Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Prosím o kontrolu

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zpráva
Autor
djcharlie2
Návštěvník
Návštěvník
Příspěvky: 9
Registrován: 31 bře 2023 23:52

Prosím o kontrolu

#1 Příspěvek od djcharlie2 »

Prosím o kontrolu, logy v příloze. Děkuji
logy.zip
(57.81 KiB) Staženo 29 x

djcharlie2
Návštěvník
Návštěvník
Příspěvky: 9
Registrován: 31 bře 2023 23:52

Re: Prosím o kontrolu

#2 Příspěvek od djcharlie2 »

Dnes mi celý den chodí autorizace na změny hesel z různých služeb atd, tak nevím, zda je to kvůli zavirovanemu PC, nebo někde utekla nějaká databáze.

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118200
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím o kontrolu

#3 Příspěvek od Rudy »

Zdravím!
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

djcharlie2
Návštěvník
Návštěvník
Příspěvky: 9
Registrován: 31 bře 2023 23:52

Re: Prosím o kontrolu

#4 Příspěvek od djcharlie2 »

# -------------------------------
# Malwarebytes AdwCleaner 8.4.0.0
# -------------------------------
# Build: 08-30-2022
# Database: 2022-10-10.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 04-02-2023
# Duration: 00:00:05
# OS: Windows 11 (Build 22621.1413)
# Scanned: 32085
# Detected: 22


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

Preinstalled.DellCommand|PowerManager Folder C:\Program Files\DELL\COMMANDPOWERMANAGER
Preinstalled.DellCommand|PowerManager Folder C:\ProgramData\DELL\COMMANDPOWERMANAGER
Preinstalled.DellCommand|PowerManager Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{18469ED8-8C36-4CF7-BD43-0FC9B1931AF8}
Preinstalled.DellSupportAssistAgent Folder C:\Program Files\DELL\SAREMEDIATION\AGENT
Preinstalled.DellSupportAssistAgent Folder C:\Program Files\DELL\SAREMEDIATION\AUDIT
Preinstalled.DellSupportAssistAgent Folder C:\Program Files\DELL\SAREMEDIATION\PLUGIN
Preinstalled.DellSupportAssistAgent Folder C:\Program Files\DELL\SUPPORTASSISTAGENT
Preinstalled.DellSupportAssistAgent Folder C:\ProgramData\DELL\SAREMEDIATION\PLUGIN
Preinstalled.DellSupportAssistAgent Folder C:\ProgramData\DELL\SUPPORTASSIST
Preinstalled.DellSupportAssistAgent Folder C:\ProgramData\SUPPORTASSIST\CLIENT\TECHNICIANTOOLKIT
Preinstalled.DellSupportAssistAgent Folder C:\Users\Tomáš\Documents\DELL\SUPPORTASSIST
Preinstalled.DellSupportAssistAgent Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D9D7AC2F-7C08-4DCB-825A-B7BF9D08A256}
Preinstalled.DellSupportAssistAgent Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D9D7AC2F-7C08-4DCB-825A-B7BF9D08A256}
Preinstalled.DellSupportAssistAgent Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Dell SupportAssistAgent AutoUpdate
Preinstalled.DellSupportAssistAgent Task C:\Windows\System32\Tasks\DELL SUPPORTASSISTAGENT AUTOUPDATE
Preinstalled.DellUpdateforWindows10 Folder C:\Program Files (x86)\DELL\UPDATESERVICE
Preinstalled.DellUpdateforWindows10 Folder C:\Program Files\DELL\UPDATE
Preinstalled.DellUpdateforWindows10 Folder C:\ProgramData\DELL\UPDATESERVICE
Preinstalled.SmartByte Folder C:\Program Files\RIVET NETWORKS
Preinstalled.SmartByte Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A00BBFB8-F225-40DD-A3FA-3AD91FA2DEB5}
Preinstalled.SmartByte Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SmartByte Telemetry
Preinstalled.SmartByte Task C:\Windows\System32\Tasks\SMARTBYTE TELEMETRY



########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118200
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím o kontrolu

#5 Příspěvek od Rudy »

Toto je OK. Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {25B3DC16-4E11-493E-9D38-CB6220F853CC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-11-30] (Google LLC -> Google LLC)
Task: {0B4DCD60-8058-4D17-9DF0-AF44AEA64EB7} - System32\Tasks\McAfeeTsk\OOBEUpgrader => C:\Program Files\McAfee\MSC\OOBE_Upgrader.exe /Run (No File)
Task: {4F67BDDC-8D58-488C-9DD7-59556B945FF6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-11-30] (Google LLC -> Google LLC)
Task: {D8E97E56-25DC-4E36-9020-E28DE7A98E3B} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => C:\WINDOWS\system32\MusNotification.exe /RunOnAC ReadyToReboot (No File)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => C:\WINDOWS\system32\MusNotification.exe (No File)
Task: {EF36D56B-2DA8-40A5-ADE8-8B4FCA2016C0} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\MusUx_LogonUpdateResults => C:\WINDOWS\system32\MusNotification.exe LogonUpdateResults (No File)
U1 aswbdisk; no ImagePath
C:\Users\Tomáš\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
AlternateDataStreams: C:\Users\Tomáš\Desktop\finance.xls:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\Tomáš\Desktop\fondy.ods:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\Tomáš\Downloads\avast_one_free_antivirus.exe:MBAM.Zone.Identifier [201]
FirewallRules: [{FD6B963F-6AD7-49C3-9913-8BCD695FBF44}] => (Allow) C:\Users\Tomáš\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{BB170C2C-5C73-442B-8202-7D2943EFC774}] => (Allow) C:\Users\Tomáš\AppData\Roaming\Zoom\bin\airhost.exe => No File

EmptyTemp:
End
Uložte do C:\Users\Tomáš\Downloads jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

djcharlie2
Návštěvník
Návštěvník
Příspěvky: 9
Registrován: 31 bře 2023 23:52

Re: Prosím o kontrolu

#6 Příspěvek od djcharlie2 »

Logfile of random's system information tool 1.10 (written by random/random)
Run by Tomáš at 2023-04-02 13:16:48
Microsoft Windows 11 Pro
System drive C: has 29 GB (10%) free of 301 GB
Total RAM: 16111 MB (43% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:16:50, on 02.04.2023
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.22621.0001)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.208.923.0_x86__zpdnekdrzrea0\Spotify.exe
C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.208.923.0_x86__zpdnekdrzrea0\Spotify.exe
C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.208.923.0_x86__zpdnekdrzrea0\Spotify.exe
C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.208.923.0_x86__zpdnekdrzrea0\Spotify.exe
C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.208.923.0_x86__zpdnekdrzrea0\Spotify.exe
C:\WINDOWS\SysWOW64\backgroundTaskHost.exe
C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.208.923.0_x86__zpdnekdrzrea0\Spotify.exe
C:\Program Files\trend micro\Tomáš.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: IEToEdge BHO - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\111.0.1661.62\BHO\ie_to_edge_bho.dll
O4 - HKLM\..\Run: [Dropbox] "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
O4 - HKLM\..\Run: [Adobe CCXProcess] C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Tomáš\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [org.whispersystems.signal-desktop] C:\Users\Tomáš\AppData\Local\Programs\signal-desktop\Signal.exe
O4 - HKCU\..\Run: [Adobe Acrobat Synchronizer] "C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe"
O4 - HKCU\..\Run: [MicrosoftEdgeAutoLaunch_A04DB29D7BBA667E0666614EBA03A945] "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O10 - Unknown file in Winsock LSP: c:\windows\system32\nlansp_c.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Inc. - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\Avast Software\Avast\aswidsagent.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\Avast Software\Avast\AvastSvc.exe
O23 - Service: Avast Firewall Service (avast! Firewall) - AVAST Software - C:\Program Files\Avast Software\Avast\afwServ.exe
O23 - Service: Avast Tools (avast! Tools) - AVAST Software - C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
O23 - Service: AvastWscReporter - AVAST Software - C:\Program Files\Avast Software\Avast\wsc_proxy.exe
O23 - Service: Avast Cleanup (CleanupPSvc) - AVAST Software - C:\Program Files\Avast Software\Cleanup\TuneupSvc.exe
O23 - Service: Intel(R) Content Protection HDCP Service (cplspcon) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_4a6499af445e8e69\IntelCpHDCPSvc.exe
O23 - Service: @%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100 (CredentialEnrollmentManagerUserSvc) - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: CredentialEnrollmentManagerUserSvc_5f73b - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: Dropbox Update Service (dbupdate) (dbupdate) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: Dropbox Update Service (dbupdatem) (dbupdatem) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: DbxSvc - Unknown owner - C:\WINDOWS\system32\DbxSvc.exe (file missing)
O23 - Service: Dell Command | Power Manager Notify (dcpm-notify) - Dell Inc. - C:\Program Files\Dell\CommandPowerManager\NotifyService.exe
O23 - Service: Dell Data Vault Service API (DDVCollectorSvcApi) - Dell Technologies Inc. - C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
O23 - Service: Dell Data Vault Collector (DDVDataCollector) - Dell Technologies Inc. - C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
O23 - Service: Dell Data Vault Processor (DDVRulesProcessor) - Dell Technologies Inc. - C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
O23 - Service: Dell Digital Delivery Services - Unknown owner - C:\Program Files (x86)\Dell Digital Delivery Services\Dell.D3.WinSvc.exe
O23 - Service: Dell SupportAssist Remediation - Dell INC. - C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe
O23 - Service: Dell Client Management Service (DellClientManagementService) - Unknown owner - C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe
O23 - Service: Dell TechHub (DellTechHub) - Dell - C:\Program Files\Dell\TechHub\Dell.TechHub.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: Avast Driver Updater (DriverUpdSvc) - AVAST Software - C:\Program Files\Avast Software\Driver Updater\DriverUpdSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @oem71.inf,%ServiceDisplayName%;Intel(R) Dynamic Tuning service (esifsvc) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_1da48d5885266bb7\esif_uf.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) (GoogleChromeElevationService) - Google LLC - C:\Program Files\Google\Chrome\Application\111.0.5563.147\elevation_service.exe
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google LLC - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google LLC - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @oem188.inf,%iaStorAfsService.ServiceName%;Intel(R) Optane(TM) Memory Service (iaStorAfsService) - Unknown owner - C:\WINDOWS\System32\iaStorAfsService.exe (file missing)
O23 - Service: Intel(R) Graphics Command Center Service (igccservice) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_5fe2e31c542e0065\OneApp.IGCC.WinService.exe
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\cui_dch.inf_amd64_b18a4e283f67c0b5\igfxCUIServiceN.exe
O23 - Service: @oem45.inf,%SocketHECIServiceName%;Intel(R) Capability Licensing Service TCP IP Interface (Intel(R) Capability Licensing Service TCP IP Interface) - Intel(R) Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_a93205b6238060e4\lib\SocketHeciServer.exe
O23 - Service: @oem45.inf,%TPMProvisioningServiceName%;Intel(R) TPM Provisioning Service (Intel(R) TPM Provisioning Service) - Intel(R) Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_a93205b6238060e4\lib\TPMProvisioningService.exe
O23 - Service: Intel(R) Audio Service (IntelAudioService) - Intel - C:\WINDOWS\System32\DriverStore\FileRepository\intcoed.inf_amd64_0c5a889d0c28d3cc\\AS\\IAS\\IntelAudioService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101 (perceptionsimulation) - Unknown owner - C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe (file missing)
O23 - Service: Rivet AP Selector Service (RAPSService) - Rivet Networks, LLC. - C:\Program Files\Rivet Networks\SmartByte\RAPSService.exe
O23 - Service: Rivet Dynamic Bandwidth Management (RNDBWM) - Rivet Networks, LLC. - C:\Program Files\Rivet Networks\SmartByte\RNDBWMService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @oem188.inf,%RstMwService.ServiceName%;Intel(R) Storage Middleware Service (RstMwService) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\iastorvd.inf_amd64_07f78c7ceeb909f7\RstMwService.exe
O23 - Service: Realtek Audio Universal Service (RtkAudioUniversalService) - Realtek Semiconductor - C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_5d66730f577c60c7\RtkAudUService64.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Avast SecureLine VPN (SecureLine) - AVAST Software - C:\Program Files\Avast Software\SecureLine VPN\VpnSvc.exe
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001 (Sense) - Unknown owner - C:\Program Files (x86)\Windows Defender Advanced Threat Protection\MsSense.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @oem69.inf,%SessionDetection%;Session Detection (SessionSvc) - Unknown owner - C:\WINDOWS\System32\drivers\SessionService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\Sgrm\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\WINDOWS\system32\Sgrm\SgrmBroker.exe (file missing)
O23 - Service: SmartByte Analytics Service - Rivet Networks - C:\Program Files\Rivet Networks\SmartByte\SmartByteAnalyticsService.exe
O23 - Service: ##ID_STRING86## (SmartByte Network Service x64) - Rivet Networks - C:\Program Files\Rivet Networks\SmartByte\SmartByteNetworkService.exe
O23 - Service: @firewallapi.dll,-50323 (SNMPTrap) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Dell SupportAssist (SupportAssistAgent) - Dell Inc. - C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
O23 - Service: @oem52.inf,%TbtP2pShortcutServiceName.SrvName%;Thunderbolt(TM) Peer to Peer Shortcut (TbtP2pShortcutService) - Intel Corporation - C:\WINDOWS\TbtP2pShortcutService.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: Waves Audio Services (WavesSysSvc) - Waves Audio Ltd. - C:\WINDOWS\System32\DriverStore\FileRepository\wavesapo9de.inf_amd64_d350b8504310bbf5\WavesSysSvc64.exe
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: Intel(R) Management Engine WMI Provider Registration (WMIRegistrationService) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_d4564390a9b1e980\WMIRegistrationService.exe
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 14842 bytes

======Listing Processes======









C:\WINDOWS\system32\lsass.exe
winlogon.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p
"fontdrvhost.exe"
"fontdrvhost.exe"
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-26d2fc97-5949-4fc7-b55c-c9c24380fa82 -SystemEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-c824f9dd-bb1f-45b5-8ec2-d97a84cf703d -IoCancelEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-9514d8f5-56f0-420e-a681-e0d4d0ef0dab -NonStateChangingEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-f1fd4b58-9578-4a49-b8b4-f08d949795fd -LifetimeId:6f157dbd-fa0d-4786-afc7-a1b0b749bfcc -DeviceGroupId:WudfDefaultDevicePool -HostArg:0
C:\WINDOWS\system32\svchost.exe -k RPCSS -p
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p -s LSM
"dwm.exe"
C:\WINDOWS\System32\svchost.exe -k netsvcs -p -s BDESVC
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s nsi
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s BthAvctpSvc
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -s BTAGService
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s bthserv
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s NcbService
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s TimeBrokerSvc
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork -p
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s Schedule
C:\WINDOWS\System32\svchost.exe -k netprofm -p -s netprofm
C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_4a6499af445e8e69\IntelCpHDCPSvc.exe
C:\WINDOWS\system32\svchost.exe -k UserProfileService -p -s ProfSvc
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DisplayEnhancementService
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s hidserv
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s Dhcp
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s DispBrokerDesktopSvc
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s UserManager
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s SensorService
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DeviceAssociationService
C:\WINDOWS\system32\svchost.exe -k osprivacy -p -s camsvc
C:\WINDOWS\system32\svchost.exe -k NetworkService -p
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation -p -s SensrSvc
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s WinHttpAutoProxySvc
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s TextInputManagementService
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s PhoneSvc
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s EventLog
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s EventSystem
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s SysMain
C:\WINDOWS\System32\svchost.exe -k netsvcs -p -s Themes

C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s SENS
C:\WINDOWS\System32\DriverStore\FileRepository\cui_dch.inf_amd64_b18a4e283f67c0b5\igfxCUIServiceN.exe
C:\WINDOWS\system32\svchost.exe -k appmodel -p -s StateRepository
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DevQueryBroker
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s AudioEndpointBuilder
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s FontCache
dashost.exe {d9e0b8b1-c350-4747-ba3044c802ad0bf7}
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-723bea4c-ae90-4fdf-80d4-858d495338a0 -SystemEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-65a6fc95-1cd3-476b-83d9-d4ed757db5ed -IoCancelEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-0f7b6703-8342-4340-8110-caf4a6eefb52 -NonStateChangingEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-c9dbfd28-aad3-4bd8-8d0b-82cf9723a24a -LifetimeId:dcd46518-e60f-498a-adc3-a2a5b104ba97 -DeviceGroupId: -HostArg:0
dashost.exe {08e52f89-e496-4516-b661362859c0b38a}
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -s RmSvc
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetworkFirewall -p
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p
C:\WINDOWS\System32\svchost.exe -k netsvcs -p -s ShellHWDetection
C:\WINDOWS\system32\svchost.exe -k WebThreatDefense -p -s webthreatdefsvc
C:\WINDOWS\System32\svchost.exe -k NetSvcs -p -s iphlpsvc
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe -k NetworkService -p -s LanmanWorkstation
C:\WINDOWS\system32\svchost.exe -k NetworkService -p
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\WINDOWS\System32\svchost.exe -k utcsvc -p
C:\WINDOWS\system32\DbxSvc.exe
C:\WINDOWS\system32\WLANExt.exe 2351950548576
C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork -p -s DPS
C:\WINDOWS\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_5fe2e31c542e0065\OneApp.IGCC.WinService.exe
"C:\WINDOWS\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_1da48d5885266bb7\esif_uf.exe"
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\WINDOWS\System32\DriverStore\FileRepository\intcoed.inf_amd64_0c5a889d0c28d3cc\\AS\\IAS\\IntelAudioService.exe
C:\WINDOWS\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s Winmgmt
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s LanmanServer
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s Netman
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s SstpSvc
C:\WINDOWS\System32\drivers\SessionService.exe
C:\WINDOWS\System32\DriverStore\FileRepository\iastorvd.inf_amd64_07f78c7ceeb909f7\RstMwService.exe
"C:\Program Files\Rivet Networks\SmartByte\SmartByteAnalyticsService.exe"
"C:\Program Files\Rivet Networks\SmartByte\SmartByteNetworkService.exe"
C:\WINDOWS\TbtP2pShortcutService.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s WpnService
C:\WINDOWS\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_d4564390a9b1e980\WMIRegistrationService.exe
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s TrkWks
sihost.exe
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup -s CDPUserSvc
C:\WINDOWS\system32\svchost.exe -k BthAppGroup -p -s BluetoothUserService
C:\WINDOWS\system32\svchost.exe -k PenService -s PenService
C:\WINDOWS\System32\svchost.exe -k netsvcs
"C:\Program Files\Rivet Networks\SmartByte\RAPSService.exe"
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s webthreatdefusersvc
"C:\WINDOWS\System32\DriverStore\FileRepository\cui_dch.inf_amd64_b18a4e283f67c0b5\igfxEMN.exe"
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s TokenBroker
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup -s WpnUserService
"RAPS.exe"
\??\C:\WINDOWS\system32\conhost.exe 0x4
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
"C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe" /c
AggregatorHost.exe
"C:\WINDOWS\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_1da48d5885266bb7\dptf_helper.exe"
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s CDPSvc
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\DriverStore\FileRepository\wavesapo9de.inf_amd64_d350b8504310bbf5\WavesSysSvc64.exe
C:\WINDOWS\system32\svchost.exe -k ClipboardSvcGroup -p -s cbdhsvc
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s Appinfo
"C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe" -ServerName:App.AppXywbrabmsek0gm3tkwpr5kwzbs55tkqay.mca
"C:\WINDOWS\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe" -ServerName:CortanaUI.AppXstmwaab17q5s3y22tp6apqz7a45vwv65.mca
"C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_423.3400.0.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe" -ServerName:Microsoft.Windows.DashboardServer
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\System32\svchost.exe -k netsvcs -p
C:\WINDOWS\System32\svchost.exe -k LocalService -p -s LicenseManager
C:\WINDOWS\system32\svchost.exe -k UdkSvcGroup -s UdkUserSvc
"C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_5d66730f577c60c7\RtkAudUService64.exe"
"C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler64.exe"
"C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_5d66730f577c60c7\RtkAudUService64.exe" -admin
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s StorSvc
"C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_5d66730f577c60c7\RtkAudUService64.exe" -background
C:\WINDOWS\system32\DllHost.exe /Processid:{973D20D7-562D-44B9-B70B-5A0F49CCDF3F}
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s UsoSvc
"C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.823.1271.0_x64__8wekyb3d8bbwe\GameBar.exe" -ServerName:App.AppXbdkk0yrkwpcgeaem8zk81k8py1eaahny.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s PcaSvc
C:\WINDOWS\system32\svchost.exe -k BcastDVRUserService -s BcastDVRUserService
"C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.823.1271.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe" -Embedding
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\WINDOWS\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TextInputHost.exe" -ServerName:InputApp.AppXjd5de1g66v206tj52m9d0dtpppx4cgpn.mca
"ctfmon.exe"
/QuitInfo:0000000000000264;00000000000002A8;
"C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_423.3400.0.0_x64__cw5n1h2txyewy\Dashboard\widgetservice.exe" -RegisterProcessAsComServer -Embedding
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation -p -s SSDPSRV
"C:\Windows\System32\SecurityHealthSystray.exe"

