Kód: Vybrat vše
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29-12-2022
Ran by evamr (administrator) on DESKTOP-P745MGV (MSI MS-7817) (04-01-2023 18:53:32)
Running from C:\Users\evamr\Desktop
Loaded Profiles: evamr
Platform: Microsoft Windows 10 Home Version 21H2 19044.2364 (X64) Language: Slovenčina (Slovensko)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Access Denied) [File not signed] C:\XboxGames\Minecraft Launcher\Content\Minecraft.exe <5>
(C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_1720.28.215.0_x64__8xx8rvfyw5nnt\app\Messenger.exe ->) (Meta) C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_1720.28.215.0_x64__8xx8rvfyw5nnt\app\CrashpadHandlerWindows.exe
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MpCopyAccelerator.exe
(C:\Users\evamr\AppData\Local\Microsoft\Teams\current\Teams.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe
(C:\Users\evamr\AppData\Local\Microsoft\Teams\current\Teams.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler64.exe
(C:\XboxGames\Minecraft Launcher\Content\Minecraft.exe ->) (Microsoft) [File not signed] C:\Users\evamr\AppData\Local\Packages\Microsoft.4297127D64EC6_8wekyb3d8bbwe\LocalCache\Local\runtime\java-runtime-gamma\windows-x64\java-runtime-gamma\bin\javaw.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <35>
(explorer.exe ->) (Meta) C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_1720.28.215.0_x64__8xx8rvfyw5nnt\app\Messenger.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <6>
(Microsoft Corporation -> Microsoft Corporation) C:\Users\evamr\AppData\Local\Microsoft\Teams\current\Teams.exe <12>
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (DITEC, a.s. -> ) C:\Program Files (x86)\Ditec\DLauncher\dLauncherLoopback.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft GameInput\x64\gameinputsvc.exe <2>
(services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_8.71.12001.0_x64__8wekyb3d8bbwe\gamingservices.exe
(services.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingServices_8.71.12001.0_x64__8wekyb3d8bbwe\gamingservicesnet.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\NisSrv.exe
(services.exe ->) (Newyu) [File not signed] C:\Program Files (x86)\LibreView Device Drivers\LibreViewMASMonitor.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_1c83a5d7cffd7bff\Display.NvContainer\NVDisplay.Container.exe <2>
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_11.2210.0.0_x64__8wekyb3d8bbwe\CalculatorApp.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxApp_48.89.25001.0_x64__8wekyb3d8bbwe\XboxApp.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\GameBarPresenceWriter.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2021-08-04] (Adobe Inc. -> )
HKLM-x32\...\Run: [eID_Client] => C:\Program Files (x86)\eID_klient\eID_Client.exe [20895528 2022-09-28] (Ministerstvo vnútra Slovenskej republiky -> )
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [711288 2022-09-15] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-3760653307-1901750747-4286733701-1001\...\Run: [MicrosoftEdgeAutoLaunch_047DBF7B84C518AB47BF9DC9D7BC701E] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3879848 2022-12-15] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3760653307-1901750747-4286733701-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\evamr\AppData\Local\Microsoft\Teams\Update.exe [2587416 2022-12-13] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-3760653307-1901750747-4286733701-1001\...\Run: [Disig Web Signer] => C:\Program Files (x86)\Disig\Web Signer\WebSignerTray.exe [254080 2021-02-04] (Disig a.s. -> Disig a.s.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\108.0.5359.125\Installer\chrmstp.exe [2022-12-16] (Google LLC -> Google LLC)
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {1C017E83-E88E-4DBB-89BC-217AD2D62B71} - System32\Tasks\GoogleUpdateTaskMachineCore{93F6EF78-AB65-4374-8360-1587B0F97AD9} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [171480 2022-10-03] (Google LLC -> Google LLC)
Task: {39A87554-F300-4C90-825E-4E968F944870} - System32\Tasks\DUpdaterTask => C:\Program Files (x86)\Ditec\DUpdater\DUpdater.exe [4176216 2022-10-25] (DITEC, a.s. -> DITEC, a.s.)
