Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Google varuje prolomením hesla

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
Kema
Návštěvník
Návštěvník
Příspěvky: 152
Registrován: 08 led 2005 18:15
Bydliště: Bohosudov
Kontaktovat uživatele:

Google varuje prolomením hesla

#1 Příspěvek od Kema »

Ahoj.

Google mně dnes varoval že asi došlo k prolomení hesla, odhlásil mně z účtu a pak jsem musel projít procedůrou autorizace.
Radí mi změnit hesla a také říká že mám v PC nějaký Windows malware.
Já hlavně změnil preventivně hesla u bankovního účtu a Google.
V těch různých hlášení bylo i Konzoliste.cz kde jsem včera a předevčírem nakupoval hry na PS4 a PS5.
Pak jsem vyplňoval nějakou jejich anketu.
Také jsem dostal varování ohledně hesla na PayPal.
Včera jsem instaloval na mobil jejich aplikaci.
Prosím tedy o kontrolu systému.
Snad to nebude vážné.
Děkuji předem.

-------------------------------------------
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 26-11-2022
Ran by Milan (administrator) on PC-MILAN (Gigabyte Technology Co., Ltd. H81M-S2PV) (01-12-2022 19:38:19)
Running from D:\stažené soubory
Loaded Profiles: Milan
Platform: Microsoft Windows 10 Pro Version 22H2 19045.2251 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MpCopyAccelerator.exe
(explorer.exe ->) (Google LLC -> ) C:\Program Files\Google\Drive File Stream\67.0.2.0\crashpad_handler.exe <2>
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <13>
(explorer.exe ->) (Google LLC -> Google, Inc.) C:\Program Files\Google\Drive File Stream\67.0.2.0\GoogleDriveFS.exe <7>
(explorer.exe ->) (Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe <6>
(Nvidia Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(services.exe ->) (Huawei Technologies Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\NisSrv.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_ee20464bb4ac57f4\Display.NvContainer\NVDisplay.Container.exe <2>
(svchost.exe ->) () [File not signed] C:\Users\mzeme\AppData\Roaming\InqfbrzNJH\svcupdater.Vvexe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore: [DisableConfig] Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore: [DisableSR] Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\67.0.2.0\GoogleDriveFS.exe [53350168 2022-11-29] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\67.0.2.0\GoogleDriveFS.exe [53350168 2022-11-29] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-2694576939-4152107225-3971293488-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2626480 2022-11-17] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2694576939-4152107225-3971293488-1001\...\Run: [Steam] => D:\steam\steam.exe [4234600 2022-08-20] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-2694576939-4152107225-3971293488-1001\...\Run: [com.squirrel.WhatsApp.WhatsApp] => C:\Users\mzeme\AppData\Local\WhatsApp\Update.exe [2254048 2022-11-28] (WhatsApp LLC -> )
HKU\S-1-5-21-2694576939-4152107225-3971293488-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [38650192 2022-11-09] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-2694576939-4152107225-3971293488-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [123150720 2022-11-22] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-2694576939-4152107225-3971293488-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\67.0.2.0\GoogleDriveFS.exe [53350168 2022-11-29] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-2694576939-4152107225-3971293488-1001\...\Run: [Zoner Photo Studio Autoupdate] => D:\Photo Studio 17\Program32\ZPSTRAY.EXE [437248 2014-10-03] (ZONER software, a.s. -> ZONER software)
HKU\S-1-5-21-2694576939-4152107225-3971293488-1001\...\MountPoints2: {f5015da2-3fc4-11ed-b4e2-fcaa141acbfa} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2694576939-4152107225-3971293488-1001\...\MountPoints2: {f5015e38-3fc4-11ed-b4e2-fcaa141acbfa} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\67.0.2.0\GoogleDriveFS.exe [53350168 2022-11-29] (Google LLC -> Google, Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\107.0.5304.122\Installer\chrmstp.exe [2022-11-30] (Google LLC -> Google LLC)
Startup: C:\Users\mzeme\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CrystalDiskInfo8.lnk [2022-11-18]
ShortcutTarget: CrystalDiskInfo8.lnk -> C:\Users\mzeme\AppData\Roaming\crystaldiskinfo\diskinfo8.scr (No File)
Startup: C:\Users\mzeme\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OBS.lnk [2022-11-18]
ShortcutTarget: OBS.lnk -> C:\Users\mzeme\AppData\Roaming\obs-studio\bin\64bit\obs64.scr (No File)
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {026CAB9F-5A8C-4565-8D4F-FBC6485B19B6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MpCmdRun.exe [1567360 2022-11-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {07792A0A-3D92-4152-BF67-2DB7A88F5CC6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-01-18] (Google LLC -> Google LLC)
Task: {0C69C76B-48E6-4E5A-A5F1-85232E888B36} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-01-18] (Google LLC -> Google LLC)
Task: {118679C6-81D3-4A5B-8CC7-A8D08C83ED81} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655864 2022-10-13] (Nvidia Corporation -> NVIDIA Corporation)
Task: {2E8665B0-8ED3-4CFC-B858-24CDBEFA4B49} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MpCmdRun.exe [1567360 2022-11-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4C9E07FE-EB20-4F9F-9E0F-F723ACC9E4FB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MpCmdRun.exe [1567360 2022-11-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5127961C-ADA8-497A-966E-776BFB4FD31A} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655864 2022-10-13] (Nvidia Corporation -> NVIDIA Corporation)
Task: {514725BE-1D68-4049-AF68-C7C8E9738C89} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655864 2022-10-13] (Nvidia Corporation -> NVIDIA Corporation)
Task: {635AABD7-B5F9-4CAF-8E89-A96E994B9644} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1003128 2022-08-30] (Nvidia Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {745A7B3D-AAFD-4CC3-BE13-1930E663A4F9} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4189072 2022-11-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {85CE3A64-9E44-426A-BCDE-71D205371EBF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MpCmdRun.exe [1567360 2022-11-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {9F9D33A9-F952-4264-AFFC-5AE5B5C6B0F1} - System32\Tasks\ar => wscript.exe "%appdata%\obs-studio\bin\64bit\.vbs" "%appdata%\obs-studio\bin\64bit\.cmd"
Task: {AAEB9A16-069E-4E36-9E53-D374B9F77D04} - System32\Tasks\CCleanerSkipUAC - Milan => C:\Program Files\CCleaner\CCleaner.exe [32325456 2022-11-09] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {B5955DEF-17CC-491B-8CCC-9C1E43871983} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655864 2022-10-13] (Nvidia Corporation -> NVIDIA Corporation)
Task: {BCCD70C6-06A9-45B8-89E7-69D1BB789920} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-11-09] (Piriform Software Ltd -> Piriform)
Task: {BF78E9B3-AC40-4AA0-B740-B29C29390870} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-2694576939-4152107225-3971293488-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4189072 2022-11-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {CC1C3F06-F5F9-4D6E-AB98-A6CDAEF7DC00} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908856 2022-10-13] (Nvidia Corporation -> NVIDIA Corporation)
Task: {CE80BA1D-7C8B-49C3-AFCB-E574DB9933C2} - System32\Tasks\EOSv3 Scheduler onLogOn => D:\stažené soubory\esetonlinescanner.exe [15274968 2022-12-01] (ESET, spol. s r.o. -> ESET)
Task: {CED90117-99F9-4DC6-8AC7-162B2568EC0E} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908856 2022-10-13] (Nvidia Corporation -> NVIDIA Corporation)
Task: {D1C83870-E8A6-439C-A0D4-CD6829D07B4B} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4669264 2022-11-09] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "67d240e1-bc1c-4ff2-a8a0-71169ea46021" --version "6.06.10144" --silent
Task: {D5538529-401F-4BF3-B1B2-41F0863AC6E3} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649784 2022-10-13] (Nvidia Corporation -> NVIDIA Corporation)
Task: {E5BF0C72-C624-4CCD-A23B-1E8118D6D5BC} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3342376 2022-10-17] (Nvidia Corporation -> NVIDIA Corporation)
Task: {F66238BB-2DD8-4994-BADA-F49F6DC07F3F} - System32\Tasks\EOSv3 Scheduler onTime => D:\stažené soubory\esetonlinescanner.exe [15274968 2022-12-01] (ESET, spol. s r.o. -> ESET)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\..\Interfaces\{ef68ba61-334f-4f41-b581-a52f167845f2}: [NameServer] 1.1.1.1,8.8.8.8

Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\mzeme\AppData\Local\Microsoft\Edge\User Data\Default [2022-12-01]
Edge DownloadDir: Default -> D:\stažené soubory
Edge HomePage: Default -> hxxp://www.google.cz/
Edge Extension: (Replace Favicon) - C:\Users\mzeme\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\akaelkiagnbfcccfnmbimdbplecgbikh [2020-05-18]
Edge Extension: (Flash Player) - C:\Users\mzeme\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bmimdmkleccdoghpgdhaahkelfhjfhgm [2020-10-11]
Edge Extension: (I don't care about cookies) - C:\Users\mzeme\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fihnjjcciajhdojfnbdddfaoknhalnja [2022-10-29]
Edge Extension: (Adblock Plus - free ad blocker) - C:\Users\mzeme\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gmgoamodcdcjnbaobigkjelfplakmdhh [2022-11-24]
Edge Extension: (All Video Downloader professional) - C:\Users\mzeme\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\mbpnbnogejaolbhfpfgagldkeahefbhd [2022-06-27]

FireFox:
========
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)

Chrome:
=======
CHR Profile: C:\Users\mzeme\AppData\Local\Google\Chrome\User Data\Default [2022-12-01]
CHR DownloadDir: D:\stažené soubory
CHR Notifications: Default -> hxxp://127.0.0.1; hxxps://calendar.google.com; hxxps://cs.athowto.com
CHR HomePage: Default -> hxxp://www.google.cz/
CHR StartupUrls: Default -> "hxxps://mail.google.com/mail/u/0/?shva=1#inbox"
CHR Extension: (Replace Favicon) - C:\Users\mzeme\AppData\Local\Google\Chrome\User Data\Default\Extensions\akaelkiagnbfcccfnmbimdbplecgbikh [2020-01-18]
CHR Extension: (Flash Player) - C:\Users\mzeme\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmimdmkleccdoghpgdhaahkelfhjfhgm [2020-10-07]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\mzeme\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2022-11-24]
CHR Extension: (I don't care about cookies) - C:\Users\mzeme\AppData\Local\Google\Chrome\User Data\Default\Extensions\fihnjjcciajhdojfnbdddfaoknhalnja [2022-10-28]
CHR Extension: (Dokumenty Google offline) - C:\Users\mzeme\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-11-18]
CHR Extension: (Spouštěč aplikací pro Disk (od Googlu)) - C:\Users\mzeme\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2021-01-23]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\mzeme\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR HKU\S-1-5-21-2694576939-4152107225-3971293488-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileSyncHelper.exe [3476400 2022-11-17] (Microsoft Corporation -> Microsoft Corporation)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [236864 2022-06-24] (Huawei Technologies Co., Ltd. -> ) [File not signed]
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\22.227.1030.0001\OneDriveUpdaterService.exe [3843504 2022-11-17] (Microsoft Corporation -> Microsoft Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [224216 2022-11-09] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 ss_conn_launcher_service; C:\WINDOWS\System32\Samsung\EasySetup\ss_conn_launcher.exe [182392 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\NisSrv.exe [3191272 2022-11-11] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MsMpEng.exe [133544 2022-11-11] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_ee20464bb4ac57f4\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_ee20464bb4ac57f4\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [284672 2021-04-15] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [153088 2021-08-11] (Microsoft Corporation) [File not signed]
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2022-06-24] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R1 googledrivefs3758; C:\WINDOWS\System32\DRIVERS\googledrivefs3758.sys [384584 2022-03-24] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2022-06-24] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R3 MpKsl71573144; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{26DD7976-4F68-4EAC-84A9-7478FC7A519A}\MpKslDrv.sys [214280 2022-12-01] (Microsoft Windows -> Microsoft Corporation)
R3 NvModuleTracker; C:\WINDOWS\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys [45656 2022-07-14] (Nvidia Corporation -> NVIDIA Corporation)
S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [43640 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49616 2022-11-11] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [469288 2022-11-11] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [95520 2022-11-11] (Microsoft Windows -> Microsoft Corporation)
S3 cpuz154; \??\C:\WINDOWS\temp\cpuz154\cpuz154_x64.sys [X]
S3 HWiNFO_172; \??\C:\Users\mzeme\AppData\Local\Temp\HWiNFO64A_172.SYS [X] <==== ATTENTION

