Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 30-08-2022
Ran by admin (administrator) on DESKTOP-ODPUFHC (HP HP EliteBook 850 G3) (07-09-2022 16:03:48)
Running from C:\scan
Loaded Profiles: admin
Platform: Microsoft Windows 10 Pro Version 21H2 19044.1949 (X64) Language: Slovenčina (Slovensko)
Default browser: Edge
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\ProgramData\Mobile Partner\OnlineUpdate\LiveUpd.exe
() [File not signed] C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe
(C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe ->) (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(C:\ProgramData\DatacardService\HWDeviceService64.exe ->) (Huawei Technologies Co., Ltd. -> Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(C:\Windows\CxSvc\CxMonSvc.exe ->) (Conexant Systems LLC -> Conexant) C:\Windows\System32\MicTray64.exe
(Conexant Systems LLC -> Conexant Systems, Inc.) C:\Program Files\CONEXANT\SA3\HP-NB-AIO\SmartAudio3.exe
(DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_e2143fc8249238dd\HotKeyServiceUWP.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_e2143fc8249238dd\HPHotkeyNotification.exe
(DriverStore\FileRepository\igdlh64.inf_amd64_e6daaea9afe1e6f6\igfxCUIService.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_e6daaea9afe1e6f6\igfxEM.exe
(explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(explorer.exe ->) (Nero AG -> Nero AG) C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) C:\Windows\RtsCM64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler64.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Conexant Systems LLC -> Conexant Systems, Inc.) C:\Windows\CxSvc\CxUtilSvc.exe
(services.exe ->) (Conexant Systems, Inc.) [File not signed] C:\Windows\SysWOW64\UIUSrv2.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_e2143fc8249238dd\HotKeyServiceUWP.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_e2143fc8249238dd\LanWlanWwanSwitchingServiceUWP.exe
(services.exe ->) (HP Inc. -> HP) C:\Windows\System32\HP3DDGService.exe
(services.exe ->) (HP Inc. -> HP) C:\Windows\System32\hpservice.exe
(services.exe ->) (Huawei Technologies Co., Ltd. -> ) C:\ProgramData\DatacardService\HWDeviceService64.exe
(services.exe ->) (Intel Corporation -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(services.exe ->) (Intel Corporation -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(services.exe ->) (Intel Corporation -> Intel(R) Corporation) C:\Windows\SysWOW64\XtuService.exe
(services.exe ->) (Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_e6daaea9afe1e6f6\igfxCUIService.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_e6daaea9afe1e6f6\IntelCpHDCPSvc.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_e6daaea9afe1e6f6\IntelCpHeciSvc.exe
(services.exe ->) (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\Microsoft Shared\VS7Debug\mdm.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> ) C:\Windows\System32\fpCSEvtSvc.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated) C:\Windows\System32\valWBFPolicyService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\NisSrv.exe
(services.exe ->) (Nero AG -> Nero AG) C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe
(services.exe ->) (Nero AG -> Nero AG) C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
(services.exe ->) (Prolific Technology Inc.) [File not signed] C:\Windows\SysWOW64\IoctlSvc.exe
(services.exe ->) (Synaptics Incorporated -> Conexant Systems, Inc) C:\Windows\CxSvc\CxMonSvc.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_4.2204.13303.0_x64__8wekyb3d8bbwe\Cortana.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtsCM] => C:\WINDOWS\RTSCM64.EXE [225280 2017-05-27] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322104 2016-03-08] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM-x32\...\Run: [NBKeyScan] => C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [2221352 2008-06-08] (Nero AG -> Nero AG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706680 2020-09-16] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-2441273423-3611567560-2753736036-1001\...\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe [1840424 2008-06-24] (Nero AG -> Nero AG)
HKU\S-1-5-21-2441273423-3611567560-2753736036-1001\...\Run: [MicrosoftEdgeAutoLaunch_29EBC4579851B72EE312C449CF839B1A] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3795360 2022-09-02] (Microsoft Corporation -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\105.0.5195.102\Installer\chrmstp.exe [2022-09-06] (Google LLC -> Google LLC)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1DF3854A-727F-4BC2-B995-C10E0EFBB143} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MpCmdRun.exe [1335960 2022-08-30] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {2DD75F8F-A879-45C9-B404-A3E73F146F01} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_ERROR_HB => C:\WINDOWS\system32\MRT.exe [144534560 2022-08-16] (Microsoft Windows -> Microsoft Corporation)
