Prosím o kontrolu logu FRST, podezření na Keylogger
Napsal: 21 úno 2024 11:42
Dobrý den,
při psaní na klávesnici se píší občas nesmyslné znaky.
Například:
¨no … ano
Märcon … marcon
n´dobí … nádobí
s¨znam ... seznam
b¨dejvice … budějovice
Přikládám log z FRST a prosím o kontrolu.
Děkuji
Marek
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 19.02.2024 02
Ran by Petr (administrator) on OEM-PC (21-02-2024 11:05:25)
Running from C:\Users\oem\Desktop\Antispyware\FRST\FRST64.exe
Loaded Profiles: Petr
Platform: Microsoft Windows 10 Home Version 22H2 19045.4046 (X64) Language: Čeština (Česko)
Default browser: Opera
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(ABBYY SOLUTIONS LIMITED -> ABBYY.) C:\Program Files (x86)\ABBYY FineReader 11\Bonus.ScreenshotReader.exe
(Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe
(Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(C:\Program Files (x86)\Mobo\Service\MoboDeviceService.exe ->) (BoYuan(Hong Kong) Wireless Websoft Technology Limited -> Mobo) C:\Program Files (x86)\Mobo\Service\MoboDeviceProxy.exe
(C:\Program Files\ESET\ESET Smart Security\ekrn.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Smart Security\eguiProxy.exe
(C:\Program Files\ESET\ESET Smart Security\ekrn.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Smart Security\eOppFrame.exe
(C:\Program Files\Logitech\SetPointP\SetPoint.exe ->) (Logitech -> Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe
(explorer.exe ->) (Acronis, Inc -> Acronis) C:\Program Files (x86)\Common Files\Acronis\Plán2\schedhlp.exe
(explorer.exe ->) (Ashampoo GmbH & Co. KG -> Ashampoo Media GmbH & Co. KG) C:\Program Files (x86)\Ashampoo\Ashampoo Snap 6\ashsnap.exe
(explorer.exe ->) (Bartels Media GmbH -> Bartels Media GmbH) C:\Program Files (x86)\PhraseExpress\phraseexpress.exe
(explorer.exe ->) (EnTech Taiwan -> EnTech Taiwan) C:\Program Files (x86)\Dell\Dell Display Manager\ddm.exe
(explorer.exe ->) (Franz Josef Wechselberger -> F.J. Wechselberger) C:\Program Files (x86)\MyPhoneExplorer-1-8-5\MyPhoneExplorer.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <65>
(explorer.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(explorer.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(explorer.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(explorer.exe ->) (Logitech -> Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(explorer.exe ->) (LW-WORKS Software) [File not signed] C:\sw\clipboard_recorder_portable\$RGCBVYN.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(explorer.exe ->) (Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe <3>
(explorer.exe ->) (Samsung Electronics CO., LTD. -> Samsung) C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
(explorer.exe ->) (Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Wondershare\MobileGo\MobileGoService.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(services.exe ->) (ABBYY SOLUTIONS LIMITED -> ABBYY) C:\Program Files (x86)\ABBYY FineReader 11\NetworkLicenseServer.exe
(services.exe ->) (Acronis, Inc -> Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(services.exe ->) (Acronis, Inc -> Acronis) C:\Program Files (x86)\Common Files\Acronis\Plán2\schedul2.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (BoYuan(Hong Kong) Wireless Websoft Technology Limited -> Mobo, Inc.) C:\Program Files (x86)\Mobo\Service\MoboDeviceService.exe
(services.exe ->) (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\BrYNSvc.exe
(services.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Smart Security\efwd.exe
(services.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(services.exe ->) (Geek Software GmbH -> Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(services.exe ->) (Intel® Upgrade Service -> Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe <2>
(services.exe ->) (Protexis Inc. -> Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(services.exe ->) (Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(services.exe ->) (Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(services.exe ->) (Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(services.exe ->) (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(services.exe ->) (Software602 -> Software602 a.s.) C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe
(services.exe ->) (Splashtop Inc. -> Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(services.exe ->) (VIA Technologies Inc. -> VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(services.exe ->) (Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.4.2.223\WsAppService.exe
(services.exe ->) (Xerox Corporation -> Xerox Corporation) C:\Program Files\Xerox\XeroxPrintExperience\CommonFiles\XeroxPrintJobEventManagerService.exe
(Software602 -> Software602) C:\Program Files (x86)\Software602\Print2PDF\Print2PDF.exe
(svchost.exe ->) (24803D75-212C-471A-BC57-9EF86AB91435 -> ) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2401.5.0_x64__cv1g1gvanyjgm\WhatsApp.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Windows.Media.BackgroundPlayback.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Služba Acronis Scheduler2] => C:\Program Files (x86)\Common Files\Acronis\Plán2\schedhlp.exe [358832 2011-02-03] (Acronis, Inc -> Acronis)
HKLM\...\Run: [Windows Mobile Device Center] => C:\WINDOWS\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3091224 2013-07-31] (Logitech -> Logitech, Inc.)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\ecmdS.exe [196264 2024-01-24] (ESET, spol. s r.o. -> ESET)
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [5119600 2012-05-11] (VIA Technologies Inc. -> VIA)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-03-27] (Intel Corporation -> Intel Corporation)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [5133968 2011-02-03] (Acronis, Inc -> )
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [310280 2012-12-20] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [Print2PDF Print Monitor] => C:\Program Files (x86)\Software602\Print2PDF\Print2PDF.exe [222776 2011-04-12] (Software602 -> Software602)
HKLM-x32\...\Run: [Bonus.SSR.FR11] => C:\Program Files (x86)\ABBYY FineReader 11\Bonus.ScreenshotReader.exe [925960 2011-08-18] (ABBYY SOLUTIONS LIMITED -> ABBYY.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [STCAgent] => C:\Program Files (x86)\Splashtop\Splashtop Connect IE\STCAgent.exe [771968 2011-08-29] (Splashtop Inc. -> Splashtop Inc.)
HKLM-x32\...\Run: [ZyngaGamesAgent] => C:\Program Files (x86)\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe [841544 2010-11-15] (Splashtop Inc. -> Splashtop Inc.)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139264 2013-05-14] (Brother Industries, Ltd.) [File not signed]
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4522496 2012-12-27] (Brother Industries, Ltd.) [File not signed]
HKLM-x32\...\Run: [BrHelp] => C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe [2009088 2013-01-18] (Brother Industries, Ltd.) [File not signed]
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [6788032 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [483976 2020-09-07] (Geek Software GmbH -> Geek Software GmbH)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\86.0.9.0\GoogleDriveFS.exe [59669792 2024-02-11] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\86.0.9.0\GoogleDriveFS.exe [59669792 2024-02-11] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-2864334784-1603053625-3890222848-1000\...\Run: [AshSnap] => C:\Program Files (x86)\Ashampoo\Ashampoo Snap 6\ashsnap.exe [3860304 2013-10-29] (Ashampoo GmbH & Co. KG -> Ashampoo Media GmbH & Co. KG)
HKU\S-1-5-21-2864334784-1603053625-3890222848-1000\...\Run: [KiesPDLR] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [844296 2012-12-20] (Samsung Electronics CO., LTD. -> Samsung)
HKU\S-1-5-21-2864334784-1603053625-3890222848-1000\...\Run: [] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [844296 2012-12-20] (Samsung Electronics CO., LTD. -> Samsung)
HKU\S-1-5-21-2864334784-1603053625-3890222848-1000\...\Run: [MyPhoneExplorer] => C:\Program Files (x86)\MyPhoneExplorer-1-8-5\MyPhoneExplorer.exe [5945504 2019-06-17] (Franz Josef Wechselberger -> F.J. Wechselberger)
HKU\S-1-5-21-2864334784-1603053625-3890222848-1000\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\86.0.9.0\GoogleDriveFS.exe [59669792 2024-02-11] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-2864334784-1603053625-3890222848-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [45018016 2024-02-05] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-2864334784-1603053625-3890222848-1000\...\Run: [DPDApp] => C:\Users\oem\AppData\Local\Programs\DPD-electron\DPDApp.exe [111036928 2023-05-30] (DPDGroup) [File not signed]
HKU\S-1-5-21-2864334784-1603053625-3890222848-1000\...\Run: [MicrosoftEdgeAutoLaunch_C3C43DE3D7532B85F72FDD7AC8AEB537] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3788240 2024-02-15] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2864334784-1603053625-3890222848-1000\...\MountPoints2: {a144871f-59a1-11e8-a65d-806e6f6e6963} - "H:\Windows Utilities\Installer64\Install.exe"
HKU\S-1-5-21-2864334784-1603053625-3890222848-1003\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [45018016 2024-02-05] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-2864334784-1603053625-3890222848-1003\...\Run: [MicrosoftEdgeAutoLaunch_F19A02299990B1ACC5CF1F78FEF0F08C] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3788240 2024-02-15] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2864334784-1603053625-3890222848-1003\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\86.0.9.0\GoogleDriveFS.exe [59669792 2024-02-11] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-2864334784-1603053625-3890222848-1004\...\Run: [CCleanerBrowserAutoLaunch_05192599E3C059BF391BBC4A7D0D69CA] => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [3134904 2024-02-07] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
HKU\S-1-5-21-2864334784-1603053625-3890222848-1004\...\Run: [MicrosoftEdgeAutoLaunch_3B84CBD7EA3C00F28296F546D5781130] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3788240 2024-02-15] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2864334784-1603053625-3890222848-1004\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\86.0.9.0\GoogleDriveFS.exe [59669792 2024-02-11] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-2864334784-1603053625-3890222848-1004\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\42060\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-2864334784-1603053625-3890222848-1004\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\42060\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-2864334784-1603053625-3890222848-1004\...\RunOnce: [Uninstall 19.043.0304.0013\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\42060\AppData\Local\Microsoft\OneDrive\19.043.0304.0013\amd64" [0 2022-01-27] () <==== ATTENTION [zero byte File/Folder]
HKU\S-1-5-21-2864334784-1603053625-3890222848-1004\...\RunOnce: [Uninstall 19.043.0304.0013] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\42060\AppData\Local\Microsoft\OneDrive\19.043.0304.0013" [0 2022-01-27] () <==== ATTENTION [zero byte File/Folder]
HKU\S-1-5-21-2864334784-1603053625-3890222848-1004\...\RunOnce: [Uninstall 21.220.1024.0005\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\42060\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\amd64" [0 2022-01-28] () <==== ATTENTION [zero byte File/Folder]
HKU\S-1-5-21-2864334784-1603053625-3890222848-1004\...\RunOnce: [Uninstall 21.220.1024.0005] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\42060\AppData\Local\Microsoft\OneDrive\21.220.1024.0005" [0 2022-01-28] () <==== ATTENTION [zero byte File/Folder]
HKU\S-1-5-21-2864334784-1603053625-3890222848-1005\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Veronika\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [109808 2018-03-27] (Seznam.cz, a.s. -> )
HKU\S-1-5-21-2864334784-1603053625-3890222848-1005\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Veronika\AppData\Roaming\Seznam.cz\szninstall.exe [1069296 2018-03-27] (Seznam.cz, a.s. -> )
HKU\S-1-5-21-2864334784-1603053625-3890222848-1005\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\86.0.9.0\GoogleDriveFS.exe [59669792 2024-02-11] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-2864334784-1603053625-3890222848-1005\...\Run: [CCleanerBrowserAutoLaunch_D044A33C65C42DB1B59A1BB59C616934] => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [3134904 2024-02-07] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
HKU\S-1-5-21-2864334784-1603053625-3890222848-1005\...\Run: [MicrosoftEdgeAutoLaunch_506F8CB68E93DC616BE746E510433970] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3788240 2024-02-15] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2864334784-1603053625-3890222848-1005\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Veronika\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" [42164600 2022-07-08] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2864334784-1603053625-3890222848-1005\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Veronika\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-2864334784-1603053625-3890222848-1005\...\RunOnce: [Uninstall 19.232.1124.0008\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Veronika\AppData\Local\Microsoft\OneDrive\19.232.1124.0008\amd64" [0 2022-07-08] () <==== ATTENTION [zero byte File/Folder]
HKU\S-1-5-21-2864334784-1603053625-3890222848-1005\...\RunOnce: [Uninstall 19.232.1124.0008] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Veronika\AppData\Local\Microsoft\OneDrive\19.232.1124.0008" [0 2022-07-08] () <==== ATTENTION [zero byte File/Folder]
HKU\S-1-5-21-2864334784-1603053625-3890222848-1005\...\RunOnce: [SeznamInstall-uninstall:8352b3ec6aab5907bacfaeb1917627b7] => C:\Users\Veronika\AppData\Local\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe [534528 2022-07-08] () [File not signed] <==== ATTENTION
HKU\S-1-5-21-2864334784-1603053625-3890222848-500\...\Run: [MicrosoftEdgeAutoLaunch_98769996E24836F99EC8617644423B4C] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3788240 2024-02-15] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2864334784-1603053625-3890222848-500\...\Run: [CCleanerBrowserAutoLaunch_3CDF41FB87688E5FC1D0DFF54D877FE1] => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [3134904 2024-02-07] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
HKU\S-1-5-21-2864334784-1603053625-3890222848-500\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\86.0.9.0\GoogleDriveFS.exe [59669792 2024-02-11] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-2864334784-1603053625-3890222848-500\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Administrator\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-2864334784-1603053625-3890222848-500\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Administrator\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-2864334784-1603053625-3890222848-500\...\RunOnce: [Uninstall 19.043.0304.0013] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Administrator\AppData\Local\Microsoft\OneDrive\19.043.0304.0013" (No File)
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\86.0.9.0\GoogleDriveFS.exe [59669792 2024-02-11] (Google LLC -> Google, Inc.)
HKLM\...\Windows x64\Print Processors\hpcpp093: C:\Windows\System32\spool\prtprocs\x64\hpcpp093.DLL [300032 2010-04-15] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\...\Windows x64\Print Processors\hpcpp190: C:\Windows\System32\spool\prtprocs\x64\hpcpp190.dll [651176 2016-11-04] (HP Inc. -> HP Inc.)
HKLM\...\Windows x64\Print Processors\hpcpp270: C:\Windows\System32\spool\prtprocs\x64\hpcpp270.dll [873168 2023-05-30] (HP Inc. -> HP Inc.)
HKLM\...\Windows x64\Print Processors\hpzpplhn: C:\Windows\System32\spool\prtprocs\x64\hpzpplhn.dll [99840 2008-05-07] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\...\Windows x64\Print Processors\hpzppwn7: C:\Windows\System32\spool\prtprocs\x64\hpzppwn7.dll [101376 2009-07-14] (Hewlett-Packard Corporation) [File not signed]
HKLM\...\Windows x64\Print Processors\LXKPTPRC: C:\Windows\System32\spool\prtprocs\x64\LXKPTPRC.DLL [99840 2009-07-14] (Lexmark International Inc.) [File not signed]
HKLM\...\Print\Monitors\HP Standard TCP/IP Port: C:\WINDOWS\system32\HpTcpMon.dll [331264 2008-03-03] (Hewlett Packard) [File not signed]
HKLM\...\Print\Monitors\HP Universal Print Monitor: C:\WINDOWS\system32\HPMPW081.DLL [127912 2016-11-04] (HP Inc. -> HP Inc.)
HKLM\...\Print\Monitors\HPMLM190: C:\WINDOWS\system32\hpmlm190.dll [310512 2016-11-04] (HP Inc. -> HP Inc.)
HKLM\...\Print\Monitors\HPMLM225: C:\WINDOWS\system32\hpmlm225.dll [318160 2023-05-30] (HP Inc. -> HP Inc.)