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-12-01 19:34 - 2022-12-01 19:34 - 000020796 _____ C:\Users\mzeme\Documents\cc_20221201_193359.reg
2022-11-28 09:50 - 2022-11-28 09:51 - 000000000 ____D C:\Users\mzeme\AppData\Local\HiSuite
2022-11-28 09:50 - 2022-11-28 09:50 - 000001064 _____ C:\Users\mzeme\Desktop\HiSuite.lnk
2022-11-28 09:50 - 2022-11-28 09:50 - 000000000 ____D C:\Users\mzeme\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiSuite
2022-11-20 09:15 - 2022-11-28 09:50 - 000000000 ____D C:\Program Files (x86)\HiSuite
2022-11-18 16:45 - 2022-12-01 08:23 - 000001134 _____ C:\WINDOWS\system32\config\VSMIDK
2022-11-18 10:40 - 2022-12-01 18:04 - 000000000 __SHD C:\Users\mzeme\AppData\Roaming\crystaldiskinfo
2022-11-18 10:30 - 2022-12-01 19:20 - 000000000 ____D C:\Users\mzeme\AppData\Roaming\InqfbrzNJH
2022-11-18 10:30 - 2022-12-01 18:07 - 000000000 ____D C:\Users\mzeme\AppData\Roaming\temp
2022-11-18 10:07 - 2022-11-18 10:07 - 000000743 _____ C:\Users\mzeme\Desktop\Start Tor Browser.lnk
2022-11-18 10:07 - 2022-11-18 10:07 - 000000743 _____ C:\Users\mzeme\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk
2022-11-18 09:58 - 2022-11-18 10:04 - 000000000 __SHD C:\tmp
2022-11-18 09:58 - 2022-11-18 09:58 - 000003378 _____ C:\WINDOWS\system32\Tasks\ar
2022-11-18 09:58 - 2022-11-18 09:58 - 000000000 __SHD C:\Users\mzeme\AppData\Roaming\obs-studio
2022-11-17 11:57 - 2022-11-17 11:57 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2022-11-17 11:56 - 2022-08-23 23:26 - 001905912 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2022-11-17 11:56 - 2022-08-23 23:26 - 001905912 _____ C:\WINDOWS\system32\vulkaninfo.exe
2022-11-17 11:56 - 2022-08-23 23:26 - 001478408 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2022-11-17 11:56 - 2022-08-23 23:26 - 001478408 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2022-11-17 11:56 - 2022-08-23 23:26 - 001145592 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2022-11-17 11:56 - 2022-08-23 23:26 - 001145592 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2022-11-17 11:56 - 2022-08-23 23:25 - 001471984 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2022-11-17 11:56 - 2022-08-23 23:25 - 001432312 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2022-11-17 11:56 - 2022-08-23 23:25 - 001432312 _____ C:\WINDOWS\system32\vulkan-1.dll
2022-11-17 11:56 - 2022-08-23 23:25 - 001213424 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2022-11-17 11:56 - 2022-08-23 23:22 - 001536512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2022-11-17 11:56 - 2022-08-23 23:22 - 001182704 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2022-11-17 11:56 - 2022-08-23 23:22 - 000865784 _____ C:\WINDOWS\system32\nvofapi64.dll
2022-11-17 11:56 - 2022-08-23 23:22 - 000771584 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2022-11-17 11:56 - 2022-08-23 23:22 - 000714752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2022-11-17 11:56 - 2022-08-23 23:22 - 000687616 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2022-11-17 11:56 - 2022-08-23 23:22 - 000052208 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhdap64.dll
2022-11-17 11:56 - 2022-08-23 23:21 - 010269696 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2022-11-17 11:56 - 2022-08-23 23:21 - 008803840 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2022-11-17 11:56 - 2022-08-23 23:21 - 005362688 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2022-11-17 11:56 - 2022-08-23 23:21 - 003066864 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2022-11-17 11:56 - 2022-08-23 23:21 - 002127856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2022-11-17 11:56 - 2022-08-23 23:21 - 001607664 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2022-11-17 11:56 - 2022-08-23 23:21 - 001059320 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2022-11-17 11:56 - 2022-08-23 23:21 - 000845312 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2022-11-17 11:56 - 2022-08-23 23:21 - 000456192 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2022-11-17 11:56 - 2022-08-23 23:20 - 005735936 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2022-11-17 11:56 - 2022-08-23 23:20 - 000852984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2022-11-17 11:56 - 2022-08-23 23:19 - 006367424 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2022-11-17 11:56 - 2022-08-23 22:57 - 000093241 _____ C:\WINDOWS\system32\nvinfo.pb
2022-11-09 13:22 - 2022-11-09 13:22 - 000688128 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2022-11-09 13:22 - 2022-11-09 13:22 - 000073216 _____ C:\WINDOWS\system32\nettraceex.dll
2022-11-09 13:21 - 2022-11-09 13:21 - 002387456 _____ C:\WINDOWS\system32\smartscreen.exe
2022-11-09 13:21 - 2022-11-09 13:21 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-11-09 13:21 - 2022-11-09 13:21 - 000012253 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-11-09 13:17 - 2022-11-09 13:17 - 000000000 ___HD C:\$WinREAgent
2022-11-02 08:39 - 2022-11-02 08:39 - 000000931 _____ C:\Users\Public\Desktop\Imou.lnk
2022-11-02 08:39 - 2022-11-02 08:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Imou

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-12-01 19:38 - 2021-07-25 09:15 - 000000000 ____D C:\FRST
2022-12-01 19:35 - 2020-11-18 16:04 - 000000000 ____D C:\Program Files\CCleaner
2022-12-01 19:34 - 2022-09-30 05:50 - 000003476 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2022-12-01 19:34 - 2022-09-30 05:50 - 000000760 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2022-12-01 19:34 - 2020-11-18 16:05 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2022-12-01 19:34 - 2020-01-18 16:06 - 000000000 ____D C:\Users\mzeme\AppData\Roaming\WhatsApp
2022-12-01 19:33 - 2020-11-11 19:29 - 000000000 ____D C:\WINDOWS\Minidump
2022-12-01 19:33 - 2020-01-27 15:08 - 000000000 ____D C:\Users\mzeme\AppData\Local\CrashDumps
2022-12-01 19:30 - 2020-01-18 14:13 - 000000000 ____D C:\Program Files (x86)\Google
2022-12-01 19:17 - 2020-11-11 16:36 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-12-01 18:37 - 2020-01-19 12:30 - 000000000 ___RD C:\Users\mzeme\Disk Google
2022-12-01 17:38 - 2021-02-16 16:43 - 000001420 _____ C:\Users\mzeme\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2022-12-01 17:38 - 2021-02-16 16:43 - 000001314 _____ C:\Users\mzeme\Desktop\ESET Online Scanner.lnk
2022-12-01 16:42 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-12-01 12:25 - 2020-01-19 09:20 - 000000000 ____D C:\ProgramData\NVIDIA
2022-12-01 08:55 - 2020-01-18 17:16 - 000000000 ____D C:\Users\mzeme\AppData\Local\D3DSCache
2022-12-01 08:30 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-12-01 08:28 - 2020-01-19 12:30 - 000000000 ____D C:\Users\mzeme\GoogleDisk
2022-12-01 08:28 - 2020-01-18 14:12 - 000000000 ___RD C:\Users\mzeme\OneDrive
2022-12-01 08:27 - 2020-11-11 16:39 - 001694140 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-12-01 08:27 - 2019-12-07 15:43 - 000717008 _____ C:\WINDOWS\system32\perfh005.dat
2022-12-01 08:27 - 2019-12-07 15:43 - 000145186 _____ C:\WINDOWS\system32\perfc005.dat
2022-12-01 08:27 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2022-12-01 08:23 - 2020-11-11 16:40 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-12-01 08:23 - 2020-11-11 16:35 - 000008192 ___SH C:\DumpStack.log.tmp
2022-11-30 21:58 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2022-11-30 21:54 - 2020-11-24 17:39 - 000000000 ____D C:\Users\mzeme\AppData\Roaming\Kodi
2022-11-30 18:51 - 2020-05-18 05:35 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-11-30 18:51 - 2020-05-18 05:35 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2022-11-30 18:51 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-11-30 17:49 - 2021-11-14 19:08 - 000000000 ____D C:\Users\Public\Imou_en
2022-11-30 13:22 - 2020-01-18 14:13 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-11-30 13:22 - 2020-01-18 14:13 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-11-29 23:28 - 2020-11-11 16:36 - 000000000 ____D C:\Users\mzeme
2022-11-29 20:18 - 2020-11-19 15:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2022-11-29 14:53 - 2021-09-10 19:24 - 000002057 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk
2022-11-29 14:53 - 2021-09-10 19:24 - 000001899 _____ C:\Users\Default\Desktop\Google Slides.lnk
2022-11-29 14:53 - 2021-09-10 19:24 - 000001899 _____ C:\Users\Default\Desktop\Google Sheets.lnk
2022-11-29 14:53 - 2021-09-10 19:24 - 000001887 _____ C:\Users\Default\Desktop\Google Docs.lnk
2022-11-28 21:01 - 2022-02-01 15:21 - 000000000 ____D C:\Users\mzeme\AppData\Local\WhatsApp
2022-11-27 20:26 - 2020-02-09 17:11 - 000000000 ____D C:\Users\mzeme\DCC_E2
2022-11-20 09:04 - 2022-09-29 08:44 - 000000000 ____D C:\Users\mzeme\Documents\HiSuite
2022-11-19 18:47 - 2020-02-09 17:24 - 000000000 ____D C:\Users\mzeme\AppData\Roaming\vlc
2022-11-18 10:15 - 2020-05-16 06:16 - 000000000 ____D C:\Users\mzeme\AppData\LocalLow\Mozilla
2022-11-18 09:47 - 2021-06-19 18:20 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2022-11-17 12:01 - 2021-12-11 18:24 - 000003596 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2694576939-4152107225-3971293488-1001
2022-11-17 12:01 - 2020-11-12 15:50 - 000003194 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2022-11-17 12:01 - 2020-11-12 15:50 - 000002130 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-11-12 08:45 - 2020-11-11 16:40 - 000003640 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-11-12 08:45 - 2020-11-11 16:40 - 000003516 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-11-11 21:02 - 2020-09-30 22:37 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2022-11-11 07:53 - 2020-01-18 14:02 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2022-11-09 14:38 - 2020-11-11 16:36 - 000458488 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-11-09 14:38 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2022-11-09 14:38 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2022-11-09 14:38 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-11-09 14:38 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-11-09 14:38 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-11-09 14:38 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-11-09 14:38 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-11-09 14:38 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-11-09 13:24 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-11-09 13:21 - 2020-11-11 16:39 - 003014656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-11-09 13:21 - 2020-01-18 14:01 - 000415688 __RSH C:\bootmgr
2022-11-09 07:34 - 2020-01-18 17:23 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-11-09 07:32 - 2020-01-18 17:23 - 146960040 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-11-02 08:39 - 2021-11-14 19:08 - 000000000 ____D C:\Program Files\Imou_en

==================== Files in the root of some directories ========

2022-03-13 09:40 - 2022-03-13 09:40 - 000002043 _____ () C:\Users\mzeme\AppData\Roaming\Microsoft\2ae5198e-120a-48ad-a3ae-1860ee29241a.tmp
2022-04-17 12:25 - 2022-04-17 12:25 - 000002041 _____ () C:\Users\mzeme\AppData\Roaming\Microsoft\550a6ca0-2af1-40ab-9b7d-a2507c8e7216.tmp
2022-04-28 20:24 - 2022-04-28 20:24 - 000002042 _____ () C:\Users\mzeme\AppData\Roaming\Microsoft\b4803a5c-24b5-4e75-96c9-20a113898e10.tmp
2020-02-16 14:27 - 2022-10-26 17:04 - 000010752 _____ () C:\Users\mzeme\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2020-02-10 17:45 - 2021-01-16 21:30 - 000000128 _____ () C:\Users\mzeme\AppData\Local\PUTTY.RND
2020-05-06 14:33 - 2020-05-06 14:33 - 000000017 _____ () C:\Users\mzeme\AppData\Local\resmon.resmoncfg

