Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 11-12-2021
Ran by Petr (administrator) on DESKTOP-OG91TO7 (Acer Aspire M3970) (19-12-2021 22:16:42)
Running from D:\1. Petr-D (profil-nepresouvat)\Stažené soubory
Loaded Profiles: Petr
Platform: Microsoft Windows 10 Home Version 20H2 19042.1288 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eOppFrame.exe
(Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\ksde.exe
(Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\ksdeui.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <11>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\Office16\ONENOTEM.EXE
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2110.13603.0_x64__8wekyb3d8bbwe\Cortana.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2110.13603.0_x64__8wekyb3d8bbwe\Win32Bridge.Server.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <10>
(Nero AG -> Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3831808 2021-08-30] (Microsoft Windows Hardware Compatibility Publisher -> Logitech)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [167496 2021-12-08] (ESET, spol. s r.o. -> ESET)
HKU\S-1-5-21-1572087406-4076451396-989324875-1001\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-1572087406-4076451396-989324875-1001\...\MountPoints2: {2c43445d-28e0-11ec-97b5-3860777053b0} - "L:\.autorun\autorun.exe" 
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\update.bat [2019-12-24] () [File not signed] <==== ATTENTION
Startup: C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Poslat do aplikace OneNote.lnk [2020-01-19]
ShortcutTarget: Poslat do aplikace OneNote.lnk -> C:\Program Files\Microsoft Office\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {00314B53-12BE-429D-8141-18BCDB058009} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe [469952 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files (x86)\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {0AFC467B-3B65-4A8C-ACEC-B3F241CAB858} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\Petr\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [19989464 2021-12-19] (ESET, spol. s r.o. -> ESET)
Task: {14DA0150-1D8D-4501-A261-DAA536FA0D5C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1562376 2021-08-16] (Adobe Inc. -> Adobe Inc.)
Task: {17EA2A60-2585-421E-BEAE-450476F3C96E} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [662464 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {46690A97-7939-40D1-8E09-7F765C5B4404} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [662464 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {4E8A8023-3F58-43AB-AA6C-78A02F273929} - System32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901} => C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe [743488 2021-12-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
Task: {5A8647AB-0833-470B-9ACA-72865D881789} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
Task: {5EBD8FF6-5BD4-48E4-885E-0F6D8D0A350B} - System32\Tasks\Opera scheduled assistant Autoupdate 1633770116 => C:\Users\Petr\AppData\Local\Programs\Opera\launcher.exe -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\Petr\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {5FA600C5-2902-49EE-A6AF-BBF861A693A5} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {623920EC-AC34-4217-A1C5-3743716E6BB2} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {6E8EEEE3-1532-4DF0-B187-5EBE135DB320} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_465_pepper.exe [1499704 2020-12-08] (Adobe Inc. -> Adobe)
Task: {6F283AB9-6FAA-48B8-8690-A5C66559B22D} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [522688 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {88A34AF8-1C62-4DE3-8EEB-FC3570C45E98} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {B6F7EDC2-DC81-427A-8DF8-164398FA9E2A} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [976832 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C8B8B81F-31E1-4D93-A37E-4ED5C4A88557} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2069952 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D5C022EE-20F5-49C5-ADC3-923846785BDD} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\Petr\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [19989464 2021-12-19] (ESET, spol. s r.o. -> ESET)
Task: {DA3E6A0D-B476-4032-A3DA-391ED2EAFFC3} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-08] (Adobe Inc. -> Adobe)
Task: {E1D2FAE6-28B3-44FC-A53D-5E0EC85A7976} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [510912 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {EA6FE3E7-30E4-4641-BBEC-9D2E3A62C454} - System32\Tasks\Opera scheduled Autoupdate 1633770104 => C:\Users\Petr\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0) (No File)
Task: {F94F63A5-C61D-468E-A7A7-AD13AA928474} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_465_Plugin.exe [1504312 2020-12-08] (Adobe Inc. -> Adobe)
