VIRY.CZ

Ahoj.

Google mně dnes varoval že asi došlo k prolomení hesla, odhlásil mně z účtu a pak jsem musel projít procedůrou autorizace.
Radí mi změnit hesla a také říká že mám v PC nějaký Windows malware.
Já hlavně změnil preventivně hesla u bankovního účtu a Google.
V těch různých hlášení bylo i Konzoliste.cz kde jsem včera a předevčírem nakupoval hry na PS4 a PS5.
Pak jsem vyplňoval nějakou jejich anketu.
Také jsem dostal varování ohledně hesla na PayPal.
Včera jsem instaloval na mobil jejich aplikaci.
Prosím tedy o kontrolu systému.
Snad to nebude vážné.
Děkuji předem.

-------------------------------------------
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 26-11-2022
Ran by Milan (administrator) on PC-MILAN (Gigabyte Technology Co., Ltd. H81M-S2PV) (01-12-2022 19:38:19)
Running from D:\stažené soubory
Loaded Profiles: Milan
Platform: Microsoft Windows 10 Pro Version 22H2 19045.2251 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MpCopyAccelerator.exe
(explorer.exe ->) (Google LLC -> ) C:\Program Files\Google\Drive File Stream\67.0.2.0\crashpad_handler.exe <2>
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <13>
(explorer.exe ->) (Google LLC -> Google, Inc.) C:\Program Files\Google\Drive File Stream\67.0.2.0\GoogleDriveFS.exe <7>
(explorer.exe ->) (Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe <6>
(Nvidia Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(services.exe ->) (Huawei Technologies Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\NisSrv.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_ee20464bb4ac57f4\Display.NvContainer\NVDisplay.Container.exe <2>
(svchost.exe ->) () [File not signed] C:\Users\mzeme\AppData\Roaming\InqfbrzNJH\svcupdater.Vvexe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore: [DisableConfig] Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore: [DisableSR] Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\67.0.2.0\GoogleDriveFS.exe [53350168 2022-11-29] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\67.0.2.0\GoogleDriveFS.exe [53350168 2022-11-29] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-2694576939-4152107225-3971293488-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2626480 2022-11-17] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2694576939-4152107225-3971293488-1001\...\Run: [Steam] => D:\steam\steam.exe [4234600 2022-08-20] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-2694576939-4152107225-3971293488-1001\...\Run: [com.squirrel.WhatsApp.WhatsApp] => C:\Users\mzeme\AppData\Local\WhatsApp\Update.exe [2254048 2022-11-28] (WhatsApp LLC -> )
HKU\S-1-5-21-2694576939-4152107225-3971293488-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [38650192 2022-11-09] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-2694576939-4152107225-3971293488-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [123150720 2022-11-22] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-2694576939-4152107225-3971293488-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\67.0.2.0\GoogleDriveFS.exe [53350168 2022-11-29] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-2694576939-4152107225-3971293488-1001\...\Run: [Zoner Photo Studio Autoupdate] => D:\Photo Studio 17\Program32\ZPSTRAY.EXE [437248 2014-10-03] (ZONER software, a.s. -> ZONER software)
HKU\S-1-5-21-2694576939-4152107225-3971293488-1001\...\MountPoints2: {f5015da2-3fc4-11ed-b4e2-fcaa141acbfa} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2694576939-4152107225-3971293488-1001\...\MountPoints2: {f5015e38-3fc4-11ed-b4e2-fcaa141acbfa} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\67.0.2.0\GoogleDriveFS.exe [53350168 2022-11-29] (Google LLC -> Google, Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\107.0.5304.122\Installer\chrmstp.exe [2022-11-30] (Google LLC -> Google LLC)
Startup: C:\Users\mzeme\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CrystalDiskInfo8.lnk [2022-11-18]
ShortcutTarget: CrystalDiskInfo8.lnk -> C:\Users\mzeme\AppData\Roaming\crystaldiskinfo\diskinfo8.scr (No File)
Startup: C:\Users\mzeme\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OBS.lnk [2022-11-18]
ShortcutTarget: OBS.lnk -> C:\Users\mzeme\AppData\Roaming\obs-studio\bin\64bit\obs64.scr (No File)
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {026CAB9F-5A8C-4565-8D4F-FBC6485B19B6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MpCmdRun.exe [1567360 2022-11-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {07792A0A-3D92-4152-BF67-2DB7A88F5CC6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-01-18] (Google LLC -> Google LLC)
Task: {0C69C76B-48E6-4E5A-A5F1-85232E888B36} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-01-18] (Google LLC -> Google LLC)
Task: {118679C6-81D3-4A5B-8CC7-A8D08C83ED81} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655864 2022-10-13] (Nvidia Corporation -> NVIDIA Corporation)
Task: {2E8665B0-8ED3-4CFC-B858-24CDBEFA4B49} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MpCmdRun.exe [1567360 2022-11-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4C9E07FE-EB20-4F9F-9E0F-F723ACC9E4FB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MpCmdRun.exe [1567360 2022-11-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5127961C-ADA8-497A-966E-776BFB4FD31A} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655864 2022-10-13] (Nvidia Corporation -> NVIDIA Corporation)
Task: {514725BE-1D68-4049-AF68-C7C8E9738C89} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655864 2022-10-13] (Nvidia Corporation -> NVIDIA Corporation)
Task: {635AABD7-B5F9-4CAF-8E89-A96E994B9644} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1003128 2022-08-30] (Nvidia Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {745A7B3D-AAFD-4CC3-BE13-1930E663A4F9} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4189072 2022-11-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {85CE3A64-9E44-426A-BCDE-71D205371EBF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MpCmdRun.exe [1567360 2022-11-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {9F9D33A9-F952-4264-AFFC-5AE5B5C6B0F1} - System32\Tasks\ar => wscript.exe "%appdata%\obs-studio\bin\64bit\.vbs" "%appdata%\obs-studio\bin\64bit\.cmd"
Task: {AAEB9A16-069E-4E36-9E53-D374B9F77D04} - System32\Tasks\CCleanerSkipUAC - Milan => C:\Program Files\CCleaner\CCleaner.exe [32325456 2022-11-09] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {B5955DEF-17CC-491B-8CCC-9C1E43871983} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655864 2022-10-13] (Nvidia Corporation -> NVIDIA Corporation)
Task: {BCCD70C6-06A9-45B8-89E7-69D1BB789920} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-11-09] (Piriform Software Ltd -> Piriform)
Task: {BF78E9B3-AC40-4AA0-B740-B29C29390870} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-2694576939-4152107225-3971293488-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4189072 2022-11-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {CC1C3F06-F5F9-4D6E-AB98-A6CDAEF7DC00} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908856 2022-10-13] (Nvidia Corporation -> NVIDIA Corporation)
Task: {CE80BA1D-7C8B-49C3-AFCB-E574DB9933C2} - System32\Tasks\EOSv3 Scheduler onLogOn => D:\stažené soubory\esetonlinescanner.exe [15274968 2022-12-01] (ESET, spol. s r.o. -> ESET)
Task: {CED90117-99F9-4DC6-8AC7-162B2568EC0E} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908856 2022-10-13] (Nvidia Corporation -> NVIDIA Corporation)
Task: {D1C83870-E8A6-439C-A0D4-CD6829D07B4B} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4669264 2022-11-09] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "67d240e1-bc1c-4ff2-a8a0-71169ea46021" --version "6.06.10144" --silent
Task: {D5538529-401F-4BF3-B1B2-41F0863AC6E3} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649784 2022-10-13] (Nvidia Corporation -> NVIDIA Corporation)
Task: {E5BF0C72-C624-4CCD-A23B-1E8118D6D5BC} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3342376 2022-10-17] (Nvidia Corporation -> NVIDIA Corporation)
Task: {F66238BB-2DD8-4994-BADA-F49F6DC07F3F} - System32\Tasks\EOSv3 Scheduler onTime => D:\stažené soubory\esetonlinescanner.exe [15274968 2022-12-01] (ESET, spol. s r.o. -> ESET)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\..\Interfaces\{ef68ba61-334f-4f41-b581-a52f167845f2}: [NameServer] 1.1.1.1,8.8.8.8

Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\mzeme\AppData\Local\Microsoft\Edge\User Data\Default [2022-12-01]
Edge DownloadDir: Default -> D:\stažené soubory
Edge HomePage: Default -> hxxp://www.google.cz/
Edge Extension: (Replace Favicon) - C:\Users\mzeme\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\akaelkiagnbfcccfnmbimdbplecgbikh [2020-05-18]
Edge Extension: (Flash Player) - C:\Users\mzeme\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bmimdmkleccdoghpgdhaahkelfhjfhgm [2020-10-11]
Edge Extension: (I don't care about cookies) - C:\Users\mzeme\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fihnjjcciajhdojfnbdddfaoknhalnja [2022-10-29]
Edge Extension: (Adblock Plus - free ad blocker) - C:\Users\mzeme\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gmgoamodcdcjnbaobigkjelfplakmdhh [2022-11-24]
Edge Extension: (All Video Downloader professional) - C:\Users\mzeme\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\mbpnbnogejaolbhfpfgagldkeahefbhd [2022-06-27]

FireFox:
========
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)

Chrome:
=======
CHR Profile: C:\Users\mzeme\AppData\Local\Google\Chrome\User Data\Default [2022-12-01]
CHR DownloadDir: D:\stažené soubory
CHR Notifications: Default -> hxxp://127.0.0.1; hxxps://calendar.google.com; hxxps://cs.athowto.com
CHR HomePage: Default -> hxxp://www.google.cz/
CHR StartupUrls: Default -> "hxxps://mail.google.com/mail/u/0/?shva=1#inbox"
CHR Extension: (Replace Favicon) - C:\Users\mzeme\AppData\Local\Google\Chrome\User Data\Default\Extensions\akaelkiagnbfcccfnmbimdbplecgbikh [2020-01-18]
CHR Extension: (Flash Player) - C:\Users\mzeme\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmimdmkleccdoghpgdhaahkelfhjfhgm [2020-10-07]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\mzeme\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2022-11-24]
CHR Extension: (I don't care about cookies) - C:\Users\mzeme\AppData\Local\Google\Chrome\User Data\Default\Extensions\fihnjjcciajhdojfnbdddfaoknhalnja [2022-10-28]
CHR Extension: (Dokumenty Google offline) - C:\Users\mzeme\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-11-18]
CHR Extension: (Spouštěč aplikací pro Disk (od Googlu)) - C:\Users\mzeme\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2021-01-23]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\mzeme\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR HKU\S-1-5-21-2694576939-4152107225-3971293488-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileSyncHelper.exe [3476400 2022-11-17] (Microsoft Corporation -> Microsoft Corporation)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [236864 2022-06-24] (Huawei Technologies Co., Ltd. -> ) [File not signed]
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\22.227.1030.0001\OneDriveUpdaterService.exe [3843504 2022-11-17] (Microsoft Corporation -> Microsoft Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [224216 2022-11-09] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 ss_conn_launcher_service; C:\WINDOWS\System32\Samsung\EasySetup\ss_conn_launcher.exe [182392 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\NisSrv.exe [3191272 2022-11-11] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MsMpEng.exe [133544 2022-11-11] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_ee20464bb4ac57f4\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_ee20464bb4ac57f4\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [284672 2021-04-15] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [153088 2021-08-11] (Microsoft Corporation) [File not signed]
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2022-06-24] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R1 googledrivefs3758; C:\WINDOWS\System32\DRIVERS\googledrivefs3758.sys [384584 2022-03-24] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2022-06-24] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R3 MpKsl71573144; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{26DD7976-4F68-4EAC-84A9-7478FC7A519A}\MpKslDrv.sys [214280 2022-12-01] (Microsoft Windows -> Microsoft Corporation)
R3 NvModuleTracker; C:\WINDOWS\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys [45656 2022-07-14] (Nvidia Corporation -> NVIDIA Corporation)
S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [43640 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49616 2022-11-11] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [469288 2022-11-11] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [95520 2022-11-11] (Microsoft Windows -> Microsoft Corporation)
S3 cpuz154; \??\C:\WINDOWS\temp\cpuz154\cpuz154_x64.sys [X]
S3 HWiNFO_172; \??\C:\Users\mzeme\AppData\Local\Temp\HWiNFO64A_172.SYS [X] <==== ATTENTION

