Dobrý den.Prosím o kontrolu logu. Hodně zpomalený notebook. Děkuji
Logfile of random's system information tool 1.10 (written by random/random)
Run by bek69 at 2021-03-05 15:23:22
Microsoft Windows 10 Home
System drive C: has 409 GB (43%) free of 941 GB
Total RAM: 3519 MB (13% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:23:33, on 5. 3. 2021
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.19041.0001)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
C:\Program Files\trend micro\bek69.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://toshiba13.msn.com/?pc=TEJB
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://toshiba13.msn.com/?pc=TEJB
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O1 - Hosts: ::1 localhost
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O2 - BHO: (no name) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - (no file)
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Skype for Desktop] C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
O4 - HKCU\..\Run: [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [iCloudServices] "C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe"
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files\Google\Drive\googledrivesync.exe" /autostart
O4 - HKCU\..\Run: [com.squirrel.WhatsApp.WhatsApp] C:\Users\bek69\AppData\Local\WhatsApp\Update.exe --processStart "WhatsApp.exe"
O4 - HKCU\..\Run: [OneDrive] "C:\Users\bek69\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [com.squirrel.Teams.Teams] C:\Users\bek69\AppData\Local\Microsoft\Teams\Update.exe --processStart "Teams.exe" --process-start-args "--system-initiated"
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\MSOXMLMF.DLL
O23 - Service: AdaptiveSleepService - Unknown owner - C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Inc. - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Adobe Genuine Monitor Service (AGMService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
O23 - Service: Adobe Genuine Software Integrity Service (AGSService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - AMD - C:\WINDOWS\System32\DriverStore\FileRepository\c0320084.inf_amd64_7f3036a79bcd0f6e\atiesrxx.exe
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\aswidsagent.exe
O23 - Service: AtherosSvc - Unknown owner - C:\WINDOWS\System32\drivers\AdminService.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Avast Tools (avast! Tools) - AVAST Software - C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
O23 - Service: AvastWscReporter - AVAST Software - C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
O23 - Service: @%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100 (CredentialEnrollmentManagerUserSvc) - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: CredentialEnrollmentManagerUserSvc_c49ab - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
O23 - Service: @oem213.inf,%FnKeyDisplayName%;dynabook Function Key control service (DSDFunctionKeyCtlService) - Dynabook Inc. - C:\WINDOWS\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_652655c5335c62da\DSDFunctionKeyCtlService.exe
O23 - Service: DTS APO Service (dts_apo_service) - Unknown owner - C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: Elan Service (ETDService) - ELAN Microelectronics Corp. - C:\Program Files\Elantech\ETDService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Freemake Improver - Freemake - C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
O23 - Service: GamesAppIntegrationService - WildTangent - C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - HP Inc. - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: Origin Web Helper Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginWebHelperService.exe
O23 - Service: @%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101 (perceptionsimulation) - Unknown owner - C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\WINDOWS\system32\SgrmBroker.exe (file missing)
O23 - Service: @firewallapi.dll,-50323 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: TOSHIBA eco Utility Service - Toshiba Corporation - C:\Program Files\TOSHIBA\Teco\TecoService.exe
O23 - Service: @oem213.inf,%TSSDisplayName%;TSDSettingService (TSDSettingService) - Dynabook Inc. - C:\WINDOWS\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_652655c5335c62da\dynabookSystemService.exe
O23 - Service: @oem213.inf,%TBDisplayName%;TSDTabletControlService (TSDTabletControlService) - Dynabook Inc. - C:\WINDOWS\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_652655c5335c62da\TOSTABSYSSVC.exe
O23 - Service: @oem213.inf,%RMDisplayName%;TSDWirelessLEDCtlService (TSDWirelessLEDCtlService) - Dynabook Inc. - C:\WINDOWS\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_652655c5335c62da\RMService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Wondershare Application Framework Service (WsAppService) - Wondershare - C:\Program Files (x86)\Wondershare\WAF\2.4.3.237\WsAppService.exe
O23 - Service: Wondershare Driver Install Service (WsDrvInst) - Wondershare - C:\Program Files (x86)\Wondershare\dr.fone\Library\DriverInstaller\DriverInstall.exe
--
End of file - 14325 bytes
======Listing Processes======
winlogon.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p
"fontdrvhost.exe"
"fontdrvhost.exe"
C:\WINDOWS\system32\svchost.exe -k RPCSS -p
"dwm.exe"
C:\WINDOWS\system32\svchost.exe -k netsvcs -p
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork -p
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalService -p
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k appmodel -p
C:\WINDOWS\System32\svchost.exe -k NetworkService -p
C:\WINDOWS\System32\DriverStore\FileRepository\c0320084.inf_amd64_7f3036a79bcd0f6e\atiesrxx.exe
dashost.exe {4e057f1f-8704-473b-9e66db1820ae2fe5}
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation -p
atieclxx
dashost.exe {451bdb2b-a248-44d2-8ff9b2df999e7e79}
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p
"C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe" /runassvc
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetworkFirewall -p
C:\WINDOWS\System32\drivers\AdminService.exe
"C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe" /service
C:\WINDOWS\System32\svchost.exe -k utcsvc -p
"C:\Program Files\Elantech\ETDService.exe"
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_652655c5335c62da\RMService.exe
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Wondershare\dr.fone\Library\DriverInstaller\DriverInstall.exe"
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted -p
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files\AVAST Software\Avast\aswEngSrv.exe" /pipename="76C35975-D748-E49F-ABB4-2FE45FAF692E" /binpath="C:\Program Files\AVAST Software\Avast"
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe"
"C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler64.exe"
"C:\Program Files\Elantech\ETDCtrl.exe"
sihost.exe
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
C:\WINDOWS\system32\svchost.exe -k BthAppGroup -p
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
"ctfmon.exe"
C:\WINDOWS\Explorer.EXE
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
C:\WINDOWS\system32\svchost.exe -k ClipboardSvcGroup -p
"C:\WINDOWS\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe" -ServerName:App.AppXywbrabmsek0gm3tkwpr5kwzbs55tkqay.mca
"C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe" -ServerName:WindowsDefaultLockScreen.AppX7y4nbzq37zn4ks9k7amqjywdat7d3j2z.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\WINDOWS\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\InputApp\TextInputHost.exe" -ServerName:InputApp.AppX9jnwykgrccxc8by3hsrsh07r423xzvav.mca
"C:\Windows\System32\SecurityHealthSystray.exe"
"C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe"
"C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe" -ServerName:CortanaUI.AppX8z9r6jm96hw4bsbneegw0kyxx296wr9t.mca
"C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe"
AvastUI.exe /nogui
"C:\Program Files\Google\Drive\googledrivesync.exe" /autostart
C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding
"C:\Program Files\WindowsApps\Microsoft.YourPhone_1.21011.101.0_x64__8wekyb3d8bbwe\YourPhoneServer/YourPhoneServer.exe" -Embedding
"C:\Users\bek69\AppData\Local\WhatsApp\app-2.2106.10\WhatsApp.exe"
"C:\Program Files\Google\Drive\googledrivesync.exe" /autostart
"C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe" --type=crashpad-handler "--user-data-dir=C:\Users\bek69\AppData\Roaming\Microsoft\Skype for Desktop" /prefetch:7 --no-rate-limit --no-upload-gzip --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\bek69\AppData\Roaming\Microsoft\Skype for Desktop\Crashpad" --url=appcenter://generic?aid=a7417433-29d9-4bc0-8826-af367733939d&iid=8ff3205f-699c-4491-1aee-a9c27deddd75&uid=8ff3205f-699c-4491-1aee-a9c27deddd75 --annotation=_companyName=Skype --annotation=_productName=skype-preview --annotation=_version=8.69.0.77 --annotation=prod=Electron --annotation=ver=11.2.1 --initial-client-data=0x564,0x568,0x56c,0x540,0x570,0x75a2168,0x75a2178,0x75a2184
"C:\Program Files\WindowsApps\Microsoft.YourPhone_1.21011.101.0_x64__8wekyb3d8bbwe\YourPhone.exe" -ServerName:App.AppX9yct9q388jvt4h7y0gn06smzkxcsnt8m.mca
"C:\Users\bek69\AppData\Local\WhatsApp\app-2.2106.10\WhatsApp.exe" --type=gpu-process --field-trial-handle=1704,14164878138195483069,687265571835798197,131072 --enable-features=WebComponentsV0Enabled --disable-features=SpareRendererForSitePerProcess --gpu-preferences=KAAAAAAAAADgAAAwAAAAAAAAYAAAAAAAEAAAAAAAAAAAAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAFAAAAEAAAAAAAAAAAAAAABgAAABAAAAAAAAAAAQAAAAUAAAAQAAAAAAAAAAEAAAAGAAAA --mojo-platform-channel-handle=1756 --ignored=" --type=renderer " /prefetch:2
"C:\Users\bek69\AppData\Local\WhatsApp\app-2.2106.10\WhatsApp.exe" --type=utility --field-trial-handle=1704,14164878138195483069,687265571835798197,131072 --enable-features=WebComponentsV0Enabled --disable-features=SpareRendererForSitePerProcess --lang=cs --service-sandbox-type=network --standard-schemes=whatsapp --secure-schemes=whatsapp --bypasscsp-schemes --cors-schemes --fetch-schemes --service-worker-schemes --mojo-platform-channel-handle=1840 /prefetch:8
C:\Users\bek69\AppData\Local\WhatsApp\app-2.2106.10\WhatsApp.exe --no-rate-limit --no-upload-gzip --type=crash-handler "--crashes-directory=C:\Users\bek69\AppData\Local\Temp\WhatsApp Crashes" "--database=C:\Users\bek69\AppData\Local\Temp\WhatsApp Crashes" "--metrics-dir=C:\Users\bek69\AppData\Local\Temp\WhatsApp Crashes" --url=https://crashlogs.whatsapp.net/wa_clb_d ... 9f5370b7af --initial-client-data=0x88c,0x890,0x894,0x888,0x898,0x7ff7f2044298,0x7ff7f20442a8,0x7ff7f20442b8
"C:\Users\bek69\AppData\Local\WhatsApp\app-2.2106.10\WhatsApp.exe" --type=renderer --autoplay-policy=no-user-gesture-required --field-trial-handle=1704,14164878138195483069,687265571835798197,131072 --enable-features=WebComponentsV0Enabled --disable-features=SpareRendererForSitePerProcess --lang=cs --standard-schemes=whatsapp --secure-schemes=whatsapp --bypasscsp-schemes --cors-schemes --fetch-schemes --service-worker-schemes --app-user-model-id=com.squirrel.WhatsApp.WhatsApp --app-path="C:\Users\bek69\AppData\Local\WhatsApp\app-2.2106.10\resources\app.asar" --no-sandbox --no-zygote --preload="C:\Users\bek69\AppData\Local\WhatsApp\app-2.2106.10\resources\app.asar\preload.js" --enable-remote-module --background-color=#DDDBD1 --enable-spellcheck --enable-websql --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2412 /prefetch:1
"C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe" --type=gpu-process --field-trial-handle=2112,11363798568046969892,16925469210104976448,131072 --enable-features=WebComponentsV0Enabled,WinUseBrowserSpellChecker,WinUseHybridSpellChecker --disable-features=CookiesWithoutSameSiteMustBeSecure,SameSiteByDefaultCookies,SpareRendererForSitePerProcess --gpu-preferences=MAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAQAAAAAAAAAAAAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAA= --mojo-platform-channel-handle=2124 /prefetch:2
"C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2112,11363798568046969892,16925469210104976448,131072 --enable-features=WebComponentsV0Enabled,WinUseBrowserSpellChecker,WinUseHybridSpellChecker --disable-features=CookiesWithoutSameSiteMustBeSecure,SameSiteByDefaultCookies,SpareRendererForSitePerProcess --lang=cs --service-sandbox-type=network --mojo-platform-channel-handle=2392 /prefetch:8
"C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe" --type=renderer --autoplay-policy=no-user-gesture-required --disable-background-timer-throttling --ms-disable-indexeddb-transaction-timeout --field-trial-handle=2112,11363798568046969892,16925469210104976448,131072 --enable-features=WebComponentsV0Enabled,WinUseBrowserSpellChecker,WinUseHybridSpellChecker --disable-features=CookiesWithoutSameSiteMustBeSecure,SameSiteByDefaultCookies,SpareRendererForSitePerProcess --lang=cs --app-user-model-id=Microsoft.Skype.SkypeDesktop --app-path="C:\Program Files (x86)\Microsoft\Skype for Desktop\resources\app.asar" --webview-tag --no-sandbox --no-zygote --native-window-open --preload="C:\Program Files (x86)\Microsoft\Skype for Desktop\resources\app.asar\preload.js" --world-safe-execute-javascript --background-color=#fff --node-integration-in-subframes --enable-spellcheck --enable-websql --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2852 /prefetch:1 --skype-process-type=Main --skype-window-id=__MAIN_ROOT_VIEW_ID__
