Prosím o kontrolu logu. Děkuji
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21-10-2025
Ran by Karel (administrator) on LAPTOP-16MPJ5UM (Acer Aspire A317-51G) (21-10-2025 16:14:55)
Running from C:\Users\Karel\Desktop\FRST64.exe
Loaded Profiles: Karel
Platform: Microsoft Windows 11 Home Version 25H2 26200.6901 (X64) Language: Čeština (Česko)
Default browser: "C:\Users\Karel\AppData\Local\Programs\Opera\opera.exe" -noautoupdate -- "%1"
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(ABBYY Software House -> ABBYY Software Ltd) C:\Program Files (x86)\ABBYY Screenshot Reader\ScreenshotReader.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe <2>
(C:\Program Files\ESET\ESET Security\ekrn.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(C:\Program Files\ESET\ESET Security\ekrn.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eOppFrame.exe
(C:\Program Files\ESET\ESET Security\ekrn.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eServiceHost.exe <2>
(C:\Users\Karel\AppData\Local\Programs\Opera\opera.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(C:\Users\Karel\AppData\Local\Programs\Opera\opera.exe ->) (Opera Norway AS -> Opera Software) C:\Users\Karel\AppData\Local\Programs\Opera\122.0.5643.142\opera_crashreporter.exe
(C:\Windows\SysWOW64\cmd.exe ->) (Lamantine Software a.s. -> Lamantine Software a.s.) C:\Program Files (x86)\Sticky Password\spNMHost.exe
(DriverStore\FileRepository\cui_dch.inf_amd64_b578901fbed94a8e\igfxCUIService.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_b578901fbed94a8e\igfxEM.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(explorer.exe ->) (Opera Norway AS -> Opera Software) C:\Users\Karel\AppData\Local\Programs\Opera\opera.exe <28>
(services.exe ->) (ABBYY Software House -> ABBYY (BIT Software)) C:\Program Files (x86)\ABBYY Screenshot Reader\NetworkLicenseServer.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\efwd.exe
(services.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(services.exe ->) (Gen Digital Inc. -> Gen Digital Inc.) C:\Program Files\Piriform\CCleaner 7\CCleaner_service.exe
(services.exe ->) (Huawei Technologies Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_af50fdb80983f7bc\jhi_service.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_a55aa2cd52a3429d\LMS.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_d51901c26227fb29\WMIRegistrationService.exe
(services.exe ->) (Intel Corporation -> Intel) C:\Windows\System32\DriverStore\FileRepository\intcoed.inf_amd64_581d7e91d349facc\AS\IAS\IntelAudioService.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_b578901fbed94a8e\igfxCUIService.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_3d18534d52d73f63\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_1405215c1cf67526\IntelCpHDCPSvc.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_1405215c1cf67526\IntelCpHeciSvc.exe
(services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_ef0d14a478b232f4\RstMwService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvaci.inf_amd64_6fdef84a09009897\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Qualcomm Atheros, Inc. -> ) C:\Windows\System32\drivers\QcomWlanSrvx64.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe
(sihost.exe ->) (EAF76292-FADE-4EAB-A62C-FE5E78661D58 -> ) C:\Program Files\WindowsApps\AcerIncorporated.AcerRegistration_2.0.3044.0_x64__48frkmn4z8aw4\DesktopApp\AcerRegistrationBackGroundTask.exe
(svchost.exe ->) (Gen Digital Inc. -> Gen Digital Inc.) C:\Program Files\Piriform\CCleaner 7\CCleaner.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.StartExperiencesApp_1.151.0.0_x64__8wekyb3d8bbwe\MicrosoftStartFeedProvider\MicrosoftStartFeedProvider.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\MSTeams_25255.703.3978.7153_x64__8wekyb3d8bbwe\ms-teamsupdate.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\BackgroundTransferHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [1138992 2020-08-05] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [285616 2025-09-10] (ESET, spol. s r.o. -> ESET)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX2] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNMNSST2.exe [271496 2017-11-02] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [Nero BackItUp] => C:\Program Files (x86)\Nero\Nero 2022\3-2-1 Backup\BackItUp.exe [1306696 2025-04-29] (Nero AG -> Nero AG)
HKLM-x32\...\Run: [ABBYY Screenshot Reader Retail] => C:\Program Files (x86)\ABBYY Screenshot Reader\ScreenShotReader.exe [959776 2008-12-08] (ABBYY Software House -> ABBYY Software Ltd)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-851827749-1828096854-3146880355-1001\...\Run: [ABBYY Screenshot Reader Retail] => [X]
HKU\S-1-5-21-851827749-1828096854-3146880355-1001\...\Run: [MicrosoftEdgeAutoLaunch_EADC2331AEA11A7C2115598A7830EF60] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4265032 2025-10-20] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-851827749-1828096854-3146880355-1001\...\Run: [Opera Stable] => C:\Users\Karel\AppData\Local\Programs\Opera\opera.exe [1631704 2025-10-17] (Opera Norway AS -> Opera Software)
HKU\S-1-5-21-851827749-1828096854-3146880355-1001\...\Run: [Adobe Reader Synchronizer] => C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [41579480 2025-09-29] (Adobe Inc. -> Adobe Systems Incorporated)
HKLM\...\Windows x64\Print Processors\Canon G3020 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDGL.DLL [525824 2021-09-12] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Windows x64\Print Processors\Canon TS9500 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDER.DLL [529408 2020-06-18] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Windows x64\Print Processors\hpzpplhn: C:\Windows\System32\spool\prtprocs\x64\hpzpplhn.dll [109288 2018-10-12] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\Canon BJ Language Monitor TS9500 series: C:\Windows\system32\CNMLMER.DLL [950272 2020-06-18] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\PCL hpz3llhn: C:\Windows\system32\hpz3llhn.dll [44288 2018-10-12] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Company)
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0E68AF70-2267-4C03-8E43-C6EF6B7863DA} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe [2971808 2021-12-30] (Acer Incorporated -> ) -> C:\Program Files (x86)\Acer\Care Center\-auto
Task: {BC5F1B6E-2B3A-46B0-96BB-9701DC00561C} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [41632 2021-12-30] (Acer Incorporated -> )
Task: {F276ABBB-9430-4579-8E4D-A5C0DFAF2A8A} - System32\Tasks\ACCBackgroundApplication => C:\Program Files (x86)\Acer\Care Center\ACCStd.exe [4836512 2021-12-30] (Acer Incorporated -> )
Task: {B52D9D75-2811-4E49-A4EB-E9F5AE27B0DE} - System32\Tasks\AcerCMUpdateTask2.5.22250 => C:\Program Files (x86)\Acer\Amundsen\2.5.22250\awc.exe [96904 2022-09-25] (Acer Incorporated -> )
Task: {EF25E847-9BBD-4203-B636-E0E5A62F1F74} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1581568 2025-08-24] (Adobe Inc. -> Adobe Inc.)
Task: {89239216-0F31-4CC5-BD21-FCCD4CA3AD49} - System32\Tasks\CareCenter\Opera Browser Assistant_Reg_HKCURun_S-1-5-21-851827749-1828096854-3146880355-1001 => C:\Users\Karel\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [4712920 2025-09-11] (Opera Norway AS -> Opera Software)
Task: {C4FDBD60-27EC-4933-943F-74BBCECC4908} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem142.0.7416.0{2CAED75B-2F12-4E8E-A7A3-869D213403BA} => C:\Program Files (x86)\Google\GoogleUpdater\142.0.7416.0\updater.exe [6863512 2025-09-15] (Google LLC -> Google LLC)
Task: {753C8AB4-B158-47E8-91D7-97C43C60485F} - System32\Tasks\Microsoft\Office\Office Actions Server => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\ActionsServer\ActionsServer.exe [10453888 2025-07-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {FBBAD458-F63D-46EE-8883-8C36A550B5A5} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28583776 2025-07-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {29209226-21D1-4E62-8500-09A3825AE53F} - System32\Tasks\Microsoft\Office\Office Background Push Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE16\opushutil.exe [61328 2025-07-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {B32C8B8F-DBC7-4EDF-AC62-EDCAA542B0B7} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28583776 2025-07-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {0C64745F-052E-4331-AC8D-D1EE24DC2461} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [224032 2025-07-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {9662B921-1F00-4B9D-A70B-37B05B3CD829} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [224032 2025-07-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {6A9280CB-E1C2-48DE-B82F-8AEA7C6185B6} - System32\Tasks\Microsoft\Office\Office Startup Boost => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [224032 2025-07-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {EA3E03FA-35F0-4895-9912-985450E4C8A5} - System32\Tasks\Microsoft\Office\Office Startup Boost Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [224032 2025-07-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {B71926BC-213C-44A8-94DA-6D44A373FDCD} - System32\Tasks\Microsoft\Windows\Clip\ClipESU => %SystemRoot%\system32\clipesu.exe (No File)
Task: {E88D9B2C-DDEA-47B2-9582-085153004DB5} - System32\Tasks\Microsoft\Windows\Location\Notifications => %windir%\System32\LocationNotificationWindows.exe (No File)
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => %SystemRoot%\System32\MbaeParserTask.exe (No File)
Task: {72B8C428-F7A8-496C-99FE-550000B681D7} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => %systemroot%\system32\MusNotification.exe /RunOnAC RebootDialog (No File)
Task: {D83EBCAC-2D46-4D26-8302-86FE08B9FD36} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => %systemroot%\system32\MusNotification.exe /RunOnBattery RebootDialog (No File)
Task: {F3E6E7ED-A196-4E44-8803-55FAB3AD4E29} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
Task: {B6915C0E-D113-4132-9566-A25599F39A04} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [693376 2025-10-03] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (the data entry has 6 more characters).
Task: {449174A1-0056-466C-A9FC-A8EC030DB574} - System32\Tasks\Mozilla\Firefox Background Update S-1-5-21-851827749-1828096854-3146880355-1001 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [693376 2025-10-03] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (the data entry has 6 more characters).
Task: {79CFD550-E527-4411-A1A8-4A74154513CB} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Nero\Nero Apps\NeroInfo\NeroInfo.exe [3950928 2025-04-29] (Nero AG -> Nero AG)
Task: {04E50C7F-9BD3-4827-8291-48D4FAA90F30} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [850928 2020-03-18] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files\NVIDIA Corporation\NvContainer\-d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {0BEED5FF-78F0-4551-8910-E57576DD0CBB} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [850928 2020-03-18] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files\NVIDIA Corporation\NvContainer\-d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {8A173901-A269-43BF-BE8A-84A4BB68D3EA} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3293168 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {8C181E83-9296-43BD-8A9D-3301B9510B8F} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646456 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files (x86)\NVIDIA Corporation\NvNode\--launcher=TaskScheduler
Task: {80FCB519-585E-42B2-B194-D75651CE7F2F} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {0099A389-158E-4216-9305-9E92B0856D06} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {4C9D14F3-0565-4307-BA28-306CDB9A3B52} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A2FC42C2-F33C-4800-999C-E3AE506D0534} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {4201CAA6-2BDF-4805-9D99-91A4677FE4CD} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {28A6BA29-0993-439C-9422-B90A2A053629} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-04-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5B1B551F-CF06-4173-AB8F-97103AF77346} - System32\Tasks\Oem\AcerJumpstartTask => C:\Program Files (x86)\Acer\Acer Jumpstart\hermes.exe [70792 2022-08-15] (Acer Incorporated -> )
Task: {C78AAC0B-2F5E-45EB-92EB-5174827493E3} - System32\Tasks\OneDrive Startup Task-S-1-5-21-851827749-1828096854-3146880355-1001 => C:\Users\Karel\AppData\Local\Microsoft\OneDrive\25.184.0921.0004\OneDriveLauncher.exe [725880 2025-10-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {77122E2D-67C5-488A-823C-21A5D8BB7DD5} - System32\Tasks\Opera scheduled assistant Autoupdate 1612535774 => C:\Users\Karel\AppData\Local\Programs\Opera\autoupdate\opera_autoupdate.exe [5063640 2025-10-09] (Opera Norway AS -> Opera Software) -> --scheduledtask --productiscomponent --installdir="C:\Users\Karel\AppData\Local\Programs\Opera\assistant" --producttype=assistant $(Arg0)
Task: {3782F025-9090-441A-B0E0-7DA81A519ACF} - System32\Tasks\Opera scheduled Autoupdate 1612535771 => C:\Users\Karel\AppData\Local\Programs\Opera\autoupdate\opera_autoupdate.exe [5063640 2025-10-09] (Opera Norway AS -> Opera Software)
Task: {304632A7-8AA6-4BF7-B96B-23DFB891136D} - System32\Tasks\Piriform\CCleaner 7 - S-1-5-21-851827749-1828096854-3146880355-1001 => C:\Program Files\Piriform\CCleaner 7\CCleaner.exe [4717688 2025-10-18] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {A7C5FEF0-7E62-44A1-A8AD-26F28EA3BCEB} - System32\Tasks\Piriform\CCleaner 7 BugReport => C:\Program Files\Piriform\CCleaner 7\CCleanerBugReport.exe [6243960 2025-10-18] (Gen Digital Inc. -> Gen Digital Inc.) -> --send "dumps|report" --product 234 --programpath "C:\Program Files\Piriform\CCleaner 7" --configpath "C:\Program Files\Piriform\CCleaner 7\data" --path "C:\Program Files\Piriform\CCleaner 7\log" --path "C:\Program Files\Piriform\CCleaner 7\data\dumps" --logpath "C:\Program Files\Piriform\CCleaner 7 (the data entry has 58 more characters).
Task: {F4013630-4D41-4639-A0D8-3F7E27597F09} - System32\Tasks\Piriform\CCleaner 7 Update => C:\Program Files\Common Files\Piriform\Icarus\piriform-ccl\icarus.exe [8971064 2025-10-14] (PIRIFORM SOFTWARE LIMITED -> Gen Digital Inc.)