C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s NPSMSvc
"C:\Windows\System32\DriverStore\FileRepository\wavesapo9de.inf_amd64_d350b8504310bbf5\WavesSvc64.exe" -Jack
"C:\Users\Tomáš\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 --flag-switches-begin --flag-switches-end
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Tomáš\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Tomáš\AppData\Local\Microsoft\Edge\User Data\Crashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=111.0.5563.149 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=111.0.1661.62 --initial-client-data=0x124,0x128,0x12c,0x100,0x134,0x7ff83bdab5f8,0x7ff83bdab608,0x7ff83bdab618
"C:\Program Files\WindowsApps\MicrosoftTeams_23047.400.1873.7204_x64__8wekyb3d8bbwe\msteams.exe" ms-teams:system-initiated
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAABgAAAAAAAAAGAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2004 --field-trial-handle=1984,i,9305783207301920166,14104255688634044434,131072 /prefetch:2
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=cs --service-sandbox-type=none --mojo-platform-channel-handle=2200 --field-trial-handle=1984,i,9305783207301920166,14104255688634044434,131072 /prefetch:3
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=cs --service-sandbox-type=service --mojo-platform-channel-handle=2596 --field-trial-handle=1984,i,9305783207301920166,14104255688634044434,131072 /prefetch:8
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\111.0.1661.54\msedgewebview2.exe" --embedded-browser-webview=1 --webview-exe-name=msteams.exe --webview-exe-version=23047.400.1873.7204 --user-data-dir="C:\Users\Tomáš\AppData\Local\Packages\MicrosoftTeams_8wekyb3d8bbwe\LocalCache\Microsoft\MSTeams\EBWebView" --noerrdialogs --embedded-browser-webview-dpi-awareness=2 --disable-features=MojoIpcz,msWebOOUI --edge-webview-is-background --enable-features=msSingleSignOnOSForPrimaryAccountIsShared,msOverlayScrollbarWinStyle,msWebView2CodeCache --mojo-named-platform-channel-pipe=16280.16528.1899461765489250851 /pfhostedapp:46899ece6b74aeedd91ac43699b6096e364f7461
"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\111.0.1661.54\msedgewebview2.exe" --type=crashpad-handler --user-data-dir=C:\Users\Tomáš\AppData\Local\Packages\MicrosoftTeams_8wekyb3d8bbwe\LocalCache\Microsoft\MSTeams\EBWebView /prefetch:7 /pfhostedapp:46899ece6b74aeedd91ac43699b6096e364f7461 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Users\Tomáš\AppData\Local\Packages\MicrosoftTeams_8wekyb3d8bbwe\LocalCache\Microsoft\MSTeams\EBWebView\Crashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=111.0.5563.111 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeWebView\Application\111.0.1661.54\msedgewebview2.exe" --annotation=plat=Win64 "--annotation=prod=Edge WebView2" --annotation=ver=111.0.1661.54 --initial-client-data=0x12c,0x130,0x134,0x108,0x13c,0x7ff83c21b5f8,0x7ff83c21b608,0x7ff83c21b618
"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\111.0.1661.54\msedgewebview2.exe" --type=gpu-process --noerrdialogs --user-data-dir="C:\Users\Tomáš\AppData\Local\Packages\MicrosoftTeams_8wekyb3d8bbwe\LocalCache\Microsoft\MSTeams\EBWebView" --webview-exe-name=msteams.exe --webview-exe-version=23047.400.1873.7204 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAABgAAAAAAAAAGAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1768 --field-trial-handle=1880,i,237010070668000634,6785030624918363634,131072 --enable-features=msOverlayScrollbarWinStyle,msSingleSignOnOSForPrimaryAccountIsShared,msWebView2CodeCache --disable-features=MojoIpcz,msWebOOUI /prefetch:2 /pfhostedapp:46899ece6b74aeedd91ac43699b6096e364f7461
"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\111.0.1661.54\msedgewebview2.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=cs --service-sandbox-type=none --noerrdialogs --user-data-dir="C:\Users\Tomáš\AppData\Local\Packages\MicrosoftTeams_8wekyb3d8bbwe\LocalCache\Microsoft\MSTeams\EBWebView" --webview-exe-name=msteams.exe --webview-exe-version=23047.400.1873.7204 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --mojo-platform-channel-handle=2112 --field-trial-handle=1880,i,237010070668000634,6785030624918363634,131072 --enable-features=msOverlayScrollbarWinStyle,msSingleSignOnOSForPrimaryAccountIsShared,msWebView2CodeCache --disable-features=MojoIpcz,msWebOOUI /prefetch:3 /pfhostedapp:46899ece6b74aeedd91ac43699b6096e364f7461
"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\111.0.1661.54\msedgewebview2.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=cs --service-sandbox-type=service --noerrdialogs --user-data-dir="C:\Users\Tomáš\AppData\Local\Packages\MicrosoftTeams_8wekyb3d8bbwe\LocalCache\Microsoft\MSTeams\EBWebView" --webview-exe-name=msteams.exe --webview-exe-version=23047.400.1873.7204 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --mojo-platform-channel-handle=2396 --field-trial-handle=1880,i,237010070668000634,6785030624918363634,131072 --enable-features=msOverlayScrollbarWinStyle,msSingleSignOnOSForPrimaryAccountIsShared,msWebView2CodeCache --disable-features=MojoIpcz,msWebOOUI /prefetch:8 /pfhostedapp:46899ece6b74aeedd91ac43699b6096e364f7461
"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\111.0.1661.54\msedgewebview2.exe" --type=renderer --noerrdialogs --user-data-dir="C:\Users\Tomáš\AppData\Local\Packages\MicrosoftTeams_8wekyb3d8bbwe\LocalCache\Microsoft\MSTeams\EBWebView" --webview-exe-name=msteams.exe --webview-exe-version=23047.400.1873.7204 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --first-renderer-process --lang=cs --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --js-flags="--harmony-weak-refs-with-cleanup-some --expose-gc --ms-user-locale=cs_CZ" --time-ticks-at-unix-epoch=-1680274738222906 --launch-time-ticks=53889014 --mojo-platform-channel-handle=3056 --field-trial-handle=1880,i,237010070668000634,6785030624918363634,131072 --enable-features=msOverlayScrollbarWinStyle,msSingleSignOnOSForPrimaryAccountIsShared,msWebView2CodeCache --disable-features=MojoIpcz,msWebOOUI /pfhostedapp:46899ece6b74aeedd91ac43699b6096e364f7461 /prefetch:1
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.96.3207.0_x64__kzf8qxf38zg5c\Skype\Skype.exe"
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.96.3207.0_x64__kzf8qxf38zg5c\Skype\Skype.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Tomáš\AppData\Roaming\Microsoft\Skype for Store" /prefetch:7 --no-rate-limit --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Tomáš\AppData\Roaming\Microsoft\Skype for Store\Crashpad" --url=appcenter://generic?aid=a8902fe7-ef45-455c-8513-5e56d48e36fd&iid=d4617e74-0cd6-4a5f-5409-c099e33253e5&uid=d4617e74-0cd6-4a5f-5409-c099e33253e5 --annotation=IsOfficialBuild=1 --annotation=_companyName=Skype --annotation=_productName=skype-preview --annotation=_version=8.96.0.207 "--annotation=exe=C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.96.3207.0_x64__kzf8qxf38zg5c\Skype\Skype.exe" --annotation=plat=Win64 --annotation=prod=Electron --annotation=ver=19.1.8 --initial-client-data=0x6a8,0x6ac,0x6b0,0x6a4,0x6b4,0x7ff654b11730,0x7ff654b11740,0x7ff654b11750
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.96.3207.0_x64__kzf8qxf38zg5c\Skype\Skype.exe" --type=gpu-process --user-data-dir="C:\Users\Tomáš\AppData\Roaming\Microsoft\Skype for Store" --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2180 --field-trial-handle=2300,i,4960560151559851351,6966392090262794219,131072 --enable-features=WinUseBrowserSpellChecker,WinUseHybridSpellChecker,WinrtGeolocationImplementation --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:2
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.96.3207.0_x64__kzf8qxf38zg5c\Skype\Skype.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=cs --service-sandbox-type=none --user-data-dir="C:\Users\Tomáš\AppData\Roaming\Microsoft\Skype for Store" --mojo-platform-channel-handle=2568 --field-trial-handle=2300,i,4960560151559851351,6966392090262794219,131072 --enable-features=WinUseBrowserSpellChecker,WinUseHybridSpellChecker,WinrtGeolocationImplementation --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:8
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.96.3207.0_x64__kzf8qxf38zg5c\Skype\Skype.exe" --type=renderer --user-data-dir="C:\Users\Tomáš\AppData\Roaming\Microsoft\Skype for Store" --app-user-model-id=Microsoft.Skype.SkypeDesktop --app-path="C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.96.3207.0_x64__kzf8qxf38zg5c\Skype\resources\app.asar" --no-sandbox --no-zygote --autoplay-policy=no-user-gesture-required --disable-background-timer-throttling --ms-disable-indexeddb-transaction-timeout --lang=cs --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=4 --launch-time-ticks=59079292 --mojo-platform-channel-handle=2956 --field-trial-handle=2300,i,4960560151559851351,6966392090262794219,131072 --enable-features=WinUseBrowserSpellChecker,WinUseHybridSpellChecker,WinrtGeolocationImplementation --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand --skype-process-type=Main --skype-window-id=__MAIN_ROOT_VIEW_ID__ /prefetch:1
"C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
"C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" -type:crashpad-handler --no-upload-gzip --no-rate-limit --capture-python --no-identify-client-via-url --database=C:\Users\Tomáš\AppData\Local\Dropbox\Crashpad --metrics-dir=0 --url=https://d.dropbox.com/report_crashpad_minidump --https-pin=0x23,0xf2,0xed,0xff,0x3e,0xde,0x90,0x25,0x9a,0x9e,0x30,0xf4,0xa,0xf8,0xf9,0x12,0xa5,0xe5,0xb3,0x69,0x4e,0x69,0x38,0x44,0x3,0x41,0xf6,0x6,0xe,0x1,0x4f,0xfa --https-pin=0xaf,0xf9,0x88,0x90,0x6d,0xde,0x12,0x95,0x5d,0x9b,0xeb,0xbf,0x92,0x8f,0xdc,0xc3,0x1c,0xce,0x32,0x8d,0x5b,0x93,0x84,0xf2,0x1c,0x89,0x41,0xca,0x26,0xe2,0x3,0x91 --https-pin=0x5a,0x88,0x96,0x47,0x22,0xe,0x54,0xd6,0xbd,0x8a,0x16,0x81,0x72,0x24,0x52,0xb,0xb5,0xc7,0x8e,0x58,0x98,0x4b,0xd5,0x70,0x50,0x63,0x88,0xb9,0xde,0xf,0x7,0x5f --https-pin=0xfe,0xa2,0xb7,0xd6,0x45,0xfb,0xa7,0x3d,0x75,0x3c,0x1e,0xc9,0xa7,0x87,0xc,0x40,0xe1,0xf7,0xb0,0xc5,0x61,0xe9,0x27,0xb9,0x85,0xbf,0x71,0x18,0x66,0xe3,0x6f,0x22 --https-pin=0x76,0xee,0x85,0x90,0x37,0x4c,0x71,0x54,0x37,0xbb,0xca,0x6b,0xba,0x60,0x28,0xea,0xdd,0xe2,0xdc,0x6d,0xbb,0xb8,0xc3,0xf6,0x10,0xe8,0x51,0xf1,0x1d,0x1a,0xb7,0xf5 --https-pin=0x6d,0xbf,0xae,0x0,0xd3,0x7b,0x9c,0xd7,0x3f,0x8f,0xb4,0x7d,0xe6,0x59,0x17,0xaf,0x0,0xe0,0xdd,0xdf,0x42,0xdb,0xce,0xac,0x20,0xc1,0x7c,0x2,0x75,0xee,0x20,0x95 --https-pin=0x1e,0xa3,0xc5,0xe4,0x3e,0xd6,0x6c,0x2d,0xa2,0x98,0x3a,0x42,0xa4,0xa7,0x9b,0x1e,0x90,0x67,0x86,0xce,0x9f,0x1b,0x58,0x62,0x14,0x19,0xa0,0x4,0x63,0xa8,0x7d,0x38 --https-pin=0x87,0xaf,0x34,0xd6,0x6f,0xb3,0xf2,0xfd,0xf3,0x6e,0x9,0x11,0x1e,0x9a,0xba,0x2f,0x6f,0x44,0xb2,0x7,0xf3,0x86,0x3f,0x3d,0xb,0x54,0xb2,0x50,0x23,0x90,0x9a,0xa5 --https-pin=0xbc,0xfb,0x44,0xaa,0xb9,0xad,0x2,0x10,0x15,0x70,0x6b,0x41,0x21,0xea,0x76,0x1c,0x81,0xc9,0xe8,0x89,0x67,0x59,0xf,0x6f,0x94,0xae,0x74,0x4d,0xc8,0x8b,0x78,0xfb --https-pin=0xab,0x98,0x49,0x52,0x76,0xad,0xf1,0xec,0xaf,0xf2,0x8f,0x35,0xc5,0x30,0x48,0x78,0x1e,0x5c,0x17,0x18,0xda,0xb9,0xc8,0xe6,0x7a,0x50,0x4f,0x4f,0x6a,0x51,0x32,0x8f --https-pin=0x49,0x5,0x46,0x66,0x23,0xab,0x41,0x78,0xbe,0x92,0xac,0x5c,0xbd,0x65,0x84,0xf7,0xa1,0xe1,0x7f,0x27,0x65,0x2d,0x5a,0x85,0xaf,0x89,0x50,0x4e,0xa2,0x39,0xaa,0xaa --https-pin=0x56,0x32,0xd9,0x7b,0xfa,0x77,0x5b,0xf3,0xc9,0x9d,0xde,0xa5,0x2f,0xc2,0x55,0x34,0x10,0x86,0x40,0x16,0x72,0x9c,0x52,0xdd,0x65,0x24,0xc8,0xa9,0xc3,0xb4,0x48,0x9f --https-pin=0x2a,0x8f,0x2d,0x8a,0xf0,0xeb,0x12,0x38,0x98,0xf7,0x4c,0x86,0x6a,0xc3,0xfa,0x66,0x90,0x54,0xe2,0x3c,0x17,0xbc,0x7a,0x95,0xbd,0x2,0x34,0x19,0x2d,0xc6,0x35,0xd0 --https-pin=0x32,0xb6,0x4b,0x66,0x72,0x7a,0x20,0x63,0xe4,0x6,0x6f,0x3b,0x95,0x8c,0xb0,0xaa,0xee,0x57,0x6a,0x5e,0xce,0xfd,0x95,0x33,0x99,0xbb,0x88,0x74,0x73,0x1d,0x95,0x87 --https-pin=0xf5,0x3c,0x22,0x5,0x98,0x17,0xdd,0x96,0xf4,0x0,0x65,0x16,0x39,0xd2,0xf8,0x57,0xe2,0x10,0x70,0xa5,0x9a,0xbe,0xd9,0x7,0x94,0x0,0xd9,0xf6,0x95,0x50,0x69,0x0 --https-pin=0x67,0xdc,0x4f,0x32,0xfa,0x10,0xe7,0xd0,0x1a,0x79,0xa0,0x73,0xaa,0xc,0x9e,0x2,0x12,0xec,0x2f,0xfc,0x3d,0x77,0x9e,0xa,0xa7,0xf9,0xc0,0xf0,0xe1,0xc2,0xc8,0x93 --https-pin=0x19,0x6,0xc6,0x12,0x4d,0xbb,0x43,0x85,0x78,0xd0,0xe,0x6,0x6d,0x50,0x54,0xc6,0xc3,0x7f,0xf,0xa6,0x2,0x8c,0x5,0x54,0x5e,0x9,0x94,0xed,0xda,0xec,0x86,0x29 --https-pin=0x1d,0x75,0xd0,0x83,0x1b,0x9e,0x8,0x85,0x39,0x4d,0x32,0xc7,0xa1,0xbf,0xdb,0x3d,0xbc,0x1c,0x28,0xe2,0xb0,0xe8,0x39,0x1f,0xb1,0x35,0x98,0x1d,0xbc,0x5b,0xa9,0x36 --annotation=host_int_account1_boot=11507462497 --annotation=machine_id=59f07a10-5295-4f0f-ae24-0dba17ae47bd --annotation=platform=win "--annotation=platform_version=11 22621" --initial-client-data=0x2bc,0x2c0,0x2c4,0x298,0x2c8,0x7ff828b7bca8,0x7ff828b7bc68,0x7ff828b7bc78
"C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe"
"C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" -type:exit-monitor -method:collectupload -session-token:d4415537-dd97-4dc3-a51a-5e6b5a91a995 -target-handle:760 -target-shutdown-event:752 -target-restart-event:756 "-target-command-line:\"C:\Program Files (x86)\Dropbox\Client\Dropbox.exe\" /systemstartup" -python-version:3.8.12 -process-type:main -handler-pipe:\\.\pipe\crashpad_16844_NTBBCHKLHQTGACXV
"C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe" "C:\Program Files\Adobe\Adobe Creative Cloud Experience\js\main.js"
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s seclogon
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s lfsvc
"C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe" "-launchedbyvulcan-14364 C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe"
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.96.3207.0_x64__kzf8qxf38zg5c\Skype\Skype.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=cs --service-sandbox-type=audio --user-data-dir="C:\Users\Tomáš\AppData\Roaming\Microsoft\Skype for Store" --mojo-platform-channel-handle=3908 --field-trial-handle=2300,i,4960560151559851351,6966392090262794219,131072 --enable-features=WinUseBrowserSpellChecker,WinUseHybridSpellChecker,WinrtGeolocationImplementation --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:8
"C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=4440,18170488849296583469,15435579720719895518,131072 --disable-features=CookiesWithoutSameSiteMustBeSecure,SameSiteByDefaultCookies,SpareRendererForSitePerProcess --lang=cs --service-sandbox-type=none --standard-schemes=dbx-local --secure-schemes=dbx-local --bypasscsp-schemes --cors-schemes --fetch-schemes --service-worker-schemes --streaming-schemes --mojo-platform-channel-handle=4708 /prefetch:8
"C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" --type=gpu-process --field-trial-handle=4440,18170488849296583469,15435579720719895518,131072 --disable-features=CookiesWithoutSameSiteMustBeSecure,SameSiteByDefaultCookies,SpareRendererForSitePerProcess --crashpad-handler-ipc-pipe-name="\\.\pipe\crashpad_16844_NTBBCHKLHQTGACXV" --crashpad-annotations="product_name:desktop_client,buildid:main,buildno:Dropbox-win-170.4.5895,platform:win,platform_version:11 22621" --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --use-gl=swiftshader-webgl --mojo-platform-channel-handle=4544 /prefetch:2
"C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" --type=renderer --field-trial-handle=4440,18170488849296583469,15435579720719895518,131072 --disable-features=CookiesWithoutSameSiteMustBeSecure,SameSiteByDefaultCookies,SpareRendererForSitePerProcess --disable-gpu-compositing --lang=cs --standard-schemes=dbx-local --secure-schemes=dbx-local --bypasscsp-schemes --cors-schemes --fetch-schemes --service-worker-schemes --streaming-schemes --app-path="C:\Program Files (x86)\Dropbox\Client\170.4.5895\resources\app.asar" --enable-sandbox --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7372 /prefetch:1
"C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" --type=renderer --field-trial-handle=4440,18170488849296583469,15435579720719895518,131072 --disable-features=CookiesWithoutSameSiteMustBeSecure,SameSiteByDefaultCookies,SpareRendererForSitePerProcess --disable-gpu-compositing --lang=cs --standard-schemes=dbx-local --secure-schemes=dbx-local --bypasscsp-schemes --cors-schemes --fetch-schemes --service-worker-schemes --streaming-schemes --app-path="C:\Program Files (x86)\Dropbox\Client\170.4.5895\resources\app.asar" --enable-sandbox --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9044 /prefetch:1
C:\WINDOWS\system32\DllHost.exe /Processid:{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
"C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe"
"C:\Program Files (x86)\Dell Digital Delivery Services\Dell.D3.WinSvc.exe"
"C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe"
"C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe"
"C:\Program Files\Dell\TechHub\Dell.TechHub.exe"

"C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe"

"C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe"
"C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe"
"C:\\Program Files\\Dell\\DTP\\DataManagerSubAgent\\Dell.TechHub.DataManager.SubAgent.exe"
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\\Program Files\\Dell\\DTP\\InstrumentationSubAgent\\Dell.TechHub.Instrumentation.SubAgent.exe"
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\\Program Files\\Dell\\DTP\\DiagnosticsSubAgent\\Dell.TechHub.Diagnostics.SubAgent.exe"
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files (x86)\Dell\UpdateService\DCF\Dell.DCF.UA.Bradbury.API.SubAgent.exe"
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files\Dell\DTP\InstrumentationSubAgent\Dell.TechHub.Instrumentation.UserSessionAgent.exe"
C:\WINDOWS\system32\DllHost.exe /Processid:{7EAD5C10-8B3F-11E6-AE22-56B6B6499611}
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s DsSvc
"C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.22091.10031.0_x64__8wekyb3d8bbwe\Video.UI.exe" -ServerName:Microsoft.ZuneVideo.AppX758ya5sqdjd98rx6z7g95nw6jy7bqx9y.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding

C:\Windows\System32\RuntimeBroker.exe -Embedding

"C:\Program Files\Avast Software\Cleanup\TuneupSvc.exe"
C:\WINDOWS\System32\svchost.exe -k netprofm -p -s NlaSvc
"C:\Program Files\Avast Software\Driver Updater\DriverUpdSvc.exe"
"C:\Program Files\Avast Software\SecureLine VPN\VpnSvc.exe"


