Pomalejší PC
Napsal: 09 kvě 2020 02:05
Dobrý den, poprosil bych o kontrolu logů. PC mi poslední dobou jen tak začne využívat 100% CPU děje se to náhodně a nepřestane to dokud nerestartuji počítač.
Logfile of random's system information tool 1.10 (written by random/random)
Run by ADMIN at 2020-05-09 02:49:43
Microsoft Windows 10 Pro
System drive C: has 872 GB (46%) free of 1907 GB
Total RAM: 16304 MB (65% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 2:49:52, on 09.05.2020
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.18362.0001)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\LightingService\1.00.42\AsRogAuraGpuDllServer.exe
C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
C:\Program Files (x86)\Steam\steam.exe
C:\Program Files (x86)\Kerio\VPN Client\kvpncgui.exe
C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\iCUE.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Program Files\trend micro\ADMIN.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_241\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_241\bin\jp2ssv.dll
O4 - HKLM\..\Run: [IMSS] "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe" "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe" 60
O4 - HKLM\..\Run: [Adobe Creative Cloud] "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
O4 - HKLM\..\Run: [Kerio Control VPN Client] "C:\Program Files (x86)\Kerio\VPN Client\kvpncgui.exe" /tray
O4 - HKLM\..\Run: [CORSAIR iCUE Software] "C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\iCUE Launcher.exe" --autorun
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AdobeUpdateService - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
O23 - Service: Adobe Genuine Monitor Service (AGMService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
O23 - Service: Adobe Genuine Software Integrity Service (AGSService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: ASUS Com Service (asComSvc) - ASUSTeK Computer Inc. - C:\Program Files (x86)\ASUS\AXSP\4.00.01\atkexComSvc.exe
O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service: Corsair LLA Service (CorsairLLAService) - Corsair Memory, Inc. - C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\CueLLAccessService.exe
O23 - Service: Corsair Service (CorsairService) - Corsair Memory, Inc. - C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.exe
O23 - Service: @%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100 (CredentialEnrollmentManagerUserSvc) - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: CredentialEnrollmentManagerUserSvc_21a593db - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DeveloperToolsSvc.exe,-100 (DeveloperToolsService) - Unknown owner - C:\WINDOWS\System32\DeveloperToolsSvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: EasyAntiCheat - EasyAntiCheat Ltd - C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google LLC - C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.138\elevation_service.exe
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Kerio Control VPN Client Service (KVPNCSvc) - Kerio Technologies Inc. - C:\Program Files (x86)\Kerio\VPN Client\kvpncsvc.exe
O23 - Service: LightingService - ASUSTek Computer Inc. - C:\Program Files (x86)\LightingService\1.00.42\LightingService.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: Logitech Video Camera Service (nebula) - Logitech - C:\Program Files\Logitech\Collaboration\Services\Video\ServiceLayer.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: nordvpn-service - Unknown owner - C:\Program Files (x86)\NordVPN\nordvpn-service.exe
O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: Origin Web Helper Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginWebHelperService.exe
O23 - Service: @%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101 (perceptionsimulation) - Unknown owner - C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe (file missing)
O23 - Service: Rockstar Game Library Service (Rockstar Service) - Rockstar Games - C:\Program Files\Rockstar Games\Launcher\RockstarService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001 (Sense) - Unknown owner - C:\Program Files (x86)\Windows Defender Advanced Threat Protection\MsSense.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\WINDOWS\system32\SgrmBroker.exe (file missing)