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-12-01 19:34 - 2022-12-01 19:34 - 000020796 _____ C:\Users\mzeme\Documents\cc_20221201_193359.reg
2022-11-28 09:50 - 2022-11-28 09:51 - 000000000 ____D C:\Users\mzeme\AppData\Local\HiSuite
2022-11-28 09:50 - 2022-11-28 09:50 - 000001064 _____ C:\Users\mzeme\Desktop\HiSuite.lnk
2022-11-28 09:50 - 2022-11-28 09:50 - 000000000 ____D C:\Users\mzeme\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiSuite
2022-11-20 09:15 - 2022-11-28 09:50 - 000000000 ____D C:\Program Files (x86)\HiSuite
2022-11-18 16:45 - 2022-12-01 08:23 - 000001134 _____ C:\WINDOWS\system32\config\VSMIDK
2022-11-18 10:40 - 2022-12-01 18:04 - 000000000 __SHD C:\Users\mzeme\AppData\Roaming\crystaldiskinfo
2022-11-18 10:30 - 2022-12-01 19:20 - 000000000 ____D C:\Users\mzeme\AppData\Roaming\InqfbrzNJH
2022-11-18 10:30 - 2022-12-01 18:07 - 000000000 ____D C:\Users\mzeme\AppData\Roaming\temp
2022-11-18 10:07 - 2022-11-18 10:07 - 000000743 _____ C:\Users\mzeme\Desktop\Start Tor Browser.lnk
2022-11-18 10:07 - 2022-11-18 10:07 - 000000743 _____ C:\Users\mzeme\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk
2022-11-18 09:58 - 2022-11-18 10:04 - 000000000 __SHD C:\tmp
2022-11-18 09:58 - 2022-11-18 09:58 - 000003378 _____ C:\WINDOWS\system32\Tasks\ar
2022-11-18 09:58 - 2022-11-18 09:58 - 000000000 __SHD C:\Users\mzeme\AppData\Roaming\obs-studio
2022-11-17 11:57 - 2022-11-17 11:57 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2022-11-17 11:56 - 2022-08-23 23:26 - 001905912 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2022-11-17 11:56 - 2022-08-23 23:26 - 001905912 _____ C:\WINDOWS\system32\vulkaninfo.exe
2022-11-17 11:56 - 2022-08-23 23:26 - 001478408 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2022-11-17 11:56 - 2022-08-23 23:26 - 001478408 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2022-11-17 11:56 - 2022-08-23 23:26 - 001145592 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2022-11-17 11:56 - 2022-08-23 23:26 - 001145592 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2022-11-17 11:56 - 2022-08-23 23:25 - 001471984 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2022-11-17 11:56 - 2022-08-23 23:25 - 001432312 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2022-11-17 11:56 - 2022-08-23 23:25 - 001432312 _____ C:\WINDOWS\system32\vulkan-1.dll
2022-11-17 11:56 - 2022-08-23 23:25 - 001213424 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2022-11-17 11:56 - 2022-08-23 23:22 - 001536512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2022-11-17 11:56 - 2022-08-23 23:22 - 001182704 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2022-11-17 11:56 - 2022-08-23 23:22 - 000865784 _____ C:\WINDOWS\system32\nvofapi64.dll
2022-11-17 11:56 - 2022-08-23 23:22 - 000771584 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2022-11-17 11:56 - 2022-08-23 23:22 - 000714752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2022-11-17 11:56 - 2022-08-23 23:22 - 000687616 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2022-11-17 11:56 - 2022-08-23 23:22 - 000052208 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhdap64.dll
2022-11-17 11:56 - 2022-08-23 23:21 - 010269696 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2022-11-17 11:56 - 2022-08-23 23:21 - 008803840 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2022-11-17 11:56 - 2022-08-23 23:21 - 005362688 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2022-11-17 11:56 - 2022-08-23 23:21 - 003066864 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2022-11-17 11:56 - 2022-08-23 23:21 - 002127856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2022-11-17 11:56 - 2022-08-23 23:21 - 001607664 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2022-11-17 11:56 - 2022-08-23 23:21 - 001059320 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2022-11-17 11:56 - 2022-08-23 23:21 - 000845312 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2022-11-17 11:56 - 2022-08-23 23:21 - 000456192 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2022-11-17 11:56 - 2022-08-23 23:20 - 005735936 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2022-11-17 11:56 - 2022-08-23 23:20 - 000852984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2022-11-17 11:56 - 2022-08-23 23:19 - 006367424 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2022-11-17 11:56 - 2022-08-23 22:57 - 000093241 _____ C:\WINDOWS\system32\nvinfo.pb
2022-11-09 13:22 - 2022-11-09 13:22 - 000688128 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2022-11-09 13:22 - 2022-11-09 13:22 - 000073216 _____ C:\WINDOWS\system32\nettraceex.dll
2022-11-09 13:21 - 2022-11-09 13:21 - 002387456 _____ C:\WINDOWS\system32\smartscreen.exe
2022-11-09 13:21 - 2022-11-09 13:21 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-11-09 13:21 - 2022-11-09 13:21 - 000012253 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-11-09 13:17 - 2022-11-09 13:17 - 000000000 ___HD C:\$WinREAgent
2022-11-02 08:39 - 2022-11-02 08:39 - 000000931 _____ C:\Users\Public\Desktop\Imou.lnk
2022-11-02 08:39 - 2022-11-02 08:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Imou

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-12-01 19:38 - 2021-07-25 09:15 - 000000000 ____D C:\FRST
2022-12-01 19:35 - 2020-11-18 16:04 - 000000000 ____D C:\Program Files\CCleaner
2022-12-01 19:34 - 2022-09-30 05:50 - 000003476 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2022-12-01 19:34 - 2022-09-30 05:50 - 000000760 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2022-12-01 19:34 - 2020-11-18 16:05 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2022-12-01 19:34 - 2020-01-18 16:06 - 000000000 ____D C:\Users\mzeme\AppData\Roaming\WhatsApp
2022-12-01 19:33 - 2020-11-11 19:29 - 000000000 ____D C:\WINDOWS\Minidump
2022-12-01 19:33 - 2020-01-27 15:08 - 000000000 ____D C:\Users\mzeme\AppData\Local\CrashDumps
2022-12-01 19:30 - 2020-01-18 14:13 - 000000000 ____D C:\Program Files (x86)\Google
2022-12-01 19:17 - 2020-11-11 16:36 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-12-01 18:37 - 2020-01-19 12:30 - 000000000 ___RD C:\Users\mzeme\Disk Google
2022-12-01 17:38 - 2021-02-16 16:43 - 000001420 _____ C:\Users\mzeme\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2022-12-01 17:38 - 2021-02-16 16:43 - 000001314 _____ C:\Users\mzeme\Desktop\ESET Online Scanner.lnk
2022-12-01 16:42 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-12-01 12:25 - 2020-01-19 09:20 - 000000000 ____D C:\ProgramData\NVIDIA
2022-12-01 08:55 - 2020-01-18 17:16 - 000000000 ____D C:\Users\mzeme\AppData\Local\D3DSCache
2022-12-01 08:30 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-12-01 08:28 - 2020-01-19 12:30 - 000000000 ____D C:\Users\mzeme\GoogleDisk
2022-12-01 08:28 - 2020-01-18 14:12 - 000000000 ___RD C:\Users\mzeme\OneDrive
2022-12-01 08:27 - 2020-11-11 16:39 - 001694140 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-12-01 08:27 - 2019-12-07 15:43 - 000717008 _____ C:\WINDOWS\system32\perfh005.dat
2022-12-01 08:27 - 2019-12-07 15:43 - 000145186 _____ C:\WINDOWS\system32\perfc005.dat
2022-12-01 08:27 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2022-12-01 08:23 - 2020-11-11 16:40 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-12-01 08:23 - 2020-11-11 16:35 - 000008192 ___SH C:\DumpStack.log.tmp
2022-11-30 21:58 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2022-11-30 21:54 - 2020-11-24 17:39 - 000000000 ____D C:\Users\mzeme\AppData\Roaming\Kodi
2022-11-30 18:51 - 2020-05-18 05:35 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-11-30 18:51 - 2020-05-18 05:35 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2022-11-30 18:51 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-11-30 17:49 - 2021-11-14 19:08 - 000000000 ____D C:\Users\Public\Imou_en
2022-11-30 13:22 - 2020-01-18 14:13 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-11-30 13:22 - 2020-01-18 14:13 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-11-29 23:28 - 2020-11-11 16:36 - 000000000 ____D C:\Users\mzeme
2022-11-29 20:18 - 2020-11-19 15:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2022-11-29 14:53 - 2021-09-10 19:24 - 000002057 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk
2022-11-29 14:53 - 2021-09-10 19:24 - 000001899 _____ C:\Users\Default\Desktop\Google Slides.lnk
2022-11-29 14:53 - 2021-09-10 19:24 - 000001899 _____ C:\Users\Default\Desktop\Google Sheets.lnk
2022-11-29 14:53 - 2021-09-10 19:24 - 000001887 _____ C:\Users\Default\Desktop\Google Docs.lnk
2022-11-28 21:01 - 2022-02-01 15:21 - 000000000 ____D C:\Users\mzeme\AppData\Local\WhatsApp
2022-11-27 20:26 - 2020-02-09 17:11 - 000000000 ____D C:\Users\mzeme\DCC_E2
2022-11-20 09:04 - 2022-09-29 08:44 - 000000000 ____D C:\Users\mzeme\Documents\HiSuite
2022-11-19 18:47 - 2020-02-09 17:24 - 000000000 ____D C:\Users\mzeme\AppData\Roaming\vlc
2022-11-18 10:15 - 2020-05-16 06:16 - 000000000 ____D C:\Users\mzeme\AppData\LocalLow\Mozilla
2022-11-18 09:47 - 2021-06-19 18:20 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2022-11-17 12:01 - 2021-12-11 18:24 - 000003596 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2694576939-4152107225-3971293488-1001
2022-11-17 12:01 - 2020-11-12 15:50 - 000003194 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2022-11-17 12:01 - 2020-11-12 15:50 - 000002130 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-11-12 08:45 - 2020-11-11 16:40 - 000003640 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-11-12 08:45 - 2020-11-11 16:40 - 000003516 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-11-11 21:02 - 2020-09-30 22:37 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2022-11-11 07:53 - 2020-01-18 14:02 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2022-11-09 14:38 - 2020-11-11 16:36 - 000458488 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-11-09 14:38 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2022-11-09 14:38 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2022-11-09 14:38 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-11-09 14:38 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-11-09 14:38 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-11-09 14:38 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-11-09 14:38 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-11-09 14:38 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-11-09 13:24 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-11-09 13:21 - 2020-11-11 16:39 - 003014656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-11-09 13:21 - 2020-01-18 14:01 - 000415688 __RSH C:\bootmgr
2022-11-09 07:34 - 2020-01-18 17:23 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-11-09 07:32 - 2020-01-18 17:23 - 146960040 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-11-02 08:39 - 2021-11-14 19:08 - 000000000 ____D C:\Program Files\Imou_en

==================== Files in the root of some directories ========

2022-03-13 09:40 - 2022-03-13 09:40 - 000002043 _____ () C:\Users\mzeme\AppData\Roaming\Microsoft\2ae5198e-120a-48ad-a3ae-1860ee29241a.tmp
2022-04-17 12:25 - 2022-04-17 12:25 - 000002041 _____ () C:\Users\mzeme\AppData\Roaming\Microsoft\550a6ca0-2af1-40ab-9b7d-a2507c8e7216.tmp
2022-04-28 20:24 - 2022-04-28 20:24 - 000002042 _____ () C:\Users\mzeme\AppData\Roaming\Microsoft\b4803a5c-24b5-4e75-96c9-20a113898e10.tmp
2020-02-16 14:27 - 2022-10-26 17:04 - 000010752 _____ () C:\Users\mzeme\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2020-02-10 17:45 - 2021-01-16 21:30 - 000000128 _____ () C:\Users\mzeme\AppData\Local\PUTTY.RND
2020-05-06 14:33 - 2020-05-06 14:33 - 000000017 _____ () C:\Users\mzeme\AppData\Local\resmon.resmoncfg