Task: {4440E75A-7508-447C-9464-CD8B09C153F5} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MpCmdRun.exe [1592184 2022-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {51502359-7F5F-4060-BAFC-4D3D8582402B} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [56816 2022-12-04] (HP Inc. -> HP Inc.)
Task: {5D0AB52C-3EE3-44B2-BD77-4F30EA57E860} - System32\Tasks\Meta\Messenger-WSP-Helper-S-1-5-21-3760653307-1901750747-4286733701-1001 => C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_1720.28.215.0_x64__8xx8rvfyw5nnt\app\MessengerHelper.exe [2149112 2022-12-18] (Facebook, Inc. -> Meta Platforms, Inc.)
Task: {6A73D675-AD51-4838-9A60-665E1CEC3696} - System32\Tasks\GoogleUpdateTaskMachineUA{A8BE8C8F-AC99-4434-A840-BD7DD0D4C665} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [171480 2022-10-03] (Google LLC -> Google LLC)
Task: {6EBE6119-04FE-4046-A405-2C42C4343B8D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MpCmdRun.exe [1592184 2022-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A3C4E04B-3336-4B01-8C9E-5F3E004DD741} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1552376 2022-09-26] (Adobe Inc. -> Adobe Inc.)
Task: {C87215C0-1379-4EE3-87BC-B5DD6F8C8886} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MpCmdRun.exe [1592184 2022-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F8D617A9-653B-407C-8B0A-8239B375DD5F} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor Logon => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [56816 2022-12-04] (HP Inc. -> HP Inc.)
Task: {FC5BD7C4-DA06-47BA-B7D5-EB1AF5679B92} - System32\Tasks\Opera scheduled Autoupdate 1664829031 => C:\Users\evamr\AppData\Local\Programs\Opera\launcher.exe [2607560 2022-12-20] (Opera Norway AS -> Opera Software)
Task: {FFADB4B2-1FE6-469A-9E63-731428113191} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MpCmdRun.exe [1592184 2022-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{8e7251e4-ba57-4db1-ba27-4b48cd6c84e7}: [DhcpNameServer] 192.168.1.1
Edge:
=======
Edge Profile: C:\Users\evamr\AppData\Local\Microsoft\Edge\User Data\Default [2023-01-04]
FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.351.2 -> C:\Program Files\Java\jre1.8.0_351\bin\dtplugin\npDeployJava1.dll [2022-11-18] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.351.2 -> C:\Program Files\Java\jre1.8.0_351\bin\plugin2\npjp2.dll [2022-11-18] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2022-11-14] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: ditec.sk/DAsicFac -> C:\PROGRA~2\Ditec\DSIGNE~2.NET\NPDITE~1.DLL [2022-08-15] (DITEC, a.s. -> Ditec,a.s.)
FF Plugin-x32: ditec.sk/DitecNMc -> C:\PROGRA~2\Ditec\DLAUNC~2\NPDITE~1.DLL [2022-05-06] (DITEC, a.s. -> DITEC, a.s.)
FF Plugin-x32: ditec.sk/DitecZepDViewerFb -> C:\PROGRA~2\Ditec\DViewer\NPDITE~1.DLL [2022-12-16] (DITEC, a.s. -> Ditec, a.s.)
FF Plugin-x32: ditec.sk/DSigMessageContainer -> C:\PROGRA~2\Ditec\DSIGNE~2.NET\NPDITE~2.DLL [2022-08-15] (DITEC, a.s. -> Ditec, a.s.)
FF Plugin-x32: ditec.sk/DSigXadesExtender -> C:\PROGRA~2\Ditec\DSIGNE~2.NET\NPDITE~3.DLL [2022-08-15] (DITEC, a.s. -> Ditec, a.s.)
FF Plugin-x32: ditec.sk/DSigXadesFb -> C:\PROGRA~2\Ditec\DSIGNE~1.NET\NPDITE~1.DLL [2022-12-23] (DITEC, a.s. -> Ditec,a.s.)