Task: {3A263EFE-C61F-43E5-AE44-A0052CB68DBE} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\TempState\Downloads\esetonlinescanner_sky (1).exe SCHED (No File)
Task: {3FBADAF1-4BDB-4EBB-868C-E44343E95FFA} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MpCmdRun.exe [1335960 2022-08-30] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {42BF1BCB-EDA2-4FB8-8C82-8101031B1B78} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe /noreport (No File)
Task: {5E9E0E69-3B50-45DB-9C6B-799FECCF9EB9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MpCmdRun.exe [1335960 2022-08-30] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {6525013F-5E67-4BAC-8992-F8B6BAE720F4} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [651400 2017-09-20] (Hewlett Packard -> HP Inc.)
Task: {797D0E6C-2BAB-4406-B5B1-5D3E3DC38C76} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe /L Analysis (No File)
Task: {7AE7CCBF-CC3B-4BB2-AD4D-4ED4C17A2EBE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-05-26] (Google Inc -> Google Inc.)
Task: {7E4DCC18-28BE-4A18-9B3E-47374883A1EB} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe /taskrestart (No File)
Task: {A620D80D-3D81-4A46-91C2-A152498B333B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-18] (Adobe Inc. -> Adobe Inc.)
Task: {A91C6ACA-F498-44D0-ACB0-6B17E7F3F230} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe -task -source HPSA (No File)
Task: {BEADF86E-A4C1-43FE-B6D4-904D7B2BCD4E} - System32\Tasks\Microsoft\Windows\Conexant\SA3 => C:\Program Files\CONEXANT\SA3\HP-NB-AIO\SACpl.exe [1832280 2017-06-07] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
Task: {C412E17F-8E95-4E57-ADC9-54D7AD99B885} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [651400 2017-09-20] (Hewlett Packard -> HP Inc.)
Task: {C9061031-74CC-42B2-AC96-6E713EFAFDA8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [120680 2017-06-22] (HP Inc. -> HP Inc.)
Task: {D0AA62F5-E52A-490E-9649-2C2ADBBAB285} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MpCmdRun.exe [1335960 2022-08-30] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D697261B-3697-4DB0-A29B-17DC580EB988} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-05-26] (Google Inc -> Google Inc.)
Task: {DB2396A2-FDC8-49C7-AAC1-14EA9A7BEE39} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\admin\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\TempState\Downloads\esetonlinescanner_sky (1).exe LOGON (No File)
Task: {F35DA796-44ED-46FF-BA15-BB987FA09954} - System32\Tasks\Microsoft\Windows\Conexant\MicTray => C:\Windows\System32\MicTray64.exe [2938448 2020-07-02] (Conexant Systems LLC -> Conexant)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.6.1
Tcpip\..\Interfaces\{7d6480fd-ff7d-4f26-b79a-6bf293321649}: [DhcpNameServer] 192.168.6.1

Edge: 
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\admin\AppData\Local\Microsoft\Edge\User Data\Default [2022-09-07]
Edge StartupUrls: Default -> "hxxps://google.sk/"

FireFox:
========
FF DefaultProfile: pso58u4r.default
FF ProfilePath: C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\pso58u4r.default [2020-03-04]
FF Plugin: @java.com/DTPlugin,version=11.271.2 -> C:\Program Files\Java\jre1.8.0_271\bin\dtplugin\npDeployJava1.dll [2020-12-21] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.271.2 -> C:\Program Files\Java\jre1.8.0_271\bin\plugin2\npjp2.dll [2020-12-21] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2012-06-28] (VideoLAN) [File not signed]
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2022-08-02] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2011-04-14] (Google Inc. -> Google, Inc.)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\eset_security_config_overlay.js [2022-09-07]

Chrome: 
=======
CHR Profile: C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default [2022-09-07]
CHR Notifications: Default -> hxxps://kizi.com; hxxps://meet.google.com; hxxps://www.facebook.com; hxxps://www.filmujeme.sk; hxxps://www.instagram.com
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-08-26]
CHR Extension: (Sea Foam) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lahipjfggmgneaopcckkaipmoandaboo [2020-06-22]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-30]
CHR Profile: C:\Users\admin\AppData\Local\Google\Chrome\User Data\System Profile [2020-06-14]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-18] (Adobe Inc. -> Adobe Inc.)
