prosim o kontrolu,Spomaleny PC

[Roninus]

Logfile of random's system information tool 1.10 (written by random/random)
Run by ronin at 2020-12-10 19:03:24
Microsoft Windows 10 Pro
System drive C: has 19 GB (9%) free of 226 GB
Total RAM: 4009 MB (45% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:03:36, on 10. 12. 2020
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.19041.0001)
Boot mode: Normal

Running processes:
C:\Program Files\trend micro\ronin.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: IEToEdge BHO - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\87.0.664.57\BHO\ie_to_edge_bho.dll
O4 - HKLM\..\Run: [QLBController] C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe /start
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [Adobe Creative Cloud] "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
O4 - HKLM\..\Run: [IJNetworkScannerSelectorEX] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE
O4 - HKCU\..\Run: [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [Zoner Photo Studio Autoupdate] "C:\Program Files\Zoner\Photo Studio 19\Program32\ZPSTRAY.EXE"
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - Startup: EOS Utility.lnk = C:\Program Files (x86)\Canon\EOS Utility\EOS Utility.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Inc. - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: AdobeUpdateService - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
O23 - Service: Adobe Genuine Monitor Service (AGMService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
O23 - Service: Adobe Genuine Software Integrity Service (AGSService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: @oem1.inf,%BlueBcmBtRSupport.SVCNAME%;Bluetooth Driver Management Service (BcmBtRSupport) - Unknown owner - C:\WINDOWS\system32\BtwRSupportService.exe (file missing)
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100 (CredentialEnrollmentManagerUserSvc) - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: CredentialEnrollmentManagerUserSvc_120f81 - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: Digital Wave Update Service (DigitalWave.Update.Service) - Digital Wave Ltd. - C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: @oem43.inf,%fpCSEvtService_SvcDesc%;fpCSEvtSvc (fpCsEvtSvc) - Unknown owner - C:\WINDOWS\system32\fpCSEvtSvc.exe (file missing)
O23 - Service: Freemake Improver - Freemake - C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google LLC - C:\Program Files (x86)\Google\Chrome\Application\87.0.4280.88\elevation_service.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: hpHotkeyMonitor - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101 (perceptionsimulation) - Unknown owner - C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe (file missing)
O23 - Service: postgresql-x64-9.5 - PostgreSQL Server 9.5 (postgresql-x64-9.5) - PostgreSQL Global Development Group - C:\Program Files\PostgreSQL\9.5\bin\pg_ctl.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001 (Sense) - Unknown owner - C:\Program Files (x86)\Windows Defender Advanced Threat Protection\MsSense.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\WINDOWS\system32\SgrmBroker.exe (file missing)
O23 - Service: @firewallapi.dll,-50323 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10129 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: SynTPEnh Caller Service (SynTPEnhService) - Synaptics Incorporated - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @oem43.inf,%WBFService_SvcDesc%;Synaptics FP WBF Policy Service (valWBFPolicyService) - Unknown owner - C:\WINDOWS\system32\valWBFPolicyService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9870 bytes

======Listing Processes======








winlogon.exe

C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p -s PlugPlay
"fontdrvhost.exe"
"fontdrvhost.exe"
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-c0068396-2026-443c-9529-11363df4a6a6 -SystemEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-5c8a7d29-84bc-4a78-9030-e753b02c302f -IoCancelEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-ad8c39ee-1a72-4efa-bfd7-0225c4e42164 -NonStateChangingEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-1dc70954-8a32-48e2-b29c-c953a546c026 -LifetimeId:f03a9256-575a-4ab2-ab06-d4f25562ae3e -DeviceGroupId: -HostArg:0
C:\WINDOWS\system32\svchost.exe -k RPCSS -p
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p -s LSM
"dwm.exe"
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -s BTAGService
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s BthAvctpSvc
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s bthserv
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s NcbService
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s TimeBrokerSvc
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s EventSystem
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork -p
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s SENS
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s Schedule
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s EventLog
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s ProfSvc
C:\WINDOWS\system32\igfxCUIService.exe
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s SysMain
C:\WINDOWS\System32\svchost.exe -k netsvcs -p -s Themes
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s UserManager
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s AudioEndpointBuilder
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s FontCache
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s nsi
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s Winmgmt
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s Dhcp
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DeviceAssociationService
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p

C:\WINDOWS\system32\svchost.exe -k appmodel -p -s StateRepository
C:\WINDOWS\System32\svchost.exe -k NetworkService -p -s NlaSvc
dashost.exe {e4afc7bd-0a65-45a7-877e8e386a9c8262}
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s DispBrokerDesktopSvc
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k NetworkService -p -s Dnscache
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s WinHttpAutoProxySvc
C:\WINDOWS\System32\svchost.exe -k LocalService -p -s netprofm
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation -p -s SSDPSRV
C:\WINDOWS\System32\svchost.exe -k netsvcs -p -s ShellHWDetection
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k WbioSvcGroup -s WbioSrvc
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetworkFirewall -p
C:\WINDOWS\System32\svchost.exe -k NetworkService -p -s LanmanWorkstation
C:\WINDOWS\system32\svchost.exe -k NetworkService -p -s CryptSvc
C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork -p -s DPS
"C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe"
C:\WINDOWS\system32\valWBFPolicyService.exe
C:\WINDOWS\system32\fpCSEvtSvc.exe
C:\WINDOWS\system32\BtwRSupportService.exe
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s TrkWks
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s WpnService
C:\WINDOWS\System32\svchost.exe -k utcsvc -p
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s SstpSvc
C:\WINDOWS\System32\svchost.exe -k NetSvcs -p -s iphlpsvc
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\WINDOWS\System32\svchost.exe -k LocalService -p -s WdiServiceHost

C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s LanmanServer
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\WLANExt.exe 2421382987984
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -s RmSvc
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s lmhosts
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s fdPHost
C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork -p -s NcdAutoSetup
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation -p -s FDResPub
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s NgcCtnrSvc

C:\WINDOWS\system32\svchost.exe -k LocalService -p -s CDPSvc
"C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler64.exe"

C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s StorSvc
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s UsoSvc

C:\Windows\System32\mousocoreworker.exe -Embedding
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s wuauserv
C:\WINDOWS\system32\svchost.exe -k appmodel -p -s camsvc
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DisplayEnhancementService
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
sihost.exe
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup -s CDPUserSvc
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup -s WpnUserService
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s TokenBroker
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s TabletInputService
"ctfmon.exe"
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s Appinfo
C:\WINDOWS\Explorer.EXE
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s PcaSvc
C:\WINDOWS\system32\svchost.exe -k ClipboardSvcGroup -p -s cbdhsvc
igfxHK.exe
igfxTray.exe
"C:\WINDOWS\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe" -ServerName:App.AppXywbrabmsek0gm3tkwpr5kwzbs55tkqay.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe" -ServerName:CortanaUI.AppX8z9r6jm96hw4bsbneegw0kyxx296wr9t.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\System32\svchost.exe -k LocalService -p -s LicenseManager
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.56.102.0_x64__kzf8qxf38zg5c\SkypeApp.exe" -ServerName:App.AppXffn3yxqvgawq9fpmnhy90fr3y01d1t5b.mca
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.56.102.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe" -ServerName:SkypeBackgroundHost
"C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20041.91.0_x64__8wekyb3d8bbwe\YourPhone.exe" -ServerName:App.AppX9yct9q388jvt4h7y0gn06smzkxcsnt8m.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Windows\System32\SecurityHealthSystray.exe"

"C:\Windows\ImmersiveControlPanel\SystemSettings.exe" -ServerName:microsoft.windows.immersivecontrolpanel
C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding
C:\Windows\System32\oobe\UserOOBEBroker.exe -Embedding
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files\CCleaner\CCleaner64.exe" /monitor
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
"C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.20022.11011.0_x64__8wekyb3d8bbwe\Video.UI.exe" -ServerName:Microsoft.ZuneVideo.AppX758ya5sqdjd98rx6z7g95nw6jy7bqx9y.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s WdiSystemHost
C:\WINDOWS\system32\DllHost.exe /Processid:{973D20D7-562D-44B9-B70B-5A0F49CCDF3F}
C:\Windows\System32\smartscreen.exe -Embedding
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\ronin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\ronin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\ronin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=87.0.4280.88 --initial-client-data=0xdc,0xe0,0xe4,0xb8,0xe8,0x7ffe19670eb0,0x7ffe19670ec0,0x7ffe19670ed0
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1196,6880527630407150081,10392216560268388156,131072 --gpu-preferences=MAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAQAAAAAAAAAAAAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAA= --mojo-platform-channel-handle=1584 /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1196,6880527630407150081,10392216560268388156,131072 --lang=sk --service-sandbox-type=network --mojo-platform-channel-handle=1852 /prefetch:8
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1196,6880527630407150081,10392216560268388156,131072 --lang=sk --service-sandbox-type=utility --mojo-platform-channel-handle=2364 /prefetch:8
"C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\InputApp\TextInputHost.exe" -ServerName:InputApp.AppX9jnwykgrccxc8by3hsrsh07r423xzvav.mca
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1196,6880527630407150081,10392216560268388156,131072 --lang=sk --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5476 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1196,6880527630407150081,10392216560268388156,131072 --lang=sk --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5456 /prefetch:1

C:\WINDOWS\System32\svchost.exe -k netsvcs -p -s BITS
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe6_ Global\UsGthrCtrlFltPipeMssGthrPipe6 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 800 804 812 8192 808 784
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1196,6880527630407150081,10392216560268388156,131072 --lang=sk --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3556 /prefetch:1
C:\WINDOWS\system32\AUDIODG.EXE 0x604
"C:\Users\ronin\Downloads\RSITx64.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\OpenWith.exe -Embedding
C:\WINDOWS\system32\DllHost.exe /Processid:{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
C:\WINDOWS\system32\svchost.exe -k BcastDVRUserService -s BcastDVRUserService

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}]
IEToEdge BHO - C:\Program Files (x86)\Microsoft\Edge\Application\87.0.664.57\BHO\ie_to_edge_bho_64.dll [2020-12-05 532880]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}]
IEToEdge BHO - C:\Program Files (x86)\Microsoft\Edge\Application\87.0.664.57\BHO\ie_to_edge_bho.dll [2020-12-05 414096]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\WINDOWS\system32\SecurityHealthSystray.exe [2019-12-07 86016]
"AdobeGCInvoker-1.0"=C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2019-07-04 2849872]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2014-01-19 1703424]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Smart Cleaning"=C:\Program Files\CCleaner\CCleaner64.exe [2020-05-01 27775672]
"Zoner Photo Studio Autoupdate"=C:\Program Files\Zoner\Photo Studio 19\Program32\ZPSTRAY.EXE [2019-04-03 758752]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"QLBController"=C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [2015-06-22 338000]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-09-13 59720]
"Adobe Creative Cloud"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2017-09-20 2407008]
"IJNetworkScannerSelectorEX"=C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [2014-01-15 438888]

C:\Users\ronin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
EOS Utility.lnk - C:\Program Files (x86)\Canon\EOS Utility\EOS Utility.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CBDHSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NgcCtnrSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NgcSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioEndpointBuilder]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioSrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CBDHSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudAddService.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudBus.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsQuic]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NgcCtnrSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NgcSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\usbaudio.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96C-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"EnableFullTrustStartupTasks"=2
"EnableUwpStartupTasks"=2
"SupportFullTrustStartupTasks"=1
"SupportUwpStartupTasks"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"aux"=wdmaud.drv
"midi"=wdmaud.drv
"midimapper"=midimap.dll
"mixer"=wdmaud.drv
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wave"=wdmaud.drv
"wavemapper"=msacm32.drv
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"aux1"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave2"=wdmaud.drv