HKLM\...\Print\Monitors\PCL hpz3llhn: C:\WINDOWS\system32\hpz3llhn.dll [34816 2008-05-07] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Company)
HKLM\...\Print\Monitors\PDF Print Monitor BZ101: C:\WINDOWS\system32\bzpdf101.dll [196608 2008-06-09] (STORMWARE) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{052EB454-9F19-CB42-7875-807F79F311C4}] -> C:\Program Files (x86)\CCleaner Browser\Application\121.0.23861.160\Installer\chrmstp.exe [2024-02-14] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\121.0.6167.185\Installer\chrmstp.exe [2024-02-16] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
Startup: C:\Users\oem\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\$RGCBVYN – zástupce.lnk [2012-11-05]
ShortcutTarget: $RGCBVYN – zástupce.lnk -> C:\sw\clipboard_recorder_portable\$RGCBVYN.exe (LW-WORKS Software) [File not signed]
Startup: C:\Users\oem\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk [2023-10-20]
ShortcutTarget: Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Dell Display Manager.lnk [2015-07-01]
ShortcutTarget: Dell Display Manager.lnk -> C:\Program Files (x86)\Dell\Dell Display Manager\ddm.exe (EnTech Taiwan -> EnTech Taiwan)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\MobileGo Service.lnk [2020-02-25]
ShortcutTarget: MobileGo Service.lnk -> C:\Program Files (x86)\Wondershare\MobileGo\MobileGoService.exe (Wondershare Technology Co.,Ltd -> Wondershare)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\PhraseExpress.lnk [2017-12-19]
ShortcutTarget: PhraseExpress.lnk -> C:\Program Files (x86)\PhraseExpress\phraseexpress.exe (Bartels Media GmbH -> Bartels Media GmbH)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {366513EB-A3F1-4115-B909-47780227A137} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {3B2CB242-8E01-41EF-B1A5-DAA751A6353D} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {3EA422DE-C1B7-45EA-B906-A063E2C84C6E} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {45CC0FF2-055C-4DA9-B889-239A93C87DE5} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {63EEFCE1-2AB4-4607-BACF-402D6F019872} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {6FDA50FF-47AB-4248-848F-F11AB7C8E94F} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {8D7F2F72-3ACC-4E8D-B054-E10E19C7DB3F} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {93988D4D-32D0-4C24-A881-67FDA83E6469} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {AE38DABA-627A-4E8F-B385-CF75CECA845F} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {AF447DEB-0BAC-4111-A635-75BB34F0C0F5} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {B6B44D9C-0E56-4189-A142-DB5E66CB6ABD} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {CD459309-4164-4E79-82AF-7C7E0873183E} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {EA8D1844-D04B-4F74-9443-1A9947230ACE} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {EE816DA6-387E-49F3-8624-3586618C80F8} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {FC7CC874-1D21-4622-8040-7C3F33833EAD} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {FD95BF76-9E4E-4123-A5C1-53B238C4A34B} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {8DBBBB37-F6C0-49A1-8D8C-A8F014ACEF9D} - System32\Tasks\{2679C6B7-E537-4CEE-BFEC-1A0BC3D38FF1} => D:\Setup.exe (No File)
Task: {36800DFD-F228-4BDD-889E-6FBDCA1A2EC3} - System32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe (No File)
Task: {A2F29343-B3C2-4CB6-A714-843CAB7B3A0E} - System32\Tasks\{679E49C3-82EA-4689-BF84-5EBFC20B1F17} => D:\Setup.exe (No File)
Task: {94D653CE-031A-4EC4-9DB2-ED95E341E35D} - System32\Tasks\{807FD7EF-F55F-42D6-A1BD-1820F6F39DC4} => C:\Windows\system32\pcalua.exe [53760 2023-11-19] (Microsoft Windows -> Microsoft Corporation) -> -a D:\Setup.exe -d D:\
Task: {5A498D04-4150-4DB5-8C99-0FA58820929E} - System32\Tasks\{E4941AFC-DD14-462C-A1D7-77331DD70F4B} => D:\Setup.exe (No File)
Task: {CA7ED97D-9C6F-421F-90FF-FF301E5EEA1C} - System32\Tasks\{EB7609EB-79A9-4BAB-BF2E-5E172C7BC9F2} => C:\Windows\system32\pcalua.exe [53760 2023-11-19] (Microsoft Windows -> Microsoft Corporation) -> -a "C:\Users\oem\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WLH8SAQJ\Evernote_5.2.0.2946.exe" -d C:\Users\oem\Desktop
Task: {A13CF9C9-FCCE-44B5-8C45-CE50FCA69102} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1547208 2024-01-31] (Adobe Inc. -> Adobe Inc.)
Task: {DD37F4DF-43EA-43A2-B451-48C4831CBBD1} - System32\Tasks\CCleaner Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [3134904 2024-02-07] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
Task: {1A6FCD82-8C77-4D45-AF95-497741C3F6A0} - System32\Tasks\CCleaner Browser Heartbeat Task (Logon) => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [3134904 2024-02-07] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
Task: {36A17099-0E33-4B91-A032-3D8AE080882E} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2024-02-05] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {12E94EED-18E5-4D5A-B823-672F224497B4} - System32\Tasks\CCleanerBrowserProtectS-1-5-21-2864334784-1603053625-3890222848-1000 => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowserProtect.exe [1709664 2024-02-07] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) <==== ATTENTION
Task: {02FFEBFE-04A6-4129-8CF9-0972A4AC158F} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703648 2024-02-05] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "bf83c256-b1ed-409b-b265-2819d48a2d11" --version "6.21.10918" --silent
Task: {31E802EA-3100-4839-B077-7BF46F9A1AF2} - System32\Tasks\CCleanerSkipUAC - Petr => C:\Program Files\CCleaner\CCleaner.exe [38778272 2024-02-05] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {F769DDCF-7CEC-444F-9B9D-128F67CB4608} - System32\Tasks\CCleanerUpdateTaskMachineCore => C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [208176 2022-12-14] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
Task: {810F3542-3E9B-40EB-A7BD-AD5C8AFEDE01} - System32\Tasks\CCleanerUpdateTaskMachineUA => C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [208176 2022-12-14] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
Task: {BB5849BA-2F14-4B15-B477-F5EA41609F1E} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem123.0.6288.0{A0FC9BB1-195E-415F-B89C-FF1FE5EA9F49} => C:\Program Files (x86)\Google\GoogleUpdater\123.0.6288.0\updater.exe [4682528 2024-02-08] (Google LLC -> Google LLC) <==== ATTENTION
Task: {ACB46EB4-96F1-4033-8C64-F54E4CD2C8C7} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => %SystemRoot%\ehome\ehPrivJob.exe /DoActivateWindowsSearch (No File)
Task: {4C358F93-E81E-4815-AC4F-9635B021E9C1} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => %SystemRoot%\ehome\ehPrivJob.exe /DoConfigureInternetTimeService (No File)
Task: {C049E931-AAD2-4D96-8773-2AAB7E5AEE68} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => %SystemRoot%\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0) (No File)
Task: {4DAB47DC-27E3-4619-934C-2D27951C2E45} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => %SystemRoot%\ehome\ehPrivJob.exe /DRMInit (No File)
Task: {F46D13F9-D9FF-4F8B-A477-90A8C9756997} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => %SystemRoot%\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0) (No File)
Task: {132F2982-FE2A-4D65-8DDE-AE4BFD2DF749} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => %SystemRoot%\ehome\mcupdate $(Arg0) (No File)
Task: {C63C6A56-982A-4263-9BFE-70BF01352A42} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => %SystemRoot%\ehome\mcupdate -crl -hms -pscn 15 (No File)
Task: {751937BF-86C3-4C83-BB40-3A9C81F8BE86} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => %SystemRoot%\ehome\mcupdate.exe -MediaCenterRecoveryTask (No File)
Task: {08C59951-8CD5-4372-AED6-93B970B7DB44} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => %SystemRoot%\ehome\mcupdate.exe -ObjectStoreRecoveryTask (No File)
Task: {3D01FF46-B79D-42EC-8291-3A71205572E3} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => %SystemRoot%\ehome\ehPrivJob.exe /OCURActivate (No File)
Task: {99E85D64-C752-4ADD-A882-E55B3E09601B} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => %SystemRoot%\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0) (No File)
Task: {44EAA82D-3F5B-48AB-8B69-7E0696ED65D4} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => %SystemRoot%\ehome\ehPrivJob.exe /PBDADiscovery (No File)
Task: {049053D8-AF62-4415-BEB2-9C823901709C} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => %SystemRoot%\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery (No File)
Task: {2C64B32A-5D67-47AE-93AE-1AB76E4B885F} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => %SystemRoot%\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery (No File)
Task: {DCAFEADD-F070-499A-BF27-DCBD1A51A77B} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => %windir%\ehome\MCUpdate.exe -pscn 0 (No File)
Task: {EA731C16-8D1F-4FAE-8868-18EF280B4F16} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => %SystemRoot%\ehome\mcupdate.exe -PvrRecoveryTask (No File)
Task: {613ACE8F-D4A5-45A1-820D-F0222F099C6E} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => %SystemRoot%\ehome\mcupdate.exe -PvrSchedule (No File)
Task: {9EA37728-7DB0-4720-9B0A-3627A45435A9} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => %SystemRoot%\ehome\ehrec /RestartRecording (No File)
Task: {CD4057D5-7C9A-45CD-A78B-E8C0380A58D2} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => %SystemRoot%\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0) (No File)
Task: {D3265386-94E3-4D75-82FA-B37C0F76D04C} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => %SystemRoot%\ehome\ehPrivJob.exe /DoReindexSearchRoot (No File)
Task: {FE008B62-188A-4D81-9403-6EF4C4028D13} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => %SystemRoot%\ehome\mcupdate.exe -SqlLiteRecoveryTask (No File)
Task: {9CD195A8-02CE-485F-AAF1-106054CDA0CC} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => %SystemRoot%\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0) (No File)
Task: {979AD175-1F57-4B0B-BD1B-E9A20ED6D785} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A}
Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47C2-B62A-B7C4CED925CB}
Task: {A8E13BB5-DC00-4CCD-B145-8F3E63C531B9} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {C9E51842-9C23-4A18-BCCA-172B1E8A31DF} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {95065416-1849-496B-AA60-3750F6C04B1C} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {0316680B-CE98-4303-8370-F870C83A9EF8} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {C5FD11CA-B388-48F3-A517-C1082B17D55A} - System32\Tasks\Opera scheduled Autoupdate 1648322131 => C:\Users\oem\AppData\Local\Programs\Opera\launcher.exe [2358688 2024-02-12] (Opera Norway AS -> Opera Software)
Task: {CCA25A6B-E3EC-462A-B226-A51C30478547} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [6944304 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
Task: {F21E88A7-45D6-45F7-9EE7-BFF2EC976B01} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [7192192 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
Task: {71D01C7B-DFB7-4705-8DC5-8FC0B5DBEA74} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [7651984 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
Task: {A7C5A736-9391-4A1E-BECF-0454A73BF43B} - System32\Tasks\Xerox XeroxPrintExperience Printer Configuration - New or Changed => c:\program files\xerox\xeroxprintexperience\xeroxprintexperience\XeroxPrinterConfiguration.exe [414664 2024-01-11] (Xerox Corporation -> Xerox Corporation)
Task: {4F23ACC7-5E21-4E94-BF55-2F2F3A7789ED} - System32\Tasks\Xerox XeroxPrintExperience Printer Configuration - Periodic Refresh => c:\program files\xerox\xeroxprintexperience\xeroxprintexperience\XeroxPrinterConfiguration.exe [414664 2024-01-11] (Xerox Corporation -> Xerox Corporation)
Task: {0251D007-4380-457F-BDAC-FFF724E22D31} - System32\Tasks\Xerox XeroxPrintExperience Printer Configuration - User Logon => c:\program files\xerox\xeroxprintexperience\xeroxprintexperience\XeroxPrinterConfiguration.exe [414664 2024-01-11] (Xerox Corporation -> Xerox Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{0d6ba809-e86f-4779-9522-d0af7ab65932}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{5849cbe0-538e-4163-b2aa-206517080857}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{5849cbe0-538e-4163-b2aa-206517080857}: [DhcpNameServer] 192.168.1.1
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\oem\AppData\Local\Microsoft\Edge\User Data\Default [2024-02-21]
Edge Notifications: Default -> hxxps://www.aliexpress.com; hxxps://www.facebook.com
Edge HomePage: Default -> hxxp://eshop.jezirkabanat.cz/search/search/
Edge Session Restore: Default -> is enabled.
Edge Extension: (OneTab) - C:\Users\oem\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\chphlpgkkbolifaimnlloiipkdnihall [2023-10-09]
Edge Extension: (Aliexpress SuperStar česky, Historie cen) - C:\Users\oem\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ciclollkolafellcaolgccmfjldgpolo [2023-11-08]
Edge Extension: (Tipli do prohlížeče) - C:\Users\oem\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\dbnfnbehhjknomdbfhcobpgpphnlnikp [2022-06-17]
Edge Extension: (MightyText - SMS from PC & Text from Computer) - C:\Users\oem\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\dkfhfaphfkopdgpbfkebjfcblcafcmpi [2020-11-09]
Edge Extension: (Dokumenty Google offline) - C:\Users\oem\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-01-22]
Edge Extension: (OneTab) - C:\Users\oem\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\hoimpamkkoehapgenciaoajfkfkpgfop [2023-10-09]
Edge Extension: (Edge relevant text changes) - C:\Users\oem\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-24]
Edge Extension: (Evernote Web Clipper) - C:\Users\oem\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\llhcnbijpnechllogkacbcjmkcgjbjfi [2023-11-28]
Edge Extension: (ESET Browser Privacy & Security) - C:\Users\oem\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\nkapkmklnmidbbgjaipbgpcnbomnaakc [2024-02-15]
Edge Extension: (TabCloud) - C:\Users\oem\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\npecfdijgoblfcgagoijgmgejmcpnhof [2021-12-06]
Edge HKLM-x32\...\Edge\Extension: [nkapkmklnmidbbgjaipbgpcnbomnaakc]
FireFox:
========
FF ProfilePath: C:\Users\oem\AppData\Roaming\Nvu\Profiles\rc2qx344.default [2021-08-13]
FF ProfilePath: C:\Users\oem\AppData\Roaming\Mozilla\Firefox\Profiles\dqjh2a50.default [2021-11-19]
FF Homepage: Mozilla\Firefox\Profiles\dqjh2a50.default -> hxxp://www.google.cz/
FF Extension: (No Name) - C:\Users\oem\AppData\Roaming\Mozilla\Firefox\Profiles\dqjh2a50.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [not found]
FF Extension: (No Name) - C:\Users\oem\AppData\Roaming\Mozilla\Firefox\Profiles\dqjh2a50.default\extensions\sko-extension@firma.seznam.cz [not found]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird => not found
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: (Logitech SetPoint) - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2013-11-14] [Legacy] [not signed]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird => not found
FF Plugin: @java.com/DTPlugin,version=10.25.2 -> C:\Windows\system32\npDeployJava1.dll [2013-06-21] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2013-06-21] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2024-02-10] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google Inc -> Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.52 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2011-12-01] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2011-12-01] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-10-16] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-10-16] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @software602.cz/602XML Filler -> R:\SW\FormFiller-Software602\Filler\npfiller.dll [2011-03-15] (Software602 -> Software602 a.s.)
FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=3 -> C:\Program Files (x86)\CCleaner Browser\Update\1.8.1583.3\npCCleanerBrowserUpdate3.dll [2022-12-14] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=9 -> C:\Program Files (x86)\CCleaner Browser\Update\1.8.1583.3\npCCleanerBrowserUpdate3.dll [2022-12-14] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
FF Plugin-x32: @videolan.org/vlc,version=2.0.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2012-03-17] (VideoLAN) [File not signed]
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default [2024-02-21]
CHR Notifications: Default -> hxxps://andro-conseil.com; hxxps://automobile-conseil.fr; hxxps://business.facebook.com; hxxps://calendar.google.com; hxxps://cz.pinterest.com; hxxps://drive.google.com; hxxps://eshop.tescoma.cz; hxxps://gw.lightinthebox.com; hxxps://ibb.co; hxxps://mail.google.com; hxxps://my.timocom.com; hxxps://paleosnadno.cz; hxxps://plumbber.ru; hxxps://smartandroid.fr; hxxps://upcr.cz; hxxps://webmail.forpsi.com; hxxps://www.aliexpress.com; hxxps://www.banggood.com; hxxps://www.facebook.com; hxxps://www.heureka.cz; hxxps://www.hitprace.cz; hxxps://www.idoklad.cz; hxxps://www.instagram.com; hxxps://www.kasafik.cz; hxxps://www.kupi.cz; hxxps://www.letemsvetemapplem.eu; hxxps://www.letgo.cz; hxxps://www.lightinthebox.com; hxxps://www.megaknihy.cz; hxxps://www.mesec.cz; hxxps://www.milujeme-slevy.cz; hxxps://www.monsterinsights.com; hxxps://www.netflix.com; hxxps://www.oranews.tv; hxxps://www.penize.cz; hxxps://www.reddit.com; hxxps://www.rt.com; hxxps://www.sejda.com; hxxps://www.spektrumzdravi.cz; hxxps://www.svetandroida.cz; hxxps://www.trenyrkarna.cz; hxxps://www.vybaven.cz
CHR Session Restore: Default -> is enabled.