R2 CxMonSvc; C:\WINDOWS\CxSvc\CxMonSvc.exe [56496 2020-09-09] (Synaptics Incorporated -> Conexant Systems, Inc)
R2 fpCsEvtSvc; C:\WINDOWS\System32\fpCSEvtSvc.exe [22424 2019-05-05] (Microsoft Windows Hardware Compatibility Publisher -> )
R2 HotKeyServiceUWP; C:\WINDOWS\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_e2143fc8249238dd\HotKeyServiceUWP.exe [1556592 2022-06-14] (HP Inc. -> HP Inc.)
R2 hp3ddgsrv; C:\WINDOWS\system32\HP3DDGService.exe [130072 2017-09-22] (HP Inc. -> HP)
R2 hpsrv; C:\WINDOWS\system32\Hpservice.exe [38728 2016-10-11] (HP Inc. -> HP)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [332144 2017-11-21] (HP Inc. -> HP Inc.)
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [351824 2014-01-15] (Huawei Technologies Co., Ltd. -> )
R2 LanWlanWwanSwitchingServiceUWP; C:\WINDOWS\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_e2143fc8249238dd\LanWlanWwanSwitchingServiceUWP.exe [602224 2022-06-14] (HP Inc. -> HP Inc.)
R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed]
S2 Mobile Partner. RunOuc; C:\Program Files (x86)\Mobile Partner\UpdateDog\ouc.exe [645120 2015-12-17] () [File not signed]
R2 Nero BackItUp Scheduler 3; C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe [877864 2008-06-08] (Nero AG -> Nero AG)
R3 NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [537896 2008-06-24] (Nero AG -> Nero AG)
R2 PLFlash DeviceIoControl Service; C:\WINDOWS\SysWOW64\IoctlSvc.exe [81920 2006-12-19] (Prolific Technology Inc.) [File not signed]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [224160 2022-09-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 UIUService2; C:\WINDOWS\SysWOW64\UIUSrv2.exe [108544 2018-02-06] (Conexant Systems, Inc.) [File not signed]
R2 valWBFPolicyService; C:\WINDOWS\System32\valWBFPolicyService.exe [91032 2019-05-05] (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\NisSrv.exe [3125112 2022-08-30] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MsMpEng.exe [133560 2022-08-30] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 ew_hwusbdev; C:\WINDOWS\system32\DRIVERS\ew_hwusbdev.sys [109568 2013-01-25] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 ew_usbenumfilter; C:\WINDOWS\System32\drivers\ew_usbenumfilter.sys [18688 2015-01-15] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 hwusb_cdcacm; C:\WINDOWS\system32\DRIVERS\ew_cdcacm.sys [126080 2014-12-10] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 hwusb_wwanecm; C:\WINDOWS\System32\drivers\ew_wwanecm.sys [381312 2015-01-26] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R3 MpKsl5cc6a6fb; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{4E93C61B-D19F-4C95-8B7D-2C0CB87C3558}\MpKslDrv.sys [228600 2022-09-07] (Microsoft Windows -> Microsoft Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49576 2022-08-30] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [453904 2022-08-30] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [94480 2022-08-30] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [37280 2021-11-23] (HP Inc. -> HP)
S3 MpKsl0d227eeb; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{F97BBE77-0EE4-4C02-812C-89DB123E5A96}\MpKslDrv.sys [X]
S3 MpKsl7e0998e0; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{F97BBE77-0EE4-4C02-812C-89DB123E5A96}\MpKslDrv.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-09-07 15:40 - 2022-09-07 15:43 - 000000000 ____D C:\AdwCleaner
2022-09-07 15:40 - 2022-09-07 15:40 - 008551608 _____ (Malwarebytes) C:\Users\admin\Downloads\adwcleaner (1).exe
