Re: Prosím o kontrolu - napadeno Ransomware Vyřešeno
Napsal: 09 srp 2022 20:27
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 04-08-2022
Ran by drjan (administrator) on DESKTOP-17RTQ1L (LENOVO 20351) (09-08-2022 18:33:38)
Running from C:\Users\drjan\OneDrive\Plocha
Loaded Profiles: drjan
Platform: Microsoft Windows 10 Home Version 21H2 19044.1865 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(C:\Program Files\Elantech\ETDCtrl.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(C:\Program Files\Elantech\ETDService.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(explorer.exe ->) (Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(explorer.exe ->) (Fortemedia Inc -> ) C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <8>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler64.exe
(Intel(R) pGFX -> ) C:\Windows\System32\igfxTray.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(services.exe ->) (Conexant Systems, Inc. -> Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(services.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\drjan\AppData\Local\Microsoft\OneDrive\22.141.0703.0002\FileCoAuth.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22052.554.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] (Fortemedia Inc -> )
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [935104 2014-11-25] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830616 2014-04-10] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3242696 2015-10-07] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3831808 2021-08-30] (Microsoft Windows Hardware Compatibility Publisher -> Logitech)
HKU\S-1-5-21-1504615263-2154095078-1380061987-1001\...\Run: [MicrosoftEdgeAutoLaunch_13EAA4211EFB414858420240490B61ED] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3827112 2022-08-04] (Microsoft Corporation -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\104.0.5112.81\Installer\chrmstp.exe [2022-08-09] (Google LLC -> Google LLC)
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {079EB0FA-F5FB-4D65-83EF-706497C79233} - System32\Tasks\GoogleUpdateTaskMachineCore{70C10BAB-4774-4ADF-B1FD-72805C7FD7F1} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [168632 2022-08-02] (Google LLC -> Google LLC)
Task: {185ED2FF-0632-45FD-B92C-5DF3B1DE5D86} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {21A02C3D-95E6-488F-9582-AFBD91D580B8} - System32\Tasks\Microsoft\Windows\Management\Autopilot\DetectHardwareChange => {62B2DD2C-F129-42EE-BF59-55D3FD21C215} C:\Windows\System32\Autopilot.dll [192000 2022-07-31] (Microsoft Windows -> Microsoft Corporation)
Task: {322BB54A-E43F-4DEA-8643-E814550B4AD0} - System32\Tasks\GoogleUpdateTaskMachineUA{6416D6BA-ECA7-4B31-ABA1-4A8FF04CA0A7} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [168632 2022-08-02] (Google LLC -> Google LLC)
Task: {39FB9E64-573C-4931-AA63-577AEB13F05E} - System32\Tasks\Microsoft Office 15 Sync Maintenance for DESKTOP-17RTQ1L-drjan DESKTOP-17RTQ1L => C:\Program Files\Microsoft Office\Office15\MsoSync.exe [470720 2016-02-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {80F9DD1A-576B-41ED-ABF1-D2E52659CECC} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\drjan\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [21737944 2022-08-01] (ESET, spol. s r.o. -> ESET)
Task: {9E01CB1E-F240-4B64-B1E3-0B0488C06B38} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {ADD7678C-F20F-4A26-A327-17B1844C24A5} - System32\Tasks\Microsoft\Windows\Management\Autopilot\RemediateHardwareChange => {62B2DD2C-F129-42EE-BF59-55D3FD21C215} C:\Windows\System32\Autopilot.dll [192000 2022-07-31] (Microsoft Windows -> Microsoft Corporation)
Task: {FB9C90CA-223E-462A-BA02-74C5A9E03A58} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [1626328 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {FF29D128-607D-42F1-BF1D-AD97182045D1} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\drjan\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [21737944 2022-08-01] (ESET, spol. s r.o. -> ESET)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{976fe41c-1e11-4952-b885-9cf86326247a}: [DhcpNameServer] 192.168.0.1
Edge:
=======
Edge Profile: C:\Users\drjan\AppData\Local\Microsoft\Edge\User Data\Default [2022-08-09]
FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-06-25] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR DefaultProfile: Profile 1
CHR Profile: C:\Users\drjan\AppData\Local\Google\Chrome\User Data\Default [2022-08-02]
CHR Extension: (Dokumenty Google offline) - C:\Users\drjan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-08-02]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\drjan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-08-02]
CHR Profile: C:\Users\drjan\AppData\Local\Google\Chrome\User Data\Guest Profile [2022-08-09]
CHR Profile: C:\Users\drjan\AppData\Local\Google\Chrome\User Data\Profile 1 [2022-08-09]
CHR HomePage: Profile 1 -> hxxp://www.centrum.cz/
CHR Extension: (Překladač Google) - C:\Users\drjan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2022-08-02]
CHR Extension: (Dictanote) - C:\Users\drjan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aomjekmpappghadlogpigifkghlmebjk [2022-08-02]
CHR Extension: (Tipli do prohlížeče) - C:\Users\drjan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dbnfnbehhjknomdbfhcobpgpphnlnikp [2022-08-02]
CHR Extension: (Sumo) - C:\Users\drjan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dlgipkaoljiajmolhibpngjppeckkjjp [2022-08-02]
CHR Extension: (Facebook Pixel Helper) - C:\Users\drjan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fdgfkebogiimcoedlicjlajpkdmockpc [2022-08-02]
CHR Extension: (Dokumenty Google offline) - C:\Users\drjan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-08-02]
CHR Extension: (Tlačítko Uložit pro Pinterest) - C:\Users\drjan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2022-08-02]
CHR Extension: (VoiceNote II - Speech to text) - C:\Users\drjan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hfknjgplnkgjihghcidajejfmldhibfm [2022-08-02]
CHR Extension: (Grepsr - Web Scraping Tool) - C:\Users\drjan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hjdijkhlfpeafghibmiabeofkiicdnjm [2022-08-02]
CHR Extension: (Kindle Cloud Reader) - C:\Users\drjan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\icdipabjmbhpdkjaihfjoikhjjeneebd [2022-08-02]
CHR Extension: (Voice Recognition) - C:\Users\drjan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ikjmfindklfaonkodbnidahohdfbdhkn [2022-08-02]
CHR Extension: (FormApps Extension) - C:\Users\drjan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ilfoopambfaclfjmpiaijnccgcmbeigi [2022-08-02]
CHR Extension: (Screen Recorder) - C:\Users\drjan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\jdopnakmnlnccgpfpmjmdjjohmcdgabp [2022-08-02]
CHR Extension: (Grammarly: Grammar Checker and Writing App) - C:\Users\drjan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2022-08-04]