======File associations======

.inf - install -
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2020-12-10 19:03:24 ----D---- C:\rsit
2020-12-10 19:03:24 ----D---- C:\Program Files\trend micro
2020-11-22 20:52:09 ----D---- C:\Users\ronin\AppData\Roaming\Panolapse
2020-11-20 19:47:35 ----A---- C:\WINDOWS\SYSWOW64\cdp.dll
2020-11-20 19:47:34 ----A---- C:\WINDOWS\system32\WalletService.dll
2020-11-20 19:47:33 ----A---- C:\WINDOWS\system32\cdp.dll
2020-11-20 19:47:25 ----A---- C:\WINDOWS\SYSWOW64\HoloShellRuntime.dll
2020-11-20 19:47:25 ----A---- C:\WINDOWS\system32\DolbyDecMFT.dll
2020-11-20 19:47:25 ----A---- C:\WINDOWS\system32\DHolographicDisplay.dll
2020-11-20 19:47:24 ----A---- C:\WINDOWS\system32\Hydrogen.dll
2020-11-20 19:47:23 ----A---- C:\WINDOWS\system32\msmpeg2vdec.dll
2020-11-20 19:47:23 ----A---- C:\WINDOWS\system32\MSAudDecMFT.dll
2020-11-20 19:47:23 ----A---- C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2020-11-20 19:47:23 ----A---- C:\WINDOWS\system32\HoloShellRuntime.dll
2020-11-20 19:47:23 ----A---- C:\WINDOWS\system32\HolographicExtensions.dll
2020-11-20 19:47:22 ----A---- C:\WINDOWS\SYSWOW64\Microsoft.Uev.Office2013CustomActions.dll
2020-11-20 19:47:22 ----A---- C:\WINDOWS\SYSWOW64\Microsoft.Uev.Office2010CustomActions.dll
2020-11-20 19:47:22 ----A---- C:\WINDOWS\SYSWOW64\Microsoft.Uev.AppAgent.dll
2020-11-20 19:47:22 ----A---- C:\WINDOWS\system32\mfcore.dll
2020-11-20 19:47:21 ----A---- C:\WINDOWS\system32\Microsoft.Uev.Office2013CustomActions.dll
2020-11-20 19:47:21 ----A---- C:\WINDOWS\system32\Microsoft.Uev.Office2010CustomActions.dll
2020-11-20 19:47:21 ----A---- C:\WINDOWS\system32\Microsoft.Uev.AppAgent.dll
2020-11-20 19:47:20 ----A---- C:\WINDOWS\SYSWOW64\tsmf.dll
2020-11-20 19:47:20 ----A---- C:\WINDOWS\SYSWOW64\tsgqec.dll
2020-11-20 19:47:20 ----A---- C:\WINDOWS\SYSWOW64\mstscax.dll
2020-11-20 19:47:20 ----A---- C:\WINDOWS\SYSWOW64\dbnetlib.dll
2020-11-20 19:47:20 ----A---- C:\WINDOWS\SYSWOW64\AcXtrnal.dll
2020-11-20 19:47:20 ----A---- C:\WINDOWS\SYSWOW64\AcLayers.dll
2020-11-20 19:47:19 ----A---- C:\WINDOWS\SYSWOW64\jscript9diag.dll
2020-11-20 19:47:19 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2020-11-20 19:47:19 ----A---- C:\WINDOWS\SYSWOW64\iemigplugin.dll
2020-11-20 19:47:19 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2020-11-20 19:47:18 ----A---- C:\WINDOWS\SYSWOW64\IndexedDbLegacy.dll
2020-11-20 19:47:18 ----A---- C:\WINDOWS\SYSWOW64\Chakrathunk.dll
2020-11-20 19:47:18 ----A---- C:\WINDOWS\SYSWOW64\Chakradiag.dll
2020-11-20 19:47:18 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2020-11-20 19:47:17 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2020-11-20 19:47:15 ----A---- C:\WINDOWS\SYSWOW64\werui.dll
2020-11-20 19:47:15 ----A---- C:\WINDOWS\SYSWOW64\storagewmi.dll
2020-11-20 19:47:15 ----A---- C:\WINDOWS\SYSWOW64\mispace.dll
2020-11-20 19:47:15 ----A---- C:\WINDOWS\SYSWOW64\fdSSDP.dll
2020-11-20 19:47:15 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2020-11-20 19:47:15 ----A---- C:\WINDOWS\SYSWOW64\DWWIN.EXE
2020-11-20 19:47:14 ----A---- C:\WINDOWS\system32\RDXTaskFactory.dll
2020-11-20 19:47:14 ----A---- C:\WINDOWS\system32\ListSvc.dll
2020-11-20 19:47:13 ----A---- C:\WINDOWS\system32\tsmf.dll
2020-11-20 19:47:13 ----A---- C:\WINDOWS\system32\tsgqec.dll
2020-11-20 19:47:13 ----A---- C:\WINDOWS\system32\AcXtrnal.dll
2020-11-20 19:47:13 ----A---- C:\WINDOWS\system32\AcLayers.dll
2020-11-20 19:47:12 ----A---- C:\WINDOWS\system32\systemreset.exe
2020-11-20 19:47:12 ----A---- C:\WINDOWS\system32\SysResetErr.exe
2020-11-20 19:47:12 ----A---- C:\WINDOWS\system32\ResetEngOnline.dll
2020-11-20 19:47:12 ----A---- C:\WINDOWS\system32\ResetEngine.exe
2020-11-20 19:47:12 ----A---- C:\WINDOWS\system32\ResetEngine.dll
2020-11-20 19:47:12 ----A---- C:\WINDOWS\system32\reseteng.dll
2020-11-20 19:47:12 ----A---- C:\WINDOWS\system32\mstscax.dll
2020-11-20 19:47:12 ----A---- C:\WINDOWS\system32\drivers\PktMon.sys
2020-11-20 19:47:10 ----A---- C:\WINDOWS\system32\IESettingSync.exe
2020-11-20 19:47:10 ----A---- C:\WINDOWS\system32\iemigplugin.dll
2020-11-20 19:47:10 ----A---- C:\WINDOWS\system32\dbnetlib.dll
2020-11-20 19:47:09 ----A---- C:\WINDOWS\system32\jscript9diag.dll
2020-11-20 19:47:09 ----A---- C:\WINDOWS\system32\jscript9.dll
2020-11-20 19:47:09 ----A---- C:\WINDOWS\system32\ieframe.dll
2020-11-20 19:47:09 ----A---- C:\WINDOWS\system32\Chakrathunk.dll
2020-11-20 19:47:09 ----A---- C:\WINDOWS\system32\Chakradiag.dll
2020-11-20 19:47:08 ----A---- C:\WINDOWS\system32\IndexedDbLegacy.dll
2020-11-20 19:47:08 ----A---- C:\WINDOWS\system32\Chakra.dll
2020-11-20 19:47:06 ----A---- C:\WINDOWS\system32\mshtml.dll
2020-11-20 19:47:05 ----A---- C:\WINDOWS\system32\werui.dll
2020-11-20 19:47:05 ----A---- C:\WINDOWS\system32\edgehtml.dll
2020-11-20 19:47:05 ----A---- C:\WINDOWS\system32\DWWIN.EXE
2020-11-20 19:47:04 ----A---- C:\WINDOWS\system32\wercplsupport.dll
2020-11-20 19:47:04 ----A---- C:\WINDOWS\system32\werconcpl.dll
2020-11-20 19:47:04 ----A---- C:\WINDOWS\system32\mispace.dll
2020-11-20 19:46:54 ----A---- C:\WINDOWS\system32\storagewmi.dll
2020-11-20 19:46:51 ----A---- C:\WINDOWS\system32\sdshext.dll
2020-11-20 19:46:51 ----A---- C:\WINDOWS\system32\sdrsvc.dll
2020-11-20 19:46:51 ----A---- C:\WINDOWS\system32\sdengin2.dll
2020-11-20 19:46:51 ----A---- C:\WINDOWS\system32\sdclt.exe
2020-11-20 19:46:50 ----A---- C:\WINDOWS\system32\tcbloader.dll
2020-11-20 19:46:50 ----A---- C:\WINDOWS\system32\tcblaunch.exe
2020-11-20 19:46:50 ----A---- C:\WINDOWS\system32\kdhvcom.dll
2020-11-20 19:46:50 ----A---- C:\WINDOWS\system32\hvloader.dll
2020-11-20 19:46:50 ----A---- C:\WINDOWS\system32\hvix64.exe
2020-11-20 19:46:50 ----A---- C:\WINDOWS\system32\hvax64.exe
2020-11-20 19:46:50 ----A---- C:\WINDOWS\system32\fdSSDP.dll
2020-11-20 19:46:50 ----A---- C:\WINDOWS\system32\drivers\hvservice.sys
2020-11-20 19:46:49 ----A---- C:\WINDOWS\SYSWOW64\WinSCard.dll
2020-11-20 19:46:49 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2020-11-20 19:46:49 ----A---- C:\WINDOWS\SYSWOW64\ntshrui.dll
2020-11-20 19:46:48 ----A---- C:\WINDOWS\SYSWOW64\rtm.dll
2020-11-20 19:46:48 ----A---- C:\WINDOWS\SYSWOW64\rasplap.dll
2020-11-20 19:46:48 ----A---- C:\WINDOWS\SYSWOW64\rasdlg.dll
2020-11-20 19:46:48 ----A---- C:\WINDOWS\SYSWOW64\rasapi32.dll
2020-11-20 19:46:48 ----A---- C:\WINDOWS\SYSWOW64\mprdim.dll
2020-11-20 19:46:48 ----A---- C:\WINDOWS\SYSWOW64\mprddm.dll
2020-11-20 19:46:48 ----A---- C:\WINDOWS\SYSWOW64\iprtrmgr.dll
2020-11-20 19:46:48 ----A---- C:\WINDOWS\SYSWOW64\iprtprio.dll
2020-11-20 19:46:47 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Protection.PlayReady.dll
2020-11-20 19:46:47 ----A---- C:\WINDOWS\SYSWOW64\rasgcw.dll
2020-11-20 19:46:47 ----A---- C:\WINDOWS\SYSWOW64\netid.dll
2020-11-20 19:46:47 ----A---- C:\WINDOWS\SYSWOW64\msIso.dll
2020-11-20 19:46:47 ----A---- C:\WINDOWS\SYSWOW64\edgeIso.dll
2020-11-20 19:46:46 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Immersive.dll
2020-11-20 19:46:46 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2020-11-20 19:46:46 ----A---- C:\WINDOWS\SYSWOW64\policymanager.dll
2020-11-20 19:46:46 ----A---- C:\WINDOWS\SYSWOW64\netlogon.dll
2020-11-20 19:46:46 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2020-11-20 19:46:46 ----A---- C:\WINDOWS\SYSWOW64\GdiPlus.dll
2020-11-20 19:46:45 ----A---- C:\WINDOWS\SYSWOW64\wermgr.exe
2020-11-20 19:46:45 ----A---- C:\WINDOWS\SYSWOW64\WerFault.exe
2020-11-20 19:46:45 ----A---- C:\WINDOWS\SYSWOW64\weretw.dll
2020-11-20 19:46:45 ----A---- C:\WINDOWS\SYSWOW64\werdiagcontroller.dll
2020-11-20 19:46:45 ----A---- C:\WINDOWS\SYSWOW64\wer.dll
2020-11-20 19:46:45 ----A---- C:\WINDOWS\SYSWOW64\tzres.dll
2020-11-20 19:46:45 ----A---- C:\WINDOWS\SYSWOW64\setupcl.dll
2020-11-20 19:46:45 ----A---- C:\WINDOWS\SYSWOW64\msv1_0.dll
2020-11-20 19:46:45 ----A---- C:\WINDOWS\SYSWOW64\logoncli.dll
2020-11-20 19:46:45 ----A---- C:\WINDOWS\SYSWOW64\gmsaclient.dll
2020-11-20 19:46:45 ----A---- C:\WINDOWS\SYSWOW64\Faultrep.dll
2020-11-20 19:46:45 ----A---- C:\WINDOWS\SYSWOW64\dnsapi.dll
2020-11-20 19:46:44 ----A---- C:\WINDOWS\SYSWOW64\win32u.dll
2020-11-20 19:46:44 ----A---- C:\WINDOWS\SYSWOW64\win32kfull.sys
2020-11-20 19:46:44 ----A---- C:\WINDOWS\SYSWOW64\win32k.sys
2020-11-20 19:46:44 ----A---- C:\WINDOWS\SYSWOW64\usoapi.dll
2020-11-20 19:46:44 ----A---- C:\WINDOWS\SYSWOW64\user32.dll
2020-11-20 19:46:44 ----A---- C:\WINDOWS\SYSWOW64\SHCore.dll
2020-11-20 19:46:44 ----A---- C:\WINDOWS\SYSWOW64\shacct.dll
2020-11-20 19:46:44 ----A---- C:\WINDOWS\SYSWOW64\CertPolEng.dll
2020-11-20 19:46:43 ----A---- C:\WINDOWS\SYSWOW64\Windows.Globalization.dll
2020-11-20 19:46:43 ----A---- C:\WINDOWS\SYSWOW64\rdpserverbase.dll
2020-11-20 19:46:43 ----A---- C:\WINDOWS\SYSWOW64\OneCoreUAPCommonProxyStub.dll
2020-11-20 19:46:42 ----A---- C:\WINDOWS\SYSWOW64\wintrust.dll
2020-11-20 19:46:42 ----A---- C:\WINDOWS\SYSWOW64\Windows.StateRepository.dll
2020-11-20 19:46:42 ----A---- C:\WINDOWS\SYSWOW64\kerberos.dll
2020-11-20 19:46:41 ----A---- C:\WINDOWS\SYSWOW64\WordBreakers.dll
2020-11-20 19:46:41 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Core.TextInput.dll
2020-11-20 19:46:41 ----A---- C:\WINDOWS\SYSWOW64\windows.storage.dll
2020-11-20 19:46:41 ----A---- C:\WINDOWS\SYSWOW64\tquery.dll
2020-11-20 19:46:41 ----A---- C:\WINDOWS\SYSWOW64\TextInputFramework.dll
2020-11-20 19:46:41 ----A---- C:\WINDOWS\SYSWOW64\MbaeApiPublic.dll
2020-11-20 19:46:41 ----A---- C:\WINDOWS\SYSWOW64\LicenseManagerApi.dll
2020-11-20 19:46:41 ----A---- C:\WINDOWS\SYSWOW64\LicenseManager.dll
2020-11-20 19:46:41 ----A---- C:\WINDOWS\SYSWOW64\EditBufferTestHook.dll
2020-11-20 19:46:40 ----A---- C:\WINDOWS\SYSWOW64\SearchProtocolHost.exe
2020-11-20 19:46:40 ----A---- C:\WINDOWS\SYSWOW64\SearchIndexer.exe
2020-11-20 19:46:40 ----A---- C:\WINDOWS\SYSWOW64\SearchFilterHost.exe
2020-11-20 19:46:40 ----A---- C:\WINDOWS\SYSWOW64\Search.ProtocolHandler.MAPI2.dll
2020-11-20 19:46:40 ----A---- C:\WINDOWS\SYSWOW64\mssvp.dll
2020-11-20 19:46:40 ----A---- C:\WINDOWS\SYSWOW64\mssrch.dll
2020-11-20 19:46:40 ----A---- C:\WINDOWS\SYSWOW64\mssprxy.dll
2020-11-20 19:46:40 ----A---- C:\WINDOWS\SYSWOW64\mssph.dll
2020-11-20 19:46:40 ----A---- C:\WINDOWS\SYSWOW64\mssitlb.dll
2020-11-20 19:46:40 ----A---- C:\WINDOWS\SYSWOW64\msscntrs.dll
2020-11-20 19:46:40 ----A---- C:\WINDOWS\SYSWOW64\dsregtask.dll
2020-11-20 19:46:40 ----A---- C:\WINDOWS\SYSWOW64\ActivationManager.dll
2020-11-20 19:46:39 ----A---- C:\WINDOWS\SYSWOW64\WWAHost.exe
2020-11-20 19:46:39 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Input.Inking.dll
2020-11-20 19:46:39 ----A---- C:\WINDOWS\SYSWOW64\UserDeviceRegistration.Ngc.dll
2020-11-20 19:46:39 ----A---- C:\WINDOWS\SYSWOW64\UserDeviceRegistration.dll
2020-11-20 19:46:39 ----A---- C:\WINDOWS\SYSWOW64\ncobjapi.dll
2020-11-20 19:46:39 ----A---- C:\WINDOWS\SYSWOW64\GameInput.dll
2020-11-20 19:46:39 ----A---- C:\WINDOWS\SYSWOW64\dsreg.dll
2020-11-20 19:46:38 ----A---- C:\WINDOWS\SYSWOW64\Windows.Internal.UI.Shell.WindowTabManager.dll
2020-11-20 19:46:38 ----A---- C:\WINDOWS\SYSWOW64\uxtheme.dll
2020-11-20 19:46:38 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2020-11-20 19:46:38 ----A---- C:\WINDOWS\SYSWOW64\netplwiz.dll
2020-11-20 19:46:38 ----A---- C:\WINDOWS\SYSWOW64\msctf.dll
2020-11-20 19:46:38 ----A---- C:\WINDOWS\SYSWOW64\LaunchWinApp.exe
2020-11-20 19:46:38 ----A---- C:\WINDOWS\SYSWOW64\framedynos.dll
2020-11-20 19:46:38 ----A---- C:\WINDOWS\SYSWOW64\diskpart.exe
2020-11-20 19:46:38 ----A---- C:\WINDOWS\SYSWOW64\amsi.dll
2020-11-20 19:46:37 ----A---- C:\WINDOWS\SYSWOW64\XAudio2_9.dll
2020-11-20 19:46:37 ----A---- C:\WINDOWS\SYSWOW64\rpcrt4.dll
2020-11-20 19:46:37 ----A---- C:\WINDOWS\SYSWOW64\ntdll.dll
2020-11-20 19:46:37 ----A---- C:\WINDOWS\SYSWOW64\msobjs.dll
2020-11-20 19:46:37 ----A---- C:\WINDOWS\SYSWOW64\msaudite.dll
2020-11-20 19:46:37 ----A---- C:\WINDOWS\SYSWOW64\explorer.exe
2020-11-20 19:46:37 ----A---- C:\WINDOWS\SYSWOW64\advapi32.dll
2020-11-20 19:46:37 ----A---- C:\WINDOWS\SYSWOW64\adtschema.dll
2020-11-20 19:46:36 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.ConversationalAgent.dll
2020-11-20 19:46:36 ----A---- C:\WINDOWS\SYSWOW64\OneCoreCommonProxyStub.dll
2020-11-20 19:46:36 ----A---- C:\WINDOWS\SYSWOW64\agentactivationruntimewindows.dll
2020-11-20 19:46:36 ----A---- C:\WINDOWS\SYSWOW64\agentactivationruntime.dll
2020-11-20 19:46:36 ----A---- C:\WINDOWS\SYSWOW64\AarSvc.dll
2020-11-20 19:46:31 ----A---- C:\WINDOWS\system32\WinSCard.dll
2020-11-20 19:46:31 ----A---- C:\WINDOWS\system32\ScDeviceEnum.dll
2020-11-20 19:46:31 ----A---- C:\WINDOWS\system32\SCardSvr.dll
2020-11-20 19:46:31 ----A---- C:\WINDOWS\system32\SCardDlg.dll
2020-11-20 19:46:31 ----A---- C:\WINDOWS\system32\SCardBi.dll
2020-11-20 19:46:31 ----A---- C:\WINDOWS\system32\drivers\scfilter.sys
2020-11-20 19:46:31 ----A---- C:\WINDOWS\system32\certprop.dll
2020-11-20 19:46:30 ----A---- C:\WINDOWS\system32\shell32.dll
2020-11-20 19:46:30 ----A---- C:\WINDOWS\system32\rasmans.dll
2020-11-20 19:46:30 ----A---- C:\WINDOWS\system32\rasdlg.dll
2020-11-20 19:46:30 ----A---- C:\WINDOWS\system32\rascustom.dll
2020-11-20 19:46:30 ----A---- C:\WINDOWS\system32\ntshrui.dll
2020-11-20 19:46:29 ----A---- C:\WINDOWS\system32\vpnike.dll
2020-11-20 19:46:29 ----A---- C:\WINDOWS\system32\rtm.dll
2020-11-20 19:46:29 ----A---- C:\WINDOWS\system32\rasplap.dll
2020-11-20 19:46:29 ----A---- C:\WINDOWS\system32\rasapi32.dll
2020-11-20 19:46:29 ----A---- C:\WINDOWS\system32\mprdim.dll
2020-11-20 19:46:29 ----A---- C:\WINDOWS\system32\mprddm.dll
2020-11-20 19:46:29 ----A---- C:\WINDOWS\system32\iprtrmgr.dll
2020-11-20 19:46:29 ----A---- C:\WINDOWS\system32\iprtprio.dll
2020-11-20 19:46:29 ----A---- C:\WINDOWS\system32\drivers\agilevpn.sys
2020-11-20 19:46:28 ----A---- C:\WINDOWS\system32\SettingsHandlers_nt.dll
2020-11-20 19:46:28 ----A---- C:\WINDOWS\system32\SettingsHandlers_IME.dll
2020-11-20 19:46:28 ----A---- C:\WINDOWS\system32\npmproxy.dll
2020-11-20 19:46:28 ----A---- C:\WINDOWS\system32\nlmsprep.dll
2020-11-20 19:46:28 ----A---- C:\WINDOWS\system32\nlmproxy.dll
2020-11-20 19:46:27 ----A---- C:\WINDOWS\system32\uxtheme.dll
2020-11-20 19:46:27 ----A---- C:\WINDOWS\system32\sppobjs.dll
2020-11-20 19:46:27 ----A---- C:\WINDOWS\system32\schedsvc.dll
2020-11-20 19:46:27 ----A---- C:\WINDOWS\system32\rasgcw.dll
2020-11-20 19:46:27 ----A---- C:\WINDOWS\system32\netprofmsvc.dll
2020-11-20 19:46:27 ----A---- C:\WINDOWS\system32\netprofm.dll
2020-11-20 19:46:27 ----A---- C:\WINDOWS\system32\netid.dll
2020-11-20 19:46:27 ----A---- C:\WINDOWS\system32\msctfp.dll
2020-11-20 19:46:26 ----A---- C:\WINDOWS\system32\sppsvc.exe
2020-11-20 19:46:26 ----A---- C:\WINDOWS\system32\SDDS.dll
2020-11-20 19:46:26 ----A---- C:\WINDOWS\system32\msIso.dll
2020-11-20 19:46:26 ----A---- C:\WINDOWS\system32\edgeIso.dll
2020-11-20 19:46:26 ----A---- C:\WINDOWS\system32\drivers\mskssrv.sys
2020-11-20 19:46:26 ----A---- C:\WINDOWS\system32\drivers\ks.sys
2020-11-20 19:46:26 ----A---- C:\WINDOWS\system32\DDDS.dll
2020-11-20 19:46:25 ----A---- C:\WINDOWS\system32\Windows.UI.Immersive.dll
2020-11-20 19:46:25 ----A---- C:\WINDOWS\system32\urlmon.dll
2020-11-20 19:46:25 ----A---- C:\WINDOWS\system32\shutdownux.dll