"C:\Users\bek69\AppData\Local\WhatsApp\app-2.2106.10\WhatsApp.exe" --type=renderer --autoplay-policy=no-user-gesture-required --field-trial-handle=1704,14164878138195483069,687265571835798197,131072 --enable-features=WebComponentsV0Enabled --disable-features=SpareRendererForSitePerProcess --lang=cs --standard-schemes=whatsapp --secure-schemes=whatsapp --bypasscsp-schemes --cors-schemes --fetch-schemes --service-worker-schemes --app-user-model-id=com.squirrel.WhatsApp.WhatsApp --app-path="C:\Users\bek69\AppData\Local\WhatsApp\app-2.2106.10\resources\app.asar" --no-sandbox --no-zygote --preload="C:\Users\bek69\AppData\Local\WhatsApp\app-2.2106.10\resources\app.asar\voip_window_preload.js" --enable-remote-module --background-color=#00ffffff --enable-websql --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2844 /prefetch:1
"C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2112,11363798568046969892,16925469210104976448,131072 --enable-features=WebComponentsV0Enabled,WinUseBrowserSpellChecker,WinUseHybridSpellChecker --disable-features=CookiesWithoutSameSiteMustBeSecure,SameSiteByDefaultCookies,SpareRendererForSitePerProcess --lang=cs --service-sandbox-type=audio --mojo-platform-channel-handle=2716 /prefetch:8
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
C:\WINDOWS\System32\svchost.exe -k netsvcs -p
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" --type=gpu-process --field-trial-handle=8716,8619776136738303511,5867063874589231723,131072 --enable-features=CastMediaRouteProvider --disable-features=OutOfBlinkCors --no-sandbox --disable-gpu-driver-bug-workarounds --log-file="C:\Users\bek69\AppData\Roaming\Avast Software\Avast\log\cef_log.txt" --log-severity=error --user-agent="Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.3.3626.1895 Safari/537.36 Avastium (21.1.2449)" --lang=en-US --proxy-auto-detect --disable-webaudio --force-wave-audio --disable-software-rasterizer --no-sandbox --blacklist-accelerated-compositing --disable-accelerated-2d-canvas --disable-accelerated-compositing --disable-accelerated-layers --disable-accelerated-video-decode --blacklist-webgl --disable-bundled-ppapi-flash --disable-flash-3d --enable-aggressive-domstorage-flushing --enable-media-stream --allow-file-access-from-files=1 --pack_loading_disabled=1 --gpu-preferences=MAAAAAAAAADgAABwAAAAAAAAAAAAAAAAAABgAAAAAAAQAAAAAAAAAAAAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAA= --use-gl=swiftshader-webgl --log-file="C:\Users\bek69\AppData\Roaming\Avast Software\Avast\log\cef_log.txt" --mojo-platform-channel-handle=8576 /prefetch:2
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=8716,8619776136738303511,5867063874589231723,131072 --enable-features=CastMediaRouteProvider --disable-features=OutOfBlinkCors --lang=en-US --service-sandbox-type=network --no-sandbox --force-wave-audio --log-file="C:\Users\bek69\AppData\Roaming\Avast Software\Avast\log\cef_log.txt" --log-severity=error --user-agent="Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.3.3626.1895 Safari/537.36 Avastium (21.1.2449)" --lang=en-US --proxy-auto-detect --disable-webaudio --force-wave-audio --disable-software-rasterizer --no-sandbox --blacklist-accelerated-compositing --disable-accelerated-2d-canvas --disable-accelerated-compositing --disable-accelerated-layers --disable-accelerated-video-decode --blacklist-webgl --disable-bundled-ppapi-flash --disable-flash-3d --enable-aggressive-domstorage-flushing --enable-media-stream --allow-file-access-from-files=1 --pack_loading_disabled=1 --log-file="C:\Users\bek69\AppData\Roaming\Avast Software\Avast\log\cef_log.txt" --mojo-platform-channel-handle=8412 /prefetch:8
"C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe" -ServerName:MicrosoftEdge.AppXdnhjhccw3zf0j06tkg3jtqr00qdm0khc.mca
C:\WINDOWS\system32\browser_broker.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\system32\MicrosoftEdgeSH.exe SCODEF:8424 CREDAT:9730 APH:100000000000000C JITHOST /prefetch:2
"C:\Windows\System32\MicrosoftEdgeCP.exe" -ServerName:Windows.Internal.WebRuntime.ContentProcessServer
"C:\Program Files\WindowsApps\Microsoft.MSPaint_6.2009.30067.0_x64__8wekyb3d8bbwe\PaintStudio.View.exe"
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Windows\ImmersiveControlPanel\SystemSettings.exe" -ServerName:microsoft.windows.immersivecontrolpanel
C:\Windows\System32\oobe\UserOOBEBroker.exe -Embedding
"C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2020.20110.11001.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe" -ServerName:App.AppXzst44mncqdg84v7sv6p7yznqwssy6f7f.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\AUDIODG.EXE 0x450
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="4560.0.1902098433\2084864297" -parentBuildID 20210222142601 -prefsHandle 1728 -prefMapHandle 1700 -prefsLen 1 -prefMapSize 254952 -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" - 4560 "\\.\pipe\gecko-crash-server-pipe.4560" 1804 gpu
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="4560.6.1015779059\1728087256" -childID 1 -isForBrowser -prefsHandle 2552 -prefMapHandle 2528 -prefsLen 378 -prefMapSize 254952 -parentBuildID 20210222142601 -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" - 4560 "\\.\pipe\gecko-crash-server-pipe.4560" 2564 tab
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="4560.13.2133865604\420229157" -childID 2 -isForBrowser -prefsHandle 3004 -prefMapHandle 3000 -prefsLen 442 -prefMapSize 254952 -parentBuildID 20210222142601 -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" - 4560 "\\.\pipe\gecko-crash-server-pipe.4560" 3020 tab
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -contentproc --channel="4560.27.480943193\592113803" -childID 4 -isForBrowser -prefsHandle 4708 -prefMapHandle 4688 -prefsLen 6563 -prefMapSize 254952 -parentBuildID 20210222142601 -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" - 4560 "\\.\pipe\gecko-crash-server-pipe.4560" 4660 tab
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-12e8c771-3579-4b80-853e-7da76b50a4bd -SystemEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-ba23e09d-ea7c-45a7-9a4f-5ec4fdf28be2 -IoCancelEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-9d4dab54-4669-4526-8205-b4a5fa0891ed -NonStateChangingEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-40c4163c-4890-4da8-a470-dc337148a4b1 -LifetimeId:c6731c27-5dae-44ce-a71d-6804e2014986 -DeviceGroupId:MiracastDevices -HostArg:0
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe6_ Global\UsGthrCtrlFltPipeMssGthrPipe6 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 804 808 816 8192 812 784
"C:\Users\bek69\Desktop\RSITx64.exe"
======Scheduled tasks folder======
C:\WINDOWS\tasks\Avast Driver Updater Scan.job - C:\Program Files (x86)\Avast Driver Updater\Avast Driver Updater.exe scheduled
=========Mozilla firefox=========
ProfilePath - C:\Users\bek69\AppData\Roaming\Mozilla\Firefox\Profiles\w1b22rw2.default-1489490201594-1570643153449
prefs.js - "browser.startup.homepage" - "www.seznam.cz"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 32.0.0.414 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_414.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/Lync,version=15.0]
"Description"=Skype for Business Plug-in for Firefox
"Path"=C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.2]
"Description"=VLC Multimedia Plugin
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.3]
"Description"=VLC Multimedia Plugin
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.4]
"Description"=VLC Multimedia Plugin
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.6]
"Description"=VLC Multimedia Plugin
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.8]
"Description"=VLC Multimedia Plugin
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=3.0.0]
"Description"=VLC Multimedia Plugin
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=3.0.1]
"Description"=VLC Multimedia Plugin
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=3.0.2]
"Description"=VLC Multimedia Plugin
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=3.0.3]
"Description"=VLC Multimedia Plugin
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=3.0.4]
"Description"=VLC Multimedia Plugin
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=3.0.6]
"Description"=VLC Multimedia Plugin
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=3.0.7]
"Description"=VLC Multimedia Plugin
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=3.0.7.1]
"Description"=VLC Multimedia Plugin
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0]
"Description"=WildTangent Games App V2 Presence Detector Plugin
"Path"=C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 32.0.0.414 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_414.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.271.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre1.8.0_271\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.271.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre1.8.0_271\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll
C:\Program Files (x86)\Mozilla Firefox\plugins\
npMeetingJoinPluginOC.dll
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2020-10-13 238384]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_271\bin\ssv.dll [2021-02-04 734376]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft OneDrive for Business Browser Helper - C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_271\bin\jp2ssv.dll [2021-02-04 348328]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-02-10 151872]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\WINDOWS\system32\SecurityHealthSystray.exe [2019-12-07 86016]
"TCrdMain"=C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2013-10-09 2556768]
"TSSSrv"=C:\Program Files (x86)\TOSHIBA\System Setting\TSSSrv.exe [2013-10-22 296008]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2021-02-24 116960]
"AdobeGCInvoker-1.0"=C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2020-05-05 3325520]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2021-02-04 3873000]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2020-11-12 337720]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype for Desktop"=C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [2021-02-12 109945728]
"CCleaner Smart Cleaning"=C:\Program Files\CCleaner\CCleaner64.exe [2021-01-06 32440376]
"iCloudServices"=C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [2020-09-08 67384]
"GoogleDriveSync"=C:\Program Files\Google\Drive\googledrivesync.exe [2021-01-20 50011008]
"com.squirrel.WhatsApp.WhatsApp"=C:\Users\bek69\AppData\Local\WhatsApp\Update.exe [2021-02-27 2252488]
"OneDrive"=C:\Users\bek69\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2020-11-24 1938296]
"com.squirrel.Teams.Teams"=C:\Users\bek69\AppData\Local\Microsoft\Teams\Update.exe [2021-02-27 2453720]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"HP Software Update"=C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2013-05-30 96056]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2020-09-16 706680]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CBDHSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NgcCtnrSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NgcSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aswSP.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioEndpointBuilder]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioSrv]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CBDHSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudAddService.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudBus.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsQuic]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NgcCtnrSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NgcSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SerCx2.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\usbaudio.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96C-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"EnableFullTrustStartupTasks"=2
"EnableUwpStartupTasks"=2
"SupportFullTrustStartupTasks"=1
"SupportUwpStartupTasks"=1
"SoftwareSASGeneration"=1
"EnableLinkedConnections"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoSimpleNetIDList"=1
"NoDriveTypeAutoRun"=221
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"aux"=wdmaud.drv
"midi"=wdmaud.drv
"midimapper"=midimap.dll
"mixer"=wdmaud.drv
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wave"=wdmaud.drv
"wavemapper"=msacm32.drv
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"aux1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"aux2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave2"=wdmaud.drv
======File associations======
.inf - install -
