Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-12-2020
Ran by pavel (administrator) on HP-NOTEBOOK (Hewlett-Packard HP Pavilion 15 Notebook PC) (21-12-2020 07:27:15)
Running from C:\Users\pavel\Desktop
Loaded Profiles: pavel
Platform: Windows 10 Home Version 1909 18363.1256 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(CyberLink Corp. -> CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler64.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Miroslav Topolar -> Mister Group) C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe
(Miroslav Topolar -> Mister Group) C:\Program Files (x86)\System Explorer\SystemExplorer.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8520448 2016-01-25] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmdS.exe [175504 2020-11-04] (ESET, spol. s r.o. -> ESET)
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [8027016 2016-11-21] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [YouCam Service] => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [267224 2013-05-22] (CyberLink Corp. -> CyberLink Corp.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-03-15] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [664848 2016-04-26] (Hewlett-Packard Company -> HP Inc.)
HKLM-x32\...\Run: [SystemExplorerAutoStart] => "C:\Program Files (x86)\System Explorer\SystemExplorer.exe" /TRAY
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-3918838338-3960886078-381721580-1002\...\Run: [Zoner Photo Studio Autoupdate] => C:\PROGRAM FILES\ZONER\PHOTO STUDIO 17\Program32\ZPSTRAY.EXE [563416 2015-07-12] (ZONER software, a.s. -> ZONER software)
HKU\S-1-5-21-3918838338-3960886078-381721580-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [32414392 2020-12-08] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-3918838338-3960886078-381721580-1002\...\MountPoints2: {a7f4a676-d2d3-11e8-bf9d-a0481c04b42d} - "F:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-3918838338-3960886078-381721580-1002\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Mystify.scr [152576 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Print\Monitors\HP Universal Port Monitor: C:\WINDOWS\system32\hpbprtmon.dll [365568 2012-12-01] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\87.0.4280.88\Installer\chrmstp.exe [2020-12-08] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{538C240D-3DEE-4032-AB4C-08A3A6EB0861}] -> C:\Program Files (x86)\CyberLink\YouCam\CLCredProv\x64\CLCredProv.dll [2013-05-22] (CyberLink Corp. -> CyberLink)
Startup: C:\Users\pavel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Odeslat do OneNote.lnk [2016-02-12]
ShortcutTarget: Odeslat do OneNote.lnk -> C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {094CD275-5C71-4753-B57E-5566CA859498} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {0CC22F0C-6860-469C-9776-A54BB21FEAB5} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_321_Plugin.exe
Task: {0F6DBBD1-1FA5-490B-A482-1F43FCC689E6} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {12A46C22-3CDB-444E-AC32-79965FFD38F1} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\WSCStub.exe
Task: {137E96EF-BA66-4330-A246-DE52DEECC92A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-08-20] (Google Inc -> Google LLC)
Task: {20068C8B-7756-4E25-B12E-31EE3287926A} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111576 2013-08-05] (CyberLink Corp. -> CyberLink)
Task: {264C681E-C178-474F-AD80-3B164A91C2F1} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-01-23] (Adobe Inc. -> Adobe)
Task: {2A657D64-8D22-4D89-A576-31A5A6BD4291} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-12-08] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {32D132CA-7A60-4B9D-BF58-5D0A5523CB6A} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\SymErr.exe
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {3816EB00-1C33-4601-BDE7-350884623F1C} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {53A0D7D2-BB80-49E2-B692-D0AADB64F781} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {5D00276F-B217-40ED-90BF-A6305860B4C4} - System32\Tasks\Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [1344312 2013-09-10] (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.)
Task: {650AB914-2390-4F25-AF81-8760A898EDDF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-08-20] (Google Inc -> Google LLC)
Task: {6662012F-97B5-41EC-9073-0997FC4ED638} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload => {EBF00FCB-0769-4B81-9BEC-6C05514111AA}
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task => {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task => {1B1F472E-3221-4826-97DB-2C2324D389AE}
Task: {8B6759EE-1C08-4B8F-955C-774AB5A6544E} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {929860FD-16DC-440D-B2FA-BBFFED9E2C28} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [26896568 2020-12-08] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {B0A5DECA-0A8C-4AD2-B8B5-8E6A51F108D3} - System32\Tasks\AMHelper => C:\Program Files (x86)\Zemana\AntiMalware\AntiMalware.exe [658808 2020-07-29] (Zemana D.O.O. Sarajevo -> Zemana Ltd.)
