Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

preventivní kontrola

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
ptdave
Návštěvník
Návštěvník
Příspěvky: 77
Registrován: 01 zář 2012 11:28

preventivní kontrola

#1 Příspěvek od ptdave »

Dobry den
poprosim o kontrolu logu:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-01-2022
Ran by David (administrator) on DAVID-P (MSI MS-7850) (17-01-2022 10:20:12)
Running from C:\Users\pavda\Downloads
Loaded Profiles: David
Platform: Microsoft Windows 10 Pro Version 21H2 19044.1466 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_12.5.74.0_x86__nzyj5cx40ttqa\iCloud\ApplePhotoStreams.exe
(Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_12.5.74.0_x86__nzyj5cx40ttqa\iCloud\APSDaemon.exe
(Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_12.5.74.0_x86__nzyj5cx40ttqa\iCloud\iCloudDrive.exe
(Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_12.5.74.0_x86__nzyj5cx40ttqa\iCloud\iCloudChrome.exe
(Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_12.5.74.0_x86__nzyj5cx40ttqa\iCloud\iCloudPhotos.exe
(Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_12.5.74.0_x86__nzyj5cx40ttqa\iCloud\iCloudServices.exe
(Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_12.5.74.0_x86__nzyj5cx40ttqa\iCloud\secd.exe
(FOXIT SOFTWARE INC. -> Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\FoxitPhantomPDFUpdateService.exe
(FOXIT SOFTWARE INC. -> Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitReaderUpdateService.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler64.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <13>
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Intel(R) Extreme Tuning Utility -> Intel(R) Corporation) C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe
(Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3\avp.exe
(Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3\avpui.exe
(Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3\plugins_nms.exe
(Kingston Digital Inc.) C:\Program Files\WindowsApps\33C30B79.HyperXNGenuity_5.6.0.0_x64__0a78dr3hq0pvt\Assets\Native\NGenuity2Helper.exe
(Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub.exe <4>
(Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_agent.exe
(Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_updater.exe
(Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\logi_crashpad_handler.exe <2>
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2111.12605.0_x64__8wekyb3d8bbwe\Cortana.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2111.12605.0_x64__8wekyb3d8bbwe\Win32Bridge.Server.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe <2>
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\Gaming APP\GamingApp_Service.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Gaming APP\GamingHotkey.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Gaming APP\GamingHotkey_Service.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\Gaming APP\MSI_LED.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\EyeRest.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\MSI_ActiveX_Service.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\TriggerModeMonitor.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\VideoCardMonitorII.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSIRegister\MSIRegisterService.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO.,LTD.) C:\Program Files (x86)\MSI\Fast Boot\FastBoot.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Program Files (x86)\MSI\Command Center\DDR\MSIDDRService.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Program Files (x86)\MSI\Command Center\MSIControlService.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Windows\SysWOW64\muachost.exe
(Nvidia Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_0bc9105c62ca22fb\Display.NvContainer\NVDisplay.Container.exe <2>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <8>
(Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9270560 2019-05-16] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [339000 2021-10-26] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [Super Charger] => C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe [1028280 2017-11-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [Fast Boot] => C:\Program Files (x86)\MSI\Fast Boot\StartFastBoot.exe [759120 2015-04-22] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
HKLM-x32\...\Run: [Live Update] => C:\Program Files (x86)\MSI\Live Update\Live Update.exe [26327864 2021-04-08] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
HKLM-x32\...\Run: [MSIRegister] => C:\Program Files (x86)\MSI\MSIRegister\MSIRegister.exe [1266864 2019-08-28] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
HKLM-x32\...\Run: [Command Center] => C:\Program Files (x86)\MSI\Command Center\StartCommandCenter.exe [835680 2016-06-14] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
HKU\S-1-5-21-3696039247-2293415178-2957003930-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4267432 2021-12-16] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-3696039247-2293415178-2957003930-1001\...\MountPoints2: {dcc7d279-c161-11eb-9778-d8cb8a1946fd} - "E:\HiSuiteDownLoader.exe"
HKLM\...\Print\Monitors\HP D811 Status Monitor: C:\Windows\system32\hpinkstsD811LM.dll [393352 2017-04-05] (Hewlett Packard -> HP Inc.)
HKLM\...\Print\Monitors\PDF-XChange Lite Port Monitor: C:\Windows\system32\pxcpmL.dll [2376448 2018-02-01] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\97.0.4692.71\Installer\chrmstp.exe [2022-01-06] (Google LLC -> Google LLC)
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {06AF099B-85F5-4462-AF93-57E0C3F427DF} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1650384 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation)
Task: {0837D26E-12ED-4D34-8478-0555FE06DA7E} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [904904 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation)
Task: {0C9DFEEB-34CD-46BC-96FC-EAC882493E11} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-11-09] (Google LLC -> Google LLC)
Task: {1C9B8E48-F3DB-456F-8451-E542374E931D} - System32\Tasks\Apple Diagnostics => C:\Users\pavda\AppData\Local\Microsoft\WindowsApps\eReporter-AppX.exe [0 2021-11-18] () [simlink -> ]
Task: {42668E0F-E71A-4B46-95F4-217D0B7CAED6} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1650384 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation)
Task: {456F8ADE-BB56-4105-9AB0-493C3BBC93E9} - System32\Tasks\MSISW_Host => C:\Windows\SysWOW64\muachost.exe [1692840 2015-08-18] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
Task: {5A249C86-CCF0-48AA-B2FC-BBFB488BF318} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1650384 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation)
Task: {6F998134-F2DC-472F-9460-7B2C42A644E8} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [904904 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation)
Task: {88520D25-004E-4969-995A-1AF5AB9206C5} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-11-16] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {926015F9-0D0C-4E42-B934-5D5922D7286E} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649216 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation)
Task: {958D95CE-1269-405E-BAF8-41C82B58DADD} - System32\Tasks\HyperXRamApp => C:\Users\pavda\AppData\Local\Packages\33C30B79.HyperXNGenuity_0a78dr3hq0pvt\LocalState\\HyperXMemoryPlug-in.exe [73304 2021-11-09] (HP Inc. -> )
Task: {B8F241C8-0202-43BB-8059-81F4D23AA15A} - System32\Tasks\MSIGH_Host => C:\Program Files (x86)\MSI\Gaming APP\GamingHotkey.exe [3354296 2019-01-09] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
Task: {BF345747-70F6-4B1B-BE50-108EDC6F9A21} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-11-09] (Google LLC -> Google LLC)
Task: {C608BABC-3E48-4DC6-8FCD-C823F0B350B1} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1650384 2021-12-08] (Nvidia Corporation -> NVIDIA Corporation)
Task: {CEFD0EC4-DAB4-4BBD-A2C7-A4751AF35E66} - System32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901} => C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe [743488 2021-04-17] (Kaspersky Lab JSC -> AO Kaspersky Lab)
Task: {CF71226D-366C-4A02-A83A-A3A3F5FD8D01} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616832 2019-09-04] (Apple Inc. -> Apple Inc.)
Task: {EF19C6F9-95C6-403C-B395-5DE476A4E373} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3341312 2021-12-09] (Nvidia Corporation -> NVIDIA Corporation)
Task: {F1A37254-3627-4CD7-ABB0-0E9DCB15A1CA} - System32\Tasks\Intel\Intel Telemetry 2 (x86) => C:\Program Files (x86)\Intel\Telemetry 2.0\lrio.exe [1328392 2015-11-20] (Intel(R) Software -> Intel Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{41719341-9a24-425c-abcb-b277a7c05eff}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{72cb9b98-afb4-4db4-84b5-4165b2cc6f59}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{929e6329-0b5a-4e4a-b966-9efdaf521a55}: [DhcpNameServer] 172.20.10.1

Edge:
=======
Edge Profile: C:\Users\pavda\AppData\Local\Microsoft\Edge\User Data\Default [2022-01-13]
Edge HKU\S-1-5-21-3696039247-2293415178-2957003930-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm]

FireFox:
========
FF HKLM\...\Firefox\Extensions: [light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3\FFExt\light_plugin_firefox\addon.xpi => not found
FF HKLM\...\Firefox\Extensions: [FFExtnHTML2PDF@foxitsoftware.com] - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\FirefoxAddin\FFExtnHTML2PDF.xpi
FF Extension: (Foxit PDF Creator) - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\FirefoxAddin\FFExtnHTML2PDF.xpi [2020-04-22] [Legacy]
FF HKLM\...\Firefox\Extensions: [FireFoxNew-WebExtensions@foxitsoftware.com] - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\FirefoxAddin\FireFoxNew-WebExtensions@foxitsoftware.com.xpi
FF Extension: (Foxit PDF Creator) - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\FirefoxAddin\FireFoxNew-WebExtensions@foxitsoftware.com.xpi [2020-04-22]
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3\FFExt\light_plugin_firefox\addon.xpi => not found
FF HKLM-x32\...\Firefox\Extensions: [FFExtnHTML2PDF@foxitsoftware.com] - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\FirefoxAddin\FFExtnHTML2PDF.xpi
FF HKLM-x32\...\Firefox\Extensions: [FireFoxNew-WebExtensions@foxitsoftware.com] - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\FirefoxAddin\FireFoxNew-WebExtensions@foxitsoftware.com.xpi
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2018-02-01] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2018-02-01] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2018-02-01] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2020-04-29] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.cpdf -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2020-04-29] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2020-04-29] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2020-04-29] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2020-04-29] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-09-24] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.cpdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-09-24] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-09-24] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-09-24] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-09-24] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2018-02-01] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2018-02-01] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2018-02-01] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2018-02-01] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2018-02-01] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2018-02-01] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-3696039247-2293415178-2957003930-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2018-02-01] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-3696039247-2293415178-2957003930-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2018-02-01] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-3696039247-2293415178-2957003930-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2018-02-01] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)

Chrome:
=======
CHR DefaultProfile: Profile 1
CHR Profile: C:\Users\pavda\AppData\Local\Google\Chrome\User Data\Default [2020-11-09]
CHR Extension: (Prezentace) - C:\Users\pavda\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-11-09]
CHR Extension: (Dokumenty) - C:\Users\pavda\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-11-09]
CHR Extension: (Disk Google) - C:\Users\pavda\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-11-09]
CHR Extension: (YouTube) - C:\Users\pavda\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-11-09]
CHR Extension: (Tabulky) - C:\Users\pavda\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-11-09]
CHR Extension: (Dokumenty Google offline) - C:\Users\pavda\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-11-09]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\pavda\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-11-09]
CHR Extension: (Gmail) - C:\Users\pavda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-11-09]
CHR Extension: (Chrome Media Router) - C:\Users\pavda\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-11-09]
CHR Profile: C:\Users\pavda\AppData\Local\Google\Chrome\User Data\Profile 1 [2022-01-17]
CHR Extension: (Prezentace) - C:\Users\pavda\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-11-09]
CHR Extension: (Ochrana Kaspersky) - C:\Users\pavda\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm [2021-12-24]
CHR Extension: (Dokumenty) - C:\Users\pavda\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2020-11-09]
CHR Extension: (Disk Google) - C:\Users\pavda\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-11-09]
CHR Extension: (YouTube) - C:\Users\pavda\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-11-09]
CHR Extension: (uBlock Origin) - C:\Users\pavda\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2022-01-13]
CHR Extension: (Tabulky) - C:\Users\pavda\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-11-09]
CHR Extension: (Záložky na iCloudu) - C:\Users\pavda\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fkepacicchenbjecpbpbclokcabebhah [2020-11-09]
CHR Extension: (Dokumenty Google offline) - C:\Users\pavda\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-12-02]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\pavda\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-30]
CHR Extension: (Gmail) - C:\Users\pavda\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-11-09]
CHR Profile: C:\Users\pavda\AppData\Local\Google\Chrome\User Data\System Profile [2020-11-09]
CHR HKLM\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm
CHR HKLM\...\Chrome\Extension: [cifnddnffldieaamihfkhkdgnbhfmaci] - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\ChromeAddin\ChromeAddin.crx [2020-04-22]
CHR HKLM-x32\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm
CHR HKLM-x32\...\Chrome\Extension: [cifnddnffldieaamihfkhkdgnbhfmaci] - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\ChromeAddin\ChromeAddin.crx [2020-04-22]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [99104 2021-08-20] (Apple Inc. -> Apple Inc.)
R2 AVP21.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3\avp.exe [184768 2021-06-18] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8944720 2021-12-02] (BattlEye Innovations e.K. -> )
S3 FACEITService; C:\Program Files\FACEIT AC\faceitservice.exe [23341512 2021-10-12] (FACE IT LIMITED -> )
R2 FoxitPhantomPDFUpdateService; C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\FoxitPhantomPDFUpdateService.exe [1995184 2020-04-29] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
R2 FoxitReaderUpdateService; C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitReaderUpdateService.exe [2357864 2020-08-31] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
R2 GamingApp_Service; C:\Program Files (x86)\MSI\Gaming APP\GamingApp_Service.exe [46776 2018-09-06] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
R2 GamingHotkey_Service; C:\Program Files (x86)\MSI\Gaming APP\GamingHotkey_Service.exe [2027192 2019-01-09] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
S3 klvssbridge64_21.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3\x64\vssbridge64.exe [479280 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R2 LGHUBUpdaterService; C:\Program Files\LGHUB\lghub_updater.exe [11174464 2022-01-14] (Logitech Inc -> Logitech, Inc.)
S3 MSIClock_CC; C:\Program Files (x86)\MSI\Command Center\ClockGen\MSIClockService.exe [4167504 2021-08-13] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
S3 MSICOMM_CC; C:\Program Files (x86)\MSI\Command Center\MSICommService.exe [2209104 2021-08-13] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
S3 MSICPU_CC; C:\Program Files (x86)\MSI\Command Center\CPU\MSICPUService.exe [4175696 2021-08-13] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R2 MSICTL_CC; C:\Program Files (x86)\MSI\Command Center\MSIControlService.exe [2102880 2017-02-15] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R2 MSIDDR_CC; C:\Program Files (x86)\MSI\Command Center\DDR\MSIDDRService.exe [2333008 2021-08-13] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R2 MSIREGISTER_MR; C:\Program Files (x86)\MSI\MSIRegister\MSIRegisterService.exe [2019504 2019-08-28] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
S3 MSISMB_CC; C:\Program Files (x86)\MSI\Command Center\SMBus\MSISMBService.exe [2079568 2021-08-13] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
S3 MSISuperIO_CC; C:\Program Files (x86)\MSI\Command Center\SuperIO\MSISuperIOService.exe [615248 2021-08-13] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R2 MSI_ActiveX_Service; C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\MSI_ActiveX_Service.exe [86688 2018-07-25] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 MSI_FastBoot; C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe [113336 2017-12-21] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R2 MSI_LiveUpdate_Service; C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [2210104 2021-04-08] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe [183472 2020-03-09] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6137040 2022-01-13] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13257000 2021-06-11] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_0bc9105c62ca22fb\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_0bc9105c62ca22fb\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AppleKmdfFilter; C:\Windows\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:\Windows\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [250032 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S1 EneIo; C:\Windows\system32\drivers\ene.sys [17624 2019-05-22] (Microsoft Windows Hardware Compatibility Publisher -> )
R0 FACEIT; C:\Windows\System32\Drivers\FACEIT.sys [12618744 2021-10-12] (Microsoft Windows Hardware Compatibility Publisher -> )
R3 I2cHkBurn; C:\Windows\system32\drivers\I2cHkBurn.sys [41760 2015-07-27] (Feature Integration Technology -> FINTEK Corp.)
S3 ipadtst2; C:\Program Files (x86)\MSI\Super Charger\ipadtst2_64.sys [26824 2020-02-27] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R1 klbackupdisk; C:\Windows\system32\DRIVERS\klbackupdisk.sys [110336 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [211704 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [126216 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [41656 2021-02-19] (Microsoft Windows Early Launch Anti-malware Publisher -> AO Kaspersky Lab)
R1 klflt; C:\Windows\system32\DRIVERS\klflt.sys [514840 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klgse; C:\Windows\System32\DRIVERS\klgse.sys [689976 2021-11-13] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klhk; C:\Windows\system32\DRIVERS\klhk.sys [1507648 2021-11-13] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klids; C:\ProgramData\Kaspersky Lab\AVP21.3\Bases\klids.sys [272168 2021-12-20] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [1042712 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klim6; C:\Windows\system32\DRIVERS\klim6.sys [98040 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [112392 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [112904 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [85256 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klpnpflt; C:\Windows\system32\DRIVERS\klpnpflt.sys [96008 2021-06-18] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R0 klupd_klif_arkmon; C:\Windows\System32\Drivers\klupd_klif_arkmon.sys [287904 2022-01-17] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
U3 klupd_klif_arkmon_F68CBDD9; C:\ProgramData\Kaspersky Lab\AVP21.3\Temp\F68CBDD9AE594B726FFD0FDB048B0239\klupd_klif_arkmon.sys [287904 2022-01-17] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klupd_klif_klark; C:\Windows\System32\Drivers\klupd_klif_klark.sys [314040 2021-11-22] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
U3 klupd_klif_klark_E52A2E80; C:\ProgramData\Kaspersky Lab\AVP21.3\Temp\E52A2E80CA1DABF7E4D25609D3B6FDEB\klupd_klif_klark.sys [319720 2022-01-17] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R0 klupd_klif_klbg; C:\Windows\System32\Drivers\klupd_klif_klbg.sys [115968 2022-01-17] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klupd_klif_mark; C:\Windows\System32\Drivers\klupd_klif_mark.sys [225648 2021-11-24] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
U3 klupd_klif_mark_4B2B33F5; C:\ProgramData\Kaspersky Lab\AVP21.3\Temp\4B2B33F5183084B8670BB7B00DF48E52\klupd_klif_mark.sys [229248 2022-01-17] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
S4 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [155912 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klwtp; C:\Windows\system32\DRIVERS\klwtp.sys [327936 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [300808 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R3 logi_generic_hid_filter; C:\Windows\system32\drivers\logi_generic_hid_filter.sys [55624 2021-11-13] (Logitech Inc -> Logitech)
R3 logi_joy_bus_enum; C:\Windows\system32\drivers\logi_joy_bus_enum.sys [37200 2021-11-13] (Logitech Inc -> Logitech)
R3 logi_joy_hid_filter; C:\Windows\system32\drivers\logi_joy_hid_filter.sys [56656 2021-11-13] (Logitech Inc -> Logitech)
R3 logi_joy_hid_lo; C:\Windows\system32\drivers\logi_joy_hid_lo.sys [45904 2021-11-13] (Logitech Inc -> Logitech)
R3 logi_joy_vir_hid; C:\Windows\system32\drivers\logi_joy_vir_hid.sys [25928 2021-11-13] (Logitech Inc -> Logitech)
R3 logi_joy_xlcore; C:\Windows\system32\drivers\logi_joy_xlcore.sys [66896 2021-11-13] (Logitech Inc -> Logitech)
S3 Netaapl; C:\Windows\System32\drivers\netaapl64.sys [23040 2020-04-15] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
R3 NTIOLib_FastBoot; C:\Program Files (x86)\MSI\Fast Boot\NTIOLib_X64.sys [14288 2017-03-29] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 NTIOLib_MBAPI; C:\Program Files (x86)\MSI\Gaming APP\Lib\NTIOLib_X64.sys [14288 2017-07-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 NTIOLib_MSIDDR_CC; C:\Program Files (x86)\MSI\Command Center\DDR\NTIOLib_X64.sys [29576 2021-08-09] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [48552 2021-11-01] (Microsoft Windows Hardware Compatibility Publisher -> NVIDIA Corporation)
R3 PHYMEM; C:\Users\pavda\AppData\Local\Packages\33C30B79.HyperXNGenuity_0a78dr3hq0pvt\LocalState\otipcibus64.sys [17488 2021-08-31] (Ours Technology Inc. -> OTi)
S3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [36824 2020-07-13] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2020-04-15] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\Windows\system32\DRIVERS\usb2ser.sys [151184 2016-07-15] (NGO -> MBB)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-01-17 10:20 - 2022-01-17 10:20 - 000038521 _____ C:\Users\pavda\Downloads\FRST.txt
2022-01-17 10:20 - 2022-01-17 10:20 - 000000000 ____D C:\FRST
2022-01-17 10:18 - 2022-01-17 10:18 - 001222144 _____ C:\Users\pavda\Downloads\RSITx64.exe
2022-01-17 10:17 - 2022-01-17 10:17 - 002311680 _____ (Farbar) C:\Users\pavda\Downloads\FRST64.exe
2022-01-17 10:13 - 2022-01-17 10:13 - 000287904 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klupd_klif_arkmon.sys
2022-01-17 10:13 - 2022-01-17 10:13 - 000115968 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klupd_klif_klbg.sys
2022-01-17 10:12 - 2022-01-17 10:12 - 006443947 _____ C:\Users\pavda\Downloads\TARKOV by Waves.rar
2022-01-17 08:50 - 2022-01-17 08:50 - 000000650 _____ C:\Users\Public\Desktop\Logitech G HUB.lnk
2022-01-17 08:50 - 2022-01-17 08:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logi
2022-01-17 08:50 - 2022-01-17 08:50 - 000000000 ____D C:\Program Files\LGHUB
2022-01-13 15:52 - 2022-01-13 15:52 - 000523776 _____ (curl, hxxps://curl.se/) C:\Windows\system32\curl.exe
2022-01-13 15:52 - 2022-01-13 15:52 - 000464384 _____ (curl, hxxps://curl.se/) C:\Windows\SysWOW64\curl.exe
2022-01-13 15:52 - 2022-01-13 15:52 - 000011797 _____ C:\Windows\system32\DrtmAuthTxt.wim
2022-01-13 15:48 - 2022-01-13 15:48 - 000000000 ___HD C:\$WinREAgent
2022-01-07 22:36 - 2022-01-07 22:37 - 000000000 ____D C:\Program Files (x86)\MSI Afterburner
2022-01-07 22:36 - 2022-01-07 22:36 - 000000000 ____D C:\Users\pavda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner
2022-01-06 15:41 - 2022-01-06 15:41 - 000000000 ____D C:\Users\pavda\AppData\LocalLow\Battlestate Games
2022-01-06 13:53 - 2022-01-06 13:53 - 032857789 _____ C:\Users\pavda\Downloads\EFT_CompleteGuideForBegginersAndCasuals.pdf
2022-01-06 13:30 - 2022-01-06 15:41 - 000000000 ____D C:\Users\pavda\AppData\Roaming\Battlestate Games
2022-01-06 13:30 - 2022-01-06 13:30 - 000000000 ____D C:\Users\pavda\AppData\Local\Battlestate Games
2022-01-06 13:30 - 2022-01-06 13:30 - 000000000 ____D C:\ProgramData\Battlestate Games
2022-01-06 13:29 - 2022-01-06 13:29 - 000000703 _____ C:\Users\Public\Desktop\Battlestate Games Launcher.lnk
2022-01-06 13:29 - 2022-01-06 13:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlestate Games
2022-01-02 01:43 - 2022-01-02 01:43 - 000000000 ____D C:\Users\pavda\Documents\My Cheat Tables
2022-01-02 00:19 - 2022-01-07 16:31 - 000000000 ____D C:\Users\pavda\Documents\Euro Truck Simulator 2
2022-01-01 23:27 - 2022-01-01 23:27 - 000000222 _____ C:\Users\pavda\Desktop\Euro Truck Simulator 2.url
2021-12-21 22:16 - 2021-12-15 21:58 - 001450200 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2021-12-21 22:16 - 2021-12-15 21:58 - 001450200 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2021-12-21 22:16 - 2021-12-15 21:57 - 001874648 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe
2021-12-21 22:16 - 2021-12-15 21:57 - 001874648 _____ C:\Windows\system32\vulkaninfo.exe
2021-12-21 22:16 - 2021-12-15 21:57 - 001466024 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2021-12-21 22:16 - 2021-12-15 21:57 - 001209312 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2021-12-21 22:16 - 2021-12-15 21:57 - 001112336 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll
2021-12-21 22:16 - 2021-12-15 21:57 - 001112336 _____ C:\Windows\system32\vulkan-1.dll
2021-12-21 22:16 - 2021-12-15 21:57 - 000966416 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll
2021-12-21 22:16 - 2021-12-15 21:57 - 000966416 _____ C:\Windows\SysWOW64\vulkan-1.dll
2021-12-21 22:16 - 2021-12-15 21:54 - 000658344 _____ (NVIDIA Corporation) C:\Windows\system32\nvml.dll
2021-12-21 22:16 - 2021-12-15 21:52 - 005732320 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2021-12-21 22:15 - 2021-12-15 21:54 - 001524392 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2021-12-21 22:15 - 2021-12-15 21:54 - 000802216 _____ C:\Windows\system32\nvofapi64.dll
2021-12-21 22:15 - 2021-12-15 21:54 - 000679384 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2021-12-21 22:15 - 2021-12-15 21:54 - 000636840 _____ C:\Windows\SysWOW64\nvofapi.dll
2021-12-21 22:15 - 2021-12-15 21:54 - 000565416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2021-12-21 22:15 - 2021-12-15 21:53 - 002116520 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2021-12-21 22:15 - 2021-12-15 21:53 - 001597552 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2021-12-21 22:15 - 2021-12-15 21:53 - 001175512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2021-12-21 22:15 - 2021-12-15 21:53 - 000982952 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2021-12-21 22:15 - 2021-12-15 21:53 - 000794024 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2021-12-21 22:15 - 2021-12-15 21:53 - 000708776 _____ (NVIDIA Corporation) C:\Windows\system32\nvidia-smi.exe
2021-12-21 22:15 - 2021-12-15 21:52 - 008725160 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2021-12-21 22:15 - 2021-12-15 21:52 - 007843968 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2021-12-21 22:15 - 2021-12-15 21:52 - 004938880 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2021-12-21 22:15 - 2021-12-15 21:52 - 002852280 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2021-12-21 22:15 - 2021-12-15 21:52 - 000452224 _____ (NVIDIA Corporation) C:\Windows\system32\nvdebugdump.exe
2021-12-21 22:15 - 2021-12-15 21:51 - 000851936 _____ (NVIDIA Corporation) C:\Windows\system32\MCU.exe
2021-12-21 22:15 - 2021-12-15 13:16 - 000085698 _____ C:\Windows\system32\nvinfo.pb

