Spouštění NTB
Napsal: 22 led 2023 04:01
Prosím o pomoc se spouštěním NTB. Při zapnutí párkrát blikne obrazovka a zase spadne. Při dalších pokusech se nakrátko objeví znak okna a zase spadne. Dále se dostanu k hlášení, že opravuje předcházející špatné vypnutí a opět dost ..... Po cca 10 - 15 pokusech se tam dostanu. (Počet nutných pokusů se zvyšuje). Pokud pouze restartuji NTB proběhne vše normálně. (takže radši nevypínám). Posílám logy s prosbou o pomoc, Díky:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20-01-2023
Ran by monyp (administrator) on DESKTOP-AG1I8QN (LENOVO 81YE) (21-01-2023 22:55:17)
Running from C:\Users\monyp\Desktop
Loaded Profiles: monyp
Platform: Microsoft Windows 10 Home Single Language Version 22H2 19045.2486 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Acronis International GmbH -> ) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
(Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\TibMounter\tib_mounter_monitor.exe
(C:\Program Files (x86)\Acronis\Agent\aakore.exe ->) (Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Acronis\Agent\bin\bckp_amgr.exe
(C:\Program Files (x86)\Acronis\Agent\aakore.exe ->) (Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Acronis\Agent\bin\grpm-mini.exe
(C:\Program Files (x86)\Acronis\Agent\aakore.exe ->) (Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Acronis\Agent\bin\monitoring-mini.exe
(C:\Program Files (x86)\Acronis\Agent\aakore.exe ->) (Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Acronis\Agent\bin\task-manager.exe
(C:\Program Files (x86)\Acronis\Agent\aakore.exe ->) (Acronis International GmbH -> Acronis International GmbH.) C:\Program Files (x86)\Acronis\Agent\bin\adp-agent.exe
(C:\Program Files (x86)\Acronis\Agent\aakore.exe ->) (Acronis International GmbH -> Acronis International GmbH.) C:\Program Files (x86)\Acronis\Agent\bin\updater.exe
(C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe ->) (Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(C:\Program Files\ESET\ESET Security\ekrn.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(C:\Program Files\ESET\ESET Security\ekrn.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eOppFrame.exe
(DriverStore\FileRepository\cui_dch.inf_amd64_0d8dab4470c5524b\igfxCUIService.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_0d8dab4470c5524b\igfxEM.exe
(ETDCtrl.exe ->) (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDTouch.exe
(ETDService.exe ->) (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDCtrl.exe
(ETDService.exe ->) (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDCtrlHelper.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <7>
(services.exe ->) (Acronis International GmbH -> ) C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\anti_ransomware_service.exe
(services.exe ->) (Acronis International GmbH -> ) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(services.exe ->) (Acronis International GmbH -> ) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(services.exe ->) (Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Acronis\Agent\aakore.exe
(services.exe ->) (Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe
(services.exe ->) (Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (Dolby Laboratories, Inc. -> ) C:\Windows\System32\dolbyaposvc\DAX3API.exe <2>
(services.exe ->) (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDService.exe
(services.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_7ecc5be6ca7b3b0d\esif_uf.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_0b214be229a13e84\jhi_service.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_0d8dab4470c5524b\igfxCUIService.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_a9a2dde7124f013f\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_5d54dd32fa1ef4d4\IntelCpHDCPSvc.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_5d54dd32fa1ef4d4\IntelCpHeciSvc.exe
(services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_120314e52c04567c\RstMwService.exe
(services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\vds.exe
(services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wbengine.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia) C:\Windows\System32\FMService64.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(services.exe ->) (Qualcomm Atheros -> Qualcomm Technologies Inc.) C:\Windows\System32\drivers\QcomWlanSrvx64.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.2300_none_7e14edbc7c88b7d5\TiWorker.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\RtkAudUService64.exe [1076728 2020-03-24] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [644000 2022-01-05] (Acronis International GmbH -> Acronis International GmbH)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [194704 2023-01-16] (ESET, spol. s r.o. -> ESET)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [6223200 2022-01-05] (Acronis International GmbH -> )
HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\tib_mounter_monitor.exe [446392 2022-01-05] (Acronis International GmbH -> Acronis International GmbH)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-1200198322-175365666-3207582708-1001\...\Run: [MicrosoftEdgeAutoLaunch_2CC3880367060C41BF8DD0D29F61B3B2] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4188616 2023-01-19] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1200198322-175365666-3207582708-1001\...\MountPoints2: {65837999-8bc5-11ed-b148-d488d6b5d4ea} - "D:\HiSuiteDownLoader.exe"
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {1C9103A7-AC54-46AA-B878-1424945DF5B8} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {3E1456FA-9AB4-4931-8710-703A073F07C0} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe (No File)
Task: {415E3188-764D-4CA0-9CE6-5C0F1F164695} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {57340D72-B5DD-4A75-8E9F-B4A1C2BC6F07} - System32\Tasks\AAct => C:\Windows\AAct_Tools\AAct_x64.exe [1812912 2021-10-07] (WZTeam -> ) [File not signed]
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [132968 2011-08-30] (Apple Inc. -> Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{24fdfc88-1cee-4305-b3c4-c8c9ed88fd74}: [DhcpNameServer] 10.0.0.138
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\monyp\AppData\Local\Microsoft\Edge\User Data\Default [2023-01-21]
FireFox:
========
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 aakore; C:\Program Files (x86)\Acronis\Agent\aakore.exe [9022120 2022-01-05] (Acronis International GmbH -> Acronis International GmbH)
R2 AcronisActiveProtectionService; C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\anti_ransomware_service.exe [12978544 2022-01-05] (Acronis International GmbH -> )
S4 AcronisCyberProtectionService; C:\Program Files\Acronis\CyberProtect\cyber-protect-service.exe [1425256 2022-01-05] (Acronis International GmbH -> Acronis International GmbH)
R2 AcrSch2Svc; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [1052280 2022-01-05] (Acronis International GmbH -> Acronis International GmbH)
R2 afcdpsrv; C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [6391536 2022-11-24] (Acronis International GmbH -> )
R2 DolbyDAXAPI; C:\Windows\system32\dolbyaposvc\DAX3API.exe [1926600 2019-09-02] (Dolby Laboratories, Inc. -> )
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [3549872 2023-01-16] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [3549872 2023-01-16] (ESET, spol. s r.o. -> ESET)
R2 FMAPOService; C:\Windows\System32\FMService64.exe [359808 2019-08-16] (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia)
R2 mmsminisrv; C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe [4882992 2022-01-05] (Acronis International GmbH -> Acronis International GmbH)
S3 mobile_backup_server; C:\Program Files (x86)\Common Files\Acronis\MobileBackupServer\mobile_backup_server.exe [3004128 2022-01-05] (Acronis International GmbH -> Acronis International GmbH)
S3 mobile_backup_status_server; C:\Program Files (x86)\Acronis\TrueImageHome\mobile_backup_status_server.exe [2130296 2022-01-05] (Acronis International GmbH -> )
R2 syncagentsrv; C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [7402528 2022-01-05] (Acronis International GmbH -> )
S3 Tib Mounter Service; C:\Program Files (x86)\Common Files\Acronis\TibMounter64\tib_mounter_service.exe [5910328 2022-01-05] (Acronis International GmbH -> Acronis International GmbH)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\NisSrv.exe [3191264 2022-12-10] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MsMpEng.exe [133592 2022-12-10] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 BdDci; C:\Windows\system32\DRIVERS\bddci.sys [367096 2022-01-05] (Bitdefender SRL -> Bitdefender)
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [198416 2023-01-16] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [119904 2023-01-16] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\Windows\System32\DRIVERS\eelam.sys [16336 2022-11-09] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [237208 2023-01-16] (ESET, spol. s r.o. -> ESET)
