Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 24-06-2022 01
Ran by papepa (administrator) on N-PED-W-27 (LENOVO 82C5) (24-06-2022 16:16:10)
Running from C:\Users\papepa\Desktop
Loaded Profiles: papepa
Platform: Microsoft Windows 10 Pro Version 21H1 19043.1766 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(C:\Program Files\ESET\ESET Security\ekrn.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler64.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(services.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_21306a77b30fd6e0\esif_uf.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [1085224 2020-06-04] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [185648 2020-07-07] (ESET, spol. s r.o. -> ESET)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [926896 2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [SMART Tray Tools] => C:\Program Files (x86)\Common Files\SMART Technologies\SystemMenu\SMARTSystemMenu.exe [654272 2019-12-17] (SMART Technologies ULC -> SMART Technologies)
HKLM-x32\...\Run: [SMARTNotification] => C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\SMARTNotification.exe [209816 2020-07-10] (SMART Technologies ULC -> SMART Technologies)
HKLM-x32\...\Run: [SMART Board Service] => C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\SMARTBoardService.exe [2778520 2020-07-10] (SMART Technologies ULC -> SMART Technologies)
HKLM-x32\...\Run: [sbsdk-server] => C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\sbsdk-server\NodeLauncher.exe [68544 2019-11-08] (SMART Technologies ULC -> SMART Technologies)
HKLM-x32\...\Run: [SMART Ink] => C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\SMARTInk.exe [287640 2020-07-08] (SMART Technologies ULC -> SMART Technologies)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\59.0.3.0\GoogleDriveFS.exe [55420816 2022-06-08] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\59.0.3.0\GoogleDriveFS.exe [55420816 2022-06-08] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-1014039644-72913205-4195499779-1001\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\lokadmin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-1014039644-72913205-4195499779-1001\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\lokadmin\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-1014039644-72913205-4195499779-1001\...\RunOnce: [Uninstall 20.134.0705.0008\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\lokadmin\AppData\Local\Microsoft\OneDrive\20.134.0705.0008\amd64" (No File)
HKU\S-1-5-21-1014039644-72913205-4195499779-1001\...\RunOnce: [Uninstall 20.134.0705.0008] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\lokadmin\AppData\Local\Microsoft\OneDrive\20.134.0705.0008" (No File)
HKU\S-1-5-21-2774596813-2351541506-2060952939-1285\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [36976728 2022-06-14] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-2774596813-2351541506-2060952939-1285\...\Run: [MicrosoftEdgeAutoLaunch_285F52E1EA62F986BEA1C54B59DAE7C5] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3595168 2022-06-16] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2774596813-2351541506-2060952939-1285\...\Policies\Explorer: [NoDrives] 1048576
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\59.0.3.0\GoogleDriveFS.exe [55420816 2022-06-08] (Google LLC -> Google, Inc.)
HKLM\...\Print\Monitors\Epson_Print_Admin: C:\WINDOWS\system32\epscpmon.dll [831488 2019-05-31] (Seiko Epson Corporation) [File not signed]
HKLM\...\Print\Monitors\rica1Ilm: C:\WINDOWS\system32\rica1Ilm.dll [28160 2013-12-26] (Microsoft Windows Hardware Compatibility Publisher -> RICOH CO.,Ltd.)
HKLM\...\Print\Monitors\SMART Local Port: C:\Windows\system32\smrtlocalmon.dll [38296 2020-07-14] (SMART Technologies ULC -> SMART Technologies ULC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\103.0.5060.53\Installer\chrmstp.exe [2022-06-23] (Google LLC -> Google LLC)
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0502E4C3-11C6-4E98-A68F-6C9B0E34C9D4} - System32\Tasks\Microsoft\Windows\RemoteApp and Desktop Connections Update\kolaan@zs-vsechovice.local\Update connections => %SYSTEMROOT%\System32\RUNDLL32 tsworkspace,TaskUpdateWorkspaces2
Task: {0A7C73CC-A14D-47D2-99EF-0C1A88662842} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2209272 2022-06-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {1932E7D0-039C-4C1C-A607-6E51E7E9F8A1} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23564752 2022-06-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {1A2A38C2-5BB1-4FB1-9E14-EB4C423D73C6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2020-06-21] (Google Inc -> Google Inc.)