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-01-17 10:13 - 2020-11-09 10:59 - 000000000 ____D C:\Program Files (x86)\Steam
2022-01-17 10:03 - 2020-11-09 10:31 - 000000000 ____D C:\Program Files (x86)\Google
2022-01-17 08:51 - 2021-11-13 17:01 - 000000000 ____D C:\Users\pavda\AppData\Roaming\LGHUB
2022-01-17 08:51 - 2021-11-13 17:01 - 000000000 ____D C:\Users\pavda\AppData\Local\LGHUB
2022-01-17 08:51 - 2019-12-07 10:13 - 000000000 ____D C:\Windows\INF
2022-01-17 08:50 - 2021-12-11 17:49 - 000000000 ____D C:\Program Files\LGHUB.ab99f318-2e3f-410a-a975-20115ce44270
2022-01-17 08:50 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-01-17 08:29 - 2021-08-31 11:40 - 000003426 _____ C:\Windows\system32\Tasks\HyperXRamApp
2022-01-17 08:29 - 2020-11-09 11:43 - 000000000 ___RD C:\Users\pavda\iCloudDrive
2022-01-17 08:29 - 2020-11-09 10:36 - 000000000 ____D C:\ProgramData\NVIDIA
2022-01-17 00:02 - 2020-09-27 06:55 - 000000000 ____D C:\Windows\system32\SleepStudy
2022-01-15 13:18 - 2020-11-16 15:09 - 000000000 ____D C:\Users\pavda\AppData\Local\ElevatedDiagnostics
2022-01-15 13:18 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\AppReadiness
2022-01-15 12:58 - 2020-09-27 08:58 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-01-15 12:58 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-01-14 19:35 - 2019-12-07 10:03 - 000032768 _____ C:\Windows\system32\config\ELAM
2022-01-14 19:23 - 2021-12-13 13:33 - 000003592 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3696039247-2293415178-2957003930-1001
2022-01-14 19:23 - 2020-11-09 10:30 - 000003364 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3696039247-2293415178-2957003930-1001
2022-01-14 19:23 - 2020-11-09 10:27 - 000002381 _____ C:\Users\pavda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-01-14 12:32 - 2020-11-09 10:29 - 001605602 _____ C:\Windows\system32\PerfStringBackup.INI
2022-01-14 12:32 - 2019-12-07 15:43 - 000682238 _____ C:\Windows\system32\perfh005.dat
2022-01-14 12:32 - 2019-12-07 15:43 - 000137054 _____ C:\Windows\system32\perfc005.dat
2022-01-14 12:25 - 2020-11-13 20:52 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2022-01-14 12:25 - 2020-09-27 08:56 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2022-01-14 12:25 - 2020-09-27 06:55 - 000008192 ___SH C:\DumpStack.log.tmp
2022-01-14 12:25 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\ServiceState
2022-01-14 00:10 - 2019-12-07 10:03 - 000524288 _____ C:\Windows\system32\config\BBI
2022-01-14 00:09 - 2020-09-27 06:55 - 000447560 _____ C:\Windows\system32\FNTCACHE.DAT
2022-01-14 00:08 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2022-01-14 00:08 - 2019-12-07 10:14 - 000000000 ___SD C:\Windows\system32\DiagSvcs
2022-01-14 00:08 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\Dism
2022-01-14 00:08 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SystemResources
2022-01-14 00:08 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\setup
2022-01-14 00:08 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\oobe
2022-01-14 00:08 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\Dism
2022-01-14 00:08 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\bcastdvr
2022-01-13 20:27 - 2021-06-15 17:05 - 000000000 ____D C:\Users\pavda\AppData\Roaming\discord
2022-01-13 20:27 - 2021-06-15 17:05 - 000000000 ____D C:\Users\pavda\AppData\Local\Discord
2022-01-13 15:54 - 2019-12-07 10:03 - 000000000 ____D C:\Windows\CbsTemp
2022-01-13 15:47 - 2020-11-09 10:35 - 000000000 ____D C:\Windows\system32\MRT
2022-01-13 15:45 - 2020-11-09 10:35 - 145765912 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2022-01-10 16:04 - 2021-01-04 13:17 - 000000000 ____D C:\Users\pavda\AppData\Roaming\WeMod
2022-01-10 16:04 - 2020-11-09 15:23 - 000000000 ____D C:\Users\pavda\AppData\Local\CrashDumps
2022-01-09 18:58 - 2021-10-31 09:50 - 000000000 ____D C:\Users\pavda\AppData\Local\WeMod
2022-01-09 18:58 - 2021-01-04 13:17 - 000002173 _____ C:\Users\pavda\Desktop\WeMod.lnk
2022-01-09 18:58 - 2021-01-04 13:17 - 000000000 ____D C:\Users\pavda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WeMod
2022-01-09 18:58 - 2020-11-24 11:09 - 000000000 ____D C:\Users\pavda\AppData\Local\SquirrelTemp
2022-01-08 17:13 - 2020-11-10 10:58 - 000000000 ____D C:\Users\pavda\AppData\Local\D3DSCache
2022-01-07 22:37 - 2020-11-09 11:14 - 000000000 ____D C:\MSI
2022-01-06 23:21 - 2020-11-09 10:31 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-01-06 13:29 - 2020-11-09 10:39 - 000000000 ____D C:\ProgramData\Package Cache
2022-01-04 12:57 - 2020-11-09 10:28 - 000000000 ___RD C:\Users\pavda\3D Objects
2021-12-21 22:25 - 2020-11-09 10:39 - 000000000 ____D C:\Users\pavda\AppData\Local\NVIDIA
2021-12-21 22:12 - 2020-11-09 10:29 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2021-12-21 22:11 - 2020-11-09 10:39 - 000004308 _____ C:\Windows\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-12-21 22:11 - 2020-11-09 10:39 - 000003976 _____ C:\Windows\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-12-21 22:11 - 2020-11-09 10:39 - 000003940 _____ C:\Windows\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-12-21 22:11 - 2020-11-09 10:39 - 000003894 _____ C:\Windows\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-12-21 22:11 - 2020-11-09 10:39 - 000003858 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-12-21 22:11 - 2020-11-09 10:39 - 000003858 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-12-21 22:11 - 2020-11-09 10:39 - 000003858 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-12-21 22:11 - 2020-11-09 10:39 - 000003858 _____ C:\Windows\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-12-21 22:11 - 2020-11-09 10:39 - 000003654 _____ C:\Windows\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2021-12-21 22:11 - 2020-11-09 10:39 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2021-12-21 22:11 - 2020-11-09 10:29 - 000000000 ____D C:\Program Files\NVIDIA Corporation

==================== Files in the root of some directories ========

2020-11-09 20:28 - 2020-11-09 20:28 - 000004608 _____ () C:\Users\pavda\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-01-2022
Ran by David (17-01-2022 10:22:05)
Running from C:\Users\pavda\Downloads
Microsoft Windows 10 Pro Version 21H2 19044.1466 (X64) (2020-11-09 09:24:01)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-3696039247-2293415178-2957003930-500 - Administrator - Disabled)
David (S-1-5-21-3696039247-2293415178-2957003930-1001 - Administrator - Enabled) => C:\Users\pavda
DefaultAccount (S-1-5-21-3696039247-2293415178-2957003930-503 - Limited - Disabled)
Guest (S-1-5-21-3696039247-2293415178-2957003930-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-3696039247-2293415178-2957003930-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Kaspersky Anti-Virus (Enabled - Up to date) {4F76F112-43EB-40E8-11D8-F7BD1853EA23}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Apple Mobile Device Support (HKLM\...\{527DD209-8A66-482F-8779-C7B3BACCA8F1}) (Version: 15.0.0.16 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A3985C05-7386-411F-A4BF-32A73F37EB44}) (Version: 2.6.3.1 - Apple Inc.)
Battlestate Games Launcher 12.11.1.1846 (HKLM-x32\...\{B0FDA062-7581-4D67-B085-C4E7C358037F}_is1) (Version: 12.11.1.1846 - Battlestate Games)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Discord (HKU\S-1-5-21-3696039247-2293415178-2957003930-1001\...\Discord) (Version: 1.0.9002 - Discord Inc.)
ENE RGB HAL (HKLM\...\{87316426-A33E-41E9-942B-968E928A9A47}) (Version: 1.00.10 - Ene Tech.) Hidden
ENE RGB HAL (HKLM-x32\...\{9f93601b-15ea-4e69-8d7c-dfa0f29ae04e}) (Version: 1.00.10 - Ene Tech.) Hidden
Escape from Tarkov (HKLM-x32\...\EscapeFromTarkov) (Version: 0.12.12.11.16440 - Battlestate Games)
Evernote 10.8.5 (HKU\S-1-5-21-3696039247-2293415178-2957003930-1001\...\e4251011-875e-51f3-a464-121adaff5aaa) (Version: 10.8.5 - Evernote Corporation)
FACEIT (HKU\S-1-5-21-3696039247-2293415178-2957003930-1001\...\FACEITApp) (Version: 1.31.5 - FACEIT Ltd.)
FACEIT Anti-Cheat (HKLM\...\{1419E44C-0EF4-4822-9194-9F1A4D43973D}_is1) (Version: 2.0 - FACEIT LTD)
Foxit PhantomPDF (HKLM-x32\...\{0a0d1ae2-8a54-11ea-8e74-54bf64a63c26}) (Version: 10.0.0.35798 - Foxit Software Inc.)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 10.1.0.37527 - Foxit Software Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 97.0.4692.71 - Google LLC)
iCloud Outlook (HKLM\...\{58EF239A-565E-4854-9769-DE7BB82ED781}) (Version: 11.4.0.12 - Apple Inc.)
Intel Extreme Tuning Utility (HKLM-x32\...\{7afa48c7-9901-40fa-8f9b-f0707e2bc5b6}) (Version: 6.2.0.24 - Intel Corporation)
Intel® Chipset Device Software (HKLM-x32\...\{c7f54569-0018-439c-809a-48046a4d4ebc}) (Version: 10.1.1.9 - Intel(R) Corporation) Hidden
IrfanView 4.56 (64-bit) (HKLM\...\IrfanView64) (Version: 4.56 - Irfan Skiljan)
iTunes (HKLM\...\{604E49A2-AFBA-4478-B5C9-C6DE73F7C0ED}) (Version: 12.12.2.2 - Apple Inc.)
Kaspersky Anti-Virus (HKLM-x32\...\{4FC79BE9-AD63-46C0-9626-E4F6BCE6A976}) (Version: 21.3.10.391 - Kaspersky) Hidden
Kaspersky Anti-Virus (HKLM-x32\...\InstallWIX_{4FC79BE9-AD63-46C0-9626-E4F6BCE6A976}) (Version: 21.3.10.391 - Kaspersky)
Kontrola stavu osobního počítače s Windows (HKLM\...\{88EC8D4A-54AB-4A7F-BDE9-4AD906D9D11F}) (Version: 3.2.2110.14001 - Microsoft Corporation)
Logitech G HUB (HKLM\...\{521c89be-637f-4274-a840-baaf7460c2b2}) (Version: 2022.1.3492 - Logitech)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 97.0.1072.62 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3696039247-2293415178-2957003930-1001\...\OneDriveSetup.exe) (Version: 21.245.1128.0002 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{E876418F-BE59-4D8C-B9A5-74B056B676FA}) (Version: 2.93.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.29.30135 (HKLM-x32\...\{fa7f6d52-f85e-48ef-8f56-a37268aa5772}) (Version: 14.29.30135.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29334 (HKLM-x32\...\{b2d0f752-adc5-496e-8f70-8669de01f746}) (Version: 14.28.29334.0 - Microsoft Corporation)
MSI Afterburner 4.6.4 (HKLM-x32\...\Afterburner) (Version: 4.6.4 - MSI Co., LTD)
MSI Command Center (HKLM-x32\...\{85A2564E-9ED9-448A-91E4-B9211EE58A08}_is1) (Version: 1.0.1.27 - MSI)
MSI Fast Boot (HKLM-x32\...\{0F212E7A-65EB-4668-A8D7-749026A64F8E}_is1) (Version: 1.0.1.15 - MSI)
MSI Gaming APP (HKLM-x32\...\{E0229316-E73B-484B-B9E0-45098AB38D8C}}_is1) (Version: 6.2.0.98 - MSI)
MSI Live Update 6 (HKLM-x32\...\{4F46CF54-47D2-41F4-B230-B0954C544420}}_is1) (Version: 6.2.0.74 - MSI)
MSI Smart Tool (HKLM-x32\...\{DDCCA038-DAB1-4D09-B85C-848020AA75D6}}_is1) (Version: 1.0.0.45 - MSI)
MSI Super Charger (HKLM-x32\...\{7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1) (Version: 1.3.0.29 - MSI)
MSIRegister (HKLM-x32\...\{80B995A4-3A86-4690-98A6-563F1A788835}_is1) (Version: 2.0.0.21 - MSI)
NVIDIA FrameView SDK 1.2.4999.30397803 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.2.4999.30397803 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.24.0.126 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.24.0.126 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.38.94 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.94 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 497.29 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 497.29 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
PDF-XChange Editor (HKLM\...\{E37DEB53-176C-4A81-9ACE-2D6526C29C46}) (Version: 7.0.324.0 - Tracker Software Products (Canada) Ltd.) Hidden
PDF-XChange Editor (HKLM-x32\...\{4653faeb-5a1d-41c4-b1d7-810807561e66}) (Version: 7.0.324.0 - Tracker Software Products (Canada) Ltd.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.32.1206.2018 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8703.1 - Realtek Semiconductor Corp.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.19.3 - TeamViewer)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.12 - VideoLAN)
WeMod (HKU\S-1-5-21-3696039247-2293415178-2957003930-1001\...\WeMod) (Version: 7.2.0 - WeMod)
WinRAR 5.91 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.91.0 - win.rar GmbH)

Packages:
=========
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-03-29] (Microsoft Corporation)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_133.1.340.0_x64__v10z8vjag6ke6 [2021-12-13] (HP Inc.)
HyperX NGENUITY -> C:\Program Files\WindowsApps\33C30B79.HyperXNGenuity_5.6.0.0_x64__0a78dr3hq0pvt [2021-12-15] (Kingston Digital Inc.) [Startup Task]
iCloud -> C:\Program Files\WindowsApps\AppleInc.iCloud_12.5.74.0_x86__nzyj5cx40ttqa [2021-11-18] (Apple Inc.) [Startup Task]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.12.1050.0_x64__8wekyb3d8bbwe [2022-01-13] (Microsoft Studios) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.961.0_x64__56jybvy8sckqj [2021-12-21] (NVIDIA Corp.)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.176.447.0_x86__zpdnekdrzrea0 [2022-01-08] (Spotify AB) [Startup Task]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3696039247-2293415178-2957003930-1001_Classes\CLSID\{5A126EBE-5C86-4779-A145-D971B5D43083} -> [iCloud Drive] => C:\Users\pavda\iCloudDrive [2020-11-09 11:43]
CustomCLSID: HKU\S-1-5-21-3696039247-2293415178-2957003930-1001_Classes\CLSID\{ABF5C86F-22C6-4CD9-A687-EFDD220D27E8} -> [Fotky na iCloudu] => C:\Users\pavda\Pictures\iCloud Photos\Photos [2020-11-09 11:43]
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2210608 2006-10-27] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-08-03] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-08-03] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-08-03] (Adobe Inc. -> )
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-08-03] (Adobe Inc. -> )
ContextMenuHandlers1: [Foxit_ConvertToPDF] -> {C5269811-4A29-4818-A4BB-111F9FC63A5F} => C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\ConvertToPDFShellExtension_x64.dll [2020-04-22] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
ContextMenuHandlers1: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3\x64\shellex.dll [2021-04-17] (Kaspersky Lab JSC -> AO Kaspersky Lab)
ContextMenuHandlers1: [PDFXChange Editor Context menu] -> {2ACD35AB-F74A-4C20-AA9B-2DE80081626D} => C:\Program Files\Tracker Software\Shell Extensions\XCShellMenu.x64.dll [2018-02-01] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-08-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-08-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3\x64\shellex.dll [2021-04-17] (Kaspersky Lab JSC -> AO Kaspersky Lab)
ContextMenuHandlers4: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3\x64\shellex.dll [2021-04-17] (Kaspersky Lab JSC -> AO Kaspersky Lab)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_0bc9105c62ca22fb\nvshext.dll [2021-12-15] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2021-08-03] (Adobe Inc. -> )
ContextMenuHandlers6: [Foxit_ConvertToPDF] -> {C5269811-4A29-4818-A4BB-111F9FC63A5F} => C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\ConvertToPDFShellExtension_x64.dll [2020-04-22] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
ContextMenuHandlers6: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3\x64\shellex.dll [2021-04-17] (Kaspersky Lab JSC -> AO Kaspersky Lab)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-08-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-08-26] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [vidc.i420] => C:\Windows\system32\lvcod64.dll [175392 2012-10-26] (Logitech, Inc. -> Logitech Inc.)
HKLM\...\Drivers32: [vidc.i420] => C:\Windows\SysWOW64\lvcodec2.dll [305000 2012-10-26] (Logitech, Inc. -> Logitech Inc.)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\pavda\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\David - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"