CHR Extension: (Tag Assistant Legacy (by Google)) - C:\Users\drjan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\kejbdjndbnbjgmefkgdddjlbokphdefk [2022-08-02]
CHR Extension: (AirDroid Remote Control Plugin) - C:\Users\drjan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\macmgoeeggnlnmpiojbcniblabkdjphe [2022-08-02]
CHR Extension: (Morpheon Dark) - C:\Users\drjan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\mafbdhjdkjnoafhfelkjpchpaepjknad [2022-08-02]
CHR Extension: (Scraper) - C:\Users\drjan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\mbigbapnjcgaffohmbkdlecaccepngjd [2022-08-02]
CHR Extension: (Amz Superman Seller tool) - C:\Users\drjan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ndhncndbgnmheelpkdmldlcdhmieiagm [2022-08-02]
CHR Extension: (Sklik plugin) - C:\Users\drjan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nidaimoaiogijcjpfjgkbhooeghpgklf [2022-08-02]
CHR Extension: (Video Downloader PLUS) - C:\Users\drjan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\njgehaondchbmjmajphnhlojfnbfokng [2022-08-02]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\drjan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-08-03]
CHR Extension: (AliRadar - помощник в покупках) - C:\Users\drjan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pfjibkklgpfcfdlhijfglamdnkjnpdeg [2022-08-02]
CHR Profile: C:\Users\drjan\AppData\Local\Google\Chrome\User Data\System Profile [2022-08-09]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2205.7-0\NisSrv.exe [3120992 2022-07-31] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2205.7-0\MsMpEng.exe [133544 2022-07-31] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [49576 2022-07-31] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [452856 2022-07-31] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [91384 2022-07-31] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-08-06 08:10 - 2022-08-06 08:10 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2022-08-03 22:27 - 2022-08-03 22:27 - 000000000 ____D C:\Users\drjan\AppData\Local\OneDrive
2022-08-03 17:25 - 2022-08-03 17:25 - 000000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2022-08-02 16:54 - 2022-08-02 16:54 - 000000000 ____D C:\Users\drjan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome
2022-08-02 16:47 - 2022-08-09 12:53 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-08-02 16:47 - 2022-08-02 16:47 - 000000000 ____D C:\Program Files\Google
2022-08-02 16:46 - 2022-08-09 17:52 - 000000000 ____D C:\Program Files (x86)\Google
2022-08-02 16:46 - 2022-08-02 16:54 - 000000000 ____D C:\Users\drjan\AppData\Local\Google
2022-08-02 16:46 - 2022-08-02 16:46 - 001414600 _____ (Google LLC) C:\Users\drjan\Downloads\ChromeSetup.exe
2022-08-02 16:46 - 2022-08-02 16:46 - 000003550 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA{6416D6BA-ECA7-4B31-ABA1-4A8FF04CA0A7}
2022-08-02 16:46 - 2022-08-02 16:46 - 000003426 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore{70C10BAB-4774-4ADF-B1FD-72805C7FD7F1}
2022-08-02 13:27 - 2022-08-02 13:41 - 000000000 ____D C:\Users\drjan\OneDrive\Dokumenty\Soubory aplikace Outlook
2022-08-02 07:33 - 2022-08-02 07:33 - 000003858 _____ C:\Windows\system32\Tasks\EOSv3 Scheduler onLogOn
2022-08-02 07:33 - 2022-08-02 07:33 - 000003416 _____ C:\Windows\system32\Tasks\EOSv3 Scheduler onTime
2022-08-02 02:42 - 2022-08-05 15:53 - 000005264 _____ C:\Windows\system32\Tasks\Microsoft Office 15 Sync Maintenance for DESKTOP-17RTQ1L-drjan DESKTOP-17RTQ1L
2022-08-01 21:13 - 2022-08-01 21:13 - 000000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 8
2022-08-01 19:46 - 2022-08-06 10:52 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2022-08-01 19:45 - 2022-08-01 21:12 - 000000000 ____D C:\Windows\SHELLNEW
2022-08-01 19:45 - 2022-08-01 19:45 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2022-08-01 19:43 - 2022-08-01 19:43 - 000000000 ____D C:\Windows\PCHEALTH
2022-08-01 19:39 - 2022-08-01 19:43 - 000000000 ____D C:\Program Files\Microsoft Office
2022-08-01 19:39 - 2022-08-01 19:39 - 000000000 ____D C:\Users\drjan\AppData\Local\Microsoft Help
2022-08-01 19:39 - 2022-08-01 19:39 - 000000000 ____D C:\Program Files\Microsoft Analysis Services
2022-08-01 19:39 - 2022-08-01 19:39 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2022-08-01 19:39 - 2022-08-01 19:39 - 000000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2022-08-01 14:10 - 2022-08-01 14:10 - 000000000 ____D C:\Users\drjan\AppData\Local\D3DSCache
2022-08-01 07:43 - 2022-08-01 12:14 - 000001382 _____ C:\Users\drjan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2022-08-01 07:43 - 2022-08-01 07:43 - 000000000 ____D C:\Users\drjan\AppData\Local\ESET
2022-08-01 07:42 - 2022-08-01 07:42 - 015274968 _____ (ESET) C:\Users\drjan\Downloads\esetonlinescanner.exe
2022-08-01 07:40 - 2022-08-01 07:40 - 000000000 ____D C:\Users\drjan\AppData\Local\Comms
2022-07-31 21:30 - 2022-08-09 17:44 - 000000180 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2022-07-31 21:15 - 2022-07-31 21:15 - 000000000 ____D C:\Windows\SystemTemp
2022-07-31 20:35 - 2022-07-31 20:35 - 000693248 _____ C:\Windows\system32\FsNVSDeviceSource.dll
2022-07-31 20:35 - 2022-07-31 20:35 - 000581120 _____ (Microsoft Corporation) C:\Windows\system32\PhotoScreensaver.scr
2022-07-31 20:35 - 2022-07-31 20:35 - 000499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PhotoScreensaver.scr
2022-07-31 20:35 - 2022-07-31 20:35 - 000470528 _____ (curl, hxxps://curl.se/) C:\Windows\SysWOW64\curl.exe
2022-07-31 20:35 - 2022-07-31 20:35 - 000104448 _____ C:\Windows\system32\nettraceex.dll
2022-07-31 20:35 - 2022-07-31 20:35 - 000026624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mode.com
2022-07-31 20:35 - 2022-07-31 20:35 - 000018944 _____ C:\Windows\SysWOW64\WsdProviderUtil.dll
2022-07-31 20:35 - 2022-07-31 20:35 - 000017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tree.com
2022-07-31 20:35 - 2022-07-31 20:35 - 000012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\chcp.com
2022-07-31 20:34 - 2022-07-31 20:34 - 000530944 _____ (curl, hxxps://curl.se/) C:\Windows\system32\curl.exe
2022-07-31 20:34 - 2022-07-31 20:34 - 000270848 _____ C:\Windows\system32\EsclScan.dll
2022-07-31 20:34 - 2022-07-31 20:34 - 000152064 _____ C:\Windows\system32\EsclProtocol.dll
2022-07-31 20:34 - 2022-07-31 20:34 - 000033280 _____ (Microsoft Corporation) C:\Windows\system32\mode.com
2022-07-31 20:34 - 2022-07-31 20:34 - 000020992 _____ (Microsoft Corporation) C:\Windows\system32\tree.com
2022-07-31 20:34 - 2022-07-31 20:34 - 000014848 _____ (Microsoft Corporation) C:\Windows\system32\chcp.com
2022-07-31 20:34 - 2022-07-31 20:34 - 000011797 _____ C:\Windows\system32\DrtmAuthTxt.wim
2022-07-31 20:33 - 2022-07-31 20:33 - 001333760 _____ C:\Windows\SysWOW64\TextInputMethodFormatter.dll