==================== FLock ==============================

2022-11-09 13:21 C:\WINDOWS\system32\smartscreen.exe

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-11-2022
Ran by Milan (01-12-2022 19:39:26)
Running from D:\stažené soubory
Microsoft Windows 10 Pro Version 22H2 19045.2251 (X64) (2020-11-11 15:40:48)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-2694576939-4152107225-3971293488-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2694576939-4152107225-3971293488-503 - Limited - Disabled)
Guest (S-1-5-21-2694576939-4152107225-3971293488-501 - Limited - Disabled)
KODI-PC (S-1-5-21-2694576939-4152107225-3971293488-1002 - Limited - Enabled)
Milan (S-1-5-21-2694576939-4152107225-3971293488-1001 - Administrator - Enabled) => C:\Users\mzeme
WDAGUtilityAccount (S-1-5-21-2694576939-4152107225-3971293488-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Balíček ovladače systému Windows - Silicon Laboratories Inc. (silabser) Ports (09/19/2016 6.7.4.261) (HKLM\...\9E2C239D42290B984A9E2B350A67AF8BC8BD11B9) (Version: 09/19/2016 6.7.4.261 - Silicon Laboratories Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 6.06 - Piriform)
CPUID CPU-Z 2.03 (HKLM\...\CPUID CPU-Z_is1) (Version: 2.03 - CPUID, Inc.)
DCC_E2 (HKLM-x32\...\{B170E541-3668-480A-A2F0-3D7BAD17F877}) (Version: 2.40 - BernyR)
dreamboxEDIT -- The one and only settings editor for your Dreambox (HKLM-x32\...\dreamboxEDIT) (Version: - )
Farming Simulator 22 (HKLM-x32\...\Farming Simulator 22_is1) (Version: - )
Google Drive (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 67.0.2.0 - Google LLC)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 107.0.5304.122 - Google LLC)
HiSuite (HKLM-x32\...\Hi Suite) (Version: 11.0.0.650 - Huawei Technologies Co., Ltd.)
HWiNFO64 Version 7.30 (HKLM\...\HWiNFO64_is1) (Version: 7.30 - Martin Malik - REALiX)
Imou (HKLM\...\Imou_en) (Version: 2.5.1 - Hangzhou Huacheng Network Technology Company)
Imou (HKLM-x32\...\Imou_en) (Version: 2.3.1 - Hangzhou Huacheng Network Technology Company)
IrfanView 4.54 (64-bit) (HKLM\...\IrfanView64) (Version: 4.54 - Irfan Skiljan)
Kodi (HKU\S-1-5-21-2694576939-4152107225-3971293488-1001\...\Kodi) (Version: 19.0.0.0 - XBMC Foundation)
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
LibreOffice 7.0.0.3 (HKLM\...\{7C7F19DA-6107-4284-9263-EC5C4792C8C7}) (Version: 7.0.0.3 - The Document Foundation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 107.0.1418.62 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 107.0.1418.62 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 22.227.1030.0001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{80F1AF52-7AC0-42A3-9AF0-689BFB271D1D}) (Version: 3.68.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.22.27821 (HKLM-x32\...\{6361b579-2795-4886-b2a8-53d5239b6452}) (Version: 14.22.27821.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.22.27821 (HKLM-x32\...\{5bfc1380-fd35-4b85-9715-7351535d077e}) (Version: 14.22.27821.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X64 Additional Runtime - 14.22.27821 (HKLM\...\{6E2C7A8E-B17A-4637-9CE9-F0B1157CF378}) (Version: 14.22.27821 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.22.27821 (HKLM\...\{0093C20C-273D-4397-B623-515CB8616CB9}) (Version: 14.22.27821 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.22.27821 (HKLM-x32\...\{3BDE80F7-7EC9-448E-8160-4ADA0CDA8879}) (Version: 14.22.27821 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.22.27821 (HKLM-x32\...\{1E6FC929-567E-4D22-9206-C5B83F0A21B9}) (Version: 14.22.27821 - Microsoft Corporation) Hidden
Movavi Video Editor 23 (HKU\S-1-5-21-2694576939-4152107225-3971293488-1001\...\Movavi Video Editor 23) (Version: 23.0.1 - Movavi)
NVIDIA FrameView SDK 1.3.8107.31782123 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.3.8107.31782123 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.26.0.154 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.26.0.154 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 516.94 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 516.94 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
Pomocník s aktualizací Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.23367 - Microsoft Corporation)
PuTTY release 0.73 (64-bit) (HKLM\...\{44F7642C-AB7E-4468-B028-E8D08A0CBB0E}) (Version: 0.73.0.0 - Simon Tatham)
Raspberry Pi Imager (HKU\S-1-5-21-2694576939-4152107225-3971293488-1001\...\Raspberry Pi Imager) (Version: 1.4 - Raspberry Pi)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
SD Card Formatter (HKLM-x32\...\{A61131DC-B92D-4AD8-A925-E2D6D5FE217C}) (Version: 5.0.1 - SD Association)
Signal 5.51.0 (HKU\S-1-5-21-2694576939-4152107225-3971293488-1001\...\7d96caee-06e6-597c-9f2f-c7bb2e0948b4) (Version: 5.51.0 - Signal Messenger, LLC)
Skype verze 8.91 (HKLM-x32\...\Skype_is1) (Version: 8.91 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Tenorshare 4DDiG 8.1.2.2 (HKLM\...\{UltData - Windows}_is1) (Version: 8.1.2.2 - Tenorshare, Inc.)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.22a - Ghisler Software GmbH)
TruckersMP Launcher 1.0.0.4 (HKLM\...\{A227B892-C548-4490-9C5D-DB341F8194A6}_is1) (Version: 1.0.0.4 - TruckersMP Team)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.11 - VideoLAN)
WhatsApp (HKU\S-1-5-21-2694576939-4152107225-3971293488-1001\...\WhatsApp) (Version: 2.2245.9 - WhatsApp)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Zip Password Recover (HKLM-x32\...\{F84258BC-AA68-4E24-BCD5-3FDA2D880ED6}) (Version: 1.1.1 - Recover Password)
Zoner Photo Studio 17 (HKLM\...\ZonerPhotoStudio17_CZ_is1) (Version: 17.0.1.3 - ZONER software)

Packages:
=========
Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_7.27.20.0_x64__kgqvnymyfvs32 [2022-11-22] (king.com)
Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_1.93.2.0_x64__kgqvnymyfvs32 [2022-11-24] (king.com)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-01-19] (Microsoft Corporation)
Chordle -> C:\Program Files\WindowsApps\19116MUNKLESOFT.CHORDLE_2.2.150.0_x64__sjfyx6f2ztysj [2022-11-22] (Munklesoft)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-01-18] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-01-18] (Microsoft Corporation) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.963.0_x64__56jybvy8sckqj [2022-10-16] (NVIDIA Corp.)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.15.11210.0_x64__8wekyb3d8bbwe [2022-11-29] (Microsoft Studios) [MS Ad]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileSyncShell64.dll [2022-11-17] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileSyncShell64.dll [2022-11-17] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileSyncShell64.dll [2022-11-17] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileSyncShell64.dll [2022-11-17] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileSyncShell64.dll [2022-11-17] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileSyncShell64.dll [2022-11-17] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileSyncShell64.dll [2022-11-17] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\67.0.2.0\drivefsext.dll [2022-11-29] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\67.0.2.0\drivefsext.dll [2022-11-29] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\67.0.2.0\drivefsext.dll [2022-11-29] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\67.0.2.0\drivefsext.dll [2022-11-29] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileSyncShell64.dll [2022-11-17] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileSyncShell64.dll [2022-11-17] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileSyncShell64.dll [2022-11-17] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileSyncShell64.dll [2022-11-17] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileSyncShell64.dll [2022-11-17] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileSyncShell64.dll [2022-11-17] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileSyncShell64.dll [2022-11-17] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileSyncShell64.dll [2022-11-17] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\67.0.2.0\drivefsext.dll [2022-11-29] (Google LLC -> Google, Inc.)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileSyncShell64.dll [2022-11-17] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\67.0.2.0\drivefsext.dll [2022-11-29] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileSyncShell64.dll [2022-11-17] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\67.0.2.0\drivefsext.dll [2022-11-29] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_ee20464bb4ac57f4\nvshext.dll [2022-08-23] (Nvidia Corporation -> NVIDIA Corporation)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============


==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:9A870F8B [268]

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========


==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-03-19 05:49 - 2022-11-18 09:58 - 000003364 _____ C:\WINDOWS\system32\drivers\etc\hosts
0.0.0.0 account.zoner.com
127.0.0.1 checkhost.local
109.94.209.70 *.fitgirl-repacks.xyz # Fake FitGirl site
109.94.209.70 *.fitgirl-repacks.xyz # Fake FitGirl site
109.94.209.70 fitgirlrepacks.in # Fake FitGirl site
109.94.209.70 www.fitgirlrepacks.in # Fake FitGirl site
109.94.209.70 fitgirlrepacks.co # Fake FitGirl site
109.94.209.70 fitgirl-repacks.cc # Fake FitGirl site
109.94.209.70 fitgirl-repacks.to # Fake FitGirl site
109.94.209.70 fitgirl-repack.com # Fake FitGirl site
109.94.209.70 fitgirl-repacks.website # Fake FitGirl site
109.94.209.70 fitgirlrepack.games # Fake FitGirl site
109.94.209.70 www.fitgirlrepacks.co # Fake FitGirl site
109.94.209.70 www.fitgirl-repacks.cc # Fake FitGirl site
109.94.209.70 www.fitgirl-repacks.to # Fake FitGirl site
109.94.209.70 www.fitgirl-repack.com # Fake FitGirl site
109.94.209.70 www.fitgirl-repacks.website # Fake FitGirl site
109.94.209.70 ww9.fitgirl-repacks.xyz # Fake FitGirl site
109.94.209.70 www.fitgirlrepack.games # Fake FitGirl site
109.94.209.70 *.fitgirl-repacks.xyz # Fake FitGirl site
109.94.209.70 fitgirl-repacks.xyz # Fake FitGirl site
109.94.209.70 fitgirl-repack.net # Fake FitGirl site
109.94.209.70 www.fitgirl-repack.net # Fake FitGirl site
109.94.209.70 fitgirlpack.site # Fake FitGirl site
109.94.209.70 www.fitgirlpack.site # Fake FitGirl site
109.94.209.70 fitgirl-repack.org # Fake FitGirl site
109.94.209.70 www.fitgirl-repack.org # Fake FitGirl site
0.0.0.0 checkappexec.microsoft.com
0.0.0.0 smartscreen-prod.microsoft.com
0.0.0.0 nav.smartscreen.microsoft.com

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2694576939-4152107225-3971293488-1001\Control Panel\Desktop\\Wallpaper -> D:\stažené soubory\wokna.jpg
DNS Servers: 1.1.1.1 - 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 0) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: off)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKU\S-1-5-21-2694576939-4152107225-3971293488-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-2694576939-4152107225-3971293488-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-2694576939-4152107225-3971293488-1001\...\StartupApproved\Run: => "Zoner Photo Studio Autoupdate"
HKU\S-1-5-21-2694576939-4152107225-3971293488-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [TCP Query User{7FFD49BD-BA15-4D85-A5D9-F024ACF7B298}D:\steam\steam.exe] => (Allow) D:\steam\steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [UDP Query User{EDC8299D-F61A-4AF5-91D8-DDA9EF748821}D:\steam\steam.exe] => (Allow) D:\steam\steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{BCE62EC3-3DB3-49DB-8CDA-592295F590A9}] => (Allow) D:\steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{AE36D177-8B89-4C0F-94CF-880C2E5DA546}] => (Allow) D:\steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [TCP Query User{3D50BC4B-85C3-4B79-B9CF-C885072D27D0}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{789EE48D-488F-40D8-9A80-5B1CAD31A0FB}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{47FA76C6-8ECF-4A0D-95DA-7DABE6BC9A3E}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{19C5E664-AE86-4EB6-B92E-168427F4FE71}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{29D44FCD-9DFA-42CC-869B-B72F3799BD3C}] => (Allow) C:\steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{191FA4CA-18CD-41D3-85D4-27AB7B48EC7F}] => (Allow) C:\steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{F9C4887F-B1B9-42BB-A8E1-A380112312A1}] => (Allow) C:\steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{22B40A81-B8D1-417D-B25B-85695535C04B}] => (Allow) C:\steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{20B38C0F-33BF-4A93-BE0F-0B79FC9E4E1B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{F0AA4D60-202D-4DAA-B673-1107C48F1DBD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{60682377-93C6-4773-882B-A33C66C2E048}C:\program files\imou_en\bin\imou_en.exe] => (Allow) C:\program files\imou_en\bin\imou_en.exe (Hangzhou Huacheng Network Technology Co.,Ltd. -> Hangzhou Huacheng Network Technology Company)
FirewallRules: [UDP Query User{3E8B4834-DC7C-419B-B633-8574421C4684}C:\program files\imou_en\bin\imou_en.exe] => (Allow) C:\program files\imou_en\bin\imou_en.exe (Hangzhou Huacheng Network Technology Co.,Ltd. -> Hangzhou Huacheng Network Technology Company)
FirewallRules: [{1410351A-4AE3-4EC2-88DA-5E5BC82006A2}] => (Allow) C:\Program Files (x86)\Tenorshare\Tenorshare 4DDiG\Tenorshare 4DDiG.exe (Tenorshare Co., Ltd. -> Tenorshare)
FirewallRules: [{232C3626-2C6E-492A-8D2A-5AA83B40E1E5}] => (Allow) C:\Program Files (x86)\Tenorshare\Tenorshare 4DDiG\Tenorshare 4DDiG.exe (Tenorshare Co., Ltd. -> Tenorshare)
FirewallRules: [{2B65F5D7-61EC-4E50-87B6-9F4C802FAFBD}] => (Allow) C:\Program Files (x86)\Tenorshare\Tenorshare 4DDiG\NetFrameCheck.exe (Tenorshare Co., Ltd. -> Tenorshare)
FirewallRules: [{8AD3AB29-8029-4E67-9A12-06960C9E3F45}] => (Allow) C:\Program Files (x86)\Tenorshare\Tenorshare 4DDiG\NetFrameCheck.exe (Tenorshare Co., Ltd. -> Tenorshare)
FirewallRules: [TCP Query User{042E1DEA-7F3C-452E-83C0-9F63FEABCAF4}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{4E266D98-5B4A-4716-8784-2577A5AB60C5}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{22FCDF3D-BB32-43E3-B019-3DA2EC05E097}] => (Allow) C:\steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{B14845A3-AE55-4ED1-8C13-6AE3F4A2C09B}] => (Allow) C:\steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{9AE05EAC-0A61-44AC-AA62-7E5CE6F606AF}] => (Allow) C:\steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{78C4D66F-0D39-495A-9FA0-FD7FA9DEBC73}] => (Allow) C:\steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{71423391-F1BC-4FA9-8BC0-131FF3DF8CB1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{5834183D-9B0F-445E-8770-BA60A14DAA44}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{3276491D-9A4A-49A6-85B7-74A4BF4D255D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{DCB86CFD-357C-4819-9444-74DB1BCF77CB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{B7A266A9-ABC4-44D2-8A40-03B7481BC40A}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{DDE001D9-F1FC-4964-AED4-50FA97380C28}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A1170DDE-C257-4F1D-9F3F-CEDB77D1FDAB}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{99E69A48-E69D-4EA0-8115-3BCBF7D3439E}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\107.0.1418.62\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================