Task: {1E24DE5B-EF6F-42EE-87A3-31B56946C67D} - System32\Tasks\Microsoft\Windows\RemoteApp and Desktop Connections Update\suchza@zs-vsechovice.local\Update connections => %SYSTEMROOT%\System32\RUNDLL32 tsworkspace,TaskUpdateWorkspaces2
"C:\Windows\System32\Tasks\Microsoft\Windows\GroupPolicy\{3E0A038B-D834-4930-9981-E89C9BFF83AA}" was unlocked. <==== ATTENTION
Task: {216EC54A-B3E0-4C53-88E3-BEC17BE485DA} - System32\Tasks\Microsoft\Windows\GroupPolicy\{3E0A038B-D834-4930-9981-E89C9BFF83AA} => C:\WINDOWS\system32\gpupdate.exe [30720 2020-10-20] (Microsoft Windows -> Microsoft Corporation)
Task: {22421AC2-6038-4692-B7E2-BB07E1CDA800} - System32\Tasks\Microsoft\Windows\RemoteApp and Desktop Connections Update\cielsa@zs-vsechovice.local\Start Workspace Runtime at logon => {4F1DFCA6-3AAD-48E1-8406-4BC21A501D7C} C:\WINDOWS\system32\wksprt.exe [450048 2021-01-15] (Microsoft Windows -> Microsoft Corporation)
Task: {267B8081-D086-4725-85AA-25DE47743BFF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2020-06-21] (Google Inc -> Google Inc.)
Task: {34599E6C-6DF6-4930-9D0C-B9F6C7F4BDC3} - System32\Tasks\Microsoft\Windows\RemoteApp and Desktop Connections Update\hradal@zs-vsechovice.local\Process policy => {E444E1B9-502C-44f9-B714-30DA330D0E8E} C:\Windows\System32\tsworkspace.dll [1249792 2021-01-15] (Microsoft Windows -> Microsoft Corporation)
Task: {35675C0D-8722-4FE1-B114-E59885DED2AA} - System32\Tasks\Microsoft\Windows\RemoteApp and Desktop Connections Update\cielsa@zs-vsechovice.local\Process policy => {E444E1B9-502C-44F9-B714-30DA330D0E8E} C:\Windows\System32\tsworkspace.dll [1249792 2021-01-15] (Microsoft Windows -> Microsoft Corporation)
Task: {40562F48-0FC2-4BAD-B706-FD3340ED71F0} - System32\Tasks\Microsoft\Windows\RemoteApp and Desktop Connections Update\kolaan@zs-vsechovice.local\Report update status => %SYSTEMROOT%\System32\RUNDLL32 tsworkspace,WorkspaceStatusNotify2
Task: {4A43C6AF-1A73-4D04-87E5-A8F86DCC294E} - System32\Tasks\Microsoft\Windows\RemoteApp and Desktop Connections Update\kociir@zs-vsechovice.local\Update connections => %SYSTEMROOT%\System32\RUNDLL32 tsworkspace,TaskUpdateWorkspaces2
Task: {4B81BCC7-7469-48D9-BB16-A5FF22D6AB8B} - System32\Tasks\Microsoft\Windows\RemoteApp and Desktop Connections Update\ruzipa@zs-vsechovice.local\Start Workspace Runtime at logon => {4F1DFCA6-3AAD-48E1-8406-4BC21A501D7C} C:\WINDOWS\system32\wksprt.exe [450048 2021-01-15] (Microsoft Windows -> Microsoft Corporation)
Task: {4F09EAD1-1782-40DF-8A0A-B35E6FE437B5} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [3513792 2022-06-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {519A43A1-F4E0-45E7-AB29-54C98FDDADDD} - System32\Tasks\CCleanerSkipUAC - papepa => C:\Program Files\CCleaner\CCleaner.exe [31027800 2022-06-14] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {54F77DEC-6112-4BDE-8174-3847F4376D6E} - System32\Tasks\Microsoft\Windows\RemoteApp and Desktop Connections Update\kociir@zs-vsechovice.local\Process policy => {E444E1B9-502C-44F9-B714-30DA330D0E8E} C:\Windows\System32\tsworkspace.dll [1249792 2021-01-15] (Microsoft Windows -> Microsoft Corporation)
Task: {67FDFCF9-6F87-4D49-BE17-92C17887714E} - System32\Tasks\Microsoft\Windows\RemoteApp and Desktop Connections Update\kolaan@zs-vsechovice.local\Process policy => {E444E1B9-502C-44F9-B714-30DA330D0E8E} C:\Windows\System32\tsworkspace.dll [1249792 2021-01-15] (Microsoft Windows -> Microsoft Corporation)
Task: {6BAA400B-BA08-45AD-B1B8-CAF832B27429} - System32\Tasks\Microsoft\Windows\RemoteApp and Desktop Connections Update\hradal@zs-vsechovice.local\Report update status => %SYSTEMROOT%\System32\RUNDLL32 tsworkspace,WorkspaceStatusNotify2
Task: {714BD737-6307-47C3-8629-7D7AE3413B5B} - System32\Tasks\Microsoft\Windows\RemoteApp and Desktop Connections Update\cielsa@zs-vsechovice.local\Update connections => %SYSTEMROOT%\System32\RUNDLL32 tsworkspace,TaskUpdateWorkspaces2
