Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17-03-2021
Ran by kaPL74 (administrator) on PCKAPL (Gigabyte Technology Co., Ltd. B250M-D3H) (17-03-2021 14:24:29)
Running from C:\Users\kaPL74\Desktop
Loaded Profiles: kaPL74
Platform: Windows 10 Pro Version 20H2 19042.867 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> Adobe Inc) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Windows\SysWOW64\muachost.exe
(Node.js Foundation -> Node.js) C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvmdi.inf_amd64_94b9135752f195c3\Display.NvContainer\NVDisplay.Container.exe <2>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Program Files (x86)\EPSON Software\Epson Printer Connection Checker\EPPCCMON.EXE
(SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Windows\System32\spool\drivers\x64\3\E_YATIUNE.EXE <2>
(Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe <6>
(uTorrent.CZ -> BitTorrent, Inc.) [File not signed] C:\Users\kaPL74\AppData\Roaming\uTorrent\utorrent.exe
(uTorrent.CZ -> emc) [File not signed] C:\Users\kaPL74\AppData\Roaming\uTorrent\uninstall.exe
(Winstep Software Technologies) [File not signed] C:\Program Files (x86)\Winstep\Nexus.exe
(Winstep Software Technologies) [File not signed] C:\Program Files (x86)\Winstep\WsxService.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [856288 2019-10-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3942864 2016-10-13] (Logitech -> Logitech, Inc.)
HKLM\...\Run: [LogiOptions] => C:\Program Files\Logitech\LogiOptions\LogiOptions.exe [1667208 2020-10-21] (Logitech Inc -> Logitech, Inc.)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [175504 2020-10-26] (ESET, spol. s r.o. -> ESET)
HKLM\...\Run: [EPPCCMON] => C:\Program Files (x86)\EPSON Software\Epson Printer Connection Checker\EPPCCMON.EXE [442936 2020-10-22] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1319208 2019-05-31] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2021-01-25] (Adobe Inc. -> )
HKU\S-1-5-21-3640345311-2590231575-3648685039-1001\...\Run: [Nexus] => C:\Program Files (x86)\Winstep\Nexus.exe [18012288 2020-10-28] (Winstep Software Technologies) [File not signed]
HKU\S-1-5-21-3640345311-2590231575-3648685039-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3412696 2021-02-13] (Valve -> Valve Corporation)
HKU\S-1-5-21-3640345311-2590231575-3648685039-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [91016584 2021-01-15] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-3640345311-2590231575-3648685039-1001\...\Run: [CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2021-01-25] (Adobe Inc. -> )
HKU\S-1-5-21-3640345311-2590231575-3648685039-1001\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIUNE.EXE [416896 2017-09-22] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
HKU\S-1-5-21-3640345311-2590231575-3648685039-1001\...\Run: [EPSDNMON] => ""
HKU\S-1-5-21-3640345311-2590231575-3648685039-1001\...\Run: [EPLTarget\P0000000000000001] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIUNE.EXE [416896 2017-09-22] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
HKU\S-1-5-21-3640345311-2590231575-3648685039-1001\...\MountPoints2: {a4f02b28-0263-11eb-ab3c-1c1b0da4b7b8} - "H:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3640345311-2590231575-3648685039-1001\...\MountPoints2: {b58bdc64-6eee-11eb-ab5e-1c1b0da4b7b8} - "H:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3640345311-2590231575-3648685039-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\padbury.scr [2560816 2020-06-06] (ICOFX SOFTWARE SRL -> icofx software srl)
HKLM\...\Print\Monitors\EPSON L3150 Series 64MonitorBE: C:\Windows\system32\E_YLMBUNE.DLL [184832 2017-07-14] (Microsoft Windows Hardware Compatibility Publisher -> Seiko Epson Corporation)
Startup: C:\Users\kaPL74\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Poslat do aplikace OneNote.lnk [2020-02-29]
ShortcutTarget: Poslat do aplikace OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0A670197-5F44-45C0-B909-88DA43CEDD7D} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2021-01-11] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {13EDAEC7-BD53-4A1F-80CE-459AC72EE7D9} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1127664 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2C506EF3-2339-438A-8BA5-62683586374A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4004296 2021-03-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {40C67839-338A-4856-A6E2-DEFF6AF7581A} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [114048 2021-03-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {4D9D8D65-AC9B-4259-BF65-76B60EAC0D8F} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2021-01-11] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {50DC59E4-A166-4068-AC2C-F906565F9148} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1127664 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5385D234-C09F-4F32-B8A6-5A774157F4CF} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1127664 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6A380F79-6C24-401A-A7BC-452F4A5EFF8E} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646896 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {8FC9D5D1-129C-4E5B-8704-E31BF0D7B652} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4004296 2021-03-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {A72DD28B-0291-4025-8318-0DA4FEC21A77} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906480 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A7B1F982-3EF6-498F-BFBD-B713E4117073} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [114048 2021-03-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {ADB3D5F9-6664-4D0F-AE3C-D2A05C9191D3} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3302128 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {AEB78506-86E7-4488-A9E5-FA196B7F48A7} - System32\Tasks\TrackerAutoUpdate => C:\Program Files\Tracker Software\Update\TrackerUpdate.exe [4487904 2016-04-19] (Tracker Software Products (Canada) Ltd -> Tracker Software Products (Canada) Ltd.)
