Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 25-03-2022
Ran by Jana (administrator) on LAPTOP-AGFPJ4G7 (HP HP Laptop 15-bw0xx) (26-03-2022 11:00:30)
Running from C:\Users\Jana\Desktop
Loaded Profiles: Jana
Platform: Microsoft Windows 10 Home Version 21H1 19043.1586 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe ->) (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_28a78a8b4b54e457\x64\SysInfoCap.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_28a78a8b4b54e457\x64\BridgeCommunication.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <12>
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek) C:\Program Files (x86)\Realtek\PCIE Wireless LAN\RtlS5Wake\RtlS5Wake.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler64.exe
(HP Inc.) C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_1.2.15.0_x64__v10z8vjag6ke6\SystemEventUtility\HPSystemEventUtilityHost.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(services.exe ->) (geek software GmbH -> geek software GmbH) C:\Program Files\PDF24\pdf24.exe <2>
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_54a828a51f6769c8\x64\TouchpointAnalyticsClientService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_28a78a8b4b54e457\x64\AppHelperCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_28a78a8b4b54e457\x64\DiagsCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_28a78a8b4b54e457\x64\NetworkCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_28a78a8b4b54e457\x64\SysInfoCap.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(svchost.exe ->) (HP Inc.) C:\Program Files\WindowsApps\AD2F1837.HPJumpStarts_1.10.1627.0_x64__v10z8vjag6ke6\HP.JumpStarts.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2202.10603.0_x64__8wekyb3d8bbwe\Cortana.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [11235928 2020-04-23] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtlS5Wake] => C:\Program Files (x86)\Realtek\PCIE Wireless LAN\RtlS5Wake\RtlS5Wake.exe [2097600 2018-04-18] (Realtek Semiconductor Corp. -> Realtek)
HKLM\...\Run: [PDF24] => C:\Program Files\PDF24\pdf24.exe [587000 2021-11-15] (geek software GmbH -> geek software GmbH)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706680 2020-12-09] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-527184737-1154348348-3312326369-1001\...\Run: [HPSEU_Host_Launcher] => C:\System.sav\util\HpseuHostLauncher.exe [525312 2021-08-03] (HP Inc.) [File not signed]
HKU\S-1-5-21-527184737-1154348348-3312326369-1001\...\Run: [com.squirrel.WhatsApp.WhatsApp] => C:\Users\Jana\AppData\Local\WhatsApp\Update.exe [2253232 2020-04-23] (WhatsApp, Inc -> )
HKU\S-1-5-21-527184737-1154348348-3312326369-1001\...\Run: [Adobe Reader Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe [5411552 2022-03-02] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-527184737-1154348348-3312326369-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35888256 2022-03-10] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-527184737-1154348348-3312326369-1002\...\Run: [HPSEU_Host_Launcher] => C:\System.sav\util\HpseuHostLauncher.exe [525312 2021-08-03] (HP Inc.) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\99.0.4844.82\Installer\chrmstp.exe [2022-03-22] (Google LLC -> Google LLC)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {09338108-4128-4891-961E-7F76C6BCA172} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-527184737-1154348348-3312326369-1002 => C:\Users\Jana\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (No File)
Task: {0C127DD7-1971-4382-8581-6E29D4A738F1} - System32\Tasks\Opera scheduled Autoupdate 1613556078 => C:\Users\Jana\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0) (No File)
Task: {4247C718-B426-43EB-9054-20003A596E6D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-03-10] (Google LLC -> Google LLC)
Task: {4D37ED8C-A357-4798-A8F5-D9FAD8B5F0C4} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22580696 2022-03-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {50B2A7A8-9AE4-49A5-BB55-CD6F7118463F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-03-10] (Google LLC -> Google LLC)
Task: {5100A477-348F-48CA-A0F9-BA0C7018AC24} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-527184737-1154348348-3312326369-500 => C:\Users\Jana\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (No File)
Task: {533337BE-11ED-493C-AD3E-8311AA9CBA93} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-13] (Adobe Inc. -> Adobe)
Task: {5A8925A7-C927-4474-A8C7-A4D2F6EAB4DC} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [468992 2019-05-10] (Advanced Micro Devices, Inc.) [File not signed]
Task: {647872DC-2983-42E9-81A8-F95D6EC044ED} - System32\Tasks\HPAudioSwitch => C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe [1644984 2018-07-18] (HP Inc. -> HP Inc.)