==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (11/30/2022 08:31:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: FarmingSimulator2022Game.exe, verze: 9.0.0.0, časové razítko: 0x62eb68a9
Název chybujícího modulu: FarmingSimulator2022Game.exe, verze: 9.0.0.0, časové razítko: 0x62eb68a9
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000352821
ID chybujícího procesu: 0x27cc
Čas spuštění chybující aplikace: 0x01d904cf453db8a7
Cesta k chybující aplikaci: C:\Games\Farming Simulator 22\x64\FarmingSimulator2022Game.exe
Cesta k chybujícímu modulu: C:\Games\Farming Simulator 22\x64\FarmingSimulator2022Game.exe
ID zprávy: a923cd22-9488-4976-993a-eb0d5a9d9c5f
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (11/29/2022 12:08:53 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: FarmingSimulator2022Game.exe, verze: 9.0.0.0, časové razítko: 0x62eb68a9
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x00000177527826f0
ID chybujícího procesu: 0x24e4
Čas spuštění chybující aplikace: 0x01d90371515ed669
Cesta k chybující aplikaci: C:\Games\Farming Simulator 22\x64\FarmingSimulator2022Game.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 5549802c-80ea-4053-933b-7e568c451582
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (11/28/2022 08:08:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: FarmingSimulator2022Game.exe, verze: 9.0.0.0, časové razítko: 0x62eb68a9
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x00000187d9272880
ID chybujícího procesu: 0x1f8c
Čas spuštění chybující aplikace: 0x01d9032780472a6a
Cesta k chybující aplikaci: C:\Games\Farming Simulator 22\x64\FarmingSimulator2022Game.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 389de7b5-3500-4542-9607-09c09329bd94
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (11/28/2022 01:45:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: FarmingSimulator2022Game.exe, verze: 9.0.0.0, časové razítko: 0x62eb68a9
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x00000148e3f06fc0
ID chybujícího procesu: 0x1fe8
Čas spuštění chybující aplikace: 0x01d902fb0655e042
Cesta k chybující aplikaci: C:\Games\Farming Simulator 22\x64\FarmingSimulator2022Game.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: e1a8a45d-edc9-4c93-aad1-b1b19a62804c
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (11/27/2022 04:14:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: FarmingSimulator2022Game.exe, verze: 9.0.0.0, časové razítko: 0x62eb68a9
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x0000023d8290f790
ID chybujícího procesu: 0x1f08
Čas spuštění chybující aplikace: 0x01d9026e168536e3
Cesta k chybující aplikaci: C:\Games\Farming Simulator 22\x64\FarmingSimulator2022Game.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 5d3dd6f4-cd70-4a69-8ce6-03a566b7a37a
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (11/27/2022 03:39:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: FarmingSimulator2022Game.exe, verze: 9.0.0.0, časové razítko: 0x62eb68a9
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x0000016515e8d5a0
ID chybujícího procesu: 0xcb8
Čas spuštění chybující aplikace: 0x01d902356a67a52b
Cesta k chybující aplikaci: C:\Games\Farming Simulator 22\x64\FarmingSimulator2022Game.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: a4eb0919-3dc4-439a-a553-f7391e646b5d
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (11/26/2022 05:42:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: FarmingSimulator2022Game.exe, verze: 9.0.0.0, časové razítko: 0x62eb68a9
Název chybujícího modulu: FarmingSimulator2022Game.exe, verze: 9.0.0.0, časové razítko: 0x62eb68a9
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000352821
ID chybujícího procesu: 0x298c
Čas spuštění chybující aplikace: 0x01d901a093a41705
Cesta k chybující aplikaci: C:\Games\Farming Simulator 22\x64\FarmingSimulator2022Game.exe
Cesta k chybujícímu modulu: C:\Games\Farming Simulator 22\x64\FarmingSimulator2022Game.exe
ID zprávy: 16aae2cf-e20f-4386-a200-32bd46469f5c
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (11/26/2022 03:07:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: FarmingSimulator2022Game.exe, verze: 9.0.0.0, časové razítko: 0x62eb68a9
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x000002137226d7e0
ID chybujícího procesu: 0x2c98
Čas spuštění chybující aplikace: 0x01d901974c2f093e
Cesta k chybující aplikaci: C:\Games\Farming Simulator 22\x64\FarmingSimulator2022Game.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 6911592b-4c38-4cd5-b6fc-cfdb932cc53a
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:


System errors:
=============
Error: (12/01/2022 07:33:17 PM) (Source: DCOM) (EventID: 10000) (User: PC-MILAN)
Description: Nelze spustit server DCOM: {0358B920-0AC7-461F-98F4-58E32CD89148}. Došlo k chybě:
2147942767
při provádění příkazu:
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}

Error: (12/01/2022 05:39:55 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba eapihdrv neuspěla při spuštění v důsledku následující chyby:
Načtení tohoto ovladače je blokováno.

Error: (12/01/2022 05:39:55 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\mzeme\AppData\Local\Temp\ehdrv.sys

Error: (12/01/2022 05:39:54 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba eapihdrv neuspěla při spuštění v důsledku následující chyby:
Načtení tohoto ovladače je blokováno.

Error: (12/01/2022 05:39:54 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\mzeme\AppData\Local\Temp\ehdrv.sys

Error: (12/01/2022 05:39:54 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba eapihdrv neuspěla při spuštění v důsledku následující chyby:
Načtení tohoto ovladače je blokováno.

Error: (12/01/2022 05:39:54 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\mzeme\AppData\Local\Temp\ehdrv.sys

Error: (12/01/2022 05:39:54 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba eapihdrv neuspěla při spuštění v důsledku následující chyby:
Načtení tohoto ovladače je blokováno.


CodeIntegrity:
===============
Date: 2022-12-01 17:39:55
Description:
Code Integrity determined that a process (System) attempted to load \Device\HarddiskVolume1\Users\mzeme\AppData\Local\Temp\ehdrv.sys that is not compatible with hypervisor enforcement. Failure bitmap 0x1. Status 0xC00000BB.


==================== Memory info ===========================

BIOS: American Megatrends Inc. FC 08/11/2015
Motherboard: Gigabyte Technology Co., Ltd. H81M-S2PV
Processor: Intel(R) Core(TM) i7-4790 CPU @ 3.60GHz
Percentage of memory in use: 41%
Total physical RAM: 12252.86 MB
Available physical RAM: 7229.1 MB
Total Virtual: 16092.86 MB
Available Virtual: 8426.42 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:231.94 GB) (Free:96.13 GB) (Model: Samsung SSD 860 EVO 250GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (Fotky) (Fixed) (Total:465.76 GB) (Free:196.04 GB) (Model: WDC WD5000AZRX-00A8LB0) NTFS
Drive e: (NIKON D90) (Removable) (Total:7.39 GB) (Free:5.53 GB) FAT32

\\?\Volume{e30ce30c-0000-0000-0000-20fc39000000}\ () (Fixed) (Total:0.5 GB) (Free:0.08 GB) NTFS
\\?\Volume{e30ce30c-0000-0000-0000-801c3a000000}\ () (Fixed) (Total:0.44 GB) (Free:0.08 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 232.9 GB) (Disk ID: E30CE30C)
Partition 1: (Active) - (Size=231.9 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=517 MB) - (Type=27)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 0367C0E6)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)

==========================================================
Disk: 2 (Protective MBR) (Size: 7.4 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================

Zdravím!
Spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

Děkuji.
Zde je log:

# -------------------------------
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build: 08-30-2022
# Database: 2022-10-10.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 12-01-2022
# Duration: 00:00:00
# OS: Windows 10 (Build 19045.2251)
# Cleaned: 1
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

Deleted Replace Favicon - akaelkiagnbfcccfnmbimdbplecgbikh

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1466 octets] - [01/12/2022 21:26:40]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

OK. Dejte nové logy FRST+Addition.

Posílám log.
Server viry.cz (tedy Google) mi říká že při přihlášení na server viry.cz mám změnit heslo. Že je prý prozrazené.
Pak se mi tu neustále otevírá okénku s hláškou že něco na C: nemůže najít.
Kurňa co se mi to s tím počítačem stalo .... ?



Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 26-11-2022
Ran by Milan (administrator) on PC-MILAN (Gigabyte Technology Co., Ltd. H81M-S2PV) (01-12-2022 22:37:53)
Running from D:\stažené soubory
Loaded Profiles: Milan
Platform: Microsoft Windows 10 Pro Version 22H2 19045.2251 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MpCopyAccelerator.exe
(explorer.exe ->) (Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe <6>
(Nvidia Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\NisSrv.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_ee20464bb4ac57f4\Display.NvContainer\NVDisplay.Container.exe <2>