FF Plugin-x32: ditec.sk/XmlDataContainerFb -> C:\PROGRA~2\Ditec\DSIGNE~1.NET\NPDITE~2.DLL [2022-12-23] (DITEC, a.s. -> Ditec,a.s.)
Chrome:
=======
CHR Profile: C:\Users\evamr\AppData\Local\Google\Chrome\User Data\Default [2023-01-04]
CHR Notifications: Default -> hxxps://trovo.live
CHR HomePage: Default -> hxxp://google.sk/
CHR StartupUrls: Default -> "hxxp://mystart.incredibar.com/mb187?a=6OyT6MPidt&i=26","hxxp://us.yahoo.com?fr=fpc-comodo","hxxp://www.delta-search.com/?affID=119816&tt=190313_wo1&babsrc=HP_ss&mntrId=00FD1C6F654A0286","hxxps://www.google.com/","hxxp://www.google.com/","hxxps://www.google.com/","hxxps://www.google.com/"
CHR Session Restore: Default -> is enabled.
CHR Extension: (Prekladač Google) - C:\Users\evamr\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2022-10-03]
CHR Extension: (uBlock Origin) - C:\Users\evamr\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2022-12-31]
CHR Extension: (alerabat.com | kupony i cashback) - C:\Users\evamr\AppData\Local\Google\Chrome\User Data\Default\Extensions\dacdinoicboceafielngnmjjplncljhj [2022-12-15]
CHR Extension: (WebCRX) - C:\Users\evamr\AppData\Local\Google\Chrome\User Data\Default\Extensions\ddgilliopjknmglnpkegbjpoilgachlm [2022-10-03]
CHR Extension: (Tampermonkey) - C:\Users\evamr\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2022-11-25]
CHR Extension: (AHA Music - Song Finder for Browser) - C:\Users\evamr\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpacanjfikmhoddligfbehkpomnbgblf [2022-10-03]
CHR Extension: (Adobe Acrobat: nástroje na upravovanie, prevádzanie a podpisovanie súborov PDF) - C:\Users\evamr\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2022-12-23]
CHR Extension: (Kaspersky Protection 20.0) - C:\Users\evamr\AppData\Local\Google\Chrome\User Data\Default\Extensions\elhpdacimkjpccooodognopfhbdgnpbk [2022-10-03]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\evamr\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-11-23]
CHR Extension: (TinEye Reverse Image Search) - C:\Users\evamr\AppData\Local\Google\Chrome\User Data\Default\Extensions\haebnnbpedcbhciplfhjjkbafijpncjl [2022-12-08]
CHR Extension: (Context Menu Search) - C:\Users\evamr\AppData\Local\Google\Chrome\User Data\Default\Extensions\idpcgabojogahgmhdgnjkmdliaeeofka [2022-10-03]
CHR Extension: (Rozšírenie na kopírovanie a prilepovanie v Office Online) - C:\Users\evamr\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifbmcpbgkhlpfcodhjhdbllhiaomkdej [2022-10-03]
CHR Extension: (The West) - C:\Users\evamr\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilkgeioneoemibpddeiamfgiofnpjifm [2022-10-03]
CHR Extension: (EPUBReader) - C:\Users\evamr\AppData\Local\Google\Chrome\User Data\Default\Extensions\jhhclmfgfllimlhabjkgkeebkbiadflb [2022-10-03]
CHR Extension: (ESET Password Manager) - C:\Users\evamr\AppData\Local\Google\Chrome\User Data\Default\Extensions\khhapgacijodhjokkcjmleaempmchlem [2022-11-29]
CHR Extension: (Fair AdBlocker) - C:\Users\evamr\AppData\Local\Google\Chrome\User Data\Default\Extensions\lgblnfidahcdcjddiepkckcfdhpknnjh [2022-12-30]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\evamr\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-10-03]
CHR Extension: (CSFD Vyhľadávanie & Rozšírenia) - C:\Users\evamr\AppData\Local\Google\Chrome\User Data\Default\Extensions\ookhejngpnlkejplknjeligcfnegimip [2022-10-03]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
Opera:
=======
OPR Profile: C:\Users\evamr\AppData\Roaming\Opera Software\Opera Stable [2023-01-04]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\evamr\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2022-11-21]
OPR Extension: (Opera Wallet) - C:\Users\evamr\AppData\Roaming\Opera Software\Opera Stable\Extensions\gojhcdgcpbpfigcaejpfhfegekdgiblk [2022-12-22]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\evamr\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2022-10-03]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2022-09-26] (Adobe Inc. -> Adobe Inc.)
