zpomaleny ntb
Napsal: 23 dub 2019 19:22
po dlouhe dobe opet problem ostatne jak jinak
kopil sem ai btb od HP( bohuzel ) a po nejake dobe cca 3 mesice od koupi se zacal radikalne zpomalovat celkovy chod. ted uz to zpomaleni tolik nevnimam ale co se tyce startu to je hruza cekacka cca 3-5 minut nez se dotoci kolecko pod logem HP a pak windowsu a nez se nastartuje plocha do pouzitelneho stavu je proste moc dlouha. no kazdopadne sem zkousel w10 schodit na w7 bezuspechu chce to po me ovladac na usb. ale to je fuk to tu resit nechcete kazdopadne rady co odstranit zablokovat spousteni neuzitecnych programu se hodi vzdy. a hlavne kontrola stavu od zkusenych je potreba dikes. takze log RSIT:
Logfile of random's system information tool 1.10 (written by random/random)
Run by janhe at 2019-04-23 20:10:11
Microsoft Windows 10 Home
System drive C: has 390 GB (42%) free of 938 GB
Total RAM: 8018 MB (56% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:10:23, on 23.04.2019
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.17134.0001)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\HP\HP JumpStart Launch\HPJumpStartLaunch.exe
C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe
C:\Users\janhe\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Origin\Origin.exe
C:\Users\janhe\AppData\Roaming\uTorrent\uTorrent.exe
C:\Program Files (x86)\Realtek\PCIE Wireless LAN\RtlS5Wake\RtlS5Wake.exe
C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe
C:\Users\janhe\AppData\Roaming\uTorrent\updates\3.5.5_45146\utorrentie.exe
C:\Users\janhe\AppData\Roaming\uTorrent\updates\3.5.5_45146\utorrentie.exe
C:\Users\janhe\AppData\Roaming\uTorrent\helper\helper.exe
C:\Program Files (x86)\Origin\QtWebEngineProcess.exe
C:\Program Files (x86)\Origin\QtWebEngineProcess.exe
C:\Program Files\trend micro\janhe.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://hp17win10.msn.com/?pc=HCTE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: Norton Password Manager - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Security\Engine32\22.17.0.183\coIEPlg.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security\Engine32\22.17.0.183\coIEPlg.dll
O4 - HKLM\..\Run: [RtlS5Wake] C:\PROGRA~2\Realtek\PCIEWI~1\RTLS5W~1\RTLS5W~1.EXE
O4 - HKLM\..\Run: [HPMessageService] C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe
O4 - HKCU\..\Run: [OneDrive] "C:\Users\janhe\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [EADM] "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [uTorrent] "C:\Users\janhe\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [EPLTarget\P0000000000000000] C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIILE.EXE /EPT "EPLTarget\P0000000000000000" /M "XP-205 207 Series"
O4 - HKCU\..\Run: [EPLTarget\P0000000000000001] C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIIME.EXE /EPT "EPLTarget\P0000000000000001" /M "XP-202 203 206 Series"
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\WINDOWS\system32\atiesrxx.exe (file missing)
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BTDevManager - Realtek Semiconductor Corp. - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe
O23 - Service: Služba Vzdálené plochy Chrome (chromoting) - Google Inc. - C:\Program Files (x86)\Google\Chrome Remote Desktop\74.0.3729.56\remoting_host.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: Epson Scanner Service (EpsonScanSvc) - Unknown owner - C:\WINDOWS\system32\EscSvc64.exe (file missing)
O23 - Service: @oem14.inf,%ServiceDisplayName%;ESIF Upper Framework Service (esifsvc) - Intel Corporation - C:\WINDOWS\SysWOW64\esif_uf.exe
O23 - Service: Elan Service (ETDService) - ELAN Microelectronics Corp. - C:\Program Files\Elantech\ETDService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google Inc. - C:\Program Files (x86)\Google\Chrome\Application\73.0.3683.103\elevation_service.exe
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Comm Recovery (HP Comm Recover) - HP Inc. - C:\Program Files\HPCommRecovery\HPCommRecovery.exe
O23 - Service: HP JumpStart Bridge (HPJumpStartBridge) - HP Inc. - c:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe
O23 - Service: HP CASL Framework Service (hpqcaslwmiex) - HP - C:\Program Files (x86)\HP\Shared\hpqwmiex.exe
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - HP Inc. - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
O23 - Service: HPWMISVC - HP Inc. - C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: KingoSoftService - Unknown owner - C:\Users\janhe\AppData\Local\Kingosoft\Kingo Root\update_27205\bin\KingoSoftService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Norton Security (NortonSecurity) - Symantec Corporation - C:\Program Files\Norton Security\Engine\22.17.0.183\NortonSecurity.exe
O23 - Service: Norton WSC Service (nsWscSvc) - Symantec Corporation - C:\Program Files\Norton Security\Engine\22.17.0.183\nsWscSvc.exe
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: Origin Web Helper Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginWebHelperService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\WINDOWS\system32\SgrmBroker.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: @%systemroot%\system32\xbgmsvc.exe,-100 (xbgm) - Unknown owner - C:\WINDOWS\system32\xbgmsvc.exe (file missing)
--
End of file - 12034 bytes
======Listing Processes======
winlogon.exe
C:\WINDOWS\system32\lsass.exe
c:\windows\system32\svchost.exe -k dcomlaunch -p -s PlugPlay
"fontdrvhost.exe"
"fontdrvhost.exe"
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-2948eb4f-4bf2-4b57-b1b7-a5327106d9f2 -SystemEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-405cdb63-cedd-4373-ad63-395a3735853c -IoCancelEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-2f659561-edf5-49a9-a5f1-f053e8ff9483 -NonStateChangingEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-09061ee3-7904-4e80-8f8a-771e2f983f5d -LifetimeId:78b650c9-bdd8-4f8d-9f86-07556c272b29 -DeviceGroupId:
c:\windows\system32\svchost.exe -k rpcss -p
c:\windows\system32\svchost.exe -k dcomlaunch -p -s LSM
"dwm.exe"
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork -p
c:\windows\system32\svchost.exe -k localservice -p -s bthserv
c:\windows\system32\svchost.exe -k localservice -p -s BthAvctpSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s NcbService
c:\windows\system32\svchost.exe -k netsvcs -p -s Schedule
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s TimeBrokerSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s ProfSvc
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s EventLog
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s BTAGService
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s DeviceAssociationService
c:\windows\system32\svchost.exe -k netsvcs -p -s UserManager
C:\WINDOWS\system32\svchost.exe -k LocalService -p
c:\windows\system32\svchost.exe -k localservice -p -s nsi
dashost.exe {2b236f18-2021-4ebf-a4632afee54f1e92}
c:\windows\system32\svchost.exe -k appmodel -p -s camsvc
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s Dhcp
c:\windows\system32\svchost.exe -k localservice -p -s PhoneSvc
c:\windows\system32\svchost.exe -k networkservice -p -s NlaSvc
c:\windows\system32\svchost.exe -k localservice -p -s netprofm
C:\WINDOWS\system32\atiesrxx.exe
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s SSDPSRV
c:\windows\system32\svchost.exe -k netsvcs -p -s Appinfo
c:\windows\system32\svchost.exe -k localservice -p -s EventSystem
atieclxx
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s SysMain
c:\windows\system32\svchost.exe -k netsvcs -p -s Themes
c:\windows\system32\svchost.exe -k netsvcs -p -s SENS
C:\WINDOWS\system32\igfxCUIService.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s AudioEndpointBuilder
c:\windows\system32\svchost.exe -k localservice -p -s FontCache
c:\windows\system32\svchost.exe -k netsvcs -p -s Winmgmt
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
c:\windows\system32\svchost.exe -k appmodel -p -s StateRepository
"C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe"
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p
c:\windows\system32\svchost.exe -k networkservice -p -s Dnscache
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s WinHttpAutoProxySvc
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p
c:\windows\system32\svchost.exe -k netsvcs -p -s ShellHWDetection
C:\WINDOWS\system32\WLANExt.exe 2580208375136
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\WINDOWS\System32\spoolsv.exe
c:\windows\system32\svchost.exe -k networkservice -p -s LanmanWorkstation
"C:\Program Files\Elantech\ETDService.exe"
"C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe"
C:\WINDOWS\System32\svchost.exe -k utcsvc -p
"C:\Program Files (x86)\Google\Chrome Remote Desktop\74.0.3729.56\remoting_host.exe" --type=daemon --host-config="C:\ProgramData\Google\Chrome Remote Desktop\host.json"
c:\windows\system32\svchost.exe -k apphost -s AppHostSvc
C:\WINDOWS\SysWOW64\esif_uf.exe
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe"
C:\WINDOWS\system32\svchost.exe -k imgsvc
c:\windows\system32\svchost.exe -k netsvcs -s CertPropSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s LanmanServer
"C:\Users\janhe\AppData\Local\Kingosoft\Kingo Root\update_27205\bin\KingoSoftService.exe" "C:\Users\janhe\AppData\Local\Kingosoft\Kingo Root\update_27205\bin\checkupdate.exe"
"C:\Program Files\Norton Security\Engine\22.17.0.183\NortonSecurity.exe" /s "NortonSecurity" /m "C:\Program Files\Norton Security\Engine\22.17.0.183\diMaster.dll" /prefetch:1
c:\windows\system32\svchost.exe -k netsvcs -p -s iphlpsvc
c:\windows\system32\svchost.exe -k netsvcs -p -s IKEEXT
c:\windows\system32\svchost.exe -k localservice -p -s SstpSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TrkWks
c:\windows\system32\svchost.exe -k localservicenonetwork -p -s DPS
c:\windows\system32\svchost.exe -k networkservice -p -s CryptSvc
"C:\Program Files (x86)\Origin\OriginWebHelperService.exe"
c:\windows\system32\svchost.exe -k netsvcs -p -s WpnService
c:\windows\system32\svchost.exe -k networkservice -p -s TapiSrv
c:\windows\system32\svchost.exe -k localservice -p -s WdiServiceHost
C:\WINDOWS\system32\EscSvc64.exe
c:\windows\system32\svchost.exe -k netsvcs
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s lmhosts
c:\windows\system32\svchost.exe -k localservicenonetwork -p -s NcdAutoSetup
"C:\Program Files (x86)\Google\Chrome Remote Desktop\74.0.3729.56\remoting_host.exe" --type=host --mojo-pipe-token=4623349349530488593 --mojo-platform-channel-handle=852
sihost.exe
"C:\WINDOWS\TEMP\DPTF\esif_assist_64.exe"
c:\windows\system32\svchost.exe -k unistacksvcgroup -s CDPUserSvc
c:\windows\system32\svchost.exe -k unistacksvcgroup -s WpnUserService
"C:\Program Files (x86)\HP\HP JumpStart Launch\HPJumpStartLaunch.exe"
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
c:\windows\system32\svchost.exe -k netsvcs -p -s TokenBroker
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TabletInputService
"ctfmon.exe"
C:\WINDOWS\Explorer.EXE
c:\windows\system32\svchost.exe -k localservice -p -s CDPSvc
"C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\Elantech\ETDCtrl.exe"
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SESSION
C:\Windows\System32\RuntimeBroker.exe -Embedding
c:\windows\system32\svchost.exe -k localservice -p -s LicenseManager
C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding
C:\Windows\System32\CastSrv.exe CCastServerControlInteractiveUser -Embedding
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c\SkypeApp.exe" -ServerName:App.AppXffn3yxqvgawq9fpmnhy90fr3y01d1t5b.mca
"C:\Program Files\Elantech\ETDTouch.exe"
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s PcaSvc
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe" -ServerName:SkypeBackgroundHost
igfxEM.exe
igfxHK.exe
"C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19031.11411.0_x64__8wekyb3d8bbwe\Video.UI.exe" -ServerName:Microsoft.ZuneVideo.AppX758ya5sqdjd98rx6z7g95nw6jy7bqx9y.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe" -ServerName:MicrosoftEdge.AppXdnhjhccw3zf0j06tkg3jtqr00qdm0khc.mca
"C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe"
C:\WINDOWS\system32\browser_broker.exe -Embedding
