 ____D C:\WINDOWS\en-GB
2021-06-12 22:56 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-06-12 22:56 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2021-06-12 22:56 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2021-06-12 22:56 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2021-06-12 22:56 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-06-12 22:56 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-06-12 22:56 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-06-12 22:56 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2021-06-12 22:56 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2021-06-12 22:56 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2021-06-12 22:56 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-06-12 22:56 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-06-12 22:56 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-06-12 22:09 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-06-12 21:11 - 2018-02-01 20:37 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-06-12 21:05 - 2018-02-01 20:37 - 132447432 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-06-04 13:12 - 2021-06-02 21:15 - 000000000 ____D C:\Users\Vlasta\Downloads\Photos (3)
==================== Files in the root of some directories ========
2021-07-03 11:35 - 2021-07-03 11:35 - 000328208 _____ () C:\Users\Vlasta\AppData\Roaming\4596648.exe
2018-02-26 20:55 - 2018-12-30 13:13 - 000037573 _____ () C:\Users\Vlasta\AppData\Roaming\Hodnoty oddělené čárkami.ADR
2021-06-12 21:57 - 2021-06-12 21:57 - 000170496 ___SH () C:\Users\Vlasta\AppData\Roaming\rfviiab
2021-07-03 11:25 - 2021-07-03 11:25 - 000146432 _____ () C:\Users\Vlasta\AppData\Local\BingoSearch.dll
2018-01-31 22:45 - 2020-02-01 22:52 - 000007597 _____ () C:\Users\Vlasta\AppData\Local\Resmon.ResmonCfg
2019-04-30 22:51 - 2019-04-30 23:12 - 000005168 _____ () C:\Users\Vlasta\AppData\Local\Snip.txt
==================== FLock ==============================
2021-07-04 08:51 C:\WINDOWS\system32\config\SYSTEM
2021-07-03 11:28 C:\WINDOWS\system32\Drivers\P2xCKx.sys
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 03-07-2021
Ran by Vlasta (04-07-2021 11:22:19)
Running from C:\Users\Vlasta\Downloads
Windows 10 Home Version 20H2 19042.1052 (X64) (2020-05-29 18:25:51)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-1385260172-3559240281-4095875997-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1385260172-3559240281-4095875997-503 - Limited - Disabled)
Guest (S-1-5-21-1385260172-3559240281-4095875997-501 - Limited - Disabled)
Vlasta (S-1-5-21-1385260172-3559240281-4095875997-1001 - Administrator - Enabled) => C:\Users\Vlasta
WDAGUtilityAccount (S-1-5-21-1385260172-3559240281-4095875997-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 21.005.20048 - Adobe Systems Incorporated)
Apowersoft Online Launcher version 1.7.7 (HKLM-x32\...\{20BF67A8-D81A-4489-8225-FABAA0896E2D}_is1) (Version: 1.7.7 - APOWERSOFT LIMITED)
Apowersoft Online Launcher version 1.8.0 (HKU\S-1-5-21-1385260172-3559240281-4095875997-1001\...\{20BF67A8-D81A-4489-8225-FABAA0896E2D}_is1) (Version: 1.8.0 - APOWERSOFT LIMITED)
Audacity 2.3.3 (HKLM-x32\...\Audacity_is1) (Version: 2.3.3 - Audacity Team)
Avidemux VC++ 64bits (HKU\S-1-5-21-1385260172-3559240281-4095875997-1001\...\{eeb495d2-7996-4faa-8ba0-31d3c3702255}) (Version: 2.7.6 - Mean)
AviSynth 2.6 (HKLM-x32\...\AviSynth) (Version: 2.6.0.6 - GPL Public release.)
EncSpot Basic 2.0 (HKLM-x32\...\EncSpot Basic_is1) (Version: - GuerillaSoft)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 91.0.4472.124 - Google LLC)
High-Definition Video Playback 10 (HKLM-x32\...\{237CCB62-8454-43E3-B158-3ACD0134852E}) (Version: 7.0.11400.29.0 - Nero AG) Hidden
HP Deskjet 3540 series Nápověda (HKLM-x32\...\{13EFEB9B-FB50-40C6-9F18-C3F38AAE81D1}) (Version: 30.0.0 - Hewlett Packard)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
Huffyuv AVI lossless video codec (Remove Only) (HKLM\...\HUFFYUV) (Version: - )
IIS 8.0 Express (HKLM\...\{7BF61FA9-BDFB-4563-98AD-FCB0DA28CCC7}) (Version: 8.0.1557 - Microsoft Corporation)
Malwarebytes Anti-Malware verze 1.80.2.1012 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.80.2.1012 - Malwarebytes Corporation)
MediaInfo 20.09 (HKLM\...\MediaInfo) (Version: 20.09 - MediaArea.net)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 91.0.864.64 - Microsoft Corporation)
Microsoft Office Professional 2019 - cs-cz (HKLM\...\Professional2019Retail - cs-cz) (Version: 16.0.14026.20308 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1385260172-3559240281-4095875997-1001\...\OneDriveSetup.exe) (Version: 21.109.0530.0001 - Microsoft Corporation)
Microsoft Primary Interoperability Assemblies 2005 (HKLM-x32\...\{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft SQL Server 2014 Express LocalDB (HKLM\...\{BAF67399-85CD-4555-9B49-1F80EB921C35}) (Version: 12.3.6024.0 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{E5A95BC5-81DF-4F0C-B910-B59DD012F037}) (Version: 2.81.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24245 (HKLM-x32\...\{606853a6-0c4c-4f8c-94ca-4612ec410c69}) (Version: 14.0.24245.0 - Microsoft Corporation)
Mp3tag v3.03 (HKLM-x32\...\Mp3tag) (Version: 3.03 - Florian Heidenreich)
MSVC90_x64 (HKLM\...\{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}) (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (HKLM-x32\...\{AF111648-99A1-453E-81DD-80DBBF6DAD0D}) (Version: 1.0.1.2 - Nokia) Hidden
Nero Burning ROM 10 (HKLM-x32\...\{7A5D731D-B4B3-490E-B339-75685712BAAB}) (Version: 10.0.11100.10.100 - Nero AG)
Nero DiscSpeed 10 (HKLM-x32\...\{34490F4E-48D0-492E-8249-B48BECF0537C}) (Version: 6.0.10800.7.100 - Nero AG)
Nero Express 10 (HKLM-x32\...\{70550193-1C22-445C-8FA4-564E155DB1A7}) (Version: 10.0.11000.10.100 - Nero AG)
Nero InfoTool 10 (HKLM-x32\...\{F412B4AF-388C-4FF5-9B2F-33DB1C536953}) (Version: 7.0.10800.8.100 - Nero AG)
Nero Multimedia Suite 10 (HKLM-x32\...\{277C1559-4CF7-44FF-8D07-98AA9C13AABD}) (Version: 10.0.13200 - Nero AG)
Nero StartSmart 10 (HKLM-x32\...\{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}) (Version: 10.0.11200.12.100 - Nero AG)
Nero Vision 10 (HKLM-x32\...\{9A4297F3-2A51-4ED9-92CA-4BCB8380947E}) (Version: 7.0.11100.8.100 - Nero AG)
Nero WaveEditor 10 (HKLM-x32\...\{EDCDFAD5-DF80-4600-A493-E9DAD6810230}) (Version: 5.6.10600.2.100 - Nero AG)
NVIDIA Ovladač řídící jednotky 3D Vision 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 391.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 391.35 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.14026.20308 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.14026.20308 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.14026.20246 - Microsoft Corporation) Hidden
PC Connectivity Solution (HKLM-x32\...\{644F4910-E812-49AD-93EC-86828CB81A0D}) (Version: 12.0.27.0 - Nokia)
PDFsam Basic (HKLM\...\{7C663C91-1147-4B5A-872D-A3BC3F7F860B}) (Version: 4.0.5.0 - Sober Lemur S.a.s. di Vacondio Andrea)
PlayChess (HKLM\...\PlayChess) (Version: - ChessBase GmbH)
SOUND FORGE Pro 12.1 (x64) (HKLM\...\{9E51D7F0-93CE-11E8-98C8-408D5CC672F4}) (Version: 12.1.170 - MAGIX)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version: - TechPowerUp)
TotalCMD by Marek410 (HKLM-x32\...\TotalCMD by Marek410) (Version: - )
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F14FB68A-9188-4036-AD0D-D054BC9C9291}) (Version: 2.59.0.0 - Microsoft Corporation)
Vegas Pro 13.0 (64-bit) (HKLM\...\{1EEE0BEE-0BC8-11E5-A19E-F04DA23A5C58}) (Version: 13.0.453 - Sony)
VEGAS Pro 17.0 (HKLM\...\{E649B5F0-B27C-11E9-B856-A5146957F833}) (Version: 17.0.284 - VEGAS)
Versium Research 10 (HKLM-x32\...\Versium Research 10) (Version: 10 - Data Finder)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.14 - VideoLAN)
WinRAR 5.91 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.91.0 - win.rar GmbH)
Základní software zařízení HP Deskjet 3540 series (HKLM\...\{4CCA7410-4D72-4720-87C2-DBB75486E991}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)
ZPS 19 CZ v.19.2003.2.239 - 08.04.2020 (HKLM-x32\...\ZPS 19 CZ v.19.2003.2.239 - 08.04.2020) (Version: v.19.2003.2.239 - 08.04.2020 - Libbi)
Packages:
=========
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-09] (Autodesk Inc.)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-04-17] (Microsoft Corporation)
Doplněk pro Fotky -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-03-15] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-25] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-25] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.6151.0_x64__8wekyb3d8bbwe [2021-06-23] (Microsoft Studios) [MS Ad]
Microsoft Whiteboard -> C:\Program Files\WindowsApps\Microsoft.Whiteboard_21.10601.5691.0_x64__8wekyb3d8bbwe [2021-07-01] (Microsoft Corporation)
Rozšíření pro video MPEG-2 -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.22661.0_x64__8wekyb3d8bbwe [2019-09-27] (Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1385260172-3559240281-4095875997-1001_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6} -> [OneDrive - Personal] => {a52bba46-e9e1-435f-b3d9-28daa648c0f6}0
