Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Preventivní kontrola 24.11.2024

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
bojimso
2. Stupeň Varování
Příspěvky: 287
Registrován: 08 bře 2007 14:56

Preventivní kontrola 24.11.2024

#1 Příspěvek od bojimso »

Dobrý den,

prosím o kontrolu LOGu, děkuji.

info.txt logfile of random's system information tool 1.10 2024-04-06 17:08:46

======MBR======

0x33C08ED0BC007C8EC08ED8BE007CBF0006B90002FCF3A450681C06CBFBB90400BDBE07807E00007C0B0F850E0183C510E2F1CD1888560055C6461105C6461000B441BBAA55CD135D720F81FB55AA7509F7C101007403FE46106660807E1000742666680000000066FF760868000068007C680100681000B4428A56008BF4CD139F83C4109EEB14B80102BB007C8A56008A76018A4E028A6E03CD136661731CFE4E11750C807E00800F848A00B280EB845532E48A5600CD135DEB9E813EFE7D55AA756EFF7600E88D007517FAB0D1E664E88300B0DFE660E87C00B0FFE664E87500FBB800BBCD1A6623C0753B6681FB54435041753281F90201722C666807BB00006668000200006668080000006653665366556668000000006668007C0000666168000007CD1A5A32F6EA007C0000CD18A0B707EB08A0B607EB03A0B50732E40500078BF0AC3C007409BB0700B40ECD10EBF2F4EBFD2BC9E464EB002402E0F82402C3496E76616C696420706172746974696F6E207461626C65004572726F72206C6F6164696E67206F7065726174696E672073797374656D004D697373696E67206F7065726174696E672073797374656D000000637B9A00000000000000000200EEFE3FCD01000000FFFFFFFF00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000055AA

======Uninstall list======

-->"C:\Windows\System32\mstsc.exe" /uninstall
64 Bit HP CIO Components Installer-->MsiExec.exe /I{50229C72-539F-4E65-BEB5-F0491C5074B7}
AMD Ryzen Master SDK-->MsiExec.exe /X{DBD50508-5F75-416B-995D-C42433A00944}
Battle.net-->"C:\ProgramData\Battle.net\Agent\Blizzard Uninstaller.exe" --lang=enUS --uid=battle.net --displayname="Battle.net"
CZC.Gaming Reaper-->"C:\Program Files (x86)\CZC.Gaming Reaper\unins000.exe"
DAEMON Tools Lite-->C:\Program Files\DAEMON Tools Lite\uninst.exe
Dell Display Manager 2.3-->C:\Program Files\Dell\Dell Display Manager 2\uninst.exe
DOOM Eternal The Ancient Gods-->"D:\Hry\DOOM Eternal The Ancient Gods\unins000.exe"
DOOM Eternal-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/782330
ENE Video Capture Box HAL-->"C:\ProgramData\Package Cache\{974259bf-3ed1-4cd6-9ed1-40c7f601a786}\AacSetup.exe" /uninstall
ENE Video Capture Box HAL-->MsiExec.exe /I{A096611D-BA11-4A1A-8D09-0A0462D7C8F2}
ENE_EHD_M2_HAL-->"C:\ProgramData\Package Cache\{6b617af3-c8f4-45a8-bf47-b32ffb4da1cc}\AacSetup.exe" /uninstall
ENE_EHD_M2_HAL-->MsiExec.exe /I{37A48B7F-D4EA-4863-844E-A284E2AA3C5D}
ENE_External_Device_HAL-->"C:\ProgramData\Package Cache\{bb9d349f-b87b-4026-b336-1604708bd09c}\AacSetup.exe" /uninstall
ENE_External_Device_HAL-->MsiExec.exe /I{2B8E611F-0B51-4FAC-87BB-AF50D82E7DDA}
ENE_MousePad_HAL-->"C:\ProgramData\Package Cache\{c2c794a4-7986-4c45-884d-d4ca43b88df9}\AacSetup.exe" /uninstall
ENE_MousePad_HAL-->MsiExec.exe /I{9E97178A-ADB8-4778-BE60-7E28E2A72721}
ENE_X_AIC_HAL-->"C:\ProgramData\Package Cache\{c662a481-d76a-4188-95d2-6eb4ffd55542}\AacSetup.exe" /uninstall
ENE_X_AIC_HAL-->MsiExec.exe /I{CF703694-01C6-4062-B797-84DB215662BC}
Epic Games Launcher Prerequisites (x64)-->MsiExec.exe /X{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}
Epic Games Launcher-->MsiExec.exe /X{B85FAA6E-A9AA-4655-9029-E1A4EDC05E1A}
Epic Online Services-->MsiExec.exe /X{57A956AB-4BCC-45C6-9B40-957E4E125568}
Far Cry 5 v.1.011-->"D:\Hry\Far Cry 5\unins000.exe"
Far Cry 6-->"D:\Hry\Far Cry 6\unins000.exe"
Far Cry New Dawn v.1.0.5-->"D:\Far Cry New Dawn\unins000.exe"
Google Chrome-->"C:\Program Files\Google\Chrome\Application\123.0.6312.106\Installer\setup.exe" --uninstall --channel=stable --system-level --verbose-logging
Grand Theft Auto V-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/271590
Gyazo 5.4.7.0-->"C:\Program Files (x86)\Gyazo\unins000.exe"
HWiNFO64 Version 7.64-->"C:\Program Files\HWiNFO64\unins000.exe"
Kaspersky Total Security-->MsiExec.exe /I{4FC79BE9-AD63-46C0-9626-E4F6BCE6A976}
Kaspersky Total Security-->MsiExec.exe /I{4FC79BE9-AD63-46C0-9626-E4F6BCE6A976} REMOVE=ALL
Kaspersky VPN-->MsiExec.exe /I{69513344-0E15-3C30-9BDC-04C3706E6CE9}
Kaspersky VPN-->MsiExec.exe /I{69513344-0E15-3C30-9BDC-04C3706E6CE9} REMOVE=ALL
Launcher Prerequisites (x64)-->"C:\ProgramData\Package Cache\{43a03b9c-4770-409c-a999-587b60700b63}\LauncherPrereqSetup_x64.exe" /uninstall
Marvel’s Spider-Man Remastered-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/1817070
Marvel's Spider-Man: Miles Morales-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/1817190
Microsoft .NET Host - 6.0.22 (x64)-->MsiExec.exe /X{A575E059-0C3F-4138-B87A-BAF55CABA9FA}
Microsoft .NET Host FX Resolver - 6.0.22 (x64)-->MsiExec.exe /X{E7598167-2D5C-4704-8777-8A25289EB8FE}
Microsoft .NET Runtime - 6.0.22 (x64)-->MsiExec.exe /X{853BA4E9-D41A-4FF6-AB22-A6FFDD77EA78}
Microsoft Edge WebView2 Runtime-->"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.65\Installer\setup.exe" --uninstall --msedgewebview --system-level --verbose-logging
Microsoft Edge-->"C:\Program Files (x86)\Microsoft\Edge\Application\123.0.2420.81\Installer\setup.exe" --uninstall --msedge --channel=stable --system-level --verbose-logging
Microsoft Office Professional Plus 2019 - cs-cz-->"C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe" scenario=install scenariosubtype=ARP sourcetype=None productstoremove=ProPlus2019Retail.16_cs-cz_x-none culture=cs-cz version.16=16.0
Microsoft Update Health Tools-->MsiExec.exe /X{C6FD611E-7EFE-488C-A0E0-974C09EF6473}
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161-->MsiExec.exe /X{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F}
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.38.33130-->"C:\ProgramData\Package Cache\{1de5e707-82da-4db6-b810-5d140cc4cbb3}\VC_redist.x64.exe" /uninstall
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.36.32532-->"C:\ProgramData\Package Cache\{410c0ee1-00bb-41b6-9772-e12c2828b02f}\VC_redist.x86.exe" /uninstall
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.38.33130-->MsiExec.exe /I{C31777DB-51C1-4B19-9F80-38EF5C1D7C89}
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.38.33130-->MsiExec.exe /I{1CA7421F-A225-4A9C-B320-A36981A2B789}
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.36.32532-->MsiExec.exe /I{C2C59CAB-8766-4ABD-A8EF-1151A36C41E5}
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.36.32532-->MsiExec.exe /I{73F77E4E-5A17-46E5-A5FC-8A061047725F}
Microsoft Windows Desktop Runtime - 6.0.22 (x64)-->"C:\ProgramData\Package Cache\{0f94f805-22c3-4413-b1e5-5ab275ba92d5}\windowsdesktop-runtime-6.0.22-win-x64.exe" /uninstall
Microsoft Windows Desktop Runtime - 6.0.22 (x64)-->MsiExec.exe /X{6B3108CD-E279-4795-BCBF-BDEA037A7913}
MSI Afterburner 4.6.5-->"C:\Program Files (x86)\MSI Afterburner\uninstall.exe"
MSI Center SDK-->"C:\Program Files (x86)\MSI\MSI Center\unins000.exe"
NVIDIA FrameView SDK 1.3.8513.32290073-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage FrameViewSdk
NVIDIA GeForce Experience 3.27.0.120-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.GFExperience
NVIDIA Ovladač HD audia 1.3.40.14-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage HDAudio.Driver
NVIDIA Ovladače grafiky 551.86-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.Driver
NVIDIA Systémový software PhysX 9.21.0713-->"C:\Windows\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.PhysX
Office 16 Click-to-Run Extensibility Component 64-bit Registration-->MsiExec.exe /X{90160000-00DD-0000-1000-0000000FF1CE}
Office 16 Click-to-Run Extensibility Component-->MsiExec.exe /X{90160000-008C-0000-0000-0000000FF1CE}
Office 16 Click-to-Run Licensing Component-->MsiExec.exe /I{90160000-008F-0000-1000-0000000FF1CE}
Office 16 Click-to-Run Localization Component-->MsiExec.exe /X{90160000-008C-0405-0000-0000000FF1CE}
paint.net-->MsiExec.exe /X{4858C924-AFBF-4A35-AA64-27A6A56EE372}
qBittorrent-->"C:\Program Files\qBittorrent\uninst.exe"
Razer Synapse-->"C:\Windows\Installer\Razer\Installer\App\RazerInstaller.exe" /uninstall
Red Dead Redemption 2-->"D:\Hry\Red Dead Redemption 2\uninstall.exe" -enableFullMode -uninstall=rdr2
RivaTuner Statistics Server 7.3.4-->"C:\Program Files (x86)\RivaTuner Statistics Server\uninstall.exe"
Rockstar Games Launcher-->"C:\Program Files\Rockstar Games\Launcher\uninstall.exe" -enableFullMode -uninstall=launcher
Rockstar Games Social Club-->C:\Program Files\Rockstar Games\Social Club\uninstallRGSCRedistributable.exe
Steam-->C:\Program Files (x86)\Steam\uninstall.exe
Streamlabs Desktop 1.14.0-->"C:\Program Files\Streamlabs OBS\Uninstall Streamlabs OBS.exe" /allusers
The Last of Us™ Part I-->"C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/1888930
Thunder Master v4.14-->"C:\Program Files\Thunder Master\unins000.exe"
TradeSkillMaster Application version 1.0-->"C:\Program Files (x86)\TradeSkillMaster Application\unins000.exe"
Ubisoft Connect-->C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\Uninstall.exe
Verbatim_SureFireGaming_Product-->"C:\ProgramData\Package Cache\{d601832a-0d94-46ce-9b19-78e8a5887313}\AacSetup.exe" /uninstall
Verbatim_SureFireGaming_Product-->MsiExec.exe /I{35CB65C6-A7E3-4EE7-AD40-738D70A72164}
VLC media player-->"C:\Program Files (x86)\VideoLAN\VLC\uninstall.exe"
WD P40 Game Drive-->"C:\ProgramData\Package Cache\{72b1a866-fc31-4381-bff3-fa6cd8823777}\AacSetup.exe" /uninstall
WD P40 Game Drive-->MsiExec.exe /I{EE55DBAE-ECDD-4ADD-AAB5-23DE848B0996}
WD_BLACK AN1500-->"C:\ProgramData\Package Cache\{9c94735f-73fd-4b0f-9ddb-8be7b3cc4681}\AacSetup.exe" /uninstall
WD_BLACK AN1500-->MsiExec.exe /I{085E2365-0A70-4230-B664-02D5E4FE7E9C}
WD_BLACK D50-->"C:\ProgramData\Package Cache\{a1d1ba00-92b7-4a99-8ebd-65b25c0e9e44}\AacSetup.exe" /uninstall
WD_BLACK D50-->MsiExec.exe /I{BDE43F26-5917-44F8-B86A-F1D9A6B80B32}
WinRAR 6.24 (64-bit)-->C:\Program Files\WinRAR\uninstall.exe
World of Warcraft-->"C:\ProgramData\Battle.net\Agent\Blizzard Uninstaller.exe" --lang=enUS --uid=wow --displayname="World of Warcraft"

======System event log======

Computer Name: WIN-2QF67OHFLV6
Event Code: 18
Message: V systému je k dispozici následující počet možností spouštění: 0x2.
Record Number: 5
Source Name: Microsoft-Windows-Kernel-Boot
Time Written: 20231025001630.761277-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM

Computer Name: WIN-2QF67OHFLV6
Event Code: 153
Message: Zabezpečení založené na virtualizaci (zásady: 0) je disabled.
Record Number: 4
Source Name: Microsoft-Windows-Kernel-Boot
Time Written: 20231025001630.761238-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM

Computer Name: WIN-2QF67OHFLV6
Event Code: 6005
Message: Služba Event Log byla spuštěna.
Record Number: 3
Source Name: EventLog
Time Written: 20231025001642.721855-000
Event Type: Informace
User:

Computer Name: WIN-2QF67OHFLV6
Event Code: 6009
Message: Microsoft (R) Windows (R) 10.00. 22621 Multiprocessor Free.
Record Number: 2
Source Name: EventLog
Time Written: 20231025001642.721727-000
Event Type: Informace
User:

Computer Name: WIN-2QF67OHFLV6
Event Code: 12
Message: Operační systém se spustil v systémovém čase ‎2023‎-‎10‎-‎25T00:16:30.500000000Z.
Record Number: 1
Source Name: Microsoft-Windows-Kernel-General
Time Written: 20231025001630.761098-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM

=====Application event log=====

Computer Name: WIN-2QF67OHFLV6
Event Code: 0
Message: Service stopped.
Record Number: 5
Source Name: edgeupdate
Time Written: 20231025001649.475830-000
Event Type: Informace
User:

Computer Name: WIN-2QF67OHFLV6
Event Code: 5617
Message: Subsystémy služby WMI (Windows Management Instrumentation) byly úspěšně inicializovány.
Record Number: 4
Source Name: Microsoft-Windows-WMI
Time Written: 20231025001643.546427-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM

Computer Name: WIN-2QF67OHFLV6
Event Code: 5615
Message: Služba WMI (Windows Management Instrumentation) byla úspěšně spuštěna.
Record Number: 3
Source Name: Microsoft-Windows-WMI
Time Written: 20231025001643.328888-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM

Computer Name: WIN-2QF67OHFLV6
Event Code: 1531
Message: Služba Profil uživatele byla úspěšně spuštěna.


Record Number: 2
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20231025001642.664497-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM

Computer Name: WIN-2QF67OHFLV6
Event Code: 4625
Message: Subsystém EventSystem zabraňuje vytváření duplicitních záznamů v protokolu událostí po dobu 86400 sekund. Tuto dobu lze změnit pomocí hodnoty REG_DWORD s názvem SuppressDuplicateDuration v následujícím klíči registru: HKLM\Software\Microsoft\EventSystem\EventLog.
Record Number: 1
Source Name: Microsoft-Windows-EventSystem
Time Written: 20231025001642.712556-000
Event Type: Informace
User:

=====Security event log=====

Computer Name: DejfyQQ
Event Code: 5379
Message: Přihlašovací údaje Správce přihlašovacích údajů byly přečteny.

Subjekt:
ID zabezpečení: S-1-5-18
Název účtu: DEJFYQQ$
Doména účtu: WORKGROUP
Přihlašovací ID: 0x3E7
Operace čtení: Vytvořit výčet přihlašovacích údajů

K této události dochází, když uživatel provede operaci čtení u uložených přihlašovacích údajů ve Správci přihlašovacích údajů.
Record Number: 94539
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20240215211733.016229-000
Event Type: Úspěšný audit
User:

Computer Name: DejfyQQ
Event Code: 5379
Message: Přihlašovací údaje Správce přihlašovacích údajů byly přečteny.

Subjekt:
ID zabezpečení: S-1-5-18
Název účtu: DEJFYQQ$
Doména účtu: WORKGROUP
Přihlašovací ID: 0x3E7
Operace čtení: Vytvořit výčet přihlašovacích údajů

K této události dochází, když uživatel provede operaci čtení u uložených přihlašovacích údajů ve Správci přihlašovacích údajů.
Record Number: 94538
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20240215211733.016186-000
Event Type: Úspěšný audit
User:

Computer Name: DejfyQQ
Event Code: 5379
Message: Přihlašovací údaje Správce přihlašovacích údajů byly přečteny.

Subjekt:
ID zabezpečení: S-1-5-18
Název účtu: DEJFYQQ$
Doména účtu: WORKGROUP
Přihlašovací ID: 0x3E7
Operace čtení: Vytvořit výčet přihlašovacích údajů

K této události dochází, když uživatel provede operaci čtení u uložených přihlašovacích údajů ve Správci přihlašovacích údajů.
Record Number: 94537
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20240215211733.014628-000
Event Type: Úspěšný audit
User:

Computer Name: DejfyQQ
Event Code: 5379
Message: Přihlašovací údaje Správce přihlašovacích údajů byly přečteny.

Subjekt:
ID zabezpečení: S-1-5-18
Název účtu: DEJFYQQ$
Doména účtu: WORKGROUP
Přihlašovací ID: 0x3E7
Operace čtení: Vytvořit výčet přihlašovacích údajů

K této události dochází, když uživatel provede operaci čtení u uložených přihlašovacích údajů ve Správci přihlašovacích údajů.
Record Number: 94536
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20240215211733.014054-000
Event Type: Úspěšný audit
User:

Computer Name: DejfyQQ
Event Code: 5379
Message: Přihlašovací údaje Správce přihlašovacích údajů byly přečteny.

Subjekt:
ID zabezpečení: S-1-5-21-2111594256-2338183963-3193565703-1001
Název účtu: David
Doména účtu: DEJFYQQ
Přihlašovací ID: 0x5C282
Operace čtení: Vytvořit výčet přihlašovacích údajů

K této události dochází, když uživatel provede operaci čtení u uložených přihlašovacích údajů ve Správci přihlašovacích údajů.
Record Number: 94535
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20240215211732.699807-000
Event Type: Úspěšný audit
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"DriverData"=C:\Windows\System32\Drivers\DriverData
"OS"=Windows_NT
"Path"=C:\Program Files (x86)\Razer Chroma SDK\bin;C:\Program Files\Razer Chroma SDK\bin;C:\Program Files (x86)\Razer\ChromaBroadcast\bin;C:\Program Files\Razer\ChromaBroadcast\bin;c:\windows\system32;c:\windows;c:\windows\system32\wbem;c:\windows\system32\windowspowershell\v1.0\;c:\windows\system32\openssh\;c:\program files\nvidia corporation\nvidia nvdlisr;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\dotnet\;C:\Users\David\AppData\Local\Microsoft\WindowsApps;C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\WindowsApps
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=AMD64
"PSModulePath"=%ProgramFiles%\WindowsPowerShell\Modules;%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"NUMBER_OF_PROCESSORS"=16
"PROCESSOR_LEVEL"=25
"PROCESSOR_IDENTIFIER"=AMD64 Family 25 Model 97 Stepping 2, AuthenticAMD
"PROCESSOR_REVISION"=6102
"AMDRMSDKPATH"=C:\Program Files\AMD\RyzenMasterSDK\

-----------------EOF-----------------

bojimso
2. Stupeň Varování
Příspěvky: 287
Registrován: 08 bře 2007 14:56

Re: Preventivní kontrola 24.11.2024

#2 Příspěvek od bojimso »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 23-11-2024
Ran by David (administrator) on DEJFYQQ (Micro-Star International Co., Ltd. MS-7D75) (24-11-2024 00:26:50)
Running from C:\Users\David\Desktop\FRST64.exe
Loaded Profiles: David
Platform: Microsoft Windows 11 Home Version 23H2 22631.4460 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Blizzard Entertainment, Inc. -> Blizzard Entertainment) C:\ProgramData\Battle.net\Agent\Agent.8916\Agent.exe
(C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe ->) (Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\EpicWebHelper.exe <2>
(C:\Program Files (x86)\Gyazo\GyStation.exe ->) (Helpfeel Inc -> Helpfeel Inc.) C:\Program Files (x86)\Gyazo\GyazoVideoCore.exe
(C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\avp.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\avpui.exe
(C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.18\ksde.exe ->) (AO Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.18\ksdeui.exe
(C:\Program Files (x86)\MSI\MSI Center\MSI.CentralServer.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Program Files (x86)\MSI\MSI Center\Engine\CC_Engine_x64.exe
(C:\Program Files (x86)\MSI\MSI Center\MSI_Central_Service.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Center\MSI.CentralServer.exe
(C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzAppManager
(C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzBTLEManager
(C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzDeviceManager
(C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzDiagnostic
(C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzChromaConnectManager
(C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzChromaConnectServer
(C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzIoTDeviceManager
(C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSmartlightingDeviceManager
(C:\Program Files (x86)\Razer\Razer Services\Razer Central\Razer Central.exe ->) (Razer USA Ltd. -> The CefSharp Authors) C:\Program Files (x86)\Razer\Razer Services\Razer Central\CefSharp.BrowserSubprocess.exe <5>
(C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\Razer Central.exe
(C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe ->) (Razer USA Ltd. -> ) C:\Program Files (x86)\Razer\Synapse3\UserProcess\Razer Synapse Service Process.exe
(C:\Program Files (x86)\Steam\steam.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
(C:\Program Files\Google\Chrome\Application\chrome.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_524.30502.30.0_x64__cw5n1h2txyewy\WidgetBoard.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\131.0.2903.63\msedgewebview2.exe <8>
(C:\Users\David\AppData\Local\Programs\CurseForge Windows\CurseForge.exe ->) (Overwolf Ltd -> Overwolf LTD) C:\Users\David\AppData\Local\Programs\CurseForge Windows\resources\app.asar.unpacked\plugins\curse\win\Curse.Agent.Host.exe
(cmd.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\plugins_nms.exe
(Discord Inc. -> Discord Inc.) C:\Users\David\AppData\Local\Discord\app-1.0.9171\Discord.exe <6>
(DriverStore\FileRepository\u0401611.inf_amd64_fdc4605155615ab7\B399690\atiesrxx.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0401611.inf_amd64_fdc4605155615ab7\B399690\atieclxx.exe
(explorer.exe ->) () [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\TSMApplication.exe
(explorer.exe ->) (AVB Disc Soft, SIA -> Disc Soft FZE LLC) C:\Program Files\DAEMON Tools Lite\DTAgent.exe
(explorer.exe ->) (AVB Disc Soft, SIA -> Disc Soft FZE LLC) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
(explorer.exe ->) (Blizzard Entertainment, Inc. -> Blizzard Entertainment) C:\Program Files (x86)\Battle.net\Battle.net.exe <6>
(explorer.exe ->) (Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <20>
(explorer.exe ->) (Helpfeel Inc -> Helpfeel Inc.) C:\Program Files (x86)\Gyazo\GyStation.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXE
(explorer.exe ->) (Overwolf Ltd -> Overwolf) C:\Users\David\AppData\Local\Programs\CurseForge Windows\CurseForge.exe <7>
(explorer.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe
(explorer.exe ->) (Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.132.3201.0_x64__kzf8qxf38zg5c\Skype\Skype.exe <6>
(explorer.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(services.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(services.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0401611.inf_amd64_fdc4605155615ab7\B399690\atiesrxx.exe
(services.exe ->) (AVB Disc Soft, SIA -> Disc Soft FZE LLC) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\avp.exe
(services.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.18\ksde.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI Center\Case\MSI_Case_Service.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Center\MSI_Central_Service.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI Center\Mystic Light\LightKeeperService.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Center\Mystic Light\Mystic_Light_Service.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI Center\Voice Control\VoiceControl_Service.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvrfi.inf_amd64_d447ce988e6b8681\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Razer USA Ltd. -> Razer Inc) C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzChromaStreamServer.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe
(services.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\steamservice.exe
(sihost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.StartExperiencesApp_1.1.200.0_x64__8wekyb3d8bbwe\MicrosoftStartFeedProvider\MicrosoftStartFeedProvider.exe
(sihost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftWindows.CrossDevice_1.24102.48.0_x64__cw5n1h2txyewy\CrossDeviceService.exe
(svchost.exe ->) (24803D75-212C-471A-BC57-9EF86AB91435 -> ) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2445.7.0_x64__cv1g1gvanyjgm\WhatsApp.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingApp_2411.1001.6.0_x64__8wekyb3d8bbwe\XboxPcAppFT.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\David\AppData\Local\Microsoft\OneDrive\24.216.1027.0003\FileCoAuth.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_524.30502.30.0_x64__cw5n1h2txyewy\WidgetBoard.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\DataExchangeHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\LocationNotificationWindows.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\UUS\Packages\Preview\amd64\MoUsoCoreWorker.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Center\MSI.TerminalServer.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Center\Mystic Light\LEDKeeper2.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI Center\Voice Control\VoiceControl_Engine.exe
(svchost.exe ->) (PALIT MICROSYSTEMS LTD. TAIWAN BRANCH (BELIZE) -> Palit Microsystems Ltd.) C:\Program Files\Thunder Master\ThPanel.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKU\S-1-5-21-2111594256-2338183963-3193565703-1001\...\Run: [TSMApplication] => C:\Program Files (x86)\TradeSkillMaster Application\app\TSMApplication.exe [1623040 2024-08-28] () [File not signed]
HKU\S-1-5-21-2111594256-2338183963-3193565703-1001\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [1178232 2024-11-05] (Helpfeel Inc -> Helpfeel Inc.)
HKU\S-1-5-21-2111594256-2338183963-3193565703-1001\...\Run: [Discord] => C:\Users\David\AppData\Local\Discord\Update.exe [1525016 2023-10-16] (Discord Inc. -> GitHub)
HKU\S-1-5-21-2111594256-2338183963-3193565703-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4412512 2024-11-12] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-2111594256-2338183963-3193565703-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [482640 2023-10-26] (AVB Disc Soft, SIA -> Disc Soft FZE LLC)
HKU\S-1-5-21-2111594256-2338183963-3193565703-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [36919256 2024-11-20] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-2111594256-2338183963-3193565703-1001\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3597056 2024-10-24] (Razer USA Ltd. -> Razer Inc.)
HKU\S-1-5-21-2111594256-2338183963-3193565703-1001\...\Run: [Battle.net] => C:\Program Files (x86)\Battle.net\Battle.net.exe [981632 2024-10-31] (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
HKU\S-1-5-21-2111594256-2338183963-3193565703-1001\...\RunOnce: [Delete Cached Update Binary] => C:\Windows\system32\cmd.exe /q /c del /q "C:\Users\David\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" [82831904 2024-11-23] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2111594256-2338183963-3193565703-1001\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\Windows\system32\cmd.exe /q /c del /q "C:\Users\David\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" (No File)
HKU\S-1-5-21-2111594256-2338183963-3193565703-1001\...\RunOnce: [Uninstall 24.211.1020.0001] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\David\AppData\Local\Microsoft\OneDrive\24.211.1020.0001" [0 2024-11-23] () <==== ATTENTION [zero byte File/Folder]
HKU\S-1-5-21-2111594256-2338183963-3193565703-1001\...\MountPoints2: {b75d0fe9-73f5-11ee-b37b-16ac60273a05} - "E:\setup.exe"
HKU\S-1-5-18\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3597056 2024-10-24] (Razer USA Ltd. -> Razer Inc.)
HKLM\...\Windows x64\Print Processors\hpcpp270: C:\Windows\System32\spool\prtprocs\x64\hpcpp270.dll [873168 2023-05-30] (HP Inc. -> HP Inc.)
HKLM\...\Print\Monitors\HP Universal Print Monitor: c:\windows\system32\HPMPW082.DLL [130256 2023-05-30] (HP Inc. -> HP Inc.)
HKLM\...\Print\Monitors\HPMLM225: c:\windows\system32\hpmlm225.dll [318160 2023-05-30] (HP Inc. -> HP Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\131.0.6778.86\Installer\chrmstp.exe [2024-11-22] (Google LLC -> Google LLC)
Startup: C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseForge.lnk [2023-10-30]
ShortcutTarget: CurseForge.lnk -> C:\Users\David\AppData\Local\Programs\CurseForge Windows\CurseForge.exe (Overwolf Ltd -> Overwolf)
Startup: C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DDM2.0.lnk [2023-10-26]
ShortcutTarget: DDM2.0.lnk -> C:\Program Files\Dell\Dell Display Manager 2\DDM.exe (Qisda Corporation -> Dell Inc.)

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {44A29DAE-4F7C-4413-92EA-4742D6DAD351} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem132.0.6833.0{BFD0482A-7C37-42D0-81ED-676AF0B6DADE} => C:\Program Files (x86)\Google\GoogleUpdater\132.0.6833.0\updater.exe [5591136 2024-11-11] (Google LLC -> Google LLC)
Task: {2FBA3F76-156A-4FFE-918B-78AE72B83EEA} - System32\Tasks\GyazoUpdateTaskMachine => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [10513984 2024-11-05] (Helpfeel Inc -> Helpfeel Inc.)
Task: {8F53028B-313E-4798-A7D7-7B00E941E17A} - System32\Tasks\GyazoUpdateTaskMachineDaily => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [10513984 2024-11-05] (Helpfeel Inc -> Helpfeel Inc.)
Task: {8061F546-2AA0-4F23-A861-22118B523C3E} - System32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901} => C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe [743488 2023-10-25] (Kaspersky Lab JSC -> AO Kaspersky Lab)
Task: {F960DEC5-CB0A-45F3-809A-5D0A0D20C15A} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26043888 2019-03-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {591F3815-453A-4FED-8DCD-AE4E364ECE38} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26043888 2019-03-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {78AB5B60-5F84-493F-9E3D-9E5F85EFA1AB} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\sdxhelper.exe [103896 2023-10-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {A11EF95D-7CAD-4292-B611-62BE49DE8B5C} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\sdxhelper.exe [103896 2023-10-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {DE1B5B99-25AE-428B-9EC8-6AE1D27F943E} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1403008 2023-10-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {C7FFF969-718F-4CCA-AC2A-524E9A426BE2} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1403008 2023-10-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {DD5CD39C-2D88-443C-BEF7-EEFA8C25213E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4403336 2023-10-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {EDDC86CD-8F92-41B6-BEE9-BF68C9B215E1} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4403336 2023-10-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
Task: {A10B79A1-933A-4CCE-9411-E5145D49A3B8} - System32\Tasks\MSI Task Host - LEDKeeper2_Host => C:\Program Files (x86)\MSI\MSI Center\Mystic Light\LEDKeeper2.exe [2660456 2023-10-04] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
Task: {F4D55D14-5D75-46BD-B955-840FBD796EF9} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1277480 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files\NVIDIA Corporation\NvContainer\-d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {52567C39-EB59-4246-BFD7-B520D0690C28} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3347496 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5A7CFE82-C017-4E0C-9F01-AA02D4ABB5DD} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [646696 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files (x86)\NVIDIA Corporation\NvNode\--launcher=TaskScheduler
Task: {62EBAE13-81E8-451E-84B0-2198AA7EB60A} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908328 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3A61301B-B1DD-4C01-A52F-AAAF11FC1E45} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908328 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {2200CB70-7C83-481E-9034-24B792871D2A} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1673768 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {AF1CE039-85FF-48B9-A950-AB294115BB7F} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1673768 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {572E7C8A-0697-4091-86BA-1D24791686E6} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1673768 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {7DFB9D0F-567F-44D4-80A4-EED7CCBF6E99} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1673768 2024-06-11] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B2B209D9-81AB-4894-ADFF-004B5E75296F} - System32\Tasks\ThunderMaster => C:\Program Files\Thunder Master\ThPanel.exe [4530592 2023-05-05] (PALIT MICROSYSTEMS LTD. TAIWAN BRANCH (BELIZE) -> Palit Microsystems Ltd.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 93.89.159.2 1.1.1.1
Tcpip\..\Interfaces\{c955e5c7-047b-42c9-b48e-0f4d7406f04a}: [DhcpNameServer] 93.89.159.2 1.1.1.1

Edge:
=======
Edge Profile: C:\Users\David\AppData\Local\Microsoft\Edge\User Data\Default [2024-11-20]
Edge Extension: (Ochrana Kaspersky) - C:\Users\David\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm [2024-05-27]
Edge Extension: (Dokumenty Google offline) - C:\Users\David\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-11-10]
Edge Extension: (Edge relevant text changes) - C:\Users\David\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-24]
Edge HKU\S-1-5-21-2111594256-2338183963-3193565703-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm]

FireFox:
========
FF HKLM\...\Firefox\Extensions: [light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\FFExt\light_plugin_firefox\addon.xpi => not found
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\FFExt\light_plugin_firefox\addon.xpi => not found
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2023-10-27] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2023-10-27] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=3.0.19 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2024-06-08] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.20 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2024-06-08] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.21 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2024-06-08] (VideoLAN -> VideoLAN)

Chrome:
=======
CHR Profile: C:\Users\David\AppData\Local\Google\Chrome\User Data\Default [2024-11-24]
CHR DownloadDir: C:\Users\David\Desktop
CHR HomePage: Default -> hxxp://seznam.cz/
CHR StartupUrls: Default -> "hxxp://facebook.com/"
CHR DefaultSearchURL: Default -> hxxp://www.google.com/search?hl=en&q={searchTerms}
CHR DefaultSearchKeyword: Default -> google.cz_
CHR DefaultSuggestURL: Default -> hxxp://suggest.fulltext.seznam.cz/fulltext_ff?phrase={searchTerms}
CHR Extension: (Ochrana Kaspersky) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm [2024-05-27]
CHR Extension: (BetterTTV) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2024-10-28]
CHR Extension: (7TV) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\ammjkodgmmoknidbanneddgankgfejfh [2023-10-25]
CHR Extension: (MrtkiBlock) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmlajoobakfffnddclhgdbfomjmaeeen [2023-10-25]
CHR Extension: (uBlock Origin) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2024-11-22]
CHR Extension: (Tipli do prohlížeče) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbnfnbehhjknomdbfhcobpgpphnlnikp [2024-07-28]
CHR Extension: (Kaspersky Password Manager) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhnkblpjbkfklfloegejegedcafpliaa [2024-08-13]
CHR Extension: (Dokumenty Google offline) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-11-01]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-10-25]
CHR Extension: (Unseen Message) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\oapcfkclledjbalilncpoimgjgcndhdo [2024-01-07]
CHR Extension: (Global Twitch Emotes) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgniedifoejifjkndekolimjeclnokkb [2023-10-25]
CHR HKLM\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm
CHR HKLM-x32\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AVP21.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\avp.exe [184768 2022-08-01] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S3 battlenet_helpersvc; C:\ProgramData\Battle.net_components\battlenet_helpersvc\AgentHelper.exe [3280000 2024-11-08] (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11129928 2019-03-05] (Microsoft Corporation -> Microsoft Corporation)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [4974416 2023-10-26] (AVB Disc Soft, SIA -> Disc Soft FZE LLC)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [934352 2023-08-02] (Epic Games Inc. -> Epic Games, Inc.)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [243664 2024-10-17] (HP Inc. -> HP Inc.)
S3 klvssbridge64_21.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\x64\vssbridge64.exe [479280 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R2 KSDE5.18; C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.18\ksde.exe [32008 2024-07-12] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R2 LightKeeperService; C:\Program Files (x86)\MSI\MSI Center\Mystic Light\LightKeeperService.exe [92768 2023-05-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 MSI_Case_Service; C:\Program Files (x86)\MSI\MSI Center\Case\MSI_Case_Service.exe [74336 2023-07-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 MSI_Center_Service; C:\Program Files (x86)\MSI\MSI Center\MSI_Central_Service.exe [154216 2023-08-17] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
R2 MSI_VoiceControl_Service; C:\Program Files (x86)\MSI\MSI Center\Voice Control\VoiceControl_Service.exe [36880 2023-04-27] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 Mystic_Light_Service; C:\Program Files (x86)\MSI\MSI Center\Mystic Light\Mystic_Light_Service.exe [37616 2022-04-28] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [50688 2019-02-01] (HP Inc.) [File not signed]
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nvrfi.inf_amd64_d447ce988e6b8681\Display.NvContainer\NVDisplay.Container.exe [1275016 2024-11-07] (NVIDIA Corporation -> NVIDIA Corporation)
S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [66048 2019-02-01] (HP Inc.) [File not signed]
R2 Razer Chroma SDK Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe [1882024 2024-10-11] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [232360 2024-10-11] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Chroma Stream Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzChromaStreamServer.exe [1268176 2024-07-18] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Game Manager Service; C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe [256256 2024-10-15] (Razer USA Ltd. -> Razer Inc)
R2 Razer Synapse Service; C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe [298240 2024-10-24] (Razer USA Ltd. -> Razer Inc.)
S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [1271280 2023-11-01] (Rockstar Games, Inc. -> Rockstar Games)
R2 RzActionSvc; C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe [538416 2024-11-08] (Razer USA Ltd. -> Razer Inc.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\NisSrv.exe [3174840 2023-12-08] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MsMpEng.exe [133592 2023-12-08] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 amdfendrmgr; C:\Windows\System32\drivers\amdfendrmgr.sys [55672 2023-12-01] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R3 amdgpio3; C:\Windows\System32\drivers\amdgpio3.sys [36928 2022-09-15] (ASMedia Technology Inc. -> Advanced Micro Devices, Inc)
R3 amduw23g; C:\Windows\System32\DriverStore\FileRepository\u0401611.inf_amd64_fdc4605155615ab7\B399690\amdkmdag.sys [100084648 2024-03-26] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [532480 2023-05-05] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [184320 2023-05-05] (Microsoft Corporation) [File not signed]
S3 BTHMODEM; C:\Windows\System32\drivers\bthmodem.sys [106496 2022-05-07] (Microsoft Corporation) [File not signed]
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [237288 2022-08-01] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [42256 2023-10-26] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [63696 2023-10-26] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S3 HPEWSFXBULK; C:\Windows\system32\drivers\hpfx64bulk.sys [30200 2023-05-31] (Hewlett-Packard Company -> Hewlett Packard)
R1 klbackupdisk; C:\Windows\system32\DRIVERS\klbackupdisk.sys [105280 2022-08-01] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [206600 2022-08-01] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [119568 2022-08-01] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [41656 2021-02-19] (Microsoft Windows Early Launch Anti-malware Publisher -> AO Kaspersky Lab)
R1 klflt; C:\Windows\system32\DRIVERS\klflt.sys [533040 2024-04-03] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klgse; C:\Windows\System32\DRIVERS\klgse.sys [857400 2024-10-03] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klhk; C:\Windows\system32\DRIVERS\klhk.sys [2185568 2024-10-03] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klids; C:\ProgramData\Kaspersky Lab\AVP21.3\Bases\klids.sys [236440 2024-07-16] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [1051184 2024-04-03] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klim6; C:\Windows\system32\DRIVERS\klim6.sys [90896 2022-08-01] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [104728 2022-08-01] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [107328 2022-08-01] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [78088 2022-08-01] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klpnpflt; C:\Windows\system32\DRIVERS\klpnpflt.sys [88328 2022-08-01] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 kltun; C:\Windows\system32\DRIVERS\kltun.sys [92192 2024-07-12] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R0 klupd_klif_arkmon; C:\Windows\System32\Drivers\klupd_klif_arkmon.sys [396040 2024-07-23] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klupd_klif_klark; C:\Windows\System32\Drivers\klupd_klif_klark.sys [362464 2024-08-07] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R0 klupd_klif_klbg; C:\Windows\System32\Drivers\klupd_klif_klbg.sys [198720 2024-07-29] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klupd_klif_mark; C:\Windows\System32\Drivers\klupd_klif_mark.sys [265416 2024-07-10] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [150280 2022-08-01] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klwtp; C:\Windows\system32\DRIVERS\klwtp.sys [325400 2022-08-01] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [294680 2022-08-01] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 MSIO; C:\Windows\system32\drivers\MsIo64.sys [19000 2023-04-05] (Microsoft Windows Hardware Compatibility Publisher -> MICSYS Technology Co., LTd)
R3 MTKBTFilterx64; C:\Windows\System32\drivers\mtkbtfilterx.sys [345056 2022-06-26] (Microsoft Windows Hardware Compatibility Publisher -> MediaTek Inc.)
R3 mtkwlex; C:\Windows\System32\drivers\mtkwl6ex.sys [1587680 2022-06-26] (Microsoft Windows Hardware Compatibility Publisher -> MediaTek Inc.)
R3 NTIOLib_CC_Clock; C:\Program Files (x86)\MSI\MSI Center\Lib\NTIOLib_X64.sys [14288 2017-07-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 NTIOLib_CC_COMM; C:\Program Files (x86)\MSI\MSI Center\Lib\SYS\NTIOLib_X64.sys [32424 2023-07-31] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
S3 NTIOLib_FWUpdate; C:\Program Files (x86)\MSI\MSI Center\Mystic Light\ResetMCU\JT1Toucher\NTIOLib_X64.sys [28496 2022-04-27] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 NTIOLib_MysticLight; C:\Program Files (x86)\MSI\MSI Center\Mystic Light\Lib\NTIOLib_X64.sys [14288 2017-07-11] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 NvModuleTracker; C:\Windows\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_ea6cec41fc5b2a8b\NvModuleTracker.sys [47240 2024-04-03] (NVIDIA Corporation -> NVIDIA Corporation)
S3 rtcx21; C:\Windows\System32\DriverStore\FileRepository\rtcx21x64.inf_amd64_516e5c9b75c49dc2\rtcx21x64.sys [539648 2022-05-06] (Microsoft Windows -> Realtek)
R3 RzCommon; C:\Windows\System32\drivers\RzCommon.sys [64168 2022-08-18] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_0099; C:\Windows\System32\drivers\RzDev_0099.sys [56152 2021-06-14] (Razer USA Ltd. -> Razer Inc)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [55856 2023-12-08] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [594304 2023-12-08] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [105856 2023-12-08] (Microsoft Windows -> Microsoft Corporation)
S4 AmdTools64; \SystemRoot\System32\drivers\AmdTools64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-11-24 00:26 - 2024-11-24 00:27 - 000039396 _____ C:\Users\David\Desktop\FRST.txt
2024-11-24 00:26 - 2024-11-24 00:26 - 000000000 ____D C:\Users\David\Desktop\FRST-OlderVersion
2024-11-23 23:18 - 2024-11-23 23:18 - 000000000 ____D C:\Users\David\Desktop\Domcaa
2024-11-21 01:59 - 2024-11-21 02:31 - 000000000 ____D C:\Users\David\Desktop\The.Penguin.S01E06.DV.HDR.2160p.WEB.H265-SuccessfulCrab[TGx]
2024-11-21 01:23 - 2024-11-21 03:08 - 000000000 ____D C:\Users\David\Desktop\The.Penguin.S01E05.DV.HDR.2160p.WEB.H265-SuccessfulCrab[TGx]
2024-11-20 18:34 - 2024-11-20 18:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\qBittorrent
2024-11-20 18:34 - 2024-11-20 18:34 - 000000000 ____D C:\Program Files\qBittorrent
2024-11-20 18:25 - 2024-11-20 18:25 - 003756704 _____ C:\Users\David\Desktop\švihadlo.mp4
2024-11-20 18:20 - 2024-11-20 18:20 - 005285870 _____ C:\Users\David\Desktop\fiala kecal o platech.mp4
2024-11-16 22:26 - 2024-11-16 22:26 - 000725758 _____ C:\Windows\system32\perfh005.dat
2024-11-16 22:26 - 2024-11-16 22:26 - 000151026 _____ C:\Windows\system32\perfc005.dat
2024-11-16 18:18 - 2024-11-18 02:34 - 000000000 ____D C:\Users\David\Desktop\The.Penguin.S01E04.DV.HDR.2160p.WEB.H265-SuccessfulCrab[TGx]
2024-11-16 12:28 - 2024-11-18 00:12 - 000000000 ____D C:\Users\David\Desktop\The.Penguin.S01E03.DV.HDR.2160p.WEB.H265-SuccessfulCrab[TGx]
2024-11-15 22:38 - 2024-11-15 22:38 - 000026650 _____ C:\Windows\SysWOW64\IntegratedServicesRegionPolicySet.json
2024-11-15 22:38 - 2024-11-15 22:38 - 000026650 _____ C:\Windows\system32\IntegratedServicesRegionPolicySet.json
2024-11-12 17:34 - 2024-11-07 19:11 - 002060664 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe
2024-11-12 17:34 - 2024-11-07 19:11 - 002060664 _____ C:\Windows\system32\vulkaninfo.exe
2024-11-12 17:34 - 2024-11-07 19:11 - 001600376 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2024-11-12 17:34 - 2024-11-07 19:11 - 001600376 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2024-11-12 17:34 - 2024-11-07 19:11 - 001301880 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll
2024-11-12 17:34 - 2024-11-07 19:11 - 001301880 _____ C:\Windows\SysWOW64\vulkan-1.dll
2024-11-12 17:34 - 2024-11-07 19:10 - 001452408 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll
2024-11-12 17:34 - 2024-11-07 19:10 - 001452408 _____ C:\Windows\system32\vulkan-1.dll
2024-11-12 17:34 - 2024-11-07 19:10 - 000477832 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2024-11-12 17:34 - 2024-11-07 19:10 - 000374408 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2024-11-12 17:34 - 2024-11-07 19:07 - 001554600 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2024-11-12 17:34 - 2024-11-07 19:07 - 001114792 _____ (NVIDIA Corporation) C:\Windows\system32\nvml.dll
2024-11-12 17:34 - 2024-11-07 19:07 - 000669832 _____ (NVIDIA Corporation) C:\Windows\system32\nvofapi64.dll
2024-11-12 17:34 - 2024-11-07 19:07 - 000505504 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvofapi.dll
2024-11-12 17:34 - 2024-11-07 19:06 - 025450672 _____ C:\Windows\system32\nvidia-pcc.exe
2024-11-12 17:34 - 2024-11-07 19:06 - 002184840 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2024-11-12 17:34 - 2024-11-07 19:06 - 001634464 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2024-11-12 17:34 - 2024-11-07 19:06 - 001208968 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2024-11-12 17:34 - 2024-11-07 19:06 - 001041544 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2024-11-12 17:34 - 2024-11-07 19:06 - 000863392 _____ (NVIDIA Corporation) C:\Windows\system32\nvidia-smi.exe
2024-11-12 17:34 - 2024-11-07 19:06 - 000800904 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2024-11-12 17:34 - 2024-11-07 19:05 - 017736864 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2024-11-12 17:34 - 2024-11-07 19:05 - 016811664 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2024-11-12 17:34 - 2024-11-07 19:05 - 006953104 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2024-11-12 17:34 - 2024-11-07 19:05 - 005435016 _____ (NVIDIA Corporation) C:\Windows\system32\nvcudadebugger.dll
2024-11-12 17:34 - 2024-11-07 19:05 - 003807368 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2024-11-12 17:34 - 2024-11-07 19:05 - 000461960 _____ (NVIDIA Corporation) C:\Windows\system32\nvdebugdump.exe
2024-11-12 17:34 - 2024-11-07 19:04 - 005910192 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2024-11-12 17:34 - 2024-11-07 19:04 - 000853648 _____ (NVIDIA Corporation) C:\Windows\system32\MCU.exe
2024-11-12 17:34 - 2024-11-07 19:03 - 007159088 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2024-11-12 17:34 - 2024-11-07 19:03 - 006236288 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2024-11-12 17:34 - 2024-11-07 03:41 - 000132703 _____ C:\Windows\system32\nvinfo.pb
2024-11-10 14:12 - 2024-11-10 14:12 - 012162663 _____ C:\Users\David\Desktop\0 to 10 Million Gold V3.6.6.pdf
2024-11-01 16:17 - 2024-11-01 16:17 - 000000000 ____D C:\ProgramData\{6171DF1B-88CA-4D6B-8A71-3BF4E9BEE59E}
2024-10-31 21:12 - 2024-10-31 21:12 - 000000000 ____D C:\Users\David\Desktop\CitronovaZmrzlina
2024-10-29 02:16 - 2024-10-29 02:16 - 000000000 ____D C:\Users\David\Desktop\Snowpiercer

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-11-24 00:27 - 2024-04-06 16:11 - 000000000 ____D C:\FRST
2024-11-24 00:26 - 2024-04-06 16:06 - 002402816 _____ (Farbar) C:\Users\David\Desktop\FRST64.exe
2024-11-24 00:26 - 2023-10-25 01:40 - 000000000 ____D C:\Users\David\AppData\Local\Battle.net
2024-11-24 00:24 - 2023-10-26 15:41 - 000000000 ____D C:\Program Files (x86)\Steam
2024-11-24 00:22 - 2023-10-26 23:31 - 000000000 ____D C:\Users\David\Desktop\UHILS
2024-11-24 00:16 - 2023-10-30 18:34 - 000000000 ____D C:\Users\David\AppData\Roaming\CurseForge
2024-11-23 23:59 - 2023-10-27 13:47 - 000000000 ____D C:\Users\David\AppData\Roaming\vlc
2024-11-23 23:57 - 2023-10-26 23:32 - 000000000 ____D C:\Users\David\AppData\Local\CrashDumps
2024-11-23 23:46 - 2023-10-26 15:27 - 000000000 ____D C:\Users\David\AppData\Local\Discord
2024-11-23 23:21 - 2022-05-07 06:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-11-23 20:47 - 2024-08-09 15:36 - 000000000 ____D C:\Users\David\AppData\Roaming\discord
2024-11-23 16:03 - 2023-10-25 02:01 - 000000000 ____D C:\Users\David\AppData\Local\D3DSCache
2024-11-23 15:51 - 2023-10-25 02:04 - 000000000 ____D C:\ProgramData\NVIDIA
2024-11-23 15:46 - 2023-10-26 17:11 - 000000000 ____D C:\Users\David\AppData\Local\Dell Display Manager
2024-11-23 15:46 - 2023-10-25 01:23 - 000003592 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2111594256-2338183963-3193565703-1001
2024-11-23 15:46 - 2023-10-25 01:23 - 000003364 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2111594256-2338183963-3193565703-1001
2024-11-23 15:46 - 2023-10-25 01:23 - 000002381 _____ C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-11-23 15:46 - 2022-05-07 06:24 - 000000000 ___HD C:\Program Files\WindowsApps
2024-11-23 15:46 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\SystemTemp
2024-11-23 15:46 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\AppReadiness
2024-11-22 22:17 - 2023-10-27 02:50 - 000000000 ____D C:\Users\David\AppData\Roaming\Microsoft\Word
2024-11-22 21:13 - 2023-10-25 01:16 - 000000000 ____D C:\Windows\system32\SleepStudy
2024-11-22 16:18 - 2023-10-25 01:28 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-11-22 16:18 - 2023-10-25 01:16 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-11-21 04:09 - 2023-10-26 23:34 - 000000000 ____D C:\Users\David\AppData\Roaming\qBittorrent
2024-11-21 00:16 - 2023-10-26 23:31 - 000119190 _____ C:\Users\David\Desktop\trollings.txt
2024-11-16 22:26 - 2023-10-25 01:22 - 001718036 _____ C:\Windows\system32\PerfStringBackup.INI
2024-11-16 22:26 - 2022-05-07 06:22 - 000000000 ____D C:\Windows\INF
2024-11-16 22:18 - 2023-10-25 01:16 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2024-11-16 22:18 - 2023-10-24 18:04 - 000000000 ____D C:\MSI
2024-11-16 22:18 - 2023-10-24 16:52 - 000012288 ___SH C:\DumpStack.log.tmp
2024-11-16 19:06 - 2022-05-07 06:17 - 000524288 _____ C:\Windows\system32\config\BBI
2024-11-16 17:42 - 2023-11-29 15:20 - 000000000 ____D C:\Windows\system32\MRT
2024-11-16 17:42 - 2022-05-07 06:17 - 000000000 ____D C:\Windows\CbsTemp
2024-11-16 17:41 - 2023-11-29 15:20 - 202035632 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2024-11-16 11:30 - 2023-12-19 02:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2024-11-16 11:29 - 2023-12-16 12:44 - 000000000 ____D C:\Program Files (x86)\Razer Chroma SDK
2024-11-16 11:22 - 2023-10-25 01:18 - 000001623 _____ C:\Windows\system32\config\VSMIDK
2024-11-16 00:19 - 2023-10-25 01:16 - 000475808 _____ C:\Windows\system32\FNTCACHE.DAT
2024-11-16 00:17 - 2023-11-29 14:24 - 000000000 ____D C:\Windows\system32\Microsoft-Edge-WebView
2024-11-16 00:17 - 2022-05-07 06:24 - 000000000 ___SD C:\Windows\system32\UNP
2024-11-16 00:17 - 2022-05-07 06:24 - 000000000 ___RD C:\Windows\PrintDialog
2024-11-16 00:17 - 2022-05-07 06:24 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2024-11-16 00:17 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\SysWOW64\setup
2024-11-16 00:17 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\SysWOW64\Dism
2024-11-16 00:17 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\SystemResources
2024-11-16 00:17 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\system32\WinBioPlugIns
2024-11-16 00:17 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\system32\ShellExperiences
2024-11-16 00:17 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\system32\Sgrm
2024-11-16 00:17 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\system32\setup
2024-11-16 00:17 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\system32\SecureBootUpdates
2024-11-16 00:17 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\system32\PerceptionSimulation
2024-11-16 00:17 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\system32\oobe
2024-11-16 00:17 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\system32\HealthAttestationClient
2024-11-16 00:17 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\system32\Dism
2024-11-16 00:17 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\system32\appraiser
2024-11-16 00:17 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\ShellExperiences
2024-11-16 00:17 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\ShellComponents
2024-11-16 00:17 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\DiagTrack
2024-11-16 00:17 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\bcastdvr
2024-11-16 00:17 - 2022-05-07 06:17 - 000000000 ____D C:\Windows\servicing
2024-11-15 22:51 - 2022-05-07 06:24 - 000000000 ____D C:\ProgramData\USOPrivate
2024-11-15 22:36 - 2023-11-29 14:08 - 000000000 ____H C:\$WINRE_BACKUP_PARTITION.MARKER
2024-11-14 18:12 - 2023-10-25 22:52 - 000003512 _____ C:\Windows\system32\Tasks\GyazoUpdateTaskMachineDaily
2024-11-14 18:12 - 2023-10-25 22:52 - 000003376 _____ C:\Windows\system32\Tasks\GyazoUpdateTaskMachine
2024-11-14 18:12 - 2023-10-25 22:52 - 000000000 ____D C:\Program Files (x86)\Gyazo
2024-11-09 21:40 - 2023-10-25 01:16 - 000003640 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-11-09 21:40 - 2023-10-25 01:16 - 000003516 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-11-02 10:08 - 2023-10-25 02:04 - 000000000 ____D C:\Users\David\AppData\Local\NVIDIA
2024-11-01 16:16 - 2023-10-26 17:10 - 000000000 ____D C:\Program Files\dotnet
2024-11-01 16:16 - 2023-10-25 01:33 - 000000000 ____D C:\ProgramData\Package Cache
2024-11-01 16:15 - 2023-10-25 01:39 - 000000000 ____D C:\Program Files (x86)\Battle.net
2024-10-31 17:28 - 2023-10-25 01:21 - 000000000 ___SD C:\Users\David\AppData\Roaming\Microsoft\Credentials
2024-10-28 12:22 - 2023-10-27 15:19 - 000000000 ____D C:\Users\David\AppData\Roaming\Gyazo

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

bojimso
2. Stupeň Varování
Příspěvky: 287
Registrován: 08 bře 2007 14:56

Re: Preventivní kontrola 24.11.2024

#3 Příspěvek od bojimso »

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23-11-2024
Ran by David (24-11-2024 00:28:37)
Running from C:\Users\David\Desktop
Microsoft Windows 11 Home Version 23H2 22631.4460 (X64) (2023-10-25 00:19:05)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-2111594256-2338183963-3193565703-500 - Administrator - Disabled)
David (S-1-5-21-2111594256-2338183963-3193565703-1001 - Administrator - Enabled) => C:\Users\David
DefaultAccount (S-1-5-21-2111594256-2338183963-3193565703-503 - Limited - Disabled)
Guest (S-1-5-21-2111594256-2338183963-3193565703-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-2111594256-2338183963-3193565703-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Kaspersky Total Security (Enabled - Up to date) {4F76F112-43EB-40E8-11D8-F7BD1853EA23}
FW: Kaspersky Total Security (Enabled) {774D7037-0984-41B0-3A87-5E88E680AD58}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (HKLM\...\{50229C72-539F-4E65-BEB5-F0491C5074B7}) (Version: 22.2.1 - HP Inc.) Hidden
AMD Ryzen Master SDK (HKLM\...\{DBD50508-5F75-416B-995D-C42433A00944}) (Version: 2.10.0.2198 - Advanced Micro Devices, Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
CurseForge 1.265.0-21056 (HKU\S-1-5-21-2111594256-2338183963-3193565703-1001\...\ca0e291c-abd4-5fc3-b6a0-3d4333eccbd7) (Version: 1.265.0-21056 - Overwolf)
CZC.Gaming Reaper (HKLM-x32\...\{A3DCB839-C9AC-4F7D-8F8A-9F93F8AF0915}_is1) (Version: 1.0 - CZC.cz s.r.o.)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 12.0.0.2126 - Disc Soft Ltd)
Dell Display Manager 2 (HKLM\...\Dell Display Manager 2) (Version: 2.3.2.18 - Dell Inc.)
Discord (HKU\S-1-5-21-2111594256-2338183963-3193565703-1001\...\Discord) (Version: 1.0.9020 - Discord Inc.)
DOOM Eternal The Ancient Gods (HKLM-x32\...\DOOM Eternal The Ancient Gods_is1) (Version: - )
ENE Video Capture Box HAL (HKLM\...\{A096611D-BA11-4A1A-8D09-0A0462D7C8F2}) (Version: 1.0.5.15 - Ene Tech.) Hidden
ENE Video Capture Box HAL (HKLM-x32\...\{974259bf-3ed1-4cd6-9ed1-40c7f601a786}) (Version: 1.0.5.15 - Ene Tech.) Hidden
ENE_EHD_M2_HAL (HKLM\...\{37A48B7F-D4EA-4863-844E-A284E2AA3C5D}) (Version: 1.0.10.1 - ENE TECHNOLOGY INC.) Hidden
ENE_EHD_M2_HAL (HKLM-x32\...\{6b617af3-c8f4-45a8-bf47-b32ffb4da1cc}) (Version: 1.0.10.1 - ENE TECHNOLOGY INC.) Hidden
ENE_External_Device_HAL (HKLM\...\{2B8E611F-0B51-4FAC-87BB-AF50D82E7DDA}) (Version: 1.0.11.1 - ENE Tech) Hidden
ENE_External_Device_HAL (HKLM-x32\...\{bb9d349f-b87b-4026-b336-1604708bd09c}) (Version: 1.0.11.1 - ENE Tech) Hidden
ENE_MousePad_HAL (HKLM\...\{9E97178A-ADB8-4778-BE60-7E28E2A72721}) (Version: 1.0.2.0 - ENE TECHNOLOGY INC.) Hidden
ENE_MousePad_HAL (HKLM-x32\...\{c2c794a4-7986-4c45-884d-d4ca43b88df9}) (Version: 1.0.2.0 - ENE TECHNOLOGY INC.) Hidden
ENE_X_AIC_HAL (HKLM\...\{CF703694-01C6-4062-B797-84DB215662BC}) (Version: 1.0.6.3 - ENE TECHNOLOGY INC.) Hidden
ENE_X_AIC_HAL (HKLM-x32\...\{c662a481-d76a-4188-95d2-6eb4ffd55542}) (Version: 1.0.6.3 - ENE TECHNOLOGY INC.) Hidden
Epic Games Launcher (HKLM-x32\...\{B85FAA6E-A9AA-4655-9029-E1A4EDC05E1A}) (Version: 1.3.93.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32\...\{57A956AB-4BCC-45C6-9B40-957E4E125568}) (Version: 2.0.44.0 - Epic Games, Inc.)
Far Cry 5 v.1.011 (HKLM-x32\...\Far Cry 5_is1) (Version: - )
Far Cry 6 (HKLM-x32\...\Far Cry 6_is1) (Version: - )
Far Cry New Dawn v.1.0.5 (HKLM-x32\...\Far Cry New Dawn_is1) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 131.0.6778.86 - Google LLC)
Gyazo 5.6.4.0 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version: 5.6.4 - Helpfeel Inc.)
HWiNFO64 Version 7.64 (HKLM\...\HWiNFO64_is1) (Version: 7.64 - Martin Malik, REALiX s.r.o.)
Kaspersky Total Security (HKLM-x32\...\{4FC79BE9-AD63-46C0-9626-E4F6BCE6A976}) (Version: 21.3.10.391 - Kaspersky) Hidden
Kaspersky Total Security (HKLM-x32\...\InstallWIX_{4FC79BE9-AD63-46C0-9626-E4F6BCE6A976}) (Version: 21.3.10.391 - Kaspersky)
Kaspersky VPN (HKLM-x32\...\{78842D83-A5DB-3DAD-970E-A67A0A41EA83}) (Version: 21.18.5.438 - Kaspersky) Hidden
Kaspersky VPN (HKLM-x32\...\InstallWIX_{78842D83-A5DB-3DAD-970E-A67A0A41EA83}) (Version: 21.18.5.438 - Kaspersky)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Microsoft .NET Host - 6.0.22 (x64) (HKLM\...\{A575E059-0C3F-4138-B87A-BAF55CABA9FA}) (Version: 48.88.905 - Microsoft Corporation) Hidden
Microsoft .NET Host - 8.0.10 (x64) (HKLM\...\{3A80EBC5-6B68-49B9-BEBD-E1A6C966B416}) (Version: 64.40.21578 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.22 (x64) (HKLM\...\{E7598167-2D5C-4704-8777-8A25289EB8FE}) (Version: 48.88.905 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 8.0.10 (x64) (HKLM\...\{062CD1ED-0A3C-483C-A871-50173240C545}) (Version: 64.40.21578 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.22 (x64) (HKLM\...\{853BA4E9-D41A-4FF6-AB22-A6FFDD77EA78}) (Version: 48.88.905 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 8.0.10 (x64) (HKLM\...\{15B7D0C2-F209-4C28-AF1C-FD8326F4D58A}) (Version: 64.40.21578 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 131.0.2903.63 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 131.0.2903.63 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2019 - cs-cz (HKLM\...\ProPlus2019Retail - cs-cz) (Version: 16.0.11328.20158 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2111594256-2338183963-3193565703-1001\...\OneDriveSetup.exe) (Version: 24.216.1027.0003 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{C6FD611E-7EFE-488C-A0E0-974C09EF6473}) (Version: 5.72.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.38.33135 (HKLM-x32\...\{c649ede4-f16a-4486-a117-dcc2f2a35165}) (Version: 14.38.33135.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.38.33135 (HKLM-x32\...\{46c3b171-c15c-4137-8e1d-67eeb2985b44}) (Version: 14.38.33135.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.38.33135 (HKLM\...\{19AFE054-CA83-45D5-A9DB-4108EF4BD391}) (Version: 14.38.33135 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.38.33135 (HKLM\...\{AA0C8AB5-7297-4D46-A0D9-08096FE59E46}) (Version: 14.38.33135 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.38.33135 (HKLM-x32\...\{9C19C103-7DB1-44D1-A039-2C076A633A38}) (Version: 14.38.33135 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.38.33135 (HKLM-x32\...\{286DC39B-5FB7-4AFF-9DD4-22DB47664CD7}) (Version: 14.38.33135 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.22 (x64) (HKLM\...\{6B3108CD-E279-4795-BCBF-BDEA037A7913}) (Version: 48.88.914 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.22 (x64) (HKLM-x32\...\{0f94f805-22c3-4413-b1e5-5ab275ba92d5}) (Version: 6.0.22.32825 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 8.0.10 (x64) (HKLM\...\{614C9740-3FD4-4788-A277-7C35CB4C323B}) (Version: 64.40.21605 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 8.0.10 (x64) (HKLM-x32\...\{d990096d-6282-42c5-8d16-71272c5be274}) (Version: 8.0.10.34118 - Microsoft Corporation)
MSI Afterburner 4.6.5 (HKLM-x32\...\Afterburner) (Version: 4.6.5 - MSI Co., LTD)
MSI Center SDK (HKLM-x32\...\{15289038-41BE-48F8-B8B9-0B1021D3089E}}_is1) (Version: 3.2023.0919.01 - MSI)
NVIDIA FrameView SDK 1.3.8513.32290073 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.3.8513.32290073 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.28.0.417 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.28.0.417 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.4.2.6 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.4.2.6 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 566.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 566.14 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.23.1019 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.23.1019 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.11328.20158 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.11328.20158 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.11328.20158 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.11328.20158 - Microsoft Corporation) Hidden
paint.net (HKLM\...\{A89BF790-0679-403A-9CC7-4015DBF4FEBA}) (Version: 5.0.13 - dotPDN LLC)
qBittorrent (HKLM-x32\...\qBittorrent) (Version: 5.0.2 - The qBittorrent project)
Razer Synapse (HKLM-x32\...\Razer Synapse) (Version: 3.9.1130.102506 - Razer Inc.)
Red Dead Redemption 2 (HKLM-x32\...\Red Dead Redemption 2) (Version: 1.0.1491.18 - Rockstar Games)
RivaTuner Statistics Server 7.3.6 (HKLM-x32\...\RTSS) (Version: 7.3.6 - Unwinder)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.80.1666 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.2.2.2 - Rockstar Games)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Streamlabs Desktop 1.14.0 (HKLM\...\029c4619-0385-5543-9426-46f9987161d9) (Version: 1.14.0 - General Workings, Inc.)
Thunder Master v4.14 (HKLM\...\{EE04522C-0814-4B63-AE57-0B63E5A355BB}_is1) (Version: 4.14.0.1 - Palit Microsystems Ltd.)
TradeSkillMaster Application version 1.0 (HKLM-x32\...\{c44da794-b956-4d50-8733-346d56ae63c7}_is1) (Version: 1.0 - TradeSkillMaster)
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 146.1.10956 - Ubisoft)
Verbatim_SureFireGaming_Product (HKLM\...\{35CB65C6-A7E3-4EE7-AD40-738D70A72164}) (Version: 1.0.3.11 - Verbatim) Hidden
Verbatim_SureFireGaming_Product (HKLM-x32\...\{d601832a-0d94-46ce-9b19-78e8a5887313}) (Version: 1.0.3.11 - Verbatim) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.21 - VideoLAN)
WD P40 Game Drive (HKLM\...\{EE55DBAE-ECDD-4ADD-AAB5-23DE848B0996}) (Version: 1.0.2.18 - Western Digital Corporation) Hidden
WD P40 Game Drive (HKLM-x32\...\{72b1a866-fc31-4381-bff3-fa6cd8823777}) (Version: 1.0.2.18 - Western Digital Corporation) Hidden
WD_BLACK AN1500 (HKLM\...\{085E2365-0A70-4230-B664-02D5E4FE7E9C}) (Version: 1.0.12.0 - ENE TECHNOLOGY INC.) Hidden
WD_BLACK AN1500 (HKLM-x32\...\{9c94735f-73fd-4b0f-9ddb-8be7b3cc4681}) (Version: 1.0.12.0 - ENE TECHNOLOGY INC.) Hidden
WD_BLACK D50 (HKLM\...\{BDE43F26-5917-44F8-B86A-F1D9A6B80B32}) (Version: 1.0.9.0 - ENE TECHNOLOGY INC.) Hidden
WD_BLACK D50 (HKLM-x32\...\{a1d1ba00-92b7-4a99-8ebd-65b25c0e9e44}) (Version: 1.0.9.0 - ENE TECHNOLOGY INC.) Hidden
WinRAR 7.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 7.00.0 - win.rar GmbH)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
WowUp 2.20.0 (HKU\S-1-5-21-2111594256-2338183963-3193565703-1001\...\b31ca559-50e4-54d8-a458-330e72a28314) (Version: 2.20.0 - WowUp LLC)
WowUp-CF 2.20.0 (HKU\S-1-5-21-2111594256-2338183963-3193565703-1001\...\6f2f419c-215d-59e3-b8a5-5843bec040af) (Version: 2.20.0 - WowUp LLC)

Chrome apps:
============
YouTube (HKU\S-1-5-21-2111594256-2338183963-3193565703-1001\...\f1d05c68f71f8be3fb7e957b8345f339) (Version: 1.0 - Google\Chrome)

Packages:
=========
Gyazo -> C:\Program Files (x86)\Gyazo [2024-11-14] (Helpfeel Inc.)
GyazoReplay -> C:\Program Files (x86)\Gyazo [2024-11-14] (Helpfeel Inc.)
GyazoVideo -> C:\Program Files (x86)\Gyazo [2024-11-14] (Helpfeel Inc.)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_156.1.1125.0_x64__v10z8vjag6ke6 [2024-10-17] (HP Inc.)
Microsoft Family -> C:\Program Files\WindowsApps\MicrosoftCorporationII.MicrosoftFamily_0.2.40.0_x64__8wekyb3d8bbwe [2023-12-19] (Microsoft Corp.)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.966.0_x64__56jybvy8sckqj [2024-11-12] (NVIDIA Corp.)
WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2445.7.0_x64__cv1g1gvanyjgm [2024-11-18] (WhatsApp Inc.) [Startup Task]
WinAppRuntime.Main.1.5 -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Main.1.5_5001.311.2039.0_x64__8wekyb3d8bbwe [2024-11-17] (Microsoft Corp.)
WinAppRuntime.Singleton -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Singleton_6000.318.2304.0_x64__8wekyb3d8bbwe [2024-11-22] (Microsoft Corp.)
Windows HDR Calibration -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WindowsHDRCalibration_1.0.152.0_x64__8wekyb3d8bbwe [2024-11-12] (Microsoft Corp.)
WinRAR -> C:\Program Files\WinRAR [2024-04-10] (win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2111594256-2338183963-3193565703-1001_Classes\CLSID\{989dacff-3a01-6b2c-f623-9ef1597c6141}\localserver32 -> C:\Program Files\Dell\Dell Display Manager 2\DDM.exe (Qisda Corporation -> Dell Inc.)
CustomCLSID: HKU\S-1-5-21-2111594256-2338183963-3193565703-1001_Classes\CLSID\{a18c2235-f97e-71dd-b398-1f96bc9af93c}\localserver32 -> C:\Program Files\Dell\Dell Display Manager 2\DDM.exe (Qisda Corporation -> Dell Inc.)
ContextMenuHandlers1: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\x64\shellex.dll [2023-10-25] (AO Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2023-10-26] (AVB Disc Soft, SIA -> Disc Soft FZE LLC)
ContextMenuHandlers2: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\x64\shellex.dll [2023-10-25] (AO Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2023-10-26] (AVB Disc Soft, SIA -> Disc Soft FZE LLC)
ContextMenuHandlers4: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\x64\shellex.dll [2023-10-25] (AO Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\System32\DriverStore\FileRepository\nvrfi.inf_amd64_d447ce988e6b8681\nvshext.dll [2024-11-07] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\x64\shellex.dll [2023-10-25] (AO Kaspersky Lab -> AO Kaspersky Lab)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [VIDC.RTV1] => c:\windows\system32\rtvcvfw64.dll [1102848 2023-04-10] () [File not signed]
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [891904 2023-04-10] () [File not signed]

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\YouTube.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=agimnkijcaahngcdmfeangaknmldooml