==================== Loaded Modules (Whitelisted) =============

2022-01-17 08:50 - 2022-01-14 12:26 - 000635904 _____ () [File not signed] \\?\C:\Program Files\LGHUB\resources\app.asar.unpacked\node_modules\keytar\build\Release\keytar.node
2020-11-09 11:18 - 2017-08-02 14:48 - 000237568 _____ () [File not signed] C:\Program Files (x86)\MSI\Gaming APP\LEDControl.dll
2021-08-03 07:49 - 2005-07-18 12:43 - 000160256 _____ () [File not signed] C:\Program Files (x86)\MSI\Live Update\unrar.dll
2020-11-09 11:18 - 2016-04-20 14:12 - 000772608 _____ () [File not signed] C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\Lib\USB_DLL.dll
2020-12-08 10:52 - 2021-10-06 02:30 - 126961152 _____ () [File not signed] C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libcef.dll
2020-12-08 10:52 - 2021-10-06 02:30 - 000384000 _____ () [File not signed] C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libegl.dll
2020-12-08 10:52 - 2021-10-06 02:30 - 008006656 _____ () [File not signed] C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libglesv2.dll
2020-11-09 11:18 - 2015-06-23 16:41 - 000082432 _____ (Fintek) [File not signed] C:\Program Files (x86)\MSI\Gaming APP\Lib\FintekUSBDll.dll
2020-12-08 10:53 - 2021-10-06 02:30 - 000983552 _____ (The Chromium Authors) [File not signed] C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\chrome_elf.dll
2020-11-09 11:18 - 2016-10-03 13:43 - 000399872 _____ (TODO: <公司名稱>) [File not signed] C:\Program Files (x86)\MSI\Gaming APP\Lib\SDKDLL.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO: Foxit PhantomPDF Create PDF ToolBar Helper -> {A5DD10F7-5ABB-4EEF-B4C8-6748D44DAF2A} -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\IEAddin\IEAddin_x64.dll [2020-04-22] (FOXIT SOFTWARE INC. -> )
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Foxit PhantomPDF Create PDF ToolBar Helper -> {A5DD10F7-5ABB-4EEF-B4C8-6748D44DAF2A} -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\IEAddin\IEAddin.dll [2020-04-22] (FOXIT SOFTWARE INC. -> )
Toolbar: HKLM - Foxit PhantomPDF Create PDF ToolBar - {BFD9D8A8-57FF-488A-B919-065EC77CF82F} - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\IEAddin\IEAddin_x64.dll [2020-04-22] (FOXIT SOFTWARE INC. -> )
Toolbar: HKLM-x32 - Foxit PhantomPDF Create PDF ToolBar - {BFD9D8A8-57FF-488A-B919-065EC77CF82F} - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\IEAddin\IEAddin.dll [2020-04-22] (FOXIT SOFTWARE INC. -> )

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-12-07 10:14 - 2019-12-07 10:12 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3696039247-2293415178-2957003930-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\pavda\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\1647017.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run32: => "Live Update"
HKLM\...\StartupApproved\Run32: => "Super Charger"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{7EDE95A2-46C3-423E-8B93-00021D97D721}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{05F1760D-C120-4447-A621-E29FF86CA303}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{818B01BF-99EE-4C85-BF1F-9AD015FFD785}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{9A613CAD-E7BD-455C-87A6-BC46FA813A00}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{F1CAC29F-F0E5-45DC-A676-E8553E3BA1D3}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{8D69227C-D4E6-4147-A8A8-C8B3BC6D0B8C}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{6B20BB32-7B5F-428F-A446-55CF25C7A465}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{5F5D5A45-D998-49DA-A6FB-51A358EF3CBF}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{9DB41E61-F578-46F0-BB3C-E60F43C909A6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve Corp. -> )
FirewallRules: [{4324621C-7F2D-466A-8C49-14715154A5B9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe (Valve Corp. -> )
FirewallRules: [{C4A7693C-9F46-4B02-A98D-70D21A09DDC5}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{FBEEECE4-F928-4610-B5F6-8F59DDE81948}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{0F05AA22-1DE8-4DA2-B42C-413FF9AEFFFB}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{736EF494-E0D2-4292-B592-93AEEF4E1A08}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{62CD1055-2B83-4DE4-9E6F-2CC1CBA40ED1}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{FCC6A477-8A0F-4AE0-A713-3345F700188A}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{4E7A1149-E44F-4816-AAFA-3566C5EFBBE1}] => (Allow) D:\Games\steamapps\common\theHunterCotW\theHunterCotW_F.exe () [File not signed]
FirewallRules: [{6FCFD664-DA28-407C-A2ED-3881E8FB401A}] => (Allow) D:\Games\steamapps\common\theHunterCotW\theHunterCotW_F.exe () [File not signed]
FirewallRules: [{BAB7137C-8CD8-4098-B127-378BACFC174B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{7B6C7251-6881-4FA6-B0A3-BDE15B3C8F7A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{59ADB865-746D-4101-AF07-7020B2F7C9BA}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{4C948368-F046-4909-98F2-C867D1D67AB1}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [TCP Query User{0AF01C60-B457-4022-BD4B-B760E6D4205E}D:\games\steamapps\common\partisans 1941\partisans\binaries\win64\partisans-win64-shipping.exe] => (Allow) D:\games\steamapps\common\partisans 1941\partisans\binaries\win64\partisans-win64-shipping.exe => No File
FirewallRules: [UDP Query User{C7C5208D-9490-474E-AB7E-E5756CDFFFA0}D:\games\steamapps\common\partisans 1941\partisans\binaries\win64\partisans-win64-shipping.exe] => (Allow) D:\games\steamapps\common\partisans 1941\partisans\binaries\win64\partisans-win64-shipping.exe => No File
FirewallRules: [{8E26848D-1FC5-49CF-9455-55A39388377A}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{ADB11510-34DC-46BB-91BD-584E003B9098}C:\program files\lghub\lghub_agent.exe] => (Allow) C:\program files\lghub\lghub_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [UDP Query User{E56E053E-5384-484B-AB8F-6182118ABA55}C:\program files\lghub\lghub_agent.exe] => (Allow) C:\program files\lghub\lghub_agent.exe (Logitech Inc -> Logitech, Inc.)
FirewallRules: [{ACD19F51-D53C-4C83-A552-D4FEB311E7D7}] => (Allow) D:\Games\steamapps\common\DiRT Rally 2.0\dirtrally2.exe (Codemasters Software Company Limited) [File not signed]
FirewallRules: [{67499F86-5E4E-466A-B44B-E6ACCBFC4BC5}] => (Allow) D:\Games\steamapps\common\DiRT Rally 2.0\dirtrally2.exe (Codemasters Software Company Limited) [File not signed]
FirewallRules: [{2AC0A0CE-2EA4-4DC3-92B6-90C704BA8AD6}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{CD04FF09-DEF0-4F72-B613-A85BDFA38BE1}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{507A0182-B5F4-49BB-B2DF-F9E0CEEED06F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{FCC9A0EB-50AA-49B2-B29E-47154F69D14A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F7534B46-E4C3-401C-8798-4FBCBC9D7EF2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{3A2F1EDC-1541-4D3D-BEE2-2EF14B1AFF05}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{BF29D857-2783-40C8-A53A-BFD970A44B0F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{68706C2E-5571-47BA-A0E3-516BFF26BAD8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (Nvidia Corporation -> NVIDIA Corporation)
FirewallRules: [{C61A57BF-D27D-4E46-BFDF-78D84DC14C91}] => (Allow) D:\Games\BsgLauncher\BsgLauncher.exe (BATTLESTATE GAMES LIMITED -> Battlestate Games)
FirewallRules: [{770A2DD4-4AA2-42C3-BB7F-F788213F9F5A}] => (Allow) D:\Games\BsgLauncher\BsgLauncher.exe (BATTLESTATE GAMES LIMITED -> Battlestate Games)
FirewallRules: [{36C7CD89-82EA-4B6E-8AB9-93C80AB176B3}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{2B138AA8-7B6C-4791-A6FC-D42EE269EB46}] => (Allow) LPort=26789
FirewallRules: [{183E954F-5756-41FA-A229-BFB13F68B78A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.176.447.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{6BB0E85C-FCDB-445D-AB43-24C56448342B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.176.447.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{E053109A-3BBA-4711-A8FF-95CC77CFA64F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.176.447.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{6ADF4A5D-E144-4180-8EBD-CFA1CDCC3162}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.176.447.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{70B2E28F-4903-497E-AAB4-3F04FAD8028E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.176.447.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{D366CABD-3D55-46A1-BEE9-DF68D25F47E4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.176.447.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{D25775B9-9EF6-47A9-8451-3DDD3EDD5A8E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.176.447.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{95C58B1A-D322-4257-ACC1-4C01B5950BA8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.176.447.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{F8DB6354-D415-42F6-8E9D-C7A4201A2854}] => (Allow) D:\Games\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{4101BBCA-CE89-4417-9EDE-99BFA12F5FFB}] => (Allow) D:\Games\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{DAED54C3-FC42-4400-BFE2-64C0E5782096}] => (Allow) D:\Games\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)
FirewallRules: [{3B73E878-F317-450E-8F2D-D8FBF906DCFA}] => (Allow) D:\Games\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe (SCS Software s.r.o. -> SCS Software)

==================== Restore Points =========================

ATTENTION: System Restore is disabled (Total:111.19 GB) (Free:11.07 GB) (10%)

==================== Faulty Device Manager Devices ============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: ========================

Application errors:
==================
Error: (01/11/2022 02:18:45 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na (D:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)

Error: (01/11/2022 11:16:05 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: MSI_LED.exe, verze: 6.2.0.96, časové razítko: 0xf3f2611b
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x04322509
ID chybujícího procesu: 0x8488
Čas spuštění chybující aplikace: 0x01d806c69d6df387
Cesta k chybující aplikaci: C:\Program Files (x86)\MSI\Gaming APP\MSI_LED.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 7e505b8d-61e0-4179-9941-0946ce3b973b
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (01/11/2022 09:38:34 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: MSI_LED.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.NullReferenceException
na MSI_LED.Class_NDA_FN.Init_NDA_Fn()
na MSI_LED.Class_Fun_VGA.Init_VGA()
na MSI_LED.App.Application_Startup(System.Object, System.Windows.StartupEventArgs)
na System.Windows.Application.OnStartup(System.Windows.StartupEventArgs)
na System.Windows.Application.<.ctor>b__1_0(System.Object)
na System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
na System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
na System.Windows.Threading.DispatcherOperation.InvokeImpl()
na System.Windows.Threading.DispatcherOperation.InvokeInSecurityContext(System.Object)
na System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
na System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
na System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
na MS.Internal.CulturePreservingExecutionContext.Run(MS.Internal.CulturePreservingExecutionContext, System.Threading.ContextCallback, System.Object)
na System.Windows.Threading.DispatcherOperation.Invoke()
na System.Windows.Threading.Dispatcher.ProcessQueue()
na System.Windows.Threading.Dispatcher.WndProcHook(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
na MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
na MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
na System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
na System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
na System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
na MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
na MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
na System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
na System.Windows.Threading.Dispatcher.PushFrame(System.Windows.Threading.DispatcherFrame)
na System.Windows.Application.RunDispatcher(System.Object)
na System.Windows.Application.RunInternal(System.Windows.Window)
na System.Windows.Application.Run(System.Windows.Window)
na System.Windows.Application.Run()
na MSI_LED.App.Main()

Error: (01/10/2022 04:04:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: theHunterCotW_F.exe, verze: 0.0.0.0, časové razítko: 0x619bc2f1
Název chybujícího modulu: CELib_x64.dll, verze: 6.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000000b48e
ID chybujícího procesu: 0x2280
Čas spuštění chybující aplikace: 0x01d8062acc117819
Cesta k chybující aplikaci: D:\Games\steamapps\common\theHunterCotW\theHunterCotW_F.exe
Cesta k chybujícímu modulu: C:\Users\pavda\AppData\Local\WeMod\app-7.2.0\resources\app.asar.unpacked\static\unpacked\trainerlib\CELib_x64.dll
ID zprávy: 7671f66a-cae4-4a34-8b9b-fbe90e40aeda
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (01/10/2022 12:44:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: theHunterCotW_F.exe, verze: 0.0.0.0, časové razítko: 0x619bc2f1
Název chybujícího modulu: CELib_x64.dll, verze: 6.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000000b48e
ID chybujícího procesu: 0x5388
Čas spuštění chybující aplikace: 0x01d8060b6173145a
Cesta k chybující aplikaci: D:\Games\steamapps\common\theHunterCotW\theHunterCotW_F.exe
Cesta k chybujícímu modulu: C:\Users\pavda\AppData\Local\WeMod\app-7.2.0\resources\app.asar.unpacked\static\unpacked\trainerlib\CELib_x64.dll
ID zprávy: 531cfbed-72d3-4dbe-9f74-0c10d2b0eb16
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (01/09/2022 08:00:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: theHunterCotW_F.exe, verze: 0.0.0.0, časové razítko: 0x619bc2f1
Název chybujícího modulu: CELib_x64.dll, verze: 6.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000000b421
ID chybujícího procesu: 0x43c8
Čas spuštění chybující aplikace: 0x01d80582aab8d387
Cesta k chybující aplikaci: D:\Games\steamapps\common\theHunterCotW\theHunterCotW_F.exe
Cesta k chybujícímu modulu: C:\Users\pavda\AppData\Local\WeMod\app-7.2.0\resources\app.asar.unpacked\static\unpacked\trainerlib\CELib_x64.dll
ID zprávy: 3b73334e-b77f-402d-a39f-257e711925cb
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (01/07/2022 10:37:03 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe se nezdařilo.
Závislé sestavení Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (01/07/2022 10:37:02 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generování kontextu aktivace pro C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe se nezdařilo.
Závislé sestavení Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8" nelze najít.
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.


System errors:
=============
Error: (01/17/2022 12:37:48 AM) (Source: DCOM) (EventID: 10010) (User: DAVID-P)
Description: Server {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} se v daném časovém limitu neregistroval u služby DCOM.

Error: (01/15/2022 08:56:52 PM) (Source: DCOM) (EventID: 10010) (User: DAVID-P)
Description: Server {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} se v daném časovém limitu neregistroval u služby DCOM.

Error: (01/14/2022 10:06:57 PM) (Source: DCOM) (EventID: 10010) (User: DAVID-P)
Description: Server {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} se v daném časovém limitu neregistroval u služby DCOM.

Error: (01/14/2022 02:28:55 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9NFFX4SZZ23L-Microsoft.549981C3F5F10.

Error: (01/14/2022 12:08:08 AM) (Source: DCOM) (EventID: 10010) (User: DAVID-P)
Description: Server {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} se v daném časovém limitu neregistroval u služby DCOM.

Error: (01/13/2022 11:41:18 AM) (Source: DCOM) (EventID: 10010) (User: DAVID-P)
Description: Server {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} se v daném časovém limitu neregistroval u služby DCOM.

Error: (01/13/2022 11:02:23 AM) (Source: DCOM) (EventID: 10010) (User: DAVID-P)
Description: Server Windows.Media.Capture.Internal.AppCaptureShell se v daném časovém limitu neregistroval u služby DCOM.

Error: (01/13/2022 09:49:14 AM) (Source: Schannel) (EventID: 4103) (User: NT AUTHORITY)
Description: Při vytváření přihlašovacích údajů TLS Klient se stala závažná chyba. Stav interní chyby je 10013.


CodeIntegrity:
===============
Date: 2022-01-17 10:21:34
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3\avp.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

BIOS: American Megatrends Inc. V2.9 03/30/2015
Motherboard: MSI B85-G41 PC Mate(MS-7850)
Processor: Intel(R) Core(TM) i5-4590 CPU @ 3.30GHz
Percentage of memory in use: 33%
Total physical RAM: 16308.86 MB
Available physical RAM: 10831.98 MB
Total Virtual: 18740.86 MB
Available Virtual: 12233.23 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:111.19 GB) (Free:11.07 GB) NTFS
Drive d: () (Fixed) (Total:931.51 GB) (Free:145.95 GB) NTFS

\\?\Volume{c60b2c66-5f92-47d8-92fc-2f330a157e06}\ () (Fixed) (Total:0.49 GB) (Free:0.08 GB) NTFS
\\?\Volume{5af442b2-4dec-4294-95ce-b46bae5c121a}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 111.8 GB) (Disk ID: 78DE7149)

Partition: GPT.

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 78DE7146)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================
Nahoru
ptdave
Návštěvník
Návštěvník
Příspěvky: 77
Registrován: 01 zář 2012 11:28

Re: preventivní kontrola

#2 Příspěvek od ptdave »

log z rsit

Logfile of random's system information tool 1.10 (written by random/random)
Run by David at 2022-01-17 10:27:17
Microsoft Windows 10 Pro
System drive C: has 11 GB (10%) free of 114 GB
Total RAM: 16309 MB (69% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:27:21, on 17.01.2022
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.19041.1202)
Boot mode: Normal