Task: {056F7AAC-536A-4B03-8F52-6828561759BB} - System32\Tasks\Power Button => C:\Program Files\Acer\Quick Access Service\ePowerButton_NB.exe [2771616 2022-01-03] (Acer Incorporated -> Acer Incorporated)
Task: {DE25B126-F93F-4793-8FA9-F28377A0E058} - System32\Tasks\Quick Access => C:\Program Files\Acer\Quick Access Service\QALauncher.exe [446624 2022-01-03] (Acer Incorporated -> Acer Incorporated)
Task: {75F35CB5-EB91-4940-A5B9-5E251C0FD5CC} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [461472 2022-01-03] (Acer Incorporated -> Acer Incorporated)
Task: {78533241-59A4-4080-AFDC-80E5B123DC74} - System32\Tasks\StorPSCTL => C:\Program Files\Acer\StorPSCTL\StorPSCTL.exe [151080 2020-04-01] (Acer Incorporated -> Microsoft)
Task: {3E1AF38C-BE24-4655-94ED-063AD48D5BAA} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program Service\Framework\TriggerFramework.exe [268328 2020-04-15] (Acer Incorporated -> Acer Incorporated)
Task: {C12B31F5-1AA1-4677-89F7-0C929B7CAB94} - System32\Tasks\UEIPInvitation => C:\Program Files\Acer\User Experience Improvement Program Service\Framework\UEIPOOBECheck.exe [2211368 2020-04-15] (Acer Incorporated -> Acer Incorporated)
Task: {6AD93734-2CA9-4314-924C-3CC3E8F4B062} - System32\Tasks\Zoner.Updater.S-1-5-21-851827749-1828096854-3146880355-1001 => C:\ProgramData\Zoner\Zoner.Installer.Core\updater.exe [1591632 2025-10-21] (ZONER a.s. -> ZONER a.s.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{a25a1f13-d718-44a2-8ecc-b026d0c969d2}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{d249dc18-5303-4a00-aad1-2de860c7029e}: [DhcpNameServer] 192.168.0.1
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Karel\AppData\Local\Microsoft\Edge\User Data\Default [2025-10-21]
Edge Extension: (Dokumenty Google offline) - C:\Users\Karel\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-09-22]
Edge Extension: (Edge relevant text changes) - C:\Users\Karel\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-24]
Edge Extension: (ESET Browser Privacy & Security) - C:\Users\Karel\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\nkapkmklnmidbbgjaipbgpcnbomnaakc [2025-06-20]
Edge HKLM-x32\...\Edge\Extension: [nkapkmklnmidbbgjaipbgpcnbomnaakc]
FireFox:
========
FF DefaultProfile: u3kngsgi.default
FF ProfilePath: C:\Users\Karel\AppData\Roaming\Mozilla\Firefox\Profiles\u3kngsgi.default [2023-11-14]
FF ProfilePath: C:\Users\Karel\AppData\Roaming\Mozilla\Firefox\Profiles\pw0by2uf.default-release [2025-10-20]
FF Extension: (Graffiti – Balanced) - C:\Users\Karel\AppData\Roaming\Mozilla\Firefox\Profiles\pw0by2uf.default-release\Extensions\graffiti-balanced-colorway@mozilla.org.xpi [2023-03-17]
FF Extension: (FoE - Helper) - C:\Users\Karel\AppData\Roaming\Mozilla\Firefox\Profiles\pw0by2uf.default-release\Extensions\{0668a87f-e3bb-4ed3-a096-e145c1e9f1d2}.xpi [2024-09-03]
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2025-09-29] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2025-07-17] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2025-07-17] (Microsoft Corporation -> Microsoft Corporation)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\eset_security_config_overlay.js [2025-10-21]
Opera:
=======
OPR DefaultProfile: Default
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ABBYY.Licensing.FineReader.ScreenshotReader.9.0; C:\Program Files (x86)\ABBYY Screenshot Reader\NetworkLicenseServer.exe [759072 2008-10-27] (ABBYY Software House -> ABBYY (BIT Software))
S4 ACCSvc; C:\Program Files (x86)\Acer\Care Center\ACCSvc.exe [259232 2021-12-30] (Acer Incorporated -> Acer Incorporated)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [174584 2025-08-24] (Adobe Inc. -> Adobe Inc.)
R2 CCleaner7; C:\Program Files\Piriform\CCleaner 7\CCleaner_service.exe [28276344 2025-10-18] (Gen Digital Inc. -> Gen Digital Inc.)
S4 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13045112 2025-07-05] (Microsoft Corporation -> Microsoft Corporation)
R2 efwd; C:\Program Files\ESET\ESET Security\efwd.exe [5538224 2025-09-10] (ESET, spol. s r.o. -> ESET)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [4662320 2025-09-10] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [4662320 2025-09-10] (ESET, spol. s r.o. -> ESET)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [236864 2021-06-03] (Huawei Technologies Co., Ltd. -> ) [File not signed]
S4 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [445432 2021-04-19] (Canon Inc. -> )
R2 IntelAudioService; C:\WINDOWS\System32\DriverStore\FileRepository\intcoed.inf_amd64_581d7e91d349facc\AS\IAS\IntelAudioService.exe [412128 2022-10-27] (Intel Corporation -> Intel)
S3 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpDefenderCoreService.exe [1447680 2024-10-31] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 NeroBackItUpBackgroundServiceForVerbatim; C:\Program Files (x86)\Nero\Nero 2022\3-2-1 Backup\NBService.exe [319048 2025-04-29] (Nero AG -> Nero AG)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvaci.inf_amd64_6fdef84a09009897\Display.NvContainer\NVDisplay.Container.exe [1275608 2025-09-06] (NVIDIA Corporation -> NVIDIA Corporation)
S4 QALSvc; C:\Program Files\Acer\Quick Access Service\QALSvc.exe [466080 2022-01-03] (Acer Incorporated -> Acer Incorporated)
S4 QASvc; C:\Program Files\Acer\Quick Access Service\QASvc.exe [504480 2022-01-03] (Acer Incorporated -> Acer Incorporated)
R2 QcomWlanSrv; C:\WINDOWS\System32\drivers\QcomWlanSrvx64.exe [189808 2023-03-19] (Qualcomm Atheros, Inc. -> )
S4 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program Service\Framework\UBTService.exe [306728 2020-04-15] (Acer Incorporated -> Acer Incorporated)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\NisSrv.exe [3199672 2024-10-31] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MsMpEng.exe [141952 2024-10-31] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 AcerAirplaneModeController; C:\WINDOWS\System32\DriverStore\FileRepository\acerairplanemodecontroller.inf_amd64_36869d4d52526b5b\AcerAirplaneModeController.sys [36200 2024-06-03] (Acer Incorporated -> Acer Incorporated)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [573440 2025-05-01] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [204800 2025-05-01] (Microsoft Corporation) [File not signed]
S3 BTHMODEM; C:\WINDOWS\System32\drivers\bthmodem.sys [110592 2025-05-01] (Microsoft Corporation) [File not signed]
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [232456 2025-08-14] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [139944 2025-08-14] (Microsoft Windows Hardware Compatibility Publisher -> ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [16336 2022-08-23] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [270136 2025-08-14] (ESET, spol. s r.o. -> ESET)
R2 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [57352 2025-08-14] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [86792 2025-08-14] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [126024 2025-08-14] (ESET, spol. s r.o. -> ESET)
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2021-06-03] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R3 rt68cx21; C:\WINDOWS\System32\DriverStore\FileRepository\rt68cx21x64.inf_amd64_25769e03e756857c\rt68cx21x64.sys [905216 2025-07-20] (Realtek Semiconductor Corp. -> Realtek)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [22104 2024-10-31] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [606624 2024-10-31] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105888 2024-10-31] (Microsoft Windows -> Microsoft Corporation)
S3 WSDPrintDevice; C:\WINDOWS\System32\DriverStore\FileRepository\wsdprint.inf_amd64_1f9e32519098c0b6\WSDPrint.sys [57344 2025-05-01] (Microsoft Windows -> Microsoft Corporation)
S3 WSDScan; C:\WINDOWS\System32\DriverStore\FileRepository\sti.inf_amd64_a6dc64e436f22951\WSDScan.sys [61440 2025-09-02] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2025-10-21 16:14 - 2025-10-21 16:15 - 000031033 _____ C:\Users\Karel\Desktop\FRST.txt
2025-10-21 16:14 - 2025-10-21 16:15 - 000000000 ____D C:\FRST
2025-10-21 16:11 - 2025-10-21 16:11 - 002443264 _____ (Farbar) C:\Users\Karel\Desktop\FRST64.exe
2025-10-21 15:04 - 2025-10-21 15:04 - 000713018 _____ C:\WINDOWS\system32\perfh005.dat
2025-10-21 15:04 - 2025-10-21 15:04 - 000153196 _____ C:\WINDOWS\system32\perfc005.dat
2025-10-19 16:07 - 2025-10-19 16:07 - 000075078 _____ C:\Users\Karel\Downloads\Vypis_531533XXXXXX1517_20251014.pdf
2025-10-18 15:28 - 2025-10-21 15:08 - 000000000 ____D C:\WINDOWS\CbsTemp
2025-10-10 10:57 - 2025-10-10 10:57 - 000000000 ____D C:\ProgramData\Whesvc
2025-10-08 11:50 - 2025-10-08 11:50 - 000000000 ____D C:\WINDOWS\Firmware
2025-10-06 17:12 - 2025-10-06 17:12 - 000002257 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth Pro.lnk
2025-10-06 17:12 - 2025-10-06 17:12 - 000002245 _____ C:\Users\Public\Desktop\Google Earth Pro.lnk
2025-10-06 17:12 - 2025-10-06 17:12 - 000000000 ____D C:\Program Files\Google
2025-10-06 17:04 - 2025-10-06 17:04 - 000073028 _____ C:\Users\Karel\Downloads\Vypis_531533XXXXXX1517_20250912 (1).pdf
2025-10-06 15:53 - 2025-10-06 16:02 - 000002156 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 7.lnk
2025-10-06 15:53 - 2025-10-06 16:02 - 000002144 _____ C:\Users\Public\Desktop\CCleaner 7.lnk
2025-10-06 15:53 - 2025-10-06 15:53 - 000000000 ____D C:\WINDOWS\system32\Tasks\Piriform
2025-10-06 15:53 - 2025-10-06 15:53 - 000000000 ____D C:\Users\Karel\AppData\Roaming\CCleaner
2025-10-06 15:52 - 2025-10-06 15:52 - 000000000 ____D C:\Program Files\Piriform
2025-10-06 15:52 - 2025-10-06 15:52 - 000000000 ____D C:\Program Files\Common Files\Piriform
2025-10-06 15:52 - 2025-10-06 15:38 - 000055064 _____ (Gen Digital Inc.) C:\WINDOWS\system32\icarus_rvrt.exe
2025-09-30 21:15 - 2025-09-30 21:15 - 000035125 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json
2025-09-30 21:15 - 2025-09-30 21:15 - 000035125 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2025-10-21 16:14 - 2024-04-01 09:26 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2025-10-21 16:08 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\AppReadiness
2025-10-21 16:00 - 2025-05-01 14:31 - 000003910 _____ C:\WINDOWS\system32\Tasks\Opera scheduled assistant Autoupdate 1612535774
2025-10-21 16:00 - 2025-05-01 14:31 - 000003628 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1612535771
2025-10-21 16:00 - 2024-04-01 09:26 - 000000000 ___HD C:\Program Files\WindowsApps
2025-10-21 16:00 - 2021-02-06 07:16 - 000000000 ____D C:\ProgramData\Packages
2025-10-21 16:00 - 2021-02-06 06:59 - 000000000 ____D C:\Users\Karel\AppData\Local\Packages
2025-10-21 15:07 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SystemTemp
2025-10-21 15:07 - 2024-04-01 09:24 - 000000000 ____D C:\WINDOWS\INF
2025-10-21 15:04 - 2025-05-01 14:31 - 001692324 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2025-10-21 15:00 - 2020-12-16 11:09 - 000000000 ____D C:\ProgramData\NVIDIA
2025-10-21 14:58 - 2025-05-01 14:29 - 000005110 _____ C:\WINDOWS\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2
2025-10-21 14:58 - 2021-02-06 06:59 - 000000000 __SHD C:\Users\Karel\IntelGraphicsProfiles
2025-10-21 14:57 - 2025-05-01 14:31 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2025-10-21 14:57 - 2025-05-01 14:26 - 000574168 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2025-10-21 14:57 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\ServiceState
2025-10-21 14:57 - 2020-12-16 10:34 - 000012288 ___SH C:\DumpStack.log.tmp
2025-10-21 14:57 - 2020-12-16 10:34 - 000000000 ___HD C:\Intel
2025-10-21 14:56 - 2024-04-01 18:30 - 000000000 ____D C:\WINDOWS\system32\Microsoft-Edge-WebView
2025-10-21 14:56 - 2024-04-01 09:26 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2025-10-21 14:56 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2025-10-21 14:56 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2025-10-21 14:56 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2025-10-21 14:56 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SystemResources
2025-10-21 14:56 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2025-10-21 14:56 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\setup
2025-10-21 14:56 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2025-10-21 14:56 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\oobe
2025-10-21 14:56 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\migwiz
2025-10-21 14:56 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\Dism
2025-10-21 14:56 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\bcastdvr
2025-10-21 14:56 - 2024-04-01 09:21 - 001310720 _____ C:\WINDOWS\system32\config\BBI
2025-10-21 14:28 - 2025-05-01 14:26 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2025-10-21 14:13 - 2025-05-01 14:30 - 003276800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2025-10-21 13:57 - 2021-02-16 11:07 - 000000000 ____D C:\Users\Karel\AppData\Local\D3DSCache
2025-10-21 13:55 - 2021-03-09 07:54 - 000000000 ____D C:\ProgramData\Zoner
