pomalý ntb, zahřívání, větrák
Napsal: 03 bře 2023 10:27
Help, zas se mi brutálně zpomalil ntb, resp. stále běží větráček (asi, nebo co to hučí), po zapnutí pomalu nabíhá, seká se prohlížeč.
Moc děkuji
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 02-03-2023
Ran by Líba (administrator) on LÍBA (HP HP Laptop 14-bp1xx) (03-03-2023 10:05:26)
Running from C:\Users\croft\Desktop
Loaded Profiles: Líba
Platform: Microsoft Windows 10 Home Version 22H2 19045.2251 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
(C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe ->) (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(C:\Program Files\Elantech\ETDCtrl.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(C:\Program Files\Elantech\ETDCtrl.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDTouch.exe
(C:\Program Files\Elantech\ETDService.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(C:\Program Files\ESET\ESET Security\ekrn.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(C:\Program Files\ESET\ESET Security\ekrn.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eOppFrame.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\Windows\SoftwareDistribution\Download\7fed1a2914b72d100a695b8b4b87557b\WindowsUpdateBox.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\$WINDOWS.~BT\Sources\SetupHost.exe
(DriverStore\FileRepository\c0360470.inf_amd64_b06c374aee20d185\B360357\atiesrxx.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0360470.inf_amd64_b06c374aee20d185\B360357\atieclxx.exe
(explorer.exe ->) (Ghisler Software GmbH -> Ghisler Software GmbH) C:\Program Files (x86)\totalcmd\TOTALCMD64.EXE
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <23>
(explorer.exe ->) (Samsung Electronics CO., LTD. -> ) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
(explorer.exe ->) (Signal Messenger, LLC -> Signal Messenger, LLC) C:\Users\croft\AppData\Local\Programs\signal-desktop\Signal.exe <4>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler64.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki126950.inf_amd64_fa7f56314967630d\igfxEM.exe
(Intel\DPTF\esif_uf.exe ->) (Intel(R) Software -> Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Microsoft Windows Hardware Compatibility Publisher -> ) C:\Windows\System32\spool\drivers\x64\3\sxm4mpi.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0360470.inf_amd64_b06c374aee20d185\B360357\atiesrxx.exe
(services.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(services.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(services.exe ->) (Hewlett-Packard Company -> HP) C:\Windows\System32\hpservice.exe
(services.exe ->) (Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki126950.inf_amd64_fa7f56314967630d\igfxCUIService.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki126950.inf_amd64_fa7f56314967630d\IntelCpHDCPSvc.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki126950.inf_amd64_fa7f56314967630d\IntelCpHeciSvc.exe
(services.exe ->) (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_11.2210.0.0_x64__8wekyb3d8bbwe\CalculatorApp.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(wuauclt.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SoftwareDistribution\Download\7fed1a2914b72d100a695b8b4b87557b\WindowsUpdateBox.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [ACUW10EN] => C:\Program Files\ACD Systems\ACDSee Ultimate\10.0\acdIDInTouch2.exe [2157000 2017-04-21] (ACD Systems International -> ACD Systems)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-10] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3674720 2018-05-11] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [464608 2014-09-08] (Samsung Electronics CO., LTD. -> )
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [194704 2023-01-17] (ESET, spol. s r.o. -> ESET)
HKLM-x32\...\Run: [uupdate] => C:\ProgramData\wDcLibs\uhelper.exe [512280 2019-11-28] (Shenzhen Yi Xing Investment Co., Ltd. -> )
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\RunOnce: [ccleaner_update_helper] => C:\Program Files\CCleaner\ccleaner_update_helper.exe [735544 2023-02-28] (PIRIFORM SOFTWARE LIMITED -> Piriform)
HKU\S-1-5-21-3723532541-349634963-3060968088-1002\...\Run: [ACDSeeCommanderUltimate10] => C:\Program Files\ACD Systems\ACDSee Ultimate\10.0\ACDSeeCommanderUltimate10.exe [3427272 2017-04-25] (ACD Systems International -> )
HKU\S-1-5-21-3723532541-349634963-3060968088-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [38935376 2023-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-3723532541-349634963-3060968088-1002\...\Run: [org.whispersystems.signal-desktop] => C:\Users\croft\AppData\Local\Programs\signal-desktop\Signal.exe [157760376 2023-02-16] (Signal Messenger, LLC -> Signal Messenger, LLC)
HKU\S-1-5-21-3723532541-349634963-3060968088-1002\...\MountPoints2: {97286314-2caf-11ec-a816-40a3cccab76d} - "D:\HiSuiteDownLoader.exe"
HKLM\...\Windows x64\Print Processors\hpcpp101: C:\Windows\System32\spool\prtprocs\x64\hpcpp101.dll [323584 2010-09-23] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\...\Windows x64\Print Processors\sxk6mPC: C:\Windows\System32\spool\prtprocs\x64\sxk6mpc.dll [65472 2019-04-03] (联想图像(天津)科技有限公司 -> Windows (R) Codename Longhorn DDK provider)
HKLM\...\Windows x64\Print Processors\sxm4mPC: C:\Windows\System32\spool\prtprocs\x64\sxm4mpc.dll [43520 2018-09-10] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Codename Longhorn DDK provider)
HKLM\...\Windows x64\Print Processors\xpb210pp: C:\Windows\System32\spool\prtprocs\x64\xpb210pp.dll [128592 2019-04-03] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Codename Longhorn DDK provider)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\WINDOWS\system32\AdobePDF.dll [203936 2021-12-24] (Adobe Inc. -> Adobe Systems Inc)
HKLM\...\Print\Monitors\HP C411 Status Monitor: C:\WINDOWS\system32\hpinkstsC411LM.dll [333496 2013-02-04] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\...\Print\Monitors\PDF-XChange Lite Port Monitor: C:\WINDOWS\system32\pxcpmL.dll [2187520 2019-04-22] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
HKLM\...\Print\Monitors\sxk6m Langmon: C:\WINDOWS\system32\sxk6mlm.dll [44480 2019-04-03] (联想图像(天津)科技有限公司 -> )
HKLM\...\Print\Monitors\sxm4m Langmon: C:\WINDOWS\system32\sxm4mlm.dll [34304 2018-09-10] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\110.0.5481.178\Installer\chrmstp.exe [2023-02-26] (Google LLC -> Google LLC)
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0826E650-059B-495F-BFCD-AF12AA96C532} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1560056 2023-02-01] (Adobe Inc. -> Adobe Inc.)