2022-07-31 20:33 - 2022-07-31 20:33 - 000039936 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2022-07-31 20:32 - 2022-07-31 20:32 - 000223744 _____ C:\Windows\SysWOW64\TpmTool.exe
2022-07-31 20:31 - 2022-07-31 20:31 - 000061952 _____ C:\Windows\system32\printticketvalidation.dll
2022-07-31 20:31 - 2022-07-31 20:31 - 000057344 _____ C:\Windows\system32\APMonUI.dll
2022-07-31 20:30 - 2022-07-31 20:30 - 002254336 _____ C:\Windows\system32\dwmscene.dll
2022-07-31 20:30 - 2022-07-31 20:30 - 000060928 _____ C:\Windows\system32\runexehelper.exe
2022-07-31 20:30 - 2022-07-31 20:30 - 000048640 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2022-07-31 20:29 - 2022-07-31 20:29 - 002260480 _____ C:\Windows\system32\TextInputMethodFormatter.dll
2022-07-31 20:29 - 2022-07-31 20:29 - 000232288 _____ C:\Windows\system32\containerdevicemanagement.dll
2022-07-31 20:29 - 2022-07-31 20:29 - 000093696 _____ C:\Windows\system32\Drivers\cimfs.sys
2022-07-31 20:29 - 2022-07-31 20:29 - 000024576 _____ C:\Windows\system32\WsdProviderUtil.dll
2022-07-31 20:28 - 2022-07-31 20:28 - 000640512 _____ C:\Windows\system32\SettingSyncDownloadHelper.dll
2022-07-31 20:28 - 2022-07-31 20:28 - 000288768 _____ C:\Windows\system32\Windows.Management.InprocObjects.dll
2022-07-31 20:28 - 2022-07-31 20:28 - 000272896 _____ C:\Windows\system32\TpmTool.exe
2022-07-31 20:28 - 2022-07-31 20:28 - 000162304 _____ C:\Windows\system32\DataStoreCacheDumpTool.exe
2022-07-31 20:28 - 2022-07-31 20:28 - 000089088 _____ C:\Windows\system32\windows.applicationmodel.conversationalagent.proxystub.dll
2022-07-31 20:28 - 2022-07-31 20:28 - 000073216 _____ C:\Windows\system32\windows.applicationmodel.conversationalagent.internal.proxystub.dll
2022-07-31 20:11 - 2022-07-31 20:11 - 000000000 ___HD C:\OneDriveTemp
2022-07-31 20:11 - 2020-10-21 10:16 - 000000173 ____R C:\Users\drjan\OneDrive\Dokumenty\Poznámkový blok uživatele Jan.url
2022-07-31 20:11 - 2016-04-19 06:59 - 006582678 _____ C:\Users\drjan\OneDrive\Dokumenty\Navod_na_zarabanie_cez_Amazon.pdf
2022-07-31 20:11 - 2015-11-29 14:28 - 001129595 _____ C:\Users\drjan\OneDrive\Dokumenty\CopyPasteCommission CZ.pdf
2022-07-31 20:10 - 2022-08-01 20:12 - 000003592 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1504615263-2154095078-1380061987-1001
2022-07-31 20:10 - 2022-08-01 20:12 - 000002381 _____ C:\Users\drjan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-07-31 20:06 - 2022-08-09 17:48 - 000000000 ___RD C:\Users\drjan\OneDrive
2022-07-31 20:06 - 2022-08-01 20:12 - 000003380 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1504615263-2154095078-1380061987-1001
2022-07-31 20:00 - 2022-07-31 20:00 - 000000000 ___HD C:\$WinREAgent
2022-07-31 19:52 - 2022-07-31 19:52 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2022-07-31 19:40 - 2022-08-04 16:10 - 000000000 ____D C:\Users\drjan\AppData\Local\PlaceholderTileLogoFolder
2022-07-31 19:35 - 2022-07-31 19:43 - 000000000 ____D C:\Windows\system32\MRT
2022-07-31 19:34 - 2022-07-31 19:34 - 000001146 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk
2022-07-31 19:34 - 2022-07-31 19:34 - 000000000 ____D C:\Program Files\PCHealthCheck
2022-07-31 19:28 - 2022-07-31 19:28 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2022-07-31 19:26 - 2022-08-02 06:08 - 000000000 ____D C:\ProgramData\Packages
2022-07-31 19:26 - 2022-07-31 19:26 - 000000000 ____D C:\Users\drjan\AppData\Local\Publishers
2022-07-31 19:25 - 2022-08-09 17:44 - 000000000 __SHD C:\Users\drjan\IntelGraphicsProfiles
2022-07-31 19:25 - 2022-08-01 14:25 - 000000000 ____D C:\Users\drjan\AppData\Local\Packages
2022-07-31 19:25 - 2022-07-31 21:30 - 000000000 ____D C:\Users\drjan\AppData\Local\ConnectedDevicesPlatform
2022-07-31 19:25 - 2022-07-31 19:29 - 000000000 __RHD C:\Users\Public\AccountPictures
2022-07-31 19:25 - 2022-07-31 19:25 - 000000000 ___RD C:\Users\drjan\3D Objects
2022-07-31 19:25 - 2022-07-31 19:25 - 000000000 ____D C:\Users\drjan\AppData\Roaming\Adobe
2022-07-31 19:25 - 2022-07-31 19:25 - 000000000 ____D C:\Users\drjan\AppData\Local\VirtualStore
2022-07-31 19:22 - 2022-07-31 19:22 - 000000020 ___SH C:\Users\drjan\ntuser.ini
2022-07-31 19:22 - 2022-07-31 19:22 - 000000000 _SHDL C:\Users\drjan\Šablony
2022-07-31 19:22 - 2022-07-31 19:22 - 000000000 _SHDL C:\Users\drjan\Soubory cookie
2022-07-31 19:22 - 2022-07-31 19:22 - 000000000 _SHDL C:\Users\drjan\Poslední
2022-07-31 19:22 - 2022-07-31 19:22 - 000000000 _SHDL C:\Users\drjan\Okolní tiskárny
2022-07-31 19:22 - 2022-07-31 19:22 - 000000000 _SHDL C:\Users\drjan\Okolní síť
2022-07-31 19:22 - 2022-07-31 19:22 - 000000000 _SHDL C:\Users\drjan\Nabídka Start
2022-07-31 19:22 - 2022-07-31 19:22 - 000000000 _SHDL C:\Users\drjan\Dokumenty
2022-07-31 19:22 - 2022-07-31 19:22 - 000000000 _SHDL C:\Users\drjan\Data aplikací
2022-07-31 19:22 - 2022-07-31 19:22 - 000000000 _SHDL C:\Users\drjan\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2022-07-31 19:22 - 2022-07-31 19:22 - 000000000 _SHDL C:\Users\drjan\AppData\Local\Data aplikací
2022-07-31 19:21 - 2022-08-09 17:43 - 000000000 ____D C:\Users\drjan
2022-07-31 19:12 - 2022-07-31 19:12 - 000000200 _____ C:\Windows\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2022-07-31 19:12 - 2022-07-31 19:12 - 000000000 ____D C:\Program Files\Elantech
2022-07-31 19:12 - 2022-07-31 19:12 - 000000000 _____ C:\Windows\system32\GfxValDisplayLog.bin
2022-07-31 19:12 - 2017-06-12 01:56 - 000103888 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.DLL
2022-07-31 19:12 - 2017-06-12 01:56 - 000099792 _____ (Khronos Group) C:\Windows\system32\OpenCL.DLL
2022-07-31 19:11 - 2022-07-31 19:11 - 000000000 ____D C:\Program Files\Intel
2022-07-31 19:10 - 2022-07-31 19:10 - 000000000 ____D C:\Windows\SysWOW64\sda
2022-07-31 19:10 - 2022-07-31 19:10 - 000000000 ____D C:\ProgramData\Realtek
2022-07-31 19:09 - 2022-07-31 19:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Conexant
2022-07-31 19:08 - 2022-07-31 19:08 - 000000000 ____D C:\Program Files\Dolby Digital Plus
2022-07-31 19:08 - 2015-04-18 10:26 - 000427224 _____ (Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
2022-07-31 19:08 - 2014-11-26 11:01 - 000004664 _____ C:\Windows\system32\Drivers\CxSfPt.dat
2022-07-31 19:08 - 2013-09-30 14:54 - 000001520 _____ C:\Windows\system32\Drivers\SamSfPa.dat
2022-07-31 19:08 - 2013-07-25 14:39 - 000206552 _____ (Conexant Systems Inc.) C:\Windows\system32\CxAudMsg64.exe
2022-07-31 19:07 - 2022-07-31 19:08 - 000000000 ____D C:\ProgramData\Conexant
2022-07-31 19:07 - 2022-07-31 19:08 - 000000000 ____D C:\Program Files\CONEXANT
2022-07-31 19:07 - 2022-07-31 19:07 - 000000000 ____H C:\ProgramData\DP45977C.lfl
2022-07-31 18:12 - 2022-08-09 17:50 - 001605602 _____ C:\Windows\system32\PerfStringBackup.INI
2022-07-31 18:04 - 2022-07-31 18:04 - 000000000 _SHDL C:\Users\Default\Šablony
2022-07-31 18:04 - 2022-07-31 18:04 - 000000000 _SHDL C:\Users\Default\Soubory cookie
2022-07-31 18:04 - 2022-07-31 18:04 - 000000000 _SHDL C:\Users\Default\Poslední
