Prosím o kontrolu LOGu

[Vlcicek]

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 01-05-2025
Ran by Admin (01-05-2025 16:46:15)
Running from C:\Users\Admin\Downloads
Microsoft Windows 10 Home Version 22H2 19045.5737 (X86) (2021-03-24 16:20:09)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

(If an entry is included in the fixlist, it will be removed.)

Admin (S-1-5-21-3279915553-144671565-1551219872-1001 - Administrator - Enabled) => C:\Users\Admin
Administrator (S-1-5-21-3279915553-144671565-1551219872-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3279915553-144671565-1551219872-503 - Limited - Disabled)
Guest (S-1-5-21-3279915553-144671565-1551219872-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-3279915553-144671565-1551219872-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET Security (Enabled - Up to date) {DF8BEACB-94C9-218A-73AD-A78362A8C516}
AV: ESET Security (Enabled - Up to date) {89B55CC4-3881-78B2-11E2-479AE0371896}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Security (Enabled - Up to date) {885D845F-AF19-0124-FECE-FFF49D00F440}
AV: ESET Security (Enabled - Up to date) {26E0861C-6FB9-CEF9-E4F0-531986211ACE}
AV: ESET Security (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET Security (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Firewall (Enabled) {B066057A-E576-007C-D591-56C163D3B33B}
FW: ESET Firewall (Enabled) {E7B06BEE-DEA6-20D2-58F2-0EB69C7B826D}
FW: ESET Firewall (Enabled) {D426EE12-AE7E-4602-F40F-BBCA8137EB0B}
FW: ESET Firewall (Enabled) {B18EDDE1-72EE-79EA-3ABD-EEAF1EE45FED}
FW: ESET Firewall (Enabled) {1EDB0739-25D6-CFA1-CFAF-FA2C78F25DB5}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

32 Bit HP CIO Components Installer (HKLM\...\{13DA9C7C-EBFB-40D0-94A1-55B42883DF21}) (Version: 21.1.1 - HP) Hidden
Adobe Acrobat Reader - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 25.001.20435 - Adobe Systems Incorporated)
Adobe Refresh Manager (HKLM\...\{AC76BA86-0804-1033-1959-018244601110}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Aktualizace NVIDIA 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)
Alfa CD (HKLM\...\{6ADC89F1-39B9-4CFF-A2E3-DFF8DFD0D86D}) (Version: 17.01.0000 - Soft Books, s.r.o.)
ANT Drivers Installer x86 (HKLM\...\{98F8F24D-3601-4E88-B11E-89D214613252}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 6.35 - Piriform)
Classic Shell (HKLM\...\{8A99142D-5D6E-40B6-AF88-8BD46F0C5CB4}) (Version: 4.3.1 - IvoSoft)
Elevated Installer (HKLM\...\{18AEB4F6-E1F2-46F0-8EE7-DF75AB69B1A6}) (Version: 7.22.1.0 - Garmin Ltd or its subsidiaries) Hidden
ESET Security (HKLM\...\{8CD7CEB4-F243-4761-8EEB-BAE2E9632671}) (Version: 18.1.10.0 - ESET, spol. s r.o.)
Garmin Express (HKLM\...\{9c7ffc5d-200e-4c88-8745-95a5eb7f6cdf}) (Version: 7.22.1.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM\...\{AC6E3A58-4822-4C8E-BD3A-7B9B2F588BE6}) (Version: 7.22.1.0 - Garmin Ltd or its subsidiaries) Hidden
Google Chrome (HKLM\...\Google Chrome) (Version: 135.0.7049.115 - Google LLC)
Google Update Helper (HKLM\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.169 - Google Inc.) Hidden
IDOS Komplet 2025 (HKLM\...\{7F071BBB-DED3-4C43-A2B2-C4817AD1BF3C}_is1) (Version: - CHAPS spol. s r.o.)
Java 8 Update 411 (HKLM\...\{77924AE4-039E-4CA4-87B4-2F32180411F0}) (Version: 8.0.4110.9 - Oracle Corporation)
Microsoft Edge (HKLM\...\Microsoft Edge) (Version: 135.0.3179.98 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM\...\Microsoft EdgeWebView) (Version: 135.0.3179.98 - Microsoft Corporation) Hidden
Microsoft Office 2010 pro podnikatele (HKLM\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Access MUI (Czech) 2010 (HKLM\...\{90140000-0015-0405-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (Czech) 2010 (HKLM\...\{90140000-0016-0405-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (Czech) 2010 (HKLM\...\{90140000-00A1-0405-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (Czech) 2010 (HKLM\...\{90140000-001A-0405-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (Czech) 2010 (HKLM\...\{90140000-0018-0405-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Czech) 2010 (HKLM\...\{90140000-001F-0405-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (HKLM\...\{90140000-001F-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (HKLM\...\{90140000-001F-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Slovak) 2010 (HKLM\...\{90140000-001F-041B-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Czech) 2010 (HKLM\...\{90140000-002C-0405-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (Czech) 2010 (HKLM\...\{90140000-0019-0405-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Czech) 2010 (HKLM\...\{90140000-006E-0405-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Single Image 2010 (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (Czech) 2010 (HKLM\...\{90140000-001B-0405-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft SQL Server Compact 4.0 ENU (HKLM\...\{2F141715-E144-48C0-8562-D193B7AB85BC}) (Version: 4.0.8482.1 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{8F99DEF4-B09B-40D7-9EF5-58DB00C1E053}) (Version: 3.74.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.23.27820 (HKLM\...\{45231ab4-69fd-486a-859d-7a59fcd11013}) (Version: 14.23.27820.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.23.27820 (HKLM\...\{86BE78D9-65A1-4E69-86F8-C1F5281F8553}) (Version: 14.23.27820 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.23.27820 (HKLM\...\{00AC3934-26B4-406E-807C-1692AC7329EC}) (Version: 14.23.27820 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\{4DC59BF3-0D72-3CE8-BFEF-1E8FAF689EB0}) (Version: 10.0.50908 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox (x86 cs) (HKLM\...\Mozilla Firefox 138.0.1 (x86 cs)) (Version: 138.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 138.0.1.127 - Mozilla)
NVIDIA Ovladač 3D Vision 342.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 342.01 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 342.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 342.01 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (HKLM\...\NVIDIAStereo) (Version: 7.17.12.6514 - NVIDIA Corporation) Hidden
Rajče průvodce verze 1.59.54.269 (HKLM\...\rajce.net_is1) (Version: - rajce.net)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-0015-0405-0000-0000000FF1CE}_Office14.SingleImage_{DAB3EE22-FB0E-401F-9418-E9F0B08AEB39}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-0016-0405-0000-0000000FF1CE}_Office14.SingleImage_{DAB3EE22-FB0E-401F-9418-E9F0B08AEB39}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-0018-0405-0000-0000000FF1CE}_Office14.SingleImage_{DAB3EE22-FB0E-401F-9418-E9F0B08AEB39}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-0019-0405-0000-0000000FF1CE}_Office14.SingleImage_{DAB3EE22-FB0E-401F-9418-E9F0B08AEB39}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-001A-0405-0000-0000000FF1CE}_Office14.SingleImage_{DAB3EE22-FB0E-401F-9418-E9F0B08AEB39}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-001B-0405-0000-0000000FF1CE}_Office14.SingleImage_{DAB3EE22-FB0E-401F-9418-E9F0B08AEB39}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-001F-0405-0000-0000000FF1CE}_Office14.SingleImage_{A71E3AD4-5545-4D59-9F11-75F363563C6A}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{8925227F-C7B5-4C95-AB58-4FCF2433DAEE}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{09A9DF49-DA06-4093-A2FD-F339211E39EA}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-001F-041B-0000-0000000FF1CE}_Office14.SingleImage_{0C337AF5-E6A7-4B6B-8F8E-08F9C6F956B4}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-002C-0405-0000-0000000FF1CE}_Office14.SingleImage_{EA82267F-4AAB-46BA-AD6A-9EBB544D0EF7}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-006E-0405-0000-0000000FF1CE}_Office14.SingleImage_{2C911571-C8B6-400B-B323-417C1806E866}) (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-00A1-0405-0000-0000000FF1CE}_Office14.SingleImage_{DAB3EE22-FB0E-401F-9418-E9F0B08AEB39}) (Version: - Microsoft) Hidden
Update for Windows (KB5001716) (HKLM\...\{E7CCCC6B-92AF-4A65-B3EF-6C117436902A}) (Version: 8.94.0.0 - Microsoft Corporation)
Zoner Photo Studio 17 (HKLM\...\ZonerPhotoStudio17_CZ_is1) (Version: 17.0.1.12 - ZONER software)