O23 - Service: @firewallapi.dll,-50323 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: OpenSSH SSH Server (sshd) - Unknown owner - C:\WINDOWS\System32\OpenSSH\sshd.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: VirtualBox system service (VBoxSDS) - Oracle Corporation - C:\Program Files\Oracle\VirtualBox\VBoxSDS.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: vgc - Riot Games, Inc. - C:\Program Files\Riot Vanguard\vgc.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Wondershare Application Framework Service (WsAppService) - Wondershare - C:\Program Files (x86)\Wondershare\WAF\2.4.3.233\WsAppService.exe
--
End of file - 13000 bytes
======Listing Processes======
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p -s PlugPlay
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p
"fontdrvhost.exe"
C:\WINDOWS\system32\svchost.exe -k RPCSS -p
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p -s LSM
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s NcbService
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s hidserv
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s Schedule
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s ProfSvc
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s TimeBrokerSvc
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s EventLog
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
C:\WINDOWS\system32\svchost.exe -k LocalService -p
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s UserManager
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s SysMain
C:\WINDOWS\System32\svchost.exe -k netsvcs -p -s Themes
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s EventSystem
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s nsi
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s Dhcp
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s SENS
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s AudioEndpointBuilder
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s FontCache
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DevQueryBroker
C:\WINDOWS\System32\svchost.exe -k NetworkService -p -s NlaSvc
C:\WINDOWS\system32\svchost.exe -k NetworkService -p -s Dnscache
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\System32\svchost.exe -k netsvcs -p -s ShellHWDetection
C:\WINDOWS\System32\svchost.exe -k LocalService -p -s netprofm
C:\WINDOWS\system32\svchost.exe -k appmodel -p -s camsvc
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s Winmgmt
C:\WINDOWS\system32\svchost.exe -k appmodel -p -s StateRepository
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork -p
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s WinHttpAutoProxySvc
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetworkFirewall -p
"C:\Program Files (x86)\NordVPN\nordvpn-service.exe"
C:\WINDOWS\System32\svchost.exe -k NetworkService -p -s LanmanWorkstation
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s DispBrokerDesktopSvc
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s IKEEXT
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe"
"C:\Program Files (x86)\Kerio\VPN Client\kvpncsvc.exe"
C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork -p -s DPS
"C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe"
C:\WINDOWS\system32\svchost.exe -k NetworkService -p -s CryptSvc
C:\WINDOWS\System32\svchost.exe -k NetSvcs -p -s iphlpsvc
"C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.exe"
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s SstpSvc
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s TrkWks
"C:\Program Files (x86)\LightingService\1.00.42\LightingService.exe"
"C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\CueLLAccessService.exe"
"C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe"
"C:\Program Files (x86)\Wondershare\WAF\2.4.3.233\WsAppService.exe"
"C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerLocalSystem -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll"
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s WpnService
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\System32\svchost.exe -k utcsvc -p
C:\WINDOWS\System32\svchost.exe -k NetworkService -p -s TapiSrv
C:\WINDOWS\System32\svchost.exe -k LocalService -p -s WdiServiceHost
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s LanmanServer
"C:\Program Files\Logitech\Collaboration\Services\Video\ServiceLayer.exe"
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DeviceAssociationService
"C:\Program Files\Logitech\Collaboration\Services\Video\cropAssistAPI\CropAssistService.exe"
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s TokenBroker
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s TabletInputService