Task: {B2E140A8-7745-4BC1-B934-499A0C652A0B} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [694256 2021-03-16] (Mozilla Corporation -> Mozilla Foundation)
Task: {BEC816BD-7903-4262-870D-A744858DCBEF} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1127664 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C1B5F08D-9BC7-431A-9FAC-208760D89767} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [906480 2021-01-27] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {CD03A155-5B1A-4F49-871D-3E36C2CBDB17} - System32\Tasks\MSISW_Host => C:\Windows\SysWOW64\muachost.exe [1692840 2015-08-18] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
Task: {DA1C2BFC-212F-4AB6-9534-449656CB79A0} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23079792 2021-03-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {E190DB0D-28C0-4A49-823B-F2DF8771702C} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23079792 2021-03-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {E2DE8347-155A-4804-BDA6-0415593CE923} - System32\Tasks\EPSON L3150 Series Update {250D2C85-A398-4683-BBC4-5BDE47BA1485} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSUNE.EXE [680440 2017-06-07] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
Task: {F790E3D8-CC80-4301-BF7C-58FF48400E00} - System32\Tasks\EPSON L3150 Series Update {46449C47-58A8-40C2-9C80-3525477E6708} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSUNE.EXE [680440 2017-06-07] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\EPSON L3150 Series Update {250D2C85-A398-4683-BBC4-5BDE47BA1485}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSUNE.EXE:/EXE:{250D2C85-A398-4683-BBC4-5BDE47BA1485} /F:UpdateWORKGROUP\PCKAPL$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\EPSON L3150 Series Update {46449C47-58A8-40C2-9C80-3525477E6708}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSUNE.EXE:/EXE:{46449C47-58A8-40C2-9C80-3525477E6708} /F:UpdateWORKGROUP\PCKAPL$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\MSISW_Host.job => C:\WINDOWS\SysWOW64\muachost.exe
Task: C:\WINDOWS\Tasks\TrackerAutoUpdate.job => C:\Program Files\Tracker Software\Update\TrackerUpdate.exe-CheckUpdate(Tracker Software Products (Canada) Ltd.Kee
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.100.1
Tcpip\..\Interfaces\{04687598-79ac-424b-a997-68cfe11fc2ae}: [DhcpNameServer] 192.168.100.1
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\kaPL74\AppData\Local\Microsoft\Edge\User Data\Default [2021-03-17]
Edge Extension: (Adblock) - C:\Users\kaPL74\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\dckihkcdmjmlkndgmmgplpcnkmdpangb [2021-01-13]
Edge Extension: (Google Translate Tool) - C:\Users\kaPL74\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fekieommkbpliaejojcigbfdncknhncm [2020-12-09]
FireFox:
========
FF DefaultProfile: suv7x4pj.default
FF ProfilePath: C:\Users\kaPL74\AppData\Roaming\Mozilla\Firefox\Profiles\suv7x4pj.default [2021-02-21]
FF Homepage: Mozilla\Firefox\Profiles\suv7x4pj.default -> about:home
FF NewTab: Mozilla\Firefox\Profiles\suv7x4pj.default -> about:newtab
FF Notifications: Mozilla\Firefox\Profiles\suv7x4pj.default -> hxxps://www.slevomat.cz
FF Extension: (Blokátor reklam AdGuard) - C:\Users\kaPL74\AppData\Roaming\Mozilla\Firefox\Profiles\suv7x4pj.default\Extensions\adguardadblocker@adguard.com.xpi [2020-01-05]
FF Extension: (Český slovník pro kontrolu pravopisu) - C:\Users\kaPL74\AppData\Roaming\Mozilla\Firefox\Profiles\suv7x4pj.default\Extensions\cs@dictionaries.addons.mozilla.org.xpi [2019-01-05]
FF Extension: (To Google Translate) - C:\Users\kaPL74\AppData\Roaming\Mozilla\Firefox\Profiles\suv7x4pj.default\Extensions\jid1-93WyvpgvxzGATw@jetpack.xpi [2019-12-07]
FF Extension: (esafox) - C:\Users\kaPL74\AppData\Roaming\Mozilla\Firefox\Profiles\suv7x4pj.default\Extensions\{b526b65f-3165-4dcc-a534-3474d1de766b}.xpi [2019-05-14]
FF Extension: (Space Fantasy Redux) - C:\Users\kaPL74\AppData\Roaming\Mozilla\Firefox\Profiles\suv7x4pj.default\Extensions\{f5453979-a039-4066-8aee-cb64fc98f936}.xpi [2019-08-13]
FF ProfilePath: C:\Users\kaPL74\AppData\Roaming\Mozilla\Firefox\Profiles\bdftw427.default-release [2021-03-17]
FF Homepage: Mozilla\Firefox\Profiles\bdftw427.default-release -> hxxps://www.seznam.cz/
FF NewTab: Mozilla\Firefox\Profiles\bdftw427.default-release -> about:newtab
FF Notifications: Mozilla\Firefox\Profiles\bdftw427.default-release -> hxxps://www.slevomat.cz
FF NewTabOverride: Mozilla\Firefox\Profiles\bdftw427.default-release -> Enabled: wikipedia@search.mozilla.org
FF NewTabOverride: Mozilla\Firefox\Profiles\bdftw427.default-release -> Enabled: google@search.mozilla.org
FF Extension: (Blokátor reklam AdGuard) - C:\Users\kaPL74\AppData\Roaming\Mozilla\Firefox\Profiles\bdftw427.default-release\Extensions\adguardadblocker@adguard.com.xpi [2020-12-25]
FF Extension: (Český slovník pro kontrolu pravopisu) - C:\Users\kaPL74\AppData\Roaming\Mozilla\Firefox\Profiles\bdftw427.default-release\Extensions\cs@dictionaries.addons.mozilla.org.xpi [2019-01-05]
FF Extension: (To Google Translate) - C:\Users\kaPL74\AppData\Roaming\Mozilla\Firefox\Profiles\bdftw427.default-release\Extensions\jid1-93WyvpgvxzGATw@jetpack.xpi [2020-11-12]
FF Extension: (YouTube Converter Button) - C:\Users\kaPL74\AppData\Roaming\Mozilla\Firefox\Profiles\bdftw427.default-release\Extensions\{8f4bbf79-5514-4d04-a901-d5fabfe91d73}.xpi [2020-09-30]
FF Extension: (esafox) - C:\Users\kaPL74\AppData\Roaming\Mozilla\Firefox\Profiles\bdftw427.default-release\Extensions\{b526b65f-3165-4dcc-a534-3474d1de766b}.xpi [2019-05-14]
FF Extension: (Space Fantasy Redux) - C:\Users\kaPL74\AppData\Roaming\Mozilla\Firefox\Profiles\bdftw427.default-release\Extensions\{f5453979-a039-4066-8aee-cb64fc98f936}.xpi [2019-08-13]
FF HKLM-x32\...\Firefox\Extensions: [e-webprint@epson.com] - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on
FF Extension: (E-Web Print) - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on [2020-03-18] [Legacy] [not signed]
