Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Yahoo jako domovská stránka, pomalý počítač, procesy na pozadí

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
StepanMez
Návštěvník
Návštěvník
Příspěvky: 22
Registrován: 19 lis 2017 15:35

Yahoo jako domovská stránka, pomalý počítač, procesy na pozadí

#1 Příspěvek od StepanMez »

Dobrý den,

prosím o pomoc. Mám problém s prohlížečem Chrome. Zničehonic se mi do chromu vetřelo Yahoo (při otevření nové karty prohlížeče Chrome nevyhledává přes Google) a všechno se zpomalilo. K tomu se se mi přidal do počítače McAfee webadvisor. Bohužel v období, kdy se tyto problémy objevily, si neuvědomuji, že bych něco stahoval nebo instaloval (ale je možné, že mám jen krátkou paměť). Zároveň se mi stává, že když chci počítač čistit pomocí CCleaneru, požaduje po mě CCleaner uzavření (nakonec vynucené) Chromu, který ale není vědomě spuštěný a na hlavním panelu zobrazený.

V neposlední řadě jsem měl problém s vygenerováním logu z FRST. Všechno probíhalo, ale soubory .txt byly nakonec prázdné. Na druhý pokus mi FRST uzavřel Avast do truhly. Ani na třetí pokus to nevyšlo. Nevím, zda to k něčemu bude, improvizuji, přikládám alespoň log z RSIT, přestože mám Windows 10.

Předem děkuji za pomoc.

Logfile of random's system information tool 1.10 (written by random/random)
Run by Uzivatel at 2021-03-10 13:29:39
Microsoft Windows 10 Home
System drive C: has 211 GB (44%) free of 476 GB
Total RAM: 3979 MB (33% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:29:56, on 10.03.2021
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.19041.0001)
Boot mode: Normal

Running processes:
C:\Users\Uzivatel\AppData\Roaming\Zoom\bin\Zoom.exe
C:\Users\Uzivatel\AppData\Roaming\Zoom\bin\Zoom.exe
C:\Users\Uzivatel\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Users\Uzivatel\AppData\Local\Microsoft\OneDrive\21.016.0124.0003\FileCoAuth.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\trend micro\Uzivatel.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://dell13.msn.com/?pc=DCJB
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: True Key Helper - {0F4B8786-5502-4803-8EBC-F652A1153BB6} - C:\Program Files\McAfee\TrueKey\MSIE\truekey_ie.dll
O2 - BHO: IEToEdge BHO - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\89.0.774.45\BHO\ie_to_edge_bho.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_144\bin\ssv.dll
O2 - BHO: McAfee WebAdvisor - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll
O3 - Toolbar: True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\McAfee\TrueKey\MSIE\truekey_ie.dll
O3 - Toolbar: PDFXChange 2012 - {42DFA04F-0F16-418e-B80C-AB97A5AFAD3A} - C:\Program Files\Tracker Software\PDF-XChange 5\PXCIEaddin5.dll
O4 - HKCU\..\Run: [com.squirrel.Teams.Teams] C:\Users\Uzivatel\AppData\Local\Microsoft\Teams\Update.exe --processStart "Teams.exe" --process-start-args "--system-initiated"
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Uzivatel\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [PTOneClick] C:\Program Files (x86)\Webex\Webex\Applications\ptoneclk.exe /AutoRunning="1"
O4 - HKCU\..\Run: [CiscoMeetingDaemon] "C:\Users\Uzivatel\AppData\Local\WebEx\ciscowebexstart.exe" /daemon /from=autorun
O4 - HKCU\..\RunOnce: [Delete Cached Update Binary] C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Uzivatel\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe"
O4 - HKCU\..\RunOnce: [Delete Cached Standalone Update Binary] C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Uzivatel\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe"
O4 - HKCU\..\RunOnce: [Uninstall 21.002.0104.0005\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Uzivatel\AppData\Local\Microsoft\OneDrive\21.002.0104.0005\amd64"
O4 - HKCU\..\RunOnce: [Uninstall 21.002.0104.0005] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Uzivatel\AppData\Local\Microsoft\OneDrive\21.002.0104.0005"
O4 - HKLM\..\Policies\Explorer\Run: [BtvStack] "C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe"
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra button: McAfee WebAdvisor - {48A61126-9A19-4C50-A214-FF08CB94995C} - C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll
O9 - Extra 'Tools' menuitem: McAfee WebAdvisor - {48A61126-9A19-4C50-A214-FF08CB94995C} - C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - https://fpdownload.macromedia.com/pub/s ... tor/sw.cab
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (GpcContainer Class) -
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Inc. - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\aswidsagent.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Avast Tools (avast! Tools) - AVAST Software - C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
O23 - Service: AvastWscReporter - AVAST Software - C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100 (CredentialEnrollmentManagerUserSvc) - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: CredentialEnrollmentManagerUserSvc_11acfb - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google LLC - C:\Program Files (x86)\Google\Chrome\Application\88.0.4324.190\elevation_service.exe
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: McAfee WebAdvisor - McAfee, LLC - C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101 (perceptionsimulation) - Unknown owner - C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\WINDOWS\system32\SgrmBroker.exe (file missing)
O23 - Service: @firewallapi.dll,-50323 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: McAfee True Key (TrueKey) - McAfee, LLC. - C:\Program Files\McAfee\TrueKey\McAfee.TrueKey.Service.exe
O23 - Service: McAfee True Key Scheduler (TrueKeyScheduler) - McAfee, LLC. - C:\Program Files\McAfee\TrueKey\McTkSchedulerService.exe
O23 - Service: McAfee True Key Helper Service (TrueKeyServiceHelper) - McAfee, LLC. - C:\Program Files\McAfee\TrueKey\McAfee.TrueKey.ServiceHelper.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: Cisco WebEx Update Service (WebexService) - Cisco WebEx LLC - C:\Program Files (x86)\Webex\Webex\Applications\WebExService.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 13605 bytes

======Listing Processes======








winlogon.exe

C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p
"fontdrvhost.exe"
"fontdrvhost.exe"
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-0b3649ce-3e06-497f-8f06-f2810cfe5563 -SystemEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-a09089d9-895b-4eea-9ee8-00d7f96d4fc4 -IoCancelEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-03bee061-e9ec-4629-b607-c748e6200523 -NonStateChangingEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-c6441e7c-eb9c-44c8-9635-43d099bbbfb7 -LifetimeId:6a832a03-56c8-40c0-9c40-bc930067a363 -DeviceGroupId:WudfDefaultDevicePool -HostArg:0
C:\WINDOWS\system32\svchost.exe -k RPCSS -p
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p -s LSM
"dwm.exe"
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -s BTAGService
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s BthAvctpSvc
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s bthserv
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s NcbService
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DisplayEnhancementService
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s PhoneSvc
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s EventLog
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s hidserv
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s SensorService
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s TimeBrokerSvc
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation -p -s SensrSvc
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s TabletInputService
C:\WINDOWS\system32\svchost.exe -k appmodel -p -s camsvc
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s ProfSvc

C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s SysMain
C:\WINDOWS\System32\svchost.exe -k netsvcs -p -s Themes
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s EventSystem
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DeviceAssociationService

C:\WINDOWS\system32\svchost.exe -k LocalService -p -s nsi
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s SENS
dashost.exe {9cd2abde-f7d8-441a-aeb637a14fd073d4}
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s Dhcp
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s UserManager
C:\WINDOWS\system32\igfxCUIService.exe
C:\WINDOWS\System32\svchost.exe -k NetworkService -p -s NlaSvc
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s Schedule
C:\WINDOWS\System32\svchost.exe -k LocalService -p -s netprofm
C:\WINDOWS\system32\svchost.exe -k appmodel -p -s StateRepository
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation -p -s SSDPSRV
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s AudioEndpointBuilder
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s FontCache
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
"C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SRSPS
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SENDINPUT
C:\WINDOWS\system32\svchost.exe -k NetworkService -p -s Dnscache
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s WinHttpAutoProxySvc
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p
C:\WINDOWS\System32\svchost.exe -k netsvcs -p -s ShellHWDetection

"C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe" /runassvc
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetworkFirewall -p
C:\WINDOWS\System32\svchost.exe -k NetworkService -p -s LanmanWorkstation
"C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe"
C:\WINDOWS\system32\svchost.exe -k NetworkService -p -s CryptSvc
C:\WINDOWS\System32\svchost.exe -k utcsvc -p
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s Winmgmt
C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork -p -s DPS
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork -p
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s SstpSvc
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s TrkWks
"C:\Program Files\McAfee\TrueKey\McAfee.TrueKey.ServiceHelper.exe"
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s WpnService
C:\WINDOWS\System32\svchost.exe -k NetSvcs -p -s iphlpsvc
"C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe"
C:\WINDOWS\System32\svchost.exe -k LocalService -p -s WdiServiceHost
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s LanmanServer
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
"C:\Program Files\AVAST Software\Avast\aswEngSrv.exe" /pipename="3A6E3760-408E-C4E3-BC55-64D1C2926775" /binpath="C:\Program Files\AVAST Software\Avast"
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation -p -s upnphost

C:\WINDOWS\system32\wbem\wmiprvse.exe

C:\WINDOWS\system32\svchost.exe -k LocalService -p -s DispBrokerDesktopSvc
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s CDPSvc
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s StorSvc
"C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler.exe"
"C:\Program Files\McAfee\WebAdvisor\UIHost.exe"
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup -s CDPUserSvc
C:\WINDOWS\system32\svchost.exe -k BthAppGroup -p -s BluetoothUserService
sihost.exe
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup -s WpnUserService
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s TokenBroker
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -s RmSvc
C:\WINDOWS\system32\svchost.exe -k ClipboardSvcGroup -p -s cbdhsvc
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s NgcCtnrSvc
igfxEM.exe
igfxHK.exe
igfxTray.exe
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler64.exe"
"C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\InputApp\TextInputHost.exe" -ServerName:InputApp.AppX9jnwykgrccxc8by3hsrsh07r423xzvav.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\System32\svchost.exe -k LocalService -p -s LicenseManager
"ctfmon.exe"
/QuitInfo:0000000000000260;0000000000000264;
C:\WINDOWS\system32\SettingSyncHost.exe -Embedding
C:\WINDOWS\system32\svchost.exe -k LocalService
"C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe"
"C:\Windows\System32\SecurityHealthSystray.exe"

"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /MAXX5
"C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\ActivateDesktop.exe"
"C:\Program Files\Realtek\Audio\HDA\WavesSvc64.exe"
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s PcaSvc
"C:\Program Files\Dell\QuickSet\quickset.exe"
AvastUI.exe /nogui
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /IM
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s Appinfo
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"

C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s UsoSvc
C:\Windows\System32\mousocoreworker.exe -Embedding
"C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe"
"C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" --type=gpu-process --field-trial-handle=8336,15844533243635794032,4482839678625286598,131072 --enable-features=CastMediaRouteProvider --disable-features=OutOfBlinkCors --no-sandbox --disable-gpu-driver-bug-workarounds --log-file="C:\Users\Uzivatel\AppData\Roaming\Avast Software\Avast\log\cef_log.txt" --log-severity=error --user-agent="Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.3.3626.1895 Safari/537.36 Avastium (20.10.2442)" --lang=en-US --proxy-auto-detect --disable-webaudio --force-wave-audio --disable-software-rasterizer --no-sandbox --blacklist-accelerated-compositing --disable-accelerated-2d-canvas --disable-accelerated-compositing --disable-accelerated-layers --disable-accelerated-video-decode --blacklist-webgl --disable-bundled-ppapi-flash --disable-flash-3d --enable-aggressive-domstorage-flushing --enable-media-stream --allow-file-access-from-files=1 --pack_loading_disabled=1 --gpu-preferences=MAAAAAAAAADgAABwAAAAAAAAAAAAAAAAAABgAAAAAAAQAAAAAAAAAAAAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAA= --use-gl=swiftshader-webgl --log-file="C:\Users\Uzivatel\AppData\Roaming\Avast Software\Avast\log\cef_log.txt" --mojo-platform-channel-handle=8432 /prefetch:2
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=8336,15844533243635794032,4482839678625286598,131072 --enable-features=CastMediaRouteProvider --disable-features=OutOfBlinkCors --lang=en-US --service-sandbox-type=network --no-sandbox --force-wave-audio --log-file="C:\Users\Uzivatel\AppData\Roaming\Avast Software\Avast\log\cef_log.txt" --log-severity=error --user-agent="Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.3.3626.1895 Safari/537.36 Avastium (20.10.2442)" --lang=en-US --proxy-auto-detect --disable-webaudio --force-wave-audio --disable-software-rasterizer --no-sandbox --blacklist-accelerated-compositing --disable-accelerated-2d-canvas --disable-accelerated-compositing --disable-accelerated-layers --disable-accelerated-video-decode --blacklist-webgl --disable-bundled-ppapi-flash --disable-flash-3d --enable-aggressive-domstorage-flushing --enable-media-stream --allow-file-access-from-files=1 --pack_loading_disabled=1 --log-file="C:\Users\Uzivatel\AppData\Roaming\Avast Software\Avast\log\cef_log.txt" --mojo-platform-channel-handle=8808 /prefetch:8
C:\Windows\System32\oobe\UserOOBEBroker.exe -Embedding
C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding
"C:\Windows\ImmersiveControlPanel\SystemSettings.exe" -ServerName:microsoft.windows.immersivecontrolpanel
C:\WINDOWS\System32\svchost.exe -k netsvcs -p
"C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe" -ServerName:WindowsDefaultLockScreen.AppX7y4nbzq37zn4ks9k7amqjywdat7d3j2z.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s wuauserv
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s lfsvc
C:\WINDOWS\System32\svchost.exe -k netsvcs -p -s BITS
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s DsSvc
"C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13426.20688.0_x64__8wekyb3d8bbwe\HxOutlook.exe" -ServerName:microsoft.windowslive.mail.AppXfbjsbkxvprcgqg6q4c9jfr0pn3kv9x5s.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13426.20688.0_x64__8wekyb3d8bbwe\HxTsr.exe" -ServerName:Hx.IPC.Server
"C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13426.20688.0_x64__8wekyb3d8bbwe\HxAccounts.exe" -ServerName:microsoft.windowslive.manageaccounts.AppXdbf3yp5apt3t7q877db3gnz5zqpf71zj.mca
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s WebClient
"C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2101.10.0_x64__8wekyb3d8bbwe\Calculator.exe" -ServerName:App.AppXsm3pg4n7er43kdh1qp4e79f1j7am68r8.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe" -ServerName:App.AppXywbrabmsek0gm3tkwpr5kwzbs55tkqay.mca
"C:\Users\Uzivatel\AppData\Roaming\Zoom\bin\Zoom.exe"
"C:\Users\Uzivatel\AppData\Roaming\Zoom\bin\Zoom.exe" --action=preload --runaszvideo=TRUE --useroption=4504149475459072 --useroption2=1170935903118426176 --useroption3=2305984846219149824 --haszoomim=1
/updateInstalled /background
"C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe" -ServerName:CortanaUI.AppX8z9r6jm96hw4bsbneegw0kyxx296wr9t.mca
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=8336,15844533243635794032,4482839678625286598,131072 --enable-features=CastMediaRouteProvider --disable-features=OutOfBlinkCors --lang=en-US --service-sandbox-type=audio --no-sandbox --force-wave-audio --log-file="C:\Users\Uzivatel\AppData\Roaming\Avast Software\Avast\log\cef_log.txt" --log-severity=error --user-agent="Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.3.3626.1895 Safari/537.36 Avastium (20.10.2442)" --lang=en-US --proxy-auto-detect --disable-webaudio --force-wave-audio --disable-software-rasterizer --no-sandbox --blacklist-accelerated-compositing --disable-accelerated-2d-canvas --disable-accelerated-compositing --disable-accelerated-layers --disable-accelerated-video-decode --blacklist-webgl --disable-bundled-ppapi-flash --disable-flash-3d --enable-aggressive-domstorage-flushing --enable-media-stream --allow-file-access-from-files=1 --pack_loading_disabled=1 --log-file="C:\Users\Uzivatel\AppData\Roaming\Avast Software\Avast\log\cef_log.txt" --mojo-platform-channel-handle=10164 /prefetch:8
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Users\Uzivatel\AppData\Local\Microsoft\OneDrive\21.016.0124.0003\FileCoAuth.exe" -Embedding
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
/Skip /ProcessResult /PRODUCT:Reader /LANG:CZE
taskhostw.exe
C:\WINDOWS\system32\svchost.exe -k PrintWorkflow -s PrintWorkflowUserSvc
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s lmhosts
C:\WINDOWS\System32\svchost.exe -k WerSvcGroup
werfault.exe /hc /shared Global\9cf7ac073d4942bd955dd7cd5795eec5 /t 2036 /p 4712
"C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.521.2012.0_x64__8wekyb3d8bbwe\GameBar.exe" -ServerName:App.AppXbdkk0yrkwpcgeaem8zk81k8py1eaahny.mca
"C:\Program Files\CCleaner\CCleaner64.exe" /monitor
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Uzivatel\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Uzivatel\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Uzivatel\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=88.0.4324.182 --initial-client-data=0xe4,0xe8,0xec,0xc0,0xf0,0x7ff9f61d9e90,0x7ff9f61d9ea0,0x7ff9f61d9eb0
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1632,12862647702858159671,11588987301547099018,131072 --gpu-preferences=OAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAABQAAABAAAAAAAAAAAAAAAAYAAAAQAAAAAAAAAAEAAAAFAAAAEAAAAAAAAAABAAAABgAAAA== --mojo-platform-channel-handle=1720 /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1632,12862647702858159671,11588987301547099018,131072 --lang=cs --service-sandbox-type=network --mojo-platform-channel-handle=2052 /prefetch:8
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1632,12862647702858159671,11588987301547099018,131072 --lang=cs --service-sandbox-type=utility --mojo-platform-channel-handle=2300 /prefetch:8
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1632,12862647702858159671,11588987301547099018,131072 --lang=cs --extension-process --origin-trial-disabled-features=SecurePaymentConfirmation --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3588 /prefetch:1
C:\WINDOWS\system32\cmd.exe /d /c "C:\Program Files\McAfee\WebAdvisor\BrowserHost.exe" chrome-extension://fheoggkfdfchfphceeifdbepaooicaho/ --parent-window=0 < \\.\pipe\chrome.nativeMessaging.in.b71e2b9f2fee95f4 > \\.\pipe\chrome.nativeMessaging.out.b71e2b9f2fee95f4
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files\McAfee\WebAdvisor\BrowserHost.exe" chrome-extension://fheoggkfdfchfphceeifdbepaooicaho/ --parent-window=0
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1632,12862647702858159671,11588987301547099018,131072 --lang=cs --service-sandbox-type=audio --mojo-platform-channel-handle=7324 /prefetch:8
"C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe" /service
"C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppVShNotify.exe"
"C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppVShNotify.exe"
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s WdiSystemHost
"C:\Program Files\WindowsApps\Microsoft.YourPhone_1.21021.116.0_x64__8wekyb3d8bbwe\YourPhone.exe" -ServerName:App.AppX9yct9q388jvt4h7y0gn06smzkxcsnt8m.mca
"C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.21021.10311.0_x64__8wekyb3d8bbwe\Video.UI.exe" -ServerName:Microsoft.ZuneVideo.AppX758ya5sqdjd98rx6z7g95nw6jy7bqx9y.mca
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1632,12862647702858159671,11588987301547099018,131072 --lang=cs --origin-trial-disabled-features=SecurePaymentConfirmation --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=97 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2536 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1632,12862647702858159671,11588987301547099018,131072 --lang=cs --origin-trial-disabled-features=SecurePaymentConfirmation --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=99 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1572 /prefetch:1