Task: {19A40ABB-A18F-4B99-B819-FA2D3F6653AB} - System32\Tasks\Microsoft\Windows\WaaSMedic\MaintenanceWork => {72566E27-1ABB-4EB3-B4F0-EB431CB1CB32}
Task: {1F214A47-1F37-44FE-AEC6-C62417682095} - System32\Tasks\EPM Preload => C:\Program Files (x86)\Xerox\Easy Printer Manager\EPM2DotNetHandler.exe [1338880 2019-04-05] () [File not signed]
Task: {201047D5-875B-405E-94BE-76BEBCD9A440} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4713808 2023-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "90b32ea7-642a-40c0-8898-825bf5d02968" --version "6.08.10255" --silent
Task: {3C11EE14-BC52-4E97-8460-096804296E72} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [69304 2020-08-21] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {41F9C8B5-063A-4F4E-A109-85B7003B2748} - System32\Tasks\GoogleUpdateTaskMachineUA1d5ff7dc90708cf => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-09] (Google Inc -> Google LLC)
Task: {77EAB2C8-1B5D-437E-86DB-CD713406A9E6} - System32\Tasks\GoogleUpdateTaskMachineCore1d5ff7dc8e0a443 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-09] (Google Inc -> Google LLC)
Task: {B0D42413-3FF7-4201-BBC2-3306F9200998} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2023-01-11] (Piriform Software Ltd -> Piriform)
Task: {B8223934-5FA4-420A-94BB-46FA72756F4D} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [61624 2020-08-21] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {B9C0EBB5-4CC3-4CC8-BE68-622A46EB8ED6} - System32\Tasks\CCleanerSkipUAC - Líba => C:\Program Files\CCleaner\CCleaner.exe [32617808 2023-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {C71BBFD2-11D4-4C98-BE85-499A63738AE6} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9269296 2018-10-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {CA125255-6F8A-48EF-BD5B-4A8AF0C5121B} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {EFA2E682-318F-4389-9F60-911AE5542248} - System32\Tasks\Xerox\Xerox PowerENGAGE Update => C:\Program Files (x86)\Xerox PowerENGAGE\xeroxreg.exe [117984 2016-09-13] (Aviata Inc -> Aviata Inc)
Task: {F85E500D-9F40-4F9F-B01E-1FE1DE3F3EE6} - System32\Tasks\Xerox\Xerox PowerENGAGE => C:\Program Files (x86)\Xerox PowerENGAGE\xeroxreg.exe [117984 2016-09-13] (Aviata Inc -> Aviata Inc)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 31.30.90.11 31.30.90.12
Tcpip\..\Interfaces\{01d9789d-5705-45b7-962a-a2adffa4a1ce}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{0cee5351-1667-498a-8c34-0a45e0c35c49}: [DhcpNameServer] 31.30.90.11 31.30.90.12
Tcpip\..\Interfaces\{440f6ab2-6db7-444d-bf67-67786f254f48}: [DhcpNameServer] 213.46.172.38 213.46.172.39
Edge:
=======
DownloadDir: C:\Users\croft\Downloads
FireFox:
========
FF DefaultProfile: 8yk82u7g.default
FF ProfilePath: C:\Users\croft\AppData\Roaming\Mozilla\Firefox\Profiles\k09be1cl.default-release-1-1670337135741 [2023-02-05]
FF ProfilePath: C:\Users\croft\AppData\Roaming\Mozilla\Firefox\Profiles\8yk82u7g.default [2022-01-07]
FF ProfilePath: C:\Users\croft\AppData\Roaming\Mozilla\Firefox\Profiles\dm8nxv80.default-release [2023-02-05]
FF Extension: (Video DownloadHelper) - C:\Users\croft\AppData\Roaming\Mozilla\Firefox\Profiles\dm8nxv80.default-release\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2021-09-21]
FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2019-05-02]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2019-04-22] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2019-04-22] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2019-04-22] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.18 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-03-09] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2019-04-22] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2019-04-22] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2019-04-22] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2023-02-14] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-03-09] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2019-04-22] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2019-04-22] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2019-04-22] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-3723532541-349634963-3060968088-1002: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2019-04-22] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-3723532541-349634963-3060968088-1002: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2019-04-22] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-3723532541-349634963-3060968088-1002: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2019-04-22] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\eset_security_config_overlay.js [2022-08-14]
Chrome:
=======
CHR Profile: C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default [2023-03-03]
CHR Notifications: Default -> hxxps://www.facebook.com
CHR NewTab: Default -> Active:"chrome-extension://llaficoajjainaijghjlofdfmbjpebpa/newtab.html"
CHR Session Restore: Default -> is enabled.
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2023-02-14]
CHR Extension: (Dashlane — Password Manager) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdjamakpfbbddfjaooikfcpapjohcfmg [2023-02-16]
CHR Extension: (Speed Dial [FVD] - New Tab Page, 3D, Sync...) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\llaficoajjainaijghjlofdfmbjpebpa [2022-05-23]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-01]
CHR Profile: C:\Users\croft\AppData\Local\Google\Chrome\User Data\System Profile [2023-02-05]
CHR HKU\S-1-5-21-3723532541-349634963-3060968088-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [dhdgffkkebhmkfjojejmpbldmpobfkfo]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-02-01] (Adobe Inc. -> Adobe Inc.)
S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1003344 2023-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [3549872 2023-01-17] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [3549872 2023-01-17] (ESET, spol. s r.o. -> ESET)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9002208 2023-03-03] (Malwarebytes Inc. -> Malwarebytes)
S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-01-18] (Hewlett-Packard) [File not signed]
S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-01-18] (Hewlett-Packard) [File not signed]
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\NisSrv.exe [2876152 2022-01-02] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MsMpEng.exe [128360 2022-01-02] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.231\WsAppService.exe [493792 2017-10-24] (Wondershare Technology Co.,Ltd -> Wondershare)
S3 XeroxProdRegManager; C:\Program Files (x86)\Xerox PowerENGAGE\EngageService.exe [293608 2016-09-13] (Aviata Inc -> Aviata, Inc.)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R0 C981D415; C:\WINDOWS\System32\drivers\C981D415.sys [478392 2020-08-06] (Kaspersky Lab -> Kaspersky Lab ZAO)
S3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2019-04-14] (Disc Soft Ltd -> Disc Soft Ltd)
S3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47160 2019-04-14] (Disc Soft Ltd -> Disc Soft Ltd)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [198416 2023-01-17] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [119904 2023-01-17] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [16336 2022-08-23] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [237208 2023-01-17] (ESET, spol. s r.o. -> ESET)
R2 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [55392 2023-01-17] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [81696 2023-01-17] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [122504 2023-01-17] (ESET, spol. s r.o. -> ESET)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [158640 2023-03-03] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2020-12-05] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 HPMoA407; C:\WINDOWS\System32\drivers\HPMoA407.sys [25088 2011-10-31] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard.)