2020-11-20 19:46:25 ----A---- C:\WINDOWS\system32\policymanager.dll
2020-11-20 19:46:25 ----A---- C:\WINDOWS\system32\LogonController.dll
2020-11-20 19:46:25 ----A---- C:\WINDOWS\system32\iertutil.dll
2020-11-20 19:46:25 ----A---- C:\WINDOWS\system32\GdiPlus.dll
2020-11-20 19:46:24 ----A---- C:\WINDOWS\SYSWOW64\nsi.dll
2020-11-20 19:46:24 ----A---- C:\WINDOWS\system32\wkssvc.dll
2020-11-20 19:46:24 ----A---- C:\WINDOWS\system32\netlogon.dll
2020-11-20 19:46:24 ----A---- C:\WINDOWS\system32\msctf.dll
2020-11-20 19:46:24 ----A---- C:\WINDOWS\system32\gmsaclient.dll
2020-11-20 19:46:24 ----A---- C:\WINDOWS\system32\drivers\srvnet.sys
2020-11-20 19:46:24 ----A---- C:\WINDOWS\system32\drivers\srv2.sys
2020-11-20 19:46:24 ----A---- C:\WINDOWS\system32\drivers\FWPKCLNT.SYS
2020-11-20 19:46:24 ----A---- C:\WINDOWS\system32\drivers\clfs.sys
2020-11-20 19:46:23 ----A---- C:\WINDOWS\system32\rpcrt4.dll
2020-11-20 19:46:23 ----A---- C:\WINDOWS\system32\nsi.dll
2020-11-20 19:46:23 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2020-11-20 19:46:23 ----A---- C:\WINDOWS\system32\drivers\netio.sys
2020-11-20 19:46:23 ----A---- C:\WINDOWS\system32\drivers\ndis.sys
2020-11-20 19:46:23 ----A---- C:\WINDOWS\system32\drivers\msrpc.sys
2020-11-20 19:46:22 ----A---- C:\WINDOWS\system32\services.exe
2020-11-20 19:46:21 ----A---- C:\WINDOWS\system32\wersvc.dll
2020-11-20 19:46:21 ----A---- C:\WINDOWS\system32\wermgr.exe
2020-11-20 19:46:21 ----A---- C:\WINDOWS\system32\WerFault.exe
2020-11-20 19:46:21 ----A---- C:\WINDOWS\system32\werdiagcontroller.dll
2020-11-20 19:46:21 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2020-11-20 19:46:21 ----A---- C:\WINDOWS\system32\ntdll.dll
2020-11-20 19:46:21 ----A---- C:\WINDOWS\system32\msobjs.dll
2020-11-20 19:46:21 ----A---- C:\WINDOWS\system32\msaudite.dll
2020-11-20 19:46:21 ----A---- C:\WINDOWS\system32\Faultrep.dll
2020-11-20 19:46:21 ----A---- C:\WINDOWS\system32\drivers\ntfs.sys
2020-11-20 19:46:21 ----A---- C:\WINDOWS\system32\adtschema.dll
2020-11-20 19:46:20 ----A---- C:\WINDOWS\system32\weretw.dll
2020-11-20 19:46:20 ----A---- C:\WINDOWS\system32\wer.dll
2020-11-20 19:46:20 ----A---- C:\WINDOWS\system32\offlinelsa.dll
2020-11-20 19:46:20 ----A---- C:\WINDOWS\system32\lsasrv.dll
2020-11-20 19:46:20 ----A---- C:\WINDOWS\system32\drivers\ksecpkg.sys
2020-11-20 19:46:20 ----A---- C:\WINDOWS\system32\drivers\cng.sys
2020-11-20 19:46:20 ----A---- C:\WINDOWS\system32\diagtrack.dll
2020-11-20 19:46:19 ----A---- C:\WINDOWS\system32\tzres.dll
2020-11-20 19:46:19 ----A---- C:\WINDOWS\system32\SecurityHealthService.exe
2020-11-20 19:46:19 ----A---- C:\WINDOWS\system32\SecurityHealthProxyStub.dll
2020-11-20 19:46:19 ----A---- C:\WINDOWS\system32\SecurityHealthHost.exe
2020-11-20 19:46:19 ----A---- C:\WINDOWS\system32\SecurityHealthAgent.dll
2020-11-20 19:46:19 ----A---- C:\WINDOWS\system32\samsrv.dll
2020-11-20 19:46:19 ----A---- C:\WINDOWS\system32\samlib.dll
2020-11-20 19:46:19 ----A---- C:\WINDOWS\system32\offlinesam.dll
2020-11-20 19:46:19 ----A---- C:\WINDOWS\system32\msv1_0.dll
2020-11-20 19:46:19 ----A---- C:\WINDOWS\system32\logoncli.dll
2020-11-20 19:46:19 ----A---- C:\WINDOWS\system32\dnsrslvr.dll
2020-11-20 19:46:19 ----A---- C:\WINDOWS\system32\dnsapi.dll
2020-11-20 19:46:18 ----A---- C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-11-20 19:46:17 ----A---- C:\WINDOWS\system32\Windows.UI.Logon.dll
2020-11-20 19:46:17 ----A---- C:\WINDOWS\system32\Windows.UI.Cred.dll
2020-11-20 19:46:17 ----A---- C:\WINDOWS\system32\shacct.dll
2020-11-20 19:46:17 ----A---- C:\WINDOWS\system32\setupcl.dll
2020-11-20 19:46:17 ----A---- C:\WINDOWS\system32\EoAExperiences.exe
2020-11-20 19:46:17 ----A---- C:\WINDOWS\system32\DevicesFlowBroker.dll
2020-11-20 19:46:17 ----A---- C:\WINDOWS\system32\CoreMessaging.dll
2020-11-20 19:46:17 ----A---- C:\WINDOWS\system32\CertPolEng.dll
2020-11-20 19:46:16 ----A---- C:\WINDOWS\system32\Windows.SharedPC.AccountManager.dll
2020-11-20 19:46:16 ----A---- C:\WINDOWS\system32\SettingsHandlers_Language.dll
2020-11-20 19:46:09 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-11-20 19:46:09 ----A---- C:\WINDOWS\system32\ApplyTrustOffline.exe
2020-11-20 19:46:09 ----A---- C:\WINDOWS\system32\ApplicationFrame.dll
2020-11-20 19:46:08 ----A---- C:\WINDOWS\system32\twinui.pcshell.dll
2020-11-20 19:46:07 ----A---- C:\WINDOWS\system32\wups2.dll
2020-11-20 19:46:07 ----A---- C:\WINDOWS\system32\wuauclt.exe
2020-11-20 19:46:07 ----A---- C:\WINDOWS\system32\Windows.SharedPC.CredentialProvider.dll
2020-11-20 19:46:07 ----A---- C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2020-11-20 19:46:07 ----A---- C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2020-11-20 19:46:07 ----A---- C:\WINDOWS\system32\SettingsHandlers_BrowserDeclutter.dll
2020-11-20 19:46:07 ----A---- C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2020-11-20 19:46:06 ----A---- C:\WINDOWS\system32\wuaueng.dll
2020-11-20 19:46:06 ----A---- C:\WINDOWS\system32\MusUpdateHandlers.dll
2020-11-20 19:46:06 ----A---- C:\WINDOWS\system32\MusNotifyIcon.exe
2020-11-20 19:46:06 ----A---- C:\WINDOWS\system32\MusNotificationUx.exe
2020-11-20 19:46:05 ----A---- C:\WINDOWS\system32\MusNotification.exe
2020-11-20 19:46:04 ----A---- C:\WINDOWS\system32\usosvc.dll
2020-11-20 19:46:04 ----A---- C:\WINDOWS\system32\usocoreworker.exe
2020-11-20 19:46:04 ----A---- C:\WINDOWS\system32\usoapi.dll
2020-11-20 19:46:04 ----A---- C:\WINDOWS\system32\SHCore.dll
2020-11-20 19:46:04 ----A---- C:\WINDOWS\system32\SettingsHandlers_SpeechPrivacy.dll
2020-11-20 19:46:04 ----A---- C:\WINDOWS\system32\SettingsHandlers_InkingTypingPrivacy.dll
2020-11-20 19:46:04 ----A---- C:\WINDOWS\system32\RasMediaManager.dll
2020-11-20 19:46:04 ----A---- C:\WINDOWS\system32\MoUsoCoreWorker.exe
2020-11-20 19:46:04 ----A---- C:\WINDOWS\system32\CloudDomainJoinAUG.dll
2020-11-20 19:46:03 ----A---- C:\WINDOWS\system32\win32u.dll
2020-11-20 19:46:03 ----A---- C:\WINDOWS\system32\win32kfull.sys
2020-11-20 19:46:03 ----A---- C:\WINDOWS\system32\win32k.sys
2020-11-20 19:46:03 ----A---- C:\WINDOWS\system32\user32.dll
2020-11-20 19:46:03 ----A---- C:\WINDOWS\system32\rdpserverbase.dll
2020-11-20 19:46:02 ----A---- C:\WINDOWS\system32\wpncore.dll
2020-11-20 19:46:02 ----A---- C:\WINDOWS\system32\wintrust.dll
2020-11-20 19:46:02 ----A---- C:\WINDOWS\system32\PsmServiceExtHost.dll
2020-11-20 19:46:02 ----A---- C:\WINDOWS\system32\kerberos.dll
2020-11-20 19:46:01 ----A---- C:\WINDOWS\system32\windows.storage.dll
2020-11-20 19:46:01 ----A---- C:\WINDOWS\system32\WaaSMedicSvc.dll
2020-11-20 19:46:01 ----A---- C:\WINDOWS\system32\WaaSMedicPS.dll
2020-11-20 19:46:01 ----A---- C:\WINDOWS\system32\WaaSMedicCapsule.dll
2020-11-20 19:46:01 ----A---- C:\WINDOWS\system32\WaaSMedicAgent.exe
2020-11-20 19:46:01 ----A---- C:\WINDOWS\system32\WaaSAssessment.dll
2020-11-20 19:46:01 ----A---- C:\WINDOWS\system32\MbaeApiPublic.dll
2020-11-20 19:46:01 ----A---- C:\WINDOWS\system32\LicenseManager.dll
2020-11-20 19:46:01 ----A---- C:\WINDOWS\system32\ISM.dll
2020-11-20 19:46:00 ----A---- C:\WINDOWS\system32\WordBreakers.dll
2020-11-20 19:46:00 ----A---- C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2020-11-20 19:46:00 ----A---- C:\WINDOWS\system32\tsf3gip.dll
2020-11-20 19:46:00 ----A---- C:\WINDOWS\system32\TextInputFramework.dll
2020-11-20 19:46:00 ----A---- C:\WINDOWS\system32\LicenseManagerApi.dll
2020-11-20 19:46:00 ----A---- C:\WINDOWS\system32\InputLocaleManager.dll
2020-11-20 19:46:00 ----A---- C:\WINDOWS\system32\EditBufferTestHook.dll
2020-11-20 19:45:59 ----A---- C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2020-11-20 19:45:59 ----A---- C:\WINDOWS\system32\tquery.dll
2020-11-20 19:45:59 ----A---- C:\WINDOWS\system32\InputService.dll
2020-11-20 19:45:58 ----A---- C:\WINDOWS\system32\SearchIndexer.exe
2020-11-20 19:45:58 ----A---- C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2020-11-20 19:45:58 ----A---- C:\WINDOWS\system32\mssvp.dll
2020-11-20 19:45:58 ----A---- C:\WINDOWS\system32\mssrch.dll
2020-11-20 19:45:58 ----A---- C:\WINDOWS\system32\mssprxy.dll
2020-11-20 19:45:58 ----A---- C:\WINDOWS\system32\mssph.dll
2020-11-20 19:45:57 ----A---- C:\WINDOWS\system32\win32kbase.sys
2020-11-20 19:45:57 ----A---- C:\WINDOWS\system32\SearchProtocolHost.exe
2020-11-20 19:45:57 ----A---- C:\WINDOWS\system32\SearchFilterHost.exe
2020-11-20 19:45:57 ----A---- C:\WINDOWS\system32\mssitlb.dll
2020-11-20 19:45:57 ----A---- C:\WINDOWS\system32\msscntrs.dll
2020-11-20 19:45:57 ----A---- C:\WINDOWS\system32\EdgeContent.dll
2020-11-20 19:45:56 ----A---- C:\WINDOWS\system32\drivers\dxgmms2.sys
2020-11-20 19:45:56 ----A---- C:\WINDOWS\system32\drivers\dxgmms1.sys
2020-11-20 19:45:56 ----A---- C:\WINDOWS\system32\drivers\dxgkrnl.sys
2020-11-20 19:45:56 ----A---- C:\WINDOWS\system32\dosvc.dll
2020-11-20 19:45:56 ----A---- C:\WINDOWS\system32\cdd.dll
2020-11-20 19:45:55 ----A---- C:\WINDOWS\system32\Windows.Globalization.dll
2020-11-20 19:45:55 ----A---- C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2020-11-20 19:45:54 ----A---- C:\WINDOWS\system32\qmgr.dll
2020-11-20 19:45:54 ----A---- C:\WINDOWS\system32\GameInput.dll
2020-11-20 19:45:54 ----A---- C:\WINDOWS\system32\ActivationManager.dll
2020-11-20 19:45:54 ----A---- C:\WINDOWS\system32\aadauthhelper.dll
2020-11-20 19:45:53 ----A---- C:\WINDOWS\system32\Windows.Internal.UI.Shell.WindowTabManager.dll
2020-11-20 19:45:53 ----A---- C:\WINDOWS\system32\vdsbas.dll
2020-11-20 19:45:53 ----A---- C:\WINDOWS\system32\netplwiz.dll
2020-11-20 19:45:53 ----A---- C:\WINDOWS\system32\LaunchWinApp.exe
2020-11-20 19:45:53 ----A---- C:\WINDOWS\system32\diskpart.exe
2020-11-20 19:45:53 ----A---- C:\WINDOWS\system32\CoreShell.dll
2020-11-20 19:45:52 ----A---- C:\WINDOWS\system32\XamlTileRender.dll
2020-11-20 19:45:52 ----A---- C:\WINDOWS\system32\twinui.dll
2020-11-20 19:45:51 ----A---- C:\WINDOWS\system32\amsiproxy.dll
2020-11-20 19:45:51 ----A---- C:\WINDOWS\system32\amsi.dll
2020-11-20 19:45:50 ----A---- C:\WINDOWS\system32\wlansec.dll
2020-11-20 19:45:50 ----A---- C:\WINDOWS\system32\wlanmsm.dll
2020-11-20 19:45:50 ----A---- C:\WINDOWS\system32\wlanhlp.dll
2020-11-20 19:45:50 ----A---- C:\WINDOWS\system32\wlanapi.dll
2020-11-20 19:45:50 ----A---- C:\WINDOWS\system32\WiFiCloudStore.dll
2020-11-20 19:45:50 ----A---- C:\WINDOWS\system32\wfdprov.dll
2020-11-20 19:45:49 ----A---- C:\WINDOWS\system32\wlansvcpal.dll
2020-11-20 19:45:49 ----A---- C:\WINDOWS\system32\WiFiConfigSP.dll
2020-11-20 19:45:47 ----A---- C:\WINDOWS\system32\wlansvc.dll
2020-11-20 19:45:47 ----A---- C:\WINDOWS\system32\taskbarcpl.dll
2020-11-20 19:45:46 ----A---- C:\WINDOWS\system32\UserDeviceRegistration.Ngc.dll
2020-11-20 19:45:46 ----A---- C:\WINDOWS\system32\UserDeviceRegistration.dll
2020-11-20 19:45:46 ----A---- C:\WINDOWS\system32\SystemSettings.DataModel.dll
2020-11-20 19:45:46 ----A---- C:\WINDOWS\system32\ncobjapi.dll
2020-11-20 19:45:46 ----A---- C:\WINDOWS\system32\dsregtask.dll
2020-11-20 19:45:46 ----A---- C:\WINDOWS\system32\dsreg.dll
2020-11-20 19:45:46 ----A---- C:\WINDOWS\system32\advapi32.dll
2020-11-20 19:45:46 ----A---- C:\WINDOWS\explorer.exe
2020-11-20 19:45:45 ----A---- C:\WINDOWS\system32\framedynos.dll
2020-11-20 19:45:44 ----A---- C:\WINDOWS\system32\XAudio2_9.dll
2020-11-20 19:45:44 ----A---- C:\WINDOWS\system32\WpcWebFilter.dll
2020-11-20 19:45:44 ----A---- C:\WINDOWS\system32\WpcTok.exe
2020-11-20 19:45:44 ----A---- C:\WINDOWS\system32\WpcRefreshTask.dll
2020-11-20 19:45:44 ----A---- C:\WINDOWS\system32\win32spl.dll
2020-11-20 19:45:44 ----A---- C:\WINDOWS\system32\localspl.dll
2020-11-20 19:45:44 ----A---- C:\WINDOWS\system32\FaxPrinterInstaller.dll
2020-11-20 19:45:43 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.ConversationalAgent.dll
2020-11-20 19:45:43 ----A---- C:\WINDOWS\system32\VocabRoamingHandler.dll
2020-11-20 19:45:43 ----A---- C:\WINDOWS\system32\TransliterationRanker.dll
2020-11-20 19:45:43 ----A---- C:\WINDOWS\system32\RuleBasedDS.dll
2020-11-20 19:45:43 ----A---- C:\WINDOWS\system32\MtfDecoder.dll
2020-11-20 19:45:43 ----A---- C:\WINDOWS\system32\jpnranker.dll
2020-11-20 19:45:43 ----A---- C:\WINDOWS\system32\jpninputrouter.dll
2020-11-20 19:45:43 ----A---- C:\WINDOWS\system32\chxranker.dll
2020-11-20 19:45:43 ----A---- C:\WINDOWS\system32\agentactivationruntimewindows.dll
2020-11-20 19:45:43 ----A---- C:\WINDOWS\system32\agentactivationruntime.dll
2020-11-20 19:45:43 ----A---- C:\WINDOWS\system32\AarSvc.dll
2020-11-20 19:45:42 ----A---- C:\WINDOWS\system32\jpndecoder.dll
2020-11-20 19:45:42 ----A---- C:\WINDOWS\system32\IHDS.dll
2020-11-20 19:45:42 ----A---- C:\WINDOWS\system32\chxinputrouter.dll
2020-11-20 19:45:42 ----A---- C:\WINDOWS\system32\ChxHAPDS.dll
2020-11-20 19:45:42 ----A---- C:\WINDOWS\system32\ChxDecoder.dll
2020-11-20 19:45:42 ----A---- C:\WINDOWS\system32\ChxAPDS.dll
2020-11-20 19:45:42 ----A---- C:\WINDOWS\system32\ChtQuickDS.dll
2020-11-20 19:45:42 ----A---- C:\WINDOWS\system32\ChtHkStrokeDS.dll
2020-11-20 19:45:42 ----A---- C:\WINDOWS\system32\ChtCangjieDS.dll
2020-11-20 19:45:42 ----A---- C:\WINDOWS\system32\ChtBopomofoDS.dll
2020-11-20 19:45:42 ----A---- C:\WINDOWS\system32\ChtAdvancedDS.dll
2020-11-20 19:45:42 ----A---- C:\WINDOWS\system32\ChsStrokeDS.dll
2020-11-20 19:45:41 ----A---- C:\WINDOWS\system32\MTFSpellcheckDS.dll
2020-11-20 19:45:41 ----A---- C:\WINDOWS\system32\MTFFuzzyDS.dll
2020-11-20 19:45:41 ----A---- C:\WINDOWS\system32\MTFAppServiceDS.dll
2020-11-20 19:45:41 ----A---- C:\WINDOWS\system32\HashtagDS.dll
2020-11-20 19:45:41 ----A---- C:\WINDOWS\system32\FluencyDS.dll
2020-11-20 19:45:41 ----A---- C:\WINDOWS\system32\EmojiDS.dll
2020-11-20 19:45:41 ----A---- C:\WINDOWS\system32\AdvancedEmojiDS.dll
2020-11-20 19:45:40 ----A---- C:\WINDOWS\system32\trie.dll
2020-11-20 19:45:39 ----A---- C:\WINDOWS\system32\wwanprotdim.dll
2020-11-20 19:45:39 ----A---- C:\WINDOWS\system32\OneCoreCommonProxyStub.dll
2020-11-20 19:45:39 ----A---- C:\WINDOWS\system32\drivers\KNetPwrDepBroker.sys
2020-11-20 19:45:38 ----A---- C:\WINDOWS\system32\wwansvc.dll
2020-11-20 19:45:36 ----A---- C:\WINDOWS\system32\tellib.dll
2020-11-20 19:45:34 ----A---- C:\WINDOWS\system32\drivers\netvsc.sys
2020-11-20 19:45:33 ----A---- C:\WINDOWS\system32\drivers\dumpsd.sys
2020-11-20 19:45:32 ----A---- C:\WINDOWS\system32\iscsilog.dll
2020-11-20 19:45:32 ----A---- C:\WINDOWS\system32\drivers\vhdmp.sys
2020-11-20 19:45:32 ----A---- C:\WINDOWS\system32\drivers\sdbus.sys
2020-11-20 19:45:32 ----A---- C:\WINDOWS\system32\drivers\msiscsi.sys
2020-11-20 19:45:30 ----A---- C:\WINDOWS\system32\WMALFXGFXDSP.dll
2020-11-20 19:45:30 ----A---- C:\WINDOWS\system32\SysFxUI.dll
2020-11-20 19:45:30 ----A---- C:\WINDOWS\system32\drivers\xinputhid.sys
2020-11-20 19:45:30 ----A---- C:\WINDOWS\system32\drivers\xboxgip.sys
2020-11-20 19:45:30 ----A---- C:\WINDOWS\system32\drivers\portcls.sys
2020-11-20 19:45:30 ----A---- C:\WINDOWS\system32\drivers\drmkaud.sys
2020-11-20 19:45:30 ----A---- C:\WINDOWS\system32\drivers\drmk.sys
2020-11-20 19:45:30 ----A---- C:\WINDOWS\system32\drivers\devauthe.sys
2020-11-20 19:16:13 ----A---- C:\WINDOWS\SYSWOW64\poqexec.exe
2020-11-20 19:16:12 ----A---- C:\WINDOWS\system32\poqexec.exe