R2 ekbdflt; C:\Windows\system32\DRIVERS\ekbdflt.sys [55392 2023-01-16] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\Windows\system32\DRIVERS\epfw.sys [81696 2023-01-16] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [122504 2023-01-16] (ESET, spol. s r.o. -> ESET)
R2 file_protector; C:\Windows\System32\DRIVERS\file_protector.sys [726160 2022-11-24] (Acronis International GmbH -> Acronis International GmbH)
R0 file_tracker; C:\Windows\System32\DRIVERS\file_tracker.sys [392840 2022-11-24] (Acronis International GmbH -> Acronis International GmbH)
R0 fltsrv; C:\Windows\System32\DRIVERS\fltsrv.sys [183944 2022-11-24] (Acronis International GmbH -> Acronis International GmbH)
S0 ngelam; C:\Windows\System32\drivers\ngelam.sys [16344 2022-01-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Acronis International GmbH)
R1 ngscan; C:\Windows\System32\DRIVERS\ngscan.sys [179104 2022-01-05] (Acronis International GmbH -> Acronis International GmbH)
S3 tib; C:\Windows\system32\DRIVERS\tib.sys [887032 2022-11-24] (Acronis International GmbH -> Acronis International GmbH)
R2 tib_mounter; C:\Windows\system32\DRIVERS\tib_mounter.sys [175648 2022-11-24] (Acronis International GmbH -> Acronis International GmbH)
S3 tnd; C:\Windows\system32\DRIVERS\tnd.sys [694920 2022-11-24] (Acronis International GmbH -> Acronis International GmbH)
R2 virtual_file; C:\Windows\System32\DRIVERS\virtual_file.sys [334984 2022-11-24] (Acronis International GmbH -> Acronis International GmbH)
R0 volume_tracker; C:\Windows\System32\DRIVERS\volume_tracker.sys [251016 2022-11-24] (Acronis International GmbH -> Acronis International GmbH)
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [49568 2022-12-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [473376 2022-12-10] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [99616 2022-12-10] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-01-21 22:55 - 2023-01-21 22:55 - 000016157 _____ C:\Users\monyp\Desktop\FRST.txt
2023-01-21 22:55 - 2023-01-21 22:55 - 000000000 ____D C:\FRST
2023-01-21 22:53 - 2023-01-21 22:50 - 002376704 _____ (Farbar) C:\Users\monyp\Desktop\FRST64.exe
2023-01-21 22:49 - 2023-01-21 22:50 - 002376704 _____ (Farbar) C:\Users\monyp\Downloads\FRST64.exe
2023-01-21 22:38 - 2023-01-21 22:38 - 002329352 _____ (Tenorshare Co., Ltd.) C:\Users\monyp\Downloads\tenorshare-4ddig-for-windows.exe
2023-01-21 20:52 - 2023-01-21 20:52 - 000235248 _____ (AVG Technologies CZ, s.r.o.) C:\Users\monyp\Downloads\avg_antivirus_free_setup.exe
2023-01-21 12:46 - 2023-01-21 12:51 - 000234106 _____ C:\Windows\ntbtlog.txt
2023-01-21 12:46 - 2023-01-21 12:46 - 000000214 _____ C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job
2023-01-16 02:38 - 2023-01-16 02:38 - 000000000 ____D C:\Users\monyp\AppData\Local\ESET
2023-01-12 23:48 - 2023-01-21 12:49 - 000002098 _____ C:\Users\monyp\Desktop\ESET Security.lnk
2023-01-12 23:48 - 2023-01-12 23:48 - 000000000 ____D C:\Users\monyp\Documents\Zvukové záznamy
2023-01-12 23:47 - 2023-01-12 23:47 - 000000000 ____D C:\Windows\system32\Tasks\Agent Activation Runtime
2023-01-11 16:08 - 2023-01-11 16:08 - 000000000 ___HD C:\$WinREAgent
2023-01-06 02:54 - 2023-01-06 02:54 - 000002016 _____ C:\Users\Public\Desktop\ESET Ochrana bankovnictví a online plateb.lnk
2023-01-05 01:35 - 2023-01-05 01:36 - 000000000 ____D C:\Users\monyp\Desktop\Mp3
2023-01-05 01:11 - 2023-01-05 01:11 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2022-12-29 04:06 - 2022-12-29 04:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2022-12-29 04:06 - 2022-12-29 04:06 - 000000000 ____D C:\ProgramData\ESET
2022-12-29 04:06 - 2022-12-29 04:06 - 000000000 ____D C:\Program Files\ESET
2022-12-29 04:02 - 2022-12-29 04:02 - 008971520 _____ (ESET) C:\Users\monyp\Downloads\eset_smart_security_premium_live_installer.exe
2022-12-29 03:20 - 2022-12-29 03:20 - 000000000 ____D C:\Users\monyp\AppData\Local\OneDrive
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-01-21 22:16 - 2019-12-07 10:13 - 000000000 ____D C:\Windows\INF
2023-01-21 22:14 - 2022-11-01 20:39 - 000000000 ____D C:\Windows\system32\SleepStudy
2023-01-21 21:54 - 2022-11-01 20:45 - 001605602 _____ C:\Windows\system32\PerfStringBackup.INI
2023-01-21 21:54 - 2019-12-07 15:41 - 000684918 _____ C:\Windows\system32\perfh005.dat
2023-01-21 21:54 - 2019-12-07 15:41 - 000137682 _____ C:\Windows\system32\perfc005.dat
2023-01-21 21:49 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-01-21 21:46 - 2022-11-01 20:39 - 000008192 ___SH C:\DumpStack.log.tmp
2023-01-21 21:46 - 2022-11-01 20:39 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2023-01-21 21:46 - 2022-11-01 20:13 - 000000000 __SHD C:\Users\monyp\IntelGraphicsProfiles