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2016-04-19] (Tracker Software Products (Canada) Ltd -> Tracker Software Products (Canada) Ltd.)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2016-04-19] (Tracker Software Products (Canada) Ltd -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-03-06] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-03-06] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin HKU\S-1-5-21-3640345311-2590231575-3648685039-1001: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2016-04-19] (Tracker Software Products (Canada) Ltd -> Tracker Software Products (Canada) Ltd.)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\eset_security_config_overlay.js [2021-03-17]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8988552 2021-03-05] (Microsoft Corporation -> Microsoft Corporation)
S4 DialogBlockingService; C:\WINDOWS\System32\DialogBlockingService.dll [76288 2021-03-02] (Microsoft Windows -> Microsoft Corporation)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2595360 2020-10-26] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [2595360 2020-10-26] (ESET, spol. s r.o. -> ESET)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [145224 2018-01-29] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
S3 FvSvc; C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe [410864 2021-01-25] (NVIDIA Corporation -> NVIDIA)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7456464 2021-03-02] (Malwarebytes Inc -> Malwarebytes)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5352528 2021-03-02] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 SetupARService; C:\Program Files (x86)\Realtek\Audio\SetupAfterRebootService.exe [10752 2020-02-29] () [File not signed]
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2009.7-0\NisSrv.exe [2372048 2020-10-24] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2009.7-0\MsMpEng.exe [128376 2020-10-24] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 Winstep Xtreme Service; C:\Program Files (x86)\Winstep\WsxService.exe [777216 2019-10-29] (Winstep Software Technologies) [File not signed]
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvmdi.inf_amd64_94b9135752f195c3\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvmdi.inf_amd64_94b9135752f195c3\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [160992 2020-10-26] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [109360 2020-10-26] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15824 2021-03-16] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [190464 2020-10-26] (ESET, spol. s r.o. -> ESET)
R2 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [43720 2020-10-26] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [70048 2020-10-26] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [107784 2020-10-26] (ESET, spol. s r.o. -> ESET)
S3 I2cHkBurn; C:\WINDOWS\system32\drivers\I2cHkBurn.sys [41760 2015-07-27] (Feature Integration Technology -> FINTEK Corp.)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-11-02] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-03-02] (Malwarebytes Inc -> Malwarebytes)
R0 secnvme; C:\WINDOWS\System32\drivers\secnvme.sys [133944 2020-01-20] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [48536 2020-10-24] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [428264 2020-10-24] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [151184 2016-07-15] (NGO -> MBB)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [69864 2020-10-24] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-03-17 14:24 - 2021-03-17 14:24 - 000024044 _____ C:\Users\kaPL74\Desktop\FRST.txt
2021-03-17 14:24 - 2021-03-17 14:24 - 000000000 ____D C:\FRST
2021-03-17 14:23 - 2021-03-17 14:23 - 002300928 _____ (Farbar) C:\Users\kaPL74\Desktop\FRST64.exe
2021-03-17 11:40 - 2021-03-17 11:40 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2021-03-17 11:38 - 2021-03-13 05:05 - 001855184 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2021-03-17 11:38 - 2021-03-13 05:05 - 001855184 _____ C:\WINDOWS\system32\vulkaninfo.exe
2021-03-17 11:38 - 2021-03-13 05:05 - 001452304 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2021-03-17 11:38 - 2021-03-13 05:05 - 001435856 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2021-03-17 11:38 - 2021-03-13 05:05 - 001435856 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2021-03-17 11:38 - 2021-03-13 05:05 - 001191696 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2021-03-17 11:38 - 2021-03-13 05:05 - 001094864 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2021-03-17 11:38 - 2021-03-13 05:05 - 001094864 _____ C:\WINDOWS\system32\vulkan-1.dll
2021-03-17 11:38 - 2021-03-13 05:05 - 000948936 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2021-03-17 11:38 - 2021-03-13 05:05 - 000948936 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2021-03-17 11:38 - 2021-03-13 05:02 - 001511216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2021-03-17 11:38 - 2021-03-13 05:02 - 001163536 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2021-03-17 11:38 - 2021-03-13 05:02 - 000687888 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2021-03-17 11:38 - 2021-03-13 05:02 - 000678704 _____ C:\WINDOWS\system32\nvofapi64.dll
2021-03-17 11:38 - 2021-03-13 05:02 - 000671512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2021-03-17 11:38 - 2021-03-13 05:02 - 000612144 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2021-03-17 11:38 - 2021-03-13 05:02 - 000556848 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2021-03-17 11:38 - 2021-03-13 05:02 - 000546096 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2021-03-17 11:38 - 2021-03-13 05:01 - 002102560 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2021-03-17 11:38 - 2021-03-13 05:01 - 001587488 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2021-03-17 11:38 - 2021-03-13 05:01 - 000811808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2021-03-17 11:38 - 2021-03-13 05:01 - 000655648 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2021-03-17 11:38 - 2021-03-13 05:00 - 008306456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2021-03-17 11:38 - 2021-03-13 05:00 - 007429904 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2021-03-17 11:38 - 2021-03-13 05:00 - 004610320 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2021-03-17 11:38 - 2021-03-13 05:00 - 002729744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2021-03-17 11:38 - 2021-03-13 05:00 - 000445200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2021-03-17 11:38 - 2021-03-13 04:59 - 000848656 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2021-03-17 11:38 - 2021-03-13 04:57 - 006075480 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2021-03-17 11:38 - 2021-03-11 06:15 - 000084450 _____ C:\WINDOWS\system32\nvinfo.pb