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore: [DisableConfig] Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore: [DisableSR] Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\67.0.2.0\GoogleDriveFS.exe [53350168 2022-11-29] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\67.0.2.0\GoogleDriveFS.exe [53350168 2022-11-29] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-2694576939-4152107225-3971293488-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2626480 2022-11-17] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2694576939-4152107225-3971293488-1001\...\Run: [Steam] => D:\steam\steam.exe [4234600 2022-08-20] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-2694576939-4152107225-3971293488-1001\...\Run: [com.squirrel.WhatsApp.WhatsApp] => C:\Users\mzeme\AppData\Local\WhatsApp\Update.exe [2254048 2022-11-28] (WhatsApp LLC -> )
HKU\S-1-5-21-2694576939-4152107225-3971293488-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [38650192 2022-11-09] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-2694576939-4152107225-3971293488-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [123150720 2022-11-22] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-2694576939-4152107225-3971293488-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\67.0.2.0\GoogleDriveFS.exe [53350168 2022-11-29] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-2694576939-4152107225-3971293488-1001\...\Run: [Zoner Photo Studio Autoupdate] => D:\Photo Studio 17\Program32\ZPSTRAY.EXE [437248 2014-10-03] (ZONER software, a.s. -> ZONER software)
HKU\S-1-5-21-2694576939-4152107225-3971293488-1001\...\MountPoints2: {f5015da2-3fc4-11ed-b4e2-fcaa141acbfa} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2694576939-4152107225-3971293488-1001\...\MountPoints2: {f5015e38-3fc4-11ed-b4e2-fcaa141acbfa} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\67.0.2.0\GoogleDriveFS.exe [53350168 2022-11-29] (Google LLC -> Google, Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\107.0.5304.122\Installer\chrmstp.exe [2022-11-30] (Google LLC -> Google LLC)
Startup: C:\Users\mzeme\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CrystalDiskInfo8.lnk [2022-11-18]
ShortcutTarget: CrystalDiskInfo8.lnk -> C:\Users\mzeme\AppData\Roaming\crystaldiskinfo\diskinfo8.scr (No File)
Startup: C:\Users\mzeme\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OBS.lnk [2022-11-18]
ShortcutTarget: OBS.lnk -> C:\Users\mzeme\AppData\Roaming\obs-studio\bin\64bit\obs64.scr (No File)
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {026CAB9F-5A8C-4565-8D4F-FBC6485B19B6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MpCmdRun.exe [1567360 2022-11-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {07792A0A-3D92-4152-BF67-2DB7A88F5CC6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-01-18] (Google LLC -> Google LLC)
Task: {0C69C76B-48E6-4E5A-A5F1-85232E888B36} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-01-18] (Google LLC -> Google LLC)
Task: {118679C6-81D3-4A5B-8CC7-A8D08C83ED81} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655864 2022-10-13] (Nvidia Corporation -> NVIDIA Corporation)
Task: {2E8665B0-8ED3-4CFC-B858-24CDBEFA4B49} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MpCmdRun.exe [1567360 2022-11-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4C9E07FE-EB20-4F9F-9E0F-F723ACC9E4FB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MpCmdRun.exe [1567360 2022-11-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5127961C-ADA8-497A-966E-776BFB4FD31A} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655864 2022-10-13] (Nvidia Corporation -> NVIDIA Corporation)
Task: {514725BE-1D68-4049-AF68-C7C8E9738C89} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655864 2022-10-13] (Nvidia Corporation -> NVIDIA Corporation)
Task: {635AABD7-B5F9-4CAF-8E89-A96E994B9644} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1003128 2022-08-30] (Nvidia Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {745A7B3D-AAFD-4CC3-BE13-1930E663A4F9} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4189072 2022-11-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {85CE3A64-9E44-426A-BCDE-71D205371EBF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MpCmdRun.exe [1567360 2022-11-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {9F9D33A9-F952-4264-AFFC-5AE5B5C6B0F1} - System32\Tasks\ar => wscript.exe "%appdata%\obs-studio\bin\64bit\.vbs" "%appdata%\obs-studio\bin\64bit\.cmd"
Task: {AAEB9A16-069E-4E36-9E53-D374B9F77D04} - System32\Tasks\CCleanerSkipUAC - Milan => C:\Program Files\CCleaner\CCleaner.exe [32325456 2022-11-09] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {B5955DEF-17CC-491B-8CCC-9C1E43871983} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655864 2022-10-13] (Nvidia Corporation -> NVIDIA Corporation)
Task: {BCCD70C6-06A9-45B8-89E7-69D1BB789920} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-11-09] (Piriform Software Ltd -> Piriform)
Task: {BF78E9B3-AC40-4AA0-B740-B29C29390870} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-2694576939-4152107225-3971293488-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4189072 2022-11-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {CC1C3F06-F5F9-4D6E-AB98-A6CDAEF7DC00} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908856 2022-10-13] (Nvidia Corporation -> NVIDIA Corporation)
Task: {CE80BA1D-7C8B-49C3-AFCB-E574DB9933C2} - System32\Tasks\EOSv3 Scheduler onLogOn => D:\stažené soubory\esetonlinescanner.exe [15274968 2022-12-01] (ESET, spol. s r.o. -> ESET)
Task: {CED90117-99F9-4DC6-8AC7-162B2568EC0E} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908856 2022-10-13] (Nvidia Corporation -> NVIDIA Corporation)
Task: {D1C83870-E8A6-439C-A0D4-CD6829D07B4B} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4669264 2022-11-09] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "67d240e1-bc1c-4ff2-a8a0-71169ea46021" --version "6.06.10144" --silent
Task: {D5538529-401F-4BF3-B1B2-41F0863AC6E3} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649784 2022-10-13] (Nvidia Corporation -> NVIDIA Corporation)
Task: {E5BF0C72-C624-4CCD-A23B-1E8118D6D5BC} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3342376 2022-10-17] (Nvidia Corporation -> NVIDIA Corporation)
Task: {F66238BB-2DD8-4994-BADA-F49F6DC07F3F} - System32\Tasks\EOSv3 Scheduler onTime => D:\stažené soubory\esetonlinescanner.exe [15274968 2022-12-01] (ESET, spol. s r.o. -> ESET)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\..\Interfaces\{ef68ba61-334f-4f41-b581-a52f167845f2}: [NameServer] 1.1.1.1,8.8.8.8

Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\mzeme\AppData\Local\Microsoft\Edge\User Data\Default [2022-12-01]
Edge DownloadDir: Default -> D:\stažené soubory
Edge HomePage: Default -> hxxp://www.google.cz/
Edge Extension: (Replace Favicon) - C:\Users\mzeme\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\akaelkiagnbfcccfnmbimdbplecgbikh [2020-05-18]
Edge Extension: (Flash Player) - C:\Users\mzeme\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bmimdmkleccdoghpgdhaahkelfhjfhgm [2020-10-11]
Edge Extension: (I don't care about cookies) - C:\Users\mzeme\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fihnjjcciajhdojfnbdddfaoknhalnja [2022-10-29]
Edge Extension: (Adblock Plus - free ad blocker) - C:\Users\mzeme\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gmgoamodcdcjnbaobigkjelfplakmdhh [2022-11-24]
Edge Extension: (All Video Downloader professional) - C:\Users\mzeme\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\mbpnbnogejaolbhfpfgagldkeahefbhd [2022-06-27]

FireFox:
========
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)

Chrome:
=======
CHR Profile: C:\Users\mzeme\AppData\Local\Google\Chrome\User Data\Default [2022-12-01]
CHR DownloadDir: D:\stažené soubory
CHR Notifications: Default -> hxxp://127.0.0.1; hxxps://calendar.google.com; hxxps://cs.athowto.com
CHR HomePage: Default -> hxxp://www.google.cz/
CHR StartupUrls: Default -> "hxxps://mail.google.com/mail/u/0/?shva=1#inbox"
CHR Extension: (Flash Player) - C:\Users\mzeme\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmimdmkleccdoghpgdhaahkelfhjfhgm [2020-10-07]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\mzeme\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2022-11-24]
CHR Extension: (I don't care about cookies) - C:\Users\mzeme\AppData\Local\Google\Chrome\User Data\Default\Extensions\fihnjjcciajhdojfnbdddfaoknhalnja [2022-10-28]
CHR Extension: (Dokumenty Google offline) - C:\Users\mzeme\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-11-18]
CHR Extension: (Spouštěč aplikací pro Disk (od Googlu)) - C:\Users\mzeme\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2021-01-23]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\mzeme\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR HKU\S-1-5-21-2694576939-4152107225-3971293488-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileSyncHelper.exe [3476400 2022-11-17] (Microsoft Corporation -> Microsoft Corporation)
S2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [236864 2022-06-24] (Huawei Technologies Co., Ltd. -> ) [File not signed]
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\22.227.1030.0001\OneDriveUpdaterService.exe [3843504 2022-11-17] (Microsoft Corporation -> Microsoft Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [224216 2022-11-09] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 ss_conn_launcher_service; C:\WINDOWS\System32\Samsung\EasySetup\ss_conn_launcher.exe [182392 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\NisSrv.exe [3191272 2022-11-11] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MsMpEng.exe [133544 2022-11-11] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_ee20464bb4ac57f4\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_ee20464bb4ac57f4\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [284672 2021-04-15] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [153088 2021-08-11] (Microsoft Corporation) [File not signed]
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2022-06-24] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R1 googledrivefs3758; C:\WINDOWS\System32\DRIVERS\googledrivefs3758.sys [384584 2022-03-24] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2022-06-24] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R3 MpKsl71573144; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{26DD7976-4F68-4EAC-84A9-7478FC7A519A}\MpKslDrv.sys [214280 2022-12-01] (Microsoft Windows -> Microsoft Corporation)
R3 NvModuleTracker; C:\WINDOWS\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys [45656 2022-07-14] (Nvidia Corporation -> NVIDIA Corporation)
S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [43640 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49616 2022-11-11] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [469288 2022-11-11] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [95520 2022-11-11] (Microsoft Windows -> Microsoft Corporation)
S3 cpuz154; \??\C:\WINDOWS\temp\cpuz154\cpuz154_x64.sys [X]
S3 HWiNFO_172; \??\C:\Users\mzeme\AppData\Local\Temp\HWiNFO64A_172.SYS [X] <==== ATTENTION

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-12-01 21:25 - 2022-12-01 21:27 - 000000000 ____D C:\AdwCleaner
2022-12-01 19:34 - 2022-12-01 19:34 - 000020796 _____ C:\Users\mzeme\Documents\cc_20221201_193359.reg
2022-11-28 09:50 - 2022-11-28 09:51 - 000000000 ____D C:\Users\mzeme\AppData\Local\HiSuite
2022-11-28 09:50 - 2022-11-28 09:50 - 000001064 _____ C:\Users\mzeme\Desktop\HiSuite.lnk
2022-11-28 09:50 - 2022-11-28 09:50 - 000000000 ____D C:\Users\mzeme\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiSuite
2022-11-20 09:15 - 2022-11-28 09:50 - 000000000 ____D C:\Program Files (x86)\HiSuite
2022-11-18 16:45 - 2022-12-01 08:23 - 000001134 _____ C:\WINDOWS\system32\config\VSMIDK
2022-11-18 10:40 - 2022-12-01 18:04 - 000000000 __SHD C:\Users\mzeme\AppData\Roaming\crystaldiskinfo
2022-11-18 10:30 - 2022-12-01 19:20 - 000000000 ____D C:\Users\mzeme\AppData\Roaming\InqfbrzNJH
2022-11-18 10:30 - 2022-12-01 18:07 - 000000000 ____D C:\Users\mzeme\AppData\Roaming\temp
2022-11-18 10:07 - 2022-11-18 10:07 - 000000743 _____ C:\Users\mzeme\Desktop\Start Tor Browser.lnk
2022-11-18 10:07 - 2022-11-18 10:07 - 000000743 _____ C:\Users\mzeme\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk
2022-11-18 09:58 - 2022-11-18 10:04 - 000000000 __SHD C:\tmp
2022-11-18 09:58 - 2022-11-18 09:58 - 000003378 _____ C:\WINDOWS\system32\Tasks\ar
2022-11-18 09:58 - 2022-11-18 09:58 - 000000000 __SHD C:\Users\mzeme\AppData\Roaming\obs-studio
2022-11-17 11:57 - 2022-11-17 11:57 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2022-11-17 11:56 - 2022-08-23 23:26 - 001905912 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2022-11-17 11:56 - 2022-08-23 23:26 - 001905912 _____ C:\WINDOWS\system32\vulkaninfo.exe
2022-11-17 11:56 - 2022-08-23 23:26 - 001478408 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2022-11-17 11:56 - 2022-08-23 23:26 - 001478408 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2022-11-17 11:56 - 2022-08-23 23:26 - 001145592 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2022-11-17 11:56 - 2022-08-23 23:26 - 001145592 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2022-11-17 11:56 - 2022-08-23 23:25 - 001471984 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2022-11-17 11:56 - 2022-08-23 23:25 - 001432312 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2022-11-17 11:56 - 2022-08-23 23:25 - 001432312 _____ C:\WINDOWS\system32\vulkan-1.dll
2022-11-17 11:56 - 2022-08-23 23:25 - 001213424 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2022-11-17 11:56 - 2022-08-23 23:22 - 001536512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2022-11-17 11:56 - 2022-08-23 23:22 - 001182704 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2022-11-17 11:56 - 2022-08-23 23:22 - 000865784 _____ C:\WINDOWS\system32\nvofapi64.dll
2022-11-17 11:56 - 2022-08-23 23:22 - 000771584 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2022-11-17 11:56 - 2022-08-23 23:22 - 000714752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2022-11-17 11:56 - 2022-08-23 23:22 - 000687616 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2022-11-17 11:56 - 2022-08-23 23:22 - 000052208 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhdap64.dll
2022-11-17 11:56 - 2022-08-23 23:21 - 010269696 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2022-11-17 11:56 - 2022-08-23 23:21 - 008803840 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2022-11-17 11:56 - 2022-08-23 23:21 - 005362688 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2022-11-17 11:56 - 2022-08-23 23:21 - 003066864 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2022-11-17 11:56 - 2022-08-23 23:21 - 002127856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2022-11-17 11:56 - 2022-08-23 23:21 - 001607664 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2022-11-17 11:56 - 2022-08-23 23:21 - 001059320 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2022-11-17 11:56 - 2022-08-23 23:21 - 000845312 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2022-11-17 11:56 - 2022-08-23 23:21 - 000456192 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2022-11-17 11:56 - 2022-08-23 23:20 - 005735936 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2022-11-17 11:56 - 2022-08-23 23:20 - 000852984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2022-11-17 11:56 - 2022-08-23 23:19 - 006367424 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2022-11-17 11:56 - 2022-08-23 22:57 - 000093241 _____ C:\WINDOWS\system32\nvinfo.pb
2022-11-09 13:22 - 2022-11-09 13:22 - 000688128 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2022-11-09 13:22 - 2022-11-09 13:22 - 000073216 _____ C:\WINDOWS\system32\nettraceex.dll
2022-11-09 13:21 - 2022-11-09 13:21 - 002387456 _____ C:\WINDOWS\system32\smartscreen.exe
2022-11-09 13:21 - 2022-11-09 13:21 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-11-09 13:21 - 2022-11-09 13:21 - 000012253 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-11-09 13:17 - 2022-11-09 13:17 - 000000000 ___HD C:\$WinREAgent
2022-11-02 08:39 - 2022-11-02 08:39 - 000000931 _____ C:\Users\Public\Desktop\Imou.lnk
2022-11-02 08:39 - 2022-11-02 08:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Imou

