Kaspersky vyhazuje upozornění na HEUR:Trojan.Multi.GenBadur.gena v systémové paměti - možná falešný poplach?
Napsal: 19 dub 2025 02:31
Zdravím,
Kaspersky me upozornil na HEUR:Trojan.Multi.GenBadur.gena, nevim zda, jestli to je neni jen plany poplach, restartoval jsem PC a po chvili vyskocilo znovu, tak se ujistuji, ze je vse OK.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 01-04-2025
Ran by David (administrator) on DEJFYQQ (Micro-Star International Co., Ltd. MS-7D75) (19-04-2025 03:28:55)
Running from C:\Users\David\Desktop\FRST64.exe
Loaded Profiles: David
Platform: Microsoft Windows 11 Home Version 24H2 26100.3775 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Blizzard Entertainment, Inc. -> Blizzard Entertainment) C:\ProgramData\Battle.net\Agent\Agent.9098\Agent.exe
(C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe ->) (Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\EpicWebHelper.exe <2>
(C:\Program Files (x86)\Gyazo\GyStation.exe ->) (Helpfeel Inc -> Helpfeel Inc.) C:\Program Files (x86)\Gyazo\GyazoVideoCore.exe
(C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\avp.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\avpui.exe
(C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.20\ksde.exe ->) (AO Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.20\ksdeui.exe
(C:\Program Files (x86)\MSI\MSI Center\MSI.CentralServer.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Program Files (x86)\MSI\MSI Center\Engine\CC_Engine_x64.exe
(C:\Program Files (x86)\MSI\MSI Center\MSI_Central_Service.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Center\MSI.CentralServer.exe
(C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzAppManager
(C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzBTLEManager
(C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzDeviceManager
(C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzDiagnostic
(C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzChromaConnectManager
(C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzChromaConnectServer
(C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzIoTDeviceManager
(C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSmartlightingDeviceManager
(C:\Program Files (x86)\Razer\Razer Services\Razer Central\Razer Central.exe ->) (Razer USA Ltd. -> The CefSharp Authors) C:\Program Files (x86)\Razer\Razer Services\Razer Central\CefSharp.BrowserSubprocess.exe <5>
(C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\Razer Central.exe
(C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe ->) (Razer USA Ltd. -> ) C:\Program Files (x86)\Razer\Synapse3\UserProcess\Razer Synapse Service Process.exe
(C:\Program Files (x86)\Steam\steam.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
(C:\Program Files\Dell\Dell Peripheral Manager\DPMService.exe ->) (IndiLogic LLC -> ) C:\Program Files\Dell\Dell Peripheral Manager\DPMCrashHandler.exe <2>
(C:\Program Files\Dell\Dell Peripheral Manager\DPMService.exe ->) (IndiLogic LLC -> Dell Inc.) C:\Program Files\Dell\Dell Peripheral Manager\DPM.exe
(C:\Program Files\Dell\DTP\InstrumentationSubAgent\Dell.TechHub.Instrumentation.SubAgent.exe ->) (Dell Technologies Inc. -> Dell, Inc.) C:\Program Files\Dell\DTP\InstrumentationSubAgent\Dell.TechHub.Instrumentation.UserProcess.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Technologies Inc. -> ) C:\Program Files (x86)\Dell\UpdateService\DCF\Dell.Update.SubAgent.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Technologies Inc. -> DDPM.Subagent) C:\Program Files\Dell\Dell Display and Peripheral Manager\Plugins\DDPM.Subagent\DDPM.Subagent.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Technologies Inc. -> DDPM.Subagent.User) C:\Program Files\Dell\Dell Display and Peripheral Manager\Plugins\DDPM.Subagent.User\DDPM.Subagent.User.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Technologies Inc. -> Dell) C:\Program Files\Dell\MyDell\Manager\Dell.UCA.Manager.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Technologies Inc. -> Dell) C:\Program Files\Dell\TechHub\Dell.CoreServices.Client.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Technologies Inc. -> Dell, Inc.) C:\Program Files\Dell\DTP\AnalyticsSubAgent\Dell.TechHub.Analytics.SubAgent.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Technologies Inc. -> Dell, Inc.) C:\Program Files\Dell\DTP\DataManagerSubAgent\Dell.TechHub.DataManager.SubAgent.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Technologies Inc. -> Dell, Inc.) C:\Program Files\Dell\DTP\InstrumentationSubAgent\Dell.TechHub.Instrumentation.SubAgent.exe
(C:\Program Files\Google\Chrome\Application\chrome.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(C:\Program Files\Google\Play Games Services\25.4.291.0\Service\GooglePlayGamesServices.exe ->) (Google LLC -> ) C:\Program Files\Google\Play Games Services\25.4.291.0\Service\data\windows.assets\crashpad_handler.exe
(C:\Users\David\AppData\Local\Programs\CurseForge Windows\CurseForge.exe ->) (Overwolf Ltd -> Overwolf LTD) C:\Users\David\AppData\Local\Programs\CurseForge Windows\resources\app.asar.unpacked\plugins\curse\win\Curse.Agent.Host.exe
(cmd.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\plugins_nms.exe
(Discord Inc. -> Discord Inc.) C:\Users\David\AppData\Local\Discord\app-1.0.9188\Discord.exe <6>
(DriverStore\FileRepository\u0401611.inf_amd64_fdc4605155615ab7\B399690\atiesrxx.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0401611.inf_amd64_fdc4605155615ab7\B399690\atieclxx.exe
(explorer.exe ->) () [File not signed] C:\Program Files (x86)\CZC.Gaming Reaper\DeviceDriver.exe
(explorer.exe ->) () [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\TSMApplication.exe
(explorer.exe ->) (AVB Disc Soft, SIA -> Disc Soft FZE LLC) C:\Program Files\DAEMON Tools Lite\DTAgent.exe
(explorer.exe ->) (Blizzard Entertainment, Inc. -> Blizzard Entertainment) C:\Program Files (x86)\Battle.net\Battle.net.exe <6>
(explorer.exe ->) (Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <20>
(explorer.exe ->) (Helpfeel Inc -> Helpfeel Inc.) C:\Program Files (x86)\Gyazo\GyStation.exe
(explorer.exe ->) (Overwolf Ltd -> Overwolf) C:\Users\David\AppData\Local\Programs\CurseForge Windows\CurseForge.exe <7>
(explorer.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe
(explorer.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe
(services.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0401611.inf_amd64_fdc4605155615ab7\B399690\atiesrxx.exe
(services.exe ->) (AVB Disc Soft, SIA -> Disc Soft FZE LLC) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(services.exe ->) (Dell Technologies Inc. -> ) C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe
(services.exe ->) (Dell Technologies Inc. -> Dell) C:\Program Files\Dell\TechHub\Dell.TechHub.exe
(services.exe ->) (Google LLC -> Google) C:\Program Files\Google\Play Games Services\25.4.291.0\Service\GooglePlayGamesServices.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (IndiLogic LLC -> Dell Inc.) C:\Program Files\Dell\Dell Peripheral Manager\DPMService.exe
(services.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\avp.exe
(services.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.20\ksde.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc) C:\Windows\System32\DriverStore\FileRepository\amd3dvcache.inf_amd64_558311a8a60226a4\amd3dvcacheSvc.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI Center\Case\MSI_Case_Service.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Center\MSI_Central_Service.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI Center\Mystic Light\LightKeeperService.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Center\Mystic Light\Mystic_Light_Service.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI Center\Voice Control\VoiceControl_Service.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvrfi.inf_amd64_a4e2182beae2ddf6\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Razer USA Ltd. -> Razer Inc) C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzChromaStreamServer.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe
(services.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\steamservice.exe
(sihost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftWindows.CrossDevice_1.25031.45.0_x64__cw5n1h2txyewy\CrossDeviceService.exe
(svchost.exe ->) (24803D75-212C-471A-BC57-9EF86AB91435 -> ) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2515.7.0_x64__cv1g1gvanyjgm\WhatsApp.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.StartExperiencesApp_1.1.296.0_x64__8wekyb3d8bbwe\MicrosoftStartFeedProvider\MicrosoftStartFeedProvider.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\David\AppData\Local\Microsoft\OneDrive\25.056.0324.0003\FileCoAuth.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_525.5100.40.0_x64__cw5n1h2txyewy\WidgetBoard.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe <2>
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Center\MSI.TerminalServer.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Center\Mystic Light\LEDKeeper2.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI Center\Voice Control\VoiceControl_Engine.exe
(svchost.exe ->) (PALIT MICROSYSTEMS LTD. TAIWAN BRANCH (BELIZE) -> Palit Microsystems Ltd.) C:\Program Files\Thunder Master\ThPanel.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-2111594256-2338183963-3193565703-1001\...\Run: [TSMApplication] => C:\Program Files (x86)\TradeSkillMaster Application\app\TSMApplication.exe [1623040 2024-08-28] () [File not signed]
HKU\S-1-5-21-2111594256-2338183963-3193565703-1001\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [1213048 2025-03-26] (Helpfeel Inc -> Helpfeel Inc.)
HKU\S-1-5-21-2111594256-2338183963-3193565703-1001\...\Run: [Discord] => C:\Users\David\AppData\Local\Discord\Update.exe [1525016 2023-10-16] (Discord Inc. -> GitHub)
HKU\S-1-5-21-2111594256-2338183963-3193565703-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4694624 2025-04-02] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-2111594256-2338183963-3193565703-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [482640 2023-10-26] (AVB Disc Soft, SIA -> Disc Soft FZE LLC)
HKU\S-1-5-21-2111594256-2338183963-3193565703-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [36981208 2024-12-04] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-2111594256-2338183963-3193565703-1001\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3599496 2025-03-11] (Razer USA Ltd. -> Razer Inc.)
