Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 28-02-2021
Ran by Jana (administrator) on DESKTOP-K0771V3 (Acer TravelMate P236-M) (11-03-2021 19:48:50)
Running from C:\Users\Jana\Desktop
Loaded Profiles: Jana
Platform: Windows 10 Pro Version 2004 19041.867 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Canon Inc. -> ) C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(CANON INC. -> CANON INC.) C:\Windows\System32\spool\drivers\x64\3\CNAB9SWK.EXE
(CANON INC. -> CANON INC.) C:\Windows\System32\spool\drivers\x64\3\CNAP2LAK.EXE
(CANON INC. -> CANON INC.) C:\Windows\System32\spool\drivers\x64\3\CNAP2RPK.EXE
(Cisco Systems, Inc. -> Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Cisco Systems, Inc. -> Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
(Fortemedia Inc -> ) C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
(Garmin International, Inc. -> Garmin Ltd. or its subsidiaries) C:\Program Files (x86)\Garmin\Express\express.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12011.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.3-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.3-0\NisSrv.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Palo Alto Networks -> Palo Alto Networks) C:\Program Files\Palo Alto Networks\GlobalProtect\PanGPA.exe
(Palo Alto Networks -> Palo Alto Networks) C:\Program Files\Palo Alto Networks\GlobalProtect\PanGPS.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(The CefSharp Authors) [File not signed] C:\Program Files (x86)\Garmin\Express\CefSharp.BrowserSubprocess.exe <2>

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13774040 2014-10-23] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2778352 2014-01-24] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM\...\Run: [CNAP2 Launcher] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\CNAP2LAK.EXE [226784 2010-10-15] (CANON INC. -> CANON INC.)
HKLM\...\Run: [GlobalProtect] => C:\Program Files\Palo Alto Networks\GlobalProtect\PanGPA.exe [10461536 2020-12-21] (Palo Alto Networks -> Palo Alto Networks)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1314432 2016-06-09] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [1321984 2018-09-05] (Cisco Systems, Inc. -> Cisco Systems, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706680 2020-12-09] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-4231605328-2702621440-1631892647-1001\...\Run: [Viber] => C:\Users\Jana\AppData\Local\Viber\Viber.exe [47907032 2021-02-25] (Viber Media S.à r.l. -> Viber Media S.Ã  r.l.)
HKU\S-1-5-21-4231605328-2702621440-1631892647-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [109945728 2021-02-12] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-4231605328-2702621440-1631892647-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [32726088 2021-03-05] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-4231605328-2702621440-1631892647-1001\...\Run: [GarminExpress] => C:\Program Files (x86)\Garmin\Express\express.exe [31163808 2021-02-16] (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-4231605328-2702621440-1631892647-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\ssText3d.scr [224768 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Print\Monitors\CNAP2 Monitor: C:\WINDOWS\system32\CNAP2LMD.DLL [486400 2012-09-02] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\CPCA Language Monitor3b: C:\WINDOWS\system32\CNAS0MOK.DLL [1006080 2012-08-09] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\89.0.4389.82\Installer\chrmstp.exe [2021-03-05] (Google LLC -> Google LLC)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {03981D97-58CA-419D-97CE-0C7C26869555} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {1660F6C6-8A50-471B-BE19-DA0CB9C062BA} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-02-16] (Piriform Software Ltd -> Piriform)
Task: {3C6CFDD9-F4CB-4000-921D-9ABC7BA65263} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4071344 2021-02-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {430FD10C-E941-480C-80D1-B08AB546B62B} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23063424 2021-02-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {4B541906-C15F-46FD-A4AF-A0840E32A913} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [694752 2021-03-01] (Mozilla Corporation -> Mozilla Foundation)
Task: {4D05157C-9166-4179-8F9F-03DB09041803} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {4D7576F3-D028-4FFF-ACAC-E8A50F9CC393} - System32\Tasks\{D82EA7DA-35DF-4313-BD68-232051922082} => "c:\program files\internet explorer\iexplore.exe" https://ui.skype.com/ui/0/7.31.80.104/cs/go/help.faq.installer?LastError=1618
Task: {55486BB0-6F29-42BB-8956-1E7E8E67C526} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4071344 2021-02-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {5F5F4FBD-DFED-4B27-9635-AEBF93BD56C7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2102.3-0\MpCmdRun.exe [566376 2021-03-06] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {6A3DAA01-E015-4EBB-9708-F62871DC1507} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [116616 2021-02-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {6C51474D-0998-46FC-88F8-8389785564DB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2102.3-0\MpCmdRun.exe [566376 2021-03-06] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {76E5F701-5325-403C-9E3C-C1CB2DA4137D} - System32\Tasks\Microsoft\Office\Office Serviceability Manager => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\officesvcmgr.exe [4136032 2021-02-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {A58F1B76-2033-4C78-AEB6-38B907C552A5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-01-22] (Google Inc -> Google Inc.)