Packages:
=========Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_7.17.65.0_x86__kgqvnymyfvs32 [2025-03-16] (king.com)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.209.700.0_x86__kgqvnymyfvs32 [2025-03-16] (king.com)
Canon Inkjet Print Utility -> C:\Program Files\WindowsApps\34791E63.CanonInkjetPrintUtility_3.1.0.0_neutral__6e5tt8cgb93ep [2025-03-16] (Canon Inc.)
Disney Magic Kingdoms -> C:\Program Files\WindowsApps\A278AB0D.DisneyMagicKingdoms_10.3.10.0_x86__h6adky7gbf63m [2025-04-22] (Gameloft SE)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x86__8wekyb3d8bbwe [2025-03-16] (Microsoft Corporation)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_158.2.1134.0_x86__v10z8vjag6ke6 [2025-04-06] (HP Inc.)
March of Empires: War of Lords -> C:\Program Files\WindowsApps\A278AB0D.MarchofEmpires_8.9.0.0_x86__h6adky7gbf63m [2025-05-01] (Gameloft SE)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2025-03-16] (Microsoft Corporation) [MS Ad]
Spotify – hudba a podcasty -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.253.440.0_x86__zpdnekdrzrea0 [2025-03-16] (Spotify AB) [Startup Task]
Vyhledávání na webu z Microsoft Bingu -> C:\Program Files\WindowsApps\Microsoft.BingSearch_1.0.95.0_x86__8wekyb3d8bbwe [2025-03-16] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3279915553-144671565-1551219872-1001_Classes\CLSID\{30243641-2813-4951-5000-000000000000}\localserver32 -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\ADNotificationManager.exe (Adobe Inc. -> Adobe)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll [2017-08-13] (Ivaylo Beltchev -> IvoSoft) [File not signed]
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2025-03-19] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2025-03-19] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2016-11-14] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2025-03-19] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [StartMenuExt] -> {E595F05F-903F-4318-8B0A-7F633B520D2B} => C:\WINDOWS\System32\StartMenuHelper32.dll [2017-08-13] (Ivaylo Beltchev -> IvoSoft) [File not signed]

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2017-08-13 09:49 - 2017-08-13 09:49 - 003239736 _____ (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicStartMenuDLL.dll
2017-08-13 09:49 - 2017-08-13 09:49 - 000248120 _____ (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\WINDOWS\System32\StartMenuHelper32.dll
2021-03-24 18:00 - 2016-11-14 11:45 - 001220424 _____ (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed] C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPI.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HidSpiCx.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HidSpiCx.sys => ""="Driver"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) =============

HKU\S-1-5-21-3279915553-144671565-1551219872-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.seznam.cz/
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2017-08-13] (Ivaylo Beltchev -> IvoSoft) [File not signed]
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre-1.8\bin\ssv.dll [2024-03-13] (Oracle America, Inc. -> Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre-1.8\bin\jp2ssv.dll [2024-03-13] (Oracle America, Inc. -> Oracle Corporation)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2017-08-13] (Ivaylo Beltchev -> IvoSoft) [File not signed]
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2017-08-13] (Ivaylo Beltchev -> IvoSoft) [File not signed]

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2017-09-29 13:55 - 2018-10-16 16:21 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Common Files\Oracle\Java\java8path;C:\Program Files\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-3279915553-144671565-1551219872-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\windows\img0.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

Network Binding:
=============
Wi-Fi: Realtek RTL8192EU Wireless LAN 802.11n USB 2.0 Network Adapter -> rtwlanu.sys
Ethernet: Realtek PCIe GbE Family Controller -> rt640x86.sys

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKU\S-1-5-21-3279915553-144671565-1551219872-1001\...\StartupApproved\Run: => "Zoner Photo Studio Autoupdate"
HKU\S-1-5-21-3279915553-144671565-1551219872-1001\...\StartupApproved\Run: => "GarminExpress"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{FF11DFD5-45FE-4511-8458-BF66725D25B0}] => (Allow) C:\Program Files\Zoner\Photo Studio 17\Program32\MediaServer.exe (ZONER software, a.s. -> ZONER software)
FirewallRules: [{1A6BD0D8-42F0-4DFD-81FC-2B83793766CA}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{606A63F0-BF98-4304-9B06-19012B7B82C2}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{CBB8C915-6BF5-4CEE-BDD6-16BE3AE93A19}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Gen Digital Inc. -> Gen Digital Inc.)
FirewallRules: [{0A6D127A-5817-417D-91C6-4EC393DE40E0}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Gen Digital Inc. -> Gen Digital Inc.)
FirewallRules: [{A5C57581-C82E-47FB-94F1-B6E9B61161E1}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Gen Digital Inc. -> Gen Digital Inc.)
FirewallRules: [{96FA5D7D-77CC-4084-8F3A-5D69C8DBFAAD}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Gen Digital Inc. -> Gen Digital Inc.)
FirewallRules: [{514A83D2-020B-4643-9225-1AEB69379003}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.250.335.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{4518038A-925E-4451-95A4-E8AB04930A1B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.250.335.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{5418A65E-FE87-4A3B-88CC-15ECEDE0EB60}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.250.335.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{D0175511-9485-4668-A3D9-01C51360FCC5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.250.335.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{DEEAB796-2168-4282-89AD-F68300916729}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.250.335.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{CF68CACA-9648-4A5C-BDB9-2840252E90E0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.250.335.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{3CF21337-9627-46BB-BF60-425ED910DA67}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.250.335.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{172C43A5-1B51-45B2-B241-87852E289512}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.250.335.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{B6451B44-AB5B-4CB7-9127-7A6F4CF21A3A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.250.335.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{B9857A65-5EC8-4FBA-8020-B2E4D7AE59AD}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.250.335.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{3BCBE2FD-7836-4365-ABE7-B21D47D364A0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.253.440.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{265162BD-245D-4D0A-B1D9-628246F098E6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.253.440.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{8CFCB234-56FC-40AD-8F05-3E940EB87FFF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.253.440.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{3AE0E92A-4430-45B7-AD32-ADF1C3120BA5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.253.440.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{387AD6B3-E9EE-489E-9B09-689369160724}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.253.440.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{16A7E9D0-22B6-42FD-81D8-256202A11BA2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.253.440.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{B92DD21C-0000-47A3-A937-7D91B7E68941}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.253.440.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{DF9B352D-4CB4-4B87-AB9E-A34751FF6277}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.253.440.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{0D369223-2DF3-4350-813B-8ECA6C0B152E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.253.440.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{F2BB4967-D227-4D2E-BAF4-EE160A8FE668}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.253.440.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{DFF717C0-D48F-45BB-8EC4-F67C822DC855}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.138.3214.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{5F8D15DA-6AA0-4D8B-ADEA-2A2F0298B4CC}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.138.3214.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D041B60F-9469-45CB-A025-A54211F819CA}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.138.3214.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{0D12A075-8F25-4380-8339-260C7CEB5C17}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.138.3214.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C0E68A0F-1DFC-4CBA-9F0E-3E0347A80873}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{C1D1CF59-BBE0-45FF-8576-478437C9FE3C}] => (Allow) C:\Program Files\Microsoft\EdgeWebView\Application\135.0.3179.98\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================

