Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 19-08-2020
Ran by user (administrator) on DESKTOP-4E8O0H3 (ASUSTeK COMPUTER INC. X553MA) (21-08-2020 14:55:27)
Running from C:\Users\user\DOWNLOADS
Loaded Profiles: user
Platform: Windows 10 Home Version 1903 18362.959 (X64) Language: Čeština (Česko)
Default browser: Opera
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(Crawler Group, LLC -> Crawler Group, LLC) C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe
(CyberLink -> ) C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <25>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Temp\scoped_dir10724_1006496291\old_chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxTray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_18.2006.1031.0_x64__8wekyb3d8bbwe\LocalBridge.exe
(Microsoft Windows -> Microsoft Corporation) C:\$WINDOWS.~BT\Sources\mighost.exe
(Microsoft Windows -> Microsoft Corporation) C:\$WINDOWS.~BT\Sources\SetupHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SoftwareDistribution\Download\f36ea28b9e9b77b5f7cd23bea67a3131\WindowsUpdateBox.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\usocoreworker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\vds.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wimserv.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.18362.957_none_5f2e9e6258ea82f2\TiWorker.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2007.8-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2007.8-0\NisSrv.exe
(Piriform Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SpywareTerminatorShield] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe [5349120 2017-03-16] (Crawler Group, LLC -> Crawler Group, LLC)
HKLM\...\Run: [SpywareTerminatorUpdater] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe [5585672 2017-03-16] (Crawler Group, LLC -> Crawler Group, LLC)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] (Seznam.cz, a.s. -> )
HKLM-x32\...\Run: [UpdatePDRShortCut] => C:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe [222504 2008-01-04] (CyberLink -> CyberLink Corp.)
HKU\S-1-5-21-294688221-398494315-872949276-1001\...\Run: [cz.seznam.software.autoupdate] => C:\Users\user\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] (Seznam.cz, a.s. -> )
HKU\S-1-5-21-294688221-398494315-872949276-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\user\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [103080 2015-05-26] (Seznam.cz, a.s. -> )
HKU\S-1-5-21-294688221-398494315-872949276-1001\...\Run: [Inbox Storage] => C:\Program Files (x86)\Inbox Storage\InboxStorage.exe [4104552 2015-09-01] (Omega Partners LTD -> Inbox.com, Inc.)
HKU\S-1-5-21-294688221-398494315-872949276-1001\...\Run: [CCleaner Smart Cleaning] => C:\PROGRAM FILES\CCLEANER\CCLEANER64.EXE [18630056 2018-09-10] (Piriform Ltd -> Piriform Ltd)
HKU\S-1-5-21-294688221-398494315-872949276-1001\...\Run: [Opera Browser Assistant] => C:\USERS\USER\APPDATA\LOCAL\PROGRAMS\OPERA\assistant\browser_assistant.exe [3126296 2020-08-18] (Opera Software AS -> Opera Software)
HKLM\...\Windows x64\Print Processors\Canon MP550 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPD9Z.DLL [28672 2010-04-24] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MP550 series: C:\WINDOWS\system32\CNMLM9Z.DLL [336896 2010-04-24] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.135\Installer\chrmstp.exe [2020-08-21] (Google LLC -> Google LLC)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {020CCF34-0F67-4636-AC32-08ECD2D7FF64} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\PROGRAMDATA\MICROSOFT\WINDOWS DEFENDER\PLATFORM\4.18.2007.8-0\MpCmdRun.exe [516776 2020-08-17] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {052E2E9D-259E-45C5-AC9B-FBA56684C8A0} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16405744 2015-08-23] (Realtek Semiconductor Corp -> Realtek Semiconductor)
Task: {0DF41B67-6182-4E9D-B97E-59699E2580FA} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [18400 2017-03-09] (ASUSTeK Computer Inc. -> AsusTek)
Task: {13392FF8-52DE-45D6-9BFC-9F370AC7FC39} - System32\Tasks\SkipUAC Defragment drives => C:\Program Files (x86)\Nero\Nero TuneItUp\tuneitupStart.exe
Task: {1F5D3793-A808-452B-A654-684389AD6161} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1336400 2020-07-08] (Adobe Inc. -> Adobe Inc.)
