Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21-07-2022
Ran by o (administrator) on DESKTOP-BAS7282 (MSI MS-7971) (26-07-2022 07:32:06)
Running from C:\Users\o\Downloads
Loaded Profiles: o
Platform: Microsoft Windows 10 Home Version 21H2 19044.1826 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(C:\Program Files\ESET\ESET Security\ekrn.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(C:\Program Files\ESET\ESET Security\ekrn.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eOppFrame.exe
(C:\Program Files\PowerToys\PowerToys.exe ->) (Microsoft Corporation -> ) C:\Program Files\PowerToys\modules\AlwaysOnTop\PowerToys.AlwaysOnTop.exe
(C:\Program Files\PowerToys\PowerToys.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\PowerToys\modules\Awake\PowerToys.Awake.exe
(C:\Program Files\PowerToys\PowerToys.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\PowerToys\modules\ColorPicker\PowerToys.ColorPickerUI.exe
(C:\Program Files\PowerToys\PowerToys.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\PowerToys\modules\FancyZones\PowerToys.FancyZones.exe
(C:\Program Files\PowerToys\PowerToys.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\PowerToys\modules\KeyboardManager\KeyboardManagerEngine\PowerToys.KeyboardManagerEngine.exe
(C:\Program Files\PowerToys\PowerToys.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\PowerToys\modules\launcher\PowerToys.PowerLauncher.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <7>
(explorer.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <12>
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_cad1db73e8c782a6\WMIRegistrationService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.4.2.223\WsAppService.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\PowerToys\PowerToys.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20970.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20970.0_x64__8wekyb3d8bbwe\HxTsr.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8811776 2016-05-05] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmdS.exe [194736 2022-06-29] (ESET, spol. s r.o. -> ESET)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKU\S-1-5-21-2671679121-1364000227-736312402-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\PhotoScreensaver.scr [581120 2021-01-14] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-2671679121-1364000227-736312402-1003\...\Run: [Spotify] => C:\Users\o\AppData\Roaming\Spotify\Spotify.exe [22151072 2020-03-03] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-2671679121-1364000227-736312402-1003\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [36976728 2022-06-14] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-2671679121-1364000227-736312402-1003\...\Run: [MicrosoftEdgeAutoLaunch_D00C0CEE96A4247AC77E9CCCCA600BF0] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3601832 2022-07-22] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2671679121-1364000227-736312402-1003\...\MountPoints2: {27c10510-1eac-11e8-a65c-4ccc6a63ea7c} - "F:\Lenovo_Suite.exe" 
HKU\S-1-5-21-2671679121-1364000227-736312402-1003\...\MountPoints2: {6a1adf00-6ae9-11eb-b4b1-4ccc6a63ea7c} - "F:\Lenovo_Suite.exe" 
HKU\S-1-5-21-2671679121-1364000227-736312402-1003\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\PhotoScreensaver.scr [581120 2021-01-14] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Print\Monitors\HP Discovery Port Monitor (HP DeskJet 5820 series): C:\WINDOWS\system32\HPDiscoPMEE11.dll [807056 2016-08-04] (Hewlett Packard -> Hewlett-Packard Development Company, LP)
HKLM\...\Print\Monitors\HP EE11 Status Monitor: C:\WINDOWS\system32\hpinkstsEE11LM.dll [383496 2015-09-01] (Hewlett Packard -> Hewlett-Packard Development Company, LP)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\103.0.5060.134\Installer\chrmstp.exe [2022-07-22] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ImageBrowser EX Agent.lnk [2018-08-06]
ShortcutTarget: ImageBrowser EX Agent.lnk -> C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe () [File not signed]

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {045B74D8-3DE4-4E91-9700-CD0596FE67F4} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
Task: {83A11FF9-2712-46E1-A4AD-8FBE7E89A8FA} - System32\Tasks\Optimize Push Notification Data File-S-1-5-21-2671679121-1364000227-736312402-1003 => {201600D8-6EFF-48CE-B842-E14D37A0682D} C:\WINDOWS\System32\wpninprc.dll [24064 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
Task: {8606ED69-96C9-4A95-A195-D6936EEE70AF} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {908F6C75-3F37-44AC-9B6F-7512DA2DE27E} - System32\Tasks\HPCustParticipation HP DeskJet 5820 series => C:\Program Files\HP\HP DeskJet 5820 series\Bin\HPCustPartic.exe [6104720 2016-08-04] (Hewlett Packard -> Hewlett-Packard Development Company, LP)
Task: {9F4FF601-8427-423A-B034-AA8E35F77D50} - System32\Tasks\PowerToys\Autorun for o => C:\Program Files\PowerToys\PowerToys.exe [1036720 2022-06-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {BDB3C620-56B7-4357-8C51-DC3F1A3DA378} - System32\Tasks\CCleanerSkipUAC - o => C:\Program Files\CCleaner\CCleaner.exe [31027800 2022-06-14] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {C0357576-F1A2-4775-9300-519DEF69B63B} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-06-14] (Piriform Software Ltd -> Piriform)
Task: {C066B677-8C84-4DCF-913E-D5C0BEA2829D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-08-05] (Google Inc -> Google Inc.)
