VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Zdvořile prosím o preventivní kontrolu

https://forum.viry.cz:443/viewtopic.php?t=160433

Stránka 1 z 1

Zdvořile prosím o preventivní kontrolu

Napsal: 22 črc 2025 21:26
od gripin
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17-07-2025
Ran by gripin (administrator) on NITRO5 (Acer Nitro AN517-43) (22-07-2025 22:14:25)
Running from C:\Users\gripi\OneDrive\Plocha\FRST64.exe
Loaded Profiles: gripin
Platform: Microsoft Windows 11 Home Version 24H2 26100.4652 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\NitroSense Service\PSAgent.exe
(C:\Program Files\Acer\NitroSense Service\PSSvc.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\NitroSense Service\PSAdminAgent.exe
(C:\Program Files\Acer\Quick Access Service\QASvc.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Quick Access Service\QAAdminAgent.exe
(C:\Program Files\Acer\Quick Access Service\QASvc.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Quick Access Service\QAAgent.exe
(drivers\RivetNetworks\Killer\KNDBWMService.exe ->) (Intel Corporation -> Intel® Corporation) C:\Windows\System32\drivers\RivetNetworks\Killer\KNDBWM.exe
(DriverStore\FileRepository\u0383736.inf_amd64_a87ecf0965da08fe\B383240\atiesrxx.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0383736.inf_amd64_a87ecf0965da08fe\B383240\atieclxx.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <14>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(services.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files (x86)\Acer\Care Center\ACCSvc.exe
(services.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\NitroSense Service\PSSvc.exe
(services.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Quick Access Service\QASvc.exe
(services.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(services.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0383736.inf_amd64_a87ecf0965da08fe\B383240\atiesrxx.exe
(services.exe ->) (DTS, Inc. -> DTS Inc.) C:\Windows\System32\DTS\PC\APO4x\DtsApo4Service.exe
(services.exe ->) (Intel Corporation -> Intel) C:\Windows\System32\drivers\RivetNetworks\Killer\KillerAnalyticsService.exe
(services.exe ->) (Intel Corporation -> Intel) C:\Windows\System32\drivers\RivetNetworks\Killer\KillerNetworkService.exe
(services.exe ->) (Intel Corporation -> Intel® Corporation) C:\Windows\System32\drivers\RivetNetworks\Killer\KNDBWMService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25050.5-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25050.5-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25050.5-0\NisSrv.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvacegpu.inf_amd64_eae66ccfc806511d\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_9b2689b4e3586127\RtkAudUService64.exe <3>
(svchost.exe ->) (Acer Incorporated -> ) C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.StartExperiencesApp_1.73.0.0_x64__8wekyb3d8bbwe\MicrosoftStartFeedProvider\MicrosoftStartFeedProvider.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\gripi\AppData\Local\Microsoft\OneDrive\25.122.0624.0004\FileCoAuth.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\NgcIso.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe
(svchost.exe ->) (SweetLabs Inc -> SweetLabs, Inc) C:\Users\gripi\AppData\Local\Host App Service\Engine\HostAppServiceUpdater.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_9b2689b4e3586127\RtkAudUService64.exe [1673008 2023-05-10] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\138.0.7204.158\Installer\chrmstp.exe [2025-07-21] (Google LLC -> Google LLC)

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {C9D1FDAD-2339-4216-9003-7177647D6DEB} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe [3089768 2023-02-03] (Acer Incorporated -> ) -> C:\Program Files (x86)\Acer\Care Center\-auto
Task: {FC3CE71E-C39E-41BA-B7E9-0A8EF19E7F34} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [41832 2023-02-03] (Acer Incorporated -> )
Task: {6F2BE59E-2A9C-412A-B2D7-F4A495B792C8} - System32\Tasks\ACCBackgroundApplication => C:\Program Files (x86)\Acer\Care Center\ACCStd.exe [4956008 2023-02-03] (Acer Incorporated -> )
Task: {D6973E8B-0A3A-41BB-9362-D61B47DC3846} - System32\Tasks\AcerCMUpdateTask2.9.25180 => C:\Program Files (x86)\Acer\Amundsen\2.9.25180\awc.exe [97480 2025-06-24] (Acer Incorporated -> )
Task: {80F5C317-C079-48FF-9690-AD27AC68E664} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [954816 2022-08-30] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {59D02F33-B294-4E08-A70B-605B3CB6CE93} - System32\Tasks\App Explorer => C:\Users\gripi\AppData\Local\Host App Service\Engine\HostAppServiceUpdater.exe [9793520 2025-06-30] (SweetLabs Inc -> SweetLabs, Inc) <==== ATTENTION
Task: {7F95B83B-607B-4FD2-A8EC-494413FC9080} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem140.0.7273.0{2F33E522-FC4C-4E9F-ACC1-1F8FD77600CF} => C:\Program Files (x86)\Google\GoogleUpdater\140.0.7273.0\updater.exe [6836832 2025-07-02] (Google LLC -> Google LLC)
Task: {077BA067-7C15-40F0-B22E-C9DC2A54B4A2} - System32\Tasks\Microsoft\Windows\Location\Notifications => %windir%\System32\LocationNotificationWindows.exe (No File)
Task: {F3E6E7ED-A196-4E44-8803-55FAB3AD4E29} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
Task: {CEADBF80-12AA-4763-B245-33CD6ED0361B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25050.5-0\MpCmdRun.exe [1757568 2025-06-21] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {9026745B-854D-426A-9A86-4DCDDC2A1298} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25050.5-0\MpCmdRun.exe [1757568 2025-06-21] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {C2F240D4-F16E-4599-B50D-95DD849BF1C5} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25050.5-0\MpCmdRun.exe [1757568 2025-06-21] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {85BED404-046D-41D7-ADC2-6603659928AD} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25050.5-0\MpCmdRun.exe [1757568 2025-06-21] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {8522BCDD-9A3A-460B-809C-6FD7AA8695D2} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [954816 2022-08-30] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {B43D1413-8C2B-4D94-924E-8C09C6E10C49} - System32\Tasks\NitroSense => C:\Program Files\Acer\NitroSense Service\PSLauncher.exe [609640 2023-01-05] (Acer Incorporated -> Acer Incorporated)
Task: {C0064A89-EBA7-453A-AC57-E9B42DFB5F66} - System32\Tasks\Oem\AcerJumpstartTask => C:\Program Files (x86)\Acer\Acer Jumpstart\hermes.exe [70792 2022-08-15] (Acer Incorporated -> )
Task: {A5C80FEA-4033-442B-86D9-C9CD1CE94E13} - System32\Tasks\OneDrive Startup Task-S-1-5-21-4040071779-3630026112-2008511194-1001 => C:\Users\gripi\AppData\Local\Microsoft\OneDrive\25.122.0624.0004\OneDriveLauncher.exe [685432 2025-07-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {CDD654DB-58CF-461F-A93F-01C22CB52A5A} - System32\Tasks\Optimize Push Notification Data File-S-1-5-21-4040071779-3630026112-2008511194-1001 => {201600D8-6EFF-48CE-B842-E14D37A0682D} C:\WINDOWS\System32\wpninprc.dll [65536 2024-12-21] (Microsoft Windows -> Microsoft Corporation)
Task: {0F9DAA7F-90BE-4708-82A4-3CC86BFA3FC8} - System32\Tasks\Quick Access => C:\Program Files\Acer\Quick Access Service\QALauncher.exe [446824 2023-01-17] (Acer Incorporated -> Acer Incorporated)
Task: {DD7FD8AA-0238-4A75-9758-9E2497DE975C} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [461472 2022-12-20] (Acer Incorporated -> Acer Incorporated)
Task: {6709E6F9-8867-4294-9288-DDC182C67761} - System32\Tasks\StorPSCTL => C:\Program Files\Acer\StorPSCTL\StorPSCTL.exe [153640 2021-03-29] (Acer Incorporated -> Microsoft)
Task: {BBC5DBD3-4353-4ECF-A87A-754F076C9AA3} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program Service\Framework\TriggerFramework.exe [333152 2022-08-03] (Acer Incorporated -> Acer Incorporated)
Task: {D0194778-6E69-435E-9570-4BF9158F23A5} - System32\Tasks\UEIPInvitation => C:\Program Files\Acer\User Experience Improvement Program Service\Framework\UEIPOOBECheck.exe [2218336 2022-08-03] (Acer Incorporated -> Acer Incorporated)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{7a69decb-3a5e-4113-895a-175d6f88cb6e}: [DhcpNameServer] 192.168.0.1

Edge:
=======
Edge Profile: C:\Users\gripi\AppData\Local\Microsoft\Edge\User Data\Default [2025-05-08]
Edge Extension: (Dokumenty Google offline) - C:\Users\gripi\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-05-08]
Edge Extension: (Edge relevant text changes) - C:\Users\gripi\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-05-07]