12-04-2025 16:38:30 Instalační služba modulů systému Windows
12-04-2025 17:05:08 Instalační služba modulů systému Windows
13-04-2025 16:38:47 Instalační služba modulů systému Windows
26-04-2025 16:12:35 Instalační služba modulů systému Windows

==================== Faulty Device Manager Devices ============

==================== Event log errors: ========================

Application errors:
==================
Error: (05/01/2025 04:28:55 PM) (Source: Firefox Default Browser Agent) (EventID: 1140) (User: )
Description: Event-ID 1140

Error: (05/01/2025 04:28:55 PM) (Source: Firefox Default Browser Agent) (EventID: 1140) (User: )
Description: Event-ID 1140

Error: (05/01/2025 04:20:30 PM) (Source: MsiInstaller) (EventID: 1024) (User: NT AUTHORITY)
Description: Aktualizaci Adobe Acrobat Reader (25.001.20474) produktu Adobe Acrobat Reader - Czech nebylo možné nainstalovat. Kód chyby: 1603. Instalační služba systému Windows může vytvořit soubor protokolu s informacemi, které usnadní řešení potíží při instalaci softwaru. Další informace naleznete na webu na adrese http://go.microsoft.com/fwlink/?LinkId=23127

Error: (05/01/2025 04:20:25 PM) (Source: MsiInstaller) (EventID: 11328) (User: NT AUTHORITY)
Description: Produkt: Adobe Acrobat Reader - Czech -- Chyba 1328.Chyba při aplikování opravy na soubor C:\Config.Msi\PT823A.tmp. Asi byl aktualizován jinými prostředky a nelze ho již upravovat touto opravou. Více informací získáte od dodavatele opravy. System Error: 8

Error: (05/01/2025 04:06:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: eguiproxy.exe, verze: 10.52.8.0, časové razítko: 0x67da9efa
Název chybujícího modulu: ntdll.dll, verze: 10.0.19041.5438, časové razítko: 0xee11ad82
Kód výjimky: 0xc0000409
Posun chyby: 0x000a61e0
ID chybujícího procesu: 0x1dd0
Čas spuštění chybující aplikace: 0x01dbbaa22c459923
Cesta k chybující aplikaci: C:\Program Files\ESET\ESET Security\eguiproxy.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: e23f9926-4c86-4a27-9204-3d82e59ba9be
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (05/01/2025 04:05:48 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: eguiproxy.exe, verze: 10.52.8.0, časové razítko: 0x67da9efa
Název chybujícího modulu: ntdll.dll, verze: 10.0.19041.5438, časové razítko: 0xee11ad82
Kód výjimky: 0xc0000409
Posun chyby: 0x000a61e0
ID chybujícího procesu: 0x20cc
Čas spuštění chybující aplikace: 0x01dbbaa2238110b2
Cesta k chybující aplikaci: C:\Program Files\ESET\ESET Security\eguiproxy.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: 3edf3b31-47b9-4b42-b2b7-927e890fabe7
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (05/01/2025 04:04:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: eguiproxy.exe, verze: 10.52.8.0, časové razítko: 0x67da9efa
Název chybujícího modulu: ntdll.dll, verze: 10.0.19041.5438, časové razítko: 0xee11ad82
Kód výjimky: 0xc0000409
Posun chyby: 0x000a61e0
ID chybujícího procesu: 0xb8c
Čas spuštění chybující aplikace: 0x01dbbaa1ec098a5a
Cesta k chybující aplikaci: C:\Program Files\ESET\ESET Security\eguiproxy.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: 6c23dfcf-05e6-4d09-b70e-81418833bef5
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (04/30/2025 05:09:40 PM) (Source: Firefox Default Browser Agent) (EventID: 1140) (User: )
Description: Event-ID 1140


System errors:
=============
Error: (05/01/2025 04:27:06 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Mozilla Maintenance Service byla ukončena s následující chybou:
Nesprávná funkce.

Error: (04/30/2025 04:56:14 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Mozilla Maintenance Service byla ukončena s následující chybou:
Nesprávná funkce.

Error: (04/30/2025 04:36:28 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x8024200b): Canon - Printer - 2.90.2.30.

Error: (04/28/2025 04:24:14 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x8024200b): Canon - Printer - 2.90.2.30.

Error: (04/27/2025 03:34:51 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba Google Update (gupdate) neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (04/27/2025 03:34:51 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Služba Google Update (gupdate) bylo dosaženo časového limitu (30000 ms).

Error: (04/27/2025 03:34:42 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Optimalizace doručení přestala během spouštění reagovat.

Error: (04/26/2025 04:12:16 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x8024200b): Canon - Printer - 2.90.2.30.


CodeIntegrity:
===============
Date: 2025-05-01 16:17:34
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\ESET\ESET Security\ekrn.exe) attempted to load \Device\HarddiskVolume2\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

BIOS: Award Software International, Inc. F4 04/03/2009
Motherboard: Gigabyte Technology Co., Ltd. EP41-UD3L
Processor: Intel(R) Core(TM)2 Duo CPU E8400 @ 3.00GHz
Percentage of memory in use: 82%
Total physical RAM: 3326.49 MB
Available physical RAM: 577.83 MB
Total Virtual: 4779.66 MB
Available Virtual: 866.56 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:930.97 GB) (Free:631.73 GB) (Model: WDC WD10EZEX-00RKKA0 ATA Device) NTFS

\\?\Volume{9cca9c16-0000-0000-0000-100000000000}\ (Rezervováno systémem) (Fixed) (Total:0.54 GB) (Free:0.07 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 9CCA9C16)
Partition 1: (Active) - (Size=549 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================

[JaRon]

Ahoj,
vloz aj frst.txt

[Vlcicek]

Ahoj,
bohužel neumím vytvořit frst.txt. Je to mimo moji oblast znalostí. Poprosím o podrobnější návod.
Děkuji

[JaRon]

https://forum.viry.cz/viewtopic.php?t=133101
Pri spusteni frst.exe sa Ti vytvoria oba logy - textove subory

[Vlcicek]