CHR Extension: (Aliexpress SuperStar česky, Historie cen) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciclollkolafellcaolgccmfjldgpolo [2023-11-08]
CHR Extension: (Tipli do prohlížeče) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbnfnbehhjknomdbfhcobpgpphnlnikp [2022-06-16]
CHR Extension: (Dokumenty Google offline) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-01-19]
CHR Extension: (Spouštěč aplikací pro Disk (od Googlu)) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2023-08-23]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-03-10]
CHR Extension: (TabCloud) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\npecfdijgoblfcgagoijgmgejmcpnhof [2019-12-10]
CHR Extension: (ESET Browser Privacy & Security) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\oombnmpbbhbakfpfgdflaajkhicgfaam [2024-02-09]
CHR Extension: (Evernote Web Clipper) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\pioclpoplcdbaefihamjohnefbikjilc [2023-11-28]
CHR Profile: C:\Users\oem\AppData\Local\Google\Chrome\User Data\Guest Profile [2024-02-04]
CHR Profile: C:\Users\oem\AppData\Local\Google\Chrome\User Data\Profile 1 [2024-02-02]
CHR DownloadDir: C:\Users\oem\Downloads
CHR Notifications: Profile 1 -> hxxps://app.smartsupp.com; hxxps://calendar.google.com; hxxps://coshair.ru; hxxps://cs.animalthai.com; hxxps://cs.erch2014.com; hxxps://cs.joecomp.com; hxxps://cs.omatomeloanhikaku.com; hxxps://cz.gearbest.com; hxxps://cz.sputniknews.com; hxxps://finmag.penize.cz; hxxps://fr.aliexpress.com; hxxps://ibb.co; hxxps://marek44.oncollabim.com; hxxps://meet.google.com; hxxps://pt.aliexpress.com; hxxps://twitter.com; hxxps://web.telegram.org; hxxps://wp.aliexpress.com; hxxps://www.agatinsvet.cz; hxxps://www.alibaba.com; hxxps://www.b2bpartner.cz; hxxps://www.banggood.com; hxxps://www.collabim.cz; hxxps://www.dailymail.co.uk; hxxps://www.dobre-knihy.cz; hxxps://www.evernote.com; hxxps://www.facebook.com; hxxps://www.gearbest.com; hxxps://www.hudy.cz; hxxps://www.inizio.cz; hxxps://www.instagram.com; hxxps://www.kupi.cz; hxxps://www.lightinthebox.com; hxxps://www.mall.tv; hxxps://www.megaknihy.cz; hxxps://www.nej-ceny.cz; hxxps://www.netflix.com; hxxps://www.penize.cz; hxxps://www.rt.com; hxxps://www.tipsport.cz; hxxps://www.ubuy.cz; hxxps://www.viry.cz; hxxps://www.wish.com; hxxps://www.youtube.com
CHR DefaultSearchURL: Profile 1 -> hxxps://duckduckgo.com/?q={searchTerms}
CHR DefaultSearchKeyword: Profile 1 -> duckduckgo.com
CHR DefaultSuggestURL: Profile 1 -> hxxps://duckduckgo.com/ac/?q={searchTerms}&type=list
CHR Session Restore: Profile 1 -> is enabled.
CHR Extension: (DuckDuckGo) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bkdgflcldnnnapblkhphbgpggdiikppg [2024-02-02]
CHR Extension: (YouTube) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-11-12]
CHR Extension: (Pushbullet) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\chlffgpmiacpedhhbkiomidkjlcfhogd [2023-07-26]
CHR Extension: (OneTab) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\chphlpgkkbolifaimnlloiipkdnihall [2024-02-02]
CHR Extension: (MightyText - SMS from PC & Text from Computer) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dkfhfaphfkopdgpbfkebjfcblcafcmpi [2020-01-02]
CHR Extension: (Dokumenty Google offline) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-07-26]
CHR Extension: (Weby Google) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gmandedkgonhldbnjpikffdnneenijnd [2020-04-12]
CHR Extension: (Spouštěč aplikací pro Disk (od Googlu)) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2024-02-02]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Evernote Web Clipper) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pioclpoplcdbaefihamjohnefbikjilc [2024-02-02]
CHR Profile: C:\Users\oem\AppData\Local\Google\Chrome\User Data\Profile 2 [2024-02-02]
CHR Extension: (YouTube) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-01-19]
CHR Extension: (Adobe Acrobat: nástroje pro úpravu, převod a podpis souborů PDF) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2023-07-26]
CHR Extension: (Dokumenty Google offline) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-07-26]
CHR Extension: (Spouštěč aplikací pro Disk (od Googlu)) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2024-02-02]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-03-09]
CHR Profile: C:\Users\oem\AppData\Local\Google\Chrome\User Data\Profile 3 [2023-07-26]
CHR Extension: (Prezentace) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-02-05]
CHR Extension: (Dokumenty) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aohghmighlieiainnegkcijnfilokake [2020-02-05]
CHR Extension: (Disk Google) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\apdfllckaahabafndbhieahigkjlhalf [2022-03-13]
CHR Extension: (YouTube) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-02-05]
CHR Extension: (Adobe Acrobat: nástroje pro úpravu, převod a podpis souborů PDF) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2023-07-26]
CHR Extension: (Tabulky) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-02-05]
CHR Extension: (Dokumenty Google offline) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-07-26]
CHR Extension: (Spouštěč aplikací pro Disk (od Googlu)) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2023-07-26]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-03-13]
CHR Extension: (Gmail) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2022-03-13]
CHR Profile: C:\Users\oem\AppData\Local\Google\Chrome\User Data\Profile 4 [2023-07-26]
CHR Extension: (Adobe Acrobat: nástroje pro úpravu, převod a podpis souborů PDF) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2023-07-26]
CHR Extension: (Dokumenty Google offline) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-07-26]
CHR Extension: (Spouštěč aplikací pro Disk (od Googlu)) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2023-07-26]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-07-26]
CHR Profile: C:\Users\oem\AppData\Local\Google\Chrome\User Data\System Profile [2024-02-02]
CHR HKU\S-1-5-21-2864334784-1603053625-3890222848-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKU\S-1-5-21-2864334784-1603053625-3890222848-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKU\S-1-5-21-2864334784-1603053625-3890222848-1005\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bgjpfhpjcgdppjbgnpnjllokbmcdllig]
CHR HKU\S-1-5-21-2864334784-1603053625-3890222848-1005\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [olfeabkoenfaoljndfecamgilllcpiak]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [oombnmpbbhbakfpfgdflaajkhicgfaam]
Opera:
=======
OPR DefaultProfile: Default
StartMenuInternet: (HKU\S-1-5-21-2864334784-1603053625-3890222848-1000) OperaStable - "C:\Users\oem\AppData\Local\Programs\Opera\Launcher.exe"
==================== Services (Whitelisted) ===================
===================== Drivers (Whitelisted) ===================
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2024-02-21 11:03 - 2024-02-21 11:03 - 002386944 _____ (Farbar) C:\Users\oem\Downloads\FRST64.exe
2024-02-21 10:21 - 2024-02-21 10:21 - 000004284 _____ C:\WINDOWS\system32\Tasks\Xerox XeroxPrintExperience Printer Configuration - User Logon
2024-02-21 10:21 - 2024-02-21 10:21 - 000004154 _____ C:\WINDOWS\system32\Tasks\Xerox XeroxPrintExperience Printer Configuration - New or Changed
2024-02-21 10:21 - 2024-02-21 10:21 - 000004064 _____ C:\WINDOWS\system32\Tasks\Xerox XeroxPrintExperience Printer Configuration - Periodic Refresh
2024-02-21 10:21 - 2024-02-21 10:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xerox
2024-02-21 10:21 - 2024-02-21 10:21 - 000000000 ____D C:\Program Files\Xerox
2024-02-19 11:25 - 2024-02-19 11:25 - 000086592 _____ C:\Users\oem\Downloads\ShipmentLabel_D20240219T112504.pdf
2024-02-19 11:21 - 2024-02-19 11:21 - 000000767 _____ C:\Users\oem\Downloads\export_dpd_2024-02-19_112129.csv
2024-02-15 18:46 - 2024-02-15 18:46 - 000069702 _____ C:\Users\oem\Downloads\ShipmentLabel_D20240215T184657.pdf
2024-02-15 18:45 - 2024-02-15 18:45 - 000000566 _____ C:\Users\oem\Downloads\export_dpd_2024-02-15_184515.csv
2024-02-15 13:24 - 2024-02-15 13:24 - 000012730 _____ C:\Users\oem\Downloads\priloha_1315961384_0_Textová zpráva.PDF
2024-02-15 13:15 - 2024-02-15 13:15 - 000245538 _____ C:\Users\oem\Downloads\Soubor00001 (1).pdf
2024-02-15 13:14 - 2024-02-15 13:14 - 000183005 _____ C:\Users\oem\Downloads\Soubor00004.pdf
2024-02-14 13:17 - 2024-02-14 13:17 - 000019697 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json
2024-02-14 13:16 - 2024-02-14 13:16 - 000019697 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2024-02-14 13:04 - 2024-02-14 13:05 - 000070203 _____ C:\Users\oem\Downloads\ShipmentLabel_D20240214T130500.pdf
2024-02-14 13:04 - 2024-02-14 13:04 - 000000000 ___HD C:\$WinREAgent
2024-02-14 12:13 - 2024-02-14 12:13 - 000000567 _____ C:\Users\oem\Downloads\export_dpd_2024-02-14_121320.csv
2024-02-12 20:17 - 2024-02-12 20:18 - 269517241 _____ C:\Users\oem\Downloads\Kopie souboru Záznam 25.wav
2024-02-12 19:56 - 2024-02-12 19:56 - 000013951 _____ C:\Users\oem\Downloads\priloha_1314286700_0_Textová zpráva.PDF
2024-02-12 19:35 - 2024-02-12 19:35 - 000114180 _____ C:\Users\oem\Downloads\Email z PPP CK - Zpráva z foniatrie (Michael a Pavla Markovi).pdf
2024-02-12 10:37 - 2024-02-12 10:37 - 000102038 _____ C:\Users\oem\Downloads\ShipmentLabel_D20240212T103718.pdf
2024-02-12 10:34 - 2024-02-12 10:34 - 000000944 _____ C:\Users\oem\Downloads\export_dpd_2024-02-12_103441.csv
2024-02-12 10:27 - 2024-02-12 10:27 - 000121540 _____ C:\Users\oem\Downloads\Faktura 202401011.pdf
2024-02-11 12:59 - 2023-05-30 09:17 - 000873168 _____ (HP Inc.) C:\WINDOWS\system32\spool\prtprocs\x64\hpcpp270.dll
2024-02-11 12:59 - 2023-05-30 09:17 - 000596688 _____ (HP Inc.) C:\WINDOWS\system32\hpcpn270.dll
2024-02-11 12:59 - 2023-05-30 09:17 - 000558800 _____ (HP Inc.) C:\WINDOWS\SysWOW64\hpcc3270.dll
2024-02-11 12:59 - 2023-05-30 09:17 - 000318160 _____ (HP Inc.) C:\WINDOWS\system32\hpmlm225.dll
2024-02-11 12:59 - 2023-05-30 09:17 - 000267472 _____ (HP Inc.) C:\WINDOWS\system32\hpmml270.dll
2024-02-11 12:59 - 2023-05-30 09:17 - 000244432 _____ (HP Inc.) C:\WINDOWS\system32\hpmja270.dll
2024-02-11 12:59 - 2023-05-30 09:17 - 000232144 _____ (HP Inc.) C:\WINDOWS\system32\hpmpm082.dll
2024-02-11 12:59 - 2023-05-30 09:17 - 000206544 _____ (HP Inc.) C:\WINDOWS\system32\hpmtp270.dll
2024-02-11 12:59 - 2023-05-30 09:17 - 000180944 _____ (HP Inc.) C:\WINDOWS\system32\hpcjpm.dll
2024-02-11 12:59 - 2023-05-30 09:17 - 000130256 _____ (HP Inc.) C:\WINDOWS\system32\hpmpw082.dll
2024-02-11 12:59 - 2020-09-23 15:49 - 003249008 _____ (The OpenSSL Project, hxxps://www.openssl.org/) C:\WINDOWS\system32\libcrypto-1_1-x64.dll
2024-02-11 12:59 - 2020-09-23 15:49 - 000929648 _____ (The OpenSSL Project, hxxps://www.openssl.org/) C:\WINDOWS\system32\libssl-1_1-x64.dll
2024-02-11 12:57 - 2024-02-11 12:57 - 023182800 _____ C:\Users\oem\Downloads\upd-pcl6-x64-7.1.0.25570.exe
2024-02-09 13:01 - 2024-02-09 13:01 - 000026935 _____ C:\Users\oem\Downloads\Google disk-----4801440322449719-17.pdf
2024-02-09 12:55 - 2024-02-09 12:55 - 000001950 _____ C:\Users\oem\Downloads\mBank - 1-2024 - 03991456_240101_240131.gpc
2024-02-09 12:54 - 2024-02-09 12:54 - 000095152 _____ C:\Users\oem\Downloads\mBank - 1-2024 - 03991456_240101_240131.pdf
2024-02-09 12:52 - 2024-02-09 12:52 - 000086364 _____ C:\Users\oem\Downloads\FIO-běžný účet - 1-2024 - Vypis_z_uctu-2400073267_20240101-20240131_cislo-1.pdf
2024-02-09 12:52 - 2024-02-09 12:52 - 000005200 _____ C:\Users\oem\Downloads\FIO-běžný účet - 1-2024 - Vypis_z_uctu-2400073267_20240101-20240131_cislo-1.gpc
2024-02-09 12:50 - 2024-02-09 12:50 - 000027302 _____ C:\Users\oem\Downloads\money_export_faktura-sosjezirka-1-2024.xml
2024-02-09 12:49 - 2024-02-09 12:49 - 000155753 _____ C:\Users\oem\Downloads\FV-1-2024-sosjezirka.pdf
2024-02-09 12:45 - 2024-02-09 12:45 - 000027513 _____ C:\Users\oem\Downloads\money_export_faktura-ikvido-1-2024.xml
2024-02-09 12:44 - 2024-02-09 12:44 - 000156606 _____ C:\Users\oem\Downloads\FV-1-2024-ikvido.pdf
2024-02-09 12:37 - 2024-02-09 12:37 - 002734021 _____ C:\Users\oem\Desktop\Predsmluvni-informace.pdf
2024-02-08 15:38 - 2024-02-08 15:38 - 000071842 _____ C:\Users\oem\Downloads\Faktura_FV20_08657.pdf
2024-02-08 14:00 - 2024-02-08 14:00 - 000000000 ____D C:\Users\Administrator\AppData\Local\Comms
2024-02-08 13:53 - 2024-02-08 13:53 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\com.adobe.dunamis
2024-02-08 13:53 - 2024-02-08 13:53 - 000000000 ____D C:\Users\Administrator\AppData\LocalLow\Adobe
2024-02-08 13:53 - 2024-02-08 13:53 - 000000000 ____D C:\Users\Administrator\AppData\Local\SolidDocuments
2024-02-08 13:53 - 2024-02-08 13:53 - 000000000 ____D C:\Users\Administrator\.ms-ad
2024-02-08 13:50 - 2024-02-08 13:50 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Opera
2024-02-08 13:50 - 2024-02-08 13:50 - 000000000 ____D C:\Users\Administrator\AppData\Local\Opera
2024-02-08 13:45 - 2024-02-08 13:45 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2864334784-1603053625-3890222848-500
2024-02-08 13:44 - 2024-02-08 20:35 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\PhraseExpress
2024-02-08 13:44 - 2024-02-08 13:53 - 000000000 ____D C:\Users\Administrator\AppData\Local\Adobe
2024-02-08 13:44 - 2024-02-08 13:45 - 000003376 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2864334784-1603053625-3890222848-500
2024-02-08 13:44 - 2024-02-08 13:44 - 000085525 _____ C:\WINDOWS\system32\NOTICE_mod
2024-02-08 13:44 - 2024-02-08 13:44 - 000001319 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\phraseexpress.lnk
2024-02-08 13:44 - 2024-02-08 13:44 - 000000000 ___RD C:\Users\Administrator\OneDrive
2024-02-08 13:44 - 2024-02-08 13:44 - 000000000 ____D C:\Users\Administrator\Documents\PhraseExpress
2024-02-08 13:44 - 2024-02-08 13:44 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Wondershare
2024-02-08 13:44 - 2024-02-08 13:44 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Logitech
2024-02-08 13:44 - 2024-02-08 13:44 - 000000000 ____D C:\Users\Administrator\AppData\Local\PlaceholderTileLogoFolder
2024-02-08 13:41 - 2024-02-08 13:41 - 000002366 _____ C:\Users\Administrator\Desktop\Google Chrome.lnk
2024-02-08 13:41 - 2024-02-08 13:41 - 000000000 ____D C:\Users\Administrator\AppData\Local\Publishers
2024-02-08 13:40 - 2024-02-11 11:24 - 000002042 _____ C:\Users\Administrator\Desktop\Google Slides.lnk
2024-02-08 13:40 - 2024-02-11 11:24 - 000002042 _____ C:\Users\Administrator\Desktop\Google Sheets.lnk
2024-02-08 13:40 - 2024-02-11 11:24 - 000002030 _____ C:\Users\Administrator\Desktop\Google Docs.lnk
2024-02-08 13:40 - 2024-02-08 14:00 - 000000000 ____D C:\Users\Administrator\AppData\Local\Packages