Running processes:
C:\Windows\SysWOW64\muachost.exe
C:\Program Files (x86)\MSI\Gaming APP\GamingHotkey.exe
C:\Program Files (x86)\MSI\Gaming APP\MSI_LED.exe
C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
C:\Program Files (x86)\Steam\steam.exe
C:\Program Files\WindowsApps\AppleInc.iCloud_12.5.74.0_x86__nzyj5cx40ttqa\iCloud\iCloudServices.exe
C:\Program Files\WindowsApps\AppleInc.iCloud_12.5.74.0_x86__nzyj5cx40ttqa\iCloud\APSDaemon.exe
C:\Program Files\WindowsApps\AppleInc.iCloud_12.5.74.0_x86__nzyj5cx40ttqa\iCloud\iCloudDrive.exe
C:\Program Files\WindowsApps\AppleInc.iCloud_12.5.74.0_x86__nzyj5cx40ttqa\iCloud\secd.exe
C:\Program Files\WindowsApps\AppleInc.iCloud_12.5.74.0_x86__nzyj5cx40ttqa\iCloud\iCloudPhotos.exe
C:\Program Files (x86)\MSI\Fast Boot\FastBoot.exe
C:\Program Files\WindowsApps\AppleInc.iCloud_12.5.74.0_x86__nzyj5cx40ttqa\iCloud\iCloudChrome.exe
C:\Program Files\WindowsApps\AppleInc.iCloud_12.5.74.0_x86__nzyj5cx40ttqa\iCloud\ApplePhotoStreams.exe
C:\Program Files\trend micro\David.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: IEToEdge BHO - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\97.0.1072.62\BHO\ie_to_edge_bho.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office12\GR469A~1.DLL
O2 - BHO: Foxit PhantomPDF Create PDF ToolBar Helper - {A5DD10F7-5ABB-4EEF-B4C8-6748D44DAF2A} - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\IEAddin\IEAddin.dll
O3 - Toolbar: Foxit PhantomPDF Create PDF ToolBar - {BFD9D8A8-57FF-488A-B919-065EC77CF82F} - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\IEAddin\IEAddin.dll
O4 - HKLM\..\Run: [Super Charger] C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Fast Boot] C:\Program Files (x86)\MSI\Fast Boot\StartFastBoot.exe
O4 - HKLM\..\Run: [Live Update] C:\Program Files (x86)\MSI\Live Update\Live Update.exe /REMINDER
O4 - HKLM\..\Run: [MSIRegister] "C:\Program Files (x86)\MSI\MSIRegister\MSIRegister.exe"
O4 - HKLM\..\Run: [Command Center] C:\Program Files (x86)\MSI\Command Center\StartCommandCenter.exe
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~2\Office12\GRA32A~1.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Služba Kaspersky Anti-Virus 21.3 (AVP21.3) - AO Kaspersky Lab - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3\avp.exe
O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100 (CredentialEnrollmentManagerUserSvc) - Unknown owner - C:\Windows\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: CredentialEnrollmentManagerUserSvc_3cd67df - Unknown owner - C:\Windows\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: FACEITService - Unknown owner - C:\Program Files\FACEIT AC\faceitservice.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Foxit PhantomPDF Update Service (FoxitPhantomPDFUpdateService) - Foxit Software Inc. - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\FoxitPhantomPDFUpdateService.exe
O23 - Service: Foxit Reader Update Service (FoxitReaderUpdateService) - Foxit Software Inc. - C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitReaderUpdateService.exe
O23 - Service: NVIDIA FrameView SDK service (FvSvc) - NVIDIA - C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe
O23 - Service: GamingApp_Service - Micro-Star Int'l Co., Ltd. - C:\Program Files (x86)\MSI\Gaming APP\GamingApp_Service.exe
O23 - Service: MSI Gaming Hotkey Service (GamingHotkey_Service) - Micro-Star INT'L CO., LTD. - C:\Program Files (x86)\MSI\Gaming APP\GamingHotkey_Service.exe
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) (GoogleChromeElevationService) - Google LLC - C:\Program Files\Google\Chrome\Application\97.0.4692.71\elevation_service.exe
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google LLC - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google LLC - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Kaspersky Volume Shadow Copy Service Bridge 21.3 (klvssbridge64_21.3) - AO Kaspersky Lab - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3\x64\vssbridge64.exe
O23 - Service: LGHUB Updater Service (LGHUBUpdaterService) - Logitech, Inc. - C:\Program Files\LGHUB\lghub_updater.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: MSI Command Center Clock Service (MSIClock_CC) - MSI - C:\Program Files (x86)\MSI\Command Center\ClockGen\MSIClockService.exe
O23 - Service: MSI Command Center Comm Service (MSICOMM_CC) - MSI - C:\Program Files (x86)\MSI\Command Center\MSICommService.exe
O23 - Service: MSI Command Center CPU Service (MSICPU_CC) - MSI - C:\Program Files (x86)\MSI\Command Center\CPU\MSICPUService.exe
O23 - Service: MSI Command Center control Service (MSICTL_CC) - MSI - C:\Program Files (x86)\MSI\Command Center\MSIControlService.exe
O23 - Service: MSI Command Center DDR Service (MSIDDR_CC) - MSI - C:\Program Files (x86)\MSI\Command Center\DDR\MSIDDRService.exe
O23 - Service: MSIREGISTER_MR - Micro-Star INT'L CO., LTD. - C:\Program Files (x86)\MSI\MSIRegister\MSIRegisterService.exe
O23 - Service: MSI Command Center SMBus Service (MSISMB_CC) - MSI - C:\Program Files (x86)\MSI\Command Center\SMBus\MSISMBService.exe
O23 - Service: MSI Command Center SuperIO Service (MSISuperIO_CC) - MSI - C:\Program Files (x86)\MSI\Command Center\SuperIO\MSISuperIOService.exe
O23 - Service: MSI_ActiveX_Service - Micro-Star INT'L CO., LTD. - C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\MSI_ActiveX_Service.exe
O23 - Service: MSI Fast Boot Service (MSI_FastBoot) - MSI - C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe
O23 - Service: MSI Live Update Service (MSI_LiveUpdate_Service) - Micro-Star INT'L CO., LTD. - C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe
O23 - Service: MSI Super Charger Service (MSI_SuperCharger) - MSI - C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_0bc9105c62ca22fb\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: @%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101 (perceptionsimulation) - Unknown owner - C:\Windows\system32\PerceptionSimulation\PerceptionSimulationService.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\Windows\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001 (Sense) - Unknown owner - C:\Program Files (x86)\Windows Defender Advanced Threat Protection\MsSense.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\Windows\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\Windows\system32\SgrmBroker.exe (file missing)
O23 - Service: @firewallapi.dll,-50323 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\Windows\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer - TeamViewer Germany GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\Windows\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) Extreme Tuning Utility Service (XTU3SERVICE) - Intel(R) Corporation - C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe

--
End of file - 14017 bytes

======Listing Processes======









C:\Windows\system32\svchost.exe -k DcomLaunch -p
"fontdrvhost.exe"
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-36d6f176-2f4f-4861-9186-7b19a359663a -SystemEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-bd57a27b-9b1f-492b-9a45-c96c69ad0e53 -IoCancelEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-423c5a59-84e2-4a88-b355-acde0bb4d849 -NonStateChangingEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-6fb29f9a-5a3f-4bf0-b329-02ea5c810902 -LifetimeId:c929724c-7c05-4e75-bcd8-da231e4ca857 -DeviceGroupId: -HostArg:0
C:\Windows\system32\svchost.exe -k RPCSS -p
C:\Windows\system32\svchost.exe -k DcomLaunch -p -s LSM
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s NcbService
C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s TimeBrokerSvc
C:\Windows\system32\svchost.exe -k netsvcs -p -s Schedule
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s hidserv
C:\Windows\system32\svchost.exe -k netsvcs -p -s ProfSvc
C:\Windows\system32\svchost.exe -k LocalService -p -s PhoneSvc
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s EventLog
C:\Windows\system32\svchost.exe -k netsvcs -p -s UserManager
C:\Windows\system32\svchost.exe -k LocalService -p -s nsi
C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s Dhcp
C:\Windows\system32\svchost.exe -k LocalService -p
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork -p
C:\Windows\System32\svchost.exe -k NetworkService -p -s NlaSvc
C:\Windows\System32\svchost.exe -k LocalService -p -s netprofm
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-5db78b3c-efcd-4c6b-9b62-269da8b83615 -SystemEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-63b63b48-a809-42f8-a4e2-c4641342248a -IoCancelEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-10a88836-0261-48e6-bb66-43319ac6ad35 -NonStateChangingEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-4d032df2-f0df-4bcf-85d2-bb4aee8b8418 -LifetimeId:4347b853-e217-4b0d-9904-0000f0a8ae81 -DeviceGroupId:WpdFsGroup -HostArg:0
C:\Windows\system32\svchost.exe -k LocalService -p -s DispBrokerDesktopSvc
C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_0bc9105c62ca22fb\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_0bc9105c62ca22fb\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s WinHttpAutoProxySvc
C:\Windows\system32\svchost.exe -k NetworkService -p -s Dnscache
C:\Windows\system32\svchost.exe -k LocalService -p -s EventSystem
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s SysMain
C:\Windows\System32\svchost.exe -k netsvcs -p -s Themes

C:\Windows\system32\svchost.exe -k netsvcs -p -s SENS
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s AudioEndpointBuilder
C:\Windows\system32\svchost.exe -k LocalService -p -s FontCache
C:\Windows\system32\svchost.exe -k netsvcs -p -s Winmgmt
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\Windows\system32\svchost.exe -k appmodel -p -s StateRepository
C:\Windows\system32\svchost.exe -k LocalServiceNoNetworkFirewall -p
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted -s RmSvc
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p
C:\Windows\System32\svchost.exe -k NetSvcs -p -s iphlpsvc
C:\Windows\System32\svchost.exe -k netsvcs -p -s ShellHWDetection
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\System32\svchost.exe -k NetworkService -p -s LanmanWorkstation
"C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
C:\Windows\system32\svchost.exe -k netsvcs -p -s LanmanServer

"C:\Program Files\Bonjour\mDNSResponder.exe"
C:\Windows\system32\svchost.exe -k NetworkService -p -s CryptSvc
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DeviceAssociationService
C:\Windows\System32\svchost.exe -k utcsvc -p
C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork -p -s DPS
"C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\FoxitPhantomPDFUpdateService.exe"
"C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitReaderUpdateService.exe"
"C:\Program Files (x86)\MSI\Gaming APP\GamingApp_Service.exe"
"C:\Program Files (x86)\MSI\Gaming APP\GamingHotkey_Service.exe"
"C:\Program Files (x86)\MSI\Command Center\MSIControlService.exe"
"C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\MSI_ActiveX_Service.exe"
C:\Windows\System32\svchost.exe -k LocalService -p -s WdiServiceHost
"C:\Program Files (x86)\MSI\MSIRegister\MSIRegisterService.exe"
"C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe"
"C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe"
"C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe"
"C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerLocalSystem -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll"
C:\Windows\system32\svchost.exe -k LocalService -p -s SstpSvc
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
dashost.exe {dc388492-0936-4330-b18c58c077f4052b}
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s TrkWks
C:\Windows\system32\svchost.exe -k netsvcs -p -s WpnService
C:\Windows\system32\svchost.exe -k LocalService -p -s fdPHost
C:\Windows\System32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation -p -s FDResPub
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation -p -s SSDPSRV
dashost.exe {9bc1d646-d41e-490c-a5a2fae9e91dc802}
C:\Windows\system32\svchost.exe -k netsvcs -p -s TokenBroker
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s TabletInputService
C:\Windows\system32\svchost.exe -k LocalService -p -s CDPSvc
C:\Windows\sysWOW64\wbem\wmiprvse.exe -Embedding
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s PcaSvc
C:\Windows\system32\svchost.exe -k netsvcs -p -s UsoSvc
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler64.exe"
C:\Windows\System32\svchost.exe -k LocalService -p -s LicenseManager
C:\Windows\system32\svchost.exe -k netsvcs -p -s Appinfo
C:\Windows\system32\svchost.exe -k LocalService -p -s BthAvctpSvc
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s StorSvc

"C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe"
"C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe"

"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation -p -s upnphost

C:\Windows\System32\svchost.exe -k netsvcs -p
C:\Windows\sysWOW64\wbem\wmiprvse.exe -Embedding
C:\Windows\system32\svchost.exe -k netsvcs -p -s lfsvc
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s DsSvc
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DisplayEnhancementService
C:\Windows\System32\mousocoreworker.exe -Embedding
C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork -p -s NcdAutoSetup

C:\Windows\System32\WinLogon.exe -SpecialSession
"fontdrvhost.exe"
"dwm.exe"
"C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_0bc9105c62ca22fb\Display.NvContainer\NVDisplay.Container.exe" -f %ProgramData%\NVIDIA\DisplaySessionContainer%d.log -d C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_0bc9105c62ca22fb\Display.NvContainer\plugins\Session -r -l 3 -p 30000 -cfg NVDisplay.ContainerLocalSystem\Session -c
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s lmhosts
"C:\Program Files (x86)\MSI\Command Center\DDR\MSIDDRService.exe"
"C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -f "C:\ProgramData\NVIDIA\NvContainerUser%dSPUser.log" -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\SPUser" -r -l 3 -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll" -c
"C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -f "C:\ProgramData\NVIDIA\NvContainerUser%d.log" -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\User" -r -l 3 -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll" -c
sihost.exe
C:\Windows\system32\svchost.exe -k UnistackSvcGroup -s CDPUserSvc
C:\Windows\system32\svchost.exe -k UnistackSvcGroup -s WpnUserService
C:\Windows\SysWOW64\muachost.exe
"C:\Program Files (x86)\MSI\Gaming APP\GamingHotkey.exe" --normal
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
"C:\Program Files (x86)\MSI\Gaming APP\MSI_LED.exe" --start
"C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\VideoCardMonitorII.exe"
"C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\EyeRest.exe"
"C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\TriggerModeMonitor.exe"
C:\Windows\Explorer.EXE
"ctfmon.exe"
C:\Windows\system32\svchost.exe -k ClipboardSvcGroup -p -s cbdhsvc
C:\Windows\system32\SettingSyncHost.exe -Embedding
"C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe" -ServerName:App.AppXywbrabmsek0gm3tkwpr5kwzbs55tkqay.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe" -ServerName:CortanaUI.AppX8z9r6jm96hw4bsbneegw0kyxx296wr9t.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding

C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe" index.js
\??\C:\Windows\system32\conhost.exe 0x4
C:\Windows\System32\svchost.exe -k UnistackSvcGroup
"C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe"
"C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe"
"C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\InputApp\TextInputHost.exe" -ServerName:InputApp.AppX9jnwykgrccxc8by3hsrsh07r423xzvav.mca
"C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe" --type=gpu-process --field-trial-handle=1996,17921002025272728069,13694406917520377717,131072 --disable-features=VizDisplayCompositor --no-sandbox --log-file="C:\Users\pavda\AppData\Local\NVIDIA Corporation\NVIDIA Share\debug.log" --lang=en-US --gpu-preferences=KAAAAAAAAACACwAAAQAAAAAAAAAAAGAAAAAAAAEAAAAIAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAFAAAAEAAAAAAAAAAAAAAABgAAABAAAAAAAAAAAQAAAAUAAAAQAAAAAAAAAAEAAAAGAAAA --log-file="C:\Users\pavda\AppData\Local\NVIDIA Corporation\NVIDIA Share\debug.log" --service-request-channel-token=1791968389224846782 --mojo-platform-channel-handle=2020 /prefetch:2
"C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe" --type=renderer --no-sandbox --autoplay-policy=no-user-gesture-required --log-file="C:\Users\pavda\AppData\Local\NVIDIA Corporation\NVIDIA Share\debug.log" --field-trial-handle=1996,17921002025272728069,13694406917520377717,131072 --disable-features=VizDisplayCompositor --service-pipe-token=15834036958869741346 --lang=en-US --log-file="C:\Users\pavda\AppData\Local\NVIDIA Corporation\NVIDIA Share\debug.log" --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=15834036958869741346 --renderer-client-id=3 --mojo-platform-channel-handle=2624 /prefetch:1
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files (x86)\Steam\steam.exe" -silent
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" "-lang=cs_CZ" "-cachedir=C:\Users\pavda\AppData\Local\Steam\htmlcache" "-steampid=3508" "-buildid=1639697812" "-steamid=0" "-logdir=C:\Program Files (x86)\Steam\logs" "-composer-mode=0" "-steamuniverse=Public" "-realm=Global" "-clientui=C:\Program Files (x86)\Steam\clientui" --enable-blink-features=ResizeObserver,Worklet,AudioWorklet --enable-media-stream --enable-smooth-scrolling --enable-direct-write "--log-file=C:\Program Files (x86)\Steam\logs\cef_log.txt" --disable-quick-menu
"C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=crashpad-handler /prefetch:7 --max-uploads=5 --max-db-size=20 --max-db-age=5 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Program Files (x86)\Steam\dumps" "--metrics-dir=C:\Users\pavda\AppData\Local\CEF\User Data" --url=http://crash.steampowered.com/submit --annotation=platform=win64 --annotation=product=cefwebhelper --annotation=version=1639697812 --initial-client-data=0x3a0,0x3a4,0x3a8,0x37c,0x3ac,0x7ffabbd6df90,0x7ffabbd6dfa0,0x7ffabbd6dfb0
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=gpu-process --field-trial-handle=1492,2944777095648891558,13519635246179749669,131072 --enable-features=CastMediaRouteProvider --disable-features=OutOfBlinkCors --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --product-version="Valve Steam Client" --lang=cs-CZ --buildid=1639697812 --steamid=0 --gpu-preferences=MAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAQAAAAAAAAAAAAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAA= --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --mojo-platform-channel-handle=1720 /prefetch:2
"C:\Program Files\WindowsApps\AppleInc.iCloud_12.5.74.0_x86__nzyj5cx40ttqa\iCloud\iCloudServices.exe"
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1492,2944777095648891558,13519635246179749669,131072 --enable-features=CastMediaRouteProvider --disable-features=OutOfBlinkCors --lang=cs --service-sandbox-type=network --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --product-version="Valve Steam Client" --lang=cs-CZ --buildid=1639697812 --steamid=0 --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --mojo-platform-channel-handle=2224 /prefetch:8
"C:\Program Files\WindowsApps\AppleInc.iCloud_12.5.74.0_x86__nzyj5cx40ttqa\iCloud\APSDaemon.exe" -Embedding
"C:\Program Files\WindowsApps\AppleInc.iCloud_12.5.74.0_x86__nzyj5cx40ttqa\iCloud\iCloudDrive.exe"
C:\Program Files\WindowsApps\AppleInc.iCloud_12.5.74.0_x86__nzyj5cx40ttqa\iCloud\secd.exe -Embedding
"C:\Program Files\WindowsApps\AppleInc.iCloud_12.5.74.0_x86__nzyj5cx40ttqa\iCloud\iCloudPhotos.exe"
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=renderer --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --field-trial-handle=1492,2944777095648891558,13519635246179749669,131072 --enable-features=CastMediaRouteProvider --disable-features=OutOfBlinkCors --enable-blink-features=ResizeObserver,Worklet,AudioWorklet --lang=cs --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --product-version="Valve Steam Client" --buildid=1639697812 --steamid=0 --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2708 /prefetch:1
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=renderer --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --field-trial-handle=1492,2944777095648891558,13519635246179749669,131072 --enable-features=CastMediaRouteProvider --disable-features=OutOfBlinkCors --enable-blink-features=ResizeObserver,Worklet,AudioWorklet --lang=cs --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --product-version="Valve Steam Client" --buildid=1639697812 --steamid=0 --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=3176 /prefetch:1
C:\Windows\system32\ApplicationFrameHost.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\WindowsApps\33C30B79.HyperXNGenuity_5.6.0.0_x64__0a78dr3hq0pvt\Assets\Native\NGenuity2Helper.exe" /InvokerPRAID: App
"C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2111.12605.0_x64__8wekyb3d8bbwe\Cortana.exe" -ServerName:App.AppX2y379sjp88wjq1y80217mddj3fargf2y.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\system32\svchost.exe -k AarSvcGroup -p -s AarSvc
"C:\Program Files (x86)\MSI\Fast Boot\FastBoot.exe"
"C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2111.12605.0_x64__8wekyb3d8bbwe\Win32Bridge.Server.exe" /InvokerPRAID: App
"C:\Windows\ImmersiveControlPanel\SystemSettings.exe" -ServerName:microsoft.windows.immersivecontrolpanel
C:\Windows\System32\oobe\UserOOBEBroker.exe -Embedding
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=renderer --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --field-trial-handle=1492,2944777095648891558,13519635246179749669,131072 --enable-features=CastMediaRouteProvider --disable-features=OutOfBlinkCors --enable-blink-features=ResizeObserver,Worklet,AudioWorklet --lang=cs --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --product-version="Valve Steam Client" --buildid=1639697812 --steamid=0 --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=3124 /prefetch:1
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1492,2944777095648891558,13519635246179749669,131072 --enable-features=CastMediaRouteProvider --disable-features=OutOfBlinkCors --lang=cs --service-sandbox-type=audio --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --product-version="Valve Steam Client" --lang=cs-CZ --buildid=1639697812 --steamid=0 --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --mojo-platform-channel-handle=3588 /prefetch:8
"C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\system32\svchost.exe -k DcomLaunch -p -s DeviceInstall
"C:\Program Files\LGHUB\lghub_updater.exe" --run-as-service
C:\Program Files\LGHUB\lghub.exe --background
"C:\Program Files\LGHUB\lghub_agent.exe"
"C:\Program Files\LGHUB\lghub.exe" --type=gpu-process --field-trial-handle=1780,5823708179140449070,5500399899968374124,131072 --disable-features=CookiesWithoutSameSiteMustBeSecure,SameSiteByDefaultCookies,SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1872 /prefetch:2
"C:\Program Files\LGHUB\lghub.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1780,5823708179140449070,5500399899968374124,131072 --disable-features=CookiesWithoutSameSiteMustBeSecure,SameSiteByDefaultCookies,SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand --lang=cs --service-sandbox-type=none --mojo-platform-channel-handle=2040 /prefetch:8
"C:\Program Files\LGHUB\logi_crashpad_handler.exe" --no-rate-limit --database=C:\Users\pavda\AppData\Local\LGHUB\sentry_db_lghub_agent --metrics-dir=C:\Users\pavda\AppData\Local\LGHUB\sentry_db_lghub_agent --url=https://sentry.io:443/api/1779200/minid ... 87a6be91ab --attachment=C:\ProgramData\LGHUB\installation.json --attachment=C:\ProgramData\LGHUB\next.json --attachment=C:\ProgramData\LGHUB\current.json --attachment=C:\Users\pavda\AppData\Local\LGHUB\settings.db --attachment=C:\Users\pavda\AppData\Local\LGHUB\sentry_db_lghub_agent\ca962527-fe40-4734-9668-bf56e81c9f1c.run\__sentry-event --attachment=C:\Users\pavda\AppData\Local\LGHUB\sentry_db_lghub_agent\ca962527-fe40-4734-9668-bf56e81c9f1c.run\__sentry-breadcrumb1 --attachment=C:\Users\pavda\AppData\Local\LGHUB\sentry_db_lghub_agent\ca962527-fe40-4734-9668-bf56e81c9f1c.run\__sentry-breadcrumb2 --initial-client-data=0x908,0x90c,0x910,0x8f4,0x914,0x7ff703b6a4b8,0x7ff703b6a4d8,0x7ff703b6a4f0
"C:\Program Files\LGHUB\logi_crashpad_handler.exe" --no-rate-limit --database=C:\Windows\system32\config\systemprofile\AppData\Local\LGHUB\sentry_db_lghub_updater --metrics-dir=C:\Windows\system32\config\systemprofile\AppData\Local\LGHUB\sentry_db_lghub_updater --url=https://sentry.io:443/api/1781309/minid ... 1646a5ffa9 --attachment=C:\ProgramData\LGHUB\installation.json --attachment=C:\ProgramData\LGHUB\next.json --attachment=C:\ProgramData\LGHUB\current.json --attachment=C:\Windows\system32\config\systemprofile\AppData\Local\LGHUB\sentry_db_lghub_updater\10957902-1d0f-4e1f-4809-0c3a0dfb64f4.run\__sentry-event --attachment=C:\Windows\system32\config\systemprofile\AppData\Local\LGHUB\sentry_db_lghub_updater\10957902-1d0f-4e1f-4809-0c3a0dfb64f4.run\__sentry-breadcrumb1 --attachment=C:\Windows\system32\config\systemprofile\AppData\Local\LGHUB\sentry_db_lghub_updater\10957902-1d0f-4e1f-4809-0c3a0dfb64f4.run\__sentry-breadcrumb2 --initial-client-data=0x620,0x624,0x628,0x5e4,0x62c,0x7ff600fb9168,0x7ff600fb9188,0x7ff600fb91a0
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\LGHUB\lghub.exe" --type=crashpad-handler --user-data-dir=C:\Users\pavda\AppData\Roaming\LGHUB /prefetch:7 --no-rate-limit --monitor-self-annotation=ptype=crashpad-handler --database=C:\Users\pavda\AppData\Roaming\LGHUB\Crashpad --url=https://sentry.io/api/1781306/minidump/ ... 8020cd4653 --annotation=_productName=LGHUB --annotation=_version=2022.1.3492 --annotation=prod=Electron "--annotation=sentry___initialScope={\"release\":\"2022.1\",\"environment\":\"Production\"}" --annotation=ver=13.1.4 --initial-client-data=0xcf8,0xcfc,0xd00,0xce8,0xd04,0x7ff6877ff550,0x7ff6877ff560,0x7ff6877ff570
"C:\Program Files\Google\Chrome\Application\chrome.exe"
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\pavda\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\pavda\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\pavda\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=97.0.4692.71 --initial-client-data=0xf0,0xf4,0xf8,0xcc,0xfc,0x7ffac666e850,0x7ffac666e860,0x7ffac666e870
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1660,9502189987174845,11111717526374628473,131072 --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAIAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1692 /prefetch:2
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1660,9502189987174845,11111717526374628473,131072 --lang=cs --service-sandbox-type=none --mojo-platform-channel-handle=1912 /prefetch:8
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1660,9502189987174845,11111717526374628473,131072 --lang=cs --service-sandbox-type=utility --mojo-platform-channel-handle=2092 /prefetch:8
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --extension-process --display-capture-permissions-policy-allowed --origin-trial-disabled-features=CaptureHandle --field-trial-handle=1660,9502189987174845,11111717526374628473,131072 --lang=cs --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --launch-time-ticks=246522340641 --mojo-platform-channel-handle=3520 /prefetch:1
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --extension-process --display-capture-permissions-policy-allowed --origin-trial-disabled-features=CaptureHandle --field-trial-handle=1660,9502189987174845,11111717526374628473,131072 --lang=cs --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=6 --launch-time-ticks=246522430356 --mojo-platform-channel-handle=3820 /prefetch:1
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --extension-process --display-capture-permissions-policy-allowed --origin-trial-disabled-features=CaptureHandle --field-trial-handle=1660,9502189987174845,11111717526374628473,131072 --lang=cs --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=7 --launch-time-ticks=246522463928 --mojo-platform-channel-handle=3828 /prefetch:1
C:\Windows\system32\cmd.exe /d /c "C:\Program Files\WindowsApps\AppleInc.iCloud_12.5.74.0_x86__nzyj5cx40ttqa\iCloud\iCloudChrome.exe" chrome-extension://fkepacicchenbjecpbpbclokcabebhah/ --parent-window=0 < \\.\pipe\chrome.nativeMessaging.in.9c06ca41bfb8743 > \\.\pipe\chrome.nativeMessaging.out.9c06ca41bfb8743
C:\Windows\system32\cmd.exe /d /c "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3\plugins_nms.exe" chrome-extension://ahkjpbeeocnddjkakilopmfdlnjdpcdm/ --parent-window=0 < \\.\pipe\chrome.nativeMessaging.in.90d0e5aa7665dd4a > \\.\pipe\chrome.nativeMessaging.out.90d0e5aa7665dd4a
\??\C:\Windows\system32\conhost.exe 0x4
\??\C:\Windows\system32\conhost.exe 0x4