HKU\S-1-5-21-2111594256-2338183963-3193565703-1001\...\Run: [Battle.net] => C:\Program Files (x86)\Battle.net\Battle.net.exe [981632 2025-04-03] (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
HKU\S-1-5-21-2111594256-2338183963-3193565703-1001\...\Run: [electron.app.CurseForge] => C:\Users\David\AppData\Local\Programs\CurseForge Windows\CurseForge.exe [182268856 2025-04-01] (Overwolf Ltd -> Overwolf)
HKU\S-1-5-18\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3599496 2025-03-11] (Razer USA Ltd. -> Razer Inc.)
HKLM\...\Windows x64\Print Processors\hpcpp270: C:\Windows\System32\spool\prtprocs\x64\hpcpp270.dll [873168 2023-05-30] (HP Inc. -> HP Inc.)
HKLM\...\Print\Monitors\HP Universal Print Monitor: c:\windows\system32\HPMPW082.DLL [130256 2023-05-30] (HP Inc. -> HP Inc.)
HKLM\...\Print\Monitors\HPMLM225: c:\windows\system32\hpmlm225.dll [318160 2023-05-30] (HP Inc. -> HP Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\135.0.7049.96\Installer\chrmstp.exe [2025-04-17] (Google LLC -> Google LLC)
Startup: C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DDM2.0.lnk [2023-10-26]
ShortcutTarget: DDM2.0.lnk -> C:\Program Files\Dell\Dell Display Manager 2\DDM.exe (No File)
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {3CFFFB62-35B9-4B00-A3EF-1CADEA1F1950} - System32\Tasks\Google Play Games Notifier => C:\Program Files\Google\Play Games\Bootstrapper.exe [375392 2025-04-18] (Google LLC -> Google LLC)
Task: {20602FA7-D082-4035-94C5-CA3179224F2A} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem137.0.7115.0{2557B071-197E-47E9-AFA4-C323D2ECBBB6} => C:\Program Files (x86)\Google\GoogleUpdater\137.0.7115.0\updater.exe [7360096 2025-04-08] (Google LLC -> Google LLC)
Task: {2FBA3F76-156A-4FFE-918B-78AE72B83EEA} - System32\Tasks\GyazoUpdateTaskMachine => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [10513984 2025-03-26] (Helpfeel Inc -> Helpfeel Inc.)
Task: {8F53028B-313E-4798-A7D7-7B00E941E17A} - System32\Tasks\GyazoUpdateTaskMachineDaily => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [10513984 2025-03-26] (Helpfeel Inc -> Helpfeel Inc.)
Task: {2F025BF2-467A-42CC-A20C-227EF86BD9BE} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [78288 2025-03-03] (HP Inc. -> HP Inc.)
Task: {D31EDD06-9494-45F6-913B-9E98F5501A0E} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor Logon => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [78288 2025-03-03] (HP Inc. -> HP Inc.)
Task: {8061F546-2AA0-4F23-A861-22118B523C3E} - System32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901} => C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe [743488 2023-10-25] (Kaspersky Lab JSC -> AO Kaspersky Lab)
Task: {F960DEC5-CB0A-45F3-809A-5D0A0D20C15A} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26043888 2019-03-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {591F3815-453A-4FED-8DCD-AE4E364ECE38} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26043888 2019-03-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {78AB5B60-5F84-493F-9E3D-9E5F85EFA1AB} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\sdxhelper.exe [103896 2023-10-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {A11EF95D-7CAD-4292-B611-62BE49DE8B5C} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\sdxhelper.exe [103896 2023-10-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {DE1B5B99-25AE-428B-9EC8-6AE1D27F943E} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1403008 2023-10-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {C7FFF969-718F-4CCA-AC2A-524E9A426BE2} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1403008 2023-10-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {DD5CD39C-2D88-443C-BEF7-EEFA8C25213E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4403336 2023-10-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {EDDC86CD-8F92-41B6-BEE9-BF68C9B215E1} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4403336 2023-10-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {B91F7551-B92E-4A76-870D-05E1487D240A} - System32\Tasks\Microsoft\Windows\AccountHealth\RecoverabilityToastTask => {B7F5B442-EBF8-46CD-9F0B-D8E45ED43492} C:\WINDOWS\system32\AccountHealth.dll [258048 2025-03-27] (Microsoft Windows -> Microsoft Corporation)
Task: {077BA067-7C15-40F0-B22E-C9DC2A54B4A2} - System32\Tasks\Microsoft\Windows\Location\Notifications => %windir%\System32\LocationNotificationWindows.exe (No File)
Task: {F3E6E7ED-A196-4E44-8803-55FAB3AD4E29} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
Task: {A10B79A1-933A-4CCE-9411-E5145D49A3B8} - System32\Tasks\MSI Task Host - LEDKeeper2_Host => C:\Program Files (x86)\MSI\MSI Center\Mystic Light\LEDKeeper2.exe [2660456 2023-10-04] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
Task: {61BF09AC-4E25-473E-BA83-E1554CE7A1EC} - System32\Tasks\NVIDIA app SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA app\CEF\NVIDIA app.exe [3287072 2025-03-06] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9BD09CC4-557E-493F-9833-BF4528595D59} - System32\Tasks\OneDrive Startup Task-S-1-5-21-2111594256-2338183963-3193565703-1001 => C:\Users\David\AppData\Local\Microsoft\OneDrive\25.056.0324.0003\OneDriveLauncher.exe [676680 2025-04-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {B2B209D9-81AB-4894-ADFF-004B5E75296F} - System32\Tasks\ThunderMaster => C:\Program Files\Thunder Master\ThPanel.exe [4530592 2023-05-05] (PALIT MICROSYSTEMS LTD. TAIWAN BRANCH (BELIZE) -> Palit Microsystems Ltd.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 93.89.159.2 1.1.1.1
Tcpip\..\Interfaces\{c955e5c7-047b-42c9-b48e-0f4d7406f04a}: [DhcpNameServer] 93.89.159.2 1.1.1.1
Edge:
=======
Edge Profile: C:\Users\David\AppData\Local\Microsoft\Edge\User Data\Default [2025-04-15]
Edge Extension: (Ochrana Kaspersky) - C:\Users\David\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm [2024-12-03]hxxps://clients2.google.com/service/update2/crx
Edge Extension: (Dokumenty Google offline) - C:\Users\David\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-03-28]hxxps://clients2.google.com/service/update2/crx
Edge Extension: (Edge relevant text changes) - C:\Users\David\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-24]hxxps://edge.microsoft.com/extensionwebstorebase/v1/crx
Edge HKU\S-1-5-21-2111594256-2338183963-3193565703-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm]
FireFox:
========
FF HKLM\...\Firefox\Extensions: [light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\FFExt\light_plugin_firefox\addon.xpi => not found
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\FFExt\light_plugin_firefox\addon.xpi => not found
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2023-10-27] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2023-10-27] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=3.0.19 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2024-06-08] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.20 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2024-06-08] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.21 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2024-06-08] (VideoLAN -> VideoLAN)
Chrome:
=======
CHR Profile: C:\Users\David\AppData\Local\Google\Chrome\User Data\Default [2025-04-19]
CHR DownloadDir: C:\Users\David\Desktop
CHR HomePage: Default -> hxxp://seznam.cz/
CHR StartupUrls: Default -> "hxxp://facebook.com/"
CHR DefaultSearchURL: Default -> hxxp://www.google.com/search?hl=en&q={searchTerms}
CHR DefaultSearchKeyword: Default -> google.cz_
CHR DefaultSuggestURL: Default -> hxxp://suggest.fulltext.seznam.cz/fulltext_ff?phrase={searchTerms}
CHR Extension: (Ochrana Kaspersky) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm [2024-12-03]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (BetterTTV) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2025-04-12]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (7TV) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\ammjkodgmmoknidbanneddgankgfejfh [2023-10-25]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (MrtkiBlock) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmlajoobakfffnddclhgdbfomjmaeeen [2023-10-25]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (uBlock Origin) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2025-03-22]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Kaspersky Password Manager) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhnkblpjbkfklfloegejegedcafpliaa [2025-02-11]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2025-04-18]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Dokumenty Google offline) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-03-27]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-10-25]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Unseen Message) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\oapcfkclledjbalilncpoimgjgcndhdo [2024-01-07]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Global Twitch Emotes) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgniedifoejifjkndekolimjeclnokkb [2023-10-25]hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm
CHR HKU\S-1-5-21-2111594256-2338183963-3193565703-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 amd3dvcacheSvc; C:\WINDOWS\System32\DriverStore\FileRepository\amd3dvcache.inf_amd64_558311a8a60226a4\amd3dvcacheSvc.exe [143432 2024-04-18] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc)
R2 AVP21.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\avp.exe [184768 2022-08-01] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S3 battlenet_helpersvc; C:\ProgramData\Battle.net_components\battlenet_helpersvc\AgentHelper.exe [3319424 2025-04-08] (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11129928 2019-03-05] (Microsoft Corporation -> Microsoft Corporation)
S2 coresys; C:\Users\David\AppData\Roaming\Microsoft\kernel64\core\coresys.exe [762316288 2024-11-24] () [File not signed] <==== ATTENTION
R2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [51648 2024-11-13] (Dell Technologies Inc. -> )
R2 DellTechHub; C:\Program Files\Dell\TechHub\Dell.TechHub.exe [153304 2024-12-03] (Dell Technologies Inc. -> Dell)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [4974416 2023-10-26] (AVB Disc Soft, SIA -> Disc Soft FZE LLC)
R2 DPMService; C:\Program Files\Dell\Dell Peripheral Manager\DPMService.exe [2767728 2025-02-04] (IndiLogic LLC -> Dell Inc.)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [934352 2023-08-02] (Epic Games Inc. -> Epic Games, Inc.)