2022-07-31 18:04 - 2022-07-31 18:04 - 000000000 _SHDL C:\Users\Default\Okolní tiskárny
2022-07-31 18:04 - 2022-07-31 18:04 - 000000000 _SHDL C:\Users\Default\Okolní síť
2022-07-31 18:04 - 2022-07-31 18:04 - 000000000 _SHDL C:\Users\Default\Nabídka Start
2022-07-31 18:04 - 2022-07-31 18:04 - 000000000 _SHDL C:\Users\Default\Dokumenty
2022-07-31 18:04 - 2022-07-31 18:04 - 000000000 _SHDL C:\Users\Default\Data aplikací
2022-07-31 18:04 - 2022-07-31 18:04 - 000000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2022-07-31 18:04 - 2022-07-31 18:04 - 000000000 _SHDL C:\Users\Default\AppData\Local\Data aplikací
2022-07-31 18:04 - 2022-07-31 18:04 - 000000000 _SHDL C:\ProgramData\Šablony
2022-07-31 18:04 - 2022-07-31 18:04 - 000000000 _SHDL C:\ProgramData\Plocha
2022-07-31 18:04 - 2022-07-31 18:04 - 000000000 _SHDL C:\ProgramData\Nabídka Start
2022-07-31 18:04 - 2022-07-31 18:04 - 000000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programy
2022-07-31 18:04 - 2022-07-31 18:04 - 000000000 _SHDL C:\ProgramData\Dokumenty
2022-07-31 18:04 - 2022-07-31 18:04 - 000000000 _SHDL C:\ProgramData\Data aplikací
2022-07-31 17:43 - 2022-08-02 19:47 - 000000000 ____D C:\Windows\Panther
2022-07-31 17:32 - 2022-08-03 21:47 - 000000000 ____D C:\Windows.old
2022-07-31 16:49 - 2022-08-07 04:08 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-07-31 16:46 - 2022-08-01 07:38 - 000003640 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-07-31 16:46 - 2022-08-01 07:38 - 000003516 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-07-31 16:45 - 2022-07-31 16:45 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2022-07-31 16:44 - 2022-08-09 17:43 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2022-07-31 16:44 - 2022-08-09 17:43 - 000000000 ____D C:\Windows\system32\SleepStudy
2022-07-31 16:44 - 2022-07-31 21:33 - 000000000 ____D C:\Windows\system32\Drivers\wd
2022-07-31 16:44 - 2022-07-31 16:44 - 000000000 ____D C:\Windows\ServiceProfiles
2022-07-31 16:43 - 2022-08-09 17:43 - 000008192 ___SH C:\DumpStack.log.tmp
2022-07-31 16:43 - 2022-08-08 07:15 - 000385264 _____ C:\Windows\system32\FNTCACHE.DAT
2022-07-31 09:29 - 2022-08-09 18:34 - 000000000 ____D C:\FRST
2022-07-31 08:15 - 2022-07-31 08:57 - 000000000 ___HD C:\$SysReset
2022-07-30 13:16 - 2022-07-30 13:17 - 000000000 ____D C:\KRD2018_Data
2022-07-28 16:09 - 2022-07-29 15:50 - 000000000 ____D C:\zoek_backup
2022-07-27 11:10 - 2022-07-27 11:10 - 000000000 _____ C:\SophosBootTasks.txt
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-08-09 18:16 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-08-09 18:16 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\AppReadiness
2022-08-09 18:15 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-08-09 17:50 - 2019-12-07 16:41 - 000683426 _____ C:\Windows\system32\perfh005.dat
2022-08-09 17:50 - 2019-12-07 16:41 - 000137206 _____ C:\Windows\system32\perfc005.dat
2022-08-09 17:50 - 2019-12-07 11:13 - 000000000 ____D C:\Windows\INF
2022-08-06 10:41 - 2019-12-07 11:14 - 000000167 _____ C:\Windows\win.ini
2022-08-06 08:28 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2022-08-05 16:23 - 2019-12-07 11:03 - 000524288 _____ C:\Windows\system32\config\BBI
2022-08-01 21:49 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\LiveKernelReports
2022-08-01 19:41 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\System
2022-08-01 07:38 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\appcompat
2022-07-31 21:33 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Windows Defender
2022-07-31 21:16 - 2019-12-07 11:14 - 000000000 ___SD C:\Windows\system32\UNP
2022-07-31 21:16 - 2019-12-07 11:14 - 000000000 ___SD C:\Windows\system32\DiagSvcs
2022-07-31 21:16 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata
2022-07-31 21:16 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\setup
2022-07-31 21:16 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\lv-LV
2022-07-31 21:16 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\lt-LT
2022-07-31 21:16 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\et-EE
2022-07-31 21:16 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\es-MX
2022-07-31 21:16 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\Dism
2022-07-31 21:16 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SystemResources
2022-07-31 21:16 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\WinMetadata
2022-07-31 21:16 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\WinBioPlugIns
2022-07-31 21:16 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\ShellExperiences
2022-07-31 21:16 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\setup
2022-07-31 21:16 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\oobe
2022-07-31 21:16 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\migwiz
2022-07-31 21:16 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\lv-LV
2022-07-31 21:16 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\lt-LT
2022-07-31 21:16 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\et-EE
2022-07-31 21:16 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\es-MX
2022-07-31 21:16 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\Dism
2022-07-31 21:16 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\DDFs
2022-07-31 21:16 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\appraiser
2022-07-31 21:15 - 2019-12-07 16:44 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2022-07-31 21:15 - 2019-12-07 11:14 - 000000000 ___RD C:\Windows\PrintDialog
2022-07-31 21:15 - 2019-12-07 11:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2022-07-31 21:15 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\ShellExperiences
2022-07-31 21:15 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\ShellComponents
2022-07-31 21:15 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\Provisioning
2022-07-31 21:15 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\PolicyDefinitions
2022-07-31 21:15 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\bcastdvr
2022-07-31 21:15 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\servicing
2022-07-31 21:01 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\CbsTemp
2022-07-31 19:54 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\ServiceState
2022-07-31 19:22 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\WinBioDatabase
2022-07-31 19:05 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\USOPrivate
2022-07-31 18:07 - 2019-12-07 16:42 - 000000000 ____D C:\Windows\system32\FxsTmp
2022-07-31 18:07 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\spool
2022-07-31 18:04 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Windows NT
2022-07-31 17:42 - 2019-12-07 11:14 - 000028672 _____ C:\Windows\system32\config\BCD-Template
2022-07-31 16:46 - 2019-12-07 11:03 - 000032768 _____ C:\Windows\system32\config\ELAM
2022-07-26 22:59 - 2017-01-26 12:02 - 000000000 ____D C:\AdwCleaner