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-12-01 22:38 - 2021-07-25 09:15 - 000000000 ____D C:\FRST
2022-12-01 22:37 - 2020-11-11 16:36 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-12-01 22:30 - 2020-01-18 14:13 - 000000000 ____D C:\Program Files (x86)\Google
2022-12-01 21:27 - 2020-01-19 09:20 - 000000000 ____D C:\ProgramData\NVIDIA
2022-12-01 20:24 - 2020-01-18 17:16 - 000000000 ____D C:\Users\mzeme\AppData\Local\D3DSCache
2022-12-01 20:24 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-12-01 19:35 - 2020-11-18 16:04 - 000000000 ____D C:\Program Files\CCleaner
2022-12-01 19:34 - 2022-09-30 05:50 - 000003476 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2022-12-01 19:34 - 2022-09-30 05:50 - 000000760 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2022-12-01 19:34 - 2020-11-18 16:05 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2022-12-01 19:34 - 2020-01-18 16:06 - 000000000 ____D C:\Users\mzeme\AppData\Roaming\WhatsApp
2022-12-01 19:33 - 2020-11-11 19:29 - 000000000 ____D C:\WINDOWS\Minidump
2022-12-01 19:33 - 2020-01-27 15:08 - 000000000 ____D C:\Users\mzeme\AppData\Local\CrashDumps
2022-12-01 18:37 - 2020-01-19 12:30 - 000000000 ___RD C:\Users\mzeme\Disk Google
2022-12-01 17:38 - 2021-02-16 16:43 - 000001420 _____ C:\Users\mzeme\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2022-12-01 17:38 - 2021-02-16 16:43 - 000001314 _____ C:\Users\mzeme\Desktop\ESET Online Scanner.lnk
2022-12-01 08:30 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-12-01 08:28 - 2020-01-19 12:30 - 000000000 ____D C:\Users\mzeme\GoogleDisk
2022-12-01 08:28 - 2020-01-18 14:12 - 000000000 ___RD C:\Users\mzeme\OneDrive
2022-12-01 08:27 - 2020-11-11 16:39 - 001694140 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-12-01 08:27 - 2019-12-07 15:43 - 000717008 _____ C:\WINDOWS\system32\perfh005.dat
2022-12-01 08:27 - 2019-12-07 15:43 - 000145186 _____ C:\WINDOWS\system32\perfc005.dat
2022-12-01 08:27 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2022-12-01 08:23 - 2020-11-11 16:40 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-12-01 08:23 - 2020-11-11 16:35 - 000008192 ___SH C:\DumpStack.log.tmp
2022-11-30 21:58 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2022-11-30 21:54 - 2020-11-24 17:39 - 000000000 ____D C:\Users\mzeme\AppData\Roaming\Kodi
2022-11-30 18:51 - 2020-05-18 05:35 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-11-30 18:51 - 2020-05-18 05:35 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2022-11-30 18:51 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-11-30 17:49 - 2021-11-14 19:08 - 000000000 ____D C:\Users\Public\Imou_en
2022-11-30 13:22 - 2020-01-18 14:13 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-11-30 13:22 - 2020-01-18 14:13 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-11-29 23:28 - 2020-11-11 16:36 - 000000000 ____D C:\Users\mzeme
2022-11-29 20:18 - 2020-11-19 15:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2022-11-29 14:53 - 2021-09-10 19:24 - 000002057 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk
2022-11-29 14:53 - 2021-09-10 19:24 - 000001899 _____ C:\Users\Default\Desktop\Google Slides.lnk
2022-11-29 14:53 - 2021-09-10 19:24 - 000001899 _____ C:\Users\Default\Desktop\Google Sheets.lnk
2022-11-29 14:53 - 2021-09-10 19:24 - 000001887 _____ C:\Users\Default\Desktop\Google Docs.lnk
2022-11-28 21:01 - 2022-02-01 15:21 - 000000000 ____D C:\Users\mzeme\AppData\Local\WhatsApp
2022-11-27 20:26 - 2020-02-09 17:11 - 000000000 ____D C:\Users\mzeme\DCC_E2
2022-11-20 09:04 - 2022-09-29 08:44 - 000000000 ____D C:\Users\mzeme\Documents\HiSuite
2022-11-19 18:47 - 2020-02-09 17:24 - 000000000 ____D C:\Users\mzeme\AppData\Roaming\vlc
2022-11-18 10:15 - 2020-05-16 06:16 - 000000000 ____D C:\Users\mzeme\AppData\LocalLow\Mozilla
2022-11-18 09:47 - 2021-06-19 18:20 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2022-11-17 12:01 - 2021-12-11 18:24 - 000003596 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2694576939-4152107225-3971293488-1001
2022-11-17 12:01 - 2020-11-12 15:50 - 000003194 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2022-11-17 12:01 - 2020-11-12 15:50 - 000002130 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-11-12 08:45 - 2020-11-11 16:40 - 000003640 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-11-12 08:45 - 2020-11-11 16:40 - 000003516 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-11-11 21:02 - 2020-09-30 22:37 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2022-11-11 07:53 - 2020-01-18 14:02 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2022-11-09 14:38 - 2020-11-11 16:36 - 000458488 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-11-09 14:38 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2022-11-09 14:38 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2022-11-09 14:38 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-11-09 14:38 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-11-09 14:38 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-11-09 14:38 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-11-09 14:38 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-11-09 14:38 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-11-09 13:24 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-11-09 13:21 - 2020-11-11 16:39 - 003014656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-11-09 13:21 - 2020-01-18 14:01 - 000415688 __RSH C:\bootmgr
2022-11-09 07:34 - 2020-01-18 17:23 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-11-09 07:32 - 2020-01-18 17:23 - 146960040 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-11-02 08:39 - 2021-11-14 19:08 - 000000000 ____D C:\Program Files\Imou_en

==================== Files in the root of some directories ========

2022-03-13 09:40 - 2022-03-13 09:40 - 000002043 _____ () C:\Users\mzeme\AppData\Roaming\Microsoft\2ae5198e-120a-48ad-a3ae-1860ee29241a.tmp
2022-04-17 12:25 - 2022-04-17 12:25 - 000002041 _____ () C:\Users\mzeme\AppData\Roaming\Microsoft\550a6ca0-2af1-40ab-9b7d-a2507c8e7216.tmp
2022-04-28 20:24 - 2022-04-28 20:24 - 000002042 _____ () C:\Users\mzeme\AppData\Roaming\Microsoft\b4803a5c-24b5-4e75-96c9-20a113898e10.tmp
2020-02-16 14:27 - 2022-10-26 17:04 - 000010752 _____ () C:\Users\mzeme\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2020-02-10 17:45 - 2021-01-16 21:30 - 000000128 _____ () C:\Users\mzeme\AppData\Local\PUTTY.RND
2020-05-06 14:33 - 2020-05-06 14:33 - 000000017 _____ () C:\Users\mzeme\AppData\Local\resmon.resmoncfg

==================== FLock ==============================

2022-11-09 13:21 C:\WINDOWS\system32\smartscreen.exe

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-11-2022
Ran by Milan (01-12-2022 22:38:54)
Running from D:\stažené soubory
Microsoft Windows 10 Pro Version 22H2 19045.2251 (X64) (2020-11-11 15:40:48)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-2694576939-4152107225-3971293488-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2694576939-4152107225-3971293488-503 - Limited - Disabled)
Guest (S-1-5-21-2694576939-4152107225-3971293488-501 - Limited - Disabled)
KODI-PC (S-1-5-21-2694576939-4152107225-3971293488-1002 - Limited - Enabled)
Milan (S-1-5-21-2694576939-4152107225-3971293488-1001 - Administrator - Enabled) => C:\Users\mzeme
WDAGUtilityAccount (S-1-5-21-2694576939-4152107225-3971293488-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Balíček ovladače systému Windows - Silicon Laboratories Inc. (silabser) Ports (09/19/2016 6.7.4.261) (HKLM\...\9E2C239D42290B984A9E2B350A67AF8BC8BD11B9) (Version: 09/19/2016 6.7.4.261 - Silicon Laboratories Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 6.06 - Piriform)
CPUID CPU-Z 2.03 (HKLM\...\CPUID CPU-Z_is1) (Version: 2.03 - CPUID, Inc.)
DCC_E2 (HKLM-x32\...\{B170E541-3668-480A-A2F0-3D7BAD17F877}) (Version: 2.40 - BernyR)
dreamboxEDIT -- The one and only settings editor for your Dreambox (HKLM-x32\...\dreamboxEDIT) (Version: - )
Farming Simulator 22 (HKLM-x32\...\Farming Simulator 22_is1) (Version: - )
Google Drive (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 67.0.2.0 - Google LLC)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 107.0.5304.122 - Google LLC)
HiSuite (HKLM-x32\...\Hi Suite) (Version: 11.0.0.650 - Huawei Technologies Co., Ltd.)
HWiNFO64 Version 7.30 (HKLM\...\HWiNFO64_is1) (Version: 7.30 - Martin Malik - REALiX)
Imou (HKLM\...\Imou_en) (Version: 2.5.1 - Hangzhou Huacheng Network Technology Company)
Imou (HKLM-x32\...\Imou_en) (Version: 2.3.1 - Hangzhou Huacheng Network Technology Company)
IrfanView 4.54 (64-bit) (HKLM\...\IrfanView64) (Version: 4.54 - Irfan Skiljan)
Kodi (HKU\S-1-5-21-2694576939-4152107225-3971293488-1001\...\Kodi) (Version: 19.0.0.0 - XBMC Foundation)
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
LibreOffice 7.0.0.3 (HKLM\...\{7C7F19DA-6107-4284-9263-EC5C4792C8C7}) (Version: 7.0.0.3 - The Document Foundation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 107.0.1418.62 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 107.0.1418.62 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 22.227.1030.0001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{80F1AF52-7AC0-42A3-9AF0-689BFB271D1D}) (Version: 3.68.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.22.27821 (HKLM-x32\...\{6361b579-2795-4886-b2a8-53d5239b6452}) (Version: 14.22.27821.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.22.27821 (HKLM-x32\...\{5bfc1380-fd35-4b85-9715-7351535d077e}) (Version: 14.22.27821.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X64 Additional Runtime - 14.22.27821 (HKLM\...\{6E2C7A8E-B17A-4637-9CE9-F0B1157CF378}) (Version: 14.22.27821 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.22.27821 (HKLM\...\{0093C20C-273D-4397-B623-515CB8616CB9}) (Version: 14.22.27821 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.22.27821 (HKLM-x32\...\{3BDE80F7-7EC9-448E-8160-4ADA0CDA8879}) (Version: 14.22.27821 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.22.27821 (HKLM-x32\...\{1E6FC929-567E-4D22-9206-C5B83F0A21B9}) (Version: 14.22.27821 - Microsoft Corporation) Hidden
Movavi Video Editor 23 (HKU\S-1-5-21-2694576939-4152107225-3971293488-1001\...\Movavi Video Editor 23) (Version: 23.0.1 - Movavi)
NVIDIA FrameView SDK 1.3.8107.31782123 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.3.8107.31782123 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.26.0.154 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.26.0.154 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 516.94 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 516.94 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
Pomocník s aktualizací Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.23367 - Microsoft Corporation)
PuTTY release 0.73 (64-bit) (HKLM\...\{44F7642C-AB7E-4468-B028-E8D08A0CBB0E}) (Version: 0.73.0.0 - Simon Tatham)
Raspberry Pi Imager (HKU\S-1-5-21-2694576939-4152107225-3971293488-1001\...\Raspberry Pi Imager) (Version: 1.4 - Raspberry Pi)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
SD Card Formatter (HKLM-x32\...\{A61131DC-B92D-4AD8-A925-E2D6D5FE217C}) (Version: 5.0.1 - SD Association)
Signal 5.51.0 (HKU\S-1-5-21-2694576939-4152107225-3971293488-1001\...\7d96caee-06e6-597c-9f2f-c7bb2e0948b4) (Version: 5.51.0 - Signal Messenger, LLC)
Skype verze 8.91 (HKLM-x32\...\Skype_is1) (Version: 8.91 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Tenorshare 4DDiG 8.1.2.2 (HKLM\...\{UltData - Windows}_is1) (Version: 8.1.2.2 - Tenorshare, Inc.)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.22a - Ghisler Software GmbH)
TruckersMP Launcher 1.0.0.4 (HKLM\...\{A227B892-C548-4490-9C5D-DB341F8194A6}_is1) (Version: 1.0.0.4 - TruckersMP Team)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.11 - VideoLAN)
WhatsApp (HKU\S-1-5-21-2694576939-4152107225-3971293488-1001\...\WhatsApp) (Version: 2.2245.9 - WhatsApp)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Zip Password Recover (HKLM-x32\...\{F84258BC-AA68-4E24-BCD5-3FDA2D880ED6}) (Version: 1.1.1 - Recover Password)
Zoner Photo Studio 17 (HKLM\...\ZonerPhotoStudio17_CZ_is1) (Version: 17.0.1.3 - ZONER software)