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s CDPSvc
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
C:\WINDOWS\System32\svchost.exe -k LocalService -p -s LicenseManager
C:\WINDOWS\System32\svchost.exe -k netsvcs -p
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s UsoSvc
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s PcaSvc
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s StorSvc
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation -p -s SSDPSRV
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s BthAvctpSvc
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s lfsvc
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s Appinfo
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s DsSvc
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s wuauserv
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation -p -s QWAVE
"C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe" /service
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s WebClient
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -s RmSvc
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DisplayEnhancementService
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s lmhosts
C:\WINDOWS\system32\AUDIODG.EXE 0x67c
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s WdiSystemHost
winlogon.exe
"fontdrvhost.exe"
"dwm.exe"
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -f "C:\ProgramData\NVIDIA\DisplaySessionContainer%d.log" -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\Session" -r -l 3 -p 30000 -c
"C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.CpuIdRemote64.exe" -d
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.DisplayAdapter.exe"
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -f "C:\ProgramData\NVIDIA\NvContainerUser%dSPUser.log" -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\SPUser" -r -l 3 -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll" -c
sihost.exe
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup -s CDPUserSvc
"C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -f "C:\ProgramData\NVIDIA\NvContainerUser%d.log" -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\User" -r -l 3 -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll" -c
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup -s WpnUserService
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
"C:\Program Files (x86)\LightingService\1.00.42\AsRogAuraGpuDllServer.exe"
C:\WINDOWS\Explorer.EXE
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe" index.js
C:\WINDOWS\system32\svchost.exe -k ClipboardSvcGroup -p -s cbdhsvc
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe" -ServerName:App.AppXywbrabmsek0gm3tkwpr5kwzbs55tkqay.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
"ctfmon.exe"
C:\WINDOWS\system32\SettingSyncHost.exe -Embedding
"C:\Windows\System32\SecurityHealthSystray.exe"
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\WINDOWS\System32\Taskmgr.exe" /2
"C:\Program Files\Riot Vanguard\vgtray.exe"
"C:\Program Files (x86)\Steam\steam.exe" -silent
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\Program Files (x86)\Kerio\VPN Client\kvpncgui.exe" /tray
--autorun
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe"
"C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe"
"C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe" --type=gpu-process --field-trial-handle=1992,9029014399159495941,6213807221598910582,131072 --disable-features=VizDisplayCompositor --no-sandbox --log-file="C:\Users\Radek\AppData\Local\NVIDIA Corporation\NVIDIA Share\debug.log" --lang=en-US --gpu-preferences=KAAAAAAAAACAAwAAAQAAAAAAAAAAAGAAAAAAAAEAAAAIAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAFAAAAEAAAAAAAAAAAAAAABgAAABAAAAAAAAAAAQAAAAUAAAAQAAAAAAAAAAEAAAAGAAAA --log-file="C:\Users\Radek\AppData\Local\NVIDIA Corporation\NVIDIA Share\debug.log" --service-request-channel-token=17405464469409196906 --mojo-platform-channel-handle=1996 /prefetch:2
"C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe" --type=renderer --no-sandbox --autoplay-policy=no-user-gesture-required --log-file="C:\Users\Radek\AppData\Local\NVIDIA Corporation\NVIDIA Share\debug.log" --field-trial-handle=1992,9029014399159495941,6213807221598910582,131072 --disable-features=VizDisplayCompositor --service-pipe-token=16676444910751114836 --lang=en-US --log-file="C:\Users\Radek\AppData\Local\NVIDIA Corporation\NVIDIA Share\debug.log" --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=16676444910751114836 --renderer-client-id=3 --mojo-platform-channel-handle=2560 /prefetch:1