"C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2020.20110.11001.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe" -ServerName:App.AppXzst44mncqdg84v7sv6p7yznqwssy6f7f.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s wlidsvc

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1632,12862647702858159671,11588987301547099018,131072 --lang=cs --origin-trial-disabled-features=SecurePaymentConfirmation --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=103 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=12108 /prefetch:1
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe9_ Global\UsGthrCtrlFltPipeMssGthrPipe9 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 780 784 792 8192 788 764
C:\Windows\System32\smartscreen.exe -Embedding
C:\WINDOWS\system32\AUDIODG.EXE 0x650
"C:\Users\Uzivatel\Downloads\RSITx64.exe"
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s dmwappushservice
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s SmsRouter
C:\WINDOWS\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\WINDOWS\tasks\Synaptics TouchPad Enhancements.job - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0F4B8786-5502-4803-8EBC-F652A1153BB6}]
True Key Helper - C:\Program Files\McAfee\TrueKey\MSIE\truekey_ie64.dll [2018-04-23 1452072]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}]
IEToEdge BHO - C:\Program Files (x86)\Microsoft\Edge\Application\89.0.774.45\BHO\ie_to_edge_bho_64.dll [2021-03-03 548232]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2021-03-10 189248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}]
McAfee WebAdvisor - C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2021-02-11 1409680]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0F4B8786-5502-4803-8EBC-F652A1153BB6}]
True Key Helper - C:\Program Files\McAfee\TrueKey\MSIE\truekey_ie.dll [2018-04-23 1073880]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}]
IEToEdge BHO - C:\Program Files (x86)\Microsoft\Edge\Application\89.0.774.45\BHO\ie_to_edge_bho.dll [2021-03-03 416648]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_144\bin\ssv.dll [2017-09-19 473664]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}]
McAfee WebAdvisor - C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2021-02-11 1105208]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - True Key - C:\Program Files\McAfee\TrueKey\MSIE\truekey_ie64.dll [2018-04-23 1452072]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - True Key - C:\Program Files\McAfee\TrueKey\MSIE\truekey_ie.dll [2018-04-23 1073880]
{42DFA04F-0F16-418e-B80C-AB97A5AFAD3A} - PDFXChange 2012 - C:\Program Files\Tracker Software\PDF-XChange 5\PXCIEaddin5.dll [2013-01-19 423488]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\WINDOWS\system32\SecurityHealthSystray.exe [2019-12-07 86016]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2019-11-18 9269352]
"RtHDVBg"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2019-11-18 1506384]
"WavesSvc"=C:\Program Files\Realtek\Audio\HDA\WavesSvc64.exe [2014-02-17 519256]
"QuickSet"=c:\Program Files\Dell\QuickSet\QuickSet.exe [2014-02-27 3775816]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2021-01-02 117352]
"RtHDVBg_PushButton"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2019-11-18 1506384]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-08-23 2779376]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe [2014-02-25 134784]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"com.squirrel.Teams.Teams"=C:\Users\Uzivatel\AppData\Local\Microsoft\Teams\Update.exe [2020-11-23 2453688]
"OneDrive"=C:\Users\Uzivatel\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2021-02-27 1942400]
"CCleaner Smart Cleaning"=C:\Program Files\CCleaner\CCleaner64.exe [2021-03-05 32726088]
"DAEMON Tools Lite Automount"=C:\Program Files\DAEMON Tools Lite\DTAgent.exe [2020-04-02 365760]
"PTOneClick"=C:\Program Files (x86)\Webex\Webex\Applications\ptoneclk.exe [2020-09-18 7690560]
"CiscoMeetingDaemon"=C:\Users\Uzivatel\AppData\Local\WebEx\ciscowebexstart.exe [2021-01-22 2427592]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Delete Cached Update Binary"=C:\WINDOWS\system32\cmd.exe [2021-01-16 289792]
"Delete Cached Standalone Update Binary"=C:\WINDOWS\system32\cmd.exe [2021-01-16 289792]
"Uninstall 21.002.0104.0005\amd64"=C:\WINDOWS\system32\cmd.exe [2021-01-16 289792]
"Uninstall 21.002.0104.0005"=C:\WINDOWS\system32\cmd.exe [2021-01-16 289792]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe [2014-02-25 134784]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter
"C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter"
"C:\Program Files\McAfee\TrueKey\McAfeeTrueKeyPasswordFilter"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CBDHSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NgcCtnrSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NgcSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioEndpointBuilder]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioSrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CBDHSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudAddService.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudBus.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsQuic]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NgcCtnrSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NgcSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\usbaudio.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96C-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"EnableFullTrustStartupTasks"=2
"EnableUwpStartupTasks"=2
"SupportFullTrustStartupTasks"=1
"SupportUwpStartupTasks"=1
"DisableCAD"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"aux"=wdmaud.drv
"midi"=wdmaud.drv
"midimapper"=midimap.dll
"mixer"=wdmaud.drv
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wave"=wdmaud.drv
"wavemapper"=msacm32.drv
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"aux1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave1"=wdmaud.drv
"aux2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave2"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll

======File associations======

.inf - install -
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2021-02-16 11:24:37 ----A---- C:\WINDOWS\system32\FXSUNATD.exe
2021-02-16 11:24:37 ----A---- C:\WINDOWS\system32\FXSROUTE.dll
2021-02-16 11:24:37 ----A---- C:\WINDOWS\system32\FXSMON.dll
2021-02-16 11:24:36 ----A---- C:\WINDOWS\system32\FXSSVC.exe
2021-02-16 11:24:36 ----A---- C:\WINDOWS\system32\FXSEVENT.dll
2021-02-16 11:24:31 ----A---- C:\WINDOWS\SYSWOW64\fveapibase.dll
2021-02-16 11:24:31 ----A---- C:\WINDOWS\SYSWOW64\fveapi.dll
2021-02-16 11:24:31 ----A---- C:\WINDOWS\system32\drivers\fvevol.sys
2021-02-16 11:24:31 ----A---- C:\WINDOWS\system32\drivers\dumpfve.sys
2021-02-16 11:24:30 ----A---- C:\WINDOWS\system32\fvewiz.dll
2021-02-16 11:24:30 ----A---- C:\WINDOWS\system32\fveapibase.dll
2021-02-16 11:24:30 ----A---- C:\WINDOWS\system32\fveapi.dll
2021-02-16 11:24:30 ----A---- C:\WINDOWS\system32\bdesvc.dll
2021-02-16 11:24:29 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.Picker.dll
2021-02-16 11:24:29 ----A---- C:\WINDOWS\system32\fveui.dll
2021-02-16 11:24:28 ----A---- C:\WINDOWS\SYSWOW64\cdp.dll
2021-02-16 11:24:26 ----A---- C:\WINDOWS\system32\Windows.Devices.Picker.dll
2021-02-16 11:23:32 ----A---- C:\WINDOWS\system32\cdp.dll
2021-02-16 11:23:32 ----A---- C:\WINDOWS\system32\AppReadiness.dll
2021-02-16 11:23:05 ----A---- C:\WINDOWS\SYSWOW64\DolbyDecMFT.dll
2021-02-16 11:23:04 ----A---- C:\WINDOWS\SYSWOW64\msmpeg2vdec.dll
2021-02-16 11:23:04 ----A---- C:\WINDOWS\SYSWOW64\mfmpeg2srcsnk.dll
2021-02-16 11:23:03 ----A---- C:\WINDOWS\SYSWOW64\mfsvr.dll
2021-02-16 11:23:02 ----A---- C:\WINDOWS\SYSWOW64\msvproc.dll
2021-02-16 11:23:02 ----A---- C:\WINDOWS\SYSWOW64\MFMediaEngine.dll
2021-02-16 11:23:00 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.dll
2021-02-16 11:23:00 ----A---- C:\WINDOWS\SYSWOW64\mfps.dll
2021-02-16 11:22:59 ----A---- C:\WINDOWS\SYSWOW64\mfcore.dll
2021-02-16 11:22:58 ----A---- C:\WINDOWS\SYSWOW64\MSPhotography.dll
2021-02-16 11:22:58 ----A---- C:\WINDOWS\SYSWOW64\mfasfsrcsnk.dll
2021-02-16 11:22:57 ----A---- C:\WINDOWS\SYSWOW64\MFCaptureEngine.dll
2021-02-16 11:22:56 ----A---- C:\WINDOWS\system32\DolbyDecMFT.dll
2021-02-16 11:22:53 ----A---- C:\WINDOWS\system32\msmpeg2vdec.dll
2021-02-16 11:22:53 ----A---- C:\WINDOWS\system32\Hydrogen.dll
2021-02-16 11:22:52 ----A---- C:\WINDOWS\system32\mfsvr.dll
2021-02-16 11:22:52 ----A---- C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2021-02-16 11:22:51 ----A---- C:\WINDOWS\system32\msvproc.dll
2021-02-16 11:22:51 ----A---- C:\WINDOWS\system32\MFMediaEngine.dll
2021-02-16 11:22:50 ----A---- C:\WINDOWS\system32\Windows.Media.dll
2021-02-16 11:22:50 ----A---- C:\WINDOWS\system32\mfps.dll
2021-02-16 11:22:49 ----A---- C:\WINDOWS\system32\mfcore.dll
2021-02-16 11:22:49 ----A---- C:\WINDOWS\system32\mfasfsrcsnk.dll
2021-02-16 11:22:48 ----A---- C:\WINDOWS\system32\MSPhotography.dll
2021-02-16 11:22:48 ----A---- C:\WINDOWS\system32\MFCaptureEngine.dll
2021-02-16 11:22:45 ----A---- C:\WINDOWS\SYSWOW64\WindowsCodecsRaw.dll
2021-02-16 11:22:43 ----A---- C:\WINDOWS\SYSWOW64\tsgqec.dll
2021-02-16 11:22:43 ----A---- C:\WINDOWS\system32\WindowsCodecsRaw.dll
2021-02-16 11:22:42 ----A---- C:\WINDOWS\SYSWOW64\wsp_health.dll
2021-02-16 11:22:42 ----A---- C:\WINDOWS\SYSWOW64\mstscax.dll
2021-02-16 11:22:41 ----A---- C:\WINDOWS\SYSWOW64\wsp_fs.dll
2021-02-16 11:22:41 ----A---- C:\WINDOWS\SYSWOW64\nshwfp.dll
2021-02-16 11:22:41 ----A---- C:\WINDOWS\SYSWOW64\cryptuiwizard.dll
2021-02-16 11:22:41 ----A---- C:\WINDOWS\SYSWOW64\CertPKICmdlet.dll
2021-02-16 11:22:40 ----A---- C:\WINDOWS\SYSWOW64\msimsg.dll
2021-02-16 11:22:40 ----A---- C:\WINDOWS\SYSWOW64\msi.dll
2021-02-16 11:22:38 ----A---- C:\WINDOWS\SYSWOW64\iemigplugin.dll
2021-02-16 11:22:37 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2021-02-16 11:22:36 ----A---- C:\WINDOWS\SYSWOW64\IndexedDbLegacy.dll
2021-02-16 11:22:36 ----A---- C:\WINDOWS\SYSWOW64\ieproxy.dll
2021-02-16 11:22:34 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2021-02-16 11:22:34 ----A---- C:\WINDOWS\SYSWOW64\EdgeManager.dll
2021-02-16 11:22:33 ----A---- C:\WINDOWS\SYSWOW64\webplatstorageserver.dll
2021-02-16 11:20:55 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2021-02-16 11:20:54 ----A---- C:\WINDOWS\SYSWOW64\werui.dll
2021-02-16 11:20:54 ----A---- C:\WINDOWS\SYSWOW64\packager.dll
2021-02-16 11:20:54 ----A---- C:\WINDOWS\SYSWOW64\imapi2fs.dll
2021-02-16 11:20:53 ----A---- C:\WINDOWS\SYSWOW64\resutils.dll
2021-02-16 11:20:53 ----A---- C:\WINDOWS\SYSWOW64\clusapi.dll
2021-02-16 11:20:53 ----A---- C:\WINDOWS\SYSWOW64\autofmt.exe
2021-02-16 11:20:53 ----A---- C:\WINDOWS\SYSWOW64\autoconv.exe
2021-02-16 11:20:46 ----A---- C:\WINDOWS\system32\fhtask.dll
2021-02-16 11:20:46 ----A---- C:\WINDOWS\system32\fhsvcctl.dll
2021-02-16 11:20:46 ----A---- C:\WINDOWS\system32\fhsvc.dll
2021-02-16 11:20:46 ----A---- C:\WINDOWS\system32\fhshl.dll
2021-02-16 11:20:46 ----A---- C:\WINDOWS\system32\fhsettingsprovider.dll
2021-02-16 11:20:46 ----A---- C:\WINDOWS\system32\fhmanagew.exe
2021-02-16 11:20:46 ----A---- C:\WINDOWS\system32\fhlisten.dll
2021-02-16 11:20:46 ----A---- C:\WINDOWS\system32\fhcleanup.dll
2021-02-16 11:20:45 ----A---- C:\WINDOWS\system32\fhsrchph.dll
2021-02-16 11:20:45 ----A---- C:\WINDOWS\system32\fhsrchapi.dll
2021-02-16 11:20:45 ----A---- C:\WINDOWS\system32\fhevents.dll
2021-02-16 11:20:45 ----A---- C:\WINDOWS\system32\fhengine.dll
2021-02-16 11:20:45 ----A---- C:\WINDOWS\system32\fhcfg.dll
2021-02-16 11:20:45 ----A---- C:\WINDOWS\system32\fhcat.dll
2021-02-16 11:20:44 ----A---- C:\WINDOWS\system32\workfolderssvc.dll
2021-02-16 11:20:44 ----A---- C:\WINDOWS\system32\WorkfoldersControl.dll
2021-02-16 11:20:44 ----A---- C:\WINDOWS\system32\WorkFolders.exe
2021-02-16 11:20:43 ----A---- C:\WINDOWS\system32\WorkFoldersShell.dll
2021-02-16 11:20:43 ----A---- C:\WINDOWS\system32\rdsdwmdr.dll
2021-02-16 11:20:43 ----A---- C:\WINDOWS\system32\DiagSvc.dll
2021-02-16 11:20:42 ----A---- C:\WINDOWS\system32\tsgqec.dll
2021-02-16 11:20:42 ----A---- C:\WINDOWS\system32\termsrv.dll
2021-02-16 11:20:41 ----A---- C:\WINDOWS\system32\mstscax.dll
2021-02-16 11:20:40 ----A---- C:\WINDOWS\system32\wsp_health.dll
2021-02-16 11:20:40 ----A---- C:\WINDOWS\system32\wsp_fs.dll
2021-02-16 11:20:39 ----A---- C:\WINDOWS\system32\Windows.System.Profile.HardwareId.dll
2021-02-16 11:20:39 ----A---- C:\WINDOWS\system32\cryptuiwizard.dll
2021-02-16 11:20:39 ----A---- C:\WINDOWS\system32\CertPKICmdlet.dll
2021-02-16 11:20:38 ----A---- C:\WINDOWS\system32\nshwfp.dll
2021-02-16 11:20:38 ----A---- C:\WINDOWS\system32\nltest.exe
2021-02-16 11:20:38 ----A---- C:\WINDOWS\system32\msimsg.dll
2021-02-16 11:20:37 ----A---- C:\WINDOWS\system32\msi.dll
2021-02-16 11:20:35 ----A---- C:\WINDOWS\system32\IESettingSync.exe
2021-02-16 11:20:35 ----A---- C:\WINDOWS\system32\iemigplugin.dll
2021-02-16 11:20:33 ----A---- C:\WINDOWS\system32\ieframe.dll
2021-02-16 11:20:32 ----A---- C:\WINDOWS\system32\IndexedDbLegacy.dll
2021-02-16 11:20:32 ----A---- C:\WINDOWS\system32\ieproxy.dll
2021-02-16 11:20:32 ----A---- C:\WINDOWS\system32\Chakra.dll
2021-02-16 11:20:28 ----A---- C:\WINDOWS\system32\mshtml.dll
2021-02-16 11:20:28 ----A---- C:\WINDOWS\system32\EdgeManager.dll
2021-02-16 11:20:27 ----A---- C:\WINDOWS\system32\webplatstorageserver.dll
2021-02-16 11:20:23 ----A---- C:\WINDOWS\system32\edgehtml.dll
2021-02-16 11:20:21 ----A---- C:\WINDOWS\system32\imapi2fs.dll
2021-02-16 11:20:20 ----A---- C:\WINDOWS\system32\werui.dll
2021-02-16 11:20:18 ----A---- C:\WINDOWS\system32\StorageUsage.dll
2021-02-16 11:20:17 ----A---- C:\WINDOWS\system32\StorSvc.dll
2021-02-16 11:20:17 ----A---- C:\WINDOWS\system32\packager.dll
2021-02-16 11:20:15 ----A---- C:\WINDOWS\system32\autofmt.exe
2021-02-16 11:20:15 ----A---- C:\WINDOWS\system32\autoconv.exe
2021-02-16 11:20:14 ----A---- C:\WINDOWS\system32\edpcsp.dll
2021-02-16 11:20:13 ----A---- C:\WINDOWS\system32\EDPCleanup.exe
2021-02-16 11:20:13 ----A---- C:\WINDOWS\system32\CBDHSvc.dll
2021-02-16 11:20:12 ----A---- C:\WINDOWS\system32\ClipUp.exe
2021-02-16 11:20:11 ----A---- C:\WINDOWS\system32\computecore.dll
2021-02-16 11:20:07 ----A---- C:\WINDOWS\system32\resutils.dll
2021-02-16 11:20:07 ----A---- C:\WINDOWS\system32\clusapi.dll
2021-02-16 11:20:06 ----A---- C:\WINDOWS\system32\tcbloader.dll
2021-02-16 11:20:06 ----A---- C:\WINDOWS\system32\tcblaunch.exe
2021-02-16 11:20:05 ----A---- C:\WINDOWS\system32\vertdll.dll
2021-02-16 11:20:05 ----A---- C:\WINDOWS\system32\ucrtbase_enclave.dll
2021-02-16 11:20:05 ----A---- C:\WINDOWS\system32\securekernel.exe
2021-02-16 11:20:05 ----A---- C:\WINDOWS\system32\hvix64.exe
2021-02-16 11:20:04 ----A---- C:\WINDOWS\system32\ResourceMapper.dll
2021-02-16 11:20:04 ----A---- C:\WINDOWS\system32\hvax64.exe
2021-02-16 11:20:03 ----A---- C:\WINDOWS\system32\bcastdvruserservice.dll
2021-02-16 11:20:02 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2021-02-16 11:20:02 ----A---- C:\WINDOWS\SYSWOW64\ntshrui.dll
2021-02-16 11:20:01 ----A---- C:\WINDOWS\SYSWOW64\Windows.FileExplorer.Common.dll
2021-02-16 11:20:01 ----A---- C:\WINDOWS\SYSWOW64\ExplorerFrame.dll
2021-02-16 11:20:00 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2021-02-16 11:20:00 ----A---- C:\WINDOWS\SYSWOW64\PrintWorkflowService.dll
2021-02-16 11:20:00 ----A---- C:\WINDOWS\SYSWOW64\pku2u.dll
2021-02-16 11:20:00 ----A---- C:\WINDOWS\SYSWOW64\comdlg32.dll
2021-02-16 11:19:58 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Protection.PlayReady.dll
2021-02-16 11:19:58 ----A---- C:\WINDOWS\SYSWOW64\msIso.dll
2021-02-16 11:19:58 ----A---- C:\WINDOWS\SYSWOW64\edgeIso.dll
2021-02-16 11:19:57 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2021-02-16 11:19:57 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2021-02-16 11:19:56 ----A---- C:\WINDOWS\SYSWOW64\GdiPlus.dll
2021-02-16 11:19:56 ----A---- C:\WINDOWS\SYSWOW64\efsext.dll
2021-02-16 11:19:56 ----A---- C:\WINDOWS\SYSWOW64\BitLockerCsp.dll
2021-02-16 11:19:56 ----A---- C:\WINDOWS\SYSWOW64\actxprxy.dll
2021-02-16 11:19:55 ----A---- C:\WINDOWS\SYSWOW64\Windows.Internal.Management.dll
2021-02-16 11:19:55 ----A---- C:\WINDOWS\SYSWOW64\tdh.dll
2021-02-16 11:19:55 ----A---- C:\WINDOWS\SYSWOW64\enrollmentapi.dll
2021-02-16 11:19:55 ----A---- C:\WINDOWS\SYSWOW64\dmenrollengine.dll
2021-02-16 11:19:55 ----A---- C:\WINDOWS\SYSWOW64\DMAlertListener.ProxyStub.dll
2021-02-16 11:19:21 ----A---- C:\WINDOWS\SYSWOW64\mdmlocalmanagement.dll
2021-02-16 11:19:21 ----A---- C:\WINDOWS\SYSWOW64\dmpushproxy.dll
2021-02-16 11:19:21 ----A---- C:\WINDOWS\SYSWOW64\DMAppsRes.dll
2021-02-16 11:19:20 ----A---- C:\WINDOWS\SYSWOW64\WerFaultSecure.exe
2021-02-16 11:19:20 ----A---- C:\WINDOWS\SYSWOW64\WerEnc.dll
2021-02-16 11:19:20 ----A---- C:\WINDOWS\SYSWOW64\netlogon.dll
2021-02-16 11:19:20 ----A---- C:\WINDOWS\SYSWOW64\lpk.dll
2021-02-16 11:19:20 ----A---- C:\WINDOWS\SYSWOW64\fontsub.dll
2021-02-16 11:19:20 ----A---- C:\WINDOWS\SYSWOW64\fontdrvhost.exe
2021-02-16 11:19:20 ----A---- C:\WINDOWS\SYSWOW64\Faultrep.dll
2021-02-16 11:19:20 ----A---- C:\WINDOWS\SYSWOW64\dciman32.dll
2021-02-16 11:19:19 ----A---- C:\WINDOWS\SYSWOW64\WerFault.exe
2021-02-16 11:19:19 ----A---- C:\WINDOWS\SYSWOW64\tzres.dll
2021-02-16 11:19:19 ----A---- C:\WINDOWS\SYSWOW64\schannel.dll
2021-02-16 11:19:19 ----A---- C:\WINDOWS\SYSWOW64\oleaut32.dll
2021-02-16 11:19:19 ----A---- C:\WINDOWS\SYSWOW64\msv1_0.dll
2021-02-16 11:19:19 ----A---- C:\WINDOWS\SYSWOW64\dbghelp.dll
2021-02-16 11:19:18 ----A---- C:\WINDOWS\SYSWOW64\msvcp_win.dll
2021-02-16 11:19:18 ----A---- C:\WINDOWS\SYSWOW64\crypt32.dll
2021-02-16 11:19:18 ----A---- C:\WINDOWS\SYSWOW64\combase.dll
2021-02-16 11:19:17 ----A---- C:\WINDOWS\SYSWOW64\zipfldr.dll
2021-02-16 11:19:17 ----A---- C:\WINDOWS\SYSWOW64\ucrtbase.dll
2021-02-16 11:19:17 ----A---- C:\WINDOWS\SYSWOW64\autochk.exe
2021-02-16 11:19:17 ----A---- C:\WINDOWS\SYSWOW64\adsldpc.dll
2021-02-16 11:19:16 ----A---- C:\WINDOWS\SYSWOW64\wups.dll
2021-02-16 11:19:16 ----A---- C:\WINDOWS\SYSWOW64\wuapi.dll
2021-02-16 11:19:16 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Speech.dll
2021-02-16 11:19:16 ----A---- C:\WINDOWS\SYSWOW64\AtBroker.exe
2021-02-16 11:19:15 ----A---- C:\WINDOWS\SYSWOW64\untfs.dll
2021-02-16 11:19:12 ----A---- C:\WINDOWS\SYSWOW64\ulib.dll
2021-02-16 11:19:12 ----A---- C:\WINDOWS\SYSWOW64\mdmregistration.dll
2021-02-16 11:19:12 ----A---- C:\WINDOWS\SYSWOW64\ifsutil.dll
2021-02-16 11:19:11 ----A---- C:\WINDOWS\SYSWOW64\container.dll
2021-02-16 11:19:10 ----A---- C:\WINDOWS\SYSWOW64\daxexec.dll
2021-02-16 11:19:09 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.Lights.dll
2021-02-16 11:19:09 ----A---- C:\WINDOWS\SYSWOW64\win32u.dll
2021-02-16 11:19:09 ----A---- C:\WINDOWS\SYSWOW64\win32kfull.sys
2021-02-16 11:19:09 ----A---- C:\WINDOWS\SYSWOW64\win32k.sys
2021-02-16 11:19:08 ----A---- C:\WINDOWS\SYSWOW64\D3D12Core.dll
2021-02-16 11:19:08 ----A---- C:\WINDOWS\SYSWOW64\D3D12.dll
2021-02-16 11:19:07 ----A---- C:\WINDOWS\SYSWOW64\OneCoreUAPCommonProxyStub.dll
2021-02-16 11:19:07 ----A---- C:\WINDOWS\SYSWOW64\DiagnosticInvoker.dll
2021-02-16 11:19:06 ----A---- C:\WINDOWS\SYSWOW64\kerberos.dll
2021-02-16 11:19:06 ----A---- C:\WINDOWS\SYSWOW64\KerbClientShared.dll
2021-02-16 11:19:05 ----A---- C:\WINDOWS\SYSWOW64\Windows.StateRepositoryUpgrade.dll
2021-02-16 11:19:05 ----A---- C:\WINDOWS\SYSWOW64\Windows.StateRepositoryCore.dll
2021-02-16 11:19:05 ----A---- C:\WINDOWS\SYSWOW64\StateRepository.Core.dll
2021-02-16 11:19:04 ----A---- C:\WINDOWS\SYSWOW64\Windows.StateRepositoryPS.dll
2021-02-16 11:19:04 ----A---- C:\WINDOWS\SYSWOW64\Windows.StateRepositoryClient.dll
2021-02-16 11:19:04 ----A---- C:\WINDOWS\SYSWOW64\Windows.StateRepositoryBroker.dll
2021-02-16 11:19:03 ----A---- C:\WINDOWS\SYSWOW64\Windows.StateRepository.dll
2021-02-16 11:19:02 ----A---- C:\WINDOWS\SYSWOW64\wintrust.dll
2021-02-16 11:19:01 ----A---- C:\WINDOWS\SYSWOW64\AppXDeploymentClient.dll
2021-02-16 11:18:59 ----A---- C:\WINDOWS\SYSWOW64\windows.storage.dll
2021-02-16 11:18:58 ----A---- C:\WINDOWS\SYSWOW64\esent.dll
2021-02-16 11:18:57 ----A---- C:\WINDOWS\SYSWOW64\WordBreakers.dll
2021-02-16 11:18:57 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Core.TextInput.dll
2021-02-16 11:18:57 ----A---- C:\WINDOWS\SYSWOW64\TextInputFramework.dll
2021-02-16 11:18:57 ----A---- C:\WINDOWS\SYSWOW64\InstallService.dll
2021-02-16 11:18:56 ----A---- C:\WINDOWS\SYSWOW64\tquery.dll
2021-02-16 11:18:56 ----A---- C:\WINDOWS\SYSWOW64\EditBufferTestHook.dll
2021-02-16 11:18:55 ----A---- C:\WINDOWS\SYSWOW64\SearchIndexer.exe
2021-02-16 11:18:55 ----A---- C:\WINDOWS\SYSWOW64\Search.ProtocolHandler.MAPI2.dll
2021-02-16 11:18:55 ----A---- C:\WINDOWS\SYSWOW64\mssvp.dll
2021-02-16 11:18:55 ----A---- C:\WINDOWS\SYSWOW64\mssrch.dll
2021-02-16 11:18:55 ----A---- C:\WINDOWS\SYSWOW64\mssprxy.dll
2021-02-16 11:18:55 ----A---- C:\WINDOWS\SYSWOW64\mssph.dll
2021-02-16 11:18:54 ----A---- C:\WINDOWS\SYSWOW64\SearchProtocolHost.exe
2021-02-16 11:18:54 ----A---- C:\WINDOWS\SYSWOW64\SearchFilterHost.exe
2021-02-16 11:18:54 ----A---- C:\WINDOWS\SYSWOW64\mssitlb.dll
2021-02-16 11:18:54 ----A---- C:\WINDOWS\SYSWOW64\msscntrs.dll
2021-02-16 11:18:53 ----A---- C:\WINDOWS\SYSWOW64\UIAutomationCore.dll
2021-02-16 11:18:53 ----A---- C:\WINDOWS\SYSWOW64\GameInput.dll
2021-02-16 11:18:53 ----A---- C:\WINDOWS\SYSWOW64\DWrite.dll
2021-02-16 11:18:53 ----A---- C:\WINDOWS\SYSWOW64\ActivationManager.dll
2021-02-16 11:18:52 ----A---- C:\WINDOWS\SYSWOW64\Windows.System.Launcher.dll
2021-02-16 11:18:52 ----A---- C:\WINDOWS\SYSWOW64\twinui.appcore.dll
2021-02-16 11:18:51 ----A---- C:\WINDOWS\SYSWOW64\Windows.Data.Pdf.dll
2021-02-16 11:18:51 ----A---- C:\WINDOWS\SYSWOW64\msftedit.dll
2021-02-16 11:18:50 ----A---- C:\WINDOWS\SYSWOW64\ShareHost.dll
2021-02-16 11:18:50 ----A---- C:\WINDOWS\SYSWOW64\cdprt.dll
2021-02-16 11:18:49 ----A---- C:\WINDOWS\SYSWOW64\WWAHost.exe
2021-02-16 11:18:49 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Input.Inking.dll
2021-02-16 11:18:48 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.Phone.dll
2021-02-16 11:18:48 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.Maps.dll
2021-02-16 11:18:48 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.InkControls.dll
2021-02-16 11:18:47 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.Controls.dll
2021-02-16 11:18:44 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.dll
2021-02-16 11:18:42 ----A---- C:\WINDOWS\SYSWOW64\TokenBroker.dll
2021-02-16 11:18:42 ----A---- C:\WINDOWS\SYSWOW64\msctf.dll
2021-02-16 11:18:42 ----A---- C:\WINDOWS\SYSWOW64\kernel32.dll
2021-02-16 11:18:41 ----A---- C:\WINDOWS\SYSWOW64\sechost.dll
2021-02-16 11:18:41 ----A---- C:\WINDOWS\SYSWOW64\PCPKsp.dll
2021-02-16 11:18:41 ----A---- C:\WINDOWS\SYSWOW64\LicensingDiagSpp.dll
2021-02-16 11:18:40 ----A---- C:\WINDOWS\SYSWOW64\ntdll.dll
2021-02-16 11:18:40 ----A---- C:\WINDOWS\SYSWOW64\ContentDeliveryManager.Utilities.dll
2021-02-16 11:18:39 ----A---- C:\WINDOWS\SYSWOW64\AudioSes.dll
2021-02-16 11:18:39 ----A---- C:\WINDOWS\SYSWOW64\AUDIOKSE.dll
2021-02-16 11:18:38 ----A---- C:\WINDOWS\SYSWOW64\SpatialAudioLicenseSrv.exe
2021-02-16 11:18:38 ----A---- C:\WINDOWS\SYSWOW64\remoteaudioendpoint.dll
2021-02-16 11:18:38 ----A---- C:\WINDOWS\SYSWOW64\MMDevAPI.dll
2021-02-16 11:18:38 ----A---- C:\WINDOWS\SYSWOW64\AudioEng.dll
2021-02-16 11:18:37 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.ConversationalAgent.dll
2021-02-16 11:18:37 ----A---- C:\WINDOWS\SYSWOW64\agentactivationruntime.dll
2021-02-16 11:18:37 ----A---- C:\WINDOWS\SYSWOW64\AarSvc.dll
2021-02-16 11:18:36 ----A---- C:\WINDOWS\SYSWOW64\agentactivationruntimewindows.dll
2021-02-16 11:17:42 ----A---- C:\WINDOWS\system32\pku2u.dll
2021-02-16 11:17:40 ----A---- C:\WINDOWS\system32\LsaIso.exe
2021-02-16 11:17:40 ----A---- C:\WINDOWS\system32\iumcrypt.dll
2021-02-16 11:17:37 ----A---- C:\WINDOWS\system32\shell32.dll
2021-02-16 11:17:36 ----A---- C:\WINDOWS\system32\Windows.FileExplorer.Common.dll
2021-02-16 11:17:36 ----A---- C:\WINDOWS\system32\ntshrui.dll
2021-02-16 11:17:35 ----A---- C:\WINDOWS\system32\ExplorerFrame.dll
2021-02-16 11:17:35 ----A---- C:\WINDOWS\system32\comdlg32.dll
2021-02-16 11:17:34 ----A---- C:\WINDOWS\system32\vbscript.dll
2021-02-16 11:17:34 ----A---- C:\WINDOWS\system32\PrintWorkflowService.dll
2021-02-16 11:17:33 ----A---- C:\WINDOWS\system32\umpoext.dll
2021-02-16 11:17:33 ----A---- C:\WINDOWS\system32\SettingsHandlers_nt.dll