ContextMenuHandlers1: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2020-10-02] (Florian Heidenreich) [File not signed]
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2020-10-02] (Florian Heidenreich) [File not signed]
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamext.dll [2016-02-09] (Malwarebytes Corporation -> Malwarebytes Corporation)
ContextMenuHandlers4: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2020-10-02] (Florian Heidenreich) [File not signed]
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamext.dll [2016-02-09] (Malwarebytes Corporation -> Malwarebytes Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [vidc.HFYU] => C:\WINDOWS\system32\huffyuv.dll [55296 2005-01-22] () [File not signed]
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Vlasta\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --load-extension="C:\ProgramData\Jlpa\Cvqde\E8801A45"
ShortcutWithArgument: C:\Users\Vlasta\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --load-extension="C:\ProgramData\Jlpa\Cvqde\E8801A45"
==================== Loaded Modules (Whitelisted) =============
2021-07-04 07:52 - 2021-07-04 10:41 - 001195008 _____ (ESET) [File not signed] C:\Users\Vlasta\AppData\Local\ESET\ESETOnlineScanner\esets_apiW_a.DLL
2020-10-02 18:34 - 2020-10-02 18:34 - 000398336 _____ (Florian Heidenreich) [File not signed] C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll
2020-04-20 18:35 - 2020-04-20 18:35 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Microsoft Office\Root\Office16\AppVIsvSubsystems64.dll
2020-04-20 18:35 - 2020-04-20 18:35 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Microsoft Office\Root\Office16\c2r64.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.gmx.com/start?src=p_jkld_pl&p=jkld&p_brw=ie&p_mkt=cz&p_tsrc=301ssg01&p_w=y1w47
HKU\S-1-5-21-1385260172-3559240281-4095875997-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://email.tiscali.cz/?login=1
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://search.gmx.com/web/result?origin=p_jkld_pl&p=jkld&p_brw=ie&p_mkt=cz&p_tsrc=301ssg01&p_w=y1w47&q={searchTerms}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://search.gmx.com/web/result?origin=p_jkld_pl&p=jkld&p_brw=ie&p_mkt=cz&p_tsrc=301ssg01&p_w=y1w47&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://search.gmx.com/web/result?origin=p_jkld_pl&p=jkld&p_brw=ie&p_mkt=cz&p_tsrc=301ssg01&p_w=y1w47&q={searchTerms}
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://search.gmx.com/web/result?origin=p_jkld_pl&p=jkld&p_brw=ie&p_mkt=cz&p_tsrc=301ssg01&p_w=y1w47&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1385260172-3559240281-4095875997-1001 -> DefaultScope {90929528-014A-41DC-81E7-870BC9AD8905} URL = hxxps://www.google.com/search?q={searchTerms}&s ... utEncoding?}
SearchScopes: HKU\S-1-5-21-1385260172-3559240281-4095875997-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1385260172-3559240281-4095875997-1001 -> {90929528-014A-41DC-81E7-870BC9AD8905} URL = hxxps://www.google.com/search?q={searchTerms}&s ... utEncoding?}
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-05-28] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-28] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-05-28] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-28] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-05-28] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-28] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-05-28] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-28] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-05-28] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2020-11-03 21:21 - 2021-07-03 11:34 - 000000000 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\PC Connectivity Solution\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\Microsoft SQL Server\120\Tools\Binn\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-1385260172-3559240281-4095875997-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Vlasta\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img13.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run32: => "HP Software Update"
HKU\S-1-5-21-1385260172-3559240281-4095875997-1001\...\StartupApproved\Run: => "Zoner Photo Studio Autoupdate"
HKU\S-1-5-21-1385260172-3559240281-4095875997-1001\...\StartupApproved\Run: => "PC Suite Tray"
HKU\S-1-5-21-1385260172-3559240281-4095875997-1001\...\StartupApproved\Run: => "Advanced SystemCare"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{446E69EB-C988-4072-A03E-0233C5DD023A}] => (Allow) C:\Users\Vlasta\AppData\Local\Apowersoft\Online Video Converter\Online Video Converter.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{489134A0-BB1F-4825-88AA-FC15CE5255A7}] => (Allow) C:\Users\Vlasta\AppData\Local\Apowersoft\Online Video Converter\Online Video Converter.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{BE8F46E0-C5D0-4F9B-A06F-228CB98ADA59}] => (Allow) C:\Users\Vlasta\AppData\Local\Apowersoft\Apowersoft Online Launcher\Apowersoft Online Launcher.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{14884083-B1A6-486D-BC76-032E98CF4955}] => (Allow) C:\Users\Vlasta\AppData\Local\Apowersoft\Apowersoft Online Launcher\Apowersoft Online Launcher.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{7C395677-8553-447D-8DA1-8692A0B268B7}] => (Allow) C:\Program Files\HP\HP Deskjet 3540 series\Bin\DeviceSetup.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{78110D6C-87C7-4808-92CD-4FB073CF57B4}] => (Allow) LPort=5357
FirewallRules: [{AFCB275D-0C5F-4965-B8F0-A227DCCE527B}] => (Allow) C:\Program Files\HP\HP Deskjet 3540 series\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{4D71B74A-0C8E-4829-8240-2AA3846B8C84}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.65.78.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{EF6345D1-F057-4FF6-92DF-6F2B047292B8}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.65.78.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C5ADD483-E1D6-453A-9231-883344E93364}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.65.78.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{507244C9-F416-4E4F-9F29-0F635E97647B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.65.78.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{9B7AE425-AC00-4BCC-AF46-C06243ABD4A4}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{3CB1281A-4F8C-4C22-88A9-7DDA9AD756FE}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (07/04/2021 10:36:21 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program ESETOnlineScanner.exe verze 10.20.7.0 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.
ID procesu: 151c
Čas spuštění: 01d770ab11894835
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Users\Vlasta\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe
ID hlášení: 138e7996-a1f5-485b-8887-0a2dabb92d96
Úplný název balíčku s chybou:
ID aplikace relativní podle balíčku s chybou:
Typ zablokování: Top level window is idle
Error: (07/03/2021 02:03:58 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny QueryFullProcessImageNameW došlo k neočekávané chybě. hr= 0x80070006, Neplatný popisovač.
.
Operace:
Spouštění asynchronní operace
Kontext:
Aktuální stav: DoSnapshotSet
Error: (07/03/2021 02:02:39 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny QueryFullProcessImageNameW došlo k neočekávané chybě. hr= 0x80070006, Neplatný popisovač.
.
Operace:
Spouštění asynchronní operace
Kontext:
Aktuální stav: DoSnapshotSet
Error: (07/03/2021 02:01:51 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Chyba služby Stínová kopie svazků: Při dotazu na rozhraní IVssWriterCallback došlo k neočekávané chybě. hr = 0x80070005, Přístup byl odepřen.
.
To je často způsobeno nesprávným nastavením zabezpečení v modulu pro zápis nebo žadateli.
Operace:
Shromažďování dat modulu pro zápis
Kontext:
ID třídy modulu pro zápis: {e8132975-6f93-4464-a53e-1050253ae220}
Název modulu pro zápis: System Writer
ID instance modulu pro zápis: {5ff70e9b-42ac-465e-9ef8-57bc38bc49e1}
Error: (07/03/2021 11:46:24 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.
Error: (07/03/2021 11:46:24 AM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]
System errors:
=============
Error: (07/04/2021 10:41:54 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba eapihdrv neuspěla při spuštění v důsledku následující chyby:
Načtení tohoto ovladače je blokováno.
Error: (07/04/2021 10:41:54 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Vlasta\AppData\Local\Temp\ehdrv.sys
Error: (07/04/2021 10:41:54 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Vlasta\AppData\Local\Temp\ehdrv.sys
Error: (07/04/2021 10:41:54 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba eapihdrv neuspěla při spuštění v důsledku následující chyby:
Načtení tohoto ovladače je blokováno.
Error: (07/04/2021 10:41:54 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba eapihdrv neuspěla při spuštění v důsledku následující chyby:
Načtení tohoto ovladače je blokováno.