FireFox:
========
FF Plugin: @videolan.org/vlc,version=3.0.21 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2024-06-08] (VideoLAN -> VideoLAN)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\gripi\AppData\Local\Google\Chrome\User Data\Default [2025-07-22]
CHR Notifications: Default -> hxxps://web.whatsapp.com; hxxps://www.perplexity.ai
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR Extension: (uBlock Origin Lite) - C:\Users\gripi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ddkjiahejlhfcafbddmgiahcphecmpfh [2025-07-22]
CHR Extension: (I don't care about cookies) - C:\Users\gripi\AppData\Local\Google\Chrome\User Data\Default\Extensions\fihnjjcciajhdojfnbdddfaoknhalnja [2024-09-21]
CHR Extension: (Dokumenty Google offline) - C:\Users\gripi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-07-22]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\gripi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-05-07]
CHR Profile: C:\Users\gripi\AppData\Local\Google\Chrome\User Data\Guest Profile [2024-07-24]
CHR Profile: C:\Users\gripi\AppData\Local\Google\Chrome\User Data\Profile 1 [2025-06-21]
CHR StartupUrls: Profile 1 -> "hxxps://www.youtube.com/"
CHR Extension: (Dokumenty Google offline) - C:\Users\gripi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-06-06]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\gripi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-05-07]
CHR Profile: C:\Users\gripi\AppData\Local\Google\Chrome\User Data\System Profile [2025-07-22]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ACCSvc; C:\Program Files (x86)\Acer\Care Center\ACCSvc.exe [259432 2023-02-03] (Acer Incorporated -> Acer Incorporated)
R2 DtsApo4Service; C:\WINDOWS\System32\DTS\PC\APO4x\DtsApo4Service.exe [243384 2023-06-19] (DTS, Inc. -> DTS Inc.)
S3 KAPSService; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KAPSService.exe [78088 2023-08-10] (Intel Corporation -> Intel® Corporation)
R2 Killer Analytics Service; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KillerAnalyticsService.exe [2480944 2023-08-10] (Intel Corporation -> Intel)
R2 Killer Network Service; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KillerNetworkService.exe [2981168 2023-08-10] (Intel Corporation -> Intel)
R3 KNDBWM; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KNDBWMService.exe [78128 2023-08-10] (Intel Corporation -> Intel® Corporation)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25050.5-0\MpDefenderCoreService.exe [2071592 2025-06-21] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 ProtonVPN Service; C:\Program Files\Proton\VPN\v4.2.0\ProtonVPNService.exe [464624 2025-06-13] (Proton AG -> ProtonVPN)
S3 ProtonVPN WireGuard; C:\Program Files\Proton\VPN\v3.5.1\ProtonVPN.WireGuardService.exe [464104 2024-12-11] (Proton AG -> ProtonVPN)
R3 PSSvc; C:\Program Files\Acer\NitroSense Service\PSSvc.exe [867176 2023-01-05] (Acer Incorporated -> Acer Incorporated)
S3 QALSvc; C:\Program Files\Acer\Quick Access Service\QALSvc.exe [466280 2023-01-17] (Acer Incorporated -> Acer Incorporated)
R3 QASvc; C:\Program Files\Acer\Quick Access Service\QASvc.exe [504680 2023-01-17] (Acer Incorporated -> Acer Incorporated)
S3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program Service\Framework\UBTService.exe [337760 2022-08-03] (Acer Incorporated -> Acer Incorporated)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25050.5-0\NisSrv.exe [4513624 2025-06-21] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25050.5-0\MsMpEng.exe [278328 2025-06-21] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvacegpu.inf_amd64_eae66ccfc806511d\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvacegpu.inf_amd64_eae66ccfc806511d\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AcerAirplaneModeController; C:\WINDOWS\System32\DriverStore\FileRepository\acerairplanemodecontroller.inf_amd64_36869d4d52526b5b\AcerAirplaneModeController.sys [36200 2024-06-03] (Acer Incorporated -> Acer Incorporated)
R3 amdfendrmgr; C:\WINDOWS\System32\drivers\amdfendrmgr.sys [35344 2022-09-09] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R3 amdpmf; C:\WINDOWS\System32\drivers\amdpmf.sys [144280 2022-08-22] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R3 amdwddmg; C:\WINDOWS\System32\DriverStore\FileRepository\u0383736.inf_amd64_a87ecf0965da08fe\B383240\amdkmdag.sys [94462312 2022-09-21] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R0 fse; C:\WINDOWS\System32\drivers\fse.sys [222528 2024-12-21] (Microsoft Windows -> Microsoft Corporation)
R3 KfeCoSvc; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KfeCo11X64.sys [209200 2023-08-10] (Intel Corporation -> Rivet Networks, LLC.)
R3 KslD; C:\WINDOWS\System32\drivers\wd\KslD.sys [330112 2025-06-21] (Microsoft Windows -> Microsoft Corporation)
S2 l1vhlwf; C:\WINDOWS\System32\drivers\l1vhlwf.sys [140688 2025-07-17] (Microsoft Windows -> Microsoft Corporation)
R3 MTKBTFilterX64; C:\WINDOWS\System32\drivers\mtkbtfilterx.sys [371704 2023-02-01] (Microsoft Windows Hardware Compatibility Publisher -> MediaTek Inc.)
R3 mtkwlex; C:\WINDOWS\System32\drivers\mtkwl6ex.sys [1647056 2023-02-02] (Microsoft Windows Hardware Compatibility Publisher -> MediaTek Inc.)
R3 nvpcf; C:\WINDOWS\System32\drivers\nvpcf.sys [243768 2023-03-07] (NVIDIA Corporation -> NVIDIA Corporation)
S3 ProtonVPNCallout; C:\Program Files\Proton\VPN\v4.2.0\Resources\ProtonVPN.CalloutDriver.sys [40360 2025-02-10] (Proton AG -> Proton AG)
S3 RevoProcessDetector; C:\WINDOWS\System32\DRIVERS\RevoProcessDetector.sys [19504 2024-03-28] (Microsoft Windows Hardware Compatibility Publisher -> VS Revo Group)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 vmbusproxy; C:\WINDOWS\system32\drivers\vmbusproxy.sys [98304 2025-06-11] (Microsoft Windows -> Microsoft Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [20032 2025-06-21] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [612768 2025-06-21] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [100744 2025-06-21] (Microsoft Windows -> Microsoft Corporation)
S3 wintun; C:\WINDOWS\System32\drivers\wintun.sys [29592 2024-11-07] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
S3 WireGuard; C:\WINDOWS\System32\drivers\wireguard.sys [489368 2024-11-03] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2025-07-22 22:14 - 2025-07-22 22:15 - 000019481 _____ C:\Users\gripi\OneDrive\Plocha\FRST.txt
2025-07-22 22:13 - 2025-07-22 22:14 - 000000000 ____D C:\FRST
2025-07-22 22:12 - 2025-07-22 22:12 - 002409472 _____ (Farbar) C:\Users\gripi\OneDrive\Plocha\FRST64.exe
2025-07-22 21:50 - 2025-07-22 21:50 - 000713018 _____ C:\WINDOWS\system32\perfh005.dat
2025-07-22 21:50 - 2025-07-22 21:50 - 000153196 _____ C:\WINDOWS\system32\perfc005.dat
2025-07-20 13:43 - 2025-07-20 13:43 - 000000000 ____D C:\Obrazky
2025-07-18 17:15 - 2025-07-18 17:15 - 002380800 _____ C:\Users\gripi\SteamSetup.exe
2025-07-17 18:01 - 2025-07-17 18:01 - 000000000 ____D C:\WINDOWS\system32\ruxim
2025-07-17 17:31 - 2025-07-22 21:43 - 000000000 ____D C:\WINDOWS\CbsTemp
2025-07-17 16:57 - 2025-07-17 16:57 - 000073956 _____ C:\WINDOWS\SysWOW64\ctac.json
2025-07-17 16:57 - 2025-07-17 16:57 - 000073956 _____ C:\WINDOWS\system32\ctac.json
2025-07-17 16:57 - 2025-07-17 16:57 - 000033519 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json
2025-07-17 16:57 - 2025-07-17 16:57 - 000033519 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2025-07-08 15:37 - 2025-07-08 15:37 - 000004880 _____ C:\WINDOWS\system32\Tasks\AcerCMUpdateTask2.9.25180

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2025-07-22 22:13 - 2024-04-01 09:26 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2025-07-22 21:55 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\AppReadiness
2025-07-22 21:53 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SystemTemp
2025-07-22 21:50 - 2024-12-21 12:15 - 001692332 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2025-07-22 21:50 - 2024-04-01 09:24 - 000000000 ____D C:\WINDOWS\INF
2025-07-22 21:43 - 2024-12-21 12:10 - 000003080 _____ C:\WINDOWS\system32\Tasks\AMDLinkUpdate
2025-07-22 21:43 - 2024-12-21 12:09 - 000003650 _____ C:\WINDOWS\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2
2025-07-22 21:43 - 2024-12-21 12:09 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2025-07-22 21:43 - 2024-05-07 15:11 - 000000000 ___RD C:\Users\gripi\OneDrive
2025-07-22 21:43 - 2024-01-13 21:41 - 000000000 ____D C:\ProgramData\NVIDIA
2025-07-22 21:43 - 2024-01-13 21:34 - 000012288 ___SH C:\DumpStack.log.tmp
2025-07-22 21:42 - 2024-04-01 09:21 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2025-07-22 20:47 - 2024-05-07 15:05 - 000000000 ____D C:\Users\gripi\AppData\Local\D3DSCache
2025-07-22 19:30 - 2024-05-07 14:14 - 000000000 ____D C:\Users\gripi\AppData\Local\Host App Service
2025-07-22 19:30 - 2024-04-01 09:26 - 000000000 ___HD C:\Program Files\WindowsApps
2025-07-21 19:03 - 2024-05-07 15:35 - 000002251 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2025-07-21 15:44 - 2024-12-21 12:06 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2025-07-20 16:39 - 2024-05-08 13:12 - 000000000 ____D C:\Users\gripi\AppData\Roaming\reolink
2025-07-20 12:53 - 2025-02-09 20:30 - 000003576 _____ C:\WINDOWS\system32\Tasks\OneDrive Startup Task-S-1-5-21-4040071779-3630026112-2008511194-1001
2025-07-20 12:53 - 2024-12-21 12:09 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-4040071779-3630026112-2008511194-1001
2025-07-20 12:53 - 2024-12-21 12:09 - 000003362 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4040071779-3630026112-2008511194-1001
2025-07-20 12:53 - 2024-05-07 15:11 - 000002385 _____ C:\Users\gripi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2025-07-20 12:03 - 2024-05-07 15:07 - 000000000 ____D C:\Users\gripi\AppData\Local\packages
2025-07-20 12:03 - 2024-01-13 21:36 - 000000000 ____D C:\ProgramData\Packages
2025-07-18 17:15 - 2024-12-21 12:07 - 000000000 ____D C:\Users\gripi
2025-07-18 13:18 - 2025-02-06 20:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Proton
2025-07-18 13:18 - 2024-01-13 21:37 - 000000000 ____D C:\ProgramData\Package Cache
2025-07-18 11:52 - 2024-01-13 21:34 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2025-07-17 18:03 - 2024-12-21 12:06 - 000001623 _____ C:\WINDOWS\system32\config\VSMIDK
2025-07-17 18:02 - 2024-12-21 12:06 - 000472576 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2025-07-17 18:01 - 2024-04-01 18:30 - 000000000 ____D C:\WINDOWS\system32\Microsoft-Edge-WebView
2025-07-17 18:01 - 2024-04-01 09:26 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2025-07-17 18:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\UUS
2025-07-17 18:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2025-07-17 18:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2025-07-17 18:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2025-07-17 18:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\InstallShield
2025-07-17 18:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2025-07-17 18:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SystemResources
2025-07-17 18:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2025-07-17 18:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\setup
2025-07-17 18:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2025-07-17 18:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\oobe
2025-07-17 18:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\migwiz
2025-07-17 18:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\Dism
2025-07-17 18:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\appraiser
2025-07-17 18:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\schemas
2025-07-17 18:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\ShellExperiences
2025-07-17 18:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\ShellComponents
2025-07-17 18:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\Provisioning
2025-07-17 18:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2025-07-17 18:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\bcastdvr
2025-07-17 18:01 - 2024-04-01 09:21 - 000000000 ____D C:\WINDOWS\servicing
2025-07-17 16:57 - 2024-12-21 12:10 - 003384320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2025-07-08 15:36 - 2024-01-13 21:59 - 000000000 ____D C:\Program Files (x86)\Acer

==================== Files in the root of some directories ========

2025-07-18 17:15 - 2025-07-18 17:15 - 002380800 _____ () C:\Users\gripi\SteamSetup.exe
2025-04-24 13:49 - 2025-04-24 13:49 - 000000212 _____ () C:\Users\gripi\AppData\Roaming\com.reolink.app.client
2024-05-10 19:14 - 2025-02-26 14:44 - 000007605 _____ () C:\Users\gripi\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Re: Zdvořile prosím o preventivní kontrolu

Napsal: 22 črc 2025 21:55
od JaRon
Ahoj,
doporucujem prescanovat s MBAM

Re: Zdvořile prosím o preventivní kontrolu

Napsal: 22 črc 2025 22:19
od gripin
Ahoj, diky za reakci.

Projel sem to MBAM, restartoval u udelal novy scan. Posilam novy log.

Je to v poradku prosim?