S3 HPubA407; C:\WINDOWS\System32\Drivers\HPubA407.sys [18944 2012-06-14] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2021-09-17] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223176 2023-03-03] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2023-03-03] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [198112 2023-03-03] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [77736 2023-03-03] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2023-03-03] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [181816 2023-03-03] (Malwarebytes Inc. -> Malwarebytes)
S3 usbscan; C:\WINDOWS\system32\DRIVERS\usbscan.sys [49152 2021-02-10] (Microsoft Corporation) [File not signed]
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [48536 2022-01-02] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [435432 2022-01-02] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [86248 2022-01-02] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [40104 2022-06-17] (HP Inc. -> HP)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-03-03 10:05 - 2023-03-03 10:10 - 000027626 _____ C:\Users\croft\Desktop\FRST.txt
2023-03-03 10:01 - 2023-03-03 10:01 - 002378752 _____ (Farbar) C:\Users\croft\Desktop\FRST64.exe
2023-03-03 09:07 - 2023-03-03 09:07 - 000000000 ___HD C:\$WinREAgent
2023-03-03 08:53 - 2023-03-03 08:53 - 000181816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2023-03-03 08:49 - 2023-03-03 08:49 - 000964433 _____ C:\Users\croft\Downloads\Kabelka MURIEL střih A4 (2).pdf
2023-03-03 08:46 - 2023-03-03 08:46 - 000964433 _____ C:\Users\croft\Downloads\Kabelka MURIEL střih A4 (1).pdf
2023-03-03 08:42 - 2023-03-03 08:42 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2023-03-03 08:42 - 2023-03-03 08:42 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2023-03-03 08:40 - 2023-03-03 08:40 - 000000000 ____D C:\ProgramData\Malwarebytes
2023-03-03 08:31 - 2023-03-03 08:31 - 000451400 _____ C:\Users\croft\Downloads\10497237_220903_230303.pdf
2023-03-03 08:30 - 2023-03-03 08:30 - 000144429 _____ C:\Users\croft\Downloads\10497237_230201_230228.pdf
2023-03-03 08:22 - 2023-03-03 08:22 - 002580896 _____ (Malwarebytes) C:\Users\croft\Downloads\MBSetup-333B45EF.exe
2023-03-02 19:36 - 2023-03-02 19:36 - 000001495 _____ C:\Users\croft\Downloads\Untitled_1677781120309.md
2023-03-01 17:54 - 2023-03-01 17:54 - 009106608 _____ C:\Users\croft\Downloads\Scan_20230301_175416.pdf
2023-03-01 17:08 - 2023-03-01 17:08 - 000110195 _____ C:\Users\croft\Downloads\Plán záloh (1).pdf
2023-03-01 17:06 - 2023-03-01 17:06 - 000110195 _____ C:\Users\croft\Downloads\Plán záloh.pdf
2023-03-01 16:59 - 2023-03-01 16:59 - 575809205 _____ C:\Users\croft\Downloads\5_dokončení.mp4
2023-02-28 16:41 - 2023-02-28 16:43 - 792447060 _____ C:\Users\croft\Downloads\4_šití do obloučku.mp4
2023-02-28 16:38 - 2023-02-28 16:39 - 536918986 _____ C:\Users\croft\Downloads\3_kapsy.mp4
2023-02-28 16:37 - 2023-02-28 16:37 - 209657792 _____ C:\Users\croft\Downloads\2_popruh.mp4
2023-02-26 19:19 - 2023-02-26 19:20 - 845088637 _____ C:\Users\croft\Downloads\1_stříhání.mp4
2023-02-26 19:04 - 2023-02-26 19:04 - 000964433 _____ C:\Users\croft\Downloads\Kabelka MURIEL střih A4.pdf
2023-02-22 09:44 - 2023-02-22 09:55 - 000000000 ____D C:\Users\croft\Downloads\Joe Navarro - Tri minuty do soudneho dne (2019)(CZ)
2023-02-22 09:44 - 2023-02-22 09:44 - 000018836 _____ C:\Users\croft\Downloads\[SkT]Joe_Navarro_-_Tri_minuty_do_soudneho_dne_(2019)(CZ).torrent
2023-02-22 09:41 - 2023-02-22 09:41 - 000016028 _____ C:\Users\croft\Downloads\[SkT]Stephen_R._Covey_-_7_navyku_skutecne_efektivnich_lidi_(CZ).torrent
2023-02-21 05:45 - 2023-02-21 05:46 - 1420811321 _____ C:\Users\croft\Downloads\Kepler Lars - Hypnotizér-20230221T044431Z-001.zip
2023-02-18 17:30 - 2023-02-19 15:49 - 000000000 ____D C:\Users\croft\Downloads\audioknihy
2023-02-18 15:53 - 2023-02-18 18:44 - 1903651217 _____ C:\Users\croft\Downloads\Che Guevara.mkv
2023-02-18 15:38 - 2023-02-18 15:38 - 000022546 _____ C:\Users\croft\Downloads\[SkT]Jakub_Marik_-_Ve_stinu_slunce_(2020)(CZ).torrent
2023-02-18 15:38 - 2023-02-18 15:38 - 000022422 _____ C:\Users\croft\Downloads\[SkT]Jakub_Marik_-_Ve_stimu_slunce_(2020)(CZ).torrent
2023-02-18 15:38 - 2023-02-18 15:38 - 000012580 _____ C:\Users\croft\Downloads\[SkT]Jakub_Marik_-_V_ledovem_sevreni_(2021)(CZ).torrent
2023-02-18 15:37 - 2023-02-18 15:38 - 000034588 _____ C:\Users\croft\Downloads\[SkT]Jakub_Marik_-_UTSS_Salamis_III._-_V_Krvavem_pasu_(2022)(MP4)(CZ).torrent
2023-02-18 15:11 - 2023-02-18 15:11 - 000018477 _____ C:\Users\croft\Downloads\[SkT]Camilla_Lackberg_-_Krotitel_(2017)(CZ).torrent
2023-02-18 15:11 - 2023-02-18 15:11 - 000017855 _____ C:\Users\croft\Downloads\[SkT]Camilla_Lackberg_-_Andelickarka_(2015_CZ).torrent
2023-02-18 15:07 - 2023-02-18 16:11 - 1072791152 _____ C:\Users\croft\Downloads\Lars Kepler - Zrcadlovy muz.rar
2023-02-18 15:02 - 2023-02-18 15:02 - 000000000 ____D C:\Users\croft\Downloads\Lars Kepler - Playground
2023-02-18 15:00 - 2023-02-18 15:00 - 000062297 _____ C:\Users\croft\Downloads\[SkT]Lars_Kepler_-_Joona_lina_1-7_(2011-2018)(CZ).torrent
2023-02-18 15:00 - 2023-02-18 15:00 - 000018658 _____ C:\Users\croft\Downloads\[SkT]Lars_Kepler_-_Playground_(2017)(CZ).torrent
2023-02-18 15:00 - 2023-02-18 15:00 - 000018658 _____ C:\Users\croft\Downloads\[SkT]Lars_Kepler_-_Playground_(2017)(CZ) (1).torrent
2023-02-18 14:33 - 2023-02-18 14:33 - 000018628 _____ C:\Users\croft\Downloads\[SkT]Che_Guevara___The_Hidden_Faces_of_El_Che_(2016)(CZ)[TvRip][1080p].torrent
2023-02-17 15:38 - 2023-02-17 15:38 - 000118997 _____ C:\Users\croft\Downloads\predpisy-zaloh-a-plateb-osvc.pdf
2023-02-17 15:28 - 2023-02-17 15:28 - 000070362 _____ C:\Users\croft\Downloads\p701733460.pdf
2023-02-17 14:48 - 2023-02-17 14:48 - 001663336 _____ C:\Users\croft\Downloads\DPFDP6-6957163103-20230217-144809-pracovni.xml
2023-02-17 14:48 - 2023-02-17 14:48 - 000294360 _____ C:\Users\croft\Downloads\DPFDP6-6957163103-20230217-144816.pdf
2023-02-17 14:47 - 2023-02-17 14:47 - 001663336 _____ C:\Users\croft\Downloads\DPFDP6-6957163103-20230217-144755-pracovni.xml
2023-02-17 13:39 - 2023-02-17 13:39 - 000915874 _____ C:\Users\croft\Downloads\priloha_1143043175_0_SKM_C224e22120209210.pdf
2023-02-17 13:39 - 2023-02-17 13:39 - 000480746 _____ C:\Users\croft\Downloads\priloha_1141917464_0_12816-2023_Žádost_o_informace_k_OVK_-_odpověď_sign.pdf