"C:\Windows\System32\Tasks\Microsoft\Windows\GroupPolicy\{A7719E0F-10DB-4640-AD8C-490CC6AD5202}" was unlocked. <==== ATTENTION
Task: {72AC3A3B-9E4D-4CBA-B9AC-C38B9AF5786C} - System32\Tasks\Microsoft\Windows\GroupPolicy\{A7719E0F-10DB-4640-AD8C-490CC6AD5202} => C:\WINDOWS\system32\gpupdate.exe [30720 2020-10-20] (Microsoft Windows -> Microsoft Corporation)
Task: {72F81736-3BB2-44D0-924D-CCDFB7E4861F} - System32\Tasks\Microsoft\Windows\RemoteApp and Desktop Connections Update\suchza@zs-vsechovice.local\Report update status => %SYSTEMROOT%\System32\RUNDLL32 tsworkspace,WorkspaceStatusNotify2
Task: {75F7D045-B6AF-4142-AC61-1DE0E8C5F3F4} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-06-14] (Piriform Software Ltd -> Piriform)
Task: {76DC051B-04DA-4DAE-A87A-E9889465E7E0} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23564752 2022-06-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {810C6E1F-5D53-4FFF-AF3B-07702CFE08EE} - System32\Tasks\Microsoft\Windows\RemoteApp and Desktop Connections Update\kociir@zs-vsechovice.local\Start Workspace Runtime at logon => {4F1DFCA6-3AAD-48E1-8406-4BC21A501D7C} C:\WINDOWS\system32\wksprt.exe [450048 2021-01-15] (Microsoft Windows -> Microsoft Corporation)
Task: {83A5D135-BB22-4C2F-A1B4-1F202599DFDF} - System32\Tasks\Microsoft\Windows\RemoteApp and Desktop Connections Update\hradal@zs-vsechovice.local\Start Workspace Runtime at logon => {4F1DFCA6-3AAD-48E1-8406-4BC21A501D7C} C:\WINDOWS\system32\wksprt.exe [450048 2021-01-15] (Microsoft Windows -> Microsoft Corporation)
Task: {8A5AEE7F-07DA-4612-8741-0E66FFD29ED1} - System32\Tasks\Microsoft\Windows\RemoteApp and Desktop Connections Update\kociir@zs-vsechovice.local\Report update status => %SYSTEMROOT%\System32\RUNDLL32 tsworkspace,WorkspaceStatusNotify2
Task: {91A76A85-F455-4E8C-8CED-F68D6B3563E2} - System32\Tasks\Microsoft\Windows\RemoteApp and Desktop Connections Update\ruzipa@zs-vsechovice.local\Process policy => {E444E1B9-502C-44f9-B714-30DA330D0E8E} C:\Windows\System32\tsworkspace.dll [1249792 2021-01-15] (Microsoft Windows -> Microsoft Corporation)
Task: {A5038969-A3DD-493C-A8CA-6146C3E295A7} - System32\Tasks\Microsoft\Windows\RemoteApp and Desktop Connections Update\suchza@zs-vsechovice.local\Start Workspace Runtime at logon => {4F1DFCA6-3AAD-48E1-8406-4BC21A501D7C} C:\WINDOWS\system32\wksprt.exe [450048 2021-01-15] (Microsoft Windows -> Microsoft Corporation)
Task: {AF4F79B5-29B7-42E3-B9E4-48A5856F7450} - System32\Tasks\Microsoft\Windows\RemoteApp and Desktop Connections Update\papepa@zs-vsechovice.local\Start Workspace Runtime at logon => {4F1DFCA6-3AAD-48E1-8406-4BC21A501D7C} C:\WINDOWS\system32\wksprt.exe [450048 2021-01-15] (Microsoft Windows -> Microsoft Corporation)
Task: {B8ECA7AB-FAC6-4683-A063-EBA8FECB0060} - System32\Tasks\Microsoft\Windows\RemoteApp and Desktop Connections Update\papepa@zs-vsechovice.local\Process policy => {E444E1B9-502C-44F9-B714-30DA330D0E8E} C:\Windows\System32\tsworkspace.dll [1249792 2021-01-15] (Microsoft Windows -> Microsoft Corporation)
Task: {C0B71E90-CF86-4E7C-B06C-A60E5736E468} - System32\Tasks\Microsoft\Windows\RemoteApp and Desktop Connections Update\papepa@zs-vsechovice.local\Report update status => %SYSTEMROOT%\System32\RUNDLL32 tsworkspace,WorkspaceStatusNotify2
Task: {CF935CE2-25A9-4610-9AD0-BF82F4E4D4D9} - System32\Tasks\Microsoft\Windows\RemoteApp and Desktop Connections Update\cielsa@zs-vsechovice.local\Report update status => %SYSTEMROOT%\System32\RUNDLL32 tsworkspace,WorkspaceStatusNotify2
Task: {CFFAD67A-8D7C-4E23-A1C9-E69521A3324A} - System32\Tasks\Microsoft\Windows\RemoteApp and Desktop Connections Update\kolaan@zs-vsechovice.local\Start Workspace Runtime at logon => {4F1DFCA6-3AAD-48E1-8406-4BC21A501D7C} C:\WINDOWS\system32\wksprt.exe [450048 2021-01-15] (Microsoft Windows -> Microsoft Corporation)