Task: {6D64E8A8-8817-41F8-99B8-C593E9E931C7} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22580696 2022-03-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {7C435E1E-BD8B-47DF-9E81-A68FFB24C00E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-17] (Adobe Inc. -> Adobe Inc.)
Task: {883E1B3C-DD37-45E6-BCBB-6611635020A1} - System32\Tasks\HP\Consent Manager Launcher => sc start hptouchpointanalyticsservice
Task: {8DC7D11D-B720-4AEE-ACDC-63E350693321} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [66952 2019-05-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {9AB85917-5D62-4850-B687-9473DC47C419} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSFReport.exe [136368 2022-02-25] (HP Inc. -> HP Inc.)
Task: {9DF8D0BA-C3CC-476D-99AA-6B8EDBF38958} - System32\Tasks\CCleanerSkipUAC - Jana => C:\Program Files\CCleaner\CCleaner.exe [30053504 2022-03-10] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {A49F90E7-22F7-4015-B16C-84ACC79E32DB} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [137072 2022-03-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {BB78BD4F-4EB9-46EE-8FE3-518C6F314D31} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [58760 2019-05-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {BF590643-F579-48FC-9C87-87CE95718308} - System32\Tasks\Opera scheduled assistant Autoupdate 1613556108 => C:\Users\Jana\AppData\Local\Programs\Opera\launcher.exe -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\Jana\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {C8603405-BAF6-41EB-9092-EB1DA27E5BAB} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-08-05] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {C96C2920-D04B-467C-8690-E098420DB340} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [137072 2022-03-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {DD7B5BDE-2B85-43E1-A7D4-87441BD09847} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_465_Plugin.exe [1504312 2020-12-13] (Adobe Inc. -> Adobe)
Task: {F9386988-566C-4AD2-99F2-89CB9ED8AFFA} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\BIN64\InstallManagerApp.exe [468992 2019-05-10] (Advanced Micro Devices, Inc.) [File not signed]
Task: {FFA03BD2-6569-45A8-ACA2-B5979AFE60A9} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [59232 2022-03-05] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{719073ed-bdfa-4c94-81db-2f955d3d2ad3}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{b6c73ad4-4cf3-462c-b40e-e9dda0d0d74e}: [DhcpNameServer] 192.168.178.1

Edge: 
=======
DownloadDir: C:\Users\Jana\Downloads
Edge Notifications: HKU\S-1-5-21-527184737-1154348348-3312326369-1001 -> hxxps://www.facebook.com
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\Jana\AppData\Local\Microsoft\Edge\User Data\Default [2022-03-24]
Edge DownloadDir: Default -> C:\Users\Jana\Downloads

FireFox:
========
FF DefaultProfile: 8c01je8n.default
FF ProfilePath: C:\Users\Jana\AppData\Roaming\Mozilla\Firefox\Profiles\8c01je8n.default [2020-05-19]
FF ProfilePath: C:\Users\Jana\AppData\Roaming\Mozilla\Firefox\Profiles\57w9bd9j.default-release [2022-03-26]
FF Extension: (German Dictionary, extended for Austria) - C:\Users\Jana\AppData\Roaming\Mozilla\Firefox\Profiles\57w9bd9j.default-release\Extensions\de-AT@dictionaries.addons.mozilla.org.xpi [2020-06-21]
FF Extension: (German Dictionary (Switzerland)) - C:\Users\Jana\AppData\Roaming\Mozilla\Firefox\Profiles\57w9bd9j.default-release\Extensions\de-CH@dictionaries.addons.mozilla.org.xpi [2020-06-21]
FF Extension: (German Dictionary) - C:\Users\Jana\AppData\Roaming\Mozilla\Firefox\Profiles\57w9bd9j.default-release\Extensions\de-DE@dictionaries.addons.mozilla.org.xpi [2020-06-21]
FF Extension: (Deutsch (DE) Language Pack) - C:\Users\Jana\AppData\Roaming\Mozilla\Firefox\Profiles\57w9bd9j.default-release\Extensions\langpack-de@firefox.mozilla.org.xpi [2020-11-29]
FF Extension: (Shqip Language Pack) - C:\Users\Jana\AppData\Roaming\Mozilla\Firefox\Profiles\57w9bd9j.default-release\Extensions\langpack-sq@firefox.mozilla.org.xpi [2020-11-29]
FF Extension: (Albanian Dictionary) - C:\Users\Jana\AppData\Roaming\Mozilla\Firefox\Profiles\57w9bd9j.default-release\Extensions\sq-AL@dictionaries.addons.mozilla.org.xpi [2020-06-21]
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_32_0_0_465.dll [2020-12-13] (Adobe Inc. -> )
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-03-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_465.dll [2020-12-13] (Adobe Inc. -> )
FF Plugin-x32: @java.com/DTPlugin,version=11.311.2 -> C:\Program Files (x86)\Java\jre1.8.0_311\bin\dtplugin\npDeployJava1.dll [2022-03-24] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.311.2 -> C:\Program Files (x86)\Java\jre1.8.0_311\bin\plugin2\npjp2.dll [2022-03-24] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-03-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2022-03-02] (Adobe Inc. -> Adobe Systems Inc.)

Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default [2022-03-26]
CHR DownloadDir: C:\Users\Jana\Desktop
CHR Notifications: Default -> hxxps://drive.google.com; hxxps://infobus.eu; hxxps://kundenbereich.check24.de; hxxps://web.whatsapp.com; hxxps://www.netflix.com; hxxps://www.sercanto.at; hxxps://www.youtube.com
CHR HomePage: Default -> hxxps://www.google.cz/
CHR StartupUrls: Default -> "hxxps://www.google.cz/","hxxps://www.youtube.com/"
CHR Extension: (Prezentace) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-03-10]
CHR Extension: (Dokumenty) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-03-10]
CHR Extension: (Disk Google) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-25]
CHR Extension: (YouTube) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-03-10]
CHR Extension: (True Key™ by McAfee) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpaibbcbodhimfnjnakiidgbpiehfgci [2021-11-22]
CHR Extension: (Tabulky) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-03-10]
CHR Extension: (Dokumenty Google offline) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-03-20]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-04]
CHR Extension: (Gmail) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-24]
CHR Profile: C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Guest Profile [2020-10-15]
CHR Profile: C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Profile 1 [2020-10-22]
CHR HomePage: Profile 1 -> hxxps://www.google.com/
CHR StartupUrls: Profile 1 -> "hxxps://www.facebook.com/","hxxps://www.youtube.com/"
CHR Extension: (Prezentace) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-10-15]
CHR Extension: (Dokumenty) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2020-10-15]
CHR Extension: (Disk Google) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-15]
CHR Extension: (YouTube) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-10-15]
CHR Extension: (Tabulky) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-10-15]
CHR Extension: (Dokumenty Google offline) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-10-15]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-10-15]
CHR Extension: (Gmail) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-22]
CHR Extension: (Chrome Media Router) - C:\Users\Jana\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-10-15]
CHR Profile: C:\Users\Jana\AppData\Local\Google\Chrome\User Data\System Profile [2020-10-15]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-17] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-13] (Adobe Inc. -> Adobe)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11649952 2022-03-03] (Microsoft Corporation -> Microsoft Corporation)
S2 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [905080 2019-12-19] (HP Inc. -> HP Inc.)
R2 HPAppHelperCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_28a78a8b4b54e457\x64\AppHelperCap.exe [762920 2022-01-19] (HP Inc. -> HP Inc.)
R2 HPDiagsCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_28a78a8b4b54e457\x64\DiagsCap.exe [759800 2022-01-19] (HP Inc. -> HP Inc.)
R2 HPNetworkCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_28a78a8b4b54e457\x64\NetworkCap.exe [756736 2022-01-19] (HP Inc. -> HP Inc.)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [260256 2022-01-29] (HP Inc. -> HP Inc.)
R2 HPSysInfoCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_28a78a8b4b54e457\x64\SysInfoCap.exe [760304 2022-01-19] (HP Inc. -> HP Inc.)
