Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 10.04.2024
Ran by Ota (administrator) on DESKTOP-TTIU2E3 (MSI MS-7817) (12-04-2024 07:44:56)
Running from C:\01 PC Home\Uloženo\Programy\Viry, Malware\FRST64.exe
Loaded Profiles: oem & Ota
Platform: Microsoft Windows 10 Home Version 22H2 19045.4239 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files (x86)\Multimedia Mouse Driver\MouseDrv.exe
() [File not signed] C:\Windows\Samsung\PanelMgr\SSMMgr.exe
(C:\Users\Ota\AppData\Roaming\Seznam.cz\bin\szndesktop.exe ->) (Seznam.cz, a.s. -> ) C:\Users\Ota\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
(C:\Windows\Samsung\PanelMgr\SSMMgr.exe ->) () [File not signed] C:\Windows\Samsung\PanelMgr\caller64.exe
(explorer.exe ->) (1539F157-3B11-4C68-B0C7-6E8113B7B1BD -> ) C:\Program Files\WindowsApps\15191PeakPlayer.NeatOffice_3.4.6.0_x64__y5c4dfz5b21fm\FileWatcher\FileWatcher.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(explorer.exe ->) (Seznam.cz, a.s. -> ) C:\Users\Ota\AppData\Roaming\Seznam.cz\szninstall.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(services.exe ->) (ABBYY SOLUTIONS LIMITED -> ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\tbaseprovisioning.exe
(services.exe ->) (Nero AG -> Nero AG) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
(services.exe ->) (NortonLifeLock Inc. -> NortonLifelock Inc.) C:\Program Files (x86)\Norton Security with Backup\Engine\22.24.2.6\NortonSecurity.exe <2>
(services.exe ->) (NortonLifeLock Inc. -> NortonLifeLock Inc.) C:\Program Files (x86)\Norton Security with Backup\Engine\22.24.2.6\nsWscSvc.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(services.exe ->) (Software602 a.s. -> Software602 a.s.) C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe
(Seznam.cz, a.s. -> ) C:\Users\Ota\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9072128 2016-11-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [CloneCDTray] => C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe [57344 2009-01-30] (SlySoft, Inc.) [File not signed]
HKLM-x32\...\Run: [Samsung PanelMgr] => C:\WINDOWS\Samsung\PanelMgr\ssmmgr.exe [618496 2010-10-28] () [File not signed]
HKLM-x32\...\Run: [sqtmultimediamouseRun] => "C:\Program Files (x86)\Multimedia Mouse Driver\startautorun.exe" MouseDrv.exe (No File)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1069296 2018-03-27] (Seznam.cz, a.s. -> )
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [750680 2023-12-19] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-554986064-1367882024-3811459060-1005\...\Run: [VDownloader] => C:\Program Files\VDownloader\Vdownloader4.exe [4606464 2017-02-13] (Vitzo) [File not signed]
HKU\S-1-5-21-554986064-1367882024-3811459060-1005\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [45285792 2024-03-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-554986064-1367882024-3811459060-1005\...\Run: [MicrosoftEdgeAutoLaunch_3DCE741BB89EB7B7FCCF8CE4D2924BBD] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4063784 2024-04-04] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-554986064-1367882024-3811459060-1005\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Ota\AppData\Roaming\Seznam.cz\szninstall.exe [1069296 2018-03-27] (Seznam.cz, a.s. -> )
HKU\S-1-5-21-554986064-1367882024-3811459060-1005\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Ota\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [109808 2018-03-27] (Seznam.cz, a.s. -> )
HKU\S-1-5-21-554986064-1367882024-3811459060-1005\...\Run: [Zoner Photo Studio Autoupdate] => C:\PROGRAM FILES\ZONER\PHOTO STUDIO 17\Program32\ZPSTRAY.EXE [563416 2015-07-12] (ZONER software, a.s. -> ZONER software)
HKLM\...\Windows x64\Print Processors\ssb3mPC: C:\Windows\System32\spool\prtprocs\x64\ssb3mpc.dll [33792 2009-11-19] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Server 2003 DDK provider)
HKLM\...\Print\Monitors\EPSON XP-600 Series 64MonitorBE: C:\WINDOWS\system32\E_ILMJCE.DLL [120320 2011-04-20] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKLM\...\Print\Monitors\Software602 XPS port monitor: C:\WINDOWS\system32\602localmon.dll [36864 2014-02-05] (Windows (R) Win 7 DDK provider) [File not signed]
HKLM\...\Print\Monitors\ssb3m Langmon: C:\WINDOWS\system32\ssb3ml6.dll [27648 2009-11-19] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\us008 Langmon: C:\WINDOWS\system32\us008lm.dll [31256 2016-02-15] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\123.0.6312.122\Installer\chrmstp.exe [2024-04-11] (Google LLC -> Google LLC)

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {BD4D23DA-9809-4852-9763-18F8CCB2B927} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1547208 2024-01-31] (Adobe Inc. -> Adobe Inc.)
