podezření na vir, prosím o kontrolu logu

[wegel]

Dobrý den, nedávno jsem narazil na webové stránky které jsem netušil ,že obsahují spousta virů. Byli zkoušeny ve všech prohlížečích(jelikož někde nenačetli správně) a teprve až na edge zobrazilo řadu virů. Od té doby jen vyskočil další vir z edge jako vyskakovací okno a také se stáhl neznámý soubor který jsem smazal a google chrome se mi zdá na chvílí zamrzl.Edge přeinstalován a zatím OK
zde je log:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29-05-2023
Ran by Milan (administrator) on DESKTOP-HCH2VCI (MSI MS-7673) (06-06-2023 10:53:21)
Running from C:\Users\Milan\Desktop\FRST64.exe
Loaded Profiles: Milan
Platform: Microsoft Windows 10 Home Version 22H2 19045.2965 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(C:\Program Files (x86)\ExpressVPN\bootstrap\amd64\nssm.exe ->) (EXPRSVPN LLC -> ExpressVPN) C:\Program Files (x86)\ExpressVPN\expressvpnd\expressvpnd.exe
(C:\Program Files\NVIDIA Corporation\Display\nvtray.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(CyberLink -> CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(explorer.exe ->) (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iTunes_12129.4.57066.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe
(explorer.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <7>
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(EXPRSVPN LLC -> ExpressVPN) C:\Program Files (x86)\ExpressVPN\expressvpn-ui\ExpressVPNNotificationService.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.242\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.242\GoogleCrashHandler64.exe
(nvvsvc.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (EXPRSVPN LLC -> ExpressVPN) C:\Program Files (x86)\ExpressVPN\bootstrap\amd64\nssm.exe
(services.exe ->) (Hewlett-Packard Company -> HP) C:\Windows\System32\HPSIsvc.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.3-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.3-0\NisSrv.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe <2>
(svchost.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21464.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21464.0_x64__8wekyb3d8bbwe\HxTsr.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_11.2304.2.0_x64__8wekyb3d8bbwe\Microsoft.Media.Player.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2397120 2016-11-14] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1767712 2016-11-14] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9181696 2016-12-09] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [33648 2007-08-24] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [ExpressVPNNotificationService] => C:\Program Files (x86)\ExpressVPN\expressvpn-ui\ExpressVPNNotificationServiceStarter.exe [379360 2022-05-09] (EXPRSVPN LLC -> ExpressVPN)
HKLM-x32\...\Run: [UpdateLBPShortCut] => C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink -> CyberLink Corp.)
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [103720 2009-12-15] (CyberLink -> CyberLink)
HKLM-x32\...\Run: [UpdateP2GoShortCut] => C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink -> CyberLink Corp.)
HKLM-x32\...\Run: [UpdatePSTShortCut] => "C:\Program Files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter" (No File)
HKU\S-1-5-21-1810426872-3802176792-3749337514-1001\...\Run: [Zoner Photo Studio Service 16] => C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSService.exe [27864 2014-12-23] (ZONER software, a.s. -> )
HKU\S-1-5-21-1810426872-3802176792-3749337514-1001\...\Run: [MicrosoftEdgeAutoLaunch_2C1B8FB2F2D2AFDF33DA0282AD47E432] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4113856 2023-06-02] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1810426872-3802176792-3749337514-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [67896 2020-09-08] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-1810426872-3802176792-3749337514-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2020-09-08] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-1810426872-3802176792-3749337514-1001\...\Run: [Zoner Photo Studio Autoupdate] => C:\PROGRAM FILES\ZONER\PHOTO STUDIO 16\Program32\ZPSTRAY.EXE [833240 2014-12-23] (ZONER software, a.s. -> ZONER software)
HKU\S-1-5-21-1810426872-3802176792-3749337514-1001\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-1810426872-3802176792-3749337514-1001\...\MountPoints2: {72a781a7-510b-11eb-ab0c-6c626de9a39d} - "E:\SISetup.exe"
HKU\S-1-5-21-1810426872-3802176792-3749337514-1001\...\MountPoints2: {d10a34e3-50de-11eb-ab0a-6c626de9a39d} - "L:\SETUP.EXE"
HKU\S-1-5-21-1810426872-3802176792-3749337514-1001\...\MountPoints2: {d10a3613-50de-11eb-ab0a-6c626de9a39d} - "M:\SETUP.EXE"
HKU\S-1-5-21-1810426872-3802176792-3749337514-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [39936 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Windows x64\Print Processors\HPM1210PrintProc: C:\Windows\System32\spool\prtprocs\x64\HPM1210PP.dll [74240 2010-03-31] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\HPM1210LM: C:\Windows\system32\HPM1210LM.DLL [407040 2010-03-31] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\114.0.5735.91\Installer\chrmstp.exe [2023-06-03] (Google LLC -> Google LLC)
Startup: C:\Users\Milan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Poslat do aplikace OneNote.lnk [2023-06-04]
ShortcutTarget: Poslat do aplikace OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (No File)
Startup: C:\Users\Milan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk [2022-12-26]
ShortcutTarget: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0FA34237-3079-46F6-A702-080956A82AE2} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.3-0\MpCmdRun.exe [1649976 2023-06-01] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4177FC71-2EC9-4B23-AEB5-AA211320D31C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154456 2021-04-27] (Google LLC -> Google LLC)
Task: {47696BB4-4B5F-438B-A676-8453C259EB2C} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616832 2019-09-04] (Apple Inc. -> Apple Inc.)
Task: {4CBB2B9C-380C-4B8F-9C0F-D0DF4BB7A312} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [732064 2023-06-03] (Mozilla Corporation -> Mozilla Foundation)
Task: {64224235-130A-4DA1-AC96-A46348F51CA6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.3-0\MpCmdRun.exe [1649976 2023-06-01] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {957C7D62-B7A5-4ED5-81A4-3405238D784B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.3-0\MpCmdRun.exe [1649976 2023-06-01] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {9B7CCBE8-21F6-43A0-8322-0CA05260327B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154456 2021-04-27] (Google LLC -> Google LLC)
Task: {BD8BA61B-496F-402B-A499-3A28CEF8DB80} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.3-0\MpCmdRun.exe [1649976 2023-06-01] (Microsoft Windows Publisher -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704 2011-08-31] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [132968 2011-08-31] (Apple Inc. -> Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{5e802fc0-9f0c-41f8-992e-51eb5c12c4ba}: [DhcpNameServer] 178.77.238.1 178.77.238.2
Tcpip\..\Interfaces\{817e49a5-4620-4e23-a13e-714356f9c280}: [NameServer] 10.11.0.1
Tcpip\..\Interfaces\{c439ff5c-1464-4368-85bd-145cc13ac5ae}: [DhcpNameServer] 10.0.0.138