2021-02-16 11:17:32 ----A---- C:\WINDOWS\system32\nlasvc.dll
2021-02-16 11:17:32 ----A---- C:\WINDOWS\system32\nlaapi.dll
2021-02-16 11:17:32 ----A---- C:\WINDOWS\system32\ncsi.dll
2021-02-16 11:17:25 ----A---- C:\WINDOWS\system32\ubpm.dll
2021-02-16 11:17:25 ----A---- C:\WINDOWS\system32\sppobjs.dll
2021-02-16 11:17:25 ----A---- C:\WINDOWS\system32\LicensingDiagSpp.dll
2021-02-16 11:17:24 ----A---- C:\WINDOWS\system32\sppcext.dll
2021-02-16 11:17:22 ----A---- C:\WINDOWS\system32\sppsvc.exe
2021-02-16 11:17:21 ----A---- C:\WINDOWS\system32\msIso.dll
2021-02-16 11:17:21 ----A---- C:\WINDOWS\system32\iertutil.dll
2021-02-16 11:17:21 ----A---- C:\WINDOWS\system32\edgeIso.dll
2021-02-16 11:17:20 ----A---- C:\WINDOWS\system32\urlmon.dll
2021-02-16 11:17:19 ----A---- C:\WINDOWS\system32\profsvcext.dll
2021-02-16 11:17:19 ----A---- C:\WINDOWS\system32\actxprxy.dll
2021-02-16 11:17:18 ----A---- C:\WINDOWS\system32\GdiPlus.dll
2021-02-16 11:17:18 ----A---- C:\WINDOWS\system32\efsext.dll
2021-02-16 11:17:16 ----A---- C:\WINDOWS\system32\edptask.dll
2021-02-16 11:17:16 ----A---- C:\WINDOWS\system32\BitLockerCsp.dll
2021-02-16 11:17:15 ----A---- C:\WINDOWS\system32\tdh.dll
2021-02-16 11:17:15 ----A---- C:\WINDOWS\system32\MdmDiagnostics.dll
2021-02-16 11:17:15 ----A---- C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2021-02-16 11:17:14 ----A---- C:\WINDOWS\system32\Windows.Internal.Management.dll
2021-02-16 11:17:14 ----A---- C:\WINDOWS\system32\mdmmigrator.dll
2021-02-16 11:17:14 ----A---- C:\WINDOWS\system32\enrollmentapi.dll
2021-02-16 11:17:14 ----A---- C:\WINDOWS\system32\dmenrollengine.dll
2021-02-16 11:17:13 ----A---- C:\WINDOWS\system32\omadmclient.exe
2021-02-16 11:17:13 ----A---- C:\WINDOWS\system32\mdmpostprocessevaluator.dll
2021-02-16 11:17:13 ----A---- C:\WINDOWS\system32\mdmlocalmanagement.dll
2021-02-16 11:17:12 ----A---- C:\WINDOWS\system32\dmenterprisediagnostics.dll
2021-02-16 11:17:11 ----A---- C:\WINDOWS\system32\enterprisecsps.dll
2021-02-16 11:17:11 ----A---- C:\WINDOWS\system32\DMPushRouterCore.dll
2021-02-16 11:17:11 ----A---- C:\WINDOWS\system32\dmpushproxy.dll
2021-02-16 11:17:10 ----A---- C:\WINDOWS\system32\dmcertinst.exe
2021-02-16 11:17:10 ----A---- C:\WINDOWS\system32\DMAppsRes.dll
2021-02-16 11:17:10 ----A---- C:\WINDOWS\system32\coredpus.dll
2021-02-16 11:17:10 ----A---- C:\WINDOWS\system32\configmanager2.dll
2021-02-16 11:17:09 ----A---- C:\WINDOWS\system32\wuuhext.dll
2021-02-16 11:17:09 ----A---- C:\WINDOWS\system32\DeviceEnroller.exe
2021-02-16 11:17:08 ----A---- C:\WINDOWS\system32\usermgr.dll
2021-02-16 11:17:08 ----A---- C:\WINDOWS\system32\msctf.dll
2021-02-16 11:17:07 ----A---- C:\WINDOWS\SYSWOW64\KernelBase.dll
2021-02-16 11:17:07 ----A---- C:\WINDOWS\system32\lpk.dll
2021-02-16 11:17:07 ----A---- C:\WINDOWS\system32\fontsub.dll
2021-02-16 11:17:07 ----A---- C:\WINDOWS\system32\fontdrvhost.exe
2021-02-16 11:17:07 ----A---- C:\WINDOWS\system32\dciman32.dll
2021-02-16 11:17:06 ----A---- C:\WINDOWS\system32\netlogon.dll
2021-02-16 11:17:05 ----A---- C:\WINDOWS\system32\drivers\FWPKCLNT.SYS
2021-02-16 11:17:03 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2021-02-16 11:17:02 ----A---- C:\WINDOWS\system32\drivers\NetAdapterCx.sys
2021-02-16 11:17:01 ----A---- C:\WINDOWS\system32\KernelBase.dll
2021-02-16 11:17:00 ----A---- C:\WINDOWS\system32\sechost.dll
2021-02-16 11:17:00 ----A---- C:\WINDOWS\system32\drivers\partmgr.sys
2021-02-16 11:16:57 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2021-02-16 11:16:56 ----A---- C:\WINDOWS\system32\ntdll.dll
2021-02-16 11:16:56 ----A---- C:\WINDOWS\system32\drivers\ntfs.sys
2021-02-16 11:16:56 ----A---- C:\WINDOWS\system32\drivers\Classpnp.sys
2021-02-16 11:16:55 ----A---- C:\WINDOWS\system32\WerFaultSecure.exe
2021-02-16 11:16:55 ----A---- C:\WINDOWS\system32\WerFault.exe
2021-02-16 11:16:55 ----A---- C:\WINDOWS\system32\WerEnc.dll
2021-02-16 11:16:55 ----A---- C:\WINDOWS\system32\Faultrep.dll
2021-02-16 11:16:55 ----A---- C:\WINDOWS\system32\dbgcore.dll
2021-02-16 11:16:54 ----A---- C:\WINDOWS\system32\utcutil.dll
2021-02-16 11:16:54 ----A---- C:\WINDOWS\system32\diagtrack.dll
2021-02-16 11:16:54 ----A---- C:\WINDOWS\system32\diagnosticdataquery.dll
2021-02-16 11:16:54 ----A---- C:\WINDOWS\system32\dbghelp.dll
2021-02-16 11:16:53 ----A---- C:\WINDOWS\system32\offlinelsa.dll
2021-02-16 11:16:09 ----A---- C:\WINDOWS\system32\lsasrv.dll
2021-02-16 11:16:09 ----A---- C:\WINDOWS\system32\drivers\ksecpkg.sys
2021-02-16 11:16:08 ----A---- C:\WINDOWS\system32\oleaut32.dll
2021-02-16 11:16:08 ----A---- C:\WINDOWS\system32\drivers\http.sys
2021-02-16 11:16:07 ----A---- C:\WINDOWS\system32\tzres.dll
2021-02-16 11:16:07 ----A---- C:\WINDOWS\system32\schannel.dll
2021-02-16 11:16:07 ----A---- C:\WINDOWS\system32\profsvc.dll
2021-02-16 11:16:07 ----A---- C:\WINDOWS\system32\msv1_0.dll
2021-02-16 11:16:06 ----A---- C:\WINDOWS\system32\crypt32.dll
2021-02-16 11:16:05 ----A---- C:\WINDOWS\system32\ucrtbase.dll
2021-02-16 11:16:05 ----A---- C:\WINDOWS\system32\rpcss.dll
2021-02-16 11:16:05 ----A---- C:\WINDOWS\system32\msvcp_win.dll
2021-02-16 11:16:04 ----A---- C:\WINDOWS\system32\SecurityHealthHost.exe
2021-02-16 11:16:04 ----A---- C:\WINDOWS\system32\SecurityHealthAgent.dll
2021-02-16 11:16:03 ----A---- C:\WINDOWS\system32\SecurityHealthService.exe
2021-02-16 11:16:03 ----A---- C:\WINDOWS\system32\SecurityHealthProxyStub.dll
2021-02-16 11:16:02 ----A---- C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2021-02-16 11:16:01 ----A---- C:\WINDOWS\system32\zipfldr.dll
2021-02-16 11:16:01 ----A---- C:\WINDOWS\system32\dwmcore.dll
2021-02-16 11:16:00 ----A---- C:\WINDOWS\system32\drivers\cldflt.sys
2021-02-16 11:16:00 ----A---- C:\WINDOWS\system32\autochk.exe
2021-02-16 11:15:59 ----A---- C:\WINDOWS\system32\drivers\refs.sys
2021-02-16 11:15:59 ----A---- C:\WINDOWS\system32\CaptureService.dll
2021-02-16 11:15:58 ----A---- C:\WINDOWS\system32\Utilman.exe
2021-02-16 11:15:58 ----A---- C:\WINDOWS\system32\Narrator.exe
2021-02-16 11:15:58 ----A---- C:\WINDOWS\system32\AtBroker.exe
2021-02-16 11:15:58 ----A---- C:\WINDOWS\system32\adsldpc.dll
2021-02-16 11:15:58 ----A---- C:\WINDOWS\system32\accessibilitycpl.dll
2021-02-16 11:15:57 ----A---- C:\WINDOWS\system32\Windows.SharedPC.AccountManager.dll
2021-02-16 11:15:57 ----A---- C:\WINDOWS\system32\DevicesFlowBroker.dll
2021-02-16 11:15:56 ----A---- C:\WINDOWS\system32\CustomInstallExec.exe
2021-02-16 11:15:56 ----A---- C:\WINDOWS\system32\ApplyTrustOffline.exe
2021-02-16 11:15:55 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2021-02-16 11:15:55 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2021-02-16 11:15:55 ----A---- C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2021-02-16 11:15:54 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2021-02-16 11:15:51 ----A---- C:\WINDOWS\system32\twinui.pcshell.dll
2021-02-16 11:15:51 ----A---- C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2021-02-16 11:15:50 ----A---- C:\WINDOWS\system32\wuuhosdeployment.dll
2021-02-16 11:15:50 ----A---- C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2021-02-16 11:15:50 ----A---- C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2021-02-16 11:15:49 ----A---- C:\WINDOWS\system32\wups2.dll
2021-02-16 11:15:49 ----A---- C:\WINDOWS\system32\wuaueng.dll
2021-02-16 11:15:49 ----A---- C:\WINDOWS\system32\wuauclt.exe
2021-02-16 11:15:49 ----A---- C:\WINDOWS\system32\UpdateDeploymentProvider.dll
2021-02-16 11:15:48 ----A---- C:\WINDOWS\system32\wups.dll
2021-02-16 11:15:48 ----A---- C:\WINDOWS\system32\wuapi.dll
2021-02-16 11:15:48 ----A---- C:\WINDOWS\system32\UpdateAgent.dll
2021-02-16 11:15:47 ----A---- C:\WINDOWS\system32\MusUpdateHandlers.dll
2021-02-16 11:15:47 ----A---- C:\WINDOWS\system32\MusNotifyIcon.exe
2021-02-16 11:15:47 ----A---- C:\WINDOWS\system32\musdialoghandlers.dll
2021-02-16 11:15:46 ----A---- C:\WINDOWS\system32\MusNotificationUx.exe
2021-02-16 11:15:46 ----A---- C:\WINDOWS\system32\MusNotification.exe
2021-02-16 11:15:46 ----A---- C:\WINDOWS\system32\MoUsoCoreWorker.exe
2021-02-16 11:15:45 ----A---- C:\WINDOWS\system32\Windows.Media.Speech.UXRes.dll
2021-02-16 11:15:45 ----A---- C:\WINDOWS\system32\usosvc.dll
2021-02-16 11:15:45 ----A---- C:\WINDOWS\system32\usocoreworker.exe
2021-02-16 11:15:43 ----A---- C:\WINDOWS\system32\Windows.Media.Speech.dll
2021-02-16 11:15:42 ----A---- C:\WINDOWS\system32\SettingsHandlers_SpeechPrivacy.dll
2021-02-16 11:15:42 ----A---- C:\WINDOWS\system32\SettingsHandlers_InkingTypingPrivacy.dll
2021-02-16 11:15:41 ----A---- C:\WINDOWS\system32\wevtsvc.dll
2021-02-16 11:15:41 ----A---- C:\WINDOWS\system32\untfs.dll
2021-02-16 11:15:40 ----A---- C:\WINDOWS\system32\mdmregistration.dll
2021-02-16 11:15:40 ----A---- C:\WINDOWS\system32\MdmDiagnosticsTool.exe
2021-02-16 11:15:40 ----A---- C:\WINDOWS\system32\drivers\ufx01000.sys
2021-02-16 11:15:39 ----A---- C:\WINDOWS\system32\ulib.dll
2021-02-16 11:15:39 ----A---- C:\WINDOWS\system32\drivers\condrv.sys
2021-02-16 11:15:38 ----A---- C:\WINDOWS\system32\ifsutil.dll
2021-02-16 11:15:38 ----A---- C:\WINDOWS\system32\drivers\bindflt.sys
2021-02-16 11:15:38 ----A---- C:\WINDOWS\system32\container.dll
2021-02-16 11:15:37 ----A---- C:\WINDOWS\system32\wcimage.dll
2021-02-16 11:15:37 ----A---- C:\WINDOWS\system32\containerdevicemanagement.dll
2021-02-16 11:15:36 ----A---- C:\WINDOWS\system32\daxexec.dll
2021-02-16 11:15:34 ----A---- C:\WINDOWS\system32\win32kfull.sys
2021-02-16 11:15:34 ----A---- C:\WINDOWS\system32\win32k.sys
2021-02-16 11:15:33 ----A---- C:\WINDOWS\system32\win32u.dll
2021-02-16 11:15:31 ----A---- C:\WINDOWS\system32\Windows.Devices.Lights.dll
2021-02-16 11:15:30 ----A---- C:\WINDOWS\system32\wpnprv.dll
2021-02-16 11:15:30 ----A---- C:\WINDOWS\system32\wpncore.dll
2021-02-16 11:15:29 ----A---- C:\WINDOWS\system32\FWPUCLNT.DLL
2021-02-16 11:15:29 ----A---- C:\WINDOWS\system32\drivers\wfplwfs.sys
2021-02-16 11:15:28 ----A---- C:\WINDOWS\system32\IKEEXT.DLL
2021-02-16 11:15:28 ----A---- C:\WINDOWS\system32\BFE.DLL
2021-02-16 11:15:27 ----A---- C:\WINDOWS\system32\kerberos.dll
2021-02-16 11:15:26 ----A---- C:\WINDOWS\system32\StateRepository.Core.dll
2021-02-16 11:15:26 ----A---- C:\WINDOWS\system32\KerbClientShared.dll
2021-02-16 11:15:25 ----A---- C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll
2021-02-16 11:15:25 ----A---- C:\WINDOWS\system32\Windows.StateRepositoryCore.dll
2021-02-16 11:15:24 ----A---- C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2021-02-16 11:15:24 ----A---- C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2021-02-16 11:15:23 ----A---- C:\WINDOWS\system32\Windows.StateRepositoryPS.dll
2021-02-16 11:15:22 ----A---- C:\WINDOWS\system32\Windows.StateRepository.dll
2021-02-16 11:15:21 ----A---- C:\WINDOWS\system32\wintrust.dll
2021-02-16 11:15:20 ----A---- C:\WINDOWS\system32\AppXDeploymentClient.dll
2021-02-16 11:15:18 ----A---- C:\WINDOWS\system32\windows.storage.dll
2021-02-16 11:15:17 ----A---- C:\WINDOWS\system32\esent.dll
2021-02-16 11:15:16 ----A---- C:\WINDOWS\system32\WWAHost.exe
2021-02-16 11:15:16 ----A---- C:\WINDOWS\system32\storewuauth.dll
2021-02-16 11:15:15 ----A---- C:\WINDOWS\system32\InstallService.dll
2021-02-16 11:15:14 ----A---- C:\WINDOWS\system32\ISM.dll
2021-02-16 11:15:12 ----A---- C:\WINDOWS\system32\tsf3gip.dll
2021-02-16 11:15:10 ----A---- C:\WINDOWS\system32\InputLocaleManager.dll
2021-02-16 11:15:09 ----A---- C:\WINDOWS\system32\TextInputFramework.dll
2021-02-16 11:15:07 ----A---- C:\WINDOWS\system32\WordBreakers.dll
2021-02-16 11:15:07 ----A---- C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2021-02-16 11:15:07 ----A---- C:\WINDOWS\system32\EditBufferTestHook.dll
2021-02-16 11:15:06 ----A---- C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2021-02-16 11:15:06 ----A---- C:\WINDOWS\system32\InputService.dll
2021-02-16 11:15:03 ----A---- C:\WINDOWS\system32\tquery.dll
2021-02-16 11:15:02 ----A---- C:\WINDOWS\system32\mssrch.dll
2021-02-16 11:13:14 ----A---- C:\WINDOWS\system32\mssvp.dll
2021-02-16 11:13:14 ----A---- C:\WINDOWS\system32\mssprxy.dll
2021-02-16 11:13:13 ----A---- C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2021-02-16 11:13:12 ----A---- C:\WINDOWS\system32\mssph.dll
2021-02-16 11:13:10 ----A---- C:\WINDOWS\system32\SearchIndexer.exe
2021-02-16 11:13:09 ----A---- C:\WINDOWS\system32\SearchFilterHost.exe
2021-02-16 11:13:04 ----A---- C:\WINDOWS\system32\SearchProtocolHost.exe
2021-02-16 11:13:02 ----A---- C:\WINDOWS\system32\mssitlb.dll
2021-02-16 11:13:02 ----A---- C:\WINDOWS\system32\msscntrs.dll
2021-02-16 11:13:01 ----A---- C:\WINDOWS\system32\FntCache.dll
2021-02-16 11:13:00 ----A---- C:\WINDOWS\system32\EdgeContent.dll
2021-02-16 11:13:00 ----A---- C:\WINDOWS\system32\DWrite.dll
2021-02-16 11:12:59 ----A---- C:\WINDOWS\system32\drivers\dxgmms2.sys
2021-02-16 11:12:59 ----A---- C:\WINDOWS\system32\bisrv.dll
2021-02-16 11:12:58 ----A---- C:\WINDOWS\system32\drivers\dxgmms1.sys
2021-02-16 11:12:57 ----A---- C:\WINDOWS\system32\cdd.dll
2021-02-16 11:12:56 ----A---- C:\WINDOWS\system32\drivers\dxgkrnl.sys
2021-02-16 11:12:55 ----A---- C:\WINDOWS\system32\D3D12Core.dll
2021-02-16 11:12:55 ----A---- C:\WINDOWS\system32\D3D12.dll
2021-02-16 11:12:54 ----A---- C:\WINDOWS\system32\oemlicense.dll
2021-02-16 11:12:54 ----A---- C:\WINDOWS\system32\licensingdiag.exe
2021-02-16 11:12:54 ----A---- C:\WINDOWS\system32\clipwinrt.dll
2021-02-16 11:12:54 ----A---- C:\WINDOWS\system32\Clipc.dll
2021-02-16 11:12:53 ----A---- C:\WINDOWS\system32\ClipSVC.dll
2021-02-16 11:12:51 ----A---- C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2021-02-16 11:12:51 ----A---- C:\WINDOWS\system32\DiagnosticInvoker.dll
2021-02-16 11:12:50 ----A---- C:\WINDOWS\system32\appinfo.dll
2021-02-16 11:12:49 ----A---- C:\WINDOWS\system32\ActivationManager.dll
2021-02-16 11:12:48 ----A---- C:\WINDOWS\system32\UIAutomationCore.dll
2021-02-16 11:12:48 ----A---- C:\WINDOWS\system32\TokenBroker.dll
2021-02-16 11:12:47 ----A---- C:\WINDOWS\system32\Windows.System.Launcher.dll
2021-02-16 11:12:47 ----A---- C:\WINDOWS\system32\GameInput.dll
2021-02-16 11:12:47 ----A---- C:\WINDOWS\system32\cloudAP.dll
2021-02-16 11:12:46 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.Phone.dll
2021-02-16 11:12:46 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.Maps.dll
2021-02-16 11:12:45 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.InkControls.dll
2021-02-16 11:12:44 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.Controls.dll
2021-02-16 11:12:44 ----A---- C:\WINDOWS\system32\twinui.appcore.dll
2021-02-16 11:12:43 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.Resources.Common.dll
2021-02-16 11:12:43 ----A---- C:\WINDOWS\system32\msftedit.dll
2021-02-16 11:12:41 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll
2021-02-16 11:12:40 ----A---- C:\WINDOWS\system32\Windows.Data.Pdf.dll
2021-02-16 11:12:39 ----A---- C:\WINDOWS\system32\cdpusersvc.dll
2021-02-16 11:12:39 ----A---- C:\WINDOWS\system32\cdpsvc.dll
2021-02-16 11:12:38 ----A---- C:\WINDOWS\system32\ShareHost.dll
2021-02-16 11:12:38 ----A---- C:\WINDOWS\system32\cdprt.dll
2021-02-16 11:12:37 ----A---- C:\WINDOWS\system32\kernel32.dll
2021-02-16 11:12:36 ----A---- C:\WINDOWS\system32\StartTileData.dll
2021-02-16 11:12:36 ----A---- C:\WINDOWS\system32\drivers\WdiWiFi.sys
2021-02-16 11:12:36 ----A---- C:\WINDOWS\system32\CredentialEnrollmentManager.exe
2021-02-16 11:12:35 ----A---- C:\WINDOWS\system32\WiredNetworkCSP.dll
2021-02-16 11:12:35 ----A---- C:\WINDOWS\system32\drivers\nwifi.sys
2021-02-16 11:12:35 ----A---- C:\WINDOWS\system32\dot3msm.dll
2021-02-16 11:12:34 ----A---- C:\WINDOWS\system32\PCPKsp.dll
2021-02-16 11:12:34 ----A---- C:\WINDOWS\system32\dot3svc.dll
2021-02-16 11:12:34 ----A---- C:\WINDOWS\system32\dot3api.dll
2021-02-16 11:12:33 ----A---- C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2021-02-16 11:12:33 ----A---- C:\WINDOWS\system32\SettingsHandlers_InputPersonalization.dll
2021-02-16 11:12:32 ----A---- C:\WINDOWS\system32\localspl.dll
2021-02-16 11:12:32 ----A---- C:\WINDOWS\system32\FaxPrinterInstaller.dll
2021-02-16 11:12:30 ----A---- C:\WINDOWS\system32\WpcMon.exe
2021-02-16 11:12:30 ----A---- C:\WINDOWS\system32\WpcDesktopMonSvc.dll
2021-02-16 11:12:29 ----A---- C:\WINDOWS\system32\MDMAgent.exe
2021-02-16 11:12:29 ----A---- C:\WINDOWS\system32\drivers\storport.sys
2021-02-16 11:12:29 ----A---- C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2021-02-16 11:12:29 ----A---- C:\WINDOWS\system32\AudioSrvPolicyManager.dll
2021-02-16 11:12:28 ----A---- C:\WINDOWS\system32\AudioSes.dll
2021-02-16 11:12:28 ----A---- C:\WINDOWS\system32\audioresourceregistrar.dll
2021-02-16 11:12:28 ----A---- C:\WINDOWS\system32\AUDIOKSE.dll
2021-02-16 11:12:28 ----A---- C:\WINDOWS\system32\audiodg.exe
2021-02-16 11:12:27 ----A---- C:\WINDOWS\system32\SpatialAudioLicenseSrv.exe
2021-02-16 11:12:27 ----A---- C:\WINDOWS\system32\audiosrv.dll
2021-02-16 11:12:27 ----A---- C:\WINDOWS\system32\AudioEng.dll
2021-02-16 11:12:27 ----A---- C:\WINDOWS\system32\AudioEndpointBuilder.dll
2021-02-16 11:12:26 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.ConversationalAgent.dll
2021-02-16 11:12:26 ----A---- C:\WINDOWS\system32\vac.dll
2021-02-16 11:12:26 ----A---- C:\WINDOWS\system32\remoteaudioendpoint.dll
2021-02-16 11:12:26 ----A---- C:\WINDOWS\system32\MMDevAPI.dll
2021-02-16 11:12:26 ----A---- C:\WINDOWS\system32\agentactivationruntimewindows.dll
2021-02-16 11:12:26 ----A---- C:\WINDOWS\system32\agentactivationruntime.dll
2021-02-16 11:12:26 ----A---- C:\WINDOWS\system32\AarSvc.dll
2021-02-16 11:12:24 ----A---- C:\WINDOWS\system32\XblAuthManager.dll
2021-02-16 11:12:23 ----A---- C:\WINDOWS\system32\xboxgipsvc.dll
2021-02-16 11:12:23 ----A---- C:\WINDOWS\system32\XblGameSave.dll
2021-02-16 11:12:23 ----A---- C:\WINDOWS\system32\umpo.dll
2021-02-16 11:12:23 ----A---- C:\WINDOWS\system32\TaskFlowDataEngine.dll
2021-02-16 11:12:22 ----A---- C:\WINDOWS\system32\iscsilog.dll
2021-02-16 11:12:22 ----A---- C:\WINDOWS\system32\drivers\storufs.sys
2021-02-16 11:12:22 ----A---- C:\WINDOWS\system32\drivers\stornvme.sys
2021-02-16 11:12:22 ----A---- C:\WINDOWS\system32\drivers\sdbus.sys
2021-02-16 11:12:22 ----A---- C:\WINDOWS\system32\drivers\msiscsi.sys
2021-02-16 11:12:22 ----A---- C:\WINDOWS\system32\drivers\dumpsd.sys
2021-02-16 11:12:21 ----A---- C:\WINDOWS\system32\drivers\USBAUDIO.sys
2021-02-16 11:12:21 ----A---- C:\WINDOWS\system32\drivers\disk.sys
2021-02-12 00:00:51 ----D---- C:\FRST