R2 GooglePlayGamesServices-25.4.291.0; C:\Program Files\Google\Play Games Services\25.4.291.0\Service\GooglePlayGamesServices.exe [518752 2025-04-11] (Google LLC -> Google)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [243664 2025-03-03] (HP Inc. -> HP Inc.)
S3 klvssbridge64_21.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\x64\vssbridge64.exe [479280 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R2 KSDE5.20; C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.20\ksde.exe [32008 2025-01-18] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R2 LightKeeperService; C:\Program Files (x86)\MSI\MSI Center\Mystic Light\LightKeeperService.exe [92768 2023-05-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 MSI_Case_Service; C:\Program Files (x86)\MSI\MSI Center\Case\MSI_Case_Service.exe [74336 2023-07-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 MSI_Center_Service; C:\Program Files (x86)\MSI\MSI Center\MSI_Central_Service.exe [154216 2023-08-17] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
R2 MSI_VoiceControl_Service; C:\Program Files (x86)\MSI\MSI Center\Voice Control\VoiceControl_Service.exe [36880 2023-04-27] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 Mystic_Light_Service; C:\Program Files (x86)\MSI\MSI Center\Mystic Light\Mystic_Light_Service.exe [37616 2022-04-28] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [50688 2019-02-01] (HP Inc.) [File not signed]
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvrfi.inf_amd64_a4e2182beae2ddf6\Display.NvContainer\NVDisplay.Container.exe [1275016 2025-03-15] (NVIDIA Corporation -> NVIDIA Corporation)
S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [66048 2019-02-01] (HP Inc.) [File not signed]
R2 Razer Chroma SDK Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe [1882024 2024-10-18] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [232360 2024-10-18] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Chroma Stream Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzChromaStreamServer.exe [1268176 2024-07-18] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Game Manager Service; C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe [256256 2024-10-15] (Razer USA Ltd. -> Razer Inc)
R2 Razer Synapse Service; C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe [300168 2025-03-11] (Razer USA Ltd. -> Razer Inc.)
S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [1271280 2023-11-01] (Rockstar Games, Inc. -> Rockstar Games)
R2 RzActionSvc; C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe [513672 2025-03-06] (Razer USA Ltd. -> Razer Inc.)
S2 sysnet64; C:\Users\David\AppData\Roaming\Microsoft\SysDriver64\netrtwlansinf\netsys64.exe [747636224 2024-11-24] () [File not signed] <==== ATTENTION
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\NisSrv.exe [3174840 2023-12-08] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MsMpEng.exe [133592 2023-12-08] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 amd3dvcache; C:\WINDOWS\System32\DriverStore\FileRepository\amd3dvcache.inf_amd64_558311a8a60226a4\amd3dvcache.sys [42720 2024-04-18] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc)
R3 amdfendrmgr; C:\WINDOWS\System32\drivers\amdfendrmgr.sys [56416 2024-03-26] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R3 amdgpio3; C:\WINDOWS\System32\drivers\amdgpio3.sys [36928 2022-09-15] (ASMedia Technology Inc. -> Advanced Micro Devices, Inc)
R3 amduw23g; C:\WINDOWS\System32\DriverStore\FileRepository\u0401611.inf_amd64_fdc4605155615ab7\B399690\amdkmdag.sys [100084648 2024-03-26] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [569344 2024-12-05] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [200704 2024-12-05] (Microsoft Corporation) [File not signed]
R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [237288 2022-08-01] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 DPMDriver; C:\WINDOWS\System32\drivers\DPMDriver.sys [142272 2025-02-04] (IndiLogic LLC -> Dell Inc.)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [42256 2023-10-26] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [63696 2023-10-26] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R1 googlehaxm; C:\WINDOWS\system32\drivers\GoogleHaxm.sys [234712 2025-02-26] (Microsoft Windows Hardware Compatibility Publisher -> Google)
S3 HPEWSFXBULK; C:\WINDOWS\system32\drivers\hpfx64bulk.sys [30200 2023-05-31] (Hewlett-Packard Company -> Hewlett Packard)
R1 klbackupdisk; C:\WINDOWS\system32\DRIVERS\klbackupdisk.sys [105280 2022-08-01] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klbackupflt; C:\WINDOWS\System32\DRIVERS\klbackupflt.sys [206600 2022-08-01] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [119568 2022-08-01] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [41656 2021-02-19] (Microsoft Windows Early Launch Anti-malware Publisher -> AO Kaspersky Lab)
R1 klflt; C:\WINDOWS\system32\DRIVERS\klflt.sys [533040 2024-04-03] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klgse; C:\WINDOWS\System32\DRIVERS\klgse.sys [857432 2025-03-04] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klhk; C:\WINDOWS\system32\DRIVERS\klhk.sys [2256208 2025-03-04] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klids; C:\ProgramData\Kaspersky Lab\AVP21.3\Bases\klids.sys [236024 2025-02-24] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [1051184 2024-04-03] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klim6; C:\WINDOWS\system32\DRIVERS\klim6.sys [90896 2022-08-01] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klkbdflt; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [104728 2022-08-01] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klmouflt; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [107328 2022-08-01] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [78088 2022-08-01] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klpnpflt; C:\WINDOWS\system32\DRIVERS\klpnpflt.sys [88328 2022-08-01] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 kltun; C:\WINDOWS\system32\DRIVERS\kltun.sys [101912 2025-01-18] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R0 klupd_klif_arkmon; C:\WINDOWS\System32\Drivers\klupd_klif_arkmon.sys [400152 2025-03-10] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klupd_klif_klark; C:\WINDOWS\System32\Drivers\klupd_klif_klark.sys [364056 2025-03-12] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R0 klupd_klif_klbg; C:\WINDOWS\System32\Drivers\klupd_klif_klbg.sys [204440 2025-03-10] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klupd_klif_mark; C:\WINDOWS\System32\Drivers\klupd_klif_mark.sys [266432 2025-03-12] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [150280 2022-08-01] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klwtp; C:\WINDOWS\system32\DRIVERS\klwtp.sys [325400 2022-08-01] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [294680 2022-08-01] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 MSIO; C:\Windows\system32\drivers\MsIo64.sys [19000 2023-04-05] (Microsoft Windows Hardware Compatibility Publisher -> MICSYS Technology Co., LTd)
R3 MTKBTFilterX64; C:\WINDOWS\System32\drivers\mtkbtfilterx.sys [345056 2022-06-26] (Microsoft Windows Hardware Compatibility Publisher -> MediaTek Inc.)
R3 mtkwlex; C:\WINDOWS\System32\drivers\mtkwl6ex.sys [1587680 2022-06-26] (Microsoft Windows Hardware Compatibility Publisher -> MediaTek Inc.)