Task: {187C9E5B-AF83-40ED-90FA-ADFABF21598C} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [617096 2022-02-25] (Apple Inc. -> Apple Inc.)
Task: {22897F6D-4A8C-4DCB-BD2C-F2A59723624F} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2144664 2023-08-14] (Avast Software s.r.o. -> Avast Software)
Task: {30DB9ED8-F5BE-4165-8410-53D24C251D72} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2024-03-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {8874C7D2-A4CC-4A23-A5AB-0B9B33A82BE9} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [5074848 2024-03-11] (PIRIFORM SOFTWARE LIMITED -> Gen Digital Inc. All rights reserved.) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "2d211d79-0d1a-4686-a1d2-17c0ed47dbf8" --version "6.22.10977" --silent
Task: {D1BEE155-27E4-4B34-B5EC-E8058FDD7286} - System32\Tasks\CCleanerSkipUAC - Ota => C:\Program Files\CCleaner\CCleaner.exe [39024544 2024-03-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {94B644B6-F7B3-4B87-8A8A-D3A22DD91971} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem125.0.6386.0{47D2DC19-E02E-40EB-A4A8-1536700A4296} => C:\Program Files (x86)\Google\GoogleUpdater\125.0.6386.0\updater.exe [4774176 2024-03-29] (Google LLC -> Google LLC)
Task: {E19C8121-1ED1-4CC5-9B89-F4D04531F249} - System32\Tasks\Mozilla\Firefox Background Update E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\firefox.exe [671136 2024-04-05] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E7CF176E110C211B\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E7CF176E110C211B\backgroundupdate.moz_log --backgroundtask background (the data entry has 6 more characters).
Task: {A05B2633-35F3-4E88-A3DE-5D6CFCF5517A} - System32\Tasks\Mozilla\Firefox Background Update S-1-5-21-554986064-1367882024-3811459060-1005 E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\firefox.exe [671136 2024-04-05] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E7CF176E110C211B\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E7CF176E110C211B\backgroundupdate.moz_log --backgroundtask background (the data entry has 6 more characters).
Task: {33B53271-6FB7-423D-BB18-BA0CE07A084E} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [34720 2024-04-05] (Mozilla Corporation -> Mozilla Foundation)
Task: {25DF6B5D-5758-451B-8EF6-50F77517487F} - System32\Tasks\Norton 360\Norton 360 Autofix => C:\Program Files (x86)\Norton Security with Backup\Engine\22.24.2.6\symerr.exe [379024 2024-03-04] (NortonLifeLock Inc. -> Gen Digital Inc.)
Task: {8DDEA7B0-2402-4CAA-B01E-A1EDB9C0F168} - System32\Tasks\Norton 360\Norton 360 Error Analyzer => C:\Program Files (x86)\Norton Security with Backup\Engine\22.24.2.6\symerr.exe [379024 2024-03-04] (NortonLifeLock Inc. -> Gen Digital Inc.)
Task: {534F93C0-4D0E-4492-8931-91C2DDFD5A7B} - System32\Tasks\Norton 360\Norton 360 Error Processor => C:\Program Files (x86)\Norton Security with Backup\Engine\22.24.2.6\symerr.exe [379024 2024-03-04] (NortonLifeLock Inc. -> Gen Digital Inc.)