R2 HpTouchpointAnalyticsService; C:\WINDOWS\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_54a828a51f6769c8\x64\TouchpointAnalyticsClientService.exe [494672 2021-11-21] (HP Inc. -> HP Inc.)
R2 PDF24; C:\Program Files\PDF24\pdf24.exe [587000 2021-11-15] (geek software GmbH -> geek software GmbH)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2006.9-0\NisSrv.exe [2496152 2020-06-20] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2006.9-0\MsMpEng.exe [104200 2020-06-20] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R3 HPCustomCapDriver; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapdriver.inf_amd64_a955fa431e522f5e\x64\hpcustomcapdriver.sys [25592 2021-09-16] (HP Inc. -> HP Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45976 2020-06-20] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [408800 2020-06-20] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [64232 2020-06-20] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [37280 2021-11-23] (HP Inc. -> HP)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-03-26 11:10 - 2022-03-26 11:10 - 000000000 ____D C:\Users\Jana\AppData\Local\mbam
2022-03-26 11:09 - 2022-03-26 11:09 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2022-03-26 11:09 - 2022-03-26 11:09 - 000223688 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2022-03-26 11:09 - 2022-03-26 11:09 - 000002040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2022-03-26 11:09 - 2022-03-26 11:09 - 000002028 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2022-03-26 11:08 - 2022-03-26 11:07 - 000160176 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2022-03-26 11:08 - 2022-03-26 11:07 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2022-03-26 11:06 - 2022-03-26 11:06 - 000000000 ____D C:\ProgramData\Malwarebytes
2022-03-26 11:06 - 2022-03-26 11:06 - 000000000 ____D C:\Program Files\Malwarebytes
2022-03-26 11:05 - 2022-03-26 11:05 - 002443448 _____ (Malwarebytes) C:\Users\Jana\Desktop\MBSetup.exe
2022-03-26 11:00 - 2022-03-26 11:04 - 000022650 _____ C:\Users\Jana\Desktop\FRST.txt
2022-03-26 10:59 - 2022-03-26 11:03 - 000000000 ____D C:\FRST
2022-03-26 10:58 - 2022-03-26 10:58 - 002365440 _____ (Farbar) C:\Users\Jana\Desktop\FRST64.exe
2022-03-26 10:43 - 2022-03-26 10:43 - 000000000 ____D C:\Users\Jana\AppData\Local\VS Revo Group
2022-03-26 10:42 - 2022-03-26 10:42 - 000000000 ____D C:\ProgramData\VS Revo Group
2022-03-26 10:42 - 2022-03-26 10:42 - 000000000 ____D C:\Program Files\VS Revo Group
2022-03-26 10:32 - 2022-03-26 10:32 - 000002900 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - Jana
2022-03-24 17:34 - 2022-03-24 17:34 - 000000000 ____D C:\Users\Jana\AppData\LocalLow\Oracle
2022-03-24 17:29 - 2022-03-26 10:53 - 000000000 ____D C:\Program Files\CCleaner
2022-03-24 17:29 - 2022-03-26 10:32 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2022-03-24 17:29 - 2022-03-24 17:29 - 000000870 _____ C:\Users\Public\Desktop\CCleaner.lnk
2022-03-24 17:19 - 2022-03-24 17:18 - 000340760 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2022-03-24 17:19 - 2022-03-24 17:18 - 000215920 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswf1f23c091167523f.tmp
2022-03-24 17:15 - 2022-03-24 17:15 - 008540344 _____ (Malwarebytes) C:\Users\Jana\Desktop\adwcleaner_8.3.1.exe
2022-03-24 17:10 - 2022-03-24 17:10 - 000007604 _____ C:\Users\Jana\AppData\Local\Resmon.ResmonCfg
2022-03-22 08:42 - 2022-03-22 08:42 - 000257672 _____ C:\Users\Jana\Downloads\DOTAZNIK k danovemu priznani.pdf
2022-03-22 08:12 - 2022-03-22 08:12 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2022-03-22 07:57 - 2022-03-22 07:57 - 000339734 _____ C:\Users\Jana\Downloads\Seznam dokumentu (1).pdf
2022-03-22 07:55 - 2022-03-22 07:55 - 000339734 _____ C:\Users\Jana\Downloads\Seznam dokumentu.pdf
2022-03-22 07:20 - 2022-03-22 07:20 - 000110586 _____ C:\Users\Jana\Downloads\Bescheinigung_EU_EWW_Tschechisch.pdf