"C:\Program Files\Avast Software\Avast\aswToolsSvc.exe" /runassvc
"C:\Program Files\Avast Software\Avast\aswEngSrv.exe" /pipename="50D9D659-A2A7-0C00-DF82-819ED86B05B1" /binpath="C:\Program Files\Avast Software\Avast" /logpath="C:\ProgramData\Avast Software\Avast\log"
"C:\Program Files\Avast Software\Avast\AvastUI.exe" /welcome
"C:\Program Files\Avast Software\Avast\AvastUI.exe" --type=gpu-process --field-trial-handle=9532,8442206942431843708,10433150231617043072,131072 --disable-features=CookiesWithoutSameSiteMustBeSecure,ForcedColors,SameSiteByDefaultCookies,SameSiteDefaultChecksMethodRigorously --no-sandbox --disable-gpu-driver-bug-workarounds --log-file="C:\Users\Tomáš\AppData\Roaming\Avast Software\Avast\log\cef_log.txt" --log-severity=disable --user-agent="Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.3.3626.1895 Safari/537.36 Avastium (0.0.0)" --lang=cs-CZ --proxy-auto-detect --disable-webaudio --force-wave-audio --disable-software-rasterizer --no-sandbox --blacklist-accelerated-compositing --disable-accelerated-2d-canvas --disable-accelerated-compositing --disable-accelerated-layers --disable-accelerated-video-decode --blacklist-webgl --disable-bundled-ppapi-flash --disable-flash-3d --enable-aggressive-domstorage-flushing --enable-media-stream --disable-gpu --disable-webgl --disable-gpu-compositing --allow-file-access-from-files=1 --pack_loading_disabled=1 --gpu-preferences=SAAAAAAAAADgAABwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --use-gl=swiftshader-webgl --log-file="C:\Users\Tomáš\AppData\Roaming\Avast Software\Avast\log\cef_log.txt" --mojo-platform-channel-handle=9580 /prefetch:2
"C:\Program Files\Avast Software\Avast\AvastUI.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=9532,8442206942431843708,10433150231617043072,131072 --disable-features=CookiesWithoutSameSiteMustBeSecure,ForcedColors,SameSiteByDefaultCookies,SameSiteDefaultChecksMethodRigorously --lang=cs --service-sandbox-type=utility --no-sandbox --force-wave-audio --log-file="C:\Users\Tomáš\AppData\Roaming\Avast Software\Avast\log\cef_log.txt" --log-severity=disable --user-agent="Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.3.3626.1895 Safari/537.36 Avastium (0.0.0)" --lang=cs-CZ --proxy-auto-detect --disable-webaudio --force-wave-audio --disable-software-rasterizer --no-sandbox --blacklist-accelerated-compositing --disable-accelerated-2d-canvas --disable-accelerated-compositing --disable-accelerated-layers --disable-accelerated-video-decode --blacklist-webgl --disable-bundled-ppapi-flash --disable-flash-3d --enable-aggressive-domstorage-flushing --enable-media-stream --disable-gpu --disable-webgl --disable-gpu-compositing --allow-file-access-from-files=1 --pack_loading_disabled=1 --log-file="C:\Users\Tomáš\AppData\Roaming\Avast Software\Avast\log\cef_log.txt" --mojo-platform-channel-handle=7908 /prefetch:8
"C:\Program Files\Avast Software\Avast\AvastUI.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=9532,8442206942431843708,10433150231617043072,131072 --disable-features=CookiesWithoutSameSiteMustBeSecure,ForcedColors,SameSiteByDefaultCookies,SameSiteDefaultChecksMethodRigorously --lang=cs --service-sandbox-type=none --no-sandbox --force-wave-audio --log-file="C:\Users\Tomáš\AppData\Roaming\Avast Software\Avast\log\cef_log.txt" --log-severity=disable --user-agent="Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.3.3626.1895 Safari/537.36 Avastium (0.0.0)" --lang=cs-CZ --proxy-auto-detect --disable-webaudio --force-wave-audio --disable-software-rasterizer --no-sandbox --blacklist-accelerated-compositing --disable-accelerated-2d-canvas --disable-accelerated-compositing --disable-accelerated-layers --disable-accelerated-video-decode --blacklist-webgl --disable-bundled-ppapi-flash --disable-flash-3d --enable-aggressive-domstorage-flushing --enable-media-stream --disable-gpu --disable-webgl --disable-gpu-compositing --allow-file-access-from-files=1 --pack_loading_disabled=1 --log-file="C:\Users\Tomáš\AppData\Roaming\Avast Software\Avast\log\cef_log.txt" --mojo-platform-channel-handle=9748 /prefetch:8
"C:\Program Files\Avast Software\Avast\afwServ.exe"

C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
"C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe" -ServerName:App.AppXk7vvv12h4qrkhkbvf6j86ja45mzj5km9.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\System32\svchost.exe -k netsvcs -p -s BITS
C:\WINDOWS\system32\svchost.exe -k LocalService -s W32Time
"C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\CCLibrary.exe"
"C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\libs\node.exe" "C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\js\server.js"
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\WINDOWS\system32\svchost.exe -k PrintWorkflow -s PrintWorkflowUserSvc
taskhostw.exe
"C:\Program Files\WindowsApps\Microsoft.YourPhone_1.23022.140.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe" -ComServer:Background -Embedding
C:\WINDOWS\system32\svchost.exe -k InvSvcGroup -p -s InventorySvc
"C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe" -ServerName:WindowsDefaultLockScreen.AppX7y4nbzq37zn4ks9k7amqjywdat7d3j2z.mca
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s lmhosts
"C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\WindowsApps\Microsoft.WindowsNotepad_11.2302.26.0_x64__8wekyb3d8bbwe\Notepad\Notepad.exe" "C:\AdwCleaner\Logs\AdwCleaner[S00].txt"
"C:\Program Files\Google\Chrome\Application\chrome.exe"
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Tomáš\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=111.0.5563.147 --initial-client-data=0x124,0x128,0x12c,0x100,0x130,0x7ff88c8eba68,0x7ff88c8eba78,0x7ff88c8eba88
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAABgAAAAAAAAAGAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1708 --field-trial-handle=1812,i,5564106138447985395,10012711981894626272,131072 /prefetch:2
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=cs --service-sandbox-type=none --mojo-platform-channel-handle=2092 --field-trial-handle=1812,i,5564106138447985395,10012711981894626272,131072 /prefetch:8
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=cs --service-sandbox-type=service --mojo-platform-channel-handle=2208 --field-trial-handle=1812,i,5564106138447985395,10012711981894626272,131072 /prefetch:8
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=cs --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --time-ticks-at-unix-epoch=-1680274738212429 --launch-time-ticks=153674682439 --mojo-platform-channel-handle=3136 --field-trial-handle=1812,i,5564106138447985395,10012711981894626272,131072 /prefetch:1
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --extension-process --lang=cs --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --time-ticks-at-unix-epoch=-1680274738212429 --launch-time-ticks=153674689969 --mojo-platform-channel-handle=3144 --field-trial-handle=1812,i,5564106138447985395,10012711981894626272,131072 /prefetch:1
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --time-ticks-at-unix-epoch=-1680274738212429 --launch-time-ticks=153677064631 --mojo-platform-channel-handle=4488 --field-trial-handle=1812,i,5564106138447985395,10012711981894626272,131072 /prefetch:1
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --time-ticks-at-unix-epoch=-1680274738212429 --launch-time-ticks=153678571502 --mojo-platform-channel-handle=4360 --field-trial-handle=1812,i,5564106138447985395,10012711981894626272,131072 /prefetch:1
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --time-ticks-at-unix-epoch=-1680274738212429 --launch-time-ticks=153678918966 --mojo-platform-channel-handle=5320 --field-trial-handle=1812,i,5564106138447985395,10012711981894626272,131072 /prefetch:1
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --time-ticks-at-unix-epoch=-1680274738212429 --launch-time-ticks=153680136462 --mojo-platform-channel-handle=5764 --field-trial-handle=1812,i,5564106138447985395,10012711981894626272,131072 /prefetch:1
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --time-ticks-at-unix-epoch=-1680274738212429 --launch-time-ticks=153680143073 --mojo-platform-channel-handle=6160 --field-trial-handle=1812,i,5564106138447985395,10012711981894626272,131072 /prefetch:1
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --time-ticks-at-unix-epoch=-1680274738212429 --launch-time-ticks=153682793214 --mojo-platform-channel-handle=6524 --field-trial-handle=1812,i,5564106138447985395,10012711981894626272,131072 /prefetch:1
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --time-ticks-at-unix-epoch=-1680274738212429 --launch-time-ticks=153686027116 --mojo-platform-channel-handle=7236 --field-trial-handle=1812,i,5564106138447985395,10012711981894626272,131072 /prefetch:1
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --time-ticks-at-unix-epoch=-1680274738212429 --launch-time-ticks=153686063481 --mojo-platform-channel-handle=7256 --field-trial-handle=1812,i,5564106138447985395,10012711981894626272,131072 /prefetch:1
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=cs --service-sandbox-type=audio --mojo-platform-channel-handle=7080 --field-trial-handle=1812,i,5564106138447985395,10012711981894626272,131072 /prefetch:8
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --time-ticks-at-unix-epoch=-1680274738212429 --launch-time-ticks=153688842255 --mojo-platform-channel-handle=7640 --field-trial-handle=1812,i,5564106138447985395,10012711981894626272,131072 /prefetch:1
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --time-ticks-at-unix-epoch=-1680274738212429 --launch-time-ticks=153691048634 --mojo-platform-channel-handle=7844 --field-trial-handle=1812,i,5564106138447985395,10012711981894626272,131072 /prefetch:1
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --time-ticks-at-unix-epoch=-1680274738212429 --launch-time-ticks=153694871839 --mojo-platform-channel-handle=8288 --field-trial-handle=1812,i,5564106138447985395,10012711981894626272,131072 /prefetch:1
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --time-ticks-at-unix-epoch=-1680274738212429 --launch-time-ticks=153727422818 --mojo-platform-channel-handle=5864 --field-trial-handle=1812,i,5564106138447985395,10012711981894626272,131072 /prefetch:1
"C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2310.3.0_x64__cv1g1gvanyjgm\WhatsApp.exe" -ServerName:App.AppXkf4yh0averk473g9chjmra34tgccdh3d.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\system32\AUDIODG.EXE 0x0000000000000A08
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --time-ticks-at-unix-epoch=-1680274738212429 --launch-time-ticks=154248196244 --mojo-platform-channel-handle=8592 --field-trial-handle=1812,i,5564106138447985395,10012711981894626272,131072 /prefetch:1
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=67 --time-ticks-at-unix-epoch=-1680274738212429 --launch-time-ticks=154259266518 --mojo-platform-channel-handle=9496 --field-trial-handle=1812,i,5564106138447985395,10012711981894626272,131072 /prefetch:1
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=69 --time-ticks-at-unix-epoch=-1680274738212429 --launch-time-ticks=154280191149 --mojo-platform-channel-handle=9620 --field-trial-handle=1812,i,5564106138447985395,10012711981894626272,131072 /prefetch:1
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=70 --time-ticks-at-unix-epoch=-1680274738212429 --launch-time-ticks=154281896686 --mojo-platform-channel-handle=4040 --field-trial-handle=1812,i,5564106138447985395,10012711981894626272,131072 /prefetch:1
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=81 --time-ticks-at-unix-epoch=-1680274738212429 --launch-time-ticks=156585039049 --mojo-platform-channel-handle=9992 --field-trial-handle=1812,i,5564106138447985395,10012711981894626272,131072 /prefetch:1
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=85 --time-ticks-at-unix-epoch=-1680274738212429 --launch-time-ticks=156623915391 --mojo-platform-channel-handle=7788 --field-trial-handle=1812,i,5564106138447985395,10012711981894626272,131072 /prefetch:1
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=86 --time-ticks-at-unix-epoch=-1680274738212429 --launch-time-ticks=156673255820 --mojo-platform-channel-handle=9720 --field-trial-handle=1812,i,5564106138447985395,10012711981894626272,131072 /prefetch:1
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=87 --time-ticks-at-unix-epoch=-1680274738212429 --launch-time-ticks=156696061930 --mojo-platform-channel-handle=9836 --field-trial-handle=1812,i,5564106138447985395,10012711981894626272,131072 /prefetch:1
"C:\Windows\ImmersiveControlPanel\SystemSettings.exe" -ServerName:microsoft.windows.immersivecontrolpanel
C:\Windows\System32\oobe\UserOOBEBroker.exe -Embedding
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k smphost
"C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:Fusion.AppX0saracyrtmrtyxd1hzmbgtpq1vgsw0we.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding


C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s wlidsvc
Spotify.exe
"C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.208.923.0_x86__zpdnekdrzrea0\Spotify.exe" --type=crashpad-handler /prefetch:7 --max-uploads=5 --max-db-size=20 --max-db-age=5 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Tomáš\AppData\Local\SpotifyAppX\User Data\Crashpad" "--metrics-dir=C:\Users\Tomáš\AppData\Local\SpotifyAppX\User Data" --url=https://crashdump.spotify.com:443/ --annotation=platform=win32 --annotation=product=spotify --annotation=version=1.2.8.923 --initial-client-data=0x5a8,0x5ac,0x5b0,0x5a4,0x5b4,0x67f4c0c0,0x67f4c0d0,0x67f4c0dc
"C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.208.923.0_x86__zpdnekdrzrea0\Spotify.exe" --type=gpu-process --disable-d3d11 --log-severity=disable --user-agent-product="Chrome/111.0.5563.65 Spotify/1.2.8.923" --lang=cs --user-data-dir="C:\Users\Tomáš\AppData\Local\SpotifyAppX\User Data" --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAABgAAAAAAAAAGAAAAAAAAAAIAAAAAAAAAAgAAAAAAAAACAAAAAAAAAA= --log-file="C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.208.923.0_x86__zpdnekdrzrea0\debug.log" --mojo-platform-channel-handle=2096 --field-trial-handle=2052,i,14148341609017045547,15940668467529853198,131072 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,WinUseBrowserSpellChecker /prefetch:2
"C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.208.923.0_x86__zpdnekdrzrea0\Spotify.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --log-severity=disable --user-agent-product="Chrome/111.0.5563.65 Spotify/1.2.8.923" --lang=cs --user-data-dir="C:\Users\Tomáš\AppData\Local\SpotifyAppX\User Data" --log-file="C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.208.923.0_x86__zpdnekdrzrea0\debug.log" --mojo-platform-channel-handle=3320 --field-trial-handle=2052,i,14148341609017045547,15940668467529853198,131072 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,WinUseBrowserSpellChecker /prefetch:8
"C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.208.923.0_x86__zpdnekdrzrea0\Spotify.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --log-severity=disable --user-agent-product="Chrome/111.0.5563.65 Spotify/1.2.8.923" --lang=cs --user-data-dir="C:\Users\Tomáš\AppData\Local\SpotifyAppX\User Data" --log-file="C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.208.923.0_x86__zpdnekdrzrea0\debug.log" --mojo-platform-channel-handle=3452 --field-trial-handle=2052,i,14148341609017045547,15940668467529853198,131072 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,WinUseBrowserSpellChecker /prefetch:8
"C:\WINDOWS\SysWOW64\backgroundTaskHost.exe" -ServerName:Spotify.AppXt469n91rqc91c7c1tk8hgxpvb3sxp03a.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.208.923.0_x86__zpdnekdrzrea0\Spotify.exe" --type=renderer --log-severity=disable --user-agent-product="Chrome/111.0.5563.65 Spotify/1.2.8.923" --disable-spell-checking --user-data-dir="C:\Users\Tomáš\AppData\Local\SpotifyAppX\User Data" --first-renderer-process --log-file="C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.208.923.0_x86__zpdnekdrzrea0\debug.log" --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --time-ticks-at-unix-epoch=-1680274738225719 --launch-time-ticks=159277764363 --mojo-platform-channel-handle=4688 --field-trial-handle=2052,i,14148341609017045547,15940668467529853198,131072 --disable-features=BackForwardCache,CalculateNativeWinOcclusion,WinUseBrowserSpellChecker /prefetch:1
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s WdiSystemHost
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=cs --service-sandbox-type=service --mojo-platform-channel-handle=6972 --field-trial-handle=1812,i,5564106138447985395,10012711981894626272,131072 /prefetch:8
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=91 --time-ticks-at-unix-epoch=-1680274738212429 --launch-time-ticks=159291726069 --mojo-platform-channel-handle=6624 --field-trial-handle=1812,i,5564106138447985395,10012711981894626272,131072 /prefetch:1
"C:\WINDOWS\System32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe182_ Global\UsGthrCtrlFltPipeMssGthrPipe182 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\System32\SearchFilterHost.exe" 856 3524 3440 836 {7FC3863B-7471-4B10-84E3-A5C2E0330618}
C:\Windows\System32\smartscreen.exe -Embedding
"C:\WINDOWS\System32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-3861365247-3529069318-3897545370-1001183_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-3861365247-3529069318-3897545370-1001183 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "1"
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Users\Tomáš\Downloads\RSITx64.exe" C:\Users\Tomáš\Downloads\fixlist.txt
C:\WINDOWS\system32\wbem\scrcons.exe -Embedding
C:\WINDOWS\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\WINDOWS\tasks\DropboxUpdateTaskMachineCore.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /c
C:\WINDOWS\tasks\DropboxUpdateTaskMachineUA.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler

=========Mozilla firefox=========

ProfilePath - C:\Users\Tomáš\AppData\Roaming\Mozilla\Firefox\Profiles\f6zfj2w3.default-release

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=3.0.17.4]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Acrobat]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll


======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}]
IEToEdge BHO - C:\Program Files (x86)\Microsoft\Edge\Application\111.0.1661.62\BHO\ie_to_edge_bho_64.dll [2023-03-30 590288]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}]
IEToEdge BHO - C:\Program Files (x86)\Microsoft\Edge\Application\111.0.1661.62\BHO\ie_to_edge_bho.dll [2023-03-30 455632]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\WINDOWS\system32\SecurityHealthSystray.exe [2022-12-11 266240]
"RtkAudUService"=C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_5d66730f577c60c7\RtkAudUService64.exe [2022-09-04 3495880]
"WavesSvc"=C:\WINDOWS\System32\DriverStore\FileRepository\wavesapo9de.inf_amd64_d350b8504310bbf5\WavesSvc64.exe [2021-10-28 4422328]
"AvastUI.exe"=C:\Program Files\Avast Software\Avast\AvLaunch.exe [2023-04-01 220056]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"msedge_cleanup_{F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}"=C:\Program Files (x86)\Microsoft\EdgeWebView\Application\111.0.1661.62\Installer\setup.exe [2023-03-31 3982784]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"=C:\Users\Tomáš\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2023-03-29 2631088]
"org.whispersystems.signal-desktop"=C:\Users\Tomáš\AppData\Local\Programs\signal-desktop\Signal.exe [2023-03-23 157760376]
"Adobe Acrobat Synchronizer"=C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [2023-03-21 7475664]
"MicrosoftEdgeAutoLaunch_A04DB29D7BBA667E0666614EBA03A945"=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe [2023-03-30 4056016]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Dropbox"=C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [2023-03-20 11327200]
"Adobe CCXProcess"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [2022-11-07 129288]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-09-13 59720]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2014-01-17 421888]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CBDHSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HidSpiCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NgcCtnrSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NgcSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TextInputManagementService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{5099944A-F6B9-4057-A056-8C550228544C}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{53966CB1-4D46-4166-BF23-C522403CD495}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aswSP.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioEndpointBuilder]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioSrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CBDHSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudAddService.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudBus.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HidSpiCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsQuic]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NgcCtnrSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NgcSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TextInputManagementService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\usbaudio.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96C-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{53966CB1-4D46-4166-BF23-C522403CD495}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"EnableFullTrustStartupTasks"=2
"EnableUwpStartupTasks"=2
"SupportFullTrustStartupTasks"=1
"SupportUwpStartupTasks"=1
"FilterAdministratorToken"=1
"SlowLinkDetectEnabled"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"aux"=wdmaud.drv
"midi"=wdmaud.drv
"midimapper"=midimap.dll
"mixer"=wdmaud.drv
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wave"=wdmaud.drv
"wavemapper"=msacm32.drv
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"aux2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave2"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"aux3"=wdmaud.drv
"aux4"=wdmaud.drv
"midi3"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer3"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave3"=wdmaud.drv
"wave4"=wdmaud.drv
"aux5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave5"=wdmaud.drv
"aux1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave1"=wdmaud.drv

======File associations======

.inf - open -
.inf - install -
.ini - open -
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.txt - open -