======List of files/folders modified in the last 1 month======

2020-12-10 19:03:33 ----D---- C:\WINDOWS\Temp
2020-12-10 19:03:27 ----D---- C:\WINDOWS\Prefetch
2020-12-10 19:03:24 ----RD---- C:\Program Files
2020-12-10 18:56:19 ----D---- C:\Program Files (x86)\Canon
2020-12-10 18:55:19 ----D---- C:\Program Files\Canon
2020-12-10 18:54:56 ----SHDC---- C:\WINDOWS\Installer
2020-12-10 18:54:53 ----D---- C:\ProgramData\DxO Labs
2020-12-10 18:54:20 ----SHD---- C:\System Volume Information
2020-12-10 18:51:37 ----D---- C:\WINDOWS\System32
2020-12-10 18:51:37 ----D---- C:\WINDOWS\INF
2020-12-10 18:51:37 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2020-12-10 18:51:12 ----D---- C:\WINDOWS\debug
2020-12-10 18:51:12 ----D---- C:\Windows
2020-12-10 18:50:37 ----D---- C:\WINDOWS\system32\WDI
2020-12-10 18:49:09 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2020-12-10 18:49:02 ----A---- C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2020-12-10 18:48:50 ----D---- C:\WINDOWS\system32\SleepStudy
2020-12-10 18:20:07 ----D---- C:\WINDOWS\Logs
2020-12-10 18:19:59 ----D---- C:\ProgramData\Synaptics
2020-12-10 18:19:54 ----ASH---- C:\DumpStack.log.tmp
2020-12-10 18:19:51 ----D---- C:\WINDOWS\SysWOW64
2020-12-10 18:19:50 ----D---- C:\WINDOWS\system32\drivers
2020-12-10 18:19:15 ----D---- C:\WINDOWS\system32\sru
2020-12-10 17:43:56 ----D---- C:\WINDOWS\AppReadiness
2020-12-10 17:43:55 ----HD---- C:\Program Files\WindowsApps
2020-12-10 17:40:53 ----D---- C:\WINDOWS\system32\LogFiles
2020-12-10 17:31:29 ----D---- C:\WINDOWS\system32\config
2020-12-04 19:48:13 ----D---- C:\ProgramData\CanonIJPLM
2020-12-04 19:46:41 ----HD---- C:\ProgramData
2020-12-04 19:46:32 ----RSD---- C:\WINDOWS\Media
2020-12-04 19:17:45 ----RD---- C:\WINDOWS\Microsoft.NET
2020-12-04 19:00:48 ----D---- C:\WINDOWS\system32\FxsTmp
2020-12-04 18:51:20 ----D---- C:\WINDOWS\system32\drivers\wd
2020-12-02 21:18:40 ----D---- C:\WINDOWS\WinSxS
2020-12-02 21:06:53 ----D---- C:\WINDOWS\system32\catroot2
2020-12-02 18:15:56 ----D---- C:\WINDOWS\system32\DriverStore
2020-12-02 18:06:19 ----D---- C:\WINDOWS\system32\Tasks
2020-11-22 22:25:41 ----D---- C:\WINDOWS\LiveKernelReports
2020-11-20 22:02:57 ----D---- C:\WINDOWS\CbsTemp
2020-11-20 21:52:39 ----D---- C:\WINDOWS\system32\MRT
2020-11-20 21:52:23 ----AC---- C:\WINDOWS\system32\MRT.exe
2020-11-20 21:44:54 ----RD---- C:\WINDOWS\assembly
2020-11-20 21:40:56 ----SHD---- C:\Boot
2020-11-20 21:37:46 ----D---- C:\WINDOWS\SYSWOW64\wbem
2020-11-20 21:37:46 ----D---- C:\WINDOWS\SYSWOW64\sk-SK
2020-11-20 21:37:46 ----D---- C:\WINDOWS\SYSWOW64\setup
2020-11-20 21:37:45 ----D---- C:\WINDOWS\SYSWOW64\migration
2020-11-20 21:37:45 ----D---- C:\WINDOWS\SYSWOW64\en-US
2020-11-20 21:37:40 ----D---- C:\WINDOWS\SystemResources
2020-11-20 21:37:39 ----D---- C:\WINDOWS\system32\WinBioPlugIns
2020-11-20 21:37:39 ----D---- C:\WINDOWS\system32\wbem
2020-11-20 21:37:38 ----D---- C:\WINDOWS\system32\sk-SK
2020-11-20 21:37:38 ----D---- C:\WINDOWS\system32\setup
2020-11-20 21:37:38 ----D---- C:\WINDOWS\system32\oobe
2020-11-20 21:37:38 ----D---- C:\WINDOWS\system32\migwiz
2020-11-20 21:37:38 ----D---- C:\WINDOWS\system32\migration
2020-11-20 21:37:38 ----D---- C:\WINDOWS\system32\en-US
2020-11-20 21:37:25 ----D---- C:\WINDOWS\sk-SK
2020-11-20 21:37:25 ----D---- C:\WINDOWS\ShellExperiences
2020-11-20 21:37:25 ----D---- C:\WINDOWS\PolicyDefinitions
2020-11-20 21:37:24 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2020-11-20 21:37:24 ----D---- C:\WINDOWS\en-US
2020-11-20 21:37:24 ----D---- C:\WINDOWS\bcastdvr
2020-11-20 21:37:23 ----D---- C:\WINDOWS\apppatch
2020-11-20 21:37:23 ----D---- C:\Program Files\Windows Defender Advanced Threat Protection
2020-11-20 19:53:42 ----D---- C:\WINDOWS\servicing
2020-11-20 19:45:34 ----A---- C:\WINDOWS\SYSWOW64\PrintConfig.dll
2020-11-20 19:17:19 ----HD---- C:\$WinREAgent
2020-11-11 19:50:37 ----DC---- C:\WINDOWS\Panther

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 hpdskflt;@oem52.inf,%service_desc%;HP Disk Filter; C:\WINDOWS\System32\drivers\hpdskflt.sys [2020-10-28 65448]
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2017-04-19 1469952]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\WINDOWS\system32\drivers\iorate.sys [2019-12-07 57360]
R0 MsSecFlt;@%SystemRoot%\System32\Drivers\mssecflt.sys,-1001; C:\WINDOWS\system32\drivers\mssecflt.sys [2020-10-24 293176]
R1 afunix;afunix; C:\WINDOWS\system32\drivers\afunix.sys [2020-10-24 41984]
R1 bam;@%SystemRoot%\system32\drivers\bam.sys,-100; C:\WINDOWS\system32\drivers\bam.sys [2019-12-07 78136]
R1 CimFS;CimFS; C:\WINDOWS\system32\drivers\CimFS.sys [2019-12-07 91136]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2019-12-07 59392]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2019-12-07 8704]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\WINDOWS\system32\drivers\HWiNFO64A.SYS [2018-04-07 27552]
R2 bindflt;@%systemroot%\system32\drivers\bindflt.sys,-100; C:\WINDOWS\system32\drivers\bindflt.sys [2020-10-24 143160]
R2 CldFlt;Windows Cloud Files Filter Driver; C:\WINDOWS\system32\drivers\cldflt.sys [2020-10-24 491520]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2020-10-24 53248]
R3 Accelerometer;@oem52.inf,%accelerometer_desc%;HP Mobile Data Protection Sensor; C:\WINDOWS\System32\drivers\Accelerometer.sys [2020-10-28 54696]
R3 bcbtums;@oem1.inf,%BCBTUMS.SvcDesc%;Bluetooth RAM Firmware Download USB Filter; C:\WINDOWS\system32\drivers\bcbtums.sys [2016-01-20 208192]
R3 BCM43XX;@oem15.inf,%BCM43XX_Service_DispName%;Broadcom 802.11 - ovládač sieťového adaptéru; C:\WINDOWS\system32\DRIVERS\bcmwl63a.sys [2013-09-13 7480496]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\WINDOWS\System32\drivers\BthEnum.sys [2020-10-24 113664]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [2020-10-24 106496]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2019-12-07 133632]
R3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\WINDOWS\System32\drivers\BTHport.sys [2020-10-24 1548288]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\WINDOWS\System32\drivers\BTHUSB.sys [2020-10-24 110592]
R3 btwavdt;@oem34.inf,%btwavdt.SVCDESC%;Bluetooth AVDT Service; C:\WINDOWS\system32\DRIVERS\btwavdt.sys [2017-04-10 244952]
R3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\WINDOWS\System32\drivers\CAD.sys [2019-12-07 66576]
R3 e1dexpress;@oem40.inf,%e1dExpress.Service.DispName%;Intel(R) PRO/1000 PCI Express Network Connection Driver D; C:\WINDOWS\System32\DriverStore\FileRepository\e1d68x64.inf_amd64_26255692c8b1c6b6\e1d68x64.sys [2020-10-01 600936]
R3 HpqKbFiltr;@oem3.inf,%HpqKbFiltr.SvcDesc%;HpqKbFilter Driver; C:\WINDOWS\System32\drivers\HpqKbFiltr64.sys [2015-06-17 37112]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2020-06-04 7991392]
R3 MEIx64;@oem24.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys [2017-10-17 206496]
R3 MsQuic;@%SystemRoot%\system32\drivers\msquic.sys,-1; C:\WINDOWS\system32\drivers\msquic.sys [2020-10-24 322376]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2019-12-07 213504]
S0 bttflt;@virtdisk.inf,%service_desc%;Microsoft Hyper-V VHDPMEM BTT Filter; C:\WINDOWS\System32\drivers\bttflt.sys [2019-12-07 43832]
S0 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2019-12-07 319800]
S0 iaStorAVC;@iastorav.inf,%iaStorAVC.DeviceDesc%;Intel Chipset SATA RAID Controller; C:\WINDOWS\System32\drivers\iaStorAVC.sys [2019-12-07 884752]
S0 ItSas35i;ItSas35i; C:\WINDOWS\System32\drivers\ItSas35i.sys [2019-12-07 172344]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2019-12-07 124216]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2019-12-07 135992]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2019-12-07 81720]
S0 megasas35i;megasas35i; C:\WINDOWS\System32\drivers\megasas35i.sys [2019-12-07 105480]
S0 nvdimm;@nvdimm.inf,%nvdimm.SvcDesc%;Microsoft NVDIMM device driver; C:\WINDOWS\System32\drivers\nvdimm.sys [2019-12-07 168464]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2019-12-07 58680]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2019-12-07 68408]
S0 pmem;@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver; C:\WINDOWS\System32\drivers\pmem.sys [2019-12-07 138040]
S0 Ramdisk;Windows RAM Disk Driver; C:\WINDOWS\system32\DRIVERS\ramdisk.sys [2019-12-07 42296]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2019-12-07 158736]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2019-12-07 23040]
S3 Acx01000;@%SystemRoot%\system32\drivers\Acx01000.sys,-1000; C:\WINDOWS\system32\drivers\Acx01000.sys [2019-12-07 415232]
S3 amdgpio2;@amdgpio2.inf,%GPIO.SvcDesc%;AMD GPIO Client Driver; C:\WINDOWS\System32\drivers\amdgpio2.sys [2019-12-07 18432]
S3 amdi2c;@amdi2c.inf,%amdi2c.SVCDESC%;AMD I2C Controller Service; C:\WINDOWS\System32\drivers\amdi2c.sys [2019-12-07 45568]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2020-10-24 18432]
S3 AppvStrm;@%systemroot%\system32\drivers\AppvStrm.sys,-101; C:\WINDOWS\system32\drivers\AppvStrm.sys [2019-12-07 138272]
S3 AppvVemgr;@%systemroot%\system32\drivers\AppvVemgr.sys,-101; C:\WINDOWS\system32\drivers\AppvVemgr.sys [2019-12-07 174608]
S3 AppvVfs;@%systemroot%\system32\drivers\AppvVfs.sys,-101; C:\WINDOWS\system32\drivers\AppvVfs.sys [2019-12-07 154936]
S3 BthA2dp;@microsoft_bluetooth_a2dp.inf,%BthA2dp.ServiceDescription%;Microsoft Bluetooth A2dp driver; C:\WINDOWS\System32\drivers\BthA2dp.sys [2019-12-07 279040]
S3 BthMini;@bth.inf,%BTHMINI.SvcDesc%;Bluetooth Radio Driver; C:\WINDOWS\System32\drivers\BTHMINI.sys [2020-10-24 45568]
S3 btwampfl;@oem1.inf,%btwampfl.ServiceName%;btwampfl; C:\WINDOWS\system32\DRIVERS\btwampfl.sys [2016-01-20 224560]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2019-12-07 44032]
S3 e1i65x64;@net1ic64.inf,%e1iExpress.Service.DispName%;Intel(R) PRO/1000 PCI Express Network Connection Driver I; C:\WINDOWS\System32\drivers\e1i65x64.sys [2019-12-07 553984]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\DriverStore\FileRepository\genericusbfn.inf_amd64_53931f0ae21d6d2c\genericusbfn.sys [2019-12-07 23040]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2019-12-07 55824]
S3 hidspi;@hidspi_km.inf,%hidspi.SVCDESC%;Microsoft SPI HID Miniport Driver; C:\WINDOWS\System32\drivers\hidspi.sys [2019-12-07 66560]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2020-11-20 95048]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver; C:\WINDOWS\System32\Drivers\mshwnclx.sys [2019-12-07 30208]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2019-12-07 1853752]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2019-12-07 36352]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2019-12-07 91136]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2019-12-07 79360]
S3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2019-12-07 93184]
S3 iaLPSS2i_GPIO2_CNL;@iaLPSS2i_GPIO2_CNL.inf,%iaLPSS2i_GPIO2_CNL.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_CNL.sys [2019-12-07 112128]
S3 iaLPSS2i_GPIO2_GLK;@iaLPSS2i_GPIO2_GLK.inf,%iaLPSS2i_GPIO2_GLK.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_GLK.sys [2019-12-07 96256]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2019-12-07 171520]
S3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2019-12-07 175104]
S3 iaLPSS2i_I2C_CNL;@iaLPSS2i_I2C_CNL.inf,%iaLPSS2i_I2C_CNL.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_CNL.sys [2019-12-07 177152]
S3 iaLPSS2i_I2C_GLK;@iaLPSS2i_I2C_GLK.inf,%iaLPSS2i_I2C_GLK.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_GLK.sys [2019-12-07 177664]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2019-12-07 558904]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2020-10-24 47104]
S3 IntcDAud;@oem20.inf,%IntcDAud.SvcDesc%;Intel(R) Zvuk pre obrazovky; C:\WINDOWS\System32\drivers\IntcDAud.sys [2018-05-09 480176]
S3 intelpmax;@intelpmax.inf,%SvcDesc%;Intel(R) Dynamic Device Peak Power Manager Driver; C:\WINDOWS\System32\drivers\intelpmax.sys [2019-12-07 30720]
S3 IPT;IPT; C:\WINDOWS\System32\drivers\ipt.sys [2019-12-07 59704]
S3 ksapi64;ksapi64; \??\C:\WINDOWS\system32\drivers\ksapi64.sys [2018-02-08 89776]
S3 libusb0;libusb-win32 - Kernel Driver 01/18/2012 1.2.6.0; C:\WINDOWS\system32\DRIVERS\libusb0.sys [2019-10-17 72224]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\WINDOWS\System32\drivers\mausbhost.sys [2019-12-07 537608]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\WINDOWS\System32\drivers\mausbip.sys [2019-12-07 64016]
S3 MbbCx;MBB Network Adapter Class Extension; C:\WINDOWS\system32\drivers\MbbCx.sys [2020-10-24 386048]
S3 Microsoft_Bluetooth_AvrcpTransport;@microsoft_bluetooth_avrcptransport.inf,%Microsoft_Bluetooth_AvrcpTransport.ServiceDescription%;Microsoft Bluetooth Avrcp Transport Driver; C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.AvrcpTransport.sys [2019-12-07 65024]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2019-12-07 1131320]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2019-12-07 146232]
S3 NDKPing;NDKPing Driver; C:\WINDOWS\system32\drivers\NDKPing.sys [2019-12-07 72720]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2020-10-24 207360]
S3 PktMon;Packet Monitor Driver; C:\WINDOWS\system32\drivers\PktMon.sys [2020-11-20 104760]
S3 PNPMEM;@memory.inf,%PNPMEM.SvcDesc%;Microsoft Memory Module Driver; C:\WINDOWS\System32\drivers\pnpmem.sys [2019-12-07 17408]
S3 portcfg;portcfg; C:\WINDOWS\System32\drivers\portcfg.sys [2019-12-07 27136]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2019-12-07 990008]
S3 rhproxy;@rhproxy.inf,%rhproxy.SVCDESC%;Resource Hub proxy driver; C:\WINDOWS\System32\drivers\rhproxy.sys [2019-12-07 115712]
S3 RTSPER;@oem5.inf,%Rts5227PER%;Realtek PCIE Card Reader - PER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [2017-05-15 782816]
S3 SDFRd;@SDFRd.inf,%SDFRd.ServiceDesc%;SDF Reflector; C:\WINDOWS\System32\drivers\SDFRd.sys [2019-12-07 35128]
S4 hvcrash;hvcrash; C:\WINDOWS\System32\drivers\hvcrash.sys [2019-12-07 35128]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2020-11-03 170056]
R2 BcmBtRSupport;@oem1.inf,%BlueBcmBtRSupport.SVCNAME%;Bluetooth Driver Management Service; C:\WINDOWS\system32\BtwRSupportService.exe [2016-01-20 2286872]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-24 57360]
R2 CDPUserSvc_120f81;Connected Devices Platform User Service_120f81; C:\WINDOWS\system32\svchost.exe [2020-10-24 57360]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2020-10-24 57360]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2020-10-24 57360]
R2 DispBrokerDesktopSvc;@%SystemRoot%\system32\dispbroker.desktop.dll,-101; C:\WINDOWS\system32\svchost.exe [2020-10-24 57360]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; C:\WINDOWS\System32\svchost.exe [2020-10-24 57360]
R2 fpCsEvtSvc;@oem43.inf,%fpCSEvtService_SvcDesc%;fpCSEvtSvc; C:\WINDOWS\system32\fpCSEvtSvc.exe [2017-05-22 22488]
R2 igfxCUIService2.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\system32\igfxCUIService.exe [2020-06-04 372320]
R2 OneSyncSvc_120f81;Sync Host_120f81; C:\WINDOWS\system32\svchost.exe [2020-10-24 57360]
R3 BcastDVRUserService_120f81;GameDVR and Broadcast User Service_120f81; C:\WINDOWS\system32\svchost.exe [2020-10-24 57360]
R3 BTAGService;@%SystemRoot%\system32\BTAGService.dll,-101; C:\WINDOWS\system32\svchost.exe [2020-10-24 57360]
R3 BthAvctpSvc;@%SystemRoot%\system32\BthAvctpSvc.dll,-101; C:\WINDOWS\system32\svchost.exe [2020-10-24 57360]
R3 camsvc;@%SystemRoot%\system32\CapabilityAccessManager.dll,-1; C:\WINDOWS\system32\svchost.exe [2020-10-24 57360]
R3 cbdhsvc_120f81;Používateľská služba schránky_120f81; C:\WINDOWS\system32\svchost.exe [2020-10-24 57360]
R3 DisplayEnhancementService;@%SystemRoot%\System32\Microsoft.Graphics.Display.DisplayEnhancementService.dll,-1000; C:\WINDOWS\system32\svchost.exe [2020-10-24 57360]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2019-11-08 46184]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2020-10-24 57360]
R3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2020-10-24 57360]
R3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-24 57360]
R3 PimIndexMaintenanceSvc_120f81;Kontaktné údaje_120f81; C:\WINDOWS\system32\svchost.exe [2020-10-24 57360]
R3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\WINDOWS\System32\svchost.exe [2020-10-24 57360]
R3 SecurityHealthService;@%systemroot%\system32\SecurityHealthAgent.dll,-1002; C:\WINDOWS\system32\SecurityHealthService.exe [2020-11-20 983408]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-24 57360]
S2 edgeupdate;Služba Microsoft Edge Update (edgeupdate); C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [2020-07-19 224160]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-07-01 153168]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2020-10-24 57360]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2020-10-24 57360]
S3 AarSvc;@%SystemRoot%\system32\AarSvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-24 57360]
S3 AarSvc_120f81;Agent Activation Runtime_120f81; C:\WINDOWS\system32\svchost.exe [2020-10-24 57360]
S3 AdobeUpdateService;AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [2017-09-20 817760]
S3 AGMService;Adobe Genuine Monitor Service; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2019-07-04 3117648]
S3 AGSService;Adobe Genuine Software Integrity Service; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2019-07-04 2888272]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2020-10-24 57360]
S3 AssignedAccessManagerSvc;@%SystemRoot%\system32\assignedaccessmanagersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-24 57360]
S3 autotimesvc;@%SystemRoot%\System32\autotimesvc.dll,-6; C:\WINDOWS\system32\svchost.exe [2020-10-24 57360]
S3 BcastDVRUserService;@%SystemRoot%\system32\BcastDVRUserService.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-24 57360]
S3 BluetoothUserService;@%SystemRoot%\system32\Microsoft.Bluetooth.UserService.dll,-101; C:\WINDOWS\system32\svchost.exe [2020-10-24 57360]
S3 BluetoothUserService_120f81;Služba podpory používateľov rozhrania Bluetooth_120f81; C:\WINDOWS\system32\svchost.exe [2020-10-24 57360]
S3 CaptureService;@%SystemRoot%\system32\CaptureService.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-24 57360]
S3 CaptureService_120f81;CaptureService_120f81; C:\WINDOWS\system32\svchost.exe [2020-10-24 57360]
S3 cbdhsvc;@%SystemRoot%\system32\cbdhsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-24 57360]
S3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2020-10-24 57360]
S3 ConsentUxUserSvc;@%SystemRoot%\system32\ConsentUxClient.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-24 57360]
S3 ConsentUxUserSvc_120f81;ConsentUX_120f81; C:\WINDOWS\system32\svchost.exe [2020-10-24 57360]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2020-06-04 394640]
S3 CredentialEnrollmentManagerUserSvc;@%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100; C:\WINDOWS\system32\CredentialEnrollmentManager.exe [2020-10-24 385240]
S3 CredentialEnrollmentManagerUserSvc_120f81;CredentialEnrollmentManagerUserSvc_120f81; C:\WINDOWS\system32\CredentialEnrollmentManager.exe [2020-10-24 385240]
S3 DeviceAssociationBrokerSvc;@%SystemRoot%\system32\deviceaccess.dll,-107; C:\WINDOWS\system32\svchost.exe [2020-10-24 57360]
S3 DeviceAssociationBrokerSvc_120f81;DeviceAssociationBroker_120f81; C:\WINDOWS\system32\svchost.exe [2020-10-24 57360]
S3 DevicePickerUserSvc;@%SystemRoot%\system32\Windows.Devices.Picker.dll,-1006; C:\WINDOWS\system32\svchost.exe [2020-10-24 57360]
S3 DevicePickerUserSvc_120f81;DevicePicker_120f81; C:\WINDOWS\system32\svchost.exe [2020-10-24 57360]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; C:\WINDOWS\system32\svchost.exe [2020-10-24 57360]
S3 DevicesFlowUserSvc_120f81;DevicesFlow_120f81; C:\WINDOWS\system32\svchost.exe [2020-10-24 57360]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-24 57360]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2020-10-24 94208]
S3 diagsvc;@%systemroot%\system32\DiagSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2020-10-24 57360]
S3 DigitalWave.Update.Service;Digital Wave Update Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [2017-09-13 440808]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-24 57360]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2020-10-24 57360]
S3 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2020-10-24 57360]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2020-10-24 57360]
S3 edgeupdatem;Služba Microsoft Edge Update (edgeupdatem); C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [2020-07-19 224160]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\WINDOWS\System32\svchost.exe [2020-10-24 57360]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2020-10-24 57360]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2020-10-24 57360]
S3 Freemake Improver;Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [2016-05-26 108032]
S3 GoogleChromeElevationService;Google Chrome Elevation Service; C:\Program Files (x86)\Google\Chrome\Application\87.0.4280.88\elevation_service.exe [2020-12-02 1426928]
S3 GraphicsPerfSvc;@%SystemRoot%\system32\GraphicsPerfSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2020-10-24 57360]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-07-01 153168]
S3 hpHotkeyMonitor;hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [2015-06-22 684624]
S3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [2015-05-15 1102472]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-24 57360]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2020-10-24 57360]
S3 IJPLMSVC;Canon Inkjet Printer/Scanner/Fax Extended Survey Program; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [2013-06-28 84616]
S3 InstallService;@%SystemRoot%\system32\InstallService.dll,-200; C:\WINDOWS\System32\svchost.exe [2020-10-24 57360]
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; C:\WINDOWS\System32\svchost.exe [2020-10-24 57360]
S3 LxpSvc;@%SystemRoot%\system32\LanguageOverlayServer.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-24 57360]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-24 57360]
S3 MessagingService_120f81;MessagingService_120f81; C:\WINDOWS\system32\svchost.exe [2020-10-24 57360]
S3 MicrosoftEdgeElevationService;Microsoft Edge Elevation Service; C:\Program Files (x86)\Microsoft\Edge\Application\87.0.664.57\elevation_service.exe [2020-12-05 1573776]
S3 MixedRealityOpenXRSvc;@%SystemRoot%\system32\MixedRealityRuntime.dll,-101; C:\WINDOWS\system32\svchost.exe [2020-10-24 57360]
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-24 57360]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2020-10-24 57360]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 perceptionsimulation;@%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101; C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe [2020-10-24 105984]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2020-10-24 57360]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2020-10-24 57360]
S3 postgresql-x64-9.5;postgresql-x64-9.5 - PostgreSQL Server 9.5; C:\Program Files\PostgreSQL\9.5\bin\pg_ctl.exe [2016-08-09 94208]
S3 PrintWorkflowUserSvc;@%SystemRoot%\system32\PrintWorkflowService.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-24 57360]
S3 PrintWorkflowUserSvc_120f81;PrintWorkflow_120f81; C:\WINDOWS\system32\svchost.exe [2020-10-24 57360]
S3 PushToInstall;@%SystemRoot%\system32\pushtoinstall.dll,-200; C:\WINDOWS\System32\svchost.exe [2020-10-24 57360]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2020-10-24 57360]
S3 SEMgrSvc;@%SystemRoot%\System32\SEMgrSvc.dll,-1001; C:\WINDOWS\system32\svchost.exe [2020-10-24 57360]
S3 Sense;@%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2020-11-20 5101992]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2019-12-07 1263104]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2020-10-24 57360]
S4 AppVClient;@%systemroot%\system32\AppVClient.exe,-102; C:\WINDOWS\system32\AppVClient.exe [2020-10-24 756552]