==================== FLock ==============================

2022-11-09 13:21 C:\WINDOWS\system32\smartscreen.exe

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-11-2022
Ran by Milan (01-12-2022 19:39:26)
Running from D:\stažené soubory
Microsoft Windows 10 Pro Version 22H2 19045.2251 (X64) (2020-11-11 15:40:48)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-2694576939-4152107225-3971293488-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2694576939-4152107225-3971293488-503 - Limited - Disabled)
Guest (S-1-5-21-2694576939-4152107225-3971293488-501 - Limited - Disabled)
KODI-PC (S-1-5-21-2694576939-4152107225-3971293488-1002 - Limited - Enabled)
Milan (S-1-5-21-2694576939-4152107225-3971293488-1001 - Administrator - Enabled) => C:\Users\mzeme
WDAGUtilityAccount (S-1-5-21-2694576939-4152107225-3971293488-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Balíček ovladače systému Windows - Silicon Laboratories Inc. (silabser) Ports (09/19/2016 6.7.4.261) (HKLM\...\9E2C239D42290B984A9E2B350A67AF8BC8BD11B9) (Version: 09/19/2016 6.7.4.261 - Silicon Laboratories Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 6.06 - Piriform)
CPUID CPU-Z 2.03 (HKLM\...\CPUID CPU-Z_is1) (Version: 2.03 - CPUID, Inc.)
DCC_E2 (HKLM-x32\...\{B170E541-3668-480A-A2F0-3D7BAD17F877}) (Version: 2.40 - BernyR)
dreamboxEDIT -- The one and only settings editor for your Dreambox (HKLM-x32\...\dreamboxEDIT) (Version: - )
Farming Simulator 22 (HKLM-x32\...\Farming Simulator 22_is1) (Version: - )
Google Drive (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 67.0.2.0 - Google LLC)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 107.0.5304.122 - Google LLC)
HiSuite (HKLM-x32\...\Hi Suite) (Version: 11.0.0.650 - Huawei Technologies Co., Ltd.)
HWiNFO64 Version 7.30 (HKLM\...\HWiNFO64_is1) (Version: 7.30 - Martin Malik - REALiX)
Imou (HKLM\...\Imou_en) (Version: 2.5.1 - Hangzhou Huacheng Network Technology Company)
Imou (HKLM-x32\...\Imou_en) (Version: 2.3.1 - Hangzhou Huacheng Network Technology Company)
IrfanView 4.54 (64-bit) (HKLM\...\IrfanView64) (Version: 4.54 - Irfan Skiljan)
Kodi (HKU\S-1-5-21-2694576939-4152107225-3971293488-1001\...\Kodi) (Version: 19.0.0.0 - XBMC Foundation)
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
LibreOffice 7.0.0.3 (HKLM\...\{7C7F19DA-6107-4284-9263-EC5C4792C8C7}) (Version: 7.0.0.3 - The Document Foundation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 107.0.1418.62 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 107.0.1418.62 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 22.227.1030.0001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{80F1AF52-7AC0-42A3-9AF0-689BFB271D1D}) (Version: 3.68.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.22.27821 (HKLM-x32\...\{6361b579-2795-4886-b2a8-53d5239b6452}) (Version: 14.22.27821.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.22.27821 (HKLM-x32\...\{5bfc1380-fd35-4b85-9715-7351535d077e}) (Version: 14.22.27821.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X64 Additional Runtime - 14.22.27821 (HKLM\...\{6E2C7A8E-B17A-4637-9CE9-F0B1157CF378}) (Version: 14.22.27821 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.22.27821 (HKLM\...\{0093C20C-273D-4397-B623-515CB8616CB9}) (Version: 14.22.27821 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.22.27821 (HKLM-x32\...\{3BDE80F7-7EC9-448E-8160-4ADA0CDA8879}) (Version: 14.22.27821 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.22.27821 (HKLM-x32\...\{1E6FC929-567E-4D22-9206-C5B83F0A21B9}) (Version: 14.22.27821 - Microsoft Corporation) Hidden
Movavi Video Editor 23 (HKU\S-1-5-21-2694576939-4152107225-3971293488-1001\...\Movavi Video Editor 23) (Version: 23.0.1 - Movavi)
NVIDIA FrameView SDK 1.3.8107.31782123 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.3.8107.31782123 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.26.0.154 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.26.0.154 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 516.94 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 516.94 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
Pomocník s aktualizací Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.23367 - Microsoft Corporation)
PuTTY release 0.73 (64-bit) (HKLM\...\{44F7642C-AB7E-4468-B028-E8D08A0CBB0E}) (Version: 0.73.0.0 - Simon Tatham)
Raspberry Pi Imager (HKU\S-1-5-21-2694576939-4152107225-3971293488-1001\...\Raspberry Pi Imager) (Version: 1.4 - Raspberry Pi)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
SD Card Formatter (HKLM-x32\...\{A61131DC-B92D-4AD8-A925-E2D6D5FE217C}) (Version: 5.0.1 - SD Association)
Signal 5.51.0 (HKU\S-1-5-21-2694576939-4152107225-3971293488-1001\...\7d96caee-06e6-597c-9f2f-c7bb2e0948b4) (Version: 5.51.0 - Signal Messenger, LLC)
Skype verze 8.91 (HKLM-x32\...\Skype_is1) (Version: 8.91 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Tenorshare 4DDiG 8.1.2.2 (HKLM\...\{UltData - Windows}_is1) (Version: 8.1.2.2 - Tenorshare, Inc.)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.22a - Ghisler Software GmbH)
TruckersMP Launcher 1.0.0.4 (HKLM\...\{A227B892-C548-4490-9C5D-DB341F8194A6}_is1) (Version: 1.0.0.4 - TruckersMP Team)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.11 - VideoLAN)
WhatsApp (HKU\S-1-5-21-2694576939-4152107225-3971293488-1001\...\WhatsApp) (Version: 2.2245.9 - WhatsApp)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Zip Password Recover (HKLM-x32\...\{F84258BC-AA68-4E24-BCD5-3FDA2D880ED6}) (Version: 1.1.1 - Recover Password)
Zoner Photo Studio 17 (HKLM\...\ZonerPhotoStudio17_CZ_is1) (Version: 17.0.1.3 - ZONER software)

Packages:
=========
Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_7.27.20.0_x64__kgqvnymyfvs32 [2022-11-22] (king.com)
Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_1.93.2.0_x64__kgqvnymyfvs32 [2022-11-24] (king.com)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-01-19] (Microsoft Corporation)
Chordle -> C:\Program Files\WindowsApps\19116MUNKLESOFT.CHORDLE_2.2.150.0_x64__sjfyx6f2ztysj [2022-11-22] (Munklesoft)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-01-18] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-01-18] (Microsoft Corporation) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.963.0_x64__56jybvy8sckqj [2022-10-16] (NVIDIA Corp.)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.15.11210.0_x64__8wekyb3d8bbwe [2022-11-29] (Microsoft Studios) [MS Ad]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileSyncShell64.dll [2022-11-17] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileSyncShell64.dll [2022-11-17] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileSyncShell64.dll [2022-11-17] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileSyncShell64.dll [2022-11-17] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileSyncShell64.dll [2022-11-17] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileSyncShell64.dll [2022-11-17] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileSyncShell64.dll [2022-11-17] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\67.0.2.0\drivefsext.dll [2022-11-29] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\67.0.2.0\drivefsext.dll [2022-11-29] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\67.0.2.0\drivefsext.dll [2022-11-29] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\67.0.2.0\drivefsext.dll [2022-11-29] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileSyncShell64.dll [2022-11-17] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileSyncShell64.dll [2022-11-17] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileSyncShell64.dll [2022-11-17] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileSyncShell64.dll [2022-11-17] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileSyncShell64.dll [2022-11-17] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileSyncShell64.dll [2022-11-17] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileSyncShell64.dll [2022-11-17] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileSyncShell64.dll [2022-11-17] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\67.0.2.0\drivefsext.dll [2022-11-29] (Google LLC -> Google, Inc.)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileSyncShell64.dll [2022-11-17] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\67.0.2.0\drivefsext.dll [2022-11-29] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileSyncShell64.dll [2022-11-17] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\67.0.2.0\drivefsext.dll [2022-11-29] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_ee20464bb4ac57f4\nvshext.dll [2022-08-23] (Nvidia Corporation -> NVIDIA Corporation)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============


==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:9A870F8B [268]

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========


==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-03-19 05:49 - 2022-11-18 09:58 - 000003364 _____ C:\WINDOWS\system32\drivers\etc\hosts
0.0.0.0 account.zoner.com
127.0.0.1 checkhost.local
109.94.209.70 *.fitgirl-repacks.xyz # Fake FitGirl site
109.94.209.70 *.fitgirl-repacks.xyz # Fake FitGirl site
109.94.209.70 fitgirlrepacks.in # Fake FitGirl site
109.94.209.70 www.fitgirlrepacks.in # Fake FitGirl site
109.94.209.70 fitgirlrepacks.co # Fake FitGirl site
109.94.209.70 fitgirl-repacks.cc # Fake FitGirl site
109.94.209.70 fitgirl-repacks.to # Fake FitGirl site
109.94.209.70 fitgirl-repack.com # Fake FitGirl site
109.94.209.70 fitgirl-repacks.website # Fake FitGirl site
109.94.209.70 fitgirlrepack.games # Fake FitGirl site
109.94.209.70 www.fitgirlrepacks.co # Fake FitGirl site
109.94.209.70 www.fitgirl-repacks.cc # Fake FitGirl site
109.94.209.70 www.fitgirl-repacks.to # Fake FitGirl site
109.94.209.70 www.fitgirl-repack.com # Fake FitGirl site
109.94.209.70 www.fitgirl-repacks.website # Fake FitGirl site
109.94.209.70 ww9.fitgirl-repacks.xyz # Fake FitGirl site
109.94.209.70 www.fitgirlrepack.games # Fake FitGirl site
109.94.209.70 *.fitgirl-repacks.xyz # Fake FitGirl site
109.94.209.70 fitgirl-repacks.xyz # Fake FitGirl site
109.94.209.70 fitgirl-repack.net # Fake FitGirl site
109.94.209.70 www.fitgirl-repack.net # Fake FitGirl site
109.94.209.70 fitgirlpack.site # Fake FitGirl site
109.94.209.70 www.fitgirlpack.site # Fake FitGirl site
109.94.209.70 fitgirl-repack.org # Fake FitGirl site
109.94.209.70 www.fitgirl-repack.org # Fake FitGirl site
0.0.0.0 checkappexec.microsoft.com
0.0.0.0 smartscreen-prod.microsoft.com
0.0.0.0 nav.smartscreen.microsoft.com

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2694576939-4152107225-3971293488-1001\Control Panel\Desktop\\Wallpaper -> D:\stažené soubory\wokna.jpg
DNS Servers: 1.1.1.1 - 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 0) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: off)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKU\S-1-5-21-2694576939-4152107225-3971293488-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-2694576939-4152107225-3971293488-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-2694576939-4152107225-3971293488-1001\...\StartupApproved\Run: => "Zoner Photo Studio Autoupdate"
HKU\S-1-5-21-2694576939-4152107225-3971293488-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [TCP Query User{7FFD49BD-BA15-4D85-A5D9-F024ACF7B298}D:\steam\steam.exe] => (Allow) D:\steam\steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [UDP Query User{EDC8299D-F61A-4AF5-91D8-DDA9EF748821}D:\steam\steam.exe] => (Allow) D:\steam\steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{BCE62EC3-3DB3-49DB-8CDA-592295F590A9}] => (Allow) D:\steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{AE36D177-8B89-4C0F-94CF-880C2E5DA546}] => (Allow) D:\steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [TCP Query User{3D50BC4B-85C3-4B79-B9CF-C885072D27D0}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{789EE48D-488F-40D8-9A80-5B1CAD31A0FB}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{47FA76C6-8ECF-4A0D-95DA-7DABE6BC9A3E}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{19C5E664-AE86-4EB6-B92E-168427F4FE71}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{29D44FCD-9DFA-42CC-869B-B72F3799BD3C}] => (Allow) C:\steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{191FA4CA-18CD-41D3-85D4-27AB7B48EC7F}] => (Allow) C:\steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{F9C4887F-B1B9-42BB-A8E1-A380112312A1}] => (Allow) C:\steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{22B40A81-B8D1-417D-B25B-85695535C04B}] => (Allow) C:\steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{20B38C0F-33BF-4A93-BE0F-0B79FC9E4E1B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{F0AA4D60-202D-4DAA-B673-1107C48F1DBD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{60682377-93C6-4773-882B-A33C66C2E048}C:\program files\imou_en\bin\imou_en.exe] => (Allow) C:\program files\imou_en\bin\imou_en.exe (Hangzhou Huacheng Network Technology Co.,Ltd. -> Hangzhou Huacheng Network Technology Company)
FirewallRules: [UDP Query User{3E8B4834-DC7C-419B-B633-8574421C4684}C:\program files\imou_en\bin\imou_en.exe] => (Allow) C:\program files\imou_en\bin\imou_en.exe (Hangzhou Huacheng Network Technology Co.,Ltd. -> Hangzhou Huacheng Network Technology Company)
FirewallRules: [{1410351A-4AE3-4EC2-88DA-5E5BC82006A2}] => (Allow) C:\Program Files (x86)\Tenorshare\Tenorshare 4DDiG\Tenorshare 4DDiG.exe (Tenorshare Co., Ltd. -> Tenorshare)
FirewallRules: [{232C3626-2C6E-492A-8D2A-5AA83B40E1E5}] => (Allow) C:\Program Files (x86)\Tenorshare\Tenorshare 4DDiG\Tenorshare 4DDiG.exe (Tenorshare Co., Ltd. -> Tenorshare)
FirewallRules: [{2B65F5D7-61EC-4E50-87B6-9F4C802FAFBD}] => (Allow) C:\Program Files (x86)\Tenorshare\Tenorshare 4DDiG\NetFrameCheck.exe (Tenorshare Co., Ltd. -> Tenorshare)
FirewallRules: [{8AD3AB29-8029-4E67-9A12-06960C9E3F45}] => (Allow) C:\Program Files (x86)\Tenorshare\Tenorshare 4DDiG\NetFrameCheck.exe (Tenorshare Co., Ltd. -> Tenorshare)
FirewallRules: [TCP Query User{042E1DEA-7F3C-452E-83C0-9F63FEABCAF4}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{4E266D98-5B4A-4716-8784-2577A5AB60C5}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{22FCDF3D-BB32-43E3-B019-3DA2EC05E097}] => (Allow) C:\steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{B14845A3-AE55-4ED1-8C13-6AE3F4A2C09B}] => (Allow) C:\steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{9AE05EAC-0A61-44AC-AA62-7E5CE6F606AF}] => (Allow) C:\steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{78C4D66F-0D39-495A-9FA0-FD7FA9DEBC73}] => (Allow) C:\steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{71423391-F1BC-4FA9-8BC0-131FF3DF8CB1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{5834183D-9B0F-445E-8770-BA60A14DAA44}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{3276491D-9A4A-49A6-85B7-74A4BF4D255D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{DCB86CFD-357C-4819-9444-74DB1BCF77CB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{B7A266A9-ABC4-44D2-8A40-03B7481BC40A}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{DDE001D9-F1FC-4964-AED4-50FA97380C28}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A1170DDE-C257-4F1D-9F3F-CEDB77D1FDAB}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{99E69A48-E69D-4EA0-8115-3BCBF7D3439E}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\107.0.1418.62\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================