Ahoj,
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 01-05-2025
Ran by Admin (administrator) on DESKTOP-N5Q4FEL (Gigabyte Technology Co., Ltd. EP41-UD3L) (03-05-2025 16:14:00)
Running from C:\Users\Admin\Downloads\FRST(2).exe
Loaded Profiles: Admin
Platform: Microsoft Windows 10 Home Version 22H2 19045.5737 (X86) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(C:\Program Files\ESET\ESET Security\ekrn.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eOppFrame.exe
(C:\Program Files\Mozilla Firefox\firefox.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\BrowserPrivacyAndSecurity.exe
(C:\Program Files\NVIDIA Corporation\Display\nvtray.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
(C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(explorer.exe ->) (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicStartMenu.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <34>
(nvvsvc.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\efwd.exe
(services.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe <2>
(svchost.exe ->) (Gen Digital Inc. -> Gen Digital Inc.) C:\Program Files\CCleaner\CCleaner.exe
(svchost.exe ->) (Microsoft Windows -> ) C:\Windows\System32\AggregatorHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvBackend] => C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [1803976 2016-12-09] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [150840 2017-08-13] (Ivaylo Beltchev -> IvoSoft) [File not signed]
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe (No File)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [268664 2025-03-19] (ESET, spol. s r.o. -> ESET)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-3279915553-144671565-1551219872-1001\...\Run: [Zoner Photo Studio Autoupdate] => C:\PROGRAM FILES\ZONER\PHOTO STUDIO 17\Program32\ZPSTRAY.EXE [563416 2015-07-12] (ZONER software, a.s. -> ZONER software)
HKU\S-1-5-21-3279915553-144671565-1551219872-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner.exe [39622960 2025-04-09] (Gen Digital Inc. -> Gen Digital Inc.)
HKU\S-1-5-21-3279915553-144671565-1551219872-1001\...\Run: [MicrosoftEdgeAutoLaunch_5EFC0ECB77A7585FE9DCDD0B2E946A2B] => "C:\Program Files\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3185720 2025-05-01] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3279915553-144671565-1551219872-1001\...\Run: [GarminExpress] => C:\Program Files\Garmin\Express\express.exe [31354648 2024-06-06] (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries)
HKLM\...\Windows NT x86\Print Processors\Canon MG3600 series Print Processor: C:\Windows\System32\spool\prtprocs\W32X86\CNMPDCT.DLL [29184 2015-03-12] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Windows NT x86\Print Processors\HPCPP215: C:\Windows\System32\spool\prtprocs\W32X86\hpcpp215.dll [670904 2018-03-04] (HP Inc. -> HP Inc.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG3600 series: C:\WINDOWS\system32\CNMLMCT.DLL [329728 2015-03-12] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\HP Universal Print Monitor: C:\WINDOWS\system32\HPMPW082.DLL [108728 2018-03-04] (HP Inc. -> HP Inc.)
HKLM\...\Print\Monitors\HPMLM190: C:\WINDOWS\system32\HPMLM190.dll [141496 2018-03-04] (HP Inc. -> HP Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\135.0.7049.116\Installer\chrmstp.exe [2025-05-03] (Google LLC -> Google LLC)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {029D15C0-D6D7-43A3-9EAB-79CAEB386A31} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1580992 2025-03-21] (Adobe Inc. -> Adobe Inc.)
Task: {31354844-6302-4DE4-8FE6-25E37878E5DF} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe /from_scheduler:1 (No File)
Task: {1831B13B-8EB4-477D-B48C-045179AC1EB8} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe /from_scheduler:1 (No File)
Task: {9BF2FD8D-E2AE-49A1-80DB-C26717ECD3BB} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [3480504 2025-04-09] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {1F38F6FD-C9B4-4671-BE7A-883DA6133771} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [5495600 2025-04-09] (Gen Digital Inc. -> Gen Digital Inc.) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "4879baab-6f24-4a2b-8327-3ad54ed80622" --version "6.35.0.11488" --silent
Task: {0DF3B59B-8E0A-4D2C-BDE2-BABEBF01285D} - System32\Tasks\CCleanerSkipUAC - Admin => C:\Program Files\CCleaner\CCleaner.exe [39622960 2025-04-09] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {30092CA8-21DF-4AE3-9187-21756D6E1721} - System32\Tasks\GarminUpdaterTask => C:\Program Files\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [31000 2024-06-06] (Garmin International, Inc. -> )
Task: {CC797FC4-AC77-4CFA-AD91-499BDD31910E} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem137.0.7129.0{C997D22F-E006-4EB5-AE06-3237324DABDF} => C:\Program Files\Google\GoogleUpdater\137.0.7129.0\updater.exe [6152800 2025-04-17] (Google LLC -> Google LLC)
Task: {B0FC5AF8-623E-4261-BB39-57C87CB48E13} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [79312 2025-03-07] (HP Inc. -> HP Inc.)
Task: {E1E45E38-CF30-4C7E-9349-DB0097B6F8B7} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor Logon => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [79312 2025-03-07] (HP Inc. -> HP Inc.)
Task: {AAA92B3E-B2B9-49D6-8730-65E83839F76A} - System32\Tasks\Microsoft\Windows\Application Experience\PcaWallpaperAppDetect => C:\WINDOWS\system32\rundll32.exe [73216 2024-07-13] (Microsoft Windows -> Microsoft Corporation) -> %windir%\system32\PcaSvc.dll,PcaWallpaperAppDetect
Task: {7EB8547A-CE46-44B4-AEC4-D288EB9D2611} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [618560 2025-05-01] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (the data entry has 6 more characters).
Task: {F6D7321D-A4D1-4DB5-9218-276B7CD26FB4} - System32\Tasks\Mozilla\Firefox Background Update 9DED23DF4360B491 => C:\Program Files\Mozilla Firefox\firefox.exe [618560 2025-05-01] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\9DED23DF4360B491\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\9DED23DF4360B491\backgroundupdate.moz_log --backgroundtask background (the data entry has 6 more characters).
Task: {C5E4552B-E9A6-4E3B-B858-A042389E19DA} - System32\Tasks\Mozilla\Firefox Background Update S-1-5-21-3279915553-144671565-1551219872-1001 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [618560 2025-05-01] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (the data entry has 6 more characters).
Task: {FD2022E2-9778-49E6-918E-7C4C1725B9A8} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [31808 2025-05-01] (Mozilla Corporation -> Mozilla Foundation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{78c03131-c052-41d9-ae7a-5e232acd2971}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{78c03131-c052-41d9-ae7a-5e232acd2971}: [DhcpDomain] Home
Tcpip\..\Interfaces\{e2e6d840-b2b3-4faa-a815-7bd7c06b8f31}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{e2e6d840-b2b3-4faa-a815-7bd7c06b8f31}: [DhcpDomain] Home
Tcpip\..\Interfaces\{e2e6d840-b2b3-4faa-a815-7bd7c06b8f31}\C456E6F667F6: [DhcpNameServer] 10.0.0.138

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default [2025-05-03]
Edge Extension: (Dokumenty Google offline) - C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-03-31]
Edge Extension: (Edge relevant text changes) - C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-25]

FireFox:
========
FF DefaultProfile: 7btfeu83.default
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\16kvyeaz.default-release [2025-04-20]
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\7btfeu83.default [2025-05-03]
FF Homepage: Mozilla\Firefox\Profiles\7btfeu83.default -> hxxps://www.seznam.cz/
FF Extension: (ESET Browser Privacy & Security) - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\7btfeu83.default\Extensions\browserextension@eset.com.xpi [2024-12-19]
FF Extension: (ETP Search Volume Study) - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\7btfeu83.default\Extensions\etp-search-volume-study@shield.mozilla.org.xpi [2019-06-28]
FF Extension: (Video DownloadHelper) - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\7btfeu83.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2025-04-25]
FF Plugin: @java.com/DTPlugin,version=11.411.2 -> C:\Program Files\Java\jre-1.8\bin\dtplugin\npDeployJava1.dll [2024-03-13] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.411.2 -> C:\Program Files\Java\jre-1.8\bin\plugin2\npjp2.dll [2024-03-13] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-11-14] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-11-14] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2025-03-13] (Adobe Inc. -> Adobe Systems Inc.)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\eset_security_config_overlay.js [2025-05-03]