2023-02-17 13:39 - 2023-02-17 13:39 - 000174906 _____ C:\Users\croft\Downloads\priloha_1130922927_0_Dopis zmocněnkyni České pirátské strany (1).pdf
2023-02-17 13:39 - 2023-02-17 13:39 - 000166707 _____ C:\Users\croft\Downloads\priloha_1129757271_0_Dopis Libuši Věříšové - volby 2023 (1).pdf
2023-02-17 13:38 - 2023-02-17 13:38 - 000719448 _____ C:\Users\croft\Downloads\priloha_1144747326_0_Dokument - úřad.pdf
2023-02-17 13:38 - 2023-02-17 13:38 - 000501540 _____ C:\Users\croft\Downloads\priloha_1144857030_0_ČPS_vyjádření_k_členům_OVK.pdf
2023-02-17 13:38 - 2023-02-17 13:38 - 000375762 _____ C:\Users\croft\Downloads\priloha_1144799567_0_unor2023_odpoved_L_Verisove_.pdf
2023-02-17 13:38 - 2023-02-17 13:38 - 000303989 _____ C:\Users\croft\Downloads\priloha_1144751711_0_Odpoved_CPS.pdf
2023-02-17 13:38 - 2023-02-17 13:38 - 000255434 _____ C:\Users\croft\Downloads\priloha_1143415574_0_hodnoceni_clenu_OVK.pdf
2023-02-17 13:38 - 2023-02-17 13:38 - 000155962 _____ C:\Users\croft\Downloads\priloha_1144782931_0_sdělení_o_delegování.pdf
2023-02-17 13:16 - 2023-02-17 13:16 - 000058050 _____ C:\Users\croft\Downloads\priloha_1142779303_0_pristupove_udaje_k_datove_schrance.pdf
2023-02-17 08:38 - 2023-02-26 19:01 - 000000000 ____D C:\Users\croft\AppData\Roaming\Signal
2023-02-17 08:38 - 2023-02-17 08:38 - 000002399 _____ C:\Users\croft\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Signal.lnk
2023-02-17 08:38 - 2023-02-17 08:38 - 000002391 _____ C:\Users\croft\Desktop\Signal.lnk
2023-02-17 08:34 - 2023-02-17 08:34 - 129535184 _____ (Signal Messenger, LLC) C:\Users\croft\Downloads\signal-desktop-win-6.6.0.exe
2023-02-15 19:54 - 2023-02-15 19:54 - 000135397 _____ C:\Users\croft\Downloads\FA_23020_ceska_piratska_strana.pdf
2023-02-15 19:53 - 2023-02-15 19:53 - 000216743 _____ C:\Users\croft\Downloads\Faktura_2.pdf
2023-02-14 16:59 - 2023-02-14 16:59 - 000063855 _____ C:\Users\croft\Downloads\Sešit1.xlsx
2023-02-12 17:16 - 2023-02-12 19:19 - 761065376 _____ C:\Users\croft\Downloads\Carter Chris - Popravčí.mp4
2023-02-12 17:11 - 2023-02-12 17:11 - 000005769 _____ C:\Users\croft\Downloads\[SkT]Ch._Carter_-_4_knihy_(2009_-_2012)(CZ).torrent
2023-02-05 15:37 - 2023-02-05 15:37 - 000111440 _____ C:\Users\croft\Downloads\Pozvánka.pdf
2023-02-05 14:30 - 2023-02-05 14:30 - 000422009 _____ C:\Users\croft\Downloads\priloha_1138960261_1_VZP_OSVC_dopis DS 2023.pdf
2023-02-05 14:30 - 2023-02-05 14:30 - 000153701 _____ C:\Users\croft\Downloads\priloha_1138960261_0_p706639393.pdf
2023-02-05 14:21 - 2023-02-05 14:21 - 000020368 _____ C:\Users\croft\Downloads\priloha_1138780483_0_zprava.html
2023-02-05 14:21 - 2023-02-05 14:21 - 000000145 _____ C:\Users\croft\Downloads\priloha_1138780483_1_zprava.xml
2023-02-01 21:11 - 2023-02-24 13:09 - 000000000 ____D C:\Users\croft\Downloads\kontakty
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-03-03 10:09 - 2019-04-09 12:45 - 000000000 ____D C:\Program Files (x86)\Google
2023-03-03 10:08 - 2019-05-21 07:35 - 000000000 ____D C:\FRST
2023-03-03 10:01 - 2019-12-07 16:24 - 000000000 ___HD C:\$WINDOWS.~BT
2023-03-03 09:58 - 2021-02-06 13:20 - 000000000 ___DC C:\WINDOWS\Panther
2023-03-03 09:30 - 2021-02-10 09:35 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-03-03 09:12 - 2023-01-26 13:22 - 000002114 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller.lnk
2023-03-03 09:12 - 2022-10-15 07:49 - 000002103 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2023-03-03 08:54 - 2021-02-10 10:02 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2023-03-03 08:41 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2023-03-03 08:40 - 2020-02-20 07:19 - 000000000 ____D C:\Program Files\Malwarebytes
2023-03-03 07:39 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-03-03 07:11 - 2022-01-06 17:07 - 000000000 ____D C:\Program Files\CCleaner
2023-03-02 17:03 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-03-02 17:03 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-03-02 16:45 - 2022-01-06 17:08 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2023-03-01 16:48 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-02-28 16:44 - 2022-04-11 08:04 - 000000000 ____D C:\Users\croft\AppData\Roaming\vlc
2023-02-26 19:22 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2023-02-26 18:54 - 2019-04-09 12:45 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-02-26 18:36 - 2021-02-10 09:42 - 000000000 ____D C:\Users\croft
2023-02-26 18:31 - 2021-02-10 10:02 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-02-26 18:31 - 2021-02-10 09:34 - 000008192 ___SH C:\DumpStack.log.tmp
2023-02-24 12:25 - 2019-04-09 12:42 - 000000000 ____D C:\Users\croft\AppData\Local\Packages
2023-02-22 20:16 - 2020-02-01 13:24 - 000000000 ____D C:\Users\croft\AppData\Roaming\uTorrent
2023-02-18 17:35 - 2019-04-10 16:58 - 000000000 ____D C:\Users\Líba
2023-02-17 08:40 - 2019-04-10 14:33 - 000000000 ____D C:\Users\croft\AppData\Local\D3DSCache
2023-02-16 00:57 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2023-02-15 17:27 - 2019-03-08 15:39 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-02-15 17:18 - 2019-03-08 15:39 - 149955784 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-02-14 16:33 - 2023-01-03 17:06 - 000000760 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2023-02-14 07:34 - 2020-11-30 13:24 - 000000000 ____D C:\Users\croft\AppData\Local\CrashDumps
2023-02-07 18:57 - 2019-04-14 09:00 - 000002656 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk
2023-02-05 17:52 - 2022-01-06 17:08 - 000002250 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - Líba
2023-02-05 17:44 - 2023-01-04 19:40 - 000003106 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2023-02-05 16:53 - 2022-05-05 14:01 - 000484896 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-02-05 16:33 - 2022-02-01 10:04 - 000000000 ____D C:\Program Files\LibreOffice
2023-02-02 18:43 - 2023-01-31 09:55 - 000000000 ____D C:\Users\croft\Downloads\Daně 2023
==================== Files in the root of some directories ========
2022-01-01 18:09 - 2022-01-01 18:06 - 001675440 _____ () C:\Program Files (x86)\setup_CEWE_FOTOLAB_fotosvet.exe
2019-04-10 21:09 - 2022-01-02 13:57 - 000000205 _____ () C:\Users\croft\AppData\Local\oobelibMkey.log
2022-08-15 07:16 - 2022-08-15 07:16 - 000023301 _____ () C:\Users\croft\AppData\Local\recently-used.xbel
2021-08-24 05:53 - 2021-08-24 05:53 - 000007597 _____ () C:\Users\croft\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Moc děkuji