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Ran by drjan (administrator) on DESKTOP-17RTQ1L (LENOVO 20351) (09-08-2022 18:33:38)
Running from C:\Users\drjan\OneDrive\Plocha
Loaded Profiles: drjan
Platform: Microsoft Windows 10 Home Version 21H2 19044.1865 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(C:\Program Files\Elantech\ETDCtrl.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(C:\Program Files\Elantech\ETDService.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(explorer.exe ->) (Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(explorer.exe ->) (Fortemedia Inc -> ) C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <8>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler64.exe
(Intel(R) pGFX -> ) C:\Windows\System32\igfxTray.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(services.exe ->) (Conexant Systems, Inc. -> Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(services.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\drjan\AppData\Local\Microsoft\OneDrive\22.141.0703.0002\FileCoAuth.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22052.554.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] (Fortemedia Inc -> )
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [935104 2014-11-25] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830616 2014-04-10] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3242696 2015-10-07] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3831808 2021-08-30] (Microsoft Windows Hardware Compatibility Publisher -> Logitech)
HKU\S-1-5-21-1504615263-2154095078-1380061987-1001\...\Run: [MicrosoftEdgeAutoLaunch_13EAA4211EFB414858420240490B61ED] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3827112 2022-08-04] (Microsoft Corporation -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\104.0.5112.81\Installer\chrmstp.exe [2022-08-09] (Google LLC -> Google LLC)
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {079EB0FA-F5FB-4D65-83EF-706497C79233} - System32\Tasks\GoogleUpdateTaskMachineCore{70C10BAB-4774-4ADF-B1FD-72805C7FD7F1} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [168632 2022-08-02] (Google LLC -> Google LLC)
Task: {185ED2FF-0632-45FD-B92C-5DF3B1DE5D86} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {21A02C3D-95E6-488F-9582-AFBD91D580B8} - System32\Tasks\Microsoft\Windows\Management\Autopilot\DetectHardwareChange => {62B2DD2C-F129-42EE-BF59-55D3FD21C215} C:\Windows\System32\Autopilot.dll [192000 2022-07-31] (Microsoft Windows -> Microsoft Corporation)
Task: {322BB54A-E43F-4DEA-8643-E814550B4AD0} - System32\Tasks\GoogleUpdateTaskMachineUA{6416D6BA-ECA7-4B31-ABA1-4A8FF04CA0A7} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [168632 2022-08-02] (Google LLC -> Google LLC)
Task: {39FB9E64-573C-4931-AA63-577AEB13F05E} - System32\Tasks\Microsoft Office 15 Sync Maintenance for DESKTOP-17RTQ1L-drjan DESKTOP-17RTQ1L => C:\Program Files\Microsoft Office\Office15\MsoSync.exe [470720 2016-02-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {80F9DD1A-576B-41ED-ABF1-D2E52659CECC} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\drjan\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [21737944 2022-08-01] (ESET, spol. s r.o. -> ESET)
Task: {9E01CB1E-F240-4B64-B1E3-0B0488C06B38} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {ADD7678C-F20F-4A26-A327-17B1844C24A5} - System32\Tasks\Microsoft\Windows\Management\Autopilot\RemediateHardwareChange => {62B2DD2C-F129-42EE-BF59-55D3FD21C215} C:\Windows\System32\Autopilot.dll [192000 2022-07-31] (Microsoft Windows -> Microsoft Corporation)
Task: {FB9C90CA-223E-462A-BA02-74C5A9E03A58} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [1626328 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {FF29D128-607D-42F1-BF1D-AD97182045D1} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\drjan\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [21737944 2022-08-01] (ESET, spol. s r.o. -> ESET)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{976fe41c-1e11-4952-b885-9cf86326247a}: [DhcpNameServer] 192.168.0.1
Edge:
=======
Edge Profile: C:\Users\drjan\AppData\Local\Microsoft\Edge\User Data\Default [2022-08-09]
FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-06-25] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR DefaultProfile: Profile 1
CHR Profile: C:\Users\drjan\AppData\Local\Google\Chrome\User Data\Default [2022-08-02]
CHR Extension: (Dokumenty Google offline) - C:\Users\drjan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-08-02]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\drjan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-08-02]
CHR Profile: C:\Users\drjan\AppData\Local\Google\Chrome\User Data\Guest Profile [2022-08-09]
CHR Profile: C:\Users\drjan\AppData\Local\Google\Chrome\User Data\Profile 1 [2022-08-09]
CHR HomePage: Profile 1 -> hxxp://www.centrum.cz/
CHR Extension: (Překladač Google) - C:\Users\drjan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2022-08-02]
CHR Extension: (Dictanote) - C:\Users\drjan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aomjekmpappghadlogpigifkghlmebjk [2022-08-02]
CHR Extension: (Tipli do prohlížeče) - C:\Users\drjan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dbnfnbehhjknomdbfhcobpgpphnlnikp [2022-08-02]
CHR Extension: (Sumo) - C:\Users\drjan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dlgipkaoljiajmolhibpngjppeckkjjp [2022-08-02]
CHR Extension: (Facebook Pixel Helper) - C:\Users\drjan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fdgfkebogiimcoedlicjlajpkdmockpc [2022-08-02]
CHR Extension: (Dokumenty Google offline) - C:\Users\drjan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-08-02]
CHR Extension: (Tlačítko Uložit pro Pinterest) - C:\Users\drjan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2022-08-02]
CHR Extension: (VoiceNote II - Speech to text) - C:\Users\drjan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hfknjgplnkgjihghcidajejfmldhibfm [2022-08-02]
CHR Extension: (Grepsr - Web Scraping Tool) - C:\Users\drjan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hjdijkhlfpeafghibmiabeofkiicdnjm [2022-08-02]
CHR Extension: (Kindle Cloud Reader) - C:\Users\drjan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\icdipabjmbhpdkjaihfjoikhjjeneebd [2022-08-02]
CHR Extension: (Voice Recognition) - C:\Users\drjan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ikjmfindklfaonkodbnidahohdfbdhkn [2022-08-02]
CHR Extension: (FormApps Extension) - C:\Users\drjan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ilfoopambfaclfjmpiaijnccgcmbeigi [2022-08-02]
CHR Extension: (Screen Recorder) - C:\Users\drjan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\jdopnakmnlnccgpfpmjmdjjohmcdgabp [2022-08-02]
CHR Extension: (Grammarly: Grammar Checker and Writing App) - C:\Users\drjan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2022-08-04]