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2021-03-04 20:09:38 ----D---- C:\FRST
2021-02-24 08:46:33 ----D---- C:\Program Files (x86)\Mozilla Firefox
2021-02-24 08:14:03 ----A---- C:\WINDOWS\system32\drivers\aswMonFlt.sys
2021-02-24 08:13:59 ----A---- C:\WINDOWS\system32\drivers\aswSP.sys
2021-02-24 08:12:52 ----A---- C:\WINDOWS\system32\aswBoot.exe
2021-02-24 08:12:51 ----A---- C:\WINDOWS\system32\drivers\aswVmm.sys
2021-02-24 08:12:51 ----A---- C:\WINDOWS\system32\drivers\aswSnx.sys
2021-02-24 08:12:51 ----A---- C:\WINDOWS\system32\drivers\aswRvrt.sys
2021-02-24 08:12:51 ----A---- C:\WINDOWS\system32\drivers\aswRdr2.sys
2021-02-24 08:12:51 ----A---- C:\WINDOWS\system32\drivers\aswNetHub.sys
2021-02-24 08:12:51 ----A---- C:\WINDOWS\system32\drivers\aswKbd.sys
2021-02-24 08:12:51 ----A---- C:\WINDOWS\system32\drivers\aswbuniv.sys
2021-02-24 08:12:51 ----A---- C:\WINDOWS\system32\drivers\aswbidsh.sys
2021-02-24 08:12:51 ----A---- C:\WINDOWS\system32\drivers\aswbidsdriver.sys
2021-02-24 08:12:51 ----A---- C:\WINDOWS\system32\drivers\aswArPot.sys
2021-02-24 08:12:51 ----A---- C:\WINDOWS\system32\drivers\aswArDisk.sys
2021-02-24 08:12:50 ----A---- C:\WINDOWS\system32\drivers\aswStm.sys
2021-02-20 08:35:29 ----D---- C:\WINDOWS\system32\Logs
2021-02-20 08:35:29 ----A---- C:\WINDOWS\system32\sedplugins.dll
2021-02-20 08:35:29 ----A---- C:\WINDOWS\system32\QualityUpdateAssistant.dll
2021-02-20 08:35:28 ----D---- C:\Program Files\Microsoft Update Health Tools
2021-02-16 08:50:17 ----D---- C:\ProgramData\bek69
2021-02-11 12:05:51 ----A---- C:\WINDOWS\system32\FXSUNATD.exe
2021-02-11 12:05:51 ----A---- C:\WINDOWS\system32\FXSSVC.exe
2021-02-11 12:05:51 ----A---- C:\WINDOWS\system32\FXSROUTE.dll
2021-02-11 12:05:51 ----A---- C:\WINDOWS\system32\FXSMON.dll
2021-02-11 12:05:51 ----A---- C:\WINDOWS\system32\FXSEVENT.dll
2021-02-11 12:05:49 ----A---- C:\WINDOWS\SYSWOW64\fveapibase.dll
2021-02-11 12:05:49 ----A---- C:\WINDOWS\SYSWOW64\fveapi.dll
2021-02-11 12:05:49 ----A---- C:\WINDOWS\system32\fveapibase.dll
2021-02-11 12:05:49 ----A---- C:\WINDOWS\system32\fveapi.dll
2021-02-11 12:05:49 ----A---- C:\WINDOWS\system32\drivers\fvevol.sys
2021-02-11 12:05:49 ----A---- C:\WINDOWS\system32\drivers\dumpfve.sys
2021-02-11 12:05:49 ----A---- C:\WINDOWS\system32\bdesvc.dll
2021-02-11 12:05:48 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.Picker.dll
2021-02-11 12:05:48 ----A---- C:\WINDOWS\system32\fvewiz.dll
2021-02-11 12:05:48 ----A---- C:\WINDOWS\system32\fveui.dll
2021-02-11 12:05:47 ----A---- C:\WINDOWS\SYSWOW64\cdp.dll
2021-02-11 12:05:46 ----A---- C:\WINDOWS\system32\Windows.Devices.Picker.dll
2021-02-11 12:05:30 ----A---- C:\WINDOWS\system32\cdp.dll
2021-02-11 12:05:30 ----A---- C:\WINDOWS\system32\AppReadiness.dll
2021-02-11 12:05:19 ----A---- C:\WINDOWS\SYSWOW64\msmpeg2vdec.dll
2021-02-11 12:05:19 ----A---- C:\WINDOWS\SYSWOW64\mfmpeg2srcsnk.dll
2021-02-11 12:05:19 ----A---- C:\WINDOWS\SYSWOW64\DolbyDecMFT.dll
2021-02-11 12:05:18 ----A---- C:\WINDOWS\SYSWOW64\msvproc.dll
2021-02-11 12:05:18 ----A---- C:\WINDOWS\SYSWOW64\mfsvr.dll
2021-02-11 12:05:18 ----A---- C:\WINDOWS\SYSWOW64\MFMediaEngine.dll
2021-02-11 12:05:17 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.dll
2021-02-11 12:05:17 ----A---- C:\WINDOWS\SYSWOW64\mfps.dll
2021-02-11 12:05:16 ----A---- C:\WINDOWS\SYSWOW64\MSPhotography.dll
2021-02-11 12:05:16 ----A---- C:\WINDOWS\SYSWOW64\mfcore.dll
2021-02-11 12:05:16 ----A---- C:\WINDOWS\SYSWOW64\MFCaptureEngine.dll
2021-02-11 12:05:16 ----A---- C:\WINDOWS\SYSWOW64\mfasfsrcsnk.dll
2021-02-11 12:05:16 ----A---- C:\WINDOWS\system32\DolbyDecMFT.dll
2021-02-11 12:05:12 ----A---- C:\WINDOWS\system32\msmpeg2vdec.dll
2021-02-11 12:05:12 ----A---- C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2021-02-11 12:05:12 ----A---- C:\WINDOWS\system32\Hydrogen.dll
2021-02-11 12:05:11 ----A---- C:\WINDOWS\system32\msvproc.dll
2021-02-11 12:05:11 ----A---- C:\WINDOWS\system32\mfsvr.dll
2021-02-11 12:05:11 ----A---- C:\WINDOWS\system32\MFMediaEngine.dll
2021-02-11 12:05:10 ----A---- C:\WINDOWS\system32\Windows.Media.dll
2021-02-11 12:05:10 ----A---- C:\WINDOWS\system32\mfps.dll
2021-02-11 12:05:09 ----A---- C:\WINDOWS\system32\mfcore.dll
2021-02-11 12:05:09 ----A---- C:\WINDOWS\system32\mfasfsrcsnk.dll
2021-02-11 12:05:08 ----A---- C:\WINDOWS\system32\MSPhotography.dll
2021-02-11 12:05:08 ----A---- C:\WINDOWS\system32\MFCaptureEngine.dll
2021-02-11 12:05:07 ----A---- C:\WINDOWS\SYSWOW64\WindowsCodecsRaw.dll
2021-02-11 12:05:04 ----A---- C:\WINDOWS\SYSWOW64\tsgqec.dll
2021-02-11 12:05:04 ----A---- C:\WINDOWS\SYSWOW64\mstscax.dll
2021-02-11 12:05:04 ----A---- C:\WINDOWS\system32\WindowsCodecsRaw.dll
2021-02-11 12:05:03 ----A---- C:\WINDOWS\SYSWOW64\wsp_health.dll
2021-02-11 12:05:03 ----A---- C:\WINDOWS\SYSWOW64\wsp_fs.dll
2021-02-11 12:05:03 ----A---- C:\WINDOWS\SYSWOW64\nshwfp.dll
2021-02-11 12:05:03 ----A---- C:\WINDOWS\SYSWOW64\cryptuiwizard.dll
2021-02-11 12:05:03 ----A---- C:\WINDOWS\SYSWOW64\CertPKICmdlet.dll
2021-02-11 12:05:02 ----A---- C:\WINDOWS\SYSWOW64\msimsg.dll
2021-02-11 12:05:02 ----A---- C:\WINDOWS\SYSWOW64\msi.dll
2021-02-11 12:05:01 ----A---- C:\WINDOWS\SYSWOW64\iemigplugin.dll
2021-02-11 12:05:00 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2021-02-11 12:04:59 ----A---- C:\WINDOWS\SYSWOW64\IndexedDbLegacy.dll
2021-02-11 12:04:59 ----A---- C:\WINDOWS\SYSWOW64\ieproxy.dll
2021-02-11 12:04:57 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2021-02-11 12:04:56 ----A---- C:\WINDOWS\SYSWOW64\webplatstorageserver.dll
2021-02-11 12:04:56 ----A---- C:\WINDOWS\SYSWOW64\EdgeManager.dll
2021-02-11 12:04:34 ----A---- C:\WINDOWS\SYSWOW64\imapi2fs.dll
2021-02-11 12:04:34 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2021-02-11 12:04:33 ----A---- C:\WINDOWS\SYSWOW64\werui.dll
2021-02-11 12:04:33 ----A---- C:\WINDOWS\SYSWOW64\packager.dll
2021-02-11 12:04:33 ----A---- C:\WINDOWS\SYSWOW64\autofmt.exe
2021-02-11 12:04:33 ----A---- C:\WINDOWS\SYSWOW64\autoconv.exe
2021-02-11 12:04:32 ----A---- C:\WINDOWS\SYSWOW64\resutils.dll
2021-02-11 12:04:32 ----A---- C:\WINDOWS\SYSWOW64\clusapi.dll
2021-02-11 12:04:28 ----A---- C:\WINDOWS\system32\fhtask.dll
2021-02-11 12:04:28 ----A---- C:\WINDOWS\system32\fhsvcctl.dll
2021-02-11 12:04:28 ----A---- C:\WINDOWS\system32\fhsvc.dll
2021-02-11 12:04:28 ----A---- C:\WINDOWS\system32\fhshl.dll
2021-02-11 12:04:28 ----A---- C:\WINDOWS\system32\fhsettingsprovider.dll
2021-02-11 12:04:28 ----A---- C:\WINDOWS\system32\fhmanagew.exe
2021-02-11 12:04:28 ----A---- C:\WINDOWS\system32\fhlisten.dll
2021-02-11 12:04:28 ----A---- C:\WINDOWS\system32\fhcleanup.dll
2021-02-11 12:04:28 ----A---- C:\WINDOWS\system32\fhcfg.dll
2021-02-11 12:04:27 ----A---- C:\WINDOWS\system32\workfolderssvc.dll
2021-02-11 12:04:27 ----A---- C:\WINDOWS\system32\WorkFolders.exe
2021-02-11 12:04:27 ----A---- C:\WINDOWS\system32\fhsrchph.dll
2021-02-11 12:04:27 ----A---- C:\WINDOWS\system32\fhsrchapi.dll
2021-02-11 12:04:27 ----A---- C:\WINDOWS\system32\fhevents.dll
2021-02-11 12:04:27 ----A---- C:\WINDOWS\system32\fhengine.dll
2021-02-11 12:04:27 ----A---- C:\WINDOWS\system32\fhcat.dll
2021-02-11 12:04:26 ----A---- C:\WINDOWS\system32\WorkFoldersShell.dll
2021-02-11 12:04:26 ----A---- C:\WINDOWS\system32\WorkfoldersControl.dll
2021-02-11 12:04:26 ----A---- C:\WINDOWS\system32\tsgqec.dll
2021-02-11 12:04:26 ----A---- C:\WINDOWS\system32\termsrv.dll
2021-02-11 12:04:26 ----A---- C:\WINDOWS\system32\rdsdwmdr.dll
2021-02-11 12:04:26 ----A---- C:\WINDOWS\system32\DiagSvc.dll
2021-02-11 12:04:25 ----A---- C:\WINDOWS\system32\mstscax.dll
2021-02-11 12:04:24 ----A---- C:\WINDOWS\system32\wsp_health.dll
2021-02-11 12:04:24 ----A---- C:\WINDOWS\system32\wsp_fs.dll
2021-02-11 12:04:24 ----A---- C:\WINDOWS\system32\Windows.System.Profile.HardwareId.dll
2021-02-11 12:04:24 ----A---- C:\WINDOWS\system32\cryptuiwizard.dll
2021-02-11 12:04:24 ----A---- C:\WINDOWS\system32\CertPKICmdlet.dll
2021-02-11 12:04:23 ----A---- C:\WINDOWS\system32\nshwfp.dll
2021-02-11 12:04:23 ----A---- C:\WINDOWS\system32\nltest.exe
2021-02-11 12:04:23 ----A---- C:\WINDOWS\system32\msimsg.dll
2021-02-11 12:04:23 ----A---- C:\WINDOWS\system32\msi.dll
2021-02-11 12:04:22 ----A---- C:\WINDOWS\system32\IESettingSync.exe
2021-02-11 12:04:22 ----A---- C:\WINDOWS\system32\iemigplugin.dll
2021-02-11 12:04:20 ----A---- C:\WINDOWS\system32\ieframe.dll
2021-02-11 12:04:19 ----A---- C:\WINDOWS\system32\IndexedDbLegacy.dll
2021-02-11 12:04:19 ----A---- C:\WINDOWS\system32\ieproxy.dll
2021-02-11 12:04:19 ----A---- C:\WINDOWS\system32\Chakra.dll
2021-02-11 12:04:15 ----A---- C:\WINDOWS\system32\mshtml.dll
2021-02-11 12:04:15 ----A---- C:\WINDOWS\system32\EdgeManager.dll
2021-02-11 12:04:14 ----A---- C:\WINDOWS\system32\webplatstorageserver.dll
2021-02-11 12:04:11 ----A---- C:\WINDOWS\system32\imapi2fs.dll
2021-02-11 12:04:11 ----A---- C:\WINDOWS\system32\edgehtml.dll
2021-02-11 12:04:10 ----A---- C:\WINDOWS\system32\werui.dll
2021-02-11 12:04:10 ----A---- C:\WINDOWS\system32\StorSvc.dll
2021-02-11 12:04:10 ----A---- C:\WINDOWS\system32\StorageUsage.dll
2021-02-11 12:04:10 ----A---- C:\WINDOWS\system32\packager.dll
2021-02-11 12:04:09 ----A---- C:\WINDOWS\system32\edpcsp.dll
2021-02-11 12:04:09 ----A---- C:\WINDOWS\system32\EDPCleanup.exe
2021-02-11 12:04:09 ----A---- C:\WINDOWS\system32\CBDHSvc.dll
2021-02-11 12:04:09 ----A---- C:\WINDOWS\system32\autofmt.exe
2021-02-11 12:04:09 ----A---- C:\WINDOWS\system32\autoconv.exe
2021-02-11 12:04:08 ----A---- C:\WINDOWS\system32\computecore.dll
2021-02-11 12:04:08 ----A---- C:\WINDOWS\system32\ClipUp.exe
2021-02-11 12:04:05 ----A---- C:\WINDOWS\system32\resutils.dll
2021-02-11 12:04:05 ----A---- C:\WINDOWS\system32\clusapi.dll
2021-02-11 12:04:04 ----A---- C:\WINDOWS\system32\vertdll.dll
2021-02-11 12:04:04 ----A---- C:\WINDOWS\system32\ucrtbase_enclave.dll
2021-02-11 12:04:04 ----A---- C:\WINDOWS\system32\tcbloader.dll
2021-02-11 12:04:04 ----A---- C:\WINDOWS\system32\tcblaunch.exe
2021-02-11 12:04:04 ----A---- C:\WINDOWS\system32\securekernel.exe
2021-02-11 12:04:03 ----A---- C:\WINDOWS\system32\ResourceMapper.dll
2021-02-11 12:04:03 ----A---- C:\WINDOWS\system32\hvix64.exe
2021-02-11 12:04:03 ----A---- C:\WINDOWS\system32\hvax64.exe
2021-02-11 12:04:03 ----A---- C:\WINDOWS\system32\bcastdvruserservice.dll
2021-02-11 12:04:02 ----A---- C:\WINDOWS\SYSWOW64\Windows.FileExplorer.Common.dll
2021-02-11 12:04:02 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2021-02-11 12:04:02 ----A---- C:\WINDOWS\SYSWOW64\ntshrui.dll
2021-02-11 12:04:01 ----A---- C:\WINDOWS\SYSWOW64\ExplorerFrame.dll
2021-02-11 12:04:01 ----A---- C:\WINDOWS\SYSWOW64\comdlg32.dll
2021-02-11 12:04:00 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2021-02-11 12:04:00 ----A---- C:\WINDOWS\SYSWOW64\PrintWorkflowService.dll
2021-02-11 12:04:00 ----A---- C:\WINDOWS\SYSWOW64\pku2u.dll
2021-02-11 12:03:58 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Protection.PlayReady.dll
2021-02-11 12:03:58 ----A---- C:\WINDOWS\SYSWOW64\msIso.dll
2021-02-11 12:03:58 ----A---- C:\WINDOWS\SYSWOW64\edgeIso.dll
2021-02-11 12:03:57 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2021-02-11 12:03:57 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2021-02-11 12:03:57 ----A---- C:\WINDOWS\SYSWOW64\actxprxy.dll
2021-02-11 12:03:56 ----A---- C:\WINDOWS\SYSWOW64\Windows.Internal.Management.dll
2021-02-11 12:03:56 ----A---- C:\WINDOWS\SYSWOW64\tdh.dll
2021-02-11 12:03:56 ----A---- C:\WINDOWS\SYSWOW64\GdiPlus.dll
2021-02-11 12:03:56 ----A---- C:\WINDOWS\SYSWOW64\enrollmentapi.dll
2021-02-11 12:03:56 ----A---- C:\WINDOWS\SYSWOW64\efsext.dll
2021-02-11 12:03:56 ----A---- C:\WINDOWS\SYSWOW64\dmenrollengine.dll
2021-02-11 12:03:56 ----A---- C:\WINDOWS\SYSWOW64\DMAlertListener.ProxyStub.dll
2021-02-11 12:03:56 ----A---- C:\WINDOWS\SYSWOW64\BitLockerCsp.dll
2021-02-11 12:03:37 ----A---- C:\WINDOWS\SYSWOW64\mdmlocalmanagement.dll
2021-02-11 12:03:37 ----A---- C:\WINDOWS\SYSWOW64\lpk.dll
2021-02-11 12:03:37 ----A---- C:\WINDOWS\SYSWOW64\fontsub.dll
2021-02-11 12:03:37 ----A---- C:\WINDOWS\SYSWOW64\fontdrvhost.exe
2021-02-11 12:03:37 ----A---- C:\WINDOWS\SYSWOW64\dmpushproxy.dll
2021-02-11 12:03:37 ----A---- C:\WINDOWS\SYSWOW64\DMAppsRes.dll
2021-02-11 12:03:37 ----A---- C:\WINDOWS\SYSWOW64\dciman32.dll
2021-02-11 12:03:36 ----A---- C:\WINDOWS\SYSWOW64\WerFaultSecure.exe
2021-02-11 12:03:36 ----A---- C:\WINDOWS\SYSWOW64\WerFault.exe
2021-02-11 12:03:36 ----A---- C:\WINDOWS\SYSWOW64\WerEnc.dll
2021-02-11 12:03:36 ----A---- C:\WINDOWS\SYSWOW64\netlogon.dll
2021-02-11 12:03:36 ----A---- C:\WINDOWS\SYSWOW64\Faultrep.dll
2021-02-11 12:03:36 ----A---- C:\WINDOWS\SYSWOW64\dbghelp.dll
2021-02-11 12:03:35 ----A---- C:\WINDOWS\SYSWOW64\tzres.dll
2021-02-11 12:03:35 ----A---- C:\WINDOWS\SYSWOW64\schannel.dll
2021-02-11 12:03:35 ----A---- C:\WINDOWS\SYSWOW64\oleaut32.dll
2021-02-11 12:03:35 ----A---- C:\WINDOWS\SYSWOW64\msv1_0.dll
2021-02-11 12:03:35 ----A---- C:\WINDOWS\SYSWOW64\crypt32.dll
2021-02-11 12:03:35 ----A---- C:\WINDOWS\SYSWOW64\combase.dll
2021-02-11 12:03:34 ----A---- C:\WINDOWS\SYSWOW64\zipfldr.dll
2021-02-11 12:03:34 ----A---- C:\WINDOWS\SYSWOW64\wups.dll