C:\WINDOWS\system32\DllHost.exe /Processid:{973D20D7-562D-44B9-B70B-5A0F49CCDF3F}
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\system32\SettingSyncHost.exe -Embedding
"C:\Program Files\Windows Defender\MSASCuiL.exe"
"C:\Users\janhe\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
"C:\Program Files (x86)\Steam\Steam.exe" -silent
c:\windows\system32\svchost.exe -k networkservice -p -s DoSvc
c:\Program Files\AMD\CNext\CNext\RadeonSettings.exe atlogon
c:\windows\system32\svchost.exe -k netsvcs -p -s wlidsvc
"C:\Program Files (x86)\Origin\Origin.exe" -AutoStart
c:\windows\system32\svchost.exe -k unistacksvcgroup
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" "-lang=cs_CZ" "-cachedir=C:\Users\janhe\AppData\Local\Steam\htmlcache" "-steampid=10056" "-buildid=1555457005" "-steamid=0" "-steamuniverse=Dev" "-clientui=C:\Program Files (x86)\Steam\clientui" --disable-out-of-process-pac --enable-blink-features=ResizeObserver,Worklet,AudioWorklet --disable-features=TouchpadAndWheelScrollLatching,AsyncWheelEvents --enable-media-stream --disable-smooth-scrolling --num-raster-threads=4 --enable-direct-write "--log-file=C:\Program Files (x86)\Steam\logs\cef_log.txt"
"C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
"C:\Users\janhe\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=crashpad-handler /prefetch:7 --max-uploads=5 --max-db-size=20 --max-db-age=5 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Program Files (x86)\Steam\dumps" "--metrics-dir=C:\Users\janhe\AppData\Local\CEF\User Data" --url=http://crash.steampowered.com/submit --annotation=platform=win64 --annotation=product=cefwebhelper --annotation=version=1555457005 --initial-client-data=0x88,0x94,0x9c,0x84,0x64,0x7ffb9f1df760,0x7ffb9f1df770,0x7ffb9f1df780
"C:\Windows\System32\spool\drivers\x64\3\E_IATIILE.EXE" /EPT "EPLTarget\P0000000000000000" /M "XP-205 207 Series"
"C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService
"C:\Windows\System32\spool\drivers\x64\3\E_IATIIME.EXE" /EPT "EPLTarget\P0000000000000001" /M "XP-202 203 206 Series"
c:\windows\system32\svchost.exe -k netsvcs -p
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=gpu-process --field-trial-handle=1316,4580583704558992862,7099214592251366654,131072 --disable-features=AsyncWheelEvents,TouchpadAndWheelScrollLatching --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --product-version="Valve Steam Client" --lang=cs-CZ --buildid=1555457005 --steamid=0 --gpu-preferences=KAAAAAAAAACAAwCAAQAAAAAAAAAAAGAAAAAAAAAAAAAIAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAFAAAAEAAAAAAAAAAAAAAABgAAABAAAAAAAAAAAQAAAAUAAAAQAAAAAAAAAAEAAAAGAAAA --service-request-channel-token=6180776346648564595 --mojo-platform-channel-handle=1324 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Realtek\PCIE Wireless LAN\RtlS5Wake\RtlS5Wake.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\janhe\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\janhe\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\janhe\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=73.0.3683.103 --initial-client-data=0x1d8,0x1dc,0x1e0,0x1d4,0x1e4,0x7ffb8d016830,0x7ffb8d016840,0x7ffb8d016850
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=7672 --on-initialized-event-handle=660 --parent-handle=664 /prefetch:6
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1696,13384371237939647826,1807770428527361254,131072 --gpu-preferences=KAAAAAAAAACAAwAAAQAAAAAAAAAAAGAAAAAAAAEAAAAIAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAFAAAAEAAAAAAAAAAAAAAABgAAABAAAAAAAAAAAQAAAAUAAAAQAAAAAAAAAAEAAAAGAAAA --service-request-channel-token=9161060245595479963 --mojo-platform-channel-handle=1712 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=1696,13384371237939647826,1807770428527361254,131072 --lang=cs --service-sandbox-type=network --service-request-channel-token=3534981252164806717 --mojo-platform-channel-handle=1896 /prefetch:8
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
"C:\Users\janhe\AppData\Roaming\uTorrent\updates\3.5.5_45146\utorrentie.exe" uTorrent_8172_03BC2640_243841176 µTorrent4823DF041B09 uTorrent
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1696,13384371237939647826,1807770428527361254,131072 --service-pipe-token=9592352616945976896 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=9592352616945976896 --renderer-client-id=4 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3300 /prefetch:1
"C:\Users\janhe\AppData\Roaming\uTorrent\updates\3.5.5_45146\utorrentie.exe" uTorrent_8172_03BC1B90_2080506954 µTorrent4823DF041B09 uTorrent
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=renderer --field-trial-handle=1316,4580583704558992862,7099214592251366654,131072 --disable-features=AsyncWheelEvents,TouchpadAndWheelScrollLatching --service-pipe-token=12668629769830613152 --enable-blink-features=ResizeObserver,Worklet,AudioWorklet --lang=cs --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --product-version="Valve Steam Client" --buildid=1555457005 --steamid=0 --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=12668629769830613152 --renderer-client-id=4 --mojo-platform-channel-handle=1420 /prefetch:1
"C:\Users\janhe\AppData\Roaming\uTorrent\helper\helper.exe" 31596 -- -pid 8172 -version 45146
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=renderer --field-trial-handle=1316,4580583704558992862,7099214592251366654,131072 --disable-features=AsyncWheelEvents,TouchpadAndWheelScrollLatching --service-pipe-token=12760311956031313604 --enable-blink-features=ResizeObserver,Worklet,AudioWorklet --lang=cs --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --product-version="Valve Steam Client" --buildid=1555457005 --steamid=0 --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=12760311956031313604 --renderer-client-id=5 --mojo-platform-channel-handle=2440 /prefetch:1
"C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe"
"C:\Program Files\HPCommRecovery\HPCommRecovery.exe"
"C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1696,13384371237939647826,1807770428527361254,131072 --service-pipe-token=17972768742748191989 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=17972768742748191989 --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3064 /prefetch:1
"C:\Program Files (x86)\Google\Update\1.3.34.7\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1696,13384371237939647826,1807770428527361254,131072 --service-pipe-token=7512771387413718403 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=7512771387413718403 --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5752 /prefetch:1
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s StorSvc
"c:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe"
"C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Origin\QtWebEngineProcess.exe" --type=renderer --disable-accelerated-video-decode --disable-gpu-memory-buffer-video-frames --enable-threaded-compositing --no-sandbox --disable-webrtc-hw-encoding --primordial-pipe-token=22362EF1914BF2FE86DD2F30679A1219 --lang=en-US --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --disable-gpu-compositing --mojo-channel-token=81666E84F46A1C38AC5AB44E3C9FE045 --mojo-application-channel-token=22362EF1914BF2FE86DD2F30679A1219 --channel="4344.1.611980436\1194641756" --mojo-platform-channel-handle=3296 /prefetch:1
"C:\Program Files\rempl\sedsvc.exe"
"C:\Program Files (x86)\Origin\QtWebEngineProcess.exe" --type=renderer --disable-accelerated-video-decode --disable-gpu-memory-buffer-video-frames --enable-threaded-compositing --no-sandbox --disable-webrtc-hw-encoding --primordial-pipe-token=57DC515AB66E005038DC753E64155D60 --lang=en-US --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --disable-gpu-compositing --mojo-channel-token=3AFBEFF4CA0CF3B94E606E24B20433AA --mojo-application-channel-token=57DC515AB66E005038DC753E64155D60 --channel="4344.3.63973999\798262002" --mojo-platform-channel-handle=4252 /prefetch:1
"C:\Program Files (x86)\Google\Update\1.3.34.7\GoogleCrashHandler64.exe"
c:\windows\system32\svchost.exe -k netsvcs -p -s SharedAccess
C:\WINDOWS\System32\alg.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s Netman
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s upnphost
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s WdiSystemHost
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1696,13384371237939647826,1807770428527361254,131072 --service-pipe-token=2655261276208931272 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=2655261276208931272 --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3232 /prefetch:1
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c\SkypeBridge\SkypeBridge.exe" /InvokerPRAID: App
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s wscsvc
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1696,13384371237939647826,1807770428527361254,131072 --service-pipe-token=2635668929314762463 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=2635668929314762463 --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5844 /prefetch:1
c:\windows\system32\svchost.exe -k netsvcs -p -s lfsvc
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s QWAVE
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1696,13384371237939647826,1807770428527361254,131072 --service-pipe-token=11683593532129529659 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=11683593532129529659 --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5960 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1696,13384371237939647826,1807770428527361254,131072 --service-pipe-token=9979355037452911973 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=9979355037452911973 --renderer-client-id=72 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5448 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1696,13384371237939647826,1807770428527361254,131072 --service-pipe-token=506037286677682497 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=506037286677682497 --renderer-client-id=90 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6596 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1696,13384371237939647826,1807770428527361254,131072 --service-pipe-token=3202945943524790845 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=3202945943524790845 --renderer-client-id=92 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6556 /prefetch:1
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe4_ Global\UsGthrCtrlFltPipeMssGthrPipe4 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 744 748 756 8192 752
C:\Windows\System32\smartscreen.exe -Embedding
C:\WINDOWS\system32\AUDIODG.EXE 0x3b4
"C:\Users\janhe\Downloads\RSITx64.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\WINDOWS\tasks\HPCeeScheduleForjanhe.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForjanhe (null)
=========Mozilla firefox=========
ProfilePath - C:\Users\janhe\AppData\Roaming\Mozilla\Firefox\Profiles\s4hw76vf.default
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 32.0.0.171 Plugin
"Path"=C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_171.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\TXE Components\IPT\npIntelWebAPIIPT.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\TXE Components\IPT\npIntelWebAPIUpdater.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=3.0.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 32.0.0.171 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_171.dll
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
Norton Password Manager - C:\Program Files\Norton Security\Engine\22.17.0.183\coIEPlg.dll [2019-03-07 1360400]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2017-04-07 440864]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
Norton Password Manager - C:\Program Files\Norton Security\Engine32\22.17.0.183\coIEPlg.dll [2019-03-07 1022992]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2017-04-07 416288]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files\Norton Security\Engine\22.17.0.183\coIEPlg.dll [2019-03-07 1360400]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files\Norton Security\Engine32\22.17.0.183\coIEPlg.dll [2019-03-07 1022992]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\Program Files\Windows Defender\MSASCuiL.exe [2018-04-12 638872]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2018-03-27 3666528]