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17-07-2025
Ran by gripin (administrator) on NITRO5 (Acer Nitro AN517-43) (22-07-2025 23:12:24)
Running from C:\Users\gripi\OneDrive\Plocha\FRST64.exe
Loaded Profiles: gripin
Platform: Microsoft Windows 11 Home Version 24H2 26100.4652 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\NitroSense Service\PSAgent.exe
(C:\Program Files\Acer\NitroSense Service\PSSvc.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\NitroSense Service\PSAdminAgent.exe
(C:\Program Files\Acer\Quick Access Service\QASvc.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Quick Access Service\QAAdminAgent.exe
(C:\Program Files\Acer\Quick Access Service\QASvc.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Quick Access Service\QAAgent.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe
(drivers\RivetNetworks\Killer\KNDBWMService.exe ->) (Intel Corporation -> Intel® Corporation) C:\Windows\System32\drivers\RivetNetworks\Killer\KNDBWM.exe
(DriverStore\FileRepository\u0383736.inf_amd64_a87ecf0965da08fe\B383240\atiesrxx.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0383736.inf_amd64_a87ecf0965da08fe\B383240\atieclxx.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <11>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(services.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files (x86)\Acer\Care Center\ACCSvc.exe
(services.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\NitroSense Service\PSSvc.exe
(services.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Quick Access Service\QASvc.exe
(services.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(services.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0383736.inf_amd64_a87ecf0965da08fe\B383240\atiesrxx.exe
(services.exe ->) (DTS, Inc. -> DTS Inc.) C:\Windows\System32\DTS\PC\APO4x\DtsApo4Service.exe
(services.exe ->) (Intel Corporation -> Intel) C:\Windows\System32\drivers\RivetNetworks\Killer\KillerAnalyticsService.exe
(services.exe ->) (Intel Corporation -> Intel) C:\Windows\System32\drivers\RivetNetworks\Killer\KillerNetworkService.exe
(services.exe ->) (Intel Corporation -> Intel® Corporation) C:\Windows\System32\drivers\RivetNetworks\Killer\KNDBWMService.exe
(services.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25050.5-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25050.5-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25050.5-0\NisSrv.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvacegpu.inf_amd64_eae66ccfc806511d\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_9b2689b4e3586127\RtkAudUService64.exe <3>
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.StartExperiencesApp_1.73.0.0_x64__8wekyb3d8bbwe\MicrosoftStartFeedProvider\MicrosoftStartFeedProvider.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\BackgroundTransferHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\NgcIso.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.26100.4651_none_a510910d775cffb2\TiWorker.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_9b2689b4e3586127\RtkAudUService64.exe [1673008 2023-05-10] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\138.0.7204.158\Installer\chrmstp.exe [2025-07-21] (Google LLC -> Google LLC)

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {C9D1FDAD-2339-4216-9003-7177647D6DEB} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe [3089768 2023-02-03] (Acer Incorporated -> ) -> C:\Program Files (x86)\Acer\Care Center\-auto
Task: {FC3CE71E-C39E-41BA-B7E9-0A8EF19E7F34} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [41832 2023-02-03] (Acer Incorporated -> )
Task: {6F2BE59E-2A9C-412A-B2D7-F4A495B792C8} - System32\Tasks\ACCBackgroundApplication => C:\Program Files (x86)\Acer\Care Center\ACCStd.exe [4956008 2023-02-03] (Acer Incorporated -> )
Task: {D6973E8B-0A3A-41BB-9362-D61B47DC3846} - System32\Tasks\AcerCMUpdateTask2.9.25180 => C:\Program Files (x86)\Acer\Amundsen\2.9.25180\awc.exe [97480 2025-06-24] (Acer Incorporated -> )
Task: {77B4C58F-87A1-4214-8ED3-CE1488C69123} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [954816 2022-08-30] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {59D02F33-B294-4E08-A70B-605B3CB6CE93} - System32\Tasks\App Explorer => C:\Users\gripi\AppData\Local\Host App Service\Engine\HostAppServiceUpdater.exe [9793520 2025-06-30] (SweetLabs Inc -> SweetLabs, Inc) <==== ATTENTION
Task: {7F95B83B-607B-4FD2-A8EC-494413FC9080} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem140.0.7273.0{2F33E522-FC4C-4E9F-ACC1-1F8FD77600CF} => C:\Program Files (x86)\Google\GoogleUpdater\140.0.7273.0\updater.exe [6836832 2025-07-02] (Google LLC -> Google LLC)
Task: {077BA067-7C15-40F0-B22E-C9DC2A54B4A2} - System32\Tasks\Microsoft\Windows\Location\Notifications => %windir%\System32\LocationNotificationWindows.exe (No File)
Task: {F3E6E7ED-A196-4E44-8803-55FAB3AD4E29} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
Task: {8522BCDD-9A3A-460B-809C-6FD7AA8695D2} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [954816 2022-08-30] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {B43D1413-8C2B-4D94-924E-8C09C6E10C49} - System32\Tasks\NitroSense => C:\Program Files\Acer\NitroSense Service\PSLauncher.exe [609640 2023-01-05] (Acer Incorporated -> Acer Incorporated)
Task: {C0064A89-EBA7-453A-AC57-E9B42DFB5F66} - System32\Tasks\Oem\AcerJumpstartTask => C:\Program Files (x86)\Acer\Acer Jumpstart\hermes.exe [70792 2022-08-15] (Acer Incorporated -> )
Task: {A5C80FEA-4033-442B-86D9-C9CD1CE94E13} - System32\Tasks\OneDrive Startup Task-S-1-5-21-4040071779-3630026112-2008511194-1001 => C:\Users\gripi\AppData\Local\Microsoft\OneDrive\25.122.0624.0004\OneDriveLauncher.exe [685432 2025-07-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {CDD654DB-58CF-461F-A93F-01C22CB52A5A} - System32\Tasks\Optimize Push Notification Data File-S-1-5-21-4040071779-3630026112-2008511194-1001 => {201600D8-6EFF-48CE-B842-E14D37A0682D} C:\WINDOWS\System32\wpninprc.dll [65536 2024-12-21] (Microsoft Windows -> Microsoft Corporation)
Task: {0F9DAA7F-90BE-4708-82A4-3CC86BFA3FC8} - System32\Tasks\Quick Access => C:\Program Files\Acer\Quick Access Service\QALauncher.exe [446824 2023-01-17] (Acer Incorporated -> Acer Incorporated)
Task: {DD7FD8AA-0238-4A75-9758-9E2497DE975C} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [461472 2022-12-20] (Acer Incorporated -> Acer Incorporated)
Task: {6709E6F9-8867-4294-9288-DDC182C67761} - System32\Tasks\StorPSCTL => C:\Program Files\Acer\StorPSCTL\StorPSCTL.exe [153640 2021-03-29] (Acer Incorporated -> Microsoft)
Task: {BBC5DBD3-4353-4ECF-A87A-754F076C9AA3} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program Service\Framework\TriggerFramework.exe [333152 2022-08-03] (Acer Incorporated -> Acer Incorporated)
Task: {D0194778-6E69-435E-9570-4BF9158F23A5} - System32\Tasks\UEIPInvitation => C:\Program Files\Acer\User Experience Improvement Program Service\Framework\UEIPOOBECheck.exe [2218336 2022-08-03] (Acer Incorporated -> Acer Incorporated)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{7a69decb-3a5e-4113-895a-175d6f88cb6e}: [DhcpNameServer] 192.168.0.1

Edge:
=======
Edge Profile: C:\Users\gripi\AppData\Local\Microsoft\Edge\User Data\Default [2025-05-08]
Edge Extension: (Dokumenty Google offline) - C:\Users\gripi\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-05-08]
Edge Extension: (Edge relevant text changes) - C:\Users\gripi\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-05-07]

FireFox:
========
FF Plugin: @videolan.org/vlc,version=3.0.21 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2024-06-08] (VideoLAN -> VideoLAN)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\gripi\AppData\Local\Google\Chrome\User Data\Default [2025-07-22]
CHR Notifications: Default -> hxxps://web.whatsapp.com; hxxps://www.perplexity.ai
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR Extension: (uBlock Origin Lite) - C:\Users\gripi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ddkjiahejlhfcafbddmgiahcphecmpfh [2025-07-22]
CHR Extension: (I don't care about cookies) - C:\Users\gripi\AppData\Local\Google\Chrome\User Data\Default\Extensions\fihnjjcciajhdojfnbdddfaoknhalnja [2024-09-21]
CHR Extension: (Dokumenty Google offline) - C:\Users\gripi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-07-22]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\gripi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-05-07]
CHR Profile: C:\Users\gripi\AppData\Local\Google\Chrome\User Data\Guest Profile [2024-07-24]
CHR Profile: C:\Users\gripi\AppData\Local\Google\Chrome\User Data\Profile 1 [2025-06-21]
CHR StartupUrls: Profile 1 -> "hxxps://www.youtube.com/"
CHR Extension: (Dokumenty Google offline) - C:\Users\gripi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-06-06]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\gripi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-05-07]
CHR Profile: C:\Users\gripi\AppData\Local\Google\Chrome\User Data\System Profile [2025-07-22]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ACCSvc; C:\Program Files (x86)\Acer\Care Center\ACCSvc.exe [259432 2023-02-03] (Acer Incorporated -> Acer Incorporated)
R2 DtsApo4Service; C:\WINDOWS\System32\DTS\PC\APO4x\DtsApo4Service.exe [243384 2023-06-19] (DTS, Inc. -> DTS Inc.)
S3 KAPSService; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KAPSService.exe [78088 2023-08-10] (Intel Corporation -> Intel® Corporation)
R2 Killer Analytics Service; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KillerAnalyticsService.exe [2480944 2023-08-10] (Intel Corporation -> Intel)
R2 Killer Network Service; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KillerNetworkService.exe [2981168 2023-08-10] (Intel Corporation -> Intel)
R3 KNDBWM; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KNDBWMService.exe [78128 2023-08-10] (Intel Corporation -> Intel® Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9591104 2025-07-22] (Malwarebytes Inc -> Malwarebytes)
S3 MBVpnTunnelService; C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe [2788304 2025-07-22] (Malwarebytes Inc. -> Malwarebytes)
S3 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25050.5-0\MpDefenderCoreService.exe [2071592 2025-06-21] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 ProtonVPN Service; C:\Program Files\Proton\VPN\v4.2.0\ProtonVPNService.exe [464624 2025-06-13] (Proton AG -> ProtonVPN)
S3 ProtonVPN WireGuard; C:\Program Files\Proton\VPN\v3.5.1\ProtonVPN.WireGuardService.exe [464104 2024-12-11] (Proton AG -> ProtonVPN)
R3 PSSvc; C:\Program Files\Acer\NitroSense Service\PSSvc.exe [867176 2023-01-05] (Acer Incorporated -> Acer Incorporated)
S3 QALSvc; C:\Program Files\Acer\Quick Access Service\QALSvc.exe [466280 2023-01-17] (Acer Incorporated -> Acer Incorporated)
R3 QASvc; C:\Program Files\Acer\Quick Access Service\QASvc.exe [504680 2023-01-17] (Acer Incorporated -> Acer Incorporated)
S3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program Service\Framework\UBTService.exe [337760 2022-08-03] (Acer Incorporated -> Acer Incorporated)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25050.5-0\NisSrv.exe [4513624 2025-06-21] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25050.5-0\MsMpEng.exe [278328 2025-06-21] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvacegpu.inf_amd64_eae66ccfc806511d\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvacegpu.inf_amd64_eae66ccfc806511d\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AcerAirplaneModeController; C:\WINDOWS\System32\DriverStore\FileRepository\acerairplanemodecontroller.inf_amd64_36869d4d52526b5b\AcerAirplaneModeController.sys [36200 2024-06-03] (Acer Incorporated -> Acer Incorporated)
R3 amdfendrmgr; C:\WINDOWS\System32\drivers\amdfendrmgr.sys [35344 2022-09-09] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R3 amdpmf; C:\WINDOWS\System32\drivers\amdpmf.sys [144280 2022-08-22] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R3 amdwddmg; C:\WINDOWS\System32\DriverStore\FileRepository\u0383736.inf_amd64_a87ecf0965da08fe\B383240\amdkmdag.sys [94462312 2022-09-21] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae.sys [159296 2025-07-22] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R0 fse; C:\WINDOWS\System32\drivers\fse.sys [222528 2024-12-21] (Microsoft Windows -> Microsoft Corporation)
R3 KfeCoSvc; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KfeCo11X64.sys [209200 2023-08-10] (Intel Corporation -> Rivet Networks, LLC.)
S3 KslD; C:\WINDOWS\System32\drivers\wd\KslD.sys [330112 2025-06-21] (Microsoft Windows -> Microsoft Corporation)
S2 l1vhlwf; C:\WINDOWS\System32\drivers\l1vhlwf.sys [140688 2025-07-17] (Microsoft Windows -> Microsoft Corporation)
R2 mbamchameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [234072 2025-07-22] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [22120 2025-07-22] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\Drivers\farflt11.sys [241872 2025-07-22] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\System32\Drivers\mbam.sys [80960 2025-07-22] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [242752 2025-07-22] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [190096 2025-07-22] (Malwarebytes Inc -> Malwarebytes)
R3 MTKBTFilterX64; C:\WINDOWS\System32\drivers\mtkbtfilterx.sys [371704 2023-02-01] (Microsoft Windows Hardware Compatibility Publisher -> MediaTek Inc.)
R3 mtkwlex; C:\WINDOWS\System32\drivers\mtkwl6ex.sys [1647056 2023-02-02] (Microsoft Windows Hardware Compatibility Publisher -> MediaTek Inc.)
R3 nvpcf; C:\WINDOWS\System32\drivers\nvpcf.sys [243768 2023-03-07] (NVIDIA Corporation -> NVIDIA Corporation)
S3 ProtonVPNCallout; C:\Program Files\Proton\VPN\v4.2.0\Resources\ProtonVPN.CalloutDriver.sys [40360 2025-02-10] (Proton AG -> Proton AG)
S3 RevoProcessDetector; C:\WINDOWS\System32\DRIVERS\RevoProcessDetector.sys [19504 2024-03-28] (Microsoft Windows Hardware Compatibility Publisher -> VS Revo Group)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 vmbusproxy; C:\WINDOWS\system32\drivers\vmbusproxy.sys [98304 2025-06-11] (Microsoft Windows -> Microsoft Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [20032 2025-06-21] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [612768 2025-06-21] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [100744 2025-06-21] (Microsoft Windows -> Microsoft Corporation)
S3 wintun; C:\WINDOWS\System32\drivers\wintun.sys [29592 2024-11-07] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
S3 WireGuard; C:\WINDOWS\System32\drivers\wireguard.sys [489368 2024-11-03] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2025-07-22 23:12 - 2025-07-22 23:13 - 000019792 _____ C:\Users\gripi\OneDrive\Plocha\FRST.txt
2025-07-22 23:12 - 2025-07-22 23:12 - 000000000 ___RD C:\Users\gripi\OneDrive\Plocha\2 scan
2025-07-22 23:11 - 2025-07-22 23:12 - 000000000 ___RD C:\Users\gripi\OneDrive\Plocha\1 scan
2025-07-22 23:10 - 2025-07-22 23:10 - 000190096 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2025-07-22 23:10 - 2025-07-22 23:10 - 000000000 ____D C:\Users\gripi\AppData\LocalLow\IGDump
2025-07-22 23:02 - 2025-07-22 23:02 - 000241872 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt11.sys
2025-07-22 23:01 - 2025-07-22 23:10 - 000000000 ____D C:\Users\gripi\AppData\Local\Malwarebytes
2025-07-22 23:01 - 2025-07-22 23:01 - 000002097 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2025-07-22 23:00 - 2025-07-22 23:00 - 000000000 ____D C:\ProgramData\Malwarebytes
2025-07-22 23:00 - 2025-07-22 23:00 - 000000000 ____D C:\Program Files\Malwarebytes
2025-07-22 22:59 - 2025-07-22 22:59 - 002827496 _____ (Malwarebytes) C:\Users\gripi\OneDrive\Plocha\MBSetup.exe
2025-07-22 22:13 - 2025-07-22 23:12 - 000000000 ____D C:\FRST
2025-07-22 22:12 - 2025-07-22 22:12 - 002409472 _____ (Farbar) C:\Users\gripi\OneDrive\Plocha\FRST64.exe
2025-07-22 21:50 - 2025-07-22 21:50 - 000713018 _____ C:\WINDOWS\system32\perfh005.dat
2025-07-22 21:50 - 2025-07-22 21:50 - 000153196 _____ C:\WINDOWS\system32\perfc005.dat
2025-07-20 13:43 - 2025-07-20 13:43 - 000000000 ____D C:\Obrazky
2025-07-17 18:01 - 2025-07-17 18:01 - 000000000 ____D C:\WINDOWS\system32\ruxim
2025-07-17 17:31 - 2025-07-22 23:10 - 000000000 ____D C:\WINDOWS\CbsTemp
2025-07-17 16:57 - 2025-07-17 16:57 - 000073956 _____ C:\WINDOWS\SysWOW64\ctac.json
2025-07-17 16:57 - 2025-07-17 16:57 - 000073956 _____ C:\WINDOWS\system32\ctac.json
2025-07-17 16:57 - 2025-07-17 16:57 - 000033519 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json
2025-07-17 16:57 - 2025-07-17 16:57 - 000033519 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2025-07-08 15:37 - 2025-07-08 15:37 - 000004880 _____ C:\WINDOWS\system32\Tasks\AcerCMUpdateTask2.9.25180