Task: {D71109B2-478E-4999-94FE-84390233C1FA} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2209272 2022-06-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {D825990D-36EA-429F-A501-1344B1A30DEE} - System32\Tasks\Microsoft\Windows\RemoteApp and Desktop Connections Update\suchza@zs-vsechovice.local\Process policy => {E444E1B9-502C-44F9-B714-30DA330D0E8E} C:\Windows\System32\tsworkspace.dll [1249792 2021-01-15] (Microsoft Windows -> Microsoft Corporation)
Task: {DD1D5191-B174-4A7C-9E3B-A98C922C541E} - System32\Tasks\Microsoft\Windows\RemoteApp and Desktop Connections Update\papepa@zs-vsechovice.local\Update connections => %SYSTEMROOT%\System32\RUNDLL32 tsworkspace,TaskUpdateWorkspaces2
Task: {EFD99FF7-F42B-487C-B09A-542C4592D48E} - System32\Tasks\Microsoft\Windows\RemoteApp and Desktop Connections Update\hradal@zs-vsechovice.local\Update connections => %SYSTEMROOT%\System32\RUNDLL32 tsworkspace,TaskUpdateWorkspaces2
Task: {F08FBB5B-466D-4295-9BBF-C0127B0A4F05} - System32\Tasks\Microsoft\Windows\RemoteApp and Desktop Connections Update\ruzipa@zs-vsechovice.local\Report update status => %SYSTEMROOT%\System32\RUNDLL32 tsworkspace,WorkspaceStatusNotify2
Task: {F287089E-9D0F-4A2F-83C0-08E87A6E2535} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [3513792 2022-06-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {F74BE92B-965E-4EC2-ABC5-D6C0B8C40FCD} - System32\Tasks\Microsoft\Windows\RemoteApp and Desktop Connections Update\ruzipa@zs-vsechovice.local\Update connections => %SYSTEMROOT%\System32\RUNDLL32 tsworkspace,TaskUpdateWorkspaces2

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 217.31.204.130 8.8.8.8
Tcpip\..\Interfaces\{1d1ea665-37d8-4482-b343-b455262dc387}: [DhcpNameServer] 217.31.204.130 8.8.8.8

Edge: 
=======
Edge Profile: C:\Users\papepa\AppData\Local\Microsoft\Edge\User Data\Default [2022-06-24]

FireFox:
========
FF DefaultProfile: zm6x28sr.default
FF ProfilePath: C:\Users\papepa\AppData\Roaming\Mozilla\Firefox\Profiles\zm6x28sr.default [2020-06-22]
FF ProfilePath: C:\Users\papepa\AppData\Roaming\Mozilla\Firefox\Profiles\5i8cwsc9.default-release [2022-06-24]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-06-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2020-06-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2020-06-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\eset_security_config_overlay.js [2022-06-24]

Chrome: 
=======
CHR Profile: C:\Users\papepa\AppData\Local\Google\Chrome\User Data\Default [2022-06-24]
CHR Extension: (Slides) - C:\Users\papepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2022-06-10]
CHR Extension: (Docs) - C:\Users\papepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2022-06-10]
CHR Extension: (Google Drive) - C:\Users\papepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2022-06-10]
CHR Extension: (YouTube) - C:\Users\papepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2022-06-10]
CHR Extension: (Sheets) - C:\Users\papepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2022-06-10]
CHR Extension: (Google Docs Offline) - C:\Users\papepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-06-10]
CHR Extension: (Chrome Web Store Payments) - C:\Users\papepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-06-10]
CHR Extension: (Gmail) - C:\Users\papepa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2022-06-10]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [65192 2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9483232 2022-06-03] (Microsoft Corporation -> Microsoft Corporation)
S2 DolbyDAXAPI; C:\WINDOWS\System32\DriverStore\FileRepository\dax3_swc_aposvc.inf_amd64_fe9531bca29258f3\DAX3API.exe [1928648 2020-05-19] (Dolby Laboratories, Inc. -> Dolby Laboratories)
