Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 19.03.2024
Ran by Administrator (administrator) on FRANKPC (Gigabyte Technology Co., Ltd. AB350M-HD3) (21-03-2024 12:45:40)
Running from C:\Users\Administrator\Desktop\FRST64.exe
Loaded Profiles: Frank & Magda & Administrator
Platform: Microsoft Windows 10 Pro Version 22H2 19045.4170 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe <2>
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe <3>
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe <2>
(C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe ->) (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe <3>
(C:\Program Files\ESET\ESET Smart Security\ekrn.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe <2>
(C:\Program Files\ESET\ESET Smart Security\ekrn.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Smart Security\eguiProxy.exe <3>
(C:\Program Files\WindowsApps\MSTeams_24046.2809.2757.3796_x64__8wekyb3d8bbwe\ms-teams.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.92\msedgewebview2.exe <7>
(DriverStore\FileRepository\c0360470.inf_amd64_b06c374aee20d185\B360357\atiesrxx.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0360470.inf_amd64_b06c374aee20d185\B360357\atieclxx.exe <4>
(explorer.exe ->) (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicStartMenu.exe <3>
(explorer.exe ->) (Microsoft Corporation) [File not signed] [File is in use] C:\Program Files\Windows Sidebar\sidebar.exe <2>
(explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe <2>
(explorer.exe ->) (Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe <5>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <27>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\OneDrive.exe <2>
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0360470.inf_amd64_b06c374aee20d185\B360357\atiesrxx.exe
(services.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CredentialEnrollmentManager.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24020.7-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24020.7-0\NisSrv.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <4>
(sihost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\MSTeams_24046.2809.2757.3796_x64__8wekyb3d8bbwe\ms-teams.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\24.045.0303.0003\FileCoAuth.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <9>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rdpclip.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.4163_none_7e304ec47c735f2e\TiWorker.exe
(winlogon.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\LogonUI.exe <3>

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [163640 2017-08-13] (Ivaylo Beltchev -> IvoSoft) [File not signed]
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [856288 2019-10-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\ecmds.exe [165928 2021-06-27] (ESET, spol. s r.o. -> ESET)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1903198104-2311777375-1230281804-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [3306400 2024-03-21] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1903198104-2311777375-1230281804-1002\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [3306400 2024-03-21] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1903198104-2311777375-1230281804-1002\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [123150712 2022-11-28] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-1903198104-2311777375-1230281804-1002\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Magda\AppData\Local\Microsoft\Teams\Update.exe [2591296 2024-01-06] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-1903198104-2311777375-1230281804-1002\...\Run: [MicrosoftEdgeAutoLaunch_FDF719186F1CB23BDF69FE840FAE1BD7] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4060712 2024-03-14] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1903198104-2311777375-1230281804-1003\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [3306400 2024-03-21] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1903198104-2311777375-1230281804-500\...\Run: [MicrosoftEdgeAutoLaunch_98769996E24836F99EC8617644423B4C] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4060712 2024-03-14] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1903198104-2311777375-1230281804-500\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [3306400 2024-03-21] (Microsoft Corporation -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\122.0.6261.129\Installer\chrmstp.exe [2024-03-15] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{2179C5D3-EBFF-11CF-B6FD-00AA00B4E220}] -> 
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] -> rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\mswmp.inf,PerUserStub

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {F89C2A60-70A2-46D7-9C68-97A70754E9D8} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1547208 2024-01-31] (Adobe Inc. -> Adobe Inc.)