Task: {A7F3FC6C-AB82-401A-87F7-4848AF6B93FD} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [116616 2021-02-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {AEA08D91-0748-4A20-8955-344011EAA6E5} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [27168840 2021-03-05] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {C605ABF9-CE0A-4C0A-8558-BCA1989BF6A0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-01-22] (Google Inc -> Google Inc.)
Task: {D3ED6936-30A5-41A8-A300-19239ACCBCA4} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23063424 2021-02-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {DE4169F0-179D-4743-9955-A48109456F89} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2102.3-0\MpCmdRun.exe [566376 2021-03-06] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E1EA6F36-5F50-4511-A99A-1AED29842CF5} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {EABA3F3C-F6A7-4262-A0D0-36CE165F50A9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2102.3-0\MpCmdRun.exe [566376 2021-03-06] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F66D5F21-A1E1-4210-93BA-8F7A724801A1} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [40864 2021-02-16] (Garmin International, Inc. -> )

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{1f01f0dd-9c06-4f03-a427-224128675c83}: [NameServer] 137.208.10.20,137.208.20.30
Tcpip\..\Interfaces\{35281c19-28b0-4613-aebc-220cac8e37c4}: [DhcpNameServer] 192.168.15.250 10.255.255.10 10.255.255.20
Tcpip\..\Interfaces\{7237886f-6278-4ffd-bc97-f16495a7857a}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{d91b168d-b766-44f1-a48e-66a353b64d1a}: [NameServer] 137.208.10.20,137.208.20.30

Edge: 
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Jana\AppData\Local\Microsoft\Edge\User Data\Default [2021-03-09]

FireFox:
========
FF DefaultProfile: r37989nx.default
FF ProfilePath: C:\Users\Jana\AppData\Roaming\Mozilla\Firefox\Profiles\r37989nx.default [2021-03-11]
FF Plugin: @java.com/DTPlugin,version=11.281.2 -> C:\Program Files\Java\jre1.8.0_281\bin\dtplugin\npDeployJava1.dll [2021-01-27] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.281.2 -> C:\Program Files\Java\jre1.8.0_281\bin\plugin2\npjp2.dll [2021-01-27] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-02-12] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-12-14] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-02-25] (Adobe Inc. -> Adobe Systems Inc.)

Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default [2021-03-11]
CHR Notifications: Default -> hxxps://www.mp3hub.com; hxxps://www.netflix.com; hxxps://www.noen.at; hxxps://www.sat1.at; hxxps://www.youtube.com; hxxps://zvcf.artnewsupdate.info
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/"
CHR Extension: (Präsentationen) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (Docs) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Google Drive) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-24]
CHR Extension: (YouTube) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-01-22]
CHR Extension: (Adblock Plus - kostenloser Adblocker) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2021-01-31]
CHR Extension: (Adobe Acrobat) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2021-03-01]
CHR Extension: (Tabellen) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
CHR Extension: (Google Docs Offline) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-02-25]
CHR Extension: (AdBlock – der beste Ad-Blocker) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2021-03-01]
CHR Extension: (Google Kalender) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmbgaklkmjakoegficnlkhebmhkjfich [2021-01-11]
CHR Extension: (Chrome-Erweiterung für Google Notizen) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpcaedmchfhocbbapmcbpinfpgnhiddi [2021-03-10]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-31]
CHR Extension: (Amazon Assistant für Chrome) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam [2021-03-10]
CHR Extension: (Frozen Sven Theme HD) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\phfmmbjfjhhgebfghoiijingjcmpabed [2017-01-22]
CHR Extension: (Google Mail) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-23]
CHR Extension: (Chrome Media Router) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-03-03]
CHR Profile: C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Guest Profile [2021-03-09]
CHR Profile: C:\Users\Jana\AppData\Local\Google\Chrome\User Data\System Profile [2021-03-09]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8960392 2021-02-05] (Microsoft Corporation -> Microsoft Corporation)
S4 DialogBlockingService; C:\WINDOWS\System32\DialogBlockingService.dll [76288 2021-03-09] (Microsoft Windows -> Microsoft Corporation)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [84616 2013-06-28] (Canon Inc. -> )
S3 OfficeSvcManagerAddons; C:\WINDOWS\system32\dllhost.exe /Processid:{2CA2E202-932F-4BA2-8771-195BB86398F5} [21312 2020-11-05] (Microsoft Windows -> Microsoft Corporation)
S3 OfficeSvcManagerAddons; C:\WINDOWS\system32\dllhost.exe /Processid:{2CA2E202-932F-4BA2-8771-195BB86398F5} [21312 2020-11-05] (Microsoft Windows -> Microsoft Corporation)
R2 PanGPS; C:\Program Files\Palo Alto Networks\GlobalProtect\PanGPS.exe [6881120 2020-12-21] (Palo Alto Networks -> Palo Alto Networks)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5352528 2021-03-09] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2102.3-0\NisSrv.exe [2483624 2021-03-06] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2102.3-0\MsMpEng.exe [128392 2021-03-06] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 DSI_SiUSBXp_3_1; C:\WINDOWS\system32\drivers\DSI_SiUSBXp_3_1.sys [16384 2007-09-06] (Microsoft Windows Hardware Compatibility Publisher -> Silicon Laboratories)
S3 hwdatacard; C:\WINDOWS\System32\drivers\ewusbmdm.sys [115328 2008-09-26] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 PanGpd; C:\WINDOWS\system32\DRIVERS\pangpd.sys [67744 2020-12-21] (Palo Alto Networks -> Palo Alto Networks Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49544 2021-03-06] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [26880 2015-11-12] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [420088 2021-03-06] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [72952 2021-03-06] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessKeyboardFilter; C:\WINDOWS\System32\drivers\WirelessKeyboardFilter.sys [49336 2018-03-11] (Microsoft Corporation -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-03-11 19:48 - 2021-03-11 19:52 - 000019602 _____ C:\Users\Jana\Desktop\FRST.txt