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2025-07-22 23:13 - 2024-05-07 14:14 - 000000000 ____D C:\Users\gripi\AppData\Local\Host App Service
2025-07-22 23:12 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SystemTemp
2025-07-22 23:11 - 2024-12-21 12:09 - 000003796 _____ C:\WINDOWS\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2
2025-07-22 23:11 - 2024-05-07 15:11 - 000000000 ___RD C:\Users\gripi\OneDrive
2025-07-22 23:11 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\AppReadiness
2025-07-22 23:10 - 2024-12-21 12:10 - 000003080 _____ C:\WINDOWS\system32\Tasks\AMDLinkUpdate
2025-07-22 23:10 - 2024-12-21 12:09 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2025-07-22 23:10 - 2024-12-21 12:06 - 000001623 _____ C:\WINDOWS\system32\config\VSMIDK
2025-07-22 23:10 - 2024-04-01 09:26 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2025-07-22 23:10 - 2024-04-01 09:21 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2025-07-22 23:10 - 2024-01-13 21:41 - 000000000 ____D C:\ProgramData\NVIDIA
2025-07-22 23:10 - 2024-01-13 21:34 - 000012288 ___SH C:\DumpStack.log.tmp
2025-07-22 23:06 - 2024-12-21 12:07 - 000000000 ____D C:\Users\gripi
2025-07-22 23:02 - 2024-04-01 09:24 - 000000000 ____D C:\WINDOWS\INF
2025-07-22 23:00 - 2024-05-07 15:07 - 000000000 ____D C:\Users\gripi\AppData\Local\packages
2025-07-22 23:00 - 2024-04-01 09:26 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2025-07-22 23:00 - 2024-04-01 09:26 - 000000000 ___HD C:\Program Files\WindowsApps
2025-07-22 23:00 - 2024-01-13 21:36 - 000000000 ____D C:\ProgramData\Packages
2025-07-22 21:50 - 2024-12-21 12:15 - 001692332 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2025-07-22 20:47 - 2024-05-07 15:05 - 000000000 ____D C:\Users\gripi\AppData\Local\D3DSCache
2025-07-21 19:03 - 2024-05-07 15:35 - 000002251 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2025-07-21 15:44 - 2024-12-21 12:06 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2025-07-20 16:39 - 2024-05-08 13:12 - 000000000 ____D C:\Users\gripi\AppData\Roaming\reolink
2025-07-20 12:53 - 2025-02-09 20:30 - 000003576 _____ C:\WINDOWS\system32\Tasks\OneDrive Startup Task-S-1-5-21-4040071779-3630026112-2008511194-1001
2025-07-20 12:53 - 2024-12-21 12:09 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-4040071779-3630026112-2008511194-1001
2025-07-20 12:53 - 2024-12-21 12:09 - 000003362 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4040071779-3630026112-2008511194-1001
2025-07-20 12:53 - 2024-05-07 15:11 - 000002385 _____ C:\Users\gripi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2025-07-18 13:18 - 2025-02-06 20:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Proton
2025-07-18 13:18 - 2024-01-13 21:37 - 000000000 ____D C:\ProgramData\Package Cache
2025-07-18 11:52 - 2024-01-13 21:34 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2025-07-17 18:02 - 2024-12-21 12:06 - 000472576 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2025-07-17 18:01 - 2024-04-01 18:30 - 000000000 ____D C:\WINDOWS\system32\Microsoft-Edge-WebView
2025-07-17 18:01 - 2024-04-01 09:26 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2025-07-17 18:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\UUS
2025-07-17 18:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2025-07-17 18:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2025-07-17 18:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2025-07-17 18:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\InstallShield
2025-07-17 18:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2025-07-17 18:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SystemResources
2025-07-17 18:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2025-07-17 18:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\setup
2025-07-17 18:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2025-07-17 18:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\oobe
2025-07-17 18:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\migwiz
2025-07-17 18:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\Dism
2025-07-17 18:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\appraiser
2025-07-17 18:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\schemas
2025-07-17 18:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\ShellExperiences
2025-07-17 18:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\ShellComponents
2025-07-17 18:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\Provisioning
2025-07-17 18:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2025-07-17 18:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\bcastdvr
2025-07-17 18:01 - 2024-04-01 09:21 - 000000000 ____D C:\WINDOWS\servicing
2025-07-17 16:57 - 2024-12-21 12:10 - 003384320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2025-07-08 15:36 - 2024-01-13 21:59 - 000000000 ____D C:\Program Files (x86)\Acer

==================== Files in the root of some directories ========

2025-04-24 13:49 - 2025-04-24 13:49 - 000000212 _____ () C:\Users\gripi\AppData\Roaming\com.reolink.app.client
2024-05-10 19:14 - 2025-02-26 14:44 - 000007605 _____ () C:\Users\gripi\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Re: Zdvořile prosím o preventivní kontrolu

Napsal: 23 črc 2025 07:16
od JaRon
Pouzi este fixlist.txt s obsahom:


Start

CloseProcesses:

Task: {59D02F33-B294-4E08-A70B-605B3CB6CE93} - System32\Tasks\App Explorer => C:\Users\gripi\AppData\Local\Host App Service\Engine\HostAppServiceUpdater.exe [9793520 2025-06-30] (SweetLabs Inc -> SweetLabs, Inc) <==== ATTENTION
Task: {7F95B83B-607B-4FD2-A8EC-494413FC9080} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem140.0.7273.0{2F33E522-FC4C-4E9F-ACC1-1F8FD77600CF} => C:\Program Files (x86)\Google\GoogleUpdater\140.0.7273.0\updater.exe [6836832 2025-07-02] (Google LLC -> Google LLC)
Task: {077BA067-7C15-40F0-B22E-C9DC2A54B4A2} - System32\Tasks\Microsoft\Windows\Location\Notifications => %windir%\System32\LocationNotificationWindows.exe (No File)
Task: {F3E6E7ED-A196-4E44-8803-55FAB3AD4E29} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)




EmptyTemp:

End

Re: Zdvořile prosím o preventivní kontrolu

Napsal: 23 črc 2025 16:40
od gripin
Tak hotovo. Restart a dalsi LOG.