"WindowsDefender"=C:\Program Files\Windows Defender\MSASCuiL.exe [2018-04-12 638872]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"=C:\Users\janhe\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2019-04-16 1517880]
"Steam"=C:\Program Files (x86)\Steam\steam.exe [2019-04-17 3152160]
"EADM"=C:\Program Files (x86)\Origin\Origin.exe [2019-04-23 3114256]
"DAEMON Tools Lite Automount"=C:\Program Files\DAEMON Tools Lite\DTAgent.exe [2018-06-20 729704]
"uTorrent"=C:\Users\janhe\AppData\Roaming\uTorrent\uTorrent.exe [2019-03-28 1998008]
"EPLTarget\P0000000000000000"=C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIILE.EXE [2012-02-29 283232]
"EPLTarget\P0000000000000001"=C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIIME.EXE [2014-12-12 283232]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"RtlS5Wake"=C:\PROGRA~2\Realtek\PCIEWI~1\RTLS5W~1\RTLS5W~1.EXE [2017-06-26 1660760]
"HPMessageService"=C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [2018-03-22 709152]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioEndpointBuilder]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioSrv]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudAddService.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudBus.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcapexe]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\McMPFSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SerCx2.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\usbaudio.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96C-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"EnableFullTrustStartupTasks"=2
"EnableUwpStartupTasks"=2
"SupportFullTrustStartupTasks"=1
"SupportUwpStartupTasks"=1
"DisableTaskMgr"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoRun"=0
"NoFolderOptions"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"mixer3"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2019-04-23 20:10:11 ----D---- C:\rsit
2019-04-23 20:10:11 ----D---- C:\Program Files\trend micro
2019-04-23 19:25:55 ----D---- C:\$WINDOWS.~BT
2019-04-23 18:21:09 ----D---- C:\Program Files (x86)\Microsoft Windows 7 Upgrade Advisor
2019-04-16 00:09:11 ----HD---- C:\OneDriveTemp
2019-04-10 00:26:15 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerInstaller.exe
2019-03-30 11:00:26 ----D---- C:\Users\janhe\AppData\Roaming\Mozilla
2019-03-30 11:00:08 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2019-03-30 10:59:42 ----D---- C:\Program Files (x86)\Mozilla Firefox
2019-03-30 10:02:22 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2019-03-24 13:08:24 ----D---- C:\Users\janhe\AppData\Roaming\Ashampoo
2019-03-24 13:03:18 ----D---- C:\ProgramData\Ashampoo
2019-03-24 13:03:13 ----D---- C:\Program Files (x86)\Ashampoo
======List of files/folders modified in the last 1 month======
2019-04-23 20:10:20 ----D---- C:\WINDOWS\Temp
2019-04-23 20:10:18 ----D---- C:\WINDOWS\Prefetch
2019-04-23 20:10:11 ----RD---- C:\Program Files
2019-04-23 20:10:07 ----D---- C:\Users\janhe\AppData\Roaming\uTorrent
2019-04-23 19:56:18 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2019-04-23 19:45:53 ----SHD---- C:\System Volume Information
2019-04-23 19:43:26 ----D---- C:\WINDOWS\System32
2019-04-23 19:43:26 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2019-04-23 19:43:25 ----D---- C:\WINDOWS\INF
2019-04-23 19:43:02 ----D---- C:\WINDOWS\system32\WDI
2019-04-23 19:42:31 ----D---- C:\ProgramData\Origin
2019-04-23 19:40:20 ----D---- C:\Program Files (x86)\Steam
2019-04-23 19:38:00 ----A---- C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2019-04-23 19:36:33 ----D---- C:\WINDOWS\system32\SleepStudy
2019-04-23 18:21:11 ----SHD---- C:\WINDOWS\Installer
2019-04-23 18:21:10 ----SHD---- C:\Config.Msi
2019-04-23 18:21:09 ----RD---- C:\Program Files (x86)
2019-04-23 18:20:43 ----D---- C:\WINDOWS\system32\catroot2
2019-04-23 18:07:41 ----D---- C:\WINDOWS\system32\drivers\wd
2019-04-23 17:15:08 ----D---- C:\Program Files (x86)\Origin
2019-04-23 17:03:23 ----D---- C:\WINDOWS\system32\sru
2019-04-23 16:09:19 ----D---- C:\Users\janhe\AppData\Roaming\vlc
2019-04-23 15:42:45 ----D---- C:\WINDOWS\system32\Tasks
2019-04-23 12:37:10 ----D---- C:\WINDOWS\system32\FxsTmp
2019-04-23 12:00:00 ----D---- C:\WINDOWS\system32\LogFiles
2019-04-23 09:35:45 ----RD---- C:\WINDOWS\Microsoft.NET
2019-04-22 23:13:24 ----D---- C:\WINDOWS\CbsTemp
2019-04-22 16:00:52 ----D---- C:\WINDOWS\Logs
2019-04-21 08:14:11 ----D---- C:\WINDOWS\AppReadiness
2019-04-20 01:40:25 ----HD---- C:\Program Files\WindowsApps
2019-04-19 17:02:23 ----D---- C:\WINDOWS\system32\config
2019-04-17 08:20:23 ----D---- C:\WINDOWS\Tasks
2019-04-13 19:10:17 ----D---- C:\Program Files\Common Files\AV
2019-04-13 17:35:22 ----D---- C:\Windows
2019-04-13 17:31:49 ----D---- C:\WINDOWS\system32\drivers\NGCx64
2019-04-13 17:31:40 ----D---- C:\WINDOWS\system32\CatRoot
2019-04-13 17:30:08 ----D---- C:\WINDOWS\system32\drivers
2019-04-10 00:29:17 ----D---- C:\WINDOWS\WinSxS
2019-04-10 00:26:50 ----D---- C:\WINDOWS\system32\Macromed
2019-04-10 00:26:37 ----D---- C:\WINDOWS\SYSWOW64\Macromed
2019-04-10 00:26:15 ----D---- C:\WINDOWS\SysWOW64
2019-04-10 00:15:22 ----D---- C:\WINDOWS\system32\MRT
2019-04-10 00:05:14 ----AC---- C:\WINDOWS\system32\MRT.exe
2019-04-05 21:35:56 ----D---- C:\WINDOWS\system32\NDF
2019-04-05 07:58:15 ----D---- C:\Program Files\rempl
2019-03-31 11:37:38 ----RD---- C:\WINDOWS\assembly
2019-03-30 14:56:40 ----D---- C:\WINDOWS\LiveKernelReports
2019-03-30 10:01:48 ----D---- C:\WINDOWS\system32\DriverStore
2019-03-30 09:59:21 ----HD---- C:\WINDOWS\ELAMBKUP
2019-03-30 09:52:53 ----D---- C:\WINDOWS\TextInput
2019-03-30 09:52:53 ----D---- C:\WINDOWS\SYSWOW64\zu-ZA
2019-03-30 09:52:53 ----D---- C:\WINDOWS\SYSWOW64\yo-NG
2019-03-30 09:52:53 ----D---- C:\WINDOWS\SYSWOW64\xh-ZA
2019-03-30 09:52:52 ----D---- C:\WINDOWS\SYSWOW64\wo-SN
2019-03-30 09:52:52 ----D---- C:\WINDOWS\SYSWOW64\uz-Latn-UZ
2019-03-30 09:52:52 ----D---- C:\WINDOWS\SYSWOW64\tn-ZA
2019-03-30 09:52:52 ----D---- C:\WINDOWS\SYSWOW64\ti-ET
2019-03-30 09:52:52 ----D---- C:\WINDOWS\SYSWOW64\tg-Cyrl-TJ
2019-03-30 09:52:52 ----D---- C:\WINDOWS\SYSWOW64\sr-Cyrl-RS
2019-03-30 09:52:52 ----D---- C:\WINDOWS\SYSWOW64\sr-Cyrl-BA
2019-03-30 09:52:52 ----D---- C:\WINDOWS\SYSWOW64\sd-Arab-PK
2019-03-30 09:52:52 ----D---- C:\WINDOWS\SYSWOW64\rw-RW
2019-03-30 09:52:52 ----D---- C:\WINDOWS\SYSWOW64\quc-Latn-GT
2019-03-30 09:52:52 ----D---- C:\WINDOWS\SYSWOW64\pa-Arab-PK
2019-03-30 09:52:52 ----D---- C:\WINDOWS\SYSWOW64\nso-ZA
2019-03-30 09:52:52 ----D---- C:\WINDOWS\SYSWOW64\migration
2019-03-30 09:52:52 ----D---- C:\WINDOWS\SYSWOW64\ku-Arab-IQ
2019-03-30 09:52:52 ----D---- C:\WINDOWS\SYSWOW64\ig-NG
2019-03-30 09:52:52 ----D---- C:\WINDOWS\SYSWOW64\chr-CHER-US
2019-03-30 09:52:52 ----D---- C:\WINDOWS\SYSWOW64\ha-Latn-NG
2019-03-30 09:52:52 ----D---- C:\WINDOWS\SYSWOW64\en-US
2019-03-30 09:52:52 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2019-03-30 09:52:52 ----D---- C:\WINDOWS\SYSWOW64\ca-ES-valencia
2019-03-30 09:52:52 ----D---- C:\WINDOWS\SYSWOW64\bs-Latn-BA
2019-03-30 09:52:52 ----D---- C:\WINDOWS\SYSWOW64\az-Latn-AZ
2019-03-30 09:52:45 ----SD---- C:\WINDOWS\system32\UNP
2019-03-30 09:52:45 ----D---- C:\WINDOWS\system32\zu-ZA
2019-03-30 09:52:45 ----D---- C:\WINDOWS\system32\yo-NG
2019-03-30 09:52:45 ----D---- C:\WINDOWS\system32\xh-ZA
2019-03-30 09:52:45 ----D---- C:\WINDOWS\system32\wo-SN
2019-03-30 09:52:45 ----D---- C:\WINDOWS\system32\uz-Latn-UZ
2019-03-30 09:52:45 ----D---- C:\WINDOWS\system32\tn-ZA
2019-03-30 09:52:45 ----D---- C:\WINDOWS\system32\ti-ET
2019-03-30 09:52:45 ----D---- C:\WINDOWS\system32\tg-Cyrl-TJ
2019-03-30 09:52:45 ----D---- C:\WINDOWS\system32\sr-Cyrl-RS
2019-03-30 09:52:45 ----D---- C:\WINDOWS\system32\sr-Cyrl-BA
2019-03-30 09:52:45 ----D---- C:\WINDOWS\system32\sd-Arab-PK
2019-03-30 09:52:45 ----D---- C:\WINDOWS\system32\rw-RW
2019-03-30 09:52:45 ----D---- C:\WINDOWS\system32\quc-Latn-GT
2019-03-30 09:52:45 ----D---- C:\WINDOWS\system32\pa-Arab-PK
2019-03-30 09:52:45 ----D---- C:\WINDOWS\system32\oobe
2019-03-30 09:52:45 ----D---- C:\WINDOWS\system32\nso-ZA
2019-03-30 09:52:45 ----D---- C:\WINDOWS\system32\migration
2019-03-30 09:52:45 ----D---- C:\WINDOWS\system32\ku-Arab-IQ
2019-03-30 09:52:45 ----D---- C:\WINDOWS\system32\ig-NG
2019-03-30 09:52:45 ----D---- C:\WINDOWS\system32\ha-Latn-NG
2019-03-30 09:52:45 ----D---- C:\WINDOWS\system32\en-US
2019-03-30 09:52:44 ----D---- C:\WINDOWS\system32\chr-CHER-US
2019-03-30 09:52:44 ----D---- C:\WINDOWS\system32\cs-CZ
2019-03-30 09:52:44 ----D---- C:\WINDOWS\system32\ca-ES-valencia
2019-03-30 09:52:44 ----D---- C:\WINDOWS\system32\bs-Latn-BA
2019-03-30 09:52:44 ----D---- C:\WINDOWS\system32\az-Latn-AZ
2019-03-30 09:52:44 ----D---- C:\WINDOWS\system32\appraiser
2019-03-30 09:52:43 ----D---- C:\WINDOWS\ShellExperiences
2019-03-30 09:52:42 ----RSD---- C:\WINDOWS\Fonts
2019-03-30 09:52:42 ----RD---- C:\Program Files\Windows Defender
2019-03-30 09:52:42 ----D---- C:\WINDOWS\bcastdvr
2019-03-30 09:52:42 ----D---- C:\WINDOWS\apppatch
2019-03-30 09:52:42 ----D---- C:\Program Files (x86)\Windows Defender
2019-03-30 09:52:39 ----D---- C:\WINDOWS\system32\Boot
2019-03-30 09:52:15 ----SD---- C:\WINDOWS\SYSWOW64\F12
2019-03-30 09:52:14 ----SD---- C:\WINDOWS\system32\F12
2019-03-30 09:52:14 ----D---- C:\WINDOWS\system32\drivers\UMDF
2019-03-30 09:52:06 ----D---- C:\Program Files\internet explorer
2019-03-30 09:52:06 ----D---- C:\Program Files (x86)\Internet Explorer
2019-03-24 13:03:18 ----HD---- C:\ProgramData
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\WINDOWS\system32\drivers\iorate.sys [2018-12-08 58168]
R0 SgrmAgent;@%SystemRoot%\System32\Drivers\SgrmAgent.sys,-1001; C:\WINDOWS\system32\drivers\SgrmAgent.sys [2018-04-12 63896]
R1 afunix;afunix; C:\WINDOWS\system32\drivers\afunix.sys [2018-04-12 39424]
R1 bam;@%SystemRoot%\system32\drivers\bam.sys,-100; C:\WINDOWS\system32\drivers\bam.sys [2018-04-12 60320]
R1 BHDrvx64;BHDrvx64; \??\C:\Program Files\Norton Security\NortonData\22.16.2.22\Definitions\BASHDefs\20181211.001\BHDrvx64.sys [2018-12-12 1925104]
R1 ccSet_NGC;NGC Settings Manager; C:\WINDOWS\System32\drivers\NGCx64\1611000.0B7\ccSetx64.sys [2019-03-07 192712]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [2018-12-15 515792]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2018-04-12 55808]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2018-04-12 8192]
R1 IDSVia64;IDSVia64; \??\C:\Program Files\Norton Security\NortonData\22.16.2.22\Definitions\IPSDefs\20181214.061\IDSvia64.sys [2018-12-14 1305072]
R2 CldFlt;Windows Cloud Files Filter Driver; C:\WINDOWS\system32\drivers\cldflt.sys [2018-07-30 414720]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2018-12-08 43008]
R2 npf;NetGroup Packet Filter Driver; \??\C:\WINDOWS\system32\drivers\npf.sys [2017-10-08 36600]
R3 amdkmdag;amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0315761.inf_amd64_61b8be71fe4afae4\atikmdag.sys [2017-09-18 36577160]
R3 amdkmdap;amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0315761.inf_amd64_61b8be71fe4afae4\atikmpag.sys [2017-09-18 537992]
R3 BthA2DP;@wdma_bt.inf,%BthA2DP.SvcDesc%;Bluetooth stereo; C:\WINDOWS\system32\drivers\BthA2DP.sys [2018-11-09 200704]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\WINDOWS\System32\drivers\BthEnum.sys [2018-12-08 106496]
R3 BthHFAud;@wdma_bt.inf,%DISPLAY_NAME%;Bluetooth handsfree; C:\WINDOWS\system32\DRIVERS\BthHfAud.sys [2018-04-12 48640]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Ovladač úspory energie technologie Bluetooth; C:\WINDOWS\system32\DRIVERS\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [2018-04-12 86528]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2018-04-12 129536]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\drivers\BTHUSB.sys [2018-04-12 85504]
R3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\WINDOWS\System32\drivers\CAD.sys [2018-04-12 60320]
R3 dptf_acpi;dptf_acpi; C:\WINDOWS\System32\drivers\dptf_acpi.sys [2017-01-09 55792]
R3 dptf_cpu;dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [2017-01-09 52208]