Task: {B6E3FA28-589A-41A6-9EE0-8BC49E84613E} - System32\Tasks\Norton Security\Norton Security Autofix => C:\Program Files (x86)\Norton Security with Backup\Engine\22.23.6.5\SymErr.exe  /ui (No File)
Task: {011EA61E-26F8-436C-B3BA-70574FB3D5E0} - System32\Tasks\Norton Security\Norton Security Error Analyzer => C:\Program Files (x86)\Norton Security with Backup\Engine\22.23.6.5\SymErr.exe  /analyze (No File)
Task: {5327757F-45D4-4CAA-9D3B-2982CE231537} - System32\Tasks\Norton Security\Norton Security Error Processor => C:\Program Files (x86)\Norton Security with Backup\Engine\22.23.6.5\SymErr.exe  /submit (No File)
Task: {0F420914-C91C-41CA-A297-EA4C45BC089A} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Security with Backup\Engine\22.24.2.6\WSCStub.exe [646520 2024-03-04] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Task: {717F0EB1-299E-48AA-B6AC-1ED03493E5DD} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton 360\Upgrade.exe [2353000 2024-03-04] (NortonLifeLock Inc. -> NortonLifeLock Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 31.30.90.11 31.30.90.12
Tcpip\..\Interfaces\{8ceecf86-27ee-42ea-982d-bff6513a5ae9}: [DhcpNameServer] 31.30.90.11 31.30.90.12
Tcpip\..\Interfaces\{8ceecf86-27ee-42ea-982d-bff6513a5ae9}: [DhcpDomain] home

Edge: 
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Ota\AppData\Local\Microsoft\Edge\User Data\Default [2024-04-12]
Edge HomePage: Default -> hxxps://securesearch.org/homepage?hp=2&pId=GR160102&iDate=2021-01-28 07:33:46&iid=6f7b4093-32b5-4c8c-b882-211ab2baaf04&bName=
Edge Extension: (Norton Safe Web) - C:\Users\Ota\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bdaafgjhhjkdplpffldcncdignokfkbo [2024-04-02]
Edge Extension: (Dokumenty Google offline) - C:\Users\Ota\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-26]
Edge Extension: (Edge relevant text changes) - C:\Users\Ota\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-24]
Edge Profile: C:\Users\Ota\AppData\Local\Microsoft\Edge\User Data\Guest Profile [2024-04-08]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

FireFox:
========
FF DefaultProfile: dwrkrxjf.default-1446579292021
FF ProfilePath: C:\Users\Ota\AppData\Roaming\Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021 [2024-04-12]
FF Homepage: Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021 -> hxxps://www.seznam.cz/
FF NewTab: Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021 -> hxxps://poshukach.com?fr=ps&gp=496723&altserp=1
FF Notifications: Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021 -> hxxps://best.aliexpress.com
FF HomepageOverride: Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021 -> Enabled: nortonhomepage@symantec.com
FF NewTabOverride: Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021 -> Enabled: nortonhomepage@symantec.com
FF NewTabOverride: Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021 -> Enabled: wikipedia@search.mozilla.org
FF NewTabOverride: Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021 -> Enabled: mapy-cz@search.mozilla.org
FF NewTabOverride: Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021 -> Enabled: heureka-cz@search.mozilla.org
FF NewTabOverride: Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021 -> Enabled: ddg@search.mozilla.org
FF NewTabOverride: Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021 -> Enabled: seznam-cz@search.mozilla.org
FF NewTabOverride: Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021 -> Enabled: google@search.mozilla.org
FF NewTabOverride: Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021 -> Enabled: nortonsafesearch_ul_2@symantec.com
FF Extension: (SaveFrom.net helper) - C:\Users\Ota\AppData\Roaming\Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021\Extensions\helper@savefrom.net.xpi [2024-04-10]
FF Extension: (Norton Password Manager) - C:\Users\Ota\AppData\Roaming\Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021\Extensions\idsafe@norton.com.xpi [2023-12-13]
FF Extension: (AdBlock - nejlepší blokátor reklam) - C:\Users\Ota\AppData\Roaming\Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021\Extensions\jid1-NIfFY2CA8fy1tg@jetpack.xpi [2024-04-11]
FF Extension: (Norton Home Page) - C:\Users\Ota\AppData\Roaming\Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021\Extensions\nortonhomepage@symantec.com.xpi [2023-08-14] [UpdateUrl:hxxps://static.nortoncdn.com/idscp/firefox/nsss/hp/updates.json]