Task: {FBEDD711-0340-4E04-A780-B64289D2CD5B} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [757184 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{48406441-08f2-4b0b-91c2-d951d5f253f3}: [DhcpNameServer] 178.17.0.12
Tcpip\..\Interfaces\{bc43c231-da3e-4f75-a4b3-de1d9a773855}: [DhcpNameServer] 192.168.1.1

Edge: 
=======
DownloadDir: C:\Users\Petr\Downloads
Edge HomeButtonPage: HKU\S-1-5-21-1572087406-4076451396-989324875-1001 -> hxxps://www.seznam.cz/
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\Petr\AppData\Local\Microsoft\Edge\User Data\Default [2021-12-19]
Edge DownloadDir: Default -> D:\1. Petr-D (profil-nepresouvat)\Stažené soubory
Edge HomePage: Default -> hxxps://www.seznam.cz/
Edge StartupUrls: Default -> "hxxps://www.seznam.cz/"
Edge Extension: (Ochrana Kaspersky) - C:\Users\Petr\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm [2021-12-19]
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\Petr\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-12-19]
Edge HKU\S-1-5-21-1572087406-4076451396-989324875-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

FireFox:
========
FF DefaultProfile: 3hqbpdkj.default-1584019023639
FF ProfilePath: C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\3hqbpdkj.default-1584019023639 [2021-12-19]
FF Homepage: Mozilla\Firefox\Profiles\3hqbpdkj.default-1584019023639 -> seznam.cz
FF Extension: (No Name) - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\3hqbpdkj.default-1584019023639\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2021-12-19]
FF HKLM\...\Firefox\Extensions: [light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\FFExt\light_plugin_firefox\addon.xpi => not found
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\FFExt\light_plugin_firefox\addon.xpi => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_465.dll [2020-12-08] (Adobe Inc. -> )
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_465.dll [2020-12-08] (Adobe Inc. -> )
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [No File]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2015-08-28] (Nero AG -> Nero AG)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-03-24] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-03-24] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-10-05] (Adobe Inc. -> Adobe Systems Inc.)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\eset_security_config_overlay.js [2021-12-19]
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\kl_prefs_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.js [2021-12-19] <==== ATTENTION (Points to *.cfg file)
FF ExtraCheck: C:\Program Files\mozilla firefox\kl_config_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.cfg [2021-12-19] <==== ATTENTION

Chrome: 
=======
CHR HKLM\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm
CHR HKLM-x32\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

Opera: 
=======
OPR Profile: C:\Users\Petr\AppData\Roaming\Opera Software\Opera Stable [2021-12-19]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding}

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-08-16] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-08] (Adobe Inc. -> Adobe)
S2 AVP21.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\avp.exe [184768 2021-12-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [3141480 2021-12-08] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [3141480 2021-12-08] (ESET, spol. s r.o. -> ESET)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
S3 klvssbridge64_21.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\x64\vssbridge64.exe [479280 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R2 KSDE5.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\ksde.exe [447104 2021-12-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7901368 2021-12-19] (Malwarebytes Inc -> Malwarebytes)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\NisSrv.exe [2876152 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MsMpEng.exe [128360 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [250032 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [42256 2020-03-08] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [63696 2021-10-09] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [183408 2021-12-08] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [124496 2021-12-08] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\Windows\System32\DRIVERS\eelam.sys [15824 2021-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [201984 2021-12-08] (ESET, spol. s r.o. -> ESET)
R2 ekbdflt; C:\Windows\system32\DRIVERS\ekbdflt.sys [43920 2021-12-08] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\Windows\system32\DRIVERS\epfw.sys [69736 2021-12-08] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [107456 2021-12-08] (ESET, spol. s r.o. -> ESET)