R3 dtlitescsibus;@oem1.inf,%DTLITESCSIBUS.DeviceDesc%;DAEMON Tools Lite Virtual SCSI Bus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [2018-08-03 30264]
R3 dtliteusbbus;@oem12.inf,%DTLITEUSBBUS.DeviceDesc%;DAEMON Tools Lite Virtual USB Bus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [2018-08-03 47672]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2018-12-15 153296]
R3 esif_lf;esif_lf; C:\WINDOWS\system32\DRIVERS\esif_lf.sys [2017-01-09 260080]
R3 ETD;@oem18.inf,%PS2.DeviceDesc%;ELAN Input Device; C:\WINDOWS\system32\DRIVERS\ETD.sys [2018-03-27 610856]
R3 ETDSMBus;ETDSMBus; C:\WINDOWS\System32\drivers\ETDSMBus.sys [2018-03-27 32808]
R3 igfxLP;igfxLP; C:\WINDOWS\system32\DRIVERS\igdkmd64lp.sys [2017-09-18 7408080]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2018-07-04 6111688]
R3 IntcDAud;@oem2.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2017-09-18 481768]
R3 Microsoft_Bluetooth_AvrcpTransport;@microsoft_bluetooth_avrcptransport.inf,%Microsoft_Bluetooth_AvrcpTransport.ServiceDescription%;Ovladač přenosů Avrcp protokolu Microsoft Bluetooth; C:\WINDOWS\system32\DRIVERS\Microsoft.Bluetooth.AvrcpTransport.sys [2018-04-12 46592]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2018-04-12 193536]
R3 rt640x64;@oem19.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver; C:\WINDOWS\System32\drivers\rt640x64.sys [2017-09-13 1009128]
R3 RtkBtFilter;@oem29.inf,%BtFilt.SvcDesc%;Realtek Bluetooth Filter Driver; C:\WINDOWS\system32\DRIVERS\RtkBtfilter.sys [2018-05-31 784264]
R3 RTWlanE;@oem26.inf,%RTWlanE.DeviceDesc.DispName%;Realtek Wireless LAN 802.11n PCI-E Network Adapter; C:\WINDOWS\System32\drivers\rtwlane.sys [2018-04-20 7904088]
S0 bttflt;@virtdisk.inf,%service_desc%;Microsoft Hyper-V VHDPMEM BTT Filter; C:\WINDOWS\System32\drivers\bttflt.sys [2018-04-12 38304]
S0 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2018-04-12 321432]
S0 iaStorAVC;@iastorav.inf,%iaStorAVC.DeviceDesc%;Intel Chipset SATA RAID Controller; C:\WINDOWS\System32\drivers\iaStorAVC.sys [2018-04-12 885144]
S0 ItSas35i;ItSas35i; C:\WINDOWS\System32\drivers\ItSas35i.sys [2018-04-12 145816]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2018-04-12 124312]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2018-04-12 128408]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2018-04-12 75160]
S0 megasas35i;megasas35i; C:\WINDOWS\System32\drivers\megasas35i.sys [2018-04-12 82328]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2018-04-12 58776]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2018-04-12 61848]
S0 Ramdisk;Windows RAM Disk Driver; C:\WINDOWS\system32\DRIVERS\ramdisk.sys [2018-04-12 39840]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2018-08-03 128920]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2018-04-12 20480]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2018-04-12 18432]
S3 bindflt;@%systemroot%\system32\drivers\bindflt.sys,-100; C:\WINDOWS\system32\drivers\bindflt.sys [2019-01-09 92704]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\drivers\BTHport.sys [2018-12-08 1097728]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2018-04-12 39936]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2018-04-12 123392]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2018-04-12 20992]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2018-04-12 50592]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2019-03-06 76088]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver; C:\WINDOWS\System32\Drivers\mshwnclx.sys [2018-04-12 27136]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2018-04-12 1836952]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2018-04-12 36864]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2018-04-12 91648]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2018-04-12 79360]
S3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2018-04-12 88576]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2018-04-12 171520]
S3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2018-04-12 174592]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2018-04-12 526232]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2018-04-12 38912]
S3 IPT;IPT; C:\WINDOWS\System32\drivers\ipt.sys [2018-04-12 32256]
S3 irda;IrDA; C:\WINDOWS\system32\drivers\irda.sys [2018-04-12 119808]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\WINDOWS\System32\drivers\mausbhost.sys [2018-04-12 505240]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\WINDOWS\System32\drivers\mausbip.sys [2018-04-12 56736]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2018-04-12 842648]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2018-04-12 108952]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2018-04-12 175104]
S3 nvdimm;@nvdimm.inf,%nvdimm.SvcDesc%;Microsoft NVDIMM device driver; C:\WINDOWS\System32\drivers\nvdimm.sys [2018-04-12 104448]
S3 pmem;@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver; C:\WINDOWS\System32\drivers\pmem.sys [2018-04-12 105984]
S3 PNPMEM;@memory.inf,%PNPMEM.SvcDesc%;Microsoft Memory Module Driver; C:\WINDOWS\System32\drivers\pnpmem.sys [2018-04-12 16896]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2019-03-06 945464]
S3 rhproxy;@rhproxy.inf,%rhproxy.SVCDESC%;Resource Hub proxy driver; C:\WINDOWS\System32\drivers\rhproxy.sys [2018-04-12 104448]
S3 RTSUER;@oem6.inf,%RtsUER%;Realtek USB Card Reader - UER; C:\WINDOWS\system32\Drivers\RtsUer.sys [2017-08-07 421312]
S3 SDFRd;@SDFRd.inf,%SDFRd.ServiceDesc%;SDF Reflector; C:\WINDOWS\System32\drivers\SDFRd.sys [2018-04-12 33176]
S4 hvcrash;hvcrash; C:\WINDOWS\System32\drivers\hvcrash.sys [2018-04-12 33184]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AMD External Events Utility;AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [2017-09-18 560520]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-31 462184]
R2 BTDevManager;BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [2017-08-30 127488]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
R2 CDPUserSvc_68673;Uživatelská služba platformy připojených zařízení_68673; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
R2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
R2 EpsonScanSvc;Epson Scanner Service; C:\WINDOWS\system32\EscSvc64.exe [2011-12-12 135824]
R2 esifsvc;@oem14.inf,%ServiceDisplayName%;ESIF Upper Framework Service; C:\WINDOWS\SysWOW64\esif_uf.exe [2017-01-09 1419424]
R2 ETDService;Elan Service; C:\Program Files\Elantech\ETDService.exe [2018-03-27 152672]
R2 HP Comm Recover;HP Comm Recovery; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [2017-09-05 1327400]
R2 HPJumpStartBridge;HP JumpStart Bridge; c:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe [2017-10-06 477184]
R2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [2018-12-06 347512]
R2 HPWMISVC;HPWMISVC; C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [2017-07-13 628768]
R2 chromoting;Služba Vzdálené plochy Chrome; C:\Program Files (x86)\Google\Chrome Remote Desktop\74.0.3729.56\remoting_host.exe [2019-04-01 73200]
R2 igfxCUIService2.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\system32\igfxCUIService.exe [2017-09-18 356904]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface; C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe [2015-04-21 174368]
R2 KingoSoftService;KingoSoftService; C:\Users\janhe\AppData\Local\Kingosoft\Kingo Root\update_27205\bin\KingoSoftService.exe [2018-03-08 17384]
R2 NortonSecurity;Norton Security; C:\Program Files\Norton Security\Engine\22.17.0.183\NortonSecurity.exe [2019-03-07 225600]
R2 nsWscSvc;Norton WSC Service; C:\Program Files\Norton Security\Engine\22.17.0.183\nsWscSvc.exe [2019-03-07 934216]
R2 OneSyncSvc_68673;Hostitel synchronizace_68673; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
R2 Origin Web Helper Service;Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2019-04-23 3175728]
R2 osrss;@%systemroot%\system32\osrss.dll,-500; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
R2 RtkAudioService;Realtek Audio Service; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2018-07-04 265672]
R2 SecurityHealthService;@%systemroot%\system32\SecurityHealthAgent.dll,-1002; C:\WINDOWS\system32\SecurityHealthService.exe [2018-07-30 760888]
R2 sedsvc;Windows Remediation Service; C:\Program Files\rempl\sedsvc.exe [2019-03-30 338744]
R2 SgrmBroker;@%SystemRoot%\System32\SgrmBroker.exe,-100; C:\WINDOWS\system32\SgrmBroker.exe [2018-04-12 163336]
R3 BTAGService;@%SystemRoot%\system32\BTAGService.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
R3 BthAvctpSvc;@%SystemRoot%\system32\BthAvctpSvc.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
R3 camsvc;@%SystemRoot%\system32\CapabilityAccessManager.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
R3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [2018-06-20 3606632]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2018-07-30 43648]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
R3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
R3 PimIndexMaintenanceSvc_68673;Data kontaktů_68673; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
R3 SEMgrSvc;@%SystemRoot%\System32\SEMgrSvc.dll,-1001; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S2 gupdate;Služba Aktualizace Google (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-06-26 153168]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2019-04-10 335416]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2018-04-12 52832]
S3 BcastDVRUserService;@%SystemRoot%\system32\BcastDVRUserService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 BcastDVRUserService_68673;Uživatelská služba pro GameDVR a vysílání her_68673; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 BluetoothUserService;@%SystemRoot%\system32\Microsoft.Bluetooth.UserService.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 BluetoothUserService_68673;Služba pro podporu uživatelů Bluetooth_68673; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2017-09-18 284712]
S3 DevicePickerUserSvc;@%SystemRoot%\system32\Windows.Devices.Picker.dll,-1006; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 DevicePickerUserSvc_68673;DevicePicker_68673; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 DevicesFlowUserSvc_68673;Tok zařízení_68673; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2018-08-03 90624]
S3 diagsvc;@%systemroot%\system32\DiagSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 GoogleChromeElevationService;Google Chrome Elevation Service; C:\Program Files (x86)\Google\Chrome\Application\73.0.3683.103\elevation_service.exe [2019-04-04 1268720]
S3 GraphicsPerfSvc;@%SystemRoot%\system32\GraphicsPerfSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 gupdatem;Služba Aktualizace Google (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-06-26 153168]
S3 hpqcaslwmiex;HP CASL Framework Service; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [2016-06-03 1031704]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 InstallService;@%SystemRoot%\system32\InstallService.dll,-200; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [2015-09-03 887784]
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 LxpSvc;@%SystemRoot%\system32\LanguageOverlayServer.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 MessagingService_68673;Služba zasílání zpráv_68673; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2017-03-17 172488]
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 Origin Client Service;Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2019-04-23 2304304]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 PrintWorkflowUserSvc;@%SystemRoot%\system32\PrintWorkflowService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 PrintWorkflowUserSvc_68673;PrintWorkflow_68673; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 PushToInstall;@%SystemRoot%\system32\pushtoinstall.dll,-200; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2018-04-12 1273344]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 SharedRealitySvc;@%SystemRoot%\system32\SharedRealitySvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S4 shpamsvc;@%SystemRoot%\System32\Windows.SharedPC.AccountManager.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
-----------------EOF-----------------