2021-03-10 14:24 - 2021-03-10 14:26 - 000000000 ____D C:\AdwCleaner
2021-03-10 14:22 - 2021-03-10 14:22 - 008463216 _____ (Malwarebytes) C:\Users\Jana\Desktop\AdwCleaner.exe
2021-03-10 12:21 - 2021-03-10 12:21 - 000000000 ____D C:\Users\Jana\Downloads\zasilka-JAEEL4WBBKPBMS25
2021-03-10 12:14 - 2021-03-10 12:15 - 071974312 _____ C:\Users\Jana\Downloads\zasilka-JAEEL4WBBKPBMS25.zip
2021-03-10 11:18 - 2021-03-10 11:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin
2021-03-10 10:07 - 2021-03-10 10:07 - 000018123 _____ C:\Users\Jana\Desktop\FRST.rar
2021-03-10 10:04 - 2021-03-10 10:24 - 000000000 ____D C:\Users\Jana\Desktop\FRST
2021-03-10 09:48 - 2021-03-11 19:50 - 000000000 ____D C:\FRST
2021-03-10 09:43 - 2021-03-10 09:43 - 002301440 _____ (Farbar) C:\Users\Jana\Desktop\FRST64.exe
2021-03-10 00:07 - 2021-03-10 12:29 - 000017408 _____ C:\WINDOWS\SysWOW64\rpcnetp.dll
2021-03-09 23:53 - 2021-03-09 23:53 - 000480256 _____ C:\WINDOWS\system32\AssignedAccessCsp.dll
2021-03-09 23:52 - 2021-03-09 23:52 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-03-09 23:52 - 2021-03-09 23:52 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-03-09 23:52 - 2021-03-09 23:52 - 001314128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-03-09 23:52 - 2021-03-09 23:52 - 000011359 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-03-09 23:51 - 2021-03-09 23:51 - 001163776 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-03-09 23:51 - 2021-03-09 23:51 - 000611952 _____ C:\WINDOWS\SysWOW64\TextShaping.dll
2021-03-09 23:50 - 2021-03-09 23:50 - 001822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-03-09 23:50 - 2021-03-09 23:50 - 001394024 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-03-09 23:50 - 2021-03-09 23:50 - 000707016 _____ C:\WINDOWS\system32\TextShaping.dll
2021-03-09 23:50 - 2021-03-09 23:50 - 000231248 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2021-03-09 23:50 - 2021-03-09 23:50 - 000091136 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-03-09 23:03 - 2021-03-09 23:03 - 000001662 _____ C:\cc_20210309_230336.reg
2021-03-07 21:10 - 2021-03-07 21:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Palo Alto Networks
2021-03-05 23:25 - 2021-03-05 23:25 - 003230339 _____ C:\Users\Jana\Downloads\30 pripadu majora Zemana - Bures.mp4
2021-03-04 21:30 - 2021-03-04 21:30 - 000088074 _____ C:\Users\Jana\Downloads\potvrzení.PDF
2021-03-03 21:28 - 2021-03-03 21:28 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-03-03 08:33 - 2021-03-03 08:33 - 000028652 _____ C:\cc_20210303_083303.reg
2021-03-01 22:39 - 2021-03-01 22:40 - 002226813 _____ C:\Users\Jana\Downloads\139727108_1102048663586675_6856960165664000690_n.mp4
2021-03-01 21:15 - 2021-03-08 19:44 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2021-02-28 21:55 - 2021-02-28 21:56 - 000000000 ____D C:\Users\Jana\AppData\Local\Viber
2021-02-25 12:20 - 2021-02-25 12:20 - 000039768 _____ C:\Users\Jana\Downloads\0ff8bd4e-3ebf-46a6-aa74-52c5c1ae0239.pdf
2021-02-24 22:17 - 2021-02-24 22:17 - 000136179 _____ C:\Users\Jana\Downloads\U07.1-1433152-2021_AKH_9010641748_3_1000013244663800457061_.pdf
2021-02-21 21:34 - 2021-02-21 21:34 - 000942142 _____ C:\Users\Jana\Documents\WKO Anet 21022021.pdf
2021-02-21 19:36 - 2021-02-21 19:36 - 000000000 ____D C:\Users\Jana\AppData\Roaming\KMP
2021-02-21 19:36 - 2021-02-21 19:36 - 000000000 ____D C:\Program Files\KMPlayer 64X
2021-02-21 13:47 - 2021-02-21 13:47 - 000052398 _____ C:\cc_20210221_134742.reg
2021-02-21 13:02 - 2021-02-21 13:07 - 050913824 _____ (PandoraTV) C:\Program Files\KMP64_2020.12.22.30.exe
2021-02-19 20:18 - 2021-02-19 20:19 - 007038324 _____ C:\Users\Jana\Downloads\54333425_2916158948659688_1407304976513233349_n.mp4
2021-02-18 10:25 - 2021-02-18 10:25 - 000011676 _____ C:\cc_20210218_102528.reg
2021-02-13 19:41 - 2021-02-13 19:41 - 001109572 _____ C:\Users\Jana\Downloads\video-1613237815.mp4
2021-02-12 19:51 - 2021-02-12 19:51 - 000136624 _____ C:\Users\Jana\Downloads\U07.1-1433152-2021_AKH_9010501985_6_1000013060338070837546_.pdf