2025-10-21 13:51 - 2025-05-01 14:31 - 000003164 _____ C:\WINDOWS\system32\Tasks\OneDrive Startup Task-S-1-5-21-851827749-1828096854-3146880355-1001
2025-10-21 13:48 - 2022-02-09 16:56 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2025-10-21 08:00 - 2025-05-01 14:31 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-851827749-1828096854-3146880355-1001
2025-10-21 08:00 - 2025-05-01 14:31 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-851827749-1828096854-3146880355-1001
2025-10-21 08:00 - 2021-02-06 16:59 - 000002383 _____ C:\Users\Karel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2025-10-21 07:55 - 2023-01-16 08:57 - 000002278 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2025-10-21 07:55 - 2020-12-16 10:39 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2025-10-20 18:32 - 2021-02-10 21:50 - 000000000 ____D C:\Program Files (x86)\Steam
2025-10-18 15:48 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\SecurityHealth
2025-10-18 15:47 - 2021-02-05 15:25 - 000000000 ____D C:\WINDOWS\system32\MRT
2025-10-18 15:44 - 2021-02-05 15:25 - 214534944 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2025-10-17 20:52 - 2021-02-05 16:36 - 000001374 _____ C:\Users\Karel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2025-10-13 11:30 - 2025-07-22 16:25 - 000002658 _____ C:\Users\Karel\Desktop\Zoner Studio.lnk
2025-10-13 11:30 - 2023-02-17 17:48 - 000000000 ____D C:\Program Files\Pepa Chytrouš
2025-10-13 11:30 - 2021-02-05 16:36 - 000001537 _____ C:\Users\Karel\Desktop\Prohlížeč Opera.lnk
2025-10-13 10:46 - 2025-05-01 14:31 - 000003640 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2025-10-13 10:46 - 2025-05-01 14:31 - 000003514 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2025-10-10 16:59 - 2021-03-09 07:55 - 000000000 ____D C:\Users\Karel\AppData\Local\Zoner
2025-10-06 17:36 - 2021-02-08 17:39 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2025-10-06 17:35 - 2020-12-16 11:00 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2025-10-06 17:14 - 2022-10-13 09:18 - 000002077 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2025-10-06 17:14 - 2022-10-13 09:18 - 000002065 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk
2025-10-06 17:12 - 2025-05-01 14:31 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2025-10-06 17:12 - 2025-01-24 00:59 - 000000000 ____D C:\Program Files\Mozilla Firefox
2025-10-06 17:12 - 2021-02-08 17:39 - 000001077 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2025-10-06 17:11 - 2025-04-17 22:55 - 000000000 ____D C:\Program Files\Mozilla Thunderbird
2025-10-06 17:11 - 2021-02-10 18:46 - 000001059 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Thunderbird.lnk
2025-10-06 17:09 - 2021-02-05 16:46 - 000000000 ____D C:\Users\Karel\AppData\Local\CrashDumps
2025-10-06 15:52 - 2025-05-01 14:31 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2025-10-06 15:52 - 2022-10-09 11:53 - 000000000 ____D C:\ProgramData\Piriform
2025-10-06 15:52 - 2022-01-05 12:31 - 000000000 ____D C:\Program Files\CCleaner
2025-10-03 11:27 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\UUS
2025-10-03 11:27 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\HealthAttestationClient
2025-10-03 11:27 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\appraiser
2025-10-03 11:27 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\ShellExperiences
2025-10-03 11:27 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\ShellComponents
2025-10-03 11:27 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\Provisioning
2025-10-03 11:27 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\BrowserCore
2025-10-03 11:27 - 2024-04-01 09:26 - 000000000 ____D C:\ProgramData\USOPrivate
2025-10-03 11:27 - 2024-04-01 09:21 - 000000000 ____D C:\WINDOWS\servicing
==================== Files in the root of some directories ========
2025-09-15 22:22 - 2025-09-15 22:22 - 001097784 _____ (Microsoft Corporation) C:\Users\Karel\Jewels Magic Installer.exe
2025-09-14 20:55 - 2025-09-14 20:55 - 001097784 _____ (Microsoft Corporation) C:\Users\Karel\Jewels of the Wild West Installer.exe
2021-09-11 12:10 - 2021-09-11 12:10 - 000000017 _____ () C:\Users\Karel\AppData\Local\resmon.resmoncfg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kontrolu logu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119582
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu
Zdravím!
Proč se dáváte stejný log 3x?.
1. Postačí jednou
2. Není kompletní, chybí log Addition.
Proč se dáváte stejný log 3x?.
1. Postačí jednou
2. Není kompletní, chybí log Addition.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu logu
To je ve hvězdách. Vložil jsem první log, přecházel jsem na log Addition a zkopíroval je. Chtěl jsem ho vložit do zprávy a ona tam byla odeslaná zpráva 3x. Nevím co se stalo. Tak jsem čekal na odpověď, abych vložil log Addition.
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-10-2025
Ran by Karel (21-10-2025 16:16:18)
Running from C:\Users\Karel\Desktop
Microsoft Windows 11 Home Version 25H2 26200.6901 (X64) (2025-05-01 12:32:07)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-851827749-1828096854-3146880355-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-851827749-1828096854-3146880355-503 - Limited - Disabled)
Guest (S-1-5-21-851827749-1828096854-3146880355-501 - Limited - Disabled)
Karel (S-1-5-21-851827749-1828096854-3146880355-1001 - Administrator - Enabled) => C:\Users\Karel
WDAGUtilityAccount (S-1-5-21-851827749-1828096854-3146880355-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: ESET Security (Enabled - Up to date) {DF8BEACB-94C9-218A-73AD-A78362A8C516}
AV: ESET Security (Enabled - Up to date) {89B55CC4-3881-78B2-11E2-479AE0371896}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Security (Enabled - Up to date) {26E0861C-6FB9-CEF9-E4F0-531986211ACE}
FW: ESET Firewall (Enabled) {E7B06BEE-DEA6-20D2-58F2-0EB69C7B826D}
FW: ESET Firewall (Enabled) {B18EDDE1-72EE-79EA-3ABD-EEAF1EE45FED}
FW: ESET Firewall (Enabled) {1EDB0739-25D6-CFA1-CFAF-FA2C78F25DB5}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
3-2-1 Eternity Backup (HKLM-x32\...\3-2-1 Eternity Backup) (Version: 1.0.0.44 - Nero AG)
7-Zip 25.01 (x64) (HKLM\...\7-Zip) (Version: 25.01 - Igor Pavlov)
ABBYY Screenshot Reader (HKLM-x32\...\{F9000000-0015-0000-0000-074957833700}) (Version: 9.010.194.5986 - ABBYY)
Acer Configuration Manager (HKLM-x32\...\{8CB1A03C-9849-4744-AD56-341A18F9E3E2}) (Version: 2.5.22250 - Acer)
Acer Jumpstart (HKLM-x32\...\{0C5ED25A-B8D1-4E71-BFCB-6B370A4EA19C}) (Version: 3.5.22220.20 - Acer)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1029-1033-7760-BC15014EA700}) (Version: 25.001.20756 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601120}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Canon Easy-PhotoPrint Editor (HKLM-x32\...\Canon Easy-PhotoPrint Editor) (Version: 1.6.1 - Canon Inc.)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.7.0.0 - Canon Inc.)
Canon IJ Network Scanner Selector EX2 (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX2) (Version: 2.0.10.2 - Canon Inc.)
Canon IJ Printer Assistant Tool (HKLM-x32\...\Canon IJ Printer Assistant Tool) (Version: 1.10.2.51 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.5.0.69 - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 6.4.0 - Canon Inc.)
Canon TS9500 series Elektronická příručka (HKLM-x32\...\Canon TS9500 series Elektronická příručka) (Version: 1.2.0 - Canon Inc.)
Canon TS9500 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_TS9500_series) (Version: 1.03 - Canon Inc.)
Care Center Service (HKLM\...\{AFB52E98-7597-4484-9202-58F0FD3512ED}) (Version: 4.00.3042 - Acer Incorporated)
CCleaner 7 (HKLM\...\CCleaner 7) (Version: 7.0.1010.1196 - Piriform)
CCleaner Update Helper (HKLM-x32\...\{E4EAC0E2-A80B-479F-BA45-DCDA595C9A93}) (Version: 1.8.1990.6 - Piriform Software) Hidden
DriverSetupUtility (HKLM\...\{2B51C83A-465D-4EA9-9CDC-1ED95ED09AC6}) (Version: 1.00.3026 - Acer Incorporated)
Dynamic Application Loader Host Interface Service (HKLM\...\{BB78A7A1-B716-49D2-81C4-5A3ABE32C7E2}) (Version: 1.0.0.0 - Intel Corporation) Hidden
ESET Security (HKLM\...\{3B47BDC5-99BF-4F5C-A303-1F0F9DBC74F6}) (Version: 18.2.18.0 - ESET, spol. s r.o.)
Google Earth Pro (HKLM\...\{8D42B7EA-0BF8-4E13-B646-652FE578F998}) (Version: 7.3.6.10441 - Google)
HiSuite (HKLM-x32\...\Hi Suite) (Version: 11.0.0.550 - Huawei Technologies Co., Ltd.)
Intel(R) Chipset Device Software (HKLM\...\{351A0D24-F6F1-4105-AA50-5D2CCC71E0DD}) (Version: 10.1.18019.8144 - Intel Corporation) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{4551f75f-3c54-4f09-8221-8c8a061bad00}) (Version: 10.1.18019.8144 - Intel(R) Corporation)
Intel(R) Icls (HKLM\...\{8A803181-323A-4876-887C-413A43B455CB}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) LMS (HKLM\...\{8B91A857-9616-48AB-8E1B-DAB7D510545A}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 2004.14.0.1447 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{3BB0BA84-70E4-48D2-8674-A6CB8BC7EDD6}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{A2004714-8E43-4063-97E7-0965262B3CCD}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Driver (HKLM\...\{02A60659-049B-4E62-9E13-C52BF2A01AB4}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Kyodai Mahjongg (HKLM-x32\...\Kyodai Mahjongg_is1) (Version: - Rene-Gilles Deberdt)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 141.0.3537.92 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 141.0.3537.85 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2019 - cs-cz (HKLM\...\ProPlus2019Retail - cs-cz) (Version: 16.0.18925.20158 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-851827749-1828096854-3146880355-1001\...\OneDriveSetup.exe) (Version: 25.184.0921.0004 - Microsoft Corporation)
Microsoft Teams Meeting Add-in for Microsoft Office (HKLM\...\{A7AB73A3-CB10-4AA5-9D38-6AEFFBDE4C91}) (Version: 1.25.24601 - Microsoft)
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.44.35211 (HKLM-x32\...\{d8bbe9f9-7c5b-42c6-b715-9ee898a2e515}) (Version: 14.44.35211.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.44.35211 (HKLM-x32\...\{0b5169e3-39da-4313-808e-1f9c0407f3bf}) (Version: 14.44.35211.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.44.35211 (HKLM\...\{86AB2CC9-08BD-4643-B0F9-F82D006D72FF}) (Version: 14.44.35211 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.44.35211 (HKLM\...\{43B0D101-A022-48F4-9D04-BA404CEB1D53}) (Version: 14.44.35211 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.44.35211 (HKLM-x32\...\{C18FB403-1E88-43C8-AD8A-CED50F23DE8B}) (Version: 14.44.35211 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.44.35211 (HKLM-x32\...\{922480B5-CAEB-4B1B-AAA4-9716EFDCE26B}) (Version: 14.44.35211 - Microsoft Corporation) Hidden
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 143.0.4 (x64 cs)) (Version: 143.0.4 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 143.0.4 - Mozilla)
Mozilla Thunderbird (x64 cs) (HKLM\...\Mozilla Thunderbird 143.0.1 (x64 cs)) (Version: 143.0.1 - Mozilla)
Nero Info (HKLM-x32\...\Nero Info) (Version: 27.5.1.1 - Nero AG)
Nero Start (HKLM-x32\...\Nero Common) (Version: 27.5.54.0 - Nero AG)
NVIDIA GeForce Experience 3.20.3.63 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.3.63 - NVIDIA Corporation)
NVIDIA Graphics Driver 451.67 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 451.67 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.18925.20158 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.18925.20158 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.18925.20158 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
Opera Stable 122.0.5643.142 (HKU\S-1-5-21-851827749-1828096854-3146880355-1001\...\Opera 122.0.5643.142) (Version: 122.0.5643.142 - Opera Software)
PL-2303 USB-to-Serial (HKLM-x32\...\{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}) (Version: 1.9.0 - Prolific Technology INC)
Quick Access Service (HKLM\...\{AB25551C-74EF-4BAB-9989-891517FCF9FF}) (Version: 3.00.3038 - Acer Incorporated)
Realtek Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9000.1 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.35.510.2019 - Realtek)
Registrace tiskárny (HKLM-x32\...\Canon EISRegistration) (Version: 1.8.0 - Canon Inc.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Sticky Password (HKLM-x32\...\Sticky Password_is1) (Version: 8.9.4.2125 - Lamantine Software)
Update for x64-based Windows Systems (KB5001716) (HKLM\...\{DA80A019-4C3B-4DAA-ACA1-6937D7CAAF9E}) (Version: 8.94.0.0 - Microsoft Corporation)
User Experience Improvement Program Service (HKLM\...\{E9495FD3-F73D-4D33-A104-047F9E8BE6C7}) (Version: 4.00.3114 - Acer Incorporated)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.21 - VideoLAN)
WinRAR 6.10 beta 3 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.10.3 - win.rar GmbH)
Zoner Callisto 5 (HKLM-x32\...\{4F62B1AE-E778-49E2-9C57-C1C65A122098}) (Version: 5.0.5000.1 - ZONER software)
Zoner Studio CS (HKU\S-1-5-21-851827749-1828096854-3146880355-1001\...\ZPS X) (Version: 19.2503.2.639 - ZONER a.s.)