R3 NTIOLib_CC_Clock; C:\Program Files (x86)\MSI\MSI Center\Lib\NTIOLib_X64.sys [14288 2017-07-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 NTIOLib_CC_COMM; C:\Program Files (x86)\MSI\MSI Center\Lib\SYS\NTIOLib_X64.sys [32424 2023-07-31] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
S3 NTIOLib_FWUpdate; C:\Program Files (x86)\MSI\MSI Center\Mystic Light\ResetMCU\JT1Toucher\NTIOLib_X64.sys [28496 2022-04-27] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 NTIOLib_MysticLight; C:\Program Files (x86)\MSI\MSI Center\Mystic Light\Lib\NTIOLib_X64.sys [14288 2017-07-11] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 RzCommon; C:\WINDOWS\System32\drivers\RzCommon.sys [64168 2022-08-18] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_0099; C:\WINDOWS\System32\drivers\RzDev_0099.sys [56152 2021-06-14] (Razer USA Ltd. -> Razer Inc)
S3 ThermalFilter; C:\WINDOWS\System32\DriverStore\FileRepository\c_thermal.inf_amd64_732a53ed1662b707\ThermalFilter.sys [75376 2025-03-27] (Microsoft Windows Hardware Abstraction Layer Publisher -> Microsoft Corporation)
S3 usbscan; C:\WINDOWS\System32\DriverStore\FileRepository\sti.inf_amd64_971c769b103df369\usbscan.sys [90112 2024-12-05] (Microsoft Windows -> Microsoft Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [55856 2023-12-08] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [594304 2023-12-08] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105856 2023-12-08] (Microsoft Windows -> Microsoft Corporation)
S3 wini3ctarget; C:\WINDOWS\System32\DriverStore\FileRepository\wini3ctarget.inf_amd64_bdb09ebda2834009\wini3ctarget.sys [75168 2025-03-27] (Microsoft Windows -> Microsoft Corporation)
S4 AmdTools64; \SystemRoot\System32\drivers\AmdTools64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2025-04-19 03:28 - 2025-04-19 03:29 - 000040968 _____ C:\Users\David\Desktop\FRST.txt
2025-04-19 01:01 - 2025-04-19 01:01 - 000711764 _____ C:\WINDOWS\system32\perfh005.dat
2025-04-19 01:01 - 2025-04-19 01:01 - 000152978 _____ C:\WINDOWS\system32\perfc005.dat
2025-04-16 23:08 - 2025-04-18 22:09 - 000000000 ____D C:\Users\David\Desktop\www.UIndex.org - Daredevil Born Again S01E09 Straight to Hell 2160p DSNP WEB-DL DDP5 1 Atmos DV HDR H 265-FLUX
2025-04-14 22:11 - 2025-04-14 22:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\qBittorrent
2025-04-11 16:14 - 2025-04-11 16:14 - 021490212 _____ C:\Users\David\Desktop\Ebook Jak pěstovat chilli - 7 kroků.pdf
2025-04-10 17:32 - 2025-04-19 02:01 - 000000000 ____D C:\WINDOWS\CbsTemp
2025-04-09 18:32 - 2025-04-09 18:32 - 000000000 ____D C:\inetpub
2025-04-09 17:59 - 2025-04-09 18:00 - 000567952 _____ C:\Users\David\Desktop\MP.pdf
2025-03-30 16:03 - 2025-03-30 16:26 - 000000000 ____D C:\Users\David\Desktop\Agatha.All.Along.S01E01.HDR.2160p.WEB.H265-SuccessfulCrab[TGx]
2025-03-28 02:36 - 2025-03-28 02:36 - 000000000 ____D C:\WINDOWS\system32\AccountHealthAssets
2025-03-27 21:59 - 2025-03-27 21:59 - 000029042 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json
2025-03-27 21:59 - 2025-03-27 21:59 - 000029042 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2025-03-21 23:24 - 2025-03-24 23:19 - 000000000 ____D C:\Users\David\Desktop\www.Torrenting.com - Daredevil 2003 1080p DSNP WEB-DL DDP 5 1 H 264-PiRaTeS
2025-03-21 23:09 - 2025-03-21 23:24 - 000000000 ____D C:\Users\David\Desktop\Daredevil Directors Cut (2003) [1080p]
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2025-04-19 03:29 - 2024-04-06 17:11 - 000000000 ____D C:\FRST
2025-04-19 03:29 - 2024-04-01 09:26 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2025-04-19 03:29 - 2023-10-25 02:40 - 000000000 ____D C:\Users\David\AppData\Local\Battle.net
2025-04-19 03:28 - 2024-04-06 17:06 - 002404864 _____ (Farbar) C:\Users\David\Desktop\FRST64.exe
2025-04-19 03:24 - 2023-10-30 19:34 - 000000000 ____D C:\Users\David\AppData\Roaming\CurseForge
2025-04-19 03:23 - 2023-10-26 16:41 - 000000000 ____D C:\Program Files (x86)\Steam
2025-04-19 03:21 - 2023-10-25 03:01 - 000000000 ____D C:\Users\David\AppData\Local\D3DSCache
2025-04-19 03:07 - 2023-10-27 14:47 - 000000000 ____D C:\Users\David\AppData\Roaming\vlc
2025-04-19 03:01 - 2023-10-26 16:27 - 000000000 ____D C:\Users\David\AppData\Local\Discord
2025-04-19 02:40 - 2025-03-13 12:56 - 000001298 _____ C:\Users\David\Desktop\Mr Autofire.lnk
2025-04-19 02:30 - 2024-12-05 21:45 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2025-04-19 02:04 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\AppReadiness
2025-04-19 01:01 - 2024-12-05 21:51 - 001692332 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2025-04-19 01:01 - 2024-04-01 09:24 - 000000000 ____D C:\WINDOWS\INF
2025-04-19 00:02 - 2024-08-09 16:36 - 000000000 ____D C:\Users\David\AppData\Roaming\discord
2025-04-19 00:01 - 2024-12-05 21:49 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2025-04-19 00:01 - 2024-12-05 21:47 - 000003942 _____ C:\WINDOWS\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2
2025-04-19 00:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SystemTemp
2025-04-19 00:01 - 2023-10-25 03:04 - 000000000 ____D C:\ProgramData\NVIDIA
2025-04-19 00:01 - 2023-10-24 19:04 - 000000000 ____D C:\MSI
2025-04-19 00:01 - 2023-10-24 17:52 - 000012288 ___SH C:\DumpStack.log.tmp
2025-04-19 00:00 - 2024-04-01 09:21 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2025-04-18 21:43 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\SecurityHealth
2025-04-18 21:30 - 2024-04-01 09:26 - 000000000 ___HD C:\Program Files\WindowsApps
2025-04-18 21:29 - 2025-02-06 17:40 - 000003576 _____ C:\WINDOWS\system32\Tasks\OneDrive Startup Task-S-1-5-21-2111594256-2338183963-3193565703-1001
2025-04-18 21:29 - 2024-12-05 21:49 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2111594256-2338183963-3193565703-1001
2025-04-18 21:29 - 2024-12-05 21:49 - 000003364 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2111594256-2338183963-3193565703-1001
2025-04-18 21:29 - 2023-10-25 02:23 - 000002381 _____ C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2025-04-18 11:03 - 2023-10-27 00:34 - 000000000 ____D C:\Users\David\AppData\Roaming\qBittorrent
2025-04-18 10:27 - 2023-10-25 02:16 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2025-04-18 08:24 - 2023-10-27 03:50 - 000000000 ____D C:\Users\David\AppData\Roaming\Microsoft\Word
2025-04-18 00:35 - 2023-10-27 00:32 - 000000000 ____D C:\Users\David\AppData\Local\CrashDumps
2025-04-18 00:20 - 2023-10-25 02:28 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2025-04-16 22:40 - 2023-10-30 19:34 - 000002425 _____ C:\Users\David\Desktop\CurseForge.lnk
2025-04-16 02:13 - 2023-10-27 00:31 - 000123833 _____ C:\Users\David\Desktop\trollings.txt
2025-04-14 22:11 - 2025-02-20 21:12 - 000000000 ____D C:\Program Files\qBittorrent
2025-04-10 17:41 - 2023-10-25 02:21 - 000000000 ____D C:\Users\David\AppData\Local\Packages
2025-04-09 18:34 - 2024-12-05 21:45 - 000472816 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2025-04-09 18:33 - 2024-12-05 21:45 - 000001623 _____ C:\WINDOWS\system32\config\VSMIDK
2025-04-09 18:32 - 2024-04-01 18:30 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2025-04-09 18:32 - 2024-04-01 18:30 - 000000000 ____D C:\WINDOWS\system32\Microsoft-Edge-WebView
2025-04-09 18:32 - 2024-04-01 09:26 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2025-04-09 18:32 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SystemResources
2025-04-09 18:32 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\Sgrm
2025-04-09 18:32 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2025-04-09 18:32 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\oobe
2025-04-09 18:32 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\bcastdvr
2025-04-08 21:07 - 2024-04-01 09:26 - 000000000 ____D C:\ProgramData\USOPrivate
2025-04-08 19:10 - 2024-12-05 21:49 - 003352064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2025-04-06 00:03 - 2024-12-05 21:49 - 000003640 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2025-04-06 00:03 - 2024-12-05 21:49 - 000003516 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2025-04-04 01:07 - 2023-10-25 02:39 - 000000000 ____D C:\Program Files (x86)\Battle.net
2025-04-01 17:06 - 2024-12-05 21:49 - 000003512 _____ C:\WINDOWS\system32\Tasks\GyazoUpdateTaskMachineDaily
2025-04-01 17:06 - 2024-12-05 21:49 - 000003376 _____ C:\WINDOWS\system32\Tasks\GyazoUpdateTaskMachine
2025-04-01 17:06 - 2023-10-25 23:52 - 000000000 ____D C:\Program Files (x86)\Gyazo
2025-03-30 01:45 - 2023-12-19 03:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2025-03-28 02:37 - 2024-04-01 09:26 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2025-03-28 02:37 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\UUS
2025-03-28 02:37 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2025-03-28 02:37 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2025-03-28 02:37 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2025-03-28 02:36 - 2024-12-05 21:41 - 000000000 ____D C:\WINDOWS\InboxApps
2025-03-28 02:36 - 2024-04-01 18:31 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2025-03-28 02:36 - 2024-04-01 18:31 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2025-03-28 02:36 - 2024-04-01 09:26 - 000000000 ___SD C:\WINDOWS\system32\UNP
2025-03-28 02:36 - 2024-04-01 09:26 - 000000000 ___SD C:\WINDOWS\system32\F12
2025-03-28 02:36 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SystemApps
2025-03-28 02:36 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2025-03-28 02:36 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2025-03-28 02:36 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2025-03-28 02:36 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\setup
2025-03-28 02:36 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2025-03-28 02:36 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\HealthAttestationClient
2025-03-28 02:36 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\Dism
2025-03-28 02:36 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\appraiser
2025-03-28 02:36 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\ShellExperiences
2025-03-28 02:36 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\ShellComponents
2025-03-28 02:36 - 2024-04-01 09:26 - 000000000 ____D C:\Program Files\Common Files\System
2025-03-28 02:36 - 2024-04-01 09:21 - 000000000 ____D C:\WINDOWS\servicing
2025-03-23 19:39 - 2023-10-25 02:19 - 000000000 ____D C:\ProgramData\Packages
2025-03-20 22:54 - 2023-10-25 02:23 - 000000000 ____D C:\Users\David\AppData\Local\PlaceholderTileLogoFolder
==================== Files in the root of some directories ========