2021-02-11 17:39 - 2021-02-11 17:39 - 000120996 _____ C:\Users\Jana\Downloads\Empfehlung zur Entlassung von COVID-19-Fällen aus der Absonderung_271221.pdf
2021-02-11 15:52 - 2021-02-11 15:52 - 000135802 _____ C:\Users\Jana\Downloads\U07.1-1433152-2021_AKH_9010501985_3_1000013042930660261925_.pdf

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-03-11 19:48 - 2017-01-22 23:08 - 000000000 ____D C:\Users\Jana\AppData\Roaming\ViberPC
2021-03-11 19:46 - 2020-11-05 04:55 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-03-11 15:28 - 2020-03-22 20:19 - 000000000 ____D C:\Program Files\CCleaner
2021-03-11 15:28 - 2017-01-02 09:56 - 000000000 ____D C:\Users\Jana\Documents\ViberDownloads
2021-03-10 23:46 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-03-10 19:58 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Registration
2021-03-10 14:11 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-03-10 14:11 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-03-10 12:30 - 2020-11-05 05:01 - 000000000 ____D C:\Users\Jana
2021-03-10 12:30 - 2017-05-22 12:14 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2021-03-10 12:30 - 2017-01-11 21:50 - 000000000 __SHD C:\Users\Jana\IntelGraphicsProfiles
2021-03-10 12:29 - 2020-11-05 05:30 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-03-10 12:29 - 2020-11-05 04:55 - 000008192 ___SH C:\DumpStack.log.tmp
2021-03-10 12:29 - 2017-05-22 12:11 - 000031536 _____ C:\WINDOWS\system32\wpbbin.exe
2021-03-10 12:29 - 2017-05-22 12:11 - 000017408 ____N C:\WINDOWS\SysWOW64\rpcnetp.exe
2021-03-10 12:29 - 2017-05-22 12:11 - 000017408 _____ C:\WINDOWS\system32\rpcnetp.exe
2021-03-10 12:29 - 2017-01-11 13:20 - 000073232 _____ (Absolute Software Corp.) C:\WINDOWS\SysWOW64\rpcnet.dll
2021-03-10 11:47 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-03-10 11:21 - 2017-09-14 10:23 - 000000000 ____D C:\ProgramData\Garmin
2021-03-10 11:18 - 2020-11-05 05:30 - 000003622 _____ C:\WINDOWS\system32\Tasks\GarminUpdaterTask
2021-03-10 11:18 - 2017-09-14 10:22 - 000000000 ____D C:\Program Files (x86)\Garmin
2021-03-10 11:18 - 2017-02-21 23:43 - 000000000 ____D C:\ProgramData\Package Cache
2021-03-10 10:39 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-03-10 09:47 - 2017-01-02 09:56 - 000000000 ____D C:\Users\Jana\Documents\JAJA
2021-03-10 08:44 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-03-10 00:13 - 2017-01-11 13:27 - 131005360 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-03-10 00:07 - 2020-11-05 04:55 - 000447224 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-03-10 00:04 - 2019-12-07 15:47 - 000000000 ___SD C:\WINDOWS\system32\AppV
2021-03-10 00:04 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-03-10 00:04 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-03-10 00:04 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-03-10 00:04 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-03-10 00:04 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-03-10 00:04 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-03-10 00:04 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-03-10 00:04 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-03-10 00:04 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-03-10 00:04 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-03-10 00:04 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-03-10 00:04 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-03-10 00:04 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-03-10 00:04 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-03-09 23:22 - 2020-11-04 01:23 - 000000000 ___HD C:\$WinREAgent
2021-03-08 19:44 - 2017-01-25 12:09 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-03-08 18:36 - 2018-05-21 18:51 - 000000000 ____D C:\Users\Jana\AppData\Local\PlaceholderTileLogoFolder
2021-03-08 18:36 - 2017-12-04 10:08 - 000000000 ____D C:\Users\Jana\AppData\Local\Packages
2021-03-08 18:35 - 2017-02-27 18:31 - 000000000 ____D C:\ProgramData\CanonIJPLM
2021-03-07 21:09 - 2020-11-02 22:05 - 000000057 _____ C:\WINDOWS\system32\null