======List of files/folders created in the last 1 month======

2023-04-02 12:09:40 ----A---- C:\WINDOWS\system32\perfh009.dat
2023-04-02 12:09:40 ----A---- C:\WINDOWS\system32\perfh005.dat
2023-04-02 12:09:40 ----A---- C:\WINDOWS\system32\perfc009.dat
2023-04-02 12:09:40 ----A---- C:\WINDOWS\system32\perfc005.dat
2023-04-02 11:39:09 ----D---- C:\AdwCleaner
2023-04-01 00:50:24 ----D---- C:\rsit
2023-04-01 00:50:24 ----D---- C:\Program Files\trend micro
2023-04-01 00:46:57 ----D---- C:\FRST
2023-04-01 00:42:47 ----D---- C:\Users\Tomáš\AppData\Roaming\Avast Software
2023-04-01 00:41:59 ----A---- C:\WINDOWS\system32\drivers\aswVpnRdr.sys
2023-04-01 00:41:38 ----A---- C:\WINDOWS\system32\icarus_rvrt.exe
2023-04-01 00:41:24 ----A---- C:\WINDOWS\system32\aswBoot.exe
2023-04-01 00:41:23 ----D---- C:\Program Files\Common Files\Avast Software
2023-04-01 00:41:23 ----A---- C:\WINDOWS\system32\drivers\aswVmm.sys
2023-04-01 00:41:23 ----A---- C:\WINDOWS\system32\drivers\aswStm.sys
2023-04-01 00:41:23 ----A---- C:\WINDOWS\system32\drivers\aswSP.sys
2023-04-01 00:41:23 ----A---- C:\WINDOWS\system32\drivers\aswSnx.sys
2023-04-01 00:41:23 ----A---- C:\WINDOWS\system32\drivers\aswRvrt.sys
2023-04-01 00:41:23 ----A---- C:\WINDOWS\system32\drivers\aswRdr2.sys
2023-04-01 00:41:23 ----A---- C:\WINDOWS\system32\drivers\aswNetHub.sys
2023-04-01 00:41:23 ----A---- C:\WINDOWS\system32\drivers\aswMonFlt.sys
2023-04-01 00:41:23 ----A---- C:\WINDOWS\system32\drivers\aswKbd.sys
2023-04-01 00:41:23 ----A---- C:\WINDOWS\system32\drivers\aswElam.sys
2023-04-01 00:41:23 ----A---- C:\WINDOWS\system32\drivers\aswbuniv.sys
2023-04-01 00:41:23 ----A---- C:\WINDOWS\system32\drivers\aswbidsh.sys
2023-04-01 00:41:23 ----A---- C:\WINDOWS\system32\drivers\aswbidsdriver.sys
2023-04-01 00:41:23 ----A---- C:\WINDOWS\system32\drivers\aswArPot.sys
2023-04-01 00:41:23 ----A---- C:\WINDOWS\system32\drivers\aswArDisk.sys
2023-04-01 00:40:55 ----D---- C:\Program Files\Avast Software
2023-04-01 00:39:47 ----D---- C:\ProgramData\Avast Software
2023-03-29 13:20:23 ----D---- C:\WINDOWS\Microsoft Antimalware
2023-03-23 11:55:24 ----D---- C:\Program Files\VirtualDJ
2023-03-23 10:12:04 ----D---- C:\Program Files\Mozilla Firefox
2023-03-23 10:07:31 ----D---- C:\Users\Tomáš\AppData\Roaming\Apple Computer
2023-03-22 23:21:30 ----D---- C:\WINDOWS\system32\appmgmt
2023-03-22 23:08:34 ----D---- C:\ProgramData\Apple Computer
2023-03-22 23:08:34 ----D---- C:\Program Files (x86)\QuickTime
2023-03-22 23:08:19 ----D---- C:\ProgramData\Apple
2023-03-22 23:08:19 ----D---- C:\Program Files (x86)\Apple Software Update
2023-03-22 23:06:23 ----D---- C:\Serato
2023-03-20 17:16:18 ----A---- C:\WINDOWS\system32\drivers\dbx-stable.sys
2023-03-20 17:16:18 ----A---- C:\WINDOWS\system32\drivers\dbx-dev.sys
2023-03-20 17:16:18 ----A---- C:\WINDOWS\system32\drivers\dbx-canary.sys
2023-03-20 17:16:18 ----A---- C:\WINDOWS\system32\DbxSvc.exe
2023-03-20 10:18:36 ----A---- C:\WINDOWS\SYSWOW64\FXSXP32.dll
2023-03-20 10:18:36 ----A---- C:\WINDOWS\SYSWOW64\FXSEXT32.dll
2023-03-20 10:18:36 ----A---- C:\WINDOWS\SYSWOW64\FXSAPI.dll
2023-03-20 10:18:36 ----A---- C:\WINDOWS\system32\WFSR.dll
2023-03-20 10:18:36 ----A---- C:\WINDOWS\system32\WFS.exe
2023-03-20 10:18:36 ----A---- C:\WINDOWS\system32\FXSUTILITY.dll
2023-03-20 10:18:36 ----A---- C:\WINDOWS\system32\FXSSVC.exe
2023-03-20 10:18:36 ----A---- C:\WINDOWS\system32\FXSST.dll
2023-03-20 10:18:36 ----A---- C:\WINDOWS\system32\FXSCOVER.exe
2023-03-20 10:18:36 ----A---- C:\WINDOWS\system32\FXSCOMPOSERES.dll
2023-03-20 10:18:36 ----A---- C:\WINDOWS\system32\FXSCOMPOSE.dll
2023-03-20 10:18:36 ----A---- C:\WINDOWS\system32\FXSAPI.dll
2023-03-20 10:18:35 ----A---- C:\WINDOWS\SYSWOW64\WMVDECOD.DLL
2023-03-20 10:18:35 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.dll
2023-03-20 10:18:35 ----A---- C:\WINDOWS\SYSWOW64\msvproc.dll
2023-03-20 10:18:35 ----A---- C:\WINDOWS\SYSWOW64\MSAudDecMFT.dll
2023-03-20 10:18:35 ----A---- C:\WINDOWS\SYSWOW64\mfsvr.dll
2023-03-20 10:18:35 ----A---- C:\WINDOWS\SYSWOW64\MFMediaEngine.dll
2023-03-20 10:18:35 ----A---- C:\WINDOWS\SYSWOW64\mfcore.dll
2023-03-20 10:18:35 ----A---- C:\WINDOWS\SYSWOW64\mfasfsrcsnk.dll
2023-03-20 10:18:35 ----A---- C:\WINDOWS\system32\HoloSHExtensions.dll
2023-03-20 10:18:35 ----A---- C:\WINDOWS\system32\DolbyDecMFT.dll
2023-03-20 10:18:34 ----A---- C:\WINDOWS\system32\WMVDECOD.DLL
2023-03-20 10:18:34 ----A---- C:\WINDOWS\system32\Windows.Media.dll
2023-03-20 10:18:34 ----A---- C:\WINDOWS\system32\msvproc.dll
2023-03-20 10:18:34 ----A---- C:\WINDOWS\system32\msmpeg2vdec.dll
2023-03-20 10:18:34 ----A---- C:\WINDOWS\system32\MSAudDecMFT.dll
2023-03-20 10:18:34 ----A---- C:\WINDOWS\system32\mfsvr.dll
2023-03-20 10:18:34 ----A---- C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2023-03-20 10:18:34 ----A---- C:\WINDOWS\system32\MFMediaEngine.dll
2023-03-20 10:18:34 ----A---- C:\WINDOWS\system32\mfds.dll
2023-03-20 10:18:34 ----A---- C:\WINDOWS\system32\mfcore.dll
2023-03-20 10:18:34 ----A---- C:\WINDOWS\system32\HolographicExtensions.dll
2023-03-20 10:18:33 ----A---- C:\WINDOWS\SYSWOW64\AppVEntSubsystems32.dll
2023-03-20 10:18:33 ----A---- C:\WINDOWS\system32\mfasfsrcsnk.dll
2023-03-20 10:18:33 ----A---- C:\WINDOWS\system32\drivers\AppvVfs.sys
2023-03-20 10:18:33 ----A---- C:\WINDOWS\system32\drivers\AppvVemgr.sys
2023-03-20 10:18:33 ----A---- C:\WINDOWS\system32\drivers\AppVStrm.sys
2023-03-20 10:18:33 ----A---- C:\WINDOWS\system32\CustomShellHost.exe
2023-03-20 10:18:33 ----A---- C:\WINDOWS\system32\AppVEntSubsystems64.dll
2023-03-20 10:18:33 ----A---- C:\WINDOWS\system32\AppVClient.exe
2023-03-20 10:18:32 ----A---- C:\WINDOWS\SYSWOW64\sendmail.dll
2023-03-20 10:18:32 ----A---- C:\WINDOWS\SYSWOW64\msvidc32.dll
2023-03-20 10:18:32 ----A---- C:\WINDOWS\SYSWOW64\msvfw32.dll
2023-03-20 10:18:32 ----A---- C:\WINDOWS\SYSWOW64\msrle32.dll
2023-03-20 10:18:32 ----A---- C:\WINDOWS\SYSWOW64\mciavi32.dll
2023-03-20 10:18:32 ----A---- C:\WINDOWS\SYSWOW64\FrameServerClient.dll
2023-03-20 10:18:32 ----A---- C:\WINDOWS\SYSWOW64\CPFilters.dll
2023-03-20 10:18:32 ----A---- C:\WINDOWS\SYSWOW64\avifil32.dll
2023-03-20 10:18:32 ----A---- C:\WINDOWS\SYSWOW64\avicap32.dll
2023-03-20 10:18:32 ----A---- C:\WINDOWS\system32\fclip.exe
2023-03-20 10:18:31 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2023-03-20 10:18:31 ----A---- C:\WINDOWS\SYSWOW64\IndexedDbLegacy.dll
2023-03-20 10:18:31 ----A---- C:\WINDOWS\SYSWOW64\ieproxy.dll
2023-03-20 10:18:31 ----A---- C:\WINDOWS\SYSWOW64\iemigplugin.dll
2023-03-20 10:18:31 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2023-03-20 10:18:31 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2023-03-20 10:18:30 ----A---- C:\WINDOWS\SYSWOW64\webplatstorageserver.dll
2023-03-20 10:18:30 ----A---- C:\WINDOWS\SYSWOW64\EdgeManager.dll
2023-03-20 10:18:30 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2023-03-20 10:18:30 ----A---- C:\WINDOWS\SYSWOW64\dswave.dll
2023-03-20 10:18:30 ----A---- C:\WINDOWS\SYSWOW64\dmusic.dll
2023-03-20 10:18:30 ----A---- C:\WINDOWS\SYSWOW64\dmsynth.dll
2023-03-20 10:18:30 ----A---- C:\WINDOWS\SYSWOW64\dmstyle.dll
2023-03-20 10:18:30 ----A---- C:\WINDOWS\SYSWOW64\dmscript.dll
2023-03-20 10:18:30 ----A---- C:\WINDOWS\SYSWOW64\dmloader.dll
2023-03-20 10:18:30 ----A---- C:\WINDOWS\SYSWOW64\dmime.dll
2023-03-20 10:18:30 ----A---- C:\WINDOWS\SYSWOW64\dmcompos.dll
2023-03-20 10:18:30 ----A---- C:\WINDOWS\SYSWOW64\dmband.dll
2023-03-20 10:18:29 ----A---- C:\WINDOWS\SYSWOW64\wtdsensor.dll
2023-03-20 10:18:29 ----A---- C:\WINDOWS\SYSWOW64\wsecedit.dll
2023-03-20 10:18:29 ----A---- C:\WINDOWS\SYSWOW64\Robocopy.exe
2023-03-20 10:18:28 ----A---- C:\WINDOWS\system32\Windows.Internal.PredictionUnit.dll
2023-03-20 10:18:28 ----A---- C:\WINDOWS\system32\vmbuspipe.dll
2023-03-20 10:18:28 ----A---- C:\WINDOWS\system32\UPPrinterInstallsCSP.dll
2023-03-20 10:18:28 ----A---- C:\WINDOWS\system32\SmartActionPlatform.dll
2023-03-20 10:18:28 ----A---- C:\WINDOWS\system32\SIHClient.exe
2023-03-20 10:18:28 ----A---- C:\WINDOWS\system32\SettingsHandlers_Clipboard.dll
2023-03-20 10:18:28 ----A---- C:\WINDOWS\system32\RDXTaskFactory.dll
2023-03-20 10:18:28 ----A---- C:\WINDOWS\system32\drivers\vmbus.sys
2023-03-20 10:18:28 ----A---- C:\WINDOWS\system32\drivers\vmbkmcl.sys
2023-03-20 10:18:28 ----A---- C:\WINDOWS\system32\CXHProvisioningServer.dll
2023-03-20 10:18:27 ----A---- C:\WINDOWS\system32\systemreset.exe
2023-03-20 10:18:27 ----A---- C:\WINDOWS\system32\SysResetErr.exe
2023-03-20 10:18:27 ----A---- C:\WINDOWS\system32\sendmail.dll
2023-03-20 10:18:27 ----A---- C:\WINDOWS\system32\ResetEngOnline.dll
2023-03-20 10:18:27 ----A---- C:\WINDOWS\system32\ResetEngine.exe
2023-03-20 10:18:27 ----A---- C:\WINDOWS\system32\ResetEngine.dll
2023-03-20 10:18:27 ----A---- C:\WINDOWS\system32\reseteng.dll
2023-03-20 10:18:27 ----A---- C:\WINDOWS\system32\rdpudd.dll
2023-03-20 10:18:27 ----A---- C:\WINDOWS\system32\msvidc32.dll
2023-03-20 10:18:27 ----A---- C:\WINDOWS\system32\msvfw32.dll
2023-03-20 10:18:27 ----A---- C:\WINDOWS\system32\msrle32.dll
2023-03-20 10:18:27 ----A---- C:\WINDOWS\system32\mciavi32.dll
2023-03-20 10:18:27 ----A---- C:\WINDOWS\system32\IESettingSync.exe
2023-03-20 10:18:27 ----A---- C:\WINDOWS\system32\iemigplugin.dll
2023-03-20 10:18:27 ----A---- C:\WINDOWS\system32\FsIso.exe
2023-03-20 10:18:27 ----A---- C:\WINDOWS\system32\FrameServerMonitor.dll
2023-03-20 10:18:27 ----A---- C:\WINDOWS\system32\FrameServerClient.dll
2023-03-20 10:18:27 ----A---- C:\WINDOWS\system32\FrameServer.dll
2023-03-20 10:18:27 ----A---- C:\WINDOWS\system32\DscCore.dll
2023-03-20 10:18:27 ----A---- C:\WINDOWS\system32\avifil32.dll
2023-03-20 10:18:27 ----A---- C:\WINDOWS\system32\avicap32.dll
2023-03-20 10:18:26 ----A---- C:\WINDOWS\system32\mshtml.dll
2023-03-20 10:18:26 ----A---- C:\WINDOWS\system32\IndexedDbLegacy.dll
2023-03-20 10:18:26 ----A---- C:\WINDOWS\system32\ieproxy.dll
2023-03-20 10:18:26 ----A---- C:\WINDOWS\system32\ieframe.dll
2023-03-20 10:18:25 ----A---- C:\WINDOWS\system32\webplatstorageserver.dll
2023-03-20 10:18:25 ----A---- C:\WINDOWS\system32\EdgeManager.dll
2023-03-20 10:18:24 ----A---- C:\WINDOWS\system32\wsecedit.dll
2023-03-20 10:18:24 ----A---- C:\WINDOWS\system32\vbsapi.dll
2023-03-20 10:18:24 ----A---- C:\WINDOWS\system32\Robocopy.exe
2023-03-20 10:18:24 ----A---- C:\WINDOWS\system32\MDMAppInstaller.exe
2023-03-20 10:18:24 ----A---- C:\WINDOWS\system32\edgehtml.dll
2023-03-20 10:18:24 ----A---- C:\WINDOWS\system32\dswave.dll
2023-03-20 10:18:24 ----A---- C:\WINDOWS\system32\dmusic.dll
2023-03-20 10:18:24 ----A---- C:\WINDOWS\system32\dmsynth.dll
2023-03-20 10:18:24 ----A---- C:\WINDOWS\system32\dmloader.dll
2023-03-20 10:18:23 ----A---- C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2023-03-20 10:18:23 ----A---- C:\WINDOWS\system32\domiprov.dll
2023-03-20 10:18:23 ----A---- C:\WINDOWS\system32\computecore.dll
2023-03-20 10:18:22 ----A---- C:\WINDOWS\SYSWOW64\SearchFolder.dll
2023-03-20 10:18:22 ----A---- C:\WINDOWS\SYSWOW64\ntprint.exe
2023-03-20 10:18:22 ----A---- C:\WINDOWS\SYSWOW64\ntprint.dll
2023-03-20 10:18:22 ----A---- C:\WINDOWS\system32\wtdsensor.dll
2023-03-20 10:18:22 ----A---- C:\WINDOWS\system32\vertdll.dll
2023-03-20 10:18:22 ----A---- C:\WINDOWS\system32\ucrtbase_enclave.dll
2023-03-20 10:18:22 ----A---- C:\WINDOWS\system32\tprtdll.dll
2023-03-20 10:18:22 ----A---- C:\WINDOWS\system32\ThreatIntelligence.dll
2023-03-20 10:18:22 ----A---- C:\WINDOWS\system32\tcbloader.dll
2023-03-20 10:18:22 ----A---- C:\WINDOWS\system32\tcblaunch.exe
2023-03-20 10:18:22 ----A---- C:\WINDOWS\system32\ssdpsrv.dll
2023-03-20 10:18:22 ----A---- C:\WINDOWS\system32\ssdpapi.dll
2023-03-20 10:18:22 ----A---- C:\WINDOWS\system32\SFAPE.dll
2023-03-20 10:18:22 ----A---- C:\WINDOWS\system32\securekernel.exe
2023-03-20 10:18:22 ----A---- C:\WINDOWS\system32\SecureBootEncodeUEFI.exe
2023-03-20 10:18:22 ----A---- C:\WINDOWS\system32\RDXService.dll
2023-03-20 10:18:22 ----A---- C:\WINDOWS\system32\kdhvcom.dll
2023-03-20 10:18:22 ----A---- C:\WINDOWS\system32\iumdll.dll
2023-03-20 10:18:22 ----A---- C:\WINDOWS\system32\iumbase.dll
2023-03-20 10:18:22 ----A---- C:\WINDOWS\system32\hvloader.dll
2023-03-20 10:18:22 ----A---- C:\WINDOWS\system32\hvix64.exe
2023-03-20 10:18:22 ----A---- C:\WINDOWS\system32\hvax64.exe
2023-03-20 10:18:22 ----A---- C:\WINDOWS\system32\drivers\wtd.sys
2023-03-20 10:18:21 ----A---- C:\WINDOWS\SYSWOW64\Windows.Graphics.Printing.Workflow.Native.dll
2023-03-20 10:18:21 ----A---- C:\WINDOWS\SYSWOW64\Windows.Graphics.Printing.Workflow.dll
2023-03-20 10:18:21 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2023-03-20 10:18:21 ----A---- C:\WINDOWS\SYSWOW64\setupapi.dll
2023-03-20 10:18:21 ----A---- C:\WINDOWS\SYSWOW64\PrintWorkflowService.dll
2023-03-20 10:18:21 ----A---- C:\WINDOWS\SYSWOW64\Print.Workflow.Source.dll
2023-03-20 10:18:21 ----A---- C:\WINDOWS\SYSWOW64\Print.PrintSupport.Source.dll
2023-03-20 10:18:21 ----A---- C:\WINDOWS\SYSWOW64\nlmsprep.dll
2023-03-20 10:18:21 ----A---- C:\WINDOWS\SYSWOW64\nlmproxy.dll
2023-03-20 10:18:21 ----A---- C:\WINDOWS\SYSWOW64\nlaapi.dll
2023-03-20 10:18:21 ----A---- C:\WINDOWS\SYSWOW64\newdev.dll
2023-03-20 10:18:21 ----A---- C:\WINDOWS\SYSWOW64\netjoin.dll
2023-03-20 10:18:21 ----A---- C:\WINDOWS\SYSWOW64\hlink.dll
2023-03-20 10:18:21 ----A---- C:\WINDOWS\SYSWOW64\gpapi.dll
2023-03-20 10:18:21 ----A---- C:\WINDOWS\SYSWOW64\FrameServerMonitorClient.dll
2023-03-20 10:18:21 ----A---- C:\WINDOWS\SYSWOW64\drvsetup.dll
2023-03-20 10:18:20 ----A---- C:\WINDOWS\SYSWOW64\Windows.Internal.Management.dll
2023-03-20 10:18:20 ----A---- C:\WINDOWS\SYSWOW64\wincredui.dll
2023-03-20 10:18:20 ----A---- C:\WINDOWS\SYSWOW64\rpchttp.dll
2023-03-20 10:18:20 ----A---- C:\WINDOWS\SYSWOW64\policymanager.dll
2023-03-20 10:18:20 ----A---- C:\WINDOWS\SYSWOW64\imm32.dll
2023-03-20 10:18:20 ----A---- C:\WINDOWS\SYSWOW64\enrollmentapi.dll
2023-03-20 10:18:20 ----A---- C:\WINDOWS\SYSWOW64\dmenrollengine.dll
2023-03-20 10:18:20 ----A---- C:\WINDOWS\SYSWOW64\dmcfgutils.dll
2023-03-20 10:18:20 ----A---- C:\WINDOWS\SYSWOW64\DMAlertListener.ProxyStub.dll
2023-03-20 10:18:20 ----A---- C:\WINDOWS\SYSWOW64\dcomp.dll
2023-03-20 10:18:20 ----A---- C:\WINDOWS\SYSWOW64\d3d9.dll
2023-03-20 10:18:20 ----A---- C:\WINDOWS\SYSWOW64\d3d8thk.dll
2023-03-20 10:18:20 ----A---- C:\WINDOWS\SYSWOW64\credprovslegacy.dll
2023-03-20 10:18:20 ----A---- C:\WINDOWS\SYSWOW64\credprovhost.dll
2023-03-20 10:18:19 ----A---- C:\WINDOWS\SYSWOW64\wusys.dll
2023-03-20 10:18:19 ----A---- C:\WINDOWS\SYSWOW64\wups.dll
2023-03-20 10:18:19 ----A---- C:\WINDOWS\SYSWOW64\wuapi.dll
2023-03-20 10:18:19 ----A---- C:\WINDOWS\SYSWOW64\wldp.dll
2023-03-20 10:18:19 ----A---- C:\WINDOWS\SYSWOW64\WinTypes.dll
2023-03-20 10:18:19 ----A---- C:\WINDOWS\SYSWOW64\wincorlib.dll
2023-03-20 10:18:19 ----A---- C:\WINDOWS\SYSWOW64\wermgr.exe
2023-03-20 10:18:19 ----A---- C:\WINDOWS\SYSWOW64\weretw.dll
2023-03-20 10:18:19 ----A---- C:\WINDOWS\SYSWOW64\werdiagcontroller.dll
2023-03-20 10:18:19 ----A---- C:\WINDOWS\SYSWOW64\wer.dll
2023-03-20 10:18:19 ----A---- C:\WINDOWS\SYSWOW64\usoapi.dll
2023-03-20 10:18:19 ----A---- C:\WINDOWS\SYSWOW64\tzres.dll
2023-03-20 10:18:19 ----A---- C:\WINDOWS\SYSWOW64\Taskmgr.exe
2023-03-20 10:18:19 ----A---- C:\WINDOWS\SYSWOW64\schannel.dll
2023-03-20 10:18:19 ----A---- C:\WINDOWS\SYSWOW64\shimeng.dll
2023-03-20 10:18:19 ----A---- C:\WINDOWS\SYSWOW64\sdbinst.exe