"C:\Program Files\WindowsApps\AppleInc.iCloud_12.5.74.0_x86__nzyj5cx40ttqa\iCloud\iCloudChrome.exe" chrome-extension://fkepacicchenbjecpbpbclokcabebhah/ --parent-window=0
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1660,9502189987174845,11111717526374628473,131072 --lang=cs --service-sandbox-type=audio --mojo-platform-channel-handle=5816 /prefetch:8
"C:\Program Files\WindowsApps\AppleInc.iCloud_12.5.74.0_x86__nzyj5cx40ttqa\iCloud\ApplePhotoStreams.exe" -Embedding
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s WdiSystemHost
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --origin-trial-disabled-features=CaptureHandle --field-trial-handle=1660,9502189987174845,11111717526374628473,131072 --lang=cs --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=168 --launch-time-ticks=251468581337 --mojo-platform-channel-handle=7604 /prefetch:1
C:\Windows\System32\svchost.exe -k swprv
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --origin-trial-disabled-features=CaptureHandle --field-trial-handle=1660,9502189987174845,11111717526374628473,131072 --lang=cs --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=195 --launch-time-ticks=251762761452 --mojo-platform-channel-handle=8020 /prefetch:1
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --origin-trial-disabled-features=CaptureHandle --field-trial-handle=1660,9502189987174845,11111717526374628473,131072 --lang=cs --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=203 --launch-time-ticks=251920785621 --mojo-platform-channel-handle=8368 /prefetch:1
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --extension-process --display-capture-permissions-policy-allowed --origin-trial-disabled-features=CaptureHandle --field-trial-handle=1660,9502189987174845,11111717526374628473,131072 --lang=cs --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=204 --launch-time-ticks=251926419295 --mojo-platform-channel-handle=1628 /prefetch:1
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --origin-trial-disabled-features=CaptureHandle --field-trial-handle=1660,9502189987174845,11111717526374628473,131072 --lang=cs --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=205 --launch-time-ticks=251928639040 --mojo-platform-channel-handle=3924 /prefetch:1
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --origin-trial-disabled-features=CaptureHandle --field-trial-handle=1660,9502189987174845,11111717526374628473,131072 --lang=cs --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=206 --launch-time-ticks=251928674876 --mojo-platform-channel-handle=7572 /prefetch:1
C:\Windows\System32\smartscreen.exe -Embedding
C:\Windows\system32\svchost.exe -k netsvcs -p -s wlidsvc
C:\Windows\system32\AUDIODG.EXE 0x678
"C:\Users\pavda\Downloads\RSITx64.exe"

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}]
IEToEdge BHO - C:\Program Files (x86)\Microsoft\Edge\Application\97.0.1072.62\BHO\ie_to_edge_bho_64.dll [2022-01-13 532360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A5DD10F7-5ABB-4EEF-B4C8-6748D44DAF2A}]
Foxit PhantomPDF Create PDF ToolBar Helper - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\IEAddin\IEAddin_x64.dll [2020-04-22 7211952]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}]
IEToEdge BHO - C:\Program Files (x86)\Microsoft\Edge\Application\97.0.1072.62\BHO\ie_to_edge_bho.dll [2022-01-13 421768]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~2\Office12\GR469A~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A5DD10F7-5ABB-4EEF-B4C8-6748D44DAF2A}]
Foxit PhantomPDF Create PDF ToolBar Helper - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\IEAddin\IEAddin.dll [2020-04-22 5938608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BFD9D8A8-57FF-488A-B919-065EC77CF82F} - Foxit PhantomPDF Create PDF ToolBar - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\IEAddin\IEAddin_x64.dll [2020-04-22 7211952]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{BFD9D8A8-57FF-488A-B919-065EC77CF82F} - Foxit PhantomPDF Create PDF ToolBar - C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\Creator\IEAddin\IEAddin.dll [2020-04-22 5938608]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\Windows\system32\SecurityHealthSystray.exe [2019-12-07 86016]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2019-05-16 9270560]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2021-10-26 339000]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Steam"=C:\Program Files (x86)\Steam\steam.exe [2021-12-16 4267432]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Super Charger"=C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe [2017-11-10 1028280]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
"Fast Boot"=C:\Program Files (x86)\MSI\Fast Boot\StartFastBoot.exe [2015-04-22 759120]
"Live Update"=C:\Program Files (x86)\MSI\Live Update\Live Update.exe [2021-04-08 26327864]
"MSIRegister"=C:\Program Files (x86)\MSI\MSIRegister\MSIRegister.exe [2019-08-28 1266864]
"Command Center"=C:\Program Files (x86)\MSI\Command Center\StartCommandCenter.exe [2016-06-14 835680]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~2\Office12\GR469A~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CBDHSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NgcCtnrSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NgcSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioEndpointBuilder]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioSrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CBDHSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudAddService.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudBus.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsQuic]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NgcCtnrSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NgcSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\usbaudio.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96C-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"EnableFullTrustStartupTasks"=2
"EnableUwpStartupTasks"=2
"SupportFullTrustStartupTasks"=1
"SupportUwpStartupTasks"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"aux"=wdmaud.drv
"midi"=wdmaud.drv
"midimapper"=midimap.dll
"mixer"=wdmaud.drv
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=lvcod64.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wave"=wdmaud.drv
"wavemapper"=msacm32.drv
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"aux2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave2"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"aux3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave3"=wdmaud.drv
"MSVideo"=vfwwdm32.dll
"aux1"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave4"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave5"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave1"=wdmaud.drv