"C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.220.4152.0_x64__8wekyb3d8bbwe\GameBar.exe" -ServerName:App.AppXbdkk0yrkwpcgeaem8zk81k8py1eaahny.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.220.4152.0_x64__8wekyb3d8bbwe\GameBarFT.exe" /InvokerPRAID: App
"C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.220.4152.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe" -Embedding
C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
"C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe" -auto -critical
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Radek\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Radek\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Radek\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=81.0.4044.138 --initial-client-data=0xe8,0xec,0xf0,0xc4,0xf4,0x7ffcdf44bd28,0x7ffcdf44bd38,0x7ffcdf44bd48
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=3092 --on-initialized-event-handle=688 --parent-handle=692 /prefetch:6
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1648,17594736494469320080,5947736673091973749,131072 --gpu-preferences=MAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAQAAAAAAAAAAAAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAA= --mojo-platform-channel-handle=1652 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=1648,17594736494469320080,5947736673091973749,131072 --lang=cs --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1840 /prefetch:8
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1648,17594736494469320080,5947736673091973749,131072 --lang=cs --enable-auto-reload --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2848 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1648,17594736494469320080,5947736673091973749,131072 --lang=cs --extension-process --enable-auto-reload --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=4 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3568 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1648,17594736494469320080,5947736673091973749,131072 --lang=cs --extension-process --enable-auto-reload --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3848 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1648,17594736494469320080,5947736673091973749,131072 --lang=cs --extension-process --enable-auto-reload --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4008 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=1648,17594736494469320080,5947736673091973749,131072 --lang=cs --service-sandbox-type=utility --enable-audio-service-sandbox --mojo-platform-channel-handle=4424 --ignored=" --type=renderer " /prefetch:8
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1648,17594736494469320080,5947736673091973749,131072 --disable-databases --lang=cs --extension-process --enable-auto-reload --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6024 /prefetch:1
C:\WINDOWS\system32\DllHost.exe /Processid:{973D20D7-562D-44B9-B70B-5A0F49CCDF3F}
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=1648,17594736494469320080,5947736673091973749,131072 --lang=cs --service-sandbox-type=audio --enable-audio-service-sandbox --mojo-platform-channel-handle=1740 --ignored=" --type=renderer " /prefetch:8
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1648,17594736494469320080,5947736673091973749,131072 --disable-databases --lang=cs --enable-auto-reload --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7144 /prefetch:1
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1648,17594736494469320080,5947736673091973749,131072 --disable-databases --lang=cs --enable-auto-reload --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5440 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1648,17594736494469320080,5947736673091973749,131072 --disable-databases --lang=cs --enable-auto-reload --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2888 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1648,17594736494469320080,5947736673091973749,131072 --disable-databases --lang=cs --enable-auto-reload --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6808 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=1648,17594736494469320080,5947736673091973749,131072 --lang=cs --service-sandbox-type=xr_compositing --enable-audio-service-sandbox --mojo-platform-channel-handle=5376 --ignored=" --type=renderer " /prefetch:8