2021-02-11 12:03:34 ----A---- C:\WINDOWS\SYSWOW64\wuapi.dll
2021-02-11 12:03:34 ----A---- C:\WINDOWS\SYSWOW64\ucrtbase.dll
2021-02-11 12:03:34 ----A---- C:\WINDOWS\SYSWOW64\msvcp_win.dll
2021-02-11 12:03:34 ----A---- C:\WINDOWS\SYSWOW64\autochk.exe
2021-02-11 12:03:34 ----A---- C:\WINDOWS\SYSWOW64\AtBroker.exe
2021-02-11 12:03:34 ----A---- C:\WINDOWS\SYSWOW64\adsldpc.dll
2021-02-11 12:03:33 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Speech.dll
2021-02-11 12:03:33 ----A---- C:\WINDOWS\SYSWOW64\untfs.dll
2021-02-11 12:03:32 ----A---- C:\WINDOWS\SYSWOW64\ulib.dll
2021-02-11 12:03:32 ----A---- C:\WINDOWS\SYSWOW64\mdmregistration.dll
2021-02-11 12:03:32 ----A---- C:\WINDOWS\SYSWOW64\ifsutil.dll
2021-02-11 12:03:32 ----A---- C:\WINDOWS\SYSWOW64\daxexec.dll
2021-02-11 12:03:32 ----A---- C:\WINDOWS\SYSWOW64\container.dll
2021-02-11 12:03:31 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.Lights.dll
2021-02-11 12:03:31 ----A---- C:\WINDOWS\SYSWOW64\win32u.dll
2021-02-11 12:03:31 ----A---- C:\WINDOWS\SYSWOW64\win32kfull.sys
2021-02-11 12:03:31 ----A---- C:\WINDOWS\SYSWOW64\win32k.sys
2021-02-11 12:03:31 ----A---- C:\WINDOWS\SYSWOW64\D3D12Core.dll
2021-02-11 12:03:30 ----A---- C:\WINDOWS\SYSWOW64\OneCoreUAPCommonProxyStub.dll
2021-02-11 12:03:30 ----A---- C:\WINDOWS\SYSWOW64\kerberos.dll
2021-02-11 12:03:30 ----A---- C:\WINDOWS\SYSWOW64\DiagnosticInvoker.dll
2021-02-11 12:03:30 ----A---- C:\WINDOWS\SYSWOW64\D3D12.dll
2021-02-11 12:03:29 ----A---- C:\WINDOWS\SYSWOW64\Windows.StateRepositoryUpgrade.dll
2021-02-11 12:03:29 ----A---- C:\WINDOWS\SYSWOW64\Windows.StateRepositoryPS.dll
2021-02-11 12:03:29 ----A---- C:\WINDOWS\SYSWOW64\Windows.StateRepositoryCore.dll
2021-02-11 12:03:29 ----A---- C:\WINDOWS\SYSWOW64\Windows.StateRepositoryClient.dll
2021-02-11 12:03:29 ----A---- C:\WINDOWS\SYSWOW64\Windows.StateRepositoryBroker.dll
2021-02-11 12:03:29 ----A---- C:\WINDOWS\SYSWOW64\StateRepository.Core.dll
2021-02-11 12:03:29 ----A---- C:\WINDOWS\SYSWOW64\KerbClientShared.dll
2021-02-11 12:03:28 ----A---- C:\WINDOWS\SYSWOW64\wintrust.dll
2021-02-11 12:03:28 ----A---- C:\WINDOWS\SYSWOW64\Windows.StateRepository.dll
2021-02-11 12:03:28 ----A---- C:\WINDOWS\SYSWOW64\AppXDeploymentClient.dll
2021-02-11 12:03:27 ----A---- C:\WINDOWS\SYSWOW64\windows.storage.dll
2021-02-11 12:03:26 ----A---- C:\WINDOWS\SYSWOW64\WordBreakers.dll
2021-02-11 12:03:26 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Core.TextInput.dll
2021-02-11 12:03:26 ----A---- C:\WINDOWS\SYSWOW64\TextInputFramework.dll
2021-02-11 12:03:26 ----A---- C:\WINDOWS\SYSWOW64\InstallService.dll
2021-02-11 12:03:26 ----A---- C:\WINDOWS\SYSWOW64\esent.dll
2021-02-11 12:03:26 ----A---- C:\WINDOWS\SYSWOW64\EditBufferTestHook.dll
2021-02-11 12:03:25 ----A---- C:\WINDOWS\SYSWOW64\tquery.dll
2021-02-11 12:03:25 ----A---- C:\WINDOWS\SYSWOW64\Search.ProtocolHandler.MAPI2.dll
2021-02-11 12:03:25 ----A---- C:\WINDOWS\SYSWOW64\mssvp.dll
2021-02-11 12:03:25 ----A---- C:\WINDOWS\SYSWOW64\mssrch.dll
2021-02-11 12:03:25 ----A---- C:\WINDOWS\SYSWOW64\mssprxy.dll
2021-02-11 12:03:24 ----A---- C:\WINDOWS\SYSWOW64\SearchProtocolHost.exe
2021-02-11 12:03:24 ----A---- C:\WINDOWS\SYSWOW64\SearchIndexer.exe
2021-02-11 12:03:24 ----A---- C:\WINDOWS\SYSWOW64\SearchFilterHost.exe
2021-02-11 12:03:24 ----A---- C:\WINDOWS\SYSWOW64\mssph.dll
2021-02-11 12:03:24 ----A---- C:\WINDOWS\SYSWOW64\mssitlb.dll
2021-02-11 12:03:24 ----A---- C:\WINDOWS\SYSWOW64\msscntrs.dll
2021-02-11 12:03:24 ----A---- C:\WINDOWS\SYSWOW64\DWrite.dll
2021-02-11 12:03:24 ----A---- C:\WINDOWS\SYSWOW64\ActivationManager.dll
2021-02-11 12:03:23 ----A---- C:\WINDOWS\SYSWOW64\Windows.System.Launcher.dll
2021-02-11 12:03:23 ----A---- C:\WINDOWS\SYSWOW64\UIAutomationCore.dll
2021-02-11 12:03:23 ----A---- C:\WINDOWS\SYSWOW64\twinui.appcore.dll
2021-02-11 12:03:23 ----A---- C:\WINDOWS\SYSWOW64\GameInput.dll
2021-02-11 12:03:22 ----A---- C:\WINDOWS\SYSWOW64\Windows.Data.Pdf.dll
2021-02-11 12:03:22 ----A---- C:\WINDOWS\SYSWOW64\msftedit.dll
2021-02-11 12:03:21 ----A---- C:\WINDOWS\SYSWOW64\WWAHost.exe
2021-02-11 12:03:21 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.Phone.dll
2021-02-11 12:03:21 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Input.Inking.dll
2021-02-11 12:03:21 ----A---- C:\WINDOWS\SYSWOW64\ShareHost.dll
2021-02-11 12:03:21 ----A---- C:\WINDOWS\SYSWOW64\cdprt.dll
2021-02-11 12:03:20 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.Maps.dll
2021-02-11 12:03:20 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.InkControls.dll
2021-02-11 12:03:19 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.Controls.dll
2021-02-11 12:03:18 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.dll
2021-02-11 12:03:18 ----A---- C:\WINDOWS\SYSWOW64\kernel32.dll
2021-02-11 12:03:17 ----A---- C:\WINDOWS\SYSWOW64\TokenBroker.dll
2021-02-11 12:03:17 ----A---- C:\WINDOWS\SYSWOW64\sechost.dll
2021-02-11 12:03:17 ----A---- C:\WINDOWS\SYSWOW64\PCPKsp.dll
2021-02-11 12:03:17 ----A---- C:\WINDOWS\SYSWOW64\ntdll.dll
2021-02-11 12:03:17 ----A---- C:\WINDOWS\SYSWOW64\msctf.dll
2021-02-11 12:03:17 ----A---- C:\WINDOWS\SYSWOW64\LicensingDiagSpp.dll
2021-02-11 12:03:16 ----A---- C:\WINDOWS\SYSWOW64\SpatialAudioLicenseSrv.exe
2021-02-11 12:03:16 ----A---- C:\WINDOWS\SYSWOW64\ContentDeliveryManager.Utilities.dll
2021-02-11 12:03:16 ----A---- C:\WINDOWS\SYSWOW64\AudioSes.dll
2021-02-11 12:03:16 ----A---- C:\WINDOWS\SYSWOW64\AUDIOKSE.dll
2021-02-11 12:03:15 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.ConversationalAgent.dll
2021-02-11 12:03:15 ----A---- C:\WINDOWS\SYSWOW64\remoteaudioendpoint.dll
2021-02-11 12:03:15 ----A---- C:\WINDOWS\SYSWOW64\MMDevAPI.dll
2021-02-11 12:03:15 ----A---- C:\WINDOWS\SYSWOW64\AudioEng.dll
2021-02-11 12:03:15 ----A---- C:\WINDOWS\SYSWOW64\agentactivationruntimewindows.dll
2021-02-11 12:03:15 ----A---- C:\WINDOWS\SYSWOW64\agentactivationruntime.dll
2021-02-11 12:03:15 ----A---- C:\WINDOWS\SYSWOW64\AarSvc.dll
2021-02-11 12:02:49 ----A---- C:\WINDOWS\system32\pku2u.dll
2021-02-11 12:02:49 ----A---- C:\WINDOWS\system32\LsaIso.exe
2021-02-11 12:02:49 ----A---- C:\WINDOWS\system32\iumcrypt.dll
2021-02-11 12:02:47 ----A---- C:\WINDOWS\system32\shell32.dll
2021-02-11 12:02:46 ----A---- C:\WINDOWS\system32\Windows.FileExplorer.Common.dll
2021-02-11 12:02:46 ----A---- C:\WINDOWS\system32\ntshrui.dll
2021-02-11 12:02:46 ----A---- C:\WINDOWS\system32\ExplorerFrame.dll
2021-02-11 12:02:45 ----A---- C:\WINDOWS\system32\vbscript.dll
2021-02-11 12:02:45 ----A---- C:\WINDOWS\system32\umpoext.dll
2021-02-11 12:02:45 ----A---- C:\WINDOWS\system32\PrintWorkflowService.dll
2021-02-11 12:02:45 ----A---- C:\WINDOWS\system32\comdlg32.dll
2021-02-11 12:02:44 ----A---- C:\WINDOWS\system32\SettingsHandlers_nt.dll
2021-02-11 12:02:44 ----A---- C:\WINDOWS\system32\nlasvc.dll
2021-02-11 12:02:44 ----A---- C:\WINDOWS\system32\nlaapi.dll
2021-02-11 12:02:44 ----A---- C:\WINDOWS\system32\ncsi.dll
2021-02-11 12:02:42 ----A---- C:\WINDOWS\system32\ubpm.dll
2021-02-11 12:02:42 ----A---- C:\WINDOWS\system32\sppobjs.dll
2021-02-11 12:02:42 ----A---- C:\WINDOWS\system32\sppcext.dll
2021-02-11 12:02:42 ----A---- C:\WINDOWS\system32\LicensingDiagSpp.dll
2021-02-11 12:02:41 ----A---- C:\WINDOWS\system32\sppsvc.exe
2021-02-11 12:02:40 ----A---- C:\WINDOWS\system32\msIso.dll
2021-02-11 12:02:40 ----A---- C:\WINDOWS\system32\iertutil.dll
2021-02-11 12:02:40 ----A---- C:\WINDOWS\system32\edgeIso.dll
2021-02-11 12:02:39 ----A---- C:\WINDOWS\system32\urlmon.dll
2021-02-11 12:02:39 ----A---- C:\WINDOWS\system32\profsvcext.dll
2021-02-11 12:02:39 ----A---- C:\WINDOWS\system32\GdiPlus.dll
2021-02-11 12:02:39 ----A---- C:\WINDOWS\system32\efsext.dll
2021-02-11 12:02:39 ----A---- C:\WINDOWS\system32\edptask.dll
2021-02-11 12:02:39 ----A---- C:\WINDOWS\system32\actxprxy.dll
2021-02-11 12:02:38 ----A---- C:\WINDOWS\system32\Windows.Internal.Management.dll
2021-02-11 12:02:38 ----A---- C:\WINDOWS\system32\tdh.dll
2021-02-11 12:02:38 ----A---- C:\WINDOWS\system32\mdmmigrator.dll
2021-02-11 12:02:38 ----A---- C:\WINDOWS\system32\MdmDiagnostics.dll
2021-02-11 12:02:38 ----A---- C:\WINDOWS\system32\enrollmentapi.dll
2021-02-11 12:02:38 ----A---- C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2021-02-11 12:02:38 ----A---- C:\WINDOWS\system32\BitLockerCsp.dll
2021-02-11 12:02:37 ----A---- C:\WINDOWS\system32\omadmclient.exe
2021-02-11 12:02:37 ----A---- C:\WINDOWS\system32\mdmpostprocessevaluator.dll
2021-02-11 12:02:37 ----A---- C:\WINDOWS\system32\mdmlocalmanagement.dll
2021-02-11 12:02:37 ----A---- C:\WINDOWS\system32\enterprisecsps.dll
2021-02-11 12:02:37 ----A---- C:\WINDOWS\system32\dmenterprisediagnostics.dll
2021-02-11 12:02:37 ----A---- C:\WINDOWS\system32\dmenrollengine.dll
2021-02-11 12:02:36 ----A---- C:\WINDOWS\system32\wuuhext.dll
2021-02-11 12:02:36 ----A---- C:\WINDOWS\system32\DMPushRouterCore.dll
2021-02-11 12:02:36 ----A---- C:\WINDOWS\system32\dmpushproxy.dll
2021-02-11 12:02:36 ----A---- C:\WINDOWS\system32\dmcertinst.exe
2021-02-11 12:02:36 ----A---- C:\WINDOWS\system32\DMAppsRes.dll
2021-02-11 12:02:36 ----A---- C:\WINDOWS\system32\DeviceEnroller.exe
2021-02-11 12:02:36 ----A---- C:\WINDOWS\system32\coredpus.dll
2021-02-11 12:02:36 ----A---- C:\WINDOWS\system32\configmanager2.dll
2021-02-11 12:02:35 ----A---- C:\WINDOWS\system32\usermgr.dll
2021-02-11 12:02:35 ----A---- C:\WINDOWS\system32\msctf.dll
2021-02-11 12:02:35 ----A---- C:\WINDOWS\system32\lpk.dll
2021-02-11 12:02:35 ----A---- C:\WINDOWS\system32\fontsub.dll
2021-02-11 12:02:35 ----A---- C:\WINDOWS\system32\fontdrvhost.exe
2021-02-11 12:02:34 ----A---- C:\WINDOWS\SYSWOW64\KernelBase.dll
2021-02-11 12:02:34 ----A---- C:\WINDOWS\system32\netlogon.dll
2021-02-11 12:02:34 ----A---- C:\WINDOWS\system32\dciman32.dll
2021-02-11 12:02:33 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2021-02-11 12:02:33 ----A---- C:\WINDOWS\system32\drivers\NetAdapterCx.sys
2021-02-11 12:02:33 ----A---- C:\WINDOWS\system32\drivers\FWPKCLNT.SYS
2021-02-11 12:02:32 ----A---- C:\WINDOWS\system32\sechost.dll
2021-02-11 12:02:32 ----A---- C:\WINDOWS\system32\KernelBase.dll
2021-02-11 12:02:32 ----A---- C:\WINDOWS\system32\drivers\partmgr.sys
2021-02-11 12:02:30 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2021-02-11 12:02:29 ----A---- C:\WINDOWS\system32\WerEnc.dll
2021-02-11 12:02:29 ----A---- C:\WINDOWS\system32\ntdll.dll
2021-02-11 12:02:29 ----A---- C:\WINDOWS\system32\Faultrep.dll
2021-02-11 12:02:29 ----A---- C:\WINDOWS\system32\drivers\ntfs.sys
2021-02-11 12:02:29 ----A---- C:\WINDOWS\system32\drivers\Classpnp.sys
2021-02-11 12:02:29 ----A---- C:\WINDOWS\system32\dbgcore.dll
2021-02-11 12:02:28 ----A---- C:\WINDOWS\system32\WerFaultSecure.exe
2021-02-11 12:02:28 ----A---- C:\WINDOWS\system32\WerFault.exe
2021-02-11 12:02:28 ----A---- C:\WINDOWS\system32\utcutil.dll
2021-02-11 12:02:28 ----A---- C:\WINDOWS\system32\diagnosticdataquery.dll
2021-02-11 12:02:28 ----A---- C:\WINDOWS\system32\dbghelp.dll
2021-02-11 12:02:27 ----A---- C:\WINDOWS\system32\offlinelsa.dll
2021-02-11 12:02:27 ----A---- C:\WINDOWS\system32\diagtrack.dll
2021-02-11 12:02:07 ----A---- C:\WINDOWS\system32\schannel.dll
2021-02-11 12:02:07 ----A---- C:\WINDOWS\system32\oleaut32.dll
2021-02-11 12:02:07 ----A---- C:\WINDOWS\system32\lsasrv.dll
2021-02-11 12:02:07 ----A---- C:\WINDOWS\system32\drivers\ksecpkg.sys
2021-02-11 12:02:07 ----A---- C:\WINDOWS\system32\drivers\http.sys
2021-02-11 12:02:06 ----A---- C:\WINDOWS\system32\tzres.dll
2021-02-11 12:02:06 ----A---- C:\WINDOWS\system32\rpcss.dll
2021-02-11 12:02:06 ----A---- C:\WINDOWS\system32\profsvc.dll
2021-02-11 12:02:06 ----A---- C:\WINDOWS\system32\msv1_0.dll
2021-02-11 12:02:06 ----A---- C:\WINDOWS\system32\crypt32.dll
2021-02-11 12:02:05 ----A---- C:\WINDOWS\system32\ucrtbase.dll
2021-02-11 12:02:05 ----A---- C:\WINDOWS\system32\SecurityHealthService.exe
2021-02-11 12:02:05 ----A---- C:\WINDOWS\system32\SecurityHealthProxyStub.dll
2021-02-11 12:02:05 ----A---- C:\WINDOWS\system32\SecurityHealthHost.exe
2021-02-11 12:02:05 ----A---- C:\WINDOWS\system32\SecurityHealthAgent.dll
2021-02-11 12:02:05 ----A---- C:\WINDOWS\system32\msvcp_win.dll
2021-02-11 12:02:04 ----A---- C:\WINDOWS\system32\zipfldr.dll
2021-02-11 12:02:04 ----A---- C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2021-02-11 12:02:03 ----A---- C:\WINDOWS\system32\dwmcore.dll
2021-02-11 12:02:03 ----A---- C:\WINDOWS\system32\drivers\cldflt.sys
2021-02-11 12:02:02 ----A---- C:\WINDOWS\system32\CaptureService.dll
2021-02-11 12:02:02 ----A---- C:\WINDOWS\system32\autochk.exe
2021-02-11 12:02:01 ----A---- C:\WINDOWS\system32\Utilman.exe
2021-02-11 12:02:01 ----A---- C:\WINDOWS\system32\Narrator.exe
2021-02-11 12:02:01 ----A---- C:\WINDOWS\system32\drivers\refs.sys
2021-02-11 12:02:01 ----A---- C:\WINDOWS\system32\AtBroker.exe
2021-02-11 12:02:01 ----A---- C:\WINDOWS\system32\adsldpc.dll
2021-02-11 12:02:01 ----A---- C:\WINDOWS\system32\accessibilitycpl.dll
2021-02-11 12:02:00 ----A---- C:\WINDOWS\system32\Windows.SharedPC.AccountManager.dll
2021-02-11 12:02:00 ----A---- C:\WINDOWS\system32\DevicesFlowBroker.dll
2021-02-11 12:01:59 ----A---- C:\WINDOWS\system32\CustomInstallExec.exe