2025-03-13 12:50 - 2025-03-13 12:54 - 000079670 _____ () C:\Users\David\AppData\Local\dxdiag.log
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Kaspersky me upozornil na HEUR:Trojan.Multi.GenBadur.gena, nevim zda, jestli to je neni jen plany poplach, restartoval jsem PC a po chvili vyskocilo znovu, tak se ujistuji, ze je vse OK.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 01-04-2025
Ran by David (administrator) on DEJFYQQ (Micro-Star International Co., Ltd. MS-7D75) (19-04-2025 03:28:55)
Running from C:\Users\David\Desktop\FRST64.exe
Loaded Profiles: David
Platform: Microsoft Windows 11 Home Version 24H2 26100.3775 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Blizzard Entertainment, Inc. -> Blizzard Entertainment) C:\ProgramData\Battle.net\Agent\Agent.9098\Agent.exe
(C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe ->) (Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\EpicWebHelper.exe <2>
(C:\Program Files (x86)\Gyazo\GyStation.exe ->) (Helpfeel Inc -> Helpfeel Inc.) C:\Program Files (x86)\Gyazo\GyazoVideoCore.exe
(C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\avp.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\avpui.exe
(C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.20\ksde.exe ->) (AO Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.20\ksdeui.exe
(C:\Program Files (x86)\MSI\MSI Center\MSI.CentralServer.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Program Files (x86)\MSI\MSI Center\Engine\CC_Engine_x64.exe
(C:\Program Files (x86)\MSI\MSI Center\MSI_Central_Service.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Center\MSI.CentralServer.exe
(C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzAppManager
(C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzBTLEManager
(C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzDeviceManager
(C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzDiagnostic
(C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzChromaConnectManager
(C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzChromaConnectServer
(C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzIoTDeviceManager
(C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSmartlightingDeviceManager
(C:\Program Files (x86)\Razer\Razer Services\Razer Central\Razer Central.exe ->) (Razer USA Ltd. -> The CefSharp Authors) C:\Program Files (x86)\Razer\Razer Services\Razer Central\CefSharp.BrowserSubprocess.exe <5>
(C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\Razer Central.exe
(C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe ->) (Razer USA Ltd. -> ) C:\Program Files (x86)\Razer\Synapse3\UserProcess\Razer Synapse Service Process.exe
(C:\Program Files (x86)\Steam\steam.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
(C:\Program Files\Dell\Dell Peripheral Manager\DPMService.exe ->) (IndiLogic LLC -> ) C:\Program Files\Dell\Dell Peripheral Manager\DPMCrashHandler.exe <2>
(C:\Program Files\Dell\Dell Peripheral Manager\DPMService.exe ->) (IndiLogic LLC -> Dell Inc.) C:\Program Files\Dell\Dell Peripheral Manager\DPM.exe
(C:\Program Files\Dell\DTP\InstrumentationSubAgent\Dell.TechHub.Instrumentation.SubAgent.exe ->) (Dell Technologies Inc. -> Dell, Inc.) C:\Program Files\Dell\DTP\InstrumentationSubAgent\Dell.TechHub.Instrumentation.UserProcess.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Technologies Inc. -> ) C:\Program Files (x86)\Dell\UpdateService\DCF\Dell.Update.SubAgent.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Technologies Inc. -> DDPM.Subagent) C:\Program Files\Dell\Dell Display and Peripheral Manager\Plugins\DDPM.Subagent\DDPM.Subagent.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Technologies Inc. -> DDPM.Subagent.User) C:\Program Files\Dell\Dell Display and Peripheral Manager\Plugins\DDPM.Subagent.User\DDPM.Subagent.User.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Technologies Inc. -> Dell) C:\Program Files\Dell\MyDell\Manager\Dell.UCA.Manager.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Technologies Inc. -> Dell) C:\Program Files\Dell\TechHub\Dell.CoreServices.Client.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Technologies Inc. -> Dell, Inc.) C:\Program Files\Dell\DTP\AnalyticsSubAgent\Dell.TechHub.Analytics.SubAgent.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Technologies Inc. -> Dell, Inc.) C:\Program Files\Dell\DTP\DataManagerSubAgent\Dell.TechHub.DataManager.SubAgent.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Technologies Inc. -> Dell, Inc.) C:\Program Files\Dell\DTP\InstrumentationSubAgent\Dell.TechHub.Instrumentation.SubAgent.exe
(C:\Program Files\Google\Chrome\Application\chrome.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(C:\Program Files\Google\Play Games Services\25.4.291.0\Service\GooglePlayGamesServices.exe ->) (Google LLC -> ) C:\Program Files\Google\Play Games Services\25.4.291.0\Service\data\windows.assets\crashpad_handler.exe
(C:\Users\David\AppData\Local\Programs\CurseForge Windows\CurseForge.exe ->) (Overwolf Ltd -> Overwolf LTD) C:\Users\David\AppData\Local\Programs\CurseForge Windows\resources\app.asar.unpacked\plugins\curse\win\Curse.Agent.Host.exe
(cmd.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\plugins_nms.exe
(Discord Inc. -> Discord Inc.) C:\Users\David\AppData\Local\Discord\app-1.0.9188\Discord.exe <6>
(DriverStore\FileRepository\u0401611.inf_amd64_fdc4605155615ab7\B399690\atiesrxx.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0401611.inf_amd64_fdc4605155615ab7\B399690\atieclxx.exe
(explorer.exe ->) () [File not signed] C:\Program Files (x86)\CZC.Gaming Reaper\DeviceDriver.exe
(explorer.exe ->) () [File not signed] C:\Program Files (x86)\TradeSkillMaster Application\app\TSMApplication.exe
(explorer.exe ->) (AVB Disc Soft, SIA -> Disc Soft FZE LLC) C:\Program Files\DAEMON Tools Lite\DTAgent.exe
(explorer.exe ->) (Blizzard Entertainment, Inc. -> Blizzard Entertainment) C:\Program Files (x86)\Battle.net\Battle.net.exe <6>
(explorer.exe ->) (Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <20>
(explorer.exe ->) (Helpfeel Inc -> Helpfeel Inc.) C:\Program Files (x86)\Gyazo\GyStation.exe
(explorer.exe ->) (Overwolf Ltd -> Overwolf) C:\Users\David\AppData\Local\Programs\CurseForge Windows\CurseForge.exe <7>
(explorer.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe
(explorer.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe
(services.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0401611.inf_amd64_fdc4605155615ab7\B399690\atiesrxx.exe
(services.exe ->) (AVB Disc Soft, SIA -> Disc Soft FZE LLC) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(services.exe ->) (Dell Technologies Inc. -> ) C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe
(services.exe ->) (Dell Technologies Inc. -> Dell) C:\Program Files\Dell\TechHub\Dell.TechHub.exe
(services.exe ->) (Google LLC -> Google) C:\Program Files\Google\Play Games Services\25.4.291.0\Service\GooglePlayGamesServices.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (IndiLogic LLC -> Dell Inc.) C:\Program Files\Dell\Dell Peripheral Manager\DPMService.exe
(services.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\avp.exe
(services.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.20\ksde.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc) C:\Windows\System32\DriverStore\FileRepository\amd3dvcache.inf_amd64_558311a8a60226a4\amd3dvcacheSvc.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI Center\Case\MSI_Case_Service.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Center\MSI_Central_Service.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI Center\Mystic Light\LightKeeperService.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Center\Mystic Light\Mystic_Light_Service.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI Center\Voice Control\VoiceControl_Service.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvrfi.inf_amd64_a4e2182beae2ddf6\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Razer USA Ltd. -> Razer Inc) C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzChromaStreamServer.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe
(services.exe ->) (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe
(services.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\steamservice.exe
(sihost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftWindows.CrossDevice_1.25031.45.0_x64__cw5n1h2txyewy\CrossDeviceService.exe
(svchost.exe ->) (24803D75-212C-471A-BC57-9EF86AB91435 -> ) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2515.7.0_x64__cv1g1gvanyjgm\WhatsApp.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.StartExperiencesApp_1.1.296.0_x64__8wekyb3d8bbwe\MicrosoftStartFeedProvider\MicrosoftStartFeedProvider.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\David\AppData\Local\Microsoft\OneDrive\25.056.0324.0003\FileCoAuth.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_525.5100.40.0_x64__cw5n1h2txyewy\WidgetBoard.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe <2>
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Center\MSI.TerminalServer.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Center\Mystic Light\LEDKeeper2.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI Center\Voice Control\VoiceControl_Engine.exe
(svchost.exe ->) (PALIT MICROSYSTEMS LTD. TAIWAN BRANCH (BELIZE) -> Palit Microsystems Ltd.) C:\Program Files\Thunder Master\ThPanel.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-2111594256-2338183963-3193565703-1001\...\Run: [TSMApplication] => C:\Program Files (x86)\TradeSkillMaster Application\app\TSMApplication.exe [1623040 2024-08-28] () [File not signed]
HKU\S-1-5-21-2111594256-2338183963-3193565703-1001\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [1213048 2025-03-26] (Helpfeel Inc -> Helpfeel Inc.)
HKU\S-1-5-21-2111594256-2338183963-3193565703-1001\...\Run: [Discord] => C:\Users\David\AppData\Local\Discord\Update.exe [1525016 2023-10-16] (Discord Inc. -> GitHub)
HKU\S-1-5-21-2111594256-2338183963-3193565703-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4694624 2025-04-02] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-2111594256-2338183963-3193565703-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [482640 2023-10-26] (AVB Disc Soft, SIA -> Disc Soft FZE LLC)
HKU\S-1-5-21-2111594256-2338183963-3193565703-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [36981208 2024-12-04] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-2111594256-2338183963-3193565703-1001\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3599496 2025-03-11] (Razer USA Ltd. -> Razer Inc.)