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 02-03-2023
Ran by Líba (administrator) on LÍBA (HP HP Laptop 14-bp1xx) (03-03-2023 10:05:26)
Running from C:\Users\croft\Desktop
Loaded Profiles: Líba
Platform: Microsoft Windows 10 Home Version 22H2 19045.2251 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
(C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe ->) (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(C:\Program Files\Elantech\ETDCtrl.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(C:\Program Files\Elantech\ETDCtrl.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDTouch.exe
(C:\Program Files\Elantech\ETDService.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(C:\Program Files\ESET\ESET Security\ekrn.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(C:\Program Files\ESET\ESET Security\ekrn.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eOppFrame.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\Windows\SoftwareDistribution\Download\7fed1a2914b72d100a695b8b4b87557b\WindowsUpdateBox.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\$WINDOWS.~BT\Sources\SetupHost.exe
(DriverStore\FileRepository\c0360470.inf_amd64_b06c374aee20d185\B360357\atiesrxx.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0360470.inf_amd64_b06c374aee20d185\B360357\atieclxx.exe
(explorer.exe ->) (Ghisler Software GmbH -> Ghisler Software GmbH) C:\Program Files (x86)\totalcmd\TOTALCMD64.EXE
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <23>
(explorer.exe ->) (Samsung Electronics CO., LTD. -> ) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
(explorer.exe ->) (Signal Messenger, LLC -> Signal Messenger, LLC) C:\Users\croft\AppData\Local\Programs\signal-desktop\Signal.exe <4>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler64.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki126950.inf_amd64_fa7f56314967630d\igfxEM.exe
(Intel\DPTF\esif_uf.exe ->) (Intel(R) Software -> Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Microsoft Windows Hardware Compatibility Publisher -> ) C:\Windows\System32\spool\drivers\x64\3\sxm4mpi.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0360470.inf_amd64_b06c374aee20d185\B360357\atiesrxx.exe
(services.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(services.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(services.exe ->) (Hewlett-Packard Company -> HP) C:\Windows\System32\hpservice.exe
(services.exe ->) (Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki126950.inf_amd64_fa7f56314967630d\igfxCUIService.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki126950.inf_amd64_fa7f56314967630d\IntelCpHDCPSvc.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki126950.inf_amd64_fa7f56314967630d\IntelCpHeciSvc.exe
(services.exe ->) (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_11.2210.0.0_x64__8wekyb3d8bbwe\CalculatorApp.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(wuauclt.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SoftwareDistribution\Download\7fed1a2914b72d100a695b8b4b87557b\WindowsUpdateBox.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [ACUW10EN] => C:\Program Files\ACD Systems\ACDSee Ultimate\10.0\acdIDInTouch2.exe [2157000 2017-04-21] (ACD Systems International -> ACD Systems)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-10] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3674720 2018-05-11] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [464608 2014-09-08] (Samsung Electronics CO., LTD. -> )
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [194704 2023-01-17] (ESET, spol. s r.o. -> ESET)
HKLM-x32\...\Run: [uupdate] => C:\ProgramData\wDcLibs\uhelper.exe [512280 2019-11-28] (Shenzhen Yi Xing Investment Co., Ltd. -> )
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\RunOnce: [ccleaner_update_helper] => C:\Program Files\CCleaner\ccleaner_update_helper.exe [735544 2023-02-28] (PIRIFORM SOFTWARE LIMITED -> Piriform)
HKU\S-1-5-21-3723532541-349634963-3060968088-1002\...\Run: [ACDSeeCommanderUltimate10] => C:\Program Files\ACD Systems\ACDSee Ultimate\10.0\ACDSeeCommanderUltimate10.exe [3427272 2017-04-25] (ACD Systems International -> )
HKU\S-1-5-21-3723532541-349634963-3060968088-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [38935376 2023-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-3723532541-349634963-3060968088-1002\...\Run: [org.whispersystems.signal-desktop] => C:\Users\croft\AppData\Local\Programs\signal-desktop\Signal.exe [157760376 2023-02-16] (Signal Messenger, LLC -> Signal Messenger, LLC)
HKU\S-1-5-21-3723532541-349634963-3060968088-1002\...\MountPoints2: {97286314-2caf-11ec-a816-40a3cccab76d} - "D:\HiSuiteDownLoader.exe"
HKLM\...\Windows x64\Print Processors\hpcpp101: C:\Windows\System32\spool\prtprocs\x64\hpcpp101.dll [323584 2010-09-23] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\...\Windows x64\Print Processors\sxk6mPC: C:\Windows\System32\spool\prtprocs\x64\sxk6mpc.dll [65472 2019-04-03] (联想图像(天津)科技有限公司 -> Windows (R) Codename Longhorn DDK provider)
HKLM\...\Windows x64\Print Processors\sxm4mPC: C:\Windows\System32\spool\prtprocs\x64\sxm4mpc.dll [43520 2018-09-10] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Codename Longhorn DDK provider)
HKLM\...\Windows x64\Print Processors\xpb210pp: C:\Windows\System32\spool\prtprocs\x64\xpb210pp.dll [128592 2019-04-03] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Codename Longhorn DDK provider)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\WINDOWS\system32\AdobePDF.dll [203936 2021-12-24] (Adobe Inc. -> Adobe Systems Inc)
HKLM\...\Print\Monitors\HP C411 Status Monitor: C:\WINDOWS\system32\hpinkstsC411LM.dll [333496 2013-02-04] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\...\Print\Monitors\PDF-XChange Lite Port Monitor: C:\WINDOWS\system32\pxcpmL.dll [2187520 2019-04-22] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
HKLM\...\Print\Monitors\sxk6m Langmon: C:\WINDOWS\system32\sxk6mlm.dll [44480 2019-04-03] (联想图像(天津)科技有限公司 -> )
HKLM\...\Print\Monitors\sxm4m Langmon: C:\WINDOWS\system32\sxm4mlm.dll [34304 2018-09-10] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\110.0.5481.178\Installer\chrmstp.exe [2023-02-26] (Google LLC -> Google LLC)
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0826E650-059B-495F-BFCD-AF12AA96C532} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1560056 2023-02-01] (Adobe Inc. -> Adobe Inc.)