FF Extension: (Norton Safe Search) - C:\Users\Ota\AppData\Roaming\Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021\Extensions\nortonsafesearch_ul_2@symantec.com.xpi [2023-08-14] [UpdateUrl:hxxps://static.nortoncdn.com/idscp/firefox/nsss/ds_modified/updates.json]
FF Extension: (Norton Safe Web) - C:\Users\Ota\AppData\Roaming\Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021\Extensions\nortonsafeweb@symantec.com.xpi [2023-11-25]
FF Extension: (FormApps Extension) - C:\Users\Ota\AppData\Roaming\Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021\Extensions\{69F080C9-A1D8-42F8-BD83-3D54D4BC81B3}.xpi [2018-02-07]
FF Extension: (ImTranslator: Překladač, Slovník, Hlas) - C:\Users\Ota\AppData\Roaming\Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021\Extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi [2024-03-28]
FF Extension: (Easy Youtube Video Downloader Express) - C:\Users\Ota\AppData\Roaming\Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021\Extensions\{b9acf540-acba-11e1-8ccb-001fd0e08bd4}.xpi [2024-04-05]
FF Extension: (No Name) - C:\Users\Ota\AppData\Roaming\Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2024-04-05]
FF SearchPlugin: C:\Users\Ota\AppData\Roaming\Mozilla\Firefox\Profiles\dwrkrxjf.default-1446579292021\searchplugins\Poshukach Engin Search.xml [2021-08-05]
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2024-03-31] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.401.2 -> C:\Program Files (x86)\Java\jre-1.8\bin\dtplugin\npDeployJava1.dll [2023-12-19] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.401.2 -> C:\Program Files (x86)\Java\jre-1.8\bin\plugin2\npjp2.dll [2023-12-19] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @software602.cz/602XML Filler -> C:\Program Files (x86)\Software602\602XML\Filler\npfiller.dll [2012-08-06] (Software602 a.s. -> Software602 a.s.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.20 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)

Chrome: 
=======
CHR Profile: C:\Users\Ota\AppData\Local\Google\Chrome\User Data\Default [2024-04-12]
CHR DefaultSearchURL: Default -> hxxps://poshukach.com/search?q={searchTerms}&fr=ps&gp=496723&altserp=1
CHR DefaultSearchKeyword: Default -> poshukach engin search
CHR DefaultSuggestURL: Default -> hxxps://suggest.finditnowonline.com/suggestionfeed/suggestion?format=json&gd=496721&q={searchTerms}
CHR Extension: (Adobe Acrobat: nástroje pro úpravu, převod a podpis souborů PDF) - C:\Users\Ota\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2024-03-22]
CHR Extension: (Norton Safe Web) - C:\Users\Ota\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnpbeacklnhmkkilekogeiekaglbmmka [2024-04-07]
CHR Extension: (Have I been pwned?) - C:\Users\Ota\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpgljciihecejjlildfcakfcmnachahp [2017-05-02]
CHR Extension: (Dokumenty Google offline) - C:\Users\Ota\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-26]
CHR Extension: (FormApps Extension) - C:\Users\Ota\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilfoopambfaclfjmpiaijnccgcmbeigi [2022-11-01]
CHR Extension: (Skype) - C:\Users\Ota\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2022-05-13]
CHR Extension: (Kontrola e-mailu Google) - C:\Users\Ota\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2017-05-02]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Ota\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Profile: C:\Users\Ota\AppData\Local\Google\Chrome\User Data\System Profile [2024-04-08]
CHR HKU\S-1-5-21-554986064-1367882024-3811459060-1005\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bgjpfhpjcgdppjbgnpnjllokbmcdllig]
CHR HKU\S-1-5-21-554986064-1367882024-3811459060-1005\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKU\S-1-5-21-554986064-1367882024-3811459060-1005\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [olfeabkoenfaoljndfecamgilllcpiak]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 602XML Updater; C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [85344 2011-10-10] (Software602 a.s. -> Software602 a.s.)
R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY SOLUTIONS LIMITED -> ABBYY)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [172992 2024-01-31] (Adobe Inc. -> Adobe Inc.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [103776 2023-10-02] (Apple Inc. -> Apple Inc.)