Packages:
=========
@{MicrosoftWindows.55182690.Taskbar_1000.26100.3775.0_x64__cw5n1h2txyewy?ms-resource://MicrosoftWindows.55182690.Taskbar/Resources/ProductPkgDisplayName} -> C:\Windows\SystemApps\SxS\MicrosoftWindows.55182690.Taskbar_cw5n1h2txyewy [2025-06-07] ()
@{MicrosoftWindows.55182690.Taskbar_1000.26100.3912.0_x64__cw5n1h2txyewy?ms-resource://MicrosoftWindows.55182690.Taskbar/Resources/ProductPkgDisplayName} -> C:\WINDOWS\SystemApps\SxS\MicrosoftWindows.55182690.Taskbar_cw5n1h2txyewy [2025-06-07] ()
@{MicrosoftWindows.58683691.InpApp_1000.26100.6725.0_x64__cw5n1h2txyewy?ms-resource://MicrosoftWindows.58683691.InpApp/Resources/ProductPkgDisplayName} -> C:\WINDOWS\SystemApps\SxS\MicrosoftWindows.58683691.InpApp_cw5n1h2txyewy [2025-10-21] (Microsoft Windows)
828B5831.JewelsofEgyptMatchGame -> C:\Program Files\WindowsApps\828B5831.JewelsofEgyptMatchGame_1.67.6701.0_x64__ytsefhwckbdv6 [2025-10-20] (G5 Entertainment AB)
828B5831.JewelsoftheWildWest -> C:\Program Files\WindowsApps\828B5831.JewelsoftheWildWest_1.66.6600.0_x64__ytsefhwckbdv6 [2025-10-09] (G5 Entertainment AB)
Acer Product Registration -> C:\Program Files\WindowsApps\AcerIncorporated.AcerRegistration_2.0.3044.0_x64__48frkmn4z8aw4 [2024-01-26] (Acer Incorporated)
Adobe Acrobat Reader -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Assets [2025-10-06] ()
Amazon Landscapes PREMIUM -> C:\Program Files\WindowsApps\Microsoft.AmazonLandscapesPREMIUM_1.0.0.0_neutral__8wekyb3d8bbwe [2025-05-21] (Microsoft Corporation)
AppUp.IntelGraphicsExperience -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.5688.0_x64__8j3eq9eme6ctt [2025-04-15] (INTEL CORP) [Startup Task]
Balíček prostředí funkcí systému Windows -> C:\WINDOWS\SystemApps\SxS\MicrosoftWindows.58683691.InpApp_cw5n1h2txyewy [2025-10-21] (Microsoft Windows)
Care Center S -> C:\Program Files\WindowsApps\AcerIncorporated.AcerCareCenterS_4.0.3042.0_x64__48frkmn4z8aw4 [2022-01-11] (Acer Incorporated)
Cribbage Deluxe -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.CribbageDeluxe_2.12.165.0_x64__kx24dqmazqk8j [2025-06-02] (Random Salad Games LLC)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-11-05] (Microsoft Corporation)
Doplněk pro Fotky -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-11-05] (Microsoft Corporation)
Dropbox promotion -> C:\Program Files\WindowsApps\C27EB4BA.DropboxOEM_23.4.34.0_x64__xbfy0k16fey96 [2025-06-20] (Dropbox Inc.)
ESET Context Menu -> C:\Program Files\ESET\ESET Security [2025-10-17] (Sparse Package)
GoTrust ID -> C:\Program Files\WindowsApps\GOTrustTechnologyInc.GO-TrustAuthenticator_3.1.21.0_x64__0r04f53sqacg6 [2025-04-17] (GoTrustID Inc.)
Hearts Deluxe -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.HeartsDeluxe_6.13.127.0_x64__kx24dqmazqk8j [2025-05-01] (Random Salad Games LLC)
Jewels Magic: Mystery Match3 -> C:\Program Files\WindowsApps\BitMango.JewelsMagicMysteryMatch3_25.618.0.0_x64__2b8nme4t3zjry [2025-09-14] (BitMango, inc.)
Messenger -> C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_2250.1.0.0_x64__8xx8rvfyw5nnt [2025-04-15] (Meta)
Microsoft Family -> C:\Program Files\WindowsApps\MicrosoftCorporationII.MicrosoftFamily_0.2.40.0_x64__8wekyb3d8bbwe [2025-05-01] (Microsoft Corp.)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.968.0_x64__56jybvy8sckqj [2025-06-13] (NVIDIA Corp.)
OfficePushNotificationsUtility -> C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16 [2025-07-17] ()
PhotoDirector for acer -> C:\Program Files\WindowsApps\CyberLinkCorp.ac.PhotoDirectorforacerDesktop_8.0.6428.0_x64__ypz87dpxkv292 [2020-12-16] (CYBERLINK COM CORP)
PowerDirector for acer -> C:\Program Files\WindowsApps\CyberLinkCorp.ac.PowerDirectorforacerDesktop_14.0.4304.0_x64__ypz87dpxkv292 [2020-12-16] (CYBERLINK COM CORP)
QuickAccess -> C:\Program Files\WindowsApps\AcerIncorporated.QuickAccess_3.0.3038.0_x64__48frkmn4z8aw4 [2022-02-11] (Acer Incorporated)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.14.226.0_x64__dt26b99r8h8gj [2020-12-16] (Realtek Semiconductor Corp)
Simple Mahjong -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.SimpleMahjong_6.5.44.0_x64__kx24dqmazqk8j [2025-08-19] (Random Salad Games LLC)
Simple Solitaire -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.SimpleSolitaire_7.5.27.0_x64__kx24dqmazqk8j [2025-07-29] (Random Salad Games LLC)
Simple Spider Solitaire -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.SimpleSpiderSolitaire_3.8.45.0_x64__kx24dqmazqk8j [2025-05-01] (Random Salad Games LLC)
SpotifyAB.SpotifyMusic -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.274.477.0_x64__zpdnekdrzrea0 [2025-10-08] (Spotify AB) [Startup Task]
User Experience Improvement Program -> C:\Program Files\WindowsApps\AcerIncorporated.UserExperienceImprovementProgram_4.0.3114.0_x64__48frkmn4z8aw4 [2020-12-16] (Acer Incorporated)
Wild West -> C:\Program Files\WindowsApps\39631WildWest.WildWest_3.2.0.0_x64__qyjzfs50ssadr [2024-03-31] (Wild West)
Wild West: New Frontier -> C:\Program Files\WindowsApps\SocialQuantumIreland.WildWestNewFrontier_50.0.35604.0_x86__qkh4jy2njbgaw [2025-10-07] (Social Quantum Limited)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-851827749-1828096854-3146880355-1001_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-851827749-1828096854-3146880355-1001_Classes\CLSID\{47E6DCAF-41F8-441C-BD0E-A50D5FE6C4D1}\localserver32 -> C:\Users\Karel\AppData\Local\Microsoft\OneDrive\25.184.0921.0004\OneDrive.Sync.Service.exe (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-851827749-1828096854-3146880355-1001_Classes\CLSID\{5733c3e6-5a1f-4212-a0b4-55ee61168b22}\InprocServer32 -> C:\Program Files\Mozilla Thunderbird\notificationserver.dll (Mozilla Corporation -> Mozilla Foundation)
CustomCLSID: HKU\S-1-5-21-851827749-1828096854-3146880355-1001_Classes\CLSID\{917E8742-AA3B-7318-FA12-10485FB322A2}\localserver32 -> C:\Users\Karel\AppData\Local\Microsoft\OneDrive\25.184.0921.0004\OneDrive.Sync.Service.exe (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-851827749-1828096854-3146880355-1001_Classes\CLSID\{BB754DA5-E202-4EAC-B7C7-DE4DB1D96E28}\InprocServer32 -> C:\Program Files\Mozilla Thunderbird\notificationserver.dll (Mozilla Corporation -> Mozilla Foundation)
CustomCLSID: HKU\S-1-5-21-851827749-1828096854-3146880355-1001_Classes\CLSID\{DF1F7848-595D-4570-8E7C-35F77861C552}\InprocServer32 -> C:\Users\Karel\AppData\Local\Programs\Zoner\ZPS X\binary\Program64\ZpsThumbnailHandler.dll (ZONER a.s. -> )
CustomCLSID: HKU\S-1-5-21-851827749-1828096854-3146880355-1001_Classes\CLSID\{EABAE40C-B27C-455A-B672-F234DD780948}\InprocServer32 -> C:\Users\Karel\AppData\Local\Microsoft\TeamsMeetingAdd-in\1.25.24601\x64\Microsoft.Teams.MeetingAddin.DLL (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2025-08-03] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2025-09-29] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2025-09-10] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2022-01-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2022-01-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2025-09-10] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2025-08-03] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvaci.inf_amd64_6fdef84a09009897\nvshext.dll [2025-09-06] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2025-08-03] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2025-09-10] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2022-01-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2022-01-01] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [MidisrvTransferComplete] => 0
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2025-08-15 02:15 - 2025-08-15 02:15 - 000030720 _____ (Adobe Systems Inc.) [File not signed] C:\Program Files\Adobe\Acrobat DC\Acrobat\locale\cs_cz\Acrobat Elements\ContextMenuShim64.cze
2022-12-07 10:41 - 2025-08-03 08:00 - 000101888 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2008-04-11 11:54 - 2008-04-11 11:54 - 000348160 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\ABBYY Screenshot Reader\MSVCR71.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) =============
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2025-07-17] (Microsoft Corporation -> Microsoft Corporation)
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2025-07-17] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2025-07-17] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2025-07-17] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2025-07-17] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2025-07-17] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-12-07 11:14 - 2023-11-14 12:23 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
2021-03-26 17:20 - 2022-08-14 13:43 - 000000446 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
==================== Network ===========================
(Currently there is no automatic fix for this section.)
DNS Servers: 192.168.0.1
Windows Firewall is enabled.
Network Binding:
=============
Wi-Fi: Qualcomm Atheros QCA9377 Wireless Network Adapter -> Qcamain10x64.sys
Ethernet: Realtek PCIe GbE Family Controller -> rt68cx21x64.sys
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-851827749-1828096854-3146880355-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Karel\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
HKLM\SOFTWARE\Microsoft\Windows Defender\Features => (TamperProtection: 1) (TamperProtectionSource: 5)
HKLM\SOFTWARE\Microsoft\Windows Defender\Real-Time Protection => (DpaDisabled: 0)
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "RtkAudUService"
HKLM\...\StartupApproved\Run32: => "ABBYY Screenshot Reader Retail"
HKLM\...\StartupApproved\Run32: => "IJNetworkScannerSelectorEX2"
HKLM\...\StartupApproved\Run32: => "Nero BackItUp"
HKU\S-1-5-21-851827749-1828096854-3146880355-1001\...\StartupApproved\Run: => "OneDriveSetup"
HKU\S-1-5-21-851827749-1828096854-3146880355-1001\...\StartupApproved\Run: => "Opera Stable"
HKU\S-1-5-21-851827749-1828096854-3146880355-1001\...\StartupApproved\Run: => "Adobe Reader Synchronizer"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{B8CC24B6-58BF-454F-B812-30E6A62BEAB3}] => (Allow) C:\Program Files (x86)\Nero\Nero Common\Nero Launcher\NeroLauncher.exe (Nero AG -> Nero AG)
FirewallRules: [{C904C279-92FC-46A8-8898-DA2043F2F20A}] => (Allow) C:\Program Files (x86)\Nero\Nero 2022\3-2-1 Backup\NBService.exe (Nero AG -> Nero AG)
FirewallRules: [{BE9A92F4-360F-4A25-B070-47BD4DCFF2CC}] => (Allow) C:\Program Files (x86)\Nero\Nero 2022\3-2-1 Backup\BackItUp.exe (Nero AG -> Nero AG)
FirewallRules: [{178CB5BD-5EDB-4D54-BADF-AF5E26B7B6EC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age2HD\Launcher.exe (TODO: <Company name>) [File not signed]
FirewallRules: [{696084F0-C442-4EA0-BA9E-6157D27783ED}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age2HD\Launcher.exe (TODO: <Company name>) [File not signed]
FirewallRules: [{B7818D8C-2FCD-4145-980E-0C7570B302C6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age of Mythology\AoMX.exe (Microsoft Corp) [File not signed]
FirewallRules: [{72CC2D7A-064B-4ADC-A077-DC704CFE4BAA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age of Mythology\AoMX.exe (Microsoft Corp) [File not signed]
FirewallRules: [{5F1E0BCB-7368-43BD-9459-0B7307A5C664}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age of Mythology\Launcher.exe (TODO: <Company name>) [File not signed]
FirewallRules: [{41DC18EB-99F2-4070-AF13-E32E58B2DF03}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age of Mythology\Launcher.exe (TODO: <Company name>) [File not signed]
FirewallRules: [{DCA9BD71-CF83-42B8-B88A-EF906FA02BFF}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{1CAC4D4A-AED7-4A0E-B19C-4CE69A8DB93D}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{90D3B457-E11C-4394-A5CA-CC708E9CF31E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{EFA5D375-1958-486F-B921-B23266FE3A31}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{A224C448-3B93-4200-9B13-507E245E38CC}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{CF007677-E857-43E5-A9A5-1FE2BE5333ED}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{2CDE2EE7-FF89-4ACB-88D3-514B574CD2F8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{6A493841-AD60-4D1A-8840-B760B772B66E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{217A8E60-64DA-40F6-AD64-C0F0DB7FC0A7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1B4DE359-E4F9-4B0D-86C8-15E384CF21EF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{B9D27620-FAF3-4BE5-A2D5-BF0DCF5F5891}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{7607319E-1F74-48DD-AAF1-BD86AC8B3CB0}] => (Allow) C:\Program Files (x86)\Sticky Password\stpass.exe (Lamantine Software a.s. -> Lamantine Software a.s.)