======List of files/folders modified in the last 1 month======

2021-03-10 13:29:49 ----D---- C:\Program Files\trend micro
2021-03-10 13:29:47 ----D---- C:\WINDOWS\Temp
2021-03-10 13:26:18 ----D---- C:\WINDOWS\system32\SleepStudy
2021-03-10 13:26:12 ----D---- C:\WINDOWS\system32\catroot2
2021-03-10 13:14:38 ----RD---- C:\WINDOWS\Microsoft.NET
2021-03-10 13:09:02 ----D---- C:\WINDOWS\system32\config
2021-03-10 13:06:31 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2021-03-10 12:57:36 ----D---- C:\WINDOWS\Prefetch
2021-03-10 12:57:23 ----HD---- C:\Program Files\WindowsApps
2021-03-10 12:42:42 ----D---- C:\WINDOWS\system32\sru
2021-03-10 12:31:47 ----SHD---- C:\WINDOWS\Installer
2021-03-10 12:31:38 ----D---- C:\WINDOWS\System32
2021-03-10 12:31:37 ----D---- C:\WINDOWS\SysWOW64
2021-03-10 12:31:37 ----D---- C:\Program Files (x86)\Microsoft Office
2021-03-10 12:25:58 ----D---- C:\WINDOWS\INF
2021-03-10 12:24:11 ----D---- C:\WINDOWS\AppReadiness
2021-03-10 12:11:14 ----SHD---- C:\System Volume Information
2021-03-10 11:54:37 ----DC---- C:\WINDOWS\Panther
2021-03-10 11:54:36 ----D---- C:\WINDOWS\debug
2021-03-10 11:54:36 ----D---- C:\Windows
2021-03-10 11:48:10 ----D---- C:\Program Files\CCleaner
2021-03-10 11:46:21 ----D---- C:\WINDOWS\system32\Tasks
2021-03-10 11:45:40 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2021-02-24 13:38:16 ----D---- C:\WINDOWS\system32\Logs
2021-02-24 13:38:15 ----D---- C:\Program Files\Microsoft Update Health Tools
2021-02-18 21:24:29 ----D---- C:\ProgramData\AVAST Software
2021-02-18 21:13:44 ----D---- C:\WINDOWS\WinSxS
2021-02-18 21:11:29 ----D---- C:\WINDOWS\system32\DriverStore
2021-02-18 21:09:10 ----D---- C:\WINDOWS\ServiceState
2021-02-18 21:09:08 ----ASH---- C:\DumpStack.log.tmp
2021-02-18 21:09:04 ----D---- C:\WINDOWS\LiveKernelReports
2021-02-18 21:06:12 ----D---- C:\WINDOWS\SYSWOW64\migration
2021-02-18 21:06:12 ----D---- C:\WINDOWS\SYSWOW64\Keywords
2021-02-18 21:06:11 ----D---- C:\WINDOWS\SYSWOW64\en-US
2021-02-18 21:06:11 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2021-02-18 21:06:06 ----D---- C:\WINDOWS\SystemResources
2021-02-18 21:06:05 ----D---- C:\WINDOWS\system32\zh-TW
2021-02-18 21:06:05 ----D---- C:\WINDOWS\system32\zh-CN
2021-02-18 21:06:05 ----D---- C:\WINDOWS\system32\th-TH
2021-02-18 21:06:05 ----D---- C:\WINDOWS\system32\sv-SE
2021-02-18 21:06:05 ----D---- C:\WINDOWS\system32\ru-RU
2021-02-18 21:06:04 ----D---- C:\WINDOWS\system32\ro-RO
2021-02-18 21:06:04 ----D---- C:\WINDOWS\system32\pt-PT
2021-02-18 21:06:04 ----D---- C:\WINDOWS\system32\pt-BR
2021-02-18 21:06:04 ----D---- C:\WINDOWS\system32\pl-PL
2021-02-18 21:06:04 ----D---- C:\WINDOWS\system32\oobe
2021-02-18 21:06:04 ----D---- C:\WINDOWS\system32\nl-NL
2021-02-18 21:06:04 ----D---- C:\WINDOWS\system32\nb-NO
2021-02-18 21:06:04 ----D---- C:\WINDOWS\system32\migration
2021-02-18 21:06:04 ----D---- C:\WINDOWS\system32\ko-KR
2021-02-18 21:06:04 ----D---- C:\WINDOWS\system32\Keywords
2021-02-18 21:06:03 ----D---- C:\WINDOWS\system32\ja-jp
2021-02-18 21:06:03 ----D---- C:\WINDOWS\system32\it-IT
2021-02-18 21:06:03 ----D---- C:\WINDOWS\system32\fr-FR
2021-02-18 21:06:03 ----D---- C:\WINDOWS\system32\fr-CA
2021-02-18 21:06:03 ----D---- C:\WINDOWS\system32\fi-FI
2021-02-18 21:06:03 ----D---- C:\WINDOWS\system32\es-MX
2021-02-18 21:06:03 ----D---- C:\WINDOWS\system32\es-ES
2021-02-18 21:06:03 ----D---- C:\WINDOWS\system32\en-US
2021-02-18 21:06:03 ----D---- C:\WINDOWS\system32\en-GB
2021-02-18 21:06:03 ----D---- C:\WINDOWS\system32\el-GR
2021-02-18 21:06:02 ----D---- C:\WINDOWS\system32\drivers\en-US
2021-02-18 21:06:02 ----D---- C:\WINDOWS\system32\drivers\cs-CZ
2021-02-18 21:06:02 ----D---- C:\WINDOWS\system32\drivers
2021-02-18 21:06:02 ----D---- C:\WINDOWS\system32\de-DE
2021-02-18 21:06:02 ----D---- C:\WINDOWS\system32\da-DK
2021-02-18 21:06:02 ----D---- C:\WINDOWS\system32\cs-CZ
2021-02-18 21:06:02 ----D---- C:\WINDOWS\system32\ar-SA
2021-02-18 21:05:52 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2021-02-18 21:05:52 ----D---- C:\WINDOWS\servicing
2021-02-18 21:05:52 ----D---- C:\WINDOWS\PolicyDefinitions
2021-02-18 21:05:51 ----D---- C:\WINDOWS\bcastdvr
2021-02-18 21:05:51 ----D---- C:\Program Files\Windows Mail
2021-02-18 21:05:51 ----D---- C:\Program Files\Common Files\System
2021-02-18 21:05:51 ----D---- C:\Program Files (x86)\Windows Mail
2021-02-16 11:43:03 ----D---- C:\WINDOWS\CbsTemp
2021-02-16 10:23:26 ----D---- C:\WINDOWS\system32\MRT
2021-02-16 09:45:45 ----AC---- C:\WINDOWS\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswArDisk;aswArDisk; C:\WINDOWS\system32\drivers\aswArDisk.sys [2021-01-02 36792]
R0 aswbidsh;aswbidsh; C:\WINDOWS\system32\drivers\aswbidsh.sys [2021-01-02 247888]
R0 aswbuniv;aswbuniv; C:\WINDOWS\system32\drivers\aswbuniv.sys [2021-01-02 97360]
R0 aswElam;aswElam; C:\WINDOWS\system32\drivers\aswElam.sys [2021-01-02 16832]
R0 aswRvrt;aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [2021-01-02 84496]
R0 aswVmm;aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [2021-01-07 324904]
R0 BTATH_BUS;@oem29.inf,%BTATH_BUS.SVCDESC%;Qualcomm Atheros Bluetooth Bus; C:\WINDOWS\System32\drivers\btath_bus.sys [2014-02-25 35016]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\WINDOWS\system32\drivers\iorate.sys [2019-12-07 57360]
R1 afunix;afunix; C:\WINDOWS\system32\drivers\afunix.sys [2021-01-02 41984]
R1 aswArPot;aswArPot; C:\WINDOWS\system32\drivers\aswArPot.sys [2021-01-02 208672]
R1 aswbidsdriver;aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdriver.sys [2021-01-02 332880]
R1 aswKbd;aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [2021-01-02 42424]
R1 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2021-01-02 176384]
R1 aswNetHub;aswNetHub; C:\WINDOWS\system32\drivers\aswNetHub.sys [2021-01-02 522480]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [2021-01-02 108928]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2021-01-02 851256]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2021-01-08 468888]
R1 bam;@%SystemRoot%\system32\drivers\bam.sys,-100; C:\WINDOWS\system32\drivers\bam.sys [2019-12-07 78136]
R1 CimFS;CimFS; C:\WINDOWS\system32\drivers\CimFS.sys [2019-12-07 91136]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2019-12-07 59392]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2019-12-07 8704]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [2017-11-27 27552]
R2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [2021-01-07 214808]
R2 bindflt;@%systemroot%\system32\drivers\bindflt.sys,-100; C:\WINDOWS\system32\drivers\bindflt.sys [2021-02-16 149312]
R2 CldFlt;Windows Cloud Files Filter Driver; C:\WINDOWS\system32\drivers\cldflt.sys [2021-02-16 495104]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2021-01-02 53248]
R3 athr;@oem143.inf,%ATHR.Service.DispName%;Dell Extensible Wireless LAN device driver; C:\WINDOWS\System32\drivers\athwbx.sys [2017-11-27 4309896]
R3 BtFilter;BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys [2016-07-13 610336]
R3 BthA2dp;@microsoft_bluetooth_a2dp.inf,%BthA2dp.ServiceDescription%;Microsoft Bluetooth A2dp driver; C:\WINDOWS\System32\drivers\BthA2dp.sys [2021-01-02 279040]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\WINDOWS\System32\drivers\BthEnum.sys [2021-01-16 113664]
R3 BthHFAud;@microsoft_bluetooth_hfp.inf,%BTHHFAUD_DISPLAY_NAME%;Microsoft Bluetooth Hands-Free Audio driver; C:\WINDOWS\System32\drivers\BthHfAud.sys [2019-12-07 65536]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [2021-01-02 106496]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2019-12-07 133632]
R3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\drivers\BTHport.sys [2021-01-16 1559040]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\drivers\BTHUSB.sys [2021-01-16 110592]
R3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\WINDOWS\System32\drivers\CAD.sys [2019-12-07 66576]
R3 DellRbtn;@oem35.inf,%DellRbtn%;Airplane Mode Switch; C:\WINDOWS\System32\drivers\DellRbtn.sys [2013-01-25 10752]
R3 dtlitescsibus;@oem153.inf,%DisplayName%;DAEMON Tools Lite Virtual SCSI Bus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [2020-04-02 42256]
R3 dtliteusbbus;@oem9.inf,%DisplayName%;DAEMON Tools Lite Virtual USB Bus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [2020-04-02 59360]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2016-05-03 3811288]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2019-11-18 6486608]
R3 IntcDAud;@oem190.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\System32\drivers\IntcDAud.sys [2015-08-21 463112]
R3 iwdbus;@oem134.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys [2015-12-01 38896]
R3 Microsoft_Bluetooth_AvrcpTransport;@microsoft_bluetooth_avrcptransport.inf,%Microsoft_Bluetooth_AvrcpTransport.ServiceDescription%;Microsoft Bluetooth Avrcp Transport Driver; C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.AvrcpTransport.sys [2019-12-07 65024]
R3 MsQuic;@%SystemRoot%\system32\drivers\msquic.sys,-1; C:\WINDOWS\system32\drivers\msquic.sys [2021-01-02 322376]
R3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2019-12-07 213504]
S0 bttflt;@virtdisk.inf,%service_desc%;Microsoft Hyper-V VHDPMEM BTT Filter; C:\WINDOWS\System32\drivers\bttflt.sys [2019-12-07 43832]
S0 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2019-12-07 319800]
S0 iaStorAVC;@iastorav.inf,%iaStorAVC.DeviceDesc%;Intel Chipset SATA RAID Controller; C:\WINDOWS\System32\drivers\iaStorAVC.sys [2019-12-07 884752]
S0 ItSas35i;ItSas35i; C:\WINDOWS\System32\drivers\ItSas35i.sys [2019-12-07 172344]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2019-12-07 124216]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2019-12-07 135992]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2019-12-07 81720]
S0 megasas35i;megasas35i; C:\WINDOWS\System32\drivers\megasas35i.sys [2019-12-07 105480]
S0 nvdimm;@nvdimm.inf,%nvdimm.SvcDesc%;Microsoft NVDIMM device driver; C:\WINDOWS\System32\drivers\nvdimm.sys [2019-12-07 168464]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2019-12-07 58680]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2019-12-07 68408]
S0 pmem;@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver; C:\WINDOWS\System32\drivers\pmem.sys [2019-12-07 138040]
S0 Ramdisk;Windows RAM Disk Driver; C:\WINDOWS\system32\DRIVERS\ramdisk.sys [2019-12-07 42296]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2019-12-07 158736]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2019-12-07 23040]
S3 Acx01000;@%SystemRoot%\system32\drivers\Acx01000.sys,-1000; C:\WINDOWS\system32\drivers\Acx01000.sys [2019-12-07 415232]
S3 amdgpio2;@amdgpio2.inf,%GPIO.SvcDesc%;AMD GPIO Client Driver; C:\WINDOWS\System32\drivers\amdgpio2.sys [2019-12-07 18432]
S3 amdi2c;@amdi2c.inf,%amdi2c.SVCDESC%;AMD I2C Controller Service; C:\WINDOWS\System32\drivers\amdi2c.sys [2019-12-07 45568]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2021-01-02 18432]
S3 BthMini;@bth.inf,%BTHMINI.SvcDesc%;Bluetooth Radio Driver; C:\WINDOWS\System32\drivers\BTHMINI.sys [2021-01-16 45568]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2019-12-07 44032]
S3 dtproscsibus;DAEMON Tools Pro Virtual SCSI Bus; C:\WINDOWS\System32\drivers\dtproscsibus.sys [2020-03-24 30264]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\DriverStore\FileRepository\genericusbfn.inf_amd64_53931f0ae21d6d2c\genericusbfn.sys [2019-12-07 23040]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2019-12-07 55824]
S3 hidspi;@hidspi_km.inf,%hidspi.SVCDESC%;Microsoft SPI HID Miniport Driver; C:\WINDOWS\System32\drivers\hidspi.sys [2019-12-07 66560]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2021-01-02 95048]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver; C:\WINDOWS\System32\Drivers\mshwnclx.sys [2019-12-07 30208]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2019-12-07 1853752]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2019-12-07 36352]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2019-12-07 91136]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2019-12-07 79360]
S3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2019-12-07 93184]
S3 iaLPSS2i_GPIO2_CNL;@iaLPSS2i_GPIO2_CNL.inf,%iaLPSS2i_GPIO2_CNL.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_CNL.sys [2019-12-07 112128]
S3 iaLPSS2i_GPIO2_GLK;@iaLPSS2i_GPIO2_GLK.inf,%iaLPSS2i_GPIO2_GLK.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_GLK.sys [2019-12-07 96256]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2019-12-07 171520]
S3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2019-12-07 175104]
S3 iaLPSS2i_I2C_CNL;@iaLPSS2i_I2C_CNL.inf,%iaLPSS2i_I2C_CNL.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_CNL.sys [2019-12-07 177152]
S3 iaLPSS2i_I2C_GLK;@iaLPSS2i_I2C_GLK.inf,%iaLPSS2i_I2C_GLK.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_GLK.sys [2019-12-07 177664]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2019-12-07 558904]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2021-01-02 47104]
S3 intelpmax;@intelpmax.inf,%SvcDesc%;Intel(R) Dynamic Device Peak Power Manager Driver; C:\WINDOWS\System32\drivers\intelpmax.sys [2019-12-07 30720]
S3 IPT;IPT; C:\WINDOWS\System32\drivers\ipt.sys [2019-12-07 59704]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\WINDOWS\System32\drivers\mausbhost.sys [2019-12-07 537608]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\WINDOWS\System32\drivers\mausbip.sys [2019-12-07 64016]
S3 MbbCx;MBB Network Adapter Class Extension; C:\WINDOWS\system32\drivers\MbbCx.sys [2021-01-02 386048]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2019-12-07 1131320]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2019-12-07 146232]
S3 NDKPing;NDKPing Driver; C:\WINDOWS\system32\drivers\NDKPing.sys [2019-12-07 72720]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2021-02-16 207360]
S3 PktMon;Packet Monitor Driver; C:\WINDOWS\system32\drivers\PktMon.sys [2021-01-02 104760]
S3 PNPMEM;@memory.inf,%PNPMEM.SvcDesc%;Microsoft Memory Module Driver; C:\WINDOWS\System32\drivers\pnpmem.sys [2019-12-07 17408]
S3 portcfg;portcfg; C:\WINDOWS\System32\drivers\portcfg.sys [2019-12-07 27136]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2019-12-07 990008]
S3 rhproxy;@rhproxy.inf,%rhproxy.SVCDESC%;Resource Hub proxy driver; C:\WINDOWS\System32\drivers\rhproxy.sys [2019-12-07 115712]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\WINDOWS\System32\Drivers\RtsUStor.sys [2014-02-27 272088]
S3 RTSUER;@oem54.inf,%RtsUER%;Realtek USB Card Reader - UER; C:\WINDOWS\system32\Drivers\RtsUer.sys [2019-11-18 424384]
S3 SDFRd;@SDFRd.inf,%SDFRd.ServiceDesc%;SDF Reflector; C:\WINDOWS\System32\drivers\SDFRd.sys [2019-12-07 35128]
S4 hvcrash;hvcrash; C:\WINDOWS\System32\drivers\hvcrash.sys [2019-12-07 35128]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2021-01-25 169672]
R2 AERTFilters;Andrea RT Filters Service; C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2017-11-27 106944]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2021-01-02 621728]
R2 avast! Tools;Avast Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [2021-01-02 351848]
R2 AvastWscReporter;AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [2021-01-02 58048]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2021-01-02 57360]
R2 CDPUserSvc_11acfb;Uživatelská služba platformy připojených zařízení_11acfb; C:\WINDOWS\system32\svchost.exe [2021-01-02 57360]
R2 ClickToRunSvc;Služba Microsoft Office Klikni a spusť; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2021-02-22 8988552]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2021-01-02 57360]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2021-01-02 57360]
R2 DispBrokerDesktopSvc;@%SystemRoot%\system32\dispbroker.desktop.dll,-101; C:\WINDOWS\system32\svchost.exe [2021-01-02 57360]
R2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2021-01-02 57360]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; C:\WINDOWS\System32\svchost.exe [2021-01-02 57360]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\system32\igfxCUIService.exe [2016-05-03 337888]
R2 McAfee WebAdvisor;McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [2021-02-11 959752]
R2 OneSyncSvc_11acfb;Hostitel synchronizace_11acfb; C:\WINDOWS\system32\svchost.exe [2021-01-02 57360]
R2 RtkAudioService;Realtek Audio Service; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2019-11-18 268368]
R3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [2021-01-02 8477080]
R3 BluetoothUserService_11acfb;Služba pro podporu uživatelů Bluetooth_11acfb; C:\WINDOWS\system32\svchost.exe [2021-01-02 57360]
R3 BTAGService;@%SystemRoot%\system32\BTAGService.dll,-101; C:\WINDOWS\system32\svchost.exe [2021-01-02 57360]
R3 BthAvctpSvc;@%SystemRoot%\system32\BthAvctpSvc.dll,-101; C:\WINDOWS\system32\svchost.exe [2021-01-02 57360]
R3 camsvc;@%SystemRoot%\system32\CapabilityAccessManager.dll,-1; C:\WINDOWS\system32\svchost.exe [2021-01-02 57360]
R3 cbdhsvc_11acfb;Uživatelská služba schránky_11acfb; C:\WINDOWS\system32\svchost.exe [2021-01-02 57360]
R3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2021-01-02 57360]
R3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [2020-04-02 4507328]
R3 DisplayEnhancementService;@%SystemRoot%\System32\Microsoft.Graphics.Display.DisplayEnhancementService.dll,-1000; C:\WINDOWS\system32\svchost.exe [2021-01-02 57360]
R3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2021-01-02 57360]
R3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2021-01-02 57360]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2019-11-08 46184]
R3 InstallService;@%SystemRoot%\system32\InstallService.dll,-200; C:\WINDOWS\System32\svchost.exe [2021-01-02 57360]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2021-01-02 57360]
R3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2021-01-02 57360]
R3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2021-01-02 57360]
R3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2021-01-02 57360]
R3 PimIndexMaintenanceSvc_11acfb;Data kontaktů_11acfb; C:\WINDOWS\system32\svchost.exe [2021-01-02 57360]
R3 PrintWorkflowUserSvc_11acfb;PrintWorkflow_11acfb; C:\WINDOWS\system32\svchost.exe [2021-01-02 57360]
R3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\WINDOWS\System32\svchost.exe [2021-01-02 57360]
R3 SecurityHealthService;@%systemroot%\system32\SecurityHealthAgent.dll,-1002; C:\WINDOWS\system32\SecurityHealthService.exe [2021-02-16 988056]
R3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2021-01-02 57360]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2021-01-02 57360]
S2 edgeupdate;Služba Microsoft Edge Update (edgeupdate); C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [2020-08-09 224160]
S2 gupdate;Služba Aktualizace Google (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-11-19 153168]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2021-01-02 57360]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2021-01-02 57360]
S3 AarSvc;@%SystemRoot%\system32\AarSvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2021-01-02 57360]
S3 AarSvc_11acfb;Agent Activation Runtime_11acfb; C:\WINDOWS\system32\svchost.exe [2021-01-02 57360]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2020-06-09 335416]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2021-01-02 57360]
S3 autotimesvc;@%SystemRoot%\System32\autotimesvc.dll,-6; C:\WINDOWS\system32\svchost.exe [2021-01-02 57360]
S3 BcastDVRUserService;@%SystemRoot%\system32\BcastDVRUserService.dll,-100; C:\WINDOWS\system32\svchost.exe [2021-01-02 57360]
S3 BcastDVRUserService_11acfb;Uživatelská služba pro GameDVR a vysílání her_11acfb; C:\WINDOWS\system32\svchost.exe [2021-01-02 57360]
S3 BluetoothUserService;@%SystemRoot%\system32\Microsoft.Bluetooth.UserService.dll,-101; C:\WINDOWS\system32\svchost.exe [2021-01-02 57360]
S3 CaptureService;@%SystemRoot%\system32\CaptureService.dll,-100; C:\WINDOWS\system32\svchost.exe [2021-01-02 57360]
S3 CaptureService_11acfb;CaptureService_11acfb; C:\WINDOWS\system32\svchost.exe [2021-01-02 57360]
S3 cbdhsvc;@%SystemRoot%\system32\cbdhsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2021-01-02 57360]
S3 ConsentUxUserSvc;@%SystemRoot%\system32\ConsentUxClient.dll,-100; C:\WINDOWS\system32\svchost.exe [2021-01-02 57360]
S3 ConsentUxUserSvc_11acfb;ConsentUX_11acfb; C:\WINDOWS\system32\svchost.exe [2021-01-02 57360]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2016-05-03 299488]
S3 CredentialEnrollmentManagerUserSvc;@%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100; C:\WINDOWS\system32\CredentialEnrollmentManager.exe [2021-02-16 386816]
S3 CredentialEnrollmentManagerUserSvc_11acfb;CredentialEnrollmentManagerUserSvc_11acfb; C:\WINDOWS\system32\CredentialEnrollmentManager.exe [2021-02-16 386816]
S3 DeviceAssociationBrokerSvc;@%SystemRoot%\system32\deviceaccess.dll,-107; C:\WINDOWS\system32\svchost.exe [2021-01-02 57360]
S3 DeviceAssociationBrokerSvc_11acfb;DeviceAssociationBroker_11acfb; C:\WINDOWS\system32\svchost.exe [2021-01-02 57360]
S3 DevicePickerUserSvc;@%SystemRoot%\system32\Windows.Devices.Picker.dll,-1006; C:\WINDOWS\system32\svchost.exe [2021-01-02 57360]
S3 DevicePickerUserSvc_11acfb;DevicePicker_11acfb; C:\WINDOWS\system32\svchost.exe [2021-01-02 57360]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; C:\WINDOWS\system32\svchost.exe [2021-01-02 57360]
S3 DevicesFlowUserSvc_11acfb;Tok zařízení_11acfb; C:\WINDOWS\system32\svchost.exe [2021-01-02 57360]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2021-01-02 57360]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2021-01-16 94208]
S3 diagsvc;@%systemroot%\system32\DiagSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2021-01-02 57360]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2021-01-02 57360]
S3 edgeupdatem;Služba Microsoft Edge Update (edgeupdatem); C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [2020-08-09 224160]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\WINDOWS\System32\svchost.exe [2021-01-02 57360]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2021-01-02 57360]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2021-01-02 57360]
S3 GoogleChromeElevationService;Google Chrome Elevation Service; C:\Program Files (x86)\Google\Chrome\Application\88.0.4324.190\elevation_service.exe [2021-02-18 1434216]
S3 GraphicsPerfSvc;@%SystemRoot%\system32\GraphicsPerfSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2021-01-02 57360]
S3 gupdatem;Služba Aktualizace Google (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-11-19 153168]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2021-01-02 57360]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-04-24 169752]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2021-01-02 57360]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; C:\WINDOWS\System32\svchost.exe [2021-01-02 57360]
S3 LxpSvc;@%SystemRoot%\system32\LanguageOverlayServer.dll,-100; C:\WINDOWS\system32\svchost.exe [2021-01-02 57360]
S3 MBAMService;Malwarebytes Service; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [2017-08-21 6058960]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2021-01-02 57360]
S3 MessagingService_11acfb;Služba zasílání zpráv_11acfb; C:\WINDOWS\system32\svchost.exe [2021-01-02 57360]
S3 MicrosoftEdgeElevationService;Microsoft Edge Elevation Service; C:\Program Files (x86)\Microsoft\Edge\Application\89.0.774.45\elevation_service.exe [2021-03-03 1559936]
S3 MixedRealityOpenXRSvc;@%SystemRoot%\system32\MixedRealityRuntime.dll,-101; C:\WINDOWS\system32\svchost.exe [2021-01-02 57360]
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; C:\WINDOWS\system32\svchost.exe [2021-01-02 57360]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2021-01-02 57360]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2002-02-01 214832]
S3 perceptionsimulation;@%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101; C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe [2021-01-16 106496]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2021-01-02 57360]
S3 PrintWorkflowUserSvc;@%SystemRoot%\system32\PrintWorkflowService.dll,-100; C:\WINDOWS\system32\svchost.exe [2021-01-02 57360]
S3 PushToInstall;@%SystemRoot%\system32\pushtoinstall.dll,-200; C:\WINDOWS\System32\svchost.exe [2021-01-02 57360]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2021-01-02 57360]
S3 SEMgrSvc;@%SystemRoot%\System32\SEMgrSvc.dll,-1001; C:\WINDOWS\system32\svchost.exe [2021-01-02 57360]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2021-01-16 1265152]