S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1081248 2024-03-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
S2 GoogleUpdaterInternalService125.0.6386.0; C:\Program Files (x86)\Google\GoogleUpdater\125.0.6386.0\updater.exe [4774176 2024-03-29] (Google LLC -> Google LLC)
S2 GoogleUpdaterService125.0.6386.0; C:\Program Files (x86)\Google\GoogleUpdater\125.0.6386.0\updater.exe [4774176 2024-03-29] (Google LLC -> Google LLC)
R2 NortonSecurity; C:\Program Files (x86)\Norton Security with Backup\Engine\22.24.2.6\NortonSecurity.exe [344888 2024-03-04] (NortonLifeLock Inc. -> NortonLifelock Inc.)
R2 nsWscSvc; C:\Program Files (x86)\Norton Security with Backup\Engine\22.24.2.6\nsWscSvc.exe [1059176 2024-03-04] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
R2 tbaseprovisioning; C:\WINDOWS\SysWOW64\tbaseprovisioning.exe [60432 2015-06-23] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 luminati_net_updater_win_formatfactory_pcfreetime_com; "C:/Program Files (x86)/FormatFactory/net_updater64.exe" --updater win_formatfactory.pcfreetime.com [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [31992 2015-06-03] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R1 BHDrvx64; C:\Program Files (x86)\Norton Security with Backup\NortonData\22.5.4.24\Definitions\BASHDefs\20240411.001\BHDrvx64.sys [1706496 2024-03-27] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2020-09-11] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R1 ccSet_NGC; C:\WINDOWS\System32\drivers\NGCx64\1618020.006\ccSetx64.sys [198288 2024-03-04] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [527864 2022-09-19] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R3 ElbyCDFL; C:\WINDOWS\System32\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft Inc. -> SlySoft, Inc.)
R3 ElbyCDFL; C:\Windows\SysWOW64\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft Inc. -> SlySoft, Inc.)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [159720 2022-09-28] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R1 IDSVia64; C:\Program Files (x86)\Norton Security with Backup\NortonData\22.5.4.24\Definitions\IPSDefs\20240411.064\IDSvia64.sys [1554432 2024-04-04] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R3 MarvinBus; C:\WINDOWS\System32\drivers\MarvinBus64.sys [261120 2005-09-23] (Microsoft Windows Hardware Compatibility Publisher -> Pinnacle Systems GmbH)
S3 nsvst_NGC; C:\WINDOWS\System32\drivers\NGCx64\1618020.006\nsvst.sys [57120 2024-03-04] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
R3 SRTSP; C:\WINDOWS\System32\drivers\NGCx64\1618020.006\SRTSP64.SYS [960640 2024-03-04] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R1 SRTSPX; C:\WINDOWS\System32\drivers\NGCx64\1618020.006\SRTSPX64.SYS [52864 2024-03-04] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R0 SymEFASI; C:\WINDOWS\System32\drivers\NGCx64\1618020.006\SYMEFASI64.SYS [2180248 2024-03-04] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
S0 SymELAM; C:\WINDOWS\System32\drivers\NGCx64\1618020.006\SymELAM.sys [36016 2024-03-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Broadcom)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [100320 2022-05-16] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R3 SymEvnt; C:\Program Files (x86)\Norton Security with Backup\NortonData\22.5.4.24\SymPlatform\SymEvnt.sys [934912 2024-02-02] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R1 SymIRON; C:\WINDOWS\System32\drivers\NGCx64\1618020.006\Ironx64.SYS [306872 2024-03-04] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R1 SymNetS; C:\WINDOWS\System32\drivers\NGCx64\1618020.006\symnets.sys [492720 2024-03-04] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2015-11-05] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [151184 2016-07-15] (NGO -> MBB)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R1 wpCtrlDrv_NGC; C:\WINDOWS\System32\drivers\NGCx64\1618020.006\wpCtrlDrv.sys [1016792 2024-03-04] (NortonLifeLock Inc. -> NortonLifeLock Inc.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-04-12 07:44 - 2024-04-12 07:44 - 000001545 _____ C:\Users\Ota\Desktop\FRST64.exe – zástupce.lnk