2024-02-08 13:40 - 2024-02-08 13:53 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Adobe
2024-02-08 13:40 - 2024-02-08 13:53 - 000000000 ____D C:\Users\Administrator
2024-02-08 13:40 - 2024-02-08 13:45 - 000002421 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-02-08 13:40 - 2024-02-08 13:41 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Microsoft\Windows
2024-02-08 13:40 - 2024-02-08 13:41 - 000000000 ____D C:\Users\Administrator\AppData\Local\Google
2024-02-08 13:40 - 2024-02-08 13:41 - 000000000 ____D C:\Users\Administrator\AppData\Local\ConnectedDevicesPlatform
2024-02-08 13:40 - 2024-02-08 13:40 - 000000020 ___SH C:\Users\Administrator\ntuser.ini
2024-02-08 13:40 - 2024-02-08 13:40 - 000000000 _SHDL C:\Users\Administrator\Šablony
2024-02-08 13:40 - 2024-02-08 13:40 - 000000000 _SHDL C:\Users\Administrator\Soubory cookie
2024-02-08 13:40 - 2024-02-08 13:40 - 000000000 _SHDL C:\Users\Administrator\Poslední
2024-02-08 13:40 - 2024-02-08 13:40 - 000000000 _SHDL C:\Users\Administrator\Okolní tiskárny
2024-02-08 13:40 - 2024-02-08 13:40 - 000000000 _SHDL C:\Users\Administrator\Okolní síť
2024-02-08 13:40 - 2024-02-08 13:40 - 000000000 _SHDL C:\Users\Administrator\Nabídka Start
2024-02-08 13:40 - 2024-02-08 13:40 - 000000000 _SHDL C:\Users\Administrator\Dokumenty
2024-02-08 13:40 - 2024-02-08 13:40 - 000000000 _SHDL C:\Users\Administrator\Documents\Obrázky
2024-02-08 13:40 - 2024-02-08 13:40 - 000000000 _SHDL C:\Users\Administrator\Documents\Hudba
2024-02-08 13:40 - 2024-02-08 13:40 - 000000000 _SHDL C:\Users\Administrator\Documents\Filmy
2024-02-08 13:40 - 2024-02-08 13:40 - 000000000 _SHDL C:\Users\Administrator\Data aplikací
2024-02-08 13:40 - 2024-02-08 13:40 - 000000000 _SHDL C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2024-02-08 13:40 - 2024-02-08 13:40 - 000000000 _SHDL C:\Users\Administrator\AppData\Local\Data aplikací
2024-02-08 13:40 - 2024-02-08 13:40 - 000000000 ___SD C:\Users\Administrator\AppData\Roaming\Microsoft\SystemCertificates
2024-02-08 13:40 - 2024-02-08 13:40 - 000000000 ___SD C:\Users\Administrator\AppData\Roaming\Microsoft\Protect
2024-02-08 13:40 - 2024-02-08 13:40 - 000000000 ___SD C:\Users\Administrator\AppData\Roaming\Microsoft\Crypto
2024-02-08 13:40 - 2024-02-08 13:40 - 000000000 ___SD C:\Users\Administrator\AppData\Roaming\Microsoft\Credentials
2024-02-08 13:40 - 2024-02-08 13:40 - 000000000 ___RD C:\Users\Administrator\3D Objects
2024-02-08 13:40 - 2024-02-08 13:40 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Microsoft\Vault
2024-02-08 13:40 - 2024-02-08 13:40 - 000000000 ____D C:\Users\Administrator\AppData\Local\ESET
2024-02-08 13:40 - 2024-02-08 13:40 - 000000000 ____D C:\Users\Administrator\AppData\Local\CCleaner Browser
2024-02-08 13:40 - 2021-11-11 15:00 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Microsoft\Network
2024-02-08 13:40 - 2016-09-22 09:14 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Media Center Programs
2024-02-08 13:40 - 2016-09-22 09:14 - 000000000 ____D C:\Users\Administrator\AppData\Local\Microsoft Help
2024-02-08 12:32 - 2024-02-08 12:32 - 000102273 _____ C:\Users\oem\Downloads\priloha_1312461549_0_Informace_pro_poplatniky.pdf
2024-02-06 17:26 - 2024-02-06 17:26 - 000070391 _____ C:\Users\oem\Downloads\ShipmentLabel_D20240206T172638.pdf
2024-02-06 17:25 - 2024-02-06 17:25 - 000000589 _____ C:\Users\oem\Downloads\export_dpd_2024-02-06_172526.csv
2024-02-05 23:43 - 2024-02-05 23:44 - 000081353 _____ C:\Users\oem\Downloads\opravená ŽÁDOST O NAHLÉDNUTÍ DO SPISU.pdf
2024-02-05 19:37 - 2024-02-05 19:37 - 000263766 _____ C:\Users\oem\Downloads\priloha_1310586625_0_vyjadreni_k_nahlizeni_do_spis._dokumentace-Markovi (1).pdf
2024-02-05 19:35 - 2024-02-12 19:25 - 000000000 ____D C:\Users\oem\Documents\OSPOD
2024-02-05 19:31 - 2024-02-05 19:32 - 000263766 _____ C:\Users\oem\Downloads\priloha_1310586625_0_vyjadreni_k_nahlizeni_do_spis._dokumentace-Markovi.pdf
2024-02-04 14:30 - 2024-02-04 14:30 - 043095192 _____ (Telegram FZ-LLC ) C:\Users\oem\Downloads\tsetup-x64.4.14.13.exe
2024-02-04 10:37 - 2024-02-04 10:37 - 000003790 _____ C:\WINDOWS\system32\Tasks\CCleanerBrowserProtectS-1-5-21-2864334784-1603053625-3890222848-1000
2024-01-31 13:10 - 2024-01-31 13:10 - 000000000 ____D C:\Users\oem\AppData\Local\WhatsApp
2024-01-30 23:58 - 2024-01-30 23:58 - 000078035 _____ C:\Users\oem\Downloads\ŽÁDOST O NAHLÉDNUTÍ DO SPISU.pdf
2024-01-30 23:28 - 2024-01-30 23:28 - 000067556 _____ C:\Users\oem\Downloads\ShipmentLabel_D20240130T232832.pdf
2024-01-30 23:27 - 2024-01-30 23:27 - 000000559 _____ C:\Users\oem\Downloads\export_dpd_2024-01-30_232737.csv
2024-01-30 14:28 - 2024-01-30 14:28 - 000027300 _____ C:\Users\oem\Downloads\Maloobchodní ceník dmychadel SECOH 2024.xlsx
2024-01-30 14:21 - 2024-01-30 23:22 - 000030738 _____ C:\Users\oem\Downloads\Ceník SECOH 2024 skupina E.xlsx
2024-01-30 14:16 - 2024-01-30 14:16 - 000159159 _____ C:\Users\oem\Downloads\Maloobchodní ceník dmychadel SECOH 2024.pdf
2024-01-30 14:16 - 2024-01-30 14:16 - 000158462 _____ C:\Users\oem\Downloads\Ceník SECOH 2024 skupina E.pdf
2024-01-30 13:52 - 2024-01-30 13:52 - 000486296 _____ C:\Users\oem\Downloads\Rezervacni-smlouva.doc.pdf
2024-01-30 13:48 - 2024-01-30 13:48 - 000222796 _____ C:\Users\oem\Downloads\Kupni-smlouva.doc.pdf
2024-01-29 19:31 - 2024-01-29 19:31 - 000085340 _____ C:\Users\oem\Downloads\ShipmentLabel_D20240129T193115.pdf
2024-01-29 19:24 - 2024-01-29 19:24 - 000115773 _____ C:\Users\oem\Downloads\ShipmentLabel_D20240129T192431.pdf
2024-01-29 19:19 - 2024-01-29 19:19 - 000000570 _____ C:\Users\oem\Downloads\export_dpd_2024-01-29_191958.csv
2024-01-29 18:58 - 2024-01-29 18:58 - 000000566 _____ C:\Users\oem\Downloads\export_dpd_2024-01-29_185813.csv
2024-01-25 19:13 - 2024-01-25 19:13 - 000071505 _____ C:\Users\oem\Downloads\ShipmentLabel_D20240125T191335.pdf
2024-01-25 19:12 - 2024-01-25 19:12 - 000000569 _____ C:\Users\oem\Downloads\export_dpd_2024-01-25_191218.csv
2024-01-24 12:19 - 2024-01-24 12:19 - 000049567 _____ C:\Users\oem\Downloads\Pohyb_26230290730_na_uctu_2400073267.pdf
2024-01-22 16:05 - 2024-01-22 16:05 - 000037171 _____ C:\Users\oem\Downloads\priloha_1303468260_1_3_6384_1973_1083304.pdf
2024-01-22 16:05 - 2024-01-22 16:05 - 000035673 _____ C:\Users\oem\Downloads\priloha_1303468260_2_2_6381_1936_3340553.pdf
2024-01-22 16:04 - 2024-01-22 16:04 - 000130701 _____ C:\Users\oem\Downloads\priloha_1303468260_0_1_6320_1935_1132343.pdf
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2024-02-21 11:06 - 2016-09-30 06:15 - 000000000 ____D C:\FRST
2024-02-21 11:01 - 2013-10-14 18:24 - 000000000 ____D C:\Users\oem\Desktop\Antispyware
2024-02-21 10:52 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-02-21 10:27 - 2022-07-07 08:22 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2024-02-21 10:26 - 2021-11-11 15:06 - 001875876 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2024-02-21 10:26 - 2019-12-07 15:41 - 000781844 _____ C:\WINDOWS\system32\perfh005.dat
2024-02-21 10:26 - 2019-12-07 15:41 - 000172578 _____ C:\WINDOWS\system32\perfc005.dat
2024-02-21 10:26 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2024-02-21 10:26 - 2017-01-03 22:36 - 000000000 ____D C:\Users\oem\AppData\LocalLow\Mozilla
2024-02-21 10:20 - 2017-09-19 10:10 - 000000000 ____D C:\Program Files\CCleaner
2024-02-21 10:20 - 2012-12-23 11:50 - 000000000 ____D C:\Users\oem\AppData\Roaming\MyPhoneExplorer
2024-02-21 10:19 - 2021-11-11 15:11 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-02-21 10:19 - 2020-02-29 10:34 - 000000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2024-02-21 10:19 - 2013-11-12 21:18 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2024-02-20 16:04 - 2019-12-07 10:03 - 001310720 _____ C:\WINDOWS\system32\config\BBI
2024-02-20 15:58 - 2021-11-11 14:55 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-02-20 14:28 - 2012-11-05 15:19 - 000000000 ____D C:\Users\oem\Documents\PhraseExpress
2024-02-20 13:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-02-19 11:21 - 2012-11-02 10:03 - 000000000 ____D C:\Users\oem\AppData\Roaming\Microsoft\Excel
2024-02-18 14:29 - 2022-01-28 08:21 - 000000000 ____D C:\Users\oem\AppData\Roaming\Evernote
2024-02-18 10:35 - 2021-12-13 10:34 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2864334784-1603053625-3890222848-1000
2024-02-18 10:35 - 2021-11-11 15:11 - 000003360 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2864334784-1603053625-3890222848-1000
2024-02-18 10:35 - 2021-11-11 14:56 - 000002411 _____ C:\Users\oem\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-02-18 10:34 - 2021-11-11 15:11 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2024-02-18 10:33 - 2022-10-12 11:22 - 000002107 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2024-02-18 10:33 - 2022-10-12 11:22 - 000002095 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk
2024-02-18 10:31 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2024-02-17 10:32 - 2020-11-09 15:05 - 000002470 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-02-17 10:32 - 2020-11-09 15:05 - 000002308 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2024-02-16 10:31 - 2021-12-17 13:43 - 000000000 ____D C:\WINDOWS\SystemTemp
2024-02-16 10:31 - 2012-10-31 12:27 - 000002335 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-02-15 20:42 - 2022-02-16 11:43 - 000000000 ____D C:\Users\oem\AppData\Roaming\Telegram Desktop
2024-02-15 19:10 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-02-15 19:00 - 2012-11-01 18:40 - 000000000 ____D C:\Users\oem\AppData\Roaming\Microsoft\Word
2024-02-15 18:37 - 2022-09-21 08:43 - 000000666 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2024-02-15 13:18 - 2022-09-21 08:43 - 000003382 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2024-02-15 13:18 - 2021-11-16 07:10 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2024-02-15 13:08 - 2022-03-26 20:15 - 000004142 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1648322131
2024-02-15 13:08 - 2022-03-26 20:15 - 000001439 _____ C:\Users\oem\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2024-02-15 13:01 - 2021-11-11 14:55 - 000462048 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2024-02-15 01:31 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2024-02-15 01:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2024-02-15 01:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2024-02-15 01:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2024-02-15 01:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2024-02-15 01:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2024-02-15 01:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2024-02-15 01:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2024-02-15 01:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2024-02-15 01:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2024-02-15 01:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2024-02-15 01:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2024-02-15 00:32 - 2022-04-28 09:38 - 000000000 ____D C:\Users\oem\AppData\Roaming\DPD-electron
2024-02-14 13:16 - 2021-11-11 14:55 - 003016192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2024-02-14 12:51 - 2021-11-16 07:10 - 000000000 ____D C:\Program Files (x86)\CCleaner Browser
2024-02-14 12:48 - 2013-08-15 09:27 - 000000000 ____D C:\WINDOWS\system32\MRT
2024-02-14 12:39 - 2012-11-03 14:40 - 191155960 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2024-02-14 12:13 - 2021-11-16 07:11 - 000002421 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner Browser.lnk
2024-02-14 12:13 - 2021-11-16 07:11 - 000002386 _____ C:\Users\Public\Desktop\CCleaner Browser.lnk
2024-02-13 15:09 - 2023-03-07 12:54 - 000001615 _____ C:\Users\oem\Desktop\Bečka CENÍK VO 2024 – zástupce.lnk
2024-02-12 11:07 - 2015-11-18 11:21 - 000007994 _____ C:\WINDOWS\BRRBCOM.INI
2024-02-11 12:57 - 2016-11-04 12:28 - 000000000 ____D C:\HP Universal Print Driver
2024-02-11 11:24 - 2022-08-26 17:53 - 000002042 _____ C:\Users\defaultuser100000\Desktop\Google Slides.lnk
2024-02-11 11:24 - 2022-08-26 17:53 - 000002042 _____ C:\Users\defaultuser100000\Desktop\Google Sheets.lnk
2024-02-11 11:24 - 2022-08-26 17:53 - 000002030 _____ C:\Users\defaultuser100000\Desktop\Google Docs.lnk
2024-02-11 11:24 - 2022-01-27 08:05 - 000002042 _____ C:\Users\42060\Desktop\Google Slides.lnk
2024-02-11 11:24 - 2022-01-27 08:05 - 000002042 _____ C:\Users\42060\Desktop\Google Sheets.lnk
2024-02-11 11:24 - 2022-01-27 08:05 - 000002030 _____ C:\Users\42060\Desktop\Google Docs.lnk
2024-02-11 11:24 - 2021-09-23 19:49 - 000002200 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk
2024-02-11 11:24 - 2021-09-23 19:49 - 000002042 _____ C:\Users\Default\Desktop\Google Slides.lnk
2024-02-11 11:24 - 2021-09-23 19:49 - 000002042 _____ C:\Users\Default\Desktop\Google Sheets.lnk
2024-02-11 11:24 - 2021-09-23 19:49 - 000002030 _____ C:\Users\Default\Desktop\Google Docs.lnk
2024-02-08 13:57 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2024-02-08 13:41 - 2016-05-20 10:02 - 000000000 __RHD C:\Users\Public\AccountPictures
2024-02-04 14:31 - 2022-02-16 11:43 - 000001062 _____ C:\Users\oem\Desktop\Telegram.lnk
2024-02-04 14:31 - 2022-02-16 11:43 - 000000000 ____D C:\Users\oem\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Telegram Desktop
2024-02-02 10:31 - 2021-11-11 15:11 - 000003640 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-02-02 10:31 - 2021-11-11 15:11 - 000003516 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-01-31 13:13 - 2019-10-01 07:19 - 000000000 ____D C:\Users\oem\AppData\Roaming\WhatsApp
2024-01-31 13:10 - 2024-01-08 20:22 - 000002251 _____ C:\Users\oem\Desktop\WhatsApp (Outdated).lnk
2024-01-31 13:10 - 2019-10-01 07:19 - 000000000 ____D C:\Users\oem\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp
2024-01-31 13:10 - 2019-10-01 07:19 - 000000000 ____D C:\Users\oem\AppData\Local\SquirrelTemp
2024-01-25 18:51 - 2012-11-01 21:22 - 000000000 ____D C:\Users\oem\AppData\Local\CrashDumps
2024-01-23 17:56 - 2024-01-10 10:59 - 000012201 _____ C:\Users\oem\Documents\Verča - vyúčtování zaplacených věcí.xlsx
==================== Files in the root of some directories ========
2015-03-05 13:03 - 2015-03-05 13:47 - 000000288 _____ () C:\Users\oem\AppData\Roaming\MSyu.dat
2015-03-05 13:03 - 2015-03-05 13:47 - 000000288 _____ () C:\Users\oem\AppData\Roaming\PDF2XL-6-0.TrialData
2012-12-18 11:02 - 2016-03-04 10:52 - 000000058 _____ () C:\Users\oem\AppData\Local\DonationCoder_ScreenshotCaptor_InstallInfo.dat
2024-01-10 13:09 - 2024-01-10 13:09 - 000001321 _____ () C:\Users\oem\AppData\Local\recently-used.xbel
2012-11-01 22:01 - 2012-11-01 22:01 - 000007605 _____ () C:\Users\oem\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
při psaní na klávesnici se píší občas nesmyslné znaky.