HKU\S-1-5-21-2111594256-2338183963-3193565703-1001\...\Run: [Battle.net] => C:\Program Files (x86)\Battle.net\Battle.net.exe [981632 2025-04-03] (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
HKU\S-1-5-21-2111594256-2338183963-3193565703-1001\...\Run: [electron.app.CurseForge] => C:\Users\David\AppData\Local\Programs\CurseForge Windows\CurseForge.exe [182268856 2025-04-01] (Overwolf Ltd -> Overwolf)
HKU\S-1-5-18\...\Run: [Synapse3] => C:\Program Files (x86)\Razer\Synapse3\WPFUI\Framework\Razer Synapse 3 Host\Razer Synapse 3.exe [3599496 2025-03-11] (Razer USA Ltd. -> Razer Inc.)
HKLM\...\Windows x64\Print Processors\hpcpp270: C:\Windows\System32\spool\prtprocs\x64\hpcpp270.dll [873168 2023-05-30] (HP Inc. -> HP Inc.)
HKLM\...\Print\Monitors\HP Universal Print Monitor: c:\windows\system32\HPMPW082.DLL [130256 2023-05-30] (HP Inc. -> HP Inc.)
HKLM\...\Print\Monitors\HPMLM225: c:\windows\system32\hpmlm225.dll [318160 2023-05-30] (HP Inc. -> HP Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\135.0.7049.96\Installer\chrmstp.exe [2025-04-17] (Google LLC -> Google LLC)
Startup: C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DDM2.0.lnk [2023-10-26]
ShortcutTarget: DDM2.0.lnk -> C:\Program Files\Dell\Dell Display Manager 2\DDM.exe (No File)
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {3CFFFB62-35B9-4B00-A3EF-1CADEA1F1950} - System32\Tasks\Google Play Games Notifier => C:\Program Files\Google\Play Games\Bootstrapper.exe [375392 2025-04-18] (Google LLC -> Google LLC)
Task: {20602FA7-D082-4035-94C5-CA3179224F2A} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem137.0.7115.0{2557B071-197E-47E9-AFA4-C323D2ECBBB6} => C:\Program Files (x86)\Google\GoogleUpdater\137.0.7115.0\updater.exe [7360096 2025-04-08] (Google LLC -> Google LLC)
Task: {2FBA3F76-156A-4FFE-918B-78AE72B83EEA} - System32\Tasks\GyazoUpdateTaskMachine => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [10513984 2025-03-26] (Helpfeel Inc -> Helpfeel Inc.)
Task: {8F53028B-313E-4798-A7D7-7B00E941E17A} - System32\Tasks\GyazoUpdateTaskMachineDaily => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [10513984 2025-03-26] (Helpfeel Inc -> Helpfeel Inc.)
Task: {2F025BF2-467A-42CC-A20C-227EF86BD9BE} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [78288 2025-03-03] (HP Inc. -> HP Inc.)
Task: {D31EDD06-9494-45F6-913B-9E98F5501A0E} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor Logon => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [78288 2025-03-03] (HP Inc. -> HP Inc.)
Task: {8061F546-2AA0-4F23-A861-22118B523C3E} - System32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901} => C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe [743488 2023-10-25] (Kaspersky Lab JSC -> AO Kaspersky Lab)
Task: {F960DEC5-CB0A-45F3-809A-5D0A0D20C15A} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26043888 2019-03-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {591F3815-453A-4FED-8DCD-AE4E364ECE38} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26043888 2019-03-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {78AB5B60-5F84-493F-9E3D-9E5F85EFA1AB} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\sdxhelper.exe [103896 2023-10-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {A11EF95D-7CAD-4292-B611-62BE49DE8B5C} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\sdxhelper.exe [103896 2023-10-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {DE1B5B99-25AE-428B-9EC8-6AE1D27F943E} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1403008 2023-10-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {C7FFF969-718F-4CCA-AC2A-524E9A426BE2} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1403008 2023-10-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {DD5CD39C-2D88-443C-BEF7-EEFA8C25213E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4403336 2023-10-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {EDDC86CD-8F92-41B6-BEE9-BF68C9B215E1} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4403336 2023-10-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {B91F7551-B92E-4A76-870D-05E1487D240A} - System32\Tasks\Microsoft\Windows\AccountHealth\RecoverabilityToastTask => {B7F5B442-EBF8-46CD-9F0B-D8E45ED43492} C:\WINDOWS\system32\AccountHealth.dll [258048 2025-03-27] (Microsoft Windows -> Microsoft Corporation)
Task: {077BA067-7C15-40F0-B22E-C9DC2A54B4A2} - System32\Tasks\Microsoft\Windows\Location\Notifications => %windir%\System32\LocationNotificationWindows.exe (No File)
Task: {F3E6E7ED-A196-4E44-8803-55FAB3AD4E29} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
Task: {A10B79A1-933A-4CCE-9411-E5145D49A3B8} - System32\Tasks\MSI Task Host - LEDKeeper2_Host => C:\Program Files (x86)\MSI\MSI Center\Mystic Light\LEDKeeper2.exe [2660456 2023-10-04] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
Task: {61BF09AC-4E25-473E-BA83-E1554CE7A1EC} - System32\Tasks\NVIDIA app SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA app\CEF\NVIDIA app.exe [3287072 2025-03-06] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9BD09CC4-557E-493F-9833-BF4528595D59} - System32\Tasks\OneDrive Startup Task-S-1-5-21-2111594256-2338183963-3193565703-1001 => C:\Users\David\AppData\Local\Microsoft\OneDrive\25.056.0324.0003\OneDriveLauncher.exe [676680 2025-04-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {B2B209D9-81AB-4894-ADFF-004B5E75296F} - System32\Tasks\ThunderMaster => C:\Program Files\Thunder Master\ThPanel.exe [4530592 2023-05-05] (PALIT MICROSYSTEMS LTD. TAIWAN BRANCH (BELIZE) -> Palit Microsystems Ltd.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 93.89.159.2 1.1.1.1
Tcpip\..\Interfaces\{c955e5c7-047b-42c9-b48e-0f4d7406f04a}: [DhcpNameServer] 93.89.159.2 1.1.1.1
Edge:
=======
Edge Profile: C:\Users\David\AppData\Local\Microsoft\Edge\User Data\Default [2025-04-15]
Edge Extension: (Ochrana Kaspersky) - C:\Users\David\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm [2024-12-03]hxxps://clients2.google.com/service/update2/crx
Edge Extension: (Dokumenty Google offline) - C:\Users\David\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-03-28]hxxps://clients2.google.com/service/update2/crx
Edge Extension: (Edge relevant text changes) - C:\Users\David\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-24]hxxps://edge.microsoft.com/extensionwebstorebase/v1/crx
Edge HKU\S-1-5-21-2111594256-2338183963-3193565703-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm]
FireFox:
========
FF HKLM\...\Firefox\Extensions: [light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\FFExt\light_plugin_firefox\addon.xpi => not found
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\FFExt\light_plugin_firefox\addon.xpi => not found
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2023-10-27] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2023-10-27] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=3.0.19 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2024-06-08] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.20 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2024-06-08] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.21 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2024-06-08] (VideoLAN -> VideoLAN)
Chrome:
=======
CHR Profile: C:\Users\David\AppData\Local\Google\Chrome\User Data\Default [2025-04-19]
CHR DownloadDir: C:\Users\David\Desktop
CHR HomePage: Default -> hxxp://seznam.cz/
CHR StartupUrls: Default -> "hxxp://facebook.com/"
CHR DefaultSearchURL: Default -> hxxp://www.google.com/search?hl=en&q={searchTerms}
CHR DefaultSearchKeyword: Default -> google.cz_
CHR DefaultSuggestURL: Default -> hxxp://suggest.fulltext.seznam.cz/fulltext_ff?phrase={searchTerms}
CHR Extension: (Ochrana Kaspersky) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm [2024-12-03]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (BetterTTV) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2025-04-12]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (7TV) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\ammjkodgmmoknidbanneddgankgfejfh [2023-10-25]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (MrtkiBlock) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmlajoobakfffnddclhgdbfomjmaeeen [2023-10-25]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (uBlock Origin) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2025-03-22]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Kaspersky Password Manager) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhnkblpjbkfklfloegejegedcafpliaa [2025-02-11]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2025-04-18]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Dokumenty Google offline) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-03-27]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-10-25]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Unseen Message) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\oapcfkclledjbalilncpoimgjgcndhdo [2024-01-07]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Global Twitch Emotes) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgniedifoejifjkndekolimjeclnokkb [2023-10-25]hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm
CHR HKU\S-1-5-21-2111594256-2338183963-3193565703-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 amd3dvcacheSvc; C:\WINDOWS\System32\DriverStore\FileRepository\amd3dvcache.inf_amd64_558311a8a60226a4\amd3dvcacheSvc.exe [143432 2024-04-18] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc)
R2 AVP21.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\avp.exe [184768 2022-08-01] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S3 battlenet_helpersvc; C:\ProgramData\Battle.net_components\battlenet_helpersvc\AgentHelper.exe [3319424 2025-04-08] (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11129928 2019-03-05] (Microsoft Corporation -> Microsoft Corporation)
S2 coresys; C:\Users\David\AppData\Roaming\Microsoft\kernel64\core\coresys.exe [762316288 2024-11-24] () [File not signed] <==== ATTENTION
R2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [51648 2024-11-13] (Dell Technologies Inc. -> )
R2 DellTechHub; C:\Program Files\Dell\TechHub\Dell.TechHub.exe [153304 2024-12-03] (Dell Technologies Inc. -> Dell)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [4974416 2023-10-26] (AVB Disc Soft, SIA -> Disc Soft FZE LLC)
R2 DPMService; C:\Program Files\Dell\Dell Peripheral Manager\DPMService.exe [2767728 2025-02-04] (IndiLogic LLC -> Dell Inc.)