2021-02-11 12:01:59 ----A---- C:\WINDOWS\system32\ApplyTrustOffline.exe
2021-02-11 12:01:58 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2021-02-11 12:01:58 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2021-02-11 12:01:58 ----A---- C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2021-02-11 12:01:57 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2021-02-11 12:01:55 ----A---- C:\WINDOWS\system32\wuuhosdeployment.dll
2021-02-11 12:01:55 ----A---- C:\WINDOWS\system32\twinui.pcshell.dll
2021-02-11 12:01:55 ----A---- C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2021-02-11 12:01:55 ----A---- C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2021-02-11 12:01:55 ----A---- C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2021-02-11 12:01:54 ----A---- C:\WINDOWS\system32\wups2.dll
2021-02-11 12:01:54 ----A---- C:\WINDOWS\system32\wuaueng.dll
2021-02-11 12:01:54 ----A---- C:\WINDOWS\system32\wuauclt.exe
2021-02-11 12:01:54 ----A---- C:\WINDOWS\system32\UpdateDeploymentProvider.dll
2021-02-11 12:01:53 ----A---- C:\WINDOWS\system32\wups.dll
2021-02-11 12:01:53 ----A---- C:\WINDOWS\system32\wuapi.dll
2021-02-11 12:01:53 ----A---- C:\WINDOWS\system32\UpdateAgent.dll
2021-02-11 12:01:53 ----A---- C:\WINDOWS\system32\musdialoghandlers.dll
2021-02-11 12:01:52 ----A---- C:\WINDOWS\system32\MusUpdateHandlers.dll
2021-02-11 12:01:52 ----A---- C:\WINDOWS\system32\MusNotifyIcon.exe
2021-02-11 12:01:52 ----A---- C:\WINDOWS\system32\MusNotificationUx.exe
2021-02-11 12:01:52 ----A---- C:\WINDOWS\system32\MusNotification.exe
2021-02-11 12:01:51 ----A---- C:\WINDOWS\system32\Windows.Media.Speech.UXRes.dll
2021-02-11 12:01:51 ----A---- C:\WINDOWS\system32\Windows.Media.Speech.dll
2021-02-11 12:01:51 ----A---- C:\WINDOWS\system32\usosvc.dll
2021-02-11 12:01:51 ----A---- C:\WINDOWS\system32\usocoreworker.exe
2021-02-11 12:01:51 ----A---- C:\WINDOWS\system32\MoUsoCoreWorker.exe
2021-02-11 12:01:50 ----A---- C:\WINDOWS\system32\SettingsHandlers_SpeechPrivacy.dll
2021-02-11 12:01:50 ----A---- C:\WINDOWS\system32\SettingsHandlers_InkingTypingPrivacy.dll
2021-02-11 12:01:49 ----A---- C:\WINDOWS\system32\wevtsvc.dll
2021-02-11 12:01:49 ----A---- C:\WINDOWS\system32\untfs.dll
2021-02-11 12:01:49 ----A---- C:\WINDOWS\system32\mdmregistration.dll
2021-02-11 12:01:49 ----A---- C:\WINDOWS\system32\drivers\ufx01000.sys
2021-02-11 12:01:48 ----A---- C:\WINDOWS\system32\wcimage.dll
2021-02-11 12:01:48 ----A---- C:\WINDOWS\system32\ulib.dll
2021-02-11 12:01:48 ----A---- C:\WINDOWS\system32\MdmDiagnosticsTool.exe
2021-02-11 12:01:48 ----A---- C:\WINDOWS\system32\ifsutil.dll
2021-02-11 12:01:48 ----A---- C:\WINDOWS\system32\drivers\condrv.sys
2021-02-11 12:01:48 ----A---- C:\WINDOWS\system32\drivers\bindflt.sys
2021-02-11 12:01:48 ----A---- C:\WINDOWS\system32\containerdevicemanagement.dll
2021-02-11 12:01:48 ----A---- C:\WINDOWS\system32\container.dll
2021-02-11 12:01:47 ----A---- C:\WINDOWS\system32\win32kfull.sys
2021-02-11 12:01:47 ----A---- C:\WINDOWS\system32\daxexec.dll
2021-02-11 12:01:46 ----A---- C:\WINDOWS\system32\wpnprv.dll
2021-02-11 12:01:46 ----A---- C:\WINDOWS\system32\wpncore.dll
2021-02-11 12:01:46 ----A---- C:\WINDOWS\system32\Windows.Devices.Lights.dll
2021-02-11 12:01:46 ----A---- C:\WINDOWS\system32\win32u.dll
2021-02-11 12:01:46 ----A---- C:\WINDOWS\system32\win32k.sys
2021-02-11 12:01:46 ----A---- C:\WINDOWS\system32\FWPUCLNT.DLL
2021-02-11 12:01:46 ----A---- C:\WINDOWS\system32\drivers\wfplwfs.sys
2021-02-11 12:01:45 ----A---- C:\WINDOWS\system32\kerberos.dll
2021-02-11 12:01:45 ----A---- C:\WINDOWS\system32\IKEEXT.DLL
2021-02-11 12:01:45 ----A---- C:\WINDOWS\system32\BFE.DLL
2021-02-11 12:01:43 ----A---- C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll
2021-02-11 12:01:43 ----A---- C:\WINDOWS\system32\Windows.StateRepositoryCore.dll
2021-02-11 12:01:43 ----A---- C:\WINDOWS\system32\StateRepository.Core.dll
2021-02-11 12:01:43 ----A---- C:\WINDOWS\system32\KerbClientShared.dll
2021-02-11 12:01:42 ----A---- C:\WINDOWS\system32\Windows.StateRepositoryPS.dll
2021-02-11 12:01:42 ----A---- C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2021-02-11 12:01:42 ----A---- C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2021-02-11 12:01:42 ----A---- C:\WINDOWS\system32\Windows.StateRepository.dll
2021-02-11 12:01:41 ----A---- C:\WINDOWS\system32\wintrust.dll
2021-02-11 12:01:41 ----A---- C:\WINDOWS\system32\AppXDeploymentClient.dll
2021-02-11 12:01:40 ----A---- C:\WINDOWS\system32\windows.storage.dll
2021-02-11 12:01:39 ----A---- C:\WINDOWS\system32\WWAHost.exe
2021-02-11 12:01:39 ----A---- C:\WINDOWS\system32\storewuauth.dll
2021-02-11 12:01:39 ----A---- C:\WINDOWS\system32\InstallService.dll
2021-02-11 12:01:39 ----A---- C:\WINDOWS\system32\esent.dll
2021-02-11 12:01:38 ----A---- C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2021-02-11 12:01:38 ----A---- C:\WINDOWS\system32\tsf3gip.dll
2021-02-11 12:01:38 ----A---- C:\WINDOWS\system32\TextInputFramework.dll
2021-02-11 12:01:38 ----A---- C:\WINDOWS\system32\ISM.dll
2021-02-11 12:01:38 ----A---- C:\WINDOWS\system32\InputLocaleManager.dll
2021-02-11 12:01:37 ----A---- C:\WINDOWS\system32\WordBreakers.dll
2021-02-11 12:01:37 ----A---- C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2021-02-11 12:01:37 ----A---- C:\WINDOWS\system32\InputService.dll
2021-02-11 12:01:37 ----A---- C:\WINDOWS\system32\EditBufferTestHook.dll
2021-02-11 12:01:36 ----A---- C:\WINDOWS\system32\tquery.dll
2021-02-11 12:01:36 ----A---- C:\WINDOWS\system32\mssrch.dll
2021-02-11 12:01:19 ----A---- C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2021-02-11 12:01:19 ----A---- C:\WINDOWS\system32\mssvp.dll
2021-02-11 12:01:19 ----A---- C:\WINDOWS\system32\mssprxy.dll
2021-02-11 12:01:18 ----A---- C:\WINDOWS\system32\SearchProtocolHost.exe
2021-02-11 12:01:18 ----A---- C:\WINDOWS\system32\SearchIndexer.exe
2021-02-11 12:01:18 ----A---- C:\WINDOWS\system32\SearchFilterHost.exe
2021-02-11 12:01:18 ----A---- C:\WINDOWS\system32\mssph.dll
2021-02-11 12:01:18 ----A---- C:\WINDOWS\system32\mssitlb.dll
2021-02-11 12:01:18 ----A---- C:\WINDOWS\system32\msscntrs.dll
2021-02-11 12:01:17 ----A---- C:\WINDOWS\system32\FntCache.dll
2021-02-11 12:01:17 ----A---- C:\WINDOWS\system32\DWrite.dll
2021-02-11 12:01:15 ----A---- C:\WINDOWS\system32\EdgeContent.dll
2021-02-11 12:01:15 ----A---- C:\WINDOWS\system32\drivers\dxgmms2.sys
2021-02-11 12:01:15 ----A---- C:\WINDOWS\system32\drivers\dxgmms1.sys
2021-02-11 12:01:15 ----A---- C:\WINDOWS\system32\cdd.dll
2021-02-11 12:01:15 ----A---- C:\WINDOWS\system32\bisrv.dll
2021-02-11 12:01:14 ----A---- C:\WINDOWS\system32\drivers\dxgkrnl.sys
2021-02-11 12:01:14 ----A---- C:\WINDOWS\system32\D3D12Core.dll
2021-02-11 12:01:14 ----A---- C:\WINDOWS\system32\D3D12.dll
2021-02-11 12:01:13 ----A---- C:\WINDOWS\system32\oemlicense.dll
2021-02-11 12:01:13 ----A---- C:\WINDOWS\system32\licensingdiag.exe
2021-02-11 12:01:13 ----A---- C:\WINDOWS\system32\clipwinrt.dll
2021-02-11 12:01:13 ----A---- C:\WINDOWS\system32\ClipSVC.dll
2021-02-11 12:01:13 ----A---- C:\WINDOWS\system32\Clipc.dll
2021-02-11 12:01:12 ----A---- C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2021-02-11 12:01:12 ----A---- C:\WINDOWS\system32\DiagnosticInvoker.dll
2021-02-11 12:01:12 ----A---- C:\WINDOWS\system32\appinfo.dll
2021-02-11 12:01:12 ----A---- C:\WINDOWS\system32\ActivationManager.dll
2021-02-11 12:01:11 ----A---- C:\WINDOWS\system32\UIAutomationCore.dll
2021-02-11 12:01:11 ----A---- C:\WINDOWS\system32\TokenBroker.dll
2021-02-11 12:01:11 ----A---- C:\WINDOWS\system32\GameInput.dll
2021-02-11 12:01:11 ----A---- C:\WINDOWS\system32\cloudAP.dll
2021-02-11 12:01:10 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.Phone.dll
2021-02-11 12:01:10 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.Maps.dll
2021-02-11 12:01:10 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.InkControls.dll
2021-02-11 12:01:10 ----A---- C:\WINDOWS\system32\Windows.System.Launcher.dll
2021-02-11 12:01:09 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.Controls.dll
2021-02-11 12:01:09 ----A---- C:\WINDOWS\system32\twinui.appcore.dll
2021-02-11 12:01:08 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.Resources.Common.dll
2021-02-11 12:01:08 ----A---- C:\WINDOWS\system32\msftedit.dll
2021-02-11 12:01:06 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll
2021-02-11 12:01:05 ----A---- C:\WINDOWS\system32\Windows.Data.Pdf.dll
2021-02-11 12:01:05 ----A---- C:\WINDOWS\system32\cdpusersvc.dll
2021-02-11 12:01:05 ----A---- C:\WINDOWS\system32\cdpsvc.dll
2021-02-11 12:01:04 ----A---- C:\WINDOWS\system32\ShareHost.dll
2021-02-11 12:01:04 ----A---- C:\WINDOWS\system32\kernel32.dll
2021-02-11 12:01:04 ----A---- C:\WINDOWS\system32\cdprt.dll
2021-02-11 12:01:03 ----A---- C:\WINDOWS\system32\StartTileData.dll
2021-02-11 12:01:03 ----A---- C:\WINDOWS\system32\drivers\WdiWiFi.sys
2021-02-11 12:01:03 ----A---- C:\WINDOWS\system32\drivers\nwifi.sys
2021-02-11 12:01:03 ----A---- C:\WINDOWS\system32\CredentialEnrollmentManager.exe
2021-02-11 12:01:02 ----A---- C:\WINDOWS\system32\WiredNetworkCSP.dll
2021-02-11 12:01:02 ----A---- C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2021-02-11 12:01:02 ----A---- C:\WINDOWS\system32\SettingsHandlers_InputPersonalization.dll
2021-02-11 12:01:02 ----A---- C:\WINDOWS\system32\PCPKsp.dll
2021-02-11 12:01:02 ----A---- C:\WINDOWS\system32\localspl.dll
2021-02-11 12:01:02 ----A---- C:\WINDOWS\system32\FaxPrinterInstaller.dll
2021-02-11 12:01:02 ----A---- C:\WINDOWS\system32\dot3svc.dll
2021-02-11 12:01:02 ----A---- C:\WINDOWS\system32\dot3msm.dll
2021-02-11 12:01:02 ----A---- C:\WINDOWS\system32\dot3api.dll
2021-02-11 12:01:01 ----A---- C:\WINDOWS\system32\WpcMon.exe
2021-02-11 12:01:01 ----A---- C:\WINDOWS\system32\WpcDesktopMonSvc.dll
2021-02-11 12:01:01 ----A---- C:\WINDOWS\system32\MDMAgent.exe
2021-02-11 12:01:01 ----A---- C:\WINDOWS\system32\drivers\storport.sys
2021-02-11 12:01:00 ----A---- C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2021-02-11 12:01:00 ----A---- C:\WINDOWS\system32\AudioSrvPolicyManager.dll
2021-02-11 12:01:00 ----A---- C:\WINDOWS\system32\AudioSes.dll
2021-02-11 12:01:00 ----A---- C:\WINDOWS\system32\audioresourceregistrar.dll
2021-02-11 12:01:00 ----A---- C:\WINDOWS\system32\AUDIOKSE.dll
2021-02-11 12:01:00 ----A---- C:\WINDOWS\system32\AudioEndpointBuilder.dll
2021-02-11 12:01:00 ----A---- C:\WINDOWS\system32\audiodg.exe
2021-02-11 12:00:59 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.ConversationalAgent.dll
2021-02-11 12:00:59 ----A---- C:\WINDOWS\system32\vac.dll
2021-02-11 12:00:59 ----A---- C:\WINDOWS\system32\SpatialAudioLicenseSrv.exe
2021-02-11 12:00:59 ----A---- C:\WINDOWS\system32\remoteaudioendpoint.dll
2021-02-11 12:00:59 ----A---- C:\WINDOWS\system32\MMDevAPI.dll
2021-02-11 12:00:59 ----A---- C:\WINDOWS\system32\audiosrv.dll
2021-02-11 12:00:59 ----A---- C:\WINDOWS\system32\AudioEng.dll
2021-02-11 12:00:58 ----A---- C:\WINDOWS\system32\agentactivationruntimewindows.dll
2021-02-11 12:00:58 ----A---- C:\WINDOWS\system32\agentactivationruntime.dll
2021-02-11 12:00:58 ----A---- C:\WINDOWS\system32\AarSvc.dll
2021-02-11 12:00:57 ----A---- C:\WINDOWS\system32\XblAuthManager.dll
2021-02-11 12:00:57 ----A---- C:\WINDOWS\system32\TaskFlowDataEngine.dll
2021-02-11 12:00:56 ----A---- C:\WINDOWS\system32\xboxgipsvc.dll
2021-02-11 12:00:56 ----A---- C:\WINDOWS\system32\XblGameSave.dll
2021-02-11 12:00:56 ----A---- C:\WINDOWS\system32\umpo.dll
2021-02-11 12:00:56 ----A---- C:\WINDOWS\system32\drivers\storufs.sys
2021-02-11 12:00:56 ----A---- C:\WINDOWS\system32\drivers\sdbus.sys
2021-02-11 12:00:56 ----A---- C:\WINDOWS\system32\drivers\dumpsd.sys
2021-02-11 12:00:55 ----A---- C:\WINDOWS\system32\iscsilog.dll
2021-02-11 12:00:55 ----A---- C:\WINDOWS\system32\drivers\USBAUDIO.sys
2021-02-11 12:00:55 ----A---- C:\WINDOWS\system32\drivers\stornvme.sys
2021-02-11 12:00:55 ----A---- C:\WINDOWS\system32\drivers\msiscsi.sys
2021-02-11 12:00:55 ----A---- C:\WINDOWS\system32\drivers\disk.sys
2021-02-11 08:34:49 ----SH---- C:\bootTel.dat
======List of files/folders modified in the last 1 month======
2021-03-05 15:23:28 ----D---- C:\Program Files\trend micro
2021-03-05 15:23:23 ----D---- C:\WINDOWS\Temp
2021-03-05 15:21:42 ----D---- C:\WINDOWS\system32\sru
2021-03-05 15:21:32 ----D---- C:\WINDOWS\Prefetch
2021-03-05 15:21:30 ----D---- C:\ProgramData\Mozilla
2021-03-05 15:19:41 ----D---- C:\WINDOWS\system32\SleepStudy
2021-03-05 15:13:30 ----D---- C:\Users\bek69\AppData\Roaming\WhatsApp
2021-03-05 14:54:33 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2021-03-05 14:49:51 ----SHD---- C:\System Volume Information
2021-03-05 14:34:29 ----D---- C:\ProgramData\AVAST Software
2021-03-05 14:32:50 ----D---- C:\WINDOWS\AppReadiness
2021-03-05 14:32:15 ----D---- C:\Program Files\CCleaner
2021-03-05 14:24:40 ----D---- C:\WINDOWS\ServiceState
2021-03-05 14:20:07 ----ASH---- C:\DumpStack.log.tmp
2021-03-05 14:18:36 ----D---- C:\WINDOWS\system32\catroot2
2021-03-04 17:07:29 ----RD---- C:\WINDOWS\Microsoft.NET
2021-03-04 12:57:05 ----SHD---- C:\WINDOWS\Installer