2021-03-16 13:42 - 2021-03-16 13:42 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-03-12 10:18 - 2021-03-12 10:18 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-03-12 10:18 - 2021-03-12 10:18 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-03-12 10:18 - 2021-03-12 10:18 - 001163776 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-03-12 10:18 - 2021-03-12 10:18 - 000707016 _____ C:\WINDOWS\system32\TextShaping.dll
2021-03-12 10:18 - 2021-03-12 10:18 - 000611952 _____ C:\WINDOWS\SysWOW64\TextShaping.dll
2021-03-12 10:18 - 2021-03-12 10:18 - 000011359 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-03-07 11:49 - 2021-03-07 11:49 - 000000000 ____D C:\Users\kaPL74\ansel
2021-03-04 12:08 - 2021-03-04 12:08 - 000000000 ____D C:\Users\kaPL74\Documents\Adobe
2021-03-02 16:40 - 2021-03-02 16:40 - 000000000 ____D C:\Users\kaPL74\AppData\Local\CEF
2021-03-02 16:38 - 2021-03-12 10:35 - 000000933 _____ C:\WINDOWS\Tasks\EPSON L3150 Series Update {46449C47-58A8-40C2-9C80-3525477E6708}.job
2021-03-02 16:38 - 2021-03-02 16:38 - 000004128 _____ C:\WINDOWS\system32\Tasks\EPSON L3150 Series Update {46449C47-58A8-40C2-9C80-3525477E6708}
2021-03-02 16:19 - 2021-03-02 21:35 - 000000000 ____D C:\Users\kaPL74\AppData\Local\Adobe
2021-03-02 16:09 - 2021-03-02 16:09 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-03-02 16:09 - 2020-11-02 09:44 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2021-03-02 13:17 - 2021-03-02 13:17 - 000001024 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop 2021.lnk
2021-03-02 12:34 - 2021-03-02 12:34 - 001314128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-03-02 12:34 - 2021-03-02 12:34 - 000480256 _____ C:\WINDOWS\system32\AssignedAccessCsp.dll
2021-03-02 12:33 - 2021-03-02 12:33 - 001822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-03-02 12:33 - 2021-03-02 12:33 - 001394024 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-03-02 12:33 - 2021-03-02 12:33 - 000231248 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2021-03-02 12:33 - 2021-03-02 12:33 - 000091136 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-03-01 12:25 - 2021-03-01 12:25 - 000000000 ____D C:\Users\kaPL74\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uTorrent
2021-02-28 13:25 - 2021-03-17 11:37 - 000399499 _____ C:\Users\kaPL74\Desktop\COVID19-okresy_-_VZOR-Formular_pro_cesty_mimo_okres_-_20210227_TELEFON_Břeclav.pdf
2021-02-22 12:24 - 2021-02-22 12:24 - 000000000 ____D C:\Users\kaPL74\AppData\Local\PeerDistRepub
2021-02-22 09:45 - 2021-02-22 09:45 - 001148295 _____ C:\Users\kaPL74\Desktop\A 1_Covid_210402.pdf
2021-02-22 09:45 - 2021-02-22 09:45 - 001129252 _____ C:\Users\kaPL74\Desktop\A 1_Covid_210228.pdf
2021-02-21 19:47 - 2021-02-21 19:47 - 000000000 ____D C:\Users\kaPL74\AppData\Local\Saber
2021-02-21 15:48 - 2014-02-13 23:59 - 000024064 _____ C:\WINDOWS\zoek-delete.exe
2021-02-20 20:13 - 2021-02-20 20:13 - 000000000 ____D C:\Users\kaPL74\AppData\Roaming\EMPRESS
2021-02-19 09:57 - 2021-02-19 09:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
2021-02-19 09:57 - 2021-02-19 09:57 - 000000000 ____D C:\Program Files\CrystalDiskInfo
2021-02-17 16:09 - 2021-02-17 16:37 - 000000000 ____D C:\Users\kaPL74\Documents\Eidos
2021-02-17 14:42 - 2021-02-17 14:42 - 000000000 ___HD C:\$Windows.~WS
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-03-17 14:24 - 2020-02-29 18:31 - 000000000 ____D C:\Users\kaPL74\AppData\LocalLow\Mozilla
2021-03-17 14:24 - 2020-02-29 18:31 - 000000000 ____D C:\ProgramData\Mozilla
2021-03-17 14:22 - 2020-05-26 19:23 - 000000000 ____D C:\Users\kaPL74\AppData\Roaming\uTorrent
2021-03-17 14:19 - 2020-08-23 10:23 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-03-17 12:25 - 2020-03-08 20:47 - 000000000 ____D C:\ProgramData\NVIDIA
2021-03-17 12:08 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-03-17 12:08 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-03-17 12:08 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-03-17 11:57 - 2020-08-23 10:32 - 001693204 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-03-17 11:57 - 2019-12-07 15:43 - 000716770 _____ C:\WINDOWS\system32\perfh005.dat
2021-03-17 11:57 - 2019-12-07 15:43 - 000144948 _____ C:\WINDOWS\system32\perfc005.dat
2021-03-17 11:57 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-03-17 11:54 - 2020-07-24 16:09 - 000000000 ____D C:\Program Files (x86)\MSI Afterburner
2021-03-17 11:50 - 2020-08-23 10:27 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-03-17 11:50 - 2020-08-23 10:23 - 000008192 ___SH C:\DumpStack.log.tmp
2021-03-17 11:50 - 2020-02-29 18:31 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-03-17 11:50 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-03-17 11:50 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-03-17 11:40 - 2020-11-02 09:29 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2021-03-17 11:40 - 2020-02-29 18:17 - 000000000 ____D C:\Users\kaPL74\AppData\Local\NVIDIA
2021-03-17 10:53 - 2020-02-29 20:05 - 000000000 ____D C:\Users\kaPL74\AppData\Roaming\vlc
2021-03-16 14:03 - 2020-02-29 22:49 - 000000000 ___RD C:\Users\kaPL74\Documents\Euro Truck Simulator 2
2021-03-16 13:47 - 2020-02-29 22:17 - 000000000 ____D C:\Program Files (x86)\Steam
2021-03-16 11:18 - 2020-02-29 19:10 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2021-03-16 11:14 - 2020-06-07 12:06 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-03-16 11:13 - 2020-10-22 14:09 - 000015824 _____ (ESET) C:\WINDOWS\system32\Drivers\eelam.sys
2021-03-13 04:57 - 2020-11-02 09:27 - 007119848 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2021-03-12 10:40 - 2020-03-31 22:24 - 000000000 ____D C:\MSI