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1648,17594736494469320080,5947736673091973749,131072 --disable-databases --lang=cs --enable-auto-reload --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8164 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1648,17594736494469320080,5947736673091973749,131072 --disable-databases --lang=cs --enable-auto-reload --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8180 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe -Embedding
"C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe"
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s seclogon
"C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1648,17594736494469320080,5947736673091973749,131072 --lang=cs --enable-auto-reload --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7100 /prefetch:1
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1648,17594736494469320080,5947736673091973749,131072 --disable-databases --lang=cs --enable-auto-reload --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=100 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8872 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1648,17594736494469320080,5947736673091973749,131072 --disable-databases --lang=cs --enable-auto-reload --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=105 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8252 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1648,17594736494469320080,5947736673091973749,131072 --disable-databases --lang=cs --enable-auto-reload --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=106 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4688 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1648,17594736494469320080,5947736673091973749,131072 --disable-databases --lang=cs --enable-auto-reload --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=107 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8952 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1648,17594736494469320080,5947736673091973749,131072 --disable-databases --lang=cs --enable-auto-reload --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=108 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8452 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1648,17594736494469320080,5947736673091973749,131072 --disable-databases --lang=cs --enable-auto-reload --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=110 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4840 /prefetch:1
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe185_ Global\UsGthrCtrlFltPipeMssGthrPipe185 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 780 784 792 8192 788
"C:\Users\Radek\Downloads\RSITx64.exe"
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2020-01-12 210632]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_241\bin\ssv.dll [2020-03-27 480320]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_241\bin\jp2ssv.dll [2020-03-27 194624]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\WINDOWS\system32\SecurityHealthSystray.exe [2020-02-15 84992]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2016-12-22 8899592]
"AdobeGCInvoker-1.0"=C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2020-03-04 3022416]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2018-04-11 509936]
"Riot Vanguard"=C:\Program Files\Riot Vanguard\vgtray.exe [2020-05-09 352712]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDriveSetup"=C:\Windows\SysWOW64\OneDriveSetup.exe [2019-03-19 28832864]
"Steam"=C:\Program Files (x86)\Steam\steam.exe [2020-05-08 3373344]
"CCleaner Smart Cleaning"=C:\Program Files\CCleaner\CCleaner64.exe [2018-11-06 19476424]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IMSS"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [2016-03-16 136992]
"Adobe Creative Cloud"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2018-06-22 2409944]
"Kerio Control VPN Client"=C:\Program Files (x86)\Kerio\VPN Client\kvpncgui.exe [2018-08-28 2069864]
"CORSAIR iCUE Software"=C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\iCUE Launcher.exe [2020-03-02 405544]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2019-12-11 646160]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages"=msv1_0
SshdPinAuthLsa