-----------------EOF-----------------
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119356
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Yahoo jako domovská stránka, pomalý počítač, procesy na pozadí

#2 Příspěvek od Rudy »

Zdravím!
V desítkách je RSIT opravdu k ničemu. Není s nimi plně kompatibilní a při mazání může dojí t k poškození systému. Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Po ní však budu potřebovat logy FRST+Addition. Pokud vám Avast ovlivňuje práci s FRST, vypněte jej po dobu práce.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
StepanMez
Návštěvník
Návštěvník
Příspěvky: 22
Registrován: 19 lis 2017 15:35

Re: Yahoo jako domovská stránka, pomalý počítač, procesy na pozadí

#3 Příspěvek od StepanMez »

Dobrý den, děkuji za pomoc, vkládám dle pokynů.
Děkuji za vysvětlení problému s RSIT, už si proaktivitu nechám pro sebe :)
Log z FRST již vyjel.
Po spuštění AdwCleaneru mi pak bohužel přestali fungovat gesta na touchpadu (scrollovaní dvěma prsty apod.)

# -------------------------------
# Malwarebytes AdwCleaner 8.1.0.0
# -------------------------------
# Build: 02-15-2021
# Database: 2021-03-09.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 03-11-2021
# Duration: 00:00:40
# OS: Windows 10 Home
# Cleaned: 6
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\ProgramData\{0897014C-63E3-47DF-8A5F-4399CC5D61B9}
Deleted C:\Windows\Installer\{4D0A0750-B034-4DF8-97DE-26F1212AC2FF}

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\Conduit
Deleted HKCU\Software\csastats
Deleted HKLM\SOFTWARE\Classes\Applications\DriverDocSetup.exe
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{4D0A0750-B034-4DF8-97DE-26F1212AC2FF}

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [2462 octets] - [11/03/2021 12:19:09]
AdwCleaner[S01].txt - [2523 octets] - [11/03/2021 12:24:24]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########


FRST:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 28-02-2021
Ran by Uzivatel (administrator) on DELL_INSPIK (Dell Inc. Inspiron 11 - 3147) (11-03-2021 12:30:14)
Running from C:\Users\Uzivatel\Desktop
Loaded Profiles: Uzivatel
Platform: Windows 10 Home Version 2004 19041.804 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <4>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2101.10.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <4>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9269352 2019-11-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506384 2019-11-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [WavesSvc] => C:\Program Files\Realtek\Audio\HDA\WavesSvc64.exe [519256 2014-02-17] (Waves Inc -> Waves Audio Ltd.)
HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [3775816 2014-02-27] (Wistron Corporation -> Dell Inc.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [117352 2021-01-02] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506384 2019-11-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2779376 2013-08-23] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe [134784 2014-02-25] (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed]
HKU\S-1-5-21-1760136913-3934937332-2734838206-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Uzivatel\AppData\Local\Microsoft\Teams\Update.exe [2453688 2020-11-23] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-1760136913-3934937332-2734838206-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [32726088 2021-03-05] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-1760136913-3934937332-2734838206-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [365760 2020-04-02] (AVB Disc Soft, SIA -> Disc Soft Ltd)
HKU\S-1-5-21-1760136913-3934937332-2734838206-1001\...\Run: [PTOneClick] => C:\Program Files (x86)\Webex\Webex\Applications\ptoneclk.exe [7690560 2020-09-18] (Cisco WebEx LLC -> Cisco Webex LLC)
HKU\S-1-5-21-1760136913-3934937332-2734838206-1001\...\Run: [CiscoMeetingDaemon] => C:\Users\Uzivatel\AppData\Local\WebEx\ciscowebexstart.exe [2427592 2021-01-22] (Cisco WebEx LLC -> Cisco Webex LLC)
HKU\S-1-5-21-1760136913-3934937332-2734838206-1001\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Uzivatel\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe"
HKU\S-1-5-21-1760136913-3934937332-2734838206-1001\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Uzivatel\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe"
HKU\S-1-5-21-1760136913-3934937332-2734838206-1001\...\RunOnce: [Uninstall 21.002.0104.0005\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Uzivatel\AppData\Local\Microsoft\OneDrive\21.002.0104.0005\amd64"
HKU\S-1-5-21-1760136913-3934937332-2734838206-1001\...\RunOnce: [Uninstall 21.002.0104.0005] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Uzivatel\AppData\Local\Microsoft\OneDrive\21.002.0104.0005"
HKLM\...\Print\Monitors\PDF-XChange5: C:\Windows\system32\pxc50pm.dll [57920 2013-01-19] (Tracker Software Products (Canada) Ltd -> Tracker Software Products (Canada) Ltd.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\88.0.4324.190\Installer\chrmstp.exe [2021-02-28] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\WINDOWS\system32\AthCredentialProvider.dll [2014-02-25] (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed]
HKLM\Software\...\Authentication\Credential Provider Filters: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\WINDOWS\system32\AthCredentialProvider.dll [2014-02-25] (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed]
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter "C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter" "C:\Program Files\McAfee\TrueKey\McAfeeTrueKeyPasswordFilter"
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0C4C309A-4C26-4EAB-BEA6-25AD80C1BE39} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [114000 2021-03-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {16AE684C-C634-4FEC-81BD-5037C5324304} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-06-09] (Adobe Inc. -> Adobe)
Task: {21882038-A5E4-4CCF-8A31-284A6CA50974} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23080304 2021-02-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {2A547DC1-091C-45B2-B606-56F1F46EFAAC} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-03-05] (Piriform Software Ltd -> Piriform)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {3CF3D5EC-6FD4-4D50-9E0E-22F16D4BF616} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-11-19] (Google Inc -> Google Inc.)
Task: {497D94D3-236E-4B64-A784-810BF822515B} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload => {EBF00FCB-0769-4B81-9BEC-6C05514111AA}
Task: {4FECF91B-AC54-4FFD-A6CE-BC396275C540} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [27168840 2021-03-05] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {6CB4C357-FF8C-4E46-B0B0-A7C936F679E3} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2779376 2013-08-23] (Synaptics Incorporated -> Synaptics Incorporated)
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task => {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Task: {7BA64543-288E-41FD-83AC-C634F6653A0A} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [4621920 2021-01-02] (Avast Software s.r.o. -> AVAST Software)
Task: {7CEEB64E-CBB4-4772-AAC3-024EB86A1881} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe
Task: {7F0C78FA-9DF6-4A41-A3F7-AE84CE329DB0} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1791712 2021-02-23] (Avast Software s.r.o. -> Avast Software)
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task => {1B1F472E-3221-4826-97DB-2C2324D389AE}
Task: {9F1575B2-8237-499C-B894-70D8B222853A} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [114000 2021-03-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {A0CEF68F-9E3E-484C-B901-DF7DCFD8F4BC} - System32\Tasks\Dell\Dell Product Registration Update => C:\Program Files (x86)\Dell Product Registration\prodreg.exe
Task: {B08912F2-0A18-4B5F-B1FD-65A9BFA51DEA} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23080304 2021-02-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {B8A27A16-27C6-452A-A281-156B13B212E8} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_387_pepper.exe [1454648 2020-06-09] (Adobe Inc. -> Adobe)
Task: {C8328848-8969-47C5-9690-68E4D29EB0B8} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1133488 2021-03-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {CA84CFA1-C1F0-44BE-B421-FFD363B17AB7} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {D6C17D52-E16E-42F1-BF33-450610D8E3ED} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-11-19] (Google Inc -> Google Inc.)
Task: {E5475968-16E0-4B65-B6B2-AE110135A7A3} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {F12E69A8-DA46-4E9D-BF61-8A01272F3CF4} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee VirusScan\upgrade.exe [4545544 2019-06-04] (McAfee, LLC -> McAfee, LLC.)
Task: {FFFF38AA-81C6-4D17-A678-268D509B0233} - System32\Tasks\Driver Booster SkipUAC (Uzivatel) => C:\Program Files (x86)\IObit\Driver Booster\5.1.0\DriverBooster.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 0.0.0.0
Tcpip\..\Interfaces\{2BE94B17-B762-4588-9AB9-F24745BCA7AB}: [DhcpNameServer] 172.6.1.171
Tcpip\..\Interfaces\{A3FCC5E9-945F-405E-9BB4-32F9D771E546}: [DhcpNameServer] 192.168.0.1 0.0.0.0

Edge:
=======
Edge Profile: C:\Users\Uzivatel\AppData\Local\Microsoft\Edge\User Data\Default [2021-03-11]
Edge Extension: (Cisco Webex Extension) - C:\Users\Uzivatel\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\cmihkeafcknlomclapaddfljaeegfbdl [2020-11-23]
Edge HKLM-x32\...\Edge\Extension: [cmihkeafcknlomclapaddfljaeegfbdl]

FireFox:
========
FF DefaultProfile: pvfrtlb3.default
FF ProfilePath: C:\Users\Uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\pvfrtlb3.default [2021-03-11]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Extension: (McAfee® WebAdvisor) - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi [2021-02-11] [UpdateUrl:hxxps://sadownload.mcafee.com/products/SA/Win/xpi/webadvisor/update.json]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2013-01-19] (Tracker Software Products (Canada) Ltd -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2013-01-19] (Tracker Software Products (Canada) Ltd -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @java.com/DTPlugin,version=11.144.2 -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\dtplugin\npDeployJava1.dll [2017-09-19] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.144.2 -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\plugin2\npjp2.dll [2017-09-19] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-03-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @webex.com/npatgpc -> C:\Program Files (x86)\Webex\npatgpc.dll [2020-09-18] (Cisco WebEx LLC -> Cisco WebEx LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-02-25] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1760136913-3934937332-2734838206-1001: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2013-01-19] (Tracker Software Products (Canada) Ltd -> Tracker Software Products (Canada) Ltd.)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\810750.js [2017-03-26] <==== ATTENTION (Points to *.cfg file)