Task: {CC3B15F9-3A5C-4A7C-9EE1-604E5BF343C3} - System32\Tasks\Intel PTT EK Recertification => C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\IntelPTTEKRecertification.exe [818008 2021-09-15] (Intel Corporation -> Intel(R) Corporation)
Task: {D972C587-B048-4E77-AB1E-B82DB57CB38F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-18] (Adobe Inc. -> Adobe Inc.)
Task: {E7DF2A2A-E524-4370-BB02-B212AFD161E5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-08-05] (Google Inc -> Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{7ca960af-b27a-4434-a2b9-ddc5ddff558b}: [DhcpNameServer] 10.0.0.138

Edge: 
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\o\AppData\Local\Microsoft\Edge\User Data\Default [2022-07-26]
Edge Notifications: Default -> hxxps://www.facebook.com

FireFox:
========
FF DefaultProfile: wztggr6w.default-1642687018808
FF ProfilePath: C:\Users\o\AppData\Roaming\Mozilla\Firefox\Profiles\wztggr6w.default-1642687018808 [2022-07-26]
FF Homepage: Mozilla\Firefox\Profiles\wztggr6w.default-1642687018808 -> hxxps://atlas.centrum.cz/?redirected=1533474501
FF Extension: (AdBlocker Ultimate) - C:\Users\o\AppData\Roaming\Mozilla\Firefox\Profiles\wztggr6w.default-1642687018808\Extensions\adblockultimate@adblockultimate.net.xpi [2022-05-25]
FF Extension: (Forget Me Not - Forget cookies & other data) - C:\Users\o\AppData\Roaming\Mozilla\Firefox\Profiles\wztggr6w.default-1642687018808\Extensions\forget-me-not@lusito.info.xpi [2022-01-20]
FF Extension: (HTTPS Everywhere) - C:\Users\o\AppData\Roaming\Mozilla\Firefox\Profiles\wztggr6w.default-1642687018808\Extensions\https-everywhere@eff.org.xpi [2022-01-20]
FF Extension: (Privacy Badger) - C:\Users\o\AppData\Roaming\Mozilla\Firefox\Profiles\wztggr6w.default-1642687018808\Extensions\jid1-MnnxcxisBPnSXQ@jetpack.xpi [2022-01-20]
FF Extension: (JavaScript-Java Bridge) - C:\Users\o\AppData\Roaming\Mozilla\Firefox\Profiles\wztggr6w.default-1642687018808\Extensions\jsjbridge@advancedcontrols.com.au.xpi [2022-01-20]
FF Extension: (Video DownloadHelper) - C:\Users\o\AppData\Roaming\Mozilla\Firefox\Profiles\wztggr6w.default-1642687018808\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2022-01-20]
FF Extension: (No Name) - C:\Users\o\AppData\Roaming\Mozilla\Firefox\Profiles\wztggr6w.default-1642687018808\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2022-06-01]
FF Extension: (javascript) - C:\Users\o\AppData\Roaming\Mozilla\Firefox\Profiles\wztggr6w.default-1642687018808\Extensions\{d4bc778f-3a98-44f4-9b2e-45fab92a21db}.xpi [2022-01-20]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2022-07-05] (Adobe Inc. -> Adobe Systems Inc.)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\eset_security_config_overlay.js [2022-07-26]

Chrome: 
=======
CHR Profile: C:\Users\o\AppData\Local\Google\Chrome\User Data\Default [2022-07-26]
CHR Notifications: Default -> hxxps://mail.google.com; hxxps://messages.google.com; hxxps://www.eurosport.com; hxxps://www.global-sport.cz; hxxps://www.semena-marihuany.cz
CHR Extension: (Dokumenty Google offline) - C:\Users\o\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-06-18]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\o\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Profile: C:\Users\o\AppData\Local\Google\Chrome\User Data\System Profile [2022-07-20]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-18] (Adobe Inc. -> Adobe Inc.)