==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (11/30/2022 08:31:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: FarmingSimulator2022Game.exe, verze: 9.0.0.0, časové razítko: 0x62eb68a9
Název chybujícího modulu: FarmingSimulator2022Game.exe, verze: 9.0.0.0, časové razítko: 0x62eb68a9
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000352821
ID chybujícího procesu: 0x27cc
Čas spuštění chybující aplikace: 0x01d904cf453db8a7
Cesta k chybující aplikaci: C:\Games\Farming Simulator 22\x64\FarmingSimulator2022Game.exe
Cesta k chybujícímu modulu: C:\Games\Farming Simulator 22\x64\FarmingSimulator2022Game.exe
ID zprávy: a923cd22-9488-4976-993a-eb0d5a9d9c5f
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (11/29/2022 12:08:53 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: FarmingSimulator2022Game.exe, verze: 9.0.0.0, časové razítko: 0x62eb68a9
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x00000177527826f0
ID chybujícího procesu: 0x24e4
Čas spuštění chybující aplikace: 0x01d90371515ed669
Cesta k chybující aplikaci: C:\Games\Farming Simulator 22\x64\FarmingSimulator2022Game.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 5549802c-80ea-4053-933b-7e568c451582
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (11/28/2022 08:08:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: FarmingSimulator2022Game.exe, verze: 9.0.0.0, časové razítko: 0x62eb68a9
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x00000187d9272880
ID chybujícího procesu: 0x1f8c
Čas spuštění chybující aplikace: 0x01d9032780472a6a
Cesta k chybující aplikaci: C:\Games\Farming Simulator 22\x64\FarmingSimulator2022Game.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 389de7b5-3500-4542-9607-09c09329bd94
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (11/28/2022 01:45:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: FarmingSimulator2022Game.exe, verze: 9.0.0.0, časové razítko: 0x62eb68a9
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x00000148e3f06fc0
ID chybujícího procesu: 0x1fe8
Čas spuštění chybující aplikace: 0x01d902fb0655e042
Cesta k chybující aplikaci: C:\Games\Farming Simulator 22\x64\FarmingSimulator2022Game.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: e1a8a45d-edc9-4c93-aad1-b1b19a62804c
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (11/27/2022 04:14:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: FarmingSimulator2022Game.exe, verze: 9.0.0.0, časové razítko: 0x62eb68a9
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x0000023d8290f790
ID chybujícího procesu: 0x1f08
Čas spuštění chybující aplikace: 0x01d9026e168536e3
Cesta k chybující aplikaci: C:\Games\Farming Simulator 22\x64\FarmingSimulator2022Game.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 5d3dd6f4-cd70-4a69-8ce6-03a566b7a37a
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (11/27/2022 03:39:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: FarmingSimulator2022Game.exe, verze: 9.0.0.0, časové razítko: 0x62eb68a9
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x0000016515e8d5a0
ID chybujícího procesu: 0xcb8
Čas spuštění chybující aplikace: 0x01d902356a67a52b
Cesta k chybující aplikaci: C:\Games\Farming Simulator 22\x64\FarmingSimulator2022Game.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: a4eb0919-3dc4-439a-a553-f7391e646b5d
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (11/26/2022 05:42:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: FarmingSimulator2022Game.exe, verze: 9.0.0.0, časové razítko: 0x62eb68a9
Název chybujícího modulu: FarmingSimulator2022Game.exe, verze: 9.0.0.0, časové razítko: 0x62eb68a9
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000352821
ID chybujícího procesu: 0x298c
Čas spuštění chybující aplikace: 0x01d901a093a41705
Cesta k chybující aplikaci: C:\Games\Farming Simulator 22\x64\FarmingSimulator2022Game.exe
Cesta k chybujícímu modulu: C:\Games\Farming Simulator 22\x64\FarmingSimulator2022Game.exe
ID zprávy: 16aae2cf-e20f-4386-a200-32bd46469f5c
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (11/26/2022 03:07:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: FarmingSimulator2022Game.exe, verze: 9.0.0.0, časové razítko: 0x62eb68a9
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x000002137226d7e0
ID chybujícího procesu: 0x2c98
Čas spuštění chybující aplikace: 0x01d901974c2f093e
Cesta k chybující aplikaci: C:\Games\Farming Simulator 22\x64\FarmingSimulator2022Game.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 6911592b-4c38-4cd5-b6fc-cfdb932cc53a
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:


System errors:
=============
Error: (12/01/2022 07:33:17 PM) (Source: DCOM) (EventID: 10000) (User: PC-MILAN)
Description: Nelze spustit server DCOM: {0358B920-0AC7-461F-98F4-58E32CD89148}. Došlo k chybě:
2147942767
při provádění příkazu:
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}

Error: (12/01/2022 05:39:55 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba eapihdrv neuspěla při spuštění v důsledku následující chyby:
Načtení tohoto ovladače je blokováno.

Error: (12/01/2022 05:39:55 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\mzeme\AppData\Local\Temp\ehdrv.sys

Error: (12/01/2022 05:39:54 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba eapihdrv neuspěla při spuštění v důsledku následující chyby:
Načtení tohoto ovladače je blokováno.

Error: (12/01/2022 05:39:54 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\mzeme\AppData\Local\Temp\ehdrv.sys

Error: (12/01/2022 05:39:54 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba eapihdrv neuspěla při spuštění v důsledku následující chyby:
Načtení tohoto ovladače je blokováno.

Error: (12/01/2022 05:39:54 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\mzeme\AppData\Local\Temp\ehdrv.sys

Error: (12/01/2022 05:39:54 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba eapihdrv neuspěla při spuštění v důsledku následující chyby:
Načtení tohoto ovladače je blokováno.


CodeIntegrity:
===============
Date: 2022-12-01 17:39:55
Description:
Code Integrity determined that a process (System) attempted to load \Device\HarddiskVolume1\Users\mzeme\AppData\Local\Temp\ehdrv.sys that is not compatible with hypervisor enforcement. Failure bitmap 0x1. Status 0xC00000BB.


==================== Memory info ===========================

BIOS: American Megatrends Inc. FC 08/11/2015
Motherboard: Gigabyte Technology Co., Ltd. H81M-S2PV
Processor: Intel(R) Core(TM) i7-4790 CPU @ 3.60GHz
Percentage of memory in use: 41%
Total physical RAM: 12252.86 MB
Available physical RAM: 7229.1 MB
Total Virtual: 16092.86 MB
Available Virtual: 8426.42 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:231.94 GB) (Free:96.13 GB) (Model: Samsung SSD 860 EVO 250GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (Fotky) (Fixed) (Total:465.76 GB) (Free:196.04 GB) (Model: WDC WD5000AZRX-00A8LB0) NTFS
Drive e: (NIKON D90) (Removable) (Total:7.39 GB) (Free:5.53 GB) FAT32

\\?\Volume{e30ce30c-0000-0000-0000-20fc39000000}\ () (Fixed) (Total:0.5 GB) (Free:0.08 GB) NTFS
\\?\Volume{e30ce30c-0000-0000-0000-801c3a000000}\ () (Fixed) (Total:0.44 GB) (Free:0.08 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 232.9 GB) (Disk ID: E30CE30C)
Partition 1: (Active) - (Size=231.9 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=517 MB) - (Type=27)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 0367C0E6)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)

==========================================================
Disk: 2 (Protective MBR) (Size: 7.4 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118199
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Google varuje prolomením hesla

#2 Příspěvek od Rudy »

Zdravím!
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Kema
Návštěvník
Návštěvník
Příspěvky: 152
Registrován: 08 led 2005 18:15
Bydliště: Bohosudov
Kontaktovat uživatele:

Re: Google varuje prolomením hesla

#3 Příspěvek od Kema »

Děkuji.
Zde je log:

# -------------------------------
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build: 08-30-2022
# Database: 2022-10-10.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 12-01-2022
# Duration: 00:00:00
# OS: Windows 10 (Build 19045.2251)
# Cleaned: 1
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

Deleted Replace Favicon - akaelkiagnbfcccfnmbimdbplecgbikh

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1466 octets] - [01/12/2022 21:26:40]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118199
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Google varuje prolomením hesla

#4 Příspěvek od Rudy »

OK. Dejte nové logy FRST+Addition.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Kema
Návštěvník
Návštěvník
Příspěvky: 152
Registrován: 08 led 2005 18:15
Bydliště: Bohosudov
Kontaktovat uživatele:

Re: Google varuje prolomením hesla

#5 Příspěvek od Kema »

Posílám log.
Server viry.cz (tedy Google) mi říká že při přihlášení na server viry.cz mám změnit heslo. Že je prý prozrazené.
Pak se mi tu neustále otevírá okénku s hláškou že něco na C: nemůže najít.
Kurňa co se mi to s tím počítačem stalo .... ?



Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 26-11-2022
Ran by Milan (administrator) on PC-MILAN (Gigabyte Technology Co., Ltd. H81M-S2PV) (01-12-2022 22:37:53)
Running from D:\stažené soubory
Loaded Profiles: Milan
Platform: Microsoft Windows 10 Pro Version 22H2 19045.2251 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MpCopyAccelerator.exe
(explorer.exe ->) (Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe <6>
(Nvidia Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\NisSrv.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_ee20464bb4ac57f4\Display.NvContainer\NVDisplay.Container.exe <2>