Vypada to uz OK prosim? Dekuji

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17-07-2025
Ran by gripin (administrator) on NITRO5 (Acer Nitro AN517-43) (23-07-2025 17:28:30)
Running from C:\Users\gripi\OneDrive\Plocha\FRST64.exe
Loaded Profiles: gripin
Platform: Microsoft Windows 11 Home Version 24H2 26100.4652 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\NitroSense Service\PSAgent.exe
(C:\Program Files\Acer\NitroSense Service\PSSvc.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\NitroSense Service\PSAdminAgent.exe
(C:\Program Files\Acer\Quick Access Service\QASvc.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Quick Access Service\QAAdminAgent.exe
(C:\Program Files\Acer\Quick Access Service\QASvc.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Quick Access Service\QAAgent.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe
(drivers\RivetNetworks\Killer\KNDBWMService.exe ->) (Intel Corporation -> Intel® Corporation) C:\Windows\System32\drivers\RivetNetworks\Killer\KNDBWM.exe
(DriverStore\FileRepository\u0383736.inf_amd64_a87ecf0965da08fe\B383240\atiesrxx.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0383736.inf_amd64_a87ecf0965da08fe\B383240\atieclxx.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <10>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(services.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files (x86)\Acer\Care Center\ACCSvc.exe
(services.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\NitroSense Service\PSSvc.exe
(services.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Quick Access Service\QASvc.exe
(services.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(services.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0383736.inf_amd64_a87ecf0965da08fe\B383240\atiesrxx.exe
(services.exe ->) (DTS, Inc. -> DTS Inc.) C:\Windows\System32\DTS\PC\APO4x\DtsApo4Service.exe
(services.exe ->) (Intel Corporation -> Intel) C:\Windows\System32\drivers\RivetNetworks\Killer\KillerAnalyticsService.exe
(services.exe ->) (Intel Corporation -> Intel) C:\Windows\System32\drivers\RivetNetworks\Killer\KillerNetworkService.exe
(services.exe ->) (Intel Corporation -> Intel® Corporation) C:\Windows\System32\drivers\RivetNetworks\Killer\KNDBWMService.exe
(services.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25050.5-0\MpDefenderCoreService.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvacegpu.inf_amd64_eae66ccfc806511d\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_9b2689b4e3586127\RtkAudUService64.exe <3>
(svchost.exe ->) (Acer Incorporated -> ) C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.StartExperiencesApp_1.73.0.0_x64__8wekyb3d8bbwe\MicrosoftStartFeedProvider\MicrosoftStartFeedProvider.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\gripi\AppData\Local\Microsoft\OneDrive\25.122.0624.0004\FileCoAuth.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\NgcIso.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (SweetLabs Inc -> SweetLabs, Inc) C:\Users\gripi\AppData\Local\Host App Service\Engine\HostAppServiceUpdater.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_9b2689b4e3586127\RtkAudUService64.exe [1673008 2023-05-10] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\138.0.7204.158\Installer\chrmstp.exe [2025-07-21] (Google LLC -> Google LLC)

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {C9D1FDAD-2339-4216-9003-7177647D6DEB} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe [3089768 2023-02-03] (Acer Incorporated -> ) -> C:\Program Files (x86)\Acer\Care Center\-auto
Task: {FC3CE71E-C39E-41BA-B7E9-0A8EF19E7F34} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [41832 2023-02-03] (Acer Incorporated -> )
Task: {6F2BE59E-2A9C-412A-B2D7-F4A495B792C8} - System32\Tasks\ACCBackgroundApplication => C:\Program Files (x86)\Acer\Care Center\ACCStd.exe [4956008 2023-02-03] (Acer Incorporated -> )
Task: {D6973E8B-0A3A-41BB-9362-D61B47DC3846} - System32\Tasks\AcerCMUpdateTask2.9.25180 => C:\Program Files (x86)\Acer\Amundsen\2.9.25180\awc.exe [97480 2025-06-24] (Acer Incorporated -> )
Task: {C0A2EF16-9FC9-4AC7-B34F-F3C42E53AACF} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [954816 2022-08-30] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {59D02F33-B294-4E08-A70B-605B3CB6CE93} - System32\Tasks\App Explorer => C:\Users\gripi\AppData\Local\Host App Service\Engine\HostAppServiceUpdater.exe [9793520 2025-06-30] (SweetLabs Inc -> SweetLabs, Inc) <==== ATTENTION
Task: {7F95B83B-607B-4FD2-A8EC-494413FC9080} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem140.0.7273.0{2F33E522-FC4C-4E9F-ACC1-1F8FD77600CF} => C:\Program Files (x86)\Google\GoogleUpdater\140.0.7273.0\updater.exe [6836832 2025-07-02] (Google LLC -> Google LLC)
Task: {077BA067-7C15-40F0-B22E-C9DC2A54B4A2} - System32\Tasks\Microsoft\Windows\Location\Notifications => %windir%\System32\LocationNotificationWindows.exe (No File)
Task: {F3E6E7ED-A196-4E44-8803-55FAB3AD4E29} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
Task: {8522BCDD-9A3A-460B-809C-6FD7AA8695D2} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [954816 2022-08-30] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {B43D1413-8C2B-4D94-924E-8C09C6E10C49} - System32\Tasks\NitroSense => C:\Program Files\Acer\NitroSense Service\PSLauncher.exe [609640 2023-01-05] (Acer Incorporated -> Acer Incorporated)
Task: {C0064A89-EBA7-453A-AC57-E9B42DFB5F66} - System32\Tasks\Oem\AcerJumpstartTask => C:\Program Files (x86)\Acer\Acer Jumpstart\hermes.exe [70792 2022-08-15] (Acer Incorporated -> )
Task: {A5C80FEA-4033-442B-86D9-C9CD1CE94E13} - System32\Tasks\OneDrive Startup Task-S-1-5-21-4040071779-3630026112-2008511194-1001 => C:\Users\gripi\AppData\Local\Microsoft\OneDrive\25.122.0624.0004\OneDriveLauncher.exe [685432 2025-07-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {CDD654DB-58CF-461F-A93F-01C22CB52A5A} - System32\Tasks\Optimize Push Notification Data File-S-1-5-21-4040071779-3630026112-2008511194-1001 => {201600D8-6EFF-48CE-B842-E14D37A0682D} C:\WINDOWS\System32\wpninprc.dll [65536 2024-12-21] (Microsoft Windows -> Microsoft Corporation)
Task: {0F9DAA7F-90BE-4708-82A4-3CC86BFA3FC8} - System32\Tasks\Quick Access => C:\Program Files\Acer\Quick Access Service\QALauncher.exe [446824 2023-01-17] (Acer Incorporated -> Acer Incorporated)
Task: {DD7FD8AA-0238-4A75-9758-9E2497DE975C} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [461472 2022-12-20] (Acer Incorporated -> Acer Incorporated)
Task: {6709E6F9-8867-4294-9288-DDC182C67761} - System32\Tasks\StorPSCTL => C:\Program Files\Acer\StorPSCTL\StorPSCTL.exe [153640 2021-03-29] (Acer Incorporated -> Microsoft)
Task: {BBC5DBD3-4353-4ECF-A87A-754F076C9AA3} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program Service\Framework\TriggerFramework.exe [333152 2022-08-03] (Acer Incorporated -> Acer Incorporated)
Task: {D0194778-6E69-435E-9570-4BF9158F23A5} - System32\Tasks\UEIPInvitation => C:\Program Files\Acer\User Experience Improvement Program Service\Framework\UEIPOOBECheck.exe [2218336 2022-08-03] (Acer Incorporated -> Acer Incorporated)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{7a69decb-3a5e-4113-895a-175d6f88cb6e}: [DhcpNameServer] 192.168.0.1

Edge:
=======
Edge Profile: C:\Users\gripi\AppData\Local\Microsoft\Edge\User Data\Default [2025-05-08]
Edge Extension: (Dokumenty Google offline) - C:\Users\gripi\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-05-08]
Edge Extension: (Edge relevant text changes) - C:\Users\gripi\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-05-07]