kopil sem ai btb od HP( bohuzel ) a po nejake dobe cca 3 mesice od koupi se zacal radikalne zpomalovat celkovy chod. ted uz to zpomaleni tolik nevnimam ale co se tyce startu to je hruza cekacka cca 3-5 minut nez se dotoci kolecko pod logem HP a pak windowsu a nez se nastartuje plocha do pouzitelneho stavu je proste moc dlouha. no kazdopadne sem zkousel w10 schodit na w7 bezuspechu chce to po me ovladac na usb. ale to je fuk to tu resit nechcete kazdopadne rady co odstranit zablokovat spousteni neuzitecnych programu se hodi vzdy. a hlavne kontrola stavu od zkusenych je potreba dikes. takze log RSIT:
Logfile of random's system information tool 1.10 (written by random/random)
Run by janhe at 2019-04-23 20:10:11
Microsoft Windows 10 Home
System drive C: has 390 GB (42%) free of 938 GB
Total RAM: 8018 MB (56% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:10:23, on 23.04.2019
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.17134.0001)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\HP\HP JumpStart Launch\HPJumpStartLaunch.exe
C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe
C:\Users\janhe\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Origin\Origin.exe
C:\Users\janhe\AppData\Roaming\uTorrent\uTorrent.exe
C:\Program Files (x86)\Realtek\PCIE Wireless LAN\RtlS5Wake\RtlS5Wake.exe
C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe
C:\Users\janhe\AppData\Roaming\uTorrent\updates\3.5.5_45146\utorrentie.exe
C:\Users\janhe\AppData\Roaming\uTorrent\updates\3.5.5_45146\utorrentie.exe
C:\Users\janhe\AppData\Roaming\uTorrent\helper\helper.exe
C:\Program Files (x86)\Origin\QtWebEngineProcess.exe
C:\Program Files (x86)\Origin\QtWebEngineProcess.exe
C:\Program Files\trend micro\janhe.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://hp17win10.msn.com/?pc=HCTE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: Norton Password Manager - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Security\Engine32\22.17.0.183\coIEPlg.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security\Engine32\22.17.0.183\coIEPlg.dll
O4 - HKLM\..\Run: [RtlS5Wake] C:\PROGRA~2\Realtek\PCIEWI~1\RTLS5W~1\RTLS5W~1.EXE
O4 - HKLM\..\Run: [HPMessageService] C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe
O4 - HKCU\..\Run: [OneDrive] "C:\Users\janhe\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [EADM] "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [uTorrent] "C:\Users\janhe\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [EPLTarget\P0000000000000000] C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIILE.EXE /EPT "EPLTarget\P0000000000000000" /M "XP-205 207 Series"
O4 - HKCU\..\Run: [EPLTarget\P0000000000000001] C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIIME.EXE /EPT "EPLTarget\P0000000000000001" /M "XP-202 203 206 Series"
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\WINDOWS\system32\atiesrxx.exe (file missing)
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BTDevManager - Realtek Semiconductor Corp. - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe
O23 - Service: Služba Vzdálené plochy Chrome (chromoting) - Google Inc. - C:\Program Files (x86)\Google\Chrome Remote Desktop\74.0.3729.56\remoting_host.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: Epson Scanner Service (EpsonScanSvc) - Unknown owner - C:\WINDOWS\system32\EscSvc64.exe (file missing)
O23 - Service: @oem14.inf,%ServiceDisplayName%;ESIF Upper Framework Service (esifsvc) - Intel Corporation - C:\WINDOWS\SysWOW64\esif_uf.exe
O23 - Service: Elan Service (ETDService) - ELAN Microelectronics Corp. - C:\Program Files\Elantech\ETDService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google Inc. - C:\Program Files (x86)\Google\Chrome\Application\73.0.3683.103\elevation_service.exe
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Comm Recovery (HP Comm Recover) - HP Inc. - C:\Program Files\HPCommRecovery\HPCommRecovery.exe
O23 - Service: HP JumpStart Bridge (HPJumpStartBridge) - HP Inc. - c:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe
O23 - Service: HP CASL Framework Service (hpqcaslwmiex) - HP - C:\Program Files (x86)\HP\Shared\hpqwmiex.exe
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - HP Inc. - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
O23 - Service: HPWMISVC - HP Inc. - C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: KingoSoftService - Unknown owner - C:\Users\janhe\AppData\Local\Kingosoft\Kingo Root\update_27205\bin\KingoSoftService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Norton Security (NortonSecurity) - Symantec Corporation - C:\Program Files\Norton Security\Engine\22.17.0.183\NortonSecurity.exe
O23 - Service: Norton WSC Service (nsWscSvc) - Symantec Corporation - C:\Program Files\Norton Security\Engine\22.17.0.183\nsWscSvc.exe
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: Origin Web Helper Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginWebHelperService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\WINDOWS\system32\SgrmBroker.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: @%systemroot%\system32\xbgmsvc.exe,-100 (xbgm) - Unknown owner - C:\WINDOWS\system32\xbgmsvc.exe (file missing)
--
End of file - 12034 bytes
======Listing Processes======
winlogon.exe
C:\WINDOWS\system32\lsass.exe
c:\windows\system32\svchost.exe -k dcomlaunch -p -s PlugPlay
"fontdrvhost.exe"
"fontdrvhost.exe"
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-2948eb4f-4bf2-4b57-b1b7-a5327106d9f2 -SystemEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-405cdb63-cedd-4373-ad63-395a3735853c -IoCancelEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-2f659561-edf5-49a9-a5f1-f053e8ff9483 -NonStateChangingEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-09061ee3-7904-4e80-8f8a-771e2f983f5d -LifetimeId:78b650c9-bdd8-4f8d-9f86-07556c272b29 -DeviceGroupId:
c:\windows\system32\svchost.exe -k rpcss -p
c:\windows\system32\svchost.exe -k dcomlaunch -p -s LSM
"dwm.exe"
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork -p
c:\windows\system32\svchost.exe -k localservice -p -s bthserv
c:\windows\system32\svchost.exe -k localservice -p -s BthAvctpSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s NcbService
c:\windows\system32\svchost.exe -k netsvcs -p -s Schedule
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s TimeBrokerSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s ProfSvc
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s EventLog
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s BTAGService
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s DeviceAssociationService
c:\windows\system32\svchost.exe -k netsvcs -p -s UserManager
C:\WINDOWS\system32\svchost.exe -k LocalService -p
c:\windows\system32\svchost.exe -k localservice -p -s nsi
dashost.exe {2b236f18-2021-4ebf-a4632afee54f1e92}
c:\windows\system32\svchost.exe -k appmodel -p -s camsvc
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s Dhcp
c:\windows\system32\svchost.exe -k localservice -p -s PhoneSvc
c:\windows\system32\svchost.exe -k networkservice -p -s NlaSvc
c:\windows\system32\svchost.exe -k localservice -p -s netprofm
C:\WINDOWS\system32\atiesrxx.exe
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s SSDPSRV
c:\windows\system32\svchost.exe -k netsvcs -p -s Appinfo
c:\windows\system32\svchost.exe -k localservice -p -s EventSystem
atieclxx
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s SysMain
c:\windows\system32\svchost.exe -k netsvcs -p -s Themes
c:\windows\system32\svchost.exe -k netsvcs -p -s SENS
C:\WINDOWS\system32\igfxCUIService.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s AudioEndpointBuilder
c:\windows\system32\svchost.exe -k localservice -p -s FontCache
c:\windows\system32\svchost.exe -k netsvcs -p -s Winmgmt
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
c:\windows\system32\svchost.exe -k appmodel -p -s StateRepository
"C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe"
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p
c:\windows\system32\svchost.exe -k networkservice -p -s Dnscache
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s WinHttpAutoProxySvc
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p
c:\windows\system32\svchost.exe -k netsvcs -p -s ShellHWDetection
C:\WINDOWS\system32\WLANExt.exe 2580208375136
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\WINDOWS\System32\spoolsv.exe
c:\windows\system32\svchost.exe -k networkservice -p -s LanmanWorkstation
"C:\Program Files\Elantech\ETDService.exe"
"C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe"
C:\WINDOWS\System32\svchost.exe -k utcsvc -p
"C:\Program Files (x86)\Google\Chrome Remote Desktop\74.0.3729.56\remoting_host.exe" --type=daemon --host-config="C:\ProgramData\Google\Chrome Remote Desktop\host.json"
c:\windows\system32\svchost.exe -k apphost -s AppHostSvc
C:\WINDOWS\SysWOW64\esif_uf.exe
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe"
C:\WINDOWS\system32\svchost.exe -k imgsvc
c:\windows\system32\svchost.exe -k netsvcs -s CertPropSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s LanmanServer
"C:\Users\janhe\AppData\Local\Kingosoft\Kingo Root\update_27205\bin\KingoSoftService.exe" "C:\Users\janhe\AppData\Local\Kingosoft\Kingo Root\update_27205\bin\checkupdate.exe"
"C:\Program Files\Norton Security\Engine\22.17.0.183\NortonSecurity.exe" /s "NortonSecurity" /m "C:\Program Files\Norton Security\Engine\22.17.0.183\diMaster.dll" /prefetch:1
c:\windows\system32\svchost.exe -k netsvcs -p -s iphlpsvc
c:\windows\system32\svchost.exe -k netsvcs -p -s IKEEXT
c:\windows\system32\svchost.exe -k localservice -p -s SstpSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TrkWks
c:\windows\system32\svchost.exe -k localservicenonetwork -p -s DPS
c:\windows\system32\svchost.exe -k networkservice -p -s CryptSvc
"C:\Program Files (x86)\Origin\OriginWebHelperService.exe"
c:\windows\system32\svchost.exe -k netsvcs -p -s WpnService
c:\windows\system32\svchost.exe -k networkservice -p -s TapiSrv
c:\windows\system32\svchost.exe -k localservice -p -s WdiServiceHost
C:\WINDOWS\system32\EscSvc64.exe
c:\windows\system32\svchost.exe -k netsvcs
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s lmhosts
c:\windows\system32\svchost.exe -k localservicenonetwork -p -s NcdAutoSetup
"C:\Program Files (x86)\Google\Chrome Remote Desktop\74.0.3729.56\remoting_host.exe" --type=host --mojo-pipe-token=4623349349530488593 --mojo-platform-channel-handle=852
sihost.exe
"C:\WINDOWS\TEMP\DPTF\esif_assist_64.exe"
c:\windows\system32\svchost.exe -k unistacksvcgroup -s CDPUserSvc
c:\windows\system32\svchost.exe -k unistacksvcgroup -s WpnUserService
"C:\Program Files (x86)\HP\HP JumpStart Launch\HPJumpStartLaunch.exe"
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
c:\windows\system32\svchost.exe -k netsvcs -p -s TokenBroker
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TabletInputService
"ctfmon.exe"
C:\WINDOWS\Explorer.EXE
c:\windows\system32\svchost.exe -k localservice -p -s CDPSvc
"C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\Elantech\ETDCtrl.exe"
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SESSION
C:\Windows\System32\RuntimeBroker.exe -Embedding
c:\windows\system32\svchost.exe -k localservice -p -s LicenseManager
C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding
C:\Windows\System32\CastSrv.exe CCastServerControlInteractiveUser -Embedding
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c\SkypeApp.exe" -ServerName:App.AppXffn3yxqvgawq9fpmnhy90fr3y01d1t5b.mca
"C:\Program Files\Elantech\ETDTouch.exe"
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s PcaSvc
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe" -ServerName:SkypeBackgroundHost
igfxEM.exe
igfxHK.exe
"C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19031.11411.0_x64__8wekyb3d8bbwe\Video.UI.exe" -ServerName:Microsoft.ZuneVideo.AppX758ya5sqdjd98rx6z7g95nw6jy7bqx9y.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe" -ServerName:MicrosoftEdge.AppXdnhjhccw3zf0j06tkg3jtqr00qdm0khc.mca
"C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe"
C:\WINDOWS\system32\browser_broker.exe -Embedding
C:\WINDOWS\system32\DllHost.exe /Processid:{973D20D7-562D-44B9-B70B-5A0F49CCDF3F}