2021-03-12 10:35 - 2020-08-23 10:23 - 000445352 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-03-12 10:34 - 2019-12-07 15:47 - 000000000 ___SD C:\WINDOWS\system32\AppV
2021-03-12 10:34 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-03-12 10:34 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-03-12 10:34 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-03-12 10:34 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-03-12 10:34 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-03-12 10:34 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-03-12 10:34 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-03-12 10:34 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-03-12 10:34 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-03-12 10:19 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-03-10 10:33 - 2020-02-29 20:33 - 000000000 ____D C:\Users\kaPL74\AppData\Local\CrashDumps
2021-03-10 10:02 - 2020-02-29 19:58 - 000000000 ____D C:\ProgramData\Documents\Winstep
2021-03-10 09:27 - 2020-02-29 20:12 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-03-10 09:25 - 2020-02-29 20:12 - 131005360 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-03-07 11:49 - 2020-08-23 09:43 - 000000000 ____D C:\Users\kaPL74
2021-03-04 22:12 - 2020-08-23 10:27 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-03-04 22:12 - 2020-08-23 10:27 - 000003460 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-03-04 12:08 - 2020-02-29 17:59 - 000000000 ____D C:\Users\kaPL74\AppData\Roaming\Adobe
2021-03-02 16:39 - 2020-02-29 22:10 - 000000000 ____D C:\Users\kaPL74\AppData\Local\D3DSCache
2021-03-02 16:09 - 2020-05-02 07:36 - 000001993 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-03-02 16:09 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-03-02 13:17 - 2020-02-29 22:10 - 000000000 ____D C:\Program Files\Common Files\Adobe
2021-03-02 13:15 - 2020-03-01 00:22 - 000000000 ____D C:\Program Files\Adobe
2021-03-02 13:15 - 2020-02-29 23:06 - 000000000 ____D C:\Program Files (x86)\Adobe
2021-03-02 13:15 - 2020-02-29 22:09 - 000000000 ____D C:\ProgramData\Adobe
2021-03-02 12:46 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-03-02 12:46 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-03-02 12:46 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-03-02 12:46 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-03-02 12:46 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-03-01 14:13 - 2020-02-29 22:35 - 000000000 ____D C:\Users\kaPL74\Documents\American Truck Simulator
2021-03-01 12:13 - 2020-02-29 18:02 - 000000000 ____D C:\Users\kaPL74\AppData\Local\PlaceholderTileLogoFolder
2021-02-21 16:12 - 2020-02-29 17:59 - 000000000 ____D C:\Users\kaPL74\AppData\Local\Packages
2021-02-21 15:49 - 2020-05-13 16:31 - 000000008 __RSH C:\ProgramData\ntuser.pol
2021-02-21 15:46 - 2019-03-19 05:52 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2021-02-19 15:00 - 2020-02-29 17:59 - 000000000 ____D C:\Users\kaPL74\AppData\Local\ConnectedDevicesPlatform
2021-02-17 16:56 - 2020-03-01 10:07 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2021-02-17 14:52 - 2020-08-21 19:19 - 000000000 ___DC C:\WINDOWS\Panther
==================== Files in the root of some directories ========
2020-03-01 10:59 - 2020-03-01 10:59 - 000099384 _____ () C:\Users\kaPL74\AppData\Roaming\inst.exe
2020-03-01 10:59 - 2020-03-01 10:59 - 000007859 _____ () C:\Users\kaPL74\AppData\Roaming\pcouffin.cat
2020-03-01 10:59 - 2020-03-01 10:59 - 000001167 _____ () C:\Users\kaPL74\AppData\Roaming\pcouffin.inf
2020-03-01 10:59 - 2020-03-01 10:59 - 000082816 _____ (VSO Software) C:\Users\kaPL74\AppData\Roaming\pcouffin.sys
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-03-2021
Ran by kaPL74 (17-03-2021 14:25:23)
Running from C:\Users\kaPL74\Desktop
Windows 10 Pro Version 20H2 19042.867 (X64) (2020-08-23 09:27:51)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3640345311-2590231575-3648685039-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3640345311-2590231575-3648685039-503 - Limited - Disabled)
Guest (S-1-5-21-3640345311-2590231575-3648685039-501 - Limited - Disabled)
kaPL74 (S-1-5-21-3640345311-2590231575-3648685039-1001 - Administrator - Enabled) => C:\Users\kaPL74
WDAGUtilityAccount (S-1-5-21-3640345311-2590231575-3648685039-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: ESET Security (Enabled - Up to date) {89B55CC4-3881-78B2-11E2-479AE0371896}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Security (Enabled - Up to date) {885D845F-AF19-0124-FECE-FFF49D00F440}
FW: ESET Firewall (Enabled) {B066057A-E576-007C-D591-56C163D3B33B}
FW: ESET Firewall (Enabled) {B18EDDE1-72EE-79EA-3ABD-EEAF1EE45FED}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Photoshop 2021 (HKLM-x32\...\PHSP_22_2) (Version: 22.2.0.183 - Adobe Inc.)
Ashampoo Burning Studio 21 (HKLM-x32\...\{91B33C97-3390-FD9A-8E0F-3F6BA7865E46}_is1) (Version: 21.6.0 - Ashampoo GmbH & Co. KG)
CrystalDiskInfo 8.9.0a (HKLM\...\CrystalDiskInfo_is1) (Version: 8.9.0a - Crystal Dew World)
Easy Photo Scan (HKLM-x32\...\{9E3F2EC3-7E4F-4F20-A56F-7A24D6E3D39B}) (Version: 1.00.0017 - Seiko Epson Corporation)
Epson Easy Photo Print 2 (HKLM-x32\...\{7E0261C4-8495-4365-BE48-647701D8B9BD}) (Version: 2.8.3.0 - Seiko Epson Corporation)
Epson Event Manager (HKLM-x32\...\{49048EBF-3803-4AA4-8943-675E6E8D5B30}) (Version: 3.11.0030 - Seiko Epson Corporation)
Epson E-Web Print (HKLM-x32\...\{6BF9F374-EC67-4808-A90C-F127DE6D989D}) (Version: 1.23.0000 - SEIKO EPSON CORPORATION)
EPSON L3150 Series Printer Uninstall (HKLM\...\EPSON L3150 Series) (Version: - Seiko Epson Corporation)
Epson Photo+ (HKLM-x32\...\{5573CD38-7685-4F38-9A06-AF6C33B38F6A}) (Version: 3.3.1.0 - Seiko Epson Corporation)
Epson Printer Connection Checker (HKLM-x32\...\{189DE071-E0BC-4BA5-8E34-83D5ED12600B}) (Version: 3.2.0.0 - Seiko Epson Corporation)
Epson Scan 2 (HKLM-x32\...\Epson Scan 2) (Version: - Seiko Epson Corporation)
EPSON Scan OCR Component (HKLM-x32\...\{563B99D8-8895-4E3E-AE8D-15BE8C05F1C1}) (Version: 3.00.04 - SEIKO EPSON Corp.)
EPSON Scan PDF EXtensions (HKLM-x32\...\{F9956472-6E16-4F83-BF9A-F887EF4A45B7}) (Version: 1.03.02 - SEIKO EPSON Corp.)