CHR Extension: (Tag Assistant Legacy (by Google)) - C:\Users\drjan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\kejbdjndbnbjgmefkgdddjlbokphdefk [2022-08-02]
CHR Extension: (AirDroid Remote Control Plugin) - C:\Users\drjan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\macmgoeeggnlnmpiojbcniblabkdjphe [2022-08-02]
CHR Extension: (Morpheon Dark) - C:\Users\drjan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\mafbdhjdkjnoafhfelkjpchpaepjknad [2022-08-02]
CHR Extension: (Scraper) - C:\Users\drjan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\mbigbapnjcgaffohmbkdlecaccepngjd [2022-08-02]
CHR Extension: (Amz Superman Seller tool) - C:\Users\drjan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ndhncndbgnmheelpkdmldlcdhmieiagm [2022-08-02]
CHR Extension: (Sklik plugin) - C:\Users\drjan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nidaimoaiogijcjpfjgkbhooeghpgklf [2022-08-02]
CHR Extension: (Video Downloader PLUS) - C:\Users\drjan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\njgehaondchbmjmajphnhlojfnbfokng [2022-08-02]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\drjan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-08-03]
CHR Extension: (AliRadar - помощник в покупках) - C:\Users\drjan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pfjibkklgpfcfdlhijfglamdnkjnpdeg [2022-08-02]
CHR Profile: C:\Users\drjan\AppData\Local\Google\Chrome\User Data\System Profile [2022-08-09]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2205.7-0\NisSrv.exe [3120992 2022-07-31] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2205.7-0\MsMpEng.exe [133544 2022-07-31] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [49576 2022-07-31] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [452856 2022-07-31] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [91384 2022-07-31] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-08-06 08:10 - 2022-08-06 08:10 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2022-08-03 22:27 - 2022-08-03 22:27 - 000000000 ____D C:\Users\drjan\AppData\Local\OneDrive
2022-08-03 17:25 - 2022-08-03 17:25 - 000000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2022-08-02 16:54 - 2022-08-02 16:54 - 000000000 ____D C:\Users\drjan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome
2022-08-02 16:47 - 2022-08-09 12:53 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-08-02 16:47 - 2022-08-02 16:47 - 000000000 ____D C:\Program Files\Google
2022-08-02 16:46 - 2022-08-09 17:52 - 000000000 ____D C:\Program Files (x86)\Google
2022-08-02 16:46 - 2022-08-02 16:54 - 000000000 ____D C:\Users\drjan\AppData\Local\Google
2022-08-02 16:46 - 2022-08-02 16:46 - 001414600 _____ (Google LLC) C:\Users\drjan\Downloads\ChromeSetup.exe
2022-08-02 16:46 - 2022-08-02 16:46 - 000003550 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA{6416D6BA-ECA7-4B31-ABA1-4A8FF04CA0A7}
2022-08-02 16:46 - 2022-08-02 16:46 - 000003426 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore{70C10BAB-4774-4ADF-B1FD-72805C7FD7F1}
2022-08-02 13:27 - 2022-08-02 13:41 - 000000000 ____D C:\Users\drjan\OneDrive\Dokumenty\Soubory aplikace Outlook
2022-08-02 07:33 - 2022-08-02 07:33 - 000003858 _____ C:\Windows\system32\Tasks\EOSv3 Scheduler onLogOn
2022-08-02 07:33 - 2022-08-02 07:33 - 000003416 _____ C:\Windows\system32\Tasks\EOSv3 Scheduler onTime
2022-08-02 02:42 - 2022-08-05 15:53 - 000005264 _____ C:\Windows\system32\Tasks\Microsoft Office 15 Sync Maintenance for DESKTOP-17RTQ1L-drjan DESKTOP-17RTQ1L
2022-08-01 21:13 - 2022-08-01 21:13 - 000000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 8
2022-08-01 19:46 - 2022-08-06 10:52 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2022-08-01 19:45 - 2022-08-01 21:12 - 000000000 ____D C:\Windows\SHELLNEW
2022-08-01 19:45 - 2022-08-01 19:45 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2022-08-01 19:43 - 2022-08-01 19:43 - 000000000 ____D C:\Windows\PCHEALTH
2022-08-01 19:39 - 2022-08-01 19:43 - 000000000 ____D C:\Program Files\Microsoft Office
2022-08-01 19:39 - 2022-08-01 19:39 - 000000000 ____D C:\Users\drjan\AppData\Local\Microsoft Help
2022-08-01 19:39 - 2022-08-01 19:39 - 000000000 ____D C:\Program Files\Microsoft Analysis Services
2022-08-01 19:39 - 2022-08-01 19:39 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2022-08-01 19:39 - 2022-08-01 19:39 - 000000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2022-08-01 14:10 - 2022-08-01 14:10 - 000000000 ____D C:\Users\drjan\AppData\Local\D3DSCache
2022-08-01 07:43 - 2022-08-01 12:14 - 000001382 _____ C:\Users\drjan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2022-08-01 07:43 - 2022-08-01 07:43 - 000000000 ____D C:\Users\drjan\AppData\Local\ESET
2022-08-01 07:42 - 2022-08-01 07:42 - 015274968 _____ (ESET) C:\Users\drjan\Downloads\esetonlinescanner.exe
2022-08-01 07:40 - 2022-08-01 07:40 - 000000000 ____D C:\Users\drjan\AppData\Local\Comms
2022-07-31 21:30 - 2022-08-09 17:44 - 000000180 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2022-07-31 21:15 - 2022-07-31 21:15 - 000000000 ____D C:\Windows\SystemTemp
2022-07-31 20:35 - 2022-07-31 20:35 - 000693248 _____ C:\Windows\system32\FsNVSDeviceSource.dll
2022-07-31 20:35 - 2022-07-31 20:35 - 000581120 _____ (Microsoft Corporation) C:\Windows\system32\PhotoScreensaver.scr
2022-07-31 20:35 - 2022-07-31 20:35 - 000499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PhotoScreensaver.scr
2022-07-31 20:35 - 2022-07-31 20:35 - 000470528 _____ (curl, hxxps://curl.se/) C:\Windows\SysWOW64\curl.exe
2022-07-31 20:35 - 2022-07-31 20:35 - 000104448 _____ C:\Windows\system32\nettraceex.dll
2022-07-31 20:35 - 2022-07-31 20:35 - 000026624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mode.com
2022-07-31 20:35 - 2022-07-31 20:35 - 000018944 _____ C:\Windows\SysWOW64\WsdProviderUtil.dll
2022-07-31 20:35 - 2022-07-31 20:35 - 000017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tree.com
2022-07-31 20:35 - 2022-07-31 20:35 - 000012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\chcp.com
2022-07-31 20:34 - 2022-07-31 20:34 - 000530944 _____ (curl, hxxps://curl.se/) C:\Windows\system32\curl.exe
2022-07-31 20:34 - 2022-07-31 20:34 - 000270848 _____ C:\Windows\system32\EsclScan.dll
2022-07-31 20:34 - 2022-07-31 20:34 - 000152064 _____ C:\Windows\system32\EsclProtocol.dll
2022-07-31 20:34 - 2022-07-31 20:34 - 000033280 _____ (Microsoft Corporation) C:\Windows\system32\mode.com
2022-07-31 20:34 - 2022-07-31 20:34 - 000020992 _____ (Microsoft Corporation) C:\Windows\system32\tree.com
2022-07-31 20:34 - 2022-07-31 20:34 - 000014848 _____ (Microsoft Corporation) C:\Windows\system32\chcp.com
2022-07-31 20:34 - 2022-07-31 20:34 - 000011797 _____ C:\Windows\system32\DrtmAuthTxt.wim
2022-07-31 20:33 - 2022-07-31 20:33 - 001333760 _____ C:\Windows\SysWOW64\TextInputMethodFormatter.dll
2022-07-31 20:33 - 2022-07-31 20:33 - 000039936 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2022-07-31 20:32 - 2022-07-31 20:32 - 000223744 _____ C:\Windows\SysWOW64\TpmTool.exe