S3 EHttpSrv; C:\Program Files\ESET\ESET Security\ehttpsrv.exe [57952 2020-07-07] (ESET, spol. s r.o. -> ESET)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2364472 2020-07-07] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [2364472 2020-07-07] (ESET, spol. s r.o. -> ESET)
S2 FMAPOService; C:\WINDOWS\System32\FMService64.exe [390400 2020-05-22] (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia)
S2 LITSSVC; C:\WINDOWS\System32\LNBITSSvc.exe [1643688 2019-05-06] (Lenovo -> Lenovo(beijing) Limited)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6254368 2022-06-20] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 SMARTHelperService; C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\SMARTHelperService.exe [637848 2020-07-10] (SMART Technologies ULC -> SMART Technologies)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2006.9-0\NisSrv.exe [2496152 2020-06-21] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2006.9-0\MsMpEng.exe [104200 2020-06-21] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [155888 2020-07-07] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [106848 2020-07-07] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15824 2021-03-16] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [195176 2020-07-07] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [79744 2020-07-07] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [116184 2020-07-07] (ESET, spol. s r.o. -> ESET)
R1 googledrivefs3758; C:\WINDOWS\System32\DRIVERS\googledrivefs3758.sys [384584 2022-03-24] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
R3 iaLPSS2_I2C_ICL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_i2c_icl.inf_amd64_c8c0638291b9b209\iaLPSS2_I2C_ICL.sys [200456 2020-04-28] (Intel Corporation -> Intel Corporation)
R3 SMARTMouseFilterx64; C:\WINDOWS\System32\drivers\SMARTMouseFilterx64.sys [18952 2019-05-14] (Microsoft Windows Hardware Compatibility Publisher -> SMART Technologies)
R3 SMARTVHidMiniVistaAmd64; C:\WINDOWS\System32\drivers\SMARTVHidMiniVistaAmd64.sys [28168 2020-07-10] (Microsoft Windows Hardware Compatibility Publisher -> SMART Technologies)
R3 SMARTVTabletPCx64; C:\WINDOWS\System32\drivers\SMARTVTabletPCx64.sys [30104 2020-07-10] (Microsoft Windows Hardware Compatibility Publisher -> SMART Technologies ULC)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45976 2020-06-21] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [408800 2020-06-21] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [64232 2020-06-21] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-06-24 16:16 - 2022-06-24 16:16 - 000024933 _____ C:\Users\papepa\Desktop\FRST.txt
2022-06-24 16:15 - 2022-06-24 16:16 - 000000000 ____D C:\FRST
2022-06-24 16:15 - 2022-06-24 15:55 - 001222144 _____ C:\Users\papepa\Desktop\RSITx64.exe
2022-06-24 16:15 - 2022-06-24 15:54 - 002369024 _____ (Farbar) C:\Users\papepa\Desktop\FRST64.exe
2022-06-22 08:46 - 2022-06-22 08:46 - 000000000 ____D C:\Users\kociir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Work Resources (RADC)
2022-06-20 20:51 - 2022-06-20 20:51 - 002260480 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2022-06-20 20:51 - 2022-06-20 20:51 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2022-06-20 20:51 - 2022-06-20 20:51 - 000479744 _____ C:\WINDOWS\system32\AssignedAccessCsp.dll
2022-06-20 20:51 - 2022-06-20 20:51 - 000232288 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2022-06-20 20:51 - 2022-06-20 20:51 - 000104448 _____ C:\WINDOWS\system32\nettraceex.dll
2022-06-20 20:51 - 2022-06-20 20:51 - 000040960 _____ C:\WINDOWS\system32\uwfservicingapi.dll
2022-06-20 20:51 - 2022-06-20 20:51 - 000011787 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-06-20 20:41 - 2022-06-20 20:41 - 000000000 ___HD C:\$WinREAgent