-----------------EOF-----------------

[Rudy]

Zdravím!
Dejte logy FRST+Addition: https://forum.viry.cz/viewtopic.php?f=13&t=154679 . RSIT není s desítkami plně kompatibilní. Děluji.

[Roninus]

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-12-2020
Ran by ronin (11-12-2020 17:33:04)
Running from C:\Users\ronin\Downloads
Windows 10 Pro Version 20H2 19042.630 (X64) (2020-10-24 20:26:52)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3769689683-3705519010-605967400-500 - Administrator - Disabled)
ALINC (S-1-5-21-3769689683-3705519010-605967400-1002 - Administrator - Enabled)
DefaultAccount (S-1-5-21-3769689683-3705519010-605967400-503 - Limited - Disabled)
Guest (S-1-5-21-3769689683-3705519010-605967400-501 - Limited - Disabled)
postgres (S-1-5-21-3769689683-3705519010-605967400-1005 - Limited - Enabled) => C:\Users\postgres
ronin (S-1-5-21-3769689683-3705519010-605967400-1001 - Administrator - Enabled) => C:\Users\ronin
WDAGUtilityAccount (S-1-5-21-3769689683-3705519010-605967400-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.3.0.256 - Adobe Systems Incorporated)
Adobe Lightroom (HKLM-x32\...\{8048A5DF-8A70-5BE1-954B-E0FDE1BD0D0D}) (Version: 6.1 - Adobe Systems Incorporated)
Adobe Photoshop CC 2015 (HKLM-x32\...\{793C2BF7-A4FE-4608-91C9-9282C5801C21}) (Version: 16.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.23) - Slovak (HKLM-x32\...\{AC76BA86-7AD7-1051-7B44-AB0000000001}) (Version: 11.0.23 - Adobe Systems Incorporated)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Avast Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.4.136.333 - AVAST Software) Hidden
AVS Update Manager 1.0 (HKLM-x32\...\AVS Update Manager_is1) (Version: - Online Media Technologies Ltd.)
C:\Program Files\Adobe\Adobe Lightroom\LRcestina_uninstall.exe (HKLM-x32\...\CZ Lokalizace pro Lightroom CC 2015.1 a 6.0_is1) (Version: 1.1 - )
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: 1.5.2.3 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.1.10.15 - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 4.2.0 - Canon Inc.)
Canon MG2900 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG2900_series) (Version: 1.01 - Canon Inc.)
Canon MG2900 series On-screen Manual (HKLM-x32\...\Canon MG2900 series On-screen Manual) (Version: 7.7.1 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.3.0 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.66 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.7.6282 - CDBurnerXP)
DaVinci Resolve (HKLM\...\{9438E188-F562-4409-8748-D76B94FF104D}) (Version: 15.2.2007 - Blackmagic Design)
DaVinci Resolve Panels (HKLM\...\{B1782967-E600-4BBD-B2F1-AEF3F2FE0A12}) (Version: 1.2.1.0 - Blackmagic Design)
DJI Assistant 2 version V1.2.5 (HKLM-x32\...\{D939E096-78F1-4A32-A711-C1AD3F3D082A}_is1) (Version: V1.2.5 - DJI)
eosmsgV5 (HKLM-x32\...\{1FA2CD22-3B84-4C08-997A-1EDDC9366772}) (Version: 5.3.8 - Shen Zhen CammsG CO.LTD)
Fairlight Studio Utility (HKLM\...\{B398FA50-A725-4837-A2A8-6DB38FB6FC0F}) (Version: 1.1.0.0 - Blackmagic Design)
Free Audio Converter (HKLM-x32\...\Free Audio Converter_is1) (Version: 5.1.6.913 - Digital Wave Ltd)
Freemake Video Converter verzia 4.1.9 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.9 - Ellora Assets Corporation)
FreeShutterCount V1.54 (HKLM-x32\...\FreeShutterCount_is1) (Version: 1.54.0.0 - FreeShutterCount)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 87.0.4280.88 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.51 - Google LLC) Hidden
HP Hotkey Support (HKLM-x32\...\{6E7401DB-B722-4428-BE94-DD4740CF6464}) (Version: 5.0.28.1 - Hewlett-Packard Company)
HWiNFO64 Version 5.74 (HKLM\...\HWiNFO64_is1) (Version: 5.74 - Martin Malík - REALiX)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6499.0 - IDT)
Inbox Storage (HKLM-x32\...\{8E262F9D-DDEA-4F30-85CD-FD5C28613894}_is1) (Version: 1.0.0.32 - Xacti, LLC)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.5126 - Intel Corporation)
Intel® Chipset Device Software (HKLM-x32\...\{bb0592a7-5772-4736-9d55-2402740085db}) (Version: 10.1.1.38 - Intel(R) Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 87.0.664.57 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.139.59 - )
Microsoft Office Word Viewer 2003 (HKLM-x32\...\{9085041B-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3769689683-3705519010-605967400-1001\...\OneDriveSetup.exe) (Version: 20.169.0823.0008 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{97238E8A-4919-4A1E-965A-C6C36938F4CE}) (Version: 2.68.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.5.4 - Notepad++ Team)
OLYMPUS Digital Camera Updater (HKLM-x32\...\{962428F4-2E99-4AD2-B55D-B468C18A8A89}) (Version: 2.0.0 - Olympus Corporation)
Olympus Workspace (HKLM-x32\...\{3AC85359-EE06-405B-9C8B-A161959F30F2}) (Version: 1.2.0 - Olympus Corporation)
OpenShot Video Editor verze 2.4.3 (HKLM\...\{4BB0DCDC-BC24-49EC-8937-72956C33A470}_is1) (Version: 2.4.3 - OpenShot Studios, LLC)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.255 - Google, Inc.)
PostgreSQL 9.5 (HKLM\...\PostgreSQL 9.5) (Version: 9.5 - PostgreSQL Global Development Group)
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.15063.21300 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Registrácia používateľa produktu Canon MG2900 series (HKLM-x32\...\Registrácia používateľa produktu Canon MG2900 series) (Version: - ‭Canon Inc.)
SIGMA Optimization Pro (HKLM-x32\...\{A75A7BEA-7A33-46FF-A2CD-3B0AF8023903}) (Version: 1.6.0.13 - SIGMA CORPORATION)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.19.63 - Synaptics Incorporated)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation)
Vegas Pro 13.0 (64-bit) (HKLM\...\{1EEE0BEE-0BC8-11E5-A19E-F04DA23A5C58}) (Version: 13.0.453 - Sony)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.8 - VideoLAN)
Windows Driver Package - Broadcom Corp. (btwavdt) BluetoothVirtual (10/26/2015 6.5.1.6800) (HKLM\...\627F5D105FD8AD9683147A6D517C7D0DD4C901F1) (Version: 10/26/2015 6.5.1.6800 - Broadcom Corp.)
Windows Driver Package - HP (WirelessButtonDriver64) HIDClass (06/20/2017 1.1.20.1) (HKLM\...\990960E62BD0700A1AAC3331807F138303F458C2) (Version: 06/20/2017 1.1.20.1 - HP)
Windows Driver Package - Intel (MEIx64) System (10/03/2017 11.7.0.1045) (HKLM\...\623E6BEBFE0E32D8AD88825BDC5B643D996BCA93) (Version: 10/03/2017 11.7.0.1045 - Intel)
Windows Driver Package - Intel Corporation (iaStorA) HDC (04/10/2017 14.8.16.1063) (HKLM\...\1956B72D229BA5E262A8828A81DB9133B5F111B2) (Version: 04/10/2017 14.8.16.1063 - Intel Corporation)
Windows Driver Package - Intel Corporation (iaStorA) SCSIAdapter (04/10/2017 14.8.16.1063) (HKLM\...\7B099E88B288543F1ED20B3C3332D4B1B2E6A621) (Version: 04/10/2017 14.8.16.1063 - Intel Corporation)
Windows Driver Package - OLYMPUS IMAGING CORP. Camera Communication Driver Package (09/09/2009 1.0.0.0) (HKLM\...\2C1C2F29FADF39F533CEEE67B90F07A5306A4BDB) (Version: 09/09/2009 1.0.0.0 - OLYMPUS IMAGING CORP.)
Windows Driver Package - Ross-Tech HIDClass (01/05/2014 6.3.0.3) (HKLM\...\3A9B09BBD4F12A76FBBD3A428729660930BA5F13) (Version: 01/05/2014 6.3.0.3 - Ross-Tech)
Windows Driver Package - Ross-Tech USB Driver Package (05/12/2014 2.10.00) (HKLM\...\88B02C4BD09AA7910C55C4E74BE8F036244B5CF9) (Version: 05/12/2014 2.10.00 - Ross-Tech)
WinRAR 5.70 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)
Zoner Photo Studio X (HKLM\...\ZonerPhotoStudioX_CZ_is1) (Version: 19.1904.2.139 - ZONER software)