Error: (07/04/2021 10:41:54 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Vlasta\AppData\Local\Temp\ehdrv.sys
Error: (07/04/2021 10:41:54 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba eapihdrv neuspěla při spuštění v důsledku následující chyby:
Načtení tohoto ovladače je blokováno.
Error: (07/04/2021 10:41:54 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Vlasta\AppData\Local\Temp\ehdrv.sys
Windows Defender:
================
Date: 2021-07-03 11:29:05
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/CryptInject.SBR!MSR
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\ProgramData\f1a6a48e76c1fd\cred.dll; file:_C:\Users\Vlasta\AppData\Local\Microsoft\Windows\INetCache\IE\DD0CH2GT\cred[1].dll; file:_C:\Users\Vlasta\AppData\Local\Microsoft\Windows\INetCache\IE\J8LVMR4Q\cred[1].dll; file:_C:\Users\Vlasta\AppData\Local\Microsoft\Windows\INetCache\IE\Q0WWTHYO\cred[1].dll
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: VLASTACOM\Vlasta
Název procesu: C:\Users\Vlasta\AppData\Local\Temp\b67c9bd46f\nrbux.exe
Verze bezpečnostních informací: AV: 1.343.237.0, AS: 1.343.237.0, NIS: 1.343.237.0
Verze modulu: AM: 1.1.18300.4, NIS: 1.1.18300.4
Date: 2021-07-03 11:28:42
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/CryptInject.SBR!MSR
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\ProgramData\f1a6a48e76c1fd\cred.dll; file:_C:\Users\Vlasta\AppData\Local\Microsoft\Windows\INetCache\IE\J8LVMR4Q\cred[1].dll; file:_C:\Users\Vlasta\AppData\Local\Microsoft\Windows\INetCache\IE\Q0WWTHYO\cred[1].dll
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: VLASTACOM\Vlasta
Název procesu: C:\Users\Vlasta\AppData\Local\Temp\b67c9bd46f\nrbux.exe
Verze bezpečnostních informací: AV: 1.343.237.0, AS: 1.343.237.0, NIS: 1.343.237.0
Verze modulu: AM: 1.1.18300.4, NIS: 1.1.18300.4
Date: 2021-07-03 11:28:30
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/CryptInject.SBR!MSR
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\ProgramData\f1a6a48e76c1fd\cred.dll; file:_C:\Users\Vlasta\AppData\Local\Microsoft\Windows\INetCache\IE\Q0WWTHYO\cred[1].dll
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: VLASTACOM\Vlasta
Název procesu: C:\Users\Vlasta\AppData\Local\Temp\b67c9bd46f\nrbux.exe
Verze bezpečnostních informací: AV: 1.343.237.0, AS: 1.343.237.0, NIS: 1.343.237.0
Verze modulu: AM: 1.1.18300.4, NIS: 1.1.18300.4
Date: 2021-07-03 11:28:30
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/CryptInject.SBR!MSR
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\ProgramData\f1a6a48e76c1fd\cred.dll
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: VLASTACOM\Vlasta
Název procesu: C:\Users\Vlasta\AppData\Local\Temp\b67c9bd46f\nrbux.exe
Verze bezpečnostních informací: AV: 1.343.237.0, AS: 1.343.237.0, NIS: 1.343.237.0
Verze modulu: AM: 1.1.18300.4, NIS: 1.1.18300.4
Date: 2021-07-03 11:26:11
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:MSIL/Reline.OE!MTB
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: amsi:_C:\Users\Vlasta\AppData\Roaming\nailedp\edspolishpp.exe
Původ detekce: Neznámý
Typ detekce: Konkrétní
Zdroj detekce: AMSI
Uživatel: VLASTACOM\Vlasta
Název procesu: C:\Users\Vlasta\AppData\Roaming\nailedp\edspolishpp.exe
Verze bezpečnostních informací: AV: 1.343.237.0, AS: 1.343.237.0, NIS: 1.343.237.0
Verze modulu: AM: 1.1.18300.4, NIS: 1.1.18300.4
Date: 2021-06-29 20:56:04
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 1.343.25.0
Předchozí verze bezpečnostních informací: 1.341.1603.0
Zdroj aktualizace: Uživatel
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Delta
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 1.1.18300.4
Předchozí verze modulu: 1.1.18200.4
Kód chyby: 0x80070666
Popis chyby: Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.
Date: 2021-06-29 20:56:04
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 1.343.25.0
Předchozí verze bezpečnostních informací: 1.341.1603.0
Zdroj aktualizace: Uživatel
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Delta
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 1.1.18300.4
Předchozí verze modulu: 1.1.18200.4
Kód chyby: 0x80070666
Popis chyby: Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.
Date: 2021-06-29 20:56:04
Description:
Program Antivirová ochrana v programu Microsoft Defender zjistil chybu při pokusu o aktualizaci modulu
Nová verze modulu: 1.1.18300.4
Předchozí verze modulu: 1.1.18200.4
Uživatel: NT AUTHORITY\SYSTEM
Kód chyby: 0x80070666
Popis chyby: Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.
Date: 2021-06-22 10:50:53
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.341.1211.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18200.4
Kód chyby: 0x80070102
Popis chyby: Vypršel časový limit operace čekání.
Date: 2021-06-04 07:55:26
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 1.341.24.0
Předchozí verze bezpečnostních informací: 1.339.1926.0
Zdroj aktualizace: Uživatel
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Delta
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 1.1.18200.4
Předchozí verze modulu: 1.1.18100.6
Kód chyby: 0x80070666
Popis chyby: Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.
CodeIntegrity:
===============
Date: 2021-07-03 11:28:52
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\91.0.4472.124\chrome.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: Award Software International, Inc. FD 02/21/2012
Motherboard: Gigabyte Technology Co., Ltd. P67A-D3-B3
Processor: Intel(R) Core(TM) i3-2120 CPU @ 3.30GHz
Percentage of memory in use: 69%
Total physical RAM: 8175.11 MB
Available physical RAM: 2495.09 MB
Total Virtual: 9455.11 MB
Available Virtual: 3053.95 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:145.44 GB) (Free:100.12 GB) NTFS
Drive d: (Storage) (Fixed) (Total:785.03 GB) (Free:606.42 GB) NTFS
\\?\Volume{2bf59d76-0000-0000-0000-100000000000}\ (Rezervováno systémem) (Fixed) (Total:0.54 GB) (Free:0.5 GB) NTFS
\\?\Volume{2bf59d76-0000-0000-0000-a07e24000000}\ () (Fixed) (Total:0.51 GB) (Free:0.08 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 2BF59D76)
Partition 1: (Active) - (Size=549 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=145.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=518 MB) - (Type=27)
Partition 4: (Not Active) - (Size=785 GB) - (Type=07 NTFS)
==================== End of Addition.txt =======================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 03-07-2021
Ran by Vlasta (administrator) on VLASTACOM (Gigabyte Technology Co., Ltd. P67A-D3-B3) (04-07-2021 11:19:01)
Running from C:\Users\Vlasta\Downloads
Loaded Profiles: Vlasta
Platform: Windows 10 Home Version 20H2 19042.1052 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(AutoIt Consulting Ltd -> AutoIt Team) C:\Users\Vlasta\AppData\Roaming\cmsISKibMk\EirpnyrppJ.exe.com
(ESET, spol. s r.o. -> ESET) C:\Users\Vlasta\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <13>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler64.exe
(Malwarebytes Corporation -> Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\SDXHelper.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12104.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe <2>
(Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1385260172-3559240281-4095875997-1001\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
HKU\S-1-5-21-1385260172-3559240281-4095875997-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Bubbles.scr [809472 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Print\Monitors\HP C711 Status Monitor: C:\WINDOWS\system32\hpinkstsC711LM.dll [333496 2012-12-16] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\...\Print\Monitors\HP Discovery Port Monitor (HP Deskjet 3540 series): C:\WINDOWS\system32\HPDiscoPMC711.dll [763912 2014-03-06] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\91.0.4472.124\Installer\chrmstp.exe [2021-07-03] (Google LLC -> Google LLC)
InternetURL: C:\Users\Vlasta\AppData\Local\Temp\b67c9bd46f\\EirpnyrppJ.url -> URL: "C:\Users\Vlasta\AppData\Roaming\cmsISKibMk\DDLKolcpu.js"
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {023457B2-80B7-404A-966F-52342E23F02B} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [147320 2021-06-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {05342AA6-B2A6-42BA-9771-ACF8E69F4AC7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\MpCmdRun.exe [644888 2021-06-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {0EBA201A-F069-40E9-845F-B30B600CDF32} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23124896 2021-06-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {280020AE-E4C2-44BF-9E0D-9A66116BDD4B} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\Vlasta\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [18007968 2021-07-04] (ESET, spol. s r.o. -> ESET)