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe" -ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\system32\SettingSyncHost.exe -Embedding
"C:\Program Files\Windows Defender\MSASCuiL.exe"
"C:\Users\janhe\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
"C:\Program Files (x86)\Steam\Steam.exe" -silent
c:\windows\system32\svchost.exe -k networkservice -p -s DoSvc
c:\Program Files\AMD\CNext\CNext\RadeonSettings.exe atlogon
c:\windows\system32\svchost.exe -k netsvcs -p -s wlidsvc
"C:\Program Files (x86)\Origin\Origin.exe" -AutoStart
c:\windows\system32\svchost.exe -k unistacksvcgroup
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" "-lang=cs_CZ" "-cachedir=C:\Users\janhe\AppData\Local\Steam\htmlcache" "-steampid=10056" "-buildid=1555457005" "-steamid=0" "-steamuniverse=Dev" "-clientui=C:\Program Files (x86)\Steam\clientui" --disable-out-of-process-pac --enable-blink-features=ResizeObserver,Worklet,AudioWorklet --disable-features=TouchpadAndWheelScrollLatching,AsyncWheelEvents --enable-media-stream --disable-smooth-scrolling --num-raster-threads=4 --enable-direct-write "--log-file=C:\Program Files (x86)\Steam\logs\cef_log.txt"
"C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
"C:\Users\janhe\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=crashpad-handler /prefetch:7 --max-uploads=5 --max-db-size=20 --max-db-age=5 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Program Files (x86)\Steam\dumps" "--metrics-dir=C:\Users\janhe\AppData\Local\CEF\User Data" --url=http://crash.steampowered.com/submit --annotation=platform=win64 --annotation=product=cefwebhelper --annotation=version=1555457005 --initial-client-data=0x88,0x94,0x9c,0x84,0x64,0x7ffb9f1df760,0x7ffb9f1df770,0x7ffb9f1df780
"C:\Windows\System32\spool\drivers\x64\3\E_IATIILE.EXE" /EPT "EPLTarget\P0000000000000000" /M "XP-205 207 Series"
"C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService
"C:\Windows\System32\spool\drivers\x64\3\E_IATIIME.EXE" /EPT "EPLTarget\P0000000000000001" /M "XP-202 203 206 Series"
c:\windows\system32\svchost.exe -k netsvcs -p
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=gpu-process --field-trial-handle=1316,4580583704558992862,7099214592251366654,131072 --disable-features=AsyncWheelEvents,TouchpadAndWheelScrollLatching --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --product-version="Valve Steam Client" --lang=cs-CZ --buildid=1555457005 --steamid=0 --gpu-preferences=KAAAAAAAAACAAwCAAQAAAAAAAAAAAGAAAAAAAAAAAAAIAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAFAAAAEAAAAAAAAAAAAAAABgAAABAAAAAAAAAAAQAAAAUAAAAQAAAAAAAAAAEAAAAGAAAA --service-request-channel-token=6180776346648564595 --mojo-platform-channel-handle=1324 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Realtek\PCIE Wireless LAN\RtlS5Wake\RtlS5Wake.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\janhe\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\janhe\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\janhe\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=73.0.3683.103 --initial-client-data=0x1d8,0x1dc,0x1e0,0x1d4,0x1e4,0x7ffb8d016830,0x7ffb8d016840,0x7ffb8d016850
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=7672 --on-initialized-event-handle=660 --parent-handle=664 /prefetch:6
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1696,13384371237939647826,1807770428527361254,131072 --gpu-preferences=KAAAAAAAAACAAwAAAQAAAAAAAAAAAGAAAAAAAAEAAAAIAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAFAAAAEAAAAAAAAAAAAAAABgAAABAAAAAAAAAAAQAAAAUAAAAQAAAAAAAAAAEAAAAGAAAA --service-request-channel-token=9161060245595479963 --mojo-platform-channel-handle=1712 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=1696,13384371237939647826,1807770428527361254,131072 --lang=cs --service-sandbox-type=network --service-request-channel-token=3534981252164806717 --mojo-platform-channel-handle=1896 /prefetch:8
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
"C:\Users\janhe\AppData\Roaming\uTorrent\updates\3.5.5_45146\utorrentie.exe" uTorrent_8172_03BC2640_243841176 µTorrent4823DF041B09 uTorrent
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1696,13384371237939647826,1807770428527361254,131072 --service-pipe-token=9592352616945976896 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=9592352616945976896 --renderer-client-id=4 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3300 /prefetch:1
"C:\Users\janhe\AppData\Roaming\uTorrent\updates\3.5.5_45146\utorrentie.exe" uTorrent_8172_03BC1B90_2080506954 µTorrent4823DF041B09 uTorrent
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=renderer --field-trial-handle=1316,4580583704558992862,7099214592251366654,131072 --disable-features=AsyncWheelEvents,TouchpadAndWheelScrollLatching --service-pipe-token=12668629769830613152 --enable-blink-features=ResizeObserver,Worklet,AudioWorklet --lang=cs --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --product-version="Valve Steam Client" --buildid=1555457005 --steamid=0 --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=12668629769830613152 --renderer-client-id=4 --mojo-platform-channel-handle=1420 /prefetch:1
"C:\Users\janhe\AppData\Roaming\uTorrent\helper\helper.exe" 31596 -- -pid 8172 -version 45146
"C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe" --type=renderer --field-trial-handle=1316,4580583704558992862,7099214592251366654,131072 --disable-features=AsyncWheelEvents,TouchpadAndWheelScrollLatching --service-pipe-token=12760311956031313604 --enable-blink-features=ResizeObserver,Worklet,AudioWorklet --lang=cs --log-file="C:\Program Files (x86)\Steam\logs\cef_log.txt" --product-version="Valve Steam Client" --buildid=1555457005 --steamid=0 --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=12760311956031313604 --renderer-client-id=5 --mojo-platform-channel-handle=2440 /prefetch:1
"C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe"
"C:\Program Files\HPCommRecovery\HPCommRecovery.exe"
"C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1696,13384371237939647826,1807770428527361254,131072 --service-pipe-token=17972768742748191989 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=17972768742748191989 --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3064 /prefetch:1
"C:\Program Files (x86)\Google\Update\1.3.34.7\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1696,13384371237939647826,1807770428527361254,131072 --service-pipe-token=7512771387413718403 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=7512771387413718403 --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5752 /prefetch:1
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s StorSvc
"c:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe"
"C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Origin\QtWebEngineProcess.exe" --type=renderer --disable-accelerated-video-decode --disable-gpu-memory-buffer-video-frames --enable-threaded-compositing --no-sandbox --disable-webrtc-hw-encoding --primordial-pipe-token=22362EF1914BF2FE86DD2F30679A1219 --lang=en-US --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --disable-gpu-compositing --mojo-channel-token=81666E84F46A1C38AC5AB44E3C9FE045 --mojo-application-channel-token=22362EF1914BF2FE86DD2F30679A1219 --channel="4344.1.611980436\1194641756" --mojo-platform-channel-handle=3296 /prefetch:1
"C:\Program Files\rempl\sedsvc.exe"
"C:\Program Files (x86)\Origin\QtWebEngineProcess.exe" --type=renderer --disable-accelerated-video-decode --disable-gpu-memory-buffer-video-frames --enable-threaded-compositing --no-sandbox --disable-webrtc-hw-encoding --primordial-pipe-token=57DC515AB66E005038DC753E64155D60 --lang=en-US --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --disable-gpu-compositing --mojo-channel-token=3AFBEFF4CA0CF3B94E606E24B20433AA --mojo-application-channel-token=57DC515AB66E005038DC753E64155D60 --channel="4344.3.63973999\798262002" --mojo-platform-channel-handle=4252 /prefetch:1
"C:\Program Files (x86)\Google\Update\1.3.34.7\GoogleCrashHandler64.exe"
c:\windows\system32\svchost.exe -k netsvcs -p -s SharedAccess
C:\WINDOWS\System32\alg.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s Netman
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s upnphost
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s WdiSystemHost
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1696,13384371237939647826,1807770428527361254,131072 --service-pipe-token=2655261276208931272 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=2655261276208931272 --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3232 /prefetch:1
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c\SkypeBridge\SkypeBridge.exe" /InvokerPRAID: App
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s wscsvc
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1696,13384371237939647826,1807770428527361254,131072 --service-pipe-token=2635668929314762463 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=2635668929314762463 --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5844 /prefetch:1
c:\windows\system32\svchost.exe -k netsvcs -p -s lfsvc
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s QWAVE
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1696,13384371237939647826,1807770428527361254,131072 --service-pipe-token=11683593532129529659 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=11683593532129529659 --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5960 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1696,13384371237939647826,1807770428527361254,131072 --service-pipe-token=9979355037452911973 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=9979355037452911973 --renderer-client-id=72 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5448 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1696,13384371237939647826,1807770428527361254,131072 --service-pipe-token=506037286677682497 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=506037286677682497 --renderer-client-id=90 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6596 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1696,13384371237939647826,1807770428527361254,131072 --service-pipe-token=3202945943524790845 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=3202945943524790845 --renderer-client-id=92 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6556 /prefetch:1
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe4_ Global\UsGthrCtrlFltPipeMssGthrPipe4 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 744 748 756 8192 752
C:\Windows\System32\smartscreen.exe -Embedding
C:\WINDOWS\system32\AUDIODG.EXE 0x3b4
"C:\Users\janhe\Downloads\RSITx64.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\WINDOWS\tasks\HPCeeScheduleForjanhe.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForjanhe (null)
=========Mozilla firefox=========
ProfilePath - C:\Users\janhe\AppData\Roaming\Mozilla\Firefox\Profiles\s4hw76vf.default
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 32.0.0.171 Plugin
"Path"=C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_171.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\TXE Components\IPT\npIntelWebAPIIPT.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\TXE Components\IPT\npIntelWebAPIUpdater.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=3.0.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 32.0.0.171 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_171.dll
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
Norton Password Manager - C:\Program Files\Norton Security\Engine\22.17.0.183\coIEPlg.dll [2019-03-07 1360400]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2017-04-07 440864]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
Norton Password Manager - C:\Program Files\Norton Security\Engine32\22.17.0.183\coIEPlg.dll [2019-03-07 1022992]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2017-04-07 416288]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files\Norton Security\Engine\22.17.0.183\coIEPlg.dll [2019-03-07 1360400]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files\Norton Security\Engine32\22.17.0.183\coIEPlg.dll [2019-03-07 1022992]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\Program Files\Windows Defender\MSASCuiL.exe [2018-04-12 638872]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2018-03-27 3666528]