FirewallRules: [{21CE6BE2-C329-410E-8B89-E540BFE18FD2}] => (Allow) C:\Program Files (x86)\Sticky Password\stpass.exe (Lamantine Software a.s. -> Lamantine Software a.s.)
FirewallRules: [{97DD67E6-09B9-4AAE-9C9E-5C4BBC985C66}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{7CBFDED6-C584-4E4D-95D9-E2ED3883D156}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{FCFFC358-AD79-4342-B5BC-0382F20C77BE}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{04A2180A-38E0-4A20-A5C4-61265E88D318}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A700E34E-8A60-43D3-AB69-A9B7DA5E4C31}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6C7E7B96-2066-4B89-A740-BE3130FAAF41}] => (Allow) C:\Program Files\WindowsApps\MSTeams_25255.703.3978.7153_x64__8wekyb3d8bbwe\ms-teams_modulehost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{933426B8-6B8D-4768-98B9-09E47247F397}] => (Allow) C:\Program Files\WindowsApps\MSTeams_25255.703.3978.7153_x64__8wekyb3d8bbwe\ms-teams_modulehost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5F69C48C-31AC-4880-819A-6D7DCC160B01}] => (Allow) C:\Program Files\WindowsApps\MSTeams_25255.703.3978.7153_x64__8wekyb3d8bbwe\ms-teams_modulehost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A8CD96CE-F6E6-4BA8-A3D6-BBF3C74DDE19}] => (Allow) C:\Program Files\WindowsApps\MSTeams_25255.703.3978.7153_x64__8wekyb3d8bbwe\ms-teams_modulehost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{539B8A7C-A27B-4720-824D-90567B6ABCEF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.274.477.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{95CF2C31-6712-4C07-A7AE-E33CB5260B86}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.274.477.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{E8B576DE-FD3D-490C-80D0-A75495162C8D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.274.477.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{6B6CE0BA-9791-44F4-A678-EED4D5AECB7F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.274.477.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{E6B622C9-5D5E-4164-9503-2F3168D7B2B5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.274.477.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{CA06EB58-83EA-442D-97BD-470F6CD5EA4A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.274.477.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{51AE20B2-DCCA-44D8-89FF-FBCABF7A236A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.274.477.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{C4C57281-0970-4F3B-80E4-6D28C8E04AAA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.274.477.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{A2E3A588-F65B-4980-80D1-A2D6B3883CCE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.274.477.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{F7DB3A2F-91CA-48D4-9DA1-CED2B238D1C0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.274.477.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{89201FCA-843B-4A7F-9470-3996BEAD8F03}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.274.477.0_x64__zpdnekdrzrea0\SpotifyLauncher.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{CE38A6FB-9650-4B93-A8D6-E540A51C225A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.274.477.0_x64__zpdnekdrzrea0\SpotifyLauncher.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{90329EF7-6495-4557-B395-05C24B1F033E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.274.477.0_x64__zpdnekdrzrea0\SpotifyLauncher.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{8392AA9D-6AAA-49B7-B2E0-987241094C8D}] => (Allow) C:\Users\Karel\AppData\Local\Programs\Opera\opera.exe (Opera Norway AS -> Opera Software)
==================== Restore Points =========================
19-10-2025 12:56:32 Windows Update
==================== Faulty Device Manager Devices ============
Name: VGA WebCam
Description: Zobrazovací zařízení USB
Class Guid: {ca3e7ab9-b4c3-4ae6-8251-579ef933890f}
Manufacturer: Microsoft
Service: usbvideo
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: ========================
Application errors:
==================
Error: (10/21/2025 02:58:14 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1552) (User: NT AUTHORITY)
Description: Uživatelský podregistr načetl jiný proces (zámek registru). Název procesu: C:\Program Files\Piriform\CCleaner 7\CCleaner_service.exe, identifikátor PID: 3704, identifikátor PID ProfSvc: 2544.
Error: (10/18/2025 03:47:54 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1005) (User: NT AUTHORITY)
Description: Pokus o vyhledání procedury Open OpenLsaPerformanceData v knihovně DLL C:\Windows\System32\Secur32.dll pro službu Lsa selhal s kódem chyby Win32 127. Data o výkonu pro tuto službu nebudou k dispozici.
Error: (10/06/2025 05:36:06 PM) (Source: Application Error) (EventID: 1000) (User: NT AUTHORITY)
Description: Název chybující aplikace: NVDisplay.Container.exe, verze: 1.39.3323.1171, časové razítko: 0x64e85748
Název chybujícího modulu: NVDisplay.Container.exe, verze: 1.39.3323.1171, časové razítko: 0x64e85748
Kód výjimky: 0xc0000409
Posun chyby: 0x00000000000932e5
ID chybujícího procesu: 0x1e10
Čas spuštění chybující aplikace: 0x1dc36d6d994ec70
Cesta k chybující aplikaci: C:\WINDOWS\System32\DriverStore\FileRepository\nvaci.inf_amd64_6fdef84a09009897\Display.NvContainer\NVDisplay.Container.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\DriverStore\FileRepository\nvaci.inf_amd64_6fdef84a09009897\Display.NvContainer\NVDisplay.Container.exe
ID sestavy: 14391f8a-7797-4fe6-809a-a319e8ed5ae9
Celý název chybujícího balíčku:
ID chybující aplikace relativní vzhledem k balíčku:
Error: (10/06/2025 05:12:15 PM) (Source: Firefox Default Browser Agent) (EventID: 1332) (User: )
Description: Event-ID 1332
Error: (09/24/2025 05:52:53 PM) (Source: Application Error) (EventID: 1000) (User: LAPTOP-16MPJ5UM)
Description: Název chybující aplikace: CCleaner64.exe, verze: 6.39.0.11548, časové razítko: 0x689df563
Název chybujícího modulu: CCleaner64.exe, verze: 6.39.0.11548, časové razítko: 0x689df563
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000007c2ef3
ID chybujícího procesu: 0x27c4
Čas spuštění chybující aplikace: 0x1dc2d6aa3bbc91d
Cesta k chybující aplikaci: C:\Program Files\CCleaner\CCleaner64.exe
Cesta k chybujícímu modulu: C:\Program Files\CCleaner\CCleaner64.exe
ID sestavy: a6a74e90-42f3-46f4-8240-7a51b433f5ce
Celý název chybujícího balíčku:
ID chybující aplikace relativní vzhledem k balíčku:
Error: (09/24/2025 05:52:51 PM) (Source: Application Error) (EventID: 1000) (User: LAPTOP-16MPJ5UM)
Description: Název chybující aplikace: CCleaner64.exe, verze: 6.39.0.11548, časové razítko: 0x689df563
Název chybujícího modulu: CCleaner64.exe, verze: 6.39.0.11548, časové razítko: 0x689df563
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000001634223
ID chybujícího procesu: 0x27c4
Čas spuštění chybující aplikace: 0x1dc2d6aa3bbc91d
Cesta k chybující aplikaci: C:\Program Files\CCleaner\CCleaner64.exe
Cesta k chybujícímu modulu: C:\Program Files\CCleaner\CCleaner64.exe
ID sestavy: 0ccd26a9-7127-44c8-8baa-d2569a3beb94
Celý název chybujícího balíčku:
ID chybující aplikace relativní vzhledem k balíčku:
Error: (09/23/2025 06:46:15 PM) (Source: Application Error) (EventID: 1000) (User: LAPTOP-16MPJ5UM)
Description: Název chybující aplikace: CCleaner64.exe, verze: 6.39.0.11548, časové razítko: 0x689df563
Název chybujícího modulu: CCleaner64.exe, verze: 6.39.0.11548, časové razítko: 0x689df563
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000007c2ef3
ID chybujícího procesu: 0x3e4c
Čas spuštění chybující aplikace: 0x1dc2ca203ac15a8
Cesta k chybující aplikaci: C:\Program Files\CCleaner\CCleaner64.exe
Cesta k chybujícímu modulu: C:\Program Files\CCleaner\CCleaner64.exe
ID sestavy: c6430645-1baf-4e3c-a17b-dd67079e9275
Celý název chybujícího balíčku:
ID chybující aplikace relativní vzhledem k balíčku:
Error: (09/23/2025 06:46:12 PM) (Source: Application Error) (EventID: 1000) (User: LAPTOP-16MPJ5UM)
Description: Název chybující aplikace: CCleaner64.exe, verze: 6.39.0.11548, časové razítko: 0x689df563
Název chybujícího modulu: CCleaner64.exe, verze: 6.39.0.11548, časové razítko: 0x689df563
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000001634223
ID chybujícího procesu: 0x3e4c
Čas spuštění chybující aplikace: 0x1dc2ca203ac15a8
Cesta k chybující aplikaci: C:\Program Files\CCleaner\CCleaner64.exe
Cesta k chybujícímu modulu: C:\Program Files\CCleaner\CCleaner64.exe
ID sestavy: ed126179-bbba-4a06-8e2d-9f9a60538723
Celý název chybujícího balíčku:
ID chybující aplikace relativní vzhledem k balíčku:
System errors:
=============
Error: (10/21/2025 03:02:08 PM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1801) (User: NT AUTHORITY)
Description: Secure Boot CA/keys need to be updated. This device signature information is included here.
DeviceAttributes: FirmwareManufacturer:Insyde Corp.;FirmwareVersion:V1.11;OEMModelNumber:Aspire A317-51G;OEMModelBaseBoard:Dopey_WC;OEMManufacturerName:Acer;OSArchitecture:amd64;
BucketId: 96d618e6109071dfd5aa2815aedf666b6fd5def2e7d6c9c30fb56a63f8079901
BucketConfidenceLevel:
UpdateType: 0
HResult: 0
Error: (10/21/2025 02:59:15 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba Aktualizace Google (gupdate) neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (10/21/2025 02:59:15 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Služba Aktualizace Google (gupdate) bylo dosaženo časového limitu (30000 ms).
Error: (10/21/2025 07:53:56 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80246007): Aktualizace pro Windows Security platform – KB5007651 (verze 10.0.29429.1000).
Error: (10/20/2025 09:35:43 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9NZKPSTSNW4P-Microsoft.XboxGamingOverlay.
Error: (10/20/2025 09:35:04 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80240016): 9N7V66BG7XT8-Microsoft.WindowsAppRuntime.1.7.
Error: (10/20/2025 09:32:47 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-16MPJ5UM)
Description: Server Windows.Media.Capture.Internal.AppCaptureShell se v daném časovém limitu neregistroval u služby DCOM.
Error: (10/20/2025 05:45:18 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x800f0991): 2025-10 Kumulativní aktualizace pro Windows 11, version 25H2 pro systémy typu x64 (KB5066835) (26200.6899).
CodeIntegrity:
===============
Date: 2025-10-21 16:00:27
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Windows signing level requirements.
Date: 2025-10-21 15:01:13
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\ESET\ESET Security\ekrn.exe) attempted to load \Device\HarddiskVolume3\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
BIOS: Insyde Corp. V1.11 06/23/2020
Motherboard: CML Dopey_WC
Processor: Intel(R) Core(TM) i5-10210U CPU @ 1.60GHz
Percentage of memory in use: 67%
Total physical RAM: 8023.05 MB
Available physical RAM: 2627.61 MB
Total Virtual: 11351.05 MB
Available Virtual: 6758.13 MB
==================== Drives ================================
Drive c: (Acer) (Fixed) (Total:475.62 GB) (Free:344.47 GB) (Model: KINGSTON RBUSNS8154P3512GJ1) NTFS
\\?\Volume{1d337b56-386d-4b6a-a91e-d8974bccd799}\ () (Fixed) (Total:1.2 GB) (Free:0.08 GB) NTFS
\\?\Volume{db5a1488-daed-4a1b-84f2-050c4b091f3e}\ (ESP) (Fixed) (Total:0.09 GB) (Free:0.04 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: 77C63C48)
Partition: GPT.
==================== End of Addition.txt =======================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-10-2025
Ran by Karel (21-10-2025 16:16:18)
Running from C:\Users\Karel\Desktop
Microsoft Windows 11 Home Version 25H2 26200.6901 (X64) (2025-05-01 12:32:07)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-851827749-1828096854-3146880355-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-851827749-1828096854-3146880355-503 - Limited - Disabled)
Guest (S-1-5-21-851827749-1828096854-3146880355-501 - Limited - Disabled)
Karel (S-1-5-21-851827749-1828096854-3146880355-1001 - Administrator - Enabled) => C:\Users\Karel
WDAGUtilityAccount (S-1-5-21-851827749-1828096854-3146880355-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: ESET Security (Enabled - Up to date) {DF8BEACB-94C9-218A-73AD-A78362A8C516}
AV: ESET Security (Enabled - Up to date) {89B55CC4-3881-78B2-11E2-479AE0371896}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Security (Enabled - Up to date) {26E0861C-6FB9-CEF9-E4F0-531986211ACE}
FW: ESET Firewall (Enabled) {E7B06BEE-DEA6-20D2-58F2-0EB69C7B826D}
FW: ESET Firewall (Enabled) {B18EDDE1-72EE-79EA-3ABD-EEAF1EE45FED}
FW: ESET Firewall (Enabled) {1EDB0739-25D6-CFA1-CFAF-FA2C78F25DB5}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
3-2-1 Eternity Backup (HKLM-x32\...\3-2-1 Eternity Backup) (Version: 1.0.0.44 - Nero AG)
7-Zip 25.01 (x64) (HKLM\...\7-Zip) (Version: 25.01 - Igor Pavlov)
ABBYY Screenshot Reader (HKLM-x32\...\{F9000000-0015-0000-0000-074957833700}) (Version: 9.010.194.5986 - ABBYY)
Acer Configuration Manager (HKLM-x32\...\{8CB1A03C-9849-4744-AD56-341A18F9E3E2}) (Version: 2.5.22250 - Acer)
Acer Jumpstart (HKLM-x32\...\{0C5ED25A-B8D1-4E71-BFCB-6B370A4EA19C}) (Version: 3.5.22220.20 - Acer)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1029-1033-7760-BC15014EA700}) (Version: 25.001.20756 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601120}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Canon Easy-PhotoPrint Editor (HKLM-x32\...\Canon Easy-PhotoPrint Editor) (Version: 1.6.1 - Canon Inc.)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.7.0.0 - Canon Inc.)