S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1081432 2022-06-14] (Piriform Software Ltd -> )
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [3342536 2022-06-29] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [3342536 2022-06-29] (ESET, spol. s r.o. -> ESET)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [284808 2021-02-05] (HP Inc. -> HP Inc.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\NisSrv.exe [2491880 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MsMpEng.exe [128376 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WMIRegistrationService; C:\WINDOWS\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_cad1db73e8c782a6\WMIRegistrationService.exe [538736 2021-07-25] (Intel Corporation -> Intel Corporation)
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.2.223\WsAppService.exe [473312 2017-03-20] (Wondershare Technology Co.,Ltd -> Wondershare)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [192880 2022-06-29] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [116960 2022-06-29] (ESET, spol. s r.o. -> ESET)
R1 edevmonm; C:\WINDOWS\System32\DRIVERS\edevmonm.sys [119008 2022-06-29] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15824 2021-03-15] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [234192 2022-06-29] (ESET, spol. s r.o. -> ESET)
R2 ekbdflt; C:\WINDOWS\System32\drivers\ekbdflt.sys [52880 2022-06-29] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [79216 2022-06-29] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [119528 2022-06-29] (ESET, spol. s r.o. -> ESET)
S3 leusbser; C:\WINDOWS\System32\drivers\leusbser.sys [238080 2015-04-14] (Microsoft Windows Hardware Compatibility Publisher -> QUALCOMM Incorporated)
S3 qcusbwwan; C:\WINDOWS\System32\drivers\qcusbwwan.sys [557112 2017-03-15] (Microsoft Windows Hardware Compatibility Publisher -> QUALCOMM Incorporated)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [48536 2020-12-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [429296 2020-12-04] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [70896 2020-12-04] (Microsoft Windows -> Microsoft Corporation)
S3 umpusbwin8; \SystemRoot\system32\DRIVERS\umpusbvista.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-07-26 07:30 - 2022-07-26 07:30 - 002369536 _____ (Farbar) C:\Users\o\Downloads\FRST64(1).exe
2022-07-25 16:13 - 2022-07-25 16:13 - 008551608 _____ (Malwarebytes) C:\Users\o\Downloads\AdwCleaner.exe
2022-07-23 13:57 - 2022-07-23 13:57 - 000007229 _____ C:\Users\o\Downloads\FRST.zip
2022-07-23 12:56 - 2022-07-23 12:56 - 000028868 _____ C:\Users\o\Desktop\FRST.txt
2022-07-23 12:49 - 2022-07-26 07:32 - 000018847 _____ C:\Users\o\Downloads\FRST.txt
2022-07-23 12:48 - 2022-07-23 12:48 - 002369536 _____ (Farbar) C:\Users\o\Downloads\FRST64.exe
2022-07-23 10:22 - 2022-07-23 10:22 - 000146437 _____ C:\Users\o\Documents\OckovaciCertifikat 4. dávka Karla.pdf
2022-07-23 10:16 - 2022-07-23 10:16 - 000145445 _____ C:\Users\o\Documents\4.dávka já.pdf
2022-07-20 13:24 - 2022-07-20 13:24 - 000007314 _____ C:\WINDOWS\system32\cc_20220720_132407.reg
2022-07-20 13:24 - 2022-07-20 13:24 - 000000552 _____ C:\WINDOWS\system32\cc_20220720_132445.reg
2022-07-20 12:30 - 2022-07-20 12:30 - 001442299 _____ C:\Users\o\Downloads\navod-na-pouziti.pdf
2022-07-20 12:28 - 2022-07-20 12:28 - 002605809 _____ C:\Users\o\Downloads\navod-na-motor (1).pdf
2022-07-20 10:09 - 2022-07-20 10:09 - 002605809 _____ C:\Users\o\Downloads\navod-na-motor.pdf
2022-07-14 15:30 - 2022-07-14 15:30 - 002260480 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2022-07-14 15:30 - 2022-07-14 15:30 - 000693248 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2022-07-14 15:30 - 2022-07-14 15:30 - 000640512 _____ C:\WINDOWS\system32\SettingSyncDownloadHelper.dll