Chrome:
=======
CHR Profile: C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default [2025-04-20]
CHR Extension: (Dokumenty Google offline) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-09-20]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-08-19]
CHR HKLM\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKU\S-1-5-21-3279915553-144671565-1551219872-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [174520 2025-03-21] (Adobe Inc. -> Adobe Inc.)
S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [908592 2025-04-09] (Gen Digital Inc. -> Gen Digital Inc.)
R2 efwd; C:\Program Files\ESET\ESET Security\efwd.exe [4970352 2025-03-19] (ESET, spol. s r.o. -> ESET)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [4162024 2025-03-19] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [4162024 2025-03-19] (ESET, spol. s r.o. -> ESET)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [220112 2025-03-07] (HP Inc. -> HP Inc.)
S2 Net Driver HPZ12; C:\WINDOWS\system32\HPZinw12.dll [45568 2016-06-15] (HP Inc.) [File not signed]
S2 Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.dll [55808 2016-06-15] (HP Inc.) [File not signed]
S4 uhssvc; C:\Program Files\Microsoft Update Health Tools\uhssvc.exe [300416 2023-09-25] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [2136112 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [85032 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [200192 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [104448 2019-12-07] (Microsoft Corporation) [File not signed]
S3 dot4; C:\WINDOWS\system32\DRIVERS\Dot4.sys [137632 2012-10-19] (Hewlett-Packard Company -> Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\WINDOWS\System32\drivers\Dot4Prt.sys [22432 2012-10-19] (Hewlett-Packard Company -> Windows (R) Win 7 DDK provider)
S3 Dot4Scan; C:\WINDOWS\system32\DRIVERS\Dot4Scan.sys [16800 2012-10-19] (Hewlett-Packard Company -> Microsoft Corporation)
S3 dot4usb; C:\WINDOWS\system32\DRIVERS\dot4usb.sys [42912 2012-10-19] (Hewlett-Packard Company -> Microsoft Corporation)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [186888 2025-03-19] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [102680 2025-03-19] (Microsoft Windows Hardware Compatibility Publisher -> ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15824 2025-03-17] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [217912 2025-03-19] (ESET, spol. s r.o. -> ESET)
R2 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [49512 2025-03-19] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [77888 2025-03-19] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [109896 2025-03-19] (ESET, spol. s r.o. -> ESET)
S3 HidSpiCx; C:\WINDOWS\System32\drivers\HidSpiCx.sys [65536 2023-11-20] (Microsoft Windows -> Microsoft Corporation)
S3 MpKsl1612c787; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{70278C5F-3D94-4877-8D9D-46B7DFD67EEB}\MpKslDrv.sys [64944 2025-04-17] (Microsoft Windows -> Microsoft Corporation)
R3 rt640x86; C:\WINDOWS\System32\drivers\rt640x86.sys [562176 2019-12-07] (Microsoft Windows -> Realtek)
R3 RtlWlanu; C:\WINDOWS\System32\drivers\rtwlanu.sys [10399480 2024-10-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [38280 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [274656 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [38624 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WUDFWpdMtp; C:\WINDOWS\System32\drivers\WUDFRd.sys [214016 2023-12-17] (Microsoft Windows -> Microsoft Corporation)
S1 netfilter2; system32\drivers\netfilter2.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2025-05-03 16:13 - 2025-05-03 16:13 - 002097664 _____ (Farbar) C:\Users\Admin\Downloads\FRST(2).exe
2025-05-02 16:39 - 2025-05-02 16:39 - 002097664 _____ (Farbar) C:\Users\Admin\Downloads\FRST(1).exe
2025-05-01 16:46 - 2025-05-02 16:46 - 000035553 _____ C:\Users\Admin\Downloads\Addition.txt
2025-05-01 16:42 - 2025-05-03 16:16 - 000019535 _____ C:\Users\Admin\Downloads\FRST.txt
2025-05-01 16:38 - 2025-05-03 16:15 - 000000000 ____D C:\FRST
2025-05-01 16:37 - 2025-05-01 16:37 - 002097664 _____ (Farbar) C:\Users\Admin\Downloads\FRST.exe
2025-05-01 16:05 - 2025-05-03 16:12 - 000003326 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2025-05-01 16:05 - 2025-05-03 16:12 - 000000670 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2025-04-17 17:10 - 2025-04-17 17:10 - 000002016 _____ C:\Users\Public\Desktop\ESET Zabezpečené bankovnictví a prohlížení webu.lnk
2025-04-17 17:00 - 2025-04-17 17:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2025-04-17 17:00 - 2025-04-17 17:00 - 000000000 ____D C:\Program Files\ESET
2025-04-17 16:58 - 2025-04-17 16:58 - 010687480 _____ (ESET) C:\Users\Admin\Downloads\eset_internet_security_live_installer(6).exe
2025-04-17 16:57 - 2025-04-17 16:57 - 010687480 _____ (ESET) C:\Users\Admin\Downloads\eset_internet_security_live_installer(5).exe
2025-04-17 16:56 - 2025-04-17 16:56 - 010687480 _____ (ESET) C:\Users\Admin\Downloads\eset_internet_security_live_installer(4).exe
2025-04-17 16:56 - 2025-04-17 16:56 - 010687480 _____ (ESET) C:\Users\Admin\Downloads\eset_internet_security_live_installer(3).exe
2025-04-15 16:33 - 2025-04-15 16:33 - 000000017 _____ C:\Users\Admin\AppData\Local\resmon.resmoncfg
2025-04-13 16:26 - 2025-04-13 16:26 - 000000000 ____D C:\inetpub
2025-04-12 16:45 - 2025-04-12 16:45 - 000000000 ___HD C:\$WinREAgent

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2025-05-03 16:09 - 2021-10-18 17:21 - 000002382 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2025-05-03 16:09 - 2021-10-18 17:21 - 000002220 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2025-05-03 16:08 - 2022-02-09 17:46 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2025-05-03 16:01 - 2021-12-21 18:16 - 000000000 ____D C:\WINDOWS\SystemTemp
2025-05-03 16:01 - 2021-03-24 18:19 - 000004210 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{1683603A-C830-448E-B148-29443A469F1D}
2025-05-03 16:01 - 2019-12-07 08:12 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2025-05-03 16:01 - 2018-12-10 18:29 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2025-05-03 15:59 - 2018-01-18 17:45 - 000000000 ____D C:\Users\Admin\Documents\Soubory aplikace Outlook
2025-05-03 15:58 - 2018-10-25 17:39 - 000002077 _____ C:\Users\Admin\Desktop\ESET Security.lnk
2025-05-03 15:57 - 2019-12-07 08:12 - 000000000 ____D C:\WINDOWS\AppReadiness
2025-05-03 15:57 - 2018-01-21 16:01 - 000000000 ____D C:\Program Files\CCleaner
2025-05-02 17:19 - 2018-01-08 17:44 - 000000000 ____D C:\Users\Admin\AppData\Local\ClassicShell
2025-05-02 16:13 - 2022-05-11 16:39 - 000713078 _____ C:\WINDOWS\system32\perfh005.dat
2025-05-02 16:13 - 2022-05-11 16:39 - 000143796 _____ C:\WINDOWS\system32\perfc005.dat
2025-05-02 16:13 - 2021-03-24 18:13 - 001683936 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2025-05-02 16:13 - 2019-12-07 08:10 - 000000000 ____D C:\WINDOWS\INF
2025-05-02 16:11 - 2018-09-26 16:35 - 000000000 ____D C:\Users\Admin\AppData\Local\CrashDumps
2025-05-01 16:56 - 2018-01-18 18:29 - 000000000 ____D C:\WINDOWS\system32\MRT
2025-05-01 16:48 - 2018-01-18 18:29 - 203641504 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2025-05-01 16:28 - 2025-03-30 15:32 - 000000000 ____D C:\Program Files\Mozilla Firefox
2025-05-01 16:28 - 2018-01-08 18:36 - 000001186 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2025-05-01 16:16 - 2019-12-07 08:12 - 000000000 ___HD C:\Program Files\WindowsApps
2025-04-30 17:09 - 2018-01-08 18:36 - 000000000 ____D C:\Program Files\Mozilla Maintenance Service
2025-04-27 15:30 - 2021-03-24 18:19 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2025-04-27 15:30 - 2021-03-24 17:58 - 000008192 ___SH C:\DumpStack.log.tmp
2025-04-27 15:30 - 2018-01-08 17:36 - 000000000 ____D C:\ProgramData\NVIDIA
2025-04-26 17:00 - 2019-12-07 08:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2025-04-26 16:57 - 2018-01-19 18:03 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Excel
2025-04-26 16:48 - 2018-01-08 18:35 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Word
2025-04-26 16:43 - 2018-01-18 17:44 - 000000000 ____D C:\Users\Admin\Documents\Dokumenty
2025-04-26 16:16 - 2019-12-07 08:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2025-04-17 17:31 - 2021-10-11 13:10 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2025-04-17 17:14 - 2023-01-15 14:15 - 000002230 _____ C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Firefox — anonymní prohlížení.lnk
2025-04-17 17:01 - 2019-12-07 08:12 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2025-04-17 17:00 - 2018-10-23 18:07 - 000000000 ____D C:\ProgramData\ESET
2025-04-17 16:50 - 2019-12-07 08:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2025-04-17 16:30 - 2018-01-18 17:35 - 000759712 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2025-04-17 16:12 - 2024-02-14 17:07 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2025-04-16 21:14 - 2021-03-24 18:19 - 000004550 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2025-04-13 16:33 - 2022-05-15 14:54 - 000354528 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2025-04-13 16:28 - 2024-07-13 18:51 - 000000000 ____D C:\WINDOWS\system32\compatrel
2025-04-13 16:28 - 2019-12-07 14:22 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2025-04-13 16:28 - 2019-12-07 08:12 - 000000000 ____D C:\WINDOWS\SystemResources
2025-04-13 16:28 - 2019-12-07 08:12 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugins
2025-04-13 16:28 - 2019-12-07 08:12 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2025-04-13 16:28 - 2019-12-07 08:12 - 000000000 ____D C:\WINDOWS\system32\setup
2025-04-13 16:28 - 2019-12-07 08:12 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2025-04-13 16:28 - 2019-12-07 08:12 - 000000000 ____D C:\WINDOWS\system32\oobe
2025-04-13 16:28 - 2019-12-07 08:12 - 000000000 ____D C:\WINDOWS\system32\migwiz
2025-04-13 16:28 - 2019-12-07 08:12 - 000000000 ____D C:\WINDOWS\system32\Dism
2025-04-13 16:27 - 2019-12-07 08:12 - 000000000 ___RD C:\WINDOWS\PrintDialog
2025-04-13 16:27 - 2019-12-07 08:12 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2025-04-13 16:27 - 2019-12-07 08:12 - 000000000 ____D C:\WINDOWS\ShellExperiences
2025-04-13 16:27 - 2019-12-07 08:12 - 000000000 ____D C:\WINDOWS\ShellComponents
2025-04-13 16:27 - 2019-12-07 08:12 - 000000000 ____D C:\WINDOWS\bcastdvr
2025-04-05 17:11 - 2021-10-18 17:21 - 000003628 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2025-04-05 17:11 - 2021-10-18 17:21 - 000003504 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore

==================== Files in the root of some directories ========

2025-04-15 16:33 - 2025-04-15 16:33 - 000000017 _____ () C:\Users\Admin\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

[JaRon]

Pouzi fixlist.txt s obsahom:
Start

CloseProcesses:

HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION

S1 netfilter2; system32\drivers\netfilter2.sys [X]

Task: {1831B13B-8EB4-477D-B48C-045179AC1EB8} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe /from_scheduler:1 (No File)

EmptyTemp:

End

[Vlcicek]

Ahoj,
prosím o kontrolu LOGu, děkuji
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 09-05-2025
Ran by Admin (administrator) on DESKTOP-N5Q4FEL (Gigabyte Technology Co., Ltd. EP41-UD3L) (11-05-2025 18:00:47)
Running from C:\Users\Admin\Downloads\FRST(1).exe
Loaded Profiles: Admin
Platform: Microsoft Windows 10 Home Version 22H2 19045.5737 (X86) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal

========================================================

C:\FRST\FRST.exe => process closed successfully
C:\FRST\FRST.exe => process closed successfully
C:\FRST\FRST.exe => moved successfully

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(C:\Program Files\ESET\ESET Security\ekrn.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(C:\Program Files\ESET\ESET Security\ekrn.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eOppFrame.exe
(C:\Program Files\Mozilla Firefox\firefox.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\BrowserPrivacyAndSecurity.exe
(C:\Program Files\NVIDIA Corporation\Display\nvtray.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
(C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(explorer.exe ->) (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicStartMenu.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <26>
(nvvsvc.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\efwd.exe
(services.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe <2>
(svchost.exe ->) (Gen Digital Inc. -> Gen Digital Inc.) C:\Program Files\CCleaner\CCleaner.exe
(svchost.exe ->) (Microsoft Windows -> ) C:\Windows\System32\AggregatorHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvBackend] => C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [1803976 2016-12-09] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [150840 2017-08-13] (Ivaylo Beltchev -> IvoSoft) [File not signed]
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe (No File)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [269176 2025-05-11] (ESET, spol. s r.o. -> ESET)
HKU\S-1-5-21-3279915553-144671565-1551219872-1001\...\Run: [Zoner Photo Studio Autoupdate] => C:\PROGRAM FILES\ZONER\PHOTO STUDIO 17\Program32\ZPSTRAY.EXE [563416 2015-07-12] (ZONER software, a.s. -> ZONER software)
HKU\S-1-5-21-3279915553-144671565-1551219872-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner.exe [39622960 2025-04-09] (Gen Digital Inc. -> Gen Digital Inc.)
HKU\S-1-5-21-3279915553-144671565-1551219872-1001\...\Run: [MicrosoftEdgeAutoLaunch_5EFC0ECB77A7585FE9DCDD0B2E946A2B] => "C:\Program Files\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3185744 2025-05-08] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3279915553-144671565-1551219872-1001\...\Run: [GarminExpress] => C:\Program Files\Garmin\Express\express.exe [31354648 2024-06-06] (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries)
HKLM\...\Windows NT x86\Print Processors\Canon MG3600 series Print Processor: C:\Windows\System32\spool\prtprocs\W32X86\CNMPDCT.DLL [29184 2015-03-12] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Windows NT x86\Print Processors\HPCPP215: C:\Windows\System32\spool\prtprocs\W32X86\hpcpp215.dll [670904 2018-03-04] (HP Inc. -> HP Inc.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG3600 series: C:\WINDOWS\system32\CNMLMCT.DLL [329728 2015-03-12] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\HP Universal Print Monitor: C:\WINDOWS\system32\HPMPW082.DLL [108728 2018-03-04] (HP Inc. -> HP Inc.)
HKLM\...\Print\Monitors\HPMLM190: C:\WINDOWS\system32\HPMLM190.dll [141496 2018-03-04] (HP Inc. -> HP Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\136.0.7103.93\Installer\chrmstp.exe [2025-05-09] (Google LLC -> Google LLC)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {396A7E35-F0FE-47F3-A5EE-CBFBAF3DEF77} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1580992 2025-03-21] (Adobe Inc. -> Adobe Inc.)
Task: {31354844-6302-4DE4-8FE6-25E37878E5DF} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe /from_scheduler:1 (No File)
Task: {9BF2FD8D-E2AE-49A1-80DB-C26717ECD3BB} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [3480504 2025-04-09] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {1BE889B3-B0EB-4DE2-AB4A-F2616782C891} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [5495600 2025-04-09] (Gen Digital Inc. -> Gen Digital Inc.) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "4879baab-6f24-4a2b-8327-3ad54ed80622" --version "6.35.0.11488" --silent
Task: {0DF3B59B-8E0A-4D2C-BDE2-BABEBF01285D} - System32\Tasks\CCleanerSkipUAC - Admin => C:\Program Files\CCleaner\CCleaner.exe [39622960 2025-04-09] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {30092CA8-21DF-4AE3-9187-21756D6E1721} - System32\Tasks\GarminUpdaterTask => C:\Program Files\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [31000 2024-06-06] (Garmin International, Inc. -> )
Task: {57905C02-5E90-4458-BFF5-F4E10D086FEE} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem138.0.7156.0{78498F9C-D6B4-4F7E-9745-C54A7DD446AB} => C:\Program Files\Google\GoogleUpdater\138.0.7156.0\updater.exe [6136416 2025-05-02] (Google LLC -> Google LLC)
Task: {1A858B9B-ED67-4164-A4D5-4BAB9643502C} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [79824 2025-05-05] (HP Inc. -> HP Inc.)
Task: {09498879-F0BE-4AC4-8D02-6899086D4498} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor Logon => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [79824 2025-05-05] (HP Inc. -> HP Inc.)
Task: {AAA92B3E-B2B9-49D6-8730-65E83839F76A} - System32\Tasks\Microsoft\Windows\Application Experience\PcaWallpaperAppDetect => C:\WINDOWS\system32\rundll32.exe [73216 2024-07-13] (Microsoft Windows -> Microsoft Corporation) -> %windir%\system32\PcaSvc.dll,PcaWallpaperAppDetect
Task: {7EB8547A-CE46-44B4-AEC4-D288EB9D2611} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [618560 2025-05-01] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (the data entry has 6 more characters).
Task: {F6D7321D-A4D1-4DB5-9218-276B7CD26FB4} - System32\Tasks\Mozilla\Firefox Background Update 9DED23DF4360B491 => C:\Program Files\Mozilla Firefox\firefox.exe [618560 2025-05-01] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\9DED23DF4360B491\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\9DED23DF4360B491\backgroundupdate.moz_log --backgroundtask background (the data entry has 6 more characters).
Task: {C5E4552B-E9A6-4E3B-B858-A042389E19DA} - System32\Tasks\Mozilla\Firefox Background Update S-1-5-21-3279915553-144671565-1551219872-1001 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [618560 2025-05-01] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (the data entry has 6 more characters).
Task: {FD2022E2-9778-49E6-918E-7C4C1725B9A8} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [31808 2025-05-01] (Mozilla Corporation -> Mozilla Foundation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{78c03131-c052-41d9-ae7a-5e232acd2971}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{78c03131-c052-41d9-ae7a-5e232acd2971}: [DhcpDomain] Home
Tcpip\..\Interfaces\{e2e6d840-b2b3-4faa-a815-7bd7c06b8f31}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{e2e6d840-b2b3-4faa-a815-7bd7c06b8f31}: [DhcpDomain] Home
Tcpip\..\Interfaces\{e2e6d840-b2b3-4faa-a815-7bd7c06b8f31}\C456E6F667F6: [DhcpNameServer] 10.0.0.138