Canon IJ Network Scanner Selector EX2 (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX2) (Version: 2.0.10.2 - Canon Inc.)
Canon IJ Printer Assistant Tool (HKLM-x32\...\Canon IJ Printer Assistant Tool) (Version: 1.10.2.51 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.5.0.69 - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 6.4.0 - Canon Inc.)
Canon TS9500 series Elektronická příručka (HKLM-x32\...\Canon TS9500 series Elektronická příručka) (Version: 1.2.0 - Canon Inc.)
Canon TS9500 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_TS9500_series) (Version: 1.03 - Canon Inc.)
Care Center Service (HKLM\...\{AFB52E98-7597-4484-9202-58F0FD3512ED}) (Version: 4.00.3042 - Acer Incorporated)
CCleaner 7 (HKLM\...\CCleaner 7) (Version: 7.0.1010.1196 - Piriform)
CCleaner Update Helper (HKLM-x32\...\{E4EAC0E2-A80B-479F-BA45-DCDA595C9A93}) (Version: 1.8.1990.6 - Piriform Software) Hidden
DriverSetupUtility (HKLM\...\{2B51C83A-465D-4EA9-9CDC-1ED95ED09AC6}) (Version: 1.00.3026 - Acer Incorporated)
Dynamic Application Loader Host Interface Service (HKLM\...\{BB78A7A1-B716-49D2-81C4-5A3ABE32C7E2}) (Version: 1.0.0.0 - Intel Corporation) Hidden
ESET Security (HKLM\...\{3B47BDC5-99BF-4F5C-A303-1F0F9DBC74F6}) (Version: 18.2.18.0 - ESET, spol. s r.o.)
Google Earth Pro (HKLM\...\{8D42B7EA-0BF8-4E13-B646-652FE578F998}) (Version: 7.3.6.10441 - Google)
HiSuite (HKLM-x32\...\Hi Suite) (Version: 11.0.0.550 - Huawei Technologies Co., Ltd.)
Intel(R) Chipset Device Software (HKLM\...\{351A0D24-F6F1-4105-AA50-5D2CCC71E0DD}) (Version: 10.1.18019.8144 - Intel Corporation) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{4551f75f-3c54-4f09-8221-8c8a061bad00}) (Version: 10.1.18019.8144 - Intel(R) Corporation)
Intel(R) Icls (HKLM\...\{8A803181-323A-4876-887C-413A43B455CB}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) LMS (HKLM\...\{8B91A857-9616-48AB-8E1B-DAB7D510545A}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 2004.14.0.1447 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{3BB0BA84-70E4-48D2-8674-A6CB8BC7EDD6}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{A2004714-8E43-4063-97E7-0965262B3CCD}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel(R) Management Engine Driver (HKLM\...\{02A60659-049B-4E62-9E13-C52BF2A01AB4}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Kyodai Mahjongg (HKLM-x32\...\Kyodai Mahjongg_is1) (Version: - Rene-Gilles Deberdt)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 141.0.3537.92 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 141.0.3537.85 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2019 - cs-cz (HKLM\...\ProPlus2019Retail - cs-cz) (Version: 16.0.18925.20158 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-851827749-1828096854-3146880355-1001\...\OneDriveSetup.exe) (Version: 25.184.0921.0004 - Microsoft Corporation)
Microsoft Teams Meeting Add-in for Microsoft Office (HKLM\...\{A7AB73A3-CB10-4AA5-9D38-6AEFFBDE4C91}) (Version: 1.25.24601 - Microsoft)
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.44.35211 (HKLM-x32\...\{d8bbe9f9-7c5b-42c6-b715-9ee898a2e515}) (Version: 14.44.35211.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.44.35211 (HKLM-x32\...\{0b5169e3-39da-4313-808e-1f9c0407f3bf}) (Version: 14.44.35211.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.44.35211 (HKLM\...\{86AB2CC9-08BD-4643-B0F9-F82D006D72FF}) (Version: 14.44.35211 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.44.35211 (HKLM\...\{43B0D101-A022-48F4-9D04-BA404CEB1D53}) (Version: 14.44.35211 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.44.35211 (HKLM-x32\...\{C18FB403-1E88-43C8-AD8A-CED50F23DE8B}) (Version: 14.44.35211 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.44.35211 (HKLM-x32\...\{922480B5-CAEB-4B1B-AAA4-9716EFDCE26B}) (Version: 14.44.35211 - Microsoft Corporation) Hidden
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 143.0.4 (x64 cs)) (Version: 143.0.4 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 143.0.4 - Mozilla)
Mozilla Thunderbird (x64 cs) (HKLM\...\Mozilla Thunderbird 143.0.1 (x64 cs)) (Version: 143.0.1 - Mozilla)
Nero Info (HKLM-x32\...\Nero Info) (Version: 27.5.1.1 - Nero AG)
Nero Start (HKLM-x32\...\Nero Common) (Version: 27.5.54.0 - Nero AG)
NVIDIA GeForce Experience 3.20.3.63 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.3.63 - NVIDIA Corporation)
NVIDIA Graphics Driver 451.67 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 451.67 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.18925.20158 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.18925.20158 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.18925.20158 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
Opera Stable 122.0.5643.142 (HKU\S-1-5-21-851827749-1828096854-3146880355-1001\...\Opera 122.0.5643.142) (Version: 122.0.5643.142 - Opera Software)
PL-2303 USB-to-Serial (HKLM-x32\...\{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}) (Version: 1.9.0 - Prolific Technology INC)
Quick Access Service (HKLM\...\{AB25551C-74EF-4BAB-9989-891517FCF9FF}) (Version: 3.00.3038 - Acer Incorporated)
Realtek Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9000.1 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.35.510.2019 - Realtek)
Registrace tiskárny (HKLM-x32\...\Canon EISRegistration) (Version: 1.8.0 - Canon Inc.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Sticky Password (HKLM-x32\...\Sticky Password_is1) (Version: 8.9.4.2125 - Lamantine Software)
Update for x64-based Windows Systems (KB5001716) (HKLM\...\{DA80A019-4C3B-4DAA-ACA1-6937D7CAAF9E}) (Version: 8.94.0.0 - Microsoft Corporation)
User Experience Improvement Program Service (HKLM\...\{E9495FD3-F73D-4D33-A104-047F9E8BE6C7}) (Version: 4.00.3114 - Acer Incorporated)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.21 - VideoLAN)
WinRAR 6.10 beta 3 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.10.3 - win.rar GmbH)
Zoner Callisto 5 (HKLM-x32\...\{4F62B1AE-E778-49E2-9C57-C1C65A122098}) (Version: 5.0.5000.1 - ZONER software)
Zoner Studio CS (HKU\S-1-5-21-851827749-1828096854-3146880355-1001\...\ZPS X) (Version: 19.2503.2.639 - ZONER a.s.)
Packages:
=========
@{MicrosoftWindows.55182690.Taskbar_1000.26100.3775.0_x64__cw5n1h2txyewy?ms-resource://MicrosoftWindows.55182690.Taskbar/Resources/ProductPkgDisplayName} -> C:\Windows\SystemApps\SxS\MicrosoftWindows.55182690.Taskbar_cw5n1h2txyewy [2025-06-07] ()
@{MicrosoftWindows.55182690.Taskbar_1000.26100.3912.0_x64__cw5n1h2txyewy?ms-resource://MicrosoftWindows.55182690.Taskbar/Resources/ProductPkgDisplayName} -> C:\WINDOWS\SystemApps\SxS\MicrosoftWindows.55182690.Taskbar_cw5n1h2txyewy [2025-06-07] ()
@{MicrosoftWindows.58683691.InpApp_1000.26100.6725.0_x64__cw5n1h2txyewy?ms-resource://MicrosoftWindows.58683691.InpApp/Resources/ProductPkgDisplayName} -> C:\WINDOWS\SystemApps\SxS\MicrosoftWindows.58683691.InpApp_cw5n1h2txyewy [2025-10-21] (Microsoft Windows)
828B5831.JewelsofEgyptMatchGame -> C:\Program Files\WindowsApps\828B5831.JewelsofEgyptMatchGame_1.67.6701.0_x64__ytsefhwckbdv6 [2025-10-20] (G5 Entertainment AB)
828B5831.JewelsoftheWildWest -> C:\Program Files\WindowsApps\828B5831.JewelsoftheWildWest_1.66.6600.0_x64__ytsefhwckbdv6 [2025-10-09] (G5 Entertainment AB)
Acer Product Registration -> C:\Program Files\WindowsApps\AcerIncorporated.AcerRegistration_2.0.3044.0_x64__48frkmn4z8aw4 [2024-01-26] (Acer Incorporated)
Adobe Acrobat Reader -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Assets [2025-10-06] ()
Amazon Landscapes PREMIUM -> C:\Program Files\WindowsApps\Microsoft.AmazonLandscapesPREMIUM_1.0.0.0_neutral__8wekyb3d8bbwe [2025-05-21] (Microsoft Corporation)
AppUp.IntelGraphicsExperience -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.5688.0_x64__8j3eq9eme6ctt [2025-04-15] (INTEL CORP) [Startup Task]
Balíček prostředí funkcí systému Windows -> C:\WINDOWS\SystemApps\SxS\MicrosoftWindows.58683691.InpApp_cw5n1h2txyewy [2025-10-21] (Microsoft Windows)
Care Center S -> C:\Program Files\WindowsApps\AcerIncorporated.AcerCareCenterS_4.0.3042.0_x64__48frkmn4z8aw4 [2022-01-11] (Acer Incorporated)
Cribbage Deluxe -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.CribbageDeluxe_2.12.165.0_x64__kx24dqmazqk8j [2025-06-02] (Random Salad Games LLC)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-11-05] (Microsoft Corporation)
Doplněk pro Fotky -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-11-05] (Microsoft Corporation)
Dropbox promotion -> C:\Program Files\WindowsApps\C27EB4BA.DropboxOEM_23.4.34.0_x64__xbfy0k16fey96 [2025-06-20] (Dropbox Inc.)
ESET Context Menu -> C:\Program Files\ESET\ESET Security [2025-10-17] (Sparse Package)
GoTrust ID -> C:\Program Files\WindowsApps\GOTrustTechnologyInc.GO-TrustAuthenticator_3.1.21.0_x64__0r04f53sqacg6 [2025-04-17] (GoTrustID Inc.)
Hearts Deluxe -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.HeartsDeluxe_6.13.127.0_x64__kx24dqmazqk8j [2025-05-01] (Random Salad Games LLC)
Jewels Magic: Mystery Match3 -> C:\Program Files\WindowsApps\BitMango.JewelsMagicMysteryMatch3_25.618.0.0_x64__2b8nme4t3zjry [2025-09-14] (BitMango, inc.)
Messenger -> C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_2250.1.0.0_x64__8xx8rvfyw5nnt [2025-04-15] (Meta)
Microsoft Family -> C:\Program Files\WindowsApps\MicrosoftCorporationII.MicrosoftFamily_0.2.40.0_x64__8wekyb3d8bbwe [2025-05-01] (Microsoft Corp.)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.968.0_x64__56jybvy8sckqj [2025-06-13] (NVIDIA Corp.)