"WindowsDefender"=C:\Program Files\Windows Defender\MSASCuiL.exe [2018-04-12 638872]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"=C:\Users\janhe\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2019-04-16 1517880]
"Steam"=C:\Program Files (x86)\Steam\steam.exe [2019-04-17 3152160]
"EADM"=C:\Program Files (x86)\Origin\Origin.exe [2019-04-23 3114256]
"DAEMON Tools Lite Automount"=C:\Program Files\DAEMON Tools Lite\DTAgent.exe [2018-06-20 729704]
"uTorrent"=C:\Users\janhe\AppData\Roaming\uTorrent\uTorrent.exe [2019-03-28 1998008]
"EPLTarget\P0000000000000000"=C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIILE.EXE [2012-02-29 283232]
"EPLTarget\P0000000000000001"=C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIIME.EXE [2014-12-12 283232]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"RtlS5Wake"=C:\PROGRA~2\Realtek\PCIEWI~1\RTLS5W~1\RTLS5W~1.EXE [2017-06-26 1660760]
"HPMessageService"=C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [2018-03-22 709152]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioEndpointBuilder]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioSrv]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudAddService.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudBus.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcapexe]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\McMPFSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SerCx2.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\usbaudio.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96C-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"EnableFullTrustStartupTasks"=2
"EnableUwpStartupTasks"=2
"SupportFullTrustStartupTasks"=1
"SupportUwpStartupTasks"=1
"DisableTaskMgr"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoRun"=0
"NoFolderOptions"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"mixer3"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2019-04-23 20:10:11 ----D---- C:\rsit
2019-04-23 20:10:11 ----D---- C:\Program Files\trend micro
2019-04-23 19:25:55 ----D---- C:\$WINDOWS.~BT
2019-04-23 18:21:09 ----D---- C:\Program Files (x86)\Microsoft Windows 7 Upgrade Advisor
2019-04-16 00:09:11 ----HD---- C:\OneDriveTemp
2019-04-10 00:26:15 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerInstaller.exe
2019-03-30 11:00:26 ----D---- C:\Users\janhe\AppData\Roaming\Mozilla
2019-03-30 11:00:08 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2019-03-30 10:59:42 ----D---- C:\Program Files (x86)\Mozilla Firefox
2019-03-30 10:02:22 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2019-03-24 13:08:24 ----D---- C:\Users\janhe\AppData\Roaming\Ashampoo
2019-03-24 13:03:18 ----D---- C:\ProgramData\Ashampoo
2019-03-24 13:03:13 ----D---- C:\Program Files (x86)\Ashampoo
======List of files/folders modified in the last 1 month======
2019-04-23 20:10:20 ----D---- C:\WINDOWS\Temp
2019-04-23 20:10:18 ----D---- C:\WINDOWS\Prefetch
2019-04-23 20:10:11 ----RD---- C:\Program Files
2019-04-23 20:10:07 ----D---- C:\Users\janhe\AppData\Roaming\uTorrent
2019-04-23 19:56:18 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2019-04-23 19:45:53 ----SHD---- C:\System Volume Information
2019-04-23 19:43:26 ----D---- C:\WINDOWS\System32
2019-04-23 19:43:26 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2019-04-23 19:43:25 ----D---- C:\WINDOWS\INF
2019-04-23 19:43:02 ----D---- C:\WINDOWS\system32\WDI
2019-04-23 19:42:31 ----D---- C:\ProgramData\Origin
2019-04-23 19:40:20 ----D---- C:\Program Files (x86)\Steam
2019-04-23 19:38:00 ----A---- C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2019-04-23 19:36:33 ----D---- C:\WINDOWS\system32\SleepStudy
2019-04-23 18:21:11 ----SHD---- C:\WINDOWS\Installer
2019-04-23 18:21:10 ----SHD---- C:\Config.Msi
2019-04-23 18:21:09 ----RD---- C:\Program Files (x86)
2019-04-23 18:20:43 ----D---- C:\WINDOWS\system32\catroot2
2019-04-23 18:07:41 ----D---- C:\WINDOWS\system32\drivers\wd
2019-04-23 17:15:08 ----D---- C:\Program Files (x86)\Origin
2019-04-23 17:03:23 ----D---- C:\WINDOWS\system32\sru
2019-04-23 16:09:19 ----D---- C:\Users\janhe\AppData\Roaming\vlc
2019-04-23 15:42:45 ----D---- C:\WINDOWS\system32\Tasks
2019-04-23 12:37:10 ----D---- C:\WINDOWS\system32\FxsTmp
2019-04-23 12:00:00 ----D---- C:\WINDOWS\system32\LogFiles
2019-04-23 09:35:45 ----RD---- C:\WINDOWS\Microsoft.NET
2019-04-22 23:13:24 ----D---- C:\WINDOWS\CbsTemp
2019-04-22 16:00:52 ----D---- C:\WINDOWS\Logs
2019-04-21 08:14:11 ----D---- C:\WINDOWS\AppReadiness
2019-04-20 01:40:25 ----HD---- C:\Program Files\WindowsApps
2019-04-19 17:02:23 ----D---- C:\WINDOWS\system32\config
2019-04-17 08:20:23 ----D---- C:\WINDOWS\Tasks
2019-04-13 19:10:17 ----D---- C:\Program Files\Common Files\AV
2019-04-13 17:35:22 ----D---- C:\Windows
2019-04-13 17:31:49 ----D---- C:\WINDOWS\system32\drivers\NGCx64
2019-04-13 17:31:40 ----D---- C:\WINDOWS\system32\CatRoot
2019-04-13 17:30:08 ----D---- C:\WINDOWS\system32\drivers
2019-04-10 00:29:17 ----D---- C:\WINDOWS\WinSxS
2019-04-10 00:26:50 ----D---- C:\WINDOWS\system32\Macromed
2019-04-10 00:26:37 ----D---- C:\WINDOWS\SYSWOW64\Macromed
2019-04-10 00:26:15 ----D---- C:\WINDOWS\SysWOW64
2019-04-10 00:15:22 ----D---- C:\WINDOWS\system32\MRT
2019-04-10 00:05:14 ----AC---- C:\WINDOWS\system32\MRT.exe
2019-04-05 21:35:56 ----D---- C:\WINDOWS\system32\NDF
2019-04-05 07:58:15 ----D---- C:\Program Files\rempl
2019-03-31 11:37:38 ----RD---- C:\WINDOWS\assembly
2019-03-30 14:56:40 ----D---- C:\WINDOWS\LiveKernelReports
2019-03-30 10:01:48 ----D---- C:\WINDOWS\system32\DriverStore
2019-03-30 09:59:21 ----HD---- C:\WINDOWS\ELAMBKUP
2019-03-30 09:52:53 ----D---- C:\WINDOWS\TextInput
2019-03-30 09:52:53 ----D---- C:\WINDOWS\SYSWOW64\zu-ZA
2019-03-30 09:52:53 ----D---- C:\WINDOWS\SYSWOW64\yo-NG
2019-03-30 09:52:53 ----D---- C:\WINDOWS\SYSWOW64\xh-ZA
2019-03-30 09:52:52 ----D---- C:\WINDOWS\SYSWOW64\wo-SN
2019-03-30 09:52:52 ----D---- C:\WINDOWS\SYSWOW64\uz-Latn-UZ
2019-03-30 09:52:52 ----D---- C:\WINDOWS\SYSWOW64\tn-ZA
2019-03-30 09:52:52 ----D---- C:\WINDOWS\SYSWOW64\ti-ET
2019-03-30 09:52:52 ----D---- C:\WINDOWS\SYSWOW64\tg-Cyrl-TJ
2019-03-30 09:52:52 ----D---- C:\WINDOWS\SYSWOW64\sr-Cyrl-RS
2019-03-30 09:52:52 ----D---- C:\WINDOWS\SYSWOW64\sr-Cyrl-BA
2019-03-30 09:52:52 ----D---- C:\WINDOWS\SYSWOW64\sd-Arab-PK
2019-03-30 09:52:52 ----D---- C:\WINDOWS\SYSWOW64\rw-RW
2019-03-30 09:52:52 ----D---- C:\WINDOWS\SYSWOW64\quc-Latn-GT
2019-03-30 09:52:52 ----D---- C:\WINDOWS\SYSWOW64\pa-Arab-PK
2019-03-30 09:52:52 ----D---- C:\WINDOWS\SYSWOW64\nso-ZA
2019-03-30 09:52:52 ----D---- C:\WINDOWS\SYSWOW64\migration
2019-03-30 09:52:52 ----D---- C:\WINDOWS\SYSWOW64\ku-Arab-IQ
2019-03-30 09:52:52 ----D---- C:\WINDOWS\SYSWOW64\ig-NG
2019-03-30 09:52:52 ----D---- C:\WINDOWS\SYSWOW64\chr-CHER-US
2019-03-30 09:52:52 ----D---- C:\WINDOWS\SYSWOW64\ha-Latn-NG
2019-03-30 09:52:52 ----D---- C:\WINDOWS\SYSWOW64\en-US
2019-03-30 09:52:52 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2019-03-30 09:52:52 ----D---- C:\WINDOWS\SYSWOW64\ca-ES-valencia
2019-03-30 09:52:52 ----D---- C:\WINDOWS\SYSWOW64\bs-Latn-BA
2019-03-30 09:52:52 ----D---- C:\WINDOWS\SYSWOW64\az-Latn-AZ
2019-03-30 09:52:45 ----SD---- C:\WINDOWS\system32\UNP
2019-03-30 09:52:45 ----D---- C:\WINDOWS\system32\zu-ZA
2019-03-30 09:52:45 ----D---- C:\WINDOWS\system32\yo-NG
2019-03-30 09:52:45 ----D---- C:\WINDOWS\system32\xh-ZA
2019-03-30 09:52:45 ----D---- C:\WINDOWS\system32\wo-SN
2019-03-30 09:52:45 ----D---- C:\WINDOWS\system32\uz-Latn-UZ
2019-03-30 09:52:45 ----D---- C:\WINDOWS\system32\tn-ZA
2019-03-30 09:52:45 ----D---- C:\WINDOWS\system32\ti-ET
2019-03-30 09:52:45 ----D---- C:\WINDOWS\system32\tg-Cyrl-TJ
2019-03-30 09:52:45 ----D---- C:\WINDOWS\system32\sr-Cyrl-RS
2019-03-30 09:52:45 ----D---- C:\WINDOWS\system32\sr-Cyrl-BA
2019-03-30 09:52:45 ----D---- C:\WINDOWS\system32\sd-Arab-PK
2019-03-30 09:52:45 ----D---- C:\WINDOWS\system32\rw-RW
2019-03-30 09:52:45 ----D---- C:\WINDOWS\system32\quc-Latn-GT
2019-03-30 09:52:45 ----D---- C:\WINDOWS\system32\pa-Arab-PK
2019-03-30 09:52:45 ----D---- C:\WINDOWS\system32\oobe
2019-03-30 09:52:45 ----D---- C:\WINDOWS\system32\nso-ZA
2019-03-30 09:52:45 ----D---- C:\WINDOWS\system32\migration
2019-03-30 09:52:45 ----D---- C:\WINDOWS\system32\ku-Arab-IQ
2019-03-30 09:52:45 ----D---- C:\WINDOWS\system32\ig-NG
2019-03-30 09:52:45 ----D---- C:\WINDOWS\system32\ha-Latn-NG
2019-03-30 09:52:45 ----D---- C:\WINDOWS\system32\en-US
2019-03-30 09:52:44 ----D---- C:\WINDOWS\system32\chr-CHER-US
2019-03-30 09:52:44 ----D---- C:\WINDOWS\system32\cs-CZ
2019-03-30 09:52:44 ----D---- C:\WINDOWS\system32\ca-ES-valencia
2019-03-30 09:52:44 ----D---- C:\WINDOWS\system32\bs-Latn-BA
2019-03-30 09:52:44 ----D---- C:\WINDOWS\system32\az-Latn-AZ
2019-03-30 09:52:44 ----D---- C:\WINDOWS\system32\appraiser
2019-03-30 09:52:43 ----D---- C:\WINDOWS\ShellExperiences
2019-03-30 09:52:42 ----RSD---- C:\WINDOWS\Fonts
2019-03-30 09:52:42 ----RD---- C:\Program Files\Windows Defender
2019-03-30 09:52:42 ----D---- C:\WINDOWS\bcastdvr
2019-03-30 09:52:42 ----D---- C:\WINDOWS\apppatch
2019-03-30 09:52:42 ----D---- C:\Program Files (x86)\Windows Defender
2019-03-30 09:52:39 ----D---- C:\WINDOWS\system32\Boot
2019-03-30 09:52:15 ----SD---- C:\WINDOWS\SYSWOW64\F12
2019-03-30 09:52:14 ----SD---- C:\WINDOWS\system32\F12
2019-03-30 09:52:14 ----D---- C:\WINDOWS\system32\drivers\UMDF
2019-03-30 09:52:06 ----D---- C:\Program Files\internet explorer
2019-03-30 09:52:06 ----D---- C:\Program Files (x86)\Internet Explorer
2019-03-24 13:03:18 ----HD---- C:\ProgramData
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\WINDOWS\system32\drivers\iorate.sys [2018-12-08 58168]
R0 SgrmAgent;@%SystemRoot%\System32\Drivers\SgrmAgent.sys,-1001; C:\WINDOWS\system32\drivers\SgrmAgent.sys [2018-04-12 63896]
R1 afunix;afunix; C:\WINDOWS\system32\drivers\afunix.sys [2018-04-12 39424]
R1 bam;@%SystemRoot%\system32\drivers\bam.sys,-100; C:\WINDOWS\system32\drivers\bam.sys [2018-04-12 60320]
R1 BHDrvx64;BHDrvx64; \??\C:\Program Files\Norton Security\NortonData\22.16.2.22\Definitions\BASHDefs\20181211.001\BHDrvx64.sys [2018-12-12 1925104]
R1 ccSet_NGC;NGC Settings Manager; C:\WINDOWS\System32\drivers\NGCx64\1611000.0B7\ccSetx64.sys [2019-03-07 192712]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [2018-12-15 515792]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2018-04-12 55808]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2018-04-12 8192]
R1 IDSVia64;IDSVia64; \??\C:\Program Files\Norton Security\NortonData\22.16.2.22\Definitions\IPSDefs\20181214.061\IDSvia64.sys [2018-12-14 1305072]
R2 CldFlt;Windows Cloud Files Filter Driver; C:\WINDOWS\system32\drivers\cldflt.sys [2018-07-30 414720]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2018-12-08 43008]
R2 npf;NetGroup Packet Filter Driver; \??\C:\WINDOWS\system32\drivers\npf.sys [2017-10-08 36600]
R3 amdkmdag;amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0315761.inf_amd64_61b8be71fe4afae4\atikmdag.sys [2017-09-18 36577160]
R3 amdkmdap;amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0315761.inf_amd64_61b8be71fe4afae4\atikmpag.sys [2017-09-18 537992]
R3 BthA2DP;@wdma_bt.inf,%BthA2DP.SvcDesc%;Bluetooth stereo; C:\WINDOWS\system32\drivers\BthA2DP.sys [2018-11-09 200704]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\WINDOWS\System32\drivers\BthEnum.sys [2018-12-08 106496]
R3 BthHFAud;@wdma_bt.inf,%DISPLAY_NAME%;Bluetooth handsfree; C:\WINDOWS\system32\DRIVERS\BthHfAud.sys [2018-04-12 48640]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Ovladač úspory energie technologie Bluetooth; C:\WINDOWS\system32\DRIVERS\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [2018-04-12 86528]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2018-04-12 129536]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\drivers\BTHUSB.sys [2018-04-12 85504]
R3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\WINDOWS\System32\drivers\CAD.sys [2018-04-12 60320]
R3 dptf_acpi;dptf_acpi; C:\WINDOWS\System32\drivers\dptf_acpi.sys [2017-01-09 55792]
R3 dptf_cpu;dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [2017-01-09 52208]
R3 dtlitescsibus;@oem1.inf,%DTLITESCSIBUS.DeviceDesc%;DAEMON Tools Lite Virtual SCSI Bus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [2018-08-03 30264]