==================== Loaded Modules (Whitelisted) =============

2024-10-31 23:47 - 2024-05-17 08:23 - 000379392 _____ () [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.15084\libegl.dll
2024-10-31 23:47 - 2024-05-17 08:23 - 006679040 _____ () [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.15084\libglesv2.dll
2024-10-31 23:47 - 2024-05-17 08:23 - 004325888 _____ () [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.15084\vk_swiftshader.dll
2024-11-14 18:12 - 2024-11-05 22:11 - 000120832 _____ () [File not signed] C:\Program Files (x86)\Gyazo\GyazoVideo\MFVideoEncoder.dll
2024-08-28 10:31 - 2024-08-28 10:31 - 000053760 _____ () [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\_bz2.pyd
2024-08-28 10:31 - 2024-08-28 10:31 - 000084992 _____ () [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\_ctypes.pyd
2024-08-28 10:31 - 2024-08-28 10:31 - 000182272 _____ () [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\_decimal.pyd
2024-08-28 10:31 - 2024-08-28 10:31 - 000783360 _____ () [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\_hashlib.pyd
2024-08-28 10:31 - 2024-08-28 10:31 - 000137216 _____ () [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\_lzma.pyd
2024-08-28 10:31 - 2024-08-28 10:31 - 000047104 _____ () [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\_socket.pyd
2024-08-28 10:31 - 2024-08-28 10:31 - 001213440 _____ () [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\_ssl.pyd
2024-08-28 10:31 - 2024-08-28 10:31 - 000039424 _____ () [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\psutil._psutil_windows.pyd
2024-08-28 10:31 - 2024-08-28 10:31 - 001861120 _____ () [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\PyQt5.QtCore.pyd
2024-08-28 10:31 - 2024-08-28 10:31 - 002002944 _____ () [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\PyQt5.QtGui.pyd
2024-08-28 10:31 - 2024-08-28 10:31 - 004101120 _____ () [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\PyQt5.QtWidgets.pyd
2024-08-28 10:31 - 2024-08-28 10:31 - 000009728 _____ () [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\select.pyd
2024-08-28 10:31 - 2024-08-28 10:31 - 000075264 _____ () [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\sip.pyd
2024-08-28 10:31 - 2024-08-28 10:31 - 000758784 _____ () [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\unicodedata.pyd
2024-04-02 19:31 - 2024-11-04 10:19 - 002682880 _____ () [File not signed] C:\Users\David\AppData\Local\Programs\CurseForge Windows\ffmpeg.dll
2024-04-02 19:31 - 2024-11-04 10:19 - 000481280 _____ () [File not signed] C:\Users\David\AppData\Local\Programs\CurseForge Windows\libegl.dll
2024-04-02 19:31 - 2024-11-04 10:19 - 008058368 _____ () [File not signed] C:\Users\David\AppData\Local\Programs\CurseForge Windows\libglesv2.dll
2023-10-30 18:34 - 2024-11-04 10:19 - 005475328 _____ () [File not signed] C:\Users\David\AppData\Local\Programs\CurseForge Windows\vk_swiftshader.dll
2024-11-06 23:49 - 2024-09-26 22:57 - 005377536 _____ (FFmpeg Project) [File not signed] C:\Program Files (x86)\Steam\libavcodec-61.dll
2024-11-06 23:49 - 2024-09-26 22:57 - 000875008 _____ (FFmpeg Project) [File not signed] C:\Program Files (x86)\Steam\libavfilter-10.dll
2024-11-06 23:49 - 2024-09-26 22:57 - 001674240 _____ (FFmpeg Project) [File not signed] C:\Program Files (x86)\Steam\libavformat-61.dll
2024-11-06 23:49 - 2024-09-26 22:57 - 001640960 _____ (FFmpeg Project) [File not signed] C:\Program Files (x86)\Steam\libavutil-59.dll
2024-11-06 23:49 - 2024-09-26 22:57 - 000630272 _____ (FFmpeg Project) [File not signed] C:\Program Files (x86)\Steam\libswresample-5.dll
2024-11-06 23:49 - 2024-09-26 22:57 - 001092608 _____ (FFmpeg Project) [File not signed] C:\Program Files (x86)\Steam\libswscale-8.dll
2023-10-27 02:56 - 2023-10-27 02:56 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems32.dll] C:\Program Files (x86)\Microsoft Office\Root\Office16\AppVIsvSubsystems32.dll
2023-10-27 02:56 - 2023-10-27 02:56 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R32.dll] C:\Program Files (x86)\Microsoft Office\Root\Office16\c2r32.dll
2024-08-28 10:31 - 2024-08-28 10:31 - 002741248 _____ (Python Software Foundation) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\python34.dll
2024-10-31 23:47 - 2024-05-17 08:23 - 001166336 _____ (The Chromium Authors) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.15084\chrome_elf.dll
2024-08-28 10:31 - 2024-08-28 10:31 - 000848896 _____ (The ICU Project) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\icudt53.dll
2024-08-28 10:31 - 2024-08-28 10:31 - 001580032 _____ (The ICU Project) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\icuin53.dll
2024-08-28 10:31 - 2024-08-28 10:31 - 001079296 _____ (The ICU Project) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\icuuc53.dll
2024-08-28 10:31 - 2024-08-28 10:31 - 000036352 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\imageformats\qdds.dll
2024-08-28 10:31 - 2024-08-28 10:31 - 000022016 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\imageformats\qgif.dll
2024-08-28 10:31 - 2024-08-28 10:31 - 000029184 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\imageformats\qicns.dll
2024-08-28 10:31 - 2024-08-28 10:31 - 000022016 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\imageformats\qico.dll
2024-08-28 10:31 - 2024-08-28 10:31 - 000381952 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\imageformats\qjp2.dll
2024-08-28 10:31 - 2024-08-28 10:31 - 000206848 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\imageformats\qjpeg.dll
2024-08-28 10:31 - 2024-08-28 10:31 - 000218624 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\imageformats\qmng.dll
2024-08-28 10:31 - 2024-08-28 10:31 - 000016384 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\imageformats\qtga.dll
2024-08-28 10:31 - 2024-08-28 10:31 - 000308736 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\imageformats\qtiff.dll
2024-08-28 10:31 - 2024-08-28 10:31 - 000015360 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\imageformats\qwbmp.dll
2024-08-28 10:31 - 2024-08-28 10:31 - 000287232 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\imageformats\qwebp.dll
2024-08-28 10:31 - 2024-08-28 10:31 - 000991744 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\platforms\qwindows.dll
2024-08-28 10:31 - 2024-08-28 10:31 - 004182528 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\Qt5Core.dll
2024-08-28 10:31 - 2024-08-28 10:31 - 004877312 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\Qt5Gui.dll
2024-08-28 10:31 - 2024-08-28 10:31 - 004490752 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\Qt5Widgets.dll
2024-10-31 23:47 - 2024-05-17 08:23 - 000046080 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.15084\audio\qtaudio_windows.dll
2024-10-31 23:47 - 2024-05-17 08:23 - 000030720 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.15084\iconengines\qsvgicon.dll
2024-10-31 23:47 - 2024-05-17 08:23 - 000027136 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.15084\imageformats\qgif.dll
2024-10-31 23:47 - 2024-05-17 08:23 - 000025600 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.15084\imageformats\qico.dll
2024-10-31 23:47 - 2024-05-17 08:23 - 000353280 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.15084\imageformats\qjpeg.dll
2024-10-31 23:47 - 2024-05-17 08:23 - 000021504 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.15084\imageformats\qsvg.dll
2024-10-31 23:47 - 2024-05-17 08:23 - 000352256 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.15084\imageformats\qtiff.dll
2024-10-31 23:47 - 2024-05-17 08:23 - 000423424 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.15084\imageformats\qwebp.dll
2024-10-31 23:47 - 2024-05-17 08:23 - 001239552 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.15084\platforms\qwindows.dll
2024-10-31 23:47 - 2024-05-17 08:23 - 000915456 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.15084\Qt5Network.dll
2024-10-31 23:47 - 2024-05-17 08:23 - 000362496 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.15084\Qt5QmlModels.dll
2024-10-31 23:47 - 2024-05-17 08:23 - 004702208 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.15084\Qt5Widgets.dll
2024-10-31 23:47 - 2024-05-17 08:23 - 000165888 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.15084\Qt5Xml.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) =============

BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2023-10-27] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2023-10-27] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-10-27] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-10-27] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-10-27] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-10-27] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2022-05-07 06:24 - 2022-05-07 06:22 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Razer Chroma SDK\bin;C:\Program Files\Razer Chroma SDK\bin;C:\Program Files (x86)\Razer\ChromaBroadcast\bin;C:\Program Files\Razer\ChromaBroadcast\bin;c:\windows\system32;c:\windows;c:\windows\system32\wbem;c:\windows\system32\windowspowershell\v1.0\;c:\windows\system32\openssh\;c:\program files\nvidia corporation\nvidia nvdlisr;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\dotnet\;C:\Users\David\AppData\Local\Microsoft\WindowsApps;C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\WindowsApps
HKU\S-1-5-21-2111594256-2338183963-3193565703-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\David\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\dragonflight-4k-wallpaper-v0-nihjzcd9lvu81.png
DNS Servers: 93.89.159.2 - 1.1.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

Network Binding:
=============
Připojení k místní síti: Kaspersky VPN -> kltun.sys
Ethernet: Realtek Gaming 2.5GbE Family Controller -> rt640x64.sys
Wi-Fi: RZ616 Wi-Fi 6E 160MHz -> mtkwl6ex.sys

KL_KLIM6: Kaspersky Anti-Virus NDIS 6 Filter

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{6B3D2788-4242-432F-AD5D-7A7A16AB506D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{814CB101-F634-4FC6-9FF1-7E4CDEB37C84}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{98209029-6989-435A-AF44-6D239EF9F18C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{AFB22363-6423-4E24-96D7-816D89EEF46A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{456EC56A-0A6D-4307-9D84-60DA15AB2817}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{444B39F8-7079-4929-BACB-09A2BA12C7CA}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{046E82FA-7485-4A17-BE65-A9E2B324013F}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft FZE LLC)
FirewallRules: [{A23798C1-1103-4D04-8FC6-60111B678D84}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft FZE LLC)
FirewallRules: [{07526A8D-A8A7-48D7-B431-A52BBB915860}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{23771610-9E6D-4621-9806-E60A88A8C171}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{37840F0B-4A1D-4C4D-BF9D-00BA70627A09}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8125F1E7-F30A-4A37-ADA6-053F6DE1FFBC}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2E0E056E-1E4C-4ED4-9E60-FB779DFDE1B1}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{79E61E4F-05C0-4ED5-A61A-BBD6904AB228}] => (Allow) D:\Steam\steamapps\common\DOOMEternal\idTechLauncher.exe () [File not signed]
FirewallRules: [{AD392E54-D9BC-4916-84B8-7A45443E40D5}] => (Allow) D:\Steam\steamapps\common\DOOMEternal\idTechLauncher.exe () [File not signed]
FirewallRules: [{29EAEA02-7015-4335-90AE-DDDC091A91AF}] => (Allow) D:\Steam\steamapps\common\The Last of Us Part I\launcher.exe (Sony Interactive Entertainment) [File not signed]
FirewallRules: [{9A0267B7-1E0D-4A39-93CF-A6AB9E5273B0}] => (Allow) D:\Steam\steamapps\common\The Last of Us Part I\launcher.exe (Sony Interactive Entertainment) [File not signed]
FirewallRules: [{5B3998EA-A7A1-4D2B-BC2D-4D659FF1B3F0}] => (Allow) D:\Steam\steamapps\common\Marvel's Spider-Man Remastered\Spider-Man.exe (Sony Interactive Entertainment LLC -> Insomniac Games, Inc.)
FirewallRules: [{8CC1E913-3DF4-483E-98AD-DD8BCCAACA4A}] => (Allow) D:\Steam\steamapps\common\Marvel's Spider-Man Remastered\Spider-Man.exe (Sony Interactive Entertainment LLC -> Insomniac Games, Inc.)
FirewallRules: [{2C2EBAC6-F057-48EB-BCA8-AA58E404AECD}] => (Allow) D:\Steam\steamapps\common\Grand Theft Auto V\PlayGTAV.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{31890056-9B27-42CC-852F-31FBC49FEAEC}] => (Allow) D:\Steam\steamapps\common\Grand Theft Auto V\PlayGTAV.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{8DB47CCF-5D50-4D32-8E45-E5BEB43E1C53}] => (Allow) D:\Steam\steamapps\common\Marvel's Spider-Man Miles Morales\MilesMorales.exe (Sony Interactive Entertainment LLC -> Insomniac Games, Inc.)
FirewallRules: [{017F8190-1D00-40A3-895C-9E2C2CEC7DDA}] => (Allow) D:\Steam\steamapps\common\Marvel's Spider-Man Miles Morales\MilesMorales.exe (Sony Interactive Entertainment LLC -> Insomniac Games, Inc.)
FirewallRules: [{E0103C9F-6792-44C8-A8D3-9AB5489D412E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1072DC43-D426-4111-ABAE-7A0D00BD926F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{037F4C21-F2AD-4FC6-87E1-3E2063DF5857}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{54C61AC6-1185-426E-A190-F1116EAE7A9D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{46DB6ACC-A440-4188-A326-78C27625E5B6}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24165.1306.2986.9504_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{BE78E701-D82F-4EE0-9C9B-CD798810581A}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24165.1306.2986.9504_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{AF0D2497-4369-4CB9-A82D-CA05D6252A6D}] => (Allow) LPort=32683
FirewallRules: [{8EBED2A1-6AE6-43E3-8A9F-DE7597712F33}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.132.3201.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{9F84E63D-9475-4081-BA63-A51EDC57C2A6}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.132.3201.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B7E29634-7CDF-40C8-BD43-5A6CECCB8F70}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.132.3201.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A6ABD155-5786-4D34-8C9F-7FC699E1DDB0}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.132.3201.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{BC584894-255B-4C65-BCE3-4888E3BEE06C}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe (The qBittorrent Project) [File not signed]
FirewallRules: [{36539BA7-231C-41D1-9BC3-0276420EA072}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe (The qBittorrent Project) [File not signed]
FirewallRules: [{C8D22C2A-E249-43B1-BB81-4F1BB3626948}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{4C1ADA4F-DFA0-4A90-9C79-6639C1BA990A}] => (Allow) LPort=26822
FirewallRules: [{5F646759-0D5A-43C1-BBCC-2643F84A7E87}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\131.0.2903.63\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================