2023-01-21 21:46 - 2022-11-01 20:09 - 000000134 _____ C:\Windows\system32\regtest.txt
2023-01-21 21:46 - 2022-11-01 20:06 - 000000000 ____D C:\Intel
2023-01-21 21:46 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\ServiceState
2023-01-21 21:46 - 2019-12-07 10:03 - 000524288 _____ C:\Windows\system32\config\BBI
2023-01-21 20:01 - 2022-11-01 21:32 - 000000000 ____D C:\Windows\AAct_Tools
2023-01-21 18:13 - 2022-11-01 20:13 - 000000000 ____D C:\Users\monyp\AppData\Local\VirtualStore
2023-01-21 13:45 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\AppReadiness
2023-01-21 13:28 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-01-21 13:00 - 2022-11-01 20:39 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-01-21 13:00 - 2022-11-01 20:39 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2023-01-21 12:52 - 2022-11-01 20:15 - 000003588 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1200198322-175365666-3207582708-1001
2023-01-21 12:52 - 2022-11-01 20:14 - 000003378 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1200198322-175365666-3207582708-1001
2023-01-21 12:52 - 2022-11-01 20:11 - 000002377 _____ C:\Users\monyp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-01-20 16:26 - 2022-11-01 20:11 - 000000000 ____D C:\Users\monyp
2023-01-16 23:54 - 2022-11-10 08:15 - 000237208 _____ (ESET) C:\Windows\system32\Drivers\ehdrv.sys
2023-01-16 23:54 - 2022-11-10 08:15 - 000198416 _____ (ESET) C:\Windows\system32\Drivers\eamonm.sys
2023-01-16 23:54 - 2022-11-10 08:15 - 000122504 _____ (ESET) C:\Windows\system32\Drivers\epfwwfp.sys
2023-01-16 23:54 - 2022-11-10 08:15 - 000119904 _____ (ESET) C:\Windows\system32\Drivers\edevmon.sys
2023-01-16 23:54 - 2022-11-10 08:15 - 000081696 _____ (ESET) C:\Windows\system32\Drivers\epfw.sys
2023-01-16 23:54 - 2022-11-10 08:15 - 000055392 _____ (ESET) C:\Windows\system32\Drivers\ekbdflt.sys
2023-01-12 21:29 - 2022-11-01 20:13 - 000000000 ____D C:\Users\monyp\AppData\Local\Packages
2023-01-12 20:27 - 2022-11-01 20:15 - 000000000 ____D C:\Users\monyp\AppData\Local\PlaceholderTileLogoFolder
2023-01-12 20:27 - 2022-11-01 20:06 - 000000000 ____D C:\ProgramData\Packages
2023-01-12 16:48 - 2022-11-16 12:25 - 000000000 ____D C:\Windows\system32\MRT
2023-01-12 16:44 - 2022-11-16 12:25 - 150199536 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2023-01-11 20:13 - 2022-11-01 20:39 - 000444928 _____ C:\Windows\system32\FNTCACHE.DAT
2023-01-11 20:12 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SystemResources
2023-01-11 20:12 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\oobe
2023-01-11 20:12 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\migwiz
2023-01-11 20:12 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\bcastdvr
2023-01-11 16:15 - 2019-12-07 10:03 - 000000000 ____D C:\Windows\CbsTemp
2023-01-11 16:13 - 2022-11-01 20:43 - 003014656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2023-01-06 02:57 - 2022-11-01 21:12 - 000000000 ____D C:\Users\monyp\AppData\Local\D3DSCache
2023-01-05 07:42 - 2022-11-01 20:39 - 000003640 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-01-05 07:42 - 2022-11-01 20:39 - 000003516 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-01-05 01:42 - 2022-11-01 21:04 - 000000000 ____D C:\Users\monyp\AppData\Local\GHISLER
2023-01-05 01:17 - 2022-11-29 02:06 - 000000000 ____D C:\Users\monyp\Desktop\JPG
2022-12-29 04:06 - 2019-12-07 10:14 - 000000000 ___HD C:\Windows\ELAMBKUP
2022-12-27 05:12 - 2019-12-07 10:14 - 000000000 ___SD C:\Windows\system32\UNP
2022-12-27 05:12 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata
2022-12-27 05:12 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\lv-LV
2022-12-27 05:12 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\lt-LT
2022-12-27 05:12 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\et-EE
2022-12-27 05:12 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\es-MX
2022-12-27 05:12 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\Dism
2022-12-27 05:12 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SystemApps
2022-12-27 05:12 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\WinMetadata
2022-12-27 05:12 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\lv-LV
2022-12-27 05:12 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\lt-LT
2022-12-27 05:12 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\et-EE
2022-12-27 05:12 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\es-MX
2022-12-27 05:12 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\Dism
2022-12-27 05:12 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\Provisioning