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default [2025-05-11]
Edge Extension: (Dokumenty Google offline) - C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-03-31]
Edge Extension: (Edge relevant text changes) - C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-25]

FireFox:
========
FF DefaultProfile: 7btfeu83.default
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\16kvyeaz.default-release [2025-05-11]
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\7btfeu83.default [2025-05-11]
FF Homepage: Mozilla\Firefox\Profiles\7btfeu83.default -> hxxps://www.seznam.cz/
FF Extension: (ESET Browser Privacy & Security) - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\7btfeu83.default\Extensions\browserextension@eset.com.xpi [2025-05-09]
FF Extension: (ETP Search Volume Study) - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\7btfeu83.default\Extensions\etp-search-volume-study@shield.mozilla.org.xpi [2019-06-28]
FF Extension: (Video DownloadHelper) - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\7btfeu83.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2025-04-25]
FF Plugin: @java.com/DTPlugin,version=11.411.2 -> C:\Program Files\Java\jre-1.8\bin\dtplugin\npDeployJava1.dll [2024-03-13] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.411.2 -> C:\Program Files\Java\jre-1.8\bin\plugin2\npjp2.dll [2024-03-13] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-11-14] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-11-14] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2025-04-24] (Adobe Inc. -> Adobe Systems Inc.)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\eset_security_config_overlay.js [2025-05-11]

Chrome:
=======
CHR Profile: C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default [2025-05-11]
CHR Extension: (Dokumenty Google offline) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-09-20]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-08-19]
CHR HKLM\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [174520 2025-03-21] (Adobe Inc. -> Adobe Inc.)
S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [908592 2025-04-09] (Gen Digital Inc. -> Gen Digital Inc.)
R2 efwd; C:\Program Files\ESET\ESET Security\efwd.exe [4970864 2025-05-11] (ESET, spol. s r.o. -> ESET)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [4163560 2025-05-11] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [4163560 2025-05-11] (ESET, spol. s r.o. -> ESET)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [220112 2025-05-05] (HP Inc. -> HP Inc.)
R2 Net Driver HPZ12; C:\WINDOWS\system32\HPZinw12.dll [45568 2016-06-15] (HP Inc.) [File not signed]
R2 Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.dll [55808 2016-06-15] (HP Inc.) [File not signed]
S4 uhssvc; C:\Program Files\Microsoft Update Health Tools\uhssvc.exe [300416 2023-09-25] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [2136112 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [85032 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [200192 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [104448 2019-12-07] (Microsoft Corporation) [File not signed]
S3 dot4; C:\WINDOWS\system32\DRIVERS\Dot4.sys [137632 2012-10-19] (Hewlett-Packard Company -> Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\WINDOWS\System32\drivers\Dot4Prt.sys [22432 2012-10-19] (Hewlett-Packard Company -> Windows (R) Win 7 DDK provider)
S3 Dot4Scan; C:\WINDOWS\system32\DRIVERS\Dot4Scan.sys [16800 2012-10-19] (Hewlett-Packard Company -> Microsoft Corporation)
S3 dot4usb; C:\WINDOWS\system32\DRIVERS\dot4usb.sys [42912 2012-10-19] (Hewlett-Packard Company -> Microsoft Corporation)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [186888 2025-03-19] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [102680 2025-03-19] (Microsoft Windows Hardware Compatibility Publisher -> ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15824 2025-03-17] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [217912 2025-03-19] (ESET, spol. s r.o. -> ESET)
R2 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [49512 2025-03-19] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [77888 2025-03-19] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [109896 2025-03-19] (ESET, spol. s r.o. -> ESET)
S3 HidSpiCx; C:\WINDOWS\System32\drivers\HidSpiCx.sys [65536 2023-11-20] (Microsoft Windows -> Microsoft Corporation)
S3 MpKsl1612c787; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{70278C5F-3D94-4877-8D9D-46B7DFD67EEB}\MpKslDrv.sys [64944 2025-04-17] (Microsoft Windows -> Microsoft Corporation)
R3 rt640x86; C:\WINDOWS\System32\drivers\rt640x86.sys [562176 2019-12-07] (Microsoft Windows -> Realtek)
R3 RtlWlanu; C:\WINDOWS\System32\drivers\rtwlanu.sys [10399480 2024-10-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [38280 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [274656 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [38624 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WUDFWpdMtp; C:\WINDOWS\System32\drivers\WUDFRd.sys [214016 2023-12-17] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2025-05-11 18:00 - 2025-05-11 18:00 - 002097664 _____ (Farbar) C:\Users\Admin\Downloads\FRST(1).exe
2025-05-11 17:01 - 2025-05-11 17:03 - 000000000 __SHD C:\Users\Admin\AppData\Roaming\.#
2025-05-10 16:25 - 2025-05-10 16:27 - 000000000 ____D C:\Users\Admin\Downloads\FRST-OlderVersion
2025-05-01 16:46 - 2025-05-03 16:21 - 000036976 _____ C:\Users\Admin\Downloads\Addition.txt
2025-05-01 16:42 - 2025-05-11 18:03 - 000019320 _____ C:\Users\Admin\Downloads\FRST.txt
2025-05-01 16:38 - 2025-05-11 18:02 - 000000000 ____D C:\FRST
2025-05-01 16:37 - 2025-05-10 16:25 - 002097664 _____ (Farbar) C:\Users\Admin\Downloads\FRST.exe
2025-05-01 16:05 - 2025-05-11 17:25 - 000003326 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2025-05-01 16:05 - 2025-05-11 17:25 - 000000670 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2025-04-17 17:10 - 2025-04-17 17:10 - 000002016 _____ C:\Users\Public\Desktop\ESET Zabezpečené bankovnictví a prohlížení webu.lnk
2025-04-17 17:00 - 2025-04-17 17:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2025-04-17 17:00 - 2025-04-17 17:00 - 000000000 ____D C:\Program Files\ESET
2025-04-17 16:58 - 2025-04-17 16:58 - 010687480 _____ (ESET) C:\Users\Admin\Downloads\eset_internet_security_live_installer(6).exe
2025-04-17 16:57 - 2025-04-17 16:57 - 010687480 _____ (ESET) C:\Users\Admin\Downloads\eset_internet_security_live_installer(5).exe
2025-04-17 16:56 - 2025-04-17 16:56 - 010687480 _____ (ESET) C:\Users\Admin\Downloads\eset_internet_security_live_installer(4).exe
2025-04-17 16:56 - 2025-04-17 16:56 - 010687480 _____ (ESET) C:\Users\Admin\Downloads\eset_internet_security_live_installer(3).exe
2025-04-15 16:33 - 2025-04-15 16:33 - 000000017 _____ C:\Users\Admin\AppData\Local\resmon.resmoncfg
2025-04-13 16:26 - 2025-04-13 16:26 - 000000000 ____D C:\inetpub
2025-04-12 16:45 - 2025-04-12 16:45 - 000000000 ___HD C:\$WinREAgent