2021-03-04 12:52:50 ----D---- C:\Program Files\Microsoft Office
2021-03-01 16:43:41 ----D---- C:\WINDOWS\System32
2021-03-01 16:43:41 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2021-03-01 16:43:40 ----D---- C:\WINDOWS\INF
2021-03-01 14:55:20 ----D---- C:\WINDOWS\LiveKernelReports
2021-02-28 12:46:21 ----D---- C:\ProgramData\ProductData
2021-02-27 12:45:46 ----D---- C:\WINDOWS\system32\config
2021-02-24 18:39:33 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2021-02-24 18:39:07 ----D---- C:\WINDOWS\system32\drivers
2021-02-24 14:23:16 ----D---- C:\WINDOWS\system32\Tasks
2021-02-24 14:23:12 ----RD---- C:\Program Files (x86)
2021-02-24 08:12:53 ----HD---- C:\WINDOWS\ELAMBKUP
2021-02-21 11:23:46 ----D---- C:\WINDOWS\Logs
2021-02-20 08:35:28 ----RD---- C:\Program Files
2021-02-17 08:06:05 ----D---- C:\WINDOWS\SysWOW64
2021-02-16 08:50:17 ----HD---- C:\ProgramData
2021-02-12 15:52:43 ----D---- C:\WINDOWS\WinSxS
2021-02-11 21:57:11 ----D---- C:\ProgramData\Microsoft Help
2021-02-11 19:42:32 ----D---- C:\WINDOWS\system32\DriverStore
2021-02-11 19:37:20 ----D---- C:\WINDOWS\SYSWOW64\migration
2021-02-11 19:37:20 ----D---- C:\WINDOWS\SYSWOW64\Keywords
2021-02-11 19:37:19 ----D---- C:\WINDOWS\SYSWOW64\en-US
2021-02-11 19:37:19 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2021-02-11 19:37:14 ----D---- C:\WINDOWS\SystemResources
2021-02-11 19:37:14 ----D---- C:\WINDOWS\system32\zh-TW
2021-02-11 19:37:14 ----D---- C:\WINDOWS\system32\zh-CN
2021-02-11 19:37:14 ----D---- C:\WINDOWS\system32\th-TH
2021-02-11 19:37:14 ----D---- C:\WINDOWS\system32\sv-SE
2021-02-11 19:37:13 ----D---- C:\WINDOWS\system32\ru-RU
2021-02-11 19:37:13 ----D---- C:\WINDOWS\system32\ro-RO
2021-02-11 19:37:13 ----D---- C:\WINDOWS\system32\pt-PT
2021-02-11 19:37:13 ----D---- C:\WINDOWS\system32\pt-BR
2021-02-11 19:37:13 ----D---- C:\WINDOWS\system32\pl-PL
2021-02-11 19:37:13 ----D---- C:\WINDOWS\system32\oobe
2021-02-11 19:37:13 ----D---- C:\WINDOWS\system32\nl-NL
2021-02-11 19:37:13 ----D---- C:\WINDOWS\system32\nb-NO
2021-02-11 19:37:12 ----D---- C:\WINDOWS\system32\migration
2021-02-11 19:37:12 ----D---- C:\WINDOWS\system32\ko-KR
2021-02-11 19:37:12 ----D---- C:\WINDOWS\system32\Keywords
2021-02-11 19:37:11 ----D---- C:\WINDOWS\system32\ja-jp
2021-02-11 19:37:11 ----D---- C:\WINDOWS\system32\it-IT
2021-02-11 19:37:11 ----D---- C:\WINDOWS\system32\fr-FR
2021-02-11 19:37:11 ----D---- C:\WINDOWS\system32\fr-CA
2021-02-11 19:37:11 ----D---- C:\WINDOWS\system32\fi-FI
2021-02-11 19:37:11 ----D---- C:\WINDOWS\system32\es-MX
2021-02-11 19:37:11 ----D---- C:\WINDOWS\system32\es-ES
2021-02-11 19:37:11 ----D---- C:\WINDOWS\system32\en-US
2021-02-11 19:37:10 ----D---- C:\WINDOWS\system32\en-GB
2021-02-11 19:37:10 ----D---- C:\WINDOWS\system32\el-GR
2021-02-11 19:37:10 ----D---- C:\WINDOWS\system32\drivers\en-US
2021-02-11 19:37:10 ----D---- C:\WINDOWS\system32\drivers\cs-CZ
2021-02-11 19:37:09 ----D---- C:\WINDOWS\system32\de-DE
2021-02-11 19:37:09 ----D---- C:\WINDOWS\system32\da-DK
2021-02-11 19:37:09 ----D---- C:\WINDOWS\system32\cs-CZ
2021-02-11 19:37:09 ----D---- C:\WINDOWS\system32\ar-SA
2021-02-11 19:36:56 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2021-02-11 19:36:56 ----D---- C:\WINDOWS\servicing
2021-02-11 19:36:56 ----D---- C:\WINDOWS\PolicyDefinitions
2021-02-11 19:36:55 ----D---- C:\WINDOWS\bcastdvr
2021-02-11 19:36:55 ----D---- C:\Program Files\Windows Mail
2021-02-11 19:36:55 ----D---- C:\Program Files\Common Files\System
2021-02-11 19:36:55 ----D---- C:\Program Files (x86)\Windows Mail
2021-02-11 12:17:29 ----D---- C:\WINDOWS\CbsTemp
2021-02-11 11:20:22 ----D---- C:\WINDOWS\system32\MRT
2021-02-11 11:12:31 ----D---- C:\WINDOWS\debug
2021-02-11 11:12:18 ----AC---- C:\WINDOWS\system32\MRT.exe
2021-02-11 08:59:15 ----D---- C:\Windows
2021-02-10 09:59:42 ----A---- C:\WINDOWS\win.ini
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 amd_sata;amd_sata; C:\WINDOWS\System32\drivers\amd_sata.sys [2017-01-16 83656]
R0 amd_xata;amd_xata; C:\WINDOWS\System32\drivers\amd_xata.sys [2017-01-16 23752]
R0 amdkmpfd;@oem211.inf,%AMDKMPFD_svcdesc%;AMD PCI Root Bus Lower Filter; C:\WINDOWS\System32\drivers\amdkmpfd.sys [2015-06-04 73976]
R0 amdpsp;@oem54.inf,%amdpsp.SVCDESC%;AMD PSP Service; C:\WINDOWS\System32\drivers\amdpsp.sys [2021-02-04 146688]
R0 aswArDisk;aswArDisk; C:\WINDOWS\system32\drivers\aswArDisk.sys [2021-02-24 35648]
R0 aswbidsh;aswbidsh; C:\WINDOWS\system32\drivers\aswbidsh.sys [2021-02-24 249304]
R0 aswbuniv;aswbuniv; C:\WINDOWS\system32\drivers\aswbuniv.sys [2021-02-24 98760]
R0 aswElam;aswElam; C:\WINDOWS\system32\drivers\aswElam.sys [2020-12-21 16832]
R0 aswRvrt;aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [2021-02-24 83360]
R0 aswVmm;aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [2021-02-24 326976]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\WINDOWS\system32\drivers\iorate.sys [2019-12-07 57360]
R0 LPCFilter;@oem20.inf,%LPCFilter.SvcDesc%;LPC Lower Filter Driver; C:\WINDOWS\System32\drivers\LPCFilter.sys [2021-02-04 53144]
R1 afunix;afunix; C:\WINDOWS\system32\drivers\afunix.sys [2020-10-09 41984]
R1 aswArPot;aswArPot; C:\WINDOWS\system32\drivers\aswArPot.sys [2021-02-24 208024]
R1 aswbidsdriver;aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdriver.sys [2021-02-24 357320]
R1 aswKbd;aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [2021-02-24 41272]
R1 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2021-02-24 175248]
R1 aswNetHub;aswNetHub; C:\WINDOWS\system32\drivers\aswNetHub.sys [2021-02-24 521336]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [2021-02-24 107784]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2021-02-24 850112]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2021-02-24 465656]
R1 bam;@%SystemRoot%\system32\drivers\bam.sys,-100; C:\WINDOWS\system32\drivers\bam.sys [2019-12-07 78136]
R1 CimFS;CimFS; C:\WINDOWS\system32\drivers\CimFS.sys [2019-12-07 91136]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2019-12-07 59392]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2019-12-07 8704]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [2017-01-16 27552]
R2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [2021-02-24 215328]
R2 bindflt;@%systemroot%\system32\drivers\bindflt.sys,-100; C:\WINDOWS\system32\drivers\bindflt.sys [2021-02-11 149312]
R2 CldFlt;Windows Cloud Files Filter Driver; C:\WINDOWS\system32\drivers\cldflt.sys [2021-02-11 495104]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2020-10-09 53248]
R3 AmdAS4;@oem25.inf,%AmdAS4.SVCDESC%;AmdAS4 service; C:\WINDOWS\System32\drivers\AmdAS4.sys [2021-02-04 35848]
R3 amdkmdag;amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0320084.inf_amd64_7f3036a79bcd0f6e\atikmdag.sys [2021-02-04 40051104]
R3 amdkmdap;amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0320084.inf_amd64_7f3036a79bcd0f6e\atikmpag.sys [2021-02-04 553888]
R3 athr;@oem47.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\WINDOWS\System32\drivers\athw10x.sys [2021-02-04 4321160]
R3 AtiHDAudioService;@oem55.inf,%ATIHdAudioDriver.SvcDesc%;AMD Function Driver for HD Audio Service; C:\WINDOWS\system32\drivers\AtihdWT6.sys [2021-02-04 107936]
R3 BtFilter;BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys [2021-02-04 65904]
R3 BthA2dp;@microsoft_bluetooth_a2dp.inf,%BthA2dp.ServiceDescription%;Microsoft Bluetooth A2dp driver; C:\WINDOWS\System32\drivers\BthA2dp.sys [2020-10-09 279040]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\WINDOWS\System32\drivers\BthEnum.sys [2021-01-13 113664]
R3 BthHFAud;@microsoft_bluetooth_hfp.inf,%BTHHFAUD_DISPLAY_NAME%;Microsoft Bluetooth Hands-Free Audio driver; C:\WINDOWS\System32\drivers\BthHfAud.sys [2019-12-07 65536]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [2020-10-09 106496]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2019-12-07 133632]
R3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\drivers\BTHport.sys [2021-01-13 1559040]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\drivers\BTHUSB.sys [2021-01-13 110592]
R3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\WINDOWS\System32\drivers\CAD.sys [2019-12-07 66576]
R3 CeKbFilter;CeKbFilter; C:\WINDOWS\system32\DRIVERS\CeKbFilter.sys [2015-03-28 20312]
R3 dtlitescsibus;@oem18.inf,%DTLITESCSIBUS.DeviceDesc%;DAEMON Tools Lite Virtual SCSI Bus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [2016-04-08 30264]
R3 dtliteusbbus;@oem15.inf,%DTLITEUSBBUS.DeviceDesc%;DAEMON Tools Lite Virtual USB Bus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [2016-04-08 47672]
R3 ETD;@oem42.inf,%PS2.DeviceDesc%;ELAN Input Device; C:\WINDOWS\system32\DRIVERS\ETD.sys [2021-02-04 580696]
R3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2020-10-09 47104]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2020-05-05 6886992]
R3 Microsoft_Bluetooth_AvrcpTransport;@microsoft_bluetooth_avrcptransport.inf,%Microsoft_Bluetooth_AvrcpTransport.ServiceDescription%;Microsoft Bluetooth Avrcp Transport Driver; C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.AvrcpTransport.sys [2019-12-07 65024]
R3 MsQuic;@%SystemRoot%\system32\drivers\msquic.sys,-1; C:\WINDOWS\system32\drivers\msquic.sys [2020-10-09 322376]
R3 PGEffect;Pangu effect driver; C:\WINDOWS\system32\DRIVERS\pgeffect.sys [2011-02-08 38096]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2019-12-07 213504]
R3 RSP2STOR;@oem53.inf,%Rts5229%;Realtek PCIE CardReader Driver - P2; C:\WINDOWS\System32\drivers\RtsP2Stor.sys [2021-02-04 347736]
R3 rt640x64;@oem56.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver; C:\WINDOWS\System32\drivers\rt640x64.sys [2021-02-04 1171552]
S0 amdkmafd;@oem38.inf,%AMDKMAFD_svcdesc%;AMD Audio Bus Lower Filter; C:\WINDOWS\System32\drivers\amdkmafd.sys [2012-09-23 21160]
S0 bttflt;@virtdisk.inf,%service_desc%;Microsoft Hyper-V VHDPMEM BTT Filter; C:\WINDOWS\System32\drivers\bttflt.sys [2019-12-07 43832]
S0 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2019-12-07 319800]
S0 iaStorAVC;@iastorav.inf,%iaStorAVC.DeviceDesc%;Intel Chipset SATA RAID Controller; C:\WINDOWS\System32\drivers\iaStorAVC.sys [2019-12-07 884752]
S0 ItSas35i;ItSas35i; C:\WINDOWS\System32\drivers\ItSas35i.sys [2019-12-07 172344]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2019-12-07 124216]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2019-12-07 135992]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2019-12-07 81720]
S0 megasas35i;megasas35i; C:\WINDOWS\System32\drivers\megasas35i.sys [2019-12-07 105480]
S0 nvdimm;@nvdimm.inf,%nvdimm.SvcDesc%;Microsoft NVDIMM device driver; C:\WINDOWS\System32\drivers\nvdimm.sys [2019-12-07 168464]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2019-12-07 58680]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2019-12-07 68408]
S0 pmem;@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver; C:\WINDOWS\System32\drivers\pmem.sys [2019-12-07 138040]
S0 Ramdisk;Windows RAM Disk Driver; C:\WINDOWS\system32\DRIVERS\ramdisk.sys [2019-12-07 42296]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2019-12-07 23040]
S3 Acx01000;@%SystemRoot%\system32\drivers\Acx01000.sys,-1000; C:\WINDOWS\system32\drivers\Acx01000.sys [2019-12-07 415232]
S3 amdgpio2;@amdgpio2.inf,%GPIO.SvcDesc%;AMD GPIO Client Driver; C:\WINDOWS\System32\drivers\amdgpio2.sys [2019-12-07 18432]
S3 amdi2c;@amdi2c.inf,%amdi2c.SVCDESC%;AMD I2C Controller Service; C:\WINDOWS\System32\drivers\amdi2c.sys [2019-12-07 45568]
S3 amdkmcsp;@oem3.inf,%amdkmcsp.SVCDESC%;AMD Kernel Mode CSP Service; C:\WINDOWS\system32\DRIVERS\amdkmcsp.sys [2017-06-12 95080]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2020-10-09 18432]
S3 athrusb;Atheros Wireless LAN USB device driver; C:\WINDOWS\system32\DRIVERS\athrxusb.sys [2008-07-29 1075712]
S3 BthMini;@bth.inf,%BTHMINI.SvcDesc%;Bluetooth Radio Driver; C:\WINDOWS\System32\drivers\BTHMINI.sys [2021-01-13 45568]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2019-12-07 44032]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2018-09-06 110336]
S3 ETDSMBus;ETDSMBus; C:\WINDOWS\system32\DRIVERS\ETDSMBus.sys [2014-02-06 24904]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\DriverStore\FileRepository\genericusbfn.inf_amd64_53931f0ae21d6d2c\genericusbfn.sys [2019-12-07 23040]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2019-12-07 55824]
S3 hidspi;@hidspi_km.inf,%hidspi.SVCDESC%;Microsoft SPI HID Miniport Driver; C:\WINDOWS\System32\drivers\hidspi.sys [2019-12-07 66560]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2020-12-11 95048]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver; C:\WINDOWS\System32\Drivers\mshwnclx.sys [2019-12-07 30208]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2019-12-07 1853752]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2019-12-07 36352]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2019-12-07 91136]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2019-12-07 79360]
S3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2019-12-07 93184]
S3 iaLPSS2i_GPIO2_CNL;@iaLPSS2i_GPIO2_CNL.inf,%iaLPSS2i_GPIO2_CNL.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_CNL.sys [2019-12-07 112128]