Task: {35B0F8D3-426C-4B27-BF8F-38D3221D1A6F} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\Vlasta\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [18007968 2021-07-04] (ESET, spol. s r.o. -> ESET)
Task: {4B02465F-EF72-44F7-9FD5-5D3B6F535688} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\MpCmdRun.exe [644888 2021-06-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {7E84A712-8C26-4769-A540-9E701DC484FA} - System32\Tasks\Firefox Default Browser Agent 95A56BF9BF84396D => C:\Users\Vlasta\AppData\Roaming\rfviiab [170496 2021-06-12] () [File not signed] [File is in use] <==== ATTENTION
Task: {CD4A86F9-3135-43FA-87EE-4E12D5C63302} - System32\Tasks\Microsoft\Windows\Autochk\Microsoft.IIS.PowerShelMtpbt => C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe C:\PROGRA~2\COMMON~1\AcerDirect\FjrcCovek\spkb0ufsis_ROP.dll
Task: {D51A16AE-B717-42CB-A9BA-5F7AA8A2803D} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23124896 2021-06-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {D95CB0DF-E259-4026-A9CB-A6E78233A213} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [147320 2021-06-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {DD5CE22E-993F-4019-9CBB-D2E3B9996A69} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\MpCmdRun.exe [644888 2021-06-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {FE838445-0869-47B6-947C-ACC02B9D1337} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\MpCmdRun.exe [644888 2021-06-14] (Microsoft Windows Publisher -> Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{f5d61486-b00a-4c04-8724-6eb7aacc2d44}: [DhcpNameServer] 192.168.0.1
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Vlasta\AppData\Local\Microsoft\Edge\User Data\Default [2021-07-04]
Edge Extension: (vSpeedSecure) - C:\ProgramData\Jlpa\Cvqde\E8801A45 [2021-07-04]
FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-05-28] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-05-10] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.14 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-05-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-05-28] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-05-28] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Vlasta\AppData\Local\Google\Chrome\User Data\Default [2021-07-04]
CHR Notifications: Default -> hxxps://www.chess.com
CHR HomePage: Default -> hxxp://seznam.cz/
CHR StartupUrls: Default -> "hxxp://sc2.searchpo.com/searcher/bingsearch"
CHR Extension: (Prezentace) - C:\Users\Vlasta\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-11-03]
CHR Extension: (Dokumenty) - C:\Users\Vlasta\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-11-03]
CHR Extension: (Disk Google) - C:\Users\Vlasta\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-11-03]
CHR Extension: (YouTube) - C:\Users\Vlasta\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-11-03]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\Vlasta\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2021-05-19]
CHR Extension: (Adobe Acrobat) - C:\Users\Vlasta\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2021-07-03]
CHR Extension: (Tabulky) - C:\Users\Vlasta\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-11-03]
CHR Extension: (Dokumenty Google offline) - C:\Users\Vlasta\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-06-29]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Vlasta\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Gmail) - C:\Users\Vlasta\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-11-03]
CHR Extension: (Chrome Media Router) - C:\Users\Vlasta\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-06-04]
CHR Extension: (vSpeedSecure) - C:\ProgramData\Jlpa\Cvqde [2021-07-04]
CHR Profile: C:\Users\Vlasta\AppData\Local\Google\Chrome\User Data\System Profile [2021-07-03]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11279752 2021-06-22] (Microsoft Corporation -> Microsoft Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [452576 2016-02-09] (Malwarebytes Corporation -> Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [901088 2016-02-09] (Malwarebytes Corporation -> Malwarebytes Corporation)
S2 pubgame-updater; C:\WINDOWS\PublicGaming\appsetup.exe [X] <==== ATTENTION
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 cpuz145; C:\WINDOWS\temp\cpuz145\cpuz145_x64.sys [49968 2020-12-09] (CPUID -> CPUID)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [27008 2016-02-09] (Malwarebytes Corporation -> Malwarebytes Corporation)
S3 MpKslafc50408; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{7F549CC0-789E-495F-A4DD-D6E8AE56D44A}\MpKslDrv.sys [107752 2021-07-03] (Microsoft Windows -> Microsoft Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49568 2021-06-14] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [151184 2016-07-15] (NGO -> MBB)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [76000 2021-06-14] (Microsoft Windows -> Microsoft Corporation)
S3 Imf8HpRegFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win10_amd64\ImfHpRegFilter.sys [X]
S3 ImfHpFileFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win10_amd64\ImfHpFileFilter.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-07-04 11:19 - 2021-07-04 11:20 - 000013625 _____ C:\Users\Vlasta\Downloads\FRST.txt
2021-07-04 11:16 - 2021-07-04 11:16 - 002300928 _____ (Farbar) C:\Users\Vlasta\Downloads\FRST64.exe
2021-07-04 10:09 - 2021-07-04 10:09 - 000388608 _____ (Trend Micro Inc.) C:\Users\Vlasta\Downloads\hijackthis.exe
2021-07-04 10:03 - 2021-07-04 10:03 - 000003724 _____ C:\WINDOWS\system32\Tasks\Firefox Default Browser Agent 95A56BF9BF84396D
2021-07-04 08:52 - 2021-07-04 08:52 - 015728640 _____ C:\WINDOWS\system32\C_32770.NLS
2021-07-04 08:51 - 2021-07-04 08:51 - 015728640 ____N C:\WINDOWS\system32\config\SYSTEM
2021-07-04 08:05 - 2021-07-04 08:05 - 000003850 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onLogOn
2021-07-04 08:05 - 2021-07-04 08:05 - 000003408 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onTime
2021-07-04 07:50 - 2021-07-04 10:41 - 000001438 _____ C:\Users\Vlasta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2021-07-04 07:50 - 2021-07-04 10:41 - 000001332 _____ C:\Users\Vlasta\Desktop\ESET Online Scanner.lnk
2021-07-04 07:50 - 2021-07-04 07:50 - 000000000 ____D C:\Users\Vlasta\AppData\Local\ESET
2021-07-04 07:49 - 2021-07-04 07:49 - 011697056 _____ (ESET) C:\Users\Vlasta\Downloads\esetonlinescanner.exe
2021-07-03 22:27 - 2021-07-04 07:41 - 000000000 ___HD C:\ProgramData\Jlpa
2021-07-03 21:23 - 2021-07-03 21:23 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-07-03 21:23 - 2021-07-03 21:23 - 000003460 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-07-03 11:35 - 2021-07-03 11:35 - 000328208 _____ C:\Users\Vlasta\AppData\Roaming\4596648.exe
2021-07-03 11:34 - 2021-07-03 11:34 - 000000000 ____D C:\Program Files (x86)\Data Finder
2021-07-03 11:29 - 2021-07-04 10:28 - 000000000 ____D C:\ProgramData\Bklngfpngf
2021-07-03 11:29 - 2021-07-04 10:04 - 000000000 ____D C:\Users\Vlasta\AppData\Roaming\cmsISKibMk
2021-07-03 11:29 - 2021-07-03 11:29 - 000916735 _____ (SQLite Development Team) C:\Users\Vlasta\AppData\LocalLow\sqlite3.dll
2021-07-03 11:29 - 2021-07-03 11:29 - 000002411 _____ C:\Users\Vlasta\AppData\LocalLow\machineinfo.txt
2021-07-03 11:29 - 2021-07-03 11:28 - 001245184 _____ C:\Users\Vlasta\AppData\LocalLow\gxIX4a2dRE
2021-07-03 11:29 - 2021-07-03 11:26 - 000163840 _____ C:\Users\Vlasta\AppData\LocalLow\sUCvsp3F3a
2021-07-03 11:29 - 2021-07-03 11:26 - 000118784 _____ C:\Users\Vlasta\AppData\LocalLow\xqr6qkU8Cl
2021-07-03 11:29 - 2021-07-03 11:26 - 000118784 _____ C:\Users\Vlasta\AppData\LocalLow\Qc1CUgma0s
2021-07-03 11:29 - 2021-07-03 11:25 - 000163840 _____ C:\Users\Vlasta\AppData\LocalLow\rQF69AzBla
2021-07-03 11:29 - 2021-07-03 11:25 - 000163840 _____ C:\Users\Vlasta\AppData\LocalLow\3soLBPh71Y
2021-07-03 11:29 - 2021-07-03 08:35 - 000143360 _____ C:\Users\Vlasta\AppData\LocalLow\frAQBc8Wsa
2021-07-03 11:29 - 2021-04-21 07:32 - 000053248 _____ C:\Users\Vlasta\AppData\LocalLow\fBTxPbQ5dh
2021-07-03 11:29 - 2020-12-10 21:51 - 000090112 _____ C:\Users\Vlasta\AppData\LocalLow\x3CF3EDNhm