Například:
¨no … ano
Märcon … marcon
n´dobí … nádobí
s¨znam ... seznam
b¨dejvice … budějovice
Přikládám log z FRST a prosím o kontrolu.
Děkuji
Marek
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 19.02.2024 02
Ran by Petr (administrator) on OEM-PC (21-02-2024 11:05:25)
Running from C:\Users\oem\Desktop\Antispyware\FRST\FRST64.exe
Loaded Profiles: Petr
Platform: Microsoft Windows 10 Home Version 22H2 19045.4046 (X64) Language: Čeština (Česko)
Default browser: Opera
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(ABBYY SOLUTIONS LIMITED -> ABBYY.) C:\Program Files (x86)\ABBYY FineReader 11\Bonus.ScreenshotReader.exe
(Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe
(Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(C:\Program Files (x86)\Mobo\Service\MoboDeviceService.exe ->) (BoYuan(Hong Kong) Wireless Websoft Technology Limited -> Mobo) C:\Program Files (x86)\Mobo\Service\MoboDeviceProxy.exe
(C:\Program Files\ESET\ESET Smart Security\ekrn.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Smart Security\eguiProxy.exe
(C:\Program Files\ESET\ESET Smart Security\ekrn.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Smart Security\eOppFrame.exe
(C:\Program Files\Logitech\SetPointP\SetPoint.exe ->) (Logitech -> Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe
(explorer.exe ->) (Acronis, Inc -> Acronis) C:\Program Files (x86)\Common Files\Acronis\Plán2\schedhlp.exe
(explorer.exe ->) (Ashampoo GmbH & Co. KG -> Ashampoo Media GmbH & Co. KG) C:\Program Files (x86)\Ashampoo\Ashampoo Snap 6\ashsnap.exe
(explorer.exe ->) (Bartels Media GmbH -> Bartels Media GmbH) C:\Program Files (x86)\PhraseExpress\phraseexpress.exe
(explorer.exe ->) (EnTech Taiwan -> EnTech Taiwan) C:\Program Files (x86)\Dell\Dell Display Manager\ddm.exe
(explorer.exe ->) (Franz Josef Wechselberger -> F.J. Wechselberger) C:\Program Files (x86)\MyPhoneExplorer-1-8-5\MyPhoneExplorer.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <65>
(explorer.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(explorer.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(explorer.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(explorer.exe ->) (Logitech -> Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(explorer.exe ->) (LW-WORKS Software) [File not signed] C:\sw\clipboard_recorder_portable\$RGCBVYN.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(explorer.exe ->) (Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe <3>
(explorer.exe ->) (Samsung Electronics CO., LTD. -> Samsung) C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
(explorer.exe ->) (Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Wondershare\MobileGo\MobileGoService.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(services.exe ->) (ABBYY SOLUTIONS LIMITED -> ABBYY) C:\Program Files (x86)\ABBYY FineReader 11\NetworkLicenseServer.exe
(services.exe ->) (Acronis, Inc -> Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(services.exe ->) (Acronis, Inc -> Acronis) C:\Program Files (x86)\Common Files\Acronis\Plán2\schedul2.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (BoYuan(Hong Kong) Wireless Websoft Technology Limited -> Mobo, Inc.) C:\Program Files (x86)\Mobo\Service\MoboDeviceService.exe
(services.exe ->) (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\BrYNSvc.exe
(services.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Smart Security\efwd.exe
(services.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(services.exe ->) (Geek Software GmbH -> Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(services.exe ->) (Intel® Upgrade Service -> Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe <2>
(services.exe ->) (Protexis Inc. -> Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(services.exe ->) (Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(services.exe ->) (Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(services.exe ->) (Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(services.exe ->) (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(services.exe ->) (Software602 -> Software602 a.s.) C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe
(services.exe ->) (Splashtop Inc. -> Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(services.exe ->) (VIA Technologies Inc. -> VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(services.exe ->) (Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.4.2.223\WsAppService.exe
(services.exe ->) (Xerox Corporation -> Xerox Corporation) C:\Program Files\Xerox\XeroxPrintExperience\CommonFiles\XeroxPrintJobEventManagerService.exe
(Software602 -> Software602) C:\Program Files (x86)\Software602\Print2PDF\Print2PDF.exe
(svchost.exe ->) (24803D75-212C-471A-BC57-9EF86AB91435 -> ) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2401.5.0_x64__cv1g1gvanyjgm\WhatsApp.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Windows.Media.BackgroundPlayback.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Služba Acronis Scheduler2] => C:\Program Files (x86)\Common Files\Acronis\Plán2\schedhlp.exe [358832 2011-02-03] (Acronis, Inc -> Acronis)
HKLM\...\Run: [Windows Mobile Device Center] => C:\WINDOWS\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3091224 2013-07-31] (Logitech -> Logitech, Inc.)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\ecmdS.exe [196264 2024-01-24] (ESET, spol. s r.o. -> ESET)
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [5119600 2012-05-11] (VIA Technologies Inc. -> VIA)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-03-27] (Intel Corporation -> Intel Corporation)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [5133968 2011-02-03] (Acronis, Inc -> )
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [310280 2012-12-20] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [Print2PDF Print Monitor] => C:\Program Files (x86)\Software602\Print2PDF\Print2PDF.exe [222776 2011-04-12] (Software602 -> Software602)
HKLM-x32\...\Run: [Bonus.SSR.FR11] => C:\Program Files (x86)\ABBYY FineReader 11\Bonus.ScreenshotReader.exe [925960 2011-08-18] (ABBYY SOLUTIONS LIMITED -> ABBYY.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [STCAgent] => C:\Program Files (x86)\Splashtop\Splashtop Connect IE\STCAgent.exe [771968 2011-08-29] (Splashtop Inc. -> Splashtop Inc.)
HKLM-x32\...\Run: [ZyngaGamesAgent] => C:\Program Files (x86)\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe [841544 2010-11-15] (Splashtop Inc. -> Splashtop Inc.)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139264 2013-05-14] (Brother Industries, Ltd.) [File not signed]
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4522496 2012-12-27] (Brother Industries, Ltd.) [File not signed]
HKLM-x32\...\Run: [BrHelp] => C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe [2009088 2013-01-18] (Brother Industries, Ltd.) [File not signed]
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [6788032 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [483976 2020-09-07] (Geek Software GmbH -> Geek Software GmbH)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\86.0.9.0\GoogleDriveFS.exe [59669792 2024-02-11] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\86.0.9.0\GoogleDriveFS.exe [59669792 2024-02-11] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-2864334784-1603053625-3890222848-1000\...\Run: [AshSnap] => C:\Program Files (x86)\Ashampoo\Ashampoo Snap 6\ashsnap.exe [3860304 2013-10-29] (Ashampoo GmbH & Co. KG -> Ashampoo Media GmbH & Co. KG)
HKU\S-1-5-21-2864334784-1603053625-3890222848-1000\...\Run: [KiesPDLR] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [844296 2012-12-20] (Samsung Electronics CO., LTD. -> Samsung)
HKU\S-1-5-21-2864334784-1603053625-3890222848-1000\...\Run: [] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [844296 2012-12-20] (Samsung Electronics CO., LTD. -> Samsung)
HKU\S-1-5-21-2864334784-1603053625-3890222848-1000\...\Run: [MyPhoneExplorer] => C:\Program Files (x86)\MyPhoneExplorer-1-8-5\MyPhoneExplorer.exe [5945504 2019-06-17] (Franz Josef Wechselberger -> F.J. Wechselberger)
HKU\S-1-5-21-2864334784-1603053625-3890222848-1000\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\86.0.9.0\GoogleDriveFS.exe [59669792 2024-02-11] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-2864334784-1603053625-3890222848-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [45018016 2024-02-05] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-2864334784-1603053625-3890222848-1000\...\Run: [DPDApp] => C:\Users\oem\AppData\Local\Programs\DPD-electron\DPDApp.exe [111036928 2023-05-30] (DPDGroup) [File not signed]
HKU\S-1-5-21-2864334784-1603053625-3890222848-1000\...\Run: [MicrosoftEdgeAutoLaunch_C3C43DE3D7532B85F72FDD7AC8AEB537] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3788240 2024-02-15] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2864334784-1603053625-3890222848-1000\...\MountPoints2: {a144871f-59a1-11e8-a65d-806e6f6e6963} - "H:\Windows Utilities\Installer64\Install.exe"
HKU\S-1-5-21-2864334784-1603053625-3890222848-1003\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [45018016 2024-02-05] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-2864334784-1603053625-3890222848-1003\...\Run: [MicrosoftEdgeAutoLaunch_F19A02299990B1ACC5CF1F78FEF0F08C] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3788240 2024-02-15] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2864334784-1603053625-3890222848-1003\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\86.0.9.0\GoogleDriveFS.exe [59669792 2024-02-11] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-2864334784-1603053625-3890222848-1004\...\Run: [CCleanerBrowserAutoLaunch_05192599E3C059BF391BBC4A7D0D69CA] => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [3134904 2024-02-07] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
HKU\S-1-5-21-2864334784-1603053625-3890222848-1004\...\Run: [MicrosoftEdgeAutoLaunch_3B84CBD7EA3C00F28296F546D5781130] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3788240 2024-02-15] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2864334784-1603053625-3890222848-1004\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\86.0.9.0\GoogleDriveFS.exe [59669792 2024-02-11] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-2864334784-1603053625-3890222848-1004\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\42060\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-2864334784-1603053625-3890222848-1004\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\42060\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-2864334784-1603053625-3890222848-1004\...\RunOnce: [Uninstall 19.043.0304.0013\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\42060\AppData\Local\Microsoft\OneDrive\19.043.0304.0013\amd64" [0 2022-01-27] () <==== ATTENTION [zero byte File/Folder]
HKU\S-1-5-21-2864334784-1603053625-3890222848-1004\...\RunOnce: [Uninstall 19.043.0304.0013] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\42060\AppData\Local\Microsoft\OneDrive\19.043.0304.0013" [0 2022-01-27] () <==== ATTENTION [zero byte File/Folder]
HKU\S-1-5-21-2864334784-1603053625-3890222848-1004\...\RunOnce: [Uninstall 21.220.1024.0005\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\42060\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\amd64" [0 2022-01-28] () <==== ATTENTION [zero byte File/Folder]
HKU\S-1-5-21-2864334784-1603053625-3890222848-1004\...\RunOnce: [Uninstall 21.220.1024.0005] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\42060\AppData\Local\Microsoft\OneDrive\21.220.1024.0005" [0 2022-01-28] () <==== ATTENTION [zero byte File/Folder]
HKU\S-1-5-21-2864334784-1603053625-3890222848-1005\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Veronika\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [109808 2018-03-27] (Seznam.cz, a.s. -> )
HKU\S-1-5-21-2864334784-1603053625-3890222848-1005\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Veronika\AppData\Roaming\Seznam.cz\szninstall.exe [1069296 2018-03-27] (Seznam.cz, a.s. -> )
HKU\S-1-5-21-2864334784-1603053625-3890222848-1005\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\86.0.9.0\GoogleDriveFS.exe [59669792 2024-02-11] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-2864334784-1603053625-3890222848-1005\...\Run: [CCleanerBrowserAutoLaunch_D044A33C65C42DB1B59A1BB59C616934] => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [3134904 2024-02-07] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
HKU\S-1-5-21-2864334784-1603053625-3890222848-1005\...\Run: [MicrosoftEdgeAutoLaunch_506F8CB68E93DC616BE746E510433970] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3788240 2024-02-15] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2864334784-1603053625-3890222848-1005\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Veronika\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" [42164600 2022-07-08] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2864334784-1603053625-3890222848-1005\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Veronika\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-2864334784-1603053625-3890222848-1005\...\RunOnce: [Uninstall 19.232.1124.0008\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Veronika\AppData\Local\Microsoft\OneDrive\19.232.1124.0008\amd64" [0 2022-07-08] () <==== ATTENTION [zero byte File/Folder]
HKU\S-1-5-21-2864334784-1603053625-3890222848-1005\...\RunOnce: [Uninstall 19.232.1124.0008] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Veronika\AppData\Local\Microsoft\OneDrive\19.232.1124.0008" [0 2022-07-08] () <==== ATTENTION [zero byte File/Folder]
HKU\S-1-5-21-2864334784-1603053625-3890222848-1005\...\RunOnce: [SeznamInstall-uninstall:8352b3ec6aab5907bacfaeb1917627b7] => C:\Users\Veronika\AppData\Local\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe [534528 2022-07-08] () [File not signed] <==== ATTENTION
HKU\S-1-5-21-2864334784-1603053625-3890222848-500\...\Run: [MicrosoftEdgeAutoLaunch_98769996E24836F99EC8617644423B4C] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3788240 2024-02-15] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2864334784-1603053625-3890222848-500\...\Run: [CCleanerBrowserAutoLaunch_3CDF41FB87688E5FC1D0DFF54D877FE1] => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [3134904 2024-02-07] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
HKU\S-1-5-21-2864334784-1603053625-3890222848-500\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\86.0.9.0\GoogleDriveFS.exe [59669792 2024-02-11] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-2864334784-1603053625-3890222848-500\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Administrator\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-2864334784-1603053625-3890222848-500\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Administrator\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-2864334784-1603053625-3890222848-500\...\RunOnce: [Uninstall 19.043.0304.0013] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Administrator\AppData\Local\Microsoft\OneDrive\19.043.0304.0013" (No File)
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\86.0.9.0\GoogleDriveFS.exe [59669792 2024-02-11] (Google LLC -> Google, Inc.)
HKLM\...\Windows x64\Print Processors\hpcpp093: C:\Windows\System32\spool\prtprocs\x64\hpcpp093.DLL [300032 2010-04-15] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\...\Windows x64\Print Processors\hpcpp190: C:\Windows\System32\spool\prtprocs\x64\hpcpp190.dll [651176 2016-11-04] (HP Inc. -> HP Inc.)
HKLM\...\Windows x64\Print Processors\hpcpp270: C:\Windows\System32\spool\prtprocs\x64\hpcpp270.dll [873168 2023-05-30] (HP Inc. -> HP Inc.)
HKLM\...\Windows x64\Print Processors\hpzpplhn: C:\Windows\System32\spool\prtprocs\x64\hpzpplhn.dll [99840 2008-05-07] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\...\Windows x64\Print Processors\hpzppwn7: C:\Windows\System32\spool\prtprocs\x64\hpzppwn7.dll [101376 2009-07-14] (Hewlett-Packard Corporation) [File not signed]
HKLM\...\Windows x64\Print Processors\LXKPTPRC: C:\Windows\System32\spool\prtprocs\x64\LXKPTPRC.DLL [99840 2009-07-14] (Lexmark International Inc.) [File not signed]
HKLM\...\Print\Monitors\HP Standard TCP/IP Port: C:\WINDOWS\system32\HpTcpMon.dll [331264 2008-03-03] (Hewlett Packard) [File not signed]
HKLM\...\Print\Monitors\HP Universal Print Monitor: C:\WINDOWS\system32\HPMPW081.DLL [127912 2016-11-04] (HP Inc. -> HP Inc.)
HKLM\...\Print\Monitors\HPMLM190: C:\WINDOWS\system32\hpmlm190.dll [310512 2016-11-04] (HP Inc. -> HP Inc.)
HKLM\...\Print\Monitors\HPMLM225: C:\WINDOWS\system32\hpmlm225.dll [318160 2023-05-30] (HP Inc. -> HP Inc.)