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore: [DisableConfig] Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore: [DisableSR] Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\67.0.2.0\GoogleDriveFS.exe [53350168 2022-11-29] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\67.0.2.0\GoogleDriveFS.exe [53350168 2022-11-29] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-2694576939-4152107225-3971293488-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2626480 2022-11-17] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2694576939-4152107225-3971293488-1001\...\Run: [Steam] => D:\steam\steam.exe [4234600 2022-08-20] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-2694576939-4152107225-3971293488-1001\...\Run: [com.squirrel.WhatsApp.WhatsApp] => C:\Users\mzeme\AppData\Local\WhatsApp\Update.exe [2254048 2022-11-28] (WhatsApp LLC -> )
HKU\S-1-5-21-2694576939-4152107225-3971293488-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [38650192 2022-11-09] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-2694576939-4152107225-3971293488-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [123150720 2022-11-22] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-2694576939-4152107225-3971293488-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\67.0.2.0\GoogleDriveFS.exe [53350168 2022-11-29] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-2694576939-4152107225-3971293488-1001\...\Run: [Zoner Photo Studio Autoupdate] => D:\Photo Studio 17\Program32\ZPSTRAY.EXE [437248 2014-10-03] (ZONER software, a.s. -> ZONER software)
HKU\S-1-5-21-2694576939-4152107225-3971293488-1001\...\MountPoints2: {f5015da2-3fc4-11ed-b4e2-fcaa141acbfa} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2694576939-4152107225-3971293488-1001\...\MountPoints2: {f5015e38-3fc4-11ed-b4e2-fcaa141acbfa} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\67.0.2.0\GoogleDriveFS.exe [53350168 2022-11-29] (Google LLC -> Google, Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\107.0.5304.122\Installer\chrmstp.exe [2022-11-30] (Google LLC -> Google LLC)
Startup: C:\Users\mzeme\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CrystalDiskInfo8.lnk [2022-11-18]
ShortcutTarget: CrystalDiskInfo8.lnk -> C:\Users\mzeme\AppData\Roaming\crystaldiskinfo\diskinfo8.scr (No File)
Startup: C:\Users\mzeme\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OBS.lnk [2022-11-18]
ShortcutTarget: OBS.lnk -> C:\Users\mzeme\AppData\Roaming\obs-studio\bin\64bit\obs64.scr (No File)
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {026CAB9F-5A8C-4565-8D4F-FBC6485B19B6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MpCmdRun.exe [1567360 2022-11-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {07792A0A-3D92-4152-BF67-2DB7A88F5CC6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-01-18] (Google LLC -> Google LLC)
Task: {0C69C76B-48E6-4E5A-A5F1-85232E888B36} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-01-18] (Google LLC -> Google LLC)
Task: {118679C6-81D3-4A5B-8CC7-A8D08C83ED81} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655864 2022-10-13] (Nvidia Corporation -> NVIDIA Corporation)
Task: {2E8665B0-8ED3-4CFC-B858-24CDBEFA4B49} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MpCmdRun.exe [1567360 2022-11-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4C9E07FE-EB20-4F9F-9E0F-F723ACC9E4FB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MpCmdRun.exe [1567360 2022-11-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5127961C-ADA8-497A-966E-776BFB4FD31A} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655864 2022-10-13] (Nvidia Corporation -> NVIDIA Corporation)
Task: {514725BE-1D68-4049-AF68-C7C8E9738C89} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655864 2022-10-13] (Nvidia Corporation -> NVIDIA Corporation)
Task: {635AABD7-B5F9-4CAF-8E89-A96E994B9644} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1003128 2022-08-30] (Nvidia Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {745A7B3D-AAFD-4CC3-BE13-1930E663A4F9} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4189072 2022-11-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {85CE3A64-9E44-426A-BCDE-71D205371EBF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MpCmdRun.exe [1567360 2022-11-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {9F9D33A9-F952-4264-AFFC-5AE5B5C6B0F1} - System32\Tasks\ar => wscript.exe "%appdata%\obs-studio\bin\64bit\.vbs" "%appdata%\obs-studio\bin\64bit\.cmd"
Task: {AAEB9A16-069E-4E36-9E53-D374B9F77D04} - System32\Tasks\CCleanerSkipUAC - Milan => C:\Program Files\CCleaner\CCleaner.exe [32325456 2022-11-09] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {B5955DEF-17CC-491B-8CCC-9C1E43871983} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655864 2022-10-13] (Nvidia Corporation -> NVIDIA Corporation)
Task: {BCCD70C6-06A9-45B8-89E7-69D1BB789920} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-11-09] (Piriform Software Ltd -> Piriform)
Task: {BF78E9B3-AC40-4AA0-B740-B29C29390870} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-2694576939-4152107225-3971293488-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4189072 2022-11-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {CC1C3F06-F5F9-4D6E-AB98-A6CDAEF7DC00} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908856 2022-10-13] (Nvidia Corporation -> NVIDIA Corporation)
Task: {CE80BA1D-7C8B-49C3-AFCB-E574DB9933C2} - System32\Tasks\EOSv3 Scheduler onLogOn => D:\stažené soubory\esetonlinescanner.exe [15274968 2022-12-01] (ESET, spol. s r.o. -> ESET)
Task: {CED90117-99F9-4DC6-8AC7-162B2568EC0E} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908856 2022-10-13] (Nvidia Corporation -> NVIDIA Corporation)
Task: {D1C83870-E8A6-439C-A0D4-CD6829D07B4B} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4669264 2022-11-09] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "67d240e1-bc1c-4ff2-a8a0-71169ea46021" --version "6.06.10144" --silent
Task: {D5538529-401F-4BF3-B1B2-41F0863AC6E3} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649784 2022-10-13] (Nvidia Corporation -> NVIDIA Corporation)
Task: {E5BF0C72-C624-4CCD-A23B-1E8118D6D5BC} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3342376 2022-10-17] (Nvidia Corporation -> NVIDIA Corporation)
Task: {F66238BB-2DD8-4994-BADA-F49F6DC07F3F} - System32\Tasks\EOSv3 Scheduler onTime => D:\stažené soubory\esetonlinescanner.exe [15274968 2022-12-01] (ESET, spol. s r.o. -> ESET)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\..\Interfaces\{ef68ba61-334f-4f41-b581-a52f167845f2}: [NameServer] 1.1.1.1,8.8.8.8

Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\mzeme\AppData\Local\Microsoft\Edge\User Data\Default [2022-12-01]
Edge DownloadDir: Default -> D:\stažené soubory
Edge HomePage: Default -> hxxp://www.google.cz/
Edge Extension: (Replace Favicon) - C:\Users\mzeme\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\akaelkiagnbfcccfnmbimdbplecgbikh [2020-05-18]
Edge Extension: (Flash Player) - C:\Users\mzeme\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bmimdmkleccdoghpgdhaahkelfhjfhgm [2020-10-11]
Edge Extension: (I don't care about cookies) - C:\Users\mzeme\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fihnjjcciajhdojfnbdddfaoknhalnja [2022-10-29]
Edge Extension: (Adblock Plus - free ad blocker) - C:\Users\mzeme\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gmgoamodcdcjnbaobigkjelfplakmdhh [2022-11-24]
Edge Extension: (All Video Downloader professional) - C:\Users\mzeme\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\mbpnbnogejaolbhfpfgagldkeahefbhd [2022-06-27]

FireFox:
========
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)

Chrome:
=======
CHR Profile: C:\Users\mzeme\AppData\Local\Google\Chrome\User Data\Default [2022-12-01]
CHR DownloadDir: D:\stažené soubory
CHR Notifications: Default -> hxxp://127.0.0.1; hxxps://calendar.google.com; hxxps://cs.athowto.com
CHR HomePage: Default -> hxxp://www.google.cz/
CHR StartupUrls: Default -> "hxxps://mail.google.com/mail/u/0/?shva=1#inbox"
CHR Extension: (Flash Player) - C:\Users\mzeme\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmimdmkleccdoghpgdhaahkelfhjfhgm [2020-10-07]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\mzeme\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2022-11-24]
CHR Extension: (I don't care about cookies) - C:\Users\mzeme\AppData\Local\Google\Chrome\User Data\Default\Extensions\fihnjjcciajhdojfnbdddfaoknhalnja [2022-10-28]
CHR Extension: (Dokumenty Google offline) - C:\Users\mzeme\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-11-18]
CHR Extension: (Spouštěč aplikací pro Disk (od Googlu)) - C:\Users\mzeme\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2021-01-23]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\mzeme\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR HKU\S-1-5-21-2694576939-4152107225-3971293488-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileSyncHelper.exe [3476400 2022-11-17] (Microsoft Corporation -> Microsoft Corporation)
S2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [236864 2022-06-24] (Huawei Technologies Co., Ltd. -> ) [File not signed]
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\22.227.1030.0001\OneDriveUpdaterService.exe [3843504 2022-11-17] (Microsoft Corporation -> Microsoft Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [224216 2022-11-09] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 ss_conn_launcher_service; C:\WINDOWS\System32\Samsung\EasySetup\ss_conn_launcher.exe [182392 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\NisSrv.exe [3191272 2022-11-11] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MsMpEng.exe [133544 2022-11-11] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_ee20464bb4ac57f4\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_ee20464bb4ac57f4\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [284672 2021-04-15] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [153088 2021-08-11] (Microsoft Corporation) [File not signed]
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2022-06-24] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R1 googledrivefs3758; C:\WINDOWS\System32\DRIVERS\googledrivefs3758.sys [384584 2022-03-24] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2022-06-24] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R3 MpKsl71573144; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{26DD7976-4F68-4EAC-84A9-7478FC7A519A}\MpKslDrv.sys [214280 2022-12-01] (Microsoft Windows -> Microsoft Corporation)
R3 NvModuleTracker; C:\WINDOWS\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys [45656 2022-07-14] (Nvidia Corporation -> NVIDIA Corporation)
S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [43640 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49616 2022-11-11] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [469288 2022-11-11] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [95520 2022-11-11] (Microsoft Windows -> Microsoft Corporation)
S3 cpuz154; \??\C:\WINDOWS\temp\cpuz154\cpuz154_x64.sys [X]
S3 HWiNFO_172; \??\C:\Users\mzeme\AppData\Local\Temp\HWiNFO64A_172.SYS [X] <==== ATTENTION

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-12-01 21:25 - 2022-12-01 21:27 - 000000000 ____D C:\AdwCleaner
2022-12-01 19:34 - 2022-12-01 19:34 - 000020796 _____ C:\Users\mzeme\Documents\cc_20221201_193359.reg
2022-11-28 09:50 - 2022-11-28 09:51 - 000000000 ____D C:\Users\mzeme\AppData\Local\HiSuite
2022-11-28 09:50 - 2022-11-28 09:50 - 000001064 _____ C:\Users\mzeme\Desktop\HiSuite.lnk
2022-11-28 09:50 - 2022-11-28 09:50 - 000000000 ____D C:\Users\mzeme\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiSuite
2022-11-20 09:15 - 2022-11-28 09:50 - 000000000 ____D C:\Program Files (x86)\HiSuite
2022-11-18 16:45 - 2022-12-01 08:23 - 000001134 _____ C:\WINDOWS\system32\config\VSMIDK
2022-11-18 10:40 - 2022-12-01 18:04 - 000000000 __SHD C:\Users\mzeme\AppData\Roaming\crystaldiskinfo
2022-11-18 10:30 - 2022-12-01 19:20 - 000000000 ____D C:\Users\mzeme\AppData\Roaming\InqfbrzNJH
2022-11-18 10:30 - 2022-12-01 18:07 - 000000000 ____D C:\Users\mzeme\AppData\Roaming\temp
2022-11-18 10:07 - 2022-11-18 10:07 - 000000743 _____ C:\Users\mzeme\Desktop\Start Tor Browser.lnk
2022-11-18 10:07 - 2022-11-18 10:07 - 000000743 _____ C:\Users\mzeme\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk
2022-11-18 09:58 - 2022-11-18 10:04 - 000000000 __SHD C:\tmp
2022-11-18 09:58 - 2022-11-18 09:58 - 000003378 _____ C:\WINDOWS\system32\Tasks\ar
2022-11-18 09:58 - 2022-11-18 09:58 - 000000000 __SHD C:\Users\mzeme\AppData\Roaming\obs-studio
2022-11-17 11:57 - 2022-11-17 11:57 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2022-11-17 11:56 - 2022-08-23 23:26 - 001905912 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2022-11-17 11:56 - 2022-08-23 23:26 - 001905912 _____ C:\WINDOWS\system32\vulkaninfo.exe
2022-11-17 11:56 - 2022-08-23 23:26 - 001478408 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2022-11-17 11:56 - 2022-08-23 23:26 - 001478408 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2022-11-17 11:56 - 2022-08-23 23:26 - 001145592 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2022-11-17 11:56 - 2022-08-23 23:26 - 001145592 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2022-11-17 11:56 - 2022-08-23 23:25 - 001471984 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2022-11-17 11:56 - 2022-08-23 23:25 - 001432312 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2022-11-17 11:56 - 2022-08-23 23:25 - 001432312 _____ C:\WINDOWS\system32\vulkan-1.dll
2022-11-17 11:56 - 2022-08-23 23:25 - 001213424 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2022-11-17 11:56 - 2022-08-23 23:22 - 001536512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2022-11-17 11:56 - 2022-08-23 23:22 - 001182704 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2022-11-17 11:56 - 2022-08-23 23:22 - 000865784 _____ C:\WINDOWS\system32\nvofapi64.dll
2022-11-17 11:56 - 2022-08-23 23:22 - 000771584 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2022-11-17 11:56 - 2022-08-23 23:22 - 000714752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2022-11-17 11:56 - 2022-08-23 23:22 - 000687616 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2022-11-17 11:56 - 2022-08-23 23:22 - 000052208 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhdap64.dll
2022-11-17 11:56 - 2022-08-23 23:21 - 010269696 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2022-11-17 11:56 - 2022-08-23 23:21 - 008803840 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2022-11-17 11:56 - 2022-08-23 23:21 - 005362688 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2022-11-17 11:56 - 2022-08-23 23:21 - 003066864 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2022-11-17 11:56 - 2022-08-23 23:21 - 002127856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2022-11-17 11:56 - 2022-08-23 23:21 - 001607664 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2022-11-17 11:56 - 2022-08-23 23:21 - 001059320 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2022-11-17 11:56 - 2022-08-23 23:21 - 000845312 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2022-11-17 11:56 - 2022-08-23 23:21 - 000456192 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2022-11-17 11:56 - 2022-08-23 23:20 - 005735936 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2022-11-17 11:56 - 2022-08-23 23:20 - 000852984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2022-11-17 11:56 - 2022-08-23 23:19 - 006367424 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2022-11-17 11:56 - 2022-08-23 22:57 - 000093241 _____ C:\WINDOWS\system32\nvinfo.pb
2022-11-09 13:22 - 2022-11-09 13:22 - 000688128 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2022-11-09 13:22 - 2022-11-09 13:22 - 000073216 _____ C:\WINDOWS\system32\nettraceex.dll
2022-11-09 13:21 - 2022-11-09 13:21 - 002387456 _____ C:\WINDOWS\system32\smartscreen.exe
2022-11-09 13:21 - 2022-11-09 13:21 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-11-09 13:21 - 2022-11-09 13:21 - 000012253 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-11-09 13:17 - 2022-11-09 13:17 - 000000000 ___HD C:\$WinREAgent
2022-11-02 08:39 - 2022-11-02 08:39 - 000000931 _____ C:\Users\Public\Desktop\Imou.lnk
2022-11-02 08:39 - 2022-11-02 08:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Imou