Packages:
=========
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-07] (Autodesk Inc.)
Canon Inkjet Print Utility -> C:\Program Files\WindowsApps\34791E63.CanonInkjetPrintUtility_2.9.0.1_neutral__6e5tt8cgb93ep [2020-03-07] (Canon Inc.)
Cortana -> C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_1.1911.21713.0_x64__8wekyb3d8bbwe [2019-12-07] (Microsoft Corporation)
Doplnok mediálneho nástroja pre Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-11-11] (Microsoft Corporation)
Doplnok pre Fotografie -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2017.39121.36610.0_x64__8wekyb3d8bbwe [2018-09-17] (Microsoft Corporation)
Keeper - Password Manager & Secure File Storage -> C:\Program Files\WindowsApps\KeeperSecurityInc.Keeper_14.0.33.0_x64__kejf07qmg0jnm [2019-07-30] (Keeper Security Inc)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-14] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-14] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.5012.0_x64__8wekyb3d8bbwe [2020-05-05] (Microsoft Studios) [MS Ad]
MSN Počasie -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-24] (Microsoft Corporation) [MS Ad]
Raw Image Extension -> C:\Program Files\WindowsApps\Microsoft.RawImageExtension_1.0.30761.0_x64__8wekyb3d8bbwe [2020-05-05] (Microsoft Corporation)
Rozšírenie pre video MPEG-2 -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.22661.0_x64__8wekyb3d8bbwe [2019-09-30] (Microsoft Corporation)
Skype -> C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.56.102.0_x64__kzf8qxf38zg5c [2020-02-05] (Skype)
Váš telefón -> C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20041.91.0_x64__8wekyb3d8bbwe [2020-05-20] (Microsoft Corporation)
WinOpener -> C:\Program Files\WindowsApps\DeviceDoctor.WinOpener_2.1.32.0_x64__mkdtfchztkfbm [2018-04-07] (Tiny Opener)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3769689683-3705519010-605967400-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems Incorporated -> Adobe Systems)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers4: [WinRAR] -> [CC]{B41DB860-64E4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers4: [WinRAR32] -> [CC]{B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2020-06-04] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [msacm.voxacm160] => C:\Windows\SysWOW64\vct3216.acm [82944 2003-05-21] (Voxware, Inc.) [File not signed]
HKLM\...\Drivers32: [msacm.scg726] => C:\Windows\SysWOW64\scg726.acm [13239 2000-03-14] (SHARP Corporation) [File not signed]
HKLM\...\Drivers32: [msacm.alf2cd] => C:\Windows\SysWOW64\alf2cd.acm [38912 2003-05-21] (NCT Company) [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\SysWOW64\AC3ACM.acm [81920 2004-02-04] (fccHandler) [File not signed]
HKLM\...\Drivers32: [vidc.dvsd] => C:\Windows\SysWOW64\mcdvd_32.dll [261632 2007-09-27] (MainConcept) [File not signed]
HKLM\...\Drivers32: [vidc.xvid] => C:\Windows\SysWOW64\xvidvfw.dll [139264 2007-09-27] () [File not signed]
HKLM\...\Drivers32: [vidc.DIVX] => C:\Windows\SysWOW64\DivX.dll [638976 2007-09-27] (DivXNetworks, Inc.) [File not signed]
HKLM\...\Drivers32: [vidc.mpg4] => C:\Windows\SysWOW64\mpg4c32.dll [413760 2007-09-27] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [vidc.mp42] => C:\Windows\SysWOW64\mpg4c32.dll [413760 2007-09-27] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [vidc.mp43] => C:\Windows\SysWOW64\mpg4c32.dll [413760 2007-09-27] (Microsoft Corporation) [File not signed]

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2017-08-19 20:03 - 2014-03-17 18:15 - 000375296 _____ (CANON INC.) [File not signed] C:\WINDOWS\System32\CNMN6PPM.DLL

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

SearchScopes: HKU\S-1-5-21-3769689683-3705519010-605967400-1001 -> {1E9A8010-5408-41D0-9A24-35C6E31B7C81} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2017-03-18 22:03 - 2019-02-16 12:09 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3769689683-3705519010-605967400-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\ronin\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\{38a10c1c-bbc6-42bf-86c8-5c01dd78233d}.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "SysTrayApp"
HKLM\...\StartupApproved\Run: => "HPRadioMgr"
HKLM\...\StartupApproved\Run32: => "QLBController"
HKLM\...\StartupApproved\Run32: => "CanonQuickMenu"
HKLM\...\StartupApproved\Run32: => "IJNetworkScannerSelectorEX"
HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run32: => "SBrowserCheck"
HKU\S-1-5-21-3769689683-3705519010-605967400-1001\...\StartupApproved\StartupFolder: => "EOS Utility.lnk"
HKU\S-1-5-21-3769689683-3705519010-605967400-1001\...\StartupApproved\Run: => "World of Tanks"
HKU\S-1-5-21-3769689683-3705519010-605967400-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-3769689683-3705519010-605967400-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-3769689683-3705519010-605967400-1001\...\StartupApproved\Run: => "Zoner Photo Studio Autoupdate"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{48A64ECC-8984-4AED-A2ED-F5FBE7FD4D8B}] => (Block) C:\program files (x86)\dji product\dji assistant 2\assistant\root.exe (SZ DJI Technology Co., Ltd. -> DJI)
FirewallRules: [{4EFAB9CE-46FE-4C1D-9690-B588DA394C29}] => (Block) C:\program files (x86)\dji product\dji assistant 2\assistant\root.exe (SZ DJI Technology Co., Ltd. -> DJI)
FirewallRules: [{FAEDF7FC-2ED5-429A-B045-095C337E9954}] => (Block) C:\program files (x86)\dji product\dji assistant 2\assistant\visionstarter2.exe (SZ DJI Technology Co., Ltd. -> )
FirewallRules: [{86E51E5A-742E-44DA-A052-8F4D64D3A99B}] => (Block) C:\program files (x86)\dji product\dji assistant 2\assistant\visionstarter2.exe (SZ DJI Technology Co., Ltd. -> )
FirewallRules: [UDP Query User{C565C4E2-7130-4F67-BABA-573978694745}C:\program files (x86)\dji product\dji assistant 2\assistant\visionstarter2.exe] => (Allow) C:\program files (x86)\dji product\dji assistant 2\assistant\visionstarter2.exe (SZ DJI Technology Co., Ltd. -> )
FirewallRules: [TCP Query User{1D026030-07EE-4DC6-97B4-43772466B0B8}C:\program files (x86)\dji product\dji assistant 2\assistant\visionstarter2.exe] => (Allow) C:\program files (x86)\dji product\dji assistant 2\assistant\visionstarter2.exe (SZ DJI Technology Co., Ltd. -> )
FirewallRules: [UDP Query User{C9154FBB-73AA-4F92-892D-05AEDBFB68C5}C:\program files (x86)\dji product\dji assistant 2\assistant\root.exe] => (Allow) C:\program files (x86)\dji product\dji assistant 2\assistant\root.exe (SZ DJI Technology Co., Ltd. -> DJI)
FirewallRules: [TCP Query User{3756E8D7-30FF-4016-9432-30C15804251E}C:\program files (x86)\dji product\dji assistant 2\assistant\root.exe] => (Allow) C:\program files (x86)\dji product\dji assistant 2\assistant\root.exe (SZ DJI Technology Co., Ltd. -> DJI)
FirewallRules: [UDP Query User{3DABF032-54F0-4610-9D10-FB9401F2D363}C:\program files (x86)\dji product\dji assistant 2 for mavic\djiengine\djiservicecore.exe] => (Allow) C:\program files (x86)\dji product\dji assistant 2 for mavic\djiengine\djiservicecore.exe (SZ DJI Technology Co., Ltd. -> )
FirewallRules: [TCP Query User{2EF611D5-F4BD-4053-97ED-B1B624F7C8C1}C:\program files (x86)\dji product\dji assistant 2 for mavic\djiengine\djiservicecore.exe] => (Allow) C:\program files (x86)\dji product\dji assistant 2 for mavic\djiengine\djiservicecore.exe (SZ DJI Technology Co., Ltd. -> )
FirewallRules: [UDP Query User{64F9DEC7-F202-46B4-AD4D-04FA45056813}C:\program files (x86)\dji product\dji assistant 2 for mavic\djiengine\djiservice.exe] => (Allow) C:\program files (x86)\dji product\dji assistant 2 for mavic\djiengine\djiservice.exe (SZ DJI Technology Co., Ltd. -> )
FirewallRules: [TCP Query User{325C8C4C-8806-413E-BFDE-E76512EA4F79}C:\program files (x86)\dji product\dji assistant 2 for mavic\djiengine\djiservice.exe] => (Allow) C:\program files (x86)\dji product\dji assistant 2 for mavic\djiengine\djiservice.exe (SZ DJI Technology Co., Ltd. -> )
FirewallRules: [UDP Query User{39AED779-A156-4F68-88E1-569DC55FE6BF}C:\program files\blackmagic design\davinci resolve\fuscript.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\fuscript.exe (Blackmagic Design Pty. Ltd.) [File not signed]
FirewallRules: [TCP Query User{606F41AA-F6C1-48F3-A42B-8CA4C1A0A02E}C:\program files\blackmagic design\davinci resolve\fuscript.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\fuscript.exe (Blackmagic Design Pty. Ltd.) [File not signed]
FirewallRules: [UDP Query User{C0F38C1B-FDA0-429A-BD10-60E2C2E28D18}C:\program files\blackmagic design\davinci resolve\davincipaneldaemon.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\davincipaneldaemon.exe () [File not signed]
FirewallRules: [TCP Query User{D1C581CD-755D-4CA7-BE94-13C527A3D366}C:\program files\blackmagic design\davinci resolve\davincipaneldaemon.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\davincipaneldaemon.exe () [File not signed]
FirewallRules: [UDP Query User{90BA4FF4-A4BB-4086-A21C-7B5BDC56FE7A}C:\program files\blackmagic design\davinci resolve\resolve.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [TCP Query User{1ECBCDB5-6FE5-4741-BBF5-AE93A73253B3}C:\program files\blackmagic design\davinci resolve\resolve.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [UDP Query User{F2531582-F870-4E91-BF0D-165A8B0C4EC4}C:\program files\blackmagic design\davinci resolve\dpdecoder.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\dpdecoder.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [TCP Query User{5E66F97B-E425-41E5-BC94-213AAC8B48C2}C:\program files\blackmagic design\davinci resolve\dpdecoder.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\dpdecoder.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [UDP Query User{975C7A3C-DB67-426F-8A11-3E0D5A44AD15}C:\program files\openshot video editor\launch.exe] => (Block) C:\program files\openshot video editor\launch.exe () [File not signed]
FirewallRules: [TCP Query User{CD1CEAA2-DBFA-4358-82DB-F8245574DFDA}C:\program files\openshot video editor\launch.exe] => (Block) C:\program files\openshot video editor\launch.exe () [File not signed]
FirewallRules: [{19CD7D7F-5D1C-4EDE-BB40-CB7D0BAF2A6B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================


==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (12/10/2020 08:08:56 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiska nemohol dokončiť opätovné vystrihnutie v (C:), pretože: Hardvér, ktorý podporuje tento zväzok, nepodporuje požadovanú operáciu. (0x8900002A)

Error: (12/10/2020 07:36:27 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiska nemohol dokončiť opätovné vystrihnutie v SYSTEM RESERVED (F:), pretože: Hardvér, ktorý podporuje tento zväzok, nepodporuje požadovanú operáciu. (0x8900002A)

Error: (12/10/2020 07:36:26 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiska nemohol dokončiť opätovné vystrihnutie v (E:), pretože: Hardvér, ktorý podporuje tento zväzok, nepodporuje požadovanú operáciu. (0x8900002A)

Error: (12/02/2020 07:26:14 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiska nemohol dokončiť opätovné vystrihnutie v SYSTEM RESERVED (F:), pretože: Hardvér, ktorý podporuje tento zväzok, nepodporuje požadovanú operáciu. (0x8900002A)

Error: (12/02/2020 07:26:14 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiska nemohol dokončiť opätovné vystrihnutie v (E:), pretože: Hardvér, ktorý podporuje tento zväzok, nepodporuje požadovanú operáciu. (0x8900002A)

Error: (11/22/2020 10:08:35 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Microsoft.Photos.exe version 2020.19111.24110.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 1fac

Start Time: 01d6c10fce09ff38

Termination Time: 4294967295

Application Path: C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2020.19111.24110.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe

Report Id: ef462e73-779d-4916-99e8-6afdaa28720d

Faulting package full name: Microsoft.Windows.Photos_2020.19111.24110.0_x64__8wekyb3d8bbwe

Faulting package-relative application ID: App

Hang type: Quiesce

Error: (11/20/2020 09:17:17 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiska nemohol dokončiť opätovné vystrihnutie v SYSTEM RESERVED (F:), pretože: Hardvér, ktorý podporuje tento zväzok, nepodporuje požadovanú operáciu. (0x8900002A)

Error: (11/20/2020 09:17:16 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiska nemohol dokončiť opätovné vystrihnutie v (E:), pretože: Hardvér, ktorý podporuje tento zväzok, nepodporuje požadovanú operáciu. (0x8900002A)


System errors:
=============
Error: (12/11/2020 05:23:01 PM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 29) (User: NT AUTHORITY)
Description: 3221225684A fatal error occurred processing the restoration data.

Error: (12/11/2020 05:23:27 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 20:07:52 on ‎10. ‎12. ‎2020 was unexpected.

Error: (12/04/2020 07:32:23 PM) (Source: volsnap) (EventID: 36) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

Error: (11/22/2020 10:28:36 PM) (Source: volsnap) (EventID: 36) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

Error: (11/20/2020 09:50:04 PM) (Source: DCOM) (EventID: 10000) (User: DESKTOP-MP916VR)
Description: Unable to start a DCOM Server: {0358B920-0AC7-461F-98F4-58E32CD89148}. The error:
"2147942767"
Happened while starting this command:
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}

Error: (11/20/2020 09:38:58 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba WinDefend bola ukončená s nasledujúcou chybou:
%%2147943515 = A system shutdown is in progress.

Error: (11/20/2020 09:38:28 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 21:19:24 on ‎20. ‎11. ‎2020 was unexpected.

Error: (11/10/2020 08:08:36 PM) (Source: Schannel) (EventID: 4103) (User: NT AUTHORITY)
Description: A fatal error occurred while creating a TLS client credential. The internal error state is 10013.


Windows Defender:
===================================
Date: 2020-11-22 22:37:20.5080000Z
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan ID: {11069118-DD3F-4581-AE2F-1F4B36F90CE6}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2020-11-11 19:51:59.7240000Z
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan ID: {6009D0A7-C7B1-4ACA-8B69-6C2D5C87AFB8}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2020-11-10 20:06:41.9690000Z
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan ID: {6C08D897-0446-45BC-8B52-72B6C9E3AFE5}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2020-11-09 20:16:53.3900000Z
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan ID: {4F00406F-0425-4DEE-B97B-AF153F1A7504}
Scan Type: Antimalware
Scan Parameters: Quick Scan

==================== Memory info ===========================

BIOS: Hewlett-Packard L77 Ver. 01.21 09/03/2014
Motherboard: Hewlett-Packard 1993
Processor: Intel(R) Core(TM) i5-4210M CPU @ 2.60GHz
Percentage of memory in use: 87%
Total physical RAM: 4009.11 MB
Available physical RAM: 515.8 MB
Total Virtual: 5545.11 MB
Available Virtual: 1750.21 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:221.07 GB) (Free:18.51 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive e: () (Fixed) (Total:232.87 GB) (Free:44.74 GB) NTFS
Drive f: (SYSTEM RESERVED) (Fixed) (Total:0.1 GB) (Free:0.05 GB) NTFS ==>[system with boot components (obtained from drive)]

\\?\Volume{ea47ea47-0000-0000-0000-100000000000}\ (PQSERVICE) (Fixed) (Total:11.72 GB) (Free:11.34 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: EA47EA47)
Partition 1: (Not Active) - (Size=11.7 GB) - (Type=27)
Partition 2: (Not Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Active) - (Size=221.1 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=232.9 GB) - (Type=0F Extended)

==================== End of Addition.txt =======================

[Roninus]

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 09-12-2020
Ran by ronin (administrator) on DESKTOP-MP916VR (Hewlett-Packard HP ProBook 640 G1) (11-12-2020 17:29:04)
Running from C:\Users\ronin\Downloads
Loaded Profiles: ronin
Platform: Windows 10 Pro Version 20H2 19042.630 (X64) Language: Slovenčina (Slovensko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Broadcom Corporation -> Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <22>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler64.exe
(IDT, Inc.) [File not signed] C:\Program Files\IDT\WDM\stacsv64.exe
(Intel Corporation -> ) C:\Windows\System32\igfxTray.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows Hardware Compatibility Publisher -> ) C:\Windows\System32\fpCSEvtSvc.exe
(Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated) C:\Windows\System32\valWBFPolicyService.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\NisSrv.exe
(Skype) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.56.102.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Skype) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.56.102.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2849872 2019-07-04] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1703424 2014-01-19] (IDT, Inc.) [File not signed]
HKLM-x32\...\Run: [QLBController] => C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [338000 2015-06-22] (Hewlett-Packard -> Hewlett-Packard Company)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2407008 2017-09-20] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [438888 2014-01-15] (Canon Inc. -> CANON INC.)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-3769689683-3705519010-605967400-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [27775672 2020-05-01] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-3769689683-3705519010-605967400-1001\...\Run: [Zoner Photo Studio Autoupdate] => C:\Program Files\Zoner\Photo Studio 19\Program32\ZPSTRAY.EXE [758752 2019-04-03] (ZONER software, a.s. -> ZONER software)
HKLM\...\Windows x64\Print Processors\Canon MG2900 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDCB.DLL [30208 2014-03-18] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG2900 series: C:\WINDOWS\system32\CNMLMCB.DLL [406016 2014-03-18] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJNP Port: C:\WINDOWS\system32\CNMN6PPM.DLL [375296 2014-03-17] (CANON INC.) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\87.0.4280.88\Installer\chrmstp.exe [2020-12-10] (Google LLC -> Google LLC)
Startup: C:\Users\ronin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EOS Utility.lnk [2017-12-31]
ShortcutTarget: EOS Utility.lnk -> C:\Program Files (x86)\Canon\EOS Utility\EOS Utility.exe (No File)
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {39875316-1F4B-41B6-9595-ED5687FC0387} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
Task: {73D42575-01D5-4D0D-A371-B6C3E5905B28} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-07-01] (Google Inc -> Google Inc.)
Task: {90795E78-3FCB-401D-9816-909BDE646BDD} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {9A21EFF7-1B8D-4BB9-915C-8631D1A2E18E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1349200 2020-11-03] (Adobe Inc. -> Adobe Inc.)
Task: {9A260220-DF2E-4577-9C1B-77D8DAF997EB} - System32\Tasks\AdobeGCInvoker-1.0-DESKTOP-MP916VR-ronin => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2849872 2019-07-04] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {AAFB3F2A-8191-42F1-BE7D-D83B234D57A3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-07-01] (Google Inc -> Google Inc.)
Task: {AD498BED-4009-46BD-8E68-F15CD6958F9E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {BB2AC412-19B1-4437-B7DE-ADCEF1B10066} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-05-01] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {CD3BE28C-811F-40BC-8751-E0AC473FC770} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
Task: {D0F78CB1-5A83-4D00-9ECF-C409B453ECA7} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [23571128 2020-05-01] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {D7146F7B-8B30-481E-A004-41388484268E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E711DD6A-81F7-400F-9AD0-412A692DC1CB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {EE7F6FD8-B680-4FA9-A0B3-07BBD53D0029} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-roninus@gmail.com => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated -> Adobe Systems Incorporated)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{57ac1fcd-8909-493e-add0-d751fc7ea72b}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{71e207b0-2f2f-4cc7-ac27-0f2bd1b0a751}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{99f179d7-d196-49da-9bfd-3d5e081c65b1}: [DhcpNameServer] 192.168.100.1
Tcpip\..\Interfaces\{dc5a43a9-698a-4b5b-a3a5-177d6f6e72dc}: [DhcpNameServer] 192.168.1.1

Edge:
======
Edge DefaultProfile: Default
Edge Profile: C:\Users\ronin\AppData\Local\Microsoft\Edge\User Data\Default [2020-12-10]