HKLM\...\Print\Monitors\PCL hpz3llhn: C:\WINDOWS\system32\hpz3llhn.dll [34816 2008-05-07] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Company)
HKLM\...\Print\Monitors\PDF Print Monitor BZ101: C:\WINDOWS\system32\bzpdf101.dll [196608 2008-06-09] (STORMWARE) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{052EB454-9F19-CB42-7875-807F79F311C4}] -> C:\Program Files (x86)\CCleaner Browser\Application\121.0.23861.160\Installer\chrmstp.exe [2024-02-14] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\121.0.6167.185\Installer\chrmstp.exe [2024-02-16] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
Startup: C:\Users\oem\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\$RGCBVYN – zástupce.lnk [2012-11-05]
ShortcutTarget: $RGCBVYN – zástupce.lnk -> C:\sw\clipboard_recorder_portable\$RGCBVYN.exe (LW-WORKS Software) [File not signed]
Startup: C:\Users\oem\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk [2023-10-20]
ShortcutTarget: Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Dell Display Manager.lnk [2015-07-01]
ShortcutTarget: Dell Display Manager.lnk -> C:\Program Files (x86)\Dell\Dell Display Manager\ddm.exe (EnTech Taiwan -> EnTech Taiwan)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\MobileGo Service.lnk [2020-02-25]
ShortcutTarget: MobileGo Service.lnk -> C:\Program Files (x86)\Wondershare\MobileGo\MobileGoService.exe (Wondershare Technology Co.,Ltd -> Wondershare)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\PhraseExpress.lnk [2017-12-19]
ShortcutTarget: PhraseExpress.lnk -> C:\Program Files (x86)\PhraseExpress\phraseexpress.exe (Bartels Media GmbH -> Bartels Media GmbH)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {366513EB-A3F1-4115-B909-47780227A137} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {3B2CB242-8E01-41EF-B1A5-DAA751A6353D} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {3EA422DE-C1B7-45EA-B906-A063E2C84C6E} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {45CC0FF2-055C-4DA9-B889-239A93C87DE5} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {63EEFCE1-2AB4-4607-BACF-402D6F019872} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {6FDA50FF-47AB-4248-848F-F11AB7C8E94F} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {8D7F2F72-3ACC-4E8D-B054-E10E19C7DB3F} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {93988D4D-32D0-4C24-A881-67FDA83E6469} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {AE38DABA-627A-4E8F-B385-CF75CECA845F} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {AF447DEB-0BAC-4111-A635-75BB34F0C0F5} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {B6B44D9C-0E56-4189-A142-DB5E66CB6ABD} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {CD459309-4164-4E79-82AF-7C7E0873183E} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {EA8D1844-D04B-4F74-9443-1A9947230ACE} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {EE816DA6-387E-49F3-8624-3586618C80F8} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {FC7CC874-1D21-4622-8040-7C3F33833EAD} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {FD95BF76-9E4E-4123-A5C1-53B238C4A34B} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {8DBBBB37-F6C0-49A1-8D8C-A8F014ACEF9D} - System32\Tasks\{2679C6B7-E537-4CEE-BFEC-1A0BC3D38FF1} => D:\Setup.exe (No File)
Task: {36800DFD-F228-4BDD-889E-6FBDCA1A2EC3} - System32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe (No File)
Task: {A2F29343-B3C2-4CB6-A714-843CAB7B3A0E} - System32\Tasks\{679E49C3-82EA-4689-BF84-5EBFC20B1F17} => D:\Setup.exe (No File)
Task: {94D653CE-031A-4EC4-9DB2-ED95E341E35D} - System32\Tasks\{807FD7EF-F55F-42D6-A1BD-1820F6F39DC4} => C:\Windows\system32\pcalua.exe [53760 2023-11-19] (Microsoft Windows -> Microsoft Corporation) -> -a D:\Setup.exe -d D:\
Task: {5A498D04-4150-4DB5-8C99-0FA58820929E} - System32\Tasks\{E4941AFC-DD14-462C-A1D7-77331DD70F4B} => D:\Setup.exe (No File)
Task: {CA7ED97D-9C6F-421F-90FF-FF301E5EEA1C} - System32\Tasks\{EB7609EB-79A9-4BAB-BF2E-5E172C7BC9F2} => C:\Windows\system32\pcalua.exe [53760 2023-11-19] (Microsoft Windows -> Microsoft Corporation) -> -a "C:\Users\oem\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WLH8SAQJ\Evernote_5.2.0.2946.exe" -d C:\Users\oem\Desktop
Task: {A13CF9C9-FCCE-44B5-8C45-CE50FCA69102} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1547208 2024-01-31] (Adobe Inc. -> Adobe Inc.)
Task: {DD37F4DF-43EA-43A2-B451-48C4831CBBD1} - System32\Tasks\CCleaner Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [3134904 2024-02-07] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
Task: {1A6FCD82-8C77-4D45-AF95-497741C3F6A0} - System32\Tasks\CCleaner Browser Heartbeat Task (Logon) => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [3134904 2024-02-07] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
Task: {36A17099-0E33-4B91-A032-3D8AE080882E} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2024-02-05] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {12E94EED-18E5-4D5A-B823-672F224497B4} - System32\Tasks\CCleanerBrowserProtectS-1-5-21-2864334784-1603053625-3890222848-1000 => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowserProtect.exe [1709664 2024-02-07] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) <==== ATTENTION
Task: {02FFEBFE-04A6-4129-8CF9-0972A4AC158F} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703648 2024-02-05] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "bf83c256-b1ed-409b-b265-2819d48a2d11" --version "6.21.10918" --silent
Task: {31E802EA-3100-4839-B077-7BF46F9A1AF2} - System32\Tasks\CCleanerSkipUAC - Petr => C:\Program Files\CCleaner\CCleaner.exe [38778272 2024-02-05] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {F769DDCF-7CEC-444F-9B9D-128F67CB4608} - System32\Tasks\CCleanerUpdateTaskMachineCore => C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [208176 2022-12-14] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
Task: {810F3542-3E9B-40EB-A7BD-AD5C8AFEDE01} - System32\Tasks\CCleanerUpdateTaskMachineUA => C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [208176 2022-12-14] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
Task: {BB5849BA-2F14-4B15-B477-F5EA41609F1E} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem123.0.6288.0{A0FC9BB1-195E-415F-B89C-FF1FE5EA9F49} => C:\Program Files (x86)\Google\GoogleUpdater\123.0.6288.0\updater.exe [4682528 2024-02-08] (Google LLC -> Google LLC) <==== ATTENTION
Task: {ACB46EB4-96F1-4033-8C64-F54E4CD2C8C7} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => %SystemRoot%\ehome\ehPrivJob.exe /DoActivateWindowsSearch (No File)
Task: {4C358F93-E81E-4815-AC4F-9635B021E9C1} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => %SystemRoot%\ehome\ehPrivJob.exe /DoConfigureInternetTimeService (No File)
Task: {C049E931-AAD2-4D96-8773-2AAB7E5AEE68} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => %SystemRoot%\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0) (No File)
Task: {4DAB47DC-27E3-4619-934C-2D27951C2E45} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => %SystemRoot%\ehome\ehPrivJob.exe /DRMInit (No File)
Task: {F46D13F9-D9FF-4F8B-A477-90A8C9756997} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => %SystemRoot%\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0) (No File)
Task: {132F2982-FE2A-4D65-8DDE-AE4BFD2DF749} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => %SystemRoot%\ehome\mcupdate $(Arg0) (No File)
Task: {C63C6A56-982A-4263-9BFE-70BF01352A42} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => %SystemRoot%\ehome\mcupdate -crl -hms -pscn 15 (No File)
Task: {751937BF-86C3-4C83-BB40-3A9C81F8BE86} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => %SystemRoot%\ehome\mcupdate.exe -MediaCenterRecoveryTask (No File)
Task: {08C59951-8CD5-4372-AED6-93B970B7DB44} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => %SystemRoot%\ehome\mcupdate.exe -ObjectStoreRecoveryTask (No File)
Task: {3D01FF46-B79D-42EC-8291-3A71205572E3} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => %SystemRoot%\ehome\ehPrivJob.exe /OCURActivate (No File)
Task: {99E85D64-C752-4ADD-A882-E55B3E09601B} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => %SystemRoot%\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0) (No File)
Task: {44EAA82D-3F5B-48AB-8B69-7E0696ED65D4} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => %SystemRoot%\ehome\ehPrivJob.exe /PBDADiscovery (No File)
Task: {049053D8-AF62-4415-BEB2-9C823901709C} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => %SystemRoot%\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery (No File)
Task: {2C64B32A-5D67-47AE-93AE-1AB76E4B885F} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => %SystemRoot%\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery (No File)
Task: {DCAFEADD-F070-499A-BF27-DCBD1A51A77B} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => %windir%\ehome\MCUpdate.exe -pscn 0 (No File)
Task: {EA731C16-8D1F-4FAE-8868-18EF280B4F16} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => %SystemRoot%\ehome\mcupdate.exe -PvrRecoveryTask (No File)
Task: {613ACE8F-D4A5-45A1-820D-F0222F099C6E} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => %SystemRoot%\ehome\mcupdate.exe -PvrSchedule (No File)
Task: {9EA37728-7DB0-4720-9B0A-3627A45435A9} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => %SystemRoot%\ehome\ehrec /RestartRecording (No File)
Task: {CD4057D5-7C9A-45CD-A78B-E8C0380A58D2} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => %SystemRoot%\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0) (No File)
Task: {D3265386-94E3-4D75-82FA-B37C0F76D04C} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => %SystemRoot%\ehome\ehPrivJob.exe /DoReindexSearchRoot (No File)
Task: {FE008B62-188A-4D81-9403-6EF4C4028D13} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => %SystemRoot%\ehome\mcupdate.exe -SqlLiteRecoveryTask (No File)
Task: {9CD195A8-02CE-485F-AAF1-106054CDA0CC} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => %SystemRoot%\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0) (No File)
Task: {979AD175-1F57-4B0B-BD1B-E9A20ED6D785} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A}
Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47C2-B62A-B7C4CED925CB}
Task: {A8E13BB5-DC00-4CCD-B145-8F3E63C531B9} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {C9E51842-9C23-4A18-BCCA-172B1E8A31DF} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {95065416-1849-496B-AA60-3750F6C04B1C} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {0316680B-CE98-4303-8370-F870C83A9EF8} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {C5FD11CA-B388-48F3-A517-C1082B17D55A} - System32\Tasks\Opera scheduled Autoupdate 1648322131 => C:\Users\oem\AppData\Local\Programs\Opera\launcher.exe [2358688 2024-02-12] (Opera Norway AS -> Opera Software)
Task: {CCA25A6B-E3EC-462A-B226-A51C30478547} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [6944304 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
Task: {F21E88A7-45D6-45F7-9EE7-BFF2EC976B01} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [7192192 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
Task: {71D01C7B-DFB7-4705-8DC5-8FC0B5DBEA74} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [7651984 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
Task: {A7C5A736-9391-4A1E-BECF-0454A73BF43B} - System32\Tasks\Xerox XeroxPrintExperience Printer Configuration - New or Changed => c:\program files\xerox\xeroxprintexperience\xeroxprintexperience\XeroxPrinterConfiguration.exe [414664 2024-01-11] (Xerox Corporation -> Xerox Corporation)
Task: {4F23ACC7-5E21-4E94-BF55-2F2F3A7789ED} - System32\Tasks\Xerox XeroxPrintExperience Printer Configuration - Periodic Refresh => c:\program files\xerox\xeroxprintexperience\xeroxprintexperience\XeroxPrinterConfiguration.exe [414664 2024-01-11] (Xerox Corporation -> Xerox Corporation)
Task: {0251D007-4380-457F-BDAC-FFF724E22D31} - System32\Tasks\Xerox XeroxPrintExperience Printer Configuration - User Logon => c:\program files\xerox\xeroxprintexperience\xeroxprintexperience\XeroxPrinterConfiguration.exe [414664 2024-01-11] (Xerox Corporation -> Xerox Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{0d6ba809-e86f-4779-9522-d0af7ab65932}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{5849cbe0-538e-4163-b2aa-206517080857}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{5849cbe0-538e-4163-b2aa-206517080857}: [DhcpNameServer] 192.168.1.1
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\oem\AppData\Local\Microsoft\Edge\User Data\Default [2024-02-21]
Edge Notifications: Default -> hxxps://www.aliexpress.com; hxxps://www.facebook.com
Edge HomePage: Default -> hxxp://eshop.jezirkabanat.cz/search/search/
Edge Session Restore: Default -> is enabled.
Edge Extension: (OneTab) - C:\Users\oem\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\chphlpgkkbolifaimnlloiipkdnihall [2023-10-09]
Edge Extension: (Aliexpress SuperStar česky, Historie cen) - C:\Users\oem\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ciclollkolafellcaolgccmfjldgpolo [2023-11-08]
Edge Extension: (Tipli do prohlížeče) - C:\Users\oem\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\dbnfnbehhjknomdbfhcobpgpphnlnikp [2022-06-17]
Edge Extension: (MightyText - SMS from PC & Text from Computer) - C:\Users\oem\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\dkfhfaphfkopdgpbfkebjfcblcafcmpi [2020-11-09]
Edge Extension: (Dokumenty Google offline) - C:\Users\oem\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-01-22]
Edge Extension: (OneTab) - C:\Users\oem\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\hoimpamkkoehapgenciaoajfkfkpgfop [2023-10-09]
Edge Extension: (Edge relevant text changes) - C:\Users\oem\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-24]
Edge Extension: (Evernote Web Clipper) - C:\Users\oem\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\llhcnbijpnechllogkacbcjmkcgjbjfi [2023-11-28]
Edge Extension: (ESET Browser Privacy & Security) - C:\Users\oem\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\nkapkmklnmidbbgjaipbgpcnbomnaakc [2024-02-15]
Edge Extension: (TabCloud) - C:\Users\oem\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\npecfdijgoblfcgagoijgmgejmcpnhof [2021-12-06]
Edge HKLM-x32\...\Edge\Extension: [nkapkmklnmidbbgjaipbgpcnbomnaakc]
FireFox:
========
FF ProfilePath: C:\Users\oem\AppData\Roaming\Nvu\Profiles\rc2qx344.default [2021-08-13]
FF ProfilePath: C:\Users\oem\AppData\Roaming\Mozilla\Firefox\Profiles\dqjh2a50.default [2021-11-19]
FF Homepage: Mozilla\Firefox\Profiles\dqjh2a50.default -> hxxp://www.google.cz/
FF Extension: (No Name) - C:\Users\oem\AppData\Roaming\Mozilla\Firefox\Profiles\dqjh2a50.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [not found]
FF Extension: (No Name) - C:\Users\oem\AppData\Roaming\Mozilla\Firefox\Profiles\dqjh2a50.default\extensions\sko-extension@firma.seznam.cz [not found]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird => not found
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: (Logitech SetPoint) - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2013-11-14] [Legacy] [not signed]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird => not found
FF Plugin: @java.com/DTPlugin,version=10.25.2 -> C:\Windows\system32\npDeployJava1.dll [2013-06-21] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2013-06-21] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2024-02-10] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google Inc -> Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.52 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2011-12-01] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2011-12-01] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-10-16] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-10-16] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @software602.cz/602XML Filler -> R:\SW\FormFiller-Software602\Filler\npfiller.dll [2011-03-15] (Software602 -> Software602 a.s.)
FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=3 -> C:\Program Files (x86)\CCleaner Browser\Update\1.8.1583.3\npCCleanerBrowserUpdate3.dll [2022-12-14] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=9 -> C:\Program Files (x86)\CCleaner Browser\Update\1.8.1583.3\npCCleanerBrowserUpdate3.dll [2022-12-14] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
FF Plugin-x32: @videolan.org/vlc,version=2.0.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2012-03-17] (VideoLAN) [File not signed]
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default [2024-02-21]
CHR Notifications: Default -> hxxps://andro-conseil.com; hxxps://automobile-conseil.fr; hxxps://business.facebook.com; hxxps://calendar.google.com; hxxps://cz.pinterest.com; hxxps://drive.google.com; hxxps://eshop.tescoma.cz; hxxps://gw.lightinthebox.com; hxxps://ibb.co; hxxps://mail.google.com; hxxps://my.timocom.com; hxxps://paleosnadno.cz; hxxps://plumbber.ru; hxxps://smartandroid.fr; hxxps://upcr.cz; hxxps://webmail.forpsi.com; hxxps://www.aliexpress.com; hxxps://www.banggood.com; hxxps://www.facebook.com; hxxps://www.heureka.cz; hxxps://www.hitprace.cz; hxxps://www.idoklad.cz; hxxps://www.instagram.com; hxxps://www.kasafik.cz; hxxps://www.kupi.cz; hxxps://www.letemsvetemapplem.eu; hxxps://www.letgo.cz; hxxps://www.lightinthebox.com; hxxps://www.megaknihy.cz; hxxps://www.mesec.cz; hxxps://www.milujeme-slevy.cz; hxxps://www.monsterinsights.com; hxxps://www.netflix.com; hxxps://www.oranews.tv; hxxps://www.penize.cz; hxxps://www.reddit.com; hxxps://www.rt.com; hxxps://www.sejda.com; hxxps://www.spektrumzdravi.cz; hxxps://www.svetandroida.cz; hxxps://www.trenyrkarna.cz; hxxps://www.vybaven.cz
CHR Session Restore: Default -> is enabled.