S3 EpicOnlineServices; C:\Program Files (x86)\Epic Games\Epic Online Services\service\EpicOnlineServicesHost.exe [934352 2023-08-02] (Epic Games Inc. -> Epic Games, Inc.)
R2 GooglePlayGamesServices-25.4.291.0; C:\Program Files\Google\Play Games Services\25.4.291.0\Service\GooglePlayGamesServices.exe [518752 2025-04-11] (Google LLC -> Google)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [243664 2025-03-03] (HP Inc. -> HP Inc.)
S3 klvssbridge64_21.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 21.3\x64\vssbridge64.exe [479280 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R2 KSDE5.20; C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.20\ksde.exe [32008 2025-01-18] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R2 LightKeeperService; C:\Program Files (x86)\MSI\MSI Center\Mystic Light\LightKeeperService.exe [92768 2023-05-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 MSI_Case_Service; C:\Program Files (x86)\MSI\MSI Center\Case\MSI_Case_Service.exe [74336 2023-07-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 MSI_Center_Service; C:\Program Files (x86)\MSI\MSI Center\MSI_Central_Service.exe [154216 2023-08-17] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
R2 MSI_VoiceControl_Service; C:\Program Files (x86)\MSI\MSI Center\Voice Control\VoiceControl_Service.exe [36880 2023-04-27] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 Mystic_Light_Service; C:\Program Files (x86)\MSI\MSI Center\Mystic Light\Mystic_Light_Service.exe [37616 2022-04-28] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [50688 2019-02-01] (HP Inc.) [File not signed]
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvrfi.inf_amd64_a4e2182beae2ddf6\Display.NvContainer\NVDisplay.Container.exe [1275016 2025-03-15] (NVIDIA Corporation -> NVIDIA Corporation)
S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [66048 2019-02-01] (HP Inc.) [File not signed]
R2 Razer Chroma SDK Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe [1882024 2024-10-18] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [232360 2024-10-18] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Chroma Stream Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzChromaStreamServer.exe [1268176 2024-07-18] (Razer USA Ltd. -> Razer Inc.)
R2 Razer Game Manager Service; C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe [256256 2024-10-15] (Razer USA Ltd. -> Razer Inc)
R2 Razer Synapse Service; C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe [300168 2025-03-11] (Razer USA Ltd. -> Razer Inc.)
S3 Rockstar Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [1271280 2023-11-01] (Rockstar Games, Inc. -> Rockstar Games)
R2 RzActionSvc; C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe [513672 2025-03-06] (Razer USA Ltd. -> Razer Inc.)
S2 sysnet64; C:\Users\David\AppData\Roaming\Microsoft\SysDriver64\netrtwlansinf\netsys64.exe [747636224 2024-11-24] () [File not signed] <==== ATTENTION
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\NisSrv.exe [3174840 2023-12-08] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MsMpEng.exe [133592 2023-12-08] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 amd3dvcache; C:\WINDOWS\System32\DriverStore\FileRepository\amd3dvcache.inf_amd64_558311a8a60226a4\amd3dvcache.sys [42720 2024-04-18] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc)
R3 amdfendrmgr; C:\WINDOWS\System32\drivers\amdfendrmgr.sys [56416 2024-03-26] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R3 amdgpio3; C:\WINDOWS\System32\drivers\amdgpio3.sys [36928 2022-09-15] (ASMedia Technology Inc. -> Advanced Micro Devices, Inc)
R3 amduw23g; C:\WINDOWS\System32\DriverStore\FileRepository\u0401611.inf_amd64_fdc4605155615ab7\B399690\amdkmdag.sys [100084648 2024-03-26] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [569344 2024-12-05] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [200704 2024-12-05] (Microsoft Corporation) [File not signed]
R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [237288 2022-08-01] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 DPMDriver; C:\WINDOWS\System32\drivers\DPMDriver.sys [142272 2025-02-04] (IndiLogic LLC -> Dell Inc.)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [42256 2023-10-26] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [63696 2023-10-26] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R1 googlehaxm; C:\WINDOWS\system32\drivers\GoogleHaxm.sys [234712 2025-02-26] (Microsoft Windows Hardware Compatibility Publisher -> Google)
S3 HPEWSFXBULK; C:\WINDOWS\system32\drivers\hpfx64bulk.sys [30200 2023-05-31] (Hewlett-Packard Company -> Hewlett Packard)
R1 klbackupdisk; C:\WINDOWS\system32\DRIVERS\klbackupdisk.sys [105280 2022-08-01] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klbackupflt; C:\WINDOWS\System32\DRIVERS\klbackupflt.sys [206600 2022-08-01] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [119568 2022-08-01] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [41656 2021-02-19] (Microsoft Windows Early Launch Anti-malware Publisher -> AO Kaspersky Lab)
R1 klflt; C:\WINDOWS\system32\DRIVERS\klflt.sys [533040 2024-04-03] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klgse; C:\WINDOWS\System32\DRIVERS\klgse.sys [857432 2025-03-04] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klhk; C:\WINDOWS\system32\DRIVERS\klhk.sys [2256208 2025-03-04] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klids; C:\ProgramData\Kaspersky Lab\AVP21.3\Bases\klids.sys [236024 2025-02-24] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [1051184 2024-04-03] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klim6; C:\WINDOWS\system32\DRIVERS\klim6.sys [90896 2022-08-01] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klkbdflt; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [104728 2022-08-01] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klmouflt; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [107328 2022-08-01] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [78088 2022-08-01] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klpnpflt; C:\WINDOWS\system32\DRIVERS\klpnpflt.sys [88328 2022-08-01] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 kltun; C:\WINDOWS\system32\DRIVERS\kltun.sys [101912 2025-01-18] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R0 klupd_klif_arkmon; C:\WINDOWS\System32\Drivers\klupd_klif_arkmon.sys [400152 2025-03-10] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klupd_klif_klark; C:\WINDOWS\System32\Drivers\klupd_klif_klark.sys [364056 2025-03-12] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R0 klupd_klif_klbg; C:\WINDOWS\System32\Drivers\klupd_klif_klbg.sys [204440 2025-03-10] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klupd_klif_mark; C:\WINDOWS\System32\Drivers\klupd_klif_mark.sys [266432 2025-03-12] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [150280 2022-08-01] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klwtp; C:\WINDOWS\system32\DRIVERS\klwtp.sys [325400 2022-08-01] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [294680 2022-08-01] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 MSIO; C:\Windows\system32\drivers\MsIo64.sys [19000 2023-04-05] (Microsoft Windows Hardware Compatibility Publisher -> MICSYS Technology Co., LTd)
R3 MTKBTFilterX64; C:\WINDOWS\System32\drivers\mtkbtfilterx.sys [345056 2022-06-26] (Microsoft Windows Hardware Compatibility Publisher -> MediaTek Inc.)
R3 mtkwlex; C:\WINDOWS\System32\drivers\mtkwl6ex.sys [1587680 2022-06-26] (Microsoft Windows Hardware Compatibility Publisher -> MediaTek Inc.)