Task: {6BE1CED4-6BBB-4AB4-ACB6-3C3377C4DB45} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\Administrator\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [15145336 2024-03-21] (ESET, spol. s r.o. -> ESET)
Task: {49A24B94-912B-4AFE-8ADD-424E1B6B2680} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\Administrator\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [15145336 2024-03-21] (ESET, spol. s r.o. -> ESET)
Task: {109E4CEF-7EF5-4A9B-89EB-01334A92D298} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem124.0.6359.0{08993FDE-F5E6-4C00-BBA3-F859DC1B0BF8} => C:\Program Files (x86)\Google\GoogleUpdater\124.0.6359.0\updater.exe [4749088 2024-03-15] (Google LLC -> Google LLC)
Task: {1D90148F-4D0B-4F32-8C7E-50237568C4A2} - System32\Tasks\Microsoft\Windows\rempl\shell => %ProgramFiles%\rempl\sedlauncher.exe  (No File)
Task: {6BB83497-8A22-4934-B942-995DD4148C4C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24020.7-0\MpCmdRun.exe [1650024 2024-03-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {85A74138-369B-41AE-9511-CA51301DECDB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24020.7-0\MpCmdRun.exe [1650024 2024-03-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {86F0F914-82BF-49DD-BFEA-71A7136B737B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24020.7-0\MpCmdRun.exe [1650024 2024-03-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {617BC74C-9478-43B5-80C6-824196650D58} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24020.7-0\MpCmdRun.exe [1650024 2024-03-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {373E2AA6-2DBC-4BB7-8BA7-63E7BA96ADC5} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4205984 2024-03-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {082FEF6B-1D65-487E-82C6-53DB6CAB223C} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-1903198104-2311777375-1230281804-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4205984 2024-03-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {65DD08AF-99EC-4C00-AD3A-6F3F71DD2673} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-1903198104-2311777375-1230281804-1002 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4205984 2024-03-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {02B67A53-7929-4C25-A36C-791E848A5A07} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-1903198104-2311777375-1230281804-1003 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4205984 2024-03-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {24EB670D-D64D-4B7A-A769-4F68F3DD033A} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-1903198104-2311777375-1230281804-500 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4205984 2024-03-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {5B233AEE-9337-4A7C-8500-C07AD597504C} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [61624 2020-08-21] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {F1F6432A-2E69-435F-BE63-9676A0D02F4D} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [69304 2020-08-21] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{8c89314e-b7cc-426f-a899-6d69f915392e}: [DhcpNameServer] 192.168.2.1

Edge: 
=======
Edge Profile: C:\Users\Administrator\AppData\Local\Microsoft\Edge\User Data\Default [2024-03-21]
Edge Extension: (Dokumenty Google offline) - C:\Users\Administrator\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-21]
Edge Extension: (Edge relevant text changes) - C:\Users\Administrator\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-03-21]

FireFox:
========
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google Inc -> Google, Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2024-03-18] (Adobe Inc. -> Adobe Systems Inc.)

Chrome: 
=======