Epson ScanSmart (HKLM-x32\...\{BF35B9D9-C4A1-40DD-B13C-46F35BD35282}) (Version: 3.5.2 - Seiko Epson Corporation)
ESET Security (HKLM\...\{3B47BDC5-99BF-4F5C-A303-1F0F9DBC74F6}) (Version: 14.0.22.0 - ESET, spol. s r.o.)
Fliqlo Screen Saver (HKLM-x32\...\Fliqlo) (Version: - )
Logitech Options (HKLM\...\LogiOptions) (Version: 8.34.82 - Logitech)
Malwarebytes version 4.3.0.98 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.3.0.98 - Malwarebytes)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 89.0.774.54 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - cs-cz (HKLM\...\ProPlusRetail - cs-cz) (Version: 16.0.13801.20294 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{99FAF70F-9B61-4AB0-9EC0-B31F98FFDC4A}) (Version: 2.75.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.23.27820 (HKLM-x32\...\{852adda4-4c78-4a38-b583-c0b360a329d6}) (Version: 14.23.27820.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.25.28508 (HKLM-x32\...\{6913e92a-b64e-41c9-a5e6-cef39207fe89}) (Version: 14.25.28508.3 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.23.27820 (HKLM-x32\...\{45231ab4-69fd-486a-859d-7a59fcd11013}) (Version: 14.23.27820.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.16.27027 (HKLM-x32\...\{39e28474-b67b-4209-af1b-e9ad0a83d8ca}) (Version: 14.16.27027.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.60724 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 3.1.10 (x64) (HKLM-x32\...\{db36836f-11c3-4087-8f9c-daa0086ac619}) (Version: 3.1.10.29419 - Microsoft Corporation)
MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version: - Pavel Cvrcek)
Mozilla Firefox 86.0.1 (x64 cs) (HKLM\...\Mozilla Firefox 86.0.1 (x64 cs)) (Version: 86.0.1 - Mozilla)
Next Generation Visualisations (HKLM-x32\...\{2E376AD9-5C49-4F7D-A0BA-6A44E8FA5A3B}) (Version: 1.0.0 - Microsoft)
Nexus (HKLM-x32\...\Winstep Xtreme_is1) (Version: - )
NVIDIA FrameView SDK 1.1.4923.29548709 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29548709 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.21.0.36 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.21.0.36 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 461.92 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 461.92 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.13801.20274 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.13801.20274 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.13801.20274 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.13801.20274 - Microsoft Corporation) Hidden
Padbury Clock Screensaver 1.2 (HKLM-x32\...\Padbury Clock Screensaver_is1) (Version: 1.2 - IcoFX Software S.R.L.)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.317.1 - Tracker Software Products Ltd)
Příručky společnosti EPSON (HKLM-x32\...\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}) (Version: 1.57.0.0 - Seiko Epson Corporation)
Revo Uninstaller Pro 3.2.1 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.2.1 - VS Revo Group, Ltd.)
Samsung NVM Express Driver 3.3.0.2003 (HKLM\...\{89D55DD5-FE94-497B-B5E5-91915D52DBF2}) (Version: 3.3.0.2003 - Samsung Electronics Co., Ltd) Hidden
Skype verze 8.68 (HKLM-x32\...\Skype_is1) (Version: 8.68 - Skype Technologies S.A.)
SnowRunner Locate and Deliver (HKLM-x32\...\SnowRunner Locate and Deliver_is1) (Version: - )
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Trine 4: Melody of Mystery (HKLM-x32\...\1975023458_is1) (Version: 1.0.0.8559 - GOG.com)
Trine 4: The Nightmare Prince (HKLM-x32\...\1719934185_is1) (Version: 1.0.0.8559 - GOG.com)
Trine 4: Toby's Dream (HKLM-x32\...\1354369729_is1) (Version: 1.0.0.8559 - GOG.com)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
VSO ConvertXToDVD 7 (HKLM-x32\...\{A021D003-6933-4EA4-B582-F1D0C3E52409}_is1) (Version: 7.0.0.56 - VSO Software)
WinRAR 6.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.00.0 - win.rar GmbH)
Packages:
=========
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-07-24] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-02-29] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-02-29] (Microsoft Corporation) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.960.0_x64__56jybvy8sckqj [2021-03-17] (NVIDIA Corp.)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.2.175.0_x64__dt26b99r8h8gj [2020-08-23] (Realtek Semiconductor Corp)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-01-28] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-01-28] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-01-28] (Adobe Inc. -> )
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-01-28] (Adobe Inc. -> )
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2020-10-26] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2020-10-26] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvmdi.inf_amd64_94b9135752f195c3\nvshext.dll [2021-03-13] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-01-28] (Adobe Inc. -> )
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2020-10-26] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2016-12-15] (VS Revo Group -> VS Revo Group)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2020-02-29 22:17 - 2021-01-15 21:28 - 002072064 _____ () [File not signed] C:\Program Files (x86)\Microsoft\Skype for Desktop\ffmpeg.dll
2020-02-29 22:17 - 2021-01-15 21:28 - 000310784 _____ () [File not signed] C:\Program Files (x86)\Microsoft\Skype for Desktop\libegl.dll
2020-02-29 22:17 - 2021-01-15 21:28 - 006903808 _____ () [File not signed] C:\Program Files (x86)\Microsoft\Skype for Desktop\libglesv2.dll
2020-02-29 19:58 - 2017-11-24 17:43 - 000026624 _____ (Winstep Software Technologies) [File not signed] C:\Program Files (x86)\Winstep\WsxMMTimer.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
SearchScopes: HKU\S-1-5-21-3640345311-2590231575-3648685039-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2021-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
BHO-x32: E-Web Print -> {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} -> C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2021-03-06] (Microsoft Corporation -> Microsoft Corporation)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
Toolbar: HKLM-x32 - E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-03-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-03-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-03-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-03-06] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-03-19 05:49 - 2021-02-21 15:35 - 000000841 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3640345311-2590231575-3648685039-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\kaPL74\AppData\Roaming\Microsoft\Windows Photo Viewer\Tapeta programu Windows Prohlížeč fotografií.jpg