FireFox:
========
FF Plugin: @videolan.org/vlc,version=3.0.21 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2024-06-08] (VideoLAN -> VideoLAN)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\gripi\AppData\Local\Google\Chrome\User Data\Default [2025-07-23]
CHR Notifications: Default -> hxxps://web.whatsapp.com; hxxps://www.perplexity.ai
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR Extension: (uBlock Origin Lite) - C:\Users\gripi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ddkjiahejlhfcafbddmgiahcphecmpfh [2025-07-22]
CHR Extension: (I don't care about cookies) - C:\Users\gripi\AppData\Local\Google\Chrome\User Data\Default\Extensions\fihnjjcciajhdojfnbdddfaoknhalnja [2024-09-21]
CHR Extension: (Dokumenty Google offline) - C:\Users\gripi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-07-22]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\gripi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-05-07]
CHR Profile: C:\Users\gripi\AppData\Local\Google\Chrome\User Data\Guest Profile [2024-07-24]
CHR Profile: C:\Users\gripi\AppData\Local\Google\Chrome\User Data\Profile 1 [2025-06-21]
CHR StartupUrls: Profile 1 -> "hxxps://www.youtube.com/"
CHR Extension: (Dokumenty Google offline) - C:\Users\gripi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-06-06]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\gripi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-05-07]
CHR Profile: C:\Users\gripi\AppData\Local\Google\Chrome\User Data\System Profile [2025-07-23]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ACCSvc; C:\Program Files (x86)\Acer\Care Center\ACCSvc.exe [259432 2023-02-03] (Acer Incorporated -> Acer Incorporated)
R2 DtsApo4Service; C:\WINDOWS\System32\DTS\PC\APO4x\DtsApo4Service.exe [243384 2023-06-19] (DTS, Inc. -> DTS Inc.)
S3 KAPSService; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KAPSService.exe [78088 2023-08-10] (Intel Corporation -> Intel® Corporation)
R2 Killer Analytics Service; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KillerAnalyticsService.exe [2480944 2023-08-10] (Intel Corporation -> Intel)
R2 Killer Network Service; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KillerNetworkService.exe [2981168 2023-08-10] (Intel Corporation -> Intel)
R3 KNDBWM; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KNDBWMService.exe [78128 2023-08-10] (Intel Corporation -> Intel® Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9591104 2025-07-22] (Malwarebytes Inc -> Malwarebytes)
S3 MBVpnTunnelService; C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe [2788304 2025-07-22] (Malwarebytes Inc. -> Malwarebytes)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25050.5-0\MpDefenderCoreService.exe [2071592 2025-06-21] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 ProtonVPN Service; C:\Program Files\Proton\VPN\v4.2.0\ProtonVPNService.exe [464624 2025-06-13] (Proton AG -> ProtonVPN)
S3 ProtonVPN WireGuard; C:\Program Files\Proton\VPN\v3.5.1\ProtonVPN.WireGuardService.exe [464104 2024-12-11] (Proton AG -> ProtonVPN)
R3 PSSvc; C:\Program Files\Acer\NitroSense Service\PSSvc.exe [867176 2023-01-05] (Acer Incorporated -> Acer Incorporated)
S3 QALSvc; C:\Program Files\Acer\Quick Access Service\QALSvc.exe [466280 2023-01-17] (Acer Incorporated -> Acer Incorporated)
R3 QASvc; C:\Program Files\Acer\Quick Access Service\QASvc.exe [504680 2023-01-17] (Acer Incorporated -> Acer Incorporated)
S3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program Service\Framework\UBTService.exe [337760 2022-08-03] (Acer Incorporated -> Acer Incorporated)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25050.5-0\NisSrv.exe [4513624 2025-06-21] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25050.5-0\MsMpEng.exe [278328 2025-06-21] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvacegpu.inf_amd64_eae66ccfc806511d\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvacegpu.inf_amd64_eae66ccfc806511d\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AcerAirplaneModeController; C:\WINDOWS\System32\DriverStore\FileRepository\acerairplanemodecontroller.inf_amd64_36869d4d52526b5b\AcerAirplaneModeController.sys [36200 2024-06-03] (Acer Incorporated -> Acer Incorporated)
R3 amdfendrmgr; C:\WINDOWS\System32\drivers\amdfendrmgr.sys [35344 2022-09-09] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R3 amdpmf; C:\WINDOWS\System32\drivers\amdpmf.sys [144280 2022-08-22] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R3 amdwddmg; C:\WINDOWS\System32\DriverStore\FileRepository\u0383736.inf_amd64_a87ecf0965da08fe\B383240\amdkmdag.sys [94462312 2022-09-21] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae.sys [159296 2025-07-22] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R0 fse; C:\WINDOWS\System32\drivers\fse.sys [222528 2024-12-21] (Microsoft Windows -> Microsoft Corporation)
R3 KfeCoSvc; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KfeCo11X64.sys [209200 2023-08-10] (Intel Corporation -> Rivet Networks, LLC.)
S3 KslD; C:\WINDOWS\System32\drivers\wd\KslD.sys [330112 2025-06-21] (Microsoft Windows -> Microsoft Corporation)
S2 l1vhlwf; C:\WINDOWS\System32\drivers\l1vhlwf.sys [140688 2025-07-17] (Microsoft Windows -> Microsoft Corporation)
R2 mbamchameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [234072 2025-07-22] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [22120 2025-07-22] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\Drivers\farflt11.sys [241872 2025-07-22] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\System32\Drivers\mbam.sys [80960 2025-07-23] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [242752 2025-07-22] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [190096 2025-07-23] (Malwarebytes Inc -> Malwarebytes)
R3 MTKBTFilterX64; C:\WINDOWS\System32\drivers\mtkbtfilterx.sys [371704 2023-02-01] (Microsoft Windows Hardware Compatibility Publisher -> MediaTek Inc.)
R3 mtkwlex; C:\WINDOWS\System32\drivers\mtkwl6ex.sys [1647056 2023-02-02] (Microsoft Windows Hardware Compatibility Publisher -> MediaTek Inc.)
R3 nvpcf; C:\WINDOWS\System32\drivers\nvpcf.sys [243768 2023-03-07] (NVIDIA Corporation -> NVIDIA Corporation)
S3 ProtonVPNCallout; C:\Program Files\Proton\VPN\v4.2.0\Resources\ProtonVPN.CalloutDriver.sys [40360 2025-02-10] (Proton AG -> Proton AG)
S3 RevoProcessDetector; C:\WINDOWS\System32\DRIVERS\RevoProcessDetector.sys [19504 2024-03-28] (Microsoft Windows Hardware Compatibility Publisher -> VS Revo Group)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 vmbusproxy; C:\WINDOWS\system32\drivers\vmbusproxy.sys [98304 2025-06-11] (Microsoft Windows -> Microsoft Corporation)
S3 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [20032 2025-06-21] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [612768 2025-06-21] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [100744 2025-06-21] (Microsoft Windows -> Microsoft Corporation)
S3 wintun; C:\WINDOWS\System32\drivers\wintun.sys [29592 2024-11-07] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
S3 WireGuard; C:\WINDOWS\System32\drivers\wireguard.sys [489368 2024-11-03] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2025-07-23 17:28 - 2025-07-23 17:29 - 000019406 _____ C:\Users\gripi\OneDrive\Plocha\FRST.txt
2025-07-23 17:27 - 2025-07-23 17:28 - 000000000 ___RD C:\Users\gripi\OneDrive\Plocha\3 scan
2025-07-23 17:21 - 2025-07-23 17:21 - 000713018 _____ C:\WINDOWS\system32\perfh005.dat
2025-07-23 17:21 - 2025-07-23 17:21 - 000153196 _____ C:\WINDOWS\system32\perfc005.dat
2025-07-23 17:14 - 2025-07-23 17:14 - 000000000 ____D C:\Users\gripi\AppData\LocalLow\IGDump
2025-07-23 17:13 - 2025-07-23 17:13 - 000190096 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2025-07-23 17:10 - 2025-07-23 17:12 - 000000343 _____ C:\Users\gripi\OneDrive\Plocha\Fixlog.txt
2025-07-22 23:12 - 2025-07-22 23:18 - 000000000 ___RD C:\Users\gripi\OneDrive\Plocha\2 scan
2025-07-22 23:11 - 2025-07-22 23:12 - 000000000 ___RD C:\Users\gripi\OneDrive\Plocha\1 scan
2025-07-22 23:02 - 2025-07-22 23:02 - 000241872 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt11.sys
2025-07-22 23:01 - 2025-07-23 17:19 - 000000000 ____D C:\Users\gripi\AppData\Local\Malwarebytes
2025-07-22 23:01 - 2025-07-22 23:01 - 000002097 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2025-07-22 23:00 - 2025-07-22 23:00 - 000000000 ____D C:\ProgramData\Malwarebytes
2025-07-22 23:00 - 2025-07-22 23:00 - 000000000 ____D C:\Program Files\Malwarebytes
2025-07-22 22:13 - 2025-07-23 17:28 - 000000000 ____D C:\FRST
2025-07-22 22:12 - 2025-07-22 22:12 - 002409472 _____ (Farbar) C:\Users\gripi\OneDrive\Plocha\FRST64.exe
2025-07-20 13:43 - 2025-07-20 13:43 - 000000000 ____D C:\Obrazky
2025-07-17 18:01 - 2025-07-17 18:01 - 000000000 ____D C:\WINDOWS\system32\ruxim
2025-07-17 17:31 - 2025-07-23 17:14 - 000000000 ____D C:\WINDOWS\CbsTemp
2025-07-17 16:57 - 2025-07-17 16:57 - 000073956 _____ C:\WINDOWS\SysWOW64\ctac.json
2025-07-17 16:57 - 2025-07-17 16:57 - 000073956 _____ C:\WINDOWS\system32\ctac.json
2025-07-17 16:57 - 2025-07-17 16:57 - 000033519 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json
2025-07-17 16:57 - 2025-07-17 16:57 - 000033519 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2025-07-08 15:37 - 2025-07-08 15:37 - 000004880 _____ C:\WINDOWS\system32\Tasks\AcerCMUpdateTask2.9.25180

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2025-07-23 17:29 - 2024-05-07 15:10 - 000000000 ____D C:\Users\gripi\AppData\Local\CrashDumps
2025-07-23 17:29 - 2024-04-01 09:26 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2025-07-23 17:25 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\AppReadiness
2025-07-23 17:21 - 2024-12-21 12:15 - 001692332 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2025-07-23 17:21 - 2024-04-01 09:24 - 000000000 ____D C:\WINDOWS\INF
2025-07-23 17:17 - 2024-05-07 14:14 - 000000000 ____D C:\Users\gripi\AppData\Local\Host App Service
2025-07-23 17:14 - 2024-12-21 12:10 - 000003080 _____ C:\WINDOWS\system32\Tasks\AMDLinkUpdate
2025-07-23 17:14 - 2024-12-21 12:09 - 000003942 _____ C:\WINDOWS\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2
2025-07-23 17:14 - 2024-05-07 15:11 - 000000000 ___RD C:\Users\gripi\OneDrive
2025-07-23 17:14 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SystemTemp
2025-07-23 17:13 - 2024-12-21 12:09 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2025-07-23 17:13 - 2024-12-21 12:06 - 000001623 _____ C:\WINDOWS\system32\config\VSMIDK
2025-07-23 17:13 - 2024-04-01 09:21 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2025-07-23 17:13 - 2024-01-13 21:41 - 000000000 ____D C:\ProgramData\NVIDIA
2025-07-23 17:13 - 2024-01-13 21:34 - 000012288 ___SH C:\DumpStack.log.tmp
2025-07-22 23:24 - 2024-04-01 09:26 - 000000000 ___HD C:\Program Files\WindowsApps
2025-07-22 23:06 - 2024-12-21 12:07 - 000000000 ____D C:\Users\gripi
2025-07-22 23:00 - 2024-05-07 15:07 - 000000000 ____D C:\Users\gripi\AppData\Local\packages
2025-07-22 23:00 - 2024-04-01 09:26 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2025-07-22 23:00 - 2024-01-13 21:36 - 000000000 ____D C:\ProgramData\Packages
2025-07-22 20:47 - 2024-05-07 15:05 - 000000000 ____D C:\Users\gripi\AppData\Local\D3DSCache
2025-07-21 19:03 - 2024-05-07 15:35 - 000002251 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2025-07-21 15:44 - 2024-12-21 12:06 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2025-07-20 16:39 - 2024-05-08 13:12 - 000000000 ____D C:\Users\gripi\AppData\Roaming\reolink
2025-07-20 12:53 - 2025-02-09 20:30 - 000003576 _____ C:\WINDOWS\system32\Tasks\OneDrive Startup Task-S-1-5-21-4040071779-3630026112-2008511194-1001
2025-07-20 12:53 - 2024-12-21 12:09 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-4040071779-3630026112-2008511194-1001
2025-07-20 12:53 - 2024-12-21 12:09 - 000003362 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4040071779-3630026112-2008511194-1001
2025-07-20 12:53 - 2024-05-07 15:11 - 000002385 _____ C:\Users\gripi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2025-07-18 13:18 - 2025-02-06 20:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Proton
2025-07-18 13:18 - 2024-01-13 21:37 - 000000000 ____D C:\ProgramData\Package Cache
2025-07-18 11:52 - 2024-01-13 21:34 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2025-07-17 18:02 - 2024-12-21 12:06 - 000472576 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2025-07-17 18:01 - 2024-04-01 18:30 - 000000000 ____D C:\WINDOWS\system32\Microsoft-Edge-WebView
2025-07-17 18:01 - 2024-04-01 09:26 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2025-07-17 18:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\UUS
2025-07-17 18:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2025-07-17 18:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2025-07-17 18:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2025-07-17 18:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\InstallShield
2025-07-17 18:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2025-07-17 18:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SystemResources
2025-07-17 18:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2025-07-17 18:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\setup
2025-07-17 18:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2025-07-17 18:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\oobe
2025-07-17 18:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\migwiz
2025-07-17 18:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\Dism
2025-07-17 18:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\appraiser
2025-07-17 18:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\schemas
2025-07-17 18:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\ShellExperiences
2025-07-17 18:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\ShellComponents
2025-07-17 18:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\Provisioning
2025-07-17 18:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2025-07-17 18:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\bcastdvr
2025-07-17 18:01 - 2024-04-01 09:21 - 000000000 ____D C:\WINDOWS\servicing
2025-07-17 16:57 - 2024-12-21 12:10 - 003384320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2025-07-08 15:36 - 2024-01-13 21:59 - 000000000 ____D C:\Program Files (x86)\Acer

==================== Files in the root of some directories ========

2025-04-24 13:49 - 2025-04-24 13:49 - 000000212 _____ () C:\Users\gripi\AppData\Roaming\com.reolink.app.client
2024-05-10 19:14 - 2025-02-26 14:44 - 000007605 _____ () C:\Users\gripi\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Re: Zdvořile prosím o preventivní kontrolu

Napsal: 23 črc 2025 16:58
od JaRon
Rad by som videl fixlog

Re: Zdvořile prosím o preventivní kontrolu

Napsal: 23 črc 2025 17:20
od gripin
Fix jsem delal znovu. Neco se v prvnim pripade nepovedlo :) Pardon.