CHR HKU\S-1-5-21-1903198104-2311777375-1230281804-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [172992 2024-01-31] (Adobe Inc. -> Adobe Inc.)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [3079464 2021-06-27] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [3079464 2021-06-27] (ESET, spol. s r.o. -> ESET)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\24.045.0303.0003\FileSyncHelper.exe [3516960 2024-03-21] (Microsoft Corporation -> Microsoft Corporation)
S2 GoogleUpdaterInternalService124.0.6359.0; C:\Program Files (x86)\Google\GoogleUpdater\124.0.6359.0\updater.exe [4749088 2024-03-15] (Google LLC -> Google LLC)
S2 GoogleUpdaterService124.0.6359.0; C:\Program Files (x86)\Google\GoogleUpdater\124.0.6359.0\updater.exe [4749088 2024-03-15] (Google LLC -> Google LLC)
S3 npggsvc; C:\WINDOWS\SysWOW64\GameMon.des [11744200 2022-04-13] (INCA Internet Co.,Ltd. -> INCA Internet Co., Ltd.)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\24.045.0303.0003\OneDriveUpdaterService.exe [3856288 2024-03-21] (Microsoft Corporation -> Microsoft Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [522184 2024-03-13] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24020.7-0\NisSrv.exe [3191272 2024-03-13] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24020.7-0\MsMpEng.exe [133688 2024-03-13] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [169368 2021-06-25] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [123424 2021-06-25] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15824 2021-06-21] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [194728 2021-06-25] (ESET, spol. s r.o. -> ESET)
R2 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [43832 2021-06-25] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [70184 2021-06-25] (ESET, spol. s r.o. -> ESET)
S1 EpfwLWF; C:\WINDOWS\system32\DRIVERS\EpfwLWF.sys [53360 2015-07-14] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [107408 2021-06-25] (ESET, spol. s r.o. -> ESET)
R2 LdVBoxDrv; C:\Program Files\ldplayerbox\LdVBoxDrv.sys [315232 2022-06-10] (MyTestCertificate -> Oracle Corporation)
S3 MpKsl4bb90123; C:\WINDOWS\system32\MpEngineStore\MpKslDrv.sys [137464 2022-06-07] (Microsoft Windows -> Microsoft Corporation)
R0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [20928 2024-03-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [603416 2024-03-13] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105752 2024-03-13] (Microsoft Windows -> Microsoft Corporation)
S4 amdkmdap; \SystemRoot\System32\DriverStore\FileRepository\c0346830.inf_amd64_f723e13ffb3b2652\B345901\atikmpag.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-03-21 12:45 - 2024-03-21 12:47 - 000017707 _____ C:\Users\Administrator\Desktop\FRST.txt
2024-03-21 12:45 - 2024-03-21 12:46 - 000000000 ____D C:\FRST
2024-03-21 12:44 - 2024-03-21 12:44 - 000003874 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onLogOn
2024-03-21 12:44 - 2024-03-21 12:44 - 000003432 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onTime
2024-03-21 10:39 - 2024-03-21 10:40 - 002390528 _____ (Farbar) C:\Users\Administrator\Desktop\FRST64.exe
2024-03-21 09:09 - 2024-03-21 12:46 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Microsoft\Spelling
2024-03-21 09:09 - 2024-03-21 09:09 - 000001398 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2024-03-21 09:09 - 2024-03-21 09:09 - 000001292 _____ C:\Users\Administrator\Desktop\ESET Online Scanner.lnk
2024-03-21 09:09 - 2024-03-21 09:09 - 000000000 ____D C:\Users\Administrator\AppData\Local\ESET
2024-03-21 09:08 - 2024-03-21 09:09 - 008389496 _____ (ESET) C:\Users\Administrator\Downloads\esetonlinescanner.exe
2024-03-21 08:56 - 2024-03-21 08:56 - 000000000 ____D C:\Users\Administrator\AppData\Local\Comms
2024-03-21 08:55 - 2024-03-21 08:55 - 000001474 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Centrum Feedback – zástupce.lnk