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Milan\AppData\Local\Microsoft\Edge\User Data\Default [2023-06-06]
Edge Extension: (Edge relevant text changes) - C:\Users\Milan\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-04-25]

FireFox:
========
FF DefaultProfile: kv4n2633.default
FF ProfilePath: C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\kv4n2633.default [2021-04-12]
FF ProfilePath: C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\ymtegibw.default-release [2023-06-05]
FF Session Restore: Mozilla\Firefox\Profiles\ymtegibw.default-release -> is enabled.
FF Extension: (Český slovník pro kontrolu pravopisu) - C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\ymtegibw.default-release\Extensions\cs@dictionaries.addons.mozilla.org.xpi [2021-06-26]
FF Extension: (ExpressVPN: VPN proxy for a better internet) - C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\ymtegibw.default-release\Extensions\firefox-addon@expressvpn.com.xpi [2023-03-18]
FF Extension: (DuckDuckGo Privacy Essentials) - C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\ymtegibw.default-release\Extensions\jid1-ZAdIEUB7XOzOJw@jetpack.xpi [2023-05-27]
FF Extension: (Language: Čeština (Czech)) - C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\ymtegibw.default-release\Extensions\langpack-cs@firefox.mozilla.org.xpi [2023-06-03]
FF Extension: (uBlock Origin) - C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\ymtegibw.default-release\Extensions\uBlock0@raymondhill.net.xpi [2023-05-06]
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-11-14] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-11-14] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]

Chrome:
=======
CHR Profile: C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default [2023-06-06]
CHR DownloadDir: C:\Users\Milan\Downloads
CHR HomePage: Default -> hxxps://www.google.com/
CHR Session Restore: Default -> is enabled.
CHR Extension: (Překladač Google) - C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2023-04-15]
CHR Extension: (DuckDuckGo) - C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkdgflcldnnnapblkhphbgpggdiikppg [2023-05-25]
CHR Extension: (uBlock Origin) - C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2023-04-28]
CHR Extension: (Dark Reader) - C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\eimadpbcbfnmbkopoojfekhnkhdbieeh [2023-04-11]
CHR Extension: (Dokumenty Google offline) - C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-05-25]
CHR Extension: (Disconnect) - C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeoacafpbcihiomhlakheieifhpjdfeo [2023-04-11]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (uMatrix) - C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogfcmafjalglgifnmanfmnieipoejdcf [2023-04-11]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1272592 2015-02-27] (Disc Soft Ltd -> Disc Soft Ltd)
R2 ExpressVPNService; C:\Program Files (x86)\ExpressVPN\bootstrap\amd64\nssm.exe [438240 2022-05-09] (EXPRSVPN LLC -> ExpressVPN)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [288360 2021-05-07] (HP Inc. -> HP Inc.)
R2 HPSIService; C:\Windows\system32\HPSIsvc.exe [127800 2010-04-29] (Hewlett-Packard Company -> HP)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.3-0\NisSrv.exe [3228464 2023-06-01] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.3-0\MsMpEng.exe [133592 2023-06-01] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AppleKmdfFilter; C:\Windows\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:\Windows\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30352 2021-01-07] (Disc Soft Ltd -> Disc Soft Ltd)
S3 expressvpnsplittunnel; C:\Program Files (x86)\ExpressVPN\splittunnel\expressvpnsplittunnel.sys [45640 2022-05-09] (ExprsVPN LLC -> ExpressVPN)
R3 expressvpntun; C:\Windows\System32\drivers\expressvpn-tun.sys [46896 2022-05-09] (Express VPN International Ltd. -> ExpressVPN)
R2 mi2c; C:\Windows\system32\drivers\mi2c.sys [20784 2021-01-07] (AOC International (Europe) GmbH -> Nicomsoft Ltd.)
S3 mvusbews; C:\Windows\System32\Drivers\mvusbews.sys [20480 2010-04-28] (Microsoft Windows Hardware Compatibility Publisher -> Marvell Semiconductor, Inc.)
R3 tapexpressvpn; C:\Windows\System32\drivers\tapexpressvpn.sys [52904 2021-03-22] (ExprsVPN LLC -> The OpenVPN Project)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [49616 2023-06-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [498984 2023-06-01] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [99608 2023-06-01] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-06-06 10:53 - 2023-06-06 10:53 - 000018570 _____ C:\Users\Milan\Desktop\FRST.txt
2023-06-06 10:03 - 2023-06-06 10:53 - 000000000 ____D C:\FRST
2023-06-04 22:00 - 2023-06-04 22:00 - 000000000 ____D C:\Users\Milan\Documents\Onenotové poznámkové bloky
2023-06-04 22:00 - 2023-06-04 22:00 - 000000000 ____D C:\Users\Milan\AppData\Roaming\Microsoft\AddIns
2023-06-04 17:42 - 2023-06-04 17:42 - 002383360 _____ (Farbar) C:\Users\Milan\Desktop\FRST64.exe
2023-06-04 17:25 - 2023-06-04 17:39 - 000001276 _____ C:\Users\Milan\Desktop\ESET Online Scanner.lnk
2023-06-04 17:25 - 2023-06-04 17:25 - 015274968 _____ (ESET) C:\Users\Milan\Downloads\esetonlinescanner.exe
2023-06-04 12:16 - 2023-06-04 12:16 - 000000000 ____D C:\Users\Milan\AppData\Local\mbam
2023-06-03 20:20 - 2023-06-04 13:24 - 000000000 ____D C:\Program Files\Mozilla Firefox
2023-05-10 09:55 - 2023-05-10 09:55 - 000000000 ___HD C:\$WinREAgent