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CBDHSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioEndpointBuilder]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioSrv]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CBDHSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudAddService.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudBus.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MBAMService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SerCx2.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\usbaudio.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinQuic]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96C-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"EnableFullTrustStartupTasks"=2
"EnableUwpStartupTasks"=2
"SupportFullTrustStartupTasks"=1
"SupportUwpStartupTasks"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"aux"=wdmaud.drv
"midi"=wdmaud.drv
"midimapper"=midimap.dll
"mixer"=wdmaud.drv
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=lvcod64.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wave"=wdmaud.drv
"wavemapper"=msacm32.drv
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo"=vfwwdm32.dll
"MSVideo8"=VfWWDM32.dll
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.txt - open -
======List of files/folders created in the last 1 month======
2020-05-09 02:49:43 ----D---- C:\rsit
2020-05-09 02:49:43 ----D---- C:\Program Files\trend micro
2020-05-09 02:39:50 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2020-05-09 02:39:40 ----A---- C:\WINDOWS\system32\drivers\mwac.sys
2020-05-09 02:39:40 ----A---- C:\WINDOWS\system32\drivers\farflt.sys
2020-05-09 02:39:04 ----A---- C:\WINDOWS\system32\drivers\MbamChameleon.sys
2020-05-09 02:39:03 ----A---- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2020-05-09 02:38:57 ----A---- C:\WINDOWS\system32\drivers\MbamElam.sys
2020-05-09 02:38:56 ----A---- C:\WINDOWS\system32\drivers\mbae64.sys
2020-05-03 22:00:08 ----D---- C:\WINDOWS\LastGood.Tmp
2020-05-03 21:58:36 ----A---- C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2020-05-03 21:58:36 ----A---- C:\WINDOWS\system32\vulkan-1.dll
2020-05-03 21:58:35 ----A---- C:\WINDOWS\SYSWOW64\vulkaninfo-1-999-0-0-0.exe
2020-05-03 21:58:35 ----A---- C:\WINDOWS\SYSWOW64\vulkaninfo.exe
2020-05-03 21:58:35 ----A---- C:\WINDOWS\SYSWOW64\vulkan-1-999-0-0-0.dll
2020-05-03 21:58:35 ----A---- C:\WINDOWS\SYSWOW64\vulkan-1.dll
2020-05-03 21:58:35 ----A---- C:\WINDOWS\SYSWOW64\nvofapi.dll
2020-05-03 21:58:35 ----A---- C:\WINDOWS\SYSWOW64\NvIFROpenGL.dll
2020-05-03 21:58:35 ----A---- C:\WINDOWS\SYSWOW64\NvIFR.dll
2020-05-03 21:58:35 ----A---- C:\WINDOWS\SYSWOW64\NvFBC.dll
2020-05-03 21:58:35 ----A---- C:\WINDOWS\SYSWOW64\nvfatbinaryLoader.dll
2020-05-03 21:58:35 ----A---- C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2020-05-03 21:58:35 ----A---- C:\WINDOWS\system32\vulkaninfo.exe
2020-05-03 21:58:35 ----A---- C:\WINDOWS\system32\OpenCL.dll
2020-05-03 21:58:35 ----A---- C:\WINDOWS\system32\nvptxJitCompiler.dll
2020-05-03 21:58:35 ----A---- C:\WINDOWS\system32\nvofapi64.dll
2020-05-03 21:58:35 ----A---- C:\WINDOWS\system32\nvmcumd.dll
2020-05-03 21:58:35 ----A---- C:\WINDOWS\system32\NvIFROpenGL.dll
2020-05-03 21:58:35 ----A---- C:\WINDOWS\system32\NvIFR64.dll
2020-05-03 21:58:35 ----A---- C:\WINDOWS\system32\NvFBC64.dll
2020-05-03 21:58:35 ----A---- C:\WINDOWS\system32\nvfatbinaryLoader.dll
2020-05-03 21:58:35 ----A---- C:\WINDOWS\system32\nvEncodeAPI64.dll
2020-05-03 21:58:34 ----A---- C:\WINDOWS\SYSWOW64\nvcuvid.dll
2020-05-03 21:58:34 ----A---- C:\WINDOWS\SYSWOW64\nvcuda.dll
2020-05-03 21:58:34 ----A---- C:\WINDOWS\system32\nvdispgenco6444587.dll
2020-05-03 21:58:34 ----A---- C:\WINDOWS\system32\nvdispco6444587.dll
2020-05-03 21:58:34 ----A---- C:\WINDOWS\system32\nvcuvid.dll
2020-05-03 21:58:34 ----A---- C:\WINDOWS\system32\nvcuda.dll
2020-05-01 20:20:31 ----D---- C:\Program Files (x86)\Far Cry 5
2020-04-29 14:28:23 ----D---- C:\Program Files\Logitech
2020-04-19 22:58:38 ----D---- C:\Users\Radek\AppData\Roaming\Sekiro
2020-04-16 23:13:07 ----A---- C:\WINDOWS\vgkbootstatus.dat
2020-04-16 21:53:41 ----AD---- C:\Program Files\Riot Vanguard
2020-04-16 00:15:10 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.XamlHost.dll
2020-04-16 00:15:10 ----A---- C:\WINDOWS\system32\Windows.UI.XamlHost.dll
2020-04-16 00:15:10 ----A---- C:\WINDOWS\system32\wbadmin.exe
2020-04-16 00:15:07 ----A---- C:\WINDOWS\SYSWOW64\MSFlacDecoder.dll
2020-04-16 00:15:07 ----A---- C:\WINDOWS\SYSWOW64\mfmpeg2srcsnk.dll
2020-04-16 00:15:06 ----A---- C:\WINDOWS\SYSWOW64\mfmp4srcsnk.dll
2020-04-16 00:15:06 ----A---- C:\WINDOWS\SYSWOW64\mfmkvsrcsnk.dll
2020-04-16 00:15:03 ----A---- C:\WINDOWS\system32\HologramCompositor.dll
2020-04-16 00:15:02 ----A---- C:\WINDOWS\system32\Hydrogen.dll