2022-09-07 13:29 - 2022-09-07 13:29 - 000011845 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-09-07 13:28 - 2022-09-07 13:28 - 000413696 _____ C:\WINDOWS\system32\AzureCheck.dll
2022-09-07 13:28 - 2022-09-07 13:28 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-09-07 13:28 - 2022-09-07 13:28 - 000098816 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2022-09-07 12:25 - 2022-09-07 12:25 - 000000000 ___HD C:\$WinREAgent
2022-09-07 11:58 - 2022-09-07 11:58 - 000000000 ____D C:\WINDOWS\Firmware
2022-09-07 11:56 - 2018-11-27 07:02 - 004769760 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RsDMFT64.dll
2022-09-07 11:53 - 2022-09-07 11:53 - 000001382 _____ C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2022-09-07 11:53 - 2022-09-07 11:53 - 000001276 _____ C:\Users\admin\Desktop\ESET Online Scanner.lnk
2022-09-07 11:52 - 2022-09-07 11:52 - 015274968 _____ (ESET) C:\Users\admin\Downloads\esetonlinescanner.exe
2022-09-07 10:54 - 2022-09-07 11:26 - 000000000 ____D C:\scan
2022-09-07 10:53 - 2022-09-07 10:53 - 002371072 _____ (Farbar) C:\Users\admin\Downloads\FRST64 (1).exe
2022-09-07 10:42 - 2022-09-07 10:42 - 000279560 _____ C:\Users\admin\Downloads\CrucialScan.exe
2022-09-05 16:55 - 2022-09-05 16:55 - 000000000 ____H C:\Users\admin\BIT2EA1.tmp
2022-08-22 12:51 - 2022-08-22 14:32 - 1776645941 _____ C:\Users\admin\Downloads\testovnice..zip
2022-08-20 21:01 - 2022-08-20 21:01 - 000581120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2022-08-20 21:01 - 2022-08-20 21:01 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2022-08-20 20:57 - 2022-08-20 20:57 - 000162304 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2022-08-20 20:57 - 2022-08-20 20:57 - 000089088 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.proxystub.dll
2022-08-20 20:57 - 2022-08-20 20:57 - 000073216 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.internal.proxystub.dll

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-09-07 16:11 - 2021-03-16 00:31 - 000004212 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{7FDEC030-4942-4284-9C86-8ADA76976786}
2022-09-07 16:06 - 2020-03-02 11:09 - 000000000 ____D C:\FRST
2022-09-07 15:53 - 2017-05-26 18:31 - 000000000 ____D C:\ProgramData\Hewlett-Packard
2022-09-07 15:50 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-09-07 15:50 - 2017-05-26 21:58 - 000000000 ____D C:\Program Files (x86)\Google
2022-09-07 15:48 - 2017-05-26 19:57 - 000000000 __SHD C:\Users\admin\IntelGraphicsProfiles
2022-09-07 15:46 - 2021-03-16 00:31 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-09-07 15:46 - 2021-03-15 23:54 - 000008192 ___SH C:\DumpStack.log.tmp
2022-09-07 15:46 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2022-09-07 15:46 - 2017-10-01 20:55 - 000000000 ____D C:\ProgramData\Synaptics
2022-09-07 15:46 - 2017-05-26 19:57 - 000000000 ____D C:\Intel
2022-09-07 15:45 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2022-09-07 15:43 - 2017-10-01 20:50 - 000000000 ____D C:\Program Files (x86)\HP
2022-09-07 15:43 - 2017-05-26 22:48 - 000000000 ____D C:\Users\admin\AppData\Roaming\Hewlett-Packard
2022-09-07 15:43 - 2017-05-26 22:48 - 000000000 ____D C:\Users\admin\AppData\Local\Hewlett-Packard
2022-09-07 15:43 - 2017-05-26 18:44 - 000000000 ____D C:\Program Files (x86)\Hewlett-Packard