2024-03-21 08:52 - 2024-03-21 08:52 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\com.adobe.dunamis
2024-03-21 08:52 - 2024-03-21 08:52 - 000000000 ____D C:\Users\Administrator\AppData\LocalLow\Adobe
2024-03-21 08:52 - 2024-03-21 08:52 - 000000000 ____D C:\Users\Administrator\AppData\Local\Adobe
2024-03-21 08:52 - 2024-03-21 08:52 - 000000000 ____D C:\Users\Administrator\.ms-ad
2024-03-21 08:51 - 2024-03-21 08:51 - 000000000 ____D C:\Users\Administrator\AppData\Local\PeerDistRepub
2024-03-21 08:45 - 2024-03-21 10:40 - 000000000 ____D C:\Users\Administrator\AppData\Local\PlaceholderTileLogoFolder
2024-03-21 08:45 - 2024-03-21 08:45 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1903198104-2311777375-1230281804-500
2024-03-21 08:45 - 2024-03-21 08:45 - 000000000 ____D C:\Users\Administrator\AppData\Local\cache
2024-03-21 08:42 - 2024-03-21 08:55 - 000000000 ____D C:\Users\Administrator\AppData\Local\ClassicShell
2024-03-21 08:42 - 2017-11-08 21:23 - 000002138 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\startscreen.lnk
2024-03-21 08:41 - 2024-03-21 08:41 - 000057449 _____ C:\WINDOWS\system32\NOTICE_mod
2024-03-21 08:40 - 2024-03-21 08:40 - 000000000 ____D C:\Users\Administrator\AppData\Local\Publishers
2024-03-21 08:39 - 2024-03-21 10:40 - 000000000 ____D C:\Users\Administrator\AppData\Local\Packages
2024-03-21 08:39 - 2024-03-21 09:02 - 000000000 ____D C:\Users\Administrator\AppData\Local\D3DSCache
2024-03-21 08:39 - 2024-03-21 08:52 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Adobe
2024-03-21 08:39 - 2024-03-21 08:52 - 000000000 ____D C:\Users\Administrator
2024-03-21 08:39 - 2024-03-21 08:45 - 000000000 ____D C:\Users\Administrator\AppData\Local\AMD
2024-03-21 08:39 - 2024-03-21 08:43 - 000000000 ___SD C:\Users\Administrator\AppData\Roaming\Microsoft\Protect
2024-03-21 08:39 - 2024-03-21 08:40 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Microsoft\Windows
2024-03-21 08:39 - 2024-03-21 08:40 - 000000000 ____D C:\Users\Administrator\AppData\Local\ConnectedDevicesPlatform
2024-03-21 08:39 - 2024-03-21 08:39 - 000000020 ___SH C:\Users\Administrator\ntuser.ini
2024-03-21 08:39 - 2024-03-21 08:39 - 000000000 _SHDL C:\Users\Administrator\Šablony
2024-03-21 08:39 - 2024-03-21 08:39 - 000000000 _SHDL C:\Users\Administrator\Soubory cookie
2024-03-21 08:39 - 2024-03-21 08:39 - 000000000 _SHDL C:\Users\Administrator\Poslední
2024-03-21 08:39 - 2024-03-21 08:39 - 000000000 _SHDL C:\Users\Administrator\Okolní tiskárny
2024-03-21 08:39 - 2024-03-21 08:39 - 000000000 _SHDL C:\Users\Administrator\Okolní síť
2024-03-21 08:39 - 2024-03-21 08:39 - 000000000 _SHDL C:\Users\Administrator\Nabídka Start
2024-03-21 08:39 - 2024-03-21 08:39 - 000000000 _SHDL C:\Users\Administrator\Dokumenty
2024-03-21 08:39 - 2024-03-21 08:39 - 000000000 _SHDL C:\Users\Administrator\Documents\Obrázky
2024-03-21 08:39 - 2024-03-21 08:39 - 000000000 _SHDL C:\Users\Administrator\Documents\Hudba
2024-03-21 08:39 - 2024-03-21 08:39 - 000000000 _SHDL C:\Users\Administrator\Documents\Filmy
2024-03-21 08:39 - 2024-03-21 08:39 - 000000000 _SHDL C:\Users\Administrator\Data aplikací
2024-03-21 08:39 - 2024-03-21 08:39 - 000000000 _SHDL C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2024-03-21 08:39 - 2024-03-21 08:39 - 000000000 _SHDL C:\Users\Administrator\AppData\Local\Data aplikací
2024-03-21 08:39 - 2024-03-21 08:39 - 000000000 ___SD C:\Users\Administrator\AppData\Roaming\Microsoft\SystemCertificates
2024-03-21 08:39 - 2024-03-21 08:39 - 000000000 ___SD C:\Users\Administrator\AppData\Roaming\Microsoft\Crypto
2024-03-21 08:39 - 2024-03-21 08:39 - 000000000 ___SD C:\Users\Administrator\AppData\Roaming\Microsoft\Credentials
2024-03-21 08:39 - 2024-03-21 08:39 - 000000000 ___RD C:\Users\Administrator\3D Objects