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2025-05-11 18:04 - 2019-12-07 08:12 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2025-05-11 17:59 - 2022-02-09 17:46 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2025-05-11 17:55 - 2018-09-26 16:35 - 000000000 ____D C:\Users\Admin\AppData\Local\CrashDumps
2025-05-11 17:55 - 2018-01-18 17:45 - 000000000 ____D C:\Users\Admin\Documents\Soubory aplikace Outlook
2025-05-11 17:23 - 2018-01-21 16:01 - 000000000 ____D C:\Program Files\CCleaner
2025-05-11 17:22 - 2019-12-07 08:12 - 000000000 ____D C:\WINDOWS\AppReadiness
2025-05-11 17:19 - 2025-03-30 15:32 - 000000000 ____D C:\Program Files\Mozilla Firefox
2025-05-11 17:19 - 2021-12-21 18:16 - 000000000 ____D C:\WINDOWS\SystemTemp
2025-05-11 17:19 - 2021-03-24 18:19 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2025-05-11 17:19 - 2021-03-24 17:58 - 000008192 ___SH C:\DumpStack.log.tmp
2025-05-11 17:19 - 2018-01-08 18:36 - 000000000 ____D C:\Program Files\Mozilla Maintenance Service
2025-05-11 17:19 - 2018-01-08 17:36 - 000000000 ____D C:\ProgramData\NVIDIA
2025-05-11 17:18 - 2019-12-07 08:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2025-05-11 17:14 - 2021-03-24 18:19 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVG
2025-05-11 16:44 - 2018-01-08 18:35 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Word
2025-05-11 16:24 - 2021-03-24 18:19 - 000004210 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{1683603A-C830-448E-B148-29443A469F1D}
2025-05-10 16:58 - 2018-01-08 17:44 - 000000000 ____D C:\Users\Admin\AppData\Local\ClassicShell
2025-05-10 16:24 - 2021-10-18 17:21 - 000002382 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2025-05-10 16:24 - 2021-10-18 17:21 - 000002220 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2025-05-09 16:50 - 2019-12-07 08:12 - 000000000 ___HD C:\Program Files\WindowsApps
2025-05-09 16:46 - 2018-01-18 18:29 - 000000000 ____D C:\WINDOWS\system32\MRT
2025-05-09 16:39 - 2018-12-10 18:29 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2025-05-09 16:39 - 2018-01-18 18:29 - 203641504 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2025-05-08 16:21 - 2019-12-07 08:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2025-05-05 16:23 - 2021-03-24 18:19 - 000004550 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2025-05-05 16:21 - 2022-10-15 17:52 - 000002106 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader.lnk
2025-05-05 16:21 - 2022-10-15 17:52 - 000002094 _____ C:\Users\Public\Desktop\Acrobat Reader.lnk
2025-05-05 16:18 - 2025-01-10 17:40 - 000000000 ____D C:\WINDOWS\system32\Tasks\HP
2025-05-05 16:18 - 2024-10-14 16:49 - 000000000 ____D C:\Program Files\HPPrintScanDoctor
2025-05-05 16:01 - 2021-10-18 17:21 - 000003628 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2025-05-05 16:01 - 2021-10-18 17:21 - 000003504 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2025-05-05 15:59 - 2018-10-25 17:39 - 000002077 _____ C:\Users\Admin\Desktop\ESET Security.lnk
2025-05-02 16:13 - 2022-05-11 16:39 - 000713078 _____ C:\WINDOWS\system32\perfh005.dat
2025-05-02 16:13 - 2022-05-11 16:39 - 000143796 _____ C:\WINDOWS\system32\perfc005.dat
2025-05-02 16:13 - 2021-03-24 18:13 - 001683936 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2025-05-02 16:13 - 2019-12-07 08:10 - 000000000 ____D C:\WINDOWS\INF
2025-05-01 16:28 - 2018-01-08 18:36 - 000001186 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2025-04-26 16:57 - 2018-01-19 18:03 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Excel
2025-04-26 16:43 - 2018-01-18 17:44 - 000000000 ____D C:\Users\Admin\Documents\Dokumenty
2025-04-17 17:31 - 2021-10-11 13:10 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2025-04-17 17:14 - 2023-01-15 14:15 - 000002230 _____ C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Firefox — anonymní prohlížení.lnk
2025-04-17 17:01 - 2019-12-07 08:12 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2025-04-17 17:00 - 2018-10-23 18:07 - 000000000 ____D C:\ProgramData\ESET
2025-04-17 16:50 - 2019-12-07 08:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2025-04-17 16:30 - 2018-01-18 17:35 - 000759712 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2025-04-17 16:12 - 2024-02-14 17:07 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2025-04-13 16:33 - 2022-05-15 14:54 - 000354528 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2025-04-13 16:28 - 2024-07-13 18:51 - 000000000 ____D C:\WINDOWS\system32\compatrel
2025-04-13 16:28 - 2019-12-07 14:22 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2025-04-13 16:28 - 2019-12-07 08:12 - 000000000 ____D C:\WINDOWS\SystemResources
2025-04-13 16:28 - 2019-12-07 08:12 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugins
2025-04-13 16:28 - 2019-12-07 08:12 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2025-04-13 16:28 - 2019-12-07 08:12 - 000000000 ____D C:\WINDOWS\system32\setup
2025-04-13 16:28 - 2019-12-07 08:12 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2025-04-13 16:28 - 2019-12-07 08:12 - 000000000 ____D C:\WINDOWS\system32\oobe
2025-04-13 16:28 - 2019-12-07 08:12 - 000000000 ____D C:\WINDOWS\system32\migwiz
2025-04-13 16:28 - 2019-12-07 08:12 - 000000000 ____D C:\WINDOWS\system32\Dism
2025-04-13 16:27 - 2019-12-07 08:12 - 000000000 ___RD C:\WINDOWS\PrintDialog
2025-04-13 16:27 - 2019-12-07 08:12 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2025-04-13 16:27 - 2019-12-07 08:12 - 000000000 ____D C:\WINDOWS\ShellExperiences
2025-04-13 16:27 - 2019-12-07 08:12 - 000000000 ____D C:\WINDOWS\ShellComponents
2025-04-13 16:27 - 2019-12-07 08:12 - 000000000 ____D C:\WINDOWS\bcastdvr

==================== Files in the root of some directories ========

2025-04-15 16:33 - 2025-04-15 16:33 - 000000017 _____ () C:\Users\Admin\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

[JaRon]

Je to OK

[Vlcicek]

Ahoj,
chci mockrát poděkovat za pomoc při odstranění problému s počítačem. Nyní vše funguje. Jsem ráda a vážím si cenných rad. Jste profíci.

[JaRon]

Dakujem za poctu prajem pekny den