2021-07-03 11:29 - 2020-12-10 21:51 - 000090112 _____ C:\Users\Vlasta\AppData\LocalLow\exuieaoEiI
2021-07-03 11:29 - 2020-12-10 21:51 - 000045056 _____ C:\Users\Vlasta\AppData\LocalLow\RYwTiizs2t
2021-07-03 11:29 - 2020-11-08 13:32 - 000020480 _____ C:\Users\Vlasta\AppData\LocalLow\Ry521ZF6Nd
2021-07-03 11:29 - 2019-10-31 08:54 - 000032768 _____ C:\Users\Vlasta\AppData\LocalLow\1xVPfvJcrg
2021-07-03 11:28 - 2021-07-03 12:48 - 000000000 ____D C:\ProgramData\f1a6a48e76c1fd
2021-07-03 11:28 - 2021-07-03 11:28 - 000000000 ____D C:\ProgramData\X8ATT1YMUC9I0FOQ97AE8EM4B
2021-07-03 11:26 - 2021-07-03 12:50 - 000000000 ___HD C:\WINDOWS\rss
2021-07-03 11:26 - 2021-07-03 11:26 - 000000000 ____D C:\Users\Vlasta\AppData\Local\Yandex
2021-07-03 11:26 - 2021-07-03 11:26 - 000000000 ____D C:\ProgramData\Q1P6B6H6X076YEUV3Z9F8XSKU
2021-07-03 11:25 - 2021-07-03 12:48 - 000000000 ____D C:\Program Files (x86)\Company
2021-07-03 11:25 - 2021-07-03 11:29 - 000000330 _____ C:\Users\Vlasta\AppData\LocalLow\outlook.txt
2021-07-03 11:25 - 2021-07-03 11:29 - 000000000 ___HD C:\Users\Vlasta\AppData\Roaming\WinHost
2021-07-03 11:25 - 2021-07-03 11:29 - 000000000 ____D C:\ProgramData\YBJP4U9MVO0GVOGA2GTVGSHS3
2021-07-03 11:25 - 2021-07-03 11:28 - 006727680 ____N C:\WINDOWS\system32\Drivers\P2xCKx.sys
2021-07-03 11:25 - 2021-07-03 11:28 - 000000000 ____D C:\ProgramData\TBSGTNOPPKHIBK5NGFFSW8O3R
2021-07-03 11:25 - 2021-07-03 11:28 - 000000000 ____D C:\ProgramData\LA01LIWFPIIVYHC0QABJG59DP
2021-07-03 11:25 - 2021-07-03 11:26 - 000000000 ____D C:\Users\Vlasta\AppData\LocalLow\nW6mI-7yS1k
2021-07-03 11:25 - 2021-07-03 11:25 - 002431039 _____ (Company ) C:\Users\Vlasta\Documents\JMAECsplJsb5y9z5kmJmsNhN.exe
2021-07-03 11:25 - 2021-07-03 11:25 - 000289280 _____ C:\Users\Vlasta\Documents\VvS_8VWzMKTiqSmhuRQwl9zs.exe
2021-07-03 11:25 - 2021-07-03 11:25 - 000146432 _____ C:\Users\Vlasta\AppData\Local\BingoSearch.dll
2021-07-03 11:25 - 2021-07-03 11:25 - 000000297 _____ C:\Users\Vlasta\Documents\tWuYPdiGzvLn68BHTon1YDux.exe
2021-07-03 11:25 - 2021-07-03 11:25 - 000000223 _____ C:\Users\Vlasta\Documents\MSAfI5qPkng9ZsTJ9Q0WZwIz.exe
2021-07-03 11:25 - 2021-07-03 11:25 - 000000000 ____D C:\Users\Vlasta\AppData\Roaming\Mzule
2021-07-03 11:25 - 2021-07-03 11:25 - 000000000 ____D C:\Users\Vlasta\AppData\Roaming\Browzar
2021-07-03 11:25 - 2021-07-03 11:25 - 000000000 ____D C:\ProgramData\B03A201UEFZRC1TNVPWUT528A
2021-07-03 11:24 - 2021-07-04 07:56 - 000000000 ____D C:\Users\Vlasta\Documents\VlcpVideoV1.0.1
2021-07-03 11:24 - 2021-07-03 11:29 - 000000000 ____D C:\WINDOWS\PublicGaming
2021-07-03 07:23 - 2021-07-03 07:23 - 000000000 ____D C:\Users\Vlasta\Documents\Bandicut
2021-07-03 07:23 - 2021-07-03 07:23 - 000000000 ____D C:\Users\Vlasta\AppData\Roaming\BANDISOFT
2021-07-03 07:23 - 2021-07-03 07:23 - 000000000 ____D C:\ProgramData\BANDISOFT
2021-07-03 07:19 - 2021-07-03 07:19 - 021109568 _____ (Bandicam Company) C:\Users\Vlasta\Downloads\bandicut-setup.exe
2021-07-02 18:37 - 2021-07-04 00:41 - 000000000 ____D C:\Users\Vlasta\Documents\Bandicam
2021-07-02 18:37 - 2021-07-02 18:37 - 000000000 ____D C:\Users\Vlasta\AppData\Roaming\Bandicam Company
2021-07-02 18:35 - 2021-07-02 18:35 - 022451488 _____ (Bandicam Company) C:\Users\Vlasta\Downloads\bdcamsetup.exe
2021-07-02 18:23 - 2021-07-02 18:23 - 000000000 ____D C:\ProgramData\DigitalWave.ApplicationUpdater_files
2021-07-02 18:23 - 2021-07-02 18:23 - 000000000 ____D C:\Program Files (x86)\FreeCodecPack
2021-06-29 21:10 - 2021-06-29 21:10 - 000000000 ____D C:\Users\Vlasta\Downloads\Photos (7)
2021-06-29 21:07 - 2021-06-29 21:09 - 520207512 _____ C:\Users\Vlasta\Downloads\Photos (7).zip
2021-06-24 20:39 - 2021-06-24 20:39 - 000002423 _____ C:\Users\Vlasta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-06-16 19:59 - 2021-06-16 20:47 - 000000000 ____D C:\Users\Vlasta\Downloads\Photos (6)
2021-06-16 19:59 - 2021-06-16 20:13 - 000000000 ____D C:\Users\Vlasta\Downloads\Photos (5)
2021-06-16 19:57 - 2021-06-16 19:57 - 184867262 _____ C:\Users\Vlasta\Downloads\Photos (5).zip
2021-06-16 19:57 - 2021-06-16 19:57 - 028419216 _____ C:\Users\Vlasta\Downloads\Photos (6).zip
2021-06-12 22:00 - 2021-06-12 22:00 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-06-12 22:00 - 2021-06-12 22:00 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-06-12 22:00 - 2021-06-12 22:00 - 001314120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-06-12 22:00 - 2021-06-12 22:00 - 000568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2021-06-12 22:00 - 2021-06-12 22:00 - 000451072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2021-06-12 22:00 - 2021-06-12 22:00 - 000011353 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-06-12 21:59 - 2021-06-12 21:59 - 001864192 _____ (The ICU Project) C:\WINDOWS\SysWOW64\icu.dll
2021-06-12 21:59 - 2021-06-12 21:59 - 000468440 _____ C:\WINDOWS\SysWOW64\WindowManagementAPI.dll
2021-06-12 21:59 - 2021-06-12 21:59 - 000423936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-06-12 21:59 - 2021-06-12 21:59 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2021-06-12 21:58 - 2021-06-12 21:58 - 002260480 _____ (The ICU Project) C:\WINDOWS\system32\icu.dll
2021-06-12 21:58 - 2021-06-12 21:58 - 001823792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-06-12 21:58 - 2021-06-12 21:58 - 001393496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-06-12 21:58 - 2021-06-12 21:58 - 000657464 _____ C:\WINDOWS\system32\WindowManagementAPI.dll
2021-06-12 21:58 - 2021-06-12 21:58 - 000097280 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-06-12 21:57 - 2021-06-12 21:57 - 000563712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-06-12 21:57 - 2021-06-12 21:57 - 000287232 _____ C:\WINDOWS\system32\CoreMas.dll
2021-06-12 21:57 - 2021-06-12 21:57 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe
2021-06-12 21:57 - 2021-06-12 21:57 - 000170496 ___SH C:\Users\Vlasta\AppData\Roaming\rfviiab
2021-06-12 21:16 - 2021-06-12 21:16 - 000128357 _____ C:\Users\Vlasta\Downloads\VS396_OckovaciCertifikat.zip
2021-06-10 08:45 - 2021-06-10 08:45 - 000002144 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-06-06 10:53 - 2021-06-06 10:55 - 000000000 ____D C:\Users\Vlasta\Desktop\JPEG - Archivační kvalita
2021-06-06 10:35 - 2021-06-06 10:39 - 000002545 _____ C:\Users\Vlasta\Downloads\IMG_20210322_181031_3.jpg.data-zps
2021-06-05 12:42 - 2021-06-05 12:42 - 000291023 _____ C:\Users\Vlasta\Downloads\let_REICO_CS_LONG_LEASE_CS.pdf
2021-06-04 13:02 - 2021-06-06 10:54 - 000000000 ____D C:\Users\Vlasta\Downloads\Photos (4)
2021-06-04 13:02 - 2021-06-04 13:02 - 000504063 _____ C:\Users\Vlasta\Downloads\Photos (4).zip
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-07-04 11:19 - 2020-10-22 21:17 - 000000000 ____D C:\FRST
2021-07-04 10:57 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-07-04 10:03 - 2020-05-29 20:10 - 001706960 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-07-04 10:03 - 2019-12-07 16:41 - 000721302 _____ C:\WINDOWS\system32\perfh005.dat
2021-07-04 10:03 - 2019-12-07 16:41 - 000147092 _____ C:\WINDOWS\system32\perfc005.dat
2021-07-04 10:03 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-07-04 08:56 - 2018-01-31 20:13 - 000000000 ____D C:\ProgramData\NVIDIA
2021-07-04 08:53 - 2020-05-29 20:25 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-07-04 08:53 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Registration
2021-07-04 08:52 - 2020-05-29 19:58 - 000008192 ___SH C:\DumpStack.log.tmp
2021-07-04 08:51 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-07-04 08:50 - 2020-05-29 19:58 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-07-04 01:18 - 2020-01-28 11:06 - 000000000 ____D C:\Program Files (x86)\IIS Express
2021-07-04 01:18 - 2018-02-02 20:34 - 000000000 ____D C:\Program Files (x86)\GuerillaSoft
2021-07-04 00:49 - 2019-03-10 20:41 - 000192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2021-07-03 21:57 - 2018-06-04 21:23 - 000000000 ____D C:\Users\Vlasta\AppData\Local\D3DSCache
2021-07-03 12:57 - 2018-01-31 20:56 - 000002377 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-07-03 12:53 - 2018-01-31 20:18 - 000000000 ___RD C:\Users\Vlasta\OneDrive
2021-07-03 12:50 - 2020-05-29 20:49 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2021-07-03 11:34 - 2021-02-22 16:54 - 000000000 ____D C:\Program Files\Avidemux 2.7 VC++ 64bits
2021-07-03 11:30 - 2019-12-07 11:03 - 015466496 _____ C:\WINDOWS\system32\config\BCD00000000