2022-03-20 15:35 - 2022-03-20 15:35 - 000011911 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-03-20 15:33 - 2022-03-20 15:33 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2022-03-20 15:32 - 2022-03-20 15:32 - 002254336 _____ C:\WINDOWS\system32\dwmscene.dll
2022-03-20 15:31 - 2022-03-20 15:31 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2022-03-20 15:28 - 2022-03-20 15:28 - 000272896 _____ C:\WINDOWS\system32\TpmTool.exe
2022-03-20 14:24 - 2022-03-20 14:24 - 000000000 ___HD C:\$WinREAgent
2022-03-20 13:02 - 2022-03-20 13:02 - 000103090 _____ C:\Users\Jana\Downloads\220208_ICL1005056A217B81EDCA1FE4A54B96669C3.pdf
2022-03-06 22:32 - 2022-03-06 22:32 - 000000000 ____D C:\Users\Jana\Documents\WPS Cloud Files
2022-03-06 22:19 - 2022-03-06 22:19 - 000000000 ___HD C:\Users\Jana\Documents\KingsoftData
2022-03-06 22:15 - 2022-03-22 08:13 - 000000000 ____D C:\Users\Jana\AppData\Roaming\kingsoft
2022-03-06 22:11 - 2022-03-22 08:14 - 000000000 ____D C:\Users\Jana\AppData\Local\Kingsoft
2022-03-06 22:11 - 2022-03-06 22:11 - 000000000 ____D C:\Users\Jana\AppData\Roaming\wps_download

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-03-26 11:10 - 2020-03-09 21:00 - 000000000 ____D C:\Users\Jana\AppData\Local\D3DSCache
2022-03-26 11:08 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2022-03-26 11:04 - 2020-03-10 09:04 - 000000000 ____D C:\Program Files (x86)\Google
2022-03-26 10:52 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-03-26 10:51 - 2020-06-19 10:45 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-03-26 10:51 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-03-26 10:51 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-03-26 10:48 - 2020-06-27 19:13 - 000000000 ____D C:\ProgramData\Avast Software
2022-03-24 17:41 - 2020-07-13 20:17 - 000000000 ____D C:\Program Files (x86)\Java
2022-03-24 17:40 - 2020-07-13 20:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2022-03-24 17:36 - 2021-04-24 05:57 - 000000000 ____D C:\WINDOWS\Minidump
2022-03-24 17:36 - 2020-12-15 12:08 - 000000000 ___DC C:\WINDOWS\Panther
2022-03-24 17:36 - 2020-12-13 10:51 - 000000000 ____D C:\Users\Jana\AppData\Local\CrashDumps
2022-03-24 17:36 - 2020-07-13 20:18 - 000164696 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2022-03-24 17:36 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2022-03-24 17:20 - 2021-06-05 14:09 - 000000000 ____D C:\AdwCleaner
2022-03-24 17:20 - 2021-02-17 10:55 - 000000000 ____D C:\Users\Jana\AppData\Roaming\IObit
2022-03-24 17:18 - 2020-10-15 18:44 - 000269440 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw59f57c3faf0b3227.tmp
2022-03-24 17:18 - 2020-07-11 16:27 - 000551920 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw3189b58842ee5b95.tmp
2022-03-24 17:18 - 2020-07-11 16:27 - 000108912 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswcb3fbd8d74d35ca0.tmp
2022-03-24 17:18 - 2020-07-11 16:27 - 000042416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswc236d48d55e7c7cc.tmp
2022-03-24 17:18 - 2020-06-27 19:18 - 000546320 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswdbec131f1c9a1d00.tmp
2022-03-24 17:18 - 2020-06-27 19:18 - 000318760 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw53fdd38a865fe601.tmp
2022-03-24 17:18 - 2020-06-27 19:18 - 000252992 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw3f0fcedb555a0b04.tmp
2022-03-24 17:18 - 2020-06-27 19:18 - 000100416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswa566ec5fd7d0b5c1.tmp
2022-03-24 17:18 - 2020-06-27 19:18 - 000083976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbe246cfebd8d75d0.tmp
2022-03-24 17:17 - 2020-07-11 16:27 - 000855336 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswdb935f642335189c.tmp
2022-03-24 17:17 - 2020-07-11 16:27 - 000370752 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw1ea032bd14ee9aef.tmp
2022-03-24 17:17 - 2020-07-11 16:27 - 000228928 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswd36203a83ac9b24d.tmp