R2 dLauncherLoopback; C:\Program Files (x86)\Ditec\DLauncher\dLauncherLoopback.exe [154960 2019-08-02] (DITEC, a.s. -> )
S3 FACEITService; C:\Program Files\FACEIT AC\faceitservice.exe [24814984 2022-11-23] (FACE IT LIMITED -> )
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [229360 2022-12-04] (HP Inc. -> HP Inc.)
R2 LibreViewMASMonitor; C:\Program Files (x86)\LibreView Device Drivers\LibreViewMASMonitor.exe [17920 2022-01-17] (Newyu) [File not signed]
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\NisSrv.exe [3191264 2022-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MsMpEng.exe [133592 2022-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_1c83a5d7cffd7bff\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_1c83a5d7cffd7bff\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R1 FACEIT; C:\Windows\System32\Drivers\FACEIT.sys [16837136 2022-11-23] (Microsoft Windows Hardware Compatibility Publisher -> )
S3 RvNetMP60; C:\Windows\System32\drivers\RvNetMP60.sys [69048 2021-12-20] (Famatech Corp. -> Famatech Corp.)
R3 tap0901; C:\Windows\System32\drivers\tap0901.sys [39920 2019-10-23] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [49568 2022-12-09] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [473376 2022-12-09] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [99616 2022-12-09] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-01-04 18:53 - 2023-01-04 18:54 - 000018925 _____ C:\Users\evamr\Desktop\FRST.txt
2023-01-04 18:53 - 2023-01-04 18:53 - 000000000 ____D C:\FRST
2023-01-04 18:52 - 2023-01-04 18:52 - 002376192 _____ (Farbar) C:\Users\evamr\Desktop\FRST64.exe
2023-01-04 11:26 - 2023-01-04 11:26 - 000030773 _____ C:\Users\evamr\Desktop\25035_00_13800_2023-01-01.pdf
2023-01-04 11:25 - 2023-01-04 11:25 - 000098802 _____ C:\Users\evamr\Desktop\Informacny_formular_pre_vkladatela.pdf
2023-01-02 21:04 - 2023-01-02 21:04 - 001127327 _____ C:\Users\evamr\Desktop\7_krokov_k_nastartovaniu_zmeny_v_tvojom_zivote.pdf
2023-01-02 20:59 - 2023-01-02 20:59 - 000000681 _____ C:\Users\evamr\Desktop\žemberák histori.txt
2023-01-01 23:30 - 2023-01-01 23:30 - 000003678 _____ C:\Users\evamr\Desktop\vinše.txt
2023-01-01 11:19 - 2023-01-01 11:19 - 000046898 _____ C:\Users\evamr\Desktop\3fc0d7ce-e94c-4d76-8a89-ef5b6381e8ec.avif
2023-01-01 08:34 - 2023-01-01 12:08 - 000000000 ____D C:\Users\evamr\Documents\Tomáš minecraft
2022-12-31 15:55 - 2022-12-31 15:55 - 000088024 _____ C:\Users\evamr\Desktop\2008a9cb-c2f1-4385-a768-45ca6c17645b.avif
2022-12-31 15:54 - 2022-12-31 15:54 - 000088607 _____ C:\Users\evamr\Desktop\50c9045b-4399-43fe-a637-17c56d91e556.avif
2022-12-30 16:47 - 2022-12-30 16:47 - 000039285 _____ C:\Users\evamr\Desktop\8c7c787d-51c5-4bff-8c8d-7daedacc2517.avif
2022-12-27 09:11 - 2022-12-27 09:11 - 000000042 _____ C:\Users\evamr\Desktop\heslo msng.txt
2022-12-26 18:13 - 2022-12-26 18:14 - 000000000 ____D C:\Users\evamr\Documents\Evka mobil zaloha
2022-12-26 09:53 - 2022-12-26 09:53 - 000000000 ____D C:\Users\evamr\Desktop\Oli a babka s dedkom
2022-12-25 11:11 - 2022-12-25 11:11 - 000059981 _____ C:\Users\evamr\Desktop\9040c8a4-e835-48a4-b633-6816d60d9f17.avif