2022-09-07 15:39 - 2021-03-15 23:55 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-09-07 15:01 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2022-09-07 13:56 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-09-07 13:51 - 2021-03-16 00:17 - 000937102 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-09-07 13:50 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-09-07 13:45 - 2021-03-15 23:55 - 000455496 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-09-07 13:44 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2022-09-07 13:38 - 2019-12-07 16:41 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2022-09-07 13:38 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-09-07 13:38 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2022-09-07 13:38 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-09-07 13:38 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-09-07 13:38 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2022-09-07 13:38 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-09-07 13:38 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\DDFs
2022-09-07 13:38 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2022-09-07 13:38 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-09-07 13:28 - 2021-03-16 00:00 - 003011072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-09-07 11:57 - 2017-10-01 20:50 - 000000000 ____D C:\WINDOWS\SysWOW64\sda
2022-09-07 11:42 - 2017-08-17 07:41 - 000000000 ____D C:\WINDOWS\system32\appmgmt
2022-09-07 11:38 - 2017-05-26 22:26 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2022-09-07 11:38 - 2017-05-26 21:58 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2022-09-07 11:34 - 2015-07-10 13:04 - 000000076 _____ C:\WINDOWS\win.ini
2022-09-07 11:33 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2022-09-06 20:55 - 2021-03-16 00:04 - 000000000 ____D C:\Users\admin
2022-09-06 18:54 - 2017-05-26 21:59 - 000002313 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-09-06 18:54 - 2017-05-26 21:59 - 000002272 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-09-05 16:07 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-09-05 16:06 - 2020-06-06 18:00 - 000002444 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-09-05 16:06 - 2020-06-06 18:00 - 000002282 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2022-09-05 15:52 - 2018-02-06 21:01 - 000000000 ____D C:\Users\admin\AppData\Local\Packages
2022-08-30 13:00 - 2018-12-25 18:16 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2022-08-29 20:30 - 2021-03-16 00:31 - 000003458 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2022-08-29 20:30 - 2021-03-16 00:31 - 000003334 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2022-08-24 15:03 - 2019-12-07 16:41 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2022-08-24 15:03 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-08-24 15:03 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2022-08-17 15:24 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2022-08-17 15:04 - 2021-03-16 00:31 - 000003632 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-08-17 15:04 - 2021-03-16 00:31 - 000003508 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-08-16 21:09 - 2017-05-26 20:44 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-08-16 17:34 - 2017-05-26 20:44 - 144534560 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-08-16 17:16 - 2021-03-16 00:31 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2022-08-16 17:15 - 2021-12-04 20:57 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2022-08-16 17:15 - 2021-12-04 20:57 - 000002061 _____ C:\Users\Public\Desktop\Adobe Acrobat DC.lnk

==================== Files in the root of some directories ========

2018-01-07 13:41 - 2020-04-18 16:56 - 000000115 _____ () C:\Users\admin\AppData\Roaming\default.pls
2020-03-02 11:53 - 2020-03-02 11:53 - 000007604 _____ () C:\Users\admin\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================