CHR Extension: (Aliexpress SuperStar česky, Historie cen) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciclollkolafellcaolgccmfjldgpolo [2023-11-08]
CHR Extension: (Tipli do prohlížeče) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbnfnbehhjknomdbfhcobpgpphnlnikp [2022-06-16]
CHR Extension: (Dokumenty Google offline) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-01-19]
CHR Extension: (Spouštěč aplikací pro Disk (od Googlu)) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2023-08-23]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-03-10]
CHR Extension: (TabCloud) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\npecfdijgoblfcgagoijgmgejmcpnhof [2019-12-10]
CHR Extension: (ESET Browser Privacy & Security) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\oombnmpbbhbakfpfgdflaajkhicgfaam [2024-02-09]
CHR Extension: (Evernote Web Clipper) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Default\Extensions\pioclpoplcdbaefihamjohnefbikjilc [2023-11-28]
CHR Profile: C:\Users\oem\AppData\Local\Google\Chrome\User Data\Guest Profile [2024-02-04]
CHR Profile: C:\Users\oem\AppData\Local\Google\Chrome\User Data\Profile 1 [2024-02-02]
CHR DownloadDir: C:\Users\oem\Downloads
CHR Notifications: Profile 1 -> hxxps://app.smartsupp.com; hxxps://calendar.google.com; hxxps://coshair.ru; hxxps://cs.animalthai.com; hxxps://cs.erch2014.com; hxxps://cs.joecomp.com; hxxps://cs.omatomeloanhikaku.com; hxxps://cz.gearbest.com; hxxps://cz.sputniknews.com; hxxps://finmag.penize.cz; hxxps://fr.aliexpress.com; hxxps://ibb.co; hxxps://marek44.oncollabim.com; hxxps://meet.google.com; hxxps://pt.aliexpress.com; hxxps://twitter.com; hxxps://web.telegram.org; hxxps://wp.aliexpress.com; hxxps://www.agatinsvet.cz; hxxps://www.alibaba.com; hxxps://www.b2bpartner.cz; hxxps://www.banggood.com; hxxps://www.collabim.cz; hxxps://www.dailymail.co.uk; hxxps://www.dobre-knihy.cz; hxxps://www.evernote.com; hxxps://www.facebook.com; hxxps://www.gearbest.com; hxxps://www.hudy.cz; hxxps://www.inizio.cz; hxxps://www.instagram.com; hxxps://www.kupi.cz; hxxps://www.lightinthebox.com; hxxps://www.mall.tv; hxxps://www.megaknihy.cz; hxxps://www.nej-ceny.cz; hxxps://www.netflix.com; hxxps://www.penize.cz; hxxps://www.rt.com; hxxps://www.tipsport.cz; hxxps://www.ubuy.cz; hxxps://www.viry.cz; hxxps://www.wish.com; hxxps://www.youtube.com
CHR DefaultSearchURL: Profile 1 -> hxxps://duckduckgo.com/?q={searchTerms}
CHR DefaultSearchKeyword: Profile 1 -> duckduckgo.com
CHR DefaultSuggestURL: Profile 1 -> hxxps://duckduckgo.com/ac/?q={searchTerms}&type=list
CHR Session Restore: Profile 1 -> is enabled.
CHR Extension: (DuckDuckGo) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bkdgflcldnnnapblkhphbgpggdiikppg [2024-02-02]
CHR Extension: (YouTube) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-11-12]
CHR Extension: (Pushbullet) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\chlffgpmiacpedhhbkiomidkjlcfhogd [2023-07-26]
CHR Extension: (OneTab) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\chphlpgkkbolifaimnlloiipkdnihall [2024-02-02]
CHR Extension: (MightyText - SMS from PC & Text from Computer) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dkfhfaphfkopdgpbfkebjfcblcafcmpi [2020-01-02]
CHR Extension: (Dokumenty Google offline) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-07-26]
CHR Extension: (Weby Google) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gmandedkgonhldbnjpikffdnneenijnd [2020-04-12]
CHR Extension: (Spouštěč aplikací pro Disk (od Googlu)) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2024-02-02]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Evernote Web Clipper) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pioclpoplcdbaefihamjohnefbikjilc [2024-02-02]
CHR Profile: C:\Users\oem\AppData\Local\Google\Chrome\User Data\Profile 2 [2024-02-02]
CHR Extension: (YouTube) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-01-19]
CHR Extension: (Adobe Acrobat: nástroje pro úpravu, převod a podpis souborů PDF) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2023-07-26]
CHR Extension: (Dokumenty Google offline) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-07-26]
CHR Extension: (Spouštěč aplikací pro Disk (od Googlu)) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2024-02-02]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-03-09]
CHR Profile: C:\Users\oem\AppData\Local\Google\Chrome\User Data\Profile 3 [2023-07-26]
CHR Extension: (Prezentace) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-02-05]
CHR Extension: (Dokumenty) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aohghmighlieiainnegkcijnfilokake [2020-02-05]
CHR Extension: (Disk Google) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\apdfllckaahabafndbhieahigkjlhalf [2022-03-13]
CHR Extension: (YouTube) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-02-05]
CHR Extension: (Adobe Acrobat: nástroje pro úpravu, převod a podpis souborů PDF) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2023-07-26]
CHR Extension: (Tabulky) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-02-05]
CHR Extension: (Dokumenty Google offline) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-07-26]
CHR Extension: (Spouštěč aplikací pro Disk (od Googlu)) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2023-07-26]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-03-13]
CHR Extension: (Gmail) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2022-03-13]
CHR Profile: C:\Users\oem\AppData\Local\Google\Chrome\User Data\Profile 4 [2023-07-26]
CHR Extension: (Adobe Acrobat: nástroje pro úpravu, převod a podpis souborů PDF) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2023-07-26]
CHR Extension: (Dokumenty Google offline) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-07-26]
CHR Extension: (Spouštěč aplikací pro Disk (od Googlu)) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2023-07-26]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\oem\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-07-26]
CHR Profile: C:\Users\oem\AppData\Local\Google\Chrome\User Data\System Profile [2024-02-02]
CHR HKU\S-1-5-21-2864334784-1603053625-3890222848-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKU\S-1-5-21-2864334784-1603053625-3890222848-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKU\S-1-5-21-2864334784-1603053625-3890222848-1005\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bgjpfhpjcgdppjbgnpnjllokbmcdllig]
CHR HKU\S-1-5-21-2864334784-1603053625-3890222848-1005\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [olfeabkoenfaoljndfecamgilllcpiak]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [oombnmpbbhbakfpfgdflaajkhicgfaam]
Opera:
=======
OPR DefaultProfile: Default
StartMenuInternet: (HKU\S-1-5-21-2864334784-1603053625-3890222848-1000) OperaStable - "C:\Users\oem\AppData\Local\Programs\Opera\Launcher.exe"
==================== Services (Whitelisted) ===================
===================== Drivers (Whitelisted) ===================
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2024-02-21 11:03 - 2024-02-21 11:03 - 002386944 _____ (Farbar) C:\Users\oem\Downloads\FRST64.exe
2024-02-21 10:21 - 2024-02-21 10:21 - 000004284 _____ C:\WINDOWS\system32\Tasks\Xerox XeroxPrintExperience Printer Configuration - User Logon
2024-02-21 10:21 - 2024-02-21 10:21 - 000004154 _____ C:\WINDOWS\system32\Tasks\Xerox XeroxPrintExperience Printer Configuration - New or Changed
2024-02-21 10:21 - 2024-02-21 10:21 - 000004064 _____ C:\WINDOWS\system32\Tasks\Xerox XeroxPrintExperience Printer Configuration - Periodic Refresh
2024-02-21 10:21 - 2024-02-21 10:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xerox
2024-02-21 10:21 - 2024-02-21 10:21 - 000000000 ____D C:\Program Files\Xerox
2024-02-19 11:25 - 2024-02-19 11:25 - 000086592 _____ C:\Users\oem\Downloads\ShipmentLabel_D20240219T112504.pdf
2024-02-19 11:21 - 2024-02-19 11:21 - 000000767 _____ C:\Users\oem\Downloads\export_dpd_2024-02-19_112129.csv
2024-02-15 18:46 - 2024-02-15 18:46 - 000069702 _____ C:\Users\oem\Downloads\ShipmentLabel_D20240215T184657.pdf
2024-02-15 18:45 - 2024-02-15 18:45 - 000000566 _____ C:\Users\oem\Downloads\export_dpd_2024-02-15_184515.csv
2024-02-15 13:24 - 2024-02-15 13:24 - 000012730 _____ C:\Users\oem\Downloads\priloha_1315961384_0_Textová zpráva.PDF
2024-02-15 13:15 - 2024-02-15 13:15 - 000245538 _____ C:\Users\oem\Downloads\Soubor00001 (1).pdf
2024-02-15 13:14 - 2024-02-15 13:14 - 000183005 _____ C:\Users\oem\Downloads\Soubor00004.pdf
2024-02-14 13:17 - 2024-02-14 13:17 - 000019697 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json
2024-02-14 13:16 - 2024-02-14 13:16 - 000019697 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2024-02-14 13:04 - 2024-02-14 13:05 - 000070203 _____ C:\Users\oem\Downloads\ShipmentLabel_D20240214T130500.pdf
2024-02-14 13:04 - 2024-02-14 13:04 - 000000000 ___HD C:\$WinREAgent
2024-02-14 12:13 - 2024-02-14 12:13 - 000000567 _____ C:\Users\oem\Downloads\export_dpd_2024-02-14_121320.csv
2024-02-12 20:17 - 2024-02-12 20:18 - 269517241 _____ C:\Users\oem\Downloads\Kopie souboru Záznam 25.wav
2024-02-12 19:56 - 2024-02-12 19:56 - 000013951 _____ C:\Users\oem\Downloads\priloha_1314286700_0_Textová zpráva.PDF
2024-02-12 19:35 - 2024-02-12 19:35 - 000114180 _____ C:\Users\oem\Downloads\Email z PPP CK - Zpráva z foniatrie (Michael a Pavla Markovi).pdf
2024-02-12 10:37 - 2024-02-12 10:37 - 000102038 _____ C:\Users\oem\Downloads\ShipmentLabel_D20240212T103718.pdf
2024-02-12 10:34 - 2024-02-12 10:34 - 000000944 _____ C:\Users\oem\Downloads\export_dpd_2024-02-12_103441.csv
2024-02-12 10:27 - 2024-02-12 10:27 - 000121540 _____ C:\Users\oem\Downloads\Faktura 202401011.pdf
2024-02-11 12:59 - 2023-05-30 09:17 - 000873168 _____ (HP Inc.) C:\WINDOWS\system32\spool\prtprocs\x64\hpcpp270.dll
2024-02-11 12:59 - 2023-05-30 09:17 - 000596688 _____ (HP Inc.) C:\WINDOWS\system32\hpcpn270.dll
2024-02-11 12:59 - 2023-05-30 09:17 - 000558800 _____ (HP Inc.) C:\WINDOWS\SysWOW64\hpcc3270.dll
2024-02-11 12:59 - 2023-05-30 09:17 - 000318160 _____ (HP Inc.) C:\WINDOWS\system32\hpmlm225.dll
2024-02-11 12:59 - 2023-05-30 09:17 - 000267472 _____ (HP Inc.) C:\WINDOWS\system32\hpmml270.dll
2024-02-11 12:59 - 2023-05-30 09:17 - 000244432 _____ (HP Inc.) C:\WINDOWS\system32\hpmja270.dll
2024-02-11 12:59 - 2023-05-30 09:17 - 000232144 _____ (HP Inc.) C:\WINDOWS\system32\hpmpm082.dll
2024-02-11 12:59 - 2023-05-30 09:17 - 000206544 _____ (HP Inc.) C:\WINDOWS\system32\hpmtp270.dll
2024-02-11 12:59 - 2023-05-30 09:17 - 000180944 _____ (HP Inc.) C:\WINDOWS\system32\hpcjpm.dll
2024-02-11 12:59 - 2023-05-30 09:17 - 000130256 _____ (HP Inc.) C:\WINDOWS\system32\hpmpw082.dll
2024-02-11 12:59 - 2020-09-23 15:49 - 003249008 _____ (The OpenSSL Project, hxxps://www.openssl.org/) C:\WINDOWS\system32\libcrypto-1_1-x64.dll
2024-02-11 12:59 - 2020-09-23 15:49 - 000929648 _____ (The OpenSSL Project, hxxps://www.openssl.org/) C:\WINDOWS\system32\libssl-1_1-x64.dll
2024-02-11 12:57 - 2024-02-11 12:57 - 023182800 _____ C:\Users\oem\Downloads\upd-pcl6-x64-7.1.0.25570.exe
2024-02-09 13:01 - 2024-02-09 13:01 - 000026935 _____ C:\Users\oem\Downloads\Google disk-----4801440322449719-17.pdf
2024-02-09 12:55 - 2024-02-09 12:55 - 000001950 _____ C:\Users\oem\Downloads\mBank - 1-2024 - 03991456_240101_240131.gpc
2024-02-09 12:54 - 2024-02-09 12:54 - 000095152 _____ C:\Users\oem\Downloads\mBank - 1-2024 - 03991456_240101_240131.pdf
2024-02-09 12:52 - 2024-02-09 12:52 - 000086364 _____ C:\Users\oem\Downloads\FIO-běžný účet - 1-2024 - Vypis_z_uctu-2400073267_20240101-20240131_cislo-1.pdf
2024-02-09 12:52 - 2024-02-09 12:52 - 000005200 _____ C:\Users\oem\Downloads\FIO-běžný účet - 1-2024 - Vypis_z_uctu-2400073267_20240101-20240131_cislo-1.gpc
2024-02-09 12:50 - 2024-02-09 12:50 - 000027302 _____ C:\Users\oem\Downloads\money_export_faktura-sosjezirka-1-2024.xml
2024-02-09 12:49 - 2024-02-09 12:49 - 000155753 _____ C:\Users\oem\Downloads\FV-1-2024-sosjezirka.pdf
2024-02-09 12:45 - 2024-02-09 12:45 - 000027513 _____ C:\Users\oem\Downloads\money_export_faktura-ikvido-1-2024.xml
2024-02-09 12:44 - 2024-02-09 12:44 - 000156606 _____ C:\Users\oem\Downloads\FV-1-2024-ikvido.pdf
2024-02-09 12:37 - 2024-02-09 12:37 - 002734021 _____ C:\Users\oem\Desktop\Predsmluvni-informace.pdf
2024-02-08 15:38 - 2024-02-08 15:38 - 000071842 _____ C:\Users\oem\Downloads\Faktura_FV20_08657.pdf
2024-02-08 14:00 - 2024-02-08 14:00 - 000000000 ____D C:\Users\Administrator\AppData\Local\Comms
2024-02-08 13:53 - 2024-02-08 13:53 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\com.adobe.dunamis
2024-02-08 13:53 - 2024-02-08 13:53 - 000000000 ____D C:\Users\Administrator\AppData\LocalLow\Adobe
2024-02-08 13:53 - 2024-02-08 13:53 - 000000000 ____D C:\Users\Administrator\AppData\Local\SolidDocuments
2024-02-08 13:53 - 2024-02-08 13:53 - 000000000 ____D C:\Users\Administrator\.ms-ad
2024-02-08 13:50 - 2024-02-08 13:50 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Opera
2024-02-08 13:50 - 2024-02-08 13:50 - 000000000 ____D C:\Users\Administrator\AppData\Local\Opera
2024-02-08 13:45 - 2024-02-08 13:45 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2864334784-1603053625-3890222848-500
2024-02-08 13:44 - 2024-02-08 20:35 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\PhraseExpress
2024-02-08 13:44 - 2024-02-08 13:53 - 000000000 ____D C:\Users\Administrator\AppData\Local\Adobe
2024-02-08 13:44 - 2024-02-08 13:45 - 000003376 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2864334784-1603053625-3890222848-500
2024-02-08 13:44 - 2024-02-08 13:44 - 000085525 _____ C:\WINDOWS\system32\NOTICE_mod
2024-02-08 13:44 - 2024-02-08 13:44 - 000001319 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\phraseexpress.lnk
2024-02-08 13:44 - 2024-02-08 13:44 - 000000000 ___RD C:\Users\Administrator\OneDrive
2024-02-08 13:44 - 2024-02-08 13:44 - 000000000 ____D C:\Users\Administrator\Documents\PhraseExpress
2024-02-08 13:44 - 2024-02-08 13:44 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Wondershare
2024-02-08 13:44 - 2024-02-08 13:44 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Logitech
2024-02-08 13:44 - 2024-02-08 13:44 - 000000000 ____D C:\Users\Administrator\AppData\Local\PlaceholderTileLogoFolder
2024-02-08 13:41 - 2024-02-08 13:41 - 000002366 _____ C:\Users\Administrator\Desktop\Google Chrome.lnk
2024-02-08 13:41 - 2024-02-08 13:41 - 000000000 ____D C:\Users\Administrator\AppData\Local\Publishers
2024-02-08 13:40 - 2024-02-11 11:24 - 000002042 _____ C:\Users\Administrator\Desktop\Google Slides.lnk
2024-02-08 13:40 - 2024-02-11 11:24 - 000002042 _____ C:\Users\Administrator\Desktop\Google Sheets.lnk
2024-02-08 13:40 - 2024-02-11 11:24 - 000002030 _____ C:\Users\Administrator\Desktop\Google Docs.lnk
2024-02-08 13:40 - 2024-02-08 14:00 - 000000000 ____D C:\Users\Administrator\AppData\Local\Packages