Chrome:
=======
CHR DefaultProfile: Profile 1
CHR Profile: C:\Users\Uzivatel\AppData\Local\Google\Chrome\User Data\Profile 1 [2021-03-11]
CHR DefaultSearchURL: Profile 1 -> hxxps://search.yahoo.com/search?fr=mcafee_uninternational&type=E210CZ91105G0&p={searchTerms}
CHR DefaultSearchKeyword: Profile 1 -> mcafee
CHR Extension: (Adobe Acrobat) - C:\Users\Uzivatel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2021-02-16]
CHR Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\Uzivatel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2021-02-16]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\Uzivatel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2021-02-28]
CHR Extension: (Cisco Webex Extension) - C:\Users\Uzivatel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\jlhmfgmfgeifomenelglieieghnjghma [2021-02-16]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Uzivatel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-16]
CHR Extension: (Chrome Media Router) - C:\Users\Uzivatel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-02-16]
CHR Profile: C:\Users\Uzivatel\AppData\Local\Google\Chrome\User Data\System Profile [2021-03-10]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [jlhmfgmfgeifomenelglieieghnjghma]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-06-09] (Adobe Inc. -> Adobe)
S2 AERTFilters; C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [106944 2017-11-27] (Andrea Electronics -> Andrea Electronics Corporation)
S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [8477080 2021-01-02] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [621728 2021-01-02] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [351848 2021-01-02] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [58048 2021-01-02] (Avast Software s.r.o. -> AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8988552 2021-02-22] (Microsoft Corporation -> Microsoft Corporation)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [4507328 2020-04-02] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [959752 2021-02-11] (McAfee, LLC -> McAfee, LLC)
S2 TrueKey; C:\Program Files\McAfee\TrueKey\McAfee.TrueKey.Service.exe [420176 2019-05-30] (McAfee, LLC. -> McAfee, LLC.)
S2 TrueKeyScheduler; C:\Program Files\McAfee\TrueKey\McTkSchedulerService.exe [420176 2019-05-30] (McAfee, LLC. -> McAfee, LLC.)
S2 TrueKeyServiceHelper; C:\Program Files\McAfee\TrueKey\McAfee.TrueKey.ServiceHelper.exe [192912 2019-05-30] (McAfee, LLC. -> McAfee, LLC.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\NisSrv.exe [3206472 2019-12-16] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WebexService; C:\Program Files (x86)\Webex\Webex\Applications\WebExService.exe [146240 2020-09-18] (Cisco WebEx LLC -> Cisco WebEx LLC)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MsMpEng.exe [103376 2019-12-16] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [36792 2021-01-02] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [208672 2021-01-02] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [332880 2021-01-02] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [247888 2021-01-02] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [97360 2021-01-02] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [16832 2021-01-02] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42424 2021-01-02] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [176384 2021-01-02] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [522480 2021-01-02] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [108928 2021-01-02] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [84496 2021-01-02] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [851256 2021-01-02] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [468888 2021-01-08] (Avast Software s.r.o. -> AVAST Software)
S2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [214808 2021-01-07] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [324904 2021-01-07] (Avast Software s.r.o. -> AVAST Software)
R3 athr; C:\WINDOWS\System32\drivers\athwbx.sys [4309896 2017-11-27] (Qualcomm Atheros -> Qualcomm Atheros Communications, Inc.)
R3 DellRbtn; C:\WINDOWS\System32\drivers\DellRbtn.sys [10752 2013-01-25] (Microsoft Windows Hardware Compatibility Publisher -> OSR Open Systems Resources, Inc.)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [42256 2020-04-02] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [59360 2020-04-02] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S3 dtproscsibus; C:\WINDOWS\System32\drivers\dtproscsibus.sys [30264 2020-03-24] (Disc Soft Ltd -> Disc Soft Ltd)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2017-11-27] (Martin Malik - REALiX -> REALiX(tm))
R0 stdcfltn; C:\WINDOWS\System32\DRIVERS\stdcfltn.sys [22168 2012-07-13] (STMicroelectronics -> ST Microelectronics)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45664 2019-12-16] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [355760 2019-12-16] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54192 2019-12-16] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-03-11 12:30 - 2021-03-11 12:33 - 000023640 _____ C:\Users\Uzivatel\Desktop\FRST.txt
2021-03-11 12:13 - 2021-03-11 12:14 - 008463216 _____ (Malwarebytes) C:\Users\Uzivatel\Downloads\adwcleaner_8.1.exe
2021-03-10 13:28 - 2021-03-10 13:28 - 001222144 _____ C:\Users\Uzivatel\Downloads\RSITx64.exe
2021-03-10 12:05 - 2021-03-10 12:05 - 002301440 _____ (Farbar) C:\Users\Uzivatel\Desktop\FRST64.exe
2021-02-28 23:32 - 2021-03-01 00:19 - 000000000 ____D C:\Users\Uzivatel\Desktop\Erasmus řihláška
2021-02-27 15:19 - 2021-02-27 15:19 - 000501142 _____ C:\Users\Uzivatel\Downloads\vyspl_661331 (3).pdf
2021-02-27 15:19 - 2021-02-27 15:19 - 000287713 _____ C:\Users\Uzivatel\Downloads\prehled_vysledku_zk_id_studia_661331.pdf
2021-02-27 15:11 - 2021-02-27 15:11 - 000511732 _____ C:\Users\Uzivatel\Downloads\vyspl_499815.pdf
2021-02-27 15:11 - 2021-02-27 15:11 - 000501142 _____ C:\Users\Uzivatel\Downloads\vyspl_661331 (2).pdf
2021-02-27 15:09 - 2021-02-27 15:09 - 000501143 _____ C:\Users\Uzivatel\Downloads\vyspl_661331 (1).pdf
2021-02-27 15:09 - 2021-02-27 15:09 - 000488955 _____ C:\Users\Uzivatel\Downloads\vyspl_661331.pdf
2021-02-27 14:59 - 2021-02-27 14:59 - 030950888 _____ (Piriform Software Ltd) C:\Users\Uzivatel\Downloads\ccsetup577.exe
2021-02-18 21:19 - 2021-02-18 21:19 - 000000000 ____D C:\Users\Uzivatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zařízení Bluetooth
2021-02-18 19:21 - 2021-02-18 19:21 - 000000000 ____D C:\Users\Uzivatel\AppData\Local\ElevatedDiagnostics
2021-02-17 17:50 - 2021-02-18 20:01 - 001504943 _____ C:\Users\Uzivatel\Desktop\tisk.pptx
2021-02-17 14:26 - 2021-02-17 14:26 - 000150665 _____ C:\Users\Uzivatel\Downloads\Obcanstvi-a-participace-150x230-sazbaF-2_23-58.pdf
2021-02-17 14:22 - 2021-02-17 14:22 - 000137261 _____ C:\Users\Uzivatel\Downloads\teorell.pdf
2021-02-17 14:22 - 2021-02-17 14:22 - 000123204 _____ C:\Users\Uzivatel\Downloads\FungAnnRevSoc03.pdf
2021-02-16 12:09 - 2021-02-16 12:09 - 000000000 ____D C:\Users\Uzivatel\Desktop\FRST-OlderVersion
2021-02-16 11:22 - 2021-02-16 11:22 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-02-16 11:20 - 2021-02-16 11:20 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-02-16 11:20 - 2021-02-16 11:20 - 001314112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-02-16 11:20 - 2021-02-16 11:20 - 000010892 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-02-16 11:15 - 2021-02-16 11:15 - 000231232 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2021-02-12 00:00 - 2021-03-11 12:31 - 000000000 ____D C:\FRST
2021-02-10 14:40 - 2021-02-11 22:10 - 000000000 ____D C:\Users\Uzivatel\Desktop\fwinformacekpodepsnprohlennarok2021adostio
2021-02-10 14:37 - 2021-02-10 14:38 - 001291262 _____ C:\Users\Uzivatel\Downloads\fwinformacekpodepsnprohlennarok2021adostio.zip

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-03-11 12:35 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-03-11 12:21 - 2017-11-19 18:28 - 000000000 ____D C:\AdwCleaner
2021-03-11 12:19 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-03-11 12:15 - 2017-03-24 15:46 - 000000000 ____D C:\Program Files\CCleaner
2021-03-11 12:12 - 2017-03-27 14:56 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-03-11 12:12 - 2017-03-27 14:56 - 000000000 ____D C:\Program Files\Malwarebytes
2021-03-11 12:09 - 2021-01-02 22:54 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2021-03-10 13:29 - 2017-11-19 15:39 - 000000000 ____D C:\Program Files\trend micro
2021-03-10 13:26 - 2021-01-02 22:07 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-03-10 12:57 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-03-10 12:31 - 2017-10-04 11:07 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2021-03-10 12:25 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-03-10 12:11 - 2020-08-09 19:26 - 000002421 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-03-10 11:57 - 2021-01-20 23:55 - 000003490 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6e14e6aacfaea
2021-03-10 11:57 - 2021-01-02 22:54 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-03-10 11:54 - 2021-01-02 15:39 - 000000000 ___DC C:\WINDOWS\Panther
2021-03-10 11:54 - 2015-12-11 18:16 - 000000000 ____D C:\Users\Uzivatel\AppData\Local\CrashDumps
2021-03-10 11:46 - 2021-01-02 22:54 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-03-10 11:45 - 2021-01-02 22:33 - 001693136 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-03-10 11:45 - 2019-12-07 15:41 - 000717844 _____ C:\WINDOWS\system32\perfh005.dat
2021-03-10 11:45 - 2019-12-07 15:41 - 000144986 _____ C:\WINDOWS\system32\perfc005.dat
2021-03-01 00:12 - 2017-11-19 15:34 - 000002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-03-01 00:12 - 2017-11-19 15:34 - 000002262 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-02-28 23:29 - 2021-01-02 22:54 - 000003288 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-02-28 23:29 - 2021-01-02 22:54 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVAST Software
2021-02-28 23:28 - 2021-01-02 22:54 - 000003400 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-02-28 23:28 - 2021-01-02 22:54 - 000003176 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-02-27 15:21 - 2021-01-02 22:54 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2021-02-27 15:19 - 2017-03-22 09:22 - 000002138 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-02-27 15:11 - 2017-03-23 19:50 - 000000000 ___RD C:\Users\Uzivatel\OneDrive
2021-02-27 15:00 - 2017-03-24 15:46 - 000000865 _____ C:\Users\Public\Desktop\CCleaner.lnk
2021-02-27 14:57 - 2021-01-02 22:54 - 000002124 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2021-02-27 14:31 - 2021-01-02 22:16 - 000002419 _____ C:\Users\Uzivatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-02-24 13:38 - 2020-08-17 22:57 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-02-18 21:24 - 2017-03-22 10:25 - 000000000 ____D C:\ProgramData\AVAST Software
2021-02-18 21:14 - 2019-12-16 17:27 - 000000000 __SHD C:\Users\Uzivatel\IntelGraphicsProfiles
2021-02-18 21:11 - 2021-01-02 22:07 - 005132488 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-02-18 21:09 - 2021-01-02 22:54 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-02-18 21:09 - 2021-01-02 22:07 - 000008192 ___SH C:\DumpStack.log.tmp
2021-02-18 21:09 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-02-18 21:09 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-02-18 21:08 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-02-18 21:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Keywords
2021-02-18 21:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-02-18 21:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-02-18 21:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Keywords
2021-02-18 21:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-02-18 21:05 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-02-18 21:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-02-18 21:05 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-02-18 21:05 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\System
2021-02-18 21:05 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2021-02-16 11:43 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-02-16 10:23 - 2017-03-21 19:59 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-02-16 09:45 - 2017-03-21 19:58 - 130141752 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

==================== Files in the root of some directories ========

2017-08-19 15:16 - 2017-08-19 15:16 - 000000132 _____ () C:\Users\Uzivatel\AppData\Roaming\Adobe BMP Format CS5 Prefs
2020-03-24 14:27 - 2020-03-24 14:44 - 000099384 _____ () C:\Users\Uzivatel\AppData\Roaming\inst.exe
2020-03-24 14:27 - 2020-03-24 14:44 - 000007859 _____ () C:\Users\Uzivatel\AppData\Roaming\pcouffin.cat
2020-03-24 14:27 - 2020-03-24 14:44 - 000001167 _____ () C:\Users\Uzivatel\AppData\Roaming\pcouffin.inf
2020-03-24 14:27 - 2020-03-24 14:44 - 000000055 _____ () C:\Users\Uzivatel\AppData\Roaming\pcouffin.log
2020-03-24 14:27 - 2020-03-24 14:44 - 000082816 _____ (VSO Software) C:\Users\Uzivatel\AppData\Roaming\pcouffin.sys
2020-04-19 17:35 - 2020-04-19 17:35 - 000003584 _____ () C:\Users\Uzivatel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

ADDITION:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-02-2021
Ran by Uzivatel (11-03-2021 12:38:08)
Running from C:\Users\Uzivatel\Desktop
Windows 10 Home Version 2004 19041.804 (X64) (2021-01-02 21:56:38)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1760136913-3934937332-2734838206-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1760136913-3934937332-2734838206-503 - Limited - Disabled)
Guest (S-1-5-21-1760136913-3934937332-2734838206-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1760136913-3934937332-2734838206-1003 - Limited - Enabled)
Uzivatel (S-1-5-21-1760136913-3934937332-2734838206-1001 - Administrator - Enabled) => C:\Users\Uzivatel
WDAGUtilityAccount (S-1-5-21-1760136913-3934937332-2734838206-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Disabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 21.001.20142 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 27.0.0.124 - Adobe Systems Incorporated)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.387 - Adobe)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 20.10.2442 - Avast Software)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.70.1080 - AB Team, d.o.o.)
CCleaner (HKLM\...\CCleaner) (Version: 5.77 - Piriform)
Cisco Webex Meetings (HKLM-x32\...\{E6DA38F7-BA12-F157-2773-835D3D043C6A}) (Version: 40.9.6.11 - Cisco Webex LLC)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.12.0.1184 - Disc Soft Ltd)
Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 17.0.11.1 - Synaptics Incorporated)
Dell WLAN and Bluetooth Client Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Dell Inc.)
GoldWave v6.51 (HKLM\...\GoldWave v6.51) (Version: 6.51 - GoldWave Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 88.0.4324.190 - Google LLC)
Harry Potter - mistrovství světa ve famfrpálu (HKLM-x32\...\{BED97FB6-E9E2-4DEC-009D-9950236206DA}) (Version: - )
Hotline Miami 2 - Wrong Number (HKLM-x32\...\1424773427_is1) (Version: 2.0.0.1 - GOG.com)
IBM SPSS Statistics 21 (HKLM\...\{1E26B9C2-ED08-4EEA-83C8-A786502B41E5}) (Version: 21.0.0.0 - IBM Corp)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3408 - Intel Corporation)
Java 8 Update 144 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180144F0}) (Version: 8.0.1440.1 - Oracle Corporation)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
McAfee True Key (HKLM\...\TrueKey) (Version: 6.0.150.1 - McAfee, LLC)
Microsoft 365 - cs-cz (HKLM\...\O365HomePremRetail - cs-cz) (Version: 16.0.13801.20266 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 89.0.774.45 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.141.63 - )
Microsoft OneDrive (HKU\S-1-5-21-1760136913-3934937332-2734838206-1001\...\OneDriveSetup.exe) (Version: 21.016.0124.0003 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-1760136913-3934937332-2734838206-1001\...\Teams) (Version: 1.3.00.30866 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{99FAF70F-9B61-4AB0-9EC0-B31F98FFDC4A}) (Version: 2.75.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.13801.20182 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.13801.20182 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.13801.20182 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.13801.20182 - Microsoft Corporation) Hidden
PDF-XChange 2012 Pro (HKLM\...\{F92F0AAB-2EF6-412C-8BF4-0B11EB535280}_is1) (Version: 5.0.267.0 - Tracker Software Products Ltd)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.318 - Qualcomm Atheros Communications)
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 11.1.21 - Dell Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8581 - Realtek Semiconductor Corp.)
ST Microelectronics 3 Axis Digital Accelerometer Solution (HKLM-x32\...\{9C24F411-9CA7-4A8A-91F3-F08A4A38EB31}) (Version: 4.11.0052 - ST Microelectronics)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Teams Machine-Wide Installer (HKLM-x32\...\{39AF0813-FA7B-4860-ADBE-93B9B214B914}) (Version: 1.2.0.24753 - Microsoft Corporation)
This War of Mine verze 1.4.1 (HKLM-x32\...\This War of Mine_is1) (Version: 1.4.1 - 11 bit studios)
Total Commander (Remove or Repair) (HKLM-x32\...\Totalcmd) (Version: 9.0a - Ghisler Software GmbH)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.11 - VideoLAN)
WebAdvisor od společnosti McAfee (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.200 - McAfee, LLC)
Windows Movie Maker 2.6 (HKLM-x32\...\{B3DAF54F-DB25-4586-9EF1-96D24BB14088}) (Version: 2.6.4037.0 - Microsoft Corporation)
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
Zoom (HKU\S-1-5-21-1760136913-3934937332-2734838206-1001\...\ZoomUMX) (Version: 5.4.9 (59931.0110) - Zoom Video Communications, Inc.)

Packages:
=========
Adobe Revel -> C:\Program Files\WindowsApps\AdobeSystemsIncorporated.AdobeRevel_1.5.101.6_x64__ynb6jyjzte8ga [2017-03-22] (Adobe Systems Incorporated)
Asphalt 8: Airborne -> C:\Program Files\WindowsApps\GAMELOFTSA.Asphalt8Airborne_5.6.8.0_x86__0pp20fcewvvtj [2021-02-16] (GAMELOFT SA)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-01-02] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-01-02] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.1252.0_x64__8wekyb3d8bbwe [2021-01-30] (Microsoft Studios) [MS Ad]
MSN Cestování -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe [2021-01-02] (Microsoft Corporation) [MS Ad]
MSN Gurmánský svět -> C:\Program Files\WindowsApps\Microsoft.BingFoodAndDrink_3.0.4.336_x64__8wekyb3d8bbwe [2021-01-02] (Microsoft Corporation) [MS Ad]
MSN Sports -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-28] (Microsoft Corporation) [MS Ad]
MSN Zdraví a fitness -> C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.4.336_x64__8wekyb3d8bbwe [2021-01-02] (Microsoft Corporation) [MS Ad]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.97.752.0_x64__mcm4njqhnhss8 [2020-10-01] (Netflix, Inc.)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.154.592.0_x86__zpdnekdrzrea0 [2021-03-10] (Spotify AB) [Startup Task]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1760136913-3934937332-2734838206-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\Uzivatel\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20275.4\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1760136913-3934937332-2734838206-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel(R) pGFX -> Intel Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-01-02] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-01-02] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-01-02] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2020-04-02] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-01-02] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2020-04-02] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [FTShellContext] -> {AFF81F7B-6942-40c4-AADA-7214EF7B6DD1} => C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\ShellContextExt.dll [2014-02-25] (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-05-03] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-01-02] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\Uzivatel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"