2022-12-27 05:12 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\System
2022-12-26 19:37 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\SecureBootUpdates
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20-01-2023
Ran by monyp (administrator) on DESKTOP-AG1I8QN (LENOVO 81YE) (21-01-2023 22:55:17)
Running from C:\Users\monyp\Desktop
Loaded Profiles: monyp
Platform: Microsoft Windows 10 Home Single Language Version 22H2 19045.2486 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Acronis International GmbH -> ) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
(Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\TibMounter\tib_mounter_monitor.exe
(C:\Program Files (x86)\Acronis\Agent\aakore.exe ->) (Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Acronis\Agent\bin\bckp_amgr.exe
(C:\Program Files (x86)\Acronis\Agent\aakore.exe ->) (Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Acronis\Agent\bin\grpm-mini.exe
(C:\Program Files (x86)\Acronis\Agent\aakore.exe ->) (Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Acronis\Agent\bin\monitoring-mini.exe
(C:\Program Files (x86)\Acronis\Agent\aakore.exe ->) (Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Acronis\Agent\bin\task-manager.exe
(C:\Program Files (x86)\Acronis\Agent\aakore.exe ->) (Acronis International GmbH -> Acronis International GmbH.) C:\Program Files (x86)\Acronis\Agent\bin\adp-agent.exe
(C:\Program Files (x86)\Acronis\Agent\aakore.exe ->) (Acronis International GmbH -> Acronis International GmbH.) C:\Program Files (x86)\Acronis\Agent\bin\updater.exe
(C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe ->) (Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(C:\Program Files\ESET\ESET Security\ekrn.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(C:\Program Files\ESET\ESET Security\ekrn.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eOppFrame.exe
(DriverStore\FileRepository\cui_dch.inf_amd64_0d8dab4470c5524b\igfxCUIService.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_0d8dab4470c5524b\igfxEM.exe
(ETDCtrl.exe ->) (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDTouch.exe
(ETDService.exe ->) (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDCtrl.exe
(ETDService.exe ->) (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDCtrlHelper.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <7>
(services.exe ->) (Acronis International GmbH -> ) C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\anti_ransomware_service.exe
(services.exe ->) (Acronis International GmbH -> ) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(services.exe ->) (Acronis International GmbH -> ) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(services.exe ->) (Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Acronis\Agent\aakore.exe
(services.exe ->) (Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe
(services.exe ->) (Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (Dolby Laboratories, Inc. -> ) C:\Windows\System32\dolbyaposvc\DAX3API.exe <2>
(services.exe ->) (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDService.exe
(services.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_7ecc5be6ca7b3b0d\esif_uf.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_0b214be229a13e84\jhi_service.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_0d8dab4470c5524b\igfxCUIService.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_a9a2dde7124f013f\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_5d54dd32fa1ef4d4\IntelCpHDCPSvc.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_5d54dd32fa1ef4d4\IntelCpHeciSvc.exe
(services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_120314e52c04567c\RstMwService.exe
(services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\vds.exe
(services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wbengine.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia) C:\Windows\System32\FMService64.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(services.exe ->) (Qualcomm Atheros -> Qualcomm Technologies Inc.) C:\Windows\System32\drivers\QcomWlanSrvx64.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.2300_none_7e14edbc7c88b7d5\TiWorker.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\RtkAudUService64.exe [1076728 2020-03-24] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [644000 2022-01-05] (Acronis International GmbH -> Acronis International GmbH)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [194704 2023-01-16] (ESET, spol. s r.o. -> ESET)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [6223200 2022-01-05] (Acronis International GmbH -> )
HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\tib_mounter_monitor.exe [446392 2022-01-05] (Acronis International GmbH -> Acronis International GmbH)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-1200198322-175365666-3207582708-1001\...\Run: [MicrosoftEdgeAutoLaunch_2CC3880367060C41BF8DD0D29F61B3B2] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4188616 2023-01-19] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1200198322-175365666-3207582708-1001\...\MountPoints2: {65837999-8bc5-11ed-b148-d488d6b5d4ea} - "D:\HiSuiteDownLoader.exe"
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {1C9103A7-AC54-46AA-B878-1424945DF5B8} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {3E1456FA-9AB4-4931-8710-703A073F07C0} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe (No File)
Task: {415E3188-764D-4CA0-9CE6-5C0F1F164695} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {57340D72-B5DD-4A75-8E9F-B4A1C2BC6F07} - System32\Tasks\AAct => C:\Windows\AAct_Tools\AAct_x64.exe [1812912 2021-10-07] (WZTeam -> ) [File not signed]
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [132968 2011-08-30] (Apple Inc. -> Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{24fdfc88-1cee-4305-b3c4-c8c9ed88fd74}: [DhcpNameServer] 10.0.0.138
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\monyp\AppData\Local\Microsoft\Edge\User Data\Default [2023-01-21]
FireFox:
========
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 aakore; C:\Program Files (x86)\Acronis\Agent\aakore.exe [9022120 2022-01-05] (Acronis International GmbH -> Acronis International GmbH)
R2 AcronisActiveProtectionService; C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\anti_ransomware_service.exe [12978544 2022-01-05] (Acronis International GmbH -> )
S4 AcronisCyberProtectionService; C:\Program Files\Acronis\CyberProtect\cyber-protect-service.exe [1425256 2022-01-05] (Acronis International GmbH -> Acronis International GmbH)
R2 AcrSch2Svc; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [1052280 2022-01-05] (Acronis International GmbH -> Acronis International GmbH)
R2 afcdpsrv; C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [6391536 2022-11-24] (Acronis International GmbH -> )
R2 DolbyDAXAPI; C:\Windows\system32\dolbyaposvc\DAX3API.exe [1926600 2019-09-02] (Dolby Laboratories, Inc. -> )
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [3549872 2023-01-16] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [3549872 2023-01-16] (ESET, spol. s r.o. -> ESET)
R2 FMAPOService; C:\Windows\System32\FMService64.exe [359808 2019-08-16] (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia)
R2 mmsminisrv; C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe [4882992 2022-01-05] (Acronis International GmbH -> Acronis International GmbH)
S3 mobile_backup_server; C:\Program Files (x86)\Common Files\Acronis\MobileBackupServer\mobile_backup_server.exe [3004128 2022-01-05] (Acronis International GmbH -> Acronis International GmbH)
S3 mobile_backup_status_server; C:\Program Files (x86)\Acronis\TrueImageHome\mobile_backup_status_server.exe [2130296 2022-01-05] (Acronis International GmbH -> )
R2 syncagentsrv; C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [7402528 2022-01-05] (Acronis International GmbH -> )
S3 Tib Mounter Service; C:\Program Files (x86)\Common Files\Acronis\TibMounter64\tib_mounter_service.exe [5910328 2022-01-05] (Acronis International GmbH -> Acronis International GmbH)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\NisSrv.exe [3191264 2022-12-10] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MsMpEng.exe [133592 2022-12-10] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 BdDci; C:\Windows\system32\DRIVERS\bddci.sys [367096 2022-01-05] (Bitdefender SRL -> Bitdefender)
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [198416 2023-01-16] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [119904 2023-01-16] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\Windows\System32\DRIVERS\eelam.sys [16336 2022-11-09] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [237208 2023-01-16] (ESET, spol. s r.o. -> ESET)
R2 ekbdflt; C:\Windows\system32\DRIVERS\ekbdflt.sys [55392 2023-01-16] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\Windows\system32\DRIVERS\epfw.sys [81696 2023-01-16] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [122504 2023-01-16] (ESET, spol. s r.o. -> ESET)
R2 file_protector; C:\Windows\System32\DRIVERS\file_protector.sys [726160 2022-11-24] (Acronis International GmbH -> Acronis International GmbH)