2021-07-03 11:25 - 2018-11-17 08:40 - 000000000 ____D C:\Program Files\rempl
2021-07-03 07:18 - 2020-08-08 12:33 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-07-03 07:18 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-07-03 07:18 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-07-02 23:02 - 2021-02-01 20:13 - 000000000 ____D C:\Users\Vlasta\AppData\Roaming\vlc
2021-07-02 19:17 - 2019-08-06 09:47 - 000000000 ____D C:\Users\Vlasta\AppData\Roaming\DVDVideoSoft
2021-07-01 20:07 - 2021-02-12 10:37 - 000000000 ____D C:\Users\Vlasta\AppData\Roaming\MAGIX
2021-06-27 21:34 - 2018-01-31 20:16 - 000000000 ____D C:\Users\Vlasta\AppData\Local\Packages
2021-06-22 10:44 - 2018-01-31 21:04 - 000000000 ____D C:\Program Files\Microsoft Office
2021-06-22 10:33 - 2021-02-22 15:12 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-06-14 08:15 - 2018-03-02 18:00 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-06-14 08:02 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-06-12 23:00 - 2020-05-29 19:58 - 000467048 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-06-12 22:56 - 2020-05-29 20:33 - 000000000 ____D C:\WINDOWS\system32\Drivers\en-GB
2021-06-12 22:56 - 2020-05-29 20:33 - 000000000 ____D C:\WINDOWS\en-GB
2021-06-12 22:56 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-06-12 22:56 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2021-06-12 22:56 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2021-06-12 22:56 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2021-06-12 22:56 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-06-12 22:56 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-06-12 22:56 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-06-12 22:56 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2021-06-12 22:56 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2021-06-12 22:56 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2021-06-12 22:56 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-06-12 22:56 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-06-12 22:56 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-06-12 22:09 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-06-12 21:11 - 2018-02-01 20:37 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-06-12 21:05 - 2018-02-01 20:37 - 132447432 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-06-04 13:12 - 2021-06-02 21:15 - 000000000 ____D C:\Users\Vlasta\Downloads\Photos (3)
==================== Files in the root of some directories ========
2021-07-03 11:35 - 2021-07-03 11:35 - 000328208 _____ () C:\Users\Vlasta\AppData\Roaming\4596648.exe
2018-02-26 20:55 - 2018-12-30 13:13 - 000037573 _____ () C:\Users\Vlasta\AppData\Roaming\Hodnoty oddělené čárkami.ADR
2021-06-12 21:57 - 2021-06-12 21:57 - 000170496 ___SH () C:\Users\Vlasta\AppData\Roaming\rfviiab
2021-07-03 11:25 - 2021-07-03 11:25 - 000146432 _____ () C:\Users\Vlasta\AppData\Local\BingoSearch.dll
2018-01-31 22:45 - 2020-02-01 22:52 - 000007597 _____ () C:\Users\Vlasta\AppData\Local\Resmon.ResmonCfg
2019-04-30 22:51 - 2019-04-30 23:12 - 000005168 _____ () C:\Users\Vlasta\AppData\Local\Snip.txt
==================== FLock ==============================
2021-07-04 08:51 C:\WINDOWS\system32\config\SYSTEM
2021-07-03 11:28 C:\WINDOWS\system32\Drivers\P2xCKx.sys
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 03-07-2021
Ran by Vlasta (04-07-2021 11:22:19)
Running from C:\Users\Vlasta\Downloads
Windows 10 Home Version 20H2 19042.1052 (X64) (2020-05-29 18:25:51)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-1385260172-3559240281-4095875997-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1385260172-3559240281-4095875997-503 - Limited - Disabled)
Guest (S-1-5-21-1385260172-3559240281-4095875997-501 - Limited - Disabled)
Vlasta (S-1-5-21-1385260172-3559240281-4095875997-1001 - Administrator - Enabled) => C:\Users\Vlasta
WDAGUtilityAccount (S-1-5-21-1385260172-3559240281-4095875997-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 21.005.20048 - Adobe Systems Incorporated)
Apowersoft Online Launcher version 1.7.7 (HKLM-x32\...\{20BF67A8-D81A-4489-8225-FABAA0896E2D}_is1) (Version: 1.7.7 - APOWERSOFT LIMITED)
Apowersoft Online Launcher version 1.8.0 (HKU\S-1-5-21-1385260172-3559240281-4095875997-1001\...\{20BF67A8-D81A-4489-8225-FABAA0896E2D}_is1) (Version: 1.8.0 - APOWERSOFT LIMITED)
Audacity 2.3.3 (HKLM-x32\...\Audacity_is1) (Version: 2.3.3 - Audacity Team)
Avidemux VC++ 64bits (HKU\S-1-5-21-1385260172-3559240281-4095875997-1001\...\{eeb495d2-7996-4faa-8ba0-31d3c3702255}) (Version: 2.7.6 - Mean)
AviSynth 2.6 (HKLM-x32\...\AviSynth) (Version: 2.6.0.6 - GPL Public release.)
EncSpot Basic 2.0 (HKLM-x32\...\EncSpot Basic_is1) (Version: - GuerillaSoft)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 91.0.4472.124 - Google LLC)
High-Definition Video Playback 10 (HKLM-x32\...\{237CCB62-8454-43E3-B158-3ACD0134852E}) (Version: 7.0.11400.29.0 - Nero AG) Hidden
HP Deskjet 3540 series Nápověda (HKLM-x32\...\{13EFEB9B-FB50-40C6-9F18-C3F38AAE81D1}) (Version: 30.0.0 - Hewlett Packard)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
Huffyuv AVI lossless video codec (Remove Only) (HKLM\...\HUFFYUV) (Version: - )
IIS 8.0 Express (HKLM\...\{7BF61FA9-BDFB-4563-98AD-FCB0DA28CCC7}) (Version: 8.0.1557 - Microsoft Corporation)
Malwarebytes Anti-Malware verze 1.80.2.1012 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.80.2.1012 - Malwarebytes Corporation)
MediaInfo 20.09 (HKLM\...\MediaInfo) (Version: 20.09 - MediaArea.net)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 91.0.864.64 - Microsoft Corporation)
Microsoft Office Professional 2019 - cs-cz (HKLM\...\Professional2019Retail - cs-cz) (Version: 16.0.14026.20308 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1385260172-3559240281-4095875997-1001\...\OneDriveSetup.exe) (Version: 21.109.0530.0001 - Microsoft Corporation)
Microsoft Primary Interoperability Assemblies 2005 (HKLM-x32\...\{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft SQL Server 2014 Express LocalDB (HKLM\...\{BAF67399-85CD-4555-9B49-1F80EB921C35}) (Version: 12.3.6024.0 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{E5A95BC5-81DF-4F0C-B910-B59DD012F037}) (Version: 2.81.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24245 (HKLM-x32\...\{606853a6-0c4c-4f8c-94ca-4612ec410c69}) (Version: 14.0.24245.0 - Microsoft Corporation)
Mp3tag v3.03 (HKLM-x32\...\Mp3tag) (Version: 3.03 - Florian Heidenreich)
MSVC90_x64 (HKLM\...\{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}) (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (HKLM-x32\...\{AF111648-99A1-453E-81DD-80DBBF6DAD0D}) (Version: 1.0.1.2 - Nokia) Hidden
Nero Burning ROM 10 (HKLM-x32\...\{7A5D731D-B4B3-490E-B339-75685712BAAB}) (Version: 10.0.11100.10.100 - Nero AG)
Nero DiscSpeed 10 (HKLM-x32\...\{34490F4E-48D0-492E-8249-B48BECF0537C}) (Version: 6.0.10800.7.100 - Nero AG)
Nero Express 10 (HKLM-x32\...\{70550193-1C22-445C-8FA4-564E155DB1A7}) (Version: 10.0.11000.10.100 - Nero AG)
Nero InfoTool 10 (HKLM-x32\...\{F412B4AF-388C-4FF5-9B2F-33DB1C536953}) (Version: 7.0.10800.8.100 - Nero AG)
Nero Multimedia Suite 10 (HKLM-x32\...\{277C1559-4CF7-44FF-8D07-98AA9C13AABD}) (Version: 10.0.13200 - Nero AG)
Nero StartSmart 10 (HKLM-x32\...\{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}) (Version: 10.0.11200.12.100 - Nero AG)
Nero Vision 10 (HKLM-x32\...\{9A4297F3-2A51-4ED9-92CA-4BCB8380947E}) (Version: 7.0.11100.8.100 - Nero AG)
Nero WaveEditor 10 (HKLM-x32\...\{EDCDFAD5-DF80-4600-A493-E9DAD6810230}) (Version: 5.6.10600.2.100 - Nero AG)
NVIDIA Ovladač řídící jednotky 3D Vision 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 391.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 391.35 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.14026.20308 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.14026.20308 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.14026.20246 - Microsoft Corporation) Hidden
PC Connectivity Solution (HKLM-x32\...\{644F4910-E812-49AD-93EC-86828CB81A0D}) (Version: 12.0.27.0 - Nokia)
PDFsam Basic (HKLM\...\{7C663C91-1147-4B5A-872D-A3BC3F7F860B}) (Version: 4.0.5.0 - Sober Lemur S.a.s. di Vacondio Andrea)
PlayChess (HKLM\...\PlayChess) (Version: - ChessBase GmbH)
SOUND FORGE Pro 12.1 (x64) (HKLM\...\{9E51D7F0-93CE-11E8-98C8-408D5CC672F4}) (Version: 12.1.170 - MAGIX)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version: - TechPowerUp)
TotalCMD by Marek410 (HKLM-x32\...\TotalCMD by Marek410) (Version: - )