2022-06-17 08:16 - 2022-06-17 08:16 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2022-06-14 13:06 - 2022-06-14 13:06 - 001629371 _____ C:\Users\kociir\Downloads\Humanistická škola od 1.9.2022 (1).pdf
2022-06-14 13:05 - 2022-06-14 13:05 - 001629371 _____ C:\Users\kociir\Downloads\Humanistická škola od 1.9.2022.pdf
2022-06-10 11:12 - 2022-06-10 11:12 - 008551608 _____ (Malwarebytes) C:\Users\papepa\Downloads\adwcleaner_8.3.2.exe
2022-06-10 11:08 - 2022-06-10 11:08 - 000002904 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - papepa
2022-06-10 10:49 - 2022-06-10 10:49 - 000000000 ____D C:\Users\lokadmin\AppData\Local\D3DSCache
2022-06-10 10:47 - 2022-06-10 10:47 - 000003584 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1014039644-72913205-4195499779-1001
2022-06-09 13:42 - 2022-06-21 09:44 - 000000000 ____D C:\Users\kociir\AppData\Roaming\Seznam Browser
2022-06-09 13:41 - 2022-06-09 13:41 - 002549096 _____ (Malwarebytes) C:\Users\kociir\Downloads\MBSetup.exe
2022-06-09 13:40 - 2022-06-09 13:40 - 002549096 _____ (Malwarebytes) C:\Users\kociir\Downloads\MBSetup-99E146FF.exe

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-06-24 16:08 - 2020-06-21 09:52 - 000000000 ____D C:\Program Files\CCleaner
2022-06-24 16:06 - 2020-06-24 08:32 - 000000000 ____D C:\Users\kociir
2022-06-24 16:06 - 2020-06-21 10:29 - 000000000 ____D C:\Program Files (x86)\Google
2022-06-24 16:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-06-24 16:05 - 2020-06-22 09:46 - 000000000 __SHD C:\Users\papepa\IntelGraphicsProfiles
2022-06-24 14:37 - 2020-06-19 16:43 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-06-24 14:37 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-06-24 13:46 - 2020-06-22 09:02 - 000000152 _____ C:\WINDOWS\system32\config\netlogon.ftl
2022-06-24 09:21 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-06-23 10:13 - 2020-09-30 08:12 - 000000000 ____D C:\Users\kociir\AppData\Local\Deployment
2022-06-23 08:40 - 2020-06-24 08:34 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-06-23 08:40 - 2020-06-21 09:51 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-06-22 09:06 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2022-06-22 08:58 - 2020-06-19 11:09 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-06-22 08:42 - 2020-06-19 11:09 - 145918784 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-06-21 07:49 - 2020-06-19 10:51 - 001605602 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-06-21 07:49 - 2019-12-07 16:43 - 000685012 _____ C:\WINDOWS\system32\perfh005.dat
2022-06-21 07:49 - 2019-12-07 16:43 - 000137776 _____ C:\WINDOWS\system32\perfc005.dat
2022-06-21 07:48 - 2020-11-05 10:26 - 000000000 ____D C:\Users\kociir\AppData\Local\D3DSCache
2022-06-21 07:46 - 2020-06-24 08:32 - 000000000 __SHD C:\Users\kociir\IntelGraphicsProfiles
2022-06-21 00:19 - 2020-06-19 16:44 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-06-21 00:19 - 2020-06-19 16:43 - 000664080 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-06-21 00:19 - 2020-06-19 16:43 - 000008192 ___SH C:\DumpStack.log.tmp
2022-06-21 00:19 - 2020-06-19 10:52 - 000000000 ____D C:\Intel
2022-06-21 00:19 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2022-06-21 00:19 - 2019-12-07 11:03 - 002359296 _____ C:\WINDOWS\system32\config\BBI