Task: {BC5D2AFA-C135-479E-82B6-9F8AA821A985} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\SymErr.exe
Task: {BF449F4B-3CFE-4D7F-A63A-9AC72A2856FA} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [1626328 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {C48C876D-FF20-4465-BCF5-1C025F0BAF1D} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [670928 2020-11-24] (Mozilla Corporation -> Mozilla Foundation)
Task: {C598624D-BD81-4A62-AE6B-249725B3593E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {C9DCF59E-6B97-4C0C-8641-B8261089C8CA} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {DB21EF32-6BA9-4118-BBC1-BC4FF48961E5} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {E8542BE1-DA48-472D-BD9B-0E31A80944EB} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1349200 2020-11-03] (Adobe Inc. -> Adobe Inc.)
Task: {FA71B707-1C28-4CCF-AE4B-FF417AE5A110} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [4179040 2016-12-27] (Synaptics Incorporated -> Synaptics Incorporated)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{038f7e5f-e8de-4605-a88f-ced0b9e98ef0}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{5f2941c4-5923-4503-b07b-e2fa9fc7b94a}: [NameServer] 93.153.117.49 93.153.117.17
Tcpip\..\Interfaces\{6e022eca-19cf-495d-a3f2-f808e3546514}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{7f81166a-55fd-4d45-ab93-45f2cb20b5ef}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{e48445fd-a674-44c8-90f2-5d1de027fd06}: [DhcpNameServer] 192.168.0.1

Edge: 
======
DownloadDir: C:\Users\pavel\Downloads
Edge HomeButtonPage: HKU\S-1-5-21-3918838338-3960886078-381721580-1002 -> hxxp://www.seznam.cz/

FireFox:
========
FF DefaultProfile: pwagzewt.default-1477852366809-1562178163121
FF ProfilePath: C:\Users\pavel\AppData\Roaming\Mozilla\Firefox\Profiles\pwagzewt.default-1477852366809-1562178163121 [2020-12-21]
FF Homepage: Mozilla\Firefox\Profiles\pwagzewt.default-1477852366809-1562178163121 -> seznam.cz
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_321.dll [2020-01-23] (Adobe Inc. -> )
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_321.dll [2020-01-23] (Adobe Inc. -> )
FF Plugin-x32: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-06-26] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-06-26] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-08-27] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-12-07] (Adobe Inc. -> Adobe Systems Inc.)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\eset_security_config_overlay.js [2020-12-20]

Chrome: 
=======
CHR Profile: C:\Users\pavel\AppData\Local\Google\Chrome\User Data\Default [2020-12-21]
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/"
CHR Extension: (Prezentace) - C:\Users\pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-08-20]
CHR Extension: (Dokumenty) - C:\Users\pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-08-20]
CHR Extension: (Disk Google) - C:\Users\pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-24]
CHR Extension: (YouTube) - C:\Users\pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-08-20]
CHR Extension: (Tabulky) - C:\Users\pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-08-20]
CHR Extension: (Dokumenty Google offline) - C:\Users\pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-11-17]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-04]
CHR Extension: (Gmail) - C:\Users\pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-23]
CHR Extension: (Chrome Media Router) - C:\Users\pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-12-08]
CHR Profile: C:\Users\pavel\AppData\Local\Google\Chrome\User Data\System Profile [2020-12-21]
CHR HKU\S-1-5-21-3918838338-3960886078-381721580-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bbjllphbppobebmjpjcijfbakobcheof]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [155016 2016-11-21] (Advanced Micro Devices, Inc. -> )
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [170056 2020-11-03] (Adobe Inc. -> Adobe Inc.)
S4 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-01-23] (Adobe Inc. -> Adobe)
S4 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-07-04] (Advanced Micro Devices, Inc.) [File not signed]
S4 ClassicShellService; C:\Program Files\Classic Shell\ClassicShellService.exe [68608 2013-04-07] (IvoSoft) [File not signed]
S4 CyberLink PowerDVD 12 Media Server Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [77576 2013-09-05] (CyberLink Corp. -> CyberLink)
S4 CyberLink PowerDVD 12 Media Server Service; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [298760 2013-09-05] (CyberLink Corp. -> CyberLink)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2595360 2020-11-04] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [2595360 2020-11-04] (ESET, spol. s r.o. -> ESET)
S4 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1128992 2017-12-12] (HP Inc. -> HP)
S4 HPWMISVC; C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [606224 2016-04-18] (Hewlett-Packard Company -> HP Inc.)