OfficePushNotificationsUtility -> C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16 [2025-07-17] ()
PhotoDirector for acer -> C:\Program Files\WindowsApps\CyberLinkCorp.ac.PhotoDirectorforacerDesktop_8.0.6428.0_x64__ypz87dpxkv292 [2020-12-16] (CYBERLINK COM CORP)
PowerDirector for acer -> C:\Program Files\WindowsApps\CyberLinkCorp.ac.PowerDirectorforacerDesktop_14.0.4304.0_x64__ypz87dpxkv292 [2020-12-16] (CYBERLINK COM CORP)
QuickAccess -> C:\Program Files\WindowsApps\AcerIncorporated.QuickAccess_3.0.3038.0_x64__48frkmn4z8aw4 [2022-02-11] (Acer Incorporated)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.14.226.0_x64__dt26b99r8h8gj [2020-12-16] (Realtek Semiconductor Corp)
Simple Mahjong -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.SimpleMahjong_6.5.44.0_x64__kx24dqmazqk8j [2025-08-19] (Random Salad Games LLC)
Simple Solitaire -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.SimpleSolitaire_7.5.27.0_x64__kx24dqmazqk8j [2025-07-29] (Random Salad Games LLC)
Simple Spider Solitaire -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.SimpleSpiderSolitaire_3.8.45.0_x64__kx24dqmazqk8j [2025-05-01] (Random Salad Games LLC)
SpotifyAB.SpotifyMusic -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.274.477.0_x64__zpdnekdrzrea0 [2025-10-08] (Spotify AB) [Startup Task]
User Experience Improvement Program -> C:\Program Files\WindowsApps\AcerIncorporated.UserExperienceImprovementProgram_4.0.3114.0_x64__48frkmn4z8aw4 [2020-12-16] (Acer Incorporated)
Wild West -> C:\Program Files\WindowsApps\39631WildWest.WildWest_3.2.0.0_x64__qyjzfs50ssadr [2024-03-31] (Wild West)
Wild West: New Frontier -> C:\Program Files\WindowsApps\SocialQuantumIreland.WildWestNewFrontier_50.0.35604.0_x86__qkh4jy2njbgaw [2025-10-07] (Social Quantum Limited)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-851827749-1828096854-3146880355-1001_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-851827749-1828096854-3146880355-1001_Classes\CLSID\{47E6DCAF-41F8-441C-BD0E-A50D5FE6C4D1}\localserver32 -> C:\Users\Karel\AppData\Local\Microsoft\OneDrive\25.184.0921.0004\OneDrive.Sync.Service.exe (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-851827749-1828096854-3146880355-1001_Classes\CLSID\{5733c3e6-5a1f-4212-a0b4-55ee61168b22}\InprocServer32 -> C:\Program Files\Mozilla Thunderbird\notificationserver.dll (Mozilla Corporation -> Mozilla Foundation)
CustomCLSID: HKU\S-1-5-21-851827749-1828096854-3146880355-1001_Classes\CLSID\{917E8742-AA3B-7318-FA12-10485FB322A2}\localserver32 -> C:\Users\Karel\AppData\Local\Microsoft\OneDrive\25.184.0921.0004\OneDrive.Sync.Service.exe (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-851827749-1828096854-3146880355-1001_Classes\CLSID\{BB754DA5-E202-4EAC-B7C7-DE4DB1D96E28}\InprocServer32 -> C:\Program Files\Mozilla Thunderbird\notificationserver.dll (Mozilla Corporation -> Mozilla Foundation)
CustomCLSID: HKU\S-1-5-21-851827749-1828096854-3146880355-1001_Classes\CLSID\{DF1F7848-595D-4570-8E7C-35F77861C552}\InprocServer32 -> C:\Users\Karel\AppData\Local\Programs\Zoner\ZPS X\binary\Program64\ZpsThumbnailHandler.dll (ZONER a.s. -> )
CustomCLSID: HKU\S-1-5-21-851827749-1828096854-3146880355-1001_Classes\CLSID\{EABAE40C-B27C-455A-B672-F234DD780948}\InprocServer32 -> C:\Users\Karel\AppData\Local\Microsoft\TeamsMeetingAdd-in\1.25.24601\x64\Microsoft.Teams.MeetingAddin.DLL (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2025-08-03] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2025-09-29] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2025-09-10] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2022-01-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2022-01-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2025-09-10] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2025-08-03] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvaci.inf_amd64_6fdef84a09009897\nvshext.dll [2025-09-06] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2025-08-03] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2025-09-10] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2022-01-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2022-01-01] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [MidisrvTransferComplete] => 0
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2025-08-15 02:15 - 2025-08-15 02:15 - 000030720 _____ (Adobe Systems Inc.) [File not signed] C:\Program Files\Adobe\Acrobat DC\Acrobat\locale\cs_cz\Acrobat Elements\ContextMenuShim64.cze
2022-12-07 10:41 - 2025-08-03 08:00 - 000101888 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2008-04-11 11:54 - 2008-04-11 11:54 - 000348160 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\ABBYY Screenshot Reader\MSVCR71.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) =============
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2025-07-17] (Microsoft Corporation -> Microsoft Corporation)
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2025-07-17] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2025-07-17] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2025-07-17] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2025-07-17] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2025-07-17] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-12-07 11:14 - 2023-11-14 12:23 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
2021-03-26 17:20 - 2022-08-14 13:43 - 000000446 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
==================== Network ===========================
(Currently there is no automatic fix for this section.)
DNS Servers: 192.168.0.1
Windows Firewall is enabled.
Network Binding:
=============
Wi-Fi: Qualcomm Atheros QCA9377 Wireless Network Adapter -> Qcamain10x64.sys
Ethernet: Realtek PCIe GbE Family Controller -> rt68cx21x64.sys
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-851827749-1828096854-3146880355-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Karel\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
HKLM\SOFTWARE\Microsoft\Windows Defender\Features => (TamperProtection: 1) (TamperProtectionSource: 5)
HKLM\SOFTWARE\Microsoft\Windows Defender\Real-Time Protection => (DpaDisabled: 0)
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "RtkAudUService"
HKLM\...\StartupApproved\Run32: => "ABBYY Screenshot Reader Retail"
HKLM\...\StartupApproved\Run32: => "IJNetworkScannerSelectorEX2"
HKLM\...\StartupApproved\Run32: => "Nero BackItUp"
HKU\S-1-5-21-851827749-1828096854-3146880355-1001\...\StartupApproved\Run: => "OneDriveSetup"
HKU\S-1-5-21-851827749-1828096854-3146880355-1001\...\StartupApproved\Run: => "Opera Stable"
HKU\S-1-5-21-851827749-1828096854-3146880355-1001\...\StartupApproved\Run: => "Adobe Reader Synchronizer"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{B8CC24B6-58BF-454F-B812-30E6A62BEAB3}] => (Allow) C:\Program Files (x86)\Nero\Nero Common\Nero Launcher\NeroLauncher.exe (Nero AG -> Nero AG)
FirewallRules: [{C904C279-92FC-46A8-8898-DA2043F2F20A}] => (Allow) C:\Program Files (x86)\Nero\Nero 2022\3-2-1 Backup\NBService.exe (Nero AG -> Nero AG)
FirewallRules: [{BE9A92F4-360F-4A25-B070-47BD4DCFF2CC}] => (Allow) C:\Program Files (x86)\Nero\Nero 2022\3-2-1 Backup\BackItUp.exe (Nero AG -> Nero AG)
FirewallRules: [{178CB5BD-5EDB-4D54-BADF-AF5E26B7B6EC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age2HD\Launcher.exe (TODO: <Company name>) [File not signed]
FirewallRules: [{696084F0-C442-4EA0-BA9E-6157D27783ED}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age2HD\Launcher.exe (TODO: <Company name>) [File not signed]
FirewallRules: [{B7818D8C-2FCD-4145-980E-0C7570B302C6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age of Mythology\AoMX.exe (Microsoft Corp) [File not signed]
FirewallRules: [{72CC2D7A-064B-4ADC-A077-DC704CFE4BAA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age of Mythology\AoMX.exe (Microsoft Corp) [File not signed]
FirewallRules: [{5F1E0BCB-7368-43BD-9459-0B7307A5C664}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age of Mythology\Launcher.exe (TODO: <Company name>) [File not signed]
FirewallRules: [{41DC18EB-99F2-4070-AF13-E32E58B2DF03}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age of Mythology\Launcher.exe (TODO: <Company name>) [File not signed]
FirewallRules: [{DCA9BD71-CF83-42B8-B88A-EF906FA02BFF}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{1CAC4D4A-AED7-4A0E-B19C-4CE69A8DB93D}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{90D3B457-E11C-4394-A5CA-CC708E9CF31E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{EFA5D375-1958-486F-B921-B23266FE3A31}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{A224C448-3B93-4200-9B13-507E245E38CC}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{CF007677-E857-43E5-A9A5-1FE2BE5333ED}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{2CDE2EE7-FF89-4ACB-88D3-514B574CD2F8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{6A493841-AD60-4D1A-8840-B760B772B66E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{217A8E60-64DA-40F6-AD64-C0F0DB7FC0A7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1B4DE359-E4F9-4B0D-86C8-15E384CF21EF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{B9D27620-FAF3-4BE5-A2D5-BF0DCF5F5891}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{7607319E-1F74-48DD-AAF1-BD86AC8B3CB0}] => (Allow) C:\Program Files (x86)\Sticky Password\stpass.exe (Lamantine Software a.s. -> Lamantine Software a.s.)
FirewallRules: [{21CE6BE2-C329-410E-8B89-E540BFE18FD2}] => (Allow) C:\Program Files (x86)\Sticky Password\stpass.exe (Lamantine Software a.s. -> Lamantine Software a.s.)
FirewallRules: [{97DD67E6-09B9-4AAE-9C9E-5C4BBC985C66}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{7CBFDED6-C584-4E4D-95D9-E2ED3883D156}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{FCFFC358-AD79-4342-B5BC-0382F20C77BE}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{04A2180A-38E0-4A20-A5C4-61265E88D318}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A700E34E-8A60-43D3-AB69-A9B7DA5E4C31}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6C7E7B96-2066-4B89-A740-BE3130FAAF41}] => (Allow) C:\Program Files\WindowsApps\MSTeams_25255.703.3978.7153_x64__8wekyb3d8bbwe\ms-teams_modulehost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{933426B8-6B8D-4768-98B9-09E47247F397}] => (Allow) C:\Program Files\WindowsApps\MSTeams_25255.703.3978.7153_x64__8wekyb3d8bbwe\ms-teams_modulehost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5F69C48C-31AC-4880-819A-6D7DCC160B01}] => (Allow) C:\Program Files\WindowsApps\MSTeams_25255.703.3978.7153_x64__8wekyb3d8bbwe\ms-teams_modulehost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A8CD96CE-F6E6-4BA8-A3D6-BBF3C74DDE19}] => (Allow) C:\Program Files\WindowsApps\MSTeams_25255.703.3978.7153_x64__8wekyb3d8bbwe\ms-teams_modulehost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{539B8A7C-A27B-4720-824D-90567B6ABCEF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.274.477.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{95CF2C31-6712-4C07-A7AE-E33CB5260B86}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.274.477.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{E8B576DE-FD3D-490C-80D0-A75495162C8D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.274.477.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{6B6CE0BA-9791-44F4-A678-EED4D5AECB7F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.274.477.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{E6B622C9-5D5E-4164-9503-2F3168D7B2B5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.274.477.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{CA06EB58-83EA-442D-97BD-470F6CD5EA4A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.274.477.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{51AE20B2-DCCA-44D8-89FF-FBCABF7A236A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.274.477.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{C4C57281-0970-4F3B-80E4-6D28C8E04AAA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.274.477.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{A2E3A588-F65B-4980-80D1-A2D6B3883CCE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.274.477.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{F7DB3A2F-91CA-48D4-9DA1-CED2B238D1C0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.274.477.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{89201FCA-843B-4A7F-9470-3996BEAD8F03}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.274.477.0_x64__zpdnekdrzrea0\SpotifyLauncher.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{CE38A6FB-9650-4B93-A8D6-E540A51C225A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.274.477.0_x64__zpdnekdrzrea0\SpotifyLauncher.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{90329EF7-6495-4557-B395-05C24B1F033E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.274.477.0_x64__zpdnekdrzrea0\SpotifyLauncher.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{8392AA9D-6AAA-49B7-B2E0-987241094C8D}] => (Allow) C:\Users\Karel\AppData\Local\Programs\Opera\opera.exe (Opera Norway AS -> Opera Software)
==================== Restore Points =========================
19-10-2025 12:56:32 Windows Update
==================== Faulty Device Manager Devices ============
Name: VGA WebCam
Description: Zobrazovací zařízení USB
Class Guid: {ca3e7ab9-b4c3-4ae6-8251-579ef933890f}
Manufacturer: Microsoft
Service: usbvideo
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: ========================
Application errors:
==================
Error: (10/21/2025 02:58:14 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1552) (User: NT AUTHORITY)
Description: Uživatelský podregistr načetl jiný proces (zámek registru). Název procesu: C:\Program Files\Piriform\CCleaner 7\CCleaner_service.exe, identifikátor PID: 3704, identifikátor PID ProfSvc: 2544.
Error: (10/18/2025 03:47:54 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1005) (User: NT AUTHORITY)
Description: Pokus o vyhledání procedury Open OpenLsaPerformanceData v knihovně DLL C:\Windows\System32\Secur32.dll pro službu Lsa selhal s kódem chyby Win32 127. Data o výkonu pro tuto službu nebudou k dispozici.