======File associations======

.inf - install -
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2022-01-17 10:27:17 ----D---- C:\rsit
2022-01-17 10:27:17 ----D---- C:\Program Files\trend micro
2022-01-17 10:20:03 ----D---- C:\FRST
2022-01-17 10:13:46 ----A---- C:\Windows\system32\drivers\klupd_klif_klbg.sys
2022-01-17 10:13:45 ----A---- C:\Windows\system32\drivers\klupd_klif_arkmon.sys
2022-01-17 08:50:25 ----D---- C:\Program Files\LGHUB
2022-01-13 15:52:43 ----A---- C:\Windows\SYSWOW64\DolbyDecMFT.dll
2022-01-13 15:52:42 ----A---- C:\Windows\SYSWOW64\mfcore.dll
2022-01-13 15:52:42 ----A---- C:\Windows\system32\DolbyDecMFT.dll
2022-01-13 15:52:41 ----A---- C:\Windows\SYSWOW64\Microsoft.Uev.AppAgent.dll
2022-01-13 15:52:41 ----A---- C:\Windows\system32\msmpeg2vdec.dll
2022-01-13 15:52:41 ----A---- C:\Windows\system32\Microsoft.Uev.AppAgent.dll
2022-01-13 15:52:41 ----A---- C:\Windows\system32\mfcore.dll
2022-01-13 15:52:41 ----A---- C:\Windows\system32\Hydrogen.dll
2022-01-13 15:52:41 ----A---- C:\Windows\system32\AgentService.exe
2022-01-13 15:52:40 ----A---- C:\Windows\system32\Microsoft.Uev.ModernAppAgent.dll
2022-01-13 15:52:40 ----A---- C:\Windows\system32\Microsoft.Uev.CommonBridge.dll
2022-01-13 15:52:40 ----A---- C:\Windows\system32\AppVEntSubsystemController.dll
2022-01-13 15:52:39 ----A---- C:\Windows\SYSWOW64\WebClnt.dll
2022-01-13 15:52:39 ----A---- C:\Windows\SYSWOW64\tsgqec.dll
2022-01-13 15:52:39 ----A---- C:\Windows\SYSWOW64\runas.exe
2022-01-13 15:52:39 ----A---- C:\Windows\SYSWOW64\provsvc.dll
2022-01-13 15:52:39 ----A---- C:\Windows\SYSWOW64\nshwfp.dll
2022-01-13 15:52:39 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2022-01-13 15:52:39 ----A---- C:\Windows\SYSWOW64\msimsg.dll
2022-01-13 15:52:39 ----A---- C:\Windows\SYSWOW64\certutil.exe
2022-01-13 15:52:39 ----A---- C:\Windows\SYSWOW64\certreq.exe
2022-01-13 15:52:38 ----A---- C:\Windows\SYSWOW64\msi.dll
2022-01-13 15:52:38 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2022-01-13 15:52:37 ----A---- C:\Windows\SYSWOW64\xolehlp.dll
2022-01-13 15:52:37 ----A---- C:\Windows\SYSWOW64\tar.exe
2022-01-13 15:52:37 ----A---- C:\Windows\SYSWOW64\net1.exe
2022-01-13 15:52:37 ----A---- C:\Windows\SYSWOW64\mtxclu.dll
2022-01-13 15:52:37 ----A---- C:\Windows\SYSWOW64\msdtcprx.dll
2022-01-13 15:52:37 ----A---- C:\Windows\SYSWOW64\iassam.dll
2022-01-13 15:52:37 ----A---- C:\Windows\SYSWOW64\iasads.dll
2022-01-13 15:52:37 ----A---- C:\Windows\SYSWOW64\edgehtml.dll
2022-01-13 15:52:37 ----A---- C:\Windows\SYSWOW64\dhcpsapi.dll
2022-01-13 15:52:37 ----A---- C:\Windows\SYSWOW64\dataclen.dll
2022-01-13 15:52:37 ----A---- C:\Windows\SYSWOW64\curl.exe
2022-01-13 15:52:37 ----A---- C:\Windows\SYSWOW64\archiveint.dll
2022-01-13 15:52:36 ----A---- C:\Windows\system32\WebClnt.dll
2022-01-13 15:52:36 ----A---- C:\Windows\system32\tsgqec.dll
2022-01-13 15:52:36 ----A---- C:\Windows\system32\runas.exe
2022-01-13 15:52:36 ----A---- C:\Windows\system32\rdpudd.dll
2022-01-13 15:52:36 ----A---- C:\Windows\system32\rdpcorets.dll
2022-01-13 15:52:36 ----A---- C:\Windows\system32\provsvc.dll
2022-01-13 15:52:36 ----A---- C:\Windows\system32\nshwfp.dll
2022-01-13 15:52:36 ----A---- C:\Windows\system32\nltest.exe
2022-01-13 15:52:36 ----A---- C:\Windows\system32\mstscax.dll
2022-01-13 15:52:36 ----A---- C:\Windows\system32\msimsg.dll
2022-01-13 15:52:36 ----A---- C:\Windows\system32\msi.dll
2022-01-13 15:52:36 ----A---- C:\Windows\system32\ListSvc.dll
2022-01-13 15:52:36 ----A---- C:\Windows\system32\ksetup.exe
2022-01-13 15:52:36 ----A---- C:\Windows\system32\drivers\rdpvideominiport.sys
2022-01-13 15:52:36 ----A---- C:\Windows\system32\drivers\PktMon.sys
2022-01-13 15:52:36 ----A---- C:\Windows\system32\certutil.exe
2022-01-13 15:52:36 ----A---- C:\Windows\system32\certreq.exe
2022-01-13 15:52:35 ----A---- C:\Windows\system32\Chakra.dll
2022-01-13 15:52:34 ----A---- C:\Windows\system32\tar.exe
2022-01-13 15:52:34 ----A---- C:\Windows\system32\net1.exe
2022-01-13 15:52:34 ----A---- C:\Windows\system32\mtxclu.dll
2022-01-13 15:52:34 ----A---- C:\Windows\system32\mshtml.dll
2022-01-13 15:52:34 ----A---- C:\Windows\system32\msdtcuiu.dll
2022-01-13 15:52:34 ----A---- C:\Windows\system32\msdtctm.dll
2022-01-13 15:52:34 ----A---- C:\Windows\system32\msdtcprx.dll
2022-01-13 15:52:34 ----A---- C:\Windows\system32\iasads.dll
2022-01-13 15:52:34 ----A---- C:\Windows\system32\dsauth.dll
2022-01-13 15:52:34 ----A---- C:\Windows\system32\dhcpsapi.dll
2022-01-13 15:52:34 ----A---- C:\Windows\system32\dataclen.dll
2022-01-13 15:52:34 ----A---- C:\Windows\system32\curl.exe
2022-01-13 15:52:34 ----A---- C:\Windows\system32\computecore.dll
2022-01-13 15:52:34 ----A---- C:\Windows\system32\CBDHSvc.dll
2022-01-13 15:52:34 ----A---- C:\Windows\system32\archiveint.dll
2022-01-13 15:52:33 ----A---- C:\Windows\SYSWOW64\Windows.UI.Search.dll
2022-01-13 15:52:33 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2022-01-13 15:52:33 ----A---- C:\Windows\SYSWOW64\shell32.dll
2022-01-13 15:52:33 ----A---- C:\Windows\SYSWOW64\scesrv.dll
2022-01-13 15:52:33 ----A---- C:\Windows\SYSWOW64\rastls.dll
2022-01-13 15:52:33 ----A---- C:\Windows\SYSWOW64\raschap.dll
2022-01-13 15:52:33 ----A---- C:\Windows\SYSWOW64\pku2u.dll
2022-01-13 15:52:33 ----A---- C:\Windows\SYSWOW64\netprovfw.dll
2022-01-13 15:52:33 ----A---- C:\Windows\SYSWOW64\netjoin.dll
2022-01-13 15:52:33 ----A---- C:\Windows\SYSWOW64\netid.dll
2022-01-13 15:52:33 ----A---- C:\Windows\SYSWOW64\joinutil.dll
2022-01-13 15:52:33 ----A---- C:\Windows\system32\vertdll.dll
2022-01-13 15:52:33 ----A---- C:\Windows\system32\tcbloader.dll
2022-01-13 15:52:33 ----A---- C:\Windows\system32\tcblaunch.exe
2022-01-13 15:52:33 ----A---- C:\Windows\system32\skci.dll
2022-01-13 15:52:33 ----A---- C:\Windows\system32\hvix64.exe
2022-01-13 15:52:33 ----A---- C:\Windows\system32\hvax64.exe
2022-01-13 15:52:32 ----A---- C:\Windows\SYSWOW64\wkscli.dll
2022-01-13 15:52:32 ----A---- C:\Windows\SYSWOW64\Windows.UI.Immersive.dll
2022-01-13 15:52:32 ----A---- C:\Windows\SYSWOW64\Windows.Media.Protection.PlayReady.dll
2022-01-13 15:52:32 ----A---- C:\Windows\SYSWOW64\wincredui.dll
2022-01-13 15:52:32 ----A---- C:\Windows\SYSWOW64\uReFS.dll
2022-01-13 15:52:32 ----A---- C:\Windows\SYSWOW64\tdh.dll
2022-01-13 15:52:32 ----A---- C:\Windows\SYSWOW64\srvcli.dll
2022-01-13 15:52:32 ----A---- C:\Windows\SYSWOW64\schedcli.dll
2022-01-13 15:52:32 ----A---- C:\Windows\SYSWOW64\schannel.dll
2022-01-13 15:52:32 ----A---- C:\Windows\SYSWOW64\shacctprofile.dll
2022-01-13 15:52:32 ----A---- C:\Windows\SYSWOW64\samcli.dll
2022-01-13 15:52:32 ----A---- C:\Windows\SYSWOW64\offlinelsa.dll
2022-01-13 15:52:32 ----A---- C:\Windows\SYSWOW64\netutils.dll
2022-01-13 15:52:32 ----A---- C:\Windows\SYSWOW64\netmsg.dll
2022-01-13 15:52:32 ----A---- C:\Windows\SYSWOW64\netlogon.dll
2022-01-13 15:52:32 ----A---- C:\Windows\SYSWOW64\ncryptprov.dll
2022-01-13 15:52:32 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2022-01-13 15:52:32 ----A---- C:\Windows\SYSWOW64\msimg32.dll
2022-01-13 15:52:32 ----A---- C:\Windows\SYSWOW64\mf3216.dll
2022-01-13 15:52:32 ----A---- C:\Windows\SYSWOW64\logoncli.dll
2022-01-13 15:52:32 ----A---- C:\Windows\SYSWOW64\gmsaclient.dll
2022-01-13 15:52:32 ----A---- C:\Windows\SYSWOW64\GdiPlus.dll
2022-01-13 15:52:32 ----A---- C:\Windows\SYSWOW64\gdi32full.dll
2022-01-13 15:52:32 ----A---- C:\Windows\SYSWOW64\es.dll
2022-01-13 15:52:32 ----A---- C:\Windows\SYSWOW64\comsvcs.dll
2022-01-13 15:52:32 ----A---- C:\Windows\SYSWOW64\CertPolEng.dll
2022-01-13 15:52:32 ----A---- C:\Windows\SYSWOW64\BitLockerCsp.dll
2022-01-13 15:52:32 ----A---- C:\Windows\SYSWOW64\authz.dll
2022-01-13 15:52:31 ----A---- C:\Windows\SYSWOW64\win32u.dll
2022-01-13 15:52:31 ----A---- C:\Windows\SYSWOW64\win32kfull.sys
2022-01-13 15:52:31 ----A---- C:\Windows\SYSWOW64\win32k.sys
2022-01-13 15:52:30 ----A---- C:\Windows\SYSWOW64\wpnapps.dll
2022-01-13 15:52:30 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2022-01-13 15:52:30 ----A---- C:\Windows\SYSWOW64\Windows.StateRepositoryUpgrade.dll
2022-01-13 15:52:30 ----A---- C:\Windows\SYSWOW64\Windows.StateRepositoryPS.dll
2022-01-13 15:52:30 ----A---- C:\Windows\SYSWOW64\Windows.StateRepositoryCore.dll
2022-01-13 15:52:30 ----A---- C:\Windows\SYSWOW64\Windows.StateRepositoryClient.dll
2022-01-13 15:52:30 ----A---- C:\Windows\SYSWOW64\Windows.StateRepositoryBroker.dll
2022-01-13 15:52:30 ----A---- C:\Windows\SYSWOW64\Windows.StateRepository.dll
2022-01-13 15:52:30 ----A---- C:\Windows\SYSWOW64\Windows.Devices.HumanInterfaceDevice.dll
2022-01-13 15:52:30 ----A---- C:\Windows\SYSWOW64\user32.dll
2022-01-13 15:52:30 ----A---- C:\Windows\SYSWOW64\StateRepository.Core.dll
2022-01-13 15:52:30 ----A---- C:\Windows\SYSWOW64\profext.dll
2022-01-13 15:52:30 ----A---- C:\Windows\SYSWOW64\negoexts.dll
2022-01-13 15:52:30 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2022-01-13 15:52:30 ----A---- C:\Windows\SYSWOW64\KerbClientShared.dll
2022-01-13 15:52:30 ----A---- C:\Windows\SYSWOW64\CertEnrollCtrl.exe
2022-01-13 15:52:30 ----A---- C:\Windows\SYSWOW64\CertEnroll.dll
2022-01-13 15:52:30 ----A---- C:\Windows\SYSWOW64\certcli.dll
2022-01-13 15:52:30 ----A---- C:\Windows\SYSWOW64\certca.dll
2022-01-13 15:52:29 ----A---- C:\Windows\SYSWOW64\Windows.System.Launcher.dll
2022-01-13 15:52:29 ----A---- C:\Windows\SYSWOW64\windows.storage.dll
2022-01-13 15:52:29 ----A---- C:\Windows\SYSWOW64\Windows.ApplicationModel.Core.dll
2022-01-13 15:52:29 ----A---- C:\Windows\SYSWOW64\Windows.AccountsControl.dll
2022-01-13 15:52:29 ----A---- C:\Windows\SYSWOW64\twinui.appcore.dll
2022-01-13 15:52:29 ----A---- C:\Windows\SYSWOW64\TileDataRepository.dll
2022-01-13 15:52:29 ----A---- C:\Windows\SYSWOW64\thumbcache.dll
2022-01-13 15:52:29 ----A---- C:\Windows\SYSWOW64\ShareHost.dll
2022-01-13 15:52:29 ----A---- C:\Windows\SYSWOW64\GameInput.dll
2022-01-13 15:52:29 ----A---- C:\Windows\SYSWOW64\AppContracts.dll
2022-01-13 15:52:28 ----A---- C:\Windows\SYSWOW64\wscproxystub.dll
2022-01-13 15:52:28 ----A---- C:\Windows\SYSWOW64\wscisvif.dll
2022-01-13 15:52:28 ----A---- C:\Windows\SYSWOW64\wscapi.dll
2022-01-13 15:52:28 ----A---- C:\Windows\SYSWOW64\wscadminui.exe
2022-01-13 15:52:28 ----A---- C:\Windows\SYSWOW64\Windows.UI.Xaml.dll
2022-01-13 15:52:28 ----A---- C:\Windows\SYSWOW64\usercpl.dll
2022-01-13 15:52:28 ----A---- C:\Windows\SYSWOW64\twinui.dll
2022-01-13 15:52:28 ----A---- C:\Windows\SYSWOW64\sechost.dll
2022-01-13 15:52:28 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2022-01-13 15:52:28 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2022-01-13 15:52:28 ----A---- C:\Windows\SYSWOW64\netplwiz.dll
2022-01-13 15:52:28 ----A---- C:\Windows\SYSWOW64\netapi32.dll
2022-01-13 15:52:28 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2022-01-13 15:52:28 ----A---- C:\Windows\SYSWOW64\msctf.dll
2022-01-13 15:52:28 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2022-01-13 15:52:28 ----A---- C:\Windows\SYSWOW64\LaunchWinApp.exe
2022-01-13 15:52:28 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2022-01-13 15:52:28 ----A---- C:\Windows\SYSWOW64\authui.dll
2022-01-13 15:52:28 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2022-01-13 15:52:28 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2022-01-13 15:52:28 ----A---- C:\Windows\system32\TSpkg.dll
2022-01-13 15:52:28 ----A---- C:\Windows\system32\pku2u.dll
2022-01-13 15:52:28 ----A---- C:\Windows\system32\LsaIso.exe
2022-01-13 15:52:28 ----A---- C:\Windows\system32\keymgr.dll
2022-01-13 15:52:28 ----A---- C:\Windows\system32\iumcrypt.dll
2022-01-13 15:52:27 ----A---- C:\Windows\system32\WUDFPlatform.dll
2022-01-13 15:52:27 ----A---- C:\Windows\system32\WUDFHost.exe
2022-01-13 15:52:27 ----A---- C:\Windows\system32\WUDFCompanionHost.exe
2022-01-13 15:52:27 ----A---- C:\Windows\system32\Windows.UI.Search.dll
2022-01-13 15:52:27 ----A---- C:\Windows\system32\Windows.UI.Immersive.dll
2022-01-13 15:52:27 ----A---- C:\Windows\system32\taskcomp.dll
2022-01-13 15:52:27 ----A---- C:\Windows\system32\sppsvc.exe
2022-01-13 15:52:27 ----A---- C:\Windows\system32\sppobjs.dll
2022-01-13 15:52:27 ----A---- C:\Windows\system32\sppcext.dll
2022-01-13 15:52:27 ----A---- C:\Windows\system32\shell32.dll
2022-01-13 15:52:27 ----A---- C:\Windows\system32\SettingsHandlers_nt.dll
2022-01-13 15:52:27 ----A---- C:\Windows\system32\scesrv.dll
2022-01-13 15:52:27 ----A---- C:\Windows\system32\rastls.dll
2022-01-13 15:52:27 ----A---- C:\Windows\system32\rasmans.dll
2022-01-13 15:52:27 ----A---- C:\Windows\system32\raschap.dll
2022-01-13 15:52:27 ----A---- C:\Windows\system32\rascustom.dll
2022-01-13 15:52:27 ----A---- C:\Windows\system32\netprovfw.dll
2022-01-13 15:52:27 ----A---- C:\Windows\system32\netjoin.dll
2022-01-13 15:52:27 ----A---- C:\Windows\system32\LocationFrameworkPS.dll
2022-01-13 15:52:27 ----A---- C:\Windows\system32\LocationFrameworkInternalPS.dll
2022-01-13 15:52:27 ----A---- C:\Windows\system32\LocationFramework.dll
2022-01-13 15:52:27 ----A---- C:\Windows\system32\joinutil.dll
2022-01-13 15:52:27 ----A---- C:\Windows\system32\drivers\WUDFRd.sys
2022-01-13 15:52:27 ----A---- C:\Windows\system32\drivers\WUDFPf.sys
2022-01-13 15:52:27 ----A---- C:\Windows\system32\djoin.exe
2022-01-13 15:52:26 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2022-01-13 15:52:26 ----A---- C:\Windows\system32\wkssvc.dll
2022-01-13 15:52:26 ----A---- C:\Windows\system32\wincredui.dll
2022-01-13 15:52:26 ----A---- C:\Windows\system32\usermgr.dll
2022-01-13 15:52:26 ----A---- C:\Windows\system32\tdh.dll
2022-01-13 15:52:26 ----A---- C:\Windows\system32\shutdownux.dll
2022-01-13 15:52:26 ----A---- C:\Windows\system32\sechost.dll
2022-01-13 15:52:26 ----A---- C:\Windows\system32\rpcrt4.dll
2022-01-13 15:52:26 ----A---- C:\Windows\system32\ntlanman.dll
2022-01-13 15:52:26 ----A---- C:\Windows\system32\netlogon.dll
2022-01-13 15:52:26 ----A---- C:\Windows\system32\msimg32.dll
2022-01-13 15:52:26 ----A---- C:\Windows\system32\msctf.dll
2022-01-13 15:52:26 ----A---- C:\Windows\system32\mf3216.dll
2022-01-13 15:52:26 ----A---- C:\Windows\system32\KernelBase.dll
2022-01-13 15:52:26 ----A---- C:\Windows\system32\gmsaclient.dll
2022-01-13 15:52:26 ----A---- C:\Windows\system32\GdiPlus.dll
2022-01-13 15:52:26 ----A---- C:\Windows\system32\gdi32full.dll
2022-01-13 15:52:26 ----A---- C:\Windows\system32\efscore.dll
2022-01-13 15:52:26 ----A---- C:\Windows\system32\drivers\msrpc.sys
2022-01-13 15:52:26 ----A---- C:\Windows\system32\drivers\clfs.sys
2022-01-13 15:52:26 ----A---- C:\Windows\system32\BitLockerCsp.dll
2022-01-13 15:52:25 ----A---- C:\Windows\system32\wkscli.dll
2022-01-13 15:52:25 ----A---- C:\Windows\system32\srvcli.dll
2022-01-13 15:52:25 ----A---- C:\Windows\system32\schedcli.dll
2022-01-13 15:52:25 ----A---- C:\Windows\system32\schannel.dll
2022-01-13 15:52:25 ----A---- C:\Windows\system32\offlinelsa.dll
2022-01-13 15:52:25 ----A---- C:\Windows\system32\ntoskrnl.exe
2022-01-13 15:52:25 ----A---- C:\Windows\system32\ntdll.dll
2022-01-13 15:52:25 ----A---- C:\Windows\system32\msv1_0.dll
2022-01-13 15:52:25 ----A---- C:\Windows\system32\msobjs.dll
2022-01-13 15:52:25 ----A---- C:\Windows\system32\msaudite.dll
2022-01-13 15:52:25 ----A---- C:\Windows\system32\lsasrv.dll
2022-01-13 15:52:25 ----A---- C:\Windows\system32\logoncli.dll
2022-01-13 15:52:25 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2022-01-13 15:52:25 ----A---- C:\Windows\system32\drivers\http.sys
2022-01-13 15:52:25 ----A---- C:\Windows\system32\adtschema.dll
2022-01-13 15:52:24 ----A---- C:\Windows\system32\samsrv.dll
2022-01-13 15:52:24 ----A---- C:\Windows\system32\samlib.dll
2022-01-13 15:52:24 ----A---- C:\Windows\system32\samcli.dll
2022-01-13 15:52:24 ----A---- C:\Windows\system32\profsvc.dll
2022-01-13 15:52:24 ----A---- C:\Windows\system32\offlinesam.dll
2022-01-13 15:52:24 ----A---- C:\Windows\system32\netmsg.dll
2022-01-13 15:52:24 ----A---- C:\Windows\system32\ncryptprov.dll
2022-01-13 15:52:24 ----A---- C:\Windows\system32\drivers\pcw.sys
2022-01-13 15:52:24 ----A---- C:\Windows\system32\dpapisrv.dll
2022-01-13 15:52:24 ----A---- C:\Windows\system32\ci.dll
2022-01-13 15:52:24 ----A---- C:\Windows\system32\authz.dll
2022-01-13 15:52:23 ----A---- C:\Windows\system32\winresume.exe
2022-01-13 15:52:23 ----A---- C:\Windows\system32\winload.exe
2022-01-13 15:52:23 ----A---- C:\Windows\system32\Windows.SharedPC.AccountManager.dll
2022-01-13 15:52:23 ----A---- C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2022-01-13 15:52:23 ----A---- C:\Windows\system32\uReFS.dll
2022-01-13 15:52:23 ----A---- C:\Windows\system32\trkwks.dll
2022-01-13 15:52:23 ----A---- C:\Windows\system32\shacct.dll
2022-01-13 15:52:23 ----A---- C:\Windows\system32\refsutil.exe
2022-01-13 15:52:23 ----A---- C:\Windows\system32\es.dll
2022-01-13 15:52:23 ----A---- C:\Windows\system32\dwmcore.dll
2022-01-13 15:52:23 ----A---- C:\Windows\system32\drivers\refsv1.sys
2022-01-13 15:52:23 ----A---- C:\Windows\system32\drivers\refs.sys
2022-01-13 15:52:23 ----A---- C:\Windows\system32\comsvcs.dll
2022-01-13 15:52:23 ----A---- C:\Windows\system32\CertPolEng.dll
2022-01-13 15:52:22 ----A---- C:\Windows\system32\win32kfull.sys
2022-01-13 15:52:22 ----A---- C:\Windows\system32\wevtsvc.dll
2022-01-13 15:52:22 ----A---- C:\Windows\system32\SystemSettingsThresholdAdminFlowUI.dll
2022-01-13 15:52:22 ----A---- C:\Windows\system32\SettingsHandlers_User.dll
2022-01-13 15:52:22 ----A---- C:\Windows\system32\PasswordEnrollmentManager.dll
2022-01-13 15:52:22 ----A---- C:\Windows\system32\netapi32.dll
2022-01-13 15:52:22 ----A---- C:\Windows\system32\MusUpdateHandlers.dll
2022-01-13 15:52:22 ----A---- C:\Windows\system32\drivers\bindflt.sys
2022-01-13 15:52:22 ----A---- C:\Windows\system32\CloudDomainJoinDataModelServer.dll
2022-01-13 15:52:22 ----A---- C:\Windows\system32\bindfltapi.dll
2022-01-13 15:52:22 ----A---- C:\Windows\system32\AppXDeploymentServer.dll
2022-01-13 15:52:22 ----A---- C:\Windows\system32\ApplyTrustOffline.exe
2022-01-13 15:52:22 ----A---- C:\Windows\system32\ApplicationFrame.dll
2022-01-13 15:52:21 ----A---- C:\Windows\system32\wpnapps.dll
2022-01-13 15:52:21 ----A---- C:\Windows\system32\wintrust.dll
2022-01-13 15:52:21 ----A---- C:\Windows\system32\windows.storage.dll
2022-01-13 15:52:21 ----A---- C:\Windows\system32\Windows.StateRepositoryUpgrade.dll
2022-01-13 15:52:21 ----A---- C:\Windows\system32\Windows.StateRepositoryPS.dll
2022-01-13 15:52:21 ----A---- C:\Windows\system32\Windows.StateRepositoryCore.dll
2022-01-13 15:52:21 ----A---- C:\Windows\system32\Windows.StateRepositoryClient.dll
2022-01-13 15:52:21 ----A---- C:\Windows\system32\Windows.StateRepositoryBroker.dll
2022-01-13 15:52:21 ----A---- C:\Windows\system32\Windows.StateRepository.dll
2022-01-13 15:52:21 ----A---- C:\Windows\system32\win32u.dll
2022-01-13 15:52:21 ----A---- C:\Windows\system32\win32k.sys
2022-01-13 15:52:21 ----A---- C:\Windows\system32\StateRepository.Core.dll
2022-01-13 15:52:21 ----A---- C:\Windows\system32\profext.dll
2022-01-13 15:52:21 ----A---- C:\Windows\system32\kerberos.dll
2022-01-13 15:52:21 ----A---- C:\Windows\system32\KerbClientShared.dll
2022-01-13 15:52:21 ----A---- C:\Windows\system32\IKEEXT.DLL
2022-01-13 15:52:21 ----A---- C:\Windows\system32\FWPUCLNT.DLL
2022-01-13 15:52:21 ----A---- C:\Windows\system32\drivers\wfplwfs.sys
2022-01-13 15:52:21 ----A---- C:\Windows\system32\BFE.DLL
2022-01-13 15:52:20 ----A---- C:\Windows\system32\Windows.System.Launcher.dll
2022-01-13 15:52:20 ----A---- C:\Windows\system32\Windows.Devices.HumanInterfaceDevice.dll
2022-01-13 15:52:20 ----A---- C:\Windows\system32\Windows.ApplicationModel.Core.dll
2022-01-13 15:52:20 ----A---- C:\Windows\system32\Windows.AccountsControl.dll
2022-01-13 15:52:20 ----A---- C:\Windows\system32\win32kbase.sys
2022-01-13 15:52:20 ----A---- C:\Windows\system32\twinui.appcore.dll
2022-01-13 15:52:20 ----A---- C:\Windows\system32\TileDataRepository.dll
2022-01-13 15:52:20 ----A---- C:\Windows\system32\negoexts.dll
2022-01-13 15:52:20 ----A---- C:\Windows\system32\modernexecserver.dll
2022-01-13 15:52:20 ----A---- C:\Windows\system32\ISM.dll
2022-01-13 15:52:20 ----A---- C:\Windows\system32\GameInput.dll
2022-01-13 15:52:20 ----A---- C:\Windows\system32\drivers\dxgmms2.sys
2022-01-13 15:52:20 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2022-01-13 15:52:20 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2022-01-13 15:52:20 ----A---- C:\Windows\system32\cloudAP.dll
2022-01-13 15:52:20 ----A---- C:\Windows\system32\CertEnroll.dll
2022-01-13 15:52:20 ----A---- C:\Windows\system32\certcli.dll
2022-01-13 15:52:20 ----A---- C:\Windows\system32\certca.dll
2022-01-13 15:52:20 ----A---- C:\Windows\system32\cdd.dll
2022-01-13 15:52:20 ----A---- C:\Windows\system32\AppContracts.dll
2022-01-13 15:52:19 ----A---- C:\Windows\system32\wscsvc.dll
2022-01-13 15:52:19 ----A---- C:\Windows\system32\wscproxystub.dll
2022-01-13 15:52:19 ----A---- C:\Windows\system32\wscisvif.dll
2022-01-13 15:52:19 ----A---- C:\Windows\system32\wscapi.dll
2022-01-13 15:52:19 ----A---- C:\Windows\system32\wscadminui.exe
2022-01-13 15:52:19 ----A---- C:\Windows\system32\winlogonext.dll
2022-01-13 15:52:19 ----A---- C:\Windows\system32\Windows.UI.Xaml.dll
2022-01-13 15:52:19 ----A---- C:\Windows\system32\usercpl.dll
2022-01-13 15:52:19 ----A---- C:\Windows\system32\twinui.dll
2022-01-13 15:52:19 ----A---- C:\Windows\system32\ShareHost.dll
2022-01-13 15:52:19 ----A---- C:\Windows\system32\ptpprov.dll
2022-01-13 15:52:19 ----A---- C:\Windows\system32\PinEnrollmentHelper.dll
2022-01-13 15:52:19 ----A---- C:\Windows\system32\netplwiz.dll
2022-01-13 15:52:19 ----A---- C:\Windows\system32\LaunchWinApp.exe
2022-01-13 15:52:19 ----A---- C:\Windows\system32\kernel32.dll
2022-01-13 15:52:19 ----A---- C:\Windows\system32\deviceregistration.dll
2022-01-13 15:52:19 ----A---- C:\Windows\system32\cdpsvc.dll
2022-01-13 15:52:19 ----A---- C:\Windows\system32\browcli.dll
2022-01-13 15:52:19 ----A---- C:\Windows\system32\authui.dll
2022-01-13 15:52:19 ----A---- C:\Windows\system32\advapi32.dll
2022-01-13 15:52:18 ----A---- C:\Windows\system32\vmbuspipe.dll
2022-01-13 15:52:18 ----A---- C:\Windows\system32\TaskFlowDataEngine.dll
2022-01-13 15:52:18 ----A---- C:\Windows\system32\SpeechPal.dll
2022-01-13 15:52:18 ----A---- C:\Windows\system32\ManageCI.dll
2022-01-13 15:52:18 ----A---- C:\Windows\system32\kdcpw.dll
2022-01-13 15:52:18 ----A---- C:\Windows\system32\drivers\storport.sys
2022-01-13 15:52:18 ----A---- C:\Windows\system32\drivers\netvsc.sys
2022-01-13 15:52:18 ----A---- C:\Windows\system32\agentactivationruntimewindows.dll
2022-01-13 15:52:17 ----A---- C:\Windows\system32\drivers\vmbus.sys
2022-01-13 15:52:17 ----A---- C:\Windows\system32\drivers\Vid.sys
2022-01-13 15:52:17 ----A---- C:\Windows\system32\drivers\spaceport.sys
2022-01-13 15:52:17 ----A---- C:\Windows\system32\drivers\spacedump.sys
2022-01-13 15:48:08 ----HD---- C:\$WinREAgent
2022-01-07 22:36:52 ----D---- C:\Program Files (x86)\MSI Afterburner
2022-01-06 13:30:09 ----D---- C:\Users\pavda\AppData\Roaming\Battlestate Games
2022-01-06 13:30:09 ----D---- C:\ProgramData\Battlestate Games
2021-12-21 22:16:08 ----A---- C:\Windows\system32\nvml.dll
2021-12-21 22:16:08 ----A---- C:\Windows\system32\nvcpl.dll
2021-12-21 22:16:02 ----A---- C:\Windows\SYSWOW64\vulkaninfo-1-999-0-0-0.exe
2021-12-21 22:16:02 ----A---- C:\Windows\SYSWOW64\vulkaninfo.exe
2021-12-21 22:16:02 ----A---- C:\Windows\SYSWOW64\vulkan-1-999-0-0-0.dll
2021-12-21 22:16:02 ----A---- C:\Windows\SYSWOW64\vulkan-1.dll
2021-12-21 22:16:02 ----A---- C:\Windows\SYSWOW64\OpenCL.dll
2021-12-21 22:16:02 ----A---- C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe
2021-12-21 22:16:02 ----A---- C:\Windows\system32\vulkaninfo.exe
2021-12-21 22:16:02 ----A---- C:\Windows\system32\vulkan-1-999-0-0-0.dll
2021-12-21 22:16:02 ----A---- C:\Windows\system32\vulkan-1.dll
2021-12-21 22:16:02 ----A---- C:\Windows\system32\OpenCL.dll
2021-12-21 22:15:58 ----A---- C:\Windows\SYSWOW64\nvofapi.dll
2021-12-21 22:15:58 ----A---- C:\Windows\SYSWOW64\NvIFROpenGL.dll
2021-12-21 22:15:58 ----A---- C:\Windows\SYSWOW64\NvIFR.dll
2021-12-21 22:15:58 ----A---- C:\Windows\SYSWOW64\NvFBC.dll
2021-12-21 22:15:58 ----A---- C:\Windows\SYSWOW64\nvEncodeAPI.dll
2021-12-21 22:15:58 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2021-12-21 22:15:58 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2021-12-21 22:15:58 ----A---- C:\Windows\system32\nvofapi64.dll
2021-12-21 22:15:58 ----A---- C:\Windows\system32\NvIFROpenGL.dll
2021-12-21 22:15:58 ----A---- C:\Windows\system32\NvIFR64.dll
2021-12-21 22:15:58 ----A---- C:\Windows\system32\nvidia-smi.exe
2021-12-21 22:15:58 ----A---- C:\Windows\system32\NvFBC64.dll
2021-12-21 22:15:58 ----A---- C:\Windows\system32\nvEncodeAPI64.dll
2021-12-21 22:15:58 ----A---- C:\Windows\system32\nvdebugdump.exe
2021-12-21 22:15:58 ----A---- C:\Windows\system32\nvcuvid.dll
2021-12-21 22:15:58 ----A---- C:\Windows\system32\nvcuda.dll
2021-12-21 22:15:58 ----A---- C:\Windows\system32\MCU.exe