Tady je LOG po fixu a restartu:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17-07-2025
Ran by gripin (administrator) on NITRO5 (Acer Nitro AN517-43) (23-07-2025 18:14:02)
Running from C:\Users\gripi\OneDrive\Plocha\FRST64.exe
Loaded Profiles: gripin
Platform: Microsoft Windows 11 Home Version 24H2 26100.4652 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\NitroSense Service\PSAgent.exe
(C:\Program Files\Acer\NitroSense Service\PSSvc.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\NitroSense Service\PSAdminAgent.exe
(C:\Program Files\Acer\Quick Access Service\QASvc.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Quick Access Service\QAAdminAgent.exe
(C:\Program Files\Acer\Quick Access Service\QASvc.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Quick Access Service\QAAgent.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe
(drivers\RivetNetworks\Killer\KNDBWMService.exe ->) (Intel Corporation -> Intel® Corporation) C:\Windows\System32\drivers\RivetNetworks\Killer\KNDBWM.exe
(DriverStore\FileRepository\u0383736.inf_amd64_a87ecf0965da08fe\B383240\atiesrxx.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0383736.inf_amd64_a87ecf0965da08fe\B383240\atieclxx.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <15>
(services.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files (x86)\Acer\Care Center\ACCSvc.exe
(services.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\NitroSense Service\PSSvc.exe
(services.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Quick Access Service\QASvc.exe
(services.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(services.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0383736.inf_amd64_a87ecf0965da08fe\B383240\atiesrxx.exe
(services.exe ->) (DTS, Inc. -> DTS Inc.) C:\Windows\System32\DTS\PC\APO4x\DtsApo4Service.exe
(services.exe ->) (Intel Corporation -> Intel) C:\Windows\System32\drivers\RivetNetworks\Killer\KillerAnalyticsService.exe
(services.exe ->) (Intel Corporation -> Intel) C:\Windows\System32\drivers\RivetNetworks\Killer\KillerNetworkService.exe
(services.exe ->) (Intel Corporation -> Intel® Corporation) C:\Windows\System32\drivers\RivetNetworks\Killer\KNDBWMService.exe
(services.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvacegpu.inf_amd64_eae66ccfc806511d\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_9b2689b4e3586127\RtkAudUService64.exe <3>
(svchost.exe ->) (Acer Incorporated -> ) C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.StartExperiencesApp_1.73.0.0_x64__8wekyb3d8bbwe\MicrosoftStartFeedProvider\MicrosoftStartFeedProvider.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\gripi\AppData\Local\Microsoft\OneDrive\25.122.0624.0004\FileCoAuth.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\NgcIso.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_9b2689b4e3586127\RtkAudUService64.exe [1673008 2023-05-10] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\138.0.7204.158\Installer\chrmstp.exe [2025-07-21] (Google LLC -> Google LLC)

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {C9D1FDAD-2339-4216-9003-7177647D6DEB} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe [3089768 2023-02-03] (Acer Incorporated -> ) -> C:\Program Files (x86)\Acer\Care Center\-auto
Task: {FC3CE71E-C39E-41BA-B7E9-0A8EF19E7F34} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [41832 2023-02-03] (Acer Incorporated -> )
Task: {6F2BE59E-2A9C-412A-B2D7-F4A495B792C8} - System32\Tasks\ACCBackgroundApplication => C:\Program Files (x86)\Acer\Care Center\ACCStd.exe [4956008 2023-02-03] (Acer Incorporated -> )
Task: {D6973E8B-0A3A-41BB-9362-D61B47DC3846} - System32\Tasks\AcerCMUpdateTask2.9.25180 => C:\Program Files (x86)\Acer\Amundsen\2.9.25180\awc.exe [97480 2025-06-24] (Acer Incorporated -> )
Task: {D29171A7-D6FA-42D8-9729-6F2ECBB91605} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [954816 2022-08-30] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {8522BCDD-9A3A-460B-809C-6FD7AA8695D2} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [954816 2022-08-30] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {B43D1413-8C2B-4D94-924E-8C09C6E10C49} - System32\Tasks\NitroSense => C:\Program Files\Acer\NitroSense Service\PSLauncher.exe [609640 2023-01-05] (Acer Incorporated -> Acer Incorporated)
Task: {C0064A89-EBA7-453A-AC57-E9B42DFB5F66} - System32\Tasks\Oem\AcerJumpstartTask => C:\Program Files (x86)\Acer\Acer Jumpstart\hermes.exe [70792 2022-08-15] (Acer Incorporated -> )
Task: {A5C80FEA-4033-442B-86D9-C9CD1CE94E13} - System32\Tasks\OneDrive Startup Task-S-1-5-21-4040071779-3630026112-2008511194-1001 => C:\Users\gripi\AppData\Local\Microsoft\OneDrive\25.122.0624.0004\OneDriveLauncher.exe [685432 2025-07-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {CDD654DB-58CF-461F-A93F-01C22CB52A5A} - System32\Tasks\Optimize Push Notification Data File-S-1-5-21-4040071779-3630026112-2008511194-1001 => {201600D8-6EFF-48CE-B842-E14D37A0682D} C:\WINDOWS\System32\wpninprc.dll [65536 2024-12-21] (Microsoft Windows -> Microsoft Corporation)
Task: {0F9DAA7F-90BE-4708-82A4-3CC86BFA3FC8} - System32\Tasks\Quick Access => C:\Program Files\Acer\Quick Access Service\QALauncher.exe [446824 2023-01-17] (Acer Incorporated -> Acer Incorporated)
Task: {DD7FD8AA-0238-4A75-9758-9E2497DE975C} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [461472 2022-12-20] (Acer Incorporated -> Acer Incorporated)
Task: {6709E6F9-8867-4294-9288-DDC182C67761} - System32\Tasks\StorPSCTL => C:\Program Files\Acer\StorPSCTL\StorPSCTL.exe [153640 2021-03-29] (Acer Incorporated -> Microsoft)
Task: {BBC5DBD3-4353-4ECF-A87A-754F076C9AA3} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program Service\Framework\TriggerFramework.exe [333152 2022-08-03] (Acer Incorporated -> Acer Incorporated)
Task: {D0194778-6E69-435E-9570-4BF9158F23A5} - System32\Tasks\UEIPInvitation => C:\Program Files\Acer\User Experience Improvement Program Service\Framework\UEIPOOBECheck.exe [2218336 2022-08-03] (Acer Incorporated -> Acer Incorporated)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{7a69decb-3a5e-4113-895a-175d6f88cb6e}: [DhcpNameServer] 192.168.0.1

Edge:
=======
Edge Profile: C:\Users\gripi\AppData\Local\Microsoft\Edge\User Data\Default [2025-05-08]
Edge Extension: (Dokumenty Google offline) - C:\Users\gripi\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-05-08]
Edge Extension: (Edge relevant text changes) - C:\Users\gripi\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-05-07]

FireFox:
========
FF Plugin: @videolan.org/vlc,version=3.0.21 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2024-06-08] (VideoLAN -> VideoLAN)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\gripi\AppData\Local\Google\Chrome\User Data\Default [2025-07-23]
CHR Notifications: Default -> hxxps://web.whatsapp.com; hxxps://www.perplexity.ai
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR Extension: (uBlock Origin Lite) - C:\Users\gripi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ddkjiahejlhfcafbddmgiahcphecmpfh [2025-07-22]
CHR Extension: (I don't care about cookies) - C:\Users\gripi\AppData\Local\Google\Chrome\User Data\Default\Extensions\fihnjjcciajhdojfnbdddfaoknhalnja [2024-09-21]
CHR Extension: (Dokumenty Google offline) - C:\Users\gripi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-07-22]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\gripi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-05-07]
CHR Profile: C:\Users\gripi\AppData\Local\Google\Chrome\User Data\Guest Profile [2025-07-23]
CHR Profile: C:\Users\gripi\AppData\Local\Google\Chrome\User Data\Profile 1 [2025-07-23]
CHR StartupUrls: Profile 1 -> "hxxps://www.youtube.com/"
CHR Extension: (Dokumenty Google offline) - C:\Users\gripi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-06-06]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\gripi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-05-07]
CHR Profile: C:\Users\gripi\AppData\Local\Google\Chrome\User Data\System Profile [2025-07-23]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ACCSvc; C:\Program Files (x86)\Acer\Care Center\ACCSvc.exe [259432 2023-02-03] (Acer Incorporated -> Acer Incorporated)
R2 DtsApo4Service; C:\WINDOWS\System32\DTS\PC\APO4x\DtsApo4Service.exe [243384 2023-06-19] (DTS, Inc. -> DTS Inc.)
S3 KAPSService; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KAPSService.exe [78088 2023-08-10] (Intel Corporation -> Intel® Corporation)
R2 Killer Analytics Service; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KillerAnalyticsService.exe [2480944 2023-08-10] (Intel Corporation -> Intel)
R2 Killer Network Service; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KillerNetworkService.exe [2981168 2023-08-10] (Intel Corporation -> Intel)
R3 KNDBWM; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KNDBWMService.exe [78128 2023-08-10] (Intel Corporation -> Intel® Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9591104 2025-07-22] (Malwarebytes Inc -> Malwarebytes)
S3 MBVpnTunnelService; C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe [2788304 2025-07-22] (Malwarebytes Inc. -> Malwarebytes)
S3 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25050.5-0\MpDefenderCoreService.exe [2071592 2025-06-21] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 ProtonVPN Service; C:\Program Files\Proton\VPN\v4.2.0\ProtonVPNService.exe [464624 2025-06-13] (Proton AG -> ProtonVPN)
S3 ProtonVPN WireGuard; C:\Program Files\Proton\VPN\v3.5.1\ProtonVPN.WireGuardService.exe [464104 2024-12-11] (Proton AG -> ProtonVPN)
R3 PSSvc; C:\Program Files\Acer\NitroSense Service\PSSvc.exe [867176 2023-01-05] (Acer Incorporated -> Acer Incorporated)
S3 QALSvc; C:\Program Files\Acer\Quick Access Service\QALSvc.exe [466280 2023-01-17] (Acer Incorporated -> Acer Incorporated)
R3 QASvc; C:\Program Files\Acer\Quick Access Service\QASvc.exe [504680 2023-01-17] (Acer Incorporated -> Acer Incorporated)
S3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program Service\Framework\UBTService.exe [337760 2022-08-03] (Acer Incorporated -> Acer Incorporated)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25050.5-0\NisSrv.exe [4513624 2025-06-21] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25050.5-0\MsMpEng.exe [278328 2025-06-21] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvacegpu.inf_amd64_eae66ccfc806511d\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvacegpu.inf_amd64_eae66ccfc806511d\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AcerAirplaneModeController; C:\WINDOWS\System32\DriverStore\FileRepository\acerairplanemodecontroller.inf_amd64_36869d4d52526b5b\AcerAirplaneModeController.sys [36200 2024-06-03] (Acer Incorporated -> Acer Incorporated)
R3 amdfendrmgr; C:\WINDOWS\System32\drivers\amdfendrmgr.sys [35344 2022-09-09] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R3 amdpmf; C:\WINDOWS\System32\drivers\amdpmf.sys [144280 2022-08-22] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R3 amdwddmg; C:\WINDOWS\System32\DriverStore\FileRepository\u0383736.inf_amd64_a87ecf0965da08fe\B383240\amdkmdag.sys [94462312 2022-09-21] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae.sys [159296 2025-07-22] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R0 fse; C:\WINDOWS\System32\drivers\fse.sys [222528 2024-12-21] (Microsoft Windows -> Microsoft Corporation)
R3 KfeCoSvc; C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KfeCo11X64.sys [209200 2023-08-10] (Intel Corporation -> Rivet Networks, LLC.)
S3 KslD; C:\WINDOWS\System32\drivers\wd\KslD.sys [330112 2025-06-21] (Microsoft Windows -> Microsoft Corporation)
S2 l1vhlwf; C:\WINDOWS\System32\drivers\l1vhlwf.sys [140688 2025-07-17] (Microsoft Windows -> Microsoft Corporation)
R2 mbamchameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [234072 2025-07-22] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [22120 2025-07-22] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\Drivers\farflt11.sys [241872 2025-07-22] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\System32\Drivers\mbam.sys [80960 2025-07-23] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [242752 2025-07-22] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [190096 2025-07-23] (Malwarebytes Inc -> Malwarebytes)
R3 MTKBTFilterX64; C:\WINDOWS\System32\drivers\mtkbtfilterx.sys [371704 2023-02-01] (Microsoft Windows Hardware Compatibility Publisher -> MediaTek Inc.)
R3 mtkwlex; C:\WINDOWS\System32\drivers\mtkwl6ex.sys [1647056 2023-02-02] (Microsoft Windows Hardware Compatibility Publisher -> MediaTek Inc.)
R3 nvpcf; C:\WINDOWS\System32\drivers\nvpcf.sys [243768 2023-03-07] (NVIDIA Corporation -> NVIDIA Corporation)
S3 ProtonVPNCallout; C:\Program Files\Proton\VPN\v4.2.0\Resources\ProtonVPN.CalloutDriver.sys [40360 2025-02-10] (Proton AG -> Proton AG)
S3 RevoProcessDetector; C:\WINDOWS\System32\DRIVERS\RevoProcessDetector.sys [19504 2024-03-28] (Microsoft Windows Hardware Compatibility Publisher -> VS Revo Group)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 vmbusproxy; C:\WINDOWS\system32\drivers\vmbusproxy.sys [98304 2025-06-11] (Microsoft Windows -> Microsoft Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [20032 2025-06-21] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [612768 2025-06-21] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [100744 2025-06-21] (Microsoft Windows -> Microsoft Corporation)
S3 wintun; C:\WINDOWS\System32\drivers\wintun.sys [29592 2024-11-07] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
S3 WireGuard; C:\WINDOWS\System32\drivers\wireguard.sys [489368 2024-11-03] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2025-07-23 18:14 - 2025-07-23 18:14 - 000018463 _____ C:\Users\gripi\OneDrive\Plocha\FRST.txt
2025-07-23 18:10 - 2025-07-23 18:10 - 000190096 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2025-07-23 18:10 - 2025-07-23 18:10 - 000000000 ____D C:\Users\gripi\AppData\LocalLow\IGDump
2025-07-23 18:02 - 2025-07-23 18:09 - 000004131 _____ C:\Users\gripi\OneDrive\Plocha\Fixlog.txt
2025-07-23 17:27 - 2025-07-23 18:00 - 000000000 ___RD C:\Users\gripi\OneDrive\Plocha\3 scan
2025-07-23 17:21 - 2025-07-23 17:21 - 000713018 _____ C:\WINDOWS\system32\perfh005.dat
2025-07-23 17:21 - 2025-07-23 17:21 - 000153196 _____ C:\WINDOWS\system32\perfc005.dat
2025-07-22 23:12 - 2025-07-22 23:18 - 000000000 ___RD C:\Users\gripi\OneDrive\Plocha\2 scan
2025-07-22 23:11 - 2025-07-22 23:12 - 000000000 ___RD C:\Users\gripi\OneDrive\Plocha\1 scan
2025-07-22 23:02 - 2025-07-22 23:02 - 000241872 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt11.sys
2025-07-22 23:01 - 2025-07-23 18:10 - 000000000 ____D C:\Users\gripi\AppData\Local\Malwarebytes
2025-07-22 23:01 - 2025-07-22 23:01 - 000002097 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2025-07-22 23:00 - 2025-07-22 23:00 - 000000000 ____D C:\ProgramData\Malwarebytes
2025-07-22 23:00 - 2025-07-22 23:00 - 000000000 ____D C:\Program Files\Malwarebytes
2025-07-22 22:13 - 2025-07-23 18:14 - 000000000 ____D C:\FRST
2025-07-22 22:12 - 2025-07-22 22:12 - 002409472 _____ (Farbar) C:\Users\gripi\OneDrive\Plocha\FRST64.exe
2025-07-20 13:43 - 2025-07-20 13:43 - 000000000 ____D C:\Obrazky
2025-07-17 18:01 - 2025-07-17 18:01 - 000000000 ____D C:\WINDOWS\system32\ruxim
2025-07-17 17:31 - 2025-07-23 18:10 - 000000000 ____D C:\WINDOWS\CbsTemp
2025-07-17 16:57 - 2025-07-17 16:57 - 000073956 _____ C:\WINDOWS\SysWOW64\ctac.json
2025-07-17 16:57 - 2025-07-17 16:57 - 000073956 _____ C:\WINDOWS\system32\ctac.json
2025-07-17 16:57 - 2025-07-17 16:57 - 000033519 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json
2025-07-17 16:57 - 2025-07-17 16:57 - 000033519 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2025-07-08 15:37 - 2025-07-08 15:37 - 000004880 _____ C:\WINDOWS\system32\Tasks\AcerCMUpdateTask2.9.25180