R0 file_tracker; C:\Windows\System32\DRIVERS\file_tracker.sys [392840 2022-11-24] (Acronis International GmbH -> Acronis International GmbH)
R0 fltsrv; C:\Windows\System32\DRIVERS\fltsrv.sys [183944 2022-11-24] (Acronis International GmbH -> Acronis International GmbH)
S0 ngelam; C:\Windows\System32\drivers\ngelam.sys [16344 2022-01-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Acronis International GmbH)
R1 ngscan; C:\Windows\System32\DRIVERS\ngscan.sys [179104 2022-01-05] (Acronis International GmbH -> Acronis International GmbH)
S3 tib; C:\Windows\system32\DRIVERS\tib.sys [887032 2022-11-24] (Acronis International GmbH -> Acronis International GmbH)
R2 tib_mounter; C:\Windows\system32\DRIVERS\tib_mounter.sys [175648 2022-11-24] (Acronis International GmbH -> Acronis International GmbH)
S3 tnd; C:\Windows\system32\DRIVERS\tnd.sys [694920 2022-11-24] (Acronis International GmbH -> Acronis International GmbH)
R2 virtual_file; C:\Windows\System32\DRIVERS\virtual_file.sys [334984 2022-11-24] (Acronis International GmbH -> Acronis International GmbH)
R0 volume_tracker; C:\Windows\System32\DRIVERS\volume_tracker.sys [251016 2022-11-24] (Acronis International GmbH -> Acronis International GmbH)
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [49568 2022-12-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [473376 2022-12-10] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [99616 2022-12-10] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-01-21 22:55 - 2023-01-21 22:55 - 000016157 _____ C:\Users\monyp\Desktop\FRST.txt
2023-01-21 22:55 - 2023-01-21 22:55 - 000000000 ____D C:\FRST
2023-01-21 22:53 - 2023-01-21 22:50 - 002376704 _____ (Farbar) C:\Users\monyp\Desktop\FRST64.exe
2023-01-21 22:49 - 2023-01-21 22:50 - 002376704 _____ (Farbar) C:\Users\monyp\Downloads\FRST64.exe
2023-01-21 22:38 - 2023-01-21 22:38 - 002329352 _____ (Tenorshare Co., Ltd.) C:\Users\monyp\Downloads\tenorshare-4ddig-for-windows.exe
2023-01-21 20:52 - 2023-01-21 20:52 - 000235248 _____ (AVG Technologies CZ, s.r.o.) C:\Users\monyp\Downloads\avg_antivirus_free_setup.exe
2023-01-21 12:46 - 2023-01-21 12:51 - 000234106 _____ C:\Windows\ntbtlog.txt
2023-01-21 12:46 - 2023-01-21 12:46 - 000000214 _____ C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job
2023-01-16 02:38 - 2023-01-16 02:38 - 000000000 ____D C:\Users\monyp\AppData\Local\ESET
2023-01-12 23:48 - 2023-01-21 12:49 - 000002098 _____ C:\Users\monyp\Desktop\ESET Security.lnk
2023-01-12 23:48 - 2023-01-12 23:48 - 000000000 ____D C:\Users\monyp\Documents\Zvukové záznamy
2023-01-12 23:47 - 2023-01-12 23:47 - 000000000 ____D C:\Windows\system32\Tasks\Agent Activation Runtime
2023-01-11 16:08 - 2023-01-11 16:08 - 000000000 ___HD C:\$WinREAgent
2023-01-06 02:54 - 2023-01-06 02:54 - 000002016 _____ C:\Users\Public\Desktop\ESET Ochrana bankovnictví a online plateb.lnk
2023-01-05 01:35 - 2023-01-05 01:36 - 000000000 ____D C:\Users\monyp\Desktop\Mp3
2023-01-05 01:11 - 2023-01-05 01:11 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2022-12-29 04:06 - 2022-12-29 04:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2022-12-29 04:06 - 2022-12-29 04:06 - 000000000 ____D C:\ProgramData\ESET
2022-12-29 04:06 - 2022-12-29 04:06 - 000000000 ____D C:\Program Files\ESET
2022-12-29 04:02 - 2022-12-29 04:02 - 008971520 _____ (ESET) C:\Users\monyp\Downloads\eset_smart_security_premium_live_installer.exe
2022-12-29 03:20 - 2022-12-29 03:20 - 000000000 ____D C:\Users\monyp\AppData\Local\OneDrive
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-01-21 22:16 - 2019-12-07 10:13 - 000000000 ____D C:\Windows\INF
2023-01-21 22:14 - 2022-11-01 20:39 - 000000000 ____D C:\Windows\system32\SleepStudy
2023-01-21 21:54 - 2022-11-01 20:45 - 001605602 _____ C:\Windows\system32\PerfStringBackup.INI
2023-01-21 21:54 - 2019-12-07 15:41 - 000684918 _____ C:\Windows\system32\perfh005.dat
2023-01-21 21:54 - 2019-12-07 15:41 - 000137682 _____ C:\Windows\system32\perfc005.dat
2023-01-21 21:49 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-01-21 21:46 - 2022-11-01 20:39 - 000008192 ___SH C:\DumpStack.log.tmp
2023-01-21 21:46 - 2022-11-01 20:39 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2023-01-21 21:46 - 2022-11-01 20:13 - 000000000 __SHD C:\Users\monyp\IntelGraphicsProfiles
2023-01-21 21:46 - 2022-11-01 20:09 - 000000134 _____ C:\Windows\system32\regtest.txt
2023-01-21 21:46 - 2022-11-01 20:06 - 000000000 ____D C:\Intel
2023-01-21 21:46 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\ServiceState