FireFox:
========
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2017-09-20] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-09] (Google Inc -> Google, Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2017-11-01] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2017-09-20] (Adobe Systems Incorporated -> Adobe Systems)

Chrome:
=======
CHR Profile: C:\Users\ronin\AppData\Local\Google\Chrome\User Data\Default [2020-12-11]
CHR Notifications: Default -> hxxps://fastshare.cz; hxxps://gcx.aliexpress.com; hxxps://klokantv.pushcrew.com; hxxps://www.autodielyonline24.sk; hxxps://www.bombuj.tv; hxxps://www.facebook.com; hxxps://www.viry.cz
CHR HomePage: Default -> hxxps://www.google.com/
CHR StartupUrls: Default -> "hxxp://google.sk/"
CHR Extension: (Prezentácie) - C:\Users\ronin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-21]
CHR Extension: (Dokumenty) - C:\Users\ronin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-21]
CHR Extension: (Disk Google) - C:\Users\ronin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-24]
CHR Extension: (YouTube) - C:\Users\ronin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-07-03]
CHR Extension: (Tabuľky) - C:\Users\ronin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-21]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\ronin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-11-22]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\ronin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-06]
CHR Extension: (Gmail) - C:\Users\ronin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-24]
CHR Extension: (Chrome Media Router) - C:\Users\ronin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-12-10]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [170056 2020-11-03] (Adobe Inc. -> Adobe Inc.)
S3 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [817760 2017-09-20] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
S3 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3117648 2019-07-04] (Adobe Inc. -> Adobe Systems, Incorporated)
S3 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2888272 2019-07-04] (Adobe Inc. -> Adobe Systems, Incorporated)
S3 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [440808 2017-09-13] (Digital Wave Ltd -> Digital Wave Ltd.)
R2 fpCsEvtSvc; C:\WINDOWS\system32\fpCSEvtSvc.exe [22488 2017-05-22] (Microsoft Windows Hardware Compatibility Publisher -> )
S3 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [108032 2016-05-26] (Freemake) [File not signed]
S3 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [684624 2015-06-22] (Hewlett-Packard -> Hewlett-Packard Company)
S3 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [84616 2013-06-28] (Canon Inc. -> )
S3 postgresql-x64-9.5; C:\Program Files\PostgreSQL\9.5\bin\pg_ctl.exe [94208 2016-08-09] (PostgreSQL Global Development Group) [File not signed]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5101992 2020-11-20] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [340480 2014-01-19] (IDT, Inc.) [File not signed]
R2 valWBFPolicyService; C:\WINDOWS\system32\valWBFPolicyService.exe [82912 2017-05-22] (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\NisSrv.exe [2491880 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MsMpEng.exe [128376 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
R3 HpqKbFiltr; C:\WINDOWS\System32\drivers\HpqKbFiltr64.sys [37112 2015-06-17] (Hewlett-Packard Company -> Hewlett-Packard Company)
R1 HWiNFO32; C:\WINDOWS\system32\drivers\HWiNFO64A.SYS [27552 2018-04-07] (Martin Malik - REALiX -> REALiX(tm))
S3 ksapi64; C:\WINDOWS\system32\drivers\ksapi64.sys [89776 2018-02-08] (Beijing Kingsoft Security software Co.,Ltd -> Kingsoft Corporation)
S3 libusb0; C:\WINDOWS\system32\DRIVERS\libusb0.sys [72224 2019-10-17] (SZ DJI Technology Co., Ltd. -> hxxp://libusb-win32.sourceforge.net)
R3 STHDA; C:\WINDOWS\system32\DRIVERS\stwrt64.sys [551936 2014-01-19] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48536 2020-12-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [26880 2015-11-12] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [429296 2020-12-04] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [70896 2020-12-04] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [34944 2018-05-11] (HP Inc. -> HP)
S3 MpKslb876d610; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{78E2BC3C-E6A7-4AFD-9C33-4631007E226E}\MpKslDrv.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-12-11 17:29 - 2020-12-11 17:30 - 000017418 _____ C:\Users\ronin\Downloads\FRST.txt
2020-12-11 17:28 - 2020-12-11 17:28 - 002288640 _____ (Farbar) C:\Users\ronin\Downloads\FRST64.exe
2020-12-10 19:03 - 2020-12-10 19:03 - 001222144 _____ C:\Users\ronin\Downloads\RSITx64.exe
2020-12-10 19:03 - 2020-12-10 19:03 - 000000000 ____D C:\rsit
2020-12-10 19:03 - 2020-12-10 19:03 - 000000000 ____D C:\Program Files\trend micro
2020-12-04 20:08 - 2020-12-04 20:08 - 000144434 _____ C:\Users\ronin\Downloads\Tiger_(P).svg
2020-12-04 19:46 - 2020-12-04 19:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Registrácia používateľa produktu Canon MG2900 series
2020-12-04 19:10 - 2020-12-04 19:11 - 052268632 _____ C:\Users\ronin\Downloads\win-mg2900-1_1-mcd.exe
2020-11-22 21:25 - 2020-11-22 21:26 - 000320164 _____ C:\Users\ronin\Downloads\time-lapser_1.0.0.3.zip
2020-11-22 20:52 - 2020-11-22 20:52 - 000000000 ____D C:\Users\ronin\AppData\Roaming\Panolapse
2020-11-22 20:49 - 2020-11-22 20:50 - 041639111 _____ C:\Users\ronin\Downloads\PanolapseWin125.zip
2020-11-22 20:45 - 2020-11-22 20:55 - 000000000 ____D C:\Users\ronin\Desktop\vychod slnka casozber
2020-11-20 19:46 - 2020-11-20 19:46 - 000266240 _____ C:\WINDOWS\SysWOW64\Windows.Internal.UI.Shell.WindowTabManager.dll
2020-11-20 19:46 - 2020-11-20 19:46 - 000152576 _____ C:\WINDOWS\system32\EoAExperiences.exe
2020-11-20 19:46 - 2020-11-20 19:46 - 000009265 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2020-11-20 19:45 - 2020-11-20 19:45 - 000363520 _____ C:\WINDOWS\system32\Windows.Internal.UI.Shell.WindowTabManager.dll
2020-11-20 19:45 - 2020-11-20 19:45 - 000197632 _____ C:\WINDOWS\system32\IHDS.dll

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-12-11 17:30 - 2020-10-24 21:17 - 001763666 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-12-11 17:30 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2020-12-11 17:30 - 2017-07-26 22:08 - 000715220 _____ C:\WINDOWS\system32\perfh01B.dat
2020-12-11 17:30 - 2017-07-26 22:08 - 000210316 _____ C:\WINDOWS\system32\perfc01B.dat
2020-12-11 17:29 - 2019-02-14 12:06 - 000000000 ____D C:\FRST
2020-12-11 17:25 - 2017-07-01 22:35 - 000000000 __SHD C:\Users\ronin\IntelGraphicsProfiles
2020-12-11 17:24 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-12-11 17:24 - 2019-02-16 12:26 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2020-12-11 17:23 - 2020-10-24 21:25 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-12-11 17:23 - 2020-10-24 21:02 - 000008192 ___SH C:\DumpStack.log.tmp
2020-12-11 17:23 - 2020-10-24 21:02 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-12-11 17:23 - 2017-07-01 22:53 - 000000000 ____D C:\ProgramData\Synaptics
2020-12-10 18:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-12-10 18:56 - 2017-12-18 00:33 - 000000000 ____D C:\Users\ronin\AppData\Local\Packages
2020-12-10 18:56 - 2017-07-03 21:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
2020-12-10 18:56 - 2017-07-03 21:11 - 000000000 ____D C:\Program Files (x86)\Canon
2020-12-10 18:55 - 2017-08-28 11:39 - 000000000 ____D C:\Program Files\Canon
2020-12-10 18:54 - 2017-07-03 21:00 - 000000000 ____D C:\ProgramData\DxO Labs
2020-12-10 18:19 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2020-12-10 17:46 - 2017-07-01 22:40 - 000002313 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-12-10 17:43 - 2020-07-19 10:45 - 000002444 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-12-10 17:43 - 2020-07-19 10:45 - 000002282 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2020-12-10 17:43 - 2020-07-19 10:45 - 000002282 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2020-12-10 17:43 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2020-12-04 19:48 - 2017-08-19 20:17 - 000000000 ____D C:\ProgramData\CanonIJPLM
2020-12-04 19:46 - 2019-12-07 10:14 - 000000000 __RSD C:\WINDOWS\Media
2020-12-04 19:00 - 2019-12-07 15:39 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2020-12-04 18:51 - 2018-06-10 17:48 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2020-12-04 18:46 - 2020-10-24 21:25 - 000003456 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2020-12-04 18:46 - 2020-10-24 21:25 - 000003332 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2020-12-02 18:15 - 2017-07-03 21:01 - 000000000 ____D C:\Users\ronin\Documents\DxO Optics Pro v9 logs
2020-12-02 18:06 - 2020-10-24 21:25 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2020-12-02 18:03 - 2020-10-25 11:29 - 000003482 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6aa429f5b824b
2020-12-02 18:03 - 2020-10-24 21:25 - 000003576 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2020-11-22 22:25 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2020-11-20 22:02 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-11-20 21:58 - 2017-07-02 00:41 - 000000000 ____D C:\WINDOWS\system32\MRT
2020-11-20 21:52 - 2017-07-02 00:41 - 133736600 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2020-11-20 21:44 - 2017-07-03 20:56 - 000000440 _____ C:\Users\ronin\Desktop\Tento počítač - odkaz.lnk
2020-11-20 21:40 - 2020-10-24 21:02 - 000258168 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-11-20 21:37 - 2019-12-07 15:41 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2020-11-20 21:37 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2020-11-20 21:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2020-11-20 21:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2020-11-20 21:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2020-11-20 21:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2020-11-20 21:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2020-11-20 21:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2020-11-20 21:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-11-20 21:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2020-11-20 21:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-11-20 19:53 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2020-11-20 19:46 - 2017-07-01 22:53 - 000413704 __RSH C:\bootmgr
2020-11-20 19:45 - 2020-10-24 21:06 - 002876928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2020-11-20 19:17 - 2020-10-11 20:14 - 000000000 ___HD C:\$WinREAgent
2020-11-11 19:50 - 2020-10-24 18:17 - 000000000 ___DC C:\WINDOWS\Panther

==================== Files in the root of some directories ========

2018-01-30 20:16 - 2020-05-15 22:34 - 000011776 _____ () C:\Users\ronin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2018-09-30 19:11 - 2018-09-30 19:11 - 000000000 _____ () C:\Users\ronin\AppData\Local\oobelibMkey.log
2017-08-06 21:24 - 2019-12-23 16:13 - 000007597 _____ () C:\Users\ronin\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

[Rudy]

Teď spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

[Roninus]

# -------------------------------
# Malwarebytes AdwCleaner 8.0.8.0
# -------------------------------
# Build: 10-08-2020
# Database: 2020-09-29.1 (Local)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 12-11-2020
# Duration: 00:01:27
# OS: Windows 10 Pro
# Scanned: 31837
# Detected: 2


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

PUP.Optional.Legacy C:\ProgramData\Tencent
PUP.Optional.Legacy C:\Users\ronin\AppData\Roaming\Tencent

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

No Preinstalled Software found.


AdwCleaner[S00].txt - [3048 octets] - [14/02/2019 15:59:18]
AdwCleaner[C00].txt - [2738 octets] - [14/02/2019 16:00:48]
AdwCleaner[S01].txt - [1371 octets] - [27/05/2019 20:15:13]
AdwCleaner[C01].txt - [1557 octets] - [27/05/2019 20:15:48]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S02].txt ##########

[Rudy]

Dejte nové logy FRST+Addition.

[Roninus]

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-12-2020
Ran by ronin (11-12-2020 20:16:03)
Running from C:\Users\ronin\Downloads
Windows 10 Pro Version 20H2 19042.630 (X64) (2020-10-24 20:26:52)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3769689683-3705519010-605967400-500 - Administrator - Disabled)
ALINC (S-1-5-21-3769689683-3705519010-605967400-1002 - Administrator - Enabled)
DefaultAccount (S-1-5-21-3769689683-3705519010-605967400-503 - Limited - Disabled)
Guest (S-1-5-21-3769689683-3705519010-605967400-501 - Limited - Disabled)
postgres (S-1-5-21-3769689683-3705519010-605967400-1005 - Limited - Enabled) => C:\Users\postgres
ronin (S-1-5-21-3769689683-3705519010-605967400-1001 - Administrator - Enabled) => C:\Users\ronin
WDAGUtilityAccount (S-1-5-21-3769689683-3705519010-605967400-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.3.0.256 - Adobe Systems Incorporated)
Adobe Lightroom (HKLM-x32\...\{8048A5DF-8A70-5BE1-954B-E0FDE1BD0D0D}) (Version: 6.1 - Adobe Systems Incorporated)
Adobe Photoshop CC 2015 (HKLM-x32\...\{793C2BF7-A4FE-4608-91C9-9282C5801C21}) (Version: 16.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.23) - Slovak (HKLM-x32\...\{AC76BA86-7AD7-1051-7B44-AB0000000001}) (Version: 11.0.23 - Adobe Systems Incorporated)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Avast Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.4.136.333 - AVAST Software) Hidden
AVS Update Manager 1.0 (HKLM-x32\...\AVS Update Manager_is1) (Version: - Online Media Technologies Ltd.)
C:\Program Files\Adobe\Adobe Lightroom\LRcestina_uninstall.exe (HKLM-x32\...\CZ Lokalizace pro Lightroom CC 2015.1 a 6.0_is1) (Version: 1.1 - )
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: 1.5.2.3 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.1.10.15 - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 4.2.0 - Canon Inc.)
Canon MG2900 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG2900_series) (Version: 1.01 - Canon Inc.)
Canon MG2900 series On-screen Manual (HKLM-x32\...\Canon MG2900 series On-screen Manual) (Version: 7.7.1 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.3.0 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.66 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.7.6282 - CDBurnerXP)
DaVinci Resolve (HKLM\...\{9438E188-F562-4409-8748-D76B94FF104D}) (Version: 15.2.2007 - Blackmagic Design)
DaVinci Resolve Panels (HKLM\...\{B1782967-E600-4BBD-B2F1-AEF3F2FE0A12}) (Version: 1.2.1.0 - Blackmagic Design)
DJI Assistant 2 version V1.2.5 (HKLM-x32\...\{D939E096-78F1-4A32-A711-C1AD3F3D082A}_is1) (Version: V1.2.5 - DJI)
eosmsgV5 (HKLM-x32\...\{1FA2CD22-3B84-4C08-997A-1EDDC9366772}) (Version: 5.3.8 - Shen Zhen CammsG CO.LTD)
Fairlight Studio Utility (HKLM\...\{B398FA50-A725-4837-A2A8-6DB38FB6FC0F}) (Version: 1.1.0.0 - Blackmagic Design)
Free Audio Converter (HKLM-x32\...\Free Audio Converter_is1) (Version: 5.1.6.913 - Digital Wave Ltd)
Freemake Video Converter verzia 4.1.9 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.9 - Ellora Assets Corporation)
FreeShutterCount V1.54 (HKLM-x32\...\FreeShutterCount_is1) (Version: 1.54.0.0 - FreeShutterCount)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 87.0.4280.88 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.51 - Google LLC) Hidden
HP Hotkey Support (HKLM-x32\...\{6E7401DB-B722-4428-BE94-DD4740CF6464}) (Version: 5.0.28.1 - Hewlett-Packard Company)
HWiNFO64 Version 5.74 (HKLM\...\HWiNFO64_is1) (Version: 5.74 - Martin Malík - REALiX)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6499.0 - IDT)
Inbox Storage (HKLM-x32\...\{8E262F9D-DDEA-4F30-85CD-FD5C28613894}_is1) (Version: 1.0.0.32 - Xacti, LLC)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.5126 - Intel Corporation)
Intel® Chipset Device Software (HKLM-x32\...\{bb0592a7-5772-4736-9d55-2402740085db}) (Version: 10.1.1.38 - Intel(R) Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 87.0.664.57 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.139.59 - )
Microsoft Office Word Viewer 2003 (HKLM-x32\...\{9085041B-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3769689683-3705519010-605967400-1001\...\OneDriveSetup.exe) (Version: 20.169.0823.0008 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{97238E8A-4919-4A1E-965A-C6C36938F4CE}) (Version: 2.68.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.5.4 - Notepad++ Team)
OLYMPUS Digital Camera Updater (HKLM-x32\...\{962428F4-2E99-4AD2-B55D-B468C18A8A89}) (Version: 2.0.0 - Olympus Corporation)
Olympus Workspace (HKLM-x32\...\{3AC85359-EE06-405B-9C8B-A161959F30F2}) (Version: 1.2.0 - Olympus Corporation)
OpenShot Video Editor verze 2.4.3 (HKLM\...\{4BB0DCDC-BC24-49EC-8937-72956C33A470}_is1) (Version: 2.4.3 - OpenShot Studios, LLC)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.255 - Google, Inc.)
PostgreSQL 9.5 (HKLM\...\PostgreSQL 9.5) (Version: 9.5 - PostgreSQL Global Development Group)
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.15063.21300 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Registrácia používateľa produktu Canon MG2900 series (HKLM-x32\...\Registrácia používateľa produktu Canon MG2900 series) (Version: - ‭Canon Inc.)
SIGMA Optimization Pro (HKLM-x32\...\{A75A7BEA-7A33-46FF-A2CD-3B0AF8023903}) (Version: 1.6.0.13 - SIGMA CORPORATION)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.19.63 - Synaptics Incorporated)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation)
Vegas Pro 13.0 (64-bit) (HKLM\...\{1EEE0BEE-0BC8-11E5-A19E-F04DA23A5C58}) (Version: 13.0.453 - Sony)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.8 - VideoLAN)
Windows Driver Package - Broadcom Corp. (btwavdt) BluetoothVirtual (10/26/2015 6.5.1.6800) (HKLM\...\627F5D105FD8AD9683147A6D517C7D0DD4C901F1) (Version: 10/26/2015 6.5.1.6800 - Broadcom Corp.)
Windows Driver Package - HP (WirelessButtonDriver64) HIDClass (06/20/2017 1.1.20.1) (HKLM\...\990960E62BD0700A1AAC3331807F138303F458C2) (Version: 06/20/2017 1.1.20.1 - HP)
Windows Driver Package - Intel (MEIx64) System (10/03/2017 11.7.0.1045) (HKLM\...\623E6BEBFE0E32D8AD88825BDC5B643D996BCA93) (Version: 10/03/2017 11.7.0.1045 - Intel)
Windows Driver Package - Intel Corporation (iaStorA) HDC (04/10/2017 14.8.16.1063) (HKLM\...\1956B72D229BA5E262A8828A81DB9133B5F111B2) (Version: 04/10/2017 14.8.16.1063 - Intel Corporation)
Windows Driver Package - Intel Corporation (iaStorA) SCSIAdapter (04/10/2017 14.8.16.1063) (HKLM\...\7B099E88B288543F1ED20B3C3332D4B1B2E6A621) (Version: 04/10/2017 14.8.16.1063 - Intel Corporation)
Windows Driver Package - OLYMPUS IMAGING CORP. Camera Communication Driver Package (09/09/2009 1.0.0.0) (HKLM\...\2C1C2F29FADF39F533CEEE67B90F07A5306A4BDB) (Version: 09/09/2009 1.0.0.0 - OLYMPUS IMAGING CORP.)
Windows Driver Package - Ross-Tech HIDClass (01/05/2014 6.3.0.3) (HKLM\...\3A9B09BBD4F12A76FBBD3A428729660930BA5F13) (Version: 01/05/2014 6.3.0.3 - Ross-Tech)
Windows Driver Package - Ross-Tech USB Driver Package (05/12/2014 2.10.00) (HKLM\...\88B02C4BD09AA7910C55C4E74BE8F036244B5CF9) (Version: 05/12/2014 2.10.00 - Ross-Tech)
WinRAR 5.70 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)
Zoner Photo Studio X SK (HKU\S-1-5-21-3769689683-3705519010-605967400-1001\...\ZPS X) (Version: 19.2009.2.286 - ZONER software)