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-12-01 22:38 - 2021-07-25 09:15 - 000000000 ____D C:\FRST
2022-12-01 22:37 - 2020-11-11 16:36 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-12-01 22:30 - 2020-01-18 14:13 - 000000000 ____D C:\Program Files (x86)\Google
2022-12-01 21:27 - 2020-01-19 09:20 - 000000000 ____D C:\ProgramData\NVIDIA
2022-12-01 20:24 - 2020-01-18 17:16 - 000000000 ____D C:\Users\mzeme\AppData\Local\D3DSCache
2022-12-01 20:24 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-12-01 19:35 - 2020-11-18 16:04 - 000000000 ____D C:\Program Files\CCleaner
2022-12-01 19:34 - 2022-09-30 05:50 - 000003476 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2022-12-01 19:34 - 2022-09-30 05:50 - 000000760 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2022-12-01 19:34 - 2020-11-18 16:05 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2022-12-01 19:34 - 2020-01-18 16:06 - 000000000 ____D C:\Users\mzeme\AppData\Roaming\WhatsApp
2022-12-01 19:33 - 2020-11-11 19:29 - 000000000 ____D C:\WINDOWS\Minidump
2022-12-01 19:33 - 2020-01-27 15:08 - 000000000 ____D C:\Users\mzeme\AppData\Local\CrashDumps
2022-12-01 18:37 - 2020-01-19 12:30 - 000000000 ___RD C:\Users\mzeme\Disk Google
2022-12-01 17:38 - 2021-02-16 16:43 - 000001420 _____ C:\Users\mzeme\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2022-12-01 17:38 - 2021-02-16 16:43 - 000001314 _____ C:\Users\mzeme\Desktop\ESET Online Scanner.lnk
2022-12-01 08:30 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-12-01 08:28 - 2020-01-19 12:30 - 000000000 ____D C:\Users\mzeme\GoogleDisk
2022-12-01 08:28 - 2020-01-18 14:12 - 000000000 ___RD C:\Users\mzeme\OneDrive
2022-12-01 08:27 - 2020-11-11 16:39 - 001694140 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-12-01 08:27 - 2019-12-07 15:43 - 000717008 _____ C:\WINDOWS\system32\perfh005.dat
2022-12-01 08:27 - 2019-12-07 15:43 - 000145186 _____ C:\WINDOWS\system32\perfc005.dat
2022-12-01 08:27 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2022-12-01 08:23 - 2020-11-11 16:40 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-12-01 08:23 - 2020-11-11 16:35 - 000008192 ___SH C:\DumpStack.log.tmp
2022-11-30 21:58 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2022-11-30 21:54 - 2020-11-24 17:39 - 000000000 ____D C:\Users\mzeme\AppData\Roaming\Kodi
2022-11-30 18:51 - 2020-05-18 05:35 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-11-30 18:51 - 2020-05-18 05:35 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2022-11-30 18:51 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-11-30 17:49 - 2021-11-14 19:08 - 000000000 ____D C:\Users\Public\Imou_en
2022-11-30 13:22 - 2020-01-18 14:13 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-11-30 13:22 - 2020-01-18 14:13 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-11-29 23:28 - 2020-11-11 16:36 - 000000000 ____D C:\Users\mzeme
2022-11-29 20:18 - 2020-11-19 15:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2022-11-29 14:53 - 2021-09-10 19:24 - 000002057 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk
2022-11-29 14:53 - 2021-09-10 19:24 - 000001899 _____ C:\Users\Default\Desktop\Google Slides.lnk
2022-11-29 14:53 - 2021-09-10 19:24 - 000001899 _____ C:\Users\Default\Desktop\Google Sheets.lnk
2022-11-29 14:53 - 2021-09-10 19:24 - 000001887 _____ C:\Users\Default\Desktop\Google Docs.lnk
2022-11-28 21:01 - 2022-02-01 15:21 - 000000000 ____D C:\Users\mzeme\AppData\Local\WhatsApp
2022-11-27 20:26 - 2020-02-09 17:11 - 000000000 ____D C:\Users\mzeme\DCC_E2
2022-11-20 09:04 - 2022-09-29 08:44 - 000000000 ____D C:\Users\mzeme\Documents\HiSuite
2022-11-19 18:47 - 2020-02-09 17:24 - 000000000 ____D C:\Users\mzeme\AppData\Roaming\vlc
2022-11-18 10:15 - 2020-05-16 06:16 - 000000000 ____D C:\Users\mzeme\AppData\LocalLow\Mozilla
2022-11-18 09:47 - 2021-06-19 18:20 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2022-11-17 12:01 - 2021-12-11 18:24 - 000003596 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2694576939-4152107225-3971293488-1001
2022-11-17 12:01 - 2020-11-12 15:50 - 000003194 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2022-11-17 12:01 - 2020-11-12 15:50 - 000002130 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-11-12 08:45 - 2020-11-11 16:40 - 000003640 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-11-12 08:45 - 2020-11-11 16:40 - 000003516 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-11-11 21:02 - 2020-09-30 22:37 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2022-11-11 07:53 - 2020-01-18 14:02 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2022-11-09 14:38 - 2020-11-11 16:36 - 000458488 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-11-09 14:38 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2022-11-09 14:38 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2022-11-09 14:38 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-11-09 14:38 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-11-09 14:38 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-11-09 14:38 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-11-09 14:38 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-11-09 14:38 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-11-09 13:24 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-11-09 13:21 - 2020-11-11 16:39 - 003014656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-11-09 13:21 - 2020-01-18 14:01 - 000415688 __RSH C:\bootmgr
2022-11-09 07:34 - 2020-01-18 17:23 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-11-09 07:32 - 2020-01-18 17:23 - 146960040 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-11-02 08:39 - 2021-11-14 19:08 - 000000000 ____D C:\Program Files\Imou_en

==================== Files in the root of some directories ========

2022-03-13 09:40 - 2022-03-13 09:40 - 000002043 _____ () C:\Users\mzeme\AppData\Roaming\Microsoft\2ae5198e-120a-48ad-a3ae-1860ee29241a.tmp
2022-04-17 12:25 - 2022-04-17 12:25 - 000002041 _____ () C:\Users\mzeme\AppData\Roaming\Microsoft\550a6ca0-2af1-40ab-9b7d-a2507c8e7216.tmp
2022-04-28 20:24 - 2022-04-28 20:24 - 000002042 _____ () C:\Users\mzeme\AppData\Roaming\Microsoft\b4803a5c-24b5-4e75-96c9-20a113898e10.tmp
2020-02-16 14:27 - 2022-10-26 17:04 - 000010752 _____ () C:\Users\mzeme\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2020-02-10 17:45 - 2021-01-16 21:30 - 000000128 _____ () C:\Users\mzeme\AppData\Local\PUTTY.RND
2020-05-06 14:33 - 2020-05-06 14:33 - 000000017 _____ () C:\Users\mzeme\AppData\Local\resmon.resmoncfg

==================== FLock ==============================

2022-11-09 13:21 C:\WINDOWS\system32\smartscreen.exe

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-11-2022
Ran by Milan (01-12-2022 22:38:54)
Running from D:\stažené soubory
Microsoft Windows 10 Pro Version 22H2 19045.2251 (X64) (2020-11-11 15:40:48)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-2694576939-4152107225-3971293488-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2694576939-4152107225-3971293488-503 - Limited - Disabled)
Guest (S-1-5-21-2694576939-4152107225-3971293488-501 - Limited - Disabled)
KODI-PC (S-1-5-21-2694576939-4152107225-3971293488-1002 - Limited - Enabled)
Milan (S-1-5-21-2694576939-4152107225-3971293488-1001 - Administrator - Enabled) => C:\Users\mzeme
WDAGUtilityAccount (S-1-5-21-2694576939-4152107225-3971293488-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Balíček ovladače systému Windows - Silicon Laboratories Inc. (silabser) Ports (09/19/2016 6.7.4.261) (HKLM\...\9E2C239D42290B984A9E2B350A67AF8BC8BD11B9) (Version: 09/19/2016 6.7.4.261 - Silicon Laboratories Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 6.06 - Piriform)
CPUID CPU-Z 2.03 (HKLM\...\CPUID CPU-Z_is1) (Version: 2.03 - CPUID, Inc.)
DCC_E2 (HKLM-x32\...\{B170E541-3668-480A-A2F0-3D7BAD17F877}) (Version: 2.40 - BernyR)
dreamboxEDIT -- The one and only settings editor for your Dreambox (HKLM-x32\...\dreamboxEDIT) (Version: - )
Farming Simulator 22 (HKLM-x32\...\Farming Simulator 22_is1) (Version: - )
Google Drive (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 67.0.2.0 - Google LLC)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 107.0.5304.122 - Google LLC)
HiSuite (HKLM-x32\...\Hi Suite) (Version: 11.0.0.650 - Huawei Technologies Co., Ltd.)
HWiNFO64 Version 7.30 (HKLM\...\HWiNFO64_is1) (Version: 7.30 - Martin Malik - REALiX)
Imou (HKLM\...\Imou_en) (Version: 2.5.1 - Hangzhou Huacheng Network Technology Company)
Imou (HKLM-x32\...\Imou_en) (Version: 2.3.1 - Hangzhou Huacheng Network Technology Company)
IrfanView 4.54 (64-bit) (HKLM\...\IrfanView64) (Version: 4.54 - Irfan Skiljan)
Kodi (HKU\S-1-5-21-2694576939-4152107225-3971293488-1001\...\Kodi) (Version: 19.0.0.0 - XBMC Foundation)
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
LibreOffice 7.0.0.3 (HKLM\...\{7C7F19DA-6107-4284-9263-EC5C4792C8C7}) (Version: 7.0.0.3 - The Document Foundation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 107.0.1418.62 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 107.0.1418.62 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 22.227.1030.0001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{80F1AF52-7AC0-42A3-9AF0-689BFB271D1D}) (Version: 3.68.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.22.27821 (HKLM-x32\...\{6361b579-2795-4886-b2a8-53d5239b6452}) (Version: 14.22.27821.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.22.27821 (HKLM-x32\...\{5bfc1380-fd35-4b85-9715-7351535d077e}) (Version: 14.22.27821.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X64 Additional Runtime - 14.22.27821 (HKLM\...\{6E2C7A8E-B17A-4637-9CE9-F0B1157CF378}) (Version: 14.22.27821 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.22.27821 (HKLM\...\{0093C20C-273D-4397-B623-515CB8616CB9}) (Version: 14.22.27821 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.22.27821 (HKLM-x32\...\{3BDE80F7-7EC9-448E-8160-4ADA0CDA8879}) (Version: 14.22.27821 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.22.27821 (HKLM-x32\...\{1E6FC929-567E-4D22-9206-C5B83F0A21B9}) (Version: 14.22.27821 - Microsoft Corporation) Hidden
Movavi Video Editor 23 (HKU\S-1-5-21-2694576939-4152107225-3971293488-1001\...\Movavi Video Editor 23) (Version: 23.0.1 - Movavi)
NVIDIA FrameView SDK 1.3.8107.31782123 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.3.8107.31782123 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.26.0.154 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.26.0.154 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 516.94 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 516.94 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
Pomocník s aktualizací Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.23367 - Microsoft Corporation)
PuTTY release 0.73 (64-bit) (HKLM\...\{44F7642C-AB7E-4468-B028-E8D08A0CBB0E}) (Version: 0.73.0.0 - Simon Tatham)
Raspberry Pi Imager (HKU\S-1-5-21-2694576939-4152107225-3971293488-1001\...\Raspberry Pi Imager) (Version: 1.4 - Raspberry Pi)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
SD Card Formatter (HKLM-x32\...\{A61131DC-B92D-4AD8-A925-E2D6D5FE217C}) (Version: 5.0.1 - SD Association)
Signal 5.51.0 (HKU\S-1-5-21-2694576939-4152107225-3971293488-1001\...\7d96caee-06e6-597c-9f2f-c7bb2e0948b4) (Version: 5.51.0 - Signal Messenger, LLC)
Skype verze 8.91 (HKLM-x32\...\Skype_is1) (Version: 8.91 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Tenorshare 4DDiG 8.1.2.2 (HKLM\...\{UltData - Windows}_is1) (Version: 8.1.2.2 - Tenorshare, Inc.)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.22a - Ghisler Software GmbH)
TruckersMP Launcher 1.0.0.4 (HKLM\...\{A227B892-C548-4490-9C5D-DB341F8194A6}_is1) (Version: 1.0.0.4 - TruckersMP Team)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.11 - VideoLAN)
WhatsApp (HKU\S-1-5-21-2694576939-4152107225-3971293488-1001\...\WhatsApp) (Version: 2.2245.9 - WhatsApp)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Zip Password Recover (HKLM-x32\...\{F84258BC-AA68-4E24-BCD5-3FDA2D880ED6}) (Version: 1.1.1 - Recover Password)
Zoner Photo Studio 17 (HKLM\...\ZonerPhotoStudio17_CZ_is1) (Version: 17.0.1.3 - ZONER software)