R1 klbackupdisk; C:\Windows\system32\DRIVERS\klbackupdisk.sys [110336 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [211704 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [126216 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [41656 2021-02-19] (Microsoft Windows Early Launch Anti-malware Publisher -> AO Kaspersky Lab)
R1 klflt; C:\Windows\system32\DRIVERS\klflt.sys [514840 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klgse; C:\Windows\System32\DRIVERS\klgse.sys [689976 2021-11-13] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klhk; C:\Windows\system32\DRIVERS\klhk.sys [1507648 2021-11-13] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
S3 klids; C:\ProgramData\Kaspersky Lab\AVP21.3\Bases\klids.sys [272168 2021-12-19] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [1042712 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klim6; C:\Windows\system32\DRIVERS\klim6.sys [98040 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [112392 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [112904 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [85256 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klpnpflt; C:\Windows\system32\DRIVERS\klpnpflt.sys [96008 2021-12-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R3 kltap; C:\Windows\System32\drivers\kltap.sys [55592 2021-02-19] (AnchorFree Inc -> The OpenVPN Project)
R0 klupd_klif_arkmon; C:\Windows\System32\Drivers\klupd_klif_arkmon.sys [276064 2021-12-19] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klupd_klif_klark; C:\Windows\System32\Drivers\klupd_klif_klark.sys [314040 2021-12-19] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R0 klupd_klif_klbg; C:\Windows\System32\Drivers\klupd_klif_klbg.sys [113976 2021-12-19] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klupd_klif_mark; C:\Windows\System32\Drivers\klupd_klif_mark.sys [225648 2021-12-19] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [155912 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klwtp; C:\Windows\system32\DRIVERS\klwtp.sys [327936 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S3 KMWDFILTER; C:\Windows\System32\drivers\KMWDFILTER.sys [30208 2009-04-29] (MLK Technologies Limited -> Windows (R) Codename Longhorn DDK provider)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [300808 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [19912 2021-12-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [248992 2021-12-19] (Malwarebytes Inc -> Malwarebytes)
S2 SecDrv; C:\WINDOWS\SysWOW64\drivers\SECDRV.SYS [163644 2021-09-29] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [File not signed]
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [48536 2021-12-16] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [435432 2021-12-16] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [86248 2021-12-16] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-12-19 22:15 - 2021-12-19 22:16 - 000000000 ____D C:\FRST
2021-12-19 21:01 - 2021-12-19 21:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2021-12-19 21:01 - 2021-12-19 21:01 - 000000000 ____D C:\ProgramData\ESET
2021-12-19 21:01 - 2021-12-19 21:01 - 000000000 ____D C:\Program Files\ESET
2021-12-19 20:07 - 2021-12-19 21:58 - 000000000 ____D C:\Users\Petr\AppData\LocalLow\IGDump
2021-12-19 20:07 - 2021-12-19 20:18 - 000248992 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2021-12-19 20:07 - 2021-12-19 20:07 - 000002057 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-12-19 20:07 - 2021-12-19 20:07 - 000000000 ____D C:\Users\Petr\AppData\Local\mbam
2021-12-19 20:06 - 2021-12-19 20:06 - 000160176 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2021-12-19 20:06 - 2021-12-19 20:06 - 000019912 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamElam.sys
2021-12-19 20:06 - 2021-12-19 20:06 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-12-19 20:06 - 2021-12-19 20:06 - 000000000 ____D C:\Program Files\Malwarebytes
2021-12-19 19:42 - 2021-12-19 20:13 - 000000000 ____D C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\WiperSoft
2021-12-19 19:31 - 2021-12-19 19:47 - 000000140 _____ C:\Windows\Reimage.ini
2021-12-19 19:00 - 2021-12-19 19:00 - 000000000 ___HD C:\$WinREAgent
2021-12-19 18:56 - 2021-12-19 18:56 - 000314040 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klupd_klif_klark.sys
2021-12-19 18:54 - 2021-12-19 18:54 - 000276064 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klupd_klif_arkmon.sys
2021-12-19 18:54 - 2021-12-19 18:54 - 000225648 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klupd_klif_mark.sys
2021-12-19 18:54 - 2021-12-19 18:54 - 000113976 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klupd_klif_klbg.sys
2021-12-19 18:54 - 2021-12-19 18:54 - 000003392 _____ C:\Windows\system32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901}
2021-12-19 18:54 - 2021-12-19 18:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky VPN
2021-12-19 18:54 - 2021-12-19 18:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security