2024-02-08 13:40 - 2024-02-08 13:53 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Adobe
2024-02-08 13:40 - 2024-02-08 13:53 - 000000000 ____D C:\Users\Administrator
2024-02-08 13:40 - 2024-02-08 13:45 - 000002421 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-02-08 13:40 - 2024-02-08 13:41 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Microsoft\Windows
2024-02-08 13:40 - 2024-02-08 13:41 - 000000000 ____D C:\Users\Administrator\AppData\Local\Google
2024-02-08 13:40 - 2024-02-08 13:41 - 000000000 ____D C:\Users\Administrator\AppData\Local\ConnectedDevicesPlatform
2024-02-08 13:40 - 2024-02-08 13:40 - 000000020 ___SH C:\Users\Administrator\ntuser.ini
2024-02-08 13:40 - 2024-02-08 13:40 - 000000000 _SHDL C:\Users\Administrator\Šablony
2024-02-08 13:40 - 2024-02-08 13:40 - 000000000 _SHDL C:\Users\Administrator\Soubory cookie
2024-02-08 13:40 - 2024-02-08 13:40 - 000000000 _SHDL C:\Users\Administrator\Poslední
2024-02-08 13:40 - 2024-02-08 13:40 - 000000000 _SHDL C:\Users\Administrator\Okolní tiskárny
2024-02-08 13:40 - 2024-02-08 13:40 - 000000000 _SHDL C:\Users\Administrator\Okolní síť
2024-02-08 13:40 - 2024-02-08 13:40 - 000000000 _SHDL C:\Users\Administrator\Nabídka Start
2024-02-08 13:40 - 2024-02-08 13:40 - 000000000 _SHDL C:\Users\Administrator\Dokumenty
2024-02-08 13:40 - 2024-02-08 13:40 - 000000000 _SHDL C:\Users\Administrator\Documents\Obrázky
2024-02-08 13:40 - 2024-02-08 13:40 - 000000000 _SHDL C:\Users\Administrator\Documents\Hudba
2024-02-08 13:40 - 2024-02-08 13:40 - 000000000 _SHDL C:\Users\Administrator\Documents\Filmy
2024-02-08 13:40 - 2024-02-08 13:40 - 000000000 _SHDL C:\Users\Administrator\Data aplikací
2024-02-08 13:40 - 2024-02-08 13:40 - 000000000 _SHDL C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2024-02-08 13:40 - 2024-02-08 13:40 - 000000000 _SHDL C:\Users\Administrator\AppData\Local\Data aplikací
2024-02-08 13:40 - 2024-02-08 13:40 - 000000000 ___SD C:\Users\Administrator\AppData\Roaming\Microsoft\SystemCertificates
2024-02-08 13:40 - 2024-02-08 13:40 - 000000000 ___SD C:\Users\Administrator\AppData\Roaming\Microsoft\Protect
2024-02-08 13:40 - 2024-02-08 13:40 - 000000000 ___SD C:\Users\Administrator\AppData\Roaming\Microsoft\Crypto
2024-02-08 13:40 - 2024-02-08 13:40 - 000000000 ___SD C:\Users\Administrator\AppData\Roaming\Microsoft\Credentials
2024-02-08 13:40 - 2024-02-08 13:40 - 000000000 ___RD C:\Users\Administrator\3D Objects
2024-02-08 13:40 - 2024-02-08 13:40 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Microsoft\Vault
2024-02-08 13:40 - 2024-02-08 13:40 - 000000000 ____D C:\Users\Administrator\AppData\Local\ESET
2024-02-08 13:40 - 2024-02-08 13:40 - 000000000 ____D C:\Users\Administrator\AppData\Local\CCleaner Browser
2024-02-08 13:40 - 2021-11-11 15:00 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Microsoft\Network
2024-02-08 13:40 - 2016-09-22 09:14 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Media Center Programs
2024-02-08 13:40 - 2016-09-22 09:14 - 000000000 ____D C:\Users\Administrator\AppData\Local\Microsoft Help
2024-02-08 12:32 - 2024-02-08 12:32 - 000102273 _____ C:\Users\oem\Downloads\priloha_1312461549_0_Informace_pro_poplatniky.pdf
2024-02-06 17:26 - 2024-02-06 17:26 - 000070391 _____ C:\Users\oem\Downloads\ShipmentLabel_D20240206T172638.pdf
2024-02-06 17:25 - 2024-02-06 17:25 - 000000589 _____ C:\Users\oem\Downloads\export_dpd_2024-02-06_172526.csv
2024-02-05 23:43 - 2024-02-05 23:44 - 000081353 _____ C:\Users\oem\Downloads\opravená ŽÁDOST O NAHLÉDNUTÍ DO SPISU.pdf
2024-02-05 19:37 - 2024-02-05 19:37 - 000263766 _____ C:\Users\oem\Downloads\priloha_1310586625_0_vyjadreni_k_nahlizeni_do_spis._dokumentace-Markovi (1).pdf
2024-02-05 19:35 - 2024-02-12 19:25 - 000000000 ____D C:\Users\oem\Documents\OSPOD
2024-02-05 19:31 - 2024-02-05 19:32 - 000263766 _____ C:\Users\oem\Downloads\priloha_1310586625_0_vyjadreni_k_nahlizeni_do_spis._dokumentace-Markovi.pdf
2024-02-04 14:30 - 2024-02-04 14:30 - 043095192 _____ (Telegram FZ-LLC ) C:\Users\oem\Downloads\tsetup-x64.4.14.13.exe
2024-02-04 10:37 - 2024-02-04 10:37 - 000003790 _____ C:\WINDOWS\system32\Tasks\CCleanerBrowserProtectS-1-5-21-2864334784-1603053625-3890222848-1000
2024-01-31 13:10 - 2024-01-31 13:10 - 000000000 ____D C:\Users\oem\AppData\Local\WhatsApp
2024-01-30 23:58 - 2024-01-30 23:58 - 000078035 _____ C:\Users\oem\Downloads\ŽÁDOST O NAHLÉDNUTÍ DO SPISU.pdf
2024-01-30 23:28 - 2024-01-30 23:28 - 000067556 _____ C:\Users\oem\Downloads\ShipmentLabel_D20240130T232832.pdf
2024-01-30 23:27 - 2024-01-30 23:27 - 000000559 _____ C:\Users\oem\Downloads\export_dpd_2024-01-30_232737.csv
2024-01-30 14:28 - 2024-01-30 14:28 - 000027300 _____ C:\Users\oem\Downloads\Maloobchodní ceník dmychadel SECOH 2024.xlsx
2024-01-30 14:21 - 2024-01-30 23:22 - 000030738 _____ C:\Users\oem\Downloads\Ceník SECOH 2024 skupina E.xlsx
2024-01-30 14:16 - 2024-01-30 14:16 - 000159159 _____ C:\Users\oem\Downloads\Maloobchodní ceník dmychadel SECOH 2024.pdf
2024-01-30 14:16 - 2024-01-30 14:16 - 000158462 _____ C:\Users\oem\Downloads\Ceník SECOH 2024 skupina E.pdf
2024-01-30 13:52 - 2024-01-30 13:52 - 000486296 _____ C:\Users\oem\Downloads\Rezervacni-smlouva.doc.pdf
2024-01-30 13:48 - 2024-01-30 13:48 - 000222796 _____ C:\Users\oem\Downloads\Kupni-smlouva.doc.pdf
2024-01-29 19:31 - 2024-01-29 19:31 - 000085340 _____ C:\Users\oem\Downloads\ShipmentLabel_D20240129T193115.pdf
2024-01-29 19:24 - 2024-01-29 19:24 - 000115773 _____ C:\Users\oem\Downloads\ShipmentLabel_D20240129T192431.pdf
2024-01-29 19:19 - 2024-01-29 19:19 - 000000570 _____ C:\Users\oem\Downloads\export_dpd_2024-01-29_191958.csv
2024-01-29 18:58 - 2024-01-29 18:58 - 000000566 _____ C:\Users\oem\Downloads\export_dpd_2024-01-29_185813.csv
2024-01-25 19:13 - 2024-01-25 19:13 - 000071505 _____ C:\Users\oem\Downloads\ShipmentLabel_D20240125T191335.pdf
2024-01-25 19:12 - 2024-01-25 19:12 - 000000569 _____ C:\Users\oem\Downloads\export_dpd_2024-01-25_191218.csv
2024-01-24 12:19 - 2024-01-24 12:19 - 000049567 _____ C:\Users\oem\Downloads\Pohyb_26230290730_na_uctu_2400073267.pdf
2024-01-22 16:05 - 2024-01-22 16:05 - 000037171 _____ C:\Users\oem\Downloads\priloha_1303468260_1_3_6384_1973_1083304.pdf
2024-01-22 16:05 - 2024-01-22 16:05 - 000035673 _____ C:\Users\oem\Downloads\priloha_1303468260_2_2_6381_1936_3340553.pdf
2024-01-22 16:04 - 2024-01-22 16:04 - 000130701 _____ C:\Users\oem\Downloads\priloha_1303468260_0_1_6320_1935_1132343.pdf
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2024-02-21 11:06 - 2016-09-30 06:15 - 000000000 ____D C:\FRST
2024-02-21 11:01 - 2013-10-14 18:24 - 000000000 ____D C:\Users\oem\Desktop\Antispyware
2024-02-21 10:52 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-02-21 10:27 - 2022-07-07 08:22 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2024-02-21 10:26 - 2021-11-11 15:06 - 001875876 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2024-02-21 10:26 - 2019-12-07 15:41 - 000781844 _____ C:\WINDOWS\system32\perfh005.dat
2024-02-21 10:26 - 2019-12-07 15:41 - 000172578 _____ C:\WINDOWS\system32\perfc005.dat
2024-02-21 10:26 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2024-02-21 10:26 - 2017-01-03 22:36 - 000000000 ____D C:\Users\oem\AppData\LocalLow\Mozilla
2024-02-21 10:20 - 2017-09-19 10:10 - 000000000 ____D C:\Program Files\CCleaner
2024-02-21 10:20 - 2012-12-23 11:50 - 000000000 ____D C:\Users\oem\AppData\Roaming\MyPhoneExplorer
2024-02-21 10:19 - 2021-11-11 15:11 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-02-21 10:19 - 2020-02-29 10:34 - 000000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2024-02-21 10:19 - 2013-11-12 21:18 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2024-02-20 16:04 - 2019-12-07 10:03 - 001310720 _____ C:\WINDOWS\system32\config\BBI
2024-02-20 15:58 - 2021-11-11 14:55 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-02-20 14:28 - 2012-11-05 15:19 - 000000000 ____D C:\Users\oem\Documents\PhraseExpress
2024-02-20 13:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-02-19 11:21 - 2012-11-02 10:03 - 000000000 ____D C:\Users\oem\AppData\Roaming\Microsoft\Excel
2024-02-18 14:29 - 2022-01-28 08:21 - 000000000 ____D C:\Users\oem\AppData\Roaming\Evernote
2024-02-18 10:35 - 2021-12-13 10:34 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2864334784-1603053625-3890222848-1000
2024-02-18 10:35 - 2021-11-11 15:11 - 000003360 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2864334784-1603053625-3890222848-1000
2024-02-18 10:35 - 2021-11-11 14:56 - 000002411 _____ C:\Users\oem\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-02-18 10:34 - 2021-11-11 15:11 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2024-02-18 10:33 - 2022-10-12 11:22 - 000002107 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2024-02-18 10:33 - 2022-10-12 11:22 - 000002095 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk
2024-02-18 10:31 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2024-02-17 10:32 - 2020-11-09 15:05 - 000002470 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-02-17 10:32 - 2020-11-09 15:05 - 000002308 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2024-02-16 10:31 - 2021-12-17 13:43 - 000000000 ____D C:\WINDOWS\SystemTemp
2024-02-16 10:31 - 2012-10-31 12:27 - 000002335 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-02-15 20:42 - 2022-02-16 11:43 - 000000000 ____D C:\Users\oem\AppData\Roaming\Telegram Desktop
2024-02-15 19:10 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-02-15 19:00 - 2012-11-01 18:40 - 000000000 ____D C:\Users\oem\AppData\Roaming\Microsoft\Word
2024-02-15 18:37 - 2022-09-21 08:43 - 000000666 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2024-02-15 13:18 - 2022-09-21 08:43 - 000003382 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2024-02-15 13:18 - 2021-11-16 07:10 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2024-02-15 13:08 - 2022-03-26 20:15 - 000004142 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1648322131
2024-02-15 13:08 - 2022-03-26 20:15 - 000001439 _____ C:\Users\oem\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2024-02-15 13:01 - 2021-11-11 14:55 - 000462048 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2024-02-15 01:31 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2024-02-15 01:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2024-02-15 01:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2024-02-15 01:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2024-02-15 01:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2024-02-15 01:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2024-02-15 01:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2024-02-15 01:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2024-02-15 01:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2024-02-15 01:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2024-02-15 01:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2024-02-15 01:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2024-02-15 00:32 - 2022-04-28 09:38 - 000000000 ____D C:\Users\oem\AppData\Roaming\DPD-electron
2024-02-14 13:16 - 2021-11-11 14:55 - 003016192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2024-02-14 12:51 - 2021-11-16 07:10 - 000000000 ____D C:\Program Files (x86)\CCleaner Browser
2024-02-14 12:48 - 2013-08-15 09:27 - 000000000 ____D C:\WINDOWS\system32\MRT
2024-02-14 12:39 - 2012-11-03 14:40 - 191155960 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2024-02-14 12:13 - 2021-11-16 07:11 - 000002421 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner Browser.lnk
2024-02-14 12:13 - 2021-11-16 07:11 - 000002386 _____ C:\Users\Public\Desktop\CCleaner Browser.lnk
2024-02-13 15:09 - 2023-03-07 12:54 - 000001615 _____ C:\Users\oem\Desktop\Bečka CENÍK VO 2024 – zástupce.lnk
2024-02-12 11:07 - 2015-11-18 11:21 - 000007994 _____ C:\WINDOWS\BRRBCOM.INI
2024-02-11 12:57 - 2016-11-04 12:28 - 000000000 ____D C:\HP Universal Print Driver
2024-02-11 11:24 - 2022-08-26 17:53 - 000002042 _____ C:\Users\defaultuser100000\Desktop\Google Slides.lnk
2024-02-11 11:24 - 2022-08-26 17:53 - 000002042 _____ C:\Users\defaultuser100000\Desktop\Google Sheets.lnk
2024-02-11 11:24 - 2022-08-26 17:53 - 000002030 _____ C:\Users\defaultuser100000\Desktop\Google Docs.lnk
2024-02-11 11:24 - 2022-01-27 08:05 - 000002042 _____ C:\Users\42060\Desktop\Google Slides.lnk
2024-02-11 11:24 - 2022-01-27 08:05 - 000002042 _____ C:\Users\42060\Desktop\Google Sheets.lnk
2024-02-11 11:24 - 2022-01-27 08:05 - 000002030 _____ C:\Users\42060\Desktop\Google Docs.lnk
2024-02-11 11:24 - 2021-09-23 19:49 - 000002200 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk
2024-02-11 11:24 - 2021-09-23 19:49 - 000002042 _____ C:\Users\Default\Desktop\Google Slides.lnk
2024-02-11 11:24 - 2021-09-23 19:49 - 000002042 _____ C:\Users\Default\Desktop\Google Sheets.lnk
2024-02-11 11:24 - 2021-09-23 19:49 - 000002030 _____ C:\Users\Default\Desktop\Google Docs.lnk
2024-02-08 13:57 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2024-02-08 13:41 - 2016-05-20 10:02 - 000000000 __RHD C:\Users\Public\AccountPictures
2024-02-04 14:31 - 2022-02-16 11:43 - 000001062 _____ C:\Users\oem\Desktop\Telegram.lnk
2024-02-04 14:31 - 2022-02-16 11:43 - 000000000 ____D C:\Users\oem\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Telegram Desktop
2024-02-02 10:31 - 2021-11-11 15:11 - 000003640 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-02-02 10:31 - 2021-11-11 15:11 - 000003516 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-01-31 13:13 - 2019-10-01 07:19 - 000000000 ____D C:\Users\oem\AppData\Roaming\WhatsApp
2024-01-31 13:10 - 2024-01-08 20:22 - 000002251 _____ C:\Users\oem\Desktop\WhatsApp (Outdated).lnk
2024-01-31 13:10 - 2019-10-01 07:19 - 000000000 ____D C:\Users\oem\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp
2024-01-31 13:10 - 2019-10-01 07:19 - 000000000 ____D C:\Users\oem\AppData\Local\SquirrelTemp
2024-01-25 18:51 - 2012-11-01 21:22 - 000000000 ____D C:\Users\oem\AppData\Local\CrashDumps
2024-01-23 17:56 - 2024-01-10 10:59 - 000012201 _____ C:\Users\oem\Documents\Verča - vyúčtování zaplacených věcí.xlsx
==================== Files in the root of some directories ========
2015-03-05 13:03 - 2015-03-05 13:47 - 000000288 _____ () C:\Users\oem\AppData\Roaming\MSyu.dat
2015-03-05 13:03 - 2015-03-05 13:47 - 000000288 _____ () C:\Users\oem\AppData\Roaming\PDF2XL-6-0.TrialData
2012-12-18 11:02 - 2016-03-04 10:52 - 000000058 _____ () C:\Users\oem\AppData\Local\DonationCoder_ScreenshotCaptor_InstallInfo.dat
2024-01-10 13:09 - 2024-01-10 13:09 - 000001321 _____ () C:\Users\oem\AppData\Local\recently-used.xbel
2012-11-01 22:01 - 2012-11-01 22:01 - 000007605 _____ () C:\Users\oem\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================