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F14FB68A-9188-4036-AD0D-D054BC9C9291}) (Version: 2.59.0.0 - Microsoft Corporation)
Vegas Pro 13.0 (64-bit) (HKLM\...\{1EEE0BEE-0BC8-11E5-A19E-F04DA23A5C58}) (Version: 13.0.453 - Sony)
VEGAS Pro 17.0 (HKLM\...\{E649B5F0-B27C-11E9-B856-A5146957F833}) (Version: 17.0.284 - VEGAS)
Versium Research 10 (HKLM-x32\...\Versium Research 10) (Version: 10 - Data Finder)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.14 - VideoLAN)
WinRAR 5.91 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.91.0 - win.rar GmbH)
Základní software zařízení HP Deskjet 3540 series (HKLM\...\{4CCA7410-4D72-4720-87C2-DBB75486E991}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)
ZPS 19 CZ v.19.2003.2.239 - 08.04.2020 (HKLM-x32\...\ZPS 19 CZ v.19.2003.2.239 - 08.04.2020) (Version: v.19.2003.2.239 - 08.04.2020 - Libbi)
Packages:
=========
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-09] (Autodesk Inc.)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-04-17] (Microsoft Corporation)
Doplněk pro Fotky -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-03-15] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-25] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-25] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.6151.0_x64__8wekyb3d8bbwe [2021-06-23] (Microsoft Studios) [MS Ad]
Microsoft Whiteboard -> C:\Program Files\WindowsApps\Microsoft.Whiteboard_21.10601.5691.0_x64__8wekyb3d8bbwe [2021-07-01] (Microsoft Corporation)
Rozšíření pro video MPEG-2 -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.22661.0_x64__8wekyb3d8bbwe [2019-09-27] (Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1385260172-3559240281-4095875997-1001_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6} -> [OneDrive - Personal] => {a52bba46-e9e1-435f-b3d9-28daa648c0f6}0
ContextMenuHandlers1: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2020-10-02] (Florian Heidenreich) [File not signed]
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2020-10-02] (Florian Heidenreich) [File not signed]
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamext.dll [2016-02-09] (Malwarebytes Corporation -> Malwarebytes Corporation)
ContextMenuHandlers4: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2020-10-02] (Florian Heidenreich) [File not signed]
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamext.dll [2016-02-09] (Malwarebytes Corporation -> Malwarebytes Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [vidc.HFYU] => C:\WINDOWS\system32\huffyuv.dll [55296 2005-01-22] () [File not signed]
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Vlasta\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --load-extension="C:\ProgramData\Jlpa\Cvqde\E8801A45"
ShortcutWithArgument: C:\Users\Vlasta\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --load-extension="C:\ProgramData\Jlpa\Cvqde\E8801A45"
==================== Loaded Modules (Whitelisted) =============
2021-07-04 07:52 - 2021-07-04 10:41 - 001195008 _____ (ESET) [File not signed] C:\Users\Vlasta\AppData\Local\ESET\ESETOnlineScanner\esets_apiW_a.DLL
2020-10-02 18:34 - 2020-10-02 18:34 - 000398336 _____ (Florian Heidenreich) [File not signed] C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll
2020-04-20 18:35 - 2020-04-20 18:35 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Microsoft Office\Root\Office16\AppVIsvSubsystems64.dll
2020-04-20 18:35 - 2020-04-20 18:35 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Microsoft Office\Root\Office16\c2r64.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.gmx.com/start?src=p_jkld_pl&p=jkld&p_brw=ie&p_mkt=cz&p_tsrc=301ssg01&p_w=y1w47
HKU\S-1-5-21-1385260172-3559240281-4095875997-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://email.tiscali.cz/?login=1
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://search.gmx.com/web/result?origin=p_jkld_pl&p=jkld&p_brw=ie&p_mkt=cz&p_tsrc=301ssg01&p_w=y1w47&q={searchTerms}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://search.gmx.com/web/result?origin=p_jkld_pl&p=jkld&p_brw=ie&p_mkt=cz&p_tsrc=301ssg01&p_w=y1w47&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://search.gmx.com/web/result?origin=p_jkld_pl&p=jkld&p_brw=ie&p_mkt=cz&p_tsrc=301ssg01&p_w=y1w47&q={searchTerms}
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://search.gmx.com/web/result?origin=p_jkld_pl&p=jkld&p_brw=ie&p_mkt=cz&p_tsrc=301ssg01&p_w=y1w47&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1385260172-3559240281-4095875997-1001 -> DefaultScope {90929528-014A-41DC-81E7-870BC9AD8905} URL = hxxps://www.google.com/search?q={searchTerms}&s ... utEncoding?}
SearchScopes: HKU\S-1-5-21-1385260172-3559240281-4095875997-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1385260172-3559240281-4095875997-1001 -> {90929528-014A-41DC-81E7-870BC9AD8905} URL = hxxps://www.google.com/search?q={searchTerms}&s ... utEncoding?}
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-05-28] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-28] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-05-28] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-28] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-05-28] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-28] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-05-28] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-28] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-05-28] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2020-11-03 21:21 - 2021-07-03 11:34 - 000000000 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\PC Connectivity Solution\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\Microsoft SQL Server\120\Tools\Binn\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-1385260172-3559240281-4095875997-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Vlasta\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img13.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run32: => "HP Software Update"
HKU\S-1-5-21-1385260172-3559240281-4095875997-1001\...\StartupApproved\Run: => "Zoner Photo Studio Autoupdate"
HKU\S-1-5-21-1385260172-3559240281-4095875997-1001\...\StartupApproved\Run: => "PC Suite Tray"
HKU\S-1-5-21-1385260172-3559240281-4095875997-1001\...\StartupApproved\Run: => "Advanced SystemCare"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{446E69EB-C988-4072-A03E-0233C5DD023A}] => (Allow) C:\Users\Vlasta\AppData\Local\Apowersoft\Online Video Converter\Online Video Converter.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{489134A0-BB1F-4825-88AA-FC15CE5255A7}] => (Allow) C:\Users\Vlasta\AppData\Local\Apowersoft\Online Video Converter\Online Video Converter.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{BE8F46E0-C5D0-4F9B-A06F-228CB98ADA59}] => (Allow) C:\Users\Vlasta\AppData\Local\Apowersoft\Apowersoft Online Launcher\Apowersoft Online Launcher.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{14884083-B1A6-486D-BC76-032E98CF4955}] => (Allow) C:\Users\Vlasta\AppData\Local\Apowersoft\Apowersoft Online Launcher\Apowersoft Online Launcher.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{7C395677-8553-447D-8DA1-8692A0B268B7}] => (Allow) C:\Program Files\HP\HP Deskjet 3540 series\Bin\DeviceSetup.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{78110D6C-87C7-4808-92CD-4FB073CF57B4}] => (Allow) LPort=5357
FirewallRules: [{AFCB275D-0C5F-4965-B8F0-A227DCCE527B}] => (Allow) C:\Program Files\HP\HP Deskjet 3540 series\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{4D71B74A-0C8E-4829-8240-2AA3846B8C84}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.65.78.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{EF6345D1-F057-4FF6-92DF-6F2B047292B8}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.65.78.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C5ADD483-E1D6-453A-9231-883344E93364}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.65.78.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{507244C9-F416-4E4F-9F29-0F635E97647B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.65.78.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{9B7AE425-AC00-4BCC-AF46-C06243ABD4A4}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{3CB1281A-4F8C-4C22-88A9-7DDA9AD756FE}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (07/04/2021 10:36:21 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program ESETOnlineScanner.exe verze 10.20.7.0 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.