Task: {19A40ABB-A18F-4B99-B819-FA2D3F6653AB} - System32\Tasks\Microsoft\Windows\WaaSMedic\MaintenanceWork => {72566E27-1ABB-4EB3-B4F0-EB431CB1CB32}
Task: {1F214A47-1F37-44FE-AEC6-C62417682095} - System32\Tasks\EPM Preload => C:\Program Files (x86)\Xerox\Easy Printer Manager\EPM2DotNetHandler.exe [1338880 2019-04-05] () [File not signed]
Task: {201047D5-875B-405E-94BE-76BEBCD9A440} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4713808 2023-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "90b32ea7-642a-40c0-8898-825bf5d02968" --version "6.08.10255" --silent
Task: {3C11EE14-BC52-4E97-8460-096804296E72} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [69304 2020-08-21] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {41F9C8B5-063A-4F4E-A109-85B7003B2748} - System32\Tasks\GoogleUpdateTaskMachineUA1d5ff7dc90708cf => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-09] (Google Inc -> Google LLC)
Task: {77EAB2C8-1B5D-437E-86DB-CD713406A9E6} - System32\Tasks\GoogleUpdateTaskMachineCore1d5ff7dc8e0a443 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-09] (Google Inc -> Google LLC)
Task: {B0D42413-3FF7-4201-BBC2-3306F9200998} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2023-01-11] (Piriform Software Ltd -> Piriform)
Task: {B8223934-5FA4-420A-94BB-46FA72756F4D} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [61624 2020-08-21] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {B9C0EBB5-4CC3-4CC8-BE68-622A46EB8ED6} - System32\Tasks\CCleanerSkipUAC - Líba => C:\Program Files\CCleaner\CCleaner.exe [32617808 2023-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {C71BBFD2-11D4-4C98-BE85-499A63738AE6} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9269296 2018-10-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {CA125255-6F8A-48EF-BD5B-4A8AF0C5121B} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {EFA2E682-318F-4389-9F60-911AE5542248} - System32\Tasks\Xerox\Xerox PowerENGAGE Update => C:\Program Files (x86)\Xerox PowerENGAGE\xeroxreg.exe [117984 2016-09-13] (Aviata Inc -> Aviata Inc)
Task: {F85E500D-9F40-4F9F-B01E-1FE1DE3F3EE6} - System32\Tasks\Xerox\Xerox PowerENGAGE => C:\Program Files (x86)\Xerox PowerENGAGE\xeroxreg.exe [117984 2016-09-13] (Aviata Inc -> Aviata Inc)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 31.30.90.11 31.30.90.12
Tcpip\..\Interfaces\{01d9789d-5705-45b7-962a-a2adffa4a1ce}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{0cee5351-1667-498a-8c34-0a45e0c35c49}: [DhcpNameServer] 31.30.90.11 31.30.90.12
Tcpip\..\Interfaces\{440f6ab2-6db7-444d-bf67-67786f254f48}: [DhcpNameServer] 213.46.172.38 213.46.172.39
Edge:
=======
DownloadDir: C:\Users\croft\Downloads
FireFox:
========
FF DefaultProfile: 8yk82u7g.default
FF ProfilePath: C:\Users\croft\AppData\Roaming\Mozilla\Firefox\Profiles\k09be1cl.default-release-1-1670337135741 [2023-02-05]
FF ProfilePath: C:\Users\croft\AppData\Roaming\Mozilla\Firefox\Profiles\8yk82u7g.default [2022-01-07]
FF ProfilePath: C:\Users\croft\AppData\Roaming\Mozilla\Firefox\Profiles\dm8nxv80.default-release [2023-02-05]
FF Extension: (Video DownloadHelper) - C:\Users\croft\AppData\Roaming\Mozilla\Firefox\Profiles\dm8nxv80.default-release\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2021-09-21]
FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2019-05-02]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2019-04-22] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2019-04-22] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2019-04-22] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.18 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-03-09] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2019-04-22] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2019-04-22] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2019-04-22] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2023-02-14] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-03-09] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2019-04-22] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2019-04-22] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2019-04-22] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-3723532541-349634963-3060968088-1002: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2019-04-22] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-3723532541-349634963-3060968088-1002: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2019-04-22] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-3723532541-349634963-3060968088-1002: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2019-04-22] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\eset_security_config_overlay.js [2022-08-14]
Chrome:
=======
CHR Profile: C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default [2023-03-03]
CHR Notifications: Default -> hxxps://www.facebook.com
CHR NewTab: Default -> Active:"chrome-extension://llaficoajjainaijghjlofdfmbjpebpa/newtab.html"
CHR Session Restore: Default -> is enabled.
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2023-02-14]
CHR Extension: (Dashlane — Password Manager) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdjamakpfbbddfjaooikfcpapjohcfmg [2023-02-16]
CHR Extension: (Speed Dial [FVD] - New Tab Page, 3D, Sync...) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\llaficoajjainaijghjlofdfmbjpebpa [2022-05-23]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-01]
CHR Profile: C:\Users\croft\AppData\Local\Google\Chrome\User Data\System Profile [2023-02-05]
CHR HKU\S-1-5-21-3723532541-349634963-3060968088-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [dhdgffkkebhmkfjojejmpbldmpobfkfo]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-02-01] (Adobe Inc. -> Adobe Inc.)
S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1003344 2023-01-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [3549872 2023-01-17] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [3549872 2023-01-17] (ESET, spol. s r.o. -> ESET)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9002208 2023-03-03] (Malwarebytes Inc. -> Malwarebytes)
S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-01-18] (Hewlett-Packard) [File not signed]
S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-01-18] (Hewlett-Packard) [File not signed]
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\NisSrv.exe [2876152 2022-01-02] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MsMpEng.exe [128360 2022-01-02] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.231\WsAppService.exe [493792 2017-10-24] (Wondershare Technology Co.,Ltd -> Wondershare)
S3 XeroxProdRegManager; C:\Program Files (x86)\Xerox PowerENGAGE\EngageService.exe [293608 2016-09-13] (Aviata Inc -> Aviata, Inc.)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R0 C981D415; C:\WINDOWS\System32\drivers\C981D415.sys [478392 2020-08-06] (Kaspersky Lab -> Kaspersky Lab ZAO)
S3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2019-04-14] (Disc Soft Ltd -> Disc Soft Ltd)
S3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47160 2019-04-14] (Disc Soft Ltd -> Disc Soft Ltd)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [198416 2023-01-17] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [119904 2023-01-17] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [16336 2022-08-23] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [237208 2023-01-17] (ESET, spol. s r.o. -> ESET)
R2 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [55392 2023-01-17] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [81696 2023-01-17] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [122504 2023-01-17] (ESET, spol. s r.o. -> ESET)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [158640 2023-03-03] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2020-12-05] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 HPMoA407; C:\WINDOWS\System32\drivers\HPMoA407.sys [25088 2011-10-31] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard.)