======List of files/folders modified in the last 1 month======

2022-01-17 10:27:17 ----RD---- C:\Program Files
2022-01-17 10:23:12 ----D---- C:\Windows\Prefetch
2022-01-17 10:23:07 ----D---- C:\Windows\INF
2022-01-17 10:20:25 ----SHD---- C:\System Volume Information
2022-01-17 10:14:57 ----D---- C:\Windows\Temp
2022-01-17 10:13:46 ----D---- C:\Windows\system32\drivers
2022-01-17 10:13:35 ----D---- C:\Program Files (x86)\Steam
2022-01-17 10:03:42 ----D---- C:\Program Files (x86)\Google
2022-01-17 09:30:00 ----D---- C:\Windows\system32\sru
2022-01-17 08:51:49 ----D---- C:\Users\pavda\AppData\Roaming\LGHUB
2022-01-17 08:51:12 ----D---- C:\Windows\System32
2022-01-17 08:51:11 ----D---- C:\Windows\system32\DriverStore
2022-01-17 08:50:23 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2022-01-17 08:50:23 ----D---- C:\Program Files\LGHUB.ab99f318-2e3f-410a-a975-20115ce44270
2022-01-17 08:29:08 ----D---- C:\ProgramData\NVIDIA
2022-01-17 00:02:42 ----D---- C:\Windows\system32\SleepStudy
2022-01-16 17:28:55 ----D---- C:\Windows\system32\config
2022-01-16 17:25:25 ----D---- C:\Windows\WinSxS
2022-01-16 17:25:11 ----D---- C:\Windows\system32\catroot2
2022-01-16 17:23:20 ----RD---- C:\Windows\Microsoft.NET
2022-01-15 13:18:29 ----D---- C:\Windows\AppReadiness
2022-01-15 12:58:05 ----HD---- C:\Program Files\WindowsApps
2022-01-14 19:23:32 ----D---- C:\Windows\system32\Tasks
2022-01-14 12:32:48 ----A---- C:\Windows\system32\PerfStringBackup.INI
2022-01-14 12:25:56 ----D---- C:\Program Files (x86)\TeamViewer
2022-01-14 12:25:51 ----D---- C:\Windows\ServiceState
2022-01-14 12:25:49 ----ASH---- C:\DumpStack.log.tmp
2022-01-14 00:09:30 ----SHD---- C:\Config.Msi
2022-01-14 00:09:30 ----D---- C:\Windows\SysWOW64
2022-01-14 00:08:38 ----SD---- C:\Windows\system32\DiagSvcs
2022-01-14 00:08:38 ----D---- C:\Windows\SYSWOW64\wbem
2022-01-14 00:08:38 ----D---- C:\Windows\SYSWOW64\Dism
2022-01-14 00:08:38 ----D---- C:\Windows\SYSWOW64\cs-CZ
2022-01-14 00:08:38 ----D---- C:\Windows\SystemResources
2022-01-14 00:08:38 ----D---- C:\Windows\system32\wbem
2022-01-14 00:08:38 ----D---- C:\Windows\system32\setup
2022-01-14 00:08:38 ----D---- C:\Windows\system32\oobe
2022-01-14 00:08:38 ----D---- C:\Windows\system32\migration
2022-01-14 00:08:38 ----D---- C:\Windows\system32\en-US
2022-01-14 00:08:38 ----D---- C:\Windows\system32\Dism
2022-01-14 00:08:38 ----D---- C:\Windows\system32\cs-CZ
2022-01-14 00:08:38 ----D---- C:\Windows\system32\Boot
2022-01-14 00:08:37 ----D---- C:\Windows\system32\CodeIntegrity
2022-01-14 00:08:37 ----D---- C:\Windows\bcastdvr
2022-01-14 00:08:37 ----D---- C:\Program Files\Windows Defender Advanced Threat Protection
2022-01-13 20:27:31 ----D---- C:\Users\pavda\AppData\Roaming\discord
2022-01-13 15:54:34 ----D---- C:\Windows\CbsTemp
2022-01-13 15:47:44 ----D---- C:\Windows\system32\MRT
2022-01-13 15:45:08 ----AC---- C:\Windows\system32\MRT.exe
2022-01-11 22:05:05 ----D---- C:\Windows
2022-01-10 16:04:21 ----D---- C:\Users\pavda\AppData\Roaming\WeMod
2022-01-07 22:37:44 ----D---- C:\MSI
2022-01-07 22:37:09 ----SHD---- C:\Windows\Installer
2022-01-07 22:36:52 ----RD---- C:\Program Files (x86)
2022-01-06 15:24:58 ----D---- C:\Program Files (x86)\Common Files
2022-01-06 13:30:09 ----HD---- C:\ProgramData
2022-01-06 13:29:57 ----D---- C:\ProgramData\Package Cache
2021-12-21 22:12:02 ----D---- C:\ProgramData\NVIDIA Corporation
2021-12-21 22:11:51 ----D---- C:\Program Files\NVIDIA Corporation
2021-12-21 22:11:51 ----D---- C:\Program Files (x86)\NVIDIA Corporation