ID procesu: 151c
Čas spuštění: 01d770ab11894835
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Users\Vlasta\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe
ID hlášení: 138e7996-a1f5-485b-8887-0a2dabb92d96
Úplný název balíčku s chybou:
ID aplikace relativní podle balíčku s chybou:
Typ zablokování: Top level window is idle
Error: (07/03/2021 02:03:58 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny QueryFullProcessImageNameW došlo k neočekávané chybě. hr= 0x80070006, Neplatný popisovač.
.
Operace:
Spouštění asynchronní operace
Kontext:
Aktuální stav: DoSnapshotSet
Error: (07/03/2021 02:02:39 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny QueryFullProcessImageNameW došlo k neočekávané chybě. hr= 0x80070006, Neplatný popisovač.
.
Operace:
Spouštění asynchronní operace
Kontext:
Aktuální stav: DoSnapshotSet
Error: (07/03/2021 02:01:51 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Chyba služby Stínová kopie svazků: Při dotazu na rozhraní IVssWriterCallback došlo k neočekávané chybě. hr = 0x80070005, Přístup byl odepřen.
.
To je často způsobeno nesprávným nastavením zabezpečení v modulu pro zápis nebo žadateli.
Operace:
Shromažďování dat modulu pro zápis
Kontext:
ID třídy modulu pro zápis: {e8132975-6f93-4464-a53e-1050253ae220}
Název modulu pro zápis: System Writer
ID instance modulu pro zápis: {5ff70e9b-42ac-465e-9ef8-57bc38bc49e1}
Error: (07/03/2021 11:46:24 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.
Error: (07/03/2021 11:46:24 AM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]
System errors:
=============
Error: (07/04/2021 10:41:54 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba eapihdrv neuspěla při spuštění v důsledku následující chyby:
Načtení tohoto ovladače je blokováno.
Error: (07/04/2021 10:41:54 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Vlasta\AppData\Local\Temp\ehdrv.sys
Error: (07/04/2021 10:41:54 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Vlasta\AppData\Local\Temp\ehdrv.sys
Error: (07/04/2021 10:41:54 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba eapihdrv neuspěla při spuštění v důsledku následující chyby:
Načtení tohoto ovladače je blokováno.
Error: (07/04/2021 10:41:54 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba eapihdrv neuspěla při spuštění v důsledku následující chyby:
Načtení tohoto ovladače je blokováno.
Error: (07/04/2021 10:41:54 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Vlasta\AppData\Local\Temp\ehdrv.sys
Error: (07/04/2021 10:41:54 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba eapihdrv neuspěla při spuštění v důsledku následující chyby:
Načtení tohoto ovladače je blokováno.
Error: (07/04/2021 10:41:54 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Vlasta\AppData\Local\Temp\ehdrv.sys
Windows Defender:
================
Date: 2021-07-03 11:29:05
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/CryptInject.SBR!MSR
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\ProgramData\f1a6a48e76c1fd\cred.dll; file:_C:\Users\Vlasta\AppData\Local\Microsoft\Windows\INetCache\IE\DD0CH2GT\cred[1].dll; file:_C:\Users\Vlasta\AppData\Local\Microsoft\Windows\INetCache\IE\J8LVMR4Q\cred[1].dll; file:_C:\Users\Vlasta\AppData\Local\Microsoft\Windows\INetCache\IE\Q0WWTHYO\cred[1].dll
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: VLASTACOM\Vlasta
Název procesu: C:\Users\Vlasta\AppData\Local\Temp\b67c9bd46f\nrbux.exe
Verze bezpečnostních informací: AV: 1.343.237.0, AS: 1.343.237.0, NIS: 1.343.237.0
Verze modulu: AM: 1.1.18300.4, NIS: 1.1.18300.4
Date: 2021-07-03 11:28:42
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/CryptInject.SBR!MSR
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\ProgramData\f1a6a48e76c1fd\cred.dll; file:_C:\Users\Vlasta\AppData\Local\Microsoft\Windows\INetCache\IE\J8LVMR4Q\cred[1].dll; file:_C:\Users\Vlasta\AppData\Local\Microsoft\Windows\INetCache\IE\Q0WWTHYO\cred[1].dll
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: VLASTACOM\Vlasta
Název procesu: C:\Users\Vlasta\AppData\Local\Temp\b67c9bd46f\nrbux.exe
Verze bezpečnostních informací: AV: 1.343.237.0, AS: 1.343.237.0, NIS: 1.343.237.0
Verze modulu: AM: 1.1.18300.4, NIS: 1.1.18300.4
Date: 2021-07-03 11:28:30
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/CryptInject.SBR!MSR
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\ProgramData\f1a6a48e76c1fd\cred.dll; file:_C:\Users\Vlasta\AppData\Local\Microsoft\Windows\INetCache\IE\Q0WWTHYO\cred[1].dll
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: VLASTACOM\Vlasta
Název procesu: C:\Users\Vlasta\AppData\Local\Temp\b67c9bd46f\nrbux.exe
Verze bezpečnostních informací: AV: 1.343.237.0, AS: 1.343.237.0, NIS: 1.343.237.0
Verze modulu: AM: 1.1.18300.4, NIS: 1.1.18300.4
Date: 2021-07-03 11:28:30
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/CryptInject.SBR!MSR
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\ProgramData\f1a6a48e76c1fd\cred.dll
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: VLASTACOM\Vlasta
Název procesu: C:\Users\Vlasta\AppData\Local\Temp\b67c9bd46f\nrbux.exe
Verze bezpečnostních informací: AV: 1.343.237.0, AS: 1.343.237.0, NIS: 1.343.237.0
Verze modulu: AM: 1.1.18300.4, NIS: 1.1.18300.4
Date: 2021-07-03 11:26:11
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:MSIL/Reline.OE!MTB
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: amsi:_C:\Users\Vlasta\AppData\Roaming\nailedp\edspolishpp.exe
Původ detekce: Neznámý
Typ detekce: Konkrétní
Zdroj detekce: AMSI
Uživatel: VLASTACOM\Vlasta
Název procesu: C:\Users\Vlasta\AppData\Roaming\nailedp\edspolishpp.exe
Verze bezpečnostních informací: AV: 1.343.237.0, AS: 1.343.237.0, NIS: 1.343.237.0
Verze modulu: AM: 1.1.18300.4, NIS: 1.1.18300.4
Date: 2021-06-29 20:56:04
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 1.343.25.0
Předchozí verze bezpečnostních informací: 1.341.1603.0
Zdroj aktualizace: Uživatel
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Delta
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 1.1.18300.4
Předchozí verze modulu: 1.1.18200.4
Kód chyby: 0x80070666
Popis chyby: Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.
Date: 2021-06-29 20:56:04
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 1.343.25.0
Předchozí verze bezpečnostních informací: 1.341.1603.0
Zdroj aktualizace: Uživatel
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Delta
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 1.1.18300.4
Předchozí verze modulu: 1.1.18200.4
Kód chyby: 0x80070666
Popis chyby: Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.
Date: 2021-06-29 20:56:04
Description:
Program Antivirová ochrana v programu Microsoft Defender zjistil chybu při pokusu o aktualizaci modulu
Nová verze modulu: 1.1.18300.4
Předchozí verze modulu: 1.1.18200.4
Uživatel: NT AUTHORITY\SYSTEM
Kód chyby: 0x80070666
Popis chyby: Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.
Date: 2021-06-22 10:50:53
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.341.1211.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18200.4
Kód chyby: 0x80070102
Popis chyby: Vypršel časový limit operace čekání.
Date: 2021-06-04 07:55:26
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 1.341.24.0
Předchozí verze bezpečnostních informací: 1.339.1926.0
Zdroj aktualizace: Uživatel
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Delta
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 1.1.18200.4
Předchozí verze modulu: 1.1.18100.6
Kód chyby: 0x80070666
Popis chyby: Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.
CodeIntegrity:
===============
Date: 2021-07-03 11:28:52
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\91.0.4472.124\chrome.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: Award Software International, Inc. FD 02/21/2012
Motherboard: Gigabyte Technology Co., Ltd. P67A-D3-B3
Processor: Intel(R) Core(TM) i3-2120 CPU @ 3.30GHz
Percentage of memory in use: 69%
Total physical RAM: 8175.11 MB
Available physical RAM: 2495.09 MB
Total Virtual: 9455.11 MB
Available Virtual: 3053.95 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:145.44 GB) (Free:100.12 GB) NTFS
Drive d: (Storage) (Fixed) (Total:785.03 GB) (Free:606.42 GB) NTFS
\\?\Volume{2bf59d76-0000-0000-0000-100000000000}\ (Rezervováno systémem) (Fixed) (Total:0.54 GB) (Free:0.5 GB) NTFS
\\?\Volume{2bf59d76-0000-0000-0000-a07e24000000}\ () (Fixed) (Total:0.51 GB) (Free:0.08 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 2BF59D76)
Partition 1: (Active) - (Size=549 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=145.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=518 MB) - (Type=27)
Partition 4: (Not Active) - (Size=785 GB) - (Type=07 NTFS)
==================== End of Addition.txt =======================