2022-07-14 15:30 - 2022-07-14 15:30 - 000530944 _____ (curl, hxxps://curl.se/) C:\WINDOWS\system32\curl.exe
2022-07-14 15:30 - 2022-07-14 15:30 - 000470528 _____ (curl, hxxps://curl.se/) C:\WINDOWS\SysWOW64\curl.exe
2022-07-14 15:30 - 2022-07-14 15:30 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-07-14 15:30 - 2022-07-14 15:30 - 000270848 _____ C:\WINDOWS\system32\EsclScan.dll
2022-07-14 15:30 - 2022-07-14 15:30 - 000152064 _____ C:\WINDOWS\system32\EsclProtocol.dll
2022-07-14 15:30 - 2022-07-14 15:30 - 000061952 _____ C:\WINDOWS\system32\printticketvalidation.dll
2022-07-14 15:30 - 2022-07-14 15:30 - 000057344 _____ C:\WINDOWS\system32\APMonUI.dll
2022-07-14 15:30 - 2022-07-14 15:30 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\mode.com
2022-07-14 15:30 - 2022-07-14 15:30 - 000026624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mode.com
2022-07-14 15:30 - 2022-07-14 15:30 - 000024576 _____ C:\WINDOWS\system32\WsdProviderUtil.dll
2022-07-14 15:30 - 2022-07-14 15:30 - 000020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\tree.com
2022-07-14 15:30 - 2022-07-14 15:30 - 000018944 _____ C:\WINDOWS\SysWOW64\WsdProviderUtil.dll
2022-07-14 15:30 - 2022-07-14 15:30 - 000017920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tree.com
2022-07-14 15:30 - 2022-07-14 15:30 - 000014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\chcp.com
2022-07-14 15:30 - 2022-07-14 15:30 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\chcp.com
2022-07-14 15:30 - 2022-07-14 15:30 - 000011811 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-07-14 15:21 - 2022-07-14 15:21 - 000000000 ___HD C:\$WinREAgent
2022-07-07 07:05 - 2022-07-08 07:27 - 000000000 ____D C:\Program Files\Mozilla Firefox
2022-07-02 01:25 - 2022-07-02 01:25 - 000000000 ____D C:\Users\o\.ms-ad

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-07-26 07:32 - 2019-01-15 17:30 - 000000000 ____D C:\FRST
2022-07-26 07:27 - 2022-03-04 16:57 - 000000000 ____D C:\Users\o\AppData\Roaming\WhatsApp
2022-07-26 07:23 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-07-26 06:53 - 2022-02-08 17:23 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2022-07-26 06:52 - 2022-06-10 13:52 - 000000000 ____D C:\Users\o\AppData\Roaming\eM Client
2022-07-26 06:52 - 2016-12-16 16:46 - 000000000 ____D C:\Users\o\AppData\LocalLow\Mozilla
2022-07-26 06:43 - 2020-07-29 18:25 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-07-26 06:35 - 2018-08-05 16:12 - 000000000 ____D C:\Program Files (x86)\Google
2022-07-26 06:29 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-07-26 06:29 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-07-26 06:15 - 2022-05-11 12:30 - 000713078 _____ C:\WINDOWS\system32\perfh005.dat
2022-07-26 06:15 - 2022-05-11 12:30 - 000143796 _____ C:\WINDOWS\system32\perfc005.dat
2022-07-26 06:15 - 2020-07-29 18:29 - 001683936 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-07-26 06:15 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2022-07-26 06:11 - 2018-08-05 16:13 - 000000000 ____D C:\Program Files\CCleaner
2022-07-26 06:09 - 2022-06-22 16:51 - 000000000 ____D C:\WINDOWS\system32\Tasks\PowerToys
2022-07-26 06:08 - 2020-07-29 18:30 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-07-26 06:08 - 2020-07-29 18:25 - 000008192 ___SH C:\DumpStack.log.tmp
2022-07-26 06:08 - 2018-08-05 10:15 - 000000000 ____D C:\ProgramData\NVIDIA
2022-07-26 06:08 - 2018-08-05 10:15 - 000000000 _____ C:\WINDOWS\system32\Drivers\lvuvc.hs
2022-07-25 17:13 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2022-07-25 16:19 - 2021-03-23 15:34 - 000000000 ____D C:\Users\o\AppData\Roaming\Hewlett-Packard
2022-07-25 16:19 - 2021-03-23 15:32 - 000000000 ____D C:\Program Files (x86)\Hewlett-Packard