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-06-06 10:53 - 2020-09-27 07:50 - 000000000 ____D C:\Windows\system32\SleepStudy
2023-06-06 10:47 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-06-06 10:34 - 2021-01-07 12:29 - 001614190 _____ C:\Windows\system32\PerfStringBackup.INI
2023-06-06 10:34 - 2019-12-07 16:41 - 000685568 _____ C:\Windows\system32\perfh005.dat
2023-06-06 10:34 - 2019-12-07 16:41 - 000138320 _____ C:\Windows\system32\perfc005.dat
2023-06-06 10:34 - 2019-12-07 11:13 - 000000000 ____D C:\Windows\INF
2023-06-06 10:32 - 2021-01-07 12:53 - 000000000 ____D C:\Program Files (x86)\Google
2023-06-06 10:31 - 2021-01-07 12:29 - 000000000 ___RD C:\Users\Milan\OneDrive
2023-06-06 10:30 - 2021-01-07 18:56 - 000000000 ____D C:\ProgramData\NVIDIA
2023-06-06 10:30 - 2020-09-27 09:51 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2023-06-06 10:30 - 2020-09-27 07:50 - 000483032 _____ C:\Windows\system32\FNTCACHE.DAT
2023-06-06 10:30 - 2020-09-27 07:50 - 000008192 ___SH C:\DumpStack.log.tmp
2023-06-06 10:30 - 2019-12-07 11:03 - 000524288 _____ C:\Windows\system32\config\BBI
2023-06-06 10:28 - 2021-01-07 13:35 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2023-06-06 09:35 - 2021-12-11 12:52 - 000003592 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1810426872-3802176792-3749337514-1001
2023-06-06 09:35 - 2021-01-07 12:29 - 000003380 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1810426872-3802176792-3749337514-1001
2023-06-06 09:35 - 2021-01-07 12:25 - 000002381 _____ C:\Users\Milan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-06-05 14:41 - 2022-03-06 17:36 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-06-05 11:32 - 2021-01-07 19:18 - 000000000 ____D C:\Users\Milan\AppData\Roaming\foobar2000
2023-06-04 22:47 - 2021-01-07 13:39 - 000000000 ____D C:\Users\Milan\AppData\Roaming\Microsoft\Word
2023-06-04 22:02 - 2021-01-07 12:26 - 000000000 ____D C:\Users\Milan\AppData\Local\Packages
2023-06-04 22:02 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-06-04 22:02 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\AppReadiness
2023-06-04 22:00 - 2022-12-26 14:07 - 000000000 ____D C:\Users\Milan\AppData\Roaming\Microsoft\OneNote
2023-06-04 21:53 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2023-06-04 21:45 - 2021-01-07 13:39 - 000000000 ____D C:\Users\Milan\AppData\Roaming\Microsoft\Office
2023-06-04 17:39 - 2021-04-29 18:38 - 000001382 _____ C:\Users\Milan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2023-06-04 13:24 - 2021-04-12 14:07 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2023-06-04 12:59 - 2019-12-07 11:14 - 000000000 ___HD C:\Windows\ELAMBKUP
2023-06-04 12:58 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\CbsTemp
2023-06-04 12:55 - 2023-01-17 09:04 - 000002350 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2023-06-04 12:55 - 2020-09-27 09:53 - 000002512 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-06-03 20:25 - 2021-12-19 18:36 - 000000000 ____D C:\Windows\SystemTemp
2023-06-03 20:25 - 2021-04-28 08:37 - 000002206 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2023-06-03 20:25 - 2021-04-27 16:31 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-06-03 20:22 - 2021-04-12 14:07 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2023-06-03 20:21 - 2021-04-12 14:07 - 000000000 ____D C:\Users\Milan\AppData\LocalLow\Mozilla
2023-06-01 10:02 - 2020-09-27 09:51 - 000000000 ____D C:\Windows\system32\Drivers\wd
2023-05-28 10:12 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\NDF
2023-05-25 13:08 - 2023-04-28 18:33 - 000000000 ____D C:\Users\Milan\Downloads\tisk
2023-05-19 09:58 - 2021-04-27 16:30 - 000003768 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2023-05-19 09:58 - 2021-04-27 16:30 - 000003644 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2023-05-12 09:58 - 2020-09-27 09:53 - 000003640 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-05-12 09:58 - 2020-09-27 09:53 - 000003516 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-05-11 13:18 - 2019-12-07 16:41 - 000000000 ____D C:\Windows\SysWOW64\cs
2023-05-11 13:18 - 2019-12-07 16:41 - 000000000 ____D C:\Windows\system32\cs
2023-05-11 13:18 - 2019-12-07 11:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2023-05-11 13:18 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SystemResources
2023-05-11 13:18 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\SecureBootUpdates
2023-05-11 13:18 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\oobe
2023-05-11 13:18 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\ShellExperiences
2023-05-11 13:18 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\bcastdvr
2023-05-10 10:03 - 2020-09-27 09:53 - 003015168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2023-05-10 09:26 - 2021-01-07 12:40 - 000000000 ____D C:\Windows\system32\MRT
2023-05-10 09:23 - 2021-01-07 12:40 - 159583304 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2023-05-09 13:56 - 2023-04-27 13:11 - 000000000 ____D C:\Users\Milan\AppData\Local\Autodesk
2023-05-08 17:09 - 2021-01-08 10:49 - 000000000 ____D C:\Users\Milan\AppData\Local\CrashDumps