2022-12-24 18:58 - 2022-12-24 18:58 - 000054812 _____ C:\Users\evamr\Desktop\vianocny-vins-do-SMS.webp
2022-12-24 06:31 - 2022-12-24 07:09 - 000000000 ____D C:\Users\evamr\Downloads\vecteezy_christmas-holiday-party-background-happy-new-year-and-merry_3755142_864
2022-12-24 06:31 - 2022-12-24 06:31 - 009686877 _____ C:\Users\evamr\Downloads\vecteezy_christmas-holiday-party-background-happy-new-year-and-merry_3755142_864.zip
2022-12-24 06:27 - 2022-12-24 06:27 - 000000000 ____D C:\Users\evamr\Downloads\vecteezy_merry-christmas-greeting-card-colorful-background-vector_249340
2022-12-23 08:15 - 2022-12-23 08:15 - 000507599 _____ C:\Users\evamr\Desktop\2929072197.pdf
2022-12-22 11:27 - 2022-12-22 11:27 - 000164853 _____ C:\Users\evamr\Desktop\2022.12.12_006_EK_2022_IM_Info_KEP_eID.pdf
2022-12-22 11:02 - 2022-12-22 11:02 - 000040467 _____ C:\Users\evamr\Desktop\faktura.pdf
2022-12-22 10:59 - 2022-12-22 10:59 - 000067318 _____ C:\Users\evamr\Desktop\c801cd9f-5f59-44bc-8719-8769c3608481.avif
2022-12-22 10:51 - 2022-12-22 10:51 - 000884658 _____ C:\Users\evamr\Desktop\472789470.pdf
2022-12-20 08:45 - 2022-12-20 08:45 - 000166132 _____ C:\Users\evamr\Desktop\eb964119-8124-4a7a-9735-b77b6b68b68d.avif
2022-12-20 08:45 - 2022-12-20 08:45 - 000106613 _____ C:\Users\evamr\Desktop\ef9c3147-b905-4b69-bd1f-258a0750c505.avif
2022-12-19 09:39 - 2022-12-19 09:39 - 000022077 _____ C:\Users\evamr\Desktop\K_Ošetřovné_2022.xlsx
2022-12-18 21:47 - 2022-12-18 21:47 - 000114409 _____ C:\Users\evamr\Desktop\ae9901cd-8225-44de-90c8-ebd877e4c652.avif
2022-12-17 08:32 - 2022-12-17 08:32 - 000067000 _____ C:\Users\evamr\Desktop\b615f2e8-aeb9-4ab1-85d6-3e58ee2db69f.avif
2022-12-15 14:00 - 2022-12-15 14:00 - 000000000 ___HD C:\$WinREAgent
2022-12-14 15:12 - 2022-12-14 15:12 - 000102136 _____ C:\Users\evamr\Desktop\Výplatní lístek.pdf
2022-12-14 07:44 - 2022-09-30 05:23 - 000167440 _____ (Samsung Electronics Co., Ltd.) C:\Windows\system32\Drivers\ssudbus2.sys
2022-12-13 22:20 - 2022-12-13 22:20 - 000106564 _____ C:\Users\evamr\Desktop\e6a04df7-e1f1-40b5-be16-c092f54c6323.avif
2022-12-12 00:39 - 2022-12-12 00:39 - 000156421 _____ C:\Users\evamr\Desktop\a12920e8-066a-4938-bd53-b703d468efdf.avif
2022-12-11 15:17 - 2022-12-11 15:17 - 000000219 _____ C:\Users\evamr\Desktop\Portal.url
2022-12-10 01:55 - 2022-12-10 01:55 - 000313798 _____ C:\Users\evamr\Desktop\FVLA-85044-2022.pdf
2022-12-09 20:43 - 2022-12-09 20:43 - 000064716 _____ C:\Users\evamr\Desktop\noname
2022-12-09 07:56 - 2022-12-09 07:56 - 000102977 _____ C:\Users\evamr\Desktop\02a12ec3-32e2-432f-8080-a12b1e5e6201.avif
2022-12-07 12:41 - 2022-12-07 12:41 - 000143624 _____ C:\Users\evamr\Desktop\DĚJEPISNÁ OLYMPIÁDA 52.pdf
2022-12-06 08:40 - 2022-12-06 08:40 - 000059455 _____ C:\Users\evamr\Desktop\a2bb7c3f-4453-465e-af94-406c3e37e18d.avif
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-01-04 18:49 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-01-04 18:12 - 2022-10-03 06:06 - 000000000 ____D C:\Program Files (x86)\Google
2023-01-04 16:59 - 2022-10-03 07:03 - 000000000 ____D C:\Users\evamr\AppData\Roaming\.minecraft