2022-07-24 07:39 - 2020-06-08 07:27 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-07-24 07:39 - 2020-06-08 07:27 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2022-07-23 14:10 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2022-07-23 06:50 - 2022-03-04 16:57 - 000000000 ____D C:\Users\o\AppData\Local\WhatsApp
2022-07-22 06:35 - 2018-08-05 16:13 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-07-22 06:35 - 2018-08-05 16:13 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-07-15 07:23 - 2021-12-14 08:41 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2671679121-1364000227-736312402-1003
2022-07-15 07:23 - 2020-07-29 18:30 - 000003370 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2671679121-1364000227-736312402-1003
2022-07-15 07:23 - 2020-07-29 13:54 - 000002365 _____ C:\Users\o\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-07-14 15:35 - 2022-05-05 06:59 - 000303640 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-07-14 15:35 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2022-07-14 15:35 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-07-14 15:35 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2022-07-14 15:35 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-07-14 15:35 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2022-07-14 15:35 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2022-07-14 15:35 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-07-14 15:35 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2022-07-14 15:35 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\DDFs
2022-07-14 15:35 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2022-07-14 15:35 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2022-07-14 15:35 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-07-14 15:33 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-07-14 15:30 - 2020-07-29 18:28 - 003010560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-07-14 15:21 - 2018-08-05 17:39 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-07-14 15:19 - 2022-01-14 17:05 - 000000000 ____D C:\Program Files\dotnet
2022-07-14 15:19 - 2018-08-05 17:39 - 146546848 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-07-14 15:19 - 2018-08-05 16:07 - 000000000 ____D C:\ProgramData\Package Cache
2022-07-14 07:44 - 2016-12-05 10:57 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2022-07-08 07:27 - 2018-08-05 15:06 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-07-07 07:10 - 2021-10-09 12:32 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2022-07-07 07:10 - 2018-08-05 15:06 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2022-07-02 07:53 - 2018-08-05 10:58 - 000000000 ____D C:\Users\o\AppData\Local\D3DSCache
2022-07-02 01:25 - 2020-07-29 13:54 - 000000000 ____D C:\Users\o
2022-06-29 17:25 - 2022-03-28 17:30 - 000119008 _____ (ESET) C:\WINDOWS\system32\Drivers\edevmonm.sys
2022-06-29 17:25 - 2018-07-12 14:22 - 000234192 _____ (ESET) C:\WINDOWS\system32\Drivers\ehdrv.sys
2022-06-29 17:25 - 2018-07-12 14:22 - 000192880 _____ (ESET) C:\WINDOWS\system32\Drivers\eamonm.sys
2022-06-29 17:25 - 2018-07-12 14:22 - 000119528 _____ (ESET) C:\WINDOWS\system32\Drivers\epfwwfp.sys
2022-06-29 17:25 - 2018-07-12 14:22 - 000116960 _____ (ESET) C:\WINDOWS\system32\Drivers\edevmon.sys
2022-06-29 17:25 - 2018-07-12 14:22 - 000079216 _____ (ESET) C:\WINDOWS\system32\Drivers\epfw.sys
2022-06-29 17:25 - 2018-03-30 17:23 - 000052880 _____ (ESET) C:\WINDOWS\system32\Drivers\ekbdflt.sys

==================== Files in the root of some directories ========

2019-02-09 11:09 - 2022-06-09 06:41 - 000004608 _____ () C:\Users\o\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2020-06-08 17:23 - 2020-06-08 17:23 - 000000917 _____ () C:\Users\o\AppData\Local\recently-used.xbel

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================