2024-03-21 08:39 - 2024-03-21 08:39 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Microsoft\Vault
2024-03-21 08:39 - 2024-03-21 08:39 - 000000000 ____D C:\Users\Administrator\AppData\LocalLow\AMD
2024-03-21 08:39 - 2024-03-21 08:39 - 000000000 ____D C:\Users\Administrator\AppData\Local\Google
2024-03-21 08:39 - 2020-09-04 14:43 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Microsoft\Network
2024-03-21 08:39 - 2019-12-09 15:43 - 000000000 ___RD C:\Users\Administrator\OneDrive
2024-03-17 11:21 - 2024-03-17 11:21 - 000002448 ____C C:\Users\Magda\Desktop\Osoba 1 - Chrome.lnk
2024-03-14 19:46 - 2024-03-21 08:26 - 000000000 ____D C:\XboxGames
2024-03-14 19:46 - 2024-03-14 19:46 - 000000028 ____H C:\.GamingRoot
2024-03-14 19:14 - 2024-03-14 19:14 - 000000000 ___DC C:\Users\Magda\AppData\Local\MinecraftInstaller
2024-03-13 09:12 - 2024-03-13 09:12 - 000019530 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json
2024-03-13 09:11 - 2024-03-13 09:11 - 000019530 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2024-03-13 08:48 - 2024-03-13 08:48 - 000000000 ___HD C:\$WinREAgent
2024-03-08 08:54 - 2024-03-08 08:57 - 001572538 ____C C:\Users\Magda\Downloads\instrument-14092021-2-8365 (1).mp3.crdownload
2024-03-06 07:32 - 2024-03-06 07:32 - 000183063 ____C C:\Users\Magda\Downloads\Vypis_z_uctu_0-892108163_z_20240229.pdf
2024-03-02 17:22 - 2024-03-02 17:22 - 000000000 ___DC C:\Users\Magda\Desktop\roblox
2024-03-02 16:55 - 2024-03-02 17:12 - 000000000 ___DC C:\Users\Magda\Desktop\imkok_files
2024-03-02 16:55 - 2024-03-02 16:55 - 000892074 ____C C:\Users\Magda\Desktop\imkok.html
2024-03-01 16:45 - 2024-03-01 16:45 - 002753930 ____C C:\Users\Magda\Downloads\hii.html
2024-03-01 16:45 - 2024-03-01 16:45 - 000000000 ___DC C:\Users\Magda\Downloads\hii_files
2024-02-28 13:24 - 2024-03-03 18:52 - 000001407 ____C C:\Users\Magda\Desktop\Roblox Player.lnk

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-03-21 12:43 - 2020-09-04 14:35 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-03-21 12:43 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-03-21 12:08 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-03-21 10:31 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2024-03-21 09:39 - 2021-12-16 20:24 - 000000000 ____D C:\WINDOWS\SystemTemp
2024-03-21 09:12 - 2022-06-10 16:26 - 000000000 ___DC C:\Users\Frank\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LDPlayer4
2024-03-21 08:56 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2024-03-21 08:55 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2024-03-21 08:46 - 2022-12-29 08:52 - 000000000 ___DC C:\Users\Frank\AppData\Roaming\com.adobe.dunamis
2024-03-21 08:46 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2024-03-21 08:40 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2024-03-21 08:39 - 2022-02-06 09:01 - 000001126 _____ C:\Users\Public\Desktop\Windows Media Player.lnk
2024-03-21 08:39 - 2017-11-08 21:19 - 000000000 __RHD C:\Users\Public\AccountPictures
2024-03-21 08:38 - 2017-11-08 21:19 - 000000000 ___DC C:\Users\Frank\AppData\Local\Packages
2024-03-21 08:36 - 2017-11-08 21:52 - 000000000 ___DC C:\Users\Frank\AppData\Local\ClassicShell
2024-03-21 08:34 - 2022-10-12 18:56 - 000002148 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader.lnk
2024-03-21 08:31 - 2023-01-16 18:42 - 000003596 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1903198104-2311777375-1230281804-1003
2024-03-21 08:31 - 2022-01-13 06:33 - 000003596 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1903198104-2311777375-1230281804-1001
2024-03-21 08:31 - 2021-12-12 08:19 - 000003596 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1903198104-2311777375-1230281804-1002