Packages:
=========
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-07] (Autodesk Inc.)
Canon Inkjet Print Utility -> C:\Program Files\WindowsApps\34791E63.CanonInkjetPrintUtility_2.9.0.1_neutral__6e5tt8cgb93ep [2020-03-07] (Canon Inc.)
Cortana -> C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_1.1911.21713.0_x64__8wekyb3d8bbwe [2019-12-07] (Microsoft Corporation)
Doplnok mediálneho nástroja pre Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-11-11] (Microsoft Corporation)
Doplnok pre Fotografie -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2017.39121.36610.0_x64__8wekyb3d8bbwe [2018-09-17] (Microsoft Corporation)
Keeper - Password Manager & Secure File Storage -> C:\Program Files\WindowsApps\KeeperSecurityInc.Keeper_14.0.33.0_x64__kejf07qmg0jnm [2019-07-30] (Keeper Security Inc)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-14] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-14] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.5012.0_x64__8wekyb3d8bbwe [2020-05-05] (Microsoft Studios) [MS Ad]
MSN Počasie -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-24] (Microsoft Corporation) [MS Ad]
Raw Image Extension -> C:\Program Files\WindowsApps\Microsoft.RawImageExtension_1.0.30761.0_x64__8wekyb3d8bbwe [2020-05-05] (Microsoft Corporation)
Rozšírenie pre video MPEG-2 -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.22661.0_x64__8wekyb3d8bbwe [2019-09-30] (Microsoft Corporation)
Skype -> C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.56.102.0_x64__kzf8qxf38zg5c [2020-02-05] (Skype)
Váš telefón -> C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20041.91.0_x64__8wekyb3d8bbwe [2020-05-20] (Microsoft Corporation)
WinOpener -> C:\Program Files\WindowsApps\DeviceDoctor.WinOpener_2.1.32.0_x64__mkdtfchztkfbm [2018-04-07] (Tiny Opener)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3769689683-3705519010-605967400-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems Incorporated -> Adobe Systems)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers4: [WinRAR] -> [CC]{B41DB860-64E4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers4: [WinRAR32] -> [CC]{B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2020-06-04] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [msacm.voxacm160] => C:\Windows\SysWOW64\vct3216.acm [82944 2003-05-21] (Voxware, Inc.) [File not signed]
HKLM\...\Drivers32: [msacm.scg726] => C:\Windows\SysWOW64\scg726.acm [13239 2000-03-14] (SHARP Corporation) [File not signed]
HKLM\...\Drivers32: [msacm.alf2cd] => C:\Windows\SysWOW64\alf2cd.acm [38912 2003-05-21] (NCT Company) [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\SysWOW64\AC3ACM.acm [81920 2004-02-04] (fccHandler) [File not signed]
HKLM\...\Drivers32: [vidc.dvsd] => C:\Windows\SysWOW64\mcdvd_32.dll [261632 2007-09-27] (MainConcept) [File not signed]
HKLM\...\Drivers32: [vidc.xvid] => C:\Windows\SysWOW64\xvidvfw.dll [139264 2007-09-27] () [File not signed]
HKLM\...\Drivers32: [vidc.DIVX] => C:\Windows\SysWOW64\DivX.dll [638976 2007-09-27] (DivXNetworks, Inc.) [File not signed]
HKLM\...\Drivers32: [vidc.mpg4] => C:\Windows\SysWOW64\mpg4c32.dll [413760 2007-09-27] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [vidc.mp42] => C:\Windows\SysWOW64\mpg4c32.dll [413760 2007-09-27] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [vidc.mp43] => C:\Windows\SysWOW64\mpg4c32.dll [413760 2007-09-27] (Microsoft Corporation) [File not signed]

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2017-08-19 20:03 - 2014-03-17 18:15 - 000375296 _____ (CANON INC.) [File not signed] C:\WINDOWS\System32\CNMN6PPM.DLL

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

SearchScopes: HKU\S-1-5-21-3769689683-3705519010-605967400-1001 -> {1E9A8010-5408-41D0-9A24-35C6E31B7C81} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2017-03-18 22:03 - 2019-02-16 12:09 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3769689683-3705519010-605967400-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\ronin\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\{38a10c1c-bbc6-42bf-86c8-5c01dd78233d}.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "SysTrayApp"
HKLM\...\StartupApproved\Run: => "HPRadioMgr"
HKLM\...\StartupApproved\Run32: => "QLBController"
HKLM\...\StartupApproved\Run32: => "CanonQuickMenu"
HKLM\...\StartupApproved\Run32: => "IJNetworkScannerSelectorEX"
HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run32: => "SBrowserCheck"
HKU\S-1-5-21-3769689683-3705519010-605967400-1001\...\StartupApproved\StartupFolder: => "EOS Utility.lnk"
HKU\S-1-5-21-3769689683-3705519010-605967400-1001\...\StartupApproved\Run: => "World of Tanks"
HKU\S-1-5-21-3769689683-3705519010-605967400-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-3769689683-3705519010-605967400-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-3769689683-3705519010-605967400-1001\...\StartupApproved\Run: => "Zoner Photo Studio Autoupdate"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{48A64ECC-8984-4AED-A2ED-F5FBE7FD4D8B}] => (Block) C:\program files (x86)\dji product\dji assistant 2\assistant\root.exe (SZ DJI Technology Co., Ltd. -> DJI)
FirewallRules: [{4EFAB9CE-46FE-4C1D-9690-B588DA394C29}] => (Block) C:\program files (x86)\dji product\dji assistant 2\assistant\root.exe (SZ DJI Technology Co., Ltd. -> DJI)
FirewallRules: [{FAEDF7FC-2ED5-429A-B045-095C337E9954}] => (Block) C:\program files (x86)\dji product\dji assistant 2\assistant\visionstarter2.exe (SZ DJI Technology Co., Ltd. -> )
FirewallRules: [{86E51E5A-742E-44DA-A052-8F4D64D3A99B}] => (Block) C:\program files (x86)\dji product\dji assistant 2\assistant\visionstarter2.exe (SZ DJI Technology Co., Ltd. -> )
FirewallRules: [UDP Query User{C565C4E2-7130-4F67-BABA-573978694745}C:\program files (x86)\dji product\dji assistant 2\assistant\visionstarter2.exe] => (Allow) C:\program files (x86)\dji product\dji assistant 2\assistant\visionstarter2.exe (SZ DJI Technology Co., Ltd. -> )
FirewallRules: [TCP Query User{1D026030-07EE-4DC6-97B4-43772466B0B8}C:\program files (x86)\dji product\dji assistant 2\assistant\visionstarter2.exe] => (Allow) C:\program files (x86)\dji product\dji assistant 2\assistant\visionstarter2.exe (SZ DJI Technology Co., Ltd. -> )
FirewallRules: [UDP Query User{C9154FBB-73AA-4F92-892D-05AEDBFB68C5}C:\program files (x86)\dji product\dji assistant 2\assistant\root.exe] => (Allow) C:\program files (x86)\dji product\dji assistant 2\assistant\root.exe (SZ DJI Technology Co., Ltd. -> DJI)
FirewallRules: [TCP Query User{3756E8D7-30FF-4016-9432-30C15804251E}C:\program files (x86)\dji product\dji assistant 2\assistant\root.exe] => (Allow) C:\program files (x86)\dji product\dji assistant 2\assistant\root.exe (SZ DJI Technology Co., Ltd. -> DJI)
FirewallRules: [UDP Query User{3DABF032-54F0-4610-9D10-FB9401F2D363}C:\program files (x86)\dji product\dji assistant 2 for mavic\djiengine\djiservicecore.exe] => (Allow) C:\program files (x86)\dji product\dji assistant 2 for mavic\djiengine\djiservicecore.exe (SZ DJI Technology Co., Ltd. -> )
FirewallRules: [TCP Query User{2EF611D5-F4BD-4053-97ED-B1B624F7C8C1}C:\program files (x86)\dji product\dji assistant 2 for mavic\djiengine\djiservicecore.exe] => (Allow) C:\program files (x86)\dji product\dji assistant 2 for mavic\djiengine\djiservicecore.exe (SZ DJI Technology Co., Ltd. -> )
FirewallRules: [UDP Query User{64F9DEC7-F202-46B4-AD4D-04FA45056813}C:\program files (x86)\dji product\dji assistant 2 for mavic\djiengine\djiservice.exe] => (Allow) C:\program files (x86)\dji product\dji assistant 2 for mavic\djiengine\djiservice.exe (SZ DJI Technology Co., Ltd. -> )
FirewallRules: [TCP Query User{325C8C4C-8806-413E-BFDE-E76512EA4F79}C:\program files (x86)\dji product\dji assistant 2 for mavic\djiengine\djiservice.exe] => (Allow) C:\program files (x86)\dji product\dji assistant 2 for mavic\djiengine\djiservice.exe (SZ DJI Technology Co., Ltd. -> )
FirewallRules: [UDP Query User{39AED779-A156-4F68-88E1-569DC55FE6BF}C:\program files\blackmagic design\davinci resolve\fuscript.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\fuscript.exe (Blackmagic Design Pty. Ltd.) [File not signed]
FirewallRules: [TCP Query User{606F41AA-F6C1-48F3-A42B-8CA4C1A0A02E}C:\program files\blackmagic design\davinci resolve\fuscript.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\fuscript.exe (Blackmagic Design Pty. Ltd.) [File not signed]
FirewallRules: [UDP Query User{C0F38C1B-FDA0-429A-BD10-60E2C2E28D18}C:\program files\blackmagic design\davinci resolve\davincipaneldaemon.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\davincipaneldaemon.exe () [File not signed]
FirewallRules: [TCP Query User{D1C581CD-755D-4CA7-BE94-13C527A3D366}C:\program files\blackmagic design\davinci resolve\davincipaneldaemon.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\davincipaneldaemon.exe () [File not signed]
FirewallRules: [UDP Query User{90BA4FF4-A4BB-4086-A21C-7B5BDC56FE7A}C:\program files\blackmagic design\davinci resolve\resolve.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [TCP Query User{1ECBCDB5-6FE5-4741-BBF5-AE93A73253B3}C:\program files\blackmagic design\davinci resolve\resolve.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\resolve.exe (Blackmagic Design Pty Ltd -> Blackmagic Design Pty. Ltd.)
FirewallRules: [UDP Query User{F2531582-F870-4E91-BF0D-165A8B0C4EC4}C:\program files\blackmagic design\davinci resolve\dpdecoder.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\dpdecoder.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [TCP Query User{5E66F97B-E425-41E5-BC94-213AAC8B48C2}C:\program files\blackmagic design\davinci resolve\dpdecoder.exe] => (Allow) C:\program files\blackmagic design\davinci resolve\dpdecoder.exe (Blackmagic Design Pty Ltd -> )
FirewallRules: [UDP Query User{975C7A3C-DB67-426F-8A11-3E0D5A44AD15}C:\program files\openshot video editor\launch.exe] => (Block) C:\program files\openshot video editor\launch.exe () [File not signed]
FirewallRules: [TCP Query User{CD1CEAA2-DBFA-4358-82DB-F8245574DFDA}C:\program files\openshot video editor\launch.exe] => (Block) C:\program files\openshot video editor\launch.exe () [File not signed]
FirewallRules: [{19CD7D7F-5D1C-4EDE-BB40-CB7D0BAF2A6B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

11-12-2020 18:55:56 Scheduled Checkpoint

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (12/11/2020 05:56:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: lightroom.exe, verzia: 6.1.0.10, časová značka: 0x5571e617
Názov chybujúceho modulu: lightroom.exe, verzia: 6.1.0.10, časová značka: 0x5571e617
Kód výnimky: 0xc000041d
Odstup chyby: 0x000000000000bda7
Identifikácia chybujúceho procesu: 0xc04
Čas spustenia chybujúcej aplikácie: 0x01d6cfde7b5bf735
Cesta chybujúcej aplikácie: C:\Program Files\Adobe\Adobe Lightroom\lightroom.exe
Cesta chybujúceho modulu: C:\Program Files\Adobe\Adobe Lightroom\lightroom.exe
Identifikácia hlásenia: 1506f39f-2d64-4be4-ab35-f190e5948af5
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:

Error: (12/11/2020 05:56:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: lightroom.exe, verzia: 6.1.0.10, časová značka: 0x5571e617
Názov chybujúceho modulu: lightroom.exe, verzia: 6.1.0.10, časová značka: 0x5571e617
Kód výnimky: 0xc0000005
Odstup chyby: 0x000000000000bda7
Identifikácia chybujúceho procesu: 0xc04
Čas spustenia chybujúcej aplikácie: 0x01d6cfde7b5bf735
Cesta chybujúcej aplikácie: C:\Program Files\Adobe\Adobe Lightroom\lightroom.exe
Cesta chybujúceho modulu: C:\Program Files\Adobe\Adobe Lightroom\lightroom.exe
Identifikácia hlásenia: 32822b64-676c-49fc-9cfe-06aa69e19189
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:

Error: (12/10/2020 08:08:56 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiska nemohol dokončiť opätovné vystrihnutie v (C:), pretože: Hardvér, ktorý podporuje tento zväzok, nepodporuje požadovanú operáciu. (0x8900002A)

Error: (12/10/2020 07:36:27 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiska nemohol dokončiť opätovné vystrihnutie v SYSTEM RESERVED (F:), pretože: Hardvér, ktorý podporuje tento zväzok, nepodporuje požadovanú operáciu. (0x8900002A)

Error: (12/10/2020 07:36:26 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiska nemohol dokončiť opätovné vystrihnutie v (E:), pretože: Hardvér, ktorý podporuje tento zväzok, nepodporuje požadovanú operáciu. (0x8900002A)

Error: (12/02/2020 07:26:14 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiska nemohol dokončiť opätovné vystrihnutie v SYSTEM RESERVED (F:), pretože: Hardvér, ktorý podporuje tento zväzok, nepodporuje požadovanú operáciu. (0x8900002A)

Error: (12/02/2020 07:26:14 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiska nemohol dokončiť opätovné vystrihnutie v (E:), pretože: Hardvér, ktorý podporuje tento zväzok, nepodporuje požadovanú operáciu. (0x8900002A)

Error: (11/22/2020 10:08:35 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Microsoft.Photos.exe version 2020.19111.24110.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 1fac

Start Time: 01d6c10fce09ff38

Termination Time: 4294967295

Application Path: C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2020.19111.24110.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe

Report Id: ef462e73-779d-4916-99e8-6afdaa28720d

Faulting package full name: Microsoft.Windows.Photos_2020.19111.24110.0_x64__8wekyb3d8bbwe

Faulting package-relative application ID: App

Hang type: Quiesce


System errors:
=============
Error: (12/11/2020 07:57:19 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-MP916VR)
Description: The server {38E441FB-3D16-422F-8750-B2DACEC5CEFC} did not register with DCOM within the required timeout.

Error: (12/11/2020 07:57:19 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-MP916VR)
Description: The server {38E441FB-3D16-422F-8750-B2DACEC5CEFC} did not register with DCOM within the required timeout.

Error: (12/11/2020 07:38:40 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Modul WLAN Extensibility Module sa neočakávane zastavil.

Cesta k modulu: C:\WINDOWS\System32\bcmihvsrv64.dll

Error: (12/11/2020 07:38:40 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Modul WLAN Extensibility Module sa neočakávane zastavil.

Cesta k modulu: C:\WINDOWS\System32\bcmihvsrv64.dll

Error: (12/11/2020 07:38:30 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Modul WLAN Extensibility Module sa neočakávane zastavil.

Cesta k modulu: C:\WINDOWS\System32\bcmihvsrv64.dll

Error: (12/11/2020 07:38:23 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Bluetooth Driver Management Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.

Error: (12/11/2020 07:38:23 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Audio Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.

Error: (12/11/2020 07:38:15 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Adobe Acrobat Update Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.


Windows Defender:
===================================
Date: 2020-11-22 22:37:20.5080000Z
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan ID: {11069118-DD3F-4581-AE2F-1F4B36F90CE6}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2020-11-11 19:51:59.7240000Z
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan ID: {6009D0A7-C7B1-4ACA-8B69-6C2D5C87AFB8}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2020-11-10 20:06:41.9690000Z
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan ID: {6C08D897-0446-45BC-8B52-72B6C9E3AFE5}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2020-11-09 20:16:53.3900000Z
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan ID: {4F00406F-0425-4DEE-B97B-AF153F1A7504}
Scan Type: Antimalware
Scan Parameters: Quick Scan

==================== Memory info ===========================

BIOS: Hewlett-Packard L77 Ver. 01.21 09/03/2014
Motherboard: Hewlett-Packard 1993
Processor: Intel(R) Core(TM) i5-4210M CPU @ 2.60GHz
Percentage of memory in use: 66%
Total physical RAM: 4009.11 MB
Available physical RAM: 1330.84 MB
Total Virtual: 5545.11 MB
Available Virtual: 2747.66 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:221.07 GB) (Free:17.57 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive e: () (Fixed) (Total:232.87 GB) (Free:44.76 GB) NTFS
Drive f: (SYSTEM RESERVED) (Fixed) (Total:0.1 GB) (Free:0.05 GB) NTFS ==>[system with boot components (obtained from drive)]

\\?\Volume{ea47ea47-0000-0000-0000-100000000000}\ (PQSERVICE) (Fixed) (Total:11.72 GB) (Free:11.34 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: EA47EA47)
Partition 1: (Not Active) - (Size=11.7 GB) - (Type=27)
Partition 2: (Not Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Active) - (Size=221.1 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=232.9 GB) - (Type=0F Extended)

==================== End of Addition.txt =======================

[Rudy]

Toto je Addition. Kde je log FRST?