==================== Files in the root of some directories ========

2023-03-15 14:13 - 2023-03-15 14:13 - 000002418 _____ () C:\Users\Milan\AppData\Local\recently-used.xbel
2021-04-21 17:48 - 2022-07-06 13:21 - 000007642 _____ () C:\Users\Milan\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================










Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-05-2023
Ran by Milan (06-06-2023 10:54:43)
Running from C:\Users\Milan\Desktop
Microsoft Windows 10 Home Version 22H2 19045.2965 (X64) (2021-01-07 10:25:18)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-1810426872-3802176792-3749337514-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1810426872-3802176792-3749337514-503 - Limited - Disabled)
Guest (S-1-5-21-1810426872-3802176792-3749337514-501 - Limited - Disabled)
Milan (S-1-5-21-1810426872-3802176792-3749337514-1001 - Administrator - Enabled) => C:\Users\Milan
WDAGUtilityAccount (S-1-5-21-1810426872-3802176792-3749337514-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-0015-0405-0000-0000000FF1CE}_ENTERPRISE_{CB5EC6E0-FC8C-469B-A067-DEC8C6D17C59}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{CB5EC6E0-FC8C-469B-A067-DEC8C6D17C59}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{CB5EC6E0-FC8C-469B-A067-DEC8C6D17C59}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-0019-0405-0000-0000000FF1CE}_ENTERPRISE_{CB5EC6E0-FC8C-469B-A067-DEC8C6D17C59}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-001A-0405-0000-0000000FF1CE}_ENTERPRISE_{CB5EC6E0-FC8C-469B-A067-DEC8C6D17C59}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{CB5EC6E0-FC8C-469B-A067-DEC8C6D17C59}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-001F-0405-0000-0000000FF1CE}_ENTERPRISE_{3C3813E1-C370-4F32-9639-8B43C7C780CD}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{3EC77D26-799B-4CD8-914F-C1565E796173}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-001F-041B-0000-0000000FF1CE}_ENTERPRISE_{F67648A4-713E-4298-BBAD-A83D8283B0F3}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{00C5525B-3CB3-467D-8100-2E6FB306CD86}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-002A-0405-1000-0000000FF1CE}_ENTERPRISE_{2659571A-3405-4486-B7D8-2F125BC0E3B2}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{BEE75E01-DD3F-4D5F-B96C-609E6538D419}) (Version: - Microsoft)
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-0044-0405-0000-0000000FF1CE}_ENTERPRISE_{CB5EC6E0-FC8C-469B-A067-DEC8C6D17C59}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-006E-0405-0000-0000000FF1CE}_ENTERPRISE_{2659571A-3405-4486-B7D8-2F125BC0E3B2}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-00A1-0405-0000-0000000FF1CE}_ENTERPRISE_{CB5EC6E0-FC8C-469B-A067-DEC8C6D17C59}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-00BA-0405-0000-0000000FF1CE}_ENTERPRISE_{CB5EC6E0-FC8C-469B-A067-DEC8C6D17C59}) (Version: - Microsoft) Hidden
Apple Software Update (HKLM-x32\...\{A3985C05-7386-411F-A4BF-32A73F37EB44}) (Version: 2.6.3.1 - Apple Inc.)
Autodesk Fusion 360 (HKU\S-1-5-21-1810426872-3802176792-3749337514-1001\...\73e72ada57b7480280f7a6f4a289729f) (Version: 2.0.16009 - Autodesk, Inc.)
Blood & Magic (DOSBox 0.74 emulation) (HKLM-x32\...\Blood & Magic (DOSBox 0.74 emulation)) (Version: - )
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 5.0.1.0406 - Disc Soft Ltd)
ExpressVPN (HKLM-x32\...\{E5B9C3E5-889C-4F22-A959-F4B8775D7835}) (Version: 10.25.0.4 - ExpressVPN) Hidden
ExpressVPN (HKLM-x32\...\{eafa6d06-61ee-4d6d-9946-df5550de95b9}) (Version: 10.25.0.4 - ExpressVPN)
foobar2000 v1.6.2 (HKLM-x32\...\foobar2000) (Version: 1.6.2 - Peter Pawlowski)
GIMP 2.10.28 (HKLM\...\GIMP-2_is1) (Version: 2.10.28 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 114.0.5735.91 - Google LLC)
HP LaserJet Professional M1130-M1210 MFP Series (HKLM\...\HP LaserJet Professional M1130-M1210 MFP Series) (Version: - )
iCloud (HKLM\...\{8808B208-87D1-4725-8192-76D257E9DEAE}) (Version: 7.21.0.23 - Apple Inc.)
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
LG CyberLink LabelPrint (HKLM-x32\...\{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3109 - CyberLink Corp.) Hidden
LG CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3109 - CyberLink Corp.)
LG CyberLink Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.2.4009 - CyberLink Corp.) Hidden
LG CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.2.4009 - CyberLink Corp.)
LG Power Tools (HKLM-x32\...\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 6.0.3316 - CyberLink Corp.) Hidden
LG Power Tools (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 6.0.3316 - CyberLink Corp.)
MetaTrader 4 IC Markets (HKLM-x32\...\MetaTrader 4 IC Markets) (Version: 4.00 - MetaQuotes Software Corp.)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 114.0.1823.37 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 114.0.1823.37 - Microsoft Corporation)
Microsoft Office Access MUI (Czech) 2007 (HKLM-x32\...\{90120000-0015-0405-0000-0000000FF1CE}) (Version: 12.0.6215.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}) (Version: 12.0.6215.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6215.1000 - Microsoft Corporation)