2023-03-20 10:18:19 ----A---- C:\WINDOWS\SYSWOW64\scecli.dll
2023-03-20 10:18:19 ----A---- C:\WINDOWS\SYSWOW64\samlib.dll
2023-03-20 10:18:19 ----A---- C:\WINDOWS\SYSWOW64\powrprof.dll
2023-03-20 10:18:19 ----A---- C:\WINDOWS\SYSWOW64\offlinesam.dll
2023-03-20 10:18:19 ----A---- C:\WINDOWS\SYSWOW64\ncrypt.dll
2023-03-20 10:18:19 ----A---- C:\WINDOWS\SYSWOW64\gdi32full.dll
2023-03-20 10:18:19 ----A---- C:\WINDOWS\SYSWOW64\dhcpcsvc6.dll
2023-03-20 10:18:19 ----A---- C:\WINDOWS\SYSWOW64\dhcpcsvc.dll
2023-03-20 10:18:19 ----A---- C:\WINDOWS\SYSWOW64\dhcpcore6.dll
2023-03-20 10:18:19 ----A---- C:\WINDOWS\SYSWOW64\dhcpcore.dll
2023-03-20 10:18:19 ----A---- C:\WINDOWS\SYSWOW64\devobj.dll
2023-03-20 10:18:19 ----A---- C:\WINDOWS\SYSWOW64\CredProvHelper.dll
2023-03-20 10:18:19 ----A---- C:\WINDOWS\SYSWOW64\CorePrivacySettingsStore.dll
2023-03-20 10:18:19 ----A---- C:\WINDOWS\SYSWOW64\combase.dll
2023-03-20 10:18:19 ----A---- C:\WINDOWS\SYSWOW64\cfgmgr32.dll
2023-03-20 10:18:19 ----A---- C:\WINDOWS\SYSWOW64\bcrypt.dll
2023-03-20 10:18:19 ----A---- C:\WINDOWS\SYSWOW64\apphelp.dll
2023-03-20 10:18:18 ----A---- C:\WINDOWS\SYSWOW64\Windows.Storage.Search.dll
2023-03-20 10:18:18 ----A---- C:\WINDOWS\SYSWOW64\Windows.StateRepositoryUpgrade.dll
2023-03-20 10:18:18 ----A---- C:\WINDOWS\SYSWOW64\Windows.StateRepositoryPS.dll
2023-03-20 10:18:18 ----A---- C:\WINDOWS\SYSWOW64\Windows.StateRepositoryCore.dll
2023-03-20 10:18:18 ----A---- C:\WINDOWS\SYSWOW64\Windows.StateRepositoryClient.dll
2023-03-20 10:18:18 ----A---- C:\WINDOWS\SYSWOW64\Windows.StateRepositoryBroker.dll
2023-03-20 10:18:18 ----A---- C:\WINDOWS\SYSWOW64\Windows.StateRepository.dll
2023-03-20 10:18:18 ----A---- C:\WINDOWS\SYSWOW64\Windows.Internal.Devices.Bluetooth.dll
2023-03-20 10:18:18 ----A---- C:\WINDOWS\SYSWOW64\user32.dll
2023-03-20 10:18:18 ----A---- C:\WINDOWS\SYSWOW64\tzautoupdate.dll
2023-03-20 10:18:18 ----A---- C:\WINDOWS\SYSWOW64\StateRepository.Core.dll
2023-03-20 10:18:18 ----A---- C:\WINDOWS\SYSWOW64\RpcRtRemote.dll
2023-03-20 10:18:18 ----A---- C:\WINDOWS\SYSWOW64\OneCoreUAPCommonProxyStub.dll
2023-03-20 10:18:18 ----A---- C:\WINDOWS\SYSWOW64\kerberos.dll
2023-03-20 10:18:18 ----A---- C:\WINDOWS\SYSWOW64\KerbClientShared.dll
2023-03-20 10:18:18 ----A---- C:\WINDOWS\SYSWOW64\InstallService.dll
2023-03-20 10:18:18 ----A---- C:\WINDOWS\SYSWOW64\daxexec.dll
2023-03-20 10:18:18 ----A---- C:\WINDOWS\SYSWOW64\D3D12Core.dll
2023-03-20 10:18:18 ----A---- C:\WINDOWS\SYSWOW64\D3D12.dll
2023-03-20 10:18:18 ----A---- C:\WINDOWS\SYSWOW64\AppxSip.dll
2023-03-20 10:18:18 ----A---- C:\WINDOWS\SYSWOW64\AppxPackaging.dll
2023-03-20 10:18:18 ----A---- C:\WINDOWS\SYSWOW64\AppXDeploymentClient.dll
2023-03-20 10:18:17 ----A---- C:\WINDOWS\SYSWOW64\WordBreakers.dll
2023-03-20 10:18:17 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Core.TextInput.dll
2023-03-20 10:18:17 ----A---- C:\WINDOWS\SYSWOW64\UserDataTimeUtil.dll
2023-03-20 10:18:17 ----A---- C:\WINDOWS\SYSWOW64\tquery.dll
2023-03-20 10:18:17 ----A---- C:\WINDOWS\SYSWOW64\TextInputMethodFormatter.dll
2023-03-20 10:18:17 ----A---- C:\WINDOWS\SYSWOW64\TextInputFramework.dll
2023-03-20 10:18:17 ----A---- C:\WINDOWS\SYSWOW64\SearchProtocolHost.exe
2023-03-20 10:18:17 ----A---- C:\WINDOWS\SYSWOW64\SearchIndexerCore.dll
2023-03-20 10:18:17 ----A---- C:\WINDOWS\SYSWOW64\SearchIndexer.exe
2023-03-20 10:18:17 ----A---- C:\WINDOWS\SYSWOW64\SearchFilterHost.exe
2023-03-20 10:18:17 ----A---- C:\WINDOWS\SYSWOW64\Search.ProtocolHandler.MAPI2.dll
2023-03-20 10:18:17 ----A---- C:\WINDOWS\SYSWOW64\mssvp.dll
2023-03-20 10:18:17 ----A---- C:\WINDOWS\SYSWOW64\mssrch.dll
2023-03-20 10:18:17 ----A---- C:\WINDOWS\SYSWOW64\mssprxy.dll
2023-03-20 10:18:17 ----A---- C:\WINDOWS\SYSWOW64\mssph.dll
2023-03-20 10:18:17 ----A---- C:\WINDOWS\SYSWOW64\mssitlb.dll
2023-03-20 10:18:17 ----A---- C:\WINDOWS\SYSWOW64\msscntrs.dll
2023-03-20 10:18:17 ----A---- C:\WINDOWS\SYSWOW64\mscms.dll
2023-03-20 10:18:17 ----A---- C:\WINDOWS\SYSWOW64\MbaeApi.dll
2023-03-20 10:18:17 ----A---- C:\WINDOWS\SYSWOW64\InputHost.dll
2023-03-20 10:18:17 ----A---- C:\WINDOWS\SYSWOW64\icm32.dll
2023-03-20 10:18:17 ----A---- C:\WINDOWS\SYSWOW64\GameInput.dll
2023-03-20 10:18:17 ----A---- C:\WINDOWS\SYSWOW64\EditBufferTestHook.dll
2023-03-20 10:18:17 ----A---- C:\WINDOWS\SYSWOW64\dxgi.dll
2023-03-20 10:18:17 ----A---- C:\WINDOWS\SYSWOW64\directxdatabasehelper.dll
2023-03-20 10:18:17 ----A---- C:\WINDOWS\SYSWOW64\d3d11.dll
2023-03-20 10:18:16 ----A---- C:\WINDOWS\SYSWOW64\windowsudk.shellcommon.dll
2023-03-20 10:18:16 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.dll
2023-03-20 10:18:16 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2023-03-20 10:18:16 ----A---- C:\WINDOWS\SYSWOW64\MsSpellCheckingFacility.dll
2023-03-20 10:18:16 ----A---- C:\WINDOWS\SYSWOW64\msctf.dll
2023-03-20 10:18:16 ----A---- C:\WINDOWS\SYSWOW64\kernel32.dll
2023-03-20 10:18:16 ----A---- C:\WINDOWS\SYSWOW64\cdprt.dll
2023-03-20 10:18:16 ----A---- C:\WINDOWS\SYSWOW64\cdp.dll
2023-03-20 10:18:15 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.FileExplorer.dll
2023-03-20 10:18:15 ----A---- C:\WINDOWS\SYSWOW64\windows.storage.dll
2023-03-20 10:18:15 ----A---- C:\WINDOWS\SYSWOW64\Windows.FileExplorer.Common.dll
2023-03-20 10:18:15 ----A---- C:\WINDOWS\SYSWOW64\ShellCommonCommonProxyStub.dll
2023-03-20 10:18:15 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2023-03-20 10:18:15 ----A---- C:\WINDOWS\SYSWOW64\shdocvw.dll
2023-03-20 10:18:15 ----A---- C:\WINDOWS\SYSWOW64\ntshrui.dll
2023-03-20 10:18:15 ----A---- C:\WINDOWS\SYSWOW64\ExplorerFrame.dll
2023-03-20 10:18:15 ----A---- C:\WINDOWS\SYSWOW64\comdlg32.dll
2023-03-20 10:18:14 ----A---- C:\WINDOWS\SYSWOW64\wscproxystub.dll
2023-03-20 10:18:14 ----A---- C:\WINDOWS\SYSWOW64\wscisvif.dll
2023-03-20 10:18:14 ----A---- C:\WINDOWS\SYSWOW64\wscapi.dll
2023-03-20 10:18:14 ----A---- C:\WINDOWS\SYSWOW64\wscadminui.exe
2023-03-20 10:18:14 ----A---- C:\WINDOWS\SYSWOW64\WpcWebFilter.dll
2023-03-20 10:18:14 ----A---- C:\WINDOWS\SYSWOW64\TpmCoreProvisioning.dll
2023-03-20 10:18:14 ----A---- C:\WINDOWS\SYSWOW64\TpmCertResources.dll
2023-03-20 10:18:14 ----A---- C:\WINDOWS\SYSWOW64\SyncSettings.dll
2023-03-20 10:18:14 ----A---- C:\WINDOWS\SYSWOW64\stobject.dll
2023-03-20 10:18:14 ----A---- C:\WINDOWS\SYSWOW64\rpcrt4.dll
2023-03-20 10:18:14 ----A---- C:\WINDOWS\SYSWOW64\OneCoreCommonProxyStub.dll
2023-03-20 10:18:14 ----A---- C:\WINDOWS\SYSWOW64\ntdll.dll
2023-03-20 10:18:14 ----A---- C:\WINDOWS\SYSWOW64\fcon.dll
2023-03-20 10:18:14 ----A---- C:\WINDOWS\SYSWOW64\explorer.exe
2023-03-20 10:18:14 ----A---- C:\WINDOWS\SYSWOW64\dsound.dll
2023-03-20 10:18:14 ----A---- C:\WINDOWS\SYSWOW64\dsdmo.dll
2023-03-20 10:18:14 ----A---- C:\WINDOWS\SYSWOW64\DmApiSetExtImplDesktop.dll
2023-03-20 10:18:14 ----A---- C:\WINDOWS\system32\ServicingUAPI.dll
2023-03-20 10:18:14 ----A---- C:\WINDOWS\system32\LsaIso.exe
2023-03-20 10:18:14 ----A---- C:\WINDOWS\system32\comdlg32.dll
2023-03-20 10:18:13 ----A---- C:\WINDOWS\system32\Windows.FileExplorer.Common.dll
2023-03-20 10:18:13 ----A---- C:\WINDOWS\system32\sppsvc.exe
2023-03-20 10:18:13 ----A---- C:\WINDOWS\system32\sppobjs.dll
2023-03-20 10:18:13 ----A---- C:\WINDOWS\system32\shell32.dll
2023-03-20 10:18:13 ----A---- C:\WINDOWS\system32\shdocvw.dll
2023-03-20 10:18:13 ----A---- C:\WINDOWS\system32\ntshrui.dll
2023-03-20 10:18:13 ----A---- C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2023-03-20 10:18:12 ----A---- C:\WINDOWS\system32\Windows.UI.FileExplorer.dll
2023-03-20 10:18:12 ----A---- C:\WINDOWS\system32\Windows.Graphics.Printing.Workflow.Native.dll
2023-03-20 10:18:12 ----A---- C:\WINDOWS\system32\Windows.Graphics.Printing.Workflow.dll
2023-03-20 10:18:12 ----A---- C:\WINDOWS\system32\Windows.Cortana.Desktop.dll
2023-03-20 10:18:12 ----A---- C:\WINDOWS\system32\setupapi.dll
2023-03-20 10:18:12 ----A---- C:\WINDOWS\system32\SettingsHandlers_nt.dll
2023-03-20 10:18:12 ----A---- C:\WINDOWS\system32\SettingsHandlers_Camera.dll
2023-03-20 10:18:12 ----A---- C:\WINDOWS\system32\SearchFolder.dll
2023-03-20 10:18:12 ----A---- C:\WINDOWS\system32\RMapi.dll
2023-03-20 10:18:12 ----A---- C:\WINDOWS\system32\PrintWorkflowService.dll
2023-03-20 10:18:12 ----A---- C:\WINDOWS\system32\Print.Workflow.Source.dll
2023-03-20 10:18:12 ----A---- C:\WINDOWS\system32\Print.PrintSupport.Source.dll
2023-03-20 10:18:12 ----A---- C:\WINDOWS\system32\pnputil.exe
2023-03-20 10:18:12 ----A---- C:\WINDOWS\system32\pnppolicy.dll
2023-03-20 10:18:12 ----A---- C:\WINDOWS\system32\ntprint.exe
2023-03-20 10:18:12 ----A---- C:\WINDOWS\system32\ntprint.dll
2023-03-20 10:18:12 ----A---- C:\WINDOWS\system32\nlmsprep.dll
2023-03-20 10:18:12 ----A---- C:\WINDOWS\system32\newdev.dll
2023-03-20 10:18:12 ----A---- C:\WINDOWS\system32\FrameServerMonitorClient.dll
2023-03-20 10:18:12 ----A---- C:\WINDOWS\system32\ExplorerFrame.dll
2023-03-20 10:18:12 ----A---- C:\WINDOWS\system32\drvsetup.dll
2023-03-20 10:18:12 ----A---- C:\WINDOWS\system32\drvinst.exe
2023-03-20 10:18:12 ----A---- C:\WINDOWS\system32\drivers\raspptp.sys
2023-03-20 10:18:12 ----A---- C:\WINDOWS\system32\drivers\raspppoe.sys
2023-03-20 10:18:12 ----A---- C:\WINDOWS\system32\AudioHandlers.dll
2023-03-20 10:18:12 ----A---- C:\WINDOWS\system32\APMonUI.dll
2023-03-20 10:18:12 ----A---- C:\WINDOWS\system32\APMon.dll
2023-03-20 10:18:12 ----A---- C:\WINDOWS\system32\AboutSettingsHandlers.dll
2023-03-20 10:18:12 ----A---- C:\WINDOWS\system32\6bea57fb-8dfb-4177-9ae8-42e8b3529933_RuntimeDeviceInstall.dll
2023-03-20 10:18:11 ----A---- C:\WINDOWS\system32\seclogon.dll
2023-03-20 10:18:11 ----A---- C:\WINDOWS\system32\nlmproxy.dll
2023-03-20 10:18:11 ----A---- C:\WINDOWS\system32\nlaapi.dll
2023-03-20 10:18:11 ----A---- C:\WINDOWS\system32\netprofmsvc.dll
2023-03-20 10:18:11 ----A---- C:\WINDOWS\system32\netjoin.dll
2023-03-20 10:18:11 ----A---- C:\WINDOWS\system32\ncsi.dll
2023-03-20 10:18:11 ----A---- C:\WINDOWS\system32\LockController.dll
2023-03-20 10:18:11 ----A---- C:\WINDOWS\system32\drivers\ahcache.sys
2023-03-20 10:18:10 ----A---- C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2023-03-20 10:18:10 ----A---- C:\WINDOWS\system32\Windows.Internal.Management.dll
2023-03-20 10:18:10 ----A---- C:\WINDOWS\system32\wincredui.dll
2023-03-20 10:18:10 ----A---- C:\WINDOWS\system32\urlmon.dll
2023-03-20 10:18:10 ----A---- C:\WINDOWS\system32\policymanager.dll
2023-03-20 10:18:10 ----A---- C:\WINDOWS\system32\omadmclient.exe
2023-03-20 10:18:10 ----A---- C:\WINDOWS\system32\mdmmigrator.dll
2023-03-20 10:18:10 ----A---- C:\WINDOWS\system32\LogonController.dll
2023-03-20 10:18:10 ----A---- C:\WINDOWS\system32\hlink.dll
2023-03-20 10:18:10 ----A---- C:\WINDOWS\system32\gpsvc.dll
2023-03-20 10:18:10 ----A---- C:\WINDOWS\system32\gpapi.dll
2023-03-20 10:18:10 ----A---- C:\WINDOWS\system32\enterprisecsps.dll
2023-03-20 10:18:10 ----A---- C:\WINDOWS\system32\enrollmentapi.dll
2023-03-20 10:18:10 ----A---- C:\WINDOWS\system32\drivers\srvnet.sys
2023-03-20 10:18:10 ----A---- C:\WINDOWS\system32\dmenrollengine.dll
2023-03-20 10:18:10 ----A---- C:\WINDOWS\system32\dmcfgutils.dll
2023-03-20 10:18:10 ----A---- C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2023-03-20 10:18:10 ----A---- C:\WINDOWS\system32\dcsvc.dll
2023-03-20 10:18:10 ----A---- C:\WINDOWS\system32\cryptcatsvc.dll
2023-03-20 10:18:10 ----A---- C:\WINDOWS\system32\credprovslegacy.dll
2023-03-20 10:18:10 ----A---- C:\WINDOWS\system32\credprovhost.dll
2023-03-20 10:18:10 ----A---- C:\WINDOWS\system32\configmanager2.dll
2023-03-20 10:18:09 ----A---- C:\WINDOWS\SYSWOW64\KernelBase.dll
2023-03-20 10:18:09 ----A---- C:\WINDOWS\SYSWOW64\bcryptprimitives.dll
2023-03-20 10:18:09 ----A---- C:\WINDOWS\system32\winsrvext.dll
2023-03-20 10:18:09 ----A---- C:\WINDOWS\system32\uDWM.dll
2023-03-20 10:18:09 ----A---- C:\WINDOWS\system32\shimeng.dll
2023-03-20 10:18:09 ----A---- C:\WINDOWS\system32\rpchttp.dll
2023-03-20 10:18:09 ----A---- C:\WINDOWS\system32\imm32.dll
2023-03-20 10:18:09 ----A---- C:\WINDOWS\system32\dwmcore.dll
2023-03-20 10:18:09 ----A---- C:\WINDOWS\system32\drivers\refs.sys
2023-03-20 10:18:09 ----A---- C:\WINDOWS\system32\dcomp.dll
2023-03-20 10:18:09 ----A---- C:\WINDOWS\system32\d3d9.dll
2023-03-20 10:18:09 ----A---- C:\WINDOWS\system32\d3d8thk.dll
2023-03-20 10:18:09 ----A---- C:\WINDOWS\system32\cxcredprov.dll
2023-03-20 10:18:09 ----A---- C:\WINDOWS\system32\CredProvHelper.dll
2023-03-20 10:18:09 ----A---- C:\WINDOWS\system32\browserbroker.dll
2023-03-20 10:18:08 ----A---- C:\WINDOWS\system32\wermgr.exe
2023-03-20 10:18:08 ----A---- C:\WINDOWS\system32\weretw.dll
2023-03-20 10:18:08 ----A---- C:\WINDOWS\system32\werdiagcontroller.dll
2023-03-20 10:18:08 ----A---- C:\WINDOWS\system32\wer.dll
2023-03-20 10:18:08 ----A---- C:\WINDOWS\system32\VoiceAccess.exe
2023-03-20 10:18:08 ----A---- C:\WINDOWS\system32\utcutil.dll
2023-03-20 10:18:08 ----A---- C:\WINDOWS\system32\tier2punctuations.dll
2023-03-20 10:18:08 ----A---- C:\WINDOWS\system32\Taskmgr.exe
2023-03-20 10:18:08 ----A---- C:\WINDOWS\system32\SRH.dll
2023-03-20 10:18:08 ----A---- C:\WINDOWS\system32\sdbinst.exe
2023-03-20 10:18:08 ----A---- C:\WINDOWS\system32\pcasvc.dll
2023-03-20 10:18:08 ----A---- C:\WINDOWS\system32\drivers\tcpipreg.sys
2023-03-20 10:18:08 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2023-03-20 10:18:08 ----A---- C:\WINDOWS\system32\drivers\NetAdapterCx.sys
2023-03-20 10:18:08 ----A---- C:\WINDOWS\system32\drivers\FWPKCLNT.SYS
2023-03-20 10:18:08 ----A---- C:\WINDOWS\system32\appraiser.dll
2023-03-20 10:18:08 ----A---- C:\WINDOWS\system32\apphelp.dll
2023-03-20 10:18:08 ----A---- C:\WINDOWS\system32\aeinv.dll
2023-03-20 10:18:07 ----A---- C:\WINDOWS\system32\wldp.dll
2023-03-20 10:18:07 ----A---- C:\WINDOWS\system32\WinTypes.dll
2023-03-20 10:18:07 ----A---- C:\WINDOWS\system32\wincorlib.dll
2023-03-20 10:18:07 ----A---- C:\WINDOWS\system32\schannel.dll
2023-03-20 10:18:07 ----A---- C:\WINDOWS\system32\samsrv.dll
2023-03-20 10:18:07 ----A---- C:\WINDOWS\system32\samlib.dll
2023-03-20 10:18:07 ----A---- C:\WINDOWS\system32\rpcss.dll
2023-03-20 10:18:07 ----A---- C:\WINDOWS\system32\powrprof.dll
2023-03-20 10:18:07 ----A---- C:\WINDOWS\system32\offlinesam.dll
2023-03-20 10:18:07 ----A---- C:\WINDOWS\system32\offlinelsa.dll
2023-03-20 10:18:07 ----A---- C:\WINDOWS\system32\ncrypt.dll
2023-03-20 10:18:07 ----A---- C:\WINDOWS\system32\lsasrv.dll
2023-03-20 10:18:07 ----A---- C:\WINDOWS\system32\lsaadt.dll
2023-03-20 10:18:07 ----A---- C:\WINDOWS\system32\drivers\ksecpkg.sys
2023-03-20 10:18:07 ----A---- C:\WINDOWS\system32\dpapisrv.dll
2023-03-20 10:18:07 ----A---- C:\WINDOWS\system32\diagtrack.dll
2023-03-20 10:18:07 ----A---- C:\WINDOWS\system32\dhcpcsvc6.dll
2023-03-20 10:18:07 ----A---- C:\WINDOWS\system32\dhcpcsvc.dll
2023-03-20 10:18:07 ----A---- C:\WINDOWS\system32\dhcpcore6.dll
2023-03-20 10:18:07 ----A---- C:\WINDOWS\system32\dhcpcore.dll
2023-03-20 10:18:07 ----A---- C:\WINDOWS\system32\devobj.dll
2023-03-20 10:18:07 ----A---- C:\WINDOWS\system32\CorePrivacySettingsStore.dll
2023-03-20 10:18:07 ----A---- C:\WINDOWS\system32\combase.dll
2023-03-20 10:18:07 ----A---- C:\WINDOWS\system32\cfgmgr32.dll
2023-03-20 10:18:07 ----A---- C:\WINDOWS\system32\bcryptprimitives.dll
2023-03-20 10:18:07 ----A---- C:\WINDOWS\system32\bcrypt.dll
2023-03-20 10:18:06 ----A---- C:\WINDOWS\system32\usermgr.dll
2023-03-20 10:18:06 ----A---- C:\WINDOWS\system32\rpcrt4.dll