S3 HPubA407; C:\WINDOWS\System32\Drivers\HPubA407.sys [18944 2012-06-14] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2021-09-17] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223176 2023-03-03] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2023-03-03] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [198112 2023-03-03] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [77736 2023-03-03] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2023-03-03] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [181816 2023-03-03] (Malwarebytes Inc. -> Malwarebytes)
S3 usbscan; C:\WINDOWS\system32\DRIVERS\usbscan.sys [49152 2021-02-10] (Microsoft Corporation) [File not signed]
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [48536 2022-01-02] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [435432 2022-01-02] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [86248 2022-01-02] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [40104 2022-06-17] (HP Inc. -> HP)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-03-03 10:05 - 2023-03-03 10:10 - 000027626 _____ C:\Users\croft\Desktop\FRST.txt
2023-03-03 10:01 - 2023-03-03 10:01 - 002378752 _____ (Farbar) C:\Users\croft\Desktop\FRST64.exe
2023-03-03 09:07 - 2023-03-03 09:07 - 000000000 ___HD C:\$WinREAgent
2023-03-03 08:53 - 2023-03-03 08:53 - 000181816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2023-03-03 08:49 - 2023-03-03 08:49 - 000964433 _____ C:\Users\croft\Downloads\Kabelka MURIEL střih A4 (2).pdf
2023-03-03 08:46 - 2023-03-03 08:46 - 000964433 _____ C:\Users\croft\Downloads\Kabelka MURIEL střih A4 (1).pdf
2023-03-03 08:42 - 2023-03-03 08:42 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2023-03-03 08:42 - 2023-03-03 08:42 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2023-03-03 08:40 - 2023-03-03 08:40 - 000000000 ____D C:\ProgramData\Malwarebytes
2023-03-03 08:31 - 2023-03-03 08:31 - 000451400 _____ C:\Users\croft\Downloads\10497237_220903_230303.pdf
2023-03-03 08:30 - 2023-03-03 08:30 - 000144429 _____ C:\Users\croft\Downloads\10497237_230201_230228.pdf
2023-03-03 08:22 - 2023-03-03 08:22 - 002580896 _____ (Malwarebytes) C:\Users\croft\Downloads\MBSetup-333B45EF.exe
2023-03-02 19:36 - 2023-03-02 19:36 - 000001495 _____ C:\Users\croft\Downloads\Untitled_1677781120309.md
2023-03-01 17:54 - 2023-03-01 17:54 - 009106608 _____ C:\Users\croft\Downloads\Scan_20230301_175416.pdf
2023-03-01 17:08 - 2023-03-01 17:08 - 000110195 _____ C:\Users\croft\Downloads\Plán záloh (1).pdf
2023-03-01 17:06 - 2023-03-01 17:06 - 000110195 _____ C:\Users\croft\Downloads\Plán záloh.pdf
2023-03-01 16:59 - 2023-03-01 16:59 - 575809205 _____ C:\Users\croft\Downloads\5_dokončení.mp4
2023-02-28 16:41 - 2023-02-28 16:43 - 792447060 _____ C:\Users\croft\Downloads\4_šití do obloučku.mp4
2023-02-28 16:38 - 2023-02-28 16:39 - 536918986 _____ C:\Users\croft\Downloads\3_kapsy.mp4
2023-02-28 16:37 - 2023-02-28 16:37 - 209657792 _____ C:\Users\croft\Downloads\2_popruh.mp4
2023-02-26 19:19 - 2023-02-26 19:20 - 845088637 _____ C:\Users\croft\Downloads\1_stříhání.mp4
2023-02-26 19:04 - 2023-02-26 19:04 - 000964433 _____ C:\Users\croft\Downloads\Kabelka MURIEL střih A4.pdf
2023-02-22 09:44 - 2023-02-22 09:55 - 000000000 ____D C:\Users\croft\Downloads\Joe Navarro - Tri minuty do soudneho dne (2019)(CZ)
2023-02-22 09:44 - 2023-02-22 09:44 - 000018836 _____ C:\Users\croft\Downloads\[SkT]Joe_Navarro_-_Tri_minuty_do_soudneho_dne_(2019)(CZ).torrent
2023-02-22 09:41 - 2023-02-22 09:41 - 000016028 _____ C:\Users\croft\Downloads\[SkT]Stephen_R._Covey_-_7_navyku_skutecne_efektivnich_lidi_(CZ).torrent
2023-02-21 05:45 - 2023-02-21 05:46 - 1420811321 _____ C:\Users\croft\Downloads\Kepler Lars - Hypnotizér-20230221T044431Z-001.zip
2023-02-18 17:30 - 2023-02-19 15:49 - 000000000 ____D C:\Users\croft\Downloads\audioknihy
2023-02-18 15:53 - 2023-02-18 18:44 - 1903651217 _____ C:\Users\croft\Downloads\Che Guevara.mkv
2023-02-18 15:38 - 2023-02-18 15:38 - 000022546 _____ C:\Users\croft\Downloads\[SkT]Jakub_Marik_-_Ve_stinu_slunce_(2020)(CZ).torrent
2023-02-18 15:38 - 2023-02-18 15:38 - 000022422 _____ C:\Users\croft\Downloads\[SkT]Jakub_Marik_-_Ve_stimu_slunce_(2020)(CZ).torrent
2023-02-18 15:38 - 2023-02-18 15:38 - 000012580 _____ C:\Users\croft\Downloads\[SkT]Jakub_Marik_-_V_ledovem_sevreni_(2021)(CZ).torrent
2023-02-18 15:37 - 2023-02-18 15:38 - 000034588 _____ C:\Users\croft\Downloads\[SkT]Jakub_Marik_-_UTSS_Salamis_III._-_V_Krvavem_pasu_(2022)(MP4)(CZ).torrent
2023-02-18 15:11 - 2023-02-18 15:11 - 000018477 _____ C:\Users\croft\Downloads\[SkT]Camilla_Lackberg_-_Krotitel_(2017)(CZ).torrent
2023-02-18 15:11 - 2023-02-18 15:11 - 000017855 _____ C:\Users\croft\Downloads\[SkT]Camilla_Lackberg_-_Andelickarka_(2015_CZ).torrent
2023-02-18 15:07 - 2023-02-18 16:11 - 1072791152 _____ C:\Users\croft\Downloads\Lars Kepler - Zrcadlovy muz.rar
2023-02-18 15:02 - 2023-02-18 15:02 - 000000000 ____D C:\Users\croft\Downloads\Lars Kepler - Playground
2023-02-18 15:00 - 2023-02-18 15:00 - 000062297 _____ C:\Users\croft\Downloads\[SkT]Lars_Kepler_-_Joona_lina_1-7_(2011-2018)(CZ).torrent
2023-02-18 15:00 - 2023-02-18 15:00 - 000018658 _____ C:\Users\croft\Downloads\[SkT]Lars_Kepler_-_Playground_(2017)(CZ).torrent
2023-02-18 15:00 - 2023-02-18 15:00 - 000018658 _____ C:\Users\croft\Downloads\[SkT]Lars_Kepler_-_Playground_(2017)(CZ) (1).torrent
2023-02-18 14:33 - 2023-02-18 14:33 - 000018628 _____ C:\Users\croft\Downloads\[SkT]Che_Guevara___The_Hidden_Faces_of_El_Che_(2016)(CZ)[TvRip][1080p].torrent
2023-02-17 15:38 - 2023-02-17 15:38 - 000118997 _____ C:\Users\croft\Downloads\predpisy-zaloh-a-plateb-osvc.pdf
2023-02-17 15:28 - 2023-02-17 15:28 - 000070362 _____ C:\Users\croft\Downloads\p701733460.pdf
2023-02-17 14:48 - 2023-02-17 14:48 - 001663336 _____ C:\Users\croft\Downloads\DPFDP6-6957163103-20230217-144809-pracovni.xml
2023-02-17 14:48 - 2023-02-17 14:48 - 000294360 _____ C:\Users\croft\Downloads\DPFDP6-6957163103-20230217-144816.pdf
2023-02-17 14:47 - 2023-02-17 14:47 - 001663336 _____ C:\Users\croft\Downloads\DPFDP6-6957163103-20230217-144755-pracovni.xml
2023-02-17 13:39 - 2023-02-17 13:39 - 000915874 _____ C:\Users\croft\Downloads\priloha_1143043175_0_SKM_C224e22120209210.pdf
2023-02-17 13:39 - 2023-02-17 13:39 - 000480746 _____ C:\Users\croft\Downloads\priloha_1141917464_0_12816-2023_Žádost_o_informace_k_OVK_-_odpověď_sign.pdf