2020-04-16 00:15:01 ----A---- C:\WINDOWS\system32\HologramWorld.dll
2020-04-16 00:15:00 ----A---- C:\WINDOWS\system32\msmpeg2vdec.dll
2020-04-16 00:15:00 ----A---- C:\WINDOWS\system32\MSFlacDecoder.dll
2020-04-16 00:15:00 ----A---- C:\WINDOWS\system32\MSAudDecMFT.dll
2020-04-16 00:15:00 ----A---- C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2020-04-16 00:15:00 ----A---- C:\WINDOWS\system32\mfmp4srcsnk.dll
2020-04-16 00:14:59 ----A---- C:\WINDOWS\SYSWOW64\Microsoft.Uev.Office2013CustomActions.dll
2020-04-16 00:14:59 ----A---- C:\WINDOWS\SYSWOW64\Microsoft.Uev.Office2010CustomActions.dll
2020-04-16 00:14:59 ----A---- C:\WINDOWS\SYSWOW64\Microsoft.Uev.AppAgent.dll
2020-04-16 00:14:59 ----A---- C:\WINDOWS\SYSWOW64\AppVEntSubsystems32.dll
2020-04-16 00:14:59 ----A---- C:\WINDOWS\system32\mfcore.dll
2020-04-16 00:14:58 ----A---- C:\WINDOWS\system32\Microsoft.Uev.Office2013CustomActions.dll
2020-04-16 00:14:58 ----A---- C:\WINDOWS\system32\Microsoft.Uev.Office2010CustomActions.dll
2020-04-16 00:14:58 ----A---- C:\WINDOWS\system32\Microsoft.Uev.AppAgent.dll
2020-04-16 00:14:58 ----A---- C:\WINDOWS\system32\AppVEntSubsystems64.dll
2020-04-16 00:14:58 ----A---- C:\WINDOWS\system32\AppVEntSubsystemController.dll
2020-04-16 00:14:57 ----A---- C:\WINDOWS\SYSWOW64\Windows.Mirage.Internal.dll
2020-04-16 00:14:57 ----A---- C:\WINDOWS\SYSWOW64\tsgqec.dll
2020-04-16 00:14:57 ----A---- C:\WINDOWS\SYSWOW64\mstsc.exe
2020-04-16 00:14:57 ----A---- C:\WINDOWS\SYSWOW64\CPFilters.dll
2020-04-16 00:14:56 ----A---- C:\WINDOWS\SYSWOW64\mstscax.dll
2020-04-16 00:14:56 ----A---- C:\WINDOWS\SYSWOW64\msrd3x40.dll
2020-04-16 00:14:56 ----A---- C:\WINDOWS\SYSWOW64\msltus40.dll
2020-04-16 00:14:56 ----A---- C:\WINDOWS\SYSWOW64\msjet40.dll
2020-04-16 00:14:56 ----A---- C:\WINDOWS\SYSWOW64\msimsg.dll
2020-04-16 00:14:56 ----A---- C:\WINDOWS\SYSWOW64\msi.dll
2020-04-16 00:14:56 ----A---- C:\WINDOWS\SYSWOW64\msexcl40.dll
2020-04-16 00:14:56 ----A---- C:\WINDOWS\SYSWOW64\Chakrathunk.dll
2020-04-16 00:14:56 ----A---- C:\WINDOWS\SYSWOW64\Chakradiag.dll
2020-04-16 00:14:55 ----A---- C:\WINDOWS\SYSWOW64\IndexedDbLegacy.dll
2020-04-16 00:14:55 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2020-04-16 00:14:54 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2020-04-16 00:14:53 ----A---- C:\WINDOWS\SYSWOW64\wsecedit.dll
2020-04-16 00:14:53 ----A---- C:\WINDOWS\SYSWOW64\srumsvc.dll
2020-04-16 00:14:53 ----A---- C:\WINDOWS\SYSWOW64\srumapi.dll
2020-04-16 00:14:53 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2020-04-16 00:14:53 ----A---- C:\WINDOWS\SYSWOW64\iasrad.dll
2020-04-16 00:14:53 ----A---- C:\WINDOWS\SYSWOW64\iaspolcy.dll
2020-04-16 00:14:53 ----A---- C:\WINDOWS\SYSWOW64\iasacct.dll
2020-04-16 00:14:53 ----A---- C:\WINDOWS\SYSWOW64\ias.dll
2020-04-16 00:14:53 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2020-04-16 00:14:51 ----A---- C:\WINDOWS\system32\WorkFolders.exe
2020-04-16 00:14:50 ----A---- C:\WINDOWS\system32\workfolderssvc.dll
2020-04-16 00:14:50 ----A---- C:\WINDOWS\system32\WorkFoldersShell.dll
2020-04-16 00:14:50 ----A---- C:\WINDOWS\system32\WorkfoldersControl.dll
2020-04-16 00:14:50 ----A---- C:\WINDOWS\system32\WinSAT.exe
2020-04-16 00:14:50 ----A---- C:\WINDOWS\system32\tsgqec.dll
2020-04-16 00:14:50 ----A---- C:\WINDOWS\system32\mstsc.exe
2020-04-16 00:14:49 ----A---- C:\WINDOWS\system32\rdpclip.exe
2020-04-16 00:14:49 ----A---- C:\WINDOWS\system32\nltest.exe
2020-04-16 00:14:49 ----A---- C:\WINDOWS\system32\mstscax.dll
2020-04-16 00:14:48 ----A---- C:\WINDOWS\system32\msimsg.dll
2020-04-16 00:14:48 ----A---- C:\WINDOWS\system32\msi.dll
2020-04-16 00:14:48 ----A---- C:\WINDOWS\system32\Chakrathunk.dll
2020-04-16 00:14:48 ----A---- C:\WINDOWS\system32\Chakradiag.dll
2020-04-16 00:14:47 ----A---- C:\WINDOWS\system32\IndexedDbLegacy.dll
2020-04-16 00:14:47 ----A---- C:\WINDOWS\system32\Chakra.dll
2020-04-16 00:14:46 ----A---- C:\WINDOWS\system32\mshtml.dll
2020-04-16 00:14:46 ----A---- C:\WINDOWS\system32\jscript.dll
2020-04-16 00:14:46 ----A---- C:\WINDOWS\system32\iasrad.dll
2020-04-16 00:14:46 ----A---- C:\WINDOWS\system32\iasacct.dll
2020-04-16 00:14:46 ----A---- C:\WINDOWS\system32\ias.dll
2020-04-16 00:14:45 ----A---- C:\WINDOWS\system32\StorSvc.dll
2020-04-16 00:14:45 ----A---- C:\WINDOWS\system32\StorageUsage.dll
2020-04-16 00:14:45 ----A---- C:\WINDOWS\system32\iaspolcy.dll
2020-04-16 00:14:44 ----A---- C:\WINDOWS\system32\wsecedit.dll
2020-04-16 00:14:37 ----A---- C:\WINDOWS\system32\tcbloader.dll