2024-04-12 06:59 - 2024-04-12 06:59 - 000000000 ____D C:\WINDOWS\system32\Tasks\Remediation
2024-04-11 18:35 - 2024-04-11 18:35 - 000000000 ___HD C:\$WinREAgent
2024-04-05 09:12 - 2024-04-10 10:51 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2024-03-29 18:57 - 2024-03-29 18:57 - 000176675 _____ C:\Users\Ota\Downloads\podminky-predplacene-karty-30-1.pdf
2024-03-29 11:39 - 2024-03-29 11:39 - 000251824 _____ C:\Users\Ota\Downloads\127356994.pdf
2024-03-29 11:26 - 2024-03-29 11:26 - 000258405 _____ C:\Users\Ota\Downloads\127355754.pdf
2024-03-27 08:53 - 2024-03-27 08:53 - 000020861 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json
2024-03-27 08:51 - 2024-03-27 08:51 - 000020861 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2024-03-22 07:31 - 2024-04-12 06:43 - 000000000 ____D C:\WINDOWS\system32\Tasks\Norton 360
2024-03-22 07:19 - 2024-03-22 07:19 - 000003410 _____ C:\WINDOWS\system32\Tasks\Norton WSC Integration
2024-03-22 07:18 - 2024-03-23 16:58 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security
2024-03-18 17:58 - 2024-03-18 17:58 - 000258308 _____ C:\Users\Ota\Downloads\126516982.pdf
2024-03-18 17:52 - 2024-03-18 17:52 - 000261271 _____ C:\Users\Ota\Downloads\126516268.pdf
2024-03-18 08:43 - 2024-03-18 08:43 - 000256297 _____ C:\Users\Ota\Downloads\126474810.pdf
2024-03-18 08:34 - 2024-03-18 08:34 - 000253079 _____ C:\Users\Ota\Downloads\126474063.pdf
2024-03-17 21:48 - 2024-03-17 21:48 - 000415880 _____ C:\Users\Ota\Downloads\usneseni_o_prevzeti_rizeni_odstraneni_stare_ekologicke_zateze.pdf
2024-03-15 07:23 - 2024-03-15 07:23 - 000002253 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth Pro.lnk
2024-03-15 07:23 - 2024-03-15 07:23 - 000002241 _____ C:\Users\Public\Desktop\Google Earth Pro.lnk
2024-03-15 07:22 - 2024-03-15 07:22 - 000000000 ____D C:\Program Files\Google

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-04-12 07:46 - 2023-09-29 20:04 - 000000000 ____D C:\Users\Ota\AppData\Roaming\Seznam.cz
2024-04-12 07:46 - 2016-11-28 22:32 - 000000000 ____D C:\FRST
2024-04-12 07:42 - 2017-06-17 07:02 - 000000000 ____D C:\Program Files\CCleaner
2024-04-12 07:40 - 2022-11-21 07:55 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2024-04-12 07:40 - 2015-10-31 02:10 - 000000000 __SHD C:\Users\Ota\IntelGraphicsProfiles
2024-04-12 07:35 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2024-04-12 07:32 - 2022-01-03 17:14 - 000000000 ____D C:\Users\Ota\AppData\Local\Norton
2024-04-12 07:32 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-04-12 07:19 - 2022-02-09 07:30 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2024-04-12 06:51 - 2020-06-12 23:02 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-04-12 06:49 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-04-11 20:08 - 2015-08-18 13:04 - 018715355 _____ C:\WINDOWS\SysWOW64\rootpa.e2e
2024-04-11 20:07 - 2020-06-12 23:35 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-04-11 20:07 - 2020-06-12 23:02 - 000008192 ___SH C:\DumpStack.log.tmp
2024-04-11 20:06 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2024-04-11 19:04 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2024-04-11 18:58 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-04-11 17:42 - 2015-10-31 20:25 - 000000000 ____D C:\WINDOWS\system32\MRT
2024-04-11 17:34 - 2015-10-31 20:25 - 192651728 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2024-04-11 09:13 - 2021-12-17 09:49 - 000000000 ____D C:\WINDOWS\SystemTemp
2024-04-11 09:13 - 2015-11-01 20:10 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-04-10 19:04 - 2015-10-31 20:01 - 000000000 ____D C:\Users\Ota\AppData\Roaming\Microsoft\Šablony
2024-04-10 18:54 - 2015-11-01 20:09 - 000000000 ____D C:\Users\Ota\AppData\Roaming\Microsoft\Proof