2022-06-21 00:18 - 2019-12-07 16:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2022-06-21 00:18 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-06-21 00:18 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2022-06-21 00:18 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2022-06-21 00:18 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2022-06-21 00:18 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2022-06-21 00:18 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-06-21 00:18 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-06-21 00:18 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2022-06-21 00:18 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-06-21 00:18 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2022-06-21 00:18 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2022-06-21 00:18 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2022-06-21 00:18 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2022-06-21 00:18 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-06-21 00:18 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\DDFs
2022-06-21 00:18 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2022-06-21 00:18 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-06-21 00:18 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\servicing
2022-06-20 20:55 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-06-20 20:50 - 2020-06-19 16:47 - 002877952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-06-20 20:15 - 2021-05-04 08:59 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-06-20 20:15 - 2021-05-04 08:59 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2022-06-17 08:16 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2022-06-17 08:15 - 2020-06-23 10:54 - 000000000 ____D C:\Program Files\Microsoft Office
2022-06-14 08:28 - 2021-02-01 19:16 - 000002057 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk
2022-06-14 08:28 - 2020-06-21 11:01 - 000001899 _____ C:\Users\lokadmin\Desktop\Google Slides.lnk
2022-06-14 08:28 - 2020-06-21 11:01 - 000001899 _____ C:\Users\lokadmin\Desktop\Google Sheets.lnk
2022-06-14 08:28 - 2020-06-21 11:01 - 000001887 _____ C:\Users\lokadmin\Desktop\Google Docs.lnk
2022-06-14 07:32 - 2021-05-04 08:59 - 000003640 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-06-14 07:32 - 2021-05-04 08:59 - 000003516 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-06-10 11:04 - 2021-09-08 08:35 - 000000000 ____D C:\Users\papepa\AppData\Local\D3DSCache
2022-06-10 11:03 - 2020-06-22 09:46 - 000000000 ____D C:\Users\papepa\AppData\Local\Packages
2022-06-10 10:47 - 2022-05-24 13:16 - 000000000 ____D C:\Users\ruzipa
2022-06-10 10:47 - 2022-05-10 11:29 - 000000000 ____D C:\Users\hradal
2022-06-10 10:47 - 2021-12-02 13:10 - 000000000 ____D C:\Users\cielsa
2022-06-10 10:47 - 2020-06-21 09:51 - 000002391 _____ C:\Users\lokadmin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-06-10 10:47 - 2020-06-19 10:52 - 000000000 __SHD C:\Users\lokadmin\IntelGraphicsProfiles
2022-06-10 10:47 - 2020-06-19 10:51 - 000003372 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1014039644-72913205-4195499779-1001
2022-06-10 10:47 - 2020-06-19 10:49 - 000002370 _____ C:\Users\lokadmin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-06-10 10:47 - 2020-06-19 10:49 - 000000000 ____D C:\Users\lokadmin\AppData\Local\Packages
2022-06-09 13:43 - 2021-03-23 19:32 - 000001026 _____ C:\Users\kociir\AppData\Roaming\Microsoft\Windows\Start Menu\Seznam.cz.lnk
2022-06-09 13:43 - 2021-03-23 19:32 - 000001017 _____ C:\Users\kociir\Desktop\Seznam.cz.lnk
2022-06-09 13:37 - 2021-12-12 10:31 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2774596813-2351541506-2060952939-1290
2022-06-09 13:37 - 2020-06-24 08:32 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2774596813-2351541506-2060952939-1290
2022-06-09 13:37 - 2020-06-24 08:32 - 000002384 _____ C:\Users\kociir\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-06-01 08:19 - 2022-02-03 09:23 - 000000000 ____D C:\Users\kociir\AppData\Roaming\vlc
2022-06-01 07:10 - 2020-06-19 10:49 - 000000000 ____D C:\ProgramData\Packages

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================