2022-03-24 17:17 - 2020-06-27 19:18 - 000036784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw585de9a85260b068.tmp
2022-03-24 17:04 - 2020-12-19 03:43 - 000000000 ____D C:\Users\Jana
2022-03-23 10:24 - 2020-12-19 03:34 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-03-22 07:14 - 2020-03-10 09:07 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-03-22 07:14 - 2020-03-10 09:07 - 000002267 _____ C:\Users\Jana\Desktop\Google Chrome.lnk
2022-03-22 06:49 - 2020-12-13 10:56 - 000002143 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2022-03-21 10:14 - 2020-12-19 04:24 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-03-21 10:14 - 2020-12-19 03:33 - 000008192 ___SH C:\DumpStack.log.tmp
2022-03-21 10:14 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2022-03-20 22:27 - 2019-12-07 10:03 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2022-03-20 22:27 - 2019-10-30 17:35 - 000065536 _____ C:\WINDOWS\psp_storage.bin
2022-03-20 22:24 - 2020-12-25 12:21 - 000724336 _____ C:\WINDOWS\system32\perfh019.dat
2022-03-20 22:24 - 2020-12-25 12:21 - 000143810 _____ C:\WINDOWS\system32\perfc019.dat
2022-03-20 22:24 - 2020-12-19 03:57 - 003411510 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-03-20 22:24 - 2020-12-19 01:51 - 000694836 _____ C:\WINDOWS\system32\perfh007.dat
2022-03-20 22:24 - 2020-12-19 01:51 - 000142108 _____ C:\WINDOWS\system32\perfc007.dat
2022-03-20 22:24 - 2019-12-07 15:41 - 000717450 _____ C:\WINDOWS\system32\perfh005.dat
2022-03-20 22:24 - 2019-12-07 15:41 - 000154626 _____ C:\WINDOWS\system32\perfc005.dat
2022-03-20 22:19 - 2020-12-19 03:34 - 000575096 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-03-20 22:14 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-03-20 22:14 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2022-03-20 22:14 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-03-20 22:14 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2022-03-20 22:13 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-03-20 22:13 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2022-03-20 22:13 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-03-20 22:13 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2022-03-20 22:11 - 2021-01-12 03:13 - 000003318 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6d5b24f318a03
2022-03-20 22:11 - 2020-12-19 04:24 - 000003512 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-03-20 22:11 - 2020-12-19 04:24 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2022-03-20 22:11 - 2020-12-19 04:24 - 000003402 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2022-03-20 22:11 - 2020-12-19 04:24 - 000003178 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2022-03-20 20:32 - 2020-12-13 11:29 - 000000000 ____D C:\Users\Jana\AppData\Local\ElevatedDiagnostics
2022-03-20 17:28 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-03-20 15:27 - 2020-12-19 03:40 - 002877952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-03-20 13:53 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2022-03-20 13:38 - 2022-02-17 12:39 - 000000000 _____ C:\Users\Jana\Documents\HPSmartPrintingPort
2022-03-20 10:28 - 2020-09-23 15:17 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2022-03-20 10:23 - 2020-03-11 01:19 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-03-20 10:15 - 2019-05-28 02:11 - 000000000 ____D C:\Program Files\Microsoft Office
2022-03-20 10:10 - 2020-03-11 01:19 - 145666720 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-03-03 10:30 - 2020-07-11 16:27 - 000550376 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw92bd76ad47f14640.tmp
2022-03-01 11:12 - 2021-07-08 18:29 - 000000000 ____D C:\Users\Jana\Documents\datovka

==================== Files in the root of some directories ========

2022-03-24 17:10 - 2022-03-24 17:10 - 000007604 _____ () C:\Users\Jana\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================