Error: (10/06/2025 05:36:06 PM) (Source: Application Error) (EventID: 1000) (User: NT AUTHORITY)
Description: Název chybující aplikace: NVDisplay.Container.exe, verze: 1.39.3323.1171, časové razítko: 0x64e85748
Název chybujícího modulu: NVDisplay.Container.exe, verze: 1.39.3323.1171, časové razítko: 0x64e85748
Kód výjimky: 0xc0000409
Posun chyby: 0x00000000000932e5
ID chybujícího procesu: 0x1e10
Čas spuštění chybující aplikace: 0x1dc36d6d994ec70
Cesta k chybující aplikaci: C:\WINDOWS\System32\DriverStore\FileRepository\nvaci.inf_amd64_6fdef84a09009897\Display.NvContainer\NVDisplay.Container.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\DriverStore\FileRepository\nvaci.inf_amd64_6fdef84a09009897\Display.NvContainer\NVDisplay.Container.exe
ID sestavy: 14391f8a-7797-4fe6-809a-a319e8ed5ae9
Celý název chybujícího balíčku:
ID chybující aplikace relativní vzhledem k balíčku:
Error: (10/06/2025 05:12:15 PM) (Source: Firefox Default Browser Agent) (EventID: 1332) (User: )
Description: Event-ID 1332
Error: (09/24/2025 05:52:53 PM) (Source: Application Error) (EventID: 1000) (User: LAPTOP-16MPJ5UM)
Description: Název chybující aplikace: CCleaner64.exe, verze: 6.39.0.11548, časové razítko: 0x689df563
Název chybujícího modulu: CCleaner64.exe, verze: 6.39.0.11548, časové razítko: 0x689df563
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000007c2ef3
ID chybujícího procesu: 0x27c4
Čas spuštění chybující aplikace: 0x1dc2d6aa3bbc91d
Cesta k chybující aplikaci: C:\Program Files\CCleaner\CCleaner64.exe
Cesta k chybujícímu modulu: C:\Program Files\CCleaner\CCleaner64.exe
ID sestavy: a6a74e90-42f3-46f4-8240-7a51b433f5ce
Celý název chybujícího balíčku:
ID chybující aplikace relativní vzhledem k balíčku:
Error: (09/24/2025 05:52:51 PM) (Source: Application Error) (EventID: 1000) (User: LAPTOP-16MPJ5UM)
Description: Název chybující aplikace: CCleaner64.exe, verze: 6.39.0.11548, časové razítko: 0x689df563
Název chybujícího modulu: CCleaner64.exe, verze: 6.39.0.11548, časové razítko: 0x689df563
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000001634223
ID chybujícího procesu: 0x27c4
Čas spuštění chybující aplikace: 0x1dc2d6aa3bbc91d
Cesta k chybující aplikaci: C:\Program Files\CCleaner\CCleaner64.exe
Cesta k chybujícímu modulu: C:\Program Files\CCleaner\CCleaner64.exe
ID sestavy: 0ccd26a9-7127-44c8-8baa-d2569a3beb94
Celý název chybujícího balíčku:
ID chybující aplikace relativní vzhledem k balíčku:
Error: (09/23/2025 06:46:15 PM) (Source: Application Error) (EventID: 1000) (User: LAPTOP-16MPJ5UM)
Description: Název chybující aplikace: CCleaner64.exe, verze: 6.39.0.11548, časové razítko: 0x689df563
Název chybujícího modulu: CCleaner64.exe, verze: 6.39.0.11548, časové razítko: 0x689df563
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000007c2ef3
ID chybujícího procesu: 0x3e4c
Čas spuštění chybující aplikace: 0x1dc2ca203ac15a8
Cesta k chybující aplikaci: C:\Program Files\CCleaner\CCleaner64.exe
Cesta k chybujícímu modulu: C:\Program Files\CCleaner\CCleaner64.exe
ID sestavy: c6430645-1baf-4e3c-a17b-dd67079e9275
Celý název chybujícího balíčku:
ID chybující aplikace relativní vzhledem k balíčku:
Error: (09/23/2025 06:46:12 PM) (Source: Application Error) (EventID: 1000) (User: LAPTOP-16MPJ5UM)
Description: Název chybující aplikace: CCleaner64.exe, verze: 6.39.0.11548, časové razítko: 0x689df563
Název chybujícího modulu: CCleaner64.exe, verze: 6.39.0.11548, časové razítko: 0x689df563
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000001634223
ID chybujícího procesu: 0x3e4c
Čas spuštění chybující aplikace: 0x1dc2ca203ac15a8
Cesta k chybující aplikaci: C:\Program Files\CCleaner\CCleaner64.exe
Cesta k chybujícímu modulu: C:\Program Files\CCleaner\CCleaner64.exe
ID sestavy: ed126179-bbba-4a06-8e2d-9f9a60538723
Celý název chybujícího balíčku:
ID chybující aplikace relativní vzhledem k balíčku:
System errors:
=============
Error: (10/21/2025 03:02:08 PM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1801) (User: NT AUTHORITY)
Description: Secure Boot CA/keys need to be updated. This device signature information is included here.
DeviceAttributes: FirmwareManufacturer:Insyde Corp.;FirmwareVersion:V1.11;OEMModelNumber:Aspire A317-51G;OEMModelBaseBoard:Dopey_WC;OEMManufacturerName:Acer;OSArchitecture:amd64;
BucketId: 96d618e6109071dfd5aa2815aedf666b6fd5def2e7d6c9c30fb56a63f8079901
BucketConfidenceLevel:
UpdateType: 0
HResult: 0
Error: (10/21/2025 02:59:15 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba Aktualizace Google (gupdate) neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (10/21/2025 02:59:15 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Služba Aktualizace Google (gupdate) bylo dosaženo časového limitu (30000 ms).
Error: (10/21/2025 07:53:56 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80246007): Aktualizace pro Windows Security platform – KB5007651 (verze 10.0.29429.1000).
Error: (10/20/2025 09:35:43 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9NZKPSTSNW4P-Microsoft.XboxGamingOverlay.
Error: (10/20/2025 09:35:04 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80240016): 9N7V66BG7XT8-Microsoft.WindowsAppRuntime.1.7.
Error: (10/20/2025 09:32:47 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-16MPJ5UM)
Description: Server Windows.Media.Capture.Internal.AppCaptureShell se v daném časovém limitu neregistroval u služby DCOM.
Error: (10/20/2025 05:45:18 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x800f0991): 2025-10 Kumulativní aktualizace pro Windows 11, version 25H2 pro systémy typu x64 (KB5066835) (26200.6899).
CodeIntegrity:
===============
Date: 2025-10-21 16:00:27
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Windows signing level requirements.
Date: 2025-10-21 15:01:13
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\ESET\ESET Security\ekrn.exe) attempted to load \Device\HarddiskVolume3\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
BIOS: Insyde Corp. V1.11 06/23/2020
Motherboard: CML Dopey_WC
Processor: Intel(R) Core(TM) i5-10210U CPU @ 1.60GHz
Percentage of memory in use: 67%
Total physical RAM: 8023.05 MB
Available physical RAM: 2627.61 MB
Total Virtual: 11351.05 MB
Available Virtual: 6758.13 MB
==================== Drives ================================
Drive c: (Acer) (Fixed) (Total:475.62 GB) (Free:344.47 GB) (Model: KINGSTON RBUSNS8154P3512GJ1) NTFS
\\?\Volume{1d337b56-386d-4b6a-a91e-d8974bccd799}\ () (Fixed) (Total:1.2 GB) (Free:0.08 GB) NTFS
\\?\Volume{db5a1488-daed-4a1b-84f2-050c4b091f3e}\ (ESP) (Fixed) (Total:0.09 GB) (Free:0.04 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: 77C63C48)
Partition: GPT.
==================== End of Addition.txt =======================
-
Rudy
- Site Admin
- Příspěvky: 119582
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu
Zajímavé, že se to většinou nestává. Budu problém řešit zde, ty ostatní mažu.
Otevřte poznámkový blok a zkopírujte do něj:
Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
CloseProcesses:
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-851827749-1828096854-3146880355-1001\...\Run: [ABBYY Screenshot Reader Retail] => [X]
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
Task: {B71926BC-213C-44A8-94DA-6D44A373FDCD} - System32\Tasks\Microsoft\Windows\Clip\ClipESU => %SystemRoot%\system32\clipesu.exe (No File)
Task: {E88D9B2C-DDEA-47B2-9582-085153004DB5} - System32\Tasks\Microsoft\Windows\Location\Notifications => %windir%\System32\LocationNotificationWindows.exe (No File)
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => %SystemRoot%\System32\MbaeParserTask.exe (No File)
Task: {72B8C428-F7A8-496C-99FE-550000B681D7} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => %systemroot%\system32\MusNotification.exe /RunOnAC RebootDialog (No File)
Task: {D83EBCAC-2D46-4D26-8302-86FE08B9FD36} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => %systemroot%\system32\MusNotification.exe /RunOnBattery RebootDialog (No File)
Task: {F3E6E7ED-A196-4E44-8803-55FAB3AD4E29} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
C:\WINDOWS\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2
EmptyTemp:
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu logu
Fix result of Farbar Recovery Scan Tool (x64) Version: 21-10-2025
Ran by Karel (22-10-2025 13:25:28) Run:1
Running from C:\Users\Karel\Desktop
Loaded Profiles: Karel
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-851827749-1828096854-3146880355-1001\...\Run: [ABBYY Screenshot Reader Retail] => [X]
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
Task: {B71926BC-213C-44A8-94DA-6D44A373FDCD} - System32\Tasks\Microsoft\Windows\Clip\ClipESU => %SystemRoot%\system32\clipesu.exe (No File)
Task: {E88D9B2C-DDEA-47B2-9582-085153004DB5} - System32\Tasks\Microsoft\Windows\Location\Notifications => %windir%\System32\LocationNotificationWindows.exe (No File)
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => %SystemRoot%\System32\MbaeParserTask.exe (No File)
Task: {72B8C428-F7A8-496C-99FE-550000B681D7} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => %systemroot%\system32\MusNotification.exe /RunOnAC RebootDialog (No File)
Task: {D83EBCAC-2D46-4D26-8302-86FE08B9FD36} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => %systemroot%\system32\MusNotification.exe /RunOnBattery RebootDialog (No File)
Task: {F3E6E7ED-A196-4E44-8803-55FAB3AD4E29} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
C:\WINDOWS\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2
EmptyTemp:
End
*****************
Processes closed successfully.
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiSpyware"="0" => value restored successfully
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiVirus"="0" => value restored successfully
"HKU\S-1-5-21-851827749-1828096854-3146880355-1001\Software\Microsoft\Windows\CurrentVersion\Run\\ABBYY Screenshot Reader Retail" => removed successfully
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers\{C885AA15-1764-4293-B82A-0586ADD46B35} => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B71926BC-213C-44A8-94DA-6D44A373FDCD}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B71926BC-213C-44A8-94DA-6D44A373FDCD}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Clip\ClipESU => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Clip\ClipESU" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E88D9B2C-DDEA-47B2-9582-085153004DB5}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E88D9B2C-DDEA-47B2-9582-085153004DB5}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Location\Notifications => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Location\Notifications" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CCDFC0B8-01A3-4E74-A820-4F13F51D269E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CCDFC0B8-01A3-4E74-A820-4F13F51D269E}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{72B8C428-F7A8-496C-99FE-550000B681D7}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{72B8C428-F7A8-496C-99FE-550000B681D7}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\Reboot_AC" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D83EBCAC-2D46-4D26-8302-86FE08B9FD36}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D83EBCAC-2D46-4D26-8302-86FE08B9FD36}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F3E6E7ED-A196-4E44-8803-55FAB3AD4E29}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F3E6E7ED-A196-4E44-8803-55FAB3AD4E29}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker" => removed successfully
Could not move "C:\WINDOWS\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2" => Scheduled to move on reboot.
=========== EmptyTemp: ==========
FlushDNS => completed
BITS transfer queue => 1572864 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 167774916 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 593517788 B
Windows/system/drivers => 7355276 B
Edge => 0 B
Firefox => 234252 B
Opera => 10882138 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 64 B
systemprofile32 => 64 B
LocalService => 11516 B
NetworkService => 11516 B
Karel => 197669339 B
RecycleBin => 180663 B
EmptyTemp: => 933.8 MB temporary data Removed.
================================
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 22-10-2025 13:27:32)
C:\WINDOWS\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2 => Could not move
==== End of Fixlog 13:27:32 ====
Ran by Karel (22-10-2025 13:25:28) Run:1
Running from C:\Users\Karel\Desktop
Loaded Profiles: Karel
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-851827749-1828096854-3146880355-1001\...\Run: [ABBYY Screenshot Reader Retail] => [X]
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
Task: {B71926BC-213C-44A8-94DA-6D44A373FDCD} - System32\Tasks\Microsoft\Windows\Clip\ClipESU => %SystemRoot%\system32\clipesu.exe (No File)
Task: {E88D9B2C-DDEA-47B2-9582-085153004DB5} - System32\Tasks\Microsoft\Windows\Location\Notifications => %windir%\System32\LocationNotificationWindows.exe (No File)
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => %SystemRoot%\System32\MbaeParserTask.exe (No File)
Task: {72B8C428-F7A8-496C-99FE-550000B681D7} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => %systemroot%\system32\MusNotification.exe /RunOnAC RebootDialog (No File)
Task: {D83EBCAC-2D46-4D26-8302-86FE08B9FD36} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => %systemroot%\system32\MusNotification.exe /RunOnBattery RebootDialog (No File)
Task: {F3E6E7ED-A196-4E44-8803-55FAB3AD4E29} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
C:\WINDOWS\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2
EmptyTemp:
End
*****************
Processes closed successfully.
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiSpyware"="0" => value restored successfully
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiVirus"="0" => value restored successfully
"HKU\S-1-5-21-851827749-1828096854-3146880355-1001\Software\Microsoft\Windows\CurrentVersion\Run\\ABBYY Screenshot Reader Retail" => removed successfully
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers\{C885AA15-1764-4293-B82A-0586ADD46B35} => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B71926BC-213C-44A8-94DA-6D44A373FDCD}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B71926BC-213C-44A8-94DA-6D44A373FDCD}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Clip\ClipESU => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Clip\ClipESU" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E88D9B2C-DDEA-47B2-9582-085153004DB5}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E88D9B2C-DDEA-47B2-9582-085153004DB5}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Location\Notifications => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Location\Notifications" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CCDFC0B8-01A3-4E74-A820-4F13F51D269E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CCDFC0B8-01A3-4E74-A820-4F13F51D269E}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{72B8C428-F7A8-496C-99FE-550000B681D7}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{72B8C428-F7A8-496C-99FE-550000B681D7}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\Reboot_AC" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D83EBCAC-2D46-4D26-8302-86FE08B9FD36}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D83EBCAC-2D46-4D26-8302-86FE08B9FD36}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F3E6E7ED-A196-4E44-8803-55FAB3AD4E29}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F3E6E7ED-A196-4E44-8803-55FAB3AD4E29}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker" => removed successfully
Could not move "C:\WINDOWS\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2" => Scheduled to move on reboot.
=========== EmptyTemp: ==========
FlushDNS => completed
BITS transfer queue => 1572864 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 167774916 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 593517788 B
Windows/system/drivers => 7355276 B
Edge => 0 B
Firefox => 234252 B
Opera => 10882138 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 64 B
systemprofile32 => 64 B
LocalService => 11516 B
NetworkService => 11516 B
Karel => 197669339 B
RecycleBin => 180663 B
EmptyTemp: => 933.8 MB temporary data Removed.
================================
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 22-10-2025 13:27:32)
C:\WINDOWS\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2 => Could not move
==== End of Fixlog 13:27:32 ====
-
Rudy
- Site Admin
- Příspěvky: 119582
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu
Smazáno. Log již vypadá OK.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu logu
Děkuji za kontrolu.
-
Rudy
- Site Admin
- Příspěvky: 119582
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu
Rádo se stalo! 
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?