S4 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [190784 2018-08-23] (Huawei Technologies Co., Ltd. -> ) [File not signed]
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7185288 2020-10-16] (Malwarebytes Inc -> Malwarebytes)
R3 SystemExplorerHelpService; C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe [820960 2014-12-20] (Miroslav Topolar -> Mister Group)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1908.7-0\NisSrv.exe [3630832 2019-09-26] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1908.7-0\MsMpEng.exe [103168 2019-09-26] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 amsdk; C:\WINDOWS\system32\drivers\amsdk.sys [232792 2019-12-11] (Zemana D.O.O. Sarajevo -> Copyright 2018.)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [160992 2020-10-26] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [109360 2020-10-26] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15288 2020-09-08] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [190464 2020-10-26] (ESET, spol. s r.o. -> ESET)
R2 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [43720 2020-10-26] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [70048 2020-10-26] (ESET, spol. s r.o. -> ESET)
S1 EpfwLWF; C:\WINDOWS\system32\DRIVERS\EpfwLWF.sys [44632 2015-03-10] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [107784 2020-10-26] (ESET, spol. s r.o. -> ESET)
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2018-08-23] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 Ltn_stk7070P_64; C:\WINDOWS\system32\DRIVERS\Ltn_stk7070P_64.sys [543232 2007-06-14] (Microsoft Windows Hardware Compatibility Publisher -> LITEON)
S3 Ltn_stkrc_64; C:\WINDOWS\System32\drivers\Ltn_stkrc_64.sys [16256 2007-06-13] (Microsoft Windows Hardware Compatibility Publisher -> LITEON)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [218112 2020-11-10] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-10-16] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2020-11-10] (Malwarebytes Inc -> Malwarebytes)
R2 npf; C:\WINDOWS\system32\drivers\npf.sys [36600 2019-07-16] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
R3 RSP2STOR; C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys [310528 2015-06-05] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
S3 RT-USB; C:\WINDOWS\system32\drivers\RT-USB64.SYS [70984 2010-06-16] (Ross-Tech, LLC -> Ross-Tech LLC)
R3 rtbth; C:\WINDOWS\System32\drivers\rtbth.sys [1219200 2015-06-03] (MEDIATEK INC. -> Ralink Technology, Corp.)
S3 Ser2pl; C:\WINDOWS\system32\DRIVERS\ser2pl64.sys [154624 2012-04-02] (Microsoft Windows Hardware Compatibility Publisher -> Prolific Technology Inc.)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 ssudserd; C:\WINDOWS\system32\DRIVERS\ssudserd.sys [165504 2016-09-05] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46472 2019-09-26] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [346336 2019-09-26] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [53984 2019-09-26] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [34944 2018-05-11] (HP Inc. -> HP)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-12-21 07:27 - 2020-12-21 07:29 - 000021974 _____ C:\Users\pavel\Desktop\FRST.txt
2020-12-17 15:18 - 2020-12-17 15:18 - 000000000 ____D C:\WINDOWS\Panther
2020-12-15 19:13 - 2020-12-15 19:13 - 000031135 _____ C:\Users\pavel\Desktop\winupdate.7z
2020-12-10 00:54 - 2020-12-10 00:54 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncpa.cpl
2020-12-10 00:54 - 2020-12-10 00:54 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncpa.cpl
2020-12-10 00:54 - 2020-12-10 00:54 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2020-12-10 00:54 - 2020-12-10 00:54 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2020-12-10 00:54 - 2020-12-10 00:54 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2020-12-10 00:54 - 2020-12-10 00:54 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2020-12-10 00:54 - 2020-12-10 00:54 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2020-12-10 00:54 - 2020-12-10 00:54 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2020-12-10 00:54 - 2020-12-10 00:54 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2020-12-10 00:54 - 2020-12-10 00:54 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2020-12-10 00:54 - 2020-12-10 00:54 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth18.bin
2020-12-10 00:54 - 2020-12-10 00:54 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth17.bin
2020-12-10 00:54 - 2020-12-10 00:54 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth16.bin
2020-12-10 00:54 - 2020-12-10 00:54 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth15.bin
2020-12-10 00:54 - 2020-12-10 00:54 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2020-12-10 00:54 - 2020-12-10 00:54 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2020-12-10 00:54 - 2020-12-10 00:54 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2020-12-10 00:54 - 2020-12-10 00:54 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2020-12-09 19:11 - 2020-12-09 19:11 - 006215803 _____ C:\Users\pavel\Downloads\popelka.mp4.1756d599098afc37f3c6bd83a70f6d2c.mp4