2022-07-31 20:31 - 2022-07-31 20:31 - 000061952 _____ C:\Windows\system32\printticketvalidation.dll
2022-07-31 20:31 - 2022-07-31 20:31 - 000057344 _____ C:\Windows\system32\APMonUI.dll
2022-07-31 20:30 - 2022-07-31 20:30 - 002254336 _____ C:\Windows\system32\dwmscene.dll
2022-07-31 20:30 - 2022-07-31 20:30 - 000060928 _____ C:\Windows\system32\runexehelper.exe
2022-07-31 20:30 - 2022-07-31 20:30 - 000048640 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2022-07-31 20:29 - 2022-07-31 20:29 - 002260480 _____ C:\Windows\system32\TextInputMethodFormatter.dll
2022-07-31 20:29 - 2022-07-31 20:29 - 000232288 _____ C:\Windows\system32\containerdevicemanagement.dll
2022-07-31 20:29 - 2022-07-31 20:29 - 000093696 _____ C:\Windows\system32\Drivers\cimfs.sys
2022-07-31 20:29 - 2022-07-31 20:29 - 000024576 _____ C:\Windows\system32\WsdProviderUtil.dll
2022-07-31 20:28 - 2022-07-31 20:28 - 000640512 _____ C:\Windows\system32\SettingSyncDownloadHelper.dll
2022-07-31 20:28 - 2022-07-31 20:28 - 000288768 _____ C:\Windows\system32\Windows.Management.InprocObjects.dll
2022-07-31 20:28 - 2022-07-31 20:28 - 000272896 _____ C:\Windows\system32\TpmTool.exe
2022-07-31 20:28 - 2022-07-31 20:28 - 000162304 _____ C:\Windows\system32\DataStoreCacheDumpTool.exe
2022-07-31 20:28 - 2022-07-31 20:28 - 000089088 _____ C:\Windows\system32\windows.applicationmodel.conversationalagent.proxystub.dll
2022-07-31 20:28 - 2022-07-31 20:28 - 000073216 _____ C:\Windows\system32\windows.applicationmodel.conversationalagent.internal.proxystub.dll
2022-07-31 20:11 - 2022-07-31 20:11 - 000000000 ___HD C:\OneDriveTemp
2022-07-31 20:11 - 2020-10-21 10:16 - 000000173 ____R C:\Users\drjan\OneDrive\Dokumenty\Poznámkový blok uživatele Jan.url
2022-07-31 20:11 - 2016-04-19 06:59 - 006582678 _____ C:\Users\drjan\OneDrive\Dokumenty\Navod_na_zarabanie_cez_Amazon.pdf
2022-07-31 20:11 - 2015-11-29 14:28 - 001129595 _____ C:\Users\drjan\OneDrive\Dokumenty\CopyPasteCommission CZ.pdf
2022-07-31 20:10 - 2022-08-01 20:12 - 000003592 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1504615263-2154095078-1380061987-1001
2022-07-31 20:10 - 2022-08-01 20:12 - 000002381 _____ C:\Users\drjan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-07-31 20:06 - 2022-08-09 17:48 - 000000000 ___RD C:\Users\drjan\OneDrive
2022-07-31 20:06 - 2022-08-01 20:12 - 000003380 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1504615263-2154095078-1380061987-1001
2022-07-31 20:00 - 2022-07-31 20:00 - 000000000 ___HD C:\$WinREAgent
2022-07-31 19:52 - 2022-07-31 19:52 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2022-07-31 19:40 - 2022-08-04 16:10 - 000000000 ____D C:\Users\drjan\AppData\Local\PlaceholderTileLogoFolder
2022-07-31 19:35 - 2022-07-31 19:43 - 000000000 ____D C:\Windows\system32\MRT
2022-07-31 19:34 - 2022-07-31 19:34 - 000001146 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk
2022-07-31 19:34 - 2022-07-31 19:34 - 000000000 ____D C:\Program Files\PCHealthCheck
2022-07-31 19:28 - 2022-07-31 19:28 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2022-07-31 19:26 - 2022-08-02 06:08 - 000000000 ____D C:\ProgramData\Packages
2022-07-31 19:26 - 2022-07-31 19:26 - 000000000 ____D C:\Users\drjan\AppData\Local\Publishers
2022-07-31 19:25 - 2022-08-09 17:44 - 000000000 __SHD C:\Users\drjan\IntelGraphicsProfiles
2022-07-31 19:25 - 2022-08-01 14:25 - 000000000 ____D C:\Users\drjan\AppData\Local\Packages
2022-07-31 19:25 - 2022-07-31 21:30 - 000000000 ____D C:\Users\drjan\AppData\Local\ConnectedDevicesPlatform
2022-07-31 19:25 - 2022-07-31 19:29 - 000000000 __RHD C:\Users\Public\AccountPictures
2022-07-31 19:25 - 2022-07-31 19:25 - 000000000 ___RD C:\Users\drjan\3D Objects
2022-07-31 19:25 - 2022-07-31 19:25 - 000000000 ____D C:\Users\drjan\AppData\Roaming\Adobe
2022-07-31 19:25 - 2022-07-31 19:25 - 000000000 ____D C:\Users\drjan\AppData\Local\VirtualStore
2022-07-31 19:22 - 2022-07-31 19:22 - 000000020 ___SH C:\Users\drjan\ntuser.ini
2022-07-31 19:22 - 2022-07-31 19:22 - 000000000 _SHDL C:\Users\drjan\Šablony
2022-07-31 19:22 - 2022-07-31 19:22 - 000000000 _SHDL C:\Users\drjan\Soubory cookie
2022-07-31 19:22 - 2022-07-31 19:22 - 000000000 _SHDL C:\Users\drjan\Poslední
2022-07-31 19:22 - 2022-07-31 19:22 - 000000000 _SHDL C:\Users\drjan\Okolní tiskárny
2022-07-31 19:22 - 2022-07-31 19:22 - 000000000 _SHDL C:\Users\drjan\Okolní síť
2022-07-31 19:22 - 2022-07-31 19:22 - 000000000 _SHDL C:\Users\drjan\Nabídka Start
2022-07-31 19:22 - 2022-07-31 19:22 - 000000000 _SHDL C:\Users\drjan\Dokumenty
2022-07-31 19:22 - 2022-07-31 19:22 - 000000000 _SHDL C:\Users\drjan\Data aplikací
2022-07-31 19:22 - 2022-07-31 19:22 - 000000000 _SHDL C:\Users\drjan\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2022-07-31 19:22 - 2022-07-31 19:22 - 000000000 _SHDL C:\Users\drjan\AppData\Local\Data aplikací
2022-07-31 19:21 - 2022-08-09 17:43 - 000000000 ____D C:\Users\drjan
2022-07-31 19:12 - 2022-07-31 19:12 - 000000200 _____ C:\Windows\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2022-07-31 19:12 - 2022-07-31 19:12 - 000000000 ____D C:\Program Files\Elantech
2022-07-31 19:12 - 2022-07-31 19:12 - 000000000 _____ C:\Windows\system32\GfxValDisplayLog.bin
2022-07-31 19:12 - 2017-06-12 01:56 - 000103888 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.DLL
2022-07-31 19:12 - 2017-06-12 01:56 - 000099792 _____ (Khronos Group) C:\Windows\system32\OpenCL.DLL
2022-07-31 19:11 - 2022-07-31 19:11 - 000000000 ____D C:\Program Files\Intel
2022-07-31 19:10 - 2022-07-31 19:10 - 000000000 ____D C:\Windows\SysWOW64\sda
2022-07-31 19:10 - 2022-07-31 19:10 - 000000000 ____D C:\ProgramData\Realtek
2022-07-31 19:09 - 2022-07-31 19:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Conexant
2022-07-31 19:08 - 2022-07-31 19:08 - 000000000 ____D C:\Program Files\Dolby Digital Plus
2022-07-31 19:08 - 2015-04-18 10:26 - 000427224 _____ (Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
2022-07-31 19:08 - 2014-11-26 11:01 - 000004664 _____ C:\Windows\system32\Drivers\CxSfPt.dat
2022-07-31 19:08 - 2013-09-30 14:54 - 000001520 _____ C:\Windows\system32\Drivers\SamSfPa.dat
2022-07-31 19:08 - 2013-07-25 14:39 - 000206552 _____ (Conexant Systems Inc.) C:\Windows\system32\CxAudMsg64.exe
2022-07-31 19:07 - 2022-07-31 19:08 - 000000000 ____D C:\ProgramData\Conexant
2022-07-31 19:07 - 2022-07-31 19:08 - 000000000 ____D C:\Program Files\CONEXANT
2022-07-31 19:07 - 2022-07-31 19:07 - 000000000 ____H C:\ProgramData\DP45977C.lfl
2022-07-31 18:12 - 2022-08-09 17:50 - 001605602 _____ C:\Windows\system32\PerfStringBackup.INI
2022-07-31 18:04 - 2022-07-31 18:04 - 000000000 _SHDL C:\Users\Default\Šablony
2022-07-31 18:04 - 2022-07-31 18:04 - 000000000 _SHDL C:\Users\Default\Soubory cookie
2022-07-31 18:04 - 2022-07-31 18:04 - 000000000 _SHDL C:\Users\Default\Poslední
2022-07-31 18:04 - 2022-07-31 18:04 - 000000000 _SHDL C:\Users\Default\Okolní tiskárny