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2025-07-23 18:10 - 2024-12-21 12:10 - 000003080 _____ C:\WINDOWS\system32\Tasks\AMDLinkUpdate
2025-07-23 18:10 - 2024-12-21 12:09 - 000004088 _____ C:\WINDOWS\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2
2025-07-23 18:10 - 2024-05-07 15:11 - 000000000 ___RD C:\Users\gripi\OneDrive
2025-07-23 18:10 - 2024-04-01 09:26 - 000000000 ___HD C:\Program Files\WindowsApps
2025-07-23 18:10 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SystemTemp
2025-07-23 18:10 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\AppReadiness
2025-07-23 18:10 - 2024-04-01 09:26 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2025-07-23 18:09 - 2024-12-21 12:09 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2025-07-23 18:09 - 2024-12-21 12:06 - 000001623 _____ C:\WINDOWS\system32\config\VSMIDK
2025-07-23 18:09 - 2024-04-01 09:21 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2025-07-23 18:09 - 2024-01-13 21:41 - 000000000 ____D C:\ProgramData\NVIDIA
2025-07-23 18:09 - 2024-01-13 21:34 - 000012288 ___SH C:\DumpStack.log.tmp
2025-07-23 17:29 - 2024-05-07 15:10 - 000000000 ____D C:\Users\gripi\AppData\Local\CrashDumps
2025-07-23 17:21 - 2024-12-21 12:15 - 001692332 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2025-07-23 17:21 - 2024-04-01 09:24 - 000000000 ____D C:\WINDOWS\INF
2025-07-23 17:17 - 2024-05-07 14:14 - 000000000 ____D C:\Users\gripi\AppData\Local\Host App Service
2025-07-22 23:06 - 2024-12-21 12:07 - 000000000 ____D C:\Users\gripi
2025-07-22 23:00 - 2024-05-07 15:07 - 000000000 ____D C:\Users\gripi\AppData\Local\packages
2025-07-22 23:00 - 2024-04-01 09:26 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2025-07-22 23:00 - 2024-01-13 21:36 - 000000000 ____D C:\ProgramData\Packages
2025-07-22 20:47 - 2024-05-07 15:05 - 000000000 ____D C:\Users\gripi\AppData\Local\D3DSCache
2025-07-21 19:03 - 2024-05-07 15:35 - 000002251 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2025-07-21 15:44 - 2024-12-21 12:06 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2025-07-20 16:39 - 2024-05-08 13:12 - 000000000 ____D C:\Users\gripi\AppData\Roaming\reolink
2025-07-20 12:53 - 2025-02-09 20:30 - 000003576 _____ C:\WINDOWS\system32\Tasks\OneDrive Startup Task-S-1-5-21-4040071779-3630026112-2008511194-1001
2025-07-20 12:53 - 2024-12-21 12:09 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-4040071779-3630026112-2008511194-1001
2025-07-20 12:53 - 2024-12-21 12:09 - 000003362 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4040071779-3630026112-2008511194-1001
2025-07-20 12:53 - 2024-05-07 15:11 - 000002385 _____ C:\Users\gripi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2025-07-18 13:18 - 2025-02-06 20:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Proton
2025-07-18 13:18 - 2024-01-13 21:37 - 000000000 ____D C:\ProgramData\Package Cache
2025-07-18 11:52 - 2024-01-13 21:34 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2025-07-17 18:02 - 2024-12-21 12:06 - 000472576 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2025-07-17 18:01 - 2024-04-01 18:30 - 000000000 ____D C:\WINDOWS\system32\Microsoft-Edge-WebView
2025-07-17 18:01 - 2024-04-01 09:26 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2025-07-17 18:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\UUS
2025-07-17 18:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2025-07-17 18:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2025-07-17 18:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2025-07-17 18:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\InstallShield
2025-07-17 18:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2025-07-17 18:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SystemResources
2025-07-17 18:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2025-07-17 18:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\setup
2025-07-17 18:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2025-07-17 18:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\oobe
2025-07-17 18:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\migwiz
2025-07-17 18:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\Dism
2025-07-17 18:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\appraiser
2025-07-17 18:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\schemas
2025-07-17 18:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\ShellExperiences
2025-07-17 18:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\ShellComponents
2025-07-17 18:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\Provisioning
2025-07-17 18:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2025-07-17 18:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\bcastdvr
2025-07-17 18:01 - 2024-04-01 09:21 - 000000000 ____D C:\WINDOWS\servicing
2025-07-17 16:57 - 2024-12-21 12:10 - 003384320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2025-07-08 15:36 - 2024-01-13 21:59 - 000000000 ____D C:\Program Files (x86)\Acer

==================== Files in the root of some directories ========

2025-04-24 13:49 - 2025-04-24 13:49 - 000000212 _____ () C:\Users\gripi\AppData\Roaming\com.reolink.app.client
2024-05-10 19:14 - 2025-02-26 14:44 - 000007605 _____ () C:\Users\gripi\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================












TADY fixlog:

Fix result of Farbar Recovery Scan Tool (x64) Version: 17-07-2025
Ran by gripin (23-07-2025 18:09:03) Run:4
Running from C:\Users\gripi\OneDrive\Plocha
Loaded Profiles: gripin
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:

Task: {59D02F33-B294-4E08-A70B-605B3CB6CE93} - System32\Tasks\App Explorer => C:\Users\gripi\AppData\Local\Host App Service\Engine\HostAppServiceUpdater.exe [9793520 2025-06-30] (SweetLabs Inc -> SweetLabs, Inc) <==== ATTENTION
Task: {7F95B83B-607B-4FD2-A8EC-494413FC9080} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem140.0.7273.0{2F33E522-FC4C-4E9F-ACC1-1F8FD77600CF} => C:\Program Files (x86)\Google\GoogleUpdater\140.0.7273.0\updater.exe [6836832 2025-07-02] (Google LLC -> Google LLC)
Task: {077BA067-7C15-40F0-B22E-C9DC2A54B4A2} - System32\Tasks\Microsoft\Windows\Location\Notifications => %windir%\System32\LocationNotificationWindows.exe (No File)
Task: {F3E6E7ED-A196-4E44-8803-55FAB3AD4E29} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)




EmptyTemp:

End
*****************

Processes closed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{59D02F33-B294-4E08-A70B-605B3CB6CE93}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{59D02F33-B294-4E08-A70B-605B3CB6CE93}" => removed successfully
C:\WINDOWS\System32\Tasks\App Explorer => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\App Explorer" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{7F95B83B-607B-4FD2-A8EC-494413FC9080}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7F95B83B-607B-4FD2-A8EC-494413FC9080}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem140.0.7273.0{2F33E522-FC4C-4E9F-ACC1-1F8FD77600CF} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem140.0.7273.0{2F33E522-FC4C-4E9F-ACC1-1F8FD77600CF}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{077BA067-7C15-40F0-B22E-C9DC2A54B4A2}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{077BA067-7C15-40F0-B22E-C9DC2A54B4A2}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Location\Notifications => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Location\Notifications" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F3E6E7ED-A196-4E44-8803-55FAB3AD4E29}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F3E6E7ED-A196-4E44-8803-55FAB3AD4E29}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker" => removed successfully

=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 1310720 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 465411219 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 0 B
Windows/system/drivers => 1288484 B
Edge => 0 B
Chrome => 1338108900 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 16130 B
NetworkService => 121364 B
gripi => 316368741 B

RecycleBin => 5349907 B
EmptyTemp: => 2 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 18:09:21 ====

Re: Zdvořile prosím o preventivní kontrolu

Napsal: 23 črc 2025 17:38
od JaRon
Super :thumbsup:
Takto je to poriadku - hotovo :)

Re: Zdvořile prosím o preventivní kontrolu

Napsal: 23 črc 2025 17:47
od gripin
Díky moc :)

Re: Zdvořile prosím o preventivní kontrolu

Napsal: 24 črc 2025 08:47
od JaRon
Rado sa stalo :)
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz