Dobrý den, mám emailovou schránku na Seznamu a potýkám se v poslední době se spamem. Je to anglicky a chodí to z mé emailové adresy, Chodí to do složky Spam.
Píše se v ní, že mám zaplatit tolik a tolik do 48 hodin v bitcoinech. jinak změní hesla a rozešle videa,atd. mým kontaktům . Prý nainstaloval Trojany do všech zařízení. Nebo,že čeká na platbu. atd.
10.června 2025 jsem dával log FRST do preventivní kontroly tady na webu a nic se nenašlo. Antivir používám Eset Internet Security a nic nenašel ani Defender ve Windows 11. Router jem resetoval. Mikrofon ani webku nemám a sociální sítě nepoužívám.
Mám to ignorovat ?
Děkuji za příspěvky.
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Vyděračské emaily
Moderátor: Moderátoři
Pravidla fóra
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
-
Rudy
- Site Admin
- Příspěvky: 119356
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Vyděračské emaily
Zdravím!
Osobně bych to ignoroval. Někdo se baví tím, že vyhrožuje a čeká, kdo mu na to skočí a zaplatí. Není to první, a asi ani poslední pokus o podvodný výdělek. Takových mailů už mi přišlo, vše jsem ignoroval a doteď se nic neděje. Takže asi tak. Nejspíš jste dal na nějaký wb svou mailovou adresu a chytil se toho nějaký vejlupek.
Osobně bych to ignoroval. Někdo se baví tím, že vyhrožuje a čeká, kdo mu na to skočí a zaplatí. Není to první, a asi ani poslední pokus o podvodný výdělek. Takových mailů už mi přišlo, vše jsem ignoroval a doteď se nic neděje. Takže asi tak. Nejspíš jste dal na nějaký wb svou mailovou adresu a chytil se toho nějaký vejlupek.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Vyděračské emaily
Když to shrnu, tak mi tam žádný Trojan nenainstaloval nebo Teamviewer,atd. do PC.
-
Rudy
- Site Admin
- Příspěvky: 119356
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Vyděračské emaily
Pokud ne, pak není co řešit. 
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Vyděračské emaily
Mohu poprosit o kontrolu logu .
Přikládám ještě Addition log
Děkuji!
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 07-06-2025
Ran by david (administrator) on DESKTOP-IJSLQ8R (Micro-Star International Co., Ltd MS-7B86) (18-06-2025 12:49:46)
Running from C:\Users\david\Desktop\FRST64.exe
Loaded Profiles: david
Platform: Microsoft Windows 11 Home Version 24H2 26100.4349 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe <2>
(C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe ->) (AVerMedia TECHNOLOGIES, Inc -> ) C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe
(C:\Program Files\ESET\ESET Security\ekrn.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(C:\Program Files\ESET\ESET Security\ekrn.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eOppFrame.exe
(C:\Program Files\Mozilla Firefox\firefox.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\BrowserPrivacyAndSecurity.exe
(C:\Program Files\Mozilla Firefox\firefox.exe ->) (Mozilla Corporation -> Mozilla Foundation) C:\Program Files\Mozilla Firefox\crashhelper.exe
(C:\ProgramData\Wargaming.net\GameCenter\wgc.exe ->) (Wargaming Group Limited -> Wargaming.net) C:\ProgramData\Wargaming.net\GameCenter\dlls\wgc_renderer_host.exe <5>
(C:\ProgramData\Wargaming.net\GameCenter\wgc.exe ->) (Wargaming.net Limited -> Wargaming.net) C:\ProgramData\Wargaming.net\GameCenter\WargamingErrorMonitor.exe
(explorer.exe ->) (AVerMedia TECHNOLOGIES, Inc -> AVerMedia TECHNOLOGIES, Inc.) C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerQuick.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\OneDrive.exe
(explorer.exe ->) (Wargaming Group Limited -> Wargaming.net) C:\ProgramData\Wargaming.net\GameCenter\wgc.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <20>
(services.exe ->) () [File not signed] C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (AVerMedia TECHNOLOGIES, Inc -> AVerMedia) C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe
(services.exe ->) (Canon Inc. -> ) C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(services.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\efwd.exe
(services.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\25.095.0518.0002\FileSyncHelper.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25050.5-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25050.5-0\MsMpEng.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_9425e4c3b1ac1c47\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_0b6ff136fecebab7\RtkAudUService64.exe <2>
(services.exe ->) (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(services.exe ->) (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe
(services.exe ->) (SteelSeries France SASU -> Nahimic) C:\Windows\System32\NahimicService.exe
(sihost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftWindows.CrossDevice_1.25042.38.0_x64__cw5n1h2txyewy\CrossDeviceService.exe
(SteelSeries France SASU -> A-Volute) C:\Users\david\AppData\Local\NhNotifSys\nahimic\nahimicNotifSys.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\25.095.0518.0002\FileCoAuth.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.StartExperiencesApp_1.41.3.0_x64__8wekyb3d8bbwe\MicrosoftStartFeedProvider\MicrosoftStartFeedProvider.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_525.10401.30.0_x64__cw5n1h2txyewy\WidgetBoard.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe
(svchost.exe ->) (SteelSeries France SASU -> Nahimic) C:\Windows\System32\NahimicSvc64.exe
(svchost.exe ->) (SteelSeries France SASU -> Nahimic) C:\Windows\SysWOW64\NahimicSvc32.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_0b6ff136fecebab7\RtkAudUService64.exe [1650016 2023-03-16] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [292064 2025-04-28] (ESET, spol. s r.o. -> ESET)
HKU\S-1-5-21-2920095854-1669752291-3635278505-1001\...\Run: [MicrosoftEdgeAutoLaunch_30FCCE2722F4190AAE310221237BB02B] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4141120 2025-06-13] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2920095854-1669752291-3635278505-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [4966728 2025-06-14] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2920095854-1669752291-3635278505-1001\...\Run: [Wargaming.net Game Center] => C:\ProgramData\Wargaming.net\GameCenter\wgc.exe [2129936 2025-05-28] (Wargaming Group Limited -> Wargaming.net)
HKU\S-1-5-21-2920095854-1669752291-3635278505-1001\...\MountPoints2: {ed734c9f-3c88-11f0-b3fb-806e6f6e6963} - "F:\setup.exe"
HKLM\...\Windows x64\Print Processors\Canon TS3300 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDG3.DLL [506368 2023-06-05] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor TS3300 series: C:\Windows\system32\CNMLMG3.DLL [1334784 2023-06-05] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AVer HID Receiver.lnk [2025-05-29]
ShortcutTarget: AVer HID Receiver.lnk -> C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe (AVerMedia TECHNOLOGIES, Inc -> )
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AVerQuick.lnk [2025-05-29]
ShortcutTarget: AVerQuick.lnk -> C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerQuick.exe (AVerMedia TECHNOLOGIES, Inc -> AVerMedia TECHNOLOGIES, Inc.)
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {3B5BC435-0AFF-474B-BE58-CF9CB11233E5} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1580992 2025-03-21] (Adobe Inc. -> Adobe Inc.)
Task: {495028A8-128B-40DE-8F6D-40A9FBD4C19E} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28955352 2025-06-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {032A15F7-B220-4A7A-913E-C01D6984B1FB} - System32\Tasks\Microsoft\Office\Office Background Push Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\opushutil.exe [59664 2025-06-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {CAC81540-816D-44F4-9661-250495D7E525} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28955352 2025-06-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {B29EDED6-9AF6-458A-BCCD-FD1F5504F5B9} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [221872 2025-06-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {75EFAA82-AFBA-452D-9E84-EB947F076730} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [221872 2025-06-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {E95DB4D2-D804-4D81-942D-139778A0FA6A} - System32\Tasks\Microsoft\Office\Office Startup Boost => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [221872 2025-06-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {4B69FAE8-4174-40E5-BA4A-108C5259A9AF} - System32\Tasks\Microsoft\Office\Office Startup Boost Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [221872 2025-06-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {3A4B45C5-5AB7-4914-9BB3-245AE138AFD7} - System32\Tasks\Microsoft\Windows\Hotpatch\Monitoring => C:\Windows\system32\cmd.exe [376832 2025-06-10] (Microsoft Windows -> Microsoft Corporation) -> /d /c %systemroot%\system32\hpatchmonTask.cmd
Task: {B1AADECF-5E91-4F9C-BB81-D3D5972710CF} - System32\Tasks\Mozilla\Firefox Background Update S-1-5-21-2920095854-1669752291-3635278505-1001 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [695872 2025-06-10] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (the data entry has 6 more characters).
Task: {67B73CDE-D8EC-43A1-BA0E-2E4BCCB6FEE7} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [34880 2025-06-10] (Mozilla Corporation -> Mozilla Foundation)
Task: {653DA56B-3946-43B8-8423-1C6A61DC2AEF} - System32\Tasks\NahimicSvc32Run => C:\Windows\SysWOW64\NahimicSvc32.exe [1118128 2025-01-14] (SteelSeries France SASU -> Nahimic)
Task: {D59DBDC6-EC3D-4181-BC12-4C81E0D0A90C} - System32\Tasks\NahimicSvc64Run => C:\Windows\system32\NahimicSvc64.exe [1438128 2025-01-14] (SteelSeries France SASU -> Nahimic)
Task: {9FABA23D-26BE-461A-BE44-2683B37641F4} - System32\Tasks\NahimicTask32 => C:\Windows\System32\..\SysWOW64\NahimicSvc32.exe [1118128 0] (SteelSeries France SASU -> Nahimic)
Task: {B85DB1CA-F006-46A7-A2D4-A8D3A04FC68F} - System32\Tasks\NahimicTask64 => C:\Windows\System32\.\NahimicSvc64.exe [1438128 0] (SteelSeries France SASU -> Nahimic)
Task: {8EB9D70C-B102-4407-878B-0FD0593AFC8F} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4223792 2025-06-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {0C642580-5160-4C97-8B9B-F25FCAE3A971} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-2920095854-1669752291-3635278505-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4223792 2025-06-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {2ACBAE90-3CBA-46D8-8AA6-DC21E9653A5E} - System32\Tasks\OneDrive Startup Task-S-1-5-21-2920095854-1669752291-3635278505-1001 => C:\Program Files\Microsoft OneDrive\25.095.0518.0002\OneDriveLauncher.exe [684344 2025-06-14] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{597a1605-d190-4301-8c5e-d20e46aa83ab}: [DhcpNameServer] 192.168.0.1
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\david\AppData\Local\Microsoft\Edge\User Data\Default [2025-06-18]
Edge HomePage: Default -> hxxp://www.seznam.cz/
Edge StartupUrls: Default -> "hxxps://www.seznam.cz/"
Edge Extension: (Dokumenty Google offline) - C:\Users\david\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-05-29]
Edge Extension: (Edge relevant text changes) - C:\Users\david\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2025-05-29]
Edge Extension: (ESET Browser Privacy & Security) - C:\Users\david\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\nkapkmklnmidbbgjaipbgpcnbomnaakc [2025-06-18]
Edge HKLM-x32\...\Edge\Extension: [nkapkmklnmidbbgjaipbgpcnbomnaakc]
FireFox:
========
FF DefaultProfile: loa9ywao.default
FF ProfilePath: C:\Users\david\AppData\Roaming\Mozilla\Firefox\Profiles\loa9ywao.default [2025-06-10]
FF ProfilePath: C:\Users\david\AppData\Roaming\Mozilla\Firefox\Profiles\e4rv2yyu.default-release [2025-06-18]
FF Homepage: Mozilla\Firefox\Profiles\e4rv2yyu.default-release -> www.seznam.cz
FF Extension: (ESET Browser Privacy & Security) - C:\Users\david\AppData\Roaming\Mozilla\Firefox\Profiles\e4rv2yyu.default-release\Extensions\browserextension@eset.com.xpi [2025-05-29]
FF Extension: (Google Translator for Firefox) - C:\Users\david\AppData\Roaming\Mozilla\Firefox\Profiles\e4rv2yyu.default-release\Extensions\translator@zoli.bod.xpi [2025-05-29]
FF Extension: (Lion Power) - C:\Users\david\AppData\Roaming\Mozilla\Firefox\Profiles\e4rv2yyu.default-release\Extensions\{7044fa00-e6bb-40d6-88a2-e087ac3f53e6}.xpi [2025-05-29]
FF Extension: (Firefox B) - C:\Users\david\AppData\Roaming\Mozilla\Firefox\Profiles\e4rv2yyu.default-release\Extensions\{ac40163c-8804-4dad-90fc-e25ebd6e9a57}.xpi [2025-05-29]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2025-05-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2025-06-06] (Adobe Inc. -> Adobe Systems Inc.)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\eset_security_config_overlay.js [2025-06-18]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [174520 2025-03-21] (Adobe Inc. -> Adobe Inc.)
R2 AVerRemote; C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe [377664 2015-06-25] (AVerMedia TECHNOLOGIES, Inc -> AVerMedia)
R2 AVerScheduleService; C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe [771072 2017-02-06] () [File not signed]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13724344 2025-06-06] (Microsoft Corporation -> Microsoft Corporation)
R2 efwd; C:\Program Files\ESET\ESET Security\efwd.exe [5559152 2025-04-28] (ESET, spol. s r.o. -> ESET)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [4582480 2025-04-28] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [4582480 2025-04-28] (ESET, spol. s r.o. -> ESET)
R3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\25.095.0518.0002\FileSyncHelper.exe [3621688 2025-06-14] (Microsoft Corporation -> Microsoft Corporation)
S3 hpatchmon; C:\Windows\system32\hpatchmon.dll [173472 2025-06-10] (Microsoft Windows -> Microsoft Corporation)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [460488 2024-04-03] (Canon Inc. -> )
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25050.5-0\MpDefenderCoreService.exe [2071592 2025-06-13] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NahimicService; C:\Windows\System32\NahimicService.exe [1910704 2025-01-14] (SteelSeries France SASU -> Nahimic)
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_9425e4c3b1ac1c47\Display.NvContainer\NVDisplay.Container.exe [1275568 2024-12-04] (NVIDIA Corporation -> NVIDIA Corporation)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\25.095.0518.0002\OneDriveUpdaterService.exe [3873064 2025-06-14] (Microsoft Corporation -> Microsoft Corporation)
R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2024-10-18] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
R2 ss_conn_service2; C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe [933432 2024-10-18] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25050.5-0\NisSrv.exe [4513624 2025-06-13] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25050.5-0\MsMpEng.exe [278328 2025-06-13] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 amdgpio3; C:\Windows\System32\drivers\amdgpio3.sys [33592 2024-09-12] (ASMedia Technology Inc. -> Advanced Micro Devices, Inc)
R3 AVer871BDA; C:\Windows\System32\Drivers\AVer9303.sys [323096 2016-10-28] (Microsoft Windows Hardware Compatibility Publisher -> AVerMedia)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus2.sys [175824 2024-10-18] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [227224 2025-04-28] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [121816 2025-04-28] (Microsoft Windows Hardware Compatibility Publisher -> ESET)
S0 eelam; C:\Windows\System32\DRIVERS\eelam.sys [16336 2025-04-13] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [266944 2025-04-28] (ESET, spol. s r.o. -> ESET)
R2 ekbdflt; C:\Windows\system32\DRIVERS\ekbdflt.sys [57304 2025-04-28] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\Windows\system32\DRIVERS\epfw.sys [86200 2025-04-28] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [128512 2025-04-28] (ESET, spol. s r.o. -> ESET)
S3 esihdrv; C:\Users\david\AppData\Local\Temp\esihdrv.sys [205464 2025-06-17] (ESET, spol. s r.o. -> ESET) <==== ATTENTION
R3 KslD; C:\Windows\System32\drivers\wd\KslD.sys [330112 2025-06-13] (Microsoft Windows -> Microsoft Corporation)
R3 Nahimic_Mirroring; C:\Windows\System32\drivers\Nahimic_Mirroring.sys [94784 2022-06-02] (A-Volute SAS -> Windows (R) Win 7 DDK provider)
S3 PlutonHeci; C:\Windows\System32\DriverStore\FileRepository\pluton-heci.inf_amd64_f74945e2fcb1d3d7\pluton-heci.sys [75168 2025-06-10] (Microsoft Windows -> Microsoft Corporation)
S3 rtcx21; C:\Windows\System32\DriverStore\FileRepository\rtcx21x64.inf_amd64_feec7a9662e785f0\rtcx21x64.sys [539648 2024-03-28] (Microsoft Windows -> Realtek)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [174264 2024-10-18] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 ThermalFilter; C:\Windows\System32\DriverStore\FileRepository\c_thermal.inf_amd64_732a53ed1662b707\ThermalFilter.sys [75376 2025-05-29] (Microsoft Windows Hardware Abstraction Layer Publisher -> Microsoft Corporation)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [20032 2025-06-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [612768 2025-06-13] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [100744 2025-06-13] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2025-06-18 12:49 - 2025-06-18 12:50 - 000021718 _____ C:\Users\david\Desktop\FRST.txt
2025-06-18 12:48 - 2025-06-18 12:49 - 000000000 ____D C:\FRST
2025-06-18 12:45 - 2025-06-18 12:46 - 002406912 _____ (Farbar) C:\Users\david\Desktop\FRST64.exe
2025-06-18 12:10 - 2025-06-18 12:10 - 000677108 _____ C:\Windows\system32\perfh005.dat
2025-06-18 12:10 - 2025-06-18 12:10 - 000144960 _____ C:\Windows\system32\perfc005.dat
2025-06-18 10:56 - 2025-06-18 10:56 - 000002016 _____ C:\Users\Public\Desktop\ESET Zabezpečené bankovnictví a prohlížení webu.lnk
2025-06-18 10:55 - 2025-06-18 10:55 - 000000000 ____D C:\Users\david\AppData\Local\ESET
2025-06-18 10:55 - 2025-06-18 10:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2025-06-18 10:55 - 2025-06-18 10:55 - 000000000 ____D C:\ProgramData\ESET
2025-06-18 10:55 - 2025-06-18 10:55 - 000000000 ____D C:\Program Files\ESET
2025-06-13 13:55 - 2025-06-17 20:42 - 000004212 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{29C9C97D-9D0C-4060-AB82-367C056F9AC0}
2025-06-13 13:55 - 2025-06-13 13:55 - 000000000 ____D C:\Users\david\AppData\Local\NeoSmart_Technologies
2025-06-11 22:12 - 2025-06-11 22:12 - 000000000 ____D C:\Users\david\AppData\Roaming\Microsoft\HTML Help
2025-06-10 22:08 - 2025-06-18 10:58 - 000000000 ____D C:\Windows\CbsTemp
2025-06-10 21:52 - 2025-06-10 21:52 - 000001555 _____ C:\Windows\system32\DeviceFeatureDDF.json
2025-06-10 21:51 - 2025-06-10 21:51 - 000033224 _____ C:\Windows\SysWOW64\IntegratedServicesRegionPolicySet.json
2025-06-10 21:51 - 2025-06-10 21:51 - 000033224 _____ C:\Windows\system32\IntegratedServicesRegionPolicySet.json
2025-06-10 21:22 - 2025-06-10 22:23 - 000000000 ____D C:\Program Files\Mozilla Firefox
2025-06-07 15:10 - 2025-06-07 15:10 - 000000000 ____D C:\Users\david\AppData\Local\NVIDIA
2025-06-07 09:33 - 2025-06-07 09:33 - 000001657 _____ C:\Users\david\Desktop\World of Tanks EU.lnk
2025-06-07 09:16 - 2025-06-07 09:16 - 000000000 ____D C:\Windows\Microsoft Antimalware
2025-06-06 18:54 - 2025-06-18 12:03 - 000003108 _____ C:\Windows\system32\Tasks\NahimicTask32
2025-06-06 18:54 - 2025-06-18 12:03 - 000003088 _____ C:\Windows\system32\Tasks\NahimicTask64
2025-06-06 18:53 - 2025-01-14 15:30 - 006586192 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICV3apo.dll
2025-06-06 18:53 - 2025-01-14 15:30 - 001910704 _____ (Nahimic) C:\Windows\system32\NahimicService.exe
2025-06-06 18:53 - 2025-01-14 15:30 - 001438128 _____ (Nahimic) C:\Windows\system32\NahimicSvc64.exe
2025-06-06 18:53 - 2025-01-14 15:30 - 001216888 _____ (A-Volute) C:\Windows\system32\NhNotifSys.exe
2025-06-06 18:53 - 2025-01-14 15:30 - 001118128 _____ (Nahimic) C:\Windows\SysWOW64\NahimicSvc32.exe
2025-06-06 18:53 - 2025-01-14 15:30 - 001006456 _____ (A-Volute) C:\Windows\system32\NhNotifSys.dll
2025-06-06 18:53 - 2025-01-14 15:30 - 000805032 _____ (Nahimic) C:\Windows\system32\NAHIMICV3NSControl.dll
2025-06-06 18:53 - 2025-01-14 15:30 - 000780968 _____ (Nahimic) C:\Windows\system32\NAHIMICV3NSControlExpert.dll
2025-06-06 18:53 - 2025-01-14 15:30 - 000534336 _____ (Nahimic) C:\Windows\system32\NahimicAPO3ConfiguratorDaemonModule.dll
2025-06-06 18:53 - 2025-01-14 15:30 - 000526144 _____ (Nahimic) C:\Windows\system32\NahimicAPO4ConfiguratorDaemonModule.dll
2025-06-06 18:53 - 2025-01-14 15:30 - 000526040 _____ (Nahimic) C:\Windows\system32\NahimicPnPAPO4ConfiguratorDaemonModule.dll
2025-06-06 18:53 - 2025-01-14 15:30 - 000146000 _____ (A-Volute) C:\Windows\system32\NahimicSharedMemory.dll
2025-06-06 18:46 - 2025-06-06 18:54 - 000000000 ____D C:\ProgramData\A-Volute
2025-06-06 18:46 - 2025-06-06 18:46 - 000000000 ____D C:\Windows\system32\A-Volute
2025-06-06 18:45 - 2023-03-16 02:02 - 006457176 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2025-06-06 18:44 - 2022-10-03 16:39 - 002880280 _____ (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll
2025-06-06 12:00 - 2025-06-06 18:54 - 000000000 ____D C:\Windows\system32\zh-hant
2025-06-06 12:00 - 2025-06-06 18:54 - 000000000 ____D C:\Windows\system32\zh-hans
2025-06-06 12:00 - 2025-06-06 18:54 - 000000000 ____D C:\ProgramData\NahimicRestoreTool
2025-06-06 12:00 - 2025-06-06 12:00 - 000000000 ____D C:\Users\david\AppData\Local\Nahimic
2025-06-03 11:06 - 2025-06-07 09:33 - 000000000 ____D C:\Games
2025-06-03 11:03 - 2025-06-07 15:09 - 000000000 ____D C:\Users\david\AppData\Roaming\Wargaming.net
2025-06-03 11:03 - 2025-06-07 09:33 - 000000000 ____D C:\Users\david\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wargaming.net
2025-06-03 11:03 - 2025-06-03 11:03 - 000001892 _____ C:\Users\david\Desktop\Game Center.lnk
2025-06-03 11:03 - 2025-06-03 11:03 - 000000000 ____D C:\Users\david\AppData\Local\CEF
2025-06-03 11:01 - 2025-06-03 11:01 - 000000000 ____D C:\ProgramData\Wargaming.net
2025-06-02 22:54 - 2025-06-13 13:58 - 000000000 ____D C:\Windows\pss
2025-06-01 10:56 - 2025-06-01 10:57 - 000000000 ____D C:\Users\david\AppData\Roaming\Anvsoft
2025-06-01 10:56 - 2025-06-01 10:56 - 000001276 _____ C:\Users\david\Desktop\Any Video Converter.lnk
2025-06-01 10:56 - 2025-06-01 10:56 - 000000000 ____D C:\Program Files (x86)\Anvsoft
2025-06-01 10:42 - 2025-06-06 18:53 - 000000000 ____D C:\Users\david\AppData\Local\CrashDumps
2025-06-01 10:42 - 2025-06-01 10:52 - 000000000 ____D C:\Users\david\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Anvsoft
2025-06-01 10:42 - 2025-06-01 10:42 - 000000036 _____ C:\Users\david\AppData\Local\_LOCAL_GUID
2025-06-01 10:42 - 2025-06-01 10:42 - 000000000 ____H C:\Users\david\MJKJRegInfo_JSOIGNLOFVI6W4DODRL5DLLUHYENUXTM
2025-06-01 10:42 - 2025-06-01 10:42 - 000000000 ____D C:\Users\david\Documents\Any Video Converter
2025-06-01 10:42 - 2025-06-01 10:42 - 000000000 ____D C:\Users\david\AppData\Roaming\NVIDIA
2025-06-01 10:42 - 2025-06-01 10:42 - 000000000 ____D C:\Program Files\Anvsoft
2025-06-01 10:40 - 2025-06-01 10:52 - 000000000 ____D C:\Users\david\AppData\Roaming\Any Video Converter
2025-06-01 10:40 - 2025-06-01 10:40 - 000000000 ____D C:\Users\david\AppData\Roaming\com.anvsoft.avc.installer
2025-06-01 10:40 - 2025-06-01 10:40 - 000000000 ____D C:\ProgramData\com.anvsoft.avc.installer
2025-06-01 10:24 - 2025-06-01 10:24 - 000001205 _____ C:\ProgramData\Microsoft\Windows\Start Menu\BS.Player FREE.lnk
2025-06-01 10:24 - 2025-06-01 10:24 - 000001199 _____ C:\Users\Public\Desktop\BS.Player FREE.lnk
2025-06-01 10:24 - 2025-06-01 10:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BS.Player
2025-06-01 10:23 - 2025-06-01 10:24 - 000000000 ____D C:\Users\david\AppData\Roaming\BSplayer
2025-06-01 10:23 - 2025-06-01 10:23 - 000000000 ____D C:\Users\david\AppData\Roaming\BSplayer Pro
2025-06-01 10:23 - 2025-06-01 10:23 - 000000000 ____D C:\Program Files (x86)\Webteh
2025-06-01 10:04 - 2025-06-01 10:04 - 000001963 _____ C:\Users\david\Desktop\IrfanView Thumbnails.lnk
2025-06-01 10:04 - 2025-06-01 10:04 - 000001071 _____ C:\Users\david\Desktop\IrfanView.lnk
2025-06-01 10:04 - 2025-06-01 10:04 - 000000000 ____D C:\Users\david\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView
2025-06-01 10:04 - 2025-06-01 10:04 - 000000000 ____D C:\Users\david\AppData\Roaming\IrfanView
2025-06-01 10:04 - 2025-06-01 10:04 - 000000000 ____D C:\Program Files (x86)\IrfanView
2025-06-01 09:55 - 2025-06-01 09:55 - 000001731 _____ C:\Users\david\Desktop\Smart Switch.lnk
2025-06-01 09:45 - 2024-10-18 04:14 - 000175824 _____ (Samsung Electronics Co., Ltd.) C:\Windows\system32\Drivers\ssudbus2.sys
2025-06-01 09:45 - 2024-10-18 04:14 - 000174264 _____ (Samsung Electronics Co., Ltd.) C:\Windows\system32\Drivers\ssudmdm.sys
2025-06-01 09:44 - 2025-06-01 09:44 - 000000000 ___HD C:\Users\Public\Documents\NativeFus_Log
2025-06-01 09:24 - 2022-01-25 11:29 - 000144664 _____ (MAPILab Ltd. & Add-in Express Ltd.) C:\Windows\SysWOW64\secman.dll
2025-06-01 09:14 - 2025-06-01 09:14 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2025-06-01 09:11 - 2025-06-01 09:44 - 000000000 ____D C:\ProgramData\Samsung
2025-06-01 09:11 - 2025-06-01 09:44 - 000000000 ____D C:\Program Files\Samsung
2025-06-01 09:11 - 2025-06-01 09:33 - 000000000 ____D C:\Users\david\AppData\Roaming\Samsung
2025-06-01 09:11 - 2025-06-01 09:11 - 000000000 ____D C:\Users\david\Samsung
2025-05-31 21:49 - 2025-05-31 21:52 - 000000000 ___HD C:\ProgramData\CanonIJScan
2025-05-31 21:49 - 2025-05-31 21:49 - 000000000 ____D C:\Users\david\AppData\Roaming\Canon
2025-05-31 21:48 - 2025-05-31 21:44 - 000002188 _____ C:\Users\david\Desktop\IJ Scan Utility.lnk
2025-05-31 21:48 - 2025-05-31 21:44 - 000002063 _____ C:\Users\david\Desktop\IJ Printer Assistant Tool.lnk
2025-05-31 21:45 - 2025-05-31 21:45 - 000000242 _____ C:\Users\Public\Desktop\Další informace o vašem zařízení Canon TS3300 series.url
2025-05-31 21:45 - 2025-05-31 21:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Příručka Canon TS3300 series
2025-05-31 21:44 - 2025-05-31 21:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
2025-05-31 21:44 - 2025-05-31 21:44 - 000000000 ___HD C:\ProgramData\CanonBJ
2025-05-31 21:44 - 2025-05-31 21:44 - 000000000 ___HD C:\Program Files\CanonBJ
2025-05-31 21:44 - 2025-05-31 21:44 - 000000000 ____D C:\Program Files\Canon
2025-05-31 21:43 - 2025-06-01 14:52 - 000000000 ____D C:\ProgramData\CanonIJPLM
2025-05-31 21:43 - 2025-05-31 21:45 - 000000000 ____D C:\Program Files (x86)\Canon
2025-05-31 21:43 - 2025-05-31 21:43 - 000000000 ____D C:\ProgramData\Canon
2025-05-31 18:03 - 2025-05-31 18:03 - 000000000 ____D C:\Windows\system32\%userprofile%
2025-05-31 18:02 - 2025-06-15 07:56 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2025-05-31 18:02 - 2025-06-14 09:25 - 000003596 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2920095854-1669752291-3635278505-1001
2025-05-31 18:02 - 2025-06-14 09:25 - 000003194 _____ C:\Windows\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2025-05-31 18:02 - 2025-06-14 09:25 - 000002130 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2025-05-31 17:20 - 2025-05-31 17:20 - 000000000 ____D C:\Users\david\AppData\Roaming\Microsoft\Excel
2025-05-31 17:19 - 2025-06-16 19:18 - 000000000 ____D C:\Users\david\AppData\Roaming\Microsoft\UProof
2025-05-31 17:19 - 2025-05-31 17:19 - 000000000 ____D C:\Users\david\AppData\Roaming\Microsoft\Proof
2025-05-31 17:17 - 2025-05-31 17:20 - 000000000 ____D C:\Users\david\AppData\Roaming\Microsoft\Office
2025-05-31 17:17 - 2025-05-31 17:17 - 000000000 ____D C:\Users\david\AppData\Roaming\Microsoft\Word
2025-05-31 17:17 - 2025-05-31 17:17 - 000000000 ____D C:\Users\david\AppData\Roaming\Microsoft\AddIns
2025-05-31 17:15 - 2025-05-31 17:12 - 000002553 _____ C:\Users\david\Desktop\Word.lnk
2025-05-31 17:15 - 2025-05-31 17:12 - 000002525 _____ C:\Users\david\Desktop\Excel.lnk
2025-05-31 17:14 - 2025-05-31 18:03 - 000000000 ___RD C:\Users\Default\OneDrive
2025-05-31 17:12 - 2025-05-31 17:12 - 000002615 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sticky Notes (new).lnk
2025-05-31 17:12 - 2025-05-31 17:12 - 000002559 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk
2025-05-31 17:12 - 2025-05-31 17:12 - 000002553 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2025-05-31 17:12 - 2025-05-31 17:12 - 000002530 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2025-05-31 17:12 - 2025-05-31 17:12 - 000002525 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2025-05-31 17:12 - 2025-05-31 17:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje Microsoft Office
2025-05-31 17:04 - 2025-06-14 16:21 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2025-05-31 17:04 - 2025-05-31 17:04 - 000000000 ____D C:\Program Files\Microsoft Office 15
2025-05-31 13:29 - 2025-05-31 13:29 - 000000000 ____D C:\Users\david\AppData\Roaming\com.adobe.dunamis
2025-05-31 13:29 - 2025-05-31 13:29 - 000000000 ____D C:\Users\david\AppData\LocalLow\Adobe
2025-05-31 13:29 - 2025-05-31 13:29 - 000000000 ____D C:\Users\david\.ms-ad
2025-05-31 13:29 - 2025-05-31 13:29 - 000000000 ____D C:\ProgramData\Adobe
2025-05-31 13:28 - 2025-06-12 21:02 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader.lnk
2025-05-31 13:28 - 2025-05-31 13:37 - 000004562 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2025-05-31 13:28 - 2025-05-31 13:37 - 000002124 _____ C:\Users\Public\Desktop\Acrobat Reader.lnk
2025-05-31 13:27 - 2025-05-31 13:27 - 000000000 ____D C:\Program Files (x86)\Adobe
2025-05-31 13:24 - 2025-05-31 17:12 - 000000000 ____D C:\Users\david\AppData\Local\Adobe
2025-05-31 11:49 - 2025-06-17 18:55 - 000000000 ____D C:\Program Files\CrystalDiskInfo
2025-05-31 11:49 - 2025-05-31 11:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
2025-05-31 09:51 - 2025-06-06 12:02 - 000002428 _____ C:\Users\david\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Nahimic Companion.lnk
2025-05-31 09:35 - 2025-06-04 11:24 - 000007640 _____ C:\Users\david\AppData\Local\Resmon.ResmonCfg
2025-05-30 19:18 - 2025-05-30 19:18 - 000000000 ____D C:\Users\david\AppData\Local\ToastNotificationManagerCompat
2025-05-30 11:31 - 2025-05-30 11:31 - 000000000 ____D C:\Users\david\AppData\Local\Backup
2025-05-29 20:55 - 2025-06-06 10:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kingston SSD Manager x64
2025-05-29 20:55 - 2025-06-06 10:25 - 000000000 ____D C:\Program Files\Kingston_SSD_Manager
2025-05-29 18:40 - 2025-06-18 12:03 - 001209042 _____ C:\Windows\ntbtlog.txt
2025-05-29 18:40 - 2025-06-18 12:02 - 000000214 _____ C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job
2025-05-29 15:57 - 2025-06-18 12:42 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2025-05-29 15:57 - 2025-05-29 15:57 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2025-05-29 15:57 - 2025-05-29 15:57 - 000000000 ____D C:\Users\david\AppData\Roaming\Mozilla
2025-05-29 15:57 - 2025-05-29 15:57 - 000000000 ____D C:\Users\david\AppData\Local\Mozilla
2025-05-29 15:56 - 2025-06-10 22:23 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2025-05-29 15:56 - 2025-06-10 21:32 - 000001073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2025-05-29 15:56 - 2025-05-29 15:56 - 000002048 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox — anonymní prohlížení.lnk
2025-05-29 15:56 - 2025-05-29 15:56 - 000001061 _____ C:\Users\Public\Desktop\Firefox.lnk
2025-05-29 15:48 - 2025-06-07 20:01 - 000002342 _____ C:\Windows\system32\Tasks\NahimicSvc64Run
2025-05-29 15:48 - 2025-06-07 20:01 - 000002342 _____ C:\Windows\system32\Tasks\NahimicSvc32Run
2025-05-29 15:48 - 2025-05-29 15:48 - 000000000 ____D C:\ProgramData\Nahimic
2025-05-29 15:42 - 2025-05-29 15:42 - 000000000 ____D C:\Windows\system32\AccountHealthAssets
2025-05-29 15:42 - 2025-05-29 15:42 - 000000000 ____D C:\inetpub
2025-05-29 15:34 - 2025-05-29 15:34 - 000070484 _____ C:\Windows\SysWOW64\ctac.json
2025-05-29 15:34 - 2025-05-29 15:34 - 000070484 _____ C:\Windows\system32\ctac.json
2025-05-29 15:04 - 2025-05-29 15:04 - 000000000 ____D C:\Users\david\AppData\Local\Comms
2025-05-29 14:59 - 2025-06-11 09:30 - 000000000 ____D C:\Users\david\Documents\AVerTV
2025-05-29 14:58 - 2025-05-29 15:04 - 000000000 ____D C:\ProgramData\AVerTV 3D
2025-05-29 14:58 - 2025-05-29 14:58 - 000000000 ____D C:\Windows\Driver Cache
2025-05-29 14:57 - 2025-05-29 14:57 - 000002113 _____ C:\Users\Public\Desktop\AVerTV 3D.lnk
2025-05-29 14:57 - 2025-05-29 14:57 - 000000000 ____D C:\Users\david\AppData\Local\AVerMedia
2025-05-29 14:57 - 2025-05-29 14:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVerMedia
2025-05-29 14:56 - 2015-12-14 16:39 - 000194560 _____ (AVerMedia Technologies, Inc.) C:\Windows\SysWOW64\CardID.dll
2025-05-29 14:55 - 2025-05-29 14:58 - 000000000 ____D C:\Program Files (x86)\AVerMedia
2025-05-29 14:55 - 2017-08-22 10:32 - 000169984 _____ (TODO: <Company name>) C:\Windows\SysWOW64\amalib25.dll
2025-05-29 14:55 - 2017-05-24 09:24 - 024942592 _____ (FFmpeg Project) C:\Windows\SysWOW64\avcodec-57.dll
2025-05-29 14:55 - 2017-05-24 09:24 - 000684544 _____ (FFmpeg Project) C:\Windows\SysWOW64\avutil-55.dll
2025-05-29 14:55 - 2017-05-24 09:24 - 000511488 _____ (FFmpeg Project) C:\Windows\SysWOW64\swscale-4.dll
2025-05-29 14:55 - 2017-05-24 09:24 - 000294400 _____ (FFmpeg Project) C:\Windows\SysWOW64\swresample-2.dll
2025-05-29 14:55 - 2016-06-23 15:32 - 000327680 _____ C:\Windows\SysWOW64\libde265.dll
2025-05-29 14:55 - 2016-02-03 17:42 - 000651264 _____ C:\Windows\SysWOW64\sptlib21.dll
2025-05-29 14:55 - 2015-11-03 17:08 - 000205824 _____ (AVerMedia Technologies Inc.) C:\Windows\SysWOW64\VideoEncoderPL.dll
2025-05-29 14:55 - 2015-10-26 15:29 - 000151552 _____ C:\Windows\SysWOW64\sptlib26.dll
2025-05-29 14:55 - 2015-06-03 22:28 - 000294912 _____ C:\Windows\SysWOW64\sptlib11.dll
2025-05-29 14:55 - 2015-03-05 13:35 - 001622787 _____ (x264 project) C:\Windows\SysWOW64\core.dll
2025-05-29 14:55 - 2013-10-30 13:58 - 000307200 _____ C:\Windows\SysWOW64\sptlib03.dll
2025-05-29 14:55 - 2013-10-30 13:57 - 000311296 _____ C:\Windows\SysWOW64\sptlib01.dll
2025-05-29 14:55 - 2013-05-29 18:15 - 000462848 _____ C:\Windows\SysWOW64\sptlib12.dll
2025-05-29 14:55 - 2011-07-28 15:42 - 000307200 _____ C:\Windows\SysWOW64\sptlib22.dll
2025-05-29 14:55 - 2011-06-01 11:56 - 000421888 _____ C:\Windows\SysWOW64\sptlib02.dll
2025-05-29 14:55 - 2007-12-26 13:37 - 000045056 _____ (Open Source Software community project) C:\Windows\SysWOW64\pthreadVC.dll
2025-05-29 14:53 - 2025-05-29 14:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2025-05-29 14:53 - 2025-05-29 14:53 - 000000000 ____D C:\Program Files\7-Zip
2025-05-29 14:39 - 2025-05-29 14:39 - 000000000 ____D C:\Users\david\AppData\Local\OneDrive
2025-05-29 14:32 - 2025-06-12 12:02 - 000000000 ____D C:\Windows\system32\MRT
2025-05-29 14:31 - 2025-06-03 10:01 - 000000000 ____D C:\Windows\Panther
2025-05-29 14:21 - 2025-05-29 14:21 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2025-05-29 14:20 - 2025-05-29 14:20 - 000000000 ____D C:\Windows\system32\Drivers\NVIDIA Corporation
2025-05-29 14:18 - 2024-12-04 03:11 - 000125048 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2025-05-29 14:17 - 2024-12-04 20:05 - 002060664 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe
2025-05-29 14:17 - 2024-12-04 20:05 - 002060664 _____ C:\Windows\system32\vulkaninfo.exe
2025-05-29 14:17 - 2024-12-04 20:05 - 001600376 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2025-05-29 14:17 - 2024-12-04 20:05 - 001600376 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2025-05-29 14:17 - 2024-12-04 20:05 - 001452432 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll
2025-05-29 14:17 - 2024-12-04 20:05 - 001452432 _____ C:\Windows\system32\vulkan-1.dll
2025-05-29 14:17 - 2024-12-04 20:05 - 001301880 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll
2025-05-29 14:17 - 2024-12-04 20:05 - 001301880 _____ C:\Windows\SysWOW64\vulkan-1.dll
2025-05-29 14:17 - 2024-12-04 20:05 - 000478384 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2025-05-29 14:17 - 2024-12-04 20:05 - 000374432 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2025-05-29 14:17 - 2024-12-04 20:02 - 001114792 _____ (NVIDIA Corporation) C:\Windows\system32\nvml.dll
2025-05-29 14:17 - 2024-12-04 20:02 - 000670352 _____ (NVIDIA Corporation) C:\Windows\system32\nvofapi64.dll
2025-05-29 14:17 - 2024-12-04 20:02 - 000505504 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvofapi.dll
2025-05-29 14:17 - 2024-12-04 20:01 - 025450120 _____ C:\Windows\system32\nvidia-pcc.exe
2025-05-29 14:17 - 2024-12-04 20:01 - 001554608 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2025-05-29 14:17 - 2024-12-04 20:01 - 001208992 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2025-05-29 14:17 - 2024-12-04 20:01 - 000863888 _____ (NVIDIA Corporation) C:\Windows\system32\nvidia-smi.exe
2025-05-29 14:17 - 2024-12-04 20:00 - 016811696 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2025-05-29 14:17 - 2024-12-04 20:00 - 002185360 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2025-05-29 14:17 - 2024-12-04 20:00 - 001634464 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2025-05-29 14:17 - 2024-12-04 20:00 - 001042072 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2025-05-29 14:17 - 2024-12-04 20:00 - 000801432 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2025-05-29 14:17 - 2024-12-04 20:00 - 000462480 _____ (NVIDIA Corporation) C:\Windows\system32\nvdebugdump.exe
2025-05-29 14:17 - 2024-12-04 19:59 - 017736840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2025-05-29 14:17 - 2024-12-04 19:59 - 006953104 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2025-05-29 14:17 - 2024-12-04 19:59 - 005909664 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2025-05-29 14:17 - 2024-12-04 19:59 - 005435544 _____ (NVIDIA Corporation) C:\Windows\system32\nvcudadebugger.dll
2025-05-29 14:17 - 2024-12-04 19:59 - 003807888 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2025-05-29 14:17 - 2024-12-04 19:59 - 000853680 _____ (NVIDIA Corporation) C:\Windows\system32\MCU.exe
2025-05-29 14:17 - 2024-12-04 19:58 - 007158560 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2025-05-29 14:17 - 2024-12-04 19:58 - 006236264 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2025-05-29 14:17 - 2024-12-04 03:11 - 000132703 _____ C:\Windows\system32\nvinfo.pb
2025-05-29 14:15 - 2025-05-31 09:51 - 000000000 ____D C:\Users\david\AppData\Local\NhNotifSys
2025-05-29 14:13 - 2025-06-06 18:45 - 000000000 ___HD C:\Program Files (x86)\Temp
2025-05-29 14:11 - 2025-05-29 14:11 - 000000000 ____D C:\Users\david\AppData\Roaming\AMD
2025-05-29 14:11 - 2025-05-29 14:11 - 000000000 ____D C:\Program Files (x86)\AMD
2025-05-29 14:11 - 2025-05-29 14:11 - 000000000 ____D C:\AMD
2025-05-29 14:08 - 2025-06-06 18:45 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2025-05-29 14:08 - 2025-06-06 18:45 - 000000000 ____D C:\Program Files (x86)\Realtek
2025-05-29 14:08 - 2025-03-18 00:44 - 001406440 _____ (Realtek ) C:\Windows\system32\Drivers\rt640x64.sys
2025-05-29 14:05 - 2025-05-29 14:19 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2025-05-29 14:02 - 2025-06-14 14:13 - 000000000 ____D C:\MSI
2025-05-29 14:02 - 2025-05-29 14:02 - 000000000 ____D C:\Users\david\AppData\Local\Downloaded Installations
2025-05-29 14:02 - 2022-05-16 17:23 - 000013576 _____ (Windows (R) Win 7 DDK provider) C:\Windows\acpimof.dll
2025-05-29 14:01 - 2025-06-18 12:03 - 000000000 ____D C:\ProgramData\NVIDIA
2025-05-29 14:01 - 2025-06-14 14:13 - 000000000 ____D C:\Program Files (x86)\MSI
2025-05-29 14:01 - 2025-05-29 20:51 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2025-05-29 14:01 - 2025-05-29 14:21 - 000000000 ____D C:\Users\david\AppData\LocalLow\NVIDIA
2025-05-29 14:01 - 2025-05-29 14:01 - 000000000 ____D C:\ProgramData\Package Cache
2025-05-29 13:59 - 2025-05-29 14:03 - 000000000 ____D C:\ProgramData\MSI
2025-05-29 13:54 - 2025-06-07 20:01 - 000000000 ____D C:\Users\david\AppData\Roaming\Microsoft\MMC
2025-05-29 13:53 - 2025-05-29 13:53 - 000000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_amdpsp_01011.Wdf
2025-05-29 13:51 - 2025-06-14 09:25 - 000003552 _____ C:\Windows\system32\Tasks\OneDrive Startup Task-S-1-5-21-2920095854-1669752291-3635278505-1001
2025-05-29 13:51 - 2025-05-29 13:51 - 000000000 ___HD C:\OneDriveTemp
2025-05-29 13:50 - 2025-06-18 12:04 - 000000000 ___RD C:\Users\david\OneDrive
2025-05-29 13:50 - 2025-05-29 14:51 - 000000000 ____D C:\Users\david\AppData\Local\Publishers
2025-05-29 13:50 - 2025-05-29 13:50 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2025-05-29 13:47 - 2025-06-18 11:30 - 000000000 ____D C:\Users\david\AppData\Local\D3DSCache
2025-05-29 13:46 - 2025-06-18 12:04 - 000000000 ____D C:\Users\david\AppData\Local\Packages
2025-05-29 13:46 - 2025-05-31 13:29 - 000000000 ____D C:\Users\david\AppData\Roaming\Adobe
2025-05-29 13:46 - 2025-05-29 14:59 - 000000000 ____D C:\Users\david\AppData\Local\VirtualStore
2025-05-29 13:46 - 2025-05-29 13:50 - 000000000 __RHD C:\Users\Public\AccountPictures
2025-05-29 13:46 - 2025-05-29 13:46 - 000000000 ___SD C:\Users\david\AppData\Roaming\Microsoft\Crypto
2025-05-29 13:46 - 2025-05-29 13:46 - 000000000 ____D C:\Users\david\AppData\Roaming\Microsoft\Vault
2025-05-29 13:46 - 2025-05-29 13:46 - 000000000 ____D C:\Users\david\AppData\Local\ConnectedDevicesPlatform
2025-05-29 13:45 - 2025-06-06 18:54 - 000000000 ____D C:\Users\david\AppData\Local\PlaceholderTileLogoFolder
2025-05-29 13:45 - 2025-05-29 13:45 - 000000000 ____D C:\Users\david\AppData\Roaming\Microsoft\Network
2025-05-29 13:41 - 2025-06-18 12:10 - 001603790 _____ C:\Windows\system32\PerfStringBackup.INI
2025-05-29 13:41 - 2025-05-29 13:41 - 000000000 ___SD C:\Users\david\AppData\Roaming\Microsoft\SystemCertificates
2025-05-29 13:40 - 2025-06-17 14:33 - 000000000 ____D C:\Users\david
2025-05-29 13:40 - 2025-05-29 14:37 - 000000000 ____D C:\Users\david\AppData\Roaming\Microsoft\Spelling
2025-05-29 13:40 - 2025-05-29 13:47 - 000000000 ____D C:\Users\david\AppData\Roaming\Microsoft\Windows
2025-05-29 13:40 - 2025-05-29 13:40 - 000000020 ___SH C:\Users\david\ntuser.ini
2025-05-29 13:40 - 2025-05-29 13:40 - 000000000 _SHDL C:\Users\david\Šablony
2025-05-29 13:40 - 2025-05-29 13:40 - 000000000 _SHDL C:\Users\david\Soubory cookie
2025-05-29 13:40 - 2025-05-29 13:40 - 000000000 _SHDL C:\Users\david\Poslední
2025-05-29 13:40 - 2025-05-29 13:40 - 000000000 _SHDL C:\Users\david\Okolní tiskárny
2025-05-29 13:40 - 2025-05-29 13:40 - 000000000 _SHDL C:\Users\david\Okolní síť
2025-05-29 13:40 - 2025-05-29 13:40 - 000000000 _SHDL C:\Users\david\Nabídka Start
2025-05-29 13:40 - 2025-05-29 13:40 - 000000000 _SHDL C:\Users\david\Dokumenty
2025-05-29 13:40 - 2025-05-29 13:40 - 000000000 _SHDL C:\Users\david\Documents\Obrázky
2025-05-29 13:40 - 2025-05-29 13:40 - 000000000 _SHDL C:\Users\david\Documents\Hudba
2025-05-29 13:40 - 2025-05-29 13:40 - 000000000 _SHDL C:\Users\david\Documents\Filmy
2025-05-29 13:40 - 2025-05-29 13:40 - 000000000 _SHDL C:\Users\david\Data aplikací
2025-05-29 13:40 - 2025-05-29 13:40 - 000000000 _SHDL C:\Users\david\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2025-05-29 13:40 - 2025-05-29 13:40 - 000000000 _SHDL C:\Users\david\AppData\Local\Data aplikací
2025-05-29 13:40 - 2025-05-29 13:40 - 000000000 ___SD C:\Users\david\AppData\Roaming\Microsoft\Protect
2025-05-29 13:40 - 2025-05-29 13:40 - 000000000 ___SD C:\Users\david\AppData\Roaming\Microsoft\Credentials
2025-05-29 13:34 - 2025-06-18 12:04 - 000000000 ____D C:\ProgramData\Packages
2025-05-29 13:34 - 2025-05-29 13:34 - 000000000 _SHDL C:\Users\Public\Documents\Obrázky
2025-05-29 13:34 - 2025-05-29 13:34 - 000000000 _SHDL C:\Users\Public\Documents\Hudba
2025-05-29 13:34 - 2025-05-29 13:34 - 000000000 _SHDL C:\Users\Public\Documents\Filmy
2025-05-29 13:34 - 2025-05-29 13:34 - 000000000 _SHDL C:\Users\Default\Šablony
2025-05-29 13:34 - 2025-05-29 13:34 - 000000000 _SHDL C:\Users\Default\Soubory cookie
2025-05-29 13:34 - 2025-05-29 13:34 - 000000000 _SHDL C:\Users\Default\Poslední
2025-05-29 13:34 - 2025-05-29 13:34 - 000000000 _SHDL C:\Users\Default\Okolní tiskárny
2025-05-29 13:34 - 2025-05-29 13:34 - 000000000 _SHDL C:\Users\Default\Okolní síť
2025-05-29 13:34 - 2025-05-29 13:34 - 000000000 _SHDL C:\Users\Default\Nabídka Start
2025-05-29 13:34 - 2025-05-29 13:34 - 000000000 _SHDL C:\Users\Default\Dokumenty
2025-05-29 13:34 - 2025-05-29 13:34 - 000000000 _SHDL C:\Users\Default\Documents\Obrázky
2025-05-29 13:34 - 2025-05-29 13:34 - 000000000 _SHDL C:\Users\Default\Documents\Hudba
2025-05-29 13:34 - 2025-05-29 13:34 - 000000000 _SHDL C:\Users\Default\Documents\Filmy
2025-05-29 13:34 - 2025-05-29 13:34 - 000000000 _SHDL C:\Users\Default\Data aplikací
2025-05-29 13:34 - 2025-05-29 13:34 - 000000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2025-05-29 13:34 - 2025-05-29 13:34 - 000000000 _SHDL C:\Users\Default\AppData\Local\Data aplikací
2025-05-29 13:34 - 2025-05-29 13:34 - 000000000 _SHDL C:\ProgramData\Šablony
2025-05-29 13:34 - 2025-05-29 13:34 - 000000000 _SHDL C:\ProgramData\Plocha
2025-05-29 13:34 - 2025-05-29 13:34 - 000000000 _SHDL C:\ProgramData\Nabídka Start
2025-05-29 13:34 - 2025-05-29 13:34 - 000000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programy
2025-05-29 13:34 - 2025-05-29 13:34 - 000000000 _SHDL C:\ProgramData\Dokumenty
2025-05-29 13:34 - 2025-05-29 13:34 - 000000000 _SHDL C:\ProgramData\Data aplikací
2025-05-29 13:34 - 2025-05-29 13:34 - 000000000 _SHDL C:\Documents and Settings
2025-05-29 13:32 - 2025-06-18 12:03 - 000012288 ___SH C:\DumpStack.log.tmp
2025-05-29 13:32 - 2025-06-18 12:03 - 000011534 _____ C:\Windows\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2
2025-05-29 13:32 - 2025-06-18 12:03 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2025-05-29 13:32 - 2025-06-18 10:24 - 000000000 ____D C:\Windows\system32\SleepStudy
2025-05-29 13:32 - 2025-06-15 19:47 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2025-05-29 13:32 - 2025-06-15 19:47 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2025-05-29 13:32 - 2025-06-13 08:19 - 000000000 ____D C:\Windows\system32\Drivers\wd
2025-05-29 13:32 - 2025-06-10 22:23 - 000344008 _____ C:\Windows\system32\FNTCACHE.DAT
2025-05-29 13:32 - 2025-05-29 13:34 - 000003716 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA{01B088DA-A62B-4A48-BD8A-07CB154CA3F6}
2025-05-29 13:32 - 2025-05-29 13:34 - 000003590 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore{6CF29DA0-3906-413B-B017-6557F6DCB4DD}
2025-05-29 13:32 - 2025-05-29 13:32 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2025-05-29 13:32 - 2025-05-29 13:32 - 000000000 ____D C:\Windows\system32\config\BFS
2025-05-29 13:32 - 2025-05-29 13:32 - 000000000 ____D C:\Windows\ServiceProfiles
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2025-06-18 12:41 - 2024-04-01 09:26 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2025-06-18 12:20 - 2024-04-01 09:26 - 000000000 ____D C:\Windows\AppReadiness
2025-06-18 12:13 - 2024-04-01 09:26 - 000000000 ____D C:\Windows\SystemTemp
2025-06-18 12:10 - 2024-04-01 09:24 - 000000000 ____D C:\Windows\INF
2025-06-18 12:04 - 2024-04-01 09:26 - 000000000 ___HD C:\Program Files\WindowsApps
2025-06-18 12:03 - 2024-04-01 09:21 - 000524288 _____ C:\Windows\system32\config\BBI
2025-06-18 10:55 - 2024-04-01 09:26 - 000000000 ___HD C:\Windows\ELAMBKUP
2025-06-10 22:22 - 2024-04-01 18:30 - 000000000 ____D C:\Windows\system32\Microsoft-Edge-WebView
2025-06-10 22:22 - 2024-04-01 09:26 - 000000000 ___SD C:\Windows\SysWOW64\F12
2025-06-10 22:22 - 2024-04-01 09:26 - 000000000 ___SD C:\Windows\system32\F12
2025-06-10 22:22 - 2024-04-01 09:26 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2025-06-10 22:22 - 2024-04-01 09:26 - 000000000 ___RD C:\Program Files\Windows Defender
2025-06-10 22:22 - 2024-04-01 09:26 - 000000000 ____D C:\Windows\UUS
2025-06-10 22:22 - 2024-04-01 09:26 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata
2025-06-10 22:22 - 2024-04-01 09:26 - 000000000 ____D C:\Windows\SysWOW64\setup
2025-06-10 22:22 - 2024-04-01 09:26 - 000000000 ____D C:\Windows\SysWOW64\migwiz
2025-06-10 22:22 - 2024-04-01 09:26 - 000000000 ____D C:\Windows\SysWOW64\Dism
2025-06-10 22:22 - 2024-04-01 09:26 - 000000000 ____D C:\Windows\SysWOW64\Com
2025-06-10 22:22 - 2024-04-01 09:26 - 000000000 ____D C:\Windows\SystemResources
2025-06-10 22:22 - 2024-04-01 09:26 - 000000000 ____D C:\Windows\system32\WinMetadata
2025-06-10 22:22 - 2024-04-01 09:26 - 000000000 ____D C:\Windows\system32\ShellExperiences
2025-06-10 22:22 - 2024-04-01 09:26 - 000000000 ____D C:\Windows\system32\setup
2025-06-10 22:22 - 2024-04-01 09:26 - 000000000 ____D C:\Windows\system32\SecureBootUpdates
2025-06-10 22:22 - 2024-04-01 09:26 - 000000000 ____D C:\Windows\system32\oobe
2025-06-10 22:22 - 2024-04-01 09:26 - 000000000 ____D C:\Windows\system32\migwiz
2025-06-10 22:22 - 2024-04-01 09:26 - 000000000 ____D C:\Windows\system32\Dism
2025-06-10 22:22 - 2024-04-01 09:26 - 000000000 ____D C:\Windows\system32\DDFs
2025-06-10 22:22 - 2024-04-01 09:26 - 000000000 ____D C:\Windows\system32\Com
2025-06-10 22:22 - 2024-04-01 09:26 - 000000000 ____D C:\Windows\system32\appraiser
2025-06-10 22:22 - 2024-04-01 09:26 - 000000000 ____D C:\Windows\ShellExperiences
2025-06-10 22:22 - 2024-04-01 09:26 - 000000000 ____D C:\Windows\ShellComponents
2025-06-10 22:22 - 2024-04-01 09:26 - 000000000 ____D C:\Windows\PolicyDefinitions
2025-06-10 22:22 - 2024-04-01 09:26 - 000000000 ____D C:\Windows\BrowserCore
2025-06-10 22:22 - 2024-04-01 09:26 - 000000000 ____D C:\Windows\bcastdvr
2025-05-31 21:44 - 2024-04-01 09:26 - 000000000 __RSD C:\Windows\Media
2025-05-31 17:04 - 2024-04-01 09:26 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2025-05-31 09:57 - 2023-12-24 20:09 - 000000000 ____D C:\Users\david\Documents\Nokia Suite
2025-05-31 09:57 - 2023-12-24 20:09 - 000000000 ____D C:\Users\david\Documents\HiSuite
2025-05-30 08:20 - 2024-04-01 09:26 - 000000000 ____D C:\Windows\appcompat
2025-05-29 15:42 - 2024-10-05 02:19 - 000000000 ____D C:\Windows\InboxApps
2025-05-29 15:42 - 2024-04-01 18:31 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2025-05-29 15:42 - 2024-04-01 18:31 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2025-05-29 15:42 - 2024-04-01 18:30 - 000000000 ____D C:\Windows\system32\OpenSSH
2025-05-29 15:42 - 2024-04-01 09:26 - 000000000 ____D C:\Windows\SysWOW64\PerceptionSimulation
2025-05-29 15:42 - 2024-04-01 09:26 - 000000000 ____D C:\Windows\SysWOW64\oobe
2025-05-29 15:42 - 2024-04-01 09:26 - 000000000 ____D C:\Windows\SysWOW64\AdvancedInstallers
2025-05-29 15:42 - 2024-04-01 09:26 - 000000000 ____D C:\Windows\SystemApps
2025-05-29 15:42 - 2024-04-01 09:26 - 000000000 ____D C:\Windows\system32\WinBioPlugIns
2025-05-29 15:42 - 2024-04-01 09:26 - 000000000 ____D C:\Windows\system32\PerceptionSimulation
2025-05-29 15:42 - 2024-04-01 09:26 - 000000000 ____D C:\Windows\system32\HealthAttestationClient
2025-05-29 15:42 - 2024-04-01 09:26 - 000000000 ____D C:\Windows\system32\AdvancedInstallers
2025-05-29 15:42 - 2024-04-01 09:26 - 000000000 ____D C:\Windows\Provisioning
2025-05-29 15:42 - 2024-04-01 09:26 - 000000000 ____D C:\ProgramData\USOPrivate
2025-05-29 15:42 - 2024-04-01 09:26 - 000000000 ____D C:\Program Files\Common Files\System
2025-05-29 15:42 - 2024-04-01 09:21 - 000000000 ____D C:\Windows\servicing
2025-05-29 15:40 - 2024-04-01 09:26 - 000282624 _____ (Microsoft Corporation) C:\Windows\system32\msclmd.dll
2025-05-29 14:40 - 2024-04-01 09:26 - 000000000 ____D C:\Windows\system32\SecurityHealth
2025-05-29 14:32 - 2024-04-01 09:21 - 000032768 _____ C:\Windows\system32\config\ELAM
2025-05-29 14:31 - 2024-04-01 09:26 - 000028672 _____ C:\Windows\system32\config\BCD-Template
2025-05-29 14:10 - 2024-04-01 09:26 - 000000000 ____D C:\Windows\OCR
2025-05-29 13:36 - 2024-04-01 09:26 - 000000000 ____D C:\Windows\system32\AppLocker
2025-05-29 13:35 - 2024-04-01 09:26 - 000000000 ____D C:\Windows\system32\spool
2025-05-29 13:34 - 2024-04-01 09:26 - 000000000 ____D C:\Windows\system32\WinBioDatabase
2025-05-29 13:34 - 2024-04-01 09:26 - 000000000 ____D C:\Windows\ServiceState
2025-05-29 13:34 - 2024-04-01 09:26 - 000000000 ____D C:\Program Files\Windows NT
2025-05-29 13:32 - 2024-04-01 09:26 - 000000000 ____D C:\Windows\system32\Drivers\DriverData
==================== Files in the root of some directories ========
2025-05-31 09:35 - 2025-06-04 11:24 - 000007640 _____ () C:\Users\david\AppData\Local\Resmon.ResmonCfg
2025-06-01 10:42 - 2025-06-01 10:42 - 000000036 _____ () C:\Users\david\AppData\Local\_LOCAL_GUID
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07-06-2025
Ran by david (18-06-2025 12:51:06)
Running from C:\Users\david\Desktop
Microsoft Windows 11 Home Version 24H2 26100.4349 (X64) (2025-05-29 11:34:17)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-2920095854-1669752291-3635278505-500 - Administrator - Disabled)
david (S-1-5-21-2920095854-1669752291-3635278505-1001 - Administrator - Enabled) => C:\Users\david
DefaultAccount (S-1-5-21-2920095854-1669752291-3635278505-503 - Limited - Disabled)
Guest (S-1-5-21-2920095854-1669752291-3635278505-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-2920095854-1669752291-3635278505-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Security (Enabled - Up to date) {26E0861C-6FB9-CEF9-E4F0-531986211ACE}
FW: ESET Firewall (Enabled) {1EDB0739-25D6-CFA1-CFAF-FA2C78F25DB5}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 24.09 (x64) (HKLM\...\7-Zip) (Version: 24.09 - Igor Pavlov)
Adobe Acrobat Reader - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 25.001.20531 - Adobe Systems Incorporated)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601110}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
AMD GPIO2 Driver (HKLM-x32\...\{E9DD399F-21A3-479E-A7DF-D6CF4B2ADBF3}) (Version: 2.2.0.133 - Advanced Micro Devices, Inc.) Hidden
AMD Chipset Software (HKLM-x32\...\AMD_Chipset_IODrivers) (Version: 6.10.22.027 - Advanced Micro Devices, Inc.)
AMD PCI Driver (HKLM-x32\...\{80EC3CEE-2940-42A1-A776-B5D810D39F1E}) (Version: 1.0.0.90 - Advanced Micro Devices, Inc.) Hidden
AMD PSP Driver (HKLM-x32\...\{988F14B8-79A8-475D-BAC7-83F96AD3D821}) (Version: 5.30.0.0 - Advanced Micro Devices, Inc.) Hidden
AMD Ryzen Balanced Driver (HKLM-x32\...\{A171D320-C42C-4F3B-A2D8-C6A09F6788CC}) (Version: 8.0.0.13 - Advanced Micro Devices, Inc.) Hidden
AMD SBxxx SMBus Driver (HKLM-x32\...\{AAE0E27D-C88A-49BA-8715-77ADCD4286A3}) (Version: 5.12.0.44 - Advanced Micro Devices, Inc.) Hidden
AMD_Chipset_Drivers (HKLM-x32\...\{8d13ff58-77bd-4c18-a602-acd72ef0a328}) (Version: 6.10.22.027 - Advanced Micro Devices, Inc.) Hidden
Any Video Converter 7.1.7 (HKLM-x32\...\Any Video Converter) (Version: 7.1.7 - Anvsoft)
AVerMedia TD310 USB Pure DVB-T/T2/C 14.7.64.18 (HKLM-x32\...\AVerMedia TD310 USB Pure DVB-T/T2/C) (Version: 14.7.64.18 - AVerMedia TECHNOLOGIES, Inc.)
AVerTV 3D (HKLM-x32\...\InstallShield_{5016185F-05AF-455F-AA70-6B6E5D6D4E70}) (Version: 6.9.1.18.17080805-GA - AVerMedia Technologies, Inc.)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.78.1094 - AB Team, d.o.o.)
Canon IJ Printer Assistant Tool (HKLM-x32\...\Canon IJ Printer Assistant Tool) (Version: 1.90.3.36 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.5.5.3 - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 6.6.0 - Canon Inc.)
Canon TS3300 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_TS3300_series) (Version: 1.04 - Canon Inc.)
CrystalDiskInfo 9.6.3 (HKLM\...\CrystalDiskInfo_is1) (Version: 9.6.3 - Crystal Dew World)
ESET Security (HKLM\...\{0F3CB7F7-E580-4E9D-BC90-58BF9A860742}) (Version: 18.1.13.0 - ESET, spol. s r.o.)
IrfanView 4.70 (32-bit) (HKLM-x32\...\IrfanView) (Version: 4.70 - Irfan Skiljan)
Kingston SSD Manager x64 1.5.5.5 (HKLM-x32\...\{53F657CD-C4FC-4DCD-826E-6862917532AC}_is1) (Version: 1.5.5.5 - @2021 Kingston Digital, Inc.)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 137.0.3296.83 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 137.0.3296.83 - Microsoft Corporation) Hidden
Microsoft Office 2019 pro studenty a domácnosti - cs-cz (HKLM\...\HomeStudent2019Retail - cs-cz) (Version: 16.0.18827.20150 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 25.095.0518.0002 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.36.32532 (HKLM-x32\...\{8bdfe669-9705-4184-9368-db9ce581e0e7}) (Version: 14.36.32532.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.36.32532 (HKLM-x32\...\{410c0ee1-00bb-41b6-9772-e12c2828b02f}) (Version: 14.36.32532.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.36.32532 (HKLM\...\{0025DD72-A959-45B5-A0A3-7EFEB15A8050}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.36.32532 (HKLM\...\{D5D19E2F-7189-42FE-8103-92CD1FA457C2}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.36.32532 (HKLM-x32\...\{C2C59CAB-8766-4ABD-A8EF-1151A36C41E5}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.36.32532 (HKLM-x32\...\{73F77E4E-5A17-46E5-A5FC-8A061047725F}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 139.0.4 (x64 cs)) (Version: 139.0.4 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 139.0 - Mozilla)
NVIDIA Ovladač HD audia 1.4.2.6 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.4.2.6 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 566.36 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 566.36 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.23.1019 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.23.1019 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.18827.20102 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.18827.20102 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.18827.20150 - Microsoft Corporation) Hidden
Promontory_GPIO Driver (HKLM-x32\...\{B5512BCC-F4CD-4159-86A4-B2AD7D38FFA9}) (Version: 3.0.3.0 - Advanced Micro Devices, Inc.) Hidden
Realtek Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9492.1 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.74.1128.2024 - Realtek)
Registrace tiskárny (HKLM-x32\...\Canon EISRegistration) (Version: 1.9.2 - Canon Inc.)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.9.0.0 - Samsung Electronics Co., Ltd.)
Smart Switch Service (HKLM\...\{BCCC9A14-BFE6-4D35-8F44-D1AC9C89E626}) (Version: 5.0.24.0 - Samsung Electronics Co., Ltd.)
Wargaming.net Game Center (HKU\S-1-5-21-2920095854-1669752291-3635278505-1001\...\Wargaming.net Game Center) (Version: 25.2.0.9224 - Wargaming.net)
World of Tanks EU (HKU\S-1-5-21-2920095854-1669752291-3635278505-1001\...\2314027414) (Version: - Wargaming.net)
Packages:
=========
@{MicrosoftWindows.Client.CoreAI_1000.26100.4061.0_x64__cw5n1h2txyewy?ms-resource://MicrosoftWindows.Client.CoreAI/AIXHost/ClickToDo/AppDisplayName} -> C:\Windows\SystemApps\MicrosoftWindows.Client.CoreAI_cw5n1h2txyewy [2025-06-10] (Microsoft Windows)
Akce kliknutím (náhled) -> C:\Windows\SystemApps\MicrosoftWindows.Client.CoreAI_cw5n1h2txyewy [2025-06-10] (Microsoft Windows)
Balíček prostředí funkcí systému Windows -> C:\Windows\SystemApps\SxS\MicrosoftWindows.54792954.Filons_cw5n1h2txyewy [2025-06-10] (Microsoft Windows)
Balíček prostředí funkcí systému Windows -> C:\Windows\SystemApps\SxS\MicrosoftWindows.56978801.Voiess_cw5n1h2txyewy [2025-06-10] (Microsoft Windows)
Balíček prostředí funkcí systému Windows -> C:\Windows\SystemApps\SxS\MicrosoftWindows.57058570.Speion_cw5n1h2txyewy [2025-06-10] (Microsoft Windows)
Balíček prostředí funkcí systému Windows -> C:\Windows\SystemApps\SxS\MicrosoftWindows.57074914.Livtop_cw5n1h2txyewy [2025-06-10] (Microsoft Windows)
ESET Context Menu -> C:\Program Files\ESET\ESET Security [2025-06-18] (Sparse Package)
Microsoft Family -> C:\Program Files\WindowsApps\MicrosoftCorporationII.MicrosoftFamily_0.2.40.0_x64__8wekyb3d8bbwe [2025-05-30] (Microsoft Corp.)
Microsoft.Edge.GameAssist -> C:\Program Files\WindowsApps\Microsoft.Edge.GameAssist_1.0.3336.0_x64__8wekyb3d8bbwe [2025-06-05] (Microsoft Corporation)
Microsoft.HEVCVideoExtensions -> C:\Program Files\WindowsApps\Microsoft.HEVCVideoExtensions_2.4.1.0_x64__8wekyb3d8bbwe [2025-05-30] (Microsoft Corporation)
Microsoft.StartExperiencesApp -> C:\Program Files\WindowsApps\Microsoft.StartExperiencesApp_1.41.3.0_x64__8wekyb3d8bbwe [2025-06-10] (Microsoft Corporation)
Nahimic -> C:\Program Files\WindowsApps\A-Volute.Nahimic_1.10.5.0_x64__w2gh52qy24etm [2025-06-06] (A-Volute)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.968.0_x64__56jybvy8sckqj [2025-06-11] (NVIDIA Corp.)
OfficePushNotificationsUtility -> C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16 [2025-06-14] ()
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.1.137.0_x64__dt26b99r8h8gj [2025-05-29] (Realtek Semiconductor Corp)
Samsung SmartSwitch -> C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCO.LTD.SamsungSmartSwitch_5.0.24.0_x64__3c1yjt4zspk6g [2025-06-01] (Samsung Electronics Co. Ltd.)
SpotifyAB.SpotifyMusic -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.265.255.0_x64__zpdnekdrzrea0 [2025-06-04] (Spotify AB) [Startup Task]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2920095854-1669752291-3635278505-1001_Classes\CLSID\{04271989-C4D2-1C86-3D53-F2AC04DA8ED5} -> [OneDrive] => {a52bba46-e9e1-435f-b3d9-28daa648c0f6}
CustomCLSID: HKU\S-1-5-21-2920095854-1669752291-3635278505-1001_Classes\CLSID\{80172dde-4e20-4df0-81a2-0a48553e80bb}\localserver32 -> C:\Users\david\AppData\Local\NhNotifSys\nahimic\nahimicNotifSys.exe (SteelSeries France SASU -> A-Volute)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\25.095.0518.0002\FileSyncShell64.dll [2025-06-14] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\25.095.0518.0002\FileSyncShell64.dll [2025-06-14] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\25.095.0518.0002\FileSyncShell64.dll [2025-06-14] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\25.095.0518.0002\FileSyncShell64.dll [2025-06-14] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\25.095.0518.0002\FileSyncShell64.dll [2025-06-14] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\25.095.0518.0002\FileSyncShell64.dll [2025-06-14] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\25.095.0518.0002\FileSyncShell64.dll [2025-06-14] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\25.095.0518.0002\FileSyncShell64.dll [2025-06-14] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\25.095.0518.0002\FileSyncShell64.dll [2025-06-14] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\25.095.0518.0002\FileSyncShell64.dll [2025-06-14] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\25.095.0518.0002\FileSyncShell64.dll [2025-06-14] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\25.095.0518.0002\FileSyncShell64.dll [2025-06-14] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\25.095.0518.0002\FileSyncShell64.dll [2025-06-14] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\25.095.0518.0002\FileSyncShell64.dll [2025-06-14] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\25.095.0518.0002\FileSyncShell64.dll [2025-06-14] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2024-11-29] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2025-04-28] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2025-04-28] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\25.095.0518.0002\FileSyncShell64.dll [2025-06-14] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2024-11-29] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\25.095.0518.0002\FileSyncShell64.dll [2025-06-14] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_9425e4c3b1ac1c47\nvshext.dll [2024-12-04] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2024-11-29] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2025-04-28] (ESET, spol. s r.o. -> ESET)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2025-05-29 14:56 - 2012-06-09 18:33 - 000053248 _____ () [File not signed] C:\Program Files (x86)\Common Files\AVerMedia\dll\MsgLog.DLL
2025-05-29 14:56 - 2015-07-13 15:57 - 000372807 _____ (AVerMedia Technologies, Inc.) [File not signed] C:\Program Files (x86)\Common Files\AVerMedia\dll\A871.dll
2025-05-29 14:55 - 2015-08-28 18:05 - 000110080 _____ (AVerMedia Technologies, Inc.) [File not signed] C:\Program Files (x86)\Common Files\AVerMedia\dll\AVERAPI.dll
2025-05-29 14:55 - 2015-12-14 16:39 - 000194560 _____ (AVerMedia Technologies, Inc.) [File not signed] C:\Program Files (x86)\Common Files\AVerMedia\dll\CardID.dll
2025-05-29 14:55 - 2015-02-09 13:32 - 000770048 _____ (AVerMedia Technologies, Inc.) [File not signed] C:\Program Files (x86)\Common Files\AVerMedia\dll\GraphMaster.dll
2025-05-29 14:53 - 2024-11-29 20:00 - 000101376 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) =============
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2025-05-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2025-05-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2025-05-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2025-05-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2025-05-31] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2024-04-01 09:26 - 2024-04-01 09:24 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2920095854-1669752291-3635278505-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
Network Binding:
=============
Ethernet: Realtek PCIe GbE Family Controller -> rt640x64.sys
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{95DAAC38-326D-4794-8D90-A296E79A4961}] => (Allow) C:\Program Files\WindowsApps\MSTeams_25094.310.3616.953_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{78145923-0A0F-4949-8D3B-4F01C455E3A1}] => (Allow) C:\Program Files\WindowsApps\MSTeams_25094.310.3616.953_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [FPS-SpoolWorker-In-TCP] => (Allow) C:\Windows\system32\spoolsvworker.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [FPS-SpoolWorker-In-TCP-V2] => (Allow) C:\Windows\system32\spoolsvworker.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [FPS-SpoolWorker-In-TCP-NoScope] => (Allow) C:\Windows\system32\spoolsvworker.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{C01BF982-ED25-431B-A17D-4F081C2CF53F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{F3217FB1-4FE7-4BE6-A23C-46874AB49F1B}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{AE55C4FB-32CA-4189-8541-704FC531E15B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.265.255.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{45A11A49-2A6D-4B48-A049-BC3A52B7AB20}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.265.255.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{3A1F96FE-1D05-4F03-A1B6-68821195EE3C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.265.255.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{13E04D7D-3FA6-4285-BFF7-A52A11444580}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.265.255.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{3B65BC59-10BF-4A82-A026-6929AAF4EBDE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.265.255.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{A56A8A50-9AC5-46F7-96B5-2B2DE1E670FB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.265.255.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{7246B4C2-8F99-4098-A151-DE3A4F3337CC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.265.255.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{245E78B0-8661-4D35-B5E9-C19F94F41DDC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.265.255.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{B7D6E49C-3944-4310-9FC7-206424BDB163}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.265.255.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{3B4FEB88-A4AA-42F1-8E03-F3A6DD3B2B0D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.265.255.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{117434C6-B261-4526-B900-8232B9EF7BC7}] => (Allow) C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\WindowsBackupClient.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{F0094D38-5AF0-4EE0-AAF2-1C9BC84478E4}] => (Allow) C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\WindowsBackupClient.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{42F93D1A-29DD-46D8-BA53-DDB4A9AF1AE8}] => (Allow) C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\WindowsBackupClient.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{E01BB8EC-73C6-4753-97DC-49F47BA155C2}] => (Allow) C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\WindowsBackupClient.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{5BAB4E40-0AE6-454F-B7D4-42CDCCE9F3C2}] => (Allow) C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\WindowsBackupClient.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{6E2863E3-0375-43DA-B4E8-49763947DC26}] => (Allow) C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\WindowsBackupClient.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{8D3DFAF1-E917-4DA5-8AD8-A3F42C672EC5}] => (Allow) C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\WindowsBackupClient.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{ABB3D5C5-FA92-4F0D-8989-9527DA933CB6}] => (Allow) C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\WindowsBackupClient.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{B869DE53-7B81-4802-A923-91099D721ACC}] => (Allow) C:\Windows\SystemApps\MicrosoftWindows.Client.OOBE_cw5n1h2txyewy\OobeHostApp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{DC79D038-AAF8-48C3-943C-FDCF64AC61B7}] => (Allow) C:\Windows\SystemApps\MicrosoftWindows.Client.OOBE_cw5n1h2txyewy\OobeHostApp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{A4414541-1B20-47DF-A145-95DC390C576B}] => (Allow) C:\Windows\SystemApps\MicrosoftWindows.Client.OOBE_cw5n1h2txyewy\OobeHostApp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{098C0F74-97CD-4622-ADA5-952B7FAD7493}] => (Allow) C:\Windows\SystemApps\MicrosoftWindows.Client.OOBE_cw5n1h2txyewy\OobeHostApp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{29290881-C1EB-4549-B801-B20A9BB95C8B}] => (Allow) C:\Windows\SystemApps\MicrosoftWindows.Client.OOBE_cw5n1h2txyewy\OobeHostApp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{B1647E7F-7789-4019-B40B-DB2E26172535}] => (Allow) C:\Windows\SystemApps\MicrosoftWindows.Client.OOBE_cw5n1h2txyewy\OobeHostApp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{667B5A59-CEE8-4238-AC58-3757F2EACA1D}] => (Allow) C:\Windows\SystemApps\MicrosoftWindows.Client.OOBE_cw5n1h2txyewy\OobeHostApp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{5BA02D0A-B60F-4095-B20D-EE6FDBD32B9D}] => (Allow) C:\Windows\SystemApps\MicrosoftWindows.Client.OOBE_cw5n1h2txyewy\OobeHostApp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{76E2AC32-0845-4C32-A0BD-F09371464B23}] => (Allow) LPort=33683
FirewallRules: [{CFF0B9C9-BF6F-4CE4-8154-6E9EDC35850F}] => (Allow) LPort=26822
FirewallRules: [{F5276D28-A5B7-42AD-A34B-2448D3232694}] => (Allow) LPort=32683
FirewallRules: [{CF543B67-8AF8-4C84-96A6-06DC9CF0ABAD}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\137.0.3296.83\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
==================== Restore Points =========================
08-06-2025 19:15:51 Windows Update
10-06-2025 21:43:00 Instalační služba modulů systému Windows
14-06-2025 09:33:03 Windows Update
17-06-2025 13:59:45 Windows Update
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (06/18/2025 12:03:58 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro WORKGROUP\DESKTOP-IJSLQ8R$ přes https://AMD-KeyId-578c545f796951421221a ... s/Aik/scep se nepovedla:
GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Wed, 18 Jun 2025 10:03:56 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: ac5f334f-dfbe-4f83-b20f-de48ef8f829d
Metoda: GET(297ms)
Fáze: GetCACaps
Nenalezeno (404) 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)
Error: (06/18/2025 12:03:57 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro Místní systém přes https://AMD-KeyId-578c545f796951421221a ... s/Aik/scep se nepovedla:
GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Wed, 18 Jun 2025 10:03:56 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 715a136b-e8e9-4faf-a874-f00c75f1bdda
Metoda: GET(360ms)
Fáze: GetCACaps
Nenalezeno (404) 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)
Error: (06/18/2025 11:49:00 AM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro WORKGROUP\DESKTOP-IJSLQ8R$ přes https://AMD-KeyId-578c545f796951421221a ... s/Aik/scep se nepovedla:
GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Wed, 18 Jun 2025 09:48:59 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 1c843d98-306b-4db8-948c-d979287ddb34
Metoda: GET(296ms)
Fáze: GetCACaps
Nenalezeno (404) 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)
Error: (06/18/2025 11:49:00 AM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro WORKGROUP\DESKTOP-IJSLQ8R$ přes https://AMD-KeyId-578c545f796951421221a ... s/Aik/scep se nepovedla:
GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Wed, 18 Jun 2025 09:48:58 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 9ad7dd18-d389-4a51-b714-6401f44fe560
Metoda: GET(297ms)
Fáze: GetCACaps
Nenalezeno (404) 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)
Error: (06/18/2025 11:49:00 AM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro Místní systém přes https://AMD-KeyId-578c545f796951421221a ... s/Aik/scep se nepovedla:
GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Wed, 18 Jun 2025 09:48:58 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 90f7156d-3b71-45fc-9b83-6ffdba796ac6
Metoda: GET(359ms)
Fáze: GetCACaps
Nenalezeno (404) 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)
Error: (06/18/2025 11:22:51 AM) (Source: Microsoft Security Client) (EventID: 3002) (User: )
Description: Event-ID 3002
Error: (06/18/2025 11:22:51 AM) (Source: Microsoft Security Client) (EventID: 2002) (User: )
Description: Event-ID 2002
Error: (06/18/2025 11:22:50 AM) (Source: Microsoft Security Client) (EventID: 2003) (User: )
Description: Event-ID 2003
System errors:
=============
Error: (06/18/2025 12:03:08 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-IJSLQ8R)
Description: Služba DCOM zjistila chybu 1084 při pokusu o spuštění služby camsvc s argumenty Není k dispozici za účelem spuštění serveru:
Windows.Internal.CapabilityAccess.CapabilityAccess
Error: (06/18/2025 12:03:08 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-IJSLQ8R)
Description: Služba DCOM zjistila chybu 1084 při pokusu o spuštění služby TokenBroker s argumenty Není k dispozici za účelem spuštění serveru:
Windows.Internal.Security.Authentication.Web.TokenBrokerInternal
Error: (06/18/2025 12:03:08 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-IJSLQ8R)
Description: Služba DCOM zjistila chybu 1084 při pokusu o spuštění služby UdkUserSvc_397bd s argumenty Není k dispozici za účelem spuštění serveru:
WindowsUdkInternal.System.ActivationService
Error: (06/18/2025 12:03:08 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-IJSLQ8R)
Description: Služba DCOM zjistila chybu 1084 při pokusu o spuštění služby UdkUserSvc_397bd s argumenty Není k dispozici za účelem spuštění serveru:
WindowsUdk.UI.Shell.ViewCoordinator
Error: (06/18/2025 12:03:08 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-IJSLQ8R)
Description: Služba DCOM zjistila chybu 1084 při pokusu o spuštění služby UdkUserSvc_397bd s argumenty Není k dispozici za účelem spuštění serveru:
WindowsUdk.UI.Shell.ViewCoordinator
Error: (06/18/2025 12:03:08 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-IJSLQ8R)
Description: Služba DCOM zjistila chybu 1084 při pokusu o spuštění služby UdkUserSvc_397bd s argumenty Není k dispozici za účelem spuštění serveru:
WindowsUdk.UI.Shell.ViewCoordinator
Error: (06/18/2025 12:03:08 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-IJSLQ8R)
Description: Služba DCOM zjistila chybu 1084 při pokusu o spuštění služby UdkUserSvc_397bd s argumenty Není k dispozici za účelem spuštění serveru:
WindowsUdk.UI.Shell.ViewCoordinator
Error: (06/18/2025 12:03:03 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-IJSLQ8R)
Description: Služba DCOM zjistila chybu 1084 při pokusu o spuštění služby WSearch s argumenty Není k dispozici za účelem spuštění serveru:
{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}
Windows Defender:
================
Date: 2025-05-30 18:07:08
Description:
Antivirová ochrana v programu Microsoft Defender śčãп ħăѕ ьèзʼn şтόрφεð ьєƒôřę сбмρľεťіσи.%п %ŧŠčáʼn ĪĐ:%ъ{4DC24498-F7F4-4182-A629-5280AD8AE4D3}%ⁿ %τŜċâй Ŧуφĕ:%вAntimalwarový program%π %тЅсāπ Рãгåmэтзяŝ:%вRychlé prohledávání%и %тŰşéѓ:%ъNT AUTHORITY\SYSTEM%ʼn %ŧŜτøр Ѓēāѕσή:%ъΓРČ ċŏήйĕċтĩőп ґûʼnđбŵπ
Event[0]
Date: 2025-06-18 12:02:35
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Microsoft Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Při přístupu
Kód chyby: 0x8007043c
Popis chyby: Tuto službu nelze spustit v nouzovém režimu.
Důvod: Antimalwarové bezpečnostní informace přestaly z neznámých důvodů fungovat. V některých případech se tento problém dá vyřešit restartováním služby.
Date: 2025-06-18 08:52:07
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Microsoft Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Při přístupu
Kód chyby: 0x8007043c
Popis chyby: Tuto službu nelze spustit v nouzovém režimu.
Důvod: Antimalwarové bezpečnostní informace přestaly z neznámých důvodů fungovat. V některých případech se tento problém dá vyřešit restartováním služby.
Date: 2025-06-07 20:05:52
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Microsoft Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Při přístupu
Kód chyby: 0x8007043c
Popis chyby: Tuto službu nelze spustit v nouzovém režimu.
Důvod: Antimalwarové bezpečnostní informace přestaly z neznámých důvodů fungovat. V některých případech se tento problém dá vyřešit restartováním služby.
Date: 2025-05-29 18:40:46
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Microsoft Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Při přístupu
Kód chyby: 0x8007043c
Popis chyby: Tuto službu nelze spustit v nouzovém režimu.
Důvod: Antimalwarové bezpečnostní informace přestaly z neznámých důvodů fungovat. V některých případech se tento problém dá vyřešit restartováním služby.
CodeIntegrity:
===============
Date: 2025-06-18 12:30:21
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SecurityHealthService.exe) attempted to load \Device\HarddiskVolume3\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Windows signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends International, LLC. H.N0 03/21/2025
Motherboard: Micro-Star International Co., Ltd B450 GAMING PLUS MAX (MS-7B86)
Processor: AMD Ryzen 5 2600 Six-Core Processor
Percentage of memory in use: 34%
Total physical RAM: 16309.56 MB
Available physical RAM: 10636.22 MB
Total Virtual: 17333.56 MB
Available Virtual: 10084.86 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:299.26 GB) (Free:115.21 GB) (Model: KINGSTON SNV3S1000G) NTFS
Drive d: () (Fixed) (Total:631.51 GB) (Free:473.23 GB) (Model: KINGSTON SNV3S1000G) NTFS
\\?\Volume{51727108-a712-4bcc-b77b-0d333287a8e0}\ () (Fixed) (Total:0.63 GB) (Free:0.06 GB) NTFS
\\?\Volume{ebe85961-9060-4b84-ab32-783278932ad8}\ () (Fixed) (Total:0.09 GB) (Free:0.06 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)
Partition: GPT.
==================== End of Addition.txt =======================
Přikládám ještě Addition log
Děkuji!
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 07-06-2025
Ran by david (administrator) on DESKTOP-IJSLQ8R (Micro-Star International Co., Ltd MS-7B86) (18-06-2025 12:49:46)
Running from C:\Users\david\Desktop\FRST64.exe
Loaded Profiles: david
Platform: Microsoft Windows 11 Home Version 24H2 26100.4349 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe <2>
(C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe ->) (AVerMedia TECHNOLOGIES, Inc -> ) C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe
(C:\Program Files\ESET\ESET Security\ekrn.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(C:\Program Files\ESET\ESET Security\ekrn.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eOppFrame.exe
(C:\Program Files\Mozilla Firefox\firefox.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\BrowserPrivacyAndSecurity.exe
(C:\Program Files\Mozilla Firefox\firefox.exe ->) (Mozilla Corporation -> Mozilla Foundation) C:\Program Files\Mozilla Firefox\crashhelper.exe
(C:\ProgramData\Wargaming.net\GameCenter\wgc.exe ->) (Wargaming Group Limited -> Wargaming.net) C:\ProgramData\Wargaming.net\GameCenter\dlls\wgc_renderer_host.exe <5>
(C:\ProgramData\Wargaming.net\GameCenter\wgc.exe ->) (Wargaming.net Limited -> Wargaming.net) C:\ProgramData\Wargaming.net\GameCenter\WargamingErrorMonitor.exe
(explorer.exe ->) (AVerMedia TECHNOLOGIES, Inc -> AVerMedia TECHNOLOGIES, Inc.) C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerQuick.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\OneDrive.exe
(explorer.exe ->) (Wargaming Group Limited -> Wargaming.net) C:\ProgramData\Wargaming.net\GameCenter\wgc.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <20>
(services.exe ->) () [File not signed] C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (AVerMedia TECHNOLOGIES, Inc -> AVerMedia) C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe
(services.exe ->) (Canon Inc. -> ) C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(services.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\efwd.exe
(services.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\25.095.0518.0002\FileSyncHelper.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25050.5-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25050.5-0\MsMpEng.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_9425e4c3b1ac1c47\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_0b6ff136fecebab7\RtkAudUService64.exe <2>
(services.exe ->) (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(services.exe ->) (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe
(services.exe ->) (SteelSeries France SASU -> Nahimic) C:\Windows\System32\NahimicService.exe
(sihost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftWindows.CrossDevice_1.25042.38.0_x64__cw5n1h2txyewy\CrossDeviceService.exe
(SteelSeries France SASU -> A-Volute) C:\Users\david\AppData\Local\NhNotifSys\nahimic\nahimicNotifSys.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\25.095.0518.0002\FileCoAuth.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.StartExperiencesApp_1.41.3.0_x64__8wekyb3d8bbwe\MicrosoftStartFeedProvider\MicrosoftStartFeedProvider.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_525.10401.30.0_x64__cw5n1h2txyewy\WidgetBoard.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe
(svchost.exe ->) (SteelSeries France SASU -> Nahimic) C:\Windows\System32\NahimicSvc64.exe
(svchost.exe ->) (SteelSeries France SASU -> Nahimic) C:\Windows\SysWOW64\NahimicSvc32.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_0b6ff136fecebab7\RtkAudUService64.exe [1650016 2023-03-16] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [292064 2025-04-28] (ESET, spol. s r.o. -> ESET)
HKU\S-1-5-21-2920095854-1669752291-3635278505-1001\...\Run: [MicrosoftEdgeAutoLaunch_30FCCE2722F4190AAE310221237BB02B] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4141120 2025-06-13] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2920095854-1669752291-3635278505-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [4966728 2025-06-14] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2920095854-1669752291-3635278505-1001\...\Run: [Wargaming.net Game Center] => C:\ProgramData\Wargaming.net\GameCenter\wgc.exe [2129936 2025-05-28] (Wargaming Group Limited -> Wargaming.net)
HKU\S-1-5-21-2920095854-1669752291-3635278505-1001\...\MountPoints2: {ed734c9f-3c88-11f0-b3fb-806e6f6e6963} - "F:\setup.exe"
HKLM\...\Windows x64\Print Processors\Canon TS3300 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDG3.DLL [506368 2023-06-05] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor TS3300 series: C:\Windows\system32\CNMLMG3.DLL [1334784 2023-06-05] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AVer HID Receiver.lnk [2025-05-29]
ShortcutTarget: AVer HID Receiver.lnk -> C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe (AVerMedia TECHNOLOGIES, Inc -> )
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AVerQuick.lnk [2025-05-29]
ShortcutTarget: AVerQuick.lnk -> C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerQuick.exe (AVerMedia TECHNOLOGIES, Inc -> AVerMedia TECHNOLOGIES, Inc.)
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {3B5BC435-0AFF-474B-BE58-CF9CB11233E5} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1580992 2025-03-21] (Adobe Inc. -> Adobe Inc.)
Task: {495028A8-128B-40DE-8F6D-40A9FBD4C19E} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28955352 2025-06-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {032A15F7-B220-4A7A-913E-C01D6984B1FB} - System32\Tasks\Microsoft\Office\Office Background Push Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\opushutil.exe [59664 2025-06-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {CAC81540-816D-44F4-9661-250495D7E525} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28955352 2025-06-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {B29EDED6-9AF6-458A-BCCD-FD1F5504F5B9} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [221872 2025-06-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {75EFAA82-AFBA-452D-9E84-EB947F076730} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [221872 2025-06-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {E95DB4D2-D804-4D81-942D-139778A0FA6A} - System32\Tasks\Microsoft\Office\Office Startup Boost => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [221872 2025-06-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {4B69FAE8-4174-40E5-BA4A-108C5259A9AF} - System32\Tasks\Microsoft\Office\Office Startup Boost Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [221872 2025-06-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {3A4B45C5-5AB7-4914-9BB3-245AE138AFD7} - System32\Tasks\Microsoft\Windows\Hotpatch\Monitoring => C:\Windows\system32\cmd.exe [376832 2025-06-10] (Microsoft Windows -> Microsoft Corporation) -> /d /c %systemroot%\system32\hpatchmonTask.cmd
Task: {B1AADECF-5E91-4F9C-BB81-D3D5972710CF} - System32\Tasks\Mozilla\Firefox Background Update S-1-5-21-2920095854-1669752291-3635278505-1001 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [695872 2025-06-10] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (the data entry has 6 more characters).
Task: {67B73CDE-D8EC-43A1-BA0E-2E4BCCB6FEE7} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [34880 2025-06-10] (Mozilla Corporation -> Mozilla Foundation)
Task: {653DA56B-3946-43B8-8423-1C6A61DC2AEF} - System32\Tasks\NahimicSvc32Run => C:\Windows\SysWOW64\NahimicSvc32.exe [1118128 2025-01-14] (SteelSeries France SASU -> Nahimic)
Task: {D59DBDC6-EC3D-4181-BC12-4C81E0D0A90C} - System32\Tasks\NahimicSvc64Run => C:\Windows\system32\NahimicSvc64.exe [1438128 2025-01-14] (SteelSeries France SASU -> Nahimic)
Task: {9FABA23D-26BE-461A-BE44-2683B37641F4} - System32\Tasks\NahimicTask32 => C:\Windows\System32\..\SysWOW64\NahimicSvc32.exe [1118128 0] (SteelSeries France SASU -> Nahimic)
Task: {B85DB1CA-F006-46A7-A2D4-A8D3A04FC68F} - System32\Tasks\NahimicTask64 => C:\Windows\System32\.\NahimicSvc64.exe [1438128 0] (SteelSeries France SASU -> Nahimic)
Task: {8EB9D70C-B102-4407-878B-0FD0593AFC8F} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4223792 2025-06-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {0C642580-5160-4C97-8B9B-F25FCAE3A971} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-2920095854-1669752291-3635278505-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4223792 2025-06-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {2ACBAE90-3CBA-46D8-8AA6-DC21E9653A5E} - System32\Tasks\OneDrive Startup Task-S-1-5-21-2920095854-1669752291-3635278505-1001 => C:\Program Files\Microsoft OneDrive\25.095.0518.0002\OneDriveLauncher.exe [684344 2025-06-14] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{597a1605-d190-4301-8c5e-d20e46aa83ab}: [DhcpNameServer] 192.168.0.1
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\david\AppData\Local\Microsoft\Edge\User Data\Default [2025-06-18]
Edge HomePage: Default -> hxxp://www.seznam.cz/
Edge StartupUrls: Default -> "hxxps://www.seznam.cz/"
Edge Extension: (Dokumenty Google offline) - C:\Users\david\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-05-29]
Edge Extension: (Edge relevant text changes) - C:\Users\david\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2025-05-29]
Edge Extension: (ESET Browser Privacy & Security) - C:\Users\david\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\nkapkmklnmidbbgjaipbgpcnbomnaakc [2025-06-18]
Edge HKLM-x32\...\Edge\Extension: [nkapkmklnmidbbgjaipbgpcnbomnaakc]
FireFox:
========
FF DefaultProfile: loa9ywao.default
FF ProfilePath: C:\Users\david\AppData\Roaming\Mozilla\Firefox\Profiles\loa9ywao.default [2025-06-10]
FF ProfilePath: C:\Users\david\AppData\Roaming\Mozilla\Firefox\Profiles\e4rv2yyu.default-release [2025-06-18]
FF Homepage: Mozilla\Firefox\Profiles\e4rv2yyu.default-release -> www.seznam.cz
FF Extension: (ESET Browser Privacy & Security) - C:\Users\david\AppData\Roaming\Mozilla\Firefox\Profiles\e4rv2yyu.default-release\Extensions\browserextension@eset.com.xpi [2025-05-29]
FF Extension: (Google Translator for Firefox) - C:\Users\david\AppData\Roaming\Mozilla\Firefox\Profiles\e4rv2yyu.default-release\Extensions\translator@zoli.bod.xpi [2025-05-29]
FF Extension: (Lion Power) - C:\Users\david\AppData\Roaming\Mozilla\Firefox\Profiles\e4rv2yyu.default-release\Extensions\{7044fa00-e6bb-40d6-88a2-e087ac3f53e6}.xpi [2025-05-29]
FF Extension: (Firefox B) - C:\Users\david\AppData\Roaming\Mozilla\Firefox\Profiles\e4rv2yyu.default-release\Extensions\{ac40163c-8804-4dad-90fc-e25ebd6e9a57}.xpi [2025-05-29]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2025-05-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2025-06-06] (Adobe Inc. -> Adobe Systems Inc.)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\eset_security_config_overlay.js [2025-06-18]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [174520 2025-03-21] (Adobe Inc. -> Adobe Inc.)
R2 AVerRemote; C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe [377664 2015-06-25] (AVerMedia TECHNOLOGIES, Inc -> AVerMedia)
R2 AVerScheduleService; C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe [771072 2017-02-06] () [File not signed]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13724344 2025-06-06] (Microsoft Corporation -> Microsoft Corporation)
R2 efwd; C:\Program Files\ESET\ESET Security\efwd.exe [5559152 2025-04-28] (ESET, spol. s r.o. -> ESET)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [4582480 2025-04-28] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [4582480 2025-04-28] (ESET, spol. s r.o. -> ESET)
R3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\25.095.0518.0002\FileSyncHelper.exe [3621688 2025-06-14] (Microsoft Corporation -> Microsoft Corporation)
S3 hpatchmon; C:\Windows\system32\hpatchmon.dll [173472 2025-06-10] (Microsoft Windows -> Microsoft Corporation)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [460488 2024-04-03] (Canon Inc. -> )
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25050.5-0\MpDefenderCoreService.exe [2071592 2025-06-13] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NahimicService; C:\Windows\System32\NahimicService.exe [1910704 2025-01-14] (SteelSeries France SASU -> Nahimic)
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_9425e4c3b1ac1c47\Display.NvContainer\NVDisplay.Container.exe [1275568 2024-12-04] (NVIDIA Corporation -> NVIDIA Corporation)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\25.095.0518.0002\OneDriveUpdaterService.exe [3873064 2025-06-14] (Microsoft Corporation -> Microsoft Corporation)
R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2024-10-18] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
R2 ss_conn_service2; C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe [933432 2024-10-18] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25050.5-0\NisSrv.exe [4513624 2025-06-13] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25050.5-0\MsMpEng.exe [278328 2025-06-13] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 amdgpio3; C:\Windows\System32\drivers\amdgpio3.sys [33592 2024-09-12] (ASMedia Technology Inc. -> Advanced Micro Devices, Inc)
R3 AVer871BDA; C:\Windows\System32\Drivers\AVer9303.sys [323096 2016-10-28] (Microsoft Windows Hardware Compatibility Publisher -> AVerMedia)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus2.sys [175824 2024-10-18] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [227224 2025-04-28] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [121816 2025-04-28] (Microsoft Windows Hardware Compatibility Publisher -> ESET)
S0 eelam; C:\Windows\System32\DRIVERS\eelam.sys [16336 2025-04-13] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [266944 2025-04-28] (ESET, spol. s r.o. -> ESET)
R2 ekbdflt; C:\Windows\system32\DRIVERS\ekbdflt.sys [57304 2025-04-28] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\Windows\system32\DRIVERS\epfw.sys [86200 2025-04-28] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [128512 2025-04-28] (ESET, spol. s r.o. -> ESET)
S3 esihdrv; C:\Users\david\AppData\Local\Temp\esihdrv.sys [205464 2025-06-17] (ESET, spol. s r.o. -> ESET) <==== ATTENTION
R3 KslD; C:\Windows\System32\drivers\wd\KslD.sys [330112 2025-06-13] (Microsoft Windows -> Microsoft Corporation)
R3 Nahimic_Mirroring; C:\Windows\System32\drivers\Nahimic_Mirroring.sys [94784 2022-06-02] (A-Volute SAS -> Windows (R) Win 7 DDK provider)
S3 PlutonHeci; C:\Windows\System32\DriverStore\FileRepository\pluton-heci.inf_amd64_f74945e2fcb1d3d7\pluton-heci.sys [75168 2025-06-10] (Microsoft Windows -> Microsoft Corporation)
S3 rtcx21; C:\Windows\System32\DriverStore\FileRepository\rtcx21x64.inf_amd64_feec7a9662e785f0\rtcx21x64.sys [539648 2024-03-28] (Microsoft Windows -> Realtek)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [174264 2024-10-18] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 ThermalFilter; C:\Windows\System32\DriverStore\FileRepository\c_thermal.inf_amd64_732a53ed1662b707\ThermalFilter.sys [75376 2025-05-29] (Microsoft Windows Hardware Abstraction Layer Publisher -> Microsoft Corporation)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [20032 2025-06-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [612768 2025-06-13] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [100744 2025-06-13] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2025-06-18 12:49 - 2025-06-18 12:50 - 000021718 _____ C:\Users\david\Desktop\FRST.txt
2025-06-18 12:48 - 2025-06-18 12:49 - 000000000 ____D C:\FRST
2025-06-18 12:45 - 2025-06-18 12:46 - 002406912 _____ (Farbar) C:\Users\david\Desktop\FRST64.exe
2025-06-18 12:10 - 2025-06-18 12:10 - 000677108 _____ C:\Windows\system32\perfh005.dat
2025-06-18 12:10 - 2025-06-18 12:10 - 000144960 _____ C:\Windows\system32\perfc005.dat
2025-06-18 10:56 - 2025-06-18 10:56 - 000002016 _____ C:\Users\Public\Desktop\ESET Zabezpečené bankovnictví a prohlížení webu.lnk
2025-06-18 10:55 - 2025-06-18 10:55 - 000000000 ____D C:\Users\david\AppData\Local\ESET
2025-06-18 10:55 - 2025-06-18 10:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2025-06-18 10:55 - 2025-06-18 10:55 - 000000000 ____D C:\ProgramData\ESET
2025-06-18 10:55 - 2025-06-18 10:55 - 000000000 ____D C:\Program Files\ESET
2025-06-13 13:55 - 2025-06-17 20:42 - 000004212 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{29C9C97D-9D0C-4060-AB82-367C056F9AC0}
2025-06-13 13:55 - 2025-06-13 13:55 - 000000000 ____D C:\Users\david\AppData\Local\NeoSmart_Technologies
2025-06-11 22:12 - 2025-06-11 22:12 - 000000000 ____D C:\Users\david\AppData\Roaming\Microsoft\HTML Help
2025-06-10 22:08 - 2025-06-18 10:58 - 000000000 ____D C:\Windows\CbsTemp
2025-06-10 21:52 - 2025-06-10 21:52 - 000001555 _____ C:\Windows\system32\DeviceFeatureDDF.json
2025-06-10 21:51 - 2025-06-10 21:51 - 000033224 _____ C:\Windows\SysWOW64\IntegratedServicesRegionPolicySet.json
2025-06-10 21:51 - 2025-06-10 21:51 - 000033224 _____ C:\Windows\system32\IntegratedServicesRegionPolicySet.json
2025-06-10 21:22 - 2025-06-10 22:23 - 000000000 ____D C:\Program Files\Mozilla Firefox
2025-06-07 15:10 - 2025-06-07 15:10 - 000000000 ____D C:\Users\david\AppData\Local\NVIDIA
2025-06-07 09:33 - 2025-06-07 09:33 - 000001657 _____ C:\Users\david\Desktop\World of Tanks EU.lnk
2025-06-07 09:16 - 2025-06-07 09:16 - 000000000 ____D C:\Windows\Microsoft Antimalware
2025-06-06 18:54 - 2025-06-18 12:03 - 000003108 _____ C:\Windows\system32\Tasks\NahimicTask32
2025-06-06 18:54 - 2025-06-18 12:03 - 000003088 _____ C:\Windows\system32\Tasks\NahimicTask64
2025-06-06 18:53 - 2025-01-14 15:30 - 006586192 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICV3apo.dll
2025-06-06 18:53 - 2025-01-14 15:30 - 001910704 _____ (Nahimic) C:\Windows\system32\NahimicService.exe
2025-06-06 18:53 - 2025-01-14 15:30 - 001438128 _____ (Nahimic) C:\Windows\system32\NahimicSvc64.exe
2025-06-06 18:53 - 2025-01-14 15:30 - 001216888 _____ (A-Volute) C:\Windows\system32\NhNotifSys.exe
2025-06-06 18:53 - 2025-01-14 15:30 - 001118128 _____ (Nahimic) C:\Windows\SysWOW64\NahimicSvc32.exe
2025-06-06 18:53 - 2025-01-14 15:30 - 001006456 _____ (A-Volute) C:\Windows\system32\NhNotifSys.dll
2025-06-06 18:53 - 2025-01-14 15:30 - 000805032 _____ (Nahimic) C:\Windows\system32\NAHIMICV3NSControl.dll
2025-06-06 18:53 - 2025-01-14 15:30 - 000780968 _____ (Nahimic) C:\Windows\system32\NAHIMICV3NSControlExpert.dll
2025-06-06 18:53 - 2025-01-14 15:30 - 000534336 _____ (Nahimic) C:\Windows\system32\NahimicAPO3ConfiguratorDaemonModule.dll
2025-06-06 18:53 - 2025-01-14 15:30 - 000526144 _____ (Nahimic) C:\Windows\system32\NahimicAPO4ConfiguratorDaemonModule.dll
2025-06-06 18:53 - 2025-01-14 15:30 - 000526040 _____ (Nahimic) C:\Windows\system32\NahimicPnPAPO4ConfiguratorDaemonModule.dll
2025-06-06 18:53 - 2025-01-14 15:30 - 000146000 _____ (A-Volute) C:\Windows\system32\NahimicSharedMemory.dll
2025-06-06 18:46 - 2025-06-06 18:54 - 000000000 ____D C:\ProgramData\A-Volute
2025-06-06 18:46 - 2025-06-06 18:46 - 000000000 ____D C:\Windows\system32\A-Volute
2025-06-06 18:45 - 2023-03-16 02:02 - 006457176 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2025-06-06 18:44 - 2022-10-03 16:39 - 002880280 _____ (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll
2025-06-06 12:00 - 2025-06-06 18:54 - 000000000 ____D C:\Windows\system32\zh-hant
2025-06-06 12:00 - 2025-06-06 18:54 - 000000000 ____D C:\Windows\system32\zh-hans
2025-06-06 12:00 - 2025-06-06 18:54 - 000000000 ____D C:\ProgramData\NahimicRestoreTool
2025-06-06 12:00 - 2025-06-06 12:00 - 000000000 ____D C:\Users\david\AppData\Local\Nahimic
2025-06-03 11:06 - 2025-06-07 09:33 - 000000000 ____D C:\Games
2025-06-03 11:03 - 2025-06-07 15:09 - 000000000 ____D C:\Users\david\AppData\Roaming\Wargaming.net
2025-06-03 11:03 - 2025-06-07 09:33 - 000000000 ____D C:\Users\david\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wargaming.net
2025-06-03 11:03 - 2025-06-03 11:03 - 000001892 _____ C:\Users\david\Desktop\Game Center.lnk
2025-06-03 11:03 - 2025-06-03 11:03 - 000000000 ____D C:\Users\david\AppData\Local\CEF
2025-06-03 11:01 - 2025-06-03 11:01 - 000000000 ____D C:\ProgramData\Wargaming.net
2025-06-02 22:54 - 2025-06-13 13:58 - 000000000 ____D C:\Windows\pss
2025-06-01 10:56 - 2025-06-01 10:57 - 000000000 ____D C:\Users\david\AppData\Roaming\Anvsoft
2025-06-01 10:56 - 2025-06-01 10:56 - 000001276 _____ C:\Users\david\Desktop\Any Video Converter.lnk
2025-06-01 10:56 - 2025-06-01 10:56 - 000000000 ____D C:\Program Files (x86)\Anvsoft
2025-06-01 10:42 - 2025-06-06 18:53 - 000000000 ____D C:\Users\david\AppData\Local\CrashDumps
2025-06-01 10:42 - 2025-06-01 10:52 - 000000000 ____D C:\Users\david\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Anvsoft
2025-06-01 10:42 - 2025-06-01 10:42 - 000000036 _____ C:\Users\david\AppData\Local\_LOCAL_GUID
2025-06-01 10:42 - 2025-06-01 10:42 - 000000000 ____H C:\Users\david\MJKJRegInfo_JSOIGNLOFVI6W4DODRL5DLLUHYENUXTM
2025-06-01 10:42 - 2025-06-01 10:42 - 000000000 ____D C:\Users\david\Documents\Any Video Converter
2025-06-01 10:42 - 2025-06-01 10:42 - 000000000 ____D C:\Users\david\AppData\Roaming\NVIDIA
2025-06-01 10:42 - 2025-06-01 10:42 - 000000000 ____D C:\Program Files\Anvsoft
2025-06-01 10:40 - 2025-06-01 10:52 - 000000000 ____D C:\Users\david\AppData\Roaming\Any Video Converter
2025-06-01 10:40 - 2025-06-01 10:40 - 000000000 ____D C:\Users\david\AppData\Roaming\com.anvsoft.avc.installer
2025-06-01 10:40 - 2025-06-01 10:40 - 000000000 ____D C:\ProgramData\com.anvsoft.avc.installer
2025-06-01 10:24 - 2025-06-01 10:24 - 000001205 _____ C:\ProgramData\Microsoft\Windows\Start Menu\BS.Player FREE.lnk
2025-06-01 10:24 - 2025-06-01 10:24 - 000001199 _____ C:\Users\Public\Desktop\BS.Player FREE.lnk
2025-06-01 10:24 - 2025-06-01 10:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BS.Player
2025-06-01 10:23 - 2025-06-01 10:24 - 000000000 ____D C:\Users\david\AppData\Roaming\BSplayer
2025-06-01 10:23 - 2025-06-01 10:23 - 000000000 ____D C:\Users\david\AppData\Roaming\BSplayer Pro
2025-06-01 10:23 - 2025-06-01 10:23 - 000000000 ____D C:\Program Files (x86)\Webteh
2025-06-01 10:04 - 2025-06-01 10:04 - 000001963 _____ C:\Users\david\Desktop\IrfanView Thumbnails.lnk
2025-06-01 10:04 - 2025-06-01 10:04 - 000001071 _____ C:\Users\david\Desktop\IrfanView.lnk
2025-06-01 10:04 - 2025-06-01 10:04 - 000000000 ____D C:\Users\david\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView
2025-06-01 10:04 - 2025-06-01 10:04 - 000000000 ____D C:\Users\david\AppData\Roaming\IrfanView
2025-06-01 10:04 - 2025-06-01 10:04 - 000000000 ____D C:\Program Files (x86)\IrfanView
2025-06-01 09:55 - 2025-06-01 09:55 - 000001731 _____ C:\Users\david\Desktop\Smart Switch.lnk
2025-06-01 09:45 - 2024-10-18 04:14 - 000175824 _____ (Samsung Electronics Co., Ltd.) C:\Windows\system32\Drivers\ssudbus2.sys
2025-06-01 09:45 - 2024-10-18 04:14 - 000174264 _____ (Samsung Electronics Co., Ltd.) C:\Windows\system32\Drivers\ssudmdm.sys
2025-06-01 09:44 - 2025-06-01 09:44 - 000000000 ___HD C:\Users\Public\Documents\NativeFus_Log
2025-06-01 09:24 - 2022-01-25 11:29 - 000144664 _____ (MAPILab Ltd. & Add-in Express Ltd.) C:\Windows\SysWOW64\secman.dll
2025-06-01 09:14 - 2025-06-01 09:14 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2025-06-01 09:11 - 2025-06-01 09:44 - 000000000 ____D C:\ProgramData\Samsung
2025-06-01 09:11 - 2025-06-01 09:44 - 000000000 ____D C:\Program Files\Samsung
2025-06-01 09:11 - 2025-06-01 09:33 - 000000000 ____D C:\Users\david\AppData\Roaming\Samsung
2025-06-01 09:11 - 2025-06-01 09:11 - 000000000 ____D C:\Users\david\Samsung
2025-05-31 21:49 - 2025-05-31 21:52 - 000000000 ___HD C:\ProgramData\CanonIJScan
2025-05-31 21:49 - 2025-05-31 21:49 - 000000000 ____D C:\Users\david\AppData\Roaming\Canon
2025-05-31 21:48 - 2025-05-31 21:44 - 000002188 _____ C:\Users\david\Desktop\IJ Scan Utility.lnk
2025-05-31 21:48 - 2025-05-31 21:44 - 000002063 _____ C:\Users\david\Desktop\IJ Printer Assistant Tool.lnk
2025-05-31 21:45 - 2025-05-31 21:45 - 000000242 _____ C:\Users\Public\Desktop\Další informace o vašem zařízení Canon TS3300 series.url
2025-05-31 21:45 - 2025-05-31 21:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Příručka Canon TS3300 series
2025-05-31 21:44 - 2025-05-31 21:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
2025-05-31 21:44 - 2025-05-31 21:44 - 000000000 ___HD C:\ProgramData\CanonBJ
2025-05-31 21:44 - 2025-05-31 21:44 - 000000000 ___HD C:\Program Files\CanonBJ
2025-05-31 21:44 - 2025-05-31 21:44 - 000000000 ____D C:\Program Files\Canon
2025-05-31 21:43 - 2025-06-01 14:52 - 000000000 ____D C:\ProgramData\CanonIJPLM
2025-05-31 21:43 - 2025-05-31 21:45 - 000000000 ____D C:\Program Files (x86)\Canon
2025-05-31 21:43 - 2025-05-31 21:43 - 000000000 ____D C:\ProgramData\Canon
2025-05-31 18:03 - 2025-05-31 18:03 - 000000000 ____D C:\Windows\system32\%userprofile%
2025-05-31 18:02 - 2025-06-15 07:56 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2025-05-31 18:02 - 2025-06-14 09:25 - 000003596 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2920095854-1669752291-3635278505-1001
2025-05-31 18:02 - 2025-06-14 09:25 - 000003194 _____ C:\Windows\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2025-05-31 18:02 - 2025-06-14 09:25 - 000002130 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2025-05-31 17:20 - 2025-05-31 17:20 - 000000000 ____D C:\Users\david\AppData\Roaming\Microsoft\Excel
2025-05-31 17:19 - 2025-06-16 19:18 - 000000000 ____D C:\Users\david\AppData\Roaming\Microsoft\UProof
2025-05-31 17:19 - 2025-05-31 17:19 - 000000000 ____D C:\Users\david\AppData\Roaming\Microsoft\Proof
2025-05-31 17:17 - 2025-05-31 17:20 - 000000000 ____D C:\Users\david\AppData\Roaming\Microsoft\Office
2025-05-31 17:17 - 2025-05-31 17:17 - 000000000 ____D C:\Users\david\AppData\Roaming\Microsoft\Word
2025-05-31 17:17 - 2025-05-31 17:17 - 000000000 ____D C:\Users\david\AppData\Roaming\Microsoft\AddIns
2025-05-31 17:15 - 2025-05-31 17:12 - 000002553 _____ C:\Users\david\Desktop\Word.lnk
2025-05-31 17:15 - 2025-05-31 17:12 - 000002525 _____ C:\Users\david\Desktop\Excel.lnk
2025-05-31 17:14 - 2025-05-31 18:03 - 000000000 ___RD C:\Users\Default\OneDrive
2025-05-31 17:12 - 2025-05-31 17:12 - 000002615 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sticky Notes (new).lnk
2025-05-31 17:12 - 2025-05-31 17:12 - 000002559 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk
2025-05-31 17:12 - 2025-05-31 17:12 - 000002553 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2025-05-31 17:12 - 2025-05-31 17:12 - 000002530 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2025-05-31 17:12 - 2025-05-31 17:12 - 000002525 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2025-05-31 17:12 - 2025-05-31 17:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje Microsoft Office
2025-05-31 17:04 - 2025-06-14 16:21 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2025-05-31 17:04 - 2025-05-31 17:04 - 000000000 ____D C:\Program Files\Microsoft Office 15
2025-05-31 13:29 - 2025-05-31 13:29 - 000000000 ____D C:\Users\david\AppData\Roaming\com.adobe.dunamis
2025-05-31 13:29 - 2025-05-31 13:29 - 000000000 ____D C:\Users\david\AppData\LocalLow\Adobe
2025-05-31 13:29 - 2025-05-31 13:29 - 000000000 ____D C:\Users\david\.ms-ad
2025-05-31 13:29 - 2025-05-31 13:29 - 000000000 ____D C:\ProgramData\Adobe
2025-05-31 13:28 - 2025-06-12 21:02 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader.lnk
2025-05-31 13:28 - 2025-05-31 13:37 - 000004562 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2025-05-31 13:28 - 2025-05-31 13:37 - 000002124 _____ C:\Users\Public\Desktop\Acrobat Reader.lnk
2025-05-31 13:27 - 2025-05-31 13:27 - 000000000 ____D C:\Program Files (x86)\Adobe
2025-05-31 13:24 - 2025-05-31 17:12 - 000000000 ____D C:\Users\david\AppData\Local\Adobe
2025-05-31 11:49 - 2025-06-17 18:55 - 000000000 ____D C:\Program Files\CrystalDiskInfo
2025-05-31 11:49 - 2025-05-31 11:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
2025-05-31 09:51 - 2025-06-06 12:02 - 000002428 _____ C:\Users\david\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Nahimic Companion.lnk
2025-05-31 09:35 - 2025-06-04 11:24 - 000007640 _____ C:\Users\david\AppData\Local\Resmon.ResmonCfg
2025-05-30 19:18 - 2025-05-30 19:18 - 000000000 ____D C:\Users\david\AppData\Local\ToastNotificationManagerCompat
2025-05-30 11:31 - 2025-05-30 11:31 - 000000000 ____D C:\Users\david\AppData\Local\Backup
2025-05-29 20:55 - 2025-06-06 10:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kingston SSD Manager x64
2025-05-29 20:55 - 2025-06-06 10:25 - 000000000 ____D C:\Program Files\Kingston_SSD_Manager
2025-05-29 18:40 - 2025-06-18 12:03 - 001209042 _____ C:\Windows\ntbtlog.txt
2025-05-29 18:40 - 2025-06-18 12:02 - 000000214 _____ C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job
2025-05-29 15:57 - 2025-06-18 12:42 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2025-05-29 15:57 - 2025-05-29 15:57 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2025-05-29 15:57 - 2025-05-29 15:57 - 000000000 ____D C:\Users\david\AppData\Roaming\Mozilla
2025-05-29 15:57 - 2025-05-29 15:57 - 000000000 ____D C:\Users\david\AppData\Local\Mozilla
2025-05-29 15:56 - 2025-06-10 22:23 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2025-05-29 15:56 - 2025-06-10 21:32 - 000001073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2025-05-29 15:56 - 2025-05-29 15:56 - 000002048 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox — anonymní prohlížení.lnk
2025-05-29 15:56 - 2025-05-29 15:56 - 000001061 _____ C:\Users\Public\Desktop\Firefox.lnk
2025-05-29 15:48 - 2025-06-07 20:01 - 000002342 _____ C:\Windows\system32\Tasks\NahimicSvc64Run
2025-05-29 15:48 - 2025-06-07 20:01 - 000002342 _____ C:\Windows\system32\Tasks\NahimicSvc32Run
2025-05-29 15:48 - 2025-05-29 15:48 - 000000000 ____D C:\ProgramData\Nahimic
2025-05-29 15:42 - 2025-05-29 15:42 - 000000000 ____D C:\Windows\system32\AccountHealthAssets
2025-05-29 15:42 - 2025-05-29 15:42 - 000000000 ____D C:\inetpub
2025-05-29 15:34 - 2025-05-29 15:34 - 000070484 _____ C:\Windows\SysWOW64\ctac.json
2025-05-29 15:34 - 2025-05-29 15:34 - 000070484 _____ C:\Windows\system32\ctac.json
2025-05-29 15:04 - 2025-05-29 15:04 - 000000000 ____D C:\Users\david\AppData\Local\Comms
2025-05-29 14:59 - 2025-06-11 09:30 - 000000000 ____D C:\Users\david\Documents\AVerTV
2025-05-29 14:58 - 2025-05-29 15:04 - 000000000 ____D C:\ProgramData\AVerTV 3D
2025-05-29 14:58 - 2025-05-29 14:58 - 000000000 ____D C:\Windows\Driver Cache
2025-05-29 14:57 - 2025-05-29 14:57 - 000002113 _____ C:\Users\Public\Desktop\AVerTV 3D.lnk
2025-05-29 14:57 - 2025-05-29 14:57 - 000000000 ____D C:\Users\david\AppData\Local\AVerMedia
2025-05-29 14:57 - 2025-05-29 14:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVerMedia
2025-05-29 14:56 - 2015-12-14 16:39 - 000194560 _____ (AVerMedia Technologies, Inc.) C:\Windows\SysWOW64\CardID.dll
2025-05-29 14:55 - 2025-05-29 14:58 - 000000000 ____D C:\Program Files (x86)\AVerMedia
2025-05-29 14:55 - 2017-08-22 10:32 - 000169984 _____ (TODO: <Company name>) C:\Windows\SysWOW64\amalib25.dll
2025-05-29 14:55 - 2017-05-24 09:24 - 024942592 _____ (FFmpeg Project) C:\Windows\SysWOW64\avcodec-57.dll
2025-05-29 14:55 - 2017-05-24 09:24 - 000684544 _____ (FFmpeg Project) C:\Windows\SysWOW64\avutil-55.dll
2025-05-29 14:55 - 2017-05-24 09:24 - 000511488 _____ (FFmpeg Project) C:\Windows\SysWOW64\swscale-4.dll
2025-05-29 14:55 - 2017-05-24 09:24 - 000294400 _____ (FFmpeg Project) C:\Windows\SysWOW64\swresample-2.dll
2025-05-29 14:55 - 2016-06-23 15:32 - 000327680 _____ C:\Windows\SysWOW64\libde265.dll
2025-05-29 14:55 - 2016-02-03 17:42 - 000651264 _____ C:\Windows\SysWOW64\sptlib21.dll
2025-05-29 14:55 - 2015-11-03 17:08 - 000205824 _____ (AVerMedia Technologies Inc.) C:\Windows\SysWOW64\VideoEncoderPL.dll
2025-05-29 14:55 - 2015-10-26 15:29 - 000151552 _____ C:\Windows\SysWOW64\sptlib26.dll
2025-05-29 14:55 - 2015-06-03 22:28 - 000294912 _____ C:\Windows\SysWOW64\sptlib11.dll
2025-05-29 14:55 - 2015-03-05 13:35 - 001622787 _____ (x264 project) C:\Windows\SysWOW64\core.dll
2025-05-29 14:55 - 2013-10-30 13:58 - 000307200 _____ C:\Windows\SysWOW64\sptlib03.dll
2025-05-29 14:55 - 2013-10-30 13:57 - 000311296 _____ C:\Windows\SysWOW64\sptlib01.dll
2025-05-29 14:55 - 2013-05-29 18:15 - 000462848 _____ C:\Windows\SysWOW64\sptlib12.dll
2025-05-29 14:55 - 2011-07-28 15:42 - 000307200 _____ C:\Windows\SysWOW64\sptlib22.dll
2025-05-29 14:55 - 2011-06-01 11:56 - 000421888 _____ C:\Windows\SysWOW64\sptlib02.dll
2025-05-29 14:55 - 2007-12-26 13:37 - 000045056 _____ (Open Source Software community project) C:\Windows\SysWOW64\pthreadVC.dll
2025-05-29 14:53 - 2025-05-29 14:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2025-05-29 14:53 - 2025-05-29 14:53 - 000000000 ____D C:\Program Files\7-Zip
2025-05-29 14:39 - 2025-05-29 14:39 - 000000000 ____D C:\Users\david\AppData\Local\OneDrive
2025-05-29 14:32 - 2025-06-12 12:02 - 000000000 ____D C:\Windows\system32\MRT
2025-05-29 14:31 - 2025-06-03 10:01 - 000000000 ____D C:\Windows\Panther
2025-05-29 14:21 - 2025-05-29 14:21 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2025-05-29 14:20 - 2025-05-29 14:20 - 000000000 ____D C:\Windows\system32\Drivers\NVIDIA Corporation
2025-05-29 14:18 - 2024-12-04 03:11 - 000125048 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2025-05-29 14:17 - 2024-12-04 20:05 - 002060664 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe
2025-05-29 14:17 - 2024-12-04 20:05 - 002060664 _____ C:\Windows\system32\vulkaninfo.exe
2025-05-29 14:17 - 2024-12-04 20:05 - 001600376 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2025-05-29 14:17 - 2024-12-04 20:05 - 001600376 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2025-05-29 14:17 - 2024-12-04 20:05 - 001452432 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll
2025-05-29 14:17 - 2024-12-04 20:05 - 001452432 _____ C:\Windows\system32\vulkan-1.dll
2025-05-29 14:17 - 2024-12-04 20:05 - 001301880 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll
2025-05-29 14:17 - 2024-12-04 20:05 - 001301880 _____ C:\Windows\SysWOW64\vulkan-1.dll
2025-05-29 14:17 - 2024-12-04 20:05 - 000478384 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2025-05-29 14:17 - 2024-12-04 20:05 - 000374432 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2025-05-29 14:17 - 2024-12-04 20:02 - 001114792 _____ (NVIDIA Corporation) C:\Windows\system32\nvml.dll
2025-05-29 14:17 - 2024-12-04 20:02 - 000670352 _____ (NVIDIA Corporation) C:\Windows\system32\nvofapi64.dll
2025-05-29 14:17 - 2024-12-04 20:02 - 000505504 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvofapi.dll
2025-05-29 14:17 - 2024-12-04 20:01 - 025450120 _____ C:\Windows\system32\nvidia-pcc.exe
2025-05-29 14:17 - 2024-12-04 20:01 - 001554608 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2025-05-29 14:17 - 2024-12-04 20:01 - 001208992 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2025-05-29 14:17 - 2024-12-04 20:01 - 000863888 _____ (NVIDIA Corporation) C:\Windows\system32\nvidia-smi.exe
2025-05-29 14:17 - 2024-12-04 20:00 - 016811696 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2025-05-29 14:17 - 2024-12-04 20:00 - 002185360 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2025-05-29 14:17 - 2024-12-04 20:00 - 001634464 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2025-05-29 14:17 - 2024-12-04 20:00 - 001042072 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2025-05-29 14:17 - 2024-12-04 20:00 - 000801432 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2025-05-29 14:17 - 2024-12-04 20:00 - 000462480 _____ (NVIDIA Corporation) C:\Windows\system32\nvdebugdump.exe
2025-05-29 14:17 - 2024-12-04 19:59 - 017736840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2025-05-29 14:17 - 2024-12-04 19:59 - 006953104 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2025-05-29 14:17 - 2024-12-04 19:59 - 005909664 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2025-05-29 14:17 - 2024-12-04 19:59 - 005435544 _____ (NVIDIA Corporation) C:\Windows\system32\nvcudadebugger.dll
2025-05-29 14:17 - 2024-12-04 19:59 - 003807888 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2025-05-29 14:17 - 2024-12-04 19:59 - 000853680 _____ (NVIDIA Corporation) C:\Windows\system32\MCU.exe
2025-05-29 14:17 - 2024-12-04 19:58 - 007158560 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2025-05-29 14:17 - 2024-12-04 19:58 - 006236264 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2025-05-29 14:17 - 2024-12-04 03:11 - 000132703 _____ C:\Windows\system32\nvinfo.pb
2025-05-29 14:15 - 2025-05-31 09:51 - 000000000 ____D C:\Users\david\AppData\Local\NhNotifSys
2025-05-29 14:13 - 2025-06-06 18:45 - 000000000 ___HD C:\Program Files (x86)\Temp
2025-05-29 14:11 - 2025-05-29 14:11 - 000000000 ____D C:\Users\david\AppData\Roaming\AMD
2025-05-29 14:11 - 2025-05-29 14:11 - 000000000 ____D C:\Program Files (x86)\AMD
2025-05-29 14:11 - 2025-05-29 14:11 - 000000000 ____D C:\AMD
2025-05-29 14:08 - 2025-06-06 18:45 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2025-05-29 14:08 - 2025-06-06 18:45 - 000000000 ____D C:\Program Files (x86)\Realtek
2025-05-29 14:08 - 2025-03-18 00:44 - 001406440 _____ (Realtek ) C:\Windows\system32\Drivers\rt640x64.sys
2025-05-29 14:05 - 2025-05-29 14:19 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2025-05-29 14:02 - 2025-06-14 14:13 - 000000000 ____D C:\MSI
2025-05-29 14:02 - 2025-05-29 14:02 - 000000000 ____D C:\Users\david\AppData\Local\Downloaded Installations
2025-05-29 14:02 - 2022-05-16 17:23 - 000013576 _____ (Windows (R) Win 7 DDK provider) C:\Windows\acpimof.dll
2025-05-29 14:01 - 2025-06-18 12:03 - 000000000 ____D C:\ProgramData\NVIDIA
2025-05-29 14:01 - 2025-06-14 14:13 - 000000000 ____D C:\Program Files (x86)\MSI
2025-05-29 14:01 - 2025-05-29 20:51 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2025-05-29 14:01 - 2025-05-29 14:21 - 000000000 ____D C:\Users\david\AppData\LocalLow\NVIDIA
2025-05-29 14:01 - 2025-05-29 14:01 - 000000000 ____D C:\ProgramData\Package Cache
2025-05-29 13:59 - 2025-05-29 14:03 - 000000000 ____D C:\ProgramData\MSI
2025-05-29 13:54 - 2025-06-07 20:01 - 000000000 ____D C:\Users\david\AppData\Roaming\Microsoft\MMC
2025-05-29 13:53 - 2025-05-29 13:53 - 000000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_amdpsp_01011.Wdf
2025-05-29 13:51 - 2025-06-14 09:25 - 000003552 _____ C:\Windows\system32\Tasks\OneDrive Startup Task-S-1-5-21-2920095854-1669752291-3635278505-1001
2025-05-29 13:51 - 2025-05-29 13:51 - 000000000 ___HD C:\OneDriveTemp
2025-05-29 13:50 - 2025-06-18 12:04 - 000000000 ___RD C:\Users\david\OneDrive
2025-05-29 13:50 - 2025-05-29 14:51 - 000000000 ____D C:\Users\david\AppData\Local\Publishers
2025-05-29 13:50 - 2025-05-29 13:50 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2025-05-29 13:47 - 2025-06-18 11:30 - 000000000 ____D C:\Users\david\AppData\Local\D3DSCache
2025-05-29 13:46 - 2025-06-18 12:04 - 000000000 ____D C:\Users\david\AppData\Local\Packages
2025-05-29 13:46 - 2025-05-31 13:29 - 000000000 ____D C:\Users\david\AppData\Roaming\Adobe
2025-05-29 13:46 - 2025-05-29 14:59 - 000000000 ____D C:\Users\david\AppData\Local\VirtualStore
2025-05-29 13:46 - 2025-05-29 13:50 - 000000000 __RHD C:\Users\Public\AccountPictures
2025-05-29 13:46 - 2025-05-29 13:46 - 000000000 ___SD C:\Users\david\AppData\Roaming\Microsoft\Crypto
2025-05-29 13:46 - 2025-05-29 13:46 - 000000000 ____D C:\Users\david\AppData\Roaming\Microsoft\Vault
2025-05-29 13:46 - 2025-05-29 13:46 - 000000000 ____D C:\Users\david\AppData\Local\ConnectedDevicesPlatform
2025-05-29 13:45 - 2025-06-06 18:54 - 000000000 ____D C:\Users\david\AppData\Local\PlaceholderTileLogoFolder
2025-05-29 13:45 - 2025-05-29 13:45 - 000000000 ____D C:\Users\david\AppData\Roaming\Microsoft\Network
2025-05-29 13:41 - 2025-06-18 12:10 - 001603790 _____ C:\Windows\system32\PerfStringBackup.INI
2025-05-29 13:41 - 2025-05-29 13:41 - 000000000 ___SD C:\Users\david\AppData\Roaming\Microsoft\SystemCertificates
2025-05-29 13:40 - 2025-06-17 14:33 - 000000000 ____D C:\Users\david
2025-05-29 13:40 - 2025-05-29 14:37 - 000000000 ____D C:\Users\david\AppData\Roaming\Microsoft\Spelling
2025-05-29 13:40 - 2025-05-29 13:47 - 000000000 ____D C:\Users\david\AppData\Roaming\Microsoft\Windows
2025-05-29 13:40 - 2025-05-29 13:40 - 000000020 ___SH C:\Users\david\ntuser.ini
2025-05-29 13:40 - 2025-05-29 13:40 - 000000000 _SHDL C:\Users\david\Šablony
2025-05-29 13:40 - 2025-05-29 13:40 - 000000000 _SHDL C:\Users\david\Soubory cookie
2025-05-29 13:40 - 2025-05-29 13:40 - 000000000 _SHDL C:\Users\david\Poslední
2025-05-29 13:40 - 2025-05-29 13:40 - 000000000 _SHDL C:\Users\david\Okolní tiskárny
2025-05-29 13:40 - 2025-05-29 13:40 - 000000000 _SHDL C:\Users\david\Okolní síť
2025-05-29 13:40 - 2025-05-29 13:40 - 000000000 _SHDL C:\Users\david\Nabídka Start
2025-05-29 13:40 - 2025-05-29 13:40 - 000000000 _SHDL C:\Users\david\Dokumenty
2025-05-29 13:40 - 2025-05-29 13:40 - 000000000 _SHDL C:\Users\david\Documents\Obrázky
2025-05-29 13:40 - 2025-05-29 13:40 - 000000000 _SHDL C:\Users\david\Documents\Hudba
2025-05-29 13:40 - 2025-05-29 13:40 - 000000000 _SHDL C:\Users\david\Documents\Filmy
2025-05-29 13:40 - 2025-05-29 13:40 - 000000000 _SHDL C:\Users\david\Data aplikací
2025-05-29 13:40 - 2025-05-29 13:40 - 000000000 _SHDL C:\Users\david\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2025-05-29 13:40 - 2025-05-29 13:40 - 000000000 _SHDL C:\Users\david\AppData\Local\Data aplikací
2025-05-29 13:40 - 2025-05-29 13:40 - 000000000 ___SD C:\Users\david\AppData\Roaming\Microsoft\Protect
2025-05-29 13:40 - 2025-05-29 13:40 - 000000000 ___SD C:\Users\david\AppData\Roaming\Microsoft\Credentials
2025-05-29 13:34 - 2025-06-18 12:04 - 000000000 ____D C:\ProgramData\Packages
2025-05-29 13:34 - 2025-05-29 13:34 - 000000000 _SHDL C:\Users\Public\Documents\Obrázky
2025-05-29 13:34 - 2025-05-29 13:34 - 000000000 _SHDL C:\Users\Public\Documents\Hudba
2025-05-29 13:34 - 2025-05-29 13:34 - 000000000 _SHDL C:\Users\Public\Documents\Filmy
2025-05-29 13:34 - 2025-05-29 13:34 - 000000000 _SHDL C:\Users\Default\Šablony
2025-05-29 13:34 - 2025-05-29 13:34 - 000000000 _SHDL C:\Users\Default\Soubory cookie
2025-05-29 13:34 - 2025-05-29 13:34 - 000000000 _SHDL C:\Users\Default\Poslední
2025-05-29 13:34 - 2025-05-29 13:34 - 000000000 _SHDL C:\Users\Default\Okolní tiskárny
2025-05-29 13:34 - 2025-05-29 13:34 - 000000000 _SHDL C:\Users\Default\Okolní síť
2025-05-29 13:34 - 2025-05-29 13:34 - 000000000 _SHDL C:\Users\Default\Nabídka Start
2025-05-29 13:34 - 2025-05-29 13:34 - 000000000 _SHDL C:\Users\Default\Dokumenty
2025-05-29 13:34 - 2025-05-29 13:34 - 000000000 _SHDL C:\Users\Default\Documents\Obrázky
2025-05-29 13:34 - 2025-05-29 13:34 - 000000000 _SHDL C:\Users\Default\Documents\Hudba
2025-05-29 13:34 - 2025-05-29 13:34 - 000000000 _SHDL C:\Users\Default\Documents\Filmy
2025-05-29 13:34 - 2025-05-29 13:34 - 000000000 _SHDL C:\Users\Default\Data aplikací
2025-05-29 13:34 - 2025-05-29 13:34 - 000000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2025-05-29 13:34 - 2025-05-29 13:34 - 000000000 _SHDL C:\Users\Default\AppData\Local\Data aplikací
2025-05-29 13:34 - 2025-05-29 13:34 - 000000000 _SHDL C:\ProgramData\Šablony
2025-05-29 13:34 - 2025-05-29 13:34 - 000000000 _SHDL C:\ProgramData\Plocha
2025-05-29 13:34 - 2025-05-29 13:34 - 000000000 _SHDL C:\ProgramData\Nabídka Start
2025-05-29 13:34 - 2025-05-29 13:34 - 000000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programy
2025-05-29 13:34 - 2025-05-29 13:34 - 000000000 _SHDL C:\ProgramData\Dokumenty
2025-05-29 13:34 - 2025-05-29 13:34 - 000000000 _SHDL C:\ProgramData\Data aplikací
2025-05-29 13:34 - 2025-05-29 13:34 - 000000000 _SHDL C:\Documents and Settings
2025-05-29 13:32 - 2025-06-18 12:03 - 000012288 ___SH C:\DumpStack.log.tmp
2025-05-29 13:32 - 2025-06-18 12:03 - 000011534 _____ C:\Windows\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2
2025-05-29 13:32 - 2025-06-18 12:03 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2025-05-29 13:32 - 2025-06-18 10:24 - 000000000 ____D C:\Windows\system32\SleepStudy
2025-05-29 13:32 - 2025-06-15 19:47 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2025-05-29 13:32 - 2025-06-15 19:47 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2025-05-29 13:32 - 2025-06-13 08:19 - 000000000 ____D C:\Windows\system32\Drivers\wd
2025-05-29 13:32 - 2025-06-10 22:23 - 000344008 _____ C:\Windows\system32\FNTCACHE.DAT
2025-05-29 13:32 - 2025-05-29 13:34 - 000003716 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA{01B088DA-A62B-4A48-BD8A-07CB154CA3F6}
2025-05-29 13:32 - 2025-05-29 13:34 - 000003590 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore{6CF29DA0-3906-413B-B017-6557F6DCB4DD}
2025-05-29 13:32 - 2025-05-29 13:32 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2025-05-29 13:32 - 2025-05-29 13:32 - 000000000 ____D C:\Windows\system32\config\BFS
2025-05-29 13:32 - 2025-05-29 13:32 - 000000000 ____D C:\Windows\ServiceProfiles
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2025-06-18 12:41 - 2024-04-01 09:26 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2025-06-18 12:20 - 2024-04-01 09:26 - 000000000 ____D C:\Windows\AppReadiness
2025-06-18 12:13 - 2024-04-01 09:26 - 000000000 ____D C:\Windows\SystemTemp
2025-06-18 12:10 - 2024-04-01 09:24 - 000000000 ____D C:\Windows\INF
2025-06-18 12:04 - 2024-04-01 09:26 - 000000000 ___HD C:\Program Files\WindowsApps
2025-06-18 12:03 - 2024-04-01 09:21 - 000524288 _____ C:\Windows\system32\config\BBI
2025-06-18 10:55 - 2024-04-01 09:26 - 000000000 ___HD C:\Windows\ELAMBKUP
2025-06-10 22:22 - 2024-04-01 18:30 - 000000000 ____D C:\Windows\system32\Microsoft-Edge-WebView
2025-06-10 22:22 - 2024-04-01 09:26 - 000000000 ___SD C:\Windows\SysWOW64\F12
2025-06-10 22:22 - 2024-04-01 09:26 - 000000000 ___SD C:\Windows\system32\F12
2025-06-10 22:22 - 2024-04-01 09:26 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2025-06-10 22:22 - 2024-04-01 09:26 - 000000000 ___RD C:\Program Files\Windows Defender
2025-06-10 22:22 - 2024-04-01 09:26 - 000000000 ____D C:\Windows\UUS
2025-06-10 22:22 - 2024-04-01 09:26 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata
2025-06-10 22:22 - 2024-04-01 09:26 - 000000000 ____D C:\Windows\SysWOW64\setup
2025-06-10 22:22 - 2024-04-01 09:26 - 000000000 ____D C:\Windows\SysWOW64\migwiz
2025-06-10 22:22 - 2024-04-01 09:26 - 000000000 ____D C:\Windows\SysWOW64\Dism
2025-06-10 22:22 - 2024-04-01 09:26 - 000000000 ____D C:\Windows\SysWOW64\Com
2025-06-10 22:22 - 2024-04-01 09:26 - 000000000 ____D C:\Windows\SystemResources
2025-06-10 22:22 - 2024-04-01 09:26 - 000000000 ____D C:\Windows\system32\WinMetadata
2025-06-10 22:22 - 2024-04-01 09:26 - 000000000 ____D C:\Windows\system32\ShellExperiences
2025-06-10 22:22 - 2024-04-01 09:26 - 000000000 ____D C:\Windows\system32\setup
2025-06-10 22:22 - 2024-04-01 09:26 - 000000000 ____D C:\Windows\system32\SecureBootUpdates
2025-06-10 22:22 - 2024-04-01 09:26 - 000000000 ____D C:\Windows\system32\oobe
2025-06-10 22:22 - 2024-04-01 09:26 - 000000000 ____D C:\Windows\system32\migwiz
2025-06-10 22:22 - 2024-04-01 09:26 - 000000000 ____D C:\Windows\system32\Dism
2025-06-10 22:22 - 2024-04-01 09:26 - 000000000 ____D C:\Windows\system32\DDFs
2025-06-10 22:22 - 2024-04-01 09:26 - 000000000 ____D C:\Windows\system32\Com
2025-06-10 22:22 - 2024-04-01 09:26 - 000000000 ____D C:\Windows\system32\appraiser
2025-06-10 22:22 - 2024-04-01 09:26 - 000000000 ____D C:\Windows\ShellExperiences
2025-06-10 22:22 - 2024-04-01 09:26 - 000000000 ____D C:\Windows\ShellComponents
2025-06-10 22:22 - 2024-04-01 09:26 - 000000000 ____D C:\Windows\PolicyDefinitions
2025-06-10 22:22 - 2024-04-01 09:26 - 000000000 ____D C:\Windows\BrowserCore
2025-06-10 22:22 - 2024-04-01 09:26 - 000000000 ____D C:\Windows\bcastdvr
2025-05-31 21:44 - 2024-04-01 09:26 - 000000000 __RSD C:\Windows\Media
2025-05-31 17:04 - 2024-04-01 09:26 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2025-05-31 09:57 - 2023-12-24 20:09 - 000000000 ____D C:\Users\david\Documents\Nokia Suite
2025-05-31 09:57 - 2023-12-24 20:09 - 000000000 ____D C:\Users\david\Documents\HiSuite
2025-05-30 08:20 - 2024-04-01 09:26 - 000000000 ____D C:\Windows\appcompat
2025-05-29 15:42 - 2024-10-05 02:19 - 000000000 ____D C:\Windows\InboxApps
2025-05-29 15:42 - 2024-04-01 18:31 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2025-05-29 15:42 - 2024-04-01 18:31 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2025-05-29 15:42 - 2024-04-01 18:30 - 000000000 ____D C:\Windows\system32\OpenSSH
2025-05-29 15:42 - 2024-04-01 09:26 - 000000000 ____D C:\Windows\SysWOW64\PerceptionSimulation
2025-05-29 15:42 - 2024-04-01 09:26 - 000000000 ____D C:\Windows\SysWOW64\oobe
2025-05-29 15:42 - 2024-04-01 09:26 - 000000000 ____D C:\Windows\SysWOW64\AdvancedInstallers
2025-05-29 15:42 - 2024-04-01 09:26 - 000000000 ____D C:\Windows\SystemApps
2025-05-29 15:42 - 2024-04-01 09:26 - 000000000 ____D C:\Windows\system32\WinBioPlugIns
2025-05-29 15:42 - 2024-04-01 09:26 - 000000000 ____D C:\Windows\system32\PerceptionSimulation
2025-05-29 15:42 - 2024-04-01 09:26 - 000000000 ____D C:\Windows\system32\HealthAttestationClient
2025-05-29 15:42 - 2024-04-01 09:26 - 000000000 ____D C:\Windows\system32\AdvancedInstallers
2025-05-29 15:42 - 2024-04-01 09:26 - 000000000 ____D C:\Windows\Provisioning
2025-05-29 15:42 - 2024-04-01 09:26 - 000000000 ____D C:\ProgramData\USOPrivate
2025-05-29 15:42 - 2024-04-01 09:26 - 000000000 ____D C:\Program Files\Common Files\System
2025-05-29 15:42 - 2024-04-01 09:21 - 000000000 ____D C:\Windows\servicing
2025-05-29 15:40 - 2024-04-01 09:26 - 000282624 _____ (Microsoft Corporation) C:\Windows\system32\msclmd.dll
2025-05-29 14:40 - 2024-04-01 09:26 - 000000000 ____D C:\Windows\system32\SecurityHealth
2025-05-29 14:32 - 2024-04-01 09:21 - 000032768 _____ C:\Windows\system32\config\ELAM
2025-05-29 14:31 - 2024-04-01 09:26 - 000028672 _____ C:\Windows\system32\config\BCD-Template
2025-05-29 14:10 - 2024-04-01 09:26 - 000000000 ____D C:\Windows\OCR
2025-05-29 13:36 - 2024-04-01 09:26 - 000000000 ____D C:\Windows\system32\AppLocker
2025-05-29 13:35 - 2024-04-01 09:26 - 000000000 ____D C:\Windows\system32\spool
2025-05-29 13:34 - 2024-04-01 09:26 - 000000000 ____D C:\Windows\system32\WinBioDatabase
2025-05-29 13:34 - 2024-04-01 09:26 - 000000000 ____D C:\Windows\ServiceState
2025-05-29 13:34 - 2024-04-01 09:26 - 000000000 ____D C:\Program Files\Windows NT
2025-05-29 13:32 - 2024-04-01 09:26 - 000000000 ____D C:\Windows\system32\Drivers\DriverData
==================== Files in the root of some directories ========
2025-05-31 09:35 - 2025-06-04 11:24 - 000007640 _____ () C:\Users\david\AppData\Local\Resmon.ResmonCfg
2025-06-01 10:42 - 2025-06-01 10:42 - 000000036 _____ () C:\Users\david\AppData\Local\_LOCAL_GUID
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07-06-2025
Ran by david (18-06-2025 12:51:06)
Running from C:\Users\david\Desktop
Microsoft Windows 11 Home Version 24H2 26100.4349 (X64) (2025-05-29 11:34:17)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-2920095854-1669752291-3635278505-500 - Administrator - Disabled)
david (S-1-5-21-2920095854-1669752291-3635278505-1001 - Administrator - Enabled) => C:\Users\david
DefaultAccount (S-1-5-21-2920095854-1669752291-3635278505-503 - Limited - Disabled)
Guest (S-1-5-21-2920095854-1669752291-3635278505-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-2920095854-1669752291-3635278505-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Security (Enabled - Up to date) {26E0861C-6FB9-CEF9-E4F0-531986211ACE}
FW: ESET Firewall (Enabled) {1EDB0739-25D6-CFA1-CFAF-FA2C78F25DB5}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 24.09 (x64) (HKLM\...\7-Zip) (Version: 24.09 - Igor Pavlov)
Adobe Acrobat Reader - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 25.001.20531 - Adobe Systems Incorporated)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601110}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
AMD GPIO2 Driver (HKLM-x32\...\{E9DD399F-21A3-479E-A7DF-D6CF4B2ADBF3}) (Version: 2.2.0.133 - Advanced Micro Devices, Inc.) Hidden
AMD Chipset Software (HKLM-x32\...\AMD_Chipset_IODrivers) (Version: 6.10.22.027 - Advanced Micro Devices, Inc.)
AMD PCI Driver (HKLM-x32\...\{80EC3CEE-2940-42A1-A776-B5D810D39F1E}) (Version: 1.0.0.90 - Advanced Micro Devices, Inc.) Hidden
AMD PSP Driver (HKLM-x32\...\{988F14B8-79A8-475D-BAC7-83F96AD3D821}) (Version: 5.30.0.0 - Advanced Micro Devices, Inc.) Hidden
AMD Ryzen Balanced Driver (HKLM-x32\...\{A171D320-C42C-4F3B-A2D8-C6A09F6788CC}) (Version: 8.0.0.13 - Advanced Micro Devices, Inc.) Hidden
AMD SBxxx SMBus Driver (HKLM-x32\...\{AAE0E27D-C88A-49BA-8715-77ADCD4286A3}) (Version: 5.12.0.44 - Advanced Micro Devices, Inc.) Hidden
AMD_Chipset_Drivers (HKLM-x32\...\{8d13ff58-77bd-4c18-a602-acd72ef0a328}) (Version: 6.10.22.027 - Advanced Micro Devices, Inc.) Hidden
Any Video Converter 7.1.7 (HKLM-x32\...\Any Video Converter) (Version: 7.1.7 - Anvsoft)
AVerMedia TD310 USB Pure DVB-T/T2/C 14.7.64.18 (HKLM-x32\...\AVerMedia TD310 USB Pure DVB-T/T2/C) (Version: 14.7.64.18 - AVerMedia TECHNOLOGIES, Inc.)
AVerTV 3D (HKLM-x32\...\InstallShield_{5016185F-05AF-455F-AA70-6B6E5D6D4E70}) (Version: 6.9.1.18.17080805-GA - AVerMedia Technologies, Inc.)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.78.1094 - AB Team, d.o.o.)
Canon IJ Printer Assistant Tool (HKLM-x32\...\Canon IJ Printer Assistant Tool) (Version: 1.90.3.36 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.5.5.3 - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 6.6.0 - Canon Inc.)
Canon TS3300 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_TS3300_series) (Version: 1.04 - Canon Inc.)
CrystalDiskInfo 9.6.3 (HKLM\...\CrystalDiskInfo_is1) (Version: 9.6.3 - Crystal Dew World)
ESET Security (HKLM\...\{0F3CB7F7-E580-4E9D-BC90-58BF9A860742}) (Version: 18.1.13.0 - ESET, spol. s r.o.)
IrfanView 4.70 (32-bit) (HKLM-x32\...\IrfanView) (Version: 4.70 - Irfan Skiljan)
Kingston SSD Manager x64 1.5.5.5 (HKLM-x32\...\{53F657CD-C4FC-4DCD-826E-6862917532AC}_is1) (Version: 1.5.5.5 - @2021 Kingston Digital, Inc.)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 137.0.3296.83 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 137.0.3296.83 - Microsoft Corporation) Hidden
Microsoft Office 2019 pro studenty a domácnosti - cs-cz (HKLM\...\HomeStudent2019Retail - cs-cz) (Version: 16.0.18827.20150 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 25.095.0518.0002 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.36.32532 (HKLM-x32\...\{8bdfe669-9705-4184-9368-db9ce581e0e7}) (Version: 14.36.32532.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.36.32532 (HKLM-x32\...\{410c0ee1-00bb-41b6-9772-e12c2828b02f}) (Version: 14.36.32532.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.36.32532 (HKLM\...\{0025DD72-A959-45B5-A0A3-7EFEB15A8050}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.36.32532 (HKLM\...\{D5D19E2F-7189-42FE-8103-92CD1FA457C2}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.36.32532 (HKLM-x32\...\{C2C59CAB-8766-4ABD-A8EF-1151A36C41E5}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.36.32532 (HKLM-x32\...\{73F77E4E-5A17-46E5-A5FC-8A061047725F}) (Version: 14.36.32532 - Microsoft Corporation) Hidden
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 139.0.4 (x64 cs)) (Version: 139.0.4 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 139.0 - Mozilla)
NVIDIA Ovladač HD audia 1.4.2.6 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.4.2.6 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 566.36 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 566.36 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.23.1019 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.23.1019 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.18827.20102 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.18827.20102 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.18827.20150 - Microsoft Corporation) Hidden
Promontory_GPIO Driver (HKLM-x32\...\{B5512BCC-F4CD-4159-86A4-B2AD7D38FFA9}) (Version: 3.0.3.0 - Advanced Micro Devices, Inc.) Hidden
Realtek Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9492.1 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.74.1128.2024 - Realtek)
Registrace tiskárny (HKLM-x32\...\Canon EISRegistration) (Version: 1.9.2 - Canon Inc.)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.9.0.0 - Samsung Electronics Co., Ltd.)
Smart Switch Service (HKLM\...\{BCCC9A14-BFE6-4D35-8F44-D1AC9C89E626}) (Version: 5.0.24.0 - Samsung Electronics Co., Ltd.)
Wargaming.net Game Center (HKU\S-1-5-21-2920095854-1669752291-3635278505-1001\...\Wargaming.net Game Center) (Version: 25.2.0.9224 - Wargaming.net)
World of Tanks EU (HKU\S-1-5-21-2920095854-1669752291-3635278505-1001\...\2314027414) (Version: - Wargaming.net)
Packages:
=========
@{MicrosoftWindows.Client.CoreAI_1000.26100.4061.0_x64__cw5n1h2txyewy?ms-resource://MicrosoftWindows.Client.CoreAI/AIXHost/ClickToDo/AppDisplayName} -> C:\Windows\SystemApps\MicrosoftWindows.Client.CoreAI_cw5n1h2txyewy [2025-06-10] (Microsoft Windows)
Akce kliknutím (náhled) -> C:\Windows\SystemApps\MicrosoftWindows.Client.CoreAI_cw5n1h2txyewy [2025-06-10] (Microsoft Windows)
Balíček prostředí funkcí systému Windows -> C:\Windows\SystemApps\SxS\MicrosoftWindows.54792954.Filons_cw5n1h2txyewy [2025-06-10] (Microsoft Windows)
Balíček prostředí funkcí systému Windows -> C:\Windows\SystemApps\SxS\MicrosoftWindows.56978801.Voiess_cw5n1h2txyewy [2025-06-10] (Microsoft Windows)
Balíček prostředí funkcí systému Windows -> C:\Windows\SystemApps\SxS\MicrosoftWindows.57058570.Speion_cw5n1h2txyewy [2025-06-10] (Microsoft Windows)
Balíček prostředí funkcí systému Windows -> C:\Windows\SystemApps\SxS\MicrosoftWindows.57074914.Livtop_cw5n1h2txyewy [2025-06-10] (Microsoft Windows)
ESET Context Menu -> C:\Program Files\ESET\ESET Security [2025-06-18] (Sparse Package)
Microsoft Family -> C:\Program Files\WindowsApps\MicrosoftCorporationII.MicrosoftFamily_0.2.40.0_x64__8wekyb3d8bbwe [2025-05-30] (Microsoft Corp.)
Microsoft.Edge.GameAssist -> C:\Program Files\WindowsApps\Microsoft.Edge.GameAssist_1.0.3336.0_x64__8wekyb3d8bbwe [2025-06-05] (Microsoft Corporation)
Microsoft.HEVCVideoExtensions -> C:\Program Files\WindowsApps\Microsoft.HEVCVideoExtensions_2.4.1.0_x64__8wekyb3d8bbwe [2025-05-30] (Microsoft Corporation)
Microsoft.StartExperiencesApp -> C:\Program Files\WindowsApps\Microsoft.StartExperiencesApp_1.41.3.0_x64__8wekyb3d8bbwe [2025-06-10] (Microsoft Corporation)
Nahimic -> C:\Program Files\WindowsApps\A-Volute.Nahimic_1.10.5.0_x64__w2gh52qy24etm [2025-06-06] (A-Volute)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.968.0_x64__56jybvy8sckqj [2025-06-11] (NVIDIA Corp.)
OfficePushNotificationsUtility -> C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16 [2025-06-14] ()
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.1.137.0_x64__dt26b99r8h8gj [2025-05-29] (Realtek Semiconductor Corp)
Samsung SmartSwitch -> C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCO.LTD.SamsungSmartSwitch_5.0.24.0_x64__3c1yjt4zspk6g [2025-06-01] (Samsung Electronics Co. Ltd.)
SpotifyAB.SpotifyMusic -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.265.255.0_x64__zpdnekdrzrea0 [2025-06-04] (Spotify AB) [Startup Task]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2920095854-1669752291-3635278505-1001_Classes\CLSID\{04271989-C4D2-1C86-3D53-F2AC04DA8ED5} -> [OneDrive] => {a52bba46-e9e1-435f-b3d9-28daa648c0f6}
CustomCLSID: HKU\S-1-5-21-2920095854-1669752291-3635278505-1001_Classes\CLSID\{80172dde-4e20-4df0-81a2-0a48553e80bb}\localserver32 -> C:\Users\david\AppData\Local\NhNotifSys\nahimic\nahimicNotifSys.exe (SteelSeries France SASU -> A-Volute)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\25.095.0518.0002\FileSyncShell64.dll [2025-06-14] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\25.095.0518.0002\FileSyncShell64.dll [2025-06-14] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\25.095.0518.0002\FileSyncShell64.dll [2025-06-14] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\25.095.0518.0002\FileSyncShell64.dll [2025-06-14] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\25.095.0518.0002\FileSyncShell64.dll [2025-06-14] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\25.095.0518.0002\FileSyncShell64.dll [2025-06-14] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\25.095.0518.0002\FileSyncShell64.dll [2025-06-14] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\25.095.0518.0002\FileSyncShell64.dll [2025-06-14] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\25.095.0518.0002\FileSyncShell64.dll [2025-06-14] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\25.095.0518.0002\FileSyncShell64.dll [2025-06-14] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\25.095.0518.0002\FileSyncShell64.dll [2025-06-14] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\25.095.0518.0002\FileSyncShell64.dll [2025-06-14] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\25.095.0518.0002\FileSyncShell64.dll [2025-06-14] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\25.095.0518.0002\FileSyncShell64.dll [2025-06-14] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\25.095.0518.0002\FileSyncShell64.dll [2025-06-14] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2024-11-29] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2025-04-28] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2025-04-28] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\25.095.0518.0002\FileSyncShell64.dll [2025-06-14] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2024-11-29] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\25.095.0518.0002\FileSyncShell64.dll [2025-06-14] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_9425e4c3b1ac1c47\nvshext.dll [2024-12-04] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2024-11-29] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2025-04-28] (ESET, spol. s r.o. -> ESET)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2025-05-29 14:56 - 2012-06-09 18:33 - 000053248 _____ () [File not signed] C:\Program Files (x86)\Common Files\AVerMedia\dll\MsgLog.DLL
2025-05-29 14:56 - 2015-07-13 15:57 - 000372807 _____ (AVerMedia Technologies, Inc.) [File not signed] C:\Program Files (x86)\Common Files\AVerMedia\dll\A871.dll
2025-05-29 14:55 - 2015-08-28 18:05 - 000110080 _____ (AVerMedia Technologies, Inc.) [File not signed] C:\Program Files (x86)\Common Files\AVerMedia\dll\AVERAPI.dll
2025-05-29 14:55 - 2015-12-14 16:39 - 000194560 _____ (AVerMedia Technologies, Inc.) [File not signed] C:\Program Files (x86)\Common Files\AVerMedia\dll\CardID.dll
2025-05-29 14:55 - 2015-02-09 13:32 - 000770048 _____ (AVerMedia Technologies, Inc.) [File not signed] C:\Program Files (x86)\Common Files\AVerMedia\dll\GraphMaster.dll
2025-05-29 14:53 - 2024-11-29 20:00 - 000101376 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) =============
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2025-05-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2025-05-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2025-05-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2025-05-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2025-05-31] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2024-04-01 09:26 - 2024-04-01 09:24 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2920095854-1669752291-3635278505-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
Network Binding:
=============
Ethernet: Realtek PCIe GbE Family Controller -> rt640x64.sys
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{95DAAC38-326D-4794-8D90-A296E79A4961}] => (Allow) C:\Program Files\WindowsApps\MSTeams_25094.310.3616.953_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{78145923-0A0F-4949-8D3B-4F01C455E3A1}] => (Allow) C:\Program Files\WindowsApps\MSTeams_25094.310.3616.953_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [FPS-SpoolWorker-In-TCP] => (Allow) C:\Windows\system32\spoolsvworker.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [FPS-SpoolWorker-In-TCP-V2] => (Allow) C:\Windows\system32\spoolsvworker.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [FPS-SpoolWorker-In-TCP-NoScope] => (Allow) C:\Windows\system32\spoolsvworker.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{C01BF982-ED25-431B-A17D-4F081C2CF53F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{F3217FB1-4FE7-4BE6-A23C-46874AB49F1B}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{AE55C4FB-32CA-4189-8541-704FC531E15B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.265.255.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{45A11A49-2A6D-4B48-A049-BC3A52B7AB20}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.265.255.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{3A1F96FE-1D05-4F03-A1B6-68821195EE3C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.265.255.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{13E04D7D-3FA6-4285-BFF7-A52A11444580}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.265.255.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{3B65BC59-10BF-4A82-A026-6929AAF4EBDE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.265.255.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{A56A8A50-9AC5-46F7-96B5-2B2DE1E670FB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.265.255.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{7246B4C2-8F99-4098-A151-DE3A4F3337CC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.265.255.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{245E78B0-8661-4D35-B5E9-C19F94F41DDC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.265.255.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{B7D6E49C-3944-4310-9FC7-206424BDB163}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.265.255.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{3B4FEB88-A4AA-42F1-8E03-F3A6DD3B2B0D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.265.255.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{117434C6-B261-4526-B900-8232B9EF7BC7}] => (Allow) C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\WindowsBackupClient.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{F0094D38-5AF0-4EE0-AAF2-1C9BC84478E4}] => (Allow) C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\WindowsBackupClient.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{42F93D1A-29DD-46D8-BA53-DDB4A9AF1AE8}] => (Allow) C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\WindowsBackupClient.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{E01BB8EC-73C6-4753-97DC-49F47BA155C2}] => (Allow) C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\WindowsBackupClient.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{5BAB4E40-0AE6-454F-B7D4-42CDCCE9F3C2}] => (Allow) C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\WindowsBackupClient.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{6E2863E3-0375-43DA-B4E8-49763947DC26}] => (Allow) C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\WindowsBackupClient.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{8D3DFAF1-E917-4DA5-8AD8-A3F42C672EC5}] => (Allow) C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\WindowsBackupClient.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{ABB3D5C5-FA92-4F0D-8989-9527DA933CB6}] => (Allow) C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\WindowsBackupClient.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{B869DE53-7B81-4802-A923-91099D721ACC}] => (Allow) C:\Windows\SystemApps\MicrosoftWindows.Client.OOBE_cw5n1h2txyewy\OobeHostApp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{DC79D038-AAF8-48C3-943C-FDCF64AC61B7}] => (Allow) C:\Windows\SystemApps\MicrosoftWindows.Client.OOBE_cw5n1h2txyewy\OobeHostApp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{A4414541-1B20-47DF-A145-95DC390C576B}] => (Allow) C:\Windows\SystemApps\MicrosoftWindows.Client.OOBE_cw5n1h2txyewy\OobeHostApp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{098C0F74-97CD-4622-ADA5-952B7FAD7493}] => (Allow) C:\Windows\SystemApps\MicrosoftWindows.Client.OOBE_cw5n1h2txyewy\OobeHostApp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{29290881-C1EB-4549-B801-B20A9BB95C8B}] => (Allow) C:\Windows\SystemApps\MicrosoftWindows.Client.OOBE_cw5n1h2txyewy\OobeHostApp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{B1647E7F-7789-4019-B40B-DB2E26172535}] => (Allow) C:\Windows\SystemApps\MicrosoftWindows.Client.OOBE_cw5n1h2txyewy\OobeHostApp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{667B5A59-CEE8-4238-AC58-3757F2EACA1D}] => (Allow) C:\Windows\SystemApps\MicrosoftWindows.Client.OOBE_cw5n1h2txyewy\OobeHostApp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{5BA02D0A-B60F-4095-B20D-EE6FDBD32B9D}] => (Allow) C:\Windows\SystemApps\MicrosoftWindows.Client.OOBE_cw5n1h2txyewy\OobeHostApp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{76E2AC32-0845-4C32-A0BD-F09371464B23}] => (Allow) LPort=33683
FirewallRules: [{CFF0B9C9-BF6F-4CE4-8154-6E9EDC35850F}] => (Allow) LPort=26822
FirewallRules: [{F5276D28-A5B7-42AD-A34B-2448D3232694}] => (Allow) LPort=32683
FirewallRules: [{CF543B67-8AF8-4C84-96A6-06DC9CF0ABAD}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\137.0.3296.83\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
==================== Restore Points =========================
08-06-2025 19:15:51 Windows Update
10-06-2025 21:43:00 Instalační služba modulů systému Windows
14-06-2025 09:33:03 Windows Update
17-06-2025 13:59:45 Windows Update
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (06/18/2025 12:03:58 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro WORKGROUP\DESKTOP-IJSLQ8R$ přes https://AMD-KeyId-578c545f796951421221a ... s/Aik/scep se nepovedla:
GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Wed, 18 Jun 2025 10:03:56 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: ac5f334f-dfbe-4f83-b20f-de48ef8f829d
Metoda: GET(297ms)
Fáze: GetCACaps
Nenalezeno (404) 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)
Error: (06/18/2025 12:03:57 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro Místní systém přes https://AMD-KeyId-578c545f796951421221a ... s/Aik/scep se nepovedla:
GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Wed, 18 Jun 2025 10:03:56 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 715a136b-e8e9-4faf-a874-f00c75f1bdda
Metoda: GET(360ms)
Fáze: GetCACaps
Nenalezeno (404) 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)
Error: (06/18/2025 11:49:00 AM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro WORKGROUP\DESKTOP-IJSLQ8R$ přes https://AMD-KeyId-578c545f796951421221a ... s/Aik/scep se nepovedla:
GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Wed, 18 Jun 2025 09:48:59 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 1c843d98-306b-4db8-948c-d979287ddb34
Metoda: GET(296ms)
Fáze: GetCACaps
Nenalezeno (404) 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)
Error: (06/18/2025 11:49:00 AM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro WORKGROUP\DESKTOP-IJSLQ8R$ přes https://AMD-KeyId-578c545f796951421221a ... s/Aik/scep se nepovedla:
GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Wed, 18 Jun 2025 09:48:58 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 9ad7dd18-d389-4a51-b714-6401f44fe560
Metoda: GET(297ms)
Fáze: GetCACaps
Nenalezeno (404) 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)
Error: (06/18/2025 11:49:00 AM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro Místní systém přes https://AMD-KeyId-578c545f796951421221a ... s/Aik/scep se nepovedla:
GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-578c545f796951421221a4a578acdb5f682f89c8.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Wed, 18 Jun 2025 09:48:58 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 90f7156d-3b71-45fc-9b83-6ffdba796ac6
Metoda: GET(359ms)
Fáze: GetCACaps
Nenalezeno (404) 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)
Error: (06/18/2025 11:22:51 AM) (Source: Microsoft Security Client) (EventID: 3002) (User: )
Description: Event-ID 3002
Error: (06/18/2025 11:22:51 AM) (Source: Microsoft Security Client) (EventID: 2002) (User: )
Description: Event-ID 2002
Error: (06/18/2025 11:22:50 AM) (Source: Microsoft Security Client) (EventID: 2003) (User: )
Description: Event-ID 2003
System errors:
=============
Error: (06/18/2025 12:03:08 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-IJSLQ8R)
Description: Služba DCOM zjistila chybu 1084 při pokusu o spuštění služby camsvc s argumenty Není k dispozici za účelem spuštění serveru:
Windows.Internal.CapabilityAccess.CapabilityAccess
Error: (06/18/2025 12:03:08 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-IJSLQ8R)
Description: Služba DCOM zjistila chybu 1084 při pokusu o spuštění služby TokenBroker s argumenty Není k dispozici za účelem spuštění serveru:
Windows.Internal.Security.Authentication.Web.TokenBrokerInternal
Error: (06/18/2025 12:03:08 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-IJSLQ8R)
Description: Služba DCOM zjistila chybu 1084 při pokusu o spuštění služby UdkUserSvc_397bd s argumenty Není k dispozici za účelem spuštění serveru:
WindowsUdkInternal.System.ActivationService
Error: (06/18/2025 12:03:08 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-IJSLQ8R)
Description: Služba DCOM zjistila chybu 1084 při pokusu o spuštění služby UdkUserSvc_397bd s argumenty Není k dispozici za účelem spuštění serveru:
WindowsUdk.UI.Shell.ViewCoordinator
Error: (06/18/2025 12:03:08 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-IJSLQ8R)
Description: Služba DCOM zjistila chybu 1084 při pokusu o spuštění služby UdkUserSvc_397bd s argumenty Není k dispozici za účelem spuštění serveru:
WindowsUdk.UI.Shell.ViewCoordinator
Error: (06/18/2025 12:03:08 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-IJSLQ8R)
Description: Služba DCOM zjistila chybu 1084 při pokusu o spuštění služby UdkUserSvc_397bd s argumenty Není k dispozici za účelem spuštění serveru:
WindowsUdk.UI.Shell.ViewCoordinator
Error: (06/18/2025 12:03:08 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-IJSLQ8R)
Description: Služba DCOM zjistila chybu 1084 při pokusu o spuštění služby UdkUserSvc_397bd s argumenty Není k dispozici za účelem spuštění serveru:
WindowsUdk.UI.Shell.ViewCoordinator
Error: (06/18/2025 12:03:03 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-IJSLQ8R)
Description: Služba DCOM zjistila chybu 1084 při pokusu o spuštění služby WSearch s argumenty Není k dispozici za účelem spuštění serveru:
{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}
Windows Defender:
================
Date: 2025-05-30 18:07:08
Description:
Antivirová ochrana v programu Microsoft Defender śčãп ħăѕ ьèзʼn şтόрφεð ьєƒôřę сбмρľεťіσи.%п %ŧŠčáʼn ĪĐ:%ъ{4DC24498-F7F4-4182-A629-5280AD8AE4D3}%ⁿ %τŜċâй Ŧуφĕ:%вAntimalwarový program%π %тЅсāπ Рãгåmэтзяŝ:%вRychlé prohledávání%и %тŰşéѓ:%ъNT AUTHORITY\SYSTEM%ʼn %ŧŜτøр Ѓēāѕσή:%ъΓРČ ċŏήйĕċтĩőп ґûʼnđбŵπ
Event[0]
Date: 2025-06-18 12:02:35
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Microsoft Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Při přístupu
Kód chyby: 0x8007043c
Popis chyby: Tuto službu nelze spustit v nouzovém režimu.
Důvod: Antimalwarové bezpečnostní informace přestaly z neznámých důvodů fungovat. V některých případech se tento problém dá vyřešit restartováním služby.
Date: 2025-06-18 08:52:07
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Microsoft Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Při přístupu
Kód chyby: 0x8007043c
Popis chyby: Tuto službu nelze spustit v nouzovém režimu.
Důvod: Antimalwarové bezpečnostní informace přestaly z neznámých důvodů fungovat. V některých případech se tento problém dá vyřešit restartováním služby.
Date: 2025-06-07 20:05:52
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Microsoft Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Při přístupu
Kód chyby: 0x8007043c
Popis chyby: Tuto službu nelze spustit v nouzovém režimu.
Důvod: Antimalwarové bezpečnostní informace přestaly z neznámých důvodů fungovat. V některých případech se tento problém dá vyřešit restartováním služby.
Date: 2025-05-29 18:40:46
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Microsoft Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Při přístupu
Kód chyby: 0x8007043c
Popis chyby: Tuto službu nelze spustit v nouzovém režimu.
Důvod: Antimalwarové bezpečnostní informace přestaly z neznámých důvodů fungovat. V některých případech se tento problém dá vyřešit restartováním služby.
CodeIntegrity:
===============
Date: 2025-06-18 12:30:21
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SecurityHealthService.exe) attempted to load \Device\HarddiskVolume3\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Windows signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends International, LLC. H.N0 03/21/2025
Motherboard: Micro-Star International Co., Ltd B450 GAMING PLUS MAX (MS-7B86)
Processor: AMD Ryzen 5 2600 Six-Core Processor
Percentage of memory in use: 34%
Total physical RAM: 16309.56 MB
Available physical RAM: 10636.22 MB
Total Virtual: 17333.56 MB
Available Virtual: 10084.86 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:299.26 GB) (Free:115.21 GB) (Model: KINGSTON SNV3S1000G) NTFS
Drive d: () (Fixed) (Total:631.51 GB) (Free:473.23 GB) (Model: KINGSTON SNV3S1000G) NTFS
\\?\Volume{51727108-a712-4bcc-b77b-0d333287a8e0}\ () (Fixed) (Total:0.63 GB) (Free:0.06 GB) NTFS
\\?\Volume{ebe85961-9060-4b84-ab32-783278932ad8}\ () (Fixed) (Total:0.09 GB) (Free:0.06 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)
Partition: GPT.
==================== End of Addition.txt =======================
-
Rudy
- Site Admin
- Příspěvky: 119356
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Vyděračské emaily
Jistě. Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte. Jde jen o zbytečnosti.Start
CloseProcesses:
HKU\S-1-5-21-2920095854-1669752291-3635278505-1001\...\MountPoints2: {ed734c9f-3c88-11f0-b3fb-806e6f6e6963} - "F:\setup.exe"
S3 esihdrv; C:\Users\david\AppData\Local\Temp\esihdrv.sys [205464 2025-06-17] (ESET, spol. s r.o. -> ESET) <==== ATTENTION
C:\Users\david\AppData\Local\Temp
EmptyTemp:
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Vyděračské emaily
Fix result of Farbar Recovery Scan Tool (x64) Version: 07-06-2025
Ran by david (18-06-2025 15:51:42) Run:1
Running from C:\Users\david\Desktop
Loaded Profiles: david
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
HKU\S-1-5-21-2920095854-1669752291-3635278505-1001\...\MountPoints2: {ed734c9f-3c88-11f0-b3fb-806e6f6e6963} - "F:\setup.exe"
S3 esihdrv; C:\Users\david\AppData\Local\Temp\esihdrv.sys [205464 2025-06-17] (ESET, spol. s r.o. -> ESET) <==== ATTENTION
C:\Users\david\AppData\Local\Temp
EmptyTemp:
End
*****************
Processes closed successfully.
HKU\S-1-5-21-2920095854-1669752291-3635278505-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ed734c9f-3c88-11f0-b3fb-806e6f6e6963} => removed successfully
HKLM\System\CurrentControlSet\Services\esihdrv => removed successfully
esihdrv => service removed successfully
"C:\Users\david\AppData\Local\Temp" Folder move:
C:\Users\david\AppData\Local\Temp => moved successfully
=========== EmptyTemp: ==========
FlushDNS => completed
BITS transfer queue => 1310720 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 31981536 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 0 B
Windows/system/drivers => 133765278 B
Edge => 0 B
Firefox => 1126627151 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 383403 B
LocalService => 489397 B
NetworkService => 498725 B
david => 775902 B
RecycleBin => 296985377 B
EmptyTemp: => 1.5 GB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 15:52:02 ====
Ran by david (18-06-2025 15:51:42) Run:1
Running from C:\Users\david\Desktop
Loaded Profiles: david
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
HKU\S-1-5-21-2920095854-1669752291-3635278505-1001\...\MountPoints2: {ed734c9f-3c88-11f0-b3fb-806e6f6e6963} - "F:\setup.exe"
S3 esihdrv; C:\Users\david\AppData\Local\Temp\esihdrv.sys [205464 2025-06-17] (ESET, spol. s r.o. -> ESET) <==== ATTENTION
C:\Users\david\AppData\Local\Temp
EmptyTemp:
End
*****************
Processes closed successfully.
HKU\S-1-5-21-2920095854-1669752291-3635278505-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ed734c9f-3c88-11f0-b3fb-806e6f6e6963} => removed successfully
HKLM\System\CurrentControlSet\Services\esihdrv => removed successfully
esihdrv => service removed successfully
"C:\Users\david\AppData\Local\Temp" Folder move:
C:\Users\david\AppData\Local\Temp => moved successfully
=========== EmptyTemp: ==========
FlushDNS => completed
BITS transfer queue => 1310720 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 31981536 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 0 B
Windows/system/drivers => 133765278 B
Edge => 0 B
Firefox => 1126627151 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 383403 B
LocalService => 489397 B
NetworkService => 498725 B
david => 775902 B
RecycleBin => 296985377 B
EmptyTemp: => 1.5 GB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 15:52:02 ====
-
Rudy
- Site Admin
- Příspěvky: 119356
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Vyděračské emaily
Vše smazáno, log je již OK.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Vyděračské emaily
Děkuji moc! Hezký zbyzek večera
-
Rudy
- Site Admin
- Příspěvky: 119356
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Vyděračské emaily
Hezký v ečer i vám a nemáte zač!
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?