DNS Servers: 192.168.100.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "Wondershare Helper Compact.exe"
HKLM\...\StartupApproved\Run: => "DisplayTune.exe"
HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
HKLM\...\StartupApproved\Run: => "LogiOptions"
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKLM\...\StartupApproved\Run32: => "EEventManager"
HKU\S-1-5-21-3640345311-2590231575-3648685039-1001\...\StartupApproved\StartupFolder: => "Poslat do aplikace OneNote.lnk"
HKU\S-1-5-21-3640345311-2590231575-3648685039-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-3640345311-2590231575-3648685039-1001\...\StartupApproved\Run: => "CCXProcess"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{B741A4D3-2B14-45FA-B169-FA9045EE0D7A}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{B0196ADA-A7D6-4B38-8B9D-94E86AC02BEB}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{89CD64DC-A193-486C-BCAA-F104D7AE91BE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{2FC008B7-0095-48D9-98CE-C2DBE243E117}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{831072C7-BAF4-40F6-AB8B-355336447349}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
FirewallRules: [{83863D5C-4185-4E37-BFAB-E273A99C823E}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
FirewallRules: [{57A952ED-4D02-45BB-844A-6999ACEB261B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{5D4C55C2-E162-43DE-87A5-9C75400F39A2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{D9A94214-C8E8-4230-80EE-5C782497DB7F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{88E16755-3D9B-41FD-B3B8-2D85A857C763}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{8502FE09-C3C3-48B2-8614-1F77E1F45C03}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\American Truck Simulator\bin\win_x64\amtrucks.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{94A278DA-F922-45C5-93C1-97481553ED7F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\American Truck Simulator\bin\win_x64\amtrucks.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{B4B4FC33-2AD5-442C-8083-B74880E57049}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{FE34723E-2B6D-4FFC-B3AE-B250CEBECB60}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{792FDF47-5350-4D52-8CAE-4521924497EA}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{91C71BB2-0159-465F-ACCE-610835CDBC98}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{8D9C423E-4690-426D-A043-2572FB08E48C}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C0EAB2B5-272D-481D-87BC-E6F4D88BF43A}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{44905040-817F-4303-BF23-27F28C78F798}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E42AF226-75AE-4047-8B9E-430FD642AE8F}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{047C5850-B00E-4B3B-91C7-4F3947BC516E}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{8ED4530F-DCC9-4418-BB56-DED07ABDE113}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Portal 2\portal2.exe () [File not signed]
FirewallRules: [{758E4BF8-8362-4229-B955-D8FAA50BC644}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Portal 2\portal2.exe () [File not signed]
FirewallRules: [{208318B9-F967-4058-A951-BE49934A4BA0}] => (Allow) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.EXE (Logitech Inc -> Logitech, Inc.)
FirewallRules: [{ADCDAD64-0B98-403E-B33B-8092AFF3FDFC}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{ECF2E431-7805-463B-8034-7D261D7791A0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\American Truck Simulator\bin\win_x64\amtrucks.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{414B8D1D-C2C8-4134-A804-3EF8DCE99DBE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\American Truck Simulator\bin\win_x64\amtrucks.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{B0348DC0-44B4-42D3-B077-F35A236B2266}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{59C7F2FB-4ED8-4701-8E74-0AFEDBE57809}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{75690CB8-E8DA-4E41-9F53-F0C4F5A15028}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{FEB0739B-9506-4F0C-92A1-D30FBBFE5DD8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{31DB3580-F078-4FF2-896A-A01E739998C8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{EC70A4AD-9C7F-4785-BBD3-B23E213329D8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{BE907B64-92CE-464D-AB7C-2CC1209F95AC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{C78F45C2-58A8-41F5-A3D2-88CEBAC63565}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{D69B690B-BF99-4EA6-9157-E6FDCBEE980E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{9C02DA36-4D09-48AC-A055-CE3F925BD3FC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{FC235BF2-8819-4797-9AFF-B03CEB4A2EBD}] => (Allow) LPort=26789
FirewallRules: [{9244D4C3-2BEB-47AD-8436-6C8B1A6B66D6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tomb Raider Underworld\tru.exe (Eidos Inc.) [File not signed]
FirewallRules: [{6419ED28-A54F-45C6-B195-C35C094DB592}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tomb Raider Underworld\tru.exe (Eidos Inc.) [File not signed]
FirewallRules: [{63A62958-2DE5-4A07-AD58-C6706FD38EFE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\CoJ Gunslinger\CoJGunslinger.exe => No File
FirewallRules: [{9668C1FC-5CA9-4073-9E73-CD66211B9828}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\CoJ Gunslinger\CoJGunslinger.exe => No File
==================== Restore Points =========================
02-03-2021 16:37:33 End of disinfection
10-03-2021 10:31:29 Naplánovaný kontrolní bod
12-03-2021 10:13:55 Instalační služba modulů systému Windows
12-03-2021 10:15:26 Instalační služba modulů systému Windows
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (03/17/2021 02:25:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: utorrent.exe, verze: 3.1.3.26837, časové razítko: 0x4f5934c0
Název chybujícího modulu: GDI32.dll, verze: 10.0.19041.746, časové razítko: 0x1baae673
Kód výjimky: 0xc000041d
Posun chyby: 0x00005d67
ID chybujícího procesu: 0x828
Čas spuštění chybující aplikace: 0x01d71b1b8933fab8
Cesta k chybující aplikaci: C:\Users\kaPL74\AppData\Roaming\uTorrent\utorrent.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\GDI32.dll
ID zprávy: d9a1b1c2-2786-4448-b885-f235641bf5ce
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (03/17/2021 11:50:53 AM) (Source: SetupARService) (EventID: 0) (User: )
Description: Službu nelze spustit. System.NullReferenceException: Odkaz na objekt není nastaven na instanci objektu.
v SetupAfterRebootService.SetupARService.OnStart(String[] args)
v System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Error: (03/12/2021 10:35:26 AM) (Source: SetupARService) (EventID: 0) (User: )
Description: Službu nelze spustit. System.NullReferenceException: Odkaz na objekt není nastaven na instanci objektu.