Packages:
=========
Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_7.27.20.0_x64__kgqvnymyfvs32 [2022-11-22] (king.com)
Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_1.93.2.0_x64__kgqvnymyfvs32 [2022-11-24] (king.com)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-01-19] (Microsoft Corporation)
Chordle -> C:\Program Files\WindowsApps\19116MUNKLESOFT.CHORDLE_2.2.150.0_x64__sjfyx6f2ztysj [2022-11-22] (Munklesoft)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-01-18] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-01-18] (Microsoft Corporation) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.963.0_x64__56jybvy8sckqj [2022-10-16] (NVIDIA Corp.)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.15.11210.0_x64__8wekyb3d8bbwe [2022-11-29] (Microsoft Studios) [MS Ad]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileSyncShell64.dll [2022-11-17] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileSyncShell64.dll [2022-11-17] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileSyncShell64.dll [2022-11-17] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileSyncShell64.dll [2022-11-17] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileSyncShell64.dll [2022-11-17] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileSyncShell64.dll [2022-11-17] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileSyncShell64.dll [2022-11-17] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\67.0.2.0\drivefsext.dll [2022-11-29] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\67.0.2.0\drivefsext.dll [2022-11-29] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\67.0.2.0\drivefsext.dll [2022-11-29] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\67.0.2.0\drivefsext.dll [2022-11-29] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileSyncShell64.dll [2022-11-17] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileSyncShell64.dll [2022-11-17] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileSyncShell64.dll [2022-11-17] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileSyncShell64.dll [2022-11-17] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileSyncShell64.dll [2022-11-17] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileSyncShell64.dll [2022-11-17] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileSyncShell64.dll [2022-11-17] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileSyncShell64.dll [2022-11-17] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\67.0.2.0\drivefsext.dll [2022-11-29] (Google LLC -> Google, Inc.)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileSyncShell64.dll [2022-11-17] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\67.0.2.0\drivefsext.dll [2022-11-29] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileSyncShell64.dll [2022-11-17] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\67.0.2.0\drivefsext.dll [2022-11-29] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_ee20464bb4ac57f4\nvshext.dll [2022-08-23] (Nvidia Corporation -> NVIDIA Corporation)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:9A870F8B [268]

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========


==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-03-19 05:49 - 2022-11-18 09:58 - 000003364 _____ C:\WINDOWS\system32\drivers\etc\hosts
0.0.0.0 account.zoner.com
127.0.0.1 checkhost.local
109.94.209.70 *.fitgirl-repacks.xyz # Fake FitGirl site
109.94.209.70 *.fitgirl-repacks.xyz # Fake FitGirl site
109.94.209.70 fitgirlrepacks.in # Fake FitGirl site
109.94.209.70 www.fitgirlrepacks.in # Fake FitGirl site
109.94.209.70 fitgirlrepacks.co # Fake FitGirl site
109.94.209.70 fitgirl-repacks.cc # Fake FitGirl site
109.94.209.70 fitgirl-repacks.to # Fake FitGirl site
109.94.209.70 fitgirl-repack.com # Fake FitGirl site
109.94.209.70 fitgirl-repacks.website # Fake FitGirl site
109.94.209.70 fitgirlrepack.games # Fake FitGirl site
109.94.209.70 www.fitgirlrepacks.co # Fake FitGirl site
109.94.209.70 www.fitgirl-repacks.cc # Fake FitGirl site
109.94.209.70 www.fitgirl-repacks.to # Fake FitGirl site
109.94.209.70 www.fitgirl-repack.com # Fake FitGirl site
109.94.209.70 www.fitgirl-repacks.website # Fake FitGirl site
109.94.209.70 ww9.fitgirl-repacks.xyz # Fake FitGirl site
109.94.209.70 www.fitgirlrepack.games # Fake FitGirl site
109.94.209.70 *.fitgirl-repacks.xyz # Fake FitGirl site
109.94.209.70 fitgirl-repacks.xyz # Fake FitGirl site
109.94.209.70 fitgirl-repack.net # Fake FitGirl site
109.94.209.70 www.fitgirl-repack.net # Fake FitGirl site
109.94.209.70 fitgirlpack.site # Fake FitGirl site
109.94.209.70 www.fitgirlpack.site # Fake FitGirl site
109.94.209.70 fitgirl-repack.org # Fake FitGirl site
109.94.209.70 www.fitgirl-repack.org # Fake FitGirl site
0.0.0.0 checkappexec.microsoft.com
0.0.0.0 smartscreen-prod.microsoft.com
0.0.0.0 nav.smartscreen.microsoft.com

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2694576939-4152107225-3971293488-1001\Control Panel\Desktop\\Wallpaper -> D:\stažené soubory\wokna.jpg
DNS Servers: 1.1.1.1 - 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 0) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: off)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKU\S-1-5-21-2694576939-4152107225-3971293488-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-2694576939-4152107225-3971293488-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-2694576939-4152107225-3971293488-1001\...\StartupApproved\Run: => "Zoner Photo Studio Autoupdate"
HKU\S-1-5-21-2694576939-4152107225-3971293488-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [TCP Query User{7FFD49BD-BA15-4D85-A5D9-F024ACF7B298}D:\steam\steam.exe] => (Allow) D:\steam\steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [UDP Query User{EDC8299D-F61A-4AF5-91D8-DDA9EF748821}D:\steam\steam.exe] => (Allow) D:\steam\steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{BCE62EC3-3DB3-49DB-8CDA-592295F590A9}] => (Allow) D:\steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{AE36D177-8B89-4C0F-94CF-880C2E5DA546}] => (Allow) D:\steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [TCP Query User{3D50BC4B-85C3-4B79-B9CF-C885072D27D0}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{789EE48D-488F-40D8-9A80-5B1CAD31A0FB}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{47FA76C6-8ECF-4A0D-95DA-7DABE6BC9A3E}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{19C5E664-AE86-4EB6-B92E-168427F4FE71}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{29D44FCD-9DFA-42CC-869B-B72F3799BD3C}] => (Allow) C:\steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{191FA4CA-18CD-41D3-85D4-27AB7B48EC7F}] => (Allow) C:\steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{F9C4887F-B1B9-42BB-A8E1-A380112312A1}] => (Allow) C:\steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{22B40A81-B8D1-417D-B25B-85695535C04B}] => (Allow) C:\steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{20B38C0F-33BF-4A93-BE0F-0B79FC9E4E1B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{F0AA4D60-202D-4DAA-B673-1107C48F1DBD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{60682377-93C6-4773-882B-A33C66C2E048}C:\program files\imou_en\bin\imou_en.exe] => (Allow) C:\program files\imou_en\bin\imou_en.exe (Hangzhou Huacheng Network Technology Co.,Ltd. -> Hangzhou Huacheng Network Technology Company)
FirewallRules: [UDP Query User{3E8B4834-DC7C-419B-B633-8574421C4684}C:\program files\imou_en\bin\imou_en.exe] => (Allow) C:\program files\imou_en\bin\imou_en.exe (Hangzhou Huacheng Network Technology Co.,Ltd. -> Hangzhou Huacheng Network Technology Company)
FirewallRules: [{1410351A-4AE3-4EC2-88DA-5E5BC82006A2}] => (Allow) C:\Program Files (x86)\Tenorshare\Tenorshare 4DDiG\Tenorshare 4DDiG.exe (Tenorshare Co., Ltd. -> Tenorshare)
FirewallRules: [{232C3626-2C6E-492A-8D2A-5AA83B40E1E5}] => (Allow) C:\Program Files (x86)\Tenorshare\Tenorshare 4DDiG\Tenorshare 4DDiG.exe (Tenorshare Co., Ltd. -> Tenorshare)
FirewallRules: [{2B65F5D7-61EC-4E50-87B6-9F4C802FAFBD}] => (Allow) C:\Program Files (x86)\Tenorshare\Tenorshare 4DDiG\NetFrameCheck.exe (Tenorshare Co., Ltd. -> Tenorshare)
FirewallRules: [{8AD3AB29-8029-4E67-9A12-06960C9E3F45}] => (Allow) C:\Program Files (x86)\Tenorshare\Tenorshare 4DDiG\NetFrameCheck.exe (Tenorshare Co., Ltd. -> Tenorshare)
FirewallRules: [TCP Query User{042E1DEA-7F3C-452E-83C0-9F63FEABCAF4}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{4E266D98-5B4A-4716-8784-2577A5AB60C5}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{22FCDF3D-BB32-43E3-B019-3DA2EC05E097}] => (Allow) C:\steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{B14845A3-AE55-4ED1-8C13-6AE3F4A2C09B}] => (Allow) C:\steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{9AE05EAC-0A61-44AC-AA62-7E5CE6F606AF}] => (Allow) C:\steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{78C4D66F-0D39-495A-9FA0-FD7FA9DEBC73}] => (Allow) C:\steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{71423391-F1BC-4FA9-8BC0-131FF3DF8CB1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{5834183D-9B0F-445E-8770-BA60A14DAA44}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{3276491D-9A4A-49A6-85B7-74A4BF4D255D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{DCB86CFD-357C-4819-9444-74DB1BCF77CB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{B7A266A9-ABC4-44D2-8A40-03B7481BC40A}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{DDE001D9-F1FC-4964-AED4-50FA97380C28}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A1170DDE-C257-4F1D-9F3F-CEDB77D1FDAB}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{99E69A48-E69D-4EA0-8115-3BCBF7D3439E}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\107.0.1418.62\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================


==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (12/01/2022 09:39:46 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Fotky (D:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (11/30/2022 08:31:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: FarmingSimulator2022Game.exe, verze: 9.0.0.0, časové razítko: 0x62eb68a9
Název chybujícího modulu: FarmingSimulator2022Game.exe, verze: 9.0.0.0, časové razítko: 0x62eb68a9
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000352821
ID chybujícího procesu: 0x27cc
Čas spuštění chybující aplikace: 0x01d904cf453db8a7
Cesta k chybující aplikaci: C:\Games\Farming Simulator 22\x64\FarmingSimulator2022Game.exe
Cesta k chybujícímu modulu: C:\Games\Farming Simulator 22\x64\FarmingSimulator2022Game.exe
ID zprávy: a923cd22-9488-4976-993a-eb0d5a9d9c5f
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (11/29/2022 12:08:53 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: FarmingSimulator2022Game.exe, verze: 9.0.0.0, časové razítko: 0x62eb68a9
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x00000177527826f0
ID chybujícího procesu: 0x24e4
Čas spuštění chybující aplikace: 0x01d90371515ed669
Cesta k chybující aplikaci: C:\Games\Farming Simulator 22\x64\FarmingSimulator2022Game.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 5549802c-80ea-4053-933b-7e568c451582
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (11/28/2022 08:08:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: FarmingSimulator2022Game.exe, verze: 9.0.0.0, časové razítko: 0x62eb68a9
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x00000187d9272880
ID chybujícího procesu: 0x1f8c
Čas spuštění chybující aplikace: 0x01d9032780472a6a
Cesta k chybující aplikaci: C:\Games\Farming Simulator 22\x64\FarmingSimulator2022Game.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 389de7b5-3500-4542-9607-09c09329bd94
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (11/28/2022 01:45:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: FarmingSimulator2022Game.exe, verze: 9.0.0.0, časové razítko: 0x62eb68a9
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x00000148e3f06fc0
ID chybujícího procesu: 0x1fe8
Čas spuštění chybující aplikace: 0x01d902fb0655e042
Cesta k chybující aplikaci: C:\Games\Farming Simulator 22\x64\FarmingSimulator2022Game.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: e1a8a45d-edc9-4c93-aad1-b1b19a62804c
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (11/27/2022 04:14:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: FarmingSimulator2022Game.exe, verze: 9.0.0.0, časové razítko: 0x62eb68a9
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x0000023d8290f790
ID chybujícího procesu: 0x1f08
Čas spuštění chybující aplikace: 0x01d9026e168536e3
Cesta k chybující aplikaci: C:\Games\Farming Simulator 22\x64\FarmingSimulator2022Game.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 5d3dd6f4-cd70-4a69-8ce6-03a566b7a37a
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (11/27/2022 03:39:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: FarmingSimulator2022Game.exe, verze: 9.0.0.0, časové razítko: 0x62eb68a9
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x0000016515e8d5a0
ID chybujícího procesu: 0xcb8
Čas spuštění chybující aplikace: 0x01d902356a67a52b
Cesta k chybující aplikaci: C:\Games\Farming Simulator 22\x64\FarmingSimulator2022Game.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: a4eb0919-3dc4-439a-a553-f7391e646b5d
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (11/26/2022 05:42:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: FarmingSimulator2022Game.exe, verze: 9.0.0.0, časové razítko: 0x62eb68a9
Název chybujícího modulu: FarmingSimulator2022Game.exe, verze: 9.0.0.0, časové razítko: 0x62eb68a9
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000352821
ID chybujícího procesu: 0x298c
Čas spuštění chybující aplikace: 0x01d901a093a41705
Cesta k chybující aplikaci: C:\Games\Farming Simulator 22\x64\FarmingSimulator2022Game.exe
Cesta k chybujícímu modulu: C:\Games\Farming Simulator 22\x64\FarmingSimulator2022Game.exe
ID zprávy: 16aae2cf-e20f-4386-a200-32bd46469f5c
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:


System errors:
=============
Error: (12/01/2022 09:27:18 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA LocalSystem Container byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.