Microsoft Office Excel MUI (Czech) 2007 (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}) (Version: 12.0.6215.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (Czech) 2007 (HKLM-x32\...\{90120000-00BA-0405-0000-0000000FF1CE}) (Version: 12.0.6215.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (Czech) 2007 (HKLM-x32\...\{90120000-0044-0405-0000-0000000FF1CE}) (Version: 12.0.6215.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (HKLM\...\{90120000-002A-0000-1000-0000000FF1CE}) (Version: 12.0.6215.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (Czech) 2007 (HKLM-x32\...\{90120000-00A1-0405-0000-0000000FF1CE}) (Version: 12.0.6215.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (Czech) 2007 (HKLM-x32\...\{90120000-001A-0405-0000-0000000FF1CE}) (Version: 12.0.6215.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (Czech) 2007 (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}) (Version: 12.0.6215.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Czech) 2007 (HKLM-x32\...\{90120000-001F-0405-0000-0000000FF1CE}) (Version: 12.0.6213.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (HKLM-x32\...\{90120000-001F-0409-0000-0000000FF1CE}) (Version: 12.0.6213.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (HKLM-x32\...\{90120000-001F-0407-0000-0000000FF1CE}) (Version: 12.0.6213.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Slovak) 2007 (HKLM-x32\...\{90120000-001F-041B-0000-0000000FF1CE}) (Version: 12.0.6213.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Czech) 2007 (HKLM-x32\...\{90120000-002C-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (Czech) 2007 (HKLM-x32\...\{90120000-0019-0405-0000-0000000FF1CE}) (Version: 12.0.6215.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (Czech) 2007 (HKLM\...\{90120000-002A-0405-1000-0000000FF1CE}) (Version: 12.0.6215.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Czech) 2007 (HKLM-x32\...\{90120000-006E-0405-0000-0000000FF1CE}) (Version: 12.0.6215.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (Czech) 2007 (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}) (Version: 12.0.6215.1000 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKU\S-1-5-21-1810426872-3802176792-3749337514-1001\...\OneDriveSetup.exe) (Version: 23.107.0521.0001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{BB052C53-34CB-42DE-AF41-66FDFCEEC868}) (Version: 3.72.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 x64 Additional Runtime - 14.0.24215 (HKLM\...\{EF1EC6A9-17DE-3DA9-B040-686A1E8A8B04}) (Version: 14.0.24215 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015 x64 Minimum Runtime - 14.0.24215 (HKLM\...\{50A2BC33-C9CD-3BF1-A8FF-53C10A0B183C}) (Version: 14.0.24215 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015 x86 Additional Runtime - 14.0.24215 (HKLM-x32\...\{69BCE4AC-9572-3271-A2FB-9423BDA36A43}) (Version: 14.0.24215 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015 x86 Minimum Runtime - 14.0.24215 (HKLM-x32\...\{BBF2AC74-720C-3CB3-8291-5E34039232FA}) (Version: 14.0.24215 - Microsoft Corporation) Hidden
Mozilla Firefox (x64 en-US) (HKLM\...\Mozilla Firefox 113.0.2 (x64 en-US)) (Version: 113.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 87.0 - Mozilla)
MPC-HC 1.9.14 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.9.14 - MPC-HC Team)
NVIDIA GeForce Experience 2.11.4.125 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.4.125 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 342.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 342.01 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 342.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 342.01 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{80407BA7-7763-4395-AB98-5233F1B34E65}) (Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (HKLM-x32\...\NVIDIAStereo) (Version: 7.17.12.6514 - NVIDIA Corporation) Hidden
NVIDIA Systémový software PhysX 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 29.0.2 - OBS Project)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
OpenOffice 4.1.8 (HKLM-x32\...\{7990EDB8-266B-4736-925B-0C9ED23CB142}) (Version: 4.18.9803 - Apache Software Foundation)
PDFsam Basic (HKLM\...\{C123F44A-999B-4BED-98E7-D550ED14C94B}) (Version: 4.0.3.0 - Sober Lemur S.a.s. di Vacondio Andrea)
Podpora aplikací Apple (32bitová) (HKLM-x32\...\{CCA8C50D-785B-4896-8675-FFE0C4ECCBC3}) (Version: 8.7 - Apple Inc.)
Podpora aplikací Apple (64bitová) (HKLM\...\{75BEF7E8-4370-4D42-94F3-B5AA77057965}) (Version: 8.7 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8010 - Realtek Semiconductor Corp.)
Scan To (HKLM\...\{E8A34AC8-0137-4515-A94B-0A0946DDC251}) (Version: 2.0.1 - HP)
SmartControl-4.3.10 (HKLM-x32\...\{3ED13E98-8840-4218-A25E-B0F2A53EA06F}) (Version: 4.3.10 - PHL)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.22a - Ghisler Software GmbH)
TP-Link Archer T6E Driver (HKLM-x32\...\{F2CF3250-3769-431E-A808-056BFA917849}) (Version: 2.1.0 - TP-Link)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{82BD0A1C-815F-487F-9AE7-CE73DA413CFF}) (Version: 4.91.0.0 - Microsoft Corporation)
Zoner Photo Studio 16 (HKLM\...\ZonerPhotoStudio16_CZ_is1) (Version: - ZONER software)