v SetupAfterRebootService.SetupARService.OnStart(String[] args)
v System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Error: (03/12/2021 10:09:21 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: MSI_LED.exe, verze: 6.2.0.76, časové razítko: 0x5b34ab31
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x0148d832
ID chybujícího procesu: 0x246c
Čas spuštění chybující aplikace: 0x01d71591eec3cfbd
Cesta k chybující aplikaci: C:\Program Files (x86)\MSI\Gaming APP\MSI_LED.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: e5e33ace-cfe2-4013-ac2f-def4170c67c0
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (03/10/2021 10:44:17 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: MSI_LED.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.NullReferenceException
na MSI_LED.Class_NDA_FN.Init_NDA_Fn()
na MSI_LED.Class_Fun_VGA.Init_VGA()
na MSI_LED.App.Application_Startup(System.Object, System.Windows.StartupEventArgs)
na System.Windows.Application.OnStartup(System.Windows.StartupEventArgs)
na System.Windows.Application.<.ctor>b__1_0(System.Object)
na System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
na System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
na System.Windows.Threading.DispatcherOperation.InvokeImpl()
na System.Windows.Threading.DispatcherOperation.InvokeInSecurityContext(System.Object)
na System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
na System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
na System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
na MS.Internal.CulturePreservingExecutionContext.Run(MS.Internal.CulturePreservingExecutionContext, System.Threading.ContextCallback, System.Object)
na System.Windows.Threading.DispatcherOperation.Invoke()
na System.Windows.Threading.Dispatcher.ProcessQueue()
na System.Windows.Threading.Dispatcher.WndProcHook(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
na MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
na MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
na System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
na System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
na System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
na MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
na MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
na System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
na System.Windows.Threading.Dispatcher.PushFrame(System.Windows.Threading.DispatcherFrame)
na System.Windows.Application.RunDispatcher(System.Object)
na System.Windows.Application.RunInternal(System.Windows.Window)
na System.Windows.Application.Run(System.Windows.Window)
na MSI_LED.App.Main()
Error: (03/10/2021 10:33:01 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: utorrent.exe, verze: 3.1.3.26837, časové razítko: 0x4f5934c0
Název chybujícího modulu: GDI32.dll, verze: 10.0.19041.746, časové razítko: 0x1baae673
Kód výjimky: 0xc000041d
Posun chyby: 0x00005d67
ID chybujícího procesu: 0x3228
Čas spuštění chybující aplikace: 0x01d71588a6f53ac5
Cesta k chybující aplikaci: C:\Users\kaPL74\AppData\Roaming\uTorrent\utorrent.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\GDI32.dll
ID zprávy: 6475b113-82ba-4875-b936-17265c33051f
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (03/10/2021 09:27:51 AM) (Source: Firefox) (EventID: 5) (User: )
Description: Event-ID 5
Error: (03/07/2021 07:20:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: utorrent.exe, verze: 3.1.3.26837, časové razítko: 0x4f5934c0
Název chybujícího modulu: GDI32.dll, verze: 10.0.19041.746, časové razítko: 0x1baae673
Kód výjimky: 0xc000041d
Posun chyby: 0x00005d67
ID chybujícího procesu: 0x69c
Čas spuštění chybující aplikace: 0x01d71375f4a7a503
Cesta k chybující aplikaci: C:\Users\kaPL74\AppData\Roaming\uTorrent\utorrent.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\GDI32.dll
ID zprávy: 53ffe479-0da7-4054-86be-ff40216e8331
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
System errors:
=============
Error: (03/17/2021 11:40:52 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA LocalSystem Container byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.
Error: (03/17/2021 11:40:52 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba NVIDIA LocalSystem Container byla ukončena s následující chybou:
Obecný spustitelný příkaz vrátil výsledek označující selhání.
Error: (03/12/2021 10:34:59 AM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: Služba DCOM zjistila chybu 1115 při pokusu o spuštění služby TrustedInstaller s argumenty Není k dispozici za účelem spuštění serveru:
{752073A1-23F2-4396-85F0-8FDB879ED0ED}
Error: (03/02/2021 04:19:21 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Winstep Xtreme Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (03/02/2021 04:19:21 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA LocalSystem Container byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.
Error: (03/02/2021 04:19:21 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Realtek Audio Universal Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.
Error: (03/02/2021 04:19:21 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba MSI_ActiveX_Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (03/02/2021 04:19:21 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Microsoft Office Klikni a spusť byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.
Windows Defender:
================
Date: 2020-12-09 18:49:27
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/CloudCar_Test_File
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\kaPL74\Desktop\cloudcar.exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: PCKAPL\kaPL74
Název procesu: C:\Windows\explorer.exe
Verze bezpečnostních informací: AV: 1.327.2236.0, AS: 1.327.2236.0, NIS: 1.327.2236.0
Verze modulu: AM: 1.1.17600.5, NIS: 1.1.17600.5
CodeIntegrity:
===============
Date: 2021-03-17 11:52:54
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume8\Program Files\ESET\ESET Security\eamsi.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
BIOS: American Megatrends Inc. F10 12/14/2018
Motherboard: Gigabyte Technology Co., Ltd. B250M-D3H-CF
Processor: Intel(R) Core(TM) i5-7600 CPU @ 3.50GHz
Percentage of memory in use: 11%
Total physical RAM: 32727.99 MB
Available physical RAM: 29114.42 MB
Total Virtual: 37591.99 MB
Available Virtual: 32662.68 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:930.88 GB) (Free:712.31 GB) NTFS
Drive d: (Místní disk) (Fixed) (Total:931.51 GB) (Free:649.24 GB) NTFS
Drive e: () (Fixed) (Total:930.56 GB) (Free:706.09 GB) NTFS
\\?\Volume{61d92415-0000-0000-0000-100000000000}\ (Rezervováno systémem) (Fixed) (Total:0.49 GB) (Free:0.45 GB) NTFS
\\?\Volume{b5d0499e-b828-4e1c-9bed-e82b27d3d91a}\ (Obnovení) (Fixed) (Total:0.52 GB) (Free:0.09 GB) NTFS
\\?\Volume{61d92415-0000-0000-0000-60c3e8000000}\ () (Fixed) (Total:0.46 GB) (Free:0.03 GB) NTFS
\\?\Volume{14fdb315-38db-40bd-8c62-8f40fe6f7fce}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 2EFF3D7B)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 61D92415)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=930.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=469 MB) - (Type=27)
==========================================================
Disk: 2 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)
Partition: GPT.
==================== End of Addition.txt =======================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
prosím o jednu preventivku
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: prosím o jednu preventivku
ahoj,
logy vypadaju OK
logy vypadaju OK
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: prosím o jednu preventivku
Děkuji za kontrolu
Re: prosím o jednu preventivku
rado sa stalo
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/