2022-07-31 18:04 - 2022-07-31 18:04 - 000000000 _SHDL C:\Users\Default\Okolní síť
2022-07-31 18:04 - 2022-07-31 18:04 - 000000000 _SHDL C:\Users\Default\Nabídka Start
2022-07-31 18:04 - 2022-07-31 18:04 - 000000000 _SHDL C:\Users\Default\Dokumenty
2022-07-31 18:04 - 2022-07-31 18:04 - 000000000 _SHDL C:\Users\Default\Data aplikací
2022-07-31 18:04 - 2022-07-31 18:04 - 000000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2022-07-31 18:04 - 2022-07-31 18:04 - 000000000 _SHDL C:\Users\Default\AppData\Local\Data aplikací
2022-07-31 18:04 - 2022-07-31 18:04 - 000000000 _SHDL C:\ProgramData\Šablony
2022-07-31 18:04 - 2022-07-31 18:04 - 000000000 _SHDL C:\ProgramData\Plocha
2022-07-31 18:04 - 2022-07-31 18:04 - 000000000 _SHDL C:\ProgramData\Nabídka Start
2022-07-31 18:04 - 2022-07-31 18:04 - 000000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programy
2022-07-31 18:04 - 2022-07-31 18:04 - 000000000 _SHDL C:\ProgramData\Dokumenty
2022-07-31 18:04 - 2022-07-31 18:04 - 000000000 _SHDL C:\ProgramData\Data aplikací
2022-07-31 17:43 - 2022-08-02 19:47 - 000000000 ____D C:\Windows\Panther
2022-07-31 17:32 - 2022-08-03 21:47 - 000000000 ____D C:\Windows.old
2022-07-31 16:49 - 2022-08-07 04:08 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-07-31 16:46 - 2022-08-01 07:38 - 000003640 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-07-31 16:46 - 2022-08-01 07:38 - 000003516 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-07-31 16:45 - 2022-07-31 16:45 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2022-07-31 16:44 - 2022-08-09 17:43 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2022-07-31 16:44 - 2022-08-09 17:43 - 000000000 ____D C:\Windows\system32\SleepStudy
2022-07-31 16:44 - 2022-07-31 21:33 - 000000000 ____D C:\Windows\system32\Drivers\wd
2022-07-31 16:44 - 2022-07-31 16:44 - 000000000 ____D C:\Windows\ServiceProfiles
2022-07-31 16:43 - 2022-08-09 17:43 - 000008192 ___SH C:\DumpStack.log.tmp
2022-07-31 16:43 - 2022-08-08 07:15 - 000385264 _____ C:\Windows\system32\FNTCACHE.DAT
2022-07-31 09:29 - 2022-08-09 18:34 - 000000000 ____D C:\FRST
2022-07-31 08:15 - 2022-07-31 08:57 - 000000000 ___HD C:\$SysReset
2022-07-30 13:16 - 2022-07-30 13:17 - 000000000 ____D C:\KRD2018_Data
2022-07-28 16:09 - 2022-07-29 15:50 - 000000000 ____D C:\zoek_backup
2022-07-27 11:10 - 2022-07-27 11:10 - 000000000 _____ C:\SophosBootTasks.txt
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-08-09 18:16 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-08-09 18:16 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\AppReadiness
2022-08-09 18:15 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-08-09 17:50 - 2019-12-07 16:41 - 000683426 _____ C:\Windows\system32\perfh005.dat
2022-08-09 17:50 - 2019-12-07 16:41 - 000137206 _____ C:\Windows\system32\perfc005.dat
2022-08-09 17:50 - 2019-12-07 11:13 - 000000000 ____D C:\Windows\INF
2022-08-06 10:41 - 2019-12-07 11:14 - 000000167 _____ C:\Windows\win.ini
2022-08-06 08:28 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2022-08-05 16:23 - 2019-12-07 11:03 - 000524288 _____ C:\Windows\system32\config\BBI
2022-08-01 21:49 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\LiveKernelReports
2022-08-01 19:41 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\System
2022-08-01 07:38 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\appcompat
2022-07-31 21:33 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Windows Defender
2022-07-31 21:16 - 2019-12-07 11:14 - 000000000 ___SD C:\Windows\system32\UNP
2022-07-31 21:16 - 2019-12-07 11:14 - 000000000 ___SD C:\Windows\system32\DiagSvcs
2022-07-31 21:16 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata
2022-07-31 21:16 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\setup
2022-07-31 21:16 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\lv-LV
2022-07-31 21:16 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\lt-LT
2022-07-31 21:16 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\et-EE
2022-07-31 21:16 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\es-MX
2022-07-31 21:16 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\Dism
2022-07-31 21:16 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SystemResources
2022-07-31 21:16 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\WinMetadata
2022-07-31 21:16 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\WinBioPlugIns
2022-07-31 21:16 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\ShellExperiences
2022-07-31 21:16 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\setup
2022-07-31 21:16 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\oobe
2022-07-31 21:16 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\migwiz
2022-07-31 21:16 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\lv-LV
2022-07-31 21:16 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\lt-LT
2022-07-31 21:16 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\et-EE
2022-07-31 21:16 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\es-MX
2022-07-31 21:16 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\Dism
2022-07-31 21:16 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\DDFs
2022-07-31 21:16 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\appraiser
2022-07-31 21:15 - 2019-12-07 16:44 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2022-07-31 21:15 - 2019-12-07 11:14 - 000000000 ___RD C:\Windows\PrintDialog
2022-07-31 21:15 - 2019-12-07 11:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2022-07-31 21:15 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\ShellExperiences
2022-07-31 21:15 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\ShellComponents
2022-07-31 21:15 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\Provisioning
2022-07-31 21:15 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\PolicyDefinitions
2022-07-31 21:15 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\bcastdvr
2022-07-31 21:15 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\servicing
2022-07-31 21:01 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\CbsTemp
2022-07-31 19:54 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\ServiceState
2022-07-31 19:22 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\WinBioDatabase
2022-07-31 19:05 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\USOPrivate
2022-07-31 18:07 - 2019-12-07 16:42 - 000000000 ____D C:\Windows\system32\FxsTmp
2022-07-31 18:07 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\spool
2022-07-31 18:04 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Windows NT
2022-07-31 17:42 - 2019-12-07 11:14 - 000028672 _____ C:\Windows\system32\config\BCD-Template
2022-07-31 16:46 - 2019-12-07 11:03 - 000032768 _____ C:\Windows\system32\config\ELAM
2022-07-26 22:59 - 2017-01-26 12:02 - 000000000 ____D C:\AdwCleaner
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================