R3 NTIOLib_CC_Clock; C:\Program Files (x86)\MSI\MSI Center\Lib\NTIOLib_X64.sys [14288 2017-07-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 NTIOLib_CC_COMM; C:\Program Files (x86)\MSI\MSI Center\Lib\SYS\NTIOLib_X64.sys [32424 2023-07-31] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
S3 NTIOLib_FWUpdate; C:\Program Files (x86)\MSI\MSI Center\Mystic Light\ResetMCU\JT1Toucher\NTIOLib_X64.sys [28496 2022-04-27] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 NTIOLib_MysticLight; C:\Program Files (x86)\MSI\MSI Center\Mystic Light\Lib\NTIOLib_X64.sys [14288 2017-07-11] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 RzCommon; C:\WINDOWS\System32\drivers\RzCommon.sys [64168 2022-08-18] (Razer USA Ltd. -> Razer Inc)
R3 RzDev_0099; C:\WINDOWS\System32\drivers\RzDev_0099.sys [56152 2021-06-14] (Razer USA Ltd. -> Razer Inc)
S3 ThermalFilter; C:\WINDOWS\System32\DriverStore\FileRepository\c_thermal.inf_amd64_732a53ed1662b707\ThermalFilter.sys [75376 2025-03-27] (Microsoft Windows Hardware Abstraction Layer Publisher -> Microsoft Corporation)
S3 usbscan; C:\WINDOWS\System32\DriverStore\FileRepository\sti.inf_amd64_971c769b103df369\usbscan.sys [90112 2024-12-05] (Microsoft Windows -> Microsoft Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [55856 2023-12-08] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [594304 2023-12-08] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105856 2023-12-08] (Microsoft Windows -> Microsoft Corporation)
S3 wini3ctarget; C:\WINDOWS\System32\DriverStore\FileRepository\wini3ctarget.inf_amd64_bdb09ebda2834009\wini3ctarget.sys [75168 2025-03-27] (Microsoft Windows -> Microsoft Corporation)
S4 AmdTools64; \SystemRoot\System32\drivers\AmdTools64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2025-04-19 03:28 - 2025-04-19 03:29 - 000040968 _____ C:\Users\David\Desktop\FRST.txt
2025-04-19 01:01 - 2025-04-19 01:01 - 000711764 _____ C:\WINDOWS\system32\perfh005.dat
2025-04-19 01:01 - 2025-04-19 01:01 - 000152978 _____ C:\WINDOWS\system32\perfc005.dat
2025-04-16 23:08 - 2025-04-18 22:09 - 000000000 ____D C:\Users\David\Desktop\www.UIndex.org - Daredevil Born Again S01E09 Straight to Hell 2160p DSNP WEB-DL DDP5 1 Atmos DV HDR H 265-FLUX
2025-04-14 22:11 - 2025-04-14 22:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\qBittorrent
2025-04-11 16:14 - 2025-04-11 16:14 - 021490212 _____ C:\Users\David\Desktop\Ebook Jak pěstovat chilli - 7 kroků.pdf
2025-04-10 17:32 - 2025-04-19 02:01 - 000000000 ____D C:\WINDOWS\CbsTemp
2025-04-09 18:32 - 2025-04-09 18:32 - 000000000 ____D C:\inetpub
2025-04-09 17:59 - 2025-04-09 18:00 - 000567952 _____ C:\Users\David\Desktop\MP.pdf
2025-03-30 16:03 - 2025-03-30 16:26 - 000000000 ____D C:\Users\David\Desktop\Agatha.All.Along.S01E01.HDR.2160p.WEB.H265-SuccessfulCrab[TGx]
2025-03-28 02:36 - 2025-03-28 02:36 - 000000000 ____D C:\WINDOWS\system32\AccountHealthAssets
2025-03-27 21:59 - 2025-03-27 21:59 - 000029042 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json
2025-03-27 21:59 - 2025-03-27 21:59 - 000029042 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2025-03-21 23:24 - 2025-03-24 23:19 - 000000000 ____D C:\Users\David\Desktop\www.Torrenting.com - Daredevil 2003 1080p DSNP WEB-DL DDP 5 1 H 264-PiRaTeS
2025-03-21 23:09 - 2025-03-21 23:24 - 000000000 ____D C:\Users\David\Desktop\Daredevil Directors Cut (2003) [1080p]
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2025-04-19 03:29 - 2024-04-06 17:11 - 000000000 ____D C:\FRST
2025-04-19 03:29 - 2024-04-01 09:26 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2025-04-19 03:29 - 2023-10-25 02:40 - 000000000 ____D C:\Users\David\AppData\Local\Battle.net
2025-04-19 03:28 - 2024-04-06 17:06 - 002404864 _____ (Farbar) C:\Users\David\Desktop\FRST64.exe
2025-04-19 03:24 - 2023-10-30 19:34 - 000000000 ____D C:\Users\David\AppData\Roaming\CurseForge
2025-04-19 03:23 - 2023-10-26 16:41 - 000000000 ____D C:\Program Files (x86)\Steam
2025-04-19 03:21 - 2023-10-25 03:01 - 000000000 ____D C:\Users\David\AppData\Local\D3DSCache
2025-04-19 03:07 - 2023-10-27 14:47 - 000000000 ____D C:\Users\David\AppData\Roaming\vlc
2025-04-19 03:01 - 2023-10-26 16:27 - 000000000 ____D C:\Users\David\AppData\Local\Discord
2025-04-19 02:40 - 2025-03-13 12:56 - 000001298 _____ C:\Users\David\Desktop\Mr Autofire.lnk
2025-04-19 02:30 - 2024-12-05 21:45 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2025-04-19 02:04 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\AppReadiness
2025-04-19 01:01 - 2024-12-05 21:51 - 001692332 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2025-04-19 01:01 - 2024-04-01 09:24 - 000000000 ____D C:\WINDOWS\INF
2025-04-19 00:02 - 2024-08-09 16:36 - 000000000 ____D C:\Users\David\AppData\Roaming\discord
2025-04-19 00:01 - 2024-12-05 21:49 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2025-04-19 00:01 - 2024-12-05 21:47 - 000003942 _____ C:\WINDOWS\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2
2025-04-19 00:01 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SystemTemp
2025-04-19 00:01 - 2023-10-25 03:04 - 000000000 ____D C:\ProgramData\NVIDIA
2025-04-19 00:01 - 2023-10-24 19:04 - 000000000 ____D C:\MSI
2025-04-19 00:01 - 2023-10-24 17:52 - 000012288 ___SH C:\DumpStack.log.tmp
2025-04-19 00:00 - 2024-04-01 09:21 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2025-04-18 21:43 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\SecurityHealth
2025-04-18 21:30 - 2024-04-01 09:26 - 000000000 ___HD C:\Program Files\WindowsApps
2025-04-18 21:29 - 2025-02-06 17:40 - 000003576 _____ C:\WINDOWS\system32\Tasks\OneDrive Startup Task-S-1-5-21-2111594256-2338183963-3193565703-1001
2025-04-18 21:29 - 2024-12-05 21:49 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2111594256-2338183963-3193565703-1001
2025-04-18 21:29 - 2024-12-05 21:49 - 000003364 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2111594256-2338183963-3193565703-1001
2025-04-18 21:29 - 2023-10-25 02:23 - 000002381 _____ C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2025-04-18 11:03 - 2023-10-27 00:34 - 000000000 ____D C:\Users\David\AppData\Roaming\qBittorrent
2025-04-18 10:27 - 2023-10-25 02:16 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2025-04-18 08:24 - 2023-10-27 03:50 - 000000000 ____D C:\Users\David\AppData\Roaming\Microsoft\Word
2025-04-18 00:35 - 2023-10-27 00:32 - 000000000 ____D C:\Users\David\AppData\Local\CrashDumps
2025-04-18 00:20 - 2023-10-25 02:28 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2025-04-16 22:40 - 2023-10-30 19:34 - 000002425 _____ C:\Users\David\Desktop\CurseForge.lnk
2025-04-16 02:13 - 2023-10-27 00:31 - 000123833 _____ C:\Users\David\Desktop\trollings.txt
2025-04-14 22:11 - 2025-02-20 21:12 - 000000000 ____D C:\Program Files\qBittorrent
2025-04-10 17:41 - 2023-10-25 02:21 - 000000000 ____D C:\Users\David\AppData\Local\Packages
2025-04-09 18:34 - 2024-12-05 21:45 - 000472816 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2025-04-09 18:33 - 2024-12-05 21:45 - 000001623 _____ C:\WINDOWS\system32\config\VSMIDK
2025-04-09 18:32 - 2024-04-01 18:30 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2025-04-09 18:32 - 2024-04-01 18:30 - 000000000 ____D C:\WINDOWS\system32\Microsoft-Edge-WebView
2025-04-09 18:32 - 2024-04-01 09:26 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2025-04-09 18:32 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SystemResources
2025-04-09 18:32 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\Sgrm
2025-04-09 18:32 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2025-04-09 18:32 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\oobe
2025-04-09 18:32 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\bcastdvr
2025-04-08 21:07 - 2024-04-01 09:26 - 000000000 ____D C:\ProgramData\USOPrivate
2025-04-08 19:10 - 2024-12-05 21:49 - 003352064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2025-04-06 00:03 - 2024-12-05 21:49 - 000003640 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2025-04-06 00:03 - 2024-12-05 21:49 - 000003516 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2025-04-04 01:07 - 2023-10-25 02:39 - 000000000 ____D C:\Program Files (x86)\Battle.net
2025-04-01 17:06 - 2024-12-05 21:49 - 000003512 _____ C:\WINDOWS\system32\Tasks\GyazoUpdateTaskMachineDaily
2025-04-01 17:06 - 2024-12-05 21:49 - 000003376 _____ C:\WINDOWS\system32\Tasks\GyazoUpdateTaskMachine
2025-04-01 17:06 - 2023-10-25 23:52 - 000000000 ____D C:\Program Files (x86)\Gyazo
2025-03-30 01:45 - 2023-12-19 03:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2025-03-28 02:37 - 2024-04-01 09:26 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2025-03-28 02:37 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\UUS
2025-03-28 02:37 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2025-03-28 02:37 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2025-03-28 02:37 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2025-03-28 02:36 - 2024-12-05 21:41 - 000000000 ____D C:\WINDOWS\InboxApps
2025-03-28 02:36 - 2024-04-01 18:31 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2025-03-28 02:36 - 2024-04-01 18:31 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2025-03-28 02:36 - 2024-04-01 09:26 - 000000000 ___SD C:\WINDOWS\system32\UNP
2025-03-28 02:36 - 2024-04-01 09:26 - 000000000 ___SD C:\WINDOWS\system32\F12
2025-03-28 02:36 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SystemApps
2025-03-28 02:36 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2025-03-28 02:36 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2025-03-28 02:36 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2025-03-28 02:36 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\setup
2025-03-28 02:36 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2025-03-28 02:36 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\HealthAttestationClient
2025-03-28 02:36 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\Dism
2025-03-28 02:36 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\appraiser
2025-03-28 02:36 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\ShellExperiences
2025-03-28 02:36 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\ShellComponents
2025-03-28 02:36 - 2024-04-01 09:26 - 000000000 ____D C:\Program Files\Common Files\System
2025-03-28 02:36 - 2024-04-01 09:21 - 000000000 ____D C:\WINDOWS\servicing
2025-03-23 19:39 - 2023-10-25 02:19 - 000000000 ____D C:\ProgramData\Packages
2025-03-20 22:54 - 2023-10-25 02:23 - 000000000 ____D C:\Users\David\AppData\Local\PlaceholderTileLogoFolder
==================== Files in the root of some directories ========
2025-03-13 12:50 - 2025-03-13 12:54 - 000079670 _____ () C:\Users\David\AppData\Local\dxdiag.log
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