2023-01-04 16:53 - 2022-10-20 15:28 - 000000000 ____D C:\Users\evamr\.ditec
2023-01-04 16:49 - 2022-10-03 05:48 - 000000000 ____D C:\Windows\system32\SleepStudy
2023-01-04 13:31 - 2022-10-03 06:02 - 000000000 ___RD C:\Users\evamr\OneDrive
2023-01-04 12:09 - 2022-10-03 07:27 - 000000000 ____D C:\ProgramData\NVIDIA
2023-01-04 08:59 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-01-04 08:59 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\AppReadiness
2023-01-04 03:46 - 2022-10-03 06:00 - 000000000 ____D C:\Users\evamr\AppData\Local\Packages
2023-01-04 03:34 - 2022-10-03 05:48 - 000003632 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-01-04 03:34 - 2022-10-03 05:48 - 000003508 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-12-30 22:51 - 2022-10-08 14:02 - 000000000 ____D C:\Users\evamr\AppData\Roaming\.tlauncher
2022-12-30 17:52 - 2022-10-20 08:20 - 000001456 _____ C:\Users\evamr\AppData\Local\Adobe Save for Web 13.0 Prefs
2022-12-30 16:51 - 2022-10-20 15:28 - 000003916 _____ C:\Windows\system32\Tasks\DUpdaterTask
2022-12-30 16:51 - 2022-10-20 15:27 - 000000000 ____D C:\ProgramData\Ditec
2022-12-30 16:51 - 2022-10-20 15:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ditec
2022-12-30 16:51 - 2022-10-20 15:26 - 000000000 ____D C:\Program Files (x86)\Ditec
2022-12-30 16:51 - 2022-10-06 21:38 - 000000000 ____D C:\ProgramData\Package Cache
2022-12-23 22:13 - 2022-10-03 05:53 - 000795738 _____ C:\Windows\system32\PerfStringBackup.INI
2022-12-23 22:13 - 2019-12-07 10:13 - 000000000 ____D C:\Windows\INF
2022-12-23 22:09 - 2022-10-03 05:48 - 000008192 ___SH C:\DumpStack.log.tmp
2022-12-23 22:09 - 2022-10-03 05:48 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2022-12-23 22:08 - 2019-12-07 10:03 - 000524288 _____ C:\Windows\system32\config\BBI
2022-12-23 22:01 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\NDF
2022-12-23 04:16 - 2022-10-03 21:30 - 000004218 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1664829031
2022-12-23 04:16 - 2022-10-03 21:30 - 000001409 _____ C:\Users\evamr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Prehliadač Opera.lnk
2022-12-22 09:55 - 2022-10-03 06:00 - 000000000 ____D C:\Users\evamr\AppData\Local\D3DSCache
2022-12-21 13:08 - 2022-10-06 21:39 - 000000000 ____D C:\Program Files\Adobe
2022-12-21 13:08 - 2022-10-03 06:00 - 000000000 ____D C:\Users\evamr\AppData\Roaming\Adobe
2022-12-21 11:39 - 2022-10-20 15:29 - 000000000 ____D C:\Users\evamr\AppData\Local\eID_klient
2022-12-20 13:26 - 2022-10-15 08:08 - 000000000 ____D C:\Program Files (x86)\Steam
2022-12-17 23:26 - 2022-10-03 05:54 - 000000000 ____D C:\Users\evamr
2022-12-17 17:26 - 2022-10-03 05:48 - 000002444 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-12-16 23:19 - 2022-11-03 20:40 - 000000000 _____ C:\Users\evamr\Documents\HPSmartPrintingPort
2022-12-16 10:34 - 2022-10-03 06:07 - 000002259 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-12-16 10:34 - 2022-10-03 06:07 - 000002218 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-12-15 21:01 - 2022-10-03 05:48 - 000258088 _____ C:\Windows\system32\FNTCACHE.DAT
2022-12-15 21:01 - 2019-12-07 10:14 - 000000000 ___SD C:\Windows\system32\UNP