Task: {27DC0B50-19A6-467D-A5A7-4371C125382D} - System32\Tasks\CCleanerSkipUAC => C:\PROGRAM FILES\CCLEANER\CCLEANER.EXE [13797712 2018-09-10] (Piriform Ltd -> Piriform Ltd)
Task: {2818FDC7-4875-4231-AE14-4FBD3B3D2433} - System32\Tasks\SkipUAC Optimize Windows Services => C:\Program Files (x86)\Nero\Nero TuneItUp\tuneitupStart.exe
Task: {373FD67E-1898-4D1D-98A1-E98C33FD7B25} - System32\Tasks\SkipUAC Clean registry => C:\Program Files (x86)\Nero\Nero TuneItUp\tuneitupStart.exe
Task: {376FE1A3-2719-4A6C-A0CE-EAF51968005E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-09-21] (Google Inc -> Google Inc.)
Task: {39C43FC4-5A52-4EC0-98C4-5D367BCFCD6A} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-02-04] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {3B250CA4-AC82-449F-858D-B4715113D90F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\PROGRAMDATA\MICROSOFT\WINDOWS DEFENDER\PLATFORM\4.18.2007.8-0\MpCmdRun.exe [516776 2020-08-17] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {3C7A3E63-2CD6-4CD3-9647-4570E50173F7} - System32\Tasks\SkipUAC Save power => C:\Program Files (x86)\Nero\Nero TuneItUp\tuneitupStart.exe
Task: {578D0319-CDF8-4695-B059-A5F107E14AA2} - System32\Tasks\ATK Package A22126881260 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [122008 2015-09-22] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {64A6A6F3-D109-42FA-B2C8-80E7C9F475F2} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\PROGRAMDATA\MICROSOFT\WINDOWS DEFENDER\PLATFORM\4.18.2007.8-0\MpCmdRun.exe [516776 2020-08-17] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {690004C9-D10C-4020-A8F1-B76B61A3D264} - System32\Tasks\SkipUAC Delete Internet tracks => C:\Program Files (x86)\Nero\Nero TuneItUp\tuneitupStart.exe
Task: {9BE8911C-1999-4F37-83FD-ADD088EC6F63} - System32\Tasks\SkipUAC Optimize autorun => C:\Program Files (x86)\Nero\Nero TuneItUp\tuneitupStart.exe
Task: {A61B2FD3-F0CE-4567-98AD-1A7F2774E849} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\PROGRAMDATA\MICROSOFT\WINDOWS DEFENDER\PLATFORM\4.18.2007.8-0\MpCmdRun.exe [516776 2020-08-17] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B740DC0C-2C62-4C5D-BA92-DBF78ACE2616} - System32\Tasks\Opera scheduled assistant Autoupdate 1589213150 => C:\USERS\USER\APPDATA\LOCAL\PROGRAMS\OPERA\launcher.exe [1529880 2020-08-18] (Opera Software AS -> Opera Software)
Task: {BFC93B55-64F6-494A-AEAA-E79F2979BE96} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-09-21] (Google Inc -> Google Inc.)
Task: {C88C68AE-A006-4059-B90C-E41BC3F9D8A2} - System32\Tasks\simplitec Power Suite (Autopilot.exe) => C:\Program Files (x86)\Nero\Nero TuneItUp\Autopilot.exe
Task: {C8B5D11B-0242-4E21-A687-3FE90575D4DC} - System32\Tasks\RtHDVBg => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1403136 2015-08-23] (Realtek Semiconductor Corp -> Realtek Semiconductor)
Task: {D32FADD8-F233-46FC-B26E-8EC19E522031} - System32\Tasks\Opera scheduled Autoupdate 1506960483 => C:\USERS\USER\APPDATA\LOCAL\PROGRAMS\OPERA\launcher.exe [1529880 2020-08-18] (Opera Software AS -> Opera Software)
Task: {DFA1E277-22FC-4DF3-88F4-706FA25EA06D} - System32\Tasks\simplitec Power Suite => C:\Program Files (x86)\Nero\Nero TuneItUp\TuneItUp.exe
Task: {E01D4D5F-AA85-41AC-824C-77AFA6FE29F9} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1403136 2015-08-23] (Realtek Semiconductor Corp -> Realtek Semiconductor)
Task: {E9243E20-28E3-41AF-BA6A-06EC63AAE93E} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [122008 2015-09-22] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {F40F6FEA-991A-4714-B5A5-DF25313381AB} - System32\Tasks\SkipUAC Securely empty recycle bin => C:\Program Files (x86)\Nero\Nero TuneItUp\tuneitupStart.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\simplitec Power Suite (Autopilot.exe).job => C:\Program Files (x86)\Nero\Nero TuneItUp\Autopilot.exe C:\Program Files (x86)\Nero\Nero TuneItUp\DESKTOP-4E8O0H3\user&simplitec Power Suite (Autopilot.exe
Task: C:\WINDOWS\Tasks\simplitec Power Suite.job => C:\Program Files (x86)\Nero\Nero TuneItUp\TuneItUp.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{46cc4397-1708-4b64-802c-38afbf510023}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{557dbc76-7e05-4280-aaa4-4cddb2bca502}: [DhcpNameServer] 10.0.0.138

Internet Explorer:
==================
HKU\S-1-5-21-294688221-398494315-872949276-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/?clid=12454
SearchScopes: HKU\S-1-5-21-294688221-398494315-872949276-1001 -> {092F7A34-D07A-4420-8C95-53BED2CD98D8} URL = hxxp://www.mapy.cz/?query={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-294688221-398494315-872949276-1001 -> {2235B2D4-02CA-4B31-9428-1FD4A97EC36D} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-294688221-398494315-872949276-1001 -> {3BC7E6FA-7DD2-4FDF-ABA2-9D7672933ADC} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-294688221-398494315-872949276-1001 -> {5D80AA2F-DFD3-4BA1-9FF4-6B65FC493E1F} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-294688221-398494315-872949276-1001 -> {65B5DFB9-FF57-4022-92CD-6E650FBF27CA} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-294688221-398494315-872949276-1001 -> {880216D5-38B1-4110-A131-A45CC88DF66E} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-294688221-398494315-872949276-1001 -> {97A352AD-55AF-46FC-A5FC-877048FD0A70} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-294688221-398494315-872949276-1001 -> {A2FB93DC-EFD5-4254-9242-A6DF2FEBDB2F} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-294688221-398494315-872949276-1001 -> {D4DA2931-27A3-4865-8DA3-9E3903781349} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_12454
BHO: Spyware Terminator 2015 Internet Guard -> {82A76710-4F98-4957-92BE-99648A4E2475} -> C:\Program Files (x86)\Spyware Terminator\STInternetGuard64.dll [2015-12-18] (Crawler Group, LLC -> Crawler Group, LLC)
BHO-x32: Spyware Terminator 2015 Internet Guard -> {82A76710-4F98-4957-92BE-99648A4E2475} -> C:\Program Files (x86)\Spyware Terminator\STInternetGuard.dll [2015-12-18] (Crawler Group, LLC -> Crawler Group, LLC)
DPF: HKLM-x32 {D8950D0E-FCE7-4AE4-9370-7E4CFBC04362} hxxps://www.mpsv.cz/fas/page/activexcab/webff_cs.cab

Edge: 
======
Edge Profile: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default [2020-08-19]

FireFox:
========
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-07-31] (Adobe Inc. -> Adobe Systems Inc.)

Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default [2020-08-21]
CHR Notifications: Default -> hxxps://eshop.tescoma.cz; hxxps://notification.premium-news.me; hxxps://novaplus.nova.cz; hxxps://www.facebook.com; hxxps://www.krizovkarskyslovnik.sk; hxxps://www.letgo.cz
CHR HomePage: Default -> hxxp://facebook.com/
CHR StartupUrls: Default -> "hxxp://facebook.com/","hxxp://www.youtube.com/watch?v=cD7XPK2fqSQ","hxxp://www.seznam.cz/","hxxp://www.aukro.cz/","hxxp://www.searchnu.com/406?appid=752"
CHR DefaultSearchURL: Default -> hxxps://search.seznam.cz/?q={searchTerms}
CHR DefaultSearchKeyword: Default -> seznam.cz
CHR DefaultSuggestURL: Default -> hxxps://suggest.seznam.cz/fulltext_ff?phrase={searchTerms}
CHR Session Restore: Default -> is enabled.
CHR Extension: (Prezentace) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-12]
CHR Extension: (Dokumenty) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-12]
CHR Extension: (Disk Google) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-09-21]
CHR Extension: (YouTube) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-09-21]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2020-08-18]
CHR Extension: (Search by Image (by Google)) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\dajedkncpodkggklbegccjpmnglmnflm [2017-09-21]
CHR Extension: (Tabulky) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-12]
CHR Extension: (Dokumenty Google offline) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-08-18]
CHR Extension: (FormApps Extension) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilfoopambfaclfjmpiaijnccgcmbeigi [2020-01-03]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-04]
CHR Extension: (Gmail) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-30]
CHR Extension: (Chrome Media Router) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-07-17]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [247152 2008-12-31] (CyberLink -> )
S2 ssinstall; C:\WINDOWS\SysWOW64\ssins.exe [4058496 2018-01-04] (PS Media s.r.o. -> PS Media s.r.o.)
R2 ST2012_Svc; C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe [3292416 2017-03-16] (Crawler Group, LLC -> Crawler Group, LLC)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2007.8-0\NisSrv.exe [2169568 2020-08-17] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2007.8-0\MsMpEng.exe [128376 2020-08-17] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
R3 AsusTP; C:\WINDOWS\System32\drivers\AsusTP.sys [128024 2017-03-09] (ASUSTeK Computer Inc. -> ASUS Corporation)
R1 ATKWMIACPIIO; C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [20096 2015-05-08] (Microsoft Windows Hardware Compatibility Publisher -> ASUSTek Computer Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [231936 2019-09-11] (Microsoft Corporation) [File not signed]
R3 GPIO; C:\WINDOWS\System32\drivers\iaiogpioe.sys [51128 2015-10-29] (WDKTestCert sys_dpebuild,130674149657513416 -> Intel Corporation)
R3 HIDSwitch; C:\WINDOWS\System32\drivers\AsRadioControl.sys [32680 2019-08-07] (ASUSTek Computer Inc. -> ASUS)
R1 MpKslDrv; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{F0DE4FF2-32BC-4047-AD1C-EC80FA74D485}\MpKslDrv.sys [73952 2020-08-20] (Microsoft Windows -> Microsoft Corporation)
R2 sp_rsdrv2; C:\WINDOWS\System32\DRIVERS\stflt.sys [51496 2011-08-24] (Crawler, LLC -> Windows (R) Win 7 DDK provider)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 USB28xxBGA; C:\WINDOWS\system32\DRIVERS\emBDA64.sys [644608 2008-05-14] (Microsoft Windows Hardware Compatibility Publisher -> eMPIA Technology, Inc.)