Packages:
=========
CCPlayer Pro -> C:\Program Files\WindowsApps\D3DB5ACE.CCPlayerPro_2017.820.146.0_x64__gt1c0ekgxeeqr [2021-08-08] (L:me)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-04-27] (Microsoft Corporation)
Doplněk pro Fotky -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-05-19] (Microsoft Corporation)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_145.3.1086.0_x64__v10z8vjag6ke6 [2023-05-19] (HP Inc.)
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12129.4.57066.0_x64__nzyj5cx40ttqa [2023-05-27] (Apple Inc.) [Startup Task]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-04-27] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-04-27] (Microsoft Corporation) [MS Ad]
Outlook -> C:\Program Files\WindowsApps\outlook.com-78C9D47_1.0.0.1_neutral__3t89ybq5n4y7r [2021-04-27] (outlook.com)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.16.3140.0_x64__8wekyb3d8bbwe [2023-03-20] (Microsoft Studios) [MS Ad]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.212.902.0_x86__zpdnekdrzrea0 [2023-05-26] (Spotify AB) [Startup Task]
WindowsAppRuntime.1.1 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.1_1005.616.1651.0_x64__8wekyb3d8bbwe [2023-01-14] (Microsoft Corporation)
WindowsAppRuntime.1.1 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.1_1005.616.1651.0_x86__8wekyb3d8bbwe [2023-01-14] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1810426872-3802176792-3749337514-1001_Classes\CLSID\{C4F0910E-E0B4-4E68-8086-452730C7A26A}\InprocServer32 -> C:\Users\Milan\AppData\Local\Autodesk\webdeploy\production\b4885f4229f39fee5ad2bce82f309e671e5c9ccd\NPreview10.dll (Autodesk, Inc. -> )
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2212224 2007-08-24] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2020-09-08] (Apple Inc. -> Apple Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2016-11-14] (NVIDIA Corporation -> NVIDIA Corporation)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\system32\x264vfw64.dll [3799552 2017-07-30] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\SysWOW64\lagarith.dll [216064 2011-12-07] () [File not signed]
HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\SysWOW64\x264vfw.dll [3850240 2017-07-30] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\SysWOW64\xvidvfw.dll [282112 2015-12-18] () [File not signed]
HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\SysWOW64\ff_vfw.dll [112128 2015-10-24] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\SysWOW64\ac3acm.acm [122880 2012-07-21] (fccHandler) [File not signed]

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2021-01-07 18:57 - 2016-11-14 14:30 - 001300688 _____ (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [File not signed] C:\Program Files\NVIDIA Corporation\NvStreamSrv\rxinput.dll
2021-01-07 18:57 - 2016-11-14 11:45 - 001408200 _____ (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPI64.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2007-08-24] (Microsoft Corporation -> Microsoft Corporation)
Filter: text/xml - No CLSID Value