18-11-2024 23:26:44 Windows Update
22-11-2024 18:54:35 Windows Update

==================== Faulty Device Manager Devices ============
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: ========================

Application errors:
==================
Error: (11/23/2024 11:57:37 PM) (Source: Application Error) (EventID: 1000) (User: DEJFYQQ)
Description: Název chybující aplikace: DDM.exe, verze: 2.3.2.18, časové razítko: 0x66960000
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.22621.4391, časové razítko: 0x7433a115
Kód výjimky: 0xc000041d
Posun chyby: 0x000000000005fa4c
ID chybujícího procesu: 0x0xf750
Čas spuštění chybující aplikace: 0x0x1db3db6775b9d60
Cesta k chybující aplikaci: C:\Program Files\Dell\Dell Display Manager 2\DDM.exe
Cesta k chybujícímu modulu: C:\Windows\System32\KERNELBASE.dll
ID zprávy: a4214e93-d790-4fab-aac1-6744c39010ff
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (11/23/2024 11:57:35 PM) (Source: Application Error) (EventID: 1000) (User: DEJFYQQ)
Description: Název chybující aplikace: DDM.exe, verze: 2.3.2.18, časové razítko: 0x66960000
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.22621.4391, časové razítko: 0x7433a115
Kód výjimky: 0xe0434352
Posun chyby: 0x000000000005fa4c
ID chybujícího procesu: 0x0xf750
Čas spuštění chybující aplikace: 0x0x1db3db6775b9d60
Cesta k chybující aplikaci: C:\Program Files\Dell\Dell Display Manager 2\DDM.exe
Cesta k chybujícímu modulu: C:\Windows\System32\KERNELBASE.dll
ID zprávy: b700c253-49a0-435f-9136-d10383d6e472
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (11/23/2024 11:57:35 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: DDM.exe
CoreCLR Version: 8.0.1024.46610
.NET Version: 8.0.10
Description: The process was terminated due to an unhandled exception.
Exception Info: System.IndexOutOfRangeException: Index was outside the bounds of the array.
at System.Collections.Generic.Dictionary`2.TryInsert(TKey key, TValue value, InsertionBehavior behavior)
at System.Collections.Generic.Dictionary`2.Add(TKey key, TValue value)
at DDMExtension.Utility.KeyboardHook.A(Int32, Int32, IntPtr)

Error: (11/22/2024 08:43:47 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit defragmentace na \\?\Volume{c38f51d5-9e0f-11ee-b38d-806e6f6e6963}\, protože: Svazky nejde optimalizovat kvůli nepodporovanému typu systému souborů. (0x8900002F)

Error: (11/16/2024 07:05:07 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.]

Error: (11/16/2024 07:05:07 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému..

Error: (11/16/2024 07:05:07 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.]

Error: (11/16/2024 12:18:17 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému..


System errors:
=============
Error: (11/23/2024 06:00:01 PM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1796) (User: NT AUTHORITY)
Description: The Secure Boot update failed to update a Secure Boot variable with error (-2147020471 = Zabezpečené spouštění není v tomto počítači zapnuto.). For more information, please see https://go.microsoft.com/fwlink/?linkid=2169931

Error: (11/23/2024 03:51:48 PM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1796) (User: NT AUTHORITY)
Description: The Secure Boot update failed to update a Secure Boot variable with error (-2147020471 = Zabezpečené spouštění není v tomto počítači zapnuto.). For more information, please see https://go.microsoft.com/fwlink/?linkid=2169931

Error: (11/22/2024 08:36:50 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9PC1H9VN18CM-Microsoft.StartExperiencesApp.

Error: (11/22/2024 06:56:04 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9NMPJ99VJBWV-Microsoft.YourPhone.

Error: (11/22/2024 06:54:53 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9MSSGKG348SP-MicrosoftWindows.Client.WebExperience.

Error: (11/22/2024 06:54:43 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9NTXGKQ8P7N0-MicrosoftWindows.CrossDevice.

Error: (11/22/2024 06:00:01 PM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1796) (User: NT AUTHORITY)
Description: The Secure Boot update failed to update a Secure Boot variable with error (-2147020471 = Zabezpečené spouštění není v tomto počítači zapnuto.). For more information, please see https://go.microsoft.com/fwlink/?linkid=2169931

Error: (11/22/2024 04:24:03 PM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1796) (User: NT AUTHORITY)
Description: The Secure Boot update failed to update a Secure Boot variable with error (-2147020471 = Zabezpečené spouštění není v tomto počítači zapnuto.). For more information, please see https://go.microsoft.com/fwlink/?linkid=2169931


Windows Defender:
================Event[0]

Date: 2023-10-25 02:54:09
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Microsoft Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Při přístupu
Kód chyby: 0x8007043c
Popis chyby: Tuto službu nelze spustit v nouzovém režimu.
Důvod: Antimalwarové bezpečnostní informace přestaly z neznámých důvodů fungovat. V některých případech se tento problém dá vyřešit restartováním služby.

CodeIntegrity:
===============
Date: 2024-11-23 23:04:37
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SecurityHealthService.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.

Date: 2024-11-23 16:08:56
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.


==================== Memory info ===========================

BIOS: American Megatrends International, LLC. 1.70 08/10/2023
Motherboard: Micro-Star International Co., Ltd. MAG B650 TOMAHAWK WIFI (MS-7D75)
Processor: AMD Ryzen 7 7800X3D 8-Core Processor
Percentage of memory in use: 56%
Total physical RAM: 31904.58 MB
Available physical RAM: 13879.25 MB
Total Virtual: 52384.58 MB
Available Virtual: 27029.66 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:249.23 GB) (Free:17.56 GB) (Model: KINGSTON SKC3000D2048G) NTFS
Drive d: (Místní disk) (Fixed) (Total:1657.73 GB) (Free:446.54 GB) (Model: KINGSTON SKC3000D2048G) NTFS

\\?\Volume{4083c866-0f6f-4af0-a569-ca6bcac5ce48}\ () (Fixed) (Total:0.66 GB) (Free:0.08 GB) NTFS
\\?\Volume{6b5d3ba8-e03f-4fa3-8ab4-6662c5e7e01e}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 1907.7 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118807
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Preventivní kontrola 24.11.2024

#4 Příspěvek od Rudy »

Zdravím!
Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKU\S-1-5-21-2111594256-2338183963-3193565703-1001\...\MountPoints2: {b75d0fe9-73f5-11ee-b37b-16ac60273a05} - "E:\setup.exe"
Task: {44A29DAE-4F7C-4413-92EA-4742D6DAD351} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem132.0.6833.0{BFD0482A-7C37-42D0-81ED-676AF0B6DADE} => C:\Program Files (x86)\Google\GoogleUpdater\132.0.6833.0\updater.exe [5591136 2024-11-11] (Google LLC -> Google LLC)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
C:\DumpStack.log.tmp

EmptyTemp:
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

bojimso
2. Stupeň Varování
Příspěvky: 287
Registrován: 08 bře 2007 14:56

Re: Preventivní kontrola 24.11.2024

#5 Příspěvek od bojimso »

Zdravím, posílám fixlog :|

Fix result of Farbar Recovery Scan Tool (x64) Version: 25-11-2024
Ran by David (27-11-2024 17:52:53) Run:1
Running from C:\Users\David\Desktop
Loaded Profiles: David
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKU\S-1-5-21-2111594256-2338183963-3193565703-1001\...\MountPoints2: {b75d0fe9-73f5-11ee-b37b-16ac60273a05} - "E:\setup.exe"
Task: {44A29DAE-4F7C-4413-92EA-4742D6DAD351} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem132.0.6833.0{BFD0482A-7C37-42D0-81ED-676AF0B6DADE} => C:\Program Files (x86)\Google\GoogleUpdater\132.0.6833.0\updater.exe [5591136 2024-11-11] (Google LLC -> Google LLC)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
C:\DumpStack.log.tmp

EmptyTemp:
End
*****************

Processes closed successfully.
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiSpyware"="0" => value restored successfully
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiVirus"="0" => value restored successfully
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate => removed successfully
HKU\S-1-5-21-2111594256-2338183963-3193565703-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b75d0fe9-73f5-11ee-b37b-16ac60273a05} => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{44A29DAE-4F7C-4413-92EA-4742D6DAD351}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{44A29DAE-4F7C-4413-92EA-4742D6DAD351}" => removed successfully
C:\Windows\System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem132.0.6833.0{BFD0482A-7C37-42D0-81ED-676AF0B6DADE} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem132.0.6833.0{BFD0482A-7C37-42D0-81ED-676AF0B6DADE}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E0F10DCF-44AD-40E8-9370-FB5DA59F93FB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E0F10DCF-44AD-40E8-9370-FB5DA59F93FB}" => removed successfully
C:\Windows\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker" => removed successfully
Could not move "C:\DumpStack.log.tmp" => Scheduled to move on reboot.

=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 271749620 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 822870126 B
Windows/system/drivers => 694214 B
Edge => 0 B
Chrome => 1574127407 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 904833 B
LocalService => 8346938 B
NetworkService => 8390142 B
David => 201946864 B

RecycleBin => 0 B
EmptyTemp: => 2.7 GB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 27-11-2024 17:56:54)

C:\DumpStack.log.tmp => Could not move

==== End of Fixlog 17:56:54 ====

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118807
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Preventivní kontrola 24.11.2024

#6 Příspěvek od Rudy »

Smazáno, log je již OK.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

bojimso
2. Stupeň Varování
Příspěvky: 287
Registrován: 08 bře 2007 14:56

Re: Preventivní kontrola 24.11.2024

#7 Příspěvek od bojimso »

Dekuji Vam moc za kontrolu a preji hezky zbytek dne, muzeme lock :James008:

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118807
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Preventivní kontrola 24.11.2024

#8 Příspěvek od Rudy »

Hezký den i vám a rádo se stalo! :)
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Zamčeno