S3 iaLPSS2i_GPIO2_GLK;@iaLPSS2i_GPIO2_GLK.inf,%iaLPSS2i_GPIO2_GLK.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_GLK.sys [2019-12-07 96256]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2019-12-07 171520]
S3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2019-12-07 175104]
S3 iaLPSS2i_I2C_CNL;@iaLPSS2i_I2C_CNL.inf,%iaLPSS2i_I2C_CNL.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_CNL.sys [2019-12-07 177152]
S3 iaLPSS2i_I2C_GLK;@iaLPSS2i_I2C_GLK.inf,%iaLPSS2i_I2C_GLK.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_GLK.sys [2019-12-07 177664]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2019-12-07 558904]
S3 intelpmax;@intelpmax.inf,%SvcDesc%;Intel(R) Dynamic Device Peak Power Manager Driver; C:\WINDOWS\System32\drivers\intelpmax.sys [2019-12-07 30720]
S3 IPT;IPT; C:\WINDOWS\System32\drivers\ipt.sys [2019-12-07 59704]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\WINDOWS\System32\drivers\mausbhost.sys [2019-12-07 537608]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\WINDOWS\System32\drivers\mausbip.sys [2019-12-07 64016]
S3 MbbCx;MBB Network Adapter Class Extension; C:\WINDOWS\system32\drivers\MbbCx.sys [2020-10-09 386048]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2019-12-07 1131320]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2019-12-07 146232]
S3 NDKPing;NDKPing Driver; C:\WINDOWS\system32\drivers\NDKPing.sys [2019-12-07 72720]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2021-02-11 207360]
S3 PktMon;Packet Monitor Driver; C:\WINDOWS\system32\drivers\PktMon.sys [2020-11-24 104760]
S3 PNPMEM;@memory.inf,%PNPMEM.SvcDesc%;Microsoft Memory Module Driver; C:\WINDOWS\System32\drivers\pnpmem.sys [2019-12-07 17408]
S3 portcfg;portcfg; C:\WINDOWS\System32\drivers\portcfg.sys [2019-12-07 27136]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2019-12-07 990008]
S3 rhproxy;@rhproxy.inf,%rhproxy.SVCDESC%;Resource Hub proxy driver; C:\WINDOWS\System32\drivers\rhproxy.sys [2019-12-07 115712]
S4 hvcrash;hvcrash; C:\WINDOWS\System32\drivers\hvcrash.sys [2019-12-07 35128]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AMD External Events Utility;AMD External Events Utility; C:\WINDOWS\System32\DriverStore\FileRepository\c0320084.inf_amd64_7f3036a79bcd0f6e\atiesrxx.exe [2021-02-04 489888]
R2 AtherosSvc;AtherosSvc; C:\WINDOWS\System32\drivers\AdminService.exe [2021-02-04 409456]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2021-02-24 621608]
R2 avast! Tools;Avast Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [2021-02-24 352480]
R2 AvastWscReporter;AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [2021-02-24 56904]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-09 57360]
R2 CDPUserSvc_c49ab;Uživatelská služba platformy připojených zařízení_c49ab; C:\WINDOWS\system32\svchost.exe [2020-10-09 57360]
R2 ClickToRunSvc;Microsoft Office Click-to-Run Service; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2021-02-24 8988552]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2020-10-09 57360]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2020-10-09 57360]
R2 DispBrokerDesktopSvc;@%SystemRoot%\system32\dispbroker.desktop.dll,-101; C:\WINDOWS\system32\svchost.exe [2020-10-09 57360]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; C:\WINDOWS\System32\svchost.exe [2020-10-09 57360]
R2 ETDService;Elan Service; C:\Program Files\Elantech\ETDService.exe [2021-02-04 144608]
R2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [2020-08-20 379736]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2020-10-09 57360]
R2 OneSyncSvc_c49ab;Hostitel synchronizace_c49ab; C:\WINDOWS\system32\svchost.exe [2020-10-09 57360]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2020-10-09 57360]
R3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [2021-03-03 8044056]
R3 BluetoothUserService_c49ab;Služba pro podporu uživatelů Bluetooth_c49ab; C:\WINDOWS\system32\svchost.exe [2020-10-09 57360]
R3 BTAGService;@%SystemRoot%\system32\BTAGService.dll,-101; C:\WINDOWS\system32\svchost.exe [2020-10-09 57360]
R3 BthAvctpSvc;@%SystemRoot%\system32\BthAvctpSvc.dll,-101; C:\WINDOWS\system32\svchost.exe [2020-10-09 57360]
R3 camsvc;@%SystemRoot%\system32\CapabilityAccessManager.dll,-1; C:\WINDOWS\system32\svchost.exe [2020-10-09 57360]
R3 cbdhsvc_c49ab;Uživatelská služba schránky_c49ab; C:\WINDOWS\system32\svchost.exe [2020-10-09 57360]
R3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-09 57360]
R3 DisplayEnhancementService;@%SystemRoot%\System32\Microsoft.Graphics.Display.DisplayEnhancementService.dll,-1000; C:\WINDOWS\system32\svchost.exe [2020-10-09 57360]
R3 InstallService;@%SystemRoot%\system32\InstallService.dll,-200; C:\WINDOWS\System32\svchost.exe [2020-10-09 57360]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2020-10-09 57360]
R3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2020-10-09 57360]
R3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-09 57360]
R3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2020-10-09 57360]
R3 PimIndexMaintenanceSvc_c49ab;Data kontaktů_c49ab; C:\WINDOWS\system32\svchost.exe [2020-10-09 57360]
R3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\WINDOWS\System32\svchost.exe [2020-10-09 57360]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-09 57360]
S2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2020-10-09 57360]
S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-02-24 154440]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2020-10-09 57360]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2020-10-09 57360]
S2 Origin Web Helper Service;Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2021-02-04 3479624]
S3 AarSvc;@%SystemRoot%\system32\AarSvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-09 57360]
S3 AarSvc_c49ab;Agent Activation Runtime_c49ab; C:\WINDOWS\system32\svchost.exe [2020-10-09 57360]
S3 AdaptiveSleepService;AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [2014-04-23 140288]
S3 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2020-11-03 170056]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2020-08-21 335416]
S3 AGMService;Adobe Genuine Monitor Service; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2020-05-05 3673680]
S3 AGSService;Adobe Genuine Software Integrity Service; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2020-05-05 3406416]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2020-10-09 57360]
S3 Apple Mobile Device Service;Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2020-09-24 96056]
S3 autotimesvc;@%SystemRoot%\System32\autotimesvc.dll,-6; C:\WINDOWS\system32\svchost.exe [2020-10-09 57360]
S3 BBSvc;BingBar Service; C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BBSvc.exe [2012-01-25 192792]
S3 BBUpdate;BBUpdate; C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\SeaPort.exe [2012-01-25 240408]
S3 BcastDVRUserService;@%SystemRoot%\system32\BcastDVRUserService.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-09 57360]
S3 BcastDVRUserService_c49ab;Uživatelská služba pro GameDVR a vysílání her_c49ab; C:\WINDOWS\system32\svchost.exe [2020-10-09 57360]
S3 BluetoothUserService;@%SystemRoot%\system32\Microsoft.Bluetooth.UserService.dll,-101; C:\WINDOWS\system32\svchost.exe [2020-10-09 57360]
S3 CaptureService;@%SystemRoot%\system32\CaptureService.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-09 57360]
S3 CaptureService_c49ab;CaptureService_c49ab; C:\WINDOWS\system32\svchost.exe [2020-10-09 57360]
S3 cbdhsvc;@%SystemRoot%\system32\cbdhsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-09 57360]
S3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2020-10-09 57360]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2019-12-03 69544]
S3 ConsentUxUserSvc;@%SystemRoot%\system32\ConsentUxClient.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-09 57360]
S3 ConsentUxUserSvc_c49ab;ConsentUX_c49ab; C:\WINDOWS\system32\svchost.exe [2020-10-09 57360]
S3 CredentialEnrollmentManagerUserSvc;@%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100; C:\WINDOWS\system32\CredentialEnrollmentManager.exe [2021-02-11 386816]
S3 CredentialEnrollmentManagerUserSvc_c49ab;CredentialEnrollmentManagerUserSvc_c49ab; C:\WINDOWS\system32\CredentialEnrollmentManager.exe [2021-02-11 386816]
S3 DeviceAssociationBrokerSvc;@%SystemRoot%\system32\deviceaccess.dll,-107; C:\WINDOWS\system32\svchost.exe [2020-10-09 57360]
S3 DeviceAssociationBrokerSvc_c49ab;DeviceAssociationBroker_c49ab; C:\WINDOWS\system32\svchost.exe [2020-10-09 57360]
S3 DevicePickerUserSvc;@%SystemRoot%\system32\Windows.Devices.Picker.dll,-1006; C:\WINDOWS\system32\svchost.exe [2020-10-09 57360]
S3 DevicePickerUserSvc_c49ab;DevicePicker_c49ab; C:\WINDOWS\system32\svchost.exe [2020-10-09 57360]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; C:\WINDOWS\system32\svchost.exe [2020-10-09 57360]
S3 DevicesFlowUserSvc_c49ab;Tok zařízení_c49ab; C:\WINDOWS\system32\svchost.exe [2020-10-09 57360]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2021-01-13 94208]
S3 diagsvc;@%systemroot%\system32\DiagSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2020-10-09 57360]
S3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [2018-01-09 3480768]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-09 57360]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2020-10-09 57360]
S3 DSDFunctionKeyCtlService;@oem213.inf,%FnKeyDisplayName%;dynabook Function Key control service; C:\WINDOWS\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_652655c5335c62da\DSDFunctionKeyCtlService.exe [2020-11-18 615768]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2020-10-09 57360]
S3 dts_apo_service;DTS APO Service; C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe [2014-03-03 21840]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\WINDOWS\System32\svchost.exe [2020-10-09 57360]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2020-10-09 57360]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2019-11-08 46184]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2020-10-09 57360]
S3 Freemake Improver;Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [2020-11-18 82216]
S3 GamesAppIntegrationService;GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [2014-04-24 227904]
S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2014-04-24 203344]
S3 GraphicsPerfSvc;@%SystemRoot%\system32\GraphicsPerfSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2020-10-09 57360]
S3 gupdatem;Google Update Service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-02-24 154440]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-09 57360]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2020-10-09 57360]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2020-11-12 672568]
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; C:\WINDOWS\System32\svchost.exe [2020-10-09 57360]
S3 LxpSvc;@%SystemRoot%\system32\LanguageOverlayServer.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-09 57360]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-09 57360]
S3 MessagingService_c49ab;Služba zasílání zpráv_c49ab; C:\WINDOWS\system32\svchost.exe [2020-10-09 57360]
S3 MixedRealityOpenXRSvc;@%SystemRoot%\system32\MixedRealityRuntime.dll,-101; C:\WINDOWS\system32\svchost.exe [2020-10-09 57360]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2021-02-24 242144]
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-09 57360]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2020-10-09 57360]
S3 Origin Client Service;Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2021-02-04 2533952]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2002-02-01 263488]
S3 perceptionsimulation;@%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101; C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe [2021-01-13 106496]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2020-10-09 57360]
S3 PrintWorkflowUserSvc;@%SystemRoot%\system32\PrintWorkflowService.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-09 57360]
S3 PrintWorkflowUserSvc_c49ab;PrintWorkflow_c49ab; C:\WINDOWS\system32\svchost.exe [2020-10-09 57360]
S3 PushToInstall;@%SystemRoot%\system32\pushtoinstall.dll,-200; C:\WINDOWS\System32\svchost.exe [2020-10-09 57360]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2020-10-09 57360]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kontrolu logu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu
Zdravím!
Dejte logy FRST+Addition: https://forum.viry.cz/viewtopic.php?f=13&t=154679 . RSIT není s desítkami plně kompatibilní. Děkuji.
Dejte logy FRST+Addition: https://forum.viry.cz/viewtopic.php?f=13&t=154679 . RSIT není s desítkami plně kompatibilní. Děkuji.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu logu
Já jsem to tady četl ,ale už jsem to zkoušel 3x a pokaždé mi to po scanu napíše že nelze najít soubor s tím logem. 
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu
Log by měl být uložen v souboru frst.txt a addition.txt ve stejném adresáři, do něhož jste uložil samotnou aplikaci FRST. Pozor však na to, aplikace jsou 2, jiná pro 32bit a jiná pro 64bit oper. systém!