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 cm_km;AO Kaspersky Lab Cryptographic Module x64 (56 bit); C:\Windows\system32\DRIVERS\cm_km.sys [2021-02-19 250032]
R0 FACEIT;FACEIT; C:\Windows\System32\Drivers\FACEIT.sys [2021-10-12 12618744]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\Windows\system32\drivers\iorate.sys [2021-06-09 57168]
R0 klupd_klif_arkmon;klupd_klif_arkmon; C:\Windows\System32\Drivers\klupd_klif_arkmon.sys [2022-01-17 287904]
R0 klupd_klif_klbg;klupd_klif_klbg; C:\Windows\System32\Drivers\klupd_klif_klbg.sys [2022-01-17 115968]
R0 MsSecFlt;@%SystemRoot%\System32\Drivers\mssecflt.sys,-1001; C:\Windows\system32\drivers\mssecflt.sys [2021-12-16 331064]
R1 afunix;afunix; C:\Windows\system32\drivers\afunix.sys [2021-07-14 41984]
R1 bam;@%SystemRoot%\system32\drivers\bam.sys,-100; C:\Windows\system32\drivers\bam.sys [2019-12-07 78136]
R1 CimFS;CimFS; C:\Windows\system32\drivers\CimFS.sys [2021-10-09 98304]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\Windows\system32\drivers\filecrypt.sys [2019-12-07 59392]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\Windows\System32\drivers\gpuenergydrv.sys [2019-12-07 8704]
R1 klbackupdisk;Kaspersky Lab klbackupdisk; C:\Windows\system32\DRIVERS\klbackupdisk.sys [2021-02-19 110336]
R1 klbackupflt;Kaspersky Lab klbackupflt; C:\Windows\system32\DRIVERS\klbackupflt.sys [2021-02-19 211704]
R1 kldisk;kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [2021-02-19 126216]
R1 klflt;Kaspersky Lab Kernel DLL; C:\Windows\system32\DRIVERS\klflt.sys [2021-02-19 514840]
R1 klgse;Kaspersky Lab Security Extender Driver; C:\Windows\system32\DRIVERS\klgse.sys [2021-11-13 689976]
R1 klhk;Kaspersky Lab service driver; C:\Windows\system32\DRIVERS\klhk.sys [2021-11-13 1507648]
R1 KLIF;Kaspersky Lab Driver; C:\Windows\system32\DRIVERS\klif.sys [2021-02-19 1042712]
R1 klim6;@oem15.inf,%KLIM6_Desc%;Kaspersky Anti-Virus NDIS 6 Filter; C:\Windows\system32\DRIVERS\klim6.sys [2021-02-19 98040]
R1 klpd;Kaspersky Lab format recognizer driver; C:\Windows\system32\DRIVERS\klpd.sys [2021-02-19 85256]
R1 klpnpflt;Kaspersky Lab klpnpflt; C:\Windows\system32\DRIVERS\klpnpflt.sys [2021-06-18 96008]
R1 klwtp;KLwtp - WFP callout traffic inspector; C:\Windows\system32\DRIVERS\klwtp.sys [2021-02-19 327936]
R1 kneps;kneps; C:\Windows\system32\DRIVERS\kneps.sys [2021-02-19 300808]
R2 bindflt;@%systemroot%\system32\drivers\bindflt.sys,-100; C:\Windows\system32\drivers\bindflt.sys [2022-01-13 149320]
R2 CldFlt;Windows Cloud Files Filter Driver; C:\Windows\system32\drivers\cldflt.sys [2021-11-11 496640]
R2 iocbios2;iocbios2; \??\C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [2016-08-24 37064]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\Windows\system32\drivers\mmcss.sys [2020-10-09 53248]
R3 athr;@athw8x.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\Windows\System32\drivers\athw8x.sys [2019-12-07 4233728]
R3 I2cHkBurn;I2cHkBurn; C:\Windows\system32\drivers\I2cHkBurn.sys [2015-07-27 41760]
R3 ICCWDT;@oem31.inf,%ICCWDT.SVCDESC%;Intel(R) Watchdog Timer Driver (Intel(R) WDT); C:\Windows\System32\drivers\ICCWDT.sys [2016-11-02 38680]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2019-05-16 6849624]
R3 klids;klids; \??\C:\ProgramData\Kaspersky Lab\AVP21.3\Bases\klids.sys [2021-12-20 272168]
R3 klkbdflt;Kaspersky Lab KLKBDFLT; C:\Windows\system32\DRIVERS\klkbdflt.sys [2021-02-19 112392]
R3 klmouflt;Kaspersky Lab KLMOUFLT; C:\Windows\system32\DRIVERS\klmouflt.sys [2021-02-19 112904]
R3 klupd_klif_klark;klupd_klif_klark; C:\Windows\System32\Drivers\klupd_klif_klark.sys [2021-11-22 314040]
R3 klupd_klif_mark;klupd_klif_mark; C:\Windows\System32\Drivers\klupd_klif_mark.sys [2021-11-24 225648]
R3 logi_generic_hid_filter;@oem35.inf,%LGJoyHidIoFilter.SvcDesc%;Logitech G HUB KMDF HID IO Filter Driver; C:\Windows\system32\drivers\logi_generic_hid_filter.sys [2021-11-13 55624]
R3 logi_joy_bus_enum;@oem12.inf,%LGBusEnum.SVCDESC%;Logitech G HUB Virtual Bus Enumerator Driver; C:\Windows\system32\drivers\logi_joy_bus_enum.sys [2021-11-13 37200]
R3 logi_joy_hid_filter;@oem35.inf,%LGJoyHidFilter.SvcDesc%;Logitech G HUB HID Filter Driver; C:\Windows\system32\drivers\logi_joy_hid_filter.sys [2021-11-13 56656]
R3 logi_joy_hid_lo;@oem35.inf,%LGJoyHidLo.SvcDesc%;Logitech G HUB USB Filter Driver; C:\Windows\system32\drivers\logi_joy_hid_lo.sys [2021-11-13 45904]
R3 logi_joy_vir_hid;@oem30.inf,%LGVirHid.SVCDESC%;Logitech G HUB Virtual HID Device Driver; C:\Windows\system32\drivers\logi_joy_vir_hid.sys [2021-11-13 25928]
R3 logi_joy_xlcore;@oem12.inf,%LGJoyXlCore.SVCDESC%;Logitech G HUB Translation Layer Driver; C:\Windows\system32\drivers\logi_joy_xlcore.sys [2021-11-13 66896]
R3 MEIx64;@oem5.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\Windows\System32\drivers\TeeDriverW8x64.sys [2017-10-17 206496]
R3 MsQuic;@%SystemRoot%\system32\drivers\msquic.sys,-1; C:\Windows\system32\drivers\msquic.sys [2020-10-09 322376]
R3 NTIOLib_FastBoot;NTIOLib_FastBoot; \??\C:\Program Files (x86)\MSI\Fast Boot\NTIOLib_X64.sys [2017-03-29 14288]
R3 NTIOLib_MBAPI;NTIOLib_MBAPI; \??\C:\Program Files (x86)\MSI\Gaming APP\Lib\NTIOLib_X64.sys [2017-07-10 14288]
R3 NTIOLib_MSIDDR_CC;NTIOLib_MSIDDR_CC; \??\C:\Program Files (x86)\MSI\Command Center\DDR\NTIOLib_X64.sys [2021-08-09 29576]
R3 NVHDA;@oem39.inf,%NVHDA.SvcDesc%;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2021-11-09 125568]
R3 nvlddmkm;nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_0bc9105c62ca22fb\nvlddmkm.sys [2021-12-15 39649960]
R3 NvModuleTracker;@oem29.inf,%ServiceName%;NvModuleTracker; C:\Windows\System32\drivers\NvModuleTracker.sys [2020-08-14 43416]
R3 nvvad_WaveExtensible;@oem38.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2021-11-01 48552]
R3 nvvhci;@oem10.inf,%ServiceDesc%;NVVHCI Enumerator Service; C:\Windows\System32\drivers\nvvhci.sys [2021-06-02 67464]
R3 PHYMEM;PHYMEM; \??\C:\Users\pavda\AppData\Local\Packages\33C30B79.HyperXNGenuity_0a78dr3hq0pvt\LocalState\otipcibus64.sys [2021-08-31 17488]
S0 bttflt;@virtdisk.inf,%service_desc%;Microsoft Hyper-V VHDPMEM BTT Filter; C:\Windows\System32\drivers\bttflt.sys [2019-12-07 43832]
S0 cht4iscsi;cht4iscsi; C:\Windows\System32\drivers\cht4sx64.sys [2019-12-07 319800]
S0 iaStorAVC;@iastorav.inf,%iaStorAVC.DeviceDesc%;Intel Chipset SATA RAID Controller; C:\Windows\System32\drivers\iaStorAVC.sys [2019-12-07 884752]
S0 ItSas35i;ItSas35i; C:\Windows\System32\drivers\ItSas35i.sys [2019-12-07 172344]
S0 klelam;klelam; C:\Windows\system32\DRIVERS\klelam.sys [2021-02-19 41656]
S0 LSI_SAS2i;LSI_SAS2i; C:\Windows\System32\drivers\lsi_sas2i.sys [2019-12-07 124216]
S0 LSI_SAS3i;LSI_SAS3i; C:\Windows\System32\drivers\lsi_sas3i.sys [2019-12-07 135992]
S0 megasas2i;megasas2i; C:\Windows\System32\drivers\MegaSas2i.sys [2019-12-07 81720]
S0 megasas35i;megasas35i; C:\Windows\System32\drivers\megasas35i.sys [2019-12-07 105480]
S0 nvdimm;@nvdimm.inf,%nvdimm.SvcDesc%;Microsoft NVDIMM device driver; C:\Windows\System32\drivers\nvdimm.sys [2019-12-07 168464]
S0 percsas2i;percsas2i; C:\Windows\System32\drivers\percsas2i.sys [2019-12-07 58680]
S0 percsas3i;percsas3i; C:\Windows\System32\drivers\percsas3i.sys [2019-12-07 68408]
S0 pmem;@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver; C:\Windows\System32\drivers\pmem.sys [2019-12-07 138040]
S0 Ramdisk;Windows RAM Disk Driver; C:\Windows\system32\DRIVERS\ramdisk.sys [2019-12-07 42296]
S1 EneIo;EneIo; \??\C:\Windows\system32\drivers\ene.sys [2019-05-22 17624]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\Windows\System32\drivers\AcpiDev.sys [2019-12-07 23040]
S3 Acx01000;@%SystemRoot%\system32\drivers\Acx01000.sys,-1000; C:\Windows\system32\drivers\Acx01000.sys [2019-12-07 415232]
S3 amdgpio2;@amdgpio2.inf,%GPIO.SvcDesc%;AMD GPIO Client Driver; C:\Windows\System32\drivers\amdgpio2.sys [2019-12-07 18432]
S3 amdi2c;@amdi2c.inf,%amdi2c.SVCDESC%;AMD I2C Controller Service; C:\Windows\System32\drivers\amdi2c.sys [2019-12-07 45568]
S3 AppleKmdfFilter;@oem27.inf,%AppleKmdfFilterDisplayName%;Apple KMDF Filter Driver; C:\Windows\System32\drivers\AppleKmdfFilter.sys [2020-10-09 20032]
S3 AppleLowerFilter;@oem27.inf,%AppleLowerFilterDisplayName%;Apple Lower Filter Driver; C:\Windows\System32\drivers\AppleLowerFilter.sys [2020-10-09 35976]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\Windows\system32\drivers\applockerfltr.sys [2021-12-16 18432]
S3 AppvStrm;@%systemroot%\system32\drivers\AppvStrm.sys,-101; C:\Windows\system32\drivers\AppvStrm.sys [2021-11-11 138056]
S3 AppvVemgr;@%systemroot%\system32\drivers\AppvVemgr.sys,-101; C:\Windows\system32\drivers\AppvVemgr.sys [2021-11-11 174408]
S3 AppvVfs;@%systemroot%\system32\drivers\AppvVfs.sys,-101; C:\Windows\system32\drivers\AppvVfs.sys [2021-11-11 154952]
S3 BthA2dp;@microsoft_bluetooth_a2dp.inf,%BthA2dp.ServiceDescription%;Microsoft Bluetooth A2dp driver; C:\Windows\System32\drivers\BthA2dp.sys [2019-12-07 279040]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\Windows\System32\drivers\BthEnum.sys [2021-12-16 113664]
S3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\Windows\System32\drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [2020-10-09 106496]
S3 BthMini;@bth.inf,%BTHMINI.SvcDesc%;Bluetooth Radio Driver; C:\Windows\System32\drivers\BTHMINI.sys [2021-12-16 45568]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\Windows\System32\drivers\BTHport.sys [2021-12-16 1559552]
S3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\Windows\System32\drivers\BTHUSB.sys [2021-12-16 110592]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\Windows\System32\drivers\buttonconverter.sys [2019-12-07 44032]
S3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\Windows\System32\drivers\CAD.sys [2019-12-07 66576]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\Windows\System32\DriverStore\FileRepository\genericusbfn.inf_amd64_53931f0ae21d6d2c\genericusbfn.sys [2019-12-07 23040]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\Windows\System32\drivers\hidinterrupt.sys [2019-12-07 55824]
S3 hidspi;@hidspi_km.inf,%hidspi.SVCDESC%;Microsoft SPI HID Miniport Driver; C:\Windows\System32\drivers\hidspi.sys [2019-12-07 66560]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\Windows\system32\drivers\hvservice.sys [2021-09-16 95056]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver; C:\Windows\System32\Drivers\mshwnclx.sys [2019-12-07 30208]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\Windows\System32\drivers\cht4vx64.sys [2019-12-07 1853752]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\Windows\System32\drivers\iagpio.sys [2019-12-07 36352]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\Windows\System32\drivers\iai2c.sys [2019-12-07 91136]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\Windows\System32\drivers\iaLPSS2i_GPIO2.sys [2019-12-07 79360]
S3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\Windows\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2019-12-07 93184]
S3 iaLPSS2i_GPIO2_CNL;@iaLPSS2i_GPIO2_CNL.inf,%iaLPSS2i_GPIO2_CNL.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\Windows\System32\drivers\iaLPSS2i_GPIO2_CNL.sys [2019-12-07 112128]
S3 iaLPSS2i_GPIO2_GLK;@iaLPSS2i_GPIO2_GLK.inf,%iaLPSS2i_GPIO2_GLK.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\Windows\System32\drivers\iaLPSS2i_GPIO2_GLK.sys [2019-12-07 96256]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\Windows\System32\drivers\iaLPSS2i_I2C.sys [2019-12-07 171520]
S3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\Windows\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2019-12-07 175104]
S3 iaLPSS2i_I2C_CNL;@iaLPSS2i_I2C_CNL.inf,%iaLPSS2i_I2C_CNL.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\Windows\System32\drivers\iaLPSS2i_I2C_CNL.sys [2019-12-07 177152]
S3 iaLPSS2i_I2C_GLK;@iaLPSS2i_I2C_GLK.inf,%iaLPSS2i_I2C_GLK.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\Windows\System32\drivers\iaLPSS2i_I2C_GLK.sys [2019-12-07 177664]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\Windows\System32\drivers\ibbus.sys [2019-12-07 558904]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\Windows\System32\drivers\IndirectKmd.sys [2020-10-09 47104]
S3 intelpmax;@intelpmax.inf,%SvcDesc%;Intel(R) Dynamic Device Peak Power Manager Driver; C:\Windows\System32\drivers\intelpmax.sys [2019-12-07 30720]
S3 ipadtst2;ipadtst2; \??\C:\Program Files (x86)\MSI\Super Charger\ipadtst2_64.sys [2020-02-27 26824]
S3 IPT;IPT; C:\Windows\System32\drivers\ipt.sys [2019-12-07 59704]
S3 klupd_klif_arkmon_F68CBDD9;klupd_klif_arkmon_F68CBDD9; \??\C:\ProgramData\Kaspersky Lab\AVP21.3\Temp\F68CBDD9AE594B726FFD0FDB048B0239\klupd_klif_arkmon.sys [2022-01-17 287904]
S3 klupd_klif_klark_E52A2E80;klupd_klif_klark_E52A2E80; \??\C:\ProgramData\Kaspersky Lab\AVP21.3\Temp\E52A2E80CA1DABF7E4D25609D3B6FDEB\klupd_klif_klark.sys [2022-01-17 319720]
S3 klupd_klif_mark_4B2B33F5;klupd_klif_mark_4B2B33F5; \??\C:\ProgramData\Kaspersky Lab\AVP21.3\Temp\4B2B33F5183084B8670BB7B00DF48E52\klupd_klif_mark.sys [2022-01-17 229248]
S3 LVRS64;@oem2.inf,%lvrs.SrvDesc%;Logitech RightSound Filter Driver; C:\Windows\system32\DRIVERS\lvrs64.sys [2012-10-26 351520]
S3 LVUVC64;@oem3.inf,%PID_0825_DD%(UVC);Logitech HD Webcam C270(UVC); C:\Windows\system32\DRIVERS\lvuvc64.sys [2012-10-26 4758176]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\Windows\System32\drivers\mausbhost.sys [2019-12-07 537608]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\Windows\System32\drivers\mausbip.sys [2019-12-07 64016]
S3 MbbCx;MBB Network Adapter Class Extension; C:\Windows\system32\drivers\MbbCx.sys [2021-07-09 391168]
S3 Microsoft_Bluetooth_AvrcpTransport;@microsoft_bluetooth_avrcptransport.inf,%Microsoft_Bluetooth_AvrcpTransport.ServiceDescription%;Microsoft Bluetooth Avrcp Transport Driver; C:\Windows\System32\drivers\Microsoft.Bluetooth.AvrcpTransport.sys [2019-12-07 65024]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\Windows\System32\drivers\mlx4_bus.sys [2019-12-07 1131320]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\Windows\System32\drivers\ndfltr.sys [2019-12-07 146232]
S3 NDKPing;NDKPing Driver; C:\Windows\system32\drivers\NDKPing.sys [2019-12-07 72720]
S3 Netaapl;@oem22.inf,%Netaapl.Service.DispName%;Apple Mobile Device Ethernet Service; C:\Windows\System32\drivers\netaapl64.sys [2020-04-15 23040]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\Windows\system32\drivers\NetAdapterCx.sys [2021-12-16 214528]
S3 PktMon;Packet Monitor Driver; C:\Windows\system32\drivers\PktMon.sys [2022-01-13 130360]
S3 PNPMEM;@memory.inf,%PNPMEM.SvcDesc%;Microsoft Memory Module Driver; C:\Windows\System32\drivers\pnpmem.sys [2019-12-07 17408]
S3 portcfg;portcfg; C:\Windows\System32\drivers\portcfg.sys [2019-12-07 27136]
S4 hvcrash;hvcrash; C:\Windows\System32\drivers\hvcrash.sys [2019-12-07 35128]
S4 klwfp;klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [2021-02-19 155912]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device Service;Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2021-08-20 99104]
R2 AVP21.3;Služba Kaspersky Anti-Virus 21.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3\avp.exe [2021-06-18 184768]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2015-08-12 462096]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\Windows\system32\svchost.exe [2020-10-09 57360]
R2 CDPUserSvc_3cd67df;Uživatelská služba platformy připojených zařízení_3cd67df; C:\Windows\system32\svchost.exe [2020-10-09 57360]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\Windows\system32\svchost.exe [2020-10-09 57360]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\Windows\System32\svchost.exe [2020-10-09 57360]
R2 DispBrokerDesktopSvc;@%SystemRoot%\system32\dispbroker.desktop.dll,-101; C:\Windows\system32\svchost.exe [2020-10-09 57360]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; C:\Windows\System32\svchost.exe [2020-10-09 57360]
R2 FoxitPhantomPDFUpdateService;Foxit PhantomPDF Update Service; C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\FoxitPhantomPDFUpdateService.exe [2020-04-29 1995184]
R2 FoxitReaderUpdateService;Foxit Reader Update Service; C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitReaderUpdateService.exe [2020-08-31 2357864]
R2 GamingApp_Service;GamingApp_Service; C:\Program Files (x86)\MSI\Gaming APP\GamingApp_Service.exe [2018-09-06 46776]
R2 GamingHotkey_Service;MSI Gaming Hotkey Service; C:\Program Files (x86)\MSI\Gaming APP\GamingHotkey_Service.exe [2019-01-09 2027192]
R2 LGHUBUpdaterService;LGHUB Updater Service; C:\Program Files\LGHUB\lghub_updater.exe [2022-01-14 11174464]
R2 MSI_ActiveX_Service;MSI_ActiveX_Service; C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\MSI_ActiveX_Service.exe [2018-07-25 86688]
R2 MSI_FastBoot;MSI Fast Boot Service; C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe [2017-12-21 113336]
R2 MSI_LiveUpdate_Service;MSI Live Update Service; C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [2021-04-08 2210104]
R2 MSI_SuperCharger;MSI Super Charger Service; C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe [2020-03-09 183472]
R2 MSICTL_CC;MSI Command Center control Service; C:\Program Files (x86)\MSI\Command Center\MSIControlService.exe [2017-02-15 2102880]
R2 MSIDDR_CC;MSI Command Center DDR Service; C:\Program Files (x86)\MSI\Command Center\DDR\MSIDDRService.exe [2021-08-13 2333008]
R2 MSIREGISTER_MR;MSIREGISTER_MR; C:\Program Files (x86)\MSI\MSIRegister\MSIRegisterService.exe [2019-08-28 2019504]
R2 NvContainerLocalSystem;NVIDIA LocalSystem Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2021-11-16 903024]
R2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_0bc9105c62ca22fb\Display.NvContainer\NVDisplay.Container.exe [2021-12-15 1019560]
R2 OneSyncSvc_3cd67df;Hostitel synchronizace_3cd67df; C:\Windows\system32\svchost.exe [2020-10-09 57360]
R3 AarSvc_3cd67df;Agent Activation Runtime_3cd67df; C:\Windows\system32\svchost.exe [2020-10-09 57360]
R3 BthAvctpSvc;@%SystemRoot%\system32\BthAvctpSvc.dll,-101; C:\Windows\system32\svchost.exe [2020-10-09 57360]
R3 cbdhsvc_3cd67df;Uživatelská služba schránky_3cd67df; C:\Windows\system32\svchost.exe [2020-10-09 57360]
R3 DisplayEnhancementService;@%SystemRoot%\System32\Microsoft.Graphics.Display.DisplayEnhancementService.dll,-1000; C:\Windows\system32\svchost.exe [2020-10-09 57360]
R3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\Windows\System32\svchost.exe [2020-10-09 57360]
R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2014-06-24 171480]
R3 InstallService;@%SystemRoot%\system32\InstallService.dll,-200; C:\Windows\System32\svchost.exe [2020-10-09 57360]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\Windows\System32\svchost.exe [2020-10-09 57360]
R3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\Windows\system32\svchost.exe [2020-10-09 57360]
R3 PimIndexMaintenanceSvc_3cd67df;Data kontaktů_3cd67df; C:\Windows\system32\svchost.exe [2020-10-09 57360]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\Windows\system32\svchost.exe [2020-10-09 57360]
S2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\Windows\System32\svchost.exe [2020-10-09 57360]
S2 edgeupdate;Služba Microsoft Edge Update (edgeupdate); C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [2020-09-27 213392]
S2 gupdate;Služba Aktualizace Google (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2020-11-09 155592]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\Windows\System32\svchost.exe [2020-10-09 57360]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\Windows\system32\svchost.exe [2020-10-09 57360]
S3 AarSvc;@%SystemRoot%\system32\AarSvc.dll,-100; C:\Windows\system32\svchost.exe [2020-10-09 57360]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\Windows\system32\svchost.exe [2020-10-09 57360]
S3 AssignedAccessManagerSvc;@%SystemRoot%\system32\assignedaccessmanagersvc.dll,-100; C:\Windows\system32\svchost.exe [2020-10-09 57360]
S3 autotimesvc;@%SystemRoot%\System32\autotimesvc.dll,-6; C:\Windows\system32\svchost.exe [2020-10-09 57360]
S3 BcastDVRUserService;@%SystemRoot%\system32\BcastDVRUserService.dll,-100; C:\Windows\system32\svchost.exe [2020-10-09 57360]
S3 BcastDVRUserService_3cd67df;Uživatelská služba pro GameDVR a vysílání her_3cd67df; C:\Windows\system32\svchost.exe [2020-10-09 57360]
S3 BEService;BattlEye Service; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [2021-12-02 8944720]
S3 BluetoothUserService;@%SystemRoot%\system32\Microsoft.Bluetooth.UserService.dll,-101; C:\Windows\system32\svchost.exe [2020-10-09 57360]
S3 BluetoothUserService_3cd67df;Služba pro podporu uživatelů Bluetooth_3cd67df; C:\Windows\system32\svchost.exe [2020-10-09 57360]
S3 BTAGService;@%SystemRoot%\system32\BTAGService.dll,-101; C:\Windows\system32\svchost.exe [2020-10-09 57360]
S3 camsvc;@%SystemRoot%\system32\CapabilityAccessManager.dll,-1; C:\Windows\system32\svchost.exe [2020-10-09 57360]
S3 CaptureService;@%SystemRoot%\system32\CaptureService.dll,-100; C:\Windows\system32\svchost.exe [2020-10-09 57360]
S3 CaptureService_3cd67df;CaptureService_3cd67df; C:\Windows\system32\svchost.exe [2020-10-09 57360]
S3 cbdhsvc;@%SystemRoot%\system32\cbdhsvc.dll,-100; C:\Windows\system32\svchost.exe [2020-10-09 57360]
S3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\Windows\System32\svchost.exe [2020-10-09 57360]
S3 cloudidsvc;@%SystemRoot%\system32\cloudidsvc.dll,-100; C:\Windows\system32\svchost.exe [2020-10-09 57360]
S3 ConsentUxUserSvc;@%SystemRoot%\system32\ConsentUxClient.dll,-100; C:\Windows\system32\svchost.exe [2020-10-09 57360]
S3 ConsentUxUserSvc_3cd67df;ConsentUX_3cd67df; C:\Windows\system32\svchost.exe [2020-10-09 57360]
S3 CredentialEnrollmentManagerUserSvc;@%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100; C:\Windows\system32\CredentialEnrollmentManager.exe [2021-09-16 382696]
S3 CredentialEnrollmentManagerUserSvc_3cd67df;CredentialEnrollmentManagerUserSvc_3cd67df; C:\Windows\system32\CredentialEnrollmentManager.exe [2021-09-16 382696]
S3 DeviceAssociationBrokerSvc;@%SystemRoot%\system32\deviceaccess.dll,-107; C:\Windows\system32\svchost.exe [2020-10-09 57360]
S3 DeviceAssociationBrokerSvc_3cd67df;DeviceAssociationBroker_3cd67df; C:\Windows\system32\svchost.exe [2020-10-09 57360]
S3 DevicePickerUserSvc;@%SystemRoot%\system32\Windows.Devices.Picker.dll,-1006; C:\Windows\system32\svchost.exe [2020-10-09 57360]
S3 DevicePickerUserSvc_3cd67df;DevicePicker_3cd67df; C:\Windows\system32\svchost.exe [2020-10-09 57360]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; C:\Windows\system32\svchost.exe [2020-10-09 57360]
S3 DevicesFlowUserSvc_3cd67df;Tok zařízení_3cd67df; C:\Windows\system32\svchost.exe [2020-10-09 57360]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\Windows\system32\svchost.exe [2020-10-09 57360]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2022-01-13 94208]
S3 diagsvc;@%systemroot%\system32\DiagSvc.dll,-100; C:\Windows\System32\svchost.exe [2020-10-09 57360]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\Windows\system32\svchost.exe [2020-10-09 57360]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\Windows\system32\svchost.exe [2020-10-09 57360]
S3 edgeupdatem;Služba Microsoft Edge Update (edgeupdatem); C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [2020-09-27 213392]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\Windows\System32\svchost.exe [2020-10-09 57360]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\Windows\system32\svchost.exe [2020-10-09 57360]
S3 FACEITService;FACEITService; C:\Program Files\FACEIT AC\faceitservice.exe [2021-10-12 23341512]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\Windows\System32\svchost.exe [2020-10-09 57360]
S3 FvSvc;NVIDIA FrameView SDK service; C:\Program Files\NVIDIA Corporation\FrameViewSDK\nvfvsdksvc_x64.exe [2021-09-27 410320]
S3 GoogleChromeElevationService;Google Chrome Elevation Service (GoogleChromeElevationService); C:\Program Files\Google\Chrome\Application\97.0.4692.71\elevation_service.exe [2021-12-29 1491288]
S3 GraphicsPerfSvc;@%SystemRoot%\system32\GraphicsPerfSvc.dll,-100; C:\Windows\System32\svchost.exe [2020-10-09 57360]
S3 gupdatem;Služba Aktualizace Google (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2020-11-09 155592]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\Windows\system32\svchost.exe [2020-10-09 57360]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\Windows\system32\svchost.exe [2020-10-09 57360]
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; C:\Windows\System32\svchost.exe [2020-10-09 57360]
S3 klvssbridge64_21.3;Kaspersky Volume Shadow Copy Service Bridge 21.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3\x64\vssbridge64.exe [2021-02-19 479280]
S3 LxpSvc;@%SystemRoot%\system32\LanguageOverlayServer.dll,-100; C:\Windows\system32\svchost.exe [2020-10-09 57360]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\Windows\system32\svchost.exe [2020-10-09 57360]
S3 MessagingService_3cd67df;Služba zasílání zpráv_3cd67df; C:\Windows\system32\svchost.exe [2020-10-09 57360]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 MicrosoftEdgeElevationService;Microsoft Edge Elevation Service (MicrosoftEdgeElevationService); C:\Program Files (x86)\Microsoft\Edge\Application\97.0.1072.62\elevation_service.exe [2022-01-13 1610120]
S3 MixedRealityOpenXRSvc;@%SystemRoot%\system32\MixedRealityRuntime.dll,-101; C:\Windows\system32\svchost.exe [2020-10-09 57360]
S3 MSIClock_CC;MSI Command Center Clock Service; C:\Program Files (x86)\MSI\Command Center\ClockGen\MSIClockService.exe [2021-08-13 4167504]
S3 MSICOMM_CC;MSI Command Center Comm Service; C:\Program Files (x86)\MSI\Command Center\MSICommService.exe [2021-08-13 2209104]
S3 MSICPU_CC;MSI Command Center CPU Service; C:\Program Files (x86)\MSI\Command Center\CPU\MSICPUService.exe [2021-08-13 4175696]
S3 MSISMB_CC;MSI Command Center SMBus Service; C:\Program Files (x86)\MSI\Command Center\SMBus\MSISMBService.exe [2021-08-13 2079568]
S3 MSISuperIO_CC;MSI Command Center SuperIO Service; C:\Program Files (x86)\MSI\Command Center\SuperIO\MSISuperIOService.exe [2021-08-13 615248]
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; C:\Windows\system32\svchost.exe [2020-10-09 57360]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\Windows\System32\svchost.exe [2020-10-09 57360]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\Windows\system32\svchost.exe [2020-10-09 57360]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\Windows\system32\svchost.exe [2020-10-09 57360]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 perceptionsimulation;@%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101; C:\Windows\system32\PerceptionSimulation\PerceptionSimulationService.exe [2021-01-13 106496]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\Windows\system32\svchost.exe [2020-10-09 57360]
S3 PrintWorkflowUserSvc;@%SystemRoot%\system32\PrintWorkflowService.dll,-100; C:\Windows\system32\svchost.exe [2020-10-09 57360]
S3 PrintWorkflowUserSvc_3cd67df;PrintWorkflow_3cd67df; C:\Windows\system32\svchost.exe [2020-10-09 57360]
S3 PushToInstall;@%SystemRoot%\system32\pushtoinstall.dll,-200; C:\Windows\System32\svchost.exe [2020-10-09 57360]
S4 AppVClient;@%systemroot%\system32\AppVClient.exe,-102; C:\Windows\system32\AppVClient.exe [2021-11-11 783192]
S4 DialogBlockingService;@%SystemRoot%\system32\DialogBlockingService.dll,-100; C:\Windows\system32\svchost.exe [2020-10-09 57360]

-----------------EOF-----------------
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118243
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: preventivní kontrola

#3 Příspěvek od Rudy »

Zdravím!
Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
C:\Program Files\Bonjour
HKU\S-1-5-21-3696039247-2293415178-2957003930-1001\...\MountPoints2: {dcc7d279-c161-11eb-9778-d8cb8a1946fd} - "E:\HiSuiteDownLoader.exe"
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
Task: {0C9DFEEB-34CD-46BC-96FC-EAC882493E11} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-11-09] (Google LLC -> Google LLC)
Task: {BF345747-70F6-4B1B-BE50-108EDC6F9A21} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-11-09] (Google LLC -> Google LLC)
C:\Users\pavda\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

EmptyTemp:
End
Uložte do C:\Users\pavda\Downloads jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
ptdave
Návštěvník
Návštěvník
Příspěvky: 77
Registrován: 01 zář 2012 11:28

Re: preventivní kontrola

#4 Příspěvek od ptdave »

Fix result of Farbar Recovery Scan Tool (x64) Version: 26-01-2022
Ran by David (28-01-2022 13:27:51) Run:1
Running from C:\Users\pavda\Downloads
Loaded Profiles: David
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
C:\Program Files\Bonjour
HKU\S-1-5-21-3696039247-2293415178-2957003930-1001\...\MountPoints2: {dcc7d279-c161-11eb-9778-d8cb8a1946fd} - "E:\HiSuiteDownLoader.exe"
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
Task: {0C9DFEEB-34CD-46BC-96FC-EAC882493E11} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-11-09] (Google LLC -> Google LLC)
Task: {BF345747-70F6-4B1B-BE50-108EDC6F9A21} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-11-09] (Google LLC -> Google LLC)
C:\Users\pavda\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

EmptyTemp:
End
*****************

Processes closed successfully.
C:\Program Files\Bonjour => moved successfully
HKU\S-1-5-21-3696039247-2293415178-2957003930-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{dcc7d279-c161-11eb-9778-d8cb8a1946fd} => removed successfully
C:\Windows\system32\GroupPolicy\Machine => moved successfully
C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully
C:\ProgramData\NTUSER.pol => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0C9DFEEB-34CD-46BC-96FC-EAC882493E11}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0C9DFEEB-34CD-46BC-96FC-EAC882493E11}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{BF345747-70F6-4B1B-BE50-108EDC6F9A21}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BF345747-70F6-4B1B-BE50-108EDC6F9A21}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
C:\Users\pavda\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => moved successfully

=========== EmptyTemp: ==========

BITS transfer queue => 1310720 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 292302854 B
Java, Flash, Steam htmlcache => 670280369 B
Windows/system/drivers => 0 B
Edge => 0 B
Chrome => 390226040 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 72758 B
NetworkService => 72758 B
pavda => 95163104 B

RecycleBin => 0 B
EmptyTemp: => 1.3 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 13:28:16 ====
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118243
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: preventivní kontrola

#5 Příspěvek od Rudy »

Smazáno, log je již OK.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
ptdave
Návštěvník
Návštěvník
Příspěvky: 77
Registrován: 01 zář 2012 11:28

Re: preventivní kontrola

#6 Příspěvek od ptdave »

děkuji moc :closed:
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118243
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: preventivní kontrola

#7 Příspěvek od Rudy »

Rádo se stalo! :)
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Zamčeno

Zpět na „Preventivní kontroly logů“