2022-12-15 21:01 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata
2022-12-15 21:01 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\lv-LV
2022-12-15 21:01 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\lt-LT
2022-12-15 21:01 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\et-EE
2022-12-15 21:01 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\es-MX
2022-12-15 21:01 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\Dism
2022-12-15 21:01 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SystemResources
2022-12-15 21:01 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SystemApps
2022-12-15 21:01 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\WinMetadata
2022-12-15 21:01 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\lv-LV
2022-12-15 21:01 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\lt-LT
2022-12-15 21:01 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\et-EE
2022-12-15 21:01 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\es-MX
2022-12-15 21:01 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\Dism
2022-12-15 21:01 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\Provisioning
2022-12-15 21:01 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\bcastdvr
2022-12-15 21:01 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\System
2022-12-15 14:08 - 2019-12-07 10:03 - 000000000 ____D C:\Windows\CbsTemp
2022-12-15 14:06 - 2022-10-03 06:39 - 000415650 __RSH C:\bootmgr
2022-12-15 14:05 - 2022-10-03 05:50 - 003014656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2022-12-15 13:58 - 2022-10-03 13:28 - 000000000 ____D C:\Windows\system32\MRT
2022-12-15 13:55 - 2022-10-03 13:28 - 148633544 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2022-12-13 21:57 - 2022-10-03 06:22 - 000002368 _____ C:\Users\evamr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk
2022-12-11 15:17 - 2022-10-15 08:14 - 000000000 ____D C:\Users\evamr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2022-12-11 13:10 - 2022-10-02 07:44 - 000000000 ____D C:\Users\evamr\Desktop\upratať
2022-12-10 06:17 - 2022-10-03 06:02 - 000003592 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3760653307-1901750747-4286733701-1001
2022-12-10 06:17 - 2022-10-03 06:02 - 000003380 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3760653307-1901750747-4286733701-1001
2022-12-10 06:17 - 2022-10-03 05:54 - 000002371 _____ C:\Users\evamr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-12-09 18:45 - 2022-10-03 05:48 - 000000000 ____D C:\Windows\system32\Drivers\wd
2022-12-05 03:08 - 2022-10-06 13:22 - 000000000 ____D C:\Program Files\HPPrintScanDoctor
2022-12-05 03:07 - 2022-10-06 13:22 - 000000000 ____D C:\Windows\system32\Tasks\HP
==================== Files in the root of some directories ========
2022-10-20 08:20 - 2022-12-30 17:52 - 000001456 _____ () C:\Users\evamr\AppData\Local\Adobe Save for Web 13.0 Prefs
2022-11-12 18:06 - 2022-11-12 18:06 - 000001480 _____ () C:\Users\evamr\AppData\Local\Adobe Uložit pro web 13.0 Prefs
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================