2024-04-10 14:15 - 2015-10-31 22:15 - 000000000 ____D C:\Users\Ota\AppData\Local\GHISLER
2024-04-10 14:03 - 2015-10-30 21:33 - 000000000 ____D C:\Users\Ota\AppData\Roaming\Microsoft\Excel
2024-04-10 10:58 - 2020-06-12 23:21 - 001693136 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2024-04-10 10:58 - 2019-12-07 16:41 - 000716764 _____ C:\WINDOWS\system32\perfh005.dat
2024-04-10 10:58 - 2019-12-07 16:41 - 000144942 _____ C:\WINDOWS\system32\perfc005.dat
2024-04-10 10:56 - 2021-07-15 09:08 - 000000000 ____D C:\Users\Ota\AppData\LocalLow\Norton
2024-04-10 10:52 - 2019-12-07 11:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2024-04-10 10:51 - 2015-10-31 20:37 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2024-04-10 09:25 - 2017-12-05 20:02 - 000000000 ____D C:\Users\Ota\AppData\Local\Packages
2024-04-09 21:47 - 2015-10-31 20:01 - 000000000 ____D C:\Users\Ota\AppData\Roaming\Microsoft\Word
2024-04-09 11:54 - 2021-01-28 21:33 - 000000000 _____ C:\end
2024-04-09 11:53 - 2020-04-24 20:00 - 000014314 _____ C:\nsispromotion_log.txt
2024-04-09 10:55 - 2020-06-12 23:35 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2024-04-08 08:55 - 2015-11-02 20:59 - 000000000 ____D C:\Users\Ota\AppData\Local\CrashDumps
2024-04-06 10:29 - 2020-06-12 18:41 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-04-04 10:54 - 2020-06-12 23:35 - 000003640 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-04-04 10:54 - 2020-06-12 23:35 - 000003516 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-04-03 16:33 - 2020-06-12 23:35 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2024-04-03 16:32 - 2022-10-11 18:09 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2024-03-28 20:14 - 2018-06-13 06:08 - 000000000 ____D C:\ProgramData\Packages
2024-03-28 08:17 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\appcompat
2024-03-28 08:08 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2024-03-28 08:02 - 2020-06-12 23:02 - 000466232 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2024-03-28 07:56 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2024-03-28 07:56 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2024-03-28 07:55 - 2023-12-14 07:31 - 000000000 ____D C:\WINDOWS\InboxApps
2024-03-28 07:55 - 2020-06-12 21:34 - 000000000 ____D C:\WINDOWS\en-GB
2024-03-28 07:55 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2024-03-28 07:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\DDFs
2024-03-28 07:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2024-03-28 07:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2024-03-28 07:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2024-03-27 08:51 - 2020-06-12 23:08 - 003017216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2024-03-22 07:52 - 2017-03-02 20:11 - 000000000 ____D C:\Program Files\Common Files\AV
2024-03-22 07:30 - 2022-11-12 11:41 - 000000000 ____D C:\Program Files\RUXIM
2024-03-22 07:19 - 2018-02-27 11:24 - 000000000 ____D C:\WINDOWS\system32\Drivers\NGCx64
2024-03-19 06:54 - 2022-09-21 06:59 - 000000666 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2024-03-18 20:01 - 2023-10-22 19:08 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2024-03-15 11:48 - 2022-09-21 06:59 - 000003380 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2024-03-15 07:33 - 2022-09-10 06:48 - 000000000 ____D C:\Users\Ota\AppData\Roaming\com.adobe.dunamis
2024-03-13 13:47 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2024-03-13 13:47 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2024-03-13 13:47 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\servicing

==================== Files in the root of some directories ========

2022-12-12 15:04 - 2022-12-12 15:20 - 000006656 _____ () C:\Users\Ota\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2023-01-25 09:02 - 2023-02-12 11:49 - 000004096 ____H () C:\Users\Ota\AppData\Local\keyfile3.drm

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================