2021-03-06 11:49 - 2020-06-04 20:17 - 000002423 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-03-06 11:46 - 2018-02-22 08:38 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-03-06 11:39 - 2020-11-05 05:30 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-03-05 23:14 - 2017-01-22 20:42 - 000002297 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-03-05 16:30 - 2020-11-30 09:23 - 000003490 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6b32967e4191e
2021-03-05 16:30 - 2020-11-05 05:30 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-03-03 21:41 - 2019-02-13 14:53 - 000000000 ____D C:\ProgramData\Mozilla
2021-03-03 21:41 - 2017-01-25 12:10 - 000000000 ____D C:\Users\Jana\AppData\LocalLow\Mozilla
2021-03-02 00:31 - 2017-01-23 17:44 - 000002140 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-02-28 22:00 - 2020-11-05 05:30 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4231605328-2702621440-1631892647-1001
2021-02-28 21:58 - 2020-11-05 05:01 - 000002366 _____ C:\Users\Jana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-02-28 21:58 - 2017-01-11 21:52 - 000000000 ___RD C:\Users\Jana\OneDrive
2021-02-21 14:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-02-21 14:10 - 2020-10-01 16:13 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-02-21 13:41 - 2017-01-21 19:15 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2021-02-21 13:38 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2021-02-21 13:04 - 2017-08-26 06:23 - 000000000 ____D C:\KMPlayer
2021-02-20 18:21 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2021-02-18 10:02 - 2018-09-09 22:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2021-02-14 00:27 - 2020-11-05 05:12 - 001693136 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-02-14 00:27 - 2019-12-07 15:43 - 000717960 _____ C:\WINDOWS\system32\perfh005.dat
2021-02-14 00:27 - 2019-12-07 15:43 - 000145102 _____ C:\WINDOWS\system32\perfc005.dat
2021-02-13 23:46 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Keywords
2021-02-13 23:46 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Keywords
2021-02-13 23:46 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-02-13 23:46 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\System
2021-02-13 23:46 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2021-02-13 22:13 - 2017-01-11 13:28 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-02-13 21:46 - 2017-01-23 17:53 - 000000000 ____D C:\Program Files\Canon
2021-02-12 12:22 - 2020-12-14 01:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2021-02-09 19:26 - 2020-11-05 05:30 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task

==================== Files in the root of some directories ========

2017-01-23 17:12 - 2017-01-23 17:43 - 095638712 _____ (Adobe Systems Incorporated) C:\Program Files\AcroRdrDC1502320053_de_DE.exe
2020-03-22 20:15 - 2020-03-22 20:16 - 001358864 _____ (CHIP Digital GmbH) C:\Program Files\CCleaner - CHIP-Installer.exe
2017-01-22 00:24 - 2017-01-04 19:38 - 008803648 _____ (Piriform Ltd) C:\Program Files\ccsetup525.exe
2017-01-25 12:06 - 2017-01-25 12:07 - 000245568 _____ () C:\Program Files\Firefox Setup Stub 51.0.exe
2018-08-09 09:25 - 2018-08-09 09:34 - 318137096 _____ (KASTNER software s.r.o.                                     ) C:\Program Files\fs1519bfull.exe
2017-08-20 20:33 - 2017-08-20 20:35 - 065365056 _____ (Oracle Corporation) C:\Program Files\jre-8u144-windows-x64.exe
2021-02-21 13:02 - 2021-02-21 13:07 - 050913824 _____ (PandoraTV) C:\Program Files\KMP64_2020.12.22.30.exe
2019-11-18 20:39 - 2019-11-18 20:37 - 012471872 _____ () C:\Program Files\LBP3100_3108_3150_R150_V110_W64_uk_EN_1.exe
2017-01-22 20:06 - 2017-01-22 21:04 - 043918808 _____ (Skype Technologies S.A.) C:\Program Files\SkypeSetupFull.exe
2017-01-22 23:02 - 2017-01-22 23:08 - 068681952 _____ (Viber Media Inc.) C:\Program Files\ViberSetup.exe
2017-01-22 00:24 - 2017-01-06 16:21 - 002377944 _____ () C:\Program Files\winrar-x64-540cz.exe
2017-01-22 00:24 - 2017-01-16 23:27 - 001243336 _____ (společnost Microsoft Corporation) C:\Program Files\wlsetup-web.exe

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================