Packages:
=========
Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_7.27.20.0_x64__kgqvnymyfvs32 [2022-11-22] (king.com)
Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_1.93.2.0_x64__kgqvnymyfvs32 [2022-11-24] (king.com)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-01-19] (Microsoft Corporation)
Chordle -> C:\Program Files\WindowsApps\19116MUNKLESOFT.CHORDLE_2.2.150.0_x64__sjfyx6f2ztysj [2022-11-22] (Munklesoft)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-01-18] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-01-18] (Microsoft Corporation) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.963.0_x64__56jybvy8sckqj [2022-10-16] (NVIDIA Corp.)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.15.11210.0_x64__8wekyb3d8bbwe [2022-11-29] (Microsoft Studios) [MS Ad]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileSyncShell64.dll [2022-11-17] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileSyncShell64.dll [2022-11-17] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileSyncShell64.dll [2022-11-17] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileSyncShell64.dll [2022-11-17] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileSyncShell64.dll [2022-11-17] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileSyncShell64.dll [2022-11-17] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileSyncShell64.dll [2022-11-17] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\67.0.2.0\drivefsext.dll [2022-11-29] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\67.0.2.0\drivefsext.dll [2022-11-29] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\67.0.2.0\drivefsext.dll [2022-11-29] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\67.0.2.0\drivefsext.dll [2022-11-29] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileSyncShell64.dll [2022-11-17] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileSyncShell64.dll [2022-11-17] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileSyncShell64.dll [2022-11-17] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileSyncShell64.dll [2022-11-17] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileSyncShell64.dll [2022-11-17] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileSyncShell64.dll [2022-11-17] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileSyncShell64.dll [2022-11-17] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileSyncShell64.dll [2022-11-17] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\67.0.2.0\drivefsext.dll [2022-11-29] (Google LLC -> Google, Inc.)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileSyncShell64.dll [2022-11-17] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\67.0.2.0\drivefsext.dll [2022-11-29] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.227.1030.0001\FileSyncShell64.dll [2022-11-17] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\67.0.2.0\drivefsext.dll [2022-11-29] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_ee20464bb4ac57f4\nvshext.dll [2022-08-23] (Nvidia Corporation -> NVIDIA Corporation)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:9A870F8B [268]

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========


==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-03-19 05:49 - 2022-11-18 09:58 - 000003364 _____ C:\WINDOWS\system32\drivers\etc\hosts
0.0.0.0 account.zoner.com
127.0.0.1 checkhost.local
109.94.209.70 *.fitgirl-repacks.xyz # Fake FitGirl site
109.94.209.70 *.fitgirl-repacks.xyz # Fake FitGirl site
109.94.209.70 fitgirlrepacks.in # Fake FitGirl site
109.94.209.70 www.fitgirlrepacks.in # Fake FitGirl site
109.94.209.70 fitgirlrepacks.co # Fake FitGirl site
109.94.209.70 fitgirl-repacks.cc # Fake FitGirl site
109.94.209.70 fitgirl-repacks.to # Fake FitGirl site
109.94.209.70 fitgirl-repack.com # Fake FitGirl site
109.94.209.70 fitgirl-repacks.website # Fake FitGirl site
109.94.209.70 fitgirlrepack.games # Fake FitGirl site
109.94.209.70 www.fitgirlrepacks.co # Fake FitGirl site
109.94.209.70 www.fitgirl-repacks.cc # Fake FitGirl site
109.94.209.70 www.fitgirl-repacks.to # Fake FitGirl site
109.94.209.70 www.fitgirl-repack.com # Fake FitGirl site
109.94.209.70 www.fitgirl-repacks.website # Fake FitGirl site
109.94.209.70 ww9.fitgirl-repacks.xyz # Fake FitGirl site
109.94.209.70 www.fitgirlrepack.games # Fake FitGirl site
109.94.209.70 *.fitgirl-repacks.xyz # Fake FitGirl site
109.94.209.70 fitgirl-repacks.xyz # Fake FitGirl site
109.94.209.70 fitgirl-repack.net # Fake FitGirl site
109.94.209.70 www.fitgirl-repack.net # Fake FitGirl site
109.94.209.70 fitgirlpack.site # Fake FitGirl site
109.94.209.70 www.fitgirlpack.site # Fake FitGirl site
109.94.209.70 fitgirl-repack.org # Fake FitGirl site
109.94.209.70 www.fitgirl-repack.org # Fake FitGirl site
0.0.0.0 checkappexec.microsoft.com
0.0.0.0 smartscreen-prod.microsoft.com
0.0.0.0 nav.smartscreen.microsoft.com

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2694576939-4152107225-3971293488-1001\Control Panel\Desktop\\Wallpaper -> D:\stažené soubory\wokna.jpg
DNS Servers: 1.1.1.1 - 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 0) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: off)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKU\S-1-5-21-2694576939-4152107225-3971293488-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-2694576939-4152107225-3971293488-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-2694576939-4152107225-3971293488-1001\...\StartupApproved\Run: => "Zoner Photo Studio Autoupdate"
HKU\S-1-5-21-2694576939-4152107225-3971293488-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [TCP Query User{7FFD49BD-BA15-4D85-A5D9-F024ACF7B298}D:\steam\steam.exe] => (Allow) D:\steam\steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [UDP Query User{EDC8299D-F61A-4AF5-91D8-DDA9EF748821}D:\steam\steam.exe] => (Allow) D:\steam\steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{BCE62EC3-3DB3-49DB-8CDA-592295F590A9}] => (Allow) D:\steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{AE36D177-8B89-4C0F-94CF-880C2E5DA546}] => (Allow) D:\steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [TCP Query User{3D50BC4B-85C3-4B79-B9CF-C885072D27D0}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{789EE48D-488F-40D8-9A80-5B1CAD31A0FB}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{47FA76C6-8ECF-4A0D-95DA-7DABE6BC9A3E}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{19C5E664-AE86-4EB6-B92E-168427F4FE71}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{29D44FCD-9DFA-42CC-869B-B72F3799BD3C}] => (Allow) C:\steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{191FA4CA-18CD-41D3-85D4-27AB7B48EC7F}] => (Allow) C:\steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{F9C4887F-B1B9-42BB-A8E1-A380112312A1}] => (Allow) C:\steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{22B40A81-B8D1-417D-B25B-85695535C04B}] => (Allow) C:\steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{20B38C0F-33BF-4A93-BE0F-0B79FC9E4E1B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{F0AA4D60-202D-4DAA-B673-1107C48F1DBD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{60682377-93C6-4773-882B-A33C66C2E048}C:\program files\imou_en\bin\imou_en.exe] => (Allow) C:\program files\imou_en\bin\imou_en.exe (Hangzhou Huacheng Network Technology Co.,Ltd. -> Hangzhou Huacheng Network Technology Company)
FirewallRules: [UDP Query User{3E8B4834-DC7C-419B-B633-8574421C4684}C:\program files\imou_en\bin\imou_en.exe] => (Allow) C:\program files\imou_en\bin\imou_en.exe (Hangzhou Huacheng Network Technology Co.,Ltd. -> Hangzhou Huacheng Network Technology Company)
FirewallRules: [{1410351A-4AE3-4EC2-88DA-5E5BC82006A2}] => (Allow) C:\Program Files (x86)\Tenorshare\Tenorshare 4DDiG\Tenorshare 4DDiG.exe (Tenorshare Co., Ltd. -> Tenorshare)
FirewallRules: [{232C3626-2C6E-492A-8D2A-5AA83B40E1E5}] => (Allow) C:\Program Files (x86)\Tenorshare\Tenorshare 4DDiG\Tenorshare 4DDiG.exe (Tenorshare Co., Ltd. -> Tenorshare)
FirewallRules: [{2B65F5D7-61EC-4E50-87B6-9F4C802FAFBD}] => (Allow) C:\Program Files (x86)\Tenorshare\Tenorshare 4DDiG\NetFrameCheck.exe (Tenorshare Co., Ltd. -> Tenorshare)
FirewallRules: [{8AD3AB29-8029-4E67-9A12-06960C9E3F45}] => (Allow) C:\Program Files (x86)\Tenorshare\Tenorshare 4DDiG\NetFrameCheck.exe (Tenorshare Co., Ltd. -> Tenorshare)
FirewallRules: [TCP Query User{042E1DEA-7F3C-452E-83C0-9F63FEABCAF4}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{4E266D98-5B4A-4716-8784-2577A5AB60C5}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{22FCDF3D-BB32-43E3-B019-3DA2EC05E097}] => (Allow) C:\steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{B14845A3-AE55-4ED1-8C13-6AE3F4A2C09B}] => (Allow) C:\steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{9AE05EAC-0A61-44AC-AA62-7E5CE6F606AF}] => (Allow) C:\steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{78C4D66F-0D39-495A-9FA0-FD7FA9DEBC73}] => (Allow) C:\steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{71423391-F1BC-4FA9-8BC0-131FF3DF8CB1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{5834183D-9B0F-445E-8770-BA60A14DAA44}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{3276491D-9A4A-49A6-85B7-74A4BF4D255D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{DCB86CFD-357C-4819-9444-74DB1BCF77CB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{B7A266A9-ABC4-44D2-8A40-03B7481BC40A}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{DDE001D9-F1FC-4964-AED4-50FA97380C28}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A1170DDE-C257-4F1D-9F3F-CEDB77D1FDAB}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{99E69A48-E69D-4EA0-8115-3BCBF7D3439E}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\107.0.1418.62\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================