2021-12-19 18:54 - 2021-12-19 18:54 - 000000000 ____D C:\Program Files\Common Files\AV
2021-12-19 18:54 - 2021-02-19 21:09 - 000110176 _____ (Kaspersky Lab ZAO) C:\Windows\system32\klfphc.dll
2021-12-19 18:53 - 2021-12-19 18:54 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2021-12-19 18:53 - 2021-12-19 18:54 - 000000000 ____D C:\Program Files (x86)\Kaspersky Lab
2021-12-19 18:53 - 2021-02-19 21:08 - 001042712 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klif.sys
2021-12-19 18:53 - 2021-02-19 21:08 - 000514840 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klflt.sys
2021-12-19 17:29 - 2021-12-19 17:29 - 000003854 _____ C:\Windows\system32\Tasks\EOSv3 Scheduler onLogOn
2021-12-19 17:29 - 2021-12-19 17:29 - 000003412 _____ C:\Windows\system32\Tasks\EOSv3 Scheduler onTime
2021-12-19 17:23 - 2021-12-19 21:01 - 000000000 ____D C:\Users\Petr\AppData\Local\ESET
2021-12-19 17:23 - 2021-12-19 17:38 - 000001401 _____ C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2021-12-19 17:10 - 2021-12-19 17:10 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2021-12-19 17:06 - 2021-12-19 17:06 - 000000000 ____D C:\Windows\system32\Tasks\Agent Activation Runtime
2021-12-19 15:10 - 2021-12-19 15:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FinalWire
2021-12-16 23:33 - 2021-12-16 23:33 - 000000000 ____D C:\Program Files\Common Files\Adobe
2021-12-16 17:19 - 2021-12-16 17:19 - 000001170 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk
2021-12-16 17:19 - 2021-12-16 17:19 - 000000000 ____D C:\Program Files\PCHealthCheck
2021-12-08 12:50 - 2021-12-08 12:50 - 000201984 _____ (ESET) C:\Windows\system32\Drivers\ehdrv.sys
2021-12-08 12:50 - 2021-12-08 12:50 - 000183408 _____ (ESET) C:\Windows\system32\Drivers\eamonm.sys
2021-12-08 12:50 - 2021-12-08 12:50 - 000124496 _____ (ESET) C:\Windows\system32\Drivers\edevmon.sys
2021-12-08 12:50 - 2021-12-08 12:50 - 000107456 _____ (ESET) C:\Windows\system32\Drivers\epfwwfp.sys
2021-12-08 12:50 - 2021-12-08 12:50 - 000069736 _____ (ESET) C:\Windows\system32\Drivers\epfw.sys
2021-12-08 12:50 - 2021-12-08 12:50 - 000043920 _____ (ESET) C:\Windows\system32\Drivers\ekbdflt.sys
2021-12-07 11:11 - 2021-12-07 11:11 - 000015824 _____ (ESET) C:\Windows\system32\Drivers\eelam.sys

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-12-19 22:10 - 2020-03-12 14:16 - 000000000 ____D C:\ProgramData\Mozilla
2021-12-19 22:09 - 2019-11-01 18:13 - 000000000 ____D C:\Users\Petr\AppData\LocalLow\Mozilla
2021-12-19 22:04 - 2020-08-26 20:06 - 001693140 _____ C:\Windows\system32\PerfStringBackup.INI
2021-12-19 22:04 - 2019-12-07 15:41 - 000716770 _____ C:\Windows\system32\perfh005.dat
2021-12-19 22:04 - 2019-12-07 15:41 - 000144948 _____ C:\Windows\system32\perfc005.dat
2021-12-19 22:04 - 2019-12-07 10:13 - 000000000 ____D C:\Windows\INF
2021-12-19 21:58 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-12-19 21:58 - 2019-11-01 16:04 - 000000000 ____D C:\ProgramData\NVIDIA
2021-12-19 21:57 - 2020-08-26 20:18 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2021-12-19 21:57 - 2020-08-26 19:55 - 000008192 ___SH C:\DumpStack.log.tmp
2021-12-19 21:57 - 2020-08-26 19:55 - 000000000 ____D C:\Windows\system32\SleepStudy
2021-12-19 21:57 - 2019-12-07 10:03 - 000524288 _____ C:\Windows\system32\config\BBI
2021-12-19 21:34 - 2020-03-09 18:52 - 000000000 ____D C:\Users\Petr\AppData\Local\D3DSCache
2021-12-19 21:01 - 2019-12-07 10:14 - 000000000 ___HD C:\Windows\ELAMBKUP
2021-12-19 19:44 - 2021-02-19 21:09 - 000096008 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klpnpflt.sys
2021-12-19 19:18 - 2020-03-12 14:16 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-12-19 19:11 - 2021-10-09 11:46 - 000000000 ____D C:\Users\Petr\AppData\Roaming\MPC-HC
2021-12-19 19:11 - 2019-12-01 21:38 - 000000000 ____D C:\Users\Petr\AppData\Local\CrashDumps
2021-12-19 19:03 - 2020-06-11 13:04 - 000002460 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-12-19 19:03 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\AppReadiness
2021-12-19 19:01 - 2019-12-07 10:03 - 000000000 ____D C:\Windows\CbsTemp
2021-12-19 18:54 - 2019-12-07 10:03 - 000032768 _____ C:\Windows\system32\config\ELAM
2021-12-19 17:34 - 2020-03-12 14:16 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-12-19 17:10 - 2020-03-12 14:16 - 000001029 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-12-19 15:31 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-12-16 23:33 - 2019-11-01 17:53 - 000000000 ____D C:\ProgramData\Adobe
2021-12-16 18:46 - 2019-11-01 15:25 - 000000000 ____D C:\ProgramData\Packages
2021-12-16 18:04 - 2019-11-01 14:57 - 000000000 ____D C:\Windows\system32\Drivers\wd
2021-12-16 17:31 - 2019-11-01 15:08 - 000000000 ____D C:\Users\Petr\AppData\Local\Packages
2021-12-16 17:20 - 2020-08-26 20:18 - 000003584 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-12-16 17:20 - 2020-08-26 20:18 - 000003460 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================