2023-01-21 21:46 - 2019-12-07 10:03 - 000524288 _____ C:\Windows\system32\config\BBI
2023-01-21 20:01 - 2022-11-01 21:32 - 000000000 ____D C:\Windows\AAct_Tools
2023-01-21 18:13 - 2022-11-01 20:13 - 000000000 ____D C:\Users\monyp\AppData\Local\VirtualStore
2023-01-21 13:45 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\AppReadiness
2023-01-21 13:28 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-01-21 13:00 - 2022-11-01 20:39 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-01-21 13:00 - 2022-11-01 20:39 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2023-01-21 12:52 - 2022-11-01 20:15 - 000003588 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1200198322-175365666-3207582708-1001
2023-01-21 12:52 - 2022-11-01 20:14 - 000003378 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1200198322-175365666-3207582708-1001
2023-01-21 12:52 - 2022-11-01 20:11 - 000002377 _____ C:\Users\monyp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-01-20 16:26 - 2022-11-01 20:11 - 000000000 ____D C:\Users\monyp
2023-01-16 23:54 - 2022-11-10 08:15 - 000237208 _____ (ESET) C:\Windows\system32\Drivers\ehdrv.sys
2023-01-16 23:54 - 2022-11-10 08:15 - 000198416 _____ (ESET) C:\Windows\system32\Drivers\eamonm.sys
2023-01-16 23:54 - 2022-11-10 08:15 - 000122504 _____ (ESET) C:\Windows\system32\Drivers\epfwwfp.sys
2023-01-16 23:54 - 2022-11-10 08:15 - 000119904 _____ (ESET) C:\Windows\system32\Drivers\edevmon.sys
2023-01-16 23:54 - 2022-11-10 08:15 - 000081696 _____ (ESET) C:\Windows\system32\Drivers\epfw.sys
2023-01-16 23:54 - 2022-11-10 08:15 - 000055392 _____ (ESET) C:\Windows\system32\Drivers\ekbdflt.sys
2023-01-12 21:29 - 2022-11-01 20:13 - 000000000 ____D C:\Users\monyp\AppData\Local\Packages
2023-01-12 20:27 - 2022-11-01 20:15 - 000000000 ____D C:\Users\monyp\AppData\Local\PlaceholderTileLogoFolder
2023-01-12 20:27 - 2022-11-01 20:06 - 000000000 ____D C:\ProgramData\Packages
2023-01-12 16:48 - 2022-11-16 12:25 - 000000000 ____D C:\Windows\system32\MRT
2023-01-12 16:44 - 2022-11-16 12:25 - 150199536 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2023-01-11 20:13 - 2022-11-01 20:39 - 000444928 _____ C:\Windows\system32\FNTCACHE.DAT
2023-01-11 20:12 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SystemResources
2023-01-11 20:12 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\oobe
2023-01-11 20:12 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\migwiz
2023-01-11 20:12 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\bcastdvr
2023-01-11 16:15 - 2019-12-07 10:03 - 000000000 ____D C:\Windows\CbsTemp
2023-01-11 16:13 - 2022-11-01 20:43 - 003014656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2023-01-06 02:57 - 2022-11-01 21:12 - 000000000 ____D C:\Users\monyp\AppData\Local\D3DSCache
2023-01-05 07:42 - 2022-11-01 20:39 - 000003640 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-01-05 07:42 - 2022-11-01 20:39 - 000003516 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-01-05 01:42 - 2022-11-01 21:04 - 000000000 ____D C:\Users\monyp\AppData\Local\GHISLER
2023-01-05 01:17 - 2022-11-29 02:06 - 000000000 ____D C:\Users\monyp\Desktop\JPG
2022-12-29 04:06 - 2019-12-07 10:14 - 000000000 ___HD C:\Windows\ELAMBKUP
2022-12-27 05:12 - 2019-12-07 10:14 - 000000000 ___SD C:\Windows\system32\UNP
2022-12-27 05:12 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata
2022-12-27 05:12 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\lv-LV
2022-12-27 05:12 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\lt-LT
2022-12-27 05:12 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\et-EE
2022-12-27 05:12 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\es-MX
2022-12-27 05:12 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\Dism
2022-12-27 05:12 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SystemApps
2022-12-27 05:12 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\WinMetadata
2022-12-27 05:12 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\lv-LV
2022-12-27 05:12 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\lt-LT
2022-12-27 05:12 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\et-EE
2022-12-27 05:12 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\es-MX
2022-12-27 05:12 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\Dism
2022-12-27 05:12 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\Provisioning
2022-12-27 05:12 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\System
2022-12-26 19:37 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\SecureBootUpdates
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================