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu logu
Mám 64 ale bohužel mi systém nic nenašel
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu
Já, bohužel, RSIT nemohu použít. Tím, že není plně kompatibilní, mohu při mazání poškodit systém. Zkuste spustit tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/
ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu logu
# -------------------------------
# Malwarebytes AdwCleaner 8.1.0.0
# -------------------------------
# Build: 02-15-2021
# Database: 2021-03-03.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 03-06-2021
# Duration: 00:02:35
# OS: Windows 10 Home
# Cleaned: 82
# Awaiting reboot:1
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
Deleted C:\Program Files (x86)\Common Files\IObit\Advanced SystemCare
Deleted C:\Program Files (x86)\IObit\Advanced SystemCare
Deleted C:\ProgramData\IObit\Advanced SystemCare
Deleted C:\Users\Public\Documents\Downloaded Installers
Deleted C:\Users\bek69\AppData\LocalLow\IObit\Advanced SystemCare
Deleted C:\Users\bek69\AppData\Local\slimware utilities inc
Deleted C:\Users\bek69\AppData\Roaming\DRPSu
Deleted C:\Users\bek69\AppData\Roaming\DriverAgentPlus
Deleted C:\Users\bek69\AppData\Roaming\DriverPack Notifier
Deleted C:\Users\bek69\AppData\Roaming\IObit\Advanced SystemCare
Deleted C:\Users\bek69\AppData\Roaming\Seznam.cz
Deleted C:\Users\bek69\AppData\Roaming\WinThruster
Deleted C:\Windows\Installer\{4D0A0750-B034-4DF8-97DE-26F1212AC2FF}
***** [ Files ] *****
Deleted C:\Users\bek69\AppData\Roaming\Mozilla\Firefox\Profiles\w1b22rw2.default-1489490201594-1570643153449\invalidprefs.js
Deleted C:\Windows\System32\drivers\swdumon.sys
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
Deleted C:\Windows\System32\Tasks\DRIVER BOOSTER SCHEDULER
***** [ Registry ] *****
Deleted HKCU\Software\ESUPPORT.COM\DriverAgent Plus
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|DriverAgent Plus
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|DriverAgentPlusHelper
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\drp.su
Deleted HKCU\Software\PRODUCTSETUP
Deleted HKCU\Software\Seznam.cz
Deleted HKCU\Software\drpsu
Deleted HKLM\SOFTWARE\Classes\Applications\DriverDocSetup.exe
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3581FDA5-81D7-407B-9D4C-1F51E1C796A7}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Booster Scheduler
Deleted HKLM\SYSTEM\Setup\FirstBoot\Services\SWDUMon
Deleted HKLM\Software\Common Toolkit Suite
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|ProductUpdater
Deleted HKLM\Software\Wow6432Node\IOBIT\ASC
Deleted HKLM\Software\Wow6432Node\IObit\Advanced SystemCare
Deleted HKLM\Software\Wow6432Node\IObit\RealTimeProtector
Deleted HKLM\Software\Wow6432Node\\Google\Chrome\NativeMessagingHosts\com.ascplugin.protect
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WarThunder
Deleted HKLM\Software\Wow6432Node\drpsu
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
Deleted Preinstalled.HPSupportAssistant Folder C:\Program Files (x86)\HEWLETT-PACKARD\HP CUSTOMER FEEDBACK
Deleted Preinstalled.HPSupportAssistant Folder C:\Program Files (x86)\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Deleted Preinstalled.HPSupportAssistant Folder C:\ProgramData\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Deleted Preinstalled.HPSupportAssistant Folder C:\Users\bek69\AppData\Local\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Deleted Preinstalled.HPSupportAssistant Folder C:\Users\bek69\AppData\Roaming\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Deleted Preinstalled.HPSupportAssistant Folder C:\Windows\System32\config\systemprofile\AppData\Local\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Deleted Preinstalled.LenovoPowerDVD Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}
Deleted Preinstalled.LenovoPowerDVD Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{B46BEA36-0B71-4A4E-AE41-87241643FA0A}
Deleted Preinstalled.TOSHIBAPCHealthMonitor Folder C:\ProgramData\TOSHIBA\TPHM
Deleted Preinstalled.TOSHIBAPasswordUtility Folder C:\Program Files\TOSHIBA\PASSWORDUTILITY
Deleted Preinstalled.TOSHIBASystemSettings Folder C:\Program Files (x86)\TOSHIBA\SYSTEM SETTING
Deleted Preinstalled.TOSHIBASystemSettings Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|TCrdMain
Deleted Preinstalled.TOSHIBASystemSettings Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|TSSSrv
Deleted Preinstalled.TOSHIBASystemSettings Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Run|TCrdMain
Deleted Preinstalled.TOSHIBASystemSettings Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Run|TSSSrv
Deleted Preinstalled.TOSHIBASystemSettings Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{4D57ED72-6B01-40BD-9CA9-012B8FC09CEB}
Deleted Preinstalled.TOSHIBAUtilities Folder C:\Program Files (x86)\TOSHIBA\UTILITIES
Deleted Preinstalled.TOSHIBAUtilities Folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TOSHIBA\UTILITIES
Deleted Preinstalled.TOSHIBAUtilities Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{620BBA5E-F848-4D56-8BDA-584E44584C5E}
Deleted Preinstalled.TOSHIBAUtilities Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{620BBA5E-F848-4D56-8BDA-584E44584C5E}
Deleted Preinstalled.TOSHIBAWebCameraApplication Folder C:\Program Files (x86)\TOSHIBA\TOSHIBA WEB CAMERA APPLICATION
Deleted Preinstalled.TOSHIBAWebCameraApplication Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{6F3C8901-EBD3-470D-87F8-AC210F6E5E02}
Deleted Preinstalled.TOSHIBAWebCameraApplication Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{6F3C8901-EBD3-470D-87F8-AC210F6E5E02}
Deleted Preinstalled.ToshibaWildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WildTangentGameProvider-toshiba-genres
Deleted Preinstalled.ToshibaWildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WildTangentGameProvider-toshiba-main
Deleted Preinstalled.WildTangentGamesBundle File C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WildTangent Games App - toshiba.lnk
Deleted Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES
Deleted Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\BEJEWELED 3
Deleted Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\KING ODDBALL
Deleted Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\MAGIC ACADEMY
Deleted Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\MAHJONGG ARTIFACTS
Deleted Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\PEGGLE NIGHTS
Deleted Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\PLANTS VS ZOMBIES - GAME OF THE YEAR
Deleted Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\POLAR BOWLER
Deleted Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\YOUDA JEWEL SHOP
Deleted Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDTANGENT GAMES
Deleted Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDTANGENT GAMES\APP
Deleted Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDTANGENT GAMES\TOUCHPOINTS\TOSHIBA
Deleted Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Classes\CLSID\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6}
Deleted Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Ext\Preapproved\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6}
Deleted Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WildTangent wildgames Master Uninstall
Deleted Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WildTangentGameProvider-toshiba-touch
Deleted Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App
Deleted Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-toshiba
Deleted Preinstalled.WildTangentGamesBundle Registry HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6}
Deleted Preinstalled.WildTangentGamesBundle Registry HKU\S-1-5-18\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6}
Needs Reboot Preinstalled.HPSupportAssistant Folder C:\Program Files (x86)\HEWLETT-PACKARD\HP SUPPORT SOLUTIONS
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
***** Reboot Required to Complete *****
***** [ Folders ] *****
Cleaning failed C:\Program Files (x86)\HEWLETT-PACKARD\HP SUPPORT SOLUTIONS
*************************
AdwCleaner[S00].txt - [10369 octets] - [05/03/2021 19:08:50]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
# Malwarebytes AdwCleaner 8.1.0.0
# -------------------------------
# Build: 02-15-2021
# Database: 2021-03-03.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 03-06-2021
# Duration: 00:02:35
# OS: Windows 10 Home
# Cleaned: 82
# Awaiting reboot:1
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
Deleted C:\Program Files (x86)\Common Files\IObit\Advanced SystemCare
Deleted C:\Program Files (x86)\IObit\Advanced SystemCare
Deleted C:\ProgramData\IObit\Advanced SystemCare
Deleted C:\Users\Public\Documents\Downloaded Installers
Deleted C:\Users\bek69\AppData\LocalLow\IObit\Advanced SystemCare
Deleted C:\Users\bek69\AppData\Local\slimware utilities inc
Deleted C:\Users\bek69\AppData\Roaming\DRPSu
Deleted C:\Users\bek69\AppData\Roaming\DriverAgentPlus
Deleted C:\Users\bek69\AppData\Roaming\DriverPack Notifier
Deleted C:\Users\bek69\AppData\Roaming\IObit\Advanced SystemCare
Deleted C:\Users\bek69\AppData\Roaming\Seznam.cz
Deleted C:\Users\bek69\AppData\Roaming\WinThruster
Deleted C:\Windows\Installer\{4D0A0750-B034-4DF8-97DE-26F1212AC2FF}
***** [ Files ] *****
Deleted C:\Users\bek69\AppData\Roaming\Mozilla\Firefox\Profiles\w1b22rw2.default-1489490201594-1570643153449\invalidprefs.js
Deleted C:\Windows\System32\drivers\swdumon.sys
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
Deleted C:\Windows\System32\Tasks\DRIVER BOOSTER SCHEDULER
***** [ Registry ] *****
Deleted HKCU\Software\ESUPPORT.COM\DriverAgent Plus
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|DriverAgent Plus
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|DriverAgentPlusHelper
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\drp.su
Deleted HKCU\Software\PRODUCTSETUP
Deleted HKCU\Software\Seznam.cz
Deleted HKCU\Software\drpsu
Deleted HKLM\SOFTWARE\Classes\Applications\DriverDocSetup.exe
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3581FDA5-81D7-407B-9D4C-1F51E1C796A7}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Booster Scheduler
Deleted HKLM\SYSTEM\Setup\FirstBoot\Services\SWDUMon
Deleted HKLM\Software\Common Toolkit Suite
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|ProductUpdater
Deleted HKLM\Software\Wow6432Node\IOBIT\ASC
Deleted HKLM\Software\Wow6432Node\IObit\Advanced SystemCare
Deleted HKLM\Software\Wow6432Node\IObit\RealTimeProtector
Deleted HKLM\Software\Wow6432Node\\Google\Chrome\NativeMessagingHosts\com.ascplugin.protect
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WarThunder
Deleted HKLM\Software\Wow6432Node\drpsu
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
Deleted Preinstalled.HPSupportAssistant Folder C:\Program Files (x86)\HEWLETT-PACKARD\HP CUSTOMER FEEDBACK
Deleted Preinstalled.HPSupportAssistant Folder C:\Program Files (x86)\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Deleted Preinstalled.HPSupportAssistant Folder C:\ProgramData\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Deleted Preinstalled.HPSupportAssistant Folder C:\Users\bek69\AppData\Local\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Deleted Preinstalled.HPSupportAssistant Folder C:\Users\bek69\AppData\Roaming\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Deleted Preinstalled.HPSupportAssistant Folder C:\Windows\System32\config\systemprofile\AppData\Local\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Deleted Preinstalled.LenovoPowerDVD Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}
Deleted Preinstalled.LenovoPowerDVD Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{B46BEA36-0B71-4A4E-AE41-87241643FA0A}
Deleted Preinstalled.TOSHIBAPCHealthMonitor Folder C:\ProgramData\TOSHIBA\TPHM
Deleted Preinstalled.TOSHIBAPasswordUtility Folder C:\Program Files\TOSHIBA\PASSWORDUTILITY
Deleted Preinstalled.TOSHIBASystemSettings Folder C:\Program Files (x86)\TOSHIBA\SYSTEM SETTING
Deleted Preinstalled.TOSHIBASystemSettings Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|TCrdMain
Deleted Preinstalled.TOSHIBASystemSettings Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|TSSSrv
Deleted Preinstalled.TOSHIBASystemSettings Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Run|TCrdMain
Deleted Preinstalled.TOSHIBASystemSettings Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Run|TSSSrv
Deleted Preinstalled.TOSHIBASystemSettings Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{4D57ED72-6B01-40BD-9CA9-012B8FC09CEB}
Deleted Preinstalled.TOSHIBAUtilities Folder C:\Program Files (x86)\TOSHIBA\UTILITIES
Deleted Preinstalled.TOSHIBAUtilities Folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TOSHIBA\UTILITIES
Deleted Preinstalled.TOSHIBAUtilities Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{620BBA5E-F848-4D56-8BDA-584E44584C5E}
Deleted Preinstalled.TOSHIBAUtilities Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{620BBA5E-F848-4D56-8BDA-584E44584C5E}
Deleted Preinstalled.TOSHIBAWebCameraApplication Folder C:\Program Files (x86)\TOSHIBA\TOSHIBA WEB CAMERA APPLICATION
Deleted Preinstalled.TOSHIBAWebCameraApplication Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{6F3C8901-EBD3-470D-87F8-AC210F6E5E02}
Deleted Preinstalled.TOSHIBAWebCameraApplication Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{6F3C8901-EBD3-470D-87F8-AC210F6E5E02}
Deleted Preinstalled.ToshibaWildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WildTangentGameProvider-toshiba-genres
Deleted Preinstalled.ToshibaWildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WildTangentGameProvider-toshiba-main
Deleted Preinstalled.WildTangentGamesBundle File C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WildTangent Games App - toshiba.lnk
Deleted Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES
Deleted Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\BEJEWELED 3
Deleted Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\KING ODDBALL
Deleted Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\MAGIC ACADEMY
Deleted Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\MAHJONGG ARTIFACTS
Deleted Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\PEGGLE NIGHTS
Deleted Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\PLANTS VS ZOMBIES - GAME OF THE YEAR
Deleted Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\POLAR BOWLER
Deleted Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\YOUDA JEWEL SHOP
Deleted Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDTANGENT GAMES
Deleted Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDTANGENT GAMES\APP
Deleted Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDTANGENT GAMES\TOUCHPOINTS\TOSHIBA
Deleted Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Classes\CLSID\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6}
Deleted Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Ext\Preapproved\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6}
Deleted Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WildTangent wildgames Master Uninstall
Deleted Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WildTangentGameProvider-toshiba-touch
Deleted Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App
Deleted Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-toshiba
Deleted Preinstalled.WildTangentGamesBundle Registry HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6}
Deleted Preinstalled.WildTangentGamesBundle Registry HKU\S-1-5-18\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6}
Needs Reboot Preinstalled.HPSupportAssistant Folder C:\Program Files (x86)\HEWLETT-PACKARD\HP SUPPORT SOLUTIONS
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
***** Reboot Required to Complete *****
***** [ Folders ] *****
Cleaning failed C:\Program Files (x86)\HEWLETT-PACKARD\HP SUPPORT SOLUTIONS
*************************
AdwCleaner[S00].txt - [10369 octets] - [05/03/2021 19:08:50]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu
OK. Teď spusťte tuto utilitu: http://www.viry.cz/forum/viewtopic.php?f=29&t=58179 . Utilitu stáhněte, spusťte, nechte pracovat a po skončení akce smažte vše, co najde. V odkazu je popis starší verze, který nesouhlasí s tou stávající.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu logu
Hotovo.Utilita nic nenašla...
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu
OK. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu logu
Pořád trvá načítání stránek i aplikací strašně dlouho
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu
1. Vyčistěte systém CCleanerem: https://www.slunecnice.cz/sw/ccleaner/ .
2. Zkuste defragmentovat disk.
2. Zkuste defragmentovat disk.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu logu
To jsem udělal už před tím než jsem vám psal.Mám to udělat znovu?
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o kontrolu logu
Pokud jste provedl obojí, nemusíte. Ještě je možné defragmentovat registry: https://www.stahuj.cz/utility_a_ostatni ... ry-defrag/ .
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o kontrolu logu
Zkusil jsem to ale po spusteni mi vyskocilo okno - Systém Windows nemá přístup k určenému zařízení cestě nebo souburu.K přístupu k položce pravděpodobně nemátepatřičná oprávnění...
Přispějete na provoz fóra?