2020-12-05 23:08 - 2020-12-21 07:27 - 000000000 ____D C:\Users\pavel\Desktop\FRST-OlderVersion
2020-12-05 11:24 - 2020-12-05 11:24 - 002304298 _____ C:\Users\pavel\Downloads\video-df707e2eb6a0c18affe23822e071d4d5-V.mp4.a8bd14af92bf72abeadac20eb7eb3bc2.mp4
2020-11-24 20:40 - 2020-11-24 20:40 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2020-11-24 20:13 - 2020-11-24 20:13 - 001466048 _____ C:\Users\pavel\Downloads\vecteezy_set-of-little-bee-insect-mascot-vector-illustration-best-vector-for-any-kind-of-projects-and-use-enjoy_211494.zip
2020-11-24 20:13 - 2020-11-24 20:13 - 000000000 ____D C:\Users\pavel\Downloads\vecteezy_set-of-little-bee-insect-mascot-vector-illustration-best-vector-for-any-kind-of-projects-and-use-enjoy_211494
2020-11-24 20:01 - 2020-11-24 20:01 - 000092884 _____ C:\Users\pavel\Downloads\E0009844.zip
2020-11-24 20:01 - 2020-11-24 20:01 - 000000000 ____D C:\Users\pavel\Downloads\E0009844
2020-11-23 15:40 - 2020-11-23 15:47 - 000000000 ____D C:\Users\pavel\Documents\Plocha23_11_2020
2020-11-21 14:26 - 2020-11-21 14:26 - 000055515 _____ C:\Users\pavel\Downloads\193847090287_11_ucet_20201120.pdf

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-12-21 07:28 - 2019-12-11 18:42 - 000232523 _____ C:\WINDOWS\ZAM.krnl.trace
2020-12-21 07:28 - 2019-03-30 17:17 - 000000000 ____D C:\FRST
2020-12-21 07:27 - 2020-11-13 19:40 - 002286592 _____ (Farbar) C:\Users\pavel\Desktop\FRST64.exe
2020-12-21 07:25 - 2017-04-20 18:01 - 000000000 ____D C:\Program Files\CCleaner
2020-12-21 07:21 - 2019-08-20 18:57 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-12-21 04:35 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-12-21 02:54 - 2019-08-20 19:52 - 000004202 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{9149FFDB-5129-47A0-8573-B419D36BE80D}
2020-12-20 22:05 - 2016-11-15 15:00 - 000000000 ____D C:\Users\pavel\AppData\LocalLow\Mozilla
2020-12-20 22:02 - 2014-06-05 21:49 - 000000000 ____D C:\ProgramData\Mozilla
2020-12-20 14:35 - 2019-08-20 19:52 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-12-19 11:56 - 2019-03-19 05:50 - 000000000 ____D C:\WINDOWS\INF
2020-12-19 11:24 - 2019-08-20 19:15 - 000000000 ____D C:\Users\pavel
2020-12-18 14:45 - 2018-01-20 19:36 - 000000000 ____D C:\Users\pavel\AppData\Local\Packages
2020-12-17 15:16 - 2019-03-19 05:37 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2020-12-17 15:16 - 2016-10-04 19:29 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2020-12-16 21:49 - 2019-08-20 19:52 - 000003370 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3918838338-3960886078-381721580-1002
2020-12-16 21:49 - 2019-08-20 19:15 - 000002410 _____ C:\Users\pavel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-12-16 21:49 - 2015-01-22 19:15 - 000000000 ___RD C:\Users\pavel\OneDrive
2020-12-15 21:59 - 2018-07-06 18:17 - 000000000 ____D C:\Users\pavel\AppData\Local\D3DSCache
2020-12-13 01:11 - 2018-05-23 20:32 - 000000000 ____D C:\Program Files (x86)\T-Mobile
2020-12-13 01:10 - 2018-05-25 17:25 - 000000000 ____D C:\Program Files (x86)\DataCardService
2020-12-12 03:00 - 2019-08-20 19:52 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2020-12-10 15:52 - 2019-10-04 18:30 - 000002143 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-12-10 15:51 - 2019-08-20 19:52 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2020-12-10 01:34 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SystemResources
2020-12-10 01:34 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-12-10 01:34 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-12-10 01:17 - 2014-04-06 18:44 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2020-12-10 01:03 - 2012-07-26 06:26 - 000000177 _____ C:\WINDOWS\win.ini
2020-12-10 01:01 - 2019-03-19 05:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-12-08 02:54 - 2019-08-20 15:09 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-12-08 02:54 - 2019-08-20 15:09 - 000002267 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-12-04 02:47 - 2019-08-20 19:52 - 000003472 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2020-12-04 02:47 - 2019-08-20 19:52 - 000003348 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2020-12-02 17:17 - 2019-12-11 18:42 - 000000000 ____D C:\Users\pavel\AppData\Local\AMSDK
2020-11-26 17:33 - 2016-11-15 14:56 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-11-26 17:33 - 2014-08-01 19:16 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-11-25 10:02 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2020-11-24 20:40 - 2016-10-30 19:28 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-11-23 16:33 - 2019-08-20 19:33 - 001847136 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-11-23 16:33 - 2019-03-19 12:55 - 000752292 _____ C:\WINDOWS\system32\perfh005.dat
2020-11-23 16:33 - 2019-03-19 12:55 - 000162732 _____ C:\WINDOWS\system32\perfc005.dat
2020-11-23 15:59 - 2014-05-17 13:34 - 000000000 ____D C:\Users\pavel\AppData\Local\CrashDumps

==================== Files in the root of some directories ========

2014-04-02 17:50 - 2020-01-23 19:26 - 000007596 _____ () C:\Users\pavel\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================