Error: (12/01/2022 09:27:18 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba HuaweiHiSuiteService64.exe byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (12/01/2022 09:27:18 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA Display Container LS byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.

Error: (12/01/2022 07:33:17 PM) (Source: DCOM) (EventID: 10000) (User: PC-MILAN)
Description: Nelze spustit server DCOM: {0358B920-0AC7-461F-98F4-58E32CD89148}. Došlo k chybě:
2147942767
při provádění příkazu:
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}

Error: (12/01/2022 05:39:55 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba eapihdrv neuspěla při spuštění v důsledku následující chyby:
Načtení tohoto ovladače je blokováno.

Error: (12/01/2022 05:39:55 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\mzeme\AppData\Local\Temp\ehdrv.sys

Error: (12/01/2022 05:39:54 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba eapihdrv neuspěla při spuštění v důsledku následující chyby:
Načtení tohoto ovladače je blokováno.

Error: (12/01/2022 05:39:54 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\mzeme\AppData\Local\Temp\ehdrv.sys


CodeIntegrity:
===============
Date: 2022-12-01 17:39:55
Description:
Code Integrity determined that a process (System) attempted to load \Device\HarddiskVolume1\Users\mzeme\AppData\Local\Temp\ehdrv.sys that is not compatible with hypervisor enforcement. Failure bitmap 0x1. Status 0xC00000BB.


==================== Memory info ===========================

BIOS: American Megatrends Inc. FC 08/11/2015
Motherboard: Gigabyte Technology Co., Ltd. H81M-S2PV
Processor: Intel(R) Core(TM) i7-4790 CPU @ 3.60GHz
Percentage of memory in use: 35%
Total physical RAM: 12252.86 MB
Available physical RAM: 7916.3 MB
Total Virtual: 16092.86 MB
Available Virtual: 9868.17 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:231.94 GB) (Free:95.89 GB) (Model: Samsung SSD 860 EVO 250GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (Fotky) (Fixed) (Total:465.76 GB) (Free:194.63 GB) (Model: WDC WD5000AZRX-00A8LB0) NTFS

\\?\Volume{e30ce30c-0000-0000-0000-20fc39000000}\ () (Fixed) (Total:0.5 GB) (Free:0.08 GB) NTFS
\\?\Volume{e30ce30c-0000-0000-0000-801c3a000000}\ () (Fixed) (Total:0.44 GB) (Free:0.08 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 232.9 GB) (Disk ID: E30CE30C)
Partition 1: (Active) - (Size=231.9 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=517 MB) - (Type=27)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 0367C0E6)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================

Kema
Návštěvník
Návštěvník
Příspěvky: 152
Registrován: 08 led 2005 18:15
Bydliště: Bohosudov
Kontaktovat uživatele:

Re: Google varuje prolomením hesla

#6 Příspěvek od Kema »

Ta hláška je že systém nemůže najít něco k OBS-studio - nemá prý obs64.scr
Proto mi asi nejde udělat PrintScreen.
Těchto oken je otenřených i několik.
IMG_20221202_095107.jpg
IMG_20221202_095107.jpg (77.08 KiB) Zobrazeno 859 x

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118199
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Google varuje prolomením hesla

#7 Příspěvek od Rudy »

OK. Nepotřebuji printscreen, ale nové logy. Ty jste dal. Pravděpodobně máte chybu v systému. Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore: [DisableConfig] Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore: [DisableSR] Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-2694576939-4152107225-3971293488-1001\...\MountPoints2: {f5015da2-3fc4-11ed-b4e2-fcaa141acbfa} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2694576939-4152107225-3971293488-1001\...\MountPoints2: {f5015e38-3fc4-11ed-b4e2-fcaa141acbfa} - "E:\HiSuiteDownLoader.exe"
ShortcutTarget: CrystalDiskInfo8.lnk -> C:\Users\mzeme\AppData\Roaming\crystaldiskinfo\diskinfo8.scr (No File)
ShortcutTarget: OBS.lnk -> C:\Users\mzeme\AppData\Roaming\obs-studio\bin\64bit\obs64.scr (No File)
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
Task: {07792A0A-3D92-4152-BF67-2DB7A88F5CC6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-01-18] (Google LLC -> Google LLC)
Task: {0C69C76B-48E6-4E5A-A5F1-85232E888B36} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-01-18] (Google LLC -> Google LLC)
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
S3 HWiNFO_172; \??\C:\Users\mzeme\AppData\Local\Temp\HWiNFO64A_172.SYS [X] <==== ATTENTION
C:\Users\mzeme\AppData\Roaming\Microsoft\2ae5198e-120a-48ad-a3ae-1860ee29241a.tmp
C:\Users\mzeme\AppData\Roaming\Microsoft\550a6ca0-2af1-40ab-9b7d-a2507c8e7216.tmp
C:\Users\mzeme\AppData\Roaming\Microsoft\b4803a5c-24b5-4e75-96c9-20a113898e10.tmp
C:\Users\mzeme\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
AlternateDataStreams: C:\ProgramData\TEMP:9A870F8B [268]

Hosts:
EmptyTemp:
End
Uložte do D:\stažené soubory jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Kema
Návštěvník
Návštěvník
Příspěvky: 152
Registrován: 08 led 2005 18:15
Bydliště: Bohosudov
Kontaktovat uživatele:

Re: Google varuje prolomením hesla

#8 Příspěvek od Kema »

Fix result of Farbar Recovery Scan Tool (x64) Version: 26-11-2022
Ran by Milan (02-12-2022 11:23:53) Run:1
Running from D:\stažené soubory
Loaded Profiles: Milan
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore: [DisableConfig] Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore: [DisableSR] Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-2694576939-4152107225-3971293488-1001\...\MountPoints2: {f5015da2-3fc4-11ed-b4e2-fcaa141acbfa} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2694576939-4152107225-3971293488-1001\...\MountPoints2: {f5015e38-3fc4-11ed-b4e2-fcaa141acbfa} - "E:\HiSuiteDownLoader.exe"
ShortcutTarget: CrystalDiskInfo8.lnk -> C:\Users\mzeme\AppData\Roaming\crystaldiskinfo\diskinfo8.scr (No File)
ShortcutTarget: OBS.lnk -> C:\Users\mzeme\AppData\Roaming\obs-studio\bin\64bit\obs64.scr (No File)
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
Task: {07792A0A-3D92-4152-BF67-2DB7A88F5CC6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-01-18] (Google LLC -> Google LLC)
Task: {0C69C76B-48E6-4E5A-A5F1-85232E888B36} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-01-18] (Google LLC -> Google LLC)
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
S3 HWiNFO_172; \??\C:\Users\mzeme\AppData\Local\Temp\HWiNFO64A_172.SYS [X] <==== ATTENTION
C:\Users\mzeme\AppData\Roaming\Microsoft\2ae5198e-120a-48ad-a3ae-1860ee29241a.tmp
C:\Users\mzeme\AppData\Roaming\Microsoft\550a6ca0-2af1-40ab-9b7d-a2507c8e7216.tmp
C:\Users\mzeme\AppData\Roaming\Microsoft\b4803a5c-24b5-4e75-96c9-20a113898e10.tmp
C:\Users\mzeme\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
AlternateDataStreams: C:\ProgramData\TEMP:9A870F8B [268]

Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
HKLM\Software\Policies\Microsoft\Windows NT\SystemRestore => removed successfully
HKLM\Software\Policies\Microsoft\Windows NT\SystemRestore => not found
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => could not remove, key could be protected
HKU\S-1-5-21-2694576939-4152107225-3971293488-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f5015da2-3fc4-11ed-b4e2-fcaa141acbfa} => removed successfully
HKU\S-1-5-21-2694576939-4152107225-3971293488-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f5015e38-3fc4-11ed-b4e2-fcaa141acbfa} => removed successfully
"C:\Users\mzeme\AppData\Roaming\crystaldiskinfo\diskinfo8.scr" => not found
"C:\Users\mzeme\AppData\Roaming\obs-studio\bin\64bit\obs64.scr" => not found
C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully
C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully
C:\WINDOWS\SysWOW64\GroupPolicy\GPT.ini => moved successfully
C:\ProgramData\NTUSER.pol => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{07792A0A-3D92-4152-BF67-2DB7A88F5CC6}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{07792A0A-3D92-4152-BF67-2DB7A88F5CC6}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{0C69C76B-48E6-4E5A-A5F1-85232E888B36}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0C69C76B-48E6-4E5A-A5F1-85232E888B36}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\BookReader_B171F20233094AC88D05A8EF7B9763E8 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => removed successfully
HKLM\System\CurrentControlSet\Services\HWiNFO_172 => removed successfully
HWiNFO_172 => service removed successfully
C:\Users\mzeme\AppData\Roaming\Microsoft\2ae5198e-120a-48ad-a3ae-1860ee29241a.tmp => moved successfully
C:\Users\mzeme\AppData\Roaming\Microsoft\550a6ca0-2af1-40ab-9b7d-a2507c8e7216.tmp => moved successfully
C:\Users\mzeme\AppData\Roaming\Microsoft\b4803a5c-24b5-4e75-96c9-20a113898e10.tmp => moved successfully
C:\Users\mzeme\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => moved successfully
C:\ProgramData\TEMP => ":9A870F8B" ADS removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 1572864 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 13738830 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 1047563646 B
Windows/system/drivers => 9515358 B
Edge => 42187 B
Chrome => 440510463 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 665752132 B
systemprofile32 => 666004556 B
LocalService => 666004556 B
NetworkService => 666006570 B
mzeme => 670792790 B

RecycleBin => 0 B
EmptyTemp: => 4.5 GB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 02-12-2022 11:24:56)


Result of scheduled keys to remove after reboot:

HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => could not remove, key could be protected

==== End of Fixlog 11:24:56 ====

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118199
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Google varuje prolomením hesla

#9 Příspěvek od Rudy »

Bylo smazáno. Nastala změna k lepšímu?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Kema
Návštěvník
Návštěvník
Příspěvky: 152
Registrován: 08 led 2005 18:15
Bydliště: Bohosudov
Kontaktovat uživatele:

Re: Google varuje prolomením hesla

#10 Příspěvek od Kema »

Děkuji za pomoc.
Systém se chová normálně - kromně toho vyskakovacího okna.
Google už také nehlásí problém se zabezpečením účtu ale já hesla prevenivně stejně změnil.

Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15196
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: Google varuje prolomením hesla

#11 Příspěvek od JaRon »

zaskocim:
ZMAZ rucne subor C:\Users\mzeme\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OBS.lnk
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum
https://platba.viry.cz/payment/

Kema
Návštěvník
Návštěvník
Příspěvky: 152
Registrován: 08 led 2005 18:15
Bydliště: Bohosudov
Kontaktovat uživatele:

Re: Google varuje prolomením hesla

#12 Příspěvek od Kema »

Ahoj.
Díky. Zkouším to ale i když jsem přihlášen jako správce tak mi to nedovolí smazat.

Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15196
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: Google varuje prolomením hesla

#13 Příspěvek od JaRon »

Vytvor novy fixlist.txt s obsahom:

Start

C:\Users\mzeme\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OBS.lnk

End
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum
https://platba.viry.cz/payment/

Kema
Návštěvník
Návštěvník
Příspěvky: 152
Registrován: 08 led 2005 18:15
Bydliště: Bohosudov
Kontaktovat uživatele:

Re: Google varuje prolomením hesla

#14 Příspěvek od Kema »

SUPER - Díky - je to pryč.

Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15196
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: Google varuje prolomením hesla

#15 Příspěvek od JaRon »

aj za Rudyho: radi sme pomohli :133:
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum
https://platba.viry.cz/payment/

Zamčeno