2023-02-17 13:39 - 2023-02-17 13:39 - 000174906 _____ C:\Users\croft\Downloads\priloha_1130922927_0_Dopis zmocněnkyni České pirátské strany (1).pdf
2023-02-17 13:39 - 2023-02-17 13:39 - 000166707 _____ C:\Users\croft\Downloads\priloha_1129757271_0_Dopis Libuši Věříšové - volby 2023 (1).pdf
2023-02-17 13:38 - 2023-02-17 13:38 - 000719448 _____ C:\Users\croft\Downloads\priloha_1144747326_0_Dokument - úřad.pdf
2023-02-17 13:38 - 2023-02-17 13:38 - 000501540 _____ C:\Users\croft\Downloads\priloha_1144857030_0_ČPS_vyjádření_k_členům_OVK.pdf
2023-02-17 13:38 - 2023-02-17 13:38 - 000375762 _____ C:\Users\croft\Downloads\priloha_1144799567_0_unor2023_odpoved_L_Verisove_.pdf
2023-02-17 13:38 - 2023-02-17 13:38 - 000303989 _____ C:\Users\croft\Downloads\priloha_1144751711_0_Odpoved_CPS.pdf
2023-02-17 13:38 - 2023-02-17 13:38 - 000255434 _____ C:\Users\croft\Downloads\priloha_1143415574_0_hodnoceni_clenu_OVK.pdf
2023-02-17 13:38 - 2023-02-17 13:38 - 000155962 _____ C:\Users\croft\Downloads\priloha_1144782931_0_sdělení_o_delegování.pdf
2023-02-17 13:16 - 2023-02-17 13:16 - 000058050 _____ C:\Users\croft\Downloads\priloha_1142779303_0_pristupove_udaje_k_datove_schrance.pdf
2023-02-17 08:38 - 2023-02-26 19:01 - 000000000 ____D C:\Users\croft\AppData\Roaming\Signal
2023-02-17 08:38 - 2023-02-17 08:38 - 000002399 _____ C:\Users\croft\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Signal.lnk
2023-02-17 08:38 - 2023-02-17 08:38 - 000002391 _____ C:\Users\croft\Desktop\Signal.lnk
2023-02-17 08:34 - 2023-02-17 08:34 - 129535184 _____ (Signal Messenger, LLC) C:\Users\croft\Downloads\signal-desktop-win-6.6.0.exe
2023-02-15 19:54 - 2023-02-15 19:54 - 000135397 _____ C:\Users\croft\Downloads\FA_23020_ceska_piratska_strana.pdf
2023-02-15 19:53 - 2023-02-15 19:53 - 000216743 _____ C:\Users\croft\Downloads\Faktura_2.pdf
2023-02-14 16:59 - 2023-02-14 16:59 - 000063855 _____ C:\Users\croft\Downloads\Sešit1.xlsx
2023-02-12 17:16 - 2023-02-12 19:19 - 761065376 _____ C:\Users\croft\Downloads\Carter Chris - Popravčí.mp4
2023-02-12 17:11 - 2023-02-12 17:11 - 000005769 _____ C:\Users\croft\Downloads\[SkT]Ch._Carter_-_4_knihy_(2009_-_2012)(CZ).torrent
2023-02-05 15:37 - 2023-02-05 15:37 - 000111440 _____ C:\Users\croft\Downloads\Pozvánka.pdf
2023-02-05 14:30 - 2023-02-05 14:30 - 000422009 _____ C:\Users\croft\Downloads\priloha_1138960261_1_VZP_OSVC_dopis DS 2023.pdf
2023-02-05 14:30 - 2023-02-05 14:30 - 000153701 _____ C:\Users\croft\Downloads\priloha_1138960261_0_p706639393.pdf
2023-02-05 14:21 - 2023-02-05 14:21 - 000020368 _____ C:\Users\croft\Downloads\priloha_1138780483_0_zprava.html
2023-02-05 14:21 - 2023-02-05 14:21 - 000000145 _____ C:\Users\croft\Downloads\priloha_1138780483_1_zprava.xml
2023-02-01 21:11 - 2023-02-24 13:09 - 000000000 ____D C:\Users\croft\Downloads\kontakty
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-03-03 10:09 - 2019-04-09 12:45 - 000000000 ____D C:\Program Files (x86)\Google
2023-03-03 10:08 - 2019-05-21 07:35 - 000000000 ____D C:\FRST
2023-03-03 10:01 - 2019-12-07 16:24 - 000000000 ___HD C:\$WINDOWS.~BT
2023-03-03 09:58 - 2021-02-06 13:20 - 000000000 ___DC C:\WINDOWS\Panther
2023-03-03 09:30 - 2021-02-10 09:35 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-03-03 09:12 - 2023-01-26 13:22 - 000002114 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller.lnk
2023-03-03 09:12 - 2022-10-15 07:49 - 000002103 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2023-03-03 08:54 - 2021-02-10 10:02 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2023-03-03 08:41 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2023-03-03 08:40 - 2020-02-20 07:19 - 000000000 ____D C:\Program Files\Malwarebytes
2023-03-03 07:39 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-03-03 07:11 - 2022-01-06 17:07 - 000000000 ____D C:\Program Files\CCleaner
2023-03-02 17:03 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-03-02 17:03 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-03-02 16:45 - 2022-01-06 17:08 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2023-03-01 16:48 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-02-28 16:44 - 2022-04-11 08:04 - 000000000 ____D C:\Users\croft\AppData\Roaming\vlc
2023-02-26 19:22 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2023-02-26 18:54 - 2019-04-09 12:45 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-02-26 18:36 - 2021-02-10 09:42 - 000000000 ____D C:\Users\croft
2023-02-26 18:31 - 2021-02-10 10:02 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-02-26 18:31 - 2021-02-10 09:34 - 000008192 ___SH C:\DumpStack.log.tmp
2023-02-24 12:25 - 2019-04-09 12:42 - 000000000 ____D C:\Users\croft\AppData\Local\Packages
2023-02-22 20:16 - 2020-02-01 13:24 - 000000000 ____D C:\Users\croft\AppData\Roaming\uTorrent
2023-02-18 17:35 - 2019-04-10 16:58 - 000000000 ____D C:\Users\Líba
2023-02-17 08:40 - 2019-04-10 14:33 - 000000000 ____D C:\Users\croft\AppData\Local\D3DSCache
2023-02-16 00:57 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2023-02-15 17:27 - 2019-03-08 15:39 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-02-15 17:18 - 2019-03-08 15:39 - 149955784 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-02-14 16:33 - 2023-01-03 17:06 - 000000760 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2023-02-14 07:34 - 2020-11-30 13:24 - 000000000 ____D C:\Users\croft\AppData\Local\CrashDumps
2023-02-07 18:57 - 2019-04-14 09:00 - 000002656 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk
2023-02-05 17:52 - 2022-01-06 17:08 - 000002250 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - Líba
2023-02-05 17:44 - 2023-01-04 19:40 - 000003106 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2023-02-05 16:53 - 2022-05-05 14:01 - 000484896 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-02-05 16:33 - 2022-02-01 10:04 - 000000000 ____D C:\Program Files\LibreOffice
2023-02-02 18:43 - 2023-01-31 09:55 - 000000000 ____D C:\Users\croft\Downloads\Daně 2023
==================== Files in the root of some directories ========
2022-01-01 18:09 - 2022-01-01 18:06 - 001675440 _____ () C:\Program Files (x86)\setup_CEWE_FOTOLAB_fotosvet.exe
2019-04-10 21:09 - 2022-01-02 13:57 - 000000205 _____ () C:\Users\croft\AppData\Local\oobelibMkey.log
2022-08-15 07:16 - 2022-08-15 07:16 - 000023301 _____ () C:\Users\croft\AppData\Local\recently-used.xbel
2021-08-24 05:53 - 2021-08-24 05:53 - 000007597 _____ () C:\Users\croft\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================