2023-03-20 10:18:06 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2023-03-20 10:18:06 ----A---- C:\WINDOWS\system32\ntdll.dll
2023-03-20 10:18:06 ----A---- C:\WINDOWS\system32\KernelBase.dll
2023-03-20 10:18:06 ----A---- C:\WINDOWS\system32\drivers\partmgr.sys
2023-03-20 10:18:06 ----A---- C:\WINDOWS\system32\drivers\ntfs.sys
2023-03-20 10:18:06 ----A---- C:\WINDOWS\system32\drivers\netio.sys
2023-03-20 10:18:06 ----A---- C:\WINDOWS\system32\drivers\msrpc.sys
2023-03-20 10:18:06 ----A---- C:\WINDOWS\system32\drivers\afd.sys
2023-03-20 10:18:05 ----A---- C:\WINDOWS\system32\winlogon.exe
2023-03-20 10:18:05 ----A---- C:\WINDOWS\system32\winload.exe
2023-03-20 10:18:05 ----A---- C:\WINDOWS\system32\tzres.dll
2023-03-20 10:18:05 ----A---- C:\WINDOWS\system32\scecli.dll
2023-03-20 10:18:05 ----A---- C:\WINDOWS\system32\hal.dll
2023-03-20 10:18:05 ----A---- C:\WINDOWS\system32\gdi32full.dll
2023-03-20 10:18:05 ----A---- C:\WINDOWS\system32\drivers\http.sys
2023-03-20 10:18:05 ----A---- C:\WINDOWS\system32\drivers\Classpnp.sys
2023-03-20 10:18:05 ----A---- C:\WINDOWS\system32\CustomInstallExec.exe
2023-03-20 10:18:05 ----A---- C:\WINDOWS\system32\ci.dll
2023-03-20 10:18:05 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2023-03-20 10:18:05 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2023-03-20 10:18:05 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2023-03-20 10:18:05 ----A---- C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2023-03-20 10:18:05 ----A---- C:\WINDOWS\system32\ApplyTrustOffline.exe
2023-03-20 10:18:05 ----A---- C:\WINDOWS\system32\AppInstallerBackgroundUpdate.exe
2023-03-20 10:18:04 ----A---- C:\WINDOWS\system32\Windows.SharedPC.AccountManager.dll
2023-03-20 10:18:04 ----A---- C:\WINDOWS\system32\ShellAppRuntime.exe
2023-03-20 10:18:04 ----A---- C:\WINDOWS\system32\SettingsHandlers_Cortana.dll
2023-03-20 10:18:04 ----A---- C:\WINDOWS\system32\QuickActionsDataModel.dll
2023-03-20 10:18:04 ----A---- C:\WINDOWS\system32\kernel32.dll
2023-03-20 10:18:04 ----A---- C:\WINDOWS\system32\CloudExperienceHostBroker.exe
2023-03-20 10:18:03 ----A---- C:\WINDOWS\system32\twinui.pcshell.dll
2023-03-20 10:18:03 ----A---- C:\WINDOWS\system32\Taskbar.dll
2023-03-20 10:18:03 ----A---- C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2023-03-20 10:18:03 ----A---- C:\WINDOWS\system32\SettingsHandlers_PCDisplay.dll
2023-03-20 10:18:02 ----A---- C:\WINDOWS\system32\wusys.dll
2023-03-20 10:18:02 ----A---- C:\WINDOWS\system32\wups2.dll
2023-03-20 10:18:02 ----A---- C:\WINDOWS\system32\wups.dll
2023-03-20 10:18:02 ----A---- C:\WINDOWS\system32\wuauserv.dll
2023-03-20 10:18:02 ----A---- C:\WINDOWS\system32\wuaueng.dll
2023-03-20 10:18:02 ----A---- C:\WINDOWS\system32\wuauclt.exe
2023-03-20 10:18:02 ----A---- C:\WINDOWS\system32\wuapi.dll
2023-03-20 10:18:02 ----A---- C:\WINDOWS\system32\Windows.Internal.Shell.XamlInputViewHost.dll
2023-03-20 10:18:02 ----A---- C:\WINDOWS\system32\Windows.Internal.HardwareConfirmator.dll
2023-03-20 10:18:02 ----A---- C:\WINDOWS\system32\usosvcimpl.dll
2023-03-20 10:18:02 ----A---- C:\WINDOWS\system32\usosvc.dll
2023-03-20 10:18:02 ----A---- C:\WINDOWS\system32\usodocked.dll
2023-03-20 10:18:02 ----A---- C:\WINDOWS\system32\usoapi.dll
2023-03-20 10:18:02 ----A---- C:\WINDOWS\system32\UpdateAgent.dll
2023-03-20 10:18:02 ----A---- C:\WINDOWS\system32\SettingsHandlers_DesktopTaskbar.dll
2023-03-20 10:18:02 ----A---- C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2023-03-20 10:18:02 ----A---- C:\WINDOWS\system32\MusUpdateHandlers.dll
2023-03-20 10:18:01 ----A---- C:\WINDOWS\system32\win32u.dll
2023-03-20 10:18:01 ----A---- C:\WINDOWS\system32\win32kfull.sys
2023-03-20 10:18:01 ----A---- C:\WINDOWS\system32\win32k.sys
2023-03-20 10:18:01 ----A---- C:\WINDOWS\system32\user32.dll
2023-03-20 10:18:01 ----A---- C:\WINDOWS\system32\SensorsUtilsV2.dll
2023-03-20 10:18:01 ----A---- C:\WINDOWS\system32\SensorsNativeApi.V2.dll
2023-03-20 10:18:01 ----A---- C:\WINDOWS\system32\SensorsNativeApi.dll
2023-03-20 10:18:01 ----A---- C:\WINDOWS\system32\SensorService.dll
2023-03-20 10:18:01 ----A---- C:\WINDOWS\system32\NetworkMobileSettings.dll
2023-03-20 10:18:01 ----A---- C:\WINDOWS\system32\Microsoft.Bluetooth.Service.dll
2023-03-20 10:18:01 ----A---- C:\WINDOWS\system32\HttpsDataSource.dll
2023-03-20 10:18:01 ----A---- C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2023-03-20 10:18:01 ----A---- C:\WINDOWS\system32\EnterpriseAppMgmtClient.dll
2023-03-20 10:18:01 ----A---- C:\WINDOWS\system32\drivers\BTHUSB.SYS
2023-03-20 10:18:01 ----A---- C:\WINDOWS\system32\drivers\bthport.sys
2023-03-20 10:18:01 ----A---- C:\WINDOWS\system32\drivers\BthMini.SYS
2023-03-20 10:18:01 ----A---- C:\WINDOWS\system32\drivers\bthenum.sys
2023-03-20 10:18:01 ----A---- C:\WINDOWS\system32\DAFWSD.dll
2023-03-20 10:18:01 ----A---- C:\WINDOWS\system32\dafBth.dll
2023-03-20 10:18:01 ----A---- C:\WINDOWS\system32\CloudDomainJoinAUG.dll
2023-03-20 10:18:00 ----A---- C:\WINDOWS\system32\WordBreakers.dll
2023-03-20 10:18:00 ----A---- C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2023-03-20 10:18:00 ----A---- C:\WINDOWS\system32\win32kbase.sys
2023-03-20 10:18:00 ----A---- C:\WINDOWS\system32\tsf3gip.dll
2023-03-20 10:18:00 ----A---- C:\WINDOWS\system32\tquery.dll
2023-03-20 10:18:00 ----A---- C:\WINDOWS\system32\TextInputMethodFormatter.dll
2023-03-20 10:18:00 ----A---- C:\WINDOWS\system32\TextInputFramework.dll
2023-03-20 10:18:00 ----A---- C:\WINDOWS\system32\SearchProtocolHost.exe
2023-03-20 10:18:00 ----A---- C:\WINDOWS\system32\SearchIndexerCore.dll
2023-03-20 10:18:00 ----A---- C:\WINDOWS\system32\SearchIndexer.exe
2023-03-20 10:18:00 ----A---- C:\WINDOWS\system32\SearchFilterHost.exe
2023-03-20 10:18:00 ----A---- C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2023-03-20 10:18:00 ----A---- C:\WINDOWS\system32\mssvp.dll
2023-03-20 10:18:00 ----A---- C:\WINDOWS\system32\mssrch.dll
2023-03-20 10:18:00 ----A---- C:\WINDOWS\system32\mssprxy.dll
2023-03-20 10:18:00 ----A---- C:\WINDOWS\system32\mssph.dll
2023-03-20 10:18:00 ----A---- C:\WINDOWS\system32\mssitlb.dll
2023-03-20 10:18:00 ----A---- C:\WINDOWS\system32\msscntrs.dll
2023-03-20 10:18:00 ----A---- C:\WINDOWS\system32\mscms.dll
2023-03-20 10:18:00 ----A---- C:\WINDOWS\system32\InputService.dll
2023-03-20 10:18:00 ----A---- C:\WINDOWS\system32\InputLocaleManager.dll
2023-03-20 10:18:00 ----A---- C:\WINDOWS\system32\icm32.dll
2023-03-20 10:18:00 ----A---- C:\WINDOWS\system32\EditBufferTestHook.dll
2023-03-20 10:18:00 ----A---- C:\WINDOWS\system32\dxgi.dll
2023-03-20 10:18:00 ----A---- C:\WINDOWS\system32\directxdatabasehelper.dll
2023-03-20 10:18:00 ----A---- C:\WINDOWS\system32\d3d11.dll
2023-03-20 10:18:00 ----A---- C:\WINDOWS\system32\CSystemEventsBrokerClient.dll
2023-03-20 10:17:59 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.Resources.Common.dll
2023-03-20 10:17:59 ----A---- C:\WINDOWS\system32\UserDataTimeUtil.dll
2023-03-20 10:17:59 ----A---- C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2023-03-20 10:17:59 ----A---- C:\WINDOWS\system32\smartscreen.exe
2023-03-20 10:17:59 ----A---- C:\WINDOWS\system32\ProximityService.dll
2023-03-20 10:17:59 ----A---- C:\WINDOWS\system32\modernexecserver.dll
2023-03-20 10:17:59 ----A---- C:\WINDOWS\system32\MbaeApi.dll
2023-03-20 10:17:59 ----A---- C:\WINDOWS\system32\InputHost.dll
2023-03-20 10:17:59 ----A---- C:\WINDOWS\system32\GameInput.dll
2023-03-20 10:17:59 ----A---- C:\WINDOWS\system32\doclient.dll
2023-03-20 10:17:59 ----A---- C:\WINDOWS\system32\appinfo.dll
2023-03-20 10:17:58 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll
2023-03-20 10:17:58 ----A---- C:\WINDOWS\system32\updatepolicy.dll
2023-03-20 10:17:58 ----A---- C:\WINDOWS\system32\drivers\dxgmms2.sys
2023-03-20 10:17:58 ----A---- C:\WINDOWS\system32\drivers\dxgmms1.sys
2023-03-20 10:17:58 ----A---- C:\WINDOWS\system32\cdprt.dll
2023-03-20 10:17:58 ----A---- C:\WINDOWS\system32\cdp.dll
2023-03-20 10:17:57 ----A---- C:\WINDOWS\system32\Windows.Storage.Search.dll
2023-03-20 10:17:57 ----A---- C:\WINDOWS\system32\Windows.Internal.Devices.Bluetooth.dll
2023-03-20 10:17:57 ----A---- C:\WINDOWS\system32\tzautoupdate.dll
2023-03-20 10:17:57 ----A---- C:\WINDOWS\system32\StateRepository.Core.dll
2023-03-20 10:17:57 ----A---- C:\WINDOWS\system32\RpcRtRemote.dll
2023-03-20 10:17:57 ----A---- C:\WINDOWS\system32\PsmServiceExtHost.dll
2023-03-20 10:17:57 ----A---- C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2023-03-20 10:17:57 ----A---- C:\WINDOWS\system32\kerberos.dll
2023-03-20 10:17:57 ----A---- C:\WINDOWS\system32\KerbClientShared.dll
2023-03-20 10:17:57 ----A---- C:\WINDOWS\system32\drivers\dxgkrnl.sys
2023-03-20 10:17:57 ----A---- C:\WINDOWS\system32\D3D12Core.dll
2023-03-20 10:17:57 ----A---- C:\WINDOWS\system32\D3D12.dll
2023-03-20 10:17:57 ----A---- C:\WINDOWS\system32\cdd.dll
2023-03-20 10:17:56 ----A---- C:\WINDOWS\system32\windows.storage.dll
2023-03-20 10:17:56 ----A---- C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll
2023-03-20 10:17:56 ----A---- C:\WINDOWS\system32\Windows.StateRepositoryPS.dll
2023-03-20 10:17:56 ----A---- C:\WINDOWS\system32\Windows.StateRepositoryCore.dll
2023-03-20 10:17:56 ----A---- C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2023-03-20 10:17:56 ----A---- C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2023-03-20 10:17:56 ----A---- C:\WINDOWS\system32\Windows.StateRepository.dll
2023-03-20 10:17:56 ----A---- C:\WINDOWS\system32\AppxSip.dll
2023-03-20 10:17:56 ----A---- C:\WINDOWS\system32\AppxPackaging.dll
2023-03-20 10:17:56 ----A---- C:\WINDOWS\system32\AppXDeploymentClient.dll
2023-03-20 10:17:55 ----A---- C:\WINDOWS\system32\windowsudkservices.shellcommon.dll
2023-03-20 10:17:55 ----A---- C:\WINDOWS\system32\windowsudk.shellcommon.dll
2023-03-20 10:17:55 ----A---- C:\WINDOWS\system32\Windows.CloudStore.Schema.Shell.dll
2023-03-20 10:17:55 ----A---- C:\WINDOWS\system32\twinui.dll
2023-03-20 10:17:55 ----A---- C:\WINDOWS\system32\themeui.dll
2023-03-20 10:17:55 ----A---- C:\WINDOWS\system32\TabSvc.dll
2023-03-20 10:17:55 ----A---- C:\WINDOWS\system32\msctf.dll
2023-03-20 10:17:54 ----A---- C:\WINDOWS\system32\wscsvc.dll
2023-03-20 10:17:54 ----A---- C:\WINDOWS\system32\wscproxystub.dll
2023-03-20 10:17:54 ----A---- C:\WINDOWS\system32\wscisvif.dll
2023-03-20 10:17:54 ----A---- C:\WINDOWS\system32\wscapi.dll
2023-03-20 10:17:54 ----A---- C:\WINDOWS\system32\wscadminui.exe
2023-03-20 10:17:54 ----A---- C:\WINDOWS\system32\Windows.Internal.Signals.dll
2023-03-20 10:17:54 ----A---- C:\WINDOWS\system32\win32spl.dll
2023-03-20 10:17:54 ----A---- C:\WINDOWS\system32\WFDSConMgrSvc.dll
2023-03-20 10:17:54 ----A---- C:\WINDOWS\system32\WFDSConMgr.dll
2023-03-20 10:17:54 ----A---- C:\WINDOWS\system32\usbmon.dll
2023-03-20 10:17:54 ----A---- C:\WINDOWS\system32\TpmTasks.dll
2023-03-20 10:17:54 ----A---- C:\WINDOWS\system32\TpmCoreProvisioning.dll
2023-03-20 10:17:54 ----A---- C:\WINDOWS\system32\TpmCertResources.dll
2023-03-20 10:17:54 ----A---- C:\WINDOWS\system32\SyncSettings.dll
2023-03-20 10:17:54 ----A---- C:\WINDOWS\system32\stobject.dll
2023-03-20 10:17:54 ----A---- C:\WINDOWS\system32\spoolsv.exe
2023-03-20 10:17:54 ----A---- C:\WINDOWS\system32\spoolss.dll
2023-03-20 10:17:54 ----A---- C:\WINDOWS\system32\ShellCommonCommonProxyStub.dll
2023-03-20 10:17:54 ----A---- C:\WINDOWS\system32\SettingsHandlers_WorkAccess.dll
2023-03-20 10:17:54 ----A---- C:\WINDOWS\system32\SettingsHandlers_OneCore_PowerAndSleep.dll
2023-03-20 10:17:54 ----A---- C:\WINDOWS\system32\SettingsHandlers_OneCore_BatterySaver.dll
2023-03-20 10:17:54 ----A---- C:\WINDOWS\system32\SettingsHandlers_InputPersonalization.dll
2023-03-20 10:17:54 ----A---- C:\WINDOWS\system32\PrintIsolationProxy.dll
2023-03-20 10:17:54 ----A---- C:\WINDOWS\system32\PrinterCleanupTask.dll
2023-03-20 10:17:54 ----A---- C:\WINDOWS\system32\localui.dll
2023-03-20 10:17:54 ----A---- C:\WINDOWS\system32\localspl.dll
2023-03-20 10:17:54 ----A---- C:\WINDOWS\system32\FaxPrinterInstaller.dll
2023-03-20 10:17:54 ----A---- C:\WINDOWS\splwow64.exe
2023-03-20 10:17:54 ----A---- C:\WINDOWS\explorer.exe
2023-03-20 10:17:53 ----A---- C:\WINDOWS\system32\WpcWebFilter.dll
2023-03-20 10:17:53 ----A---- C:\WINDOWS\system32\hspfw.dll
2023-03-20 10:17:53 ----A---- C:\WINDOWS\system32\DmApiSetExtImplDesktop.dll
2023-03-20 10:17:52 ----A---- C:\WINDOWS\system32\drivers\vhdmp.sys
2023-03-20 10:17:51 ----A---- C:\WINDOWS\system32\drivers\processr.sys
2023-03-20 10:17:51 ----A---- C:\WINDOWS\system32\drivers\intelppm.sys
2023-03-20 10:17:51 ----A---- C:\WINDOWS\system32\drivers\amdppm.sys
2023-03-20 10:17:51 ----A---- C:\WINDOWS\system32\drivers\amdk8.sys
2023-03-20 10:17:50 ----A---- C:\WINDOWS\system32\WMALFXGFXDSP.dll
2023-03-20 10:17:50 ----A---- C:\WINDOWS\system32\SysFxUI.dll
2023-03-20 10:17:50 ----A---- C:\WINDOWS\system32\MsApoFxProxy.dll
2023-03-20 10:17:50 ----A---- C:\WINDOWS\system32\kdcpw.dll
2023-03-20 10:17:50 ----A---- C:\WINDOWS\system32\drivers\portcls.sys
2023-03-20 10:17:50 ----A---- C:\WINDOWS\system32\drivers\drmkaud.sys
2023-03-20 10:17:50 ----A---- C:\WINDOWS\system32\drivers\drmk.sys
2023-03-20 10:17:50 ----A---- C:\WINDOWS\system32\drivers\AcxHdAudio.sys
2023-03-20 10:17:50 ----A---- C:\WINDOWS\system32\CloudRestoreLauncher.dll
2023-03-20 10:17:50 ----A---- C:\WINDOWS\system32\audioresourceregistrar.dll
2023-03-20 10:17:50 ----A---- C:\WINDOWS\system32\AUDIOKSE.dll
2023-03-20 10:17:50 ----A---- C:\WINDOWS\system32\AudioEndpointBuilder.dll
2023-03-20 10:17:50 ----A---- C:\WINDOWS\system32\audiodg.exe
2023-03-20 10:17:49 ----A---- C:\WINDOWS\system32\Windows.Management.Service.dll
2023-03-20 10:17:49 ----A---- C:\WINDOWS\system32\Windows.Management.ModernDeployment.ConfigProviders.dll
2023-03-20 10:17:49 ----A---- C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2023-03-20 10:17:49 ----A---- C:\WINDOWS\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
2023-03-20 10:17:49 ----A---- C:\WINDOWS\system32\umpo.dll
2023-03-20 10:17:49 ----A---- C:\WINDOWS\system32\trie.dll
2023-03-20 10:17:49 ----A---- C:\WINDOWS\system32\TaskFlowDataEngine.dll
2023-03-20 10:17:49 ----A---- C:\WINDOWS\system32\SpatialAudioLicenseSrv.exe
2023-03-20 10:17:49 ----A---- C:\WINDOWS\system32\RuleBasedDS.dll
2023-03-20 10:17:49 ----A---- C:\WINDOWS\system32\remoteaudioendpoint.dll
2023-03-20 10:17:49 ----A---- C:\WINDOWS\system32\OneCoreCommonProxyStub.dll
2023-03-20 10:17:49 ----A---- C:\WINDOWS\system32\MTFFuzzyDS.dll
2023-03-20 10:17:49 ----A---- C:\WINDOWS\system32\lpasvc.dll
2023-03-20 10:17:49 ----A---- C:\WINDOWS\system32\FluencyDS.dll
2023-03-20 10:17:49 ----A---- C:\WINDOWS\system32\fcon.dll
2023-03-20 10:17:49 ----A---- C:\WINDOWS\system32\dsound.dll
2023-03-20 10:17:49 ----A---- C:\WINDOWS\system32\dsdmo.dll
2023-03-20 10:17:49 ----A---- C:\WINDOWS\system32\drivers\fastfat.sys
2023-03-20 10:17:49 ----A---- C:\WINDOWS\system32\drivers\exfat.sys
2023-03-20 10:17:49 ----A---- C:\WINDOWS\system32\autopilot.dll
2023-03-20 10:17:49 ----A---- C:\WINDOWS\system32\audiosrv.dll
2023-03-20 10:17:49 ----A---- C:\WINDOWS\system32\AudioEng.dll
2023-03-20 10:17:43 ----A---- C:\WINDOWS\system32\tellib.dll
2023-03-20 10:15:43 ----A---- C:\WINDOWS\SYSWOW64\poqexec.exe
2023-03-20 10:15:42 ----A---- C:\WINDOWS\system32\poqexec.exe
2023-03-20 10:15:37 ----HD---- C:\$WinREAgent
2023-03-07 12:23:18 ----D---- C:\Program Files\Open Media LLC
2023-03-04 10:31:49 ----D---- C:\WINDOWS\Panther