==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (12/01/2022 09:39:46 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Fotky (D:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (11/30/2022 08:31:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: FarmingSimulator2022Game.exe, verze: 9.0.0.0, časové razítko: 0x62eb68a9
Název chybujícího modulu: FarmingSimulator2022Game.exe, verze: 9.0.0.0, časové razítko: 0x62eb68a9
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000352821
ID chybujícího procesu: 0x27cc
Čas spuštění chybující aplikace: 0x01d904cf453db8a7
Cesta k chybující aplikaci: C:\Games\Farming Simulator 22\x64\FarmingSimulator2022Game.exe
Cesta k chybujícímu modulu: C:\Games\Farming Simulator 22\x64\FarmingSimulator2022Game.exe
ID zprávy: a923cd22-9488-4976-993a-eb0d5a9d9c5f
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (11/29/2022 12:08:53 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: FarmingSimulator2022Game.exe, verze: 9.0.0.0, časové razítko: 0x62eb68a9
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x00000177527826f0
ID chybujícího procesu: 0x24e4
Čas spuštění chybující aplikace: 0x01d90371515ed669
Cesta k chybující aplikaci: C:\Games\Farming Simulator 22\x64\FarmingSimulator2022Game.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 5549802c-80ea-4053-933b-7e568c451582
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (11/28/2022 08:08:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: FarmingSimulator2022Game.exe, verze: 9.0.0.0, časové razítko: 0x62eb68a9
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x00000187d9272880
ID chybujícího procesu: 0x1f8c
Čas spuštění chybující aplikace: 0x01d9032780472a6a
Cesta k chybující aplikaci: C:\Games\Farming Simulator 22\x64\FarmingSimulator2022Game.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 389de7b5-3500-4542-9607-09c09329bd94
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (11/28/2022 01:45:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: FarmingSimulator2022Game.exe, verze: 9.0.0.0, časové razítko: 0x62eb68a9
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x00000148e3f06fc0
ID chybujícího procesu: 0x1fe8
Čas spuštění chybující aplikace: 0x01d902fb0655e042
Cesta k chybující aplikaci: C:\Games\Farming Simulator 22\x64\FarmingSimulator2022Game.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: e1a8a45d-edc9-4c93-aad1-b1b19a62804c
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (11/27/2022 04:14:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: FarmingSimulator2022Game.exe, verze: 9.0.0.0, časové razítko: 0x62eb68a9
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x0000023d8290f790
ID chybujícího procesu: 0x1f08
Čas spuštění chybující aplikace: 0x01d9026e168536e3
Cesta k chybující aplikaci: C:\Games\Farming Simulator 22\x64\FarmingSimulator2022Game.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 5d3dd6f4-cd70-4a69-8ce6-03a566b7a37a
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (11/27/2022 03:39:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: FarmingSimulator2022Game.exe, verze: 9.0.0.0, časové razítko: 0x62eb68a9
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x0000016515e8d5a0
ID chybujícího procesu: 0xcb8
Čas spuštění chybující aplikace: 0x01d902356a67a52b
Cesta k chybující aplikaci: C:\Games\Farming Simulator 22\x64\FarmingSimulator2022Game.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: a4eb0919-3dc4-439a-a553-f7391e646b5d
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (11/26/2022 05:42:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: FarmingSimulator2022Game.exe, verze: 9.0.0.0, časové razítko: 0x62eb68a9
Název chybujícího modulu: FarmingSimulator2022Game.exe, verze: 9.0.0.0, časové razítko: 0x62eb68a9
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000352821
ID chybujícího procesu: 0x298c
Čas spuštění chybující aplikace: 0x01d901a093a41705
Cesta k chybující aplikaci: C:\Games\Farming Simulator 22\x64\FarmingSimulator2022Game.exe
Cesta k chybujícímu modulu: C:\Games\Farming Simulator 22\x64\FarmingSimulator2022Game.exe
ID zprávy: 16aae2cf-e20f-4386-a200-32bd46469f5c
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:


System errors:
=============
Error: (12/01/2022 09:27:18 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA LocalSystem Container byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.

Error: (12/01/2022 09:27:18 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba HuaweiHiSuiteService64.exe byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (12/01/2022 09:27:18 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA Display Container LS byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.

Error: (12/01/2022 07:33:17 PM) (Source: DCOM) (EventID: 10000) (User: PC-MILAN)
Description: Nelze spustit server DCOM: {0358B920-0AC7-461F-98F4-58E32CD89148}. Došlo k chybě:
2147942767
při provádění příkazu:
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}

Error: (12/01/2022 05:39:55 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba eapihdrv neuspěla při spuštění v důsledku následující chyby:
Načtení tohoto ovladače je blokováno.

Error: (12/01/2022 05:39:55 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\mzeme\AppData\Local\Temp\ehdrv.sys

Error: (12/01/2022 05:39:54 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba eapihdrv neuspěla při spuštění v důsledku následující chyby:
Načtení tohoto ovladače je blokováno.

Error: (12/01/2022 05:39:54 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\mzeme\AppData\Local\Temp\ehdrv.sys


CodeIntegrity:
===============
Date: 2022-12-01 17:39:55
Description:
Code Integrity determined that a process (System) attempted to load \Device\HarddiskVolume1\Users\mzeme\AppData\Local\Temp\ehdrv.sys that is not compatible with hypervisor enforcement. Failure bitmap 0x1. Status 0xC00000BB.


==================== Memory info ===========================

BIOS: American Megatrends Inc. FC 08/11/2015
Motherboard: Gigabyte Technology Co., Ltd. H81M-S2PV
Processor: Intel(R) Core(TM) i7-4790 CPU @ 3.60GHz
Percentage of memory in use: 35%
Total physical RAM: 12252.86 MB
Available physical RAM: 7916.3 MB
Total Virtual: 16092.86 MB
Available Virtual: 9868.17 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:231.94 GB) (Free:95.89 GB) (Model: Samsung SSD 860 EVO 250GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (Fotky) (Fixed) (Total:465.76 GB) (Free:194.63 GB) (Model: WDC WD5000AZRX-00A8LB0) NTFS

\\?\Volume{e30ce30c-0000-0000-0000-20fc39000000}\ () (Fixed) (Total:0.5 GB) (Free:0.08 GB) NTFS
\\?\Volume{e30ce30c-0000-0000-0000-801c3a000000}\ () (Fixed) (Total:0.44 GB) (Free:0.08 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 232.9 GB) (Disk ID: E30CE30C)
Partition 1: (Active) - (Size=231.9 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=517 MB) - (Type=27)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 0367C0E6)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================

Ta hláška je že systém nemůže najít něco k OBS-studio - nemá prý obs64.scr
Proto mi asi nejde udělat PrintScreen.
Těchto oken je otenřených i několik.

OK. Nepotřebuji printscreen, ale nové logy. Ty jste dal. Pravděpodobně máte chybu v systému. Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore: [DisableConfig] Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore: [DisableSR] Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-2694576939-4152107225-3971293488-1001\...\MountPoints2: {f5015da2-3fc4-11ed-b4e2-fcaa141acbfa} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2694576939-4152107225-3971293488-1001\...\MountPoints2: {f5015e38-3fc4-11ed-b4e2-fcaa141acbfa} - "E:\HiSuiteDownLoader.exe"
ShortcutTarget: CrystalDiskInfo8.lnk -> C:\Users\mzeme\AppData\Roaming\crystaldiskinfo\diskinfo8.scr (No File)
ShortcutTarget: OBS.lnk -> C:\Users\mzeme\AppData\Roaming\obs-studio\bin\64bit\obs64.scr (No File)
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
Task: {07792A0A-3D92-4152-BF67-2DB7A88F5CC6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-01-18] (Google LLC -> Google LLC)
Task: {0C69C76B-48E6-4E5A-A5F1-85232E888B36} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-01-18] (Google LLC -> Google LLC)
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
S3 HWiNFO_172; \??\C:\Users\mzeme\AppData\Local\Temp\HWiNFO64A_172.SYS [X] <==== ATTENTION
C:\Users\mzeme\AppData\Roaming\Microsoft\2ae5198e-120a-48ad-a3ae-1860ee29241a.tmp
C:\Users\mzeme\AppData\Roaming\Microsoft\550a6ca0-2af1-40ab-9b7d-a2507c8e7216.tmp
C:\Users\mzeme\AppData\Roaming\Microsoft\b4803a5c-24b5-4e75-96c9-20a113898e10.tmp
C:\Users\mzeme\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
AlternateDataStreams: C:\ProgramData\TEMP:9A870F8B [268]

Hosts:
EmptyTemp:
End

Uložte do D:\stažené soubory jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Fix result of Farbar Recovery Scan Tool (x64) Version: 26-11-2022
Ran by Milan (02-12-2022 11:23:53) Run:1
Running from D:\stažené soubory
Loaded Profiles: Milan
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore: [DisableConfig] Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore: [DisableSR] Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-2694576939-4152107225-3971293488-1001\...\MountPoints2: {f5015da2-3fc4-11ed-b4e2-fcaa141acbfa} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2694576939-4152107225-3971293488-1001\...\MountPoints2: {f5015e38-3fc4-11ed-b4e2-fcaa141acbfa} - "E:\HiSuiteDownLoader.exe"
ShortcutTarget: CrystalDiskInfo8.lnk -> C:\Users\mzeme\AppData\Roaming\crystaldiskinfo\diskinfo8.scr (No File)
ShortcutTarget: OBS.lnk -> C:\Users\mzeme\AppData\Roaming\obs-studio\bin\64bit\obs64.scr (No File)
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
Task: {07792A0A-3D92-4152-BF67-2DB7A88F5CC6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-01-18] (Google LLC -> Google LLC)
Task: {0C69C76B-48E6-4E5A-A5F1-85232E888B36} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-01-18] (Google LLC -> Google LLC)
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
S3 HWiNFO_172; \??\C:\Users\mzeme\AppData\Local\Temp\HWiNFO64A_172.SYS [X] <==== ATTENTION
C:\Users\mzeme\AppData\Roaming\Microsoft\2ae5198e-120a-48ad-a3ae-1860ee29241a.tmp
C:\Users\mzeme\AppData\Roaming\Microsoft\550a6ca0-2af1-40ab-9b7d-a2507c8e7216.tmp
C:\Users\mzeme\AppData\Roaming\Microsoft\b4803a5c-24b5-4e75-96c9-20a113898e10.tmp
C:\Users\mzeme\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
AlternateDataStreams: C:\ProgramData\TEMP:9A870F8B [268]

Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
HKLM\Software\Policies\Microsoft\Windows NT\SystemRestore => removed successfully
HKLM\Software\Policies\Microsoft\Windows NT\SystemRestore => not found
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => could not remove, key could be protected
HKU\S-1-5-21-2694576939-4152107225-3971293488-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f5015da2-3fc4-11ed-b4e2-fcaa141acbfa} => removed successfully
HKU\S-1-5-21-2694576939-4152107225-3971293488-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f5015e38-3fc4-11ed-b4e2-fcaa141acbfa} => removed successfully
"C:\Users\mzeme\AppData\Roaming\crystaldiskinfo\diskinfo8.scr" => not found
"C:\Users\mzeme\AppData\Roaming\obs-studio\bin\64bit\obs64.scr" => not found
C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully
C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully
C:\WINDOWS\SysWOW64\GroupPolicy\GPT.ini => moved successfully
C:\ProgramData\NTUSER.pol => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{07792A0A-3D92-4152-BF67-2DB7A88F5CC6}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{07792A0A-3D92-4152-BF67-2DB7A88F5CC6}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{0C69C76B-48E6-4E5A-A5F1-85232E888B36}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0C69C76B-48E6-4E5A-A5F1-85232E888B36}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\BookReader_B171F20233094AC88D05A8EF7B9763E8 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => removed successfully
HKLM\System\CurrentControlSet\Services\HWiNFO_172 => removed successfully
HWiNFO_172 => service removed successfully
C:\Users\mzeme\AppData\Roaming\Microsoft\2ae5198e-120a-48ad-a3ae-1860ee29241a.tmp => moved successfully
C:\Users\mzeme\AppData\Roaming\Microsoft\550a6ca0-2af1-40ab-9b7d-a2507c8e7216.tmp => moved successfully
C:\Users\mzeme\AppData\Roaming\Microsoft\b4803a5c-24b5-4e75-96c9-20a113898e10.tmp => moved successfully
C:\Users\mzeme\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => moved successfully
C:\ProgramData\TEMP => ":9A870F8B" ADS removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 1572864 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 13738830 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 1047563646 B
Windows/system/drivers => 9515358 B
Edge => 42187 B
Chrome => 440510463 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 665752132 B
systemprofile32 => 666004556 B
LocalService => 666004556 B
NetworkService => 666006570 B
mzeme => 670792790 B

RecycleBin => 0 B
EmptyTemp: => 4.5 GB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 02-12-2022 11:24:56)


Result of scheduled keys to remove after reboot:

HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => could not remove, key could be protected

==== End of Fixlog 11:24:56 ====

Bylo smazáno. Nastala změna k lepšímu?

Děkuji za pomoc.
Systém se chová normálně - kromně toho vyskakovacího okna.
Google už také nehlásí problém se zabezpečením účtu ale já hesla prevenivně stejně změnil.

zaskocim:
ZMAZ rucne subor C:\Users\mzeme\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OBS.lnk

Ahoj.
Díky. Zkouším to ale i když jsem přihlášen jako správce tak mi to nedovolí smazat.

Vytvor novy fixlist.txt s obsahom:

Start

C:\Users\mzeme\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OBS.lnk

End

SUPER - Díky - je to pryč.

aj za Rudyho: radi sme pomohli