S3 USB28xxOEM; C:\WINDOWS\system32\DRIVERS\emOEM64.sys [352384 2008-05-14] (Microsoft Windows Hardware Compatibility Publisher -> eMPIA Technology, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [78216 2020-08-17] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [430320 2020-08-17] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [98520 2020-08-17] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-08-21 14:55 - 2020-08-21 15:00 - 000021122 _____ C:\Users\user\Downloads\FRST.txt
2020-08-21 14:54 - 2020-08-21 14:58 - 000000000 ____D C:\FRST
2020-08-21 14:53 - 2020-08-21 14:53 - 002297344 _____ (Farbar) C:\Users\user\Downloads\FRST64.exe
2020-08-20 23:11 - 2020-08-20 23:12 - 225234928 _____ C:\Users\user\Downloads\Proc bychom se netopili 06. Vodácký ráj.avi
2020-08-20 16:19 - 2020-08-20 16:22 - 000689404 _____ C:\WINDOWS\Minidump\082020-51765-01.dmp
2020-08-20 16:05 - 2020-08-20 16:12 - 000748564 _____ C:\WINDOWS\Minidump\082020-53593-01.dmp
2020-08-20 15:50 - 2020-08-20 16:19 - 458221783 _____ C:\WINDOWS\MEMORY.DMP
2020-08-20 15:50 - 2020-08-20 16:19 - 000000000 ____D C:\WINDOWS\Minidump
2020-08-20 15:50 - 2020-08-20 16:01 - 001229868 _____ C:\WINDOWS\Minidump\082020-43453-01.dmp
2020-08-18 23:54 - 2020-08-18 23:54 - 000000000 ___HD C:\$WinREAgent
2020-07-23 16:55 - 2020-07-23 16:59 - 1181991576 _____ C:\Users\user\Downloads\Slunečná 40--Hra o jablka--.avi

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-08-21 15:00 - 2019-03-19 06:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-08-21 14:48 - 2017-09-14 07:53 - 000000000 __SHD C:\Users\user\IntelGraphicsProfiles
2020-08-21 05:10 - 2017-09-21 11:38 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-08-20 23:10 - 2019-08-09 23:18 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-08-20 23:01 - 2019-08-09 23:53 - 000028578 _____ C:\WINDOWS\diagwrn.xml
2020-08-20 23:01 - 2019-08-09 23:53 - 000028578 _____ C:\WINDOWS\diagerr.xml
2020-08-20 21:00 - 2019-03-19 06:37 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2020-08-20 20:59 - 2019-03-19 06:50 - 000000000 ____D C:\WINDOWS\INF
2020-08-20 20:45 - 2019-12-07 17:24 - 000000000 ___HD C:\$WINDOWS.~BT
2020-08-20 20:45 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\Registration
2020-08-20 19:56 - 2019-08-02 20:06 - 000000000 ___DC C:\WINDOWS\Panther
2020-08-20 19:56 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\oobe
2020-08-20 17:22 - 2019-03-19 06:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-08-20 17:22 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-08-20 16:19 - 2019-08-09 23:58 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-08-20 15:54 - 2019-03-19 06:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-08-20 15:28 - 2020-04-18 08:05 - 000002354 _____ C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-08-20 15:28 - 2019-08-09 23:58 - 000003372 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-294688221-398494315-872949276-1001
2020-08-20 15:28 - 2017-05-04 21:19 - 000000000 ___RD C:\Users\user\OneDrive
2020-08-19 16:22 - 2020-07-17 01:09 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-08-19 16:22 - 2020-07-17 01:09 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2020-08-18 16:18 - 2020-05-11 18:05 - 000004450 _____ C:\WINDOWS\system32\Tasks\Opera scheduled assistant Autoupdate 1589213150
2020-08-18 16:18 - 2017-10-02 18:08 - 000001392 _____ C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2020-08-17 20:38 - 2019-08-09 23:58 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2020-08-17 20:36 - 2017-12-27 20:05 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-08-17 20:29 - 2018-03-02 16:30 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd

==================== Files in the root of some directories ========

2018-12-12 18:37 - 2018-12-12 18:37 - 000000017 _____ () C:\Users\user\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================