djcharlie2
Návštěvník
Návštěvník
Příspěvky: 9
Registrován: 31 bře 2023 23:52

Re: Prosím o kontrolu

#7 Příspěvek od djcharlie2 »

======List of files/folders modified in the last 1 month======

2023-04-02 13:16:02 ----D---- C:\WINDOWS\Prefetch
2023-04-02 13:15:05 ----D---- C:\WINDOWS\Temp
2023-04-02 13:14:55 ----D---- C:\Program Files (x86)\Google
2023-04-02 13:13:18 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2023-04-02 13:09:01 ----D---- C:\WINDOWS\system32\sru
2023-04-02 12:09:40 ----D---- C:\WINDOWS\System32
2023-04-02 12:09:40 ----D---- C:\WINDOWS\INF
2023-04-02 12:09:40 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2023-04-02 11:38:09 ----D---- C:\Users\Tomáš\AppData\Roaming\Signal
2023-04-02 11:03:03 ----D---- C:\WINDOWS\system32\SleepStudy
2023-04-02 04:09:40 ----D---- C:\WINDOWS\AppReadiness
2023-04-02 04:06:29 ----SHD---- C:\System Volume Information
2023-04-01 17:31:45 ----D---- C:\Program Files (x86)\Dell Digital Delivery Services
2023-04-01 10:36:32 ----RD---- C:\WINDOWS\Microsoft.NET
2023-04-01 08:18:01 ----D---- C:\WINDOWS\SystemTemp
2023-04-01 06:49:38 ----D---- C:\WINDOWS\system32\DriverStore
2023-04-01 06:49:38 ----D---- C:\WINDOWS\system32\drivers
2023-04-01 00:50:24 ----RD---- C:\Program Files
2023-04-01 00:42:00 ----D---- C:\WINDOWS\system32\Tasks
2023-04-01 00:41:24 ----HD---- C:\WINDOWS\ELAMBKUP
2023-04-01 00:41:23 ----D---- C:\Program Files\Common Files
2023-04-01 00:40:48 ----HD---- C:\ProgramData
2023-03-31 23:58:25 ----HD---- C:\Program Files\WindowsApps
2023-03-31 17:05:21 ----D---- C:\WINDOWS\system32\Recovery
2023-03-31 17:00:27 ----D---- C:\Users\Tomáš\AppData\Roaming\DropboxElectron
2023-03-31 16:59:14 ----D---- C:\WINDOWS\system32\catroot2
2023-03-31 16:59:06 ----D---- C:\WINDOWS\ServiceState
2023-03-31 16:59:06 ----D---- C:\ProgramData\Goodix
2023-03-31 16:59:06 ----D---- C:\Intel
2023-03-31 16:59:05 ----ASH---- C:\DumpStack.log.tmp
2023-03-29 13:23:34 ----D---- C:\WINDOWS\Logs
2023-03-29 13:20:23 ----D---- C:\Windows
2023-03-29 12:31:52 ----RD---- C:\Program Files (x86)
2023-03-29 12:31:52 ----D---- C:\WINDOWS\SYSWOW64\drivers
2023-03-29 12:28:55 ----D---- C:\WINDOWS\system32\LogFiles
2023-03-29 12:27:06 ----D---- C:\ProgramData\Dell
2023-03-29 12:23:47 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2023-03-28 06:40:48 ----D---- C:\WINDOWS\system32\config
2023-03-27 23:39:32 ----D---- C:\WINDOWS\system32\drivers\wd
2023-03-27 19:51:37 ----D---- C:\WINDOWS\WinSxS
2023-03-25 11:50:11 ----D---- C:\WINDOWS\Registration
2023-03-24 13:56:49 ----SHD---- C:\WINDOWS\Installer
2023-03-24 13:56:49 ----SHD---- C:\Config.Msi
2023-03-24 13:56:32 ----D---- C:\WINDOWS\SysWOW64
2023-03-23 20:50:31 ----SD---- C:\Users\Tomáš\AppData\Roaming\Microsoft
2023-03-23 20:29:18 ----D---- C:\Program Files (x86)\Dropbox
2023-03-23 11:43:51 ----D---- C:\Users\Tomáš\AppData\Roaming\WhatsApp
2023-03-22 23:32:17 ----D---- C:\ProgramData\Package Cache
2023-03-22 23:08:46 ----D---- C:\Program Files\Internet Explorer
2023-03-22 23:08:24 ----D---- C:\Program Files (x86)\Common Files
2023-03-22 23:06:39 ----D---- C:\ProgramData\Packages
2023-03-22 23:06:39 ----D---- C:\Program Files\WinRAR
2023-03-21 16:42:47 ----SD---- C:\WINDOWS\system32\en-US
2023-03-21 16:42:47 ----SD---- C:\WINDOWS\system32\cs-CZ
2023-03-21 16:42:47 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2023-03-21 16:42:47 ----D---- C:\WINDOWS\UUS
2023-03-21 16:42:47 ----D---- C:\WINDOWS\SYSWOW64\wbem
2023-03-21 16:42:47 ----D---- C:\WINDOWS\SYSWOW64\migration
2023-03-21 16:42:47 ----D---- C:\WINDOWS\SYSWOW64\en-US
2023-03-21 16:42:47 ----D---- C:\WINDOWS\SYSWOW64\Dism
2023-03-21 16:42:47 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2023-03-21 16:42:47 ----D---- C:\WINDOWS\SystemResources
2023-03-21 16:42:47 ----D---- C:\WINDOWS\system32\wbem
2023-03-21 16:42:47 ----D---- C:\WINDOWS\system32\oobe
2023-03-21 16:42:47 ----D---- C:\WINDOWS\system32\nl-NL
2023-03-21 16:42:47 ----D---- C:\WINDOWS\system32\migration
2023-03-21 16:42:47 ----D---- C:\WINDOWS\system32\es-MX
2023-03-21 16:42:47 ----D---- C:\WINDOWS\system32\el-GR
2023-03-21 16:42:47 ----D---- C:\WINDOWS\system32\drivers\UMDF
2023-03-21 16:42:47 ----D---- C:\WINDOWS\system32\drivers\en-US
2023-03-21 16:42:47 ----D---- C:\WINDOWS\system32\drivers\cs-CZ
2023-03-21 16:42:47 ----D---- C:\WINDOWS\system32\Dism
2023-03-21 16:42:47 ----D---- C:\WINDOWS\system32\de-DE
2023-03-21 16:42:47 ----D---- C:\WINDOWS\system32\Boot
2023-03-21 16:42:47 ----D---- C:\WINDOWS\system32\appraiser
2023-03-21 16:42:47 ----D---- C:\WINDOWS\ShellExperiences
2023-03-21 16:42:47 ----D---- C:\WINDOWS\ShellComponents
2023-03-21 16:42:47 ----D---- C:\WINDOWS\Provisioning
2023-03-21 16:42:47 ----D---- C:\WINDOWS\PolicyDefinitions
2023-03-21 16:42:47 ----D---- C:\WINDOWS\bcastdvr
2023-03-21 16:42:47 ----D---- C:\WINDOWS\apppatch
2023-03-21 16:42:47 ----D---- C:\Program Files\Windows Defender Advanced Threat Protection
2023-03-20 10:20:03 ----D---- C:\WINDOWS\system32\SecurityHealth
2023-03-20 10:20:00 ----D---- C:\WINDOWS\CbsTemp
2023-03-20 10:18:15 ----A---- C:\WINDOWS\SYSWOW64\PrintConfig.dll
2023-03-15 22:42:21 ----D---- C:\WINDOWS\system32\MRT
2023-03-15 22:38:08 ----AC---- C:\WINDOWS\system32\MRT.exe
2023-03-04 10:31:22 ----D---- C:\WINDOWS\system32\WDI