R3 dtliteusbbus;@oem12.inf,%DTLITEUSBBUS.DeviceDesc%;DAEMON Tools Lite Virtual USB Bus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [2018-08-03 47672]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2018-12-15 153296]
R3 esif_lf;esif_lf; C:\WINDOWS\system32\DRIVERS\esif_lf.sys [2017-01-09 260080]
R3 ETD;@oem18.inf,%PS2.DeviceDesc%;ELAN Input Device; C:\WINDOWS\system32\DRIVERS\ETD.sys [2018-03-27 610856]
R3 ETDSMBus;ETDSMBus; C:\WINDOWS\System32\drivers\ETDSMBus.sys [2018-03-27 32808]
R3 igfxLP;igfxLP; C:\WINDOWS\system32\DRIVERS\igdkmd64lp.sys [2017-09-18 7408080]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2018-07-04 6111688]
R3 IntcDAud;@oem2.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2017-09-18 481768]
R3 Microsoft_Bluetooth_AvrcpTransport;@microsoft_bluetooth_avrcptransport.inf,%Microsoft_Bluetooth_AvrcpTransport.ServiceDescription%;Ovladač přenosů Avrcp protokolu Microsoft Bluetooth; C:\WINDOWS\system32\DRIVERS\Microsoft.Bluetooth.AvrcpTransport.sys [2018-04-12 46592]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2018-04-12 193536]
R3 rt640x64;@oem19.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver; C:\WINDOWS\System32\drivers\rt640x64.sys [2017-09-13 1009128]
R3 RtkBtFilter;@oem29.inf,%BtFilt.SvcDesc%;Realtek Bluetooth Filter Driver; C:\WINDOWS\system32\DRIVERS\RtkBtfilter.sys [2018-05-31 784264]
R3 RTWlanE;@oem26.inf,%RTWlanE.DeviceDesc.DispName%;Realtek Wireless LAN 802.11n PCI-E Network Adapter; C:\WINDOWS\System32\drivers\rtwlane.sys [2018-04-20 7904088]
S0 bttflt;@virtdisk.inf,%service_desc%;Microsoft Hyper-V VHDPMEM BTT Filter; C:\WINDOWS\System32\drivers\bttflt.sys [2018-04-12 38304]
S0 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2018-04-12 321432]
S0 iaStorAVC;@iastorav.inf,%iaStorAVC.DeviceDesc%;Intel Chipset SATA RAID Controller; C:\WINDOWS\System32\drivers\iaStorAVC.sys [2018-04-12 885144]
S0 ItSas35i;ItSas35i; C:\WINDOWS\System32\drivers\ItSas35i.sys [2018-04-12 145816]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2018-04-12 124312]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2018-04-12 128408]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2018-04-12 75160]
S0 megasas35i;megasas35i; C:\WINDOWS\System32\drivers\megasas35i.sys [2018-04-12 82328]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2018-04-12 58776]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2018-04-12 61848]
S0 Ramdisk;Windows RAM Disk Driver; C:\WINDOWS\system32\DRIVERS\ramdisk.sys [2018-04-12 39840]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2018-08-03 128920]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2018-04-12 20480]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2018-04-12 18432]
S3 bindflt;@%systemroot%\system32\drivers\bindflt.sys,-100; C:\WINDOWS\system32\drivers\bindflt.sys [2019-01-09 92704]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\drivers\BTHport.sys [2018-12-08 1097728]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2018-04-12 39936]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2018-04-12 123392]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2018-04-12 20992]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2018-04-12 50592]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2019-03-06 76088]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver; C:\WINDOWS\System32\Drivers\mshwnclx.sys [2018-04-12 27136]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2018-04-12 1836952]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2018-04-12 36864]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2018-04-12 91648]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2018-04-12 79360]
S3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2018-04-12 88576]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2018-04-12 171520]
S3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2018-04-12 174592]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2018-04-12 526232]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2018-04-12 38912]
S3 IPT;IPT; C:\WINDOWS\System32\drivers\ipt.sys [2018-04-12 32256]
S3 irda;IrDA; C:\WINDOWS\system32\drivers\irda.sys [2018-04-12 119808]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\WINDOWS\System32\drivers\mausbhost.sys [2018-04-12 505240]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\WINDOWS\System32\drivers\mausbip.sys [2018-04-12 56736]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2018-04-12 842648]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2018-04-12 108952]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2018-04-12 175104]
S3 nvdimm;@nvdimm.inf,%nvdimm.SvcDesc%;Microsoft NVDIMM device driver; C:\WINDOWS\System32\drivers\nvdimm.sys [2018-04-12 104448]
S3 pmem;@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver; C:\WINDOWS\System32\drivers\pmem.sys [2018-04-12 105984]
S3 PNPMEM;@memory.inf,%PNPMEM.SvcDesc%;Microsoft Memory Module Driver; C:\WINDOWS\System32\drivers\pnpmem.sys [2018-04-12 16896]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2019-03-06 945464]
S3 rhproxy;@rhproxy.inf,%rhproxy.SVCDESC%;Resource Hub proxy driver; C:\WINDOWS\System32\drivers\rhproxy.sys [2018-04-12 104448]
S3 RTSUER;@oem6.inf,%RtsUER%;Realtek USB Card Reader - UER; C:\WINDOWS\system32\Drivers\RtsUer.sys [2017-08-07 421312]
S3 SDFRd;@SDFRd.inf,%SDFRd.ServiceDesc%;SDF Reflector; C:\WINDOWS\System32\drivers\SDFRd.sys [2018-04-12 33176]
S4 hvcrash;hvcrash; C:\WINDOWS\System32\drivers\hvcrash.sys [2018-04-12 33184]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AMD External Events Utility;AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [2017-09-18 560520]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-31 462184]
R2 BTDevManager;BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [2017-08-30 127488]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
R2 CDPUserSvc_68673;Uživatelská služba platformy připojených zařízení_68673; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
R2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
R2 EpsonScanSvc;Epson Scanner Service; C:\WINDOWS\system32\EscSvc64.exe [2011-12-12 135824]
R2 esifsvc;@oem14.inf,%ServiceDisplayName%;ESIF Upper Framework Service; C:\WINDOWS\SysWOW64\esif_uf.exe [2017-01-09 1419424]
R2 ETDService;Elan Service; C:\Program Files\Elantech\ETDService.exe [2018-03-27 152672]
R2 HP Comm Recover;HP Comm Recovery; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [2017-09-05 1327400]
R2 HPJumpStartBridge;HP JumpStart Bridge; c:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe [2017-10-06 477184]
R2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [2018-12-06 347512]
R2 HPWMISVC;HPWMISVC; C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [2017-07-13 628768]
R2 chromoting;Služba Vzdálené plochy Chrome; C:\Program Files (x86)\Google\Chrome Remote Desktop\74.0.3729.56\remoting_host.exe [2019-04-01 73200]
R2 igfxCUIService2.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\system32\igfxCUIService.exe [2017-09-18 356904]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface; C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe [2015-04-21 174368]
R2 KingoSoftService;KingoSoftService; C:\Users\janhe\AppData\Local\Kingosoft\Kingo Root\update_27205\bin\KingoSoftService.exe [2018-03-08 17384]
R2 NortonSecurity;Norton Security; C:\Program Files\Norton Security\Engine\22.17.0.183\NortonSecurity.exe [2019-03-07 225600]
R2 nsWscSvc;Norton WSC Service; C:\Program Files\Norton Security\Engine\22.17.0.183\nsWscSvc.exe [2019-03-07 934216]
R2 OneSyncSvc_68673;Hostitel synchronizace_68673; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
R2 Origin Web Helper Service;Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2019-04-23 3175728]
R2 osrss;@%systemroot%\system32\osrss.dll,-500; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
R2 RtkAudioService;Realtek Audio Service; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2018-07-04 265672]
R2 SecurityHealthService;@%systemroot%\system32\SecurityHealthAgent.dll,-1002; C:\WINDOWS\system32\SecurityHealthService.exe [2018-07-30 760888]
R2 sedsvc;Windows Remediation Service; C:\Program Files\rempl\sedsvc.exe [2019-03-30 338744]
R2 SgrmBroker;@%SystemRoot%\System32\SgrmBroker.exe,-100; C:\WINDOWS\system32\SgrmBroker.exe [2018-04-12 163336]
R3 BTAGService;@%SystemRoot%\system32\BTAGService.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
R3 BthAvctpSvc;@%SystemRoot%\system32\BthAvctpSvc.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
R3 camsvc;@%SystemRoot%\system32\CapabilityAccessManager.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
R3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [2018-06-20 3606632]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2018-07-30 43648]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
R3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
R3 PimIndexMaintenanceSvc_68673;Data kontaktů_68673; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
R3 SEMgrSvc;@%SystemRoot%\System32\SEMgrSvc.dll,-1001; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S2 gupdate;Služba Aktualizace Google (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-06-26 153168]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2019-04-10 335416]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2018-04-12 52832]
S3 BcastDVRUserService;@%SystemRoot%\system32\BcastDVRUserService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 BcastDVRUserService_68673;Uživatelská služba pro GameDVR a vysílání her_68673; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 BluetoothUserService;@%SystemRoot%\system32\Microsoft.Bluetooth.UserService.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 BluetoothUserService_68673;Služba pro podporu uživatelů Bluetooth_68673; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2017-09-18 284712]
S3 DevicePickerUserSvc;@%SystemRoot%\system32\Windows.Devices.Picker.dll,-1006; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 DevicePickerUserSvc_68673;DevicePicker_68673; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 DevicesFlowUserSvc_68673;Tok zařízení_68673; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2018-08-03 90624]
S3 diagsvc;@%systemroot%\system32\DiagSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 GoogleChromeElevationService;Google Chrome Elevation Service; C:\Program Files (x86)\Google\Chrome\Application\73.0.3683.103\elevation_service.exe [2019-04-04 1268720]
S3 GraphicsPerfSvc;@%SystemRoot%\system32\GraphicsPerfSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 gupdatem;Služba Aktualizace Google (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-06-26 153168]
S3 hpqcaslwmiex;HP CASL Framework Service; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [2016-06-03 1031704]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 InstallService;@%SystemRoot%\system32\InstallService.dll,-200; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [2015-09-03 887784]
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 LxpSvc;@%SystemRoot%\system32\LanguageOverlayServer.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 MessagingService_68673;Služba zasílání zpráv_68673; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2017-03-17 172488]
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 Origin Client Service;Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2019-04-23 2304304]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 PrintWorkflowUserSvc;@%SystemRoot%\system32\PrintWorkflowService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 PrintWorkflowUserSvc_68673;PrintWorkflow_68673; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 PushToInstall;@%SystemRoot%\system32\pushtoinstall.dll,-200; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2018-04-12 1273344]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 SharedRealitySvc;@%SystemRoot%\system32\SharedRealitySvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2019-01-09 85472]
S4 shpamsvc;@%SystemRoot%\System32\Windows.SharedPC.AccountManager.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-01-09 85472]
-----------------EOF-----------------