Zdravím,
Kaspersky me upozornil na HEUR:Trojan.Multi.GenBadur.gena, nevim zda, jestli to je neni jen plany poplach, restartoval jsem PC a po chvili vyskocilo znovu, tak se ujistuji, ze je vse OK.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 01-04-2025
Ran by David (administrator) on DEJFYQQ (Micro-Star International Co., Ltd. MS-7D75) (19-04-2025 03:28:55)
Running from C:\Users\David\Desktop\FRST64.exe
Loaded Profiles: David
Platform: Microsoft Windows 11 Home Version 24H2 26100.3775 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Blizzard Entertainment, Inc. -> Blizzard Entertainment) C:\ProgramData\Battle.net\Agent\Agent.9098\Agent.exe
(C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe ->) (Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\EpicWebHelper.exe <2>
(C:\Program Files (x86)\Gyazo\GyStation.exe ->) (Helpfeel Inc -> Helpfeel Inc.) C:\Program Files (x86)\Gyazo\GyazoVideoCore.exe
(C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\avp.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\avpui.exe
(C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.20\ksde.exe ->) (AO Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.20\ksdeui.exe
(C:\Program Files (x86)\MSI\MSI Center\MSI.CentralServer.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Program Files (x86)\MSI\MSI Center\Engine\CC_Engine_x64.exe
(C:\Program Files (x86)\MSI\MSI Center\MSI_Central_Service.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Center\MSI.CentralServer.exe
(C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzAppManager
(C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzBTLEManager
(C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzDeviceManager
(C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzDiagnostic
(C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzChromaConnectManager
(C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzChromaConnectServer
(C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzIoTDeviceManager
(C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSmartlightingDeviceManager
(C:\Program Files (x86)\Razer\Razer Services\Razer Central\Razer Central.exe ->) (Razer USA Ltd. -> The CefSharp Authors) C:\Program Files (x86)\Razer\Razer Services\Razer Central\CefSharp.BrowserSubprocess.exe <5>
(C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\Razer Central.exe
(C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe ->) (Razer USA Ltd. -> ) C:\Program Files (x86)\Razer\Synapse3\UserProcess\Razer Synapse Service Process.exe
(C:\Program Files (x86)\Steam\steam.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
(C:\Program Files\Dell\Dell Peripheral Manager\DPMService.exe ->) (IndiLogic LLC -> ) C:\Program Files\Dell\Dell Peripheral Manager\DPMCrashHandler.exe <2>
(C:\Program Files\Dell\Dell Peripheral Manager\DPMService.exe ->) (IndiLogic LLC -> Dell Inc.) C:\Program Files\Dell\Dell Peripheral Manager\DPM.exe
(C:\Program Files\Dell\DTP\InstrumentationSubAgent\Dell.TechHub.Instrumentation.SubAgent.exe ->) (Dell Technologies Inc. -> Dell, Inc.) C:\Program Files\Dell\DTP\InstrumentationSubAgent\Dell.TechHub.Instrumentation.UserProcess.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Technologies Inc. -> ) C:\Program Files (x86)\Dell\UpdateService\DCF\Dell.Update.SubAgent.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Technologies Inc. -> DDPM.Subagent) C:\Program Files\Dell\Dell Display and Peripheral Manager\Plugins\DDPM.Subagent\DDPM.Subagent.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Technologies Inc. -> DDPM.Subagent.User) C:\Program Files\Dell\Dell Display and Peripheral Manager\Plugins\DDPM.Subagent.User\DDPM.Subagent.User.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Technologies Inc. -> Dell) C:\Program Files\Dell\MyDell\Manager\Dell.UCA.Manager.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Technologies Inc. -> Dell) C:\Program Files\Dell\TechHub\Dell.CoreServices.Client.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Technologies Inc. -> Dell, Inc.) C:\Program Files\Dell\DTP\AnalyticsSubAgent\Dell.TechHub.Analytics.SubAgent.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Technologies Inc. -> Dell, Inc.) C:\Program Files\Dell\DTP\DataManagerSubAgent\Dell.TechHub.DataManager.SubAgent.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Technologies Inc. -> Dell, Inc.) C:\Program Files\Dell\DTP\InstrumentationSubAgent\Dell.TechHub.Instrumentation.SubAgent.exe
(C:\Program Files\Google\Chrome\Application\chrome.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(C:\Program Files\Google\Play Games Services\25.4.291.0\Service\GooglePlayGamesServices.exe ->) (Google LLC -> ) C:\Program Files\Google\Play Games Services\25.4.291.0\Service\data\windows.assets\crashpad_handler.exe
(C:\Users\David\AppData\Local\Programs\CurseForge Windows\CurseForge.exe ->) (Overwolf Ltd -> Overwolf LTD) C:\Users\David\AppData\Local\Programs\CurseForge Windows\resources\app.asar.unpacked\plugins\curse\win\Curse.Agent.Host.exe
(cmd.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\plugins_nms.exe
(Discord Inc. -> Discord Inc.) C:\Users\David\AppData\Local\Discord\app-1.0.9188\Discord.exe <6>
(DriverStore\FileRepository\u0401611.inf_amd64_fdc4605155615ab7\B399690\atiesrxx.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0401611.inf_amd64_fdc4605155615ab7\B399690\atieclxx.exe
(explorer.exe ->) () [File not signed] C:\Program Files (x86)\CZC.Gaming Reaper\DeviceDriver.exe
(explorer.exe ->) () [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\TSMApplication.exe
(explorer.exe ->) (AVB Disc Soft, SIA -> Disc Soft FZE LLC) C:\Program Files\DAEMON Tools Lite\DTAgent.exe
(explorer.exe ->) (Blizzard Entertainment, Inc. -> Blizzard Entertainment) C:\Program Files (x86)\Battle.net\Battle.net.exe <6>
(explorer.exe ->) (Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <20>
(explorer.exe ->) (Helpfeel Inc -> Helpfeel Inc.) C:\Program Files (x86)\Gyazo\GyStation.exe
(explorer.exe ->) (Overwolf Ltd -> Overwolf) C:\Users\David\AppData\Local\Programs\CurseForge Windows\CurseForge.exe <7>
(explorer.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe
(explorer.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe
(services.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0401611.inf_amd64_fdc4605155615ab7\B399690\atiesrxx.exe
(services.exe ->) (AVB Disc Soft, SIA -> Disc Soft FZE LLC) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(services.exe ->) (Dell Technologies Inc. -> ) C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe
(services.exe ->) (Dell Technologies Inc. -> Dell) C:\Program Files\Dell\TechHub\Dell.TechHub.exe
(services.exe ->) (Google LLC -> Google) C:\Program Files\Google\Play Games Services\25.4.291.0\Service\GooglePlayGamesServices.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (IndiLogic LLC -> Dell Inc.) C:\Program Files\Dell\Dell Peripheral Manager\DPMService.exe
(services.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\avp.exe
(services.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.20\ksde.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc) C:\Windows\System32\DriverStore\FileRepository\amd3dvcache.inf_amd64_558311a8a60226a4\amd3dvcacheSvc.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI Center\Case\MSI_Case_Service.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Center\MSI_Central_Service.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI Center\Mystic Light\LightKeeperService.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Center\Mystic Light\Mystic_Light_Service.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI Center\Voice Control\VoiceControl_Service.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvrfi.inf_amd64_a4e2182beae2ddf6\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Razer USA Ltd. -> Razer Inc) C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzChromaStreamServer.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe
(services.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\steamservice.exe
(sihost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftWindows.CrossDevice_1.25031.45.0_x64__cw5n1h2txyewy\CrossDeviceService.exe
(svchost.exe ->) (24803D75-212C-471A-BC57-9EF86AB91435 -> ) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2515.7.0_x64__cv1g1gvanyjgm\WhatsApp.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.StartExperiencesApp_1.1.296.0_x64__8wekyb3d8bbwe\MicrosoftStartFeedProvider\MicrosoftStartFeedProvider.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\David\AppData\Local\Microsoft\OneDrive\25.056.0324.0003\FileCoAuth.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_525.5100.40.0_x64__cw5n1h2txyewy\WidgetBoard.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe <2>
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Center\MSI.TerminalServer.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Center\Mystic Light\LEDKeeper2.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI Center\Voice Control\VoiceControl_Engine.exe
(svchost.exe ->) (PALIT MICROSYSTEMS LTD. TAIWAN BRANCH (BELIZE) -> Palit Microsystems Ltd.) C:\Program Files\Thunder Master\ThPanel.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-2111594256-2338183963-3193565703-1001\...\Run: [TSMApplication] => C:\Program Files (x86)\TradeSkillMaster Application\app\TSMApplication.exe [1623040 2024-08-28] () [File not signed]
HKU\S-1-5-21-2111594256-2338183963-3193565703-1001\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [1213048 2025-03-26] (Helpfeel Inc -> Helpfeel Inc.)
HKU\S-1-5-21-2111594256-2338183963-3193565703-1001\...\Run: [Discord] => C:\Users\David\AppData\Local\Discord\Update.exe [1525016 2023-10-16] (Discord Inc. -> GitHub)
HKU\S-1-5-21-2111594256-2338183963-3193565703-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4694624 2025-04-02] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-2111594256-2338183963-3193565703-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [482640 2023-10-26] (AVB Disc Soft, SIA -> Disc Soft FZE LLC)
HKU\S-1-5-21-2111594256-2338183963-3193565703-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [36981208 2024-12-04] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-2111594256-2338183963-3193565703-1001\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3599496 2025-03-11] (Razer USA Ltd. -> Razer Inc.)
HKU\S-1-5-21-2111594256-2338183963-3193565703-1001\...\Run: [Battle.net] => C:\Program Files (x86)\Battle.net\Battle.net.exe [981632 2025-04-03] (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
HKU\S-1-5-21-2111594256-2338183963-3193565703-1001\...\Run: [electron.app.CurseForge] => C:\Users\David\AppData\Local\Programs\CurseForge Windows\CurseForge.exe [182268856 2025-04-01] (Overwolf Ltd -> Overwolf)
HKU\S-1-5-18\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3599496 2025-03-11] (Razer USA Ltd. -> Razer Inc.)
HKLM\...\Windows x64\Print Processors\hpcpp270: C:\Windows\System32\spool\prtprocs\x64\hpcpp270.dll [873168 2023-05-30] (HP Inc. -> HP Inc.)
HKLM\...\Print\Monitors\HP Universal Print Monitor: c:\windows\system32\HPMPW082.DLL [130256 2023-05-30] (HP Inc. -> HP Inc.)
HKLM\...\Print\Monitors\HPMLM225: c:\windows\system32\hpmlm225.dll [318160 2023-05-30] (HP Inc. -> HP Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\135.0.7049.96\Installer\chrmstp.exe [2025-04-17] (Google LLC -> Google LLC)
Startup: C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DDM2.0.lnk [2023-10-26]
ShortcutTarget: DDM2.0.lnk -> C:\Program Files\Dell\Dell Display Manager 2\DDM.exe (No File)
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {3CFFFB62-35B9-4B00-A3EF-1CADEA1F1950} - System32\Tasks\Google Play Games Notifier => C:\Program Files\Google\Play Games\Bootstrapper.exe [375392 2025-04-18] (Google LLC -> Google LLC)
Task: {20602FA7-D082-4035-94C5-CA3179224F2A} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem137.0.7115.0{2557B071-197E-47E9-AFA4-C323D2ECBBB6} => C:\Program Files (x86)\Google\GoogleUpdater\137.0.7115.0\updater.exe [7360096 2025-04-08] (Google LLC -> Google LLC)
Task: {2FBA3F76-156A-4FFE-918B-78AE72B83EEA} - System32\Tasks\GyazoUpdateTaskMachine => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [10513984 2025-03-26] (Helpfeel Inc -> Helpfeel Inc.)
Task: {8F53028B-313E-4798-A7D7-7B00E941E17A} - System32\Tasks\GyazoUpdateTaskMachineDaily => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [10513984 2025-03-26] (Helpfeel Inc -> Helpfeel Inc.)
Task: {2F025BF2-467A-42CC-A20C-227EF86BD9BE} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [78288 2025-03-03] (HP Inc. -> HP Inc.)
Task: {D31EDD06-9494-45F6-913B-9E98F5501A0E} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor Logon => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [78288 2025-03-03] (HP Inc. -> HP Inc.)
Task: {8061F546-2AA0-4F23-A861-22118B523C3E} - System32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901} => C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe [743488 2023-10-25] (Kaspersky Lab JSC -> AO Kaspersky Lab)
Task: {F960DEC5-CB0A-45F3-809A-5D0A0D20C15A} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26043888 2019-03-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {591F3815-453A-4FED-8DCD-AE4E364ECE38} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26043888 2019-03-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {78AB5B60-5F84-493F-9E3D-9E5F85EFA1AB} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\sdxhelper.exe [103896 2023-10-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {A11EF95D-7CAD-4292-B611-62BE49DE8B5C} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\sdxhelper.exe [103896 2023-10-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {DE1B5B99-25AE-428B-9EC8-6AE1D27F943E} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1403008 2023-10-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {C7FFF969-718F-4CCA-AC2A-524E9A426BE2} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1403008 2023-10-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {DD5CD39C-2D88-443C-BEF7-EEFA8C25213E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4403336 2023-10-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {EDDC86CD-8F92-41B6-BEE9-BF68C9B215E1} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4403336 2023-10-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {B91F7551-B92E-4A76-870D-05E1487D240A} - System32\Tasks\Microsoft\Windows\AccountHealth\RecoverabilityToastTask => {B7F5B442-EBF8-46CD-9F0B-D8E45ED43492} C:\WINDOWS\system32\AccountHealth.dll [258048 2025-03-27] (Microsoft Windows -> Microsoft Corporation)
Task: {077BA067-7C15-40F0-B22E-C9DC2A54B4A2} - System32\Tasks\Microsoft\Windows\Location\Notifications => %windir%\System32\LocationNotificationWindows.exe (No File)
Task: {F3E6E7ED-A196-4E44-8803-55FAB3AD4E29} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
Task: {A10B79A1-933A-4CCE-9411-E5145D49A3B8} - System32\Tasks\MSI Task Host - LEDKeeper2_Host => C:\Program Files (x86)\MSI\MSI Center\Mystic Light\LEDKeeper2.exe [2660456 2023-10-04] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
Task: {61BF09AC-4E25-473E-BA83-E1554CE7A1EC} - System32\Tasks\NVIDIA app SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA app\CEF\NVIDIA app.exe [3287072 2025-03-06] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9BD09CC4-557E-493F-9833-BF4528595D59} - System32\Tasks\OneDrive Startup Task-S-1-5-21-2111594256-2338183963-3193565703-1001 => C:\Users\David\AppData\Local\Microsoft\OneDrive\25.056.0324.0003\OneDriveLauncher.exe [676680 2025-04-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {B2B209D9-81AB-4894-ADFF-004B5E75296F} - System32\Tasks\ThunderMaster => C:\Program Files\Thunder Master\ThPanel.exe [4530592 2023-05-05] (PALIT MICROSYSTEMS LTD. TAIWAN BRANCH (BELIZE) -> Palit Microsystems Ltd.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 93.89.159.2 1.1.1.1
Tcpip\..\Interfaces\{c955e5c7-047b-42c9-b48e-0f4d7406f04a}: [DhcpNameServer] 93.89.159.2 1.1.1.1
Edge:
=======
Edge Profile: C:\Users\David\AppData\Local\Microsoft\Edge\User Data\Default [2025-04-15]
Edge Extension: (Ochrana Kaspersky) - C:\Users\David\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm [2024-12-03]hxxps://clients2.google.com/service/update2/crx
Edge Extension: (Dokumenty Google offline) - C:\Users\David\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-03-28]hxxps://clients2.google.com/service/update2/crx
Edge Extension: (Edge relevant text changes) - C:\Users\David\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-24]hxxps://edge.microsoft.com/extensionwebstorebase/v1/crx
Edge HKU\S-1-5-21-2111594256-2338183963-3193565703-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm]
FireFox:
========
FF HKLM\...\Firefox\Extensions: [light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\FFExt\light_plugin_firefox\addon.xpi => not found
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\FFExt\light_plugin_firefox\addon.xpi => not found
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2023-10-27] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2023-10-27] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=3.0.19 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2024-06-08] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.20 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2024-06-08] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.21 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2024-06-08] (VideoLAN -> VideoLAN)
Chrome:
=======
CHR Profile: C:\Users\David\AppData\Local\Google\Chrome\User Data\Default [2025-04-19]
CHR DownloadDir: C:\Users\David\Desktop
CHR HomePage: Default -> hxxp://seznam.cz/
CHR StartupUrls: Default -> "hxxp://facebook.com/"
CHR DefaultSearchURL: Default -> hxxp://www.google.com/search?hl=en&q={searchTerms}
CHR DefaultSearchKeyword: Default -> google.cz_
CHR DefaultSuggestURL: Default -> hxxp://suggest.fulltext.seznam.cz/fulltext_ff?phrase={searchTerms}
CHR Extension: (Ochrana Kaspersky) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm [2024-12-03]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (BetterTTV) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2025-04-12]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (7TV) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\ammjkodgmmoknidbanneddgankgfejfh [2023-10-25]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (MrtkiBlock) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmlajoobakfffnddclhgdbfomjmaeeen [2023-10-25]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (uBlock Origin) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2025-03-22]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Kaspersky Password Manager) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhnkblpjbkfklfloegejegedcafpliaa [2025-02-11]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2025-04-18]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Dokumenty Google offline) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-03-27]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-10-25]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Unseen Message) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\oapcfkclledjbalilncpoimgjgcndhdo [2024-01-07]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Global Twitch Emotes) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgniedifoejifjkndekolimjeclnokkb [2023-10-25]hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm
CHR HKU\S-1-5-21-2111594256-2338183963-3193565703-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 amd3dvcacheSvc; C:\WINDOWS\System32\DriverStore\FileRepository\amd3dvcache.inf_amd64_558311a8a60226a4\amd3dvcacheSvc.exe [143432 2024-04-18] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc)
R2 AVP21.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\avp.exe [184768 2022-08-01] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S3 battlenet_helpersvc; C:\ProgramData\Battle.net_components\battlenet_helpersvc\AgentHelper.exe [3319424 2025-04-08] (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11129928 2019-03-05] (Microsoft Corporation -> Microsoft Corporation)
S2 coresys; C:\Users\David\AppData\Roaming\Microsoft\kernel64\core\coresys.exe [762316288 2024-11-24] () [File not signed] <==== ATTENTION
R2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [51648 2024-11-13] (Dell Technologies Inc. -> )
R2 DellTechHub; C:\Program Files\Dell\TechHub\Dell.TechHub.exe [153304 2024-12-03] (Dell Technologies Inc. -> Dell)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [4974416 2023-10-26] (AVB Disc Soft, SIA -> Disc Soft FZE LLC)
R2 DPMService; C:\Program Files\Dell\Dell Peripheral Manager\DPMService.exe [2767728 2025-02-04] (IndiLogic LLC -> Dell Inc.)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [934352 2023-08-02] (Epic Games Inc. -> Epic Games, Inc.)
R2 GooglePlayGamesServices-25.4.291.0; C:\Program Files\Google\Play Games Services\25.4.291.0\Service\GooglePlayGamesServices.exe [518752 2025-04-11] (Google LLC -> Google)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [243664 2025-03-03] (HP Inc. -> HP Inc.)
S3 klvssbridge64_21.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\x64\vssbridge64.exe [479280 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R2 KSDE5.20; C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.20\ksde.exe [32008 2025-01-18] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R2 LightKeeperService; C:\Program Files (x86)\MSI\MSI Center\Mystic Light\LightKeeperService.exe [92768 2023-05-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 MSI_Case_Service; C:\Program Files (x86)\MSI\MSI Center\Case\MSI_Case_Service.exe [74336 2023-07-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 MSI_Center_Service; C:\Program Files (x86)\MSI\MSI Center\MSI_Central_Service.exe [154216 2023-08-17] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
R2 MSI_VoiceControl_Service; C:\Program Files (x86)\MSI\MSI Center\Voice Control\VoiceControl_Service.exe [36880 2023-04-27] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 Mystic_Light_Service; C:\Program Files (x86)\MSI\MSI Center\Mystic Light\Mystic_Light_Service.exe [37616 2022-04-28] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [50688 2019-02-01] (HP Inc.) [File not signed]
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvrfi.inf_amd64_a4e2182beae2ddf6\Display.NvContainer\NVDisplay.Container.exe [1275016 2025-03-15] (NVIDIA Corporation -> NVIDIA Corporation)
S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [66048 2019-02-01] (HP Inc.) [File not signed]
R2 Razer Chroma SDK Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe [1882024 2024-10-18] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [232360 2024-10-18] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Chroma Stream Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzChromaStreamServer.exe [1268176 2024-07-18] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Game Manager Service; C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe [256256 2024-10-15] (Razer USA Ltd. -> Razer Inc)
R2 Razer Synapse Service; C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe [300168 2025-03-11] (Razer USA Ltd. -> Razer Inc.)
S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [1271280 2023-11-01] (Rockstar Games, Inc. -> Rockstar Games)
R2 RzActionSvc; C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe [513672 2025-03-06] (Razer USA Ltd. -> Razer Inc.)
S2 sysnet64; C:\Users\David\AppData\Roaming\Microsoft\SysDriver64\netrtwlansinf\netsys64.exe [747636224 2024-11-24] () [File not signed] <==== ATTENTION
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\NisSrv.exe [3174840 2023-12-08] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MsMpEng.exe [133592 2023-12-08] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 amd3dvcache; C:\WINDOWS\System32\DriverStore\FileRepository\amd3dvcache.inf_amd64_558311a8a60226a4\amd3dvcache.sys [42720 2024-04-18] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc)
R3 amdfendrmgr; C:\WINDOWS\System32\drivers\amdfendrmgr.sys [56416 2024-03-26] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R3 amdgpio3; C:\WINDOWS\System32\drivers\amdgpio3.sys [36928 2022-09-15] (ASMedia Technology Inc. -> Advanced Micro Devices, Inc)
R3 amduw23g; C:\WINDOWS\System32\DriverStore\FileRepository\u0401611.inf_amd64_fdc4605155615ab7\B399690\amdkmdag.sys [100084648 2024-03-26] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [569344 2024-12-05] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [200704 2024-12-05] (Microsoft Corporation) [File not signed]
R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [237288 2022-08-01] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 DPMDriver; C:\WINDOWS\System32\drivers\DPMDriver.sys [142272 2025-02-04] (IndiLogic LLC -> Dell Inc.)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [42256 2023-10-26] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [63696 2023-10-26] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R1 googlehaxm; C:\WINDOWS\system32\drivers\GoogleHaxm.sys [234712 2025-02-26] (Microsoft Windows Hardware Compatibility Publisher -> Google)
S3 HPEWSFXBULK; C:\WINDOWS\system32\drivers\hpfx64bulk.sys [30200 2023-05-31] (Hewlett-Packard Company -> Hewlett Packard)
R1 klbackupdisk; C:\WINDOWS\system32\DRIVERS\klbackupdisk.sys [105280 2022-08-01] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klbackupflt; C:\WINDOWS\System32\DRIVERS\klbackupflt.sys [206600 2022-08-01] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [119568 2022-08-01] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [41656 2021-02-19] (Microsoft Windows Early Launch Anti-malware Publisher -> AO Kaspersky Lab)
R1 klflt; C:\WINDOWS\system32\DRIVERS\klflt.sys [533040 2024-04-03] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klgse; C:\WINDOWS\System32\DRIVERS\klgse.sys [857432 2025-03-04] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klhk; C:\WINDOWS\system32\DRIVERS\klhk.sys [2256208 2025-03-04] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klids; C:\ProgramData\Kaspersky Lab\AVP21.3\Bases\klids.sys [236024 2025-02-24] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [1051184 2024-04-03] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klim6; C:\WINDOWS\system32\DRIVERS\klim6.sys [90896 2022-08-01] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klkbdflt; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [104728 2022-08-01] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klmouflt; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [107328 2022-08-01] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [78088 2022-08-01] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klpnpflt; C:\WINDOWS\system32\DRIVERS\klpnpflt.sys [88328 2022-08-01] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 kltun; C:\WINDOWS\system32\DRIVERS\kltun.sys [101912 2025-01-18] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R0 klupd_klif_arkmon; C:\WINDOWS\System32\Drivers\klupd_klif_arkmon.sys [400152 2025-03-10] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klupd_klif_klark; C:\WINDOWS\System32\Drivers\klupd_klif_klark.sys [364056 2025-03-12] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R0 klupd_klif_klbg; C:\WINDOWS\System32\Drivers\klupd_klif_klbg.sys [204440 2025-03-10] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klupd_klif_mark; C:\WINDOWS\System32\Drivers\klupd_klif_mark.sys [266432 2025-03-12] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [150280 2022-08-01] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klwtp; C:\WINDOWS\system32\DRIVERS\klwtp.sys [325400 2022-08-01] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [294680 2022-08-01] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 MSIO; C:\Windows\system32\drivers\MsIo64.sys [19000 2023-04-05] (Microsoft Windows Hardware Compatibility Publisher -> MICSYS Technology Co., LTd)
R3 MTKBTFilterX64; C:\WINDOWS\System32\drivers\mtkbtfilterx.sys [345056 2022-06-26] (Microsoft Windows Hardware Compatibility Publisher -> MediaTek Inc.)
R3 mtkwlex; C:\WINDOWS\System32\drivers\mtkwl6ex.sys [1587680 2022-06-26] (Microsoft Windows Hardware Compatibility Publisher -> MediaTek Inc.)
R3 NTIOLib_CC_Clock; C:\Program Files (x86)\MSI\MSI Center\Lib\NTIOLib_X64.sys [14288 2017-07-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 NTIOLib_CC_COMM; C:\Program Files (x86)\MSI\MSI Center\Lib\SYS\NTIOLib_X64.sys [32424 2023-07-31] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
S3 NTIOLib_FWUpdate; C:\Program Files (x86)\MSI\MSI Center\Mystic Light\ResetMCU\JT1Toucher\NTIOLib_X64.sys [28496 2022-04-27] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 NTIOLib_MysticLight; C:\Program Files (x86)\MSI\MSI Center\Mystic Light\Lib\NTIOLib_X64.sys [14288 2017-07-11] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 RzCommon; C:\WINDOWS\System32\drivers\RzCommon.sys [64168 2022-08-18] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_0099; C:\WINDOWS\System32\drivers\RzDev_0099.sys [56152 2021-06-14] (Razer USA Ltd. -> Razer Inc)
S3 ThermalFilter; C:\WINDOWS\System32\DriverStore\FileRepository\c_thermal.inf_amd64_732a53ed1662b707\ThermalFilter.sys [75376 2025-03-27] (Microsoft Windows Hardware Abstraction Layer Publisher -> Microsoft Corporation)
S3 usbscan; C:\WINDOWS\System32\DriverStore\FileRepository\sti.inf_amd64_971c769b103df369\usbscan.sys [90112 2024-12-05] (Microsoft Windows -> Microsoft Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [55856 2023-12-08] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [594304 2023-12-08] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105856 2023-12-08] (Microsoft Windows -> Microsoft Corporation)
S3 wini3ctarget; C:\WINDOWS\System32\DriverStore\FileRepository\wini3ctarget.inf_amd64_bdb09ebda2834009\wini3ctarget.sys [75168 2025-03-27] (Microsoft Windows -> Microsoft Corporation)
S4 AmdTools64; \SystemRoot\System32\drivers\AmdTools64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2025-04-19 03:28 - 2025-04-19 03:29 - 000040968 _____ C:\Users\David\Desktop\FRST.txt
2025-04-19 01:01 - 2025-04-19 01:01 - 000711764 _____ C:\WINDOWS\system32\perfh005.dat
2025-04-19 01:01 - 2025-04-19 01:01 - 000152978 _____ C:\WINDOWS\system32\perfc005.dat
2025-04-16 23:08 - 2025-04-18 22:09 - 000000000 ____D C:\Users\David\Desktop\www.UIndex.org - Daredevil Born Again S01E09 Straight to Hell 2160p DSNP WEB-DL DDP5 1 Atmos DV HDR H 265-FLUX
2025-04-14 22:11 - 2025-04-14 22:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\qBittorrent
2025-04-11 16:14 - 2025-04-11 16:14 - 021490212 _____ C:\Users\David\Desktop\Ebook Jak pěstovat chilli - 7 kroků.pdf
2025-04-10 17:32 - 2025-04-19 02:01 - 000000000 ____D C:\WINDOWS\CbsTemp
2025-04-09 18:32 - 2025-04-09 18:32 - 000000000 ____D C:\inetpub
2025-04-09 17:59 - 2025-04-09 18:00 - 000567952 _____ C:\Users\David\Desktop\MP.pdf
2025-03-30 16:03 - 2025-03-30 16:26 - 000000000 ____D C:\Users\David\Desktop\Agatha.All.Along.S01E01.HDR.2160p.WEB.H265-SuccessfulCrab[TGx]
2025-03-28 02:36 - 2025-03-28 02:36 - 000000000 ____D C:\WINDOWS\system32\AccountHealthAssets
2025-03-27 21:59 - 2025-03-27 21:59 - 000029042 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json
2025-03-27 21:59 - 2025-03-27 21:59 - 000029042 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2025-03-21 23:24 - 2025-03-24 23:19 - 000000000 ____D C:\Users\David\Desktop\www.Torrenting.com - Daredevil 2003 1080p DSNP WEB-DL DDP 5 1 H 264-PiRaTeS
2025-03-21 23:09 - 2025-03-21 23:24 - 000000000 ____D C:\Users\David\Desktop\Daredevil Directors Cut (2003) [1080p]
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2025-04-19 03:29 - 2024-04-06 17:11 - 000000000 ____D C:\FRST
2025-04-19 03:29 - 2024-04-01 09:26 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2025-04-19 03:29 - 2023-10-25 02:40 - 000000000 ____D C:\Users\David\AppData\Local\Battle.net
2025-04-19 03:28 - 2024-04-06 17:06 - 002404864 _____ (Farbar) C:\Users\David\Desktop\FRST64.exe
2025-04-19 03:24 - 2023-10-30 19:34 - 000000000 ____D C:\Users\David\AppData\Roaming\CurseForge
2025-04-19 03:23 - 2023-10-26 16:41 - 000000000 ____D C:\Program Files (x86)\Steam
2025-04-19 03:21 - 2023-10-25 03:01 - 000000000 ____D C:\Users\David\AppData\Local\D3DSCache
2025-04-19 03:07 - 2023-10-27 14:47 - 000000000 ____D C:\Users\David\AppData\Roaming\vlc
2025-04-19 03:01 - 2023-10-26 16:27 - 000000000 ____D C:\Users\David\AppData\Local\Discord
2025-04-19 02:40 - 2025-03-13 12:56 - 000001298 _____ C:\Users\David\Desktop\Mr Autofire.lnk
2025-04-19 02:30 - 2024-12-05 21:45 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2025-04-19 02:04 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\AppReadiness
2025-04-19 01:01 - 2024-12-05 21:51 - 001692332 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2025-04-19 01:01 - 2024-04-01 09:24 - 000000000 ____D C:\WINDOWS\INF
2025-04-19 00:02 - 2024-08-09 16:36 - 000000000 ____D C:\Users\David\AppData\Roaming\discord
2025-04-19 00:01 - 2024-12-05 21:49 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2025-04-19 00:01 - 2024-12-05 21:47 - 000003942 _____ C:\WINDOWS\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2
2025-04-19 00:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SystemTemp
2025-04-19 00:01 - 2023-10-25 03:04 - 000000000 ____D C:\ProgramData\NVIDIA
2025-04-19 00:01 - 2023-10-24 19:04 - 000000000 ____D C:\MSI
2025-04-19 00:01 - 2023-10-24 17:52 - 000012288 ___SH C:\DumpStack.log.tmp
2025-04-19 00:00 - 2024-04-01 09:21 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2025-04-18 21:43 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\SecurityHealth
2025-04-18 21:30 - 2024-04-01 09:26 - 000000000 ___HD C:\Program Files\WindowsApps
2025-04-18 21:29 - 2025-02-06 17:40 - 000003576 _____ C:\WINDOWS\system32\Tasks\OneDrive Startup Task-S-1-5-21-2111594256-2338183963-3193565703-1001
2025-04-18 21:29 - 2024-12-05 21:49 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2111594256-2338183963-3193565703-1001
2025-04-18 21:29 - 2024-12-05 21:49 - 000003364 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2111594256-2338183963-3193565703-1001
2025-04-18 21:29 - 2023-10-25 02:23 - 000002381 _____ C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2025-04-18 11:03 - 2023-10-27 00:34 - 000000000 ____D C:\Users\David\AppData\Roaming\qBittorrent
2025-04-18 10:27 - 2023-10-25 02:16 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2025-04-18 08:24 - 2023-10-27 03:50 - 000000000 ____D C:\Users\David\AppData\Roaming\Microsoft\Word
2025-04-18 00:35 - 2023-10-27 00:32 - 000000000 ____D C:\Users\David\AppData\Local\CrashDumps
2025-04-18 00:20 - 2023-10-25 02:28 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2025-04-16 22:40 - 2023-10-30 19:34 - 000002425 _____ C:\Users\David\Desktop\CurseForge.lnk
2025-04-16 02:13 - 2023-10-27 00:31 - 000123833 _____ C:\Users\David\Desktop\trollings.txt
2025-04-14 22:11 - 2025-02-20 21:12 - 000000000 ____D C:\Program Files\qBittorrent
2025-04-10 17:41 - 2023-10-25 02:21 - 000000000 ____D C:\Users\David\AppData\Local\Packages
2025-04-09 18:34 - 2024-12-05 21:45 - 000472816 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2025-04-09 18:33 - 2024-12-05 21:45 - 000001623 _____ C:\WINDOWS\system32\config\VSMIDK
2025-04-09 18:32 - 2024-04-01 18:30 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2025-04-09 18:32 - 2024-04-01 18:30 - 000000000 ____D C:\WINDOWS\system32\Microsoft-Edge-WebView
2025-04-09 18:32 - 2024-04-01 09:26 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2025-04-09 18:32 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SystemResources
2025-04-09 18:32 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\Sgrm
2025-04-09 18:32 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2025-04-09 18:32 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\oobe
2025-04-09 18:32 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\bcastdvr
2025-04-08 21:07 - 2024-04-01 09:26 - 000000000 ____D C:\ProgramData\USOPrivate
2025-04-08 19:10 - 2024-12-05 21:49 - 003352064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2025-04-06 00:03 - 2024-12-05 21:49 - 000003640 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2025-04-06 00:03 - 2024-12-05 21:49 - 000003516 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2025-04-04 01:07 - 2023-10-25 02:39 - 000000000 ____D C:\Program Files (x86)\Battle.net
2025-04-01 17:06 - 2024-12-05 21:49 - 000003512 _____ C:\WINDOWS\system32\Tasks\GyazoUpdateTaskMachineDaily
2025-04-01 17:06 - 2024-12-05 21:49 - 000003376 _____ C:\WINDOWS\system32\Tasks\GyazoUpdateTaskMachine
2025-04-01 17:06 - 2023-10-25 23:52 - 000000000 ____D C:\Program Files (x86)\Gyazo
2025-03-30 01:45 - 2023-12-19 03:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2025-03-28 02:37 - 2024-04-01 09:26 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2025-03-28 02:37 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\UUS
2025-03-28 02:37 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2025-03-28 02:37 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2025-03-28 02:37 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2025-03-28 02:36 - 2024-12-05 21:41 - 000000000 ____D C:\WINDOWS\InboxApps
2025-03-28 02:36 - 2024-04-01 18:31 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2025-03-28 02:36 - 2024-04-01 18:31 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2025-03-28 02:36 - 2024-04-01 09:26 - 000000000 ___SD C:\WINDOWS\system32\UNP
2025-03-28 02:36 - 2024-04-01 09:26 - 000000000 ___SD C:\WINDOWS\system32\F12
2025-03-28 02:36 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SystemApps
2025-03-28 02:36 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2025-03-28 02:36 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2025-03-28 02:36 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2025-03-28 02:36 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\setup
2025-03-28 02:36 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2025-03-28 02:36 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\HealthAttestationClient
2025-03-28 02:36 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\Dism
2025-03-28 02:36 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\appraiser
2025-03-28 02:36 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\ShellExperiences
2025-03-28 02:36 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\ShellComponents
2025-03-28 02:36 - 2024-04-01 09:26 - 000000000 ____D C:\Program Files\Common Files\System
2025-03-28 02:36 - 2024-04-01 09:21 - 000000000 ____D C:\WINDOWS\servicing
2025-03-23 19:39 - 2023-10-25 02:19 - 000000000 ____D C:\ProgramData\Packages
2025-03-20 22:54 - 2023-10-25 02:23 - 000000000 ____D C:\Users\David\AppData\Local\PlaceholderTileLogoFolder
==================== Files in the root of some directories ========
2025-03-13 12:50 - 2025-03-13 12:54 - 000079670 _____ () C:\Users\David\AppData\Local\dxdiag.log
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Kaspersky vyhazuje upozornění na HEUR:Trojan.Multi.GenBadur.gena v systémové paměti - možná falešný poplach?
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Kaspersky vyhazuje upozornění na HEUR:Trojan.Multi.GenBadur.gena v systémové paměti - možná falešný poplach?
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-04-2025
Ran by David (19-04-2025 03:30:57)
Running from C:\Users\David\Desktop
Microsoft Windows 11 Home Version 24H2 26100.3775 (X64) (2024-12-05 19:49:40)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-2111594256-2338183963-3193565703-500 - Administrator - Disabled)
David (S-1-5-21-2111594256-2338183963-3193565703-1001 - Administrator - Enabled) => C:\Users\David
DefaultAccount (S-1-5-21-2111594256-2338183963-3193565703-503 - Limited - Disabled)
Guest (S-1-5-21-2111594256-2338183963-3193565703-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-2111594256-2338183963-3193565703-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Kaspersky Total Security (Enabled - Up to date) {4F76F112-43EB-40E8-11D8-F7BD1853EA23}
FW: Kaspersky Total Security (Enabled) {774D7037-0984-41B0-3A87-5E88E680AD58}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
64 Bit HP CIO Components Installer (HKLM\...\{50229C72-539F-4E65-BEB5-F0491C5074B7}) (Version: 22.2.1 - HP Inc.) Hidden
AMD Ryzen Master SDK (HKLM\...\{DBD50508-5F75-416B-995D-C42433A00944}) (Version: 2.10.0.2198 - Advanced Micro Devices, Inc.)
Aplikace NVIDIA 11.0.2.341 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NvApp) (Version: 11.0.2.341 - NVIDIA Corporation)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
CurseForge 1.275.5-24706 (HKU\S-1-5-21-2111594256-2338183963-3193565703-1001\...\ca0e291c-abd4-5fc3-b6a0-3d4333eccbd7) (Version: 1.275.5-24706 - Overwolf)
CZC.Gaming Reaper (HKLM-x32\...\{A3DCB839-C9AC-4F7D-8F8A-9F93F8AF0915}_is1) (Version: 1.0 - CZC.cz s.r.o.)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 12.0.0.2126 - Disc Soft Ltd)
Dell Core Services (HKLM\...\{4DC5805F-5117-4C91-8E7B-2267F0D23B9E}) (Version: 1.9.19.0 - Dell, Inc.)
Dell Display and Peripheral Manager (HKLM-x32\...\{21A24609-08A2-423E-80DE-4D33A933F1A1}) (Version: 2.0.0.72 - Dell Technologies)
Dell Peripheral Core (HKLM\...\Dell Peripheral Manager) (Version: 2.0.1.204 - Dell Inc.)
Diablo IV (HKLM-x32\...\Diablo IV) (Version: - Blizzard Entertainment)
Discord (HKU\S-1-5-21-2111594256-2338183963-3193565703-1001\...\Discord) (Version: 1.0.9020 - Discord Inc.)
DOOM Eternal The Ancient Gods (HKLM-x32\...\DOOM Eternal The Ancient Gods_is1) (Version: - )
ENE Video Capture Box HAL (HKLM\...\{A096611D-BA11-4A1A-8D09-0A0462D7C8F2}) (Version: 1.0.5.15 - Ene Tech.) Hidden
ENE Video Capture Box HAL (HKLM-x32\...\{974259bf-3ed1-4cd6-9ed1-40c7f601a786}) (Version: 1.0.5.15 - Ene Tech.) Hidden
ENE_EHD_M2_HAL (HKLM\...\{37A48B7F-D4EA-4863-844E-A284E2AA3C5D}) (Version: 1.0.10.1 - ENE TECHNOLOGY INC.) Hidden
ENE_EHD_M2_HAL (HKLM-x32\...\{6b617af3-c8f4-45a8-bf47-b32ffb4da1cc}) (Version: 1.0.10.1 - ENE TECHNOLOGY INC.) Hidden
ENE_External_Device_HAL (HKLM\...\{2B8E611F-0B51-4FAC-87BB-AF50D82E7DDA}) (Version: 1.0.11.1 - ENE Tech) Hidden
ENE_External_Device_HAL (HKLM-x32\...\{bb9d349f-b87b-4026-b336-1604708bd09c}) (Version: 1.0.11.1 - ENE Tech) Hidden
ENE_MousePad_HAL (HKLM\...\{9E97178A-ADB8-4778-BE60-7E28E2A72721}) (Version: 1.0.2.0 - ENE TECHNOLOGY INC.) Hidden
ENE_MousePad_HAL (HKLM-x32\...\{c2c794a4-7986-4c45-884d-d4ca43b88df9}) (Version: 1.0.2.0 - ENE TECHNOLOGY INC.) Hidden
ENE_X_AIC_HAL (HKLM\...\{CF703694-01C6-4062-B797-84DB215662BC}) (Version: 1.0.6.3 - ENE TECHNOLOGY INC.) Hidden
ENE_X_AIC_HAL (HKLM-x32\...\{c662a481-d76a-4188-95d2-6eb4ffd55542}) (Version: 1.0.6.3 - ENE TECHNOLOGY INC.) Hidden
Epic Games Launcher (HKLM-x32\...\{B85FAA6E-A9AA-4655-9029-E1A4EDC05E1A}) (Version: 1.3.93.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32\...\{57A956AB-4BCC-45C6-9B40-957E4E125568}) (Version: 2.0.44.0 - Epic Games, Inc.)
Far Cry 5 v.1.011 (HKLM-x32\...\Far Cry 5_is1) (Version: - )
Far Cry 6 (HKLM-x32\...\Far Cry 6_is1) (Version: - )
Far Cry New Dawn v.1.0.5 (HKLM-x32\...\Far Cry New Dawn_is1) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 135.0.7049.96 - Google LLC)
Gyazo 5.7.2.0 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version: 5.7.2 - Helpfeel Inc.)
Hry Google Play beta (HKLM\...\GooglePlayGames) (Version: 25.3.1000.10 - Google LLC)
HWiNFO64 Version 7.64 (HKLM\...\HWiNFO64_is1) (Version: 7.64 - Martin Malik, REALiX s.r.o.)
Kaspersky Total Security (HKLM-x32\...\{4FC79BE9-AD63-46C0-9626-E4F6BCE6A976}) (Version: 21.3.10.391 - Kaspersky) Hidden
Kaspersky Total Security (HKLM-x32\...\InstallWIX_{4FC79BE9-AD63-46C0-9626-E4F6BCE6A976}) (Version: 21.3.10.391 - Kaspersky)
Kaspersky VPN (HKLM-x32\...\{57078439-645C-39D3-8062-973653E59642}) (Version: 21.20.8.505 - Kaspersky) Hidden
Kaspersky VPN (HKLM-x32\...\InstallWIX_{57078439-645C-39D3-8062-973653E59642}) (Version: 21.20.8.505 - Kaspersky)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Microsoft .NET Host - 6.0.22 (x64) (HKLM\...\{A575E059-0C3F-4138-B87A-BAF55CABA9FA}) (Version: 48.88.905 - Microsoft Corporation) Hidden
Microsoft .NET Host - 8.0.12 (x64) (HKLM\...\{C4C6E39D-48AE-426C-960C-46ED3447DDEB}) (Version: 64.48.26165 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.22 (x64) (HKLM\...\{E7598167-2D5C-4704-8777-8A25289EB8FE}) (Version: 48.88.905 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 8.0.12 (x64) (HKLM\...\{C9C872D5-3CA9-4E0E-AF90-1B85325F9243}) (Version: 64.48.26165 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.22 (x64) (HKLM\...\{853BA4E9-D41A-4FF6-AB22-A6FFDD77EA78}) (Version: 48.88.905 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 8.0.12 (x64) (HKLM\...\{1E606649-7E56-452F-8AC4-495C70D1E341}) (Version: 64.48.26165 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 135.0.3179.85 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 135.0.3179.73 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2019 - cs-cz (HKLM\...\ProPlus2019Retail - cs-cz) (Version: 16.0.11328.20158 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2111594256-2338183963-3193565703-1001\...\OneDriveSetup.exe) (Version: 25.056.0324.0003 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{C6FD611E-7EFE-488C-A0E0-974C09EF6473}) (Version: 5.72.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.38.33135 (HKLM-x32\...\{c649ede4-f16a-4486-a117-dcc2f2a35165}) (Version: 14.38.33135.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.38.33135 (HKLM-x32\...\{46c3b171-c15c-4137-8e1d-67eeb2985b44}) (Version: 14.38.33135.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.38.33135 (HKLM\...\{19AFE054-CA83-45D5-A9DB-4108EF4BD391}) (Version: 14.38.33135 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.38.33135 (HKLM\...\{AA0C8AB5-7297-4D46-A0D9-08096FE59E46}) (Version: 14.38.33135 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.38.33135 (HKLM-x32\...\{9C19C103-7DB1-44D1-A039-2C076A633A38}) (Version: 14.38.33135 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.38.33135 (HKLM-x32\...\{286DC39B-5FB7-4AFF-9DD4-22DB47664CD7}) (Version: 14.38.33135 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.22 (x64) (HKLM\...\{6B3108CD-E279-4795-BCBF-BDEA037A7913}) (Version: 48.88.914 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.22 (x64) (HKLM-x32\...\{0f94f805-22c3-4413-b1e5-5ab275ba92d5}) (Version: 6.0.22.32825 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 8.0.12 (x64) (HKLM\...\{71CD19D6-C448-4B5D-9A38-018741753290}) (Version: 64.48.26178 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 8.0.12 (x64) (HKLM-x32\...\{aafaa0cc-b975-4ffa-ba33-8690e64683c4}) (Version: 8.0.12.34404 - Microsoft Corporation)
MSI Afterburner 4.6.5 (HKLM-x32\...\Afterburner) (Version: 4.6.5 - MSI Co., LTD)
MSI Center SDK (HKLM-x32\...\{15289038-41BE-48F8-B8B9-0B1021D3089E}}_is1) (Version: 3.2023.0919.01 - MSI)
NVIDIA FrameView SDK 1.5.10819.35301613 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.5.10819.35301613 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.4.3.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.4.3.2 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 572.83 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 572.83 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.23.1019 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.23.1019 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.11328.20158 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.11328.20158 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.11328.20158 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.11328.20158 - Microsoft Corporation) Hidden
paint.net (HKLM\...\{A89BF790-0679-403A-9CC7-4015DBF4FEBA}) (Version: 5.0.13 - dotPDN LLC)
qBittorrent (HKLM-x32\...\qBittorrent) (Version: 5.0.5 - The qBittorrent project)
Razer Synapse (HKLM-x32\...\Razer Synapse) (Version: 3.10.0315.031117 - Razer Inc.)
Red Dead Redemption 2 (HKLM-x32\...\Red Dead Redemption 2) (Version: 1.0.1491.18 - Rockstar Games)
RivaTuner Statistics Server 7.3.6 (HKLM-x32\...\RTSS) (Version: 7.3.6 - Unwinder)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.80.1666 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.2.2.2 - Rockstar Games)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Streamlabs Desktop 1.14.0 (HKLM\...\029c4619-0385-5543-9426-46f9987161d9) (Version: 1.14.0 - General Workings, Inc.)
Thunder Master v4.14 (HKLM\...\{EE04522C-0814-4B63-AE57-0B63E5A355BB}_is1) (Version: 4.14.0.1 - Palit Microsystems Ltd.)
TradeSkillMaster Application version 1.0 (HKLM-x32\...\{c44da794-b956-4d50-8733-346d56ae63c7}_is1) (Version: 1.0 - TradeSkillMaster)
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 146.1.10956 - Ubisoft)
Verbatim_SureFireGaming_Product (HKLM\...\{35CB65C6-A7E3-4EE7-AD40-738D70A72164}) (Version: 1.0.3.11 - Verbatim) Hidden
Verbatim_SureFireGaming_Product (HKLM-x32\...\{d601832a-0d94-46ce-9b19-78e8a5887313}) (Version: 1.0.3.11 - Verbatim) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.21 - VideoLAN)
WD P40 Game Drive (HKLM\...\{EE55DBAE-ECDD-4ADD-AAB5-23DE848B0996}) (Version: 1.0.2.18 - Western Digital Corporation) Hidden
WD P40 Game Drive (HKLM-x32\...\{72b1a866-fc31-4381-bff3-fa6cd8823777}) (Version: 1.0.2.18 - Western Digital Corporation) Hidden
WD_BLACK AN1500 (HKLM\...\{085E2365-0A70-4230-B664-02D5E4FE7E9C}) (Version: 1.0.12.0 - ENE TECHNOLOGY INC.) Hidden
WD_BLACK AN1500 (HKLM-x32\...\{9c94735f-73fd-4b0f-9ddb-8be7b3cc4681}) (Version: 1.0.12.0 - ENE TECHNOLOGY INC.) Hidden
WD_BLACK D50 (HKLM\...\{BDE43F26-5917-44F8-B86A-F1D9A6B80B32}) (Version: 1.0.9.0 - ENE TECHNOLOGY INC.) Hidden
WD_BLACK D50 (HKLM-x32\...\{a1d1ba00-92b7-4a99-8ebd-65b25c0e9e44}) (Version: 1.0.9.0 - ENE TECHNOLOGY INC.) Hidden
WinRAR 7.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 7.00.0 - win.rar GmbH)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
World of Warcraft Public Test (HKLM-x32\...\World of Warcraft Public Test) (Version: - Blizzard Entertainment)
WowUp 2.20.0 (HKU\S-1-5-21-2111594256-2338183963-3193565703-1001\...\b31ca559-50e4-54d8-a458-330e72a28314) (Version: 2.20.0 - WowUp LLC)
WowUp-CF 2.20.0 (HKU\S-1-5-21-2111594256-2338183963-3193565703-1001\...\6f2f419c-215d-59e3-b8a5-5843bec040af) (Version: 2.20.0 - WowUp LLC)
Chrome apps:
============
YouTube (HKU\S-1-5-21-2111594256-2338183963-3193565703-1001\...\f1d05c68f71f8be3fb7e957b8345f339) (Version: 1.0 - Google\Chrome)
Packages:
=========
@{MicrosoftWindows.55182690.Taskbar_1000.26100.3624.0_x64__cw5n1h2txyewy?ms-resource://MicrosoftWindows.55182690.Taskbar/Resources/ProductPkgDisplayName} -> C:\WINDOWS\SystemApps\SxS\MicrosoftWindows.55182690.Taskbar_cw5n1h2txyewy [2025-04-09] (Microsoft Windows)
Balíček prostředí funkcí systému Windows -> C:\WINDOWS\SystemApps\SxS\MicrosoftWindows.55182690.Taskbar_cw5n1h2txyewy [2025-04-09] (Microsoft Windows)
Gyazo -> C:\Program Files (x86)\Gyazo [2025-04-01] (Helpfeel Inc.)
GyazoReplay -> C:\Program Files (x86)\Gyazo [2025-04-01] (Helpfeel Inc.)
GyazoVideo -> C:\Program Files (x86)\Gyazo [2025-04-01] (Helpfeel Inc.)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_158.2.1134.0_x64__v10z8vjag6ke6 [2025-03-27] (HP Inc.)
Microsoft Family -> C:\Program Files\WindowsApps\MicrosoftCorporationII.MicrosoftFamily_0.2.40.0_x64__8wekyb3d8bbwe [2023-12-19] (Microsoft Corp.)
Microsoft.StartExperiencesApp -> C:\Program Files\WindowsApps\Microsoft.StartExperiencesApp_1.1.296.0_x64__8wekyb3d8bbwe [2025-03-26] (Microsoft Corporation)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.967.0_x64__56jybvy8sckqj [2024-12-26] (NVIDIA Corp.)
WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2515.7.0_x64__cv1g1gvanyjgm [2025-04-17] (WhatsApp Inc.) [Startup Task]
WinAppRuntime.Main.1.5 -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Main.1.5_5001.373.1736.0_x64__8wekyb3d8bbwe [2025-01-22] (Microsoft Corp.)
WinAppRuntime.Singleton -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Singleton_7000.456.1632.0_x64__8wekyb3d8bbwe [2025-04-10] (Microsoft Corp.)
Windows HDR Calibration -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WindowsHDRCalibration_1.0.152.0_x64__8wekyb3d8bbwe [2024-11-12] (Microsoft Corp.)
WinRAR -> C:\Program Files\WinRAR [2024-04-10] (win.rar GmbH)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2111594256-2338183963-3193565703-1001_Classes\CLSID\{1131f266-5b75-f5a0-ded5-61c709ea045a}\localserver32 -> C:\Program Files\Dell\Dell Display and Peripheral Manager\DDPM.exe (Dell Technologies Inc. -> Dell)
CustomCLSID: HKU\S-1-5-21-2111594256-2338183963-3193565703-1001_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> "C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe" -ToastActivated => No File
CustomCLSID: HKU\S-1-5-21-2111594256-2338183963-3193565703-1001_Classes\CLSID\{6a27a1a9-7be8-1491-04ca-ee68a211c258}\localserver32 -> C:\Program Files\Google\Play Games\current\service\Service.exe (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-2111594256-2338183963-3193565703-1001_Classes\CLSID\{989dacff-3a01-6b2c-f623-9ef1597c6141}\localserver32 -> "C:\Program Files\Dell\Dell Display Manager 2\DDM.exe" -ToastActivated => No File
CustomCLSID: HKU\S-1-5-21-2111594256-2338183963-3193565703-1001_Classes\CLSID\{aaafeb27-6abd-d0ea-ffd6-e6894baf4a29}\localserver32 -> C:\Program Files\Dell\Dell Display and Peripheral Manager\Plugins\DDPM.Subagent.User\DDPM.Subagent.User.exe (Dell Technologies Inc. -> DDPM.Subagent.User)
ContextMenuHandlers1: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\x64\shellex.dll [2023-10-25] (AO Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2023-10-26] (AVB Disc Soft, SIA -> Disc Soft FZE LLC)
ContextMenuHandlers2: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\x64\shellex.dll [2023-10-25] (AO Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2023-10-26] (AVB Disc Soft, SIA -> Disc Soft FZE LLC)
ContextMenuHandlers4: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\x64\shellex.dll [2023-10-25] (AO Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvrfi.inf_amd64_a4e2182beae2ddf6\nvshext.dll [2025-03-15] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\x64\shellex.dll [2023-10-25] (AO Kaspersky Lab -> AO Kaspersky Lab)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [VIDC.RTV1] => c:\windows\system32\rtvcvfw64.dll [1102848 2023-04-10] () [File not signed]
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [891904 2023-04-10] () [File not signed]
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\YouTube.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=agimnkijcaahngcdmfeangaknmldooml
==================== Loaded Modules (Whitelisted) =============
2024-11-14 19:12 - 2025-03-26 03:19 - 000120832 _____ () [File not signed] C:\Program Files (x86)\Gyazo\GyazoVideo\MFVideoEncoder.dll
2024-08-28 11:31 - 2024-08-28 11:31 - 000053760 _____ () [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\_bz2.pyd
2024-08-28 11:31 - 2024-08-28 11:31 - 000084992 _____ () [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\_ctypes.pyd
2024-08-28 11:31 - 2024-08-28 11:31 - 000182272 _____ () [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\_decimal.pyd
2024-08-28 11:31 - 2024-08-28 11:31 - 000783360 _____ () [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\_hashlib.pyd
2024-08-28 11:31 - 2024-08-28 11:31 - 000137216 _____ () [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\_lzma.pyd
2024-08-28 11:31 - 2024-08-28 11:31 - 000047104 _____ () [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\_socket.pyd
2024-08-28 11:31 - 2024-08-28 11:31 - 001213440 _____ () [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\_ssl.pyd
2024-08-28 11:31 - 2024-08-28 11:31 - 000039424 _____ () [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\psutil._psutil_windows.pyd
2024-08-28 11:31 - 2024-08-28 11:31 - 001861120 _____ () [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\PyQt5.QtCore.pyd
2024-08-28 11:31 - 2024-08-28 11:31 - 002002944 _____ () [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\PyQt5.QtGui.pyd
2024-08-28 11:31 - 2024-08-28 11:31 - 004101120 _____ () [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\PyQt5.QtWidgets.pyd
2024-08-28 11:31 - 2024-08-28 11:31 - 000009728 _____ () [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\select.pyd
2024-08-28 11:31 - 2024-08-28 11:31 - 000075264 _____ () [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\sip.pyd
2024-08-28 11:31 - 2024-08-28 11:31 - 000758784 _____ () [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\unicodedata.pyd
2025-04-18 00:20 - 2025-04-11 16:09 - 027300352 _____ () [File not signed] C:\Program Files\Google\Play Games Services\25.4.291.0\Service\libnative_asset.so
2024-11-27 18:51 - 2025-04-01 15:36 - 002682880 _____ () [File not signed] C:\Users\David\AppData\Local\Programs\CurseForge Windows\ffmpeg.dll
2024-11-27 18:51 - 2025-04-01 15:36 - 000481280 _____ () [File not signed] C:\Users\David\AppData\Local\Programs\CurseForge Windows\libegl.dll
2024-11-27 18:51 - 2025-04-01 15:36 - 008058368 _____ () [File not signed] C:\Users\David\AppData\Local\Programs\CurseForge Windows\libglesv2.dll
2024-11-27 18:51 - 2025-04-01 15:36 - 005475328 _____ () [File not signed] C:\Users\David\AppData\Local\Programs\CurseForge Windows\vk_swiftshader.dll
2024-11-07 00:49 - 2024-12-03 22:40 - 005378048 _____ (FFmpeg Project) [File not signed] C:\Program Files (x86)\Steam\libavcodec-61.dll
2024-11-07 00:49 - 2024-12-03 22:40 - 000875008 _____ (FFmpeg Project) [File not signed] C:\Program Files (x86)\Steam\libavfilter-10.dll
2024-11-07 00:49 - 2024-12-03 22:40 - 001674240 _____ (FFmpeg Project) [File not signed] C:\Program Files (x86)\Steam\libavformat-61.dll
2024-11-07 00:49 - 2024-12-03 22:40 - 001640960 _____ (FFmpeg Project) [File not signed] C:\Program Files (x86)\Steam\libavutil-59.dll
2024-11-07 00:49 - 2024-12-03 22:40 - 000630272 _____ (FFmpeg Project) [File not signed] C:\Program Files (x86)\Steam\libswresample-5.dll
2024-11-07 00:49 - 2024-12-03 22:40 - 001092608 _____ (FFmpeg Project) [File not signed] C:\Program Files (x86)\Steam\libswscale-8.dll
2025-01-05 18:44 - 2025-03-19 10:51 - 000000000 ____L (NVIDIA Corporation) [symlink -> C:\Program Files\NVIDIA Corporation\NVIDIA app\MessageBus\NvMessageBusBroadcast.dll] C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem\NvMessageBusBroadcast.dll
2024-08-28 11:31 - 2024-08-28 11:31 - 002741248 _____ (Python Software Foundation) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\python34.dll
2024-08-28 11:31 - 2024-08-28 11:31 - 000848896 _____ (The ICU Project) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\icudt53.dll
2024-08-28 11:31 - 2024-08-28 11:31 - 001580032 _____ (The ICU Project) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\icuin53.dll
2024-08-28 11:31 - 2024-08-28 11:31 - 001079296 _____ (The ICU Project) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\icuuc53.dll
2024-08-28 11:31 - 2024-08-28 11:31 - 000036352 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\imageformats\qdds.dll
2024-08-28 11:31 - 2024-08-28 11:31 - 000022016 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\imageformats\qgif.dll
2024-08-28 11:31 - 2024-08-28 11:31 - 000029184 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\imageformats\qicns.dll
2024-08-28 11:31 - 2024-08-28 11:31 - 000022016 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\imageformats\qico.dll
2024-08-28 11:31 - 2024-08-28 11:31 - 000381952 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\imageformats\qjp2.dll
2024-08-28 11:31 - 2024-08-28 11:31 - 000206848 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\imageformats\qjpeg.dll
2024-08-28 11:31 - 2024-08-28 11:31 - 000218624 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\imageformats\qmng.dll
2024-08-28 11:31 - 2024-08-28 11:31 - 000016384 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\imageformats\qtga.dll
2024-08-28 11:31 - 2024-08-28 11:31 - 000308736 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\imageformats\qtiff.dll
2024-08-28 11:31 - 2024-08-28 11:31 - 000015360 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\imageformats\qwbmp.dll
2024-08-28 11:31 - 2024-08-28 11:31 - 000287232 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\imageformats\qwebp.dll
2024-08-28 11:31 - 2024-08-28 11:31 - 000991744 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\platforms\qwindows.dll
2024-08-28 11:31 - 2024-08-28 11:31 - 004182528 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\Qt5Core.dll
2024-08-28 11:31 - 2024-08-28 11:31 - 004877312 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\Qt5Gui.dll
2024-08-28 11:31 - 2024-08-28 11:31 - 004490752 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\Qt5Widgets.dll
2025-04-03 22:15 - 2025-04-03 22:15 - 000046080 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.15341\audio\qtaudio_windows.dll
2025-04-03 22:15 - 2025-04-03 22:15 - 000030720 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.15341\iconengines\qsvgicon.dll
2025-04-03 22:15 - 2025-04-03 22:15 - 000027136 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.15341\imageformats\qgif.dll
2025-04-03 22:15 - 2025-04-03 22:15 - 000025600 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.15341\imageformats\qico.dll
2025-04-03 22:15 - 2025-04-03 22:15 - 000353280 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.15341\imageformats\qjpeg.dll
2025-04-03 22:15 - 2025-04-03 22:15 - 000021504 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.15341\imageformats\qsvg.dll
2025-04-03 22:15 - 2025-04-03 22:15 - 000352256 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.15341\imageformats\qtiff.dll
2025-04-03 22:15 - 2025-04-03 22:15 - 000423424 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.15341\imageformats\qwebp.dll
2025-04-03 22:15 - 2025-04-03 22:16 - 001239552 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.15341\platforms\qwindows.dll
2025-04-03 22:15 - 2025-04-03 22:16 - 000915456 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.15341\Qt5Network.dll
2025-04-03 22:15 - 2025-04-03 22:16 - 000362496 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.15341\Qt5QmlModels.dll
2025-04-03 22:15 - 2025-04-03 22:16 - 004703232 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.15341\Qt5Widgets.dll
2025-04-03 22:15 - 2025-04-03 22:16 - 000165888 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.15341\Qt5Xml.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) =============
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2023-10-27] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2023-10-27] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-10-27] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-10-27] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-10-27] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-10-27] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2022-05-07 07:24 - 2022-05-07 07:22 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Razer Chroma SDK\bin;C:\Program Files\Razer Chroma SDK\bin;C:\Program Files (x86)\Razer\ChromaBroadcast\bin;C:\Program Files\Razer\ChromaBroadcast\bin;c:\windows\system32;c:\windows;c:\windows\system32\wbem;c:\windows\system32\windowspowershell\v1.0\;c:\windows\system32\openssh\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\dotnet\;C:\Users\David\AppData\Local\Microsoft\WindowsApps;C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\WindowsApps;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA app\NvDLISR
HKU\S-1-5-21-2111594256-2338183963-3193565703-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\David\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\dragonflight-4k-wallpaper-v0-nihjzcd9lvu81.png
DNS Servers: 93.89.159.2 - 1.1.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
Network Binding:
=============
Ethernet: Realtek Gaming 2.5GbE Family Controller -> rt640x64.sys
Připojení k místní síti: Kaspersky VPN -> kltun.sys
Wi-Fi: RZ616 Wi-Fi 6E 160MHz -> mtkwl6ex.sys
KL_KLIM6: Kaspersky Anti-Virus NDIS 6 Filter
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{A23798C1-1103-4D04-8FC6-60111B678D84}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft FZE LLC)
FirewallRules: [{046E82FA-7485-4A17-BE65-A9E2B324013F}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft FZE LLC)
FirewallRules: [{444B39F8-7079-4929-BACB-09A2BA12C7CA}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{456EC56A-0A6D-4307-9D84-60DA15AB2817}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{AFB22363-6423-4E24-96D7-816D89EEF46A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{98209029-6989-435A-AF44-6D239EF9F18C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{842919F6-2F91-4F41-B915-A645B9D9AD36}] => (Allow) C:\Program Files\WindowsApps\MSTeams_24295.605.3225.8804_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{54918C39-4159-4E6E-914A-CEFFA181CC4E}] => (Allow) C:\Program Files\WindowsApps\MSTeams_24295.605.3225.8804_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [FPS-SpoolWorker-In-TCP] => (Allow) C:\WINDOWS\system32\spoolsvworker.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [FPS-SpoolWorker-In-TCP-V2] => (Allow) C:\WINDOWS\system32\spoolsvworker.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [FPS-SpoolWorker-In-TCP-NoScope] => (Allow) C:\WINDOWS\system32\spoolsvworker.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{EAE8A3C8-DD74-4CFA-83A4-2C160B6DE09D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.138.3214.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C3D91BE7-7393-45C8-A896-FA3D9160A7EF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.138.3214.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{0F95AC7F-93A8-4DE5-8CDA-C316DB9448A2}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.138.3214.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{1E14AEA8-E992-46F7-9E0B-0E7450D61F36}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.138.3214.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{7C8C97FB-6431-41D2-8C5B-16BCD171C35D}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\135.0.3179.73\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{DC7DE2B3-70E6-455A-83F2-09AABE04213A}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe (The qBittorrent Project) [File not signed]
FirewallRules: [{25904816-7999-47EC-9847-631E437A718F}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe (The qBittorrent Project) [File not signed]
FirewallRules: [{3B6877A8-2728-451F-B001-FAC098B89226}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{1D6B1734-878F-4B16-B501-1065A2214B59}] => (Allow) C:\Program Files\Google\Play Games\current\emulator\crosvm.exe (Google LLC -> )
FirewallRules: [{B2F64F95-07FF-41F3-A207-0B601EF5315C}] => (Allow) C:\Program Files\Google\Play Games\current\emulator\crosvm.exe (Google LLC -> )
FirewallRules: [{A04CAEF3-9859-4847-9DB6-7C1458ED7A1F}] => (Allow) LPort=32683
FirewallRules: [{BCA15B64-BA3F-4656-A058-1A3A7AAC8609}] => (Allow) LPort=26822
==================== Restore Points =========================
12-04-2025 00:47:29 Windows Update
15-04-2025 21:33:46 Windows Update
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (04/19/2025 01:54:36 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit defragmentace na \\?\Volume{c38f51d5-9e0f-11ee-b38d-806e6f6e6963}\, protože: Svazky nejde optimalizovat kvůli nepodporovanému typu systému souborů. (0x8900002F)
Error: (04/19/2025 12:01:22 AM) (Source: Application Error) (EventID: 1000) (User: NT AUTHORITY)
Description: Název chybující aplikace: netsys64.exe, verze: 0.0.0.0, časové razítko: 0x66c74a87
Název chybujícího modulu: ntdll.dll, verze: 10.0.26100.3775, časové razítko: 0x5e4be250
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000007780b
ID chybujícího procesu: 0x1430
Čas spuštění chybující aplikace: 0x1dbb0ad6c145ff6
Cesta k chybující aplikaci: C:\Users\David\AppData\Roaming\Microsoft\SysDriver64\netrtwlansinf\netsys64.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID sestavy: 232b23e8-36f9-415f-b28f-4e5434a13ff2
Celý název chybujícího balíčku:
ID chybující aplikace relativní vzhledem k balíčku:
Error: (04/19/2025 12:01:22 AM) (Source: Application Error) (EventID: 1000) (User: NT AUTHORITY)
Description: Název chybující aplikace: coresys.exe, verze: 0.0.0.0, časové razítko: 0x00000000
Název chybujícího modulu: ntdll.dll, verze: 10.0.26100.3775, časové razítko: 0x5e4be250
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000007780b
ID chybujícího procesu: 0x12a0
Čas spuštění chybující aplikace: 0x1dbb0ad6c10165b
Cesta k chybující aplikaci: C:\Users\David\AppData\Roaming\Microsoft\kernel64\core\coresys.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID sestavy: 92d79f88-53fa-446e-947a-0e1c17388b83
Celý název chybujícího balíčku:
ID chybující aplikace relativní vzhledem k balíčku:
Error: (04/19/2025 12:00:10 AM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.]
Error: (04/18/2025 11:58:16 PM) (Source: Application Error) (EventID: 1000) (User: NT AUTHORITY)
Description: Název chybující aplikace: coresys.exe, verze: 0.0.0.0, časové razítko: 0x00000000
Název chybujícího modulu: ntdll.dll, verze: 10.0.26100.3775, časové razítko: 0x5e4be250
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000007780b
ID chybujícího procesu: 0x132c
Čas spuštění chybující aplikace: 0x1dbb0acfd2cf246
Cesta k chybující aplikaci: C:\Users\David\AppData\Roaming\Microsoft\kernel64\core\coresys.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID sestavy: 28146e62-5142-4f4a-8ac2-04cdf7ceaedd
Celý název chybujícího balíčku:
ID chybující aplikace relativní vzhledem k balíčku:
Error: (04/18/2025 11:58:16 PM) (Source: Application Error) (EventID: 1000) (User: NT AUTHORITY)
Description: Název chybující aplikace: netsys64.exe, verze: 0.0.0.0, časové razítko: 0x66c74a87
Název chybujícího modulu: ntdll.dll, verze: 10.0.26100.3775, časové razítko: 0x5e4be250
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000007780b
ID chybujícího procesu: 0x14ec
Čas spuštění chybující aplikace: 0x1dbb0acfd321d95
Cesta k chybující aplikaci: C:\Users\David\AppData\Roaming\Microsoft\SysDriver64\netrtwlansinf\netsys64.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID sestavy: bc51b1d1-4b1d-4a61-86b4-5e9c02fc4b88
Celý název chybujícího balíčku:
ID chybující aplikace relativní vzhledem k balíčku:
Error: (04/18/2025 11:56:36 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: LEDKeeper2.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.DllNotFoundException
na MSI_LED.Razer.MSI_RZ_UnInitial()
na MSI_LED.CRazer_SyncHandle.CRazer_Handler_Close()
na MSI_LED.App.CloseAPP()
na MSI_LED.WindowToGetHandle.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
na System.Windows.Interop.HwndSource.PublicHooksFilterMessage(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
na MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
na MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
na System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
na System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
na System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
na MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
Error: (04/18/2025 12:35:36 AM) (Source: Application Error) (EventID: 1000) (User: DEJFYQQ)
Description: Název chybující aplikace: SDXHelper.exe, verze: 16.0.11328.20158, časové razítko: 0x5c7f968c
Název chybujícího modulu: Mso20Win32Client.dll, verze: 16.0.11328.20156, časové razítko: 0x5c7f83eb
Kód výjimky: 0x01483052
Posun chyby: 0x001c5366
ID chybujícího procesu: 0xf1d8
Čas spuštění chybující aplikace: 0x1dbafe8fa33ff32
Cesta k chybující aplikaci: C:\Program Files (x86)\Microsoft Office\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\SDXHelper.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\Microsoft Office\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\Mso20Win32Client.dll
ID sestavy: 49239d3b-4269-4bb8-9125-35a578277d99
Celý název chybujícího balíčku:
ID chybující aplikace relativní vzhledem k balíčku:
System errors:
=============
Error: (04/19/2025 12:06:23 AM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1796) (User: NT AUTHORITY)
Description: The Secure Boot update failed to update a Secure Boot variable with error (-2147020471 = Zabezpečené spouštění není v tomto počítači zapnuto.). For more information, please see https://go.microsoft.com/fwlink/?linkid=2169931
Error: (04/19/2025 12:03:27 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba Aktualizace Google (gupdate) neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (04/19/2025 12:03:27 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Služba Aktualizace Google (gupdate) bylo dosaženo časového limitu (30000 ms).
Error: (04/19/2025 12:01:24 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba coresys neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (04/19/2025 12:01:24 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby coresys bylo dosaženo časového limitu (45000 ms).
Error: (04/19/2025 12:01:24 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba sysnet64 neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (04/19/2025 12:01:24 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby sysnet64 bylo dosaženo časového limitu (45000 ms).
Error: (04/19/2025 12:00:10 AM) (Source: Microsoft-Windows-DeviceAssociationService) (EventID: 3503) (User: NT AUTHORITY)
Description: Služba přidružení zařízení zjistila chybu zjišťování koncového bodu.
CodeIntegrity:
===============
Date: 2025-04-19 02:58:41
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SecurityHealthService.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.
Date: 2025-04-19 02:58:11
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends International, LLC. 1.70 08/10/2023
Motherboard: Micro-Star International Co., Ltd. MAG B650 TOMAHAWK WIFI (MS-7D75)
Processor: AMD Ryzen 7 7800X3D 8-Core Processor
Percentage of memory in use: 46%
Total physical RAM: 31904.58 MB
Available physical RAM: 17062.84 MB
Total Virtual: 52384.58 MB
Available Virtual: 33583.82 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:248.55 GB) (Free:47.69 GB) (Model: KINGSTON SKC3000D2048G) NTFS
Drive d: (Místní disk) (Fixed) (Total:1657.73 GB) (Free:356.73 GB) (Model: KINGSTON SKC3000D2048G) NTFS
\\?\Volume{82ad4fce-2baf-4d47-9848-490f86efd609}\ () (Fixed) (Total:0.67 GB) (Free:0.09 GB) NTFS
\\?\Volume{4083c866-0f6f-4af0-a569-ca6bcac5ce48}\ () (Fixed) (Total:0.66 GB) (Free:0.08 GB) NTFS
\\?\Volume{6b5d3ba8-e03f-4fa3-8ab4-6662c5e7e01e}\ () (Fixed) (Total:0.09 GB) (Free:0.06 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Protective MBR) (Size: 1907.7 GB) (Disk ID: 00000000)
Partition: GPT.
==================== End of Addition.txt =======================
Ran by David (19-04-2025 03:30:57)
Running from C:\Users\David\Desktop
Microsoft Windows 11 Home Version 24H2 26100.3775 (X64) (2024-12-05 19:49:40)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-2111594256-2338183963-3193565703-500 - Administrator - Disabled)
David (S-1-5-21-2111594256-2338183963-3193565703-1001 - Administrator - Enabled) => C:\Users\David
DefaultAccount (S-1-5-21-2111594256-2338183963-3193565703-503 - Limited - Disabled)
Guest (S-1-5-21-2111594256-2338183963-3193565703-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-2111594256-2338183963-3193565703-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Kaspersky Total Security (Enabled - Up to date) {4F76F112-43EB-40E8-11D8-F7BD1853EA23}
FW: Kaspersky Total Security (Enabled) {774D7037-0984-41B0-3A87-5E88E680AD58}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
64 Bit HP CIO Components Installer (HKLM\...\{50229C72-539F-4E65-BEB5-F0491C5074B7}) (Version: 22.2.1 - HP Inc.) Hidden
AMD Ryzen Master SDK (HKLM\...\{DBD50508-5F75-416B-995D-C42433A00944}) (Version: 2.10.0.2198 - Advanced Micro Devices, Inc.)
Aplikace NVIDIA 11.0.2.341 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NvApp) (Version: 11.0.2.341 - NVIDIA Corporation)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
CurseForge 1.275.5-24706 (HKU\S-1-5-21-2111594256-2338183963-3193565703-1001\...\ca0e291c-abd4-5fc3-b6a0-3d4333eccbd7) (Version: 1.275.5-24706 - Overwolf)
CZC.Gaming Reaper (HKLM-x32\...\{A3DCB839-C9AC-4F7D-8F8A-9F93F8AF0915}_is1) (Version: 1.0 - CZC.cz s.r.o.)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 12.0.0.2126 - Disc Soft Ltd)
Dell Core Services (HKLM\...\{4DC5805F-5117-4C91-8E7B-2267F0D23B9E}) (Version: 1.9.19.0 - Dell, Inc.)
Dell Display and Peripheral Manager (HKLM-x32\...\{21A24609-08A2-423E-80DE-4D33A933F1A1}) (Version: 2.0.0.72 - Dell Technologies)
Dell Peripheral Core (HKLM\...\Dell Peripheral Manager) (Version: 2.0.1.204 - Dell Inc.)
Diablo IV (HKLM-x32\...\Diablo IV) (Version: - Blizzard Entertainment)
Discord (HKU\S-1-5-21-2111594256-2338183963-3193565703-1001\...\Discord) (Version: 1.0.9020 - Discord Inc.)
DOOM Eternal The Ancient Gods (HKLM-x32\...\DOOM Eternal The Ancient Gods_is1) (Version: - )
ENE Video Capture Box HAL (HKLM\...\{A096611D-BA11-4A1A-8D09-0A0462D7C8F2}) (Version: 1.0.5.15 - Ene Tech.) Hidden
ENE Video Capture Box HAL (HKLM-x32\...\{974259bf-3ed1-4cd6-9ed1-40c7f601a786}) (Version: 1.0.5.15 - Ene Tech.) Hidden
ENE_EHD_M2_HAL (HKLM\...\{37A48B7F-D4EA-4863-844E-A284E2AA3C5D}) (Version: 1.0.10.1 - ENE TECHNOLOGY INC.) Hidden
ENE_EHD_M2_HAL (HKLM-x32\...\{6b617af3-c8f4-45a8-bf47-b32ffb4da1cc}) (Version: 1.0.10.1 - ENE TECHNOLOGY INC.) Hidden
ENE_External_Device_HAL (HKLM\...\{2B8E611F-0B51-4FAC-87BB-AF50D82E7DDA}) (Version: 1.0.11.1 - ENE Tech) Hidden
ENE_External_Device_HAL (HKLM-x32\...\{bb9d349f-b87b-4026-b336-1604708bd09c}) (Version: 1.0.11.1 - ENE Tech) Hidden
ENE_MousePad_HAL (HKLM\...\{9E97178A-ADB8-4778-BE60-7E28E2A72721}) (Version: 1.0.2.0 - ENE TECHNOLOGY INC.) Hidden
ENE_MousePad_HAL (HKLM-x32\...\{c2c794a4-7986-4c45-884d-d4ca43b88df9}) (Version: 1.0.2.0 - ENE TECHNOLOGY INC.) Hidden
ENE_X_AIC_HAL (HKLM\...\{CF703694-01C6-4062-B797-84DB215662BC}) (Version: 1.0.6.3 - ENE TECHNOLOGY INC.) Hidden
ENE_X_AIC_HAL (HKLM-x32\...\{c662a481-d76a-4188-95d2-6eb4ffd55542}) (Version: 1.0.6.3 - ENE TECHNOLOGY INC.) Hidden
Epic Games Launcher (HKLM-x32\...\{B85FAA6E-A9AA-4655-9029-E1A4EDC05E1A}) (Version: 1.3.93.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Epic Online Services (HKLM-x32\...\{57A956AB-4BCC-45C6-9B40-957E4E125568}) (Version: 2.0.44.0 - Epic Games, Inc.)
Far Cry 5 v.1.011 (HKLM-x32\...\Far Cry 5_is1) (Version: - )
Far Cry 6 (HKLM-x32\...\Far Cry 6_is1) (Version: - )
Far Cry New Dawn v.1.0.5 (HKLM-x32\...\Far Cry New Dawn_is1) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 135.0.7049.96 - Google LLC)
Gyazo 5.7.2.0 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version: 5.7.2 - Helpfeel Inc.)
Hry Google Play beta (HKLM\...\GooglePlayGames) (Version: 25.3.1000.10 - Google LLC)
HWiNFO64 Version 7.64 (HKLM\...\HWiNFO64_is1) (Version: 7.64 - Martin Malik, REALiX s.r.o.)
Kaspersky Total Security (HKLM-x32\...\{4FC79BE9-AD63-46C0-9626-E4F6BCE6A976}) (Version: 21.3.10.391 - Kaspersky) Hidden
Kaspersky Total Security (HKLM-x32\...\InstallWIX_{4FC79BE9-AD63-46C0-9626-E4F6BCE6A976}) (Version: 21.3.10.391 - Kaspersky)
Kaspersky VPN (HKLM-x32\...\{57078439-645C-39D3-8062-973653E59642}) (Version: 21.20.8.505 - Kaspersky) Hidden
Kaspersky VPN (HKLM-x32\...\InstallWIX_{57078439-645C-39D3-8062-973653E59642}) (Version: 21.20.8.505 - Kaspersky)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Microsoft .NET Host - 6.0.22 (x64) (HKLM\...\{A575E059-0C3F-4138-B87A-BAF55CABA9FA}) (Version: 48.88.905 - Microsoft Corporation) Hidden
Microsoft .NET Host - 8.0.12 (x64) (HKLM\...\{C4C6E39D-48AE-426C-960C-46ED3447DDEB}) (Version: 64.48.26165 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.22 (x64) (HKLM\...\{E7598167-2D5C-4704-8777-8A25289EB8FE}) (Version: 48.88.905 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 8.0.12 (x64) (HKLM\...\{C9C872D5-3CA9-4E0E-AF90-1B85325F9243}) (Version: 64.48.26165 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.22 (x64) (HKLM\...\{853BA4E9-D41A-4FF6-AB22-A6FFDD77EA78}) (Version: 48.88.905 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 8.0.12 (x64) (HKLM\...\{1E606649-7E56-452F-8AC4-495C70D1E341}) (Version: 64.48.26165 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 135.0.3179.85 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 135.0.3179.73 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2019 - cs-cz (HKLM\...\ProPlus2019Retail - cs-cz) (Version: 16.0.11328.20158 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2111594256-2338183963-3193565703-1001\...\OneDriveSetup.exe) (Version: 25.056.0324.0003 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{C6FD611E-7EFE-488C-A0E0-974C09EF6473}) (Version: 5.72.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.38.33135 (HKLM-x32\...\{c649ede4-f16a-4486-a117-dcc2f2a35165}) (Version: 14.38.33135.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.38.33135 (HKLM-x32\...\{46c3b171-c15c-4137-8e1d-67eeb2985b44}) (Version: 14.38.33135.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.38.33135 (HKLM\...\{19AFE054-CA83-45D5-A9DB-4108EF4BD391}) (Version: 14.38.33135 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.38.33135 (HKLM\...\{AA0C8AB5-7297-4D46-A0D9-08096FE59E46}) (Version: 14.38.33135 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.38.33135 (HKLM-x32\...\{9C19C103-7DB1-44D1-A039-2C076A633A38}) (Version: 14.38.33135 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.38.33135 (HKLM-x32\...\{286DC39B-5FB7-4AFF-9DD4-22DB47664CD7}) (Version: 14.38.33135 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.22 (x64) (HKLM\...\{6B3108CD-E279-4795-BCBF-BDEA037A7913}) (Version: 48.88.914 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.22 (x64) (HKLM-x32\...\{0f94f805-22c3-4413-b1e5-5ab275ba92d5}) (Version: 6.0.22.32825 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 8.0.12 (x64) (HKLM\...\{71CD19D6-C448-4B5D-9A38-018741753290}) (Version: 64.48.26178 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 8.0.12 (x64) (HKLM-x32\...\{aafaa0cc-b975-4ffa-ba33-8690e64683c4}) (Version: 8.0.12.34404 - Microsoft Corporation)
MSI Afterburner 4.6.5 (HKLM-x32\...\Afterburner) (Version: 4.6.5 - MSI Co., LTD)
MSI Center SDK (HKLM-x32\...\{15289038-41BE-48F8-B8B9-0B1021D3089E}}_is1) (Version: 3.2023.0919.01 - MSI)
NVIDIA FrameView SDK 1.5.10819.35301613 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.5.10819.35301613 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.4.3.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.4.3.2 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 572.83 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 572.83 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.23.1019 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.23.1019 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.11328.20158 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.11328.20158 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.11328.20158 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.11328.20158 - Microsoft Corporation) Hidden
paint.net (HKLM\...\{A89BF790-0679-403A-9CC7-4015DBF4FEBA}) (Version: 5.0.13 - dotPDN LLC)
qBittorrent (HKLM-x32\...\qBittorrent) (Version: 5.0.5 - The qBittorrent project)
Razer Synapse (HKLM-x32\...\Razer Synapse) (Version: 3.10.0315.031117 - Razer Inc.)
Red Dead Redemption 2 (HKLM-x32\...\Red Dead Redemption 2) (Version: 1.0.1491.18 - Rockstar Games)
RivaTuner Statistics Server 7.3.6 (HKLM-x32\...\RTSS) (Version: 7.3.6 - Unwinder)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.80.1666 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.2.2.2 - Rockstar Games)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Streamlabs Desktop 1.14.0 (HKLM\...\029c4619-0385-5543-9426-46f9987161d9) (Version: 1.14.0 - General Workings, Inc.)
Thunder Master v4.14 (HKLM\...\{EE04522C-0814-4B63-AE57-0B63E5A355BB}_is1) (Version: 4.14.0.1 - Palit Microsystems Ltd.)
TradeSkillMaster Application version 1.0 (HKLM-x32\...\{c44da794-b956-4d50-8733-346d56ae63c7}_is1) (Version: 1.0 - TradeSkillMaster)
Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 146.1.10956 - Ubisoft)
Verbatim_SureFireGaming_Product (HKLM\...\{35CB65C6-A7E3-4EE7-AD40-738D70A72164}) (Version: 1.0.3.11 - Verbatim) Hidden
Verbatim_SureFireGaming_Product (HKLM-x32\...\{d601832a-0d94-46ce-9b19-78e8a5887313}) (Version: 1.0.3.11 - Verbatim) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.21 - VideoLAN)
WD P40 Game Drive (HKLM\...\{EE55DBAE-ECDD-4ADD-AAB5-23DE848B0996}) (Version: 1.0.2.18 - Western Digital Corporation) Hidden
WD P40 Game Drive (HKLM-x32\...\{72b1a866-fc31-4381-bff3-fa6cd8823777}) (Version: 1.0.2.18 - Western Digital Corporation) Hidden
WD_BLACK AN1500 (HKLM\...\{085E2365-0A70-4230-B664-02D5E4FE7E9C}) (Version: 1.0.12.0 - ENE TECHNOLOGY INC.) Hidden
WD_BLACK AN1500 (HKLM-x32\...\{9c94735f-73fd-4b0f-9ddb-8be7b3cc4681}) (Version: 1.0.12.0 - ENE TECHNOLOGY INC.) Hidden
WD_BLACK D50 (HKLM\...\{BDE43F26-5917-44F8-B86A-F1D9A6B80B32}) (Version: 1.0.9.0 - ENE TECHNOLOGY INC.) Hidden
WD_BLACK D50 (HKLM-x32\...\{a1d1ba00-92b7-4a99-8ebd-65b25c0e9e44}) (Version: 1.0.9.0 - ENE TECHNOLOGY INC.) Hidden
WinRAR 7.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 7.00.0 - win.rar GmbH)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
World of Warcraft Public Test (HKLM-x32\...\World of Warcraft Public Test) (Version: - Blizzard Entertainment)
WowUp 2.20.0 (HKU\S-1-5-21-2111594256-2338183963-3193565703-1001\...\b31ca559-50e4-54d8-a458-330e72a28314) (Version: 2.20.0 - WowUp LLC)
WowUp-CF 2.20.0 (HKU\S-1-5-21-2111594256-2338183963-3193565703-1001\...\6f2f419c-215d-59e3-b8a5-5843bec040af) (Version: 2.20.0 - WowUp LLC)
Chrome apps:
============
YouTube (HKU\S-1-5-21-2111594256-2338183963-3193565703-1001\...\f1d05c68f71f8be3fb7e957b8345f339) (Version: 1.0 - Google\Chrome)
Packages:
=========
@{MicrosoftWindows.55182690.Taskbar_1000.26100.3624.0_x64__cw5n1h2txyewy?ms-resource://MicrosoftWindows.55182690.Taskbar/Resources/ProductPkgDisplayName} -> C:\WINDOWS\SystemApps\SxS\MicrosoftWindows.55182690.Taskbar_cw5n1h2txyewy [2025-04-09] (Microsoft Windows)
Balíček prostředí funkcí systému Windows -> C:\WINDOWS\SystemApps\SxS\MicrosoftWindows.55182690.Taskbar_cw5n1h2txyewy [2025-04-09] (Microsoft Windows)
Gyazo -> C:\Program Files (x86)\Gyazo [2025-04-01] (Helpfeel Inc.)
GyazoReplay -> C:\Program Files (x86)\Gyazo [2025-04-01] (Helpfeel Inc.)
GyazoVideo -> C:\Program Files (x86)\Gyazo [2025-04-01] (Helpfeel Inc.)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_158.2.1134.0_x64__v10z8vjag6ke6 [2025-03-27] (HP Inc.)
Microsoft Family -> C:\Program Files\WindowsApps\MicrosoftCorporationII.MicrosoftFamily_0.2.40.0_x64__8wekyb3d8bbwe [2023-12-19] (Microsoft Corp.)
Microsoft.StartExperiencesApp -> C:\Program Files\WindowsApps\Microsoft.StartExperiencesApp_1.1.296.0_x64__8wekyb3d8bbwe [2025-03-26] (Microsoft Corporation)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.967.0_x64__56jybvy8sckqj [2024-12-26] (NVIDIA Corp.)
WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2515.7.0_x64__cv1g1gvanyjgm [2025-04-17] (WhatsApp Inc.) [Startup Task]
WinAppRuntime.Main.1.5 -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Main.1.5_5001.373.1736.0_x64__8wekyb3d8bbwe [2025-01-22] (Microsoft Corp.)
WinAppRuntime.Singleton -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Singleton_7000.456.1632.0_x64__8wekyb3d8bbwe [2025-04-10] (Microsoft Corp.)
Windows HDR Calibration -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WindowsHDRCalibration_1.0.152.0_x64__8wekyb3d8bbwe [2024-11-12] (Microsoft Corp.)
WinRAR -> C:\Program Files\WinRAR [2024-04-10] (win.rar GmbH)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2111594256-2338183963-3193565703-1001_Classes\CLSID\{1131f266-5b75-f5a0-ded5-61c709ea045a}\localserver32 -> C:\Program Files\Dell\Dell Display and Peripheral Manager\DDPM.exe (Dell Technologies Inc. -> Dell)
CustomCLSID: HKU\S-1-5-21-2111594256-2338183963-3193565703-1001_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> "C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe" -ToastActivated => No File
CustomCLSID: HKU\S-1-5-21-2111594256-2338183963-3193565703-1001_Classes\CLSID\{6a27a1a9-7be8-1491-04ca-ee68a211c258}\localserver32 -> C:\Program Files\Google\Play Games\current\service\Service.exe (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-2111594256-2338183963-3193565703-1001_Classes\CLSID\{989dacff-3a01-6b2c-f623-9ef1597c6141}\localserver32 -> "C:\Program Files\Dell\Dell Display Manager 2\DDM.exe" -ToastActivated => No File
CustomCLSID: HKU\S-1-5-21-2111594256-2338183963-3193565703-1001_Classes\CLSID\{aaafeb27-6abd-d0ea-ffd6-e6894baf4a29}\localserver32 -> C:\Program Files\Dell\Dell Display and Peripheral Manager\Plugins\DDPM.Subagent.User\DDPM.Subagent.User.exe (Dell Technologies Inc. -> DDPM.Subagent.User)
ContextMenuHandlers1: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\x64\shellex.dll [2023-10-25] (AO Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2023-10-26] (AVB Disc Soft, SIA -> Disc Soft FZE LLC)
ContextMenuHandlers2: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\x64\shellex.dll [2023-10-25] (AO Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2023-10-26] (AVB Disc Soft, SIA -> Disc Soft FZE LLC)
ContextMenuHandlers4: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\x64\shellex.dll [2023-10-25] (AO Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvrfi.inf_amd64_a4e2182beae2ddf6\nvshext.dll [2025-03-15] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\x64\shellex.dll [2023-10-25] (AO Kaspersky Lab -> AO Kaspersky Lab)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [VIDC.RTV1] => c:\windows\system32\rtvcvfw64.dll [1102848 2023-04-10] () [File not signed]
HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [891904 2023-04-10] () [File not signed]
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\YouTube.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=agimnkijcaahngcdmfeangaknmldooml
==================== Loaded Modules (Whitelisted) =============
2024-11-14 19:12 - 2025-03-26 03:19 - 000120832 _____ () [File not signed] C:\Program Files (x86)\Gyazo\GyazoVideo\MFVideoEncoder.dll
2024-08-28 11:31 - 2024-08-28 11:31 - 000053760 _____ () [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\_bz2.pyd
2024-08-28 11:31 - 2024-08-28 11:31 - 000084992 _____ () [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\_ctypes.pyd
2024-08-28 11:31 - 2024-08-28 11:31 - 000182272 _____ () [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\_decimal.pyd
2024-08-28 11:31 - 2024-08-28 11:31 - 000783360 _____ () [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\_hashlib.pyd
2024-08-28 11:31 - 2024-08-28 11:31 - 000137216 _____ () [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\_lzma.pyd
2024-08-28 11:31 - 2024-08-28 11:31 - 000047104 _____ () [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\_socket.pyd
2024-08-28 11:31 - 2024-08-28 11:31 - 001213440 _____ () [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\_ssl.pyd
2024-08-28 11:31 - 2024-08-28 11:31 - 000039424 _____ () [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\psutil._psutil_windows.pyd
2024-08-28 11:31 - 2024-08-28 11:31 - 001861120 _____ () [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\PyQt5.QtCore.pyd
2024-08-28 11:31 - 2024-08-28 11:31 - 002002944 _____ () [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\PyQt5.QtGui.pyd
2024-08-28 11:31 - 2024-08-28 11:31 - 004101120 _____ () [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\PyQt5.QtWidgets.pyd
2024-08-28 11:31 - 2024-08-28 11:31 - 000009728 _____ () [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\select.pyd
2024-08-28 11:31 - 2024-08-28 11:31 - 000075264 _____ () [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\sip.pyd
2024-08-28 11:31 - 2024-08-28 11:31 - 000758784 _____ () [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\unicodedata.pyd
2025-04-18 00:20 - 2025-04-11 16:09 - 027300352 _____ () [File not signed] C:\Program Files\Google\Play Games Services\25.4.291.0\Service\libnative_asset.so
2024-11-27 18:51 - 2025-04-01 15:36 - 002682880 _____ () [File not signed] C:\Users\David\AppData\Local\Programs\CurseForge Windows\ffmpeg.dll
2024-11-27 18:51 - 2025-04-01 15:36 - 000481280 _____ () [File not signed] C:\Users\David\AppData\Local\Programs\CurseForge Windows\libegl.dll
2024-11-27 18:51 - 2025-04-01 15:36 - 008058368 _____ () [File not signed] C:\Users\David\AppData\Local\Programs\CurseForge Windows\libglesv2.dll
2024-11-27 18:51 - 2025-04-01 15:36 - 005475328 _____ () [File not signed] C:\Users\David\AppData\Local\Programs\CurseForge Windows\vk_swiftshader.dll
2024-11-07 00:49 - 2024-12-03 22:40 - 005378048 _____ (FFmpeg Project) [File not signed] C:\Program Files (x86)\Steam\libavcodec-61.dll
2024-11-07 00:49 - 2024-12-03 22:40 - 000875008 _____ (FFmpeg Project) [File not signed] C:\Program Files (x86)\Steam\libavfilter-10.dll
2024-11-07 00:49 - 2024-12-03 22:40 - 001674240 _____ (FFmpeg Project) [File not signed] C:\Program Files (x86)\Steam\libavformat-61.dll
2024-11-07 00:49 - 2024-12-03 22:40 - 001640960 _____ (FFmpeg Project) [File not signed] C:\Program Files (x86)\Steam\libavutil-59.dll
2024-11-07 00:49 - 2024-12-03 22:40 - 000630272 _____ (FFmpeg Project) [File not signed] C:\Program Files (x86)\Steam\libswresample-5.dll
2024-11-07 00:49 - 2024-12-03 22:40 - 001092608 _____ (FFmpeg Project) [File not signed] C:\Program Files (x86)\Steam\libswscale-8.dll
2025-01-05 18:44 - 2025-03-19 10:51 - 000000000 ____L (NVIDIA Corporation) [symlink -> C:\Program Files\NVIDIA Corporation\NVIDIA app\MessageBus\NvMessageBusBroadcast.dll] C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem\NvMessageBusBroadcast.dll
2024-08-28 11:31 - 2024-08-28 11:31 - 002741248 _____ (Python Software Foundation) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\python34.dll
2024-08-28 11:31 - 2024-08-28 11:31 - 000848896 _____ (The ICU Project) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\icudt53.dll
2024-08-28 11:31 - 2024-08-28 11:31 - 001580032 _____ (The ICU Project) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\icuin53.dll
2024-08-28 11:31 - 2024-08-28 11:31 - 001079296 _____ (The ICU Project) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\icuuc53.dll
2024-08-28 11:31 - 2024-08-28 11:31 - 000036352 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\imageformats\qdds.dll
2024-08-28 11:31 - 2024-08-28 11:31 - 000022016 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\imageformats\qgif.dll
2024-08-28 11:31 - 2024-08-28 11:31 - 000029184 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\imageformats\qicns.dll
2024-08-28 11:31 - 2024-08-28 11:31 - 000022016 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\imageformats\qico.dll
2024-08-28 11:31 - 2024-08-28 11:31 - 000381952 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\imageformats\qjp2.dll
2024-08-28 11:31 - 2024-08-28 11:31 - 000206848 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\imageformats\qjpeg.dll
2024-08-28 11:31 - 2024-08-28 11:31 - 000218624 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\imageformats\qmng.dll
2024-08-28 11:31 - 2024-08-28 11:31 - 000016384 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\imageformats\qtga.dll
2024-08-28 11:31 - 2024-08-28 11:31 - 000308736 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\imageformats\qtiff.dll
2024-08-28 11:31 - 2024-08-28 11:31 - 000015360 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\imageformats\qwbmp.dll
2024-08-28 11:31 - 2024-08-28 11:31 - 000287232 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\imageformats\qwebp.dll
2024-08-28 11:31 - 2024-08-28 11:31 - 000991744 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\platforms\qwindows.dll
2024-08-28 11:31 - 2024-08-28 11:31 - 004182528 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\Qt5Core.dll
2024-08-28 11:31 - 2024-08-28 11:31 - 004877312 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\Qt5Gui.dll
2024-08-28 11:31 - 2024-08-28 11:31 - 004490752 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\Qt5Widgets.dll
2025-04-03 22:15 - 2025-04-03 22:15 - 000046080 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.15341\audio\qtaudio_windows.dll
2025-04-03 22:15 - 2025-04-03 22:15 - 000030720 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.15341\iconengines\qsvgicon.dll
2025-04-03 22:15 - 2025-04-03 22:15 - 000027136 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.15341\imageformats\qgif.dll
2025-04-03 22:15 - 2025-04-03 22:15 - 000025600 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.15341\imageformats\qico.dll
2025-04-03 22:15 - 2025-04-03 22:15 - 000353280 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.15341\imageformats\qjpeg.dll
2025-04-03 22:15 - 2025-04-03 22:15 - 000021504 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.15341\imageformats\qsvg.dll
2025-04-03 22:15 - 2025-04-03 22:15 - 000352256 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.15341\imageformats\qtiff.dll
2025-04-03 22:15 - 2025-04-03 22:15 - 000423424 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.15341\imageformats\qwebp.dll
2025-04-03 22:15 - 2025-04-03 22:16 - 001239552 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.15341\platforms\qwindows.dll
2025-04-03 22:15 - 2025-04-03 22:16 - 000915456 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.15341\Qt5Network.dll
2025-04-03 22:15 - 2025-04-03 22:16 - 000362496 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.15341\Qt5QmlModels.dll
2025-04-03 22:15 - 2025-04-03 22:16 - 004703232 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.15341\Qt5Widgets.dll
2025-04-03 22:15 - 2025-04-03 22:16 - 000165888 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Battle.net\Battle.net.15341\Qt5Xml.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) =============
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2023-10-27] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2023-10-27] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-10-27] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-10-27] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-10-27] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-10-27] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2022-05-07 07:24 - 2022-05-07 07:22 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Razer Chroma SDK\bin;C:\Program Files\Razer Chroma SDK\bin;C:\Program Files (x86)\Razer\ChromaBroadcast\bin;C:\Program Files\Razer\ChromaBroadcast\bin;c:\windows\system32;c:\windows;c:\windows\system32\wbem;c:\windows\system32\windowspowershell\v1.0\;c:\windows\system32\openssh\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\dotnet\;C:\Users\David\AppData\Local\Microsoft\WindowsApps;C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\WindowsApps;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA app\NvDLISR
HKU\S-1-5-21-2111594256-2338183963-3193565703-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\David\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\dragonflight-4k-wallpaper-v0-nihjzcd9lvu81.png
DNS Servers: 93.89.159.2 - 1.1.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
Network Binding:
=============
Ethernet: Realtek Gaming 2.5GbE Family Controller -> rt640x64.sys
Připojení k místní síti: Kaspersky VPN -> kltun.sys
Wi-Fi: RZ616 Wi-Fi 6E 160MHz -> mtkwl6ex.sys
KL_KLIM6: Kaspersky Anti-Virus NDIS 6 Filter
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{A23798C1-1103-4D04-8FC6-60111B678D84}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft FZE LLC)
FirewallRules: [{046E82FA-7485-4A17-BE65-A9E2B324013F}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft FZE LLC)
FirewallRules: [{444B39F8-7079-4929-BACB-09A2BA12C7CA}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{456EC56A-0A6D-4307-9D84-60DA15AB2817}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{AFB22363-6423-4E24-96D7-816D89EEF46A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{98209029-6989-435A-AF44-6D239EF9F18C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{842919F6-2F91-4F41-B915-A645B9D9AD36}] => (Allow) C:\Program Files\WindowsApps\MSTeams_24295.605.3225.8804_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{54918C39-4159-4E6E-914A-CEFFA181CC4E}] => (Allow) C:\Program Files\WindowsApps\MSTeams_24295.605.3225.8804_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [FPS-SpoolWorker-In-TCP] => (Allow) C:\WINDOWS\system32\spoolsvworker.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [FPS-SpoolWorker-In-TCP-V2] => (Allow) C:\WINDOWS\system32\spoolsvworker.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [FPS-SpoolWorker-In-TCP-NoScope] => (Allow) C:\WINDOWS\system32\spoolsvworker.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{EAE8A3C8-DD74-4CFA-83A4-2C160B6DE09D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.138.3214.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C3D91BE7-7393-45C8-A896-FA3D9160A7EF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.138.3214.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{0F95AC7F-93A8-4DE5-8CDA-C316DB9448A2}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.138.3214.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{1E14AEA8-E992-46F7-9E0B-0E7450D61F36}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.138.3214.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{7C8C97FB-6431-41D2-8C5B-16BCD171C35D}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\135.0.3179.73\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{DC7DE2B3-70E6-455A-83F2-09AABE04213A}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe (The qBittorrent Project) [File not signed]
FirewallRules: [{25904816-7999-47EC-9847-631E437A718F}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe (The qBittorrent Project) [File not signed]
FirewallRules: [{3B6877A8-2728-451F-B001-FAC098B89226}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{1D6B1734-878F-4B16-B501-1065A2214B59}] => (Allow) C:\Program Files\Google\Play Games\current\emulator\crosvm.exe (Google LLC -> )
FirewallRules: [{B2F64F95-07FF-41F3-A207-0B601EF5315C}] => (Allow) C:\Program Files\Google\Play Games\current\emulator\crosvm.exe (Google LLC -> )
FirewallRules: [{A04CAEF3-9859-4847-9DB6-7C1458ED7A1F}] => (Allow) LPort=32683
FirewallRules: [{BCA15B64-BA3F-4656-A058-1A3A7AAC8609}] => (Allow) LPort=26822
==================== Restore Points =========================
12-04-2025 00:47:29 Windows Update
15-04-2025 21:33:46 Windows Update
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (04/19/2025 01:54:36 AM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit defragmentace na \\?\Volume{c38f51d5-9e0f-11ee-b38d-806e6f6e6963}\, protože: Svazky nejde optimalizovat kvůli nepodporovanému typu systému souborů. (0x8900002F)
Error: (04/19/2025 12:01:22 AM) (Source: Application Error) (EventID: 1000) (User: NT AUTHORITY)
Description: Název chybující aplikace: netsys64.exe, verze: 0.0.0.0, časové razítko: 0x66c74a87
Název chybujícího modulu: ntdll.dll, verze: 10.0.26100.3775, časové razítko: 0x5e4be250
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000007780b
ID chybujícího procesu: 0x1430
Čas spuštění chybující aplikace: 0x1dbb0ad6c145ff6
Cesta k chybující aplikaci: C:\Users\David\AppData\Roaming\Microsoft\SysDriver64\netrtwlansinf\netsys64.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID sestavy: 232b23e8-36f9-415f-b28f-4e5434a13ff2
Celý název chybujícího balíčku:
ID chybující aplikace relativní vzhledem k balíčku:
Error: (04/19/2025 12:01:22 AM) (Source: Application Error) (EventID: 1000) (User: NT AUTHORITY)
Description: Název chybující aplikace: coresys.exe, verze: 0.0.0.0, časové razítko: 0x00000000
Název chybujícího modulu: ntdll.dll, verze: 10.0.26100.3775, časové razítko: 0x5e4be250
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000007780b
ID chybujícího procesu: 0x12a0
Čas spuštění chybující aplikace: 0x1dbb0ad6c10165b
Cesta k chybující aplikaci: C:\Users\David\AppData\Roaming\Microsoft\kernel64\core\coresys.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID sestavy: 92d79f88-53fa-446e-947a-0e1c17388b83
Celý název chybujícího balíčku:
ID chybující aplikace relativní vzhledem k balíčku:
Error: (04/19/2025 12:00:10 AM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.]
Error: (04/18/2025 11:58:16 PM) (Source: Application Error) (EventID: 1000) (User: NT AUTHORITY)
Description: Název chybující aplikace: coresys.exe, verze: 0.0.0.0, časové razítko: 0x00000000
Název chybujícího modulu: ntdll.dll, verze: 10.0.26100.3775, časové razítko: 0x5e4be250
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000007780b
ID chybujícího procesu: 0x132c
Čas spuštění chybující aplikace: 0x1dbb0acfd2cf246
Cesta k chybující aplikaci: C:\Users\David\AppData\Roaming\Microsoft\kernel64\core\coresys.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID sestavy: 28146e62-5142-4f4a-8ac2-04cdf7ceaedd
Celý název chybujícího balíčku:
ID chybující aplikace relativní vzhledem k balíčku:
Error: (04/18/2025 11:58:16 PM) (Source: Application Error) (EventID: 1000) (User: NT AUTHORITY)
Description: Název chybující aplikace: netsys64.exe, verze: 0.0.0.0, časové razítko: 0x66c74a87
Název chybujícího modulu: ntdll.dll, verze: 10.0.26100.3775, časové razítko: 0x5e4be250
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000007780b
ID chybujícího procesu: 0x14ec
Čas spuštění chybující aplikace: 0x1dbb0acfd321d95
Cesta k chybující aplikaci: C:\Users\David\AppData\Roaming\Microsoft\SysDriver64\netrtwlansinf\netsys64.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID sestavy: bc51b1d1-4b1d-4a61-86b4-5e9c02fc4b88
Celý název chybujícího balíčku:
ID chybující aplikace relativní vzhledem k balíčku:
Error: (04/18/2025 11:56:36 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: LEDKeeper2.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.DllNotFoundException
na MSI_LED.Razer.MSI_RZ_UnInitial()
na MSI_LED.CRazer_SyncHandle.CRazer_Handler_Close()
na MSI_LED.App.CloseAPP()
na MSI_LED.WindowToGetHandle.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
na System.Windows.Interop.HwndSource.PublicHooksFilterMessage(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
na MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
na MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
na System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
na System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
na System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
na MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
Error: (04/18/2025 12:35:36 AM) (Source: Application Error) (EventID: 1000) (User: DEJFYQQ)
Description: Název chybující aplikace: SDXHelper.exe, verze: 16.0.11328.20158, časové razítko: 0x5c7f968c
Název chybujícího modulu: Mso20Win32Client.dll, verze: 16.0.11328.20156, časové razítko: 0x5c7f83eb
Kód výjimky: 0x01483052
Posun chyby: 0x001c5366
ID chybujícího procesu: 0xf1d8
Čas spuštění chybující aplikace: 0x1dbafe8fa33ff32
Cesta k chybující aplikaci: C:\Program Files (x86)\Microsoft Office\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\SDXHelper.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\Microsoft Office\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\Mso20Win32Client.dll
ID sestavy: 49239d3b-4269-4bb8-9125-35a578277d99
Celý název chybujícího balíčku:
ID chybující aplikace relativní vzhledem k balíčku:
System errors:
=============
Error: (04/19/2025 12:06:23 AM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1796) (User: NT AUTHORITY)
Description: The Secure Boot update failed to update a Secure Boot variable with error (-2147020471 = Zabezpečené spouštění není v tomto počítači zapnuto.). For more information, please see https://go.microsoft.com/fwlink/?linkid=2169931
Error: (04/19/2025 12:03:27 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba Aktualizace Google (gupdate) neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (04/19/2025 12:03:27 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Služba Aktualizace Google (gupdate) bylo dosaženo časového limitu (30000 ms).
Error: (04/19/2025 12:01:24 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba coresys neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (04/19/2025 12:01:24 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby coresys bylo dosaženo časového limitu (45000 ms).
Error: (04/19/2025 12:01:24 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba sysnet64 neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.
Error: (04/19/2025 12:01:24 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby sysnet64 bylo dosaženo časového limitu (45000 ms).
Error: (04/19/2025 12:00:10 AM) (Source: Microsoft-Windows-DeviceAssociationService) (EventID: 3503) (User: NT AUTHORITY)
Description: Služba přidružení zařízení zjistila chybu zjišťování koncového bodu.
CodeIntegrity:
===============
Date: 2025-04-19 02:58:41
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SecurityHealthService.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.
Date: 2025-04-19 02:58:11
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends International, LLC. 1.70 08/10/2023
Motherboard: Micro-Star International Co., Ltd. MAG B650 TOMAHAWK WIFI (MS-7D75)
Processor: AMD Ryzen 7 7800X3D 8-Core Processor
Percentage of memory in use: 46%
Total physical RAM: 31904.58 MB
Available physical RAM: 17062.84 MB
Total Virtual: 52384.58 MB
Available Virtual: 33583.82 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:248.55 GB) (Free:47.69 GB) (Model: KINGSTON SKC3000D2048G) NTFS
Drive d: (Místní disk) (Fixed) (Total:1657.73 GB) (Free:356.73 GB) (Model: KINGSTON SKC3000D2048G) NTFS
\\?\Volume{82ad4fce-2baf-4d47-9848-490f86efd609}\ () (Fixed) (Total:0.67 GB) (Free:0.09 GB) NTFS
\\?\Volume{4083c866-0f6f-4af0-a569-ca6bcac5ce48}\ () (Fixed) (Total:0.66 GB) (Free:0.08 GB) NTFS
\\?\Volume{6b5d3ba8-e03f-4fa3-8ab4-6662c5e7e01e}\ () (Fixed) (Total:0.09 GB) (Free:0.06 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Protective MBR) (Size: 1907.7 GB) (Disk ID: 00000000)
Partition: GPT.
==================== End of Addition.txt =======================
Re: Kaspersky vyhazuje upozornění na HEUR:Trojan.Multi.GenBadur.gena v systémové paměti - možná falešný poplach?
Ahoj,
pouzi fixlist.txt s obsahom:
Start
CloseProcesses:
S4 AmdTools64; \SystemRoot\System32\drivers\AmdTools64.sys [X]
S2 sysnet64; C:\Users\David\AppData\Roaming\Microsoft\SysDriver64\netrtwlansinf\netsys64.exe [747636224 2024-11-24] () [File not signed] <==== ATTENTION
S2 coresys; C:\Users\David\AppData\Roaming\Microsoft\kernel64\core\coresys.exe [762316288 2024-11-24] () [File not signed] <==== ATTENTION
Task: {077BA067-7C15-40F0-B22E-C9DC2A54B4A2} - System32\Tasks\Microsoft\Windows\Location\Notifications => %windir%\System32\LocationNotificationWindows.exe (No File)
Task: {F3E6E7ED-A196-4E44-8803-55FAB3AD4E29} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
End
pouzi fixlist.txt s obsahom:
Start
CloseProcesses:
S4 AmdTools64; \SystemRoot\System32\drivers\AmdTools64.sys [X]
S2 sysnet64; C:\Users\David\AppData\Roaming\Microsoft\SysDriver64\netrtwlansinf\netsys64.exe [747636224 2024-11-24] () [File not signed] <==== ATTENTION
S2 coresys; C:\Users\David\AppData\Roaming\Microsoft\kernel64\core\coresys.exe [762316288 2024-11-24] () [File not signed] <==== ATTENTION
Task: {077BA067-7C15-40F0-B22E-C9DC2A54B4A2} - System32\Tasks\Microsoft\Windows\Location\Notifications => %windir%\System32\LocationNotificationWindows.exe (No File)
Task: {F3E6E7ED-A196-4E44-8803-55FAB3AD4E29} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
End
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: Kaspersky vyhazuje upozornění na HEUR:Trojan.Multi.GenBadur.gena v systémové paměti - možná falešný poplach?
Zdravim, tady je fixlog, mam jeste poslat neco?
Fix result of Farbar Recovery Scan Tool (x64) Version: 01-04-2025
Ran by David (19-04-2025 13:02:26) Run:2
Running from C:\Users\David\Desktop
Loaded Profiles: David
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
S4 AmdTools64; \SystemRoot\System32\drivers\AmdTools64.sys [X]
S2 sysnet64; C:\Users\David\AppData\Roaming\Microsoft\SysDriver64\netrtwlansinf\netsys64.exe [747636224 2024-11-24] () [File not signed] <==== ATTENTION
S2 coresys; C:\Users\David\AppData\Roaming\Microsoft\kernel64\core\coresys.exe [762316288 2024-11-24] () [File not signed] <==== ATTENTION
Task: {077BA067-7C15-40F0-B22E-C9DC2A54B4A2} - System32\Tasks\Microsoft\Windows\Location\Notifications => %windir%\System32\LocationNotificationWindows.exe (No File)
Task: {F3E6E7ED-A196-4E44-8803-55FAB3AD4E29} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
End
*****************
Processes closed successfully.
HKLM\System\CurrentControlSet\Services\AmdTools64 => removed successfully
AmdTools64 => service removed successfully
HKLM\System\CurrentControlSet\Services\sysnet64 => removed successfully
sysnet64 => service removed successfully
HKLM\System\CurrentControlSet\Services\coresys => removed successfully
coresys => service removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{077BA067-7C15-40F0-B22E-C9DC2A54B4A2}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{077BA067-7C15-40F0-B22E-C9DC2A54B4A2}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Location\Notifications => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Location\Notifications" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F3E6E7ED-A196-4E44-8803-55FAB3AD4E29}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F3E6E7ED-A196-4E44-8803-55FAB3AD4E29}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker" => removed successfully
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiSpyware"="0" => value restored successfully
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiVirus"="0" => value restored successfully
The system needed a reboot.
==== End of Fixlog 13:02:28 ====
Fix result of Farbar Recovery Scan Tool (x64) Version: 01-04-2025
Ran by David (19-04-2025 13:02:26) Run:2
Running from C:\Users\David\Desktop
Loaded Profiles: David
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
S4 AmdTools64; \SystemRoot\System32\drivers\AmdTools64.sys [X]
S2 sysnet64; C:\Users\David\AppData\Roaming\Microsoft\SysDriver64\netrtwlansinf\netsys64.exe [747636224 2024-11-24] () [File not signed] <==== ATTENTION
S2 coresys; C:\Users\David\AppData\Roaming\Microsoft\kernel64\core\coresys.exe [762316288 2024-11-24] () [File not signed] <==== ATTENTION
Task: {077BA067-7C15-40F0-B22E-C9DC2A54B4A2} - System32\Tasks\Microsoft\Windows\Location\Notifications => %windir%\System32\LocationNotificationWindows.exe (No File)
Task: {F3E6E7ED-A196-4E44-8803-55FAB3AD4E29} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
End
*****************
Processes closed successfully.
HKLM\System\CurrentControlSet\Services\AmdTools64 => removed successfully
AmdTools64 => service removed successfully
HKLM\System\CurrentControlSet\Services\sysnet64 => removed successfully
sysnet64 => service removed successfully
HKLM\System\CurrentControlSet\Services\coresys => removed successfully
coresys => service removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{077BA067-7C15-40F0-B22E-C9DC2A54B4A2}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{077BA067-7C15-40F0-B22E-C9DC2A54B4A2}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Location\Notifications => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Location\Notifications" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F3E6E7ED-A196-4E44-8803-55FAB3AD4E29}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F3E6E7ED-A196-4E44-8803-55FAB3AD4E29}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker" => removed successfully
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiSpyware"="0" => value restored successfully
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiVirus"="0" => value restored successfully
The system needed a reboot.
==== End of Fixlog 13:02:28 ====
Re: Kaspersky vyhazuje upozornění na HEUR:Trojan.Multi.GenBadur.gena v systémové paměti - možná falešný poplach?
Restart PC a prescanuj disk PC s Kaspersky AV
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: Kaspersky vyhazuje upozornění na HEUR:Trojan.Multi.GenBadur.gena v systémové paměti - možná falešný poplach?
Takze jsem dal kompletni scan a Kaspersky uz nic nenasel, myslite, ze to uz to tedy ciste? 
Re: Kaspersky vyhazuje upozornění na HEUR:Trojan.Multi.GenBadur.gena v systémové paměti - možná falešný poplach?
Je to OK 
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: Kaspersky vyhazuje upozornění na HEUR:Trojan.Multi.GenBadur.gena v systémové paměti - možná falešný poplach?
Super, tak dekuji moc, muzete to tu zamknout a preji hezke Velikonoce! 
Re: Kaspersky vyhazuje upozornění na HEUR:Trojan.Multi.GenBadur.gena v systémové paměti - možná falešný poplach?
Rado sa stalo - pekne sviatky 
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Přispějete na provoz fóra?