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswbidsh;aswbidsh; C:\WINDOWS\system32\drivers\aswbidsh.sys [2023-04-01 297880]
R0 aswbuniv;aswbuniv; C:\WINDOWS\system32\drivers\aswbuniv.sys [2023-04-01 95960]
R0 aswVmm;aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [2023-04-01 319056]
R0 iaStorVD;@oem188.inf,%iaStorVD.ServiceName%;Intel(R) Chipset VMD RST Controller service; C:\WINDOWS\System32\drivers\iaStorVD.sys [2022-02-07 1547464]
R0 IntelPMT;@intelpmt.inf,%IntelPMT.SVCDESC%;Intel(R) Platform Monitoring Technology Service; C:\WINDOWS\System32\drivers\IntelPMT.sys [2022-05-07 87552]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\WINDOWS\system32\drivers\iorate.sys [2022-05-07 87392]
R0 MsSecFlt;@%SystemRoot%\System32\Drivers\mssecflt.sys,-1001; C:\WINDOWS\system32\drivers\mssecflt.sys [2022-12-11 394592]
R1 afunix;afunix; C:\WINDOWS\system32\drivers\afunix.sys [2022-05-07 81920]
R1 aswbidsdriver;aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdriver.sys [2023-04-01 391856]
R1 aswKbd;aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [2023-04-01 39648]
R1 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2023-04-01 268480]
R1 aswNetHub;aswNetHub; C:\WINDOWS\system32\drivers\aswNetHub.sys [2023-04-01 557136]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [2023-04-01 105248]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2023-04-01 941928]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2023-04-01 699624]
R1 bam;@%SystemRoot%\system32\drivers\bam.sys,-100; C:\WINDOWS\system32\drivers\bam.sys [2022-05-07 116056]
R1 CimFS;CimFS; C:\WINDOWS\system32\drivers\CimFS.sys [2022-05-07 173424]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2022-05-07 90112]
R2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [2023-04-01 212640]
R2 bfs;@%systemroot%\system32\drivers\bfs.sys,-100; C:\WINDOWS\system32\drivers\bfs.sys [2022-12-11 91480]
R2 bindflt;@%systemroot%\system32\drivers\bindflt.sys,-100; C:\WINDOWS\system32\drivers\bindflt.sys [2023-01-12 173424]
R2 CldFlt;Windows Cloud Files Filter Driver; C:\WINDOWS\system32\drivers\cldflt.sys [2023-01-12 569344]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2022-12-11 90112]
R3 BthA2dp;@microsoft_bluetooth_a2dp.inf,%BthA2dp.ServiceDescription%;Microsoft Bluetooth A2dp driver; C:\WINDOWS\System32\drivers\BthA2dp.sys [2022-12-11 532480]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\WINDOWS\System32\drivers\BthEnum.sys [2023-03-20 143360]
R3 BthHFAud;@microsoft_bluetooth_hfp.inf,%BTHHFAUD_DISPLAY_NAME%;Microsoft Bluetooth Hands-Free Audio driver; C:\WINDOWS\System32\drivers\BthHfAud.sys [2022-12-11 110592]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [2022-12-11 143360]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2022-05-07 159744]
R3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\drivers\BTHport.sys [2023-03-20 2052096]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\drivers\BTHUSB.sys [2023-03-20 139264]
R3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2022-05-07 90112]
R3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\WINDOWS\System32\drivers\CAD.sys [2022-05-07 99672]
R3 DellInstrumentation;@oem161.inf,%DellInstrumentation.SVCDESC%;DellInstrumentation Service; C:\WINDOWS\System32\drivers\DellInstrumentation.sys [2022-05-20 37808]
R3 dptf_acpi;dptf_acpi; C:\WINDOWS\System32\DriverStore\FileRepository\dptf_acpi.inf_amd64_d1c42ae92fd1696b\dptf_acpi.sys [2021-03-17 76952]
R3 dptf_cpu;dptf_cpu; C:\WINDOWS\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_1da48d5885266bb7\dptf_cpu.sys [2021-03-17 73368]
R3 esif_lf;esif_lf; C:\WINDOWS\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_1da48d5885266bb7\esif_lf.sys [2021-03-17 423064]
R3 HfAudio;@oem36.inf,%HfAudio.SVCDESC%;HfAudio; C:\WINDOWS\System32\drivers\HfAudio.sys [2020-11-24 83784]
R3 HID_PCI;@oem85.inf,%HID_PCI%;HID PCI Minidriver for ISS; C:\WINDOWS\System32\DriverStore\FileRepository\hid_pci.inf_amd64_8a8b0a6c84123637\HID_PCI.sys [2022-06-21 35488]
R3 HidEventFilter;@oem153.inf,%HidEventFilter%;Intel(R) HID Event Filter; C:\WINDOWS\System32\DriverStore\FileRepository\hideventfilter.inf_amd64_33c465cf6f5e81fb\HidEventFilter.sys [2020-08-11 85672]
R3 iaLPSS2_GPIO2_TGL;@oem7.inf,%iaLPSS2_GPIO2_TGL.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_gpio2_tgl.inf_amd64_c330c09d72f3e083\iaLPSS2_GPIO2_TGL.sys [2021-01-27 128664]
R3 iaLPSS2_I2C_TGL;@oem43.inf,%iaLPSS2_I2C_TGL.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_i2c_tgl.inf_amd64_312c3014729186bd\iaLPSS2_I2C_TGL.sys [2021-01-27 201376]
R3 ibtusb;@oem175.inf,%ibtusb.SVCDESC_IBT%;Intel(R) Wireless Bluetooth(R); C:\WINDOWS\System32\DriverStore\FileRepository\ibtusb.inf_amd64_b089dc0317a5d939\ibtusb.sys [2022-06-13 7178288]
R3 igfxn;igfxn; C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_4a6499af445e8e69\igdkmdn64.sys [2022-06-14 44497472]
R3 IntcAudioBus;@oem78.inf,%IntcAudioBus.SVCDESC%;Sběrnice technologie Intel® Smart Sound; C:\WINDOWS\System32\DriverStore\FileRepository\intcaudiobus.inf_amd64_f07c2a85f446ddd9\IntcAudioBus.sys [2022-06-13 313896]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2022-09-04 6181288]
R3 IntcBTAu;@oem5.inf,%IntcAud.SvcDesc%;Technologie Intel® Smart Sound pro Bluetooth® Audio; C:\WINDOWS\System32\DriverStore\FileRepository\intcbtau.inf_amd64_ad3e330549f10743\IntcBTAu.sys [2022-06-13 862752]
R3 IntcDMic;@oem19.inf,%IntcAud.SvcDesc%;Technologie Intel® Smart Sound pro digitální mikrofony; C:\WINDOWS\System32\DriverStore\FileRepository\intcdmic.inf_amd64_93182f6c5b217a2d\IntcDMic.sys [2022-06-13 747560]
R3 IntcOED;@oem65.inf,%IntcOED.SVCDESC%;OED technologie Intel® Smart Sound; C:\WINDOWS\System32\DriverStore\FileRepository\intcoed.inf_amd64_0c5a889d0c28d3cc\IntcOED.sys [2022-06-13 1173032]
R3 IntcUSB;@oem148.inf,%IntcAud.SvcDesc%;Technologie Intel® Smart Sound pro USB Audio; C:\WINDOWS\System32\DriverStore\FileRepository\intcusb.inf_amd64_566db4e95fcf6757\IntcUSB.sys [2022-06-13 891944]
R3 ISH;@oem88.inf,%ISH_SvcDesc%;Intel(R) Integrated Sensor Solution; C:\WINDOWS\System32\DriverStore\FileRepository\ish.inf_amd64_2aeb613a4759eb99\ISH.sys [2022-06-21 167072]
R3 ISH_BusDriver;@oem73.inf,%ISH_BusDriver.SVCDESC%; ISS Bus Enumerator; C:\WINDOWS\System32\DriverStore\FileRepository\ish_busdriver.inf_amd64_7d0487ed174b295f\ISH_BusDriver.sys [2022-06-21 93344]
R3 MEIx64;@oem132.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\DriverStore\FileRepository\heci.inf_amd64_b3a92646bfdb3e11\x64\TeeDriverW10x64.sys [2022-03-21 312976]
R3 Microsoft_Bluetooth_AvrcpTransport;@microsoft_bluetooth_avrcptransport.inf,%Microsoft_Bluetooth_AvrcpTransport.ServiceDescription%;Microsoft Bluetooth Avrcp Transport Driver; C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.AvrcpTransport.sys [2022-05-07 98304]
R3 MsQuic;@%SystemRoot%\system32\drivers\msquic.sys,-200; C:\WINDOWS\system32\drivers\msquic.sys [2022-05-07 404336]
R3 Netwtw10;___ Ovladač adaptéru Intel(R) Wireless pro systém Windows 10 64 Bit; C:\WINDOWS\System32\drivers\Netwtw10.sys [2022-06-27 4946512]
R3 nhi;@oem52.inf,%TbtBusDrv_SVCDESC%;Thunderbolt(TM) Controller; C:\WINDOWS\System32\drivers\TbtBusDrv.sys [2022-06-29 3183200]
S0 AppleSSD;@AppleSSD.inf,%DevDesc1%;Apple Solid State Drive Device; C:\WINDOWS\System32\drivers\AppleSSD.sys [2022-05-07 113496]
S0 aswArDisk;aswArDisk; C:\WINDOWS\system32\drivers\aswArDisk.sys [2023-04-01 31424]
S0 aswElam;aswElam; C:\WINDOWS\system32\drivers\aswElam.sys [2023-04-01 25576]
S0 aswRvrt;aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [2023-04-01 80416]
S0 bttflt;@virtdisk.inf,%service_desc%;Microsoft Hyper-V VHDPMEM BTT Filter; C:\WINDOWS\System32\drivers\bttflt.sys [2022-05-07 79184]
S0 ebdrv0;@netevbd0a.inf,%vbd_srv_desc%;QLogic Legacy Ethernet Adapter VBD; C:\WINDOWS\System32\drivers\evbd0a.sys [2022-05-07 3424104]
S0 GenPass;@genpass.inf,%GenPass.SVCDESC%;Microsoft GenPass Driver; C:\WINDOWS\System32\DriverStore\FileRepository\genpass.inf_amd64_bef88a423225ecdc\genpass.sys [2022-05-07 62800]
S0 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2022-05-07 320880]
S0 iaStorAVC;@iastorav.inf,%iaStorAVC.DeviceDesc%;Intel Chipset SATA RAID Controller; C:\WINDOWS\System32\drivers\iaStorAVC.sys [2022-05-07 885584]
S0 ItSas35i;ItSas35i; C:\WINDOWS\System32\drivers\ItSas35i.sys [2022-05-07 187224]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2022-05-07 125280]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2022-05-07 138600]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2022-05-07 81752]
S0 megasas35i;megasas35i; C:\WINDOWS\System32\drivers\megasas35i.sys [2022-05-07 101224]
S0 mpi3drvi;mpi3drvi; C:\WINDOWS\System32\drivers\mpi3drvi.sys [2022-05-07 90472]
S0 nvdimm;@nvdimm.inf,%nvdimm.SvcDesc%;Microsoft NVDIMM device driver; C:\WINDOWS\System32\drivers\nvdimm.sys [2022-05-07 206160]
S0 nvmedisk;@nvmedisk.inf,%nvmedisk.SvcDesc%;Microsoft NVMe disk driver; C:\WINDOWS\System32\drivers\nvmedisk.sys [2022-05-07 91496]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2022-05-07 59752]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2022-05-07 69464]
S0 pmem;@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver; C:\WINDOWS\System32\drivers\pmem.sys [2022-12-11 181600]
S1 aswArPot;aswArPot; C:\WINDOWS\system32\drivers\aswArPot.sys [2023-04-01 231808]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2022-12-11 57344]
S3 Acx01000;@%SystemRoot%\system32\drivers\Acx01000.sys,-1000; C:\WINDOWS\system32\drivers\Acx01000.sys [2023-02-22 737280]
S3 AcxHdAudio;@acxhdaudiop.inf,%Audio_Device.DeviceDesc%;ACX HD Audio Driver; C:\WINDOWS\System32\drivers\AcxHdAudio.sys [2023-03-20 565248]
S3 amdgpio2;@amdgpio2.inf,%GPIO.SvcDesc%;AMD GPIO Client Driver; C:\WINDOWS\System32\drivers\amdgpio2.sys [2022-05-07 18432]
S3 amdi2c;@amdi2c.inf,%amdi2c.SVCDESC%;AMD I2C Controller Service; C:\WINDOWS\System32\drivers\amdi2c.sys [2022-05-07 45568]
S3 AppleLowerFilter;@oem113.inf,%AppleLowerFilterDisplayName%;Apple Lower Filter Driver; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [2020-10-09 35976]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2022-12-11 49152]
S3 AppvStrm;@%systemroot%\system32\drivers\AppvStrm.sys,-101; C:\WINDOWS\system32\drivers\AppvStrm.sys [2023-03-20 176176]
S3 AppvVemgr;@%systemroot%\system32\drivers\AppvVemgr.sys,-101; C:\WINDOWS\system32\drivers\AppvVemgr.sys [2023-03-20 206168]
S3 AppvVfs;@%systemroot%\system32\drivers\AppvVfs.sys,-101; C:\WINDOWS\system32\drivers\AppvVfs.sys [2023-03-20 192560]
S3 aswVpnRdr;Avast SecureLine VPN Driver; C:\WINDOWS\system32\drivers\aswVpnRdr.sys [2023-04-01 76664]
S3 BthMini;@bth.inf,%BTHMINI.SvcDesc%;Bluetooth Radio Driver; C:\WINDOWS\System32\drivers\BTHMINI.sys [2023-03-20 86016]
S3 ExecutionContext;@%SystemRoot%\System32\Drivers\ExecutionContext.sys,-101; C:\WINDOWS\System32\Drivers\ExecutionContext.sys [2022-12-11 75088]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\DriverStore\FileRepository\genericusbfn.inf_amd64_cea150c98a1ca844\genericusbfn.sys [2022-05-07 61440]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2022-05-07 91472]
S3 hidspi;@hidspi_km.inf,%hidspi.SVCDESC%;Microsoft SPI HID Miniport Driver; C:\WINDOWS\System32\drivers\hidspi.sys [2022-12-11 139264]
S3 HidSpiCx;HidSpi KMDF Class Extension; C:\WINDOWS\system32\drivers\HidSpiCx.sys [2022-12-11 126976]
S3 Hsp;@hsp.inf,%Hsp.SVCDESC%;Microsoft Pluton Service; C:\WINDOWS\System32\drivers\Hsp.sys [2022-05-07 124264]
S3 hvservice;@hvservice.inf,%hvservice.SvcDesc%;Microsoft Hypervisor Service Driver; C:\WINDOWS\System32\drivers\hvservice.sys [2022-12-11 91472]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver; C:\WINDOWS\System32\Drivers\mshwnclx.sys [2022-05-07 61440]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2022-05-07 1854832]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2022-05-07 36352]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2022-05-07 91136]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2022-05-07 79360]
S3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2022-05-07 93184]
S3 iaLPSS2i_GPIO2_CNL;@iaLPSS2i_GPIO2_CNL.inf,%iaLPSS2i_GPIO2_CNL.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_CNL.sys [2022-05-07 112128]
S3 iaLPSS2i_GPIO2_GLK;@iaLPSS2i_GPIO2_GLK.inf,%iaLPSS2i_GPIO2_GLK.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_GLK.sys [2022-05-07 96256]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2022-05-07 171520]
S3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2022-05-07 175104]
S3 iaLPSS2i_I2C_CNL;@iaLPSS2i_I2C_CNL.inf,%iaLPSS2i_I2C_CNL.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_CNL.sys [2022-05-07 177152]
S3 iaLPSS2i_I2C_GLK;@iaLPSS2i_I2C_GLK.inf,%iaLPSS2i_I2C_GLK.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_GLK.sys [2022-05-07 177664]
S3 iaStorAfs;@oem188.inf,%iaStorAfs.ServiceName%;iaStorAfs; C:\WINDOWS\System32\drivers\iaStorAfs.sys [2022-02-07 75496]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2022-05-07 559976]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2022-12-11 77824]
S3 intelpmax;@intelpmax.inf,%SvcDesc%;Intel(R) Dynamic Device Peak Power Manager Driver; C:\WINDOWS\System32\drivers\intelpmax.sys [2022-05-07 65536]
S3 IPT;IPT; C:\WINDOWS\System32\drivers\ipt.sys [2022-05-07 99688]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\WINDOWS\System32\drivers\mausbhost.sys [2022-05-07 566632]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\WINDOWS\System32\drivers\mausbip.sys [2022-05-07 99664]
S3 MbbCx;MBB Network Adapter Class Extension; C:\WINDOWS\system32\drivers\MbbCx.sys [2022-12-11 454656]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2022-05-07 1132392]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2022-05-07 147304]
S3 NDKPerf;NDKPerf Driver; C:\WINDOWS\system32\drivers\NDKPerf.sys [2022-05-07 83288]
S3 NDKPing;NDKPing Driver; C:\WINDOWS\system32\drivers\NDKPing.sys [2022-05-07 107872]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2023-03-20 394576]
S3 P9Rdr;@%SystemRoot%\System32\drivers\p9rdr.sys,-100; C:\WINDOWS\System32\drivers\p9rdr.sys [2022-05-07 148816]
S3 PktMon;Packet Monitor Driver; C:\WINDOWS\system32\drivers\PktMon.sys [2022-12-11 177504]
S3 PNPMEM;@memory.inf,%PNPMEM.SvcDesc%;Microsoft Memory Module Driver; C:\WINDOWS\System32\drivers\pnpmem.sys [2022-05-07 53248]
S3 portcfg;portcfg; C:\WINDOWS\System32\drivers\portcfg.sys [2022-05-07 61440]
S4 DBUtilDrv2;@oem38.inf,%DBUtilDrv2.SVCDESC%;DBUtilDrv2 Service; C:\WINDOWS\System32\drivers\DBUtilDrv2.sys []
S4 hvcrash;hvcrash; C:\WINDOWS\System32\drivers\hvcrash.sys [2022-05-07 75112]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2023-02-01 173040]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [2023-04-01 583064]
R2 avast! Firewall;Avast Firewall Service; C:\Program Files\Avast Software\Avast\afwServ.exe [2023-04-01 2197912]
R2 avast! Tools;Avast Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [2023-04-01 583576]
R2 AvastWscReporter;AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [2023-04-01 56912]
R2 cbdhsvc_5f73b;cbdhsvc_5f73b; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
R2 CDPUserSvc_5f73b;CDPUserSvc_5f73b; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
R2 CleanupPSvc;Avast Cleanup; C:\Program Files\Avast Software\Cleanup\TuneupSvc.exe [2023-04-01 15615384]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
R2 cplspcon;Intel(R) Content Protection HDCP Service; C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_4a6499af445e8e69\IntelCpHDCPSvc.exe [2022-06-14 351320]
R2 DbxSvc;DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [2023-03-20 46824]
R2 DDVCollectorSvcApi;Dell Data Vault Service API; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [2022-11-08 458960]
R2 DDVDataCollector;Dell Data Vault Collector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [2022-11-08 161488]
R2 DDVRulesProcessor;Dell Data Vault Processor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [2022-11-08 484560]
R2 Dell Digital Delivery Services;Dell Digital Delivery Services; C:\Program Files (x86)\Dell Digital Delivery Services\Dell.D3.WinSvc.exe [2022-11-07 55712]
R2 Dell SupportAssist Remediation;Dell SupportAssist Remediation; C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe [2023-01-17 22224]
R2 DellClientManagementService;Dell Client Management Service; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [2022-11-18 47320]
R2 DellTechHub;Dell TechHub; C:\Program Files\Dell\TechHub\Dell.TechHub.exe [2022-08-15 156064]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2022-05-07 79920]
R2 DispBrokerDesktopSvc;@%SystemRoot%\system32\dispbroker.desktop.dll,-101; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
R2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2022-05-07 79920]
R2 DriverUpdSvc;Avast Driver Updater; C:\Program Files\Avast Software\Driver Updater\DriverUpdSvc.exe [2023-04-01 8007064]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; C:\WINDOWS\System32\svchost.exe [2022-05-07 79920]
R2 esifsvc;@oem71.inf,%ServiceDisplayName%;Intel(R) Dynamic Tuning service; C:\WINDOWS\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_1da48d5885266bb7\esif_uf.exe [2021-03-17 2301592]
R2 igccservice;Intel(R) Graphics Command Center Service; C:\WINDOWS\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_5fe2e31c542e0065\OneApp.IGCC.WinService.exe [2022-06-14 95312]
R2 igfxCUIService2.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\System32\DriverStore\FileRepository\cui_dch.inf_amd64_b18a4e283f67c0b5\igfxCUIServiceN.exe [2022-06-14 408664]
R2 IntelAudioService;Intel(R) Audio Service; C:\WINDOWS\System32\DriverStore\FileRepository\intcoed.inf_amd64_0c5a889d0c28d3cc\\AS\\IAS\\IntelAudioService.exe [2022-06-13 532000]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\WINDOWS\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe [2021-04-20 628608]
R2 OneSyncSvc_5f73b;OneSyncSvc_5f73b; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
R3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [2023-04-01 8905624]
R3 BcastDVRUserService_5f73b;BcastDVRUserService_5f73b; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
R3 BluetoothUserService_5f73b;BluetoothUserService_5f73b; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
R3 BTAGService;@%SystemRoot%\system32\BTAGService.dll,-101; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
R3 BthAvctpSvc;@%SystemRoot%\system32\BthAvctpSvc.dll,-101; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
R3 camsvc;@%SystemRoot%\system32\CapabilityAccessManager.dll,-1; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
R3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2022-05-07 79920]
R3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
R3 DisplayEnhancementService;@%SystemRoot%\System32\Microsoft.Graphics.Display.DisplayEnhancementService.dll,-1000; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
R3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2022-05-07 79920]
R3 InstallService;@%SystemRoot%\system32\InstallService.dll,-200; C:\WINDOWS\System32\svchost.exe [2022-05-07 79920]
R3 InventorySvc;@%SystemRoot%\system32\inventorysvc.dll,-501; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2022-05-07 79920]
R3 NPSMSvc_5f73b;NPSMSvc_5f73b; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
R3 PenService_5f73b;PenService_5f73b; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
R3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
R3 PimIndexMaintenanceSvc_5f73b;PimIndexMaintenanceSvc_5f73b; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
S2 cbdhsvc;@%SystemRoot%\system32\cbdhsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
S2 dbupdate;Dropbox Update Service (dbupdate); C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2021-11-30 130320]
S2 edgeupdate;Microsoft Edge Update Service (edgeupdate); C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [2021-04-01 214952]
S2 gupdate;Služba Aktualizace Google (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2021-11-30 156232]
S2 Intel(R) TPM Provisioning Service;@oem45.inf,%TPMProvisioningServiceName%;Intel(R) TPM Provisioning Service; C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_a93205b6238060e4\lib\TPMProvisioningService.exe [2020-09-17 784664]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2022-05-07 79920]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
S3 AarSvc;@%SystemRoot%\system32\AarSvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
S3 AarSvc_5f73b;AarSvc_5f73b; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
S3 AssignedAccessManagerSvc;@%SystemRoot%\system32\assignedaccessmanagersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
S3 autotimesvc;@%SystemRoot%\System32\autotimesvc.dll,-6; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
S3 BcastDVRUserService;@%SystemRoot%\system32\BcastDVRUserService.dll,-100; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
S3 BluetoothUserService;@%SystemRoot%\system32\Microsoft.Bluetooth.UserService.dll,-101; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
S3 CaptureService;@%SystemRoot%\system32\CaptureService.dll,-100; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
S3 CaptureService_5f73b;CaptureService_5f73b; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
S3 cloudidsvc;@%SystemRoot%\system32\cloudidsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
S3 ConsentUxUserSvc;@%SystemRoot%\system32\ConsentUxClient.dll,-100; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
S3 ConsentUxUserSvc_5f73b;ConsentUxUserSvc_5f73b; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
S3 CredentialEnrollmentManagerUserSvc;@%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100; C:\WINDOWS\system32\CredentialEnrollmentManager.exe [2022-05-07 406336]
S3 CredentialEnrollmentManagerUserSvc_5f73b;CredentialEnrollmentManagerUserSvc_5f73b; C:\WINDOWS\system32\CredentialEnrollmentManager.exe [2022-05-07 406336]
S3 dbupdatem;Dropbox Update Service (dbupdatem); C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2021-11-30 130320]
S3 dcpm-notify;Dell Command | Power Manager Notify; C:\Program Files\Dell\CommandPowerManager\NotifyService.exe [2021-08-23 315008]
S3 dcsvc;@%systemroot%\system32\dcsvc,-100; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
S3 Dell.CommandPowerManager.Service;Dell.CommandPowerManager.Service; C:\WINDOWS\system32\dllhost.exe [2022-05-07 46416]
S3 DeviceAssociationBrokerSvc;@%SystemRoot%\system32\deviceaccess.dll,-107; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
S3 DeviceAssociationBrokerSvc_5f73b;DeviceAssociationBrokerSvc_5f73b; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
S3 DevicePickerUserSvc;@%SystemRoot%\system32\Windows.Devices.Picker.dll,-1006; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
S3 DevicePickerUserSvc_5f73b;DevicePickerUserSvc_5f73b; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
S3 DevicesFlowUserSvc_5f73b;DevicesFlowUserSvc_5f73b; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2022-05-07 114688]
S3 diagsvc;@%systemroot%\system32\DiagSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2022-05-07 79920]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
S3 edgeupdatem;Microsoft Edge Update Service (edgeupdatem); C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [2021-04-01 214952]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\WINDOWS\System32\svchost.exe [2022-05-07 79920]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2022-05-07 79920]
S3 FrameServerMonitor;@%systemroot%\system32\FrameServerMonitor.dll,-100; C:\WINDOWS\System32\svchost.exe [2022-05-07 79920]
S3 GoogleChromeElevationService;Google Chrome Elevation Service (GoogleChromeElevationService); C:\Program Files\Google\Chrome\Application\111.0.5563.147\elevation_service.exe [2023-03-25 1741592]
S3 GraphicsPerfSvc;@%SystemRoot%\system32\GraphicsPerfSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2022-05-07 79920]
S3 gupdatem;Služba Aktualizace Google (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2021-11-30 156232]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
S3 iaStorAfsService;@oem188.inf,%iaStorAfsService.ServiceName%;Intel(R) Optane(TM) Memory Service; C:\WINDOWS\System32\iaStorAfsService.exe [2022-02-07 3161808]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
S3 Intel(R) Capability Licensing Service TCP IP Interface;@oem45.inf,%SocketHECIServiceName%;Intel(R) Capability Licensing Service TCP IP Interface; C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_a93205b6238060e4\lib\SocketHeciServer.exe [2020-09-17 861976]
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; C:\WINDOWS\System32\svchost.exe [2022-05-07 79920]
S3 LxpSvc;@%SystemRoot%\system32\LanguageOverlayServer.dll,-100; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
S3 McpManagementService;@%SystemRoot%\system32\McpManagementService.dll,-100; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
S3 MessagingService_5f73b;MessagingService_5f73b; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
S3 MicrosoftEdgeElevationService;Microsoft Edge Elevation Service (MicrosoftEdgeElevationService); C:\Program Files (x86)\Microsoft\Edge\Application\111.0.1661.62\elevation_service.exe [2023-03-30 2292160]
S3 MixedRealityOpenXRSvc;@%SystemRoot%\system32\MixedRealityRuntime.dll,-101; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2023-03-23 247200]
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2022-05-07 79920]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
S3 NPSMSvc;@%SystemRoot%\system32\npsm.dll,-100; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
S3 P9RdrService;@%systemroot%\system32\p9rdrservice.dll,-102; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
S3 P9RdrService_5f73b;P9RdrService_5f73b; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
S3 PenService;@%SystemRoot%\system32\PenService.dll,-100; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
S3 perceptionsimulation;@%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101; C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe [2022-05-07 241664]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
S4 AppVClient;@%systemroot%\system32\AppVClient.exe,-102; C:\WINDOWS\system32\AppVClient.exe [2023-03-20 771480]
S4 DialogBlockingService;@%SystemRoot%\system32\DialogBlockingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]

-----------------EOF-----------------

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118200
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím o kontrolu

#8 Příspěvek od Rudy »

Log RSIT je v souč. době k ničemu, RSIT není plně kompatibilní se souč 64b systémy. Potřebuji vidět obsah souboru C:\Users\Tomáš\Downloads\fixlog.txt. Děkuji
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

djcharlie2
Návštěvník
Návštěvník
Příspěvky: 9
Registrován: 31 bře 2023 23:52

Re: Prosím o kontrolu

#9 Příspěvek od djcharlie2 »

Fix result of Farbar Recovery Scan Tool (x64) Version: 25-03-2023
Ran by Tomáš (02-04-2023 17:10:04) Run:1
Running from C:\Users\Tomáš\Downloads
Loaded Profiles: Tomáš
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {25B3DC16-4E11-493E-9D38-CB6220F853CC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-11-30] (Google LLC -> Google LLC)
Task: {0B4DCD60-8058-4D17-9DF0-AF44AEA64EB7} - System32\Tasks\McAfeeTsk\OOBEUpgrader => C:\Program Files\McAfee\MSC\OOBE_Upgrader.exe /Run (No File)
Task: {4F67BDDC-8D58-488C-9DD7-59556B945FF6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-11-30] (Google LLC -> Google LLC)
Task: {D8E97E56-25DC-4E36-9020-E28DE7A98E3B} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => C:\WINDOWS\system32\MusNotification.exe /RunOnAC ReadyToReboot (No File)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => C:\WINDOWS\system32\MusNotification.exe (No File)
Task: {EF36D56B-2DA8-40A5-ADE8-8B4FCA2016C0} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\MusUx_LogonUpdateResults => C:\WINDOWS\system32\MusNotification.exe LogonUpdateResults (No File)
U1 aswbdisk; no ImagePath
C:\Users\Tomáš\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
AlternateDataStreams: C:\Users\Tomáš\Desktop\finance.xls:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\Tomáš\Desktop\fondy.ods:com.dropbox.attrs [54]
AlternateDataStreams: C:\Users\Tomáš\Downloads\avast_one_free_antivirus.exe:MBAM.Zone.Identifier [201]
FirewallRules: [{FD6B963F-6AD7-49C3-9913-8BCD695FBF44}] => (Allow) C:\Users\Tomáš\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{BB170C2C-5C73-442B-8202-7D2943EFC774}] => (Allow) C:\Users\Tomáš\AppData\Roaming\Zoom\bin\airhost.exe => No File

EmptyTemp:
End
*****************

Processes closed successfully.
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiSpyware"="0" => value restored successfully
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiVirus"="0" => value restored successfully
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers\{C885AA15-1764-4293-B82A-0586ADD46B35} => removed successfully
C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully
C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully
C:\WINDOWS\SysWOW64\GroupPolicy\GPT.ini => moved successfully
C:\ProgramData\NTUSER.pol => moved successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{25B3DC16-4E11-493E-9D38-CB6220F853CC}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{25B3DC16-4E11-493E-9D38-CB6220F853CC}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0B4DCD60-8058-4D17-9DF0-AF44AEA64EB7}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0B4DCD60-8058-4D17-9DF0-AF44AEA64EB7}" => removed successfully
C:\WINDOWS\System32\Tasks\McAfeeTsk\OOBEUpgrader => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\McAfeeTsk\OOBEUpgrader" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4F67BDDC-8D58-488C-9DD7-59556B945FF6}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4F67BDDC-8D58-488C-9DD7-59556B945FF6}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D8E97E56-25DC-4E36-9020-E28DE7A98E3B}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D8E97E56-25DC-4E36-9020-E28DE7A98E3B}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\Reboot_AC" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E0F10DCF-44AD-40E8-9370-FB5DA59F93FB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E0F10DCF-44AD-40E8-9370-FB5DA59F93FB}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{EF36D56B-2DA8-40A5-ADE8-8B4FCA2016C0}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EF36D56B-2DA8-40A5-ADE8-8B4FCA2016C0}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\MusUx_LogonUpdateResults => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\MusUx_LogonUpdateResults" => removed successfully
HKLM\System\CurrentControlSet\Services\aswbdisk => could not remove, key could be protected
C:\Users\Tomáš\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => moved successfully
C:\Users\Tomáš\Desktop\finance.xls => ":com.dropbox.attrs" ADS removed successfully
C:\Users\Tomáš\Desktop\fondy.ods => ":com.dropbox.attrs" ADS removed successfully
C:\Users\Tomáš\Downloads\avast_one_free_antivirus.exe => ":MBAM.Zone.Identifier" ADS removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{FD6B963F-6AD7-49C3-9913-8BCD695FBF44}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{BB170C2C-5C73-442B-8202-7D2943EFC774}" => removed successfully

=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 664781645 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 0 B
Windows/system/drivers => 33103886 B
Edge => 0 B
Chrome => 1007901414 B
Firefox => 107088750 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 1720343 B
systemprofile32 => 1720343 B
LocalService => 1743813 B
NetworkService => 11843939 B
Tomáš => 301291123 B

RecycleBin => 0 B
EmptyTemp: => 2 GB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 02-04-2023 17:14:33)


Result of scheduled keys to remove after reboot:

HKLM\System\CurrentControlSet\Services\aswbdisk => could not remove, key could be protected

==== End of Fixlog 17:14:33 ====

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118200
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím o kontrolu

#10 Příspěvek od Rudy »

Smazáno, log je již OK.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

djcharlie2
Návštěvník
Návštěvník
Příspěvky: 9
Registrován: 31 bře 2023 23:52

Re: Prosím o kontrolu

#11 Příspěvek od djcharlie2 »

A bylo tam něco závažného?

Platba za pomoc stačí přes podporu fóra?

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118200
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím o kontrolu

#12 Příspěvek od Rudy »

Nebylo, jen zbytečnosti. Ponate můžete provést po kliknutí vpravo dole na bublinu "Přispějte..."
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

djcharlie2
Návštěvník
Návštěvník
Příspěvky: 9
Registrován: 31 bře 2023 23:52

Re: Prosím o kontrolu

#13 Příspěvek od djcharlie2 »

Dobrý den,

zdá se, že mé problémy přetrvávají. O víkendu odešlo mraky spamu z mých 2 nezávislých emailů. Nedá se udělat ještě nějaká hlubší kontrola, nebo něco podobného? Děkuji.

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118200
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Prosím o kontrolu

#14 Příspěvek od Rudy »

Je to možné. Stáhněte a spusťte AVPTool: http://www.viry.cz/forum/viewtopic.php?f=29&t=58179 . Utilizu stáhněte, spusťte a nechte pracovat. Po skončení akce smažte vše, co případně najde. Pozor, návod v odkazu platí pro starší verzi. Také doporučuji změnu hesla na e-mail.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

djcharlie2
Návštěvník
Návštěvník
Příspěvky: 9
Registrován: 31 bře 2023 23:52

Re: Prosím o kontrolu

#15 Příspěvek od djcharlie2 »

Tak taky nic nenašlo, tak jsem změnil ještě všude hesla, asi to byl spíš nějakej leak někde, než vir. :-(

Odpovědět