==================== Loaded Modules (Whitelisted) =============

2014-02-25 23:50 - 2014-02-25 23:50 - 000033408 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\CommApi.dll
2014-02-25 23:51 - 2014-02-25 23:51 - 000203392 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\FolderViewImpl.dll
2014-02-25 23:51 - 2014-02-25 23:51 - 000034432 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\ipc.dll
2014-02-25 23:51 - 2014-02-25 23:51 - 000291456 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\ShellContextExt.dll
2014-02-25 23:51 - 2014-02-25 23:51 - 000027264 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\TCPConnection.dll
2014-02-25 23:51 - 2014-02-25 23:51 - 000115328 _____ (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\utils.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-1760136913-3934937332-2734838206-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell13.msn.com/?pc=DCJB
SearchScopes: HKU\S-1-5-21-1760136913-3934937332-2734838206-1001 -> DefaultScope {BB342EFE-F08E-4E8A-9FE2-B6AE8CC2246A} URL =
SearchScopes: HKU\S-1-5-21-1760136913-3934937332-2734838206-1001 -> {BB342EFE-F08E-4E8A-9FE2-B6AE8CC2246A} URL =
BHO: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\McAfee\TrueKey\MSIE\truekey_ie64.dll [2018-04-23] (McAfee, Inc. -> Intel Security)
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2021-03-10] (Microsoft Corporation -> Microsoft Corporation)
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2021-02-11] (McAfee, LLC -> McAfee, LLC)
BHO-x32: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\McAfee\TrueKey\MSIE\truekey_ie.dll [2018-04-23] (McAfee, Inc. -> Intel Security)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\ssv.dll [2017-09-19] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2021-02-11] (McAfee, LLC -> McAfee, LLC)
Toolbar: HKLM - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\McAfee\TrueKey\MSIE\truekey_ie64.dll [2018-04-23] (McAfee, Inc. -> Intel Security)
Toolbar: HKLM-x32 - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\McAfee\TrueKey\MSIE\truekey_ie.dll [2018-04-23] (McAfee, Inc. -> Intel Security)
Toolbar: HKLM-x32 - PDFXChange 2012 - {42DFA04F-0F16-418e-B80C-AB97A5AFAD3A} - C:\Program Files\Tracker Software\PDF-XChange 5\PXCIEaddin5.dll [2013-01-19] (Tracker Software Products (Canada) Ltd -> Tracker Software Products (Canada) Ltd.)
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} hxxps://fpdownload.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: HKLM-x32 {E06E2E99-0AA1-11D4-ABA6-0060082AA75C}
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-03-10] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-03-10] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-03-10] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-03-10] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2017-03-22 10:34 - 000000826 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-1760136913-3934937332-2734838206-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Uzivatel\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\tapeta programu windows prohlížeč fotografií.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKU\S-1-5-21-1760136913-3934937332-2734838206-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"
HKU\S-1-5-21-1760136913-3934937332-2734838206-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-1760136913-3934937332-2734838206-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-1760136913-3934937332-2734838206-1001\...\StartupApproved\Run: => "Lync"
HKU\S-1-5-21-1760136913-3934937332-2734838206-1001\...\StartupApproved\Run: => "PTOneClick"
HKU\S-1-5-21-1760136913-3934937332-2734838206-1001\...\StartupApproved\Run: => "CiscoMeetingDaemon"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{2EFD2FE5-7193-4360-BECB-6B42D5B0CB2E}C:\users\uzivatel\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\uzivatel\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{F18696B9-1838-4D46-AC41-83FE704133DE}C:\users\uzivatel\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\uzivatel\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{60C5ACAB-99C1-4B86-BC61-C4C1F5356845}] => (Allow) C:\Users\Uzivatel\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{3BBEB5FC-7333-44D0-818B-626C71177BD0}] => (Allow) C:\Users\Uzivatel\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{6854DD76-CA77-4C1D-929B-38659C7B1B58}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{B115F1C0-702F-485B-999C-578796FE2123}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{7BFAFCC2-4476-43C5-8F87-48EDE1B27761}] => (Allow) C:\Users\Uzivatel\AppData\Roaming\uTorrent\uTorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{6CC6C451-37FB-4F34-8EF0-4DBD84D36C03}] => (Allow) C:\Users\Uzivatel\AppData\Roaming\uTorrent\uTorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [TCP Query User{B80D2EA7-4CC2-4917-A3E7-8E68B75E5B66}C:\program files\ibm\spss\statistics\subscription\stats.exe] => (Allow) C:\program files\ibm\spss\statistics\subscription\stats.exe (IBM -> IBM Corp.) [File not signed]
FirewallRules: [UDP Query User{0441BB43-7F6B-41C0-8119-9CD0EDCB1BAE}C:\program files\ibm\spss\statistics\subscription\stats.exe] => (Allow) C:\program files\ibm\spss\statistics\subscription\stats.exe (IBM -> IBM Corp.) [File not signed]
FirewallRules: [{4654BAFD-B4DA-423F-B952-EA60CB30B254}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\21\WinWrapIDE.exe (International Business Machines Corporation -> IBM Corp.) [File not signed]
FirewallRules: [{554E883C-3D4B-43FE-8A76-50B3B6742F0E}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\21\WinWrapIDE.exe (International Business Machines Corporation -> IBM Corp.) [File not signed]
FirewallRules: [{82751AC7-3D3E-4204-BFAB-DC4DCA451409}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\21\stats.com (International Business Machines Corporation -> IBM Corp.) [File not signed]
FirewallRules: [{06242C5F-7956-4A2B-ACCC-363FC7B1AC57}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\21\stats.com (International Business Machines Corporation -> IBM Corp.) [File not signed]
FirewallRules: [{497A005E-2A4E-45BA-B033-45FCEBE47F55}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\21\stats.exe (International Business Machines Corporation -> IBM Corp.) [File not signed]
FirewallRules: [{CCFF23F7-D7F2-47C4-85FE-1B1F65D19EDA}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\21\stats.exe (International Business Machines Corporation -> IBM Corp.) [File not signed]
FirewallRules: [TCP Query User{C3DBB5C1-60AD-46C5-BF03-AF3B0461B42D}C:\program files\ibm\spss\statistics\21\jre\bin\javaw.exe] => (Block) C:\program files\ibm\spss\statistics\21\jre\bin\javaw.exe
FirewallRules: [UDP Query User{7397D28F-9BF0-416A-ACA0-F97493793C45}C:\program files\ibm\spss\statistics\21\jre\bin\javaw.exe] => (Block) C:\program files\ibm\spss\statistics\21\jre\bin\javaw.exe
FirewallRules: [TCP Query User{244F6601-F0FE-436F-A8D8-292B48BBE422}C:\program files\ibm\spss\statistics\21\stats.exe] => (Block) C:\program files\ibm\spss\statistics\21\stats.exe (International Business Machines Corporation -> IBM Corp.) [File not signed]
FirewallRules: [UDP Query User{D0E22397-5779-4F69-ABBE-C959E2B3CEA4}C:\program files\ibm\spss\statistics\21\stats.exe] => (Block) C:\program files\ibm\spss\statistics\21\stats.exe (International Business Machines Corporation -> IBM Corp.) [File not signed]
FirewallRules: [TCP Query User{4E2FF274-8BA8-425F-A078-2F59F47E3908}C:\program files\ibm\spss\statistics\21\jre\bin\javaw.exe] => (Allow) C:\program files\ibm\spss\statistics\21\jre\bin\javaw.exe
FirewallRules: [UDP Query User{ACDF51B1-3BA4-450C-90F3-5B5B2A0AA32A}C:\program files\ibm\spss\statistics\21\jre\bin\javaw.exe] => (Allow) C:\program files\ibm\spss\statistics\21\jre\bin\javaw.exe
FirewallRules: [{F4E35359-FB95-45B3-A2AE-BAC2D0C61644}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4673F64A-0B11-4494-8BCE-7FC7426DF656}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B3DA45B4-6217-4648-8162-F46673679091}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{FDD122BA-B6FA-4FDC-979F-7F4693D98EAF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{1DBC4781-40FB-45A7-BFE9-B03A9928F729}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{54E5E437-FD85-41F4-92A0-D42BAED415C7}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{DC0BC5D1-8D09-4FE5-9222-9484DE4B9EE4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.154.592.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{DFF42A8B-F70F-43E4-966C-7E08E1B3A1BB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.154.592.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{A01C57E8-9AE9-42F1-9770-19B608B64DDF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.154.592.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{A3E446DB-F041-4CA5-8BAC-0B55728BE9E5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.154.592.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{FDA3FDDE-B2EC-45EA-AE35-B83EDCC2C177}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.154.592.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{766221A8-7832-4AFD-A32F-9F73749A2AB0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.154.592.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{59BE5CC1-8F4A-4D7A-8B5E-0BC8BFBD3748}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.154.592.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{5E5D26BA-9BD8-41D1-9C68-270CB3277F7E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.154.592.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)

==================== Restore Points =========================

16-02-2021 10:23:46 Instalační služba modulů systému Windows
24-02-2021 13:56:08 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (03/11/2021 12:21:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: adwcleaner_7.0.4.0.exe, verze: 7.0.4.0, časové razítko: 0x59f3de9c
Název chybujícího modulu: adwcleaner_7.0.4.0.exe, verze: 7.0.4.0, časové razítko: 0x59f3de9c
Kód výjimky: 0xc0000005
Posun chyby: 0x0004c7aa
ID chybujícího procesu: 0x2308
Čas spuštění chybující aplikace: 0x01d71668aa139198
Cesta k chybující aplikaci: C:\Users\Uzivatel\Desktop\adwcleaner_7.0.4.0.exe
Cesta k chybujícímu modulu: C:\Users\Uzivatel\Desktop\adwcleaner_7.0.4.0.exe
ID zprávy: 125500bb-410e-4737-8b43-2e5296ccbab9
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (03/11/2021 12:21:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: adwcleaner_7.0.4.0.exe, verze: 7.0.4.0, časové razítko: 0x59f3de9c
Název chybujícího modulu: adwcleaner_7.0.4.0.exe, verze: 7.0.4.0, časové razítko: 0x59f3de9c
Kód výjimky: 0xc0000005
Posun chyby: 0x0004c7aa
ID chybujícího procesu: 0x3614
Čas spuštění chybující aplikace: 0x01d7166894b7a842
Cesta k chybující aplikaci: C:\Users\Uzivatel\Desktop\adwcleaner_7.0.4.0.exe
Cesta k chybujícímu modulu: C:\Users\Uzivatel\Desktop\adwcleaner_7.0.4.0.exe
ID zprávy: 541939ac-c041-44aa-99f3-7b9d9746d119
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (03/11/2021 12:16:15 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (03/11/2021 12:05:06 PM) (Source: ESENT) (EventID: 489) (User: )
Description: taskhostw (2580,G,0) Pokus o otevření souboru C:\Users\Uzivatel\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat jen pro čtení selhal. Došlo k systémové chybě 32 (0x00000020): Proces nemá přístup k souboru, neboť jej právě využívá jiný proces. . Operace otevření souboru selže a dojde k chybě -1032 (0xfffffbf8).

Error: (03/10/2021 12:26:45 PM) (Source: Windows Search Service) (EventID: 3007) (User: )
Description: Sledování výkonu objektu indexovacího modulu nebylo inicializováno, protože nejsou načteny čítače nebo nebyl otevřen sdílený objekt paměti. Tato skutečnost má vliv pouze na dostupnost čítačů výkonu. Restartujte počítač.

Kontext: aplikace , katalog SystemIndex

Error: (03/10/2021 11:57:55 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (03/10/2021 11:56:20 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program Microsoft.Photos.exe verze 2020.20110.11001.0 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 12c8

Čas spuštění: 01d706370c27d552

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2020.20110.11001.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe

ID hlášení: 97a31fcf-9422-4806-bcbb-493edd69923d

Úplný název balíčku s chybou: Microsoft.Windows.Photos_2020.20110.11001.0_x64__8wekyb3d8bbwe

ID aplikace relativní podle balíčku s chybou: App

Typ zablokování: Quiesce

Error: (03/10/2021 11:45:38 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: GameBar.exe, verze: 5.521.2012.0, časové razítko: 0x60184c72
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.804, časové razítko: 0x0e9c5eae
Kód výjimky: 0xc0000409
Posun chyby: 0x000000000010bd5c
ID chybujícího procesu: 0x2984
Čas spuštění chybující aplikace: 0x01d7159a5866ca61
Cesta k chybující aplikaci: C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.521.2012.0_x64__8wekyb3d8bbwe\GameBar.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 1ecfab02-8af9-4588-9f57-87901ae9f677
Úplný název chybujícího balíčku: Microsoft.XboxGamingOverlay_5.521.2012.0_x64__8wekyb3d8bbwe
ID aplikace související s chybujícím balíčkem: App


System errors:
=============
Error: (03/11/2021 12:25:09 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Presentation Foundation Font Cache 3.0.0.0 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.

Error: (03/11/2021 12:25:09 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Microsoft Office Klikni a spusť byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.

Error: (03/11/2021 12:25:09 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Disc Soft Lite Bus Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (03/11/2021 12:25:04 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba McAfee WebAdvisor byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 1 milisekund: Restartovat službu.

Error: (03/11/2021 12:25:02 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Adobe Acrobat Update Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (03/11/2021 12:24:58 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Andrea RT Filters Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (03/11/2021 12:24:57 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba McAfee True Key Helper Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (03/11/2021 12:24:57 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) HD Graphics Control Panel Service byla neočekávaně ukončena. Tento stav nastal již 1krát.


CodeIntegrity:
===============
Date: 2021-03-11 12:28:57
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2021-03-11 12:23:07
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements.


==================== Memory info ===========================

BIOS: Dell Inc. A00 04/11/2014
Motherboard: Dell Inc. 0V09NX
Processor: Intel(R) Pentium(R) CPU N3540 @ 2.16GHz
Percentage of memory in use: 72%
Total physical RAM: 3979.21 MB
Available physical RAM: 1096.05 MB
Total Virtual: 6923.21 MB
Available Virtual: 3218.85 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:464.67 GB) (Free:205.18 GB) NTFS

\\?\Volume{88b6ff47-42f9-4db4-94ec-c8da5137c4d2}\ () (Fixed) (Total:0.6 GB) (Free:0.12 GB) NTFS
\\?\Volume{6d1d5e77-4c6a-4d0e-94dd-866b01b593a5}\ (ESP) (Fixed) (Total:0.49 GB) (Free:0.46 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 06B95A22)

Partition: GPT.

==================== End of Addition.txt =======================
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119356
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Yahoo jako domovská stránka, pomalý počítač, procesy na pozadí

#4 Příspěvek od Rudy »

Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {3CF3D5EC-6FD4-4D50-9E0E-22F16D4BF616} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-11-19] (Google Inc -> Google Inc.)
Task: {D6C17D52-E16E-42F1-BF33-450610D8E3ED} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-11-19] (Google Inc -> Google Inc.)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\810750.js [2017-03-26] <==== ATTENTION (Points to *.cfg file)
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
C:\Users\Uzivatel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
SearchScopes: HKU\S-1-5-21-1760136913-3934937332-2734838206-1001 -> DefaultScope {BB342EFE-F08E-4E8A-9FE2-B6AE8CC2246A} URL =
SearchScopes: HKU\S-1-5-21-1760136913-3934937332-2734838206-1001 -> {BB342EFE-F08E-4E8A-9FE2-B6AE8CC2246A} URL =
DPF: HKLM-x32 {E06E2E99-0AA1-11D4-ABA6-0060082AA75C}

EmptyTemp:
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
StepanMez
Návštěvník
Návštěvník
Příspěvky: 22
Registrován: 19 lis 2017 15:35

Re: Yahoo jako domovská stránka, pomalý počítač, procesy na pozadí

#5 Příspěvek od StepanMez »

Provedeno
Fixlog zde:

Fix result of Farbar Recovery Scan Tool (x64) Version: 28-02-2021
Ran by Uzivatel (12-03-2021 17:35:42) Run:1
Running from C:\Users\Uzivatel\Desktop
Loaded Profiles: Uzivatel
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {3CF3D5EC-6FD4-4D50-9E0E-22F16D4BF616} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-11-19] (Google Inc -> Google Inc.)
Task: {D6C17D52-E16E-42F1-BF33-450610D8E3ED} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-11-19] (Google Inc -> Google Inc.)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\810750.js [2017-03-26] <==== ATTENTION (Points to *.cfg file)
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
C:\Users\Uzivatel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
SearchScopes: HKU\S-1-5-21-1760136913-3934937332-2734838206-1001 -> DefaultScope {BB342EFE-F08E-4E8A-9FE2-B6AE8CC2246A} URL =
SearchScopes: HKU\S-1-5-21-1760136913-3934937332-2734838206-1001 -> {BB342EFE-F08E-4E8A-9FE2-B6AE8CC2246A} URL =
DPF: HKLM-x32 {E06E2E99-0AA1-11D4-ABA6-0060082AA75C}

EmptyTemp:
End
*****************

Processes closed successfully.
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
HKLM\SOFTWARE\Policies\Google => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3CF3D5EC-6FD4-4D50-9E0E-22F16D4BF616}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3CF3D5EC-6FD4-4D50-9E0E-22F16D4BF616}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{D6C17D52-E16E-42F1-BF33-450610D8E3ED}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D6C17D52-E16E-42F1-BF33-450610D8E3ED}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
C:\Program Files (x86)\mozilla firefox\defaults\pref\810750.js => moved successfully
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore" => not found
C:\Users\Uzivatel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => moved successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
"HKU\S-1-5-21-1760136913-3934937332-2734838206-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
HKU\S-1-5-21-1760136913-3934937332-2734838206-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB342EFE-F08E-4E8A-9FE2-B6AE8CC2246A} => removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Code Store Database\Distribution Units\{E06E2E99-0AA1-11D4-ABA6-0060082AA75C} => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{E06E2E99-0AA1-11D4-ABA6-0060082AA75C} => removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 39500943 B
Java, Flash, Steam htmlcache => 84004756 B
Windows/system/drivers => 27897242 B
Edge => 40973 B
Chrome => 199773432 B
Firefox => 229376 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 0 B
Uzivatel => 15010772 B

RecycleBin => 0 B
EmptyTemp: => 359.5 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 17:37:09 ====
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119356
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Yahoo jako domovská stránka, pomalý počítač, procesy na pozadí

#6 Příspěvek od Rudy »

Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
StepanMez
Návštěvník
Návštěvník
Příspěvky: 22
Registrován: 19 lis 2017 15:35

Re: Yahoo jako domovská stránka, pomalý počítač, procesy na pozadí

#7 Příspěvek od StepanMez »

Dobrý den,

věřím, že změna nastala. Yahoo jsem se v prohlížeči zbavil restartem nastavení Chromu, gesta na touchpadu také fungují, zatím se zdá počítač méně pomalý. Jinak už mi ve Správci úloh nesvítí sloupec Disk s hodnotou 100 %. McAfee weabdvisor zůstal, ale ten jsem odinstaloval CCleanerem bez problémů.

Nerad bych zdržoval, ale moc rád bych se zeptal, co mohlo problém způsobit? (pokud bych opravdu zdržoval, obejdu se bez odpovědi :D )

Děkuji mockrát za pomoc. Možnost podpořit forum ve Vašem podpisu je aktuální? Předpokládám, že se teď nemusím bát z tohoto počítače provést platbu. :)
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119356
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Yahoo jako domovská stránka, pomalý počítač, procesy na pozadí

#8 Příspěvek od Rudy »

OK, to jsem rád. Odkaz v podpisu je aktuální (popř. bublina vpravo dole je totéž). PC by měl být bez malware. Co bylo přesně problémem vám nepovím ani já sám. Něco z toho, co bylo smazáno. Někde jsme mazali celé adresáře, takže možná něco v nich. Ostatní byl jen balast. Web Advisor je ovšem bezpečnostní aplikace a ta určitě problém nezpůsobila. Nemáte zač! :)
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
StepanMez
Návštěvník
Návštěvník
Příspěvky: 22
Registrován: 19 lis 2017 15:35

Re: Yahoo jako domovská stránka, pomalý počítač, procesy na pozadí

#9 Příspěvek od StepanMez »

Moc děkuju z info a za celou pomoc.
Hezké dny.
Nahoru
Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 119356
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:
Kontaktovat uživatele Rudy

Re: Yahoo jako domovská stránka, pomalý počítač, procesy na pozadí

#10 Příspěvek od Rudy »

Hezký den i vám a rádo se stalo! :)
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Nahoru
Zamčeno

Zpět na „Řešení problémů, logy“