2024-03-21 08:31 - 2021-06-23 20:23 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2024-03-21 08:31 - 2020-09-04 14:51 - 000003194 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2024-03-21 08:31 - 2020-09-04 14:42 - 001693140 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2024-03-21 08:31 - 2019-12-09 15:43 - 000002142 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-03-21 08:31 - 2019-12-07 15:43 - 000716770 _____ C:\WINDOWS\system32\perfh005.dat
2024-03-21 08:31 - 2019-12-07 15:43 - 000144948 _____ C:\WINDOWS\system32\perfc005.dat
2024-03-21 08:29 - 2023-02-02 19:26 - 000000000 ___DC C:\Users\Magda\AppData\Roaming\Microsoft\Skype for Desktop
2024-03-21 08:29 - 2020-10-19 08:53 - 000000000 ___DC C:\Users\Magda\AppData\Roaming\Microsoft\Teams
2024-03-21 08:28 - 2017-11-09 10:23 - 000000000 ___DC C:\Users\Magda\AppData\Local\ClassicShell
2024-03-21 08:26 - 2020-09-04 14:51 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-03-17 19:49 - 2021-05-07 17:29 - 000000000 ___DC C:\Users\Magda\AppData\Roaming\Star Stable Online
2024-03-17 11:03 - 2020-09-04 14:51 - 000000000 ___DC C:\Users\Magda\AppData\Local\D3DSCache
2024-03-16 09:29 - 2022-09-09 18:08 - 000000000 ___DC C:\Users\Magda\AppData\Roaming\com.adobe.dunamis
2024-03-16 09:05 - 2020-06-10 11:39 - 000002448 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-03-16 09:05 - 2020-06-10 11:39 - 000002286 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2024-03-15 18:29 - 2017-11-08 21:24 - 000002313 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-03-15 18:29 - 2017-11-08 21:24 - 000002272 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2024-03-14 19:49 - 2017-11-09 10:21 - 000000000 ___DC C:\Users\Magda\AppData\Local\Packages
2024-03-14 19:47 - 2018-07-11 16:06 - 000000000 ____D C:\ProgramData\Packages
2024-03-14 19:46 - 2017-11-17 17:36 - 000000000 ___DC C:\Users\Magda\AppData\Local\PlaceholderTileLogoFolder
2024-03-13 20:32 - 2020-09-04 14:35 - 000541832 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2024-03-13 20:12 - 2019-12-07 10:03 - 001310720 _____ C:\WINDOWS\system32\config\BBI
2024-03-13 20:12 - 2017-11-08 22:00 - 000065536 _____ C:\WINDOWS\psp_storage.bin
2024-03-13 20:11 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2024-03-13 20:11 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2024-03-13 20:11 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2024-03-13 20:11 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2024-03-13 20:11 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2024-03-13 20:11 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2024-03-13 20:11 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2024-03-13 20:11 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2024-03-13 20:11 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2024-03-13 09:17 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-03-13 09:10 - 2020-09-04 14:38 - 003017216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2024-03-13 08:32 - 2017-11-08 15:32 - 000000000 ____D C:\WINDOWS\system32\MRT
2024-03-13 08:28 - 2017-11-08 15:32 - 190470136 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2024-03-13 08:23 - 2018-06-04 13:08 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2024-03-10 14:33 - 2022-11-19 09:52 - 000000000 ____D C:\Program Files\RUXIM
2024-03-05 16:51 - 2020-09-04 14:36 - 000000000 ___DC C:\Users\Magda
2024-03-05 16:50 - 2020-09-04 14:51 - 000003640 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-03-05 16:50 - 2020-09-04 14:51 - 000003516 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-03-03 18:52 - 2023-08-15 18:48 - 000000000 ___DC C:\Users\Magda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2024-03-03 18:18 - 2023-09-24 18:33 - 000000000 ___DC C:\Users\Magda\Desktop\pozadí na plochu
2024-02-22 20:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================