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-12-07 11:14 - 2019-12-07 11:12 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\Common Files\Apple\Internet Services\
HKU\S-1-5-21-1810426872-3802176792-3749337514-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKU\S-1-5-21-1810426872-3802176792-3749337514-1001\...\StartupApproved\Run: => "DAEMON Tools Lite"
HKU\S-1-5-21-1810426872-3802176792-3749337514-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-1810426872-3802176792-3749337514-1001\...\StartupApproved\Run: => "Zoner Photo Studio Autoupdate"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{91CFBEE5-621A-4DD8-8C9F-07CA77DB86FF}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{3D8D1C57-B071-4543-A330-30259C3790A4}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{7E90DB89-D8B5-40CB-AD9F-F9FE2E72566D}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{581CDBC9-24F3-4846-8C01-F5401756D4B2}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{981BFB92-7219-4F7B-8318-083D7480BF51}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Half-Life\hl.exe (Valve -> Valve)
FirewallRules: [{85D25819-B96C-45DF-9FAD-040BFA803042}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Half-Life\hl.exe (Valve -> Valve)
FirewallRules: [{CF131DFE-4B8C-4A3F-94BA-843300030D3E}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Half-Life 2\hl2.exe (Valve Corp. -> )
FirewallRules: [{4F2E6FDE-BCB9-42FA-9203-9C4D72205CA3}] => (Allow) D:\Games\SteamLibrary\steamapps\common\Half-Life 2\hl2.exe (Valve Corp. -> )
FirewallRules: [{A9057B7D-D5C6-418C-9059-7E9A53F2E0FA}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{53FF1E5C-8AA3-4AF4-A0EB-8B246A539BFB}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{CF63D286-7490-43C7-BD0E-DE427D5C8F83}] => (Allow) D:\Games\SteamLibrary\steamapps\common\SS1EE\sekhmet_x64.exe () [File not signed]
FirewallRules: [{FF2F2906-B0B7-4B5C-96B9-024C3DFC727A}] => (Allow) D:\Games\SteamLibrary\steamapps\common\SS1EE\sekhmet_x64.exe () [File not signed]
FirewallRules: [{380F347E-F64B-42FD-B42A-FE2179CC3DE6}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{81A0250B-A4E4-42B6-8CDF-35A0118E0F0D}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{5B441914-C1D7-4099-93C4-A1ED7DFBE3D5}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{515BD318-EB49-4F5C-A597-0B6854F2F1F1}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{9717E336-73E2-4FC9-A74E-63D860C3BCB1}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{509A486A-CA5C-4A1F-B515-8983E7CE011A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{0BFB73F2-BF5B-47F6-B272-0F267BD146C6}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{E275DF64-8871-4B4C-A21B-C4A28F35210E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.212.902.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{E0B749F6-1F1C-4D0F-825C-71483E8706F9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.212.902.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{B40094C2-4FEB-48D2-B125-A463F8B47429}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.212.902.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{9A143002-E5C6-40CA-B379-A3F12C1797F2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.212.902.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{82EDE16E-C698-4820-BEFB-D7AA7CCBE217}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.212.902.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{23110559-1133-4C8E-80B6-731ACD794E54}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.212.902.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{D7173466-601D-4ED8-A2C7-F1CF3DA3DB56}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.212.902.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{08C38F7C-FC90-455E-AADE-AED4B0A71A54}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.212.902.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{AE9D20F3-5DE4-4827-B0DE-179E4102F5E9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.212.902.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{6BA08B89-986C-4E0D-9036-F59C77FA30A1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.212.902.0_x86__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{6CF62746-5B1E-4A2F-BDBA-B5A58E89A8A5}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.98.3206.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{42CDD42A-7A16-46E8-BD2F-4C2EBE9E2A60}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.98.3206.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{BBF8DB3F-AA97-433A-A53E-4092F919F715}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.98.3206.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{8BF2BDF3-2553-466D-8938-7DA8F0E33ECF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.98.3206.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{DB868B49-FB43-4810-9349-799ADFBD5579}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12129.4.57066.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{1CBBE64B-242A-46B3-9B75-F57443930CF2}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12129.4.57066.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{4FB71996-560B-4B8B-808D-6CAE79810C3A}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12129.4.57066.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{7B8AEEA0-6B2F-4F97-B411-811EDE63F894}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12129.4.57066.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{6C388CE4-1036-43AF-AC9D-B965A1606669}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12129.4.57066.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{0B58FBC0-208B-4253-AB72-99DA1E939C46}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12129.4.57066.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{CBEA6294-D7DE-413E-B491-A040E33DB389}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12129.4.57066.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{7FDD7EAC-1F57-493E-9CBE-4118953024B2}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12129.4.57066.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{2AEA2A6B-A6FA-4015-9EA4-ACB373C66FDF}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{4638FE87-9108-4B10-93EC-D4FDEEB7D7DF}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\114.0.1823.37\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================

27-05-2023 11:21:40 Naplánovaný kontrolní bod
04-06-2023 12:13:57 4623
04-06-2023 17:28:01 4623nove

==================== Faulty Device Manager Devices ============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: ========================

Application errors:
==================
Error: (06/04/2023 12:59:36 PM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Centru zabezpečení se nepodařilo ověřit volajícího s chybou %1.

Error: (06/03/2023 08:24:59 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program SecHealthUI.exe verze 10.0.19041.2075 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 1fbc

Čas spuštění: 01d996475d62a11b

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe

ID hlášení: b515b7c9-39d6-4824-8adf-7519444a983c

Úplný název balíčku s chybou: Microsoft.Windows.SecHealthUI_10.0.19041.1865_neutral__cw5n1h2txyewy

ID aplikace relativní podle balíčku s chybou: SecHealthUI

Typ zablokování: Cross-process

Error: (06/02/2023 10:24:03 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na (D:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (05/26/2023 09:17:05 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na (D:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (05/19/2023 07:57:41 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na (D:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (05/12/2023 08:56:02 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na (D:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (05/12/2023 09:53:58 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: spoolsv.exe, verze: 10.0.19041.2788, časové razítko: 0xa70db25a
Název chybujícího modulu: HPM1210LM.DLL, verze: 2010.331.1.19178, časové razítko: 0x4bb2c6b5
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000002350
ID chybujícího procesu: 0x994
Čas spuštění chybující aplikace: 0x01d984a69fbe62f2
Cesta k chybující aplikaci: C:\Windows\System32\spoolsv.exe
Cesta k chybujícímu modulu: C:\Windows\System32\HPM1210LM.DLL
ID zprávy: 298da39e-4423-44ac-8339-e5a89e6a251c
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (05/08/2023 05:09:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: AcCoreConsole.exe, verze: 24.2.0.0, časové razítko: 0x64506b54
Název chybujícího modulu: accore.dll, verze: 24.2.53.29, časové razítko: 0x63ca3763
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000001cb57b
ID chybujícího procesu: 0x136c
Čas spuštění chybující aplikace: 0x01d9818d078298b2
Cesta k chybující aplikaci: C:\Users\Milan\AppData\Local\Autodesk\webdeploy\production\b4885f4229f39fee5ad2bce82f309e671e5c9ccd\FusionDocStream\Autodesk\FusionDocAcad\AcCoreConsole.exe
Cesta k chybujícímu modulu: C:\Users\Milan\AppData\Local\Autodesk\webdeploy\production\b4885f4229f39fee5ad2bce82f309e671e5c9ccd\FusionDocStream\Autodesk\FusionDocAcad\accore.dll
ID zprávy: bffac993-8f7c-4b7e-a9a4-b1cda258eae1
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:


System errors:
=============
Error: (06/06/2023 10:30:46 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby NvStreamNetworkSvc bylo dosaženo časového limitu (45000 ms).

Error: (06/04/2023 05:40:46 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba eapihdrv neuspěla při spuštění v důsledku následující chyby:
Načtení tohoto ovladače je blokováno.

Error: (06/04/2023 05:40:46 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Milan\AppData\Local\Temp\ehdrv.sys

Error: (06/04/2023 05:40:45 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba eapihdrv neuspěla při spuštění v důsledku následující chyby:
Načtení tohoto ovladače je blokováno.

Error: (06/04/2023 05:40:45 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Milan\AppData\Local\Temp\ehdrv.sys

Error: (06/04/2023 05:40:45 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba eapihdrv neuspěla při spuštění v důsledku následující chyby:
Načtení tohoto ovladače je blokováno.

Error: (06/04/2023 05:40:45 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Milan\AppData\Local\Temp\ehdrv.sys

Error: (06/04/2023 05:40:45 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba eapihdrv neuspěla při spuštění v důsledku následující chyby:
Načtení tohoto ovladače je blokováno.


Windows Defender:
================
Date: 2023-06-05 13:16:43
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {CA8DB5FB-4C56-4878-882A-F3CB97A5296F}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2023-06-04 13:34:47
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {96BDDF19-E91E-437C-86A1-4E3DED019D7F}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2023-06-04 13:00:33
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {A321EBCB-644E-4C12-92F8-900CF2B7810A}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: DESKTOP-HCH2VCI\Milan

Date: 2023-06-03 22:53:12
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {813F0731-B35F-4319-9518-377D1136152B}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2023-06-03 20:24:59
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {9E5C6A04-4F93-4D44-ADFE-8FC3F1C7ABD8}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Úplné prohledávání
Uživatel: DESKTOP-HCH2VCI\Milan

CodeIntegrity:
===============
Date: 2023-06-06 10:43:05
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2023-06-06 10:41:14
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Windows signing level requirements.


==================== Memory info ===========================

BIOS: American Megatrends Inc. V5.4 01/09/2013
Motherboard: MSI P67A-C43 (MS-7673)
Processor: Intel(R) Core(TM) i3-2120 CPU @ 3.30GHz
Percentage of memory in use: 20%
Total physical RAM: 16335.3 MB
Available physical RAM: 13051.77 MB
Total Virtual: 18767.3 MB
Available Virtual: 15656.11 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:232.35 GB) (Free:17.38 GB) (Model: Samsung SSD 860 EVO 250GB ATA Device) NTFS
Drive d: () (Fixed) (Total:931.51 GB) (Free:4.51 GB) (Model: WDC WD1002FAEX-00Z3A0 ATA Device) NTFS

\\?\Volume{0bc5c601-0000-0000-0000-100000000000}\ (Rezervováno systémem) (Fixed) (Total:0.05 GB) (Free:0.02 GB) NTFS
\\?\Volume{0bc5c601-0000-0000-0000-70193a000000}\ () (Fixed) (Total:0.49 GB) (Free:0.08 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 232.9 GB) (Disk ID: 0BC5C601)
Partition 1: (Active) - (Size=50 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=232.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=498 MB) - (Type=27)

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: B9024B53)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================

[JaRon]

ahoj,
1. vycisti PC s CCleanerom, vcetne registrov
restart
2. prescanuj PC s Adwcleanerom log sem

[wegel]

# -------------------------------
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build: 08-30-2022
# Database: 2022-10-10.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 06-06-2023
# Duration: 00:00:08
# OS: Windows 10 (Build 19045.2965)
# Scanned: 32093
# Detected: 8


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

Preinstalled.CyberLinkLabelPrint Folder C:\Program Files (x86)\CYBERLINK\LABELPRINT
Preinstalled.CyberLinkLabelPrint Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|UpdateLBPShortCut
Preinstalled.CyberLinkLabelPrint Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}
Preinstalled.CyberLinkLabelPrint Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{C59C179C-668D-49A9-B6EA-0121CCFC1243}
Preinstalled.LenovoPower2Go Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|CLMLServer
Preinstalled.LenovoPower2Go Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|UpdateP2GoShortCut
Preinstalled.LenovoPower2Go Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}
Preinstalled.LenovoPower2Go Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{40BF1E83-20EB-11D8-97C5-0009C5020658}



########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########

[JaRon]

nateraz to vypada cisto
do buducna, ked si nebudes isty, pouzi niektory z jednorazovych AV https://forum.viry.cz/viewtopic.php?t=152926