2020-04-16 00:14:37 ----A---- C:\WINDOWS\system32\tcblaunch.exe
2020-04-16 00:14:37 ----A---- C:\WINDOWS\system32\securekernel.exe
2020-04-16 00:14:37 ----A---- C:\WINDOWS\system32\kdhvcom.dll
2020-04-16 00:14:37 ----A---- C:\WINDOWS\system32\hvix64.exe
2020-04-16 00:14:36 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2020-04-16 00:14:36 ----A---- C:\WINDOWS\SYSWOW64\scecli.dll
2020-04-16 00:14:36 ----A---- C:\WINDOWS\SYSWOW64\ntshrui.dll
2020-04-16 00:14:36 ----A---- C:\WINDOWS\system32\srumsvc.dll
2020-04-16 00:14:36 ----A---- C:\WINDOWS\system32\srumapi.dll
2020-04-16 00:14:36 ----A---- C:\WINDOWS\system32\hvloader.dll
2020-04-16 00:14:36 ----A---- C:\WINDOWS\system32\hvax64.exe
2020-04-16 00:14:36 ----A---- C:\WINDOWS\system32\drivers\hvservice.sys
2020-04-16 00:14:35 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2020-04-16 00:14:35 ----A---- C:\WINDOWS\SYSWOW64\t2embed.dll
2020-04-16 00:14:35 ----A---- C:\WINDOWS\SYSWOW64\GdiPlus.dll
2020-04-16 00:14:35 ----A---- C:\WINDOWS\SYSWOW64\gdi32full.dll
2020-04-16 00:14:35 ----A---- C:\WINDOWS\SYSWOW64\DMAlertListener.ProxyStub.dll
2020-04-16 00:14:34 ----A---- C:\WINDOWS\SYSWOW64\Windows.Internal.Management.dll
2020-04-16 00:14:34 ----A---- C:\WINDOWS\SYSWOW64\msimg32.dll
2020-04-16 00:14:34 ----A---- C:\WINDOWS\SYSWOW64\mf3216.dll
2020-04-16 00:14:34 ----A---- C:\WINDOWS\SYSWOW64\lpk.dll
2020-04-16 00:14:34 ----A---- C:\WINDOWS\SYSWOW64\fontsub.dll
2020-04-16 00:14:34 ----A---- C:\WINDOWS\SYSWOW64\fontdrvhost.exe
2020-04-16 00:14:34 ----A---- C:\WINDOWS\SYSWOW64\dciman32.dll
2020-04-16 00:14:33 ----A---- C:\WINDOWS\SYSWOW64\winhttp.dll
2020-04-16 00:14:33 ----A---- C:\WINDOWS\SYSWOW64\windowsperformancerecordercontrol.dll
2020-04-16 00:14:33 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Protection.PlayReady.dll
2020-04-16 00:14:33 ----A---- C:\WINDOWS\SYSWOW64\SHCore.dll
2020-04-16 00:14:33 ----A---- C:\WINDOWS\SYSWOW64\netlogon.dll
2020-04-16 00:14:33 ----A---- C:\WINDOWS\SYSWOW64\logoncli.dll
2020-04-16 00:14:33 ----A---- C:\WINDOWS\SYSWOW64\es.dll
2020-04-16 00:14:33 ----A---- C:\WINDOWS\SYSWOW64\dcomp.dll
2020-04-16 00:14:33 ----A---- C:\WINDOWS\SYSWOW64\aepic.dll
2020-04-16 00:14:32 ----A---- C:\WINDOWS\SYSWOW64\Windows.Storage.ApplicationData.dll
2020-04-16 00:14:32 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.Custom.ps.dll
2020-04-16 00:14:32 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.Custom.dll
2020-04-16 00:14:32 ----A---- C:\WINDOWS\SYSWOW64\win32u.dll
2020-04-16 00:14:32 ----A---- C:\WINDOWS\SYSWOW64\win32kfull.sys
2020-04-16 00:14:32 ----A---- C:\WINDOWS\SYSWOW64\win32k.sys
2020-04-16 00:14:32 ----A---- C:\WINDOWS\SYSWOW64\user32.dll
2020-04-16 00:14:32 ----A---- C:\WINDOWS\SYSWOW64\updatepolicy.dll
2020-04-16 00:14:32 ----A---- C:\WINDOWS\SYSWOW64\deviceaccess.dll
2020-04-16 00:14:31 ----A---- C:\WINDOWS\SYSWOW64\wpnapps.dll
2020-04-16 00:14:31 ----A---- C:\WINDOWS\SYSWOW64\Windows.Networking.Vpn.dll
2020-04-16 00:14:31 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.Enumeration.dll
2020-04-16 00:14:31 ----A---- C:\WINDOWS\SYSWOW64\webservices.dll
2020-04-16 00:14:31 ----A---- C:\WINDOWS\SYSWOW64\OneCoreUAPCommonProxyStub.dll
2020-04-16 00:14:31 ----A---- C:\WINDOWS\SYSWOW64\kerberos.dll
2020-04-16 00:14:31 ----A---- C:\WINDOWS\SYSWOW64\KerbClientShared.dll
2020-04-16 00:14:31 ----A---- C:\WINDOWS\SYSWOW64\InstallServiceTasks.dll
2020-04-16 00:14:31 ----A---- C:\WINDOWS\SYSWOW64\cmintegrator.dll
2020-04-16 00:14:31 ----A---- C:\WINDOWS\SYSWOW64\AppXDeploymentClient.dll
2020-04-16 00:14:30 ----A---- C:\WINDOWS\SYSWOW64\WindowsCodecs.dll
2020-04-16 00:14:30 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Input.Inking.dll
2020-04-16 00:14:30 ----A---- C:\WINDOWS\SYSWOW64\MbaeApiPublic.dll
2020-04-16 00:14:30 ----A---- C:\WINDOWS\SYSWOW64\InstallService.dll
2020-04-16 00:14:30 ----A---- C:\WINDOWS\SYSWOW64\aadtb.dll
2020-04-16 00:14:29 ----A---- C:\WINDOWS\SYSWOW64\wksprtPS.dll
2020-04-16 00:14:29 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.dll
2020-04-16 00:14:29 ----A---- C:\WINDOWS\SYSWOW64\TSWorkspace.dll
2020-04-16 00:14:29 ----A---- C:\WINDOWS\SYSWOW64\kernel32.dll
2020-04-16 00:14:28 ----A---- C:\WINDOWS\SYSWOW64\WpcWebFilter.dll
2020-04-16 00:14:28 ----A---- C:\WINDOWS\SYSWOW64\Wpc.dll
2020-04-16 00:14:28 ----A---- C:\WINDOWS\SYSWOW64\Windows.Security.Authentication.Web.Core.dll
2020-04-16 00:14:28 ----A---- C:\WINDOWS\SYSWOW64\TokenBrokerCookies.exe
2020-04-16 00:14:28 ----A---- C:\WINDOWS\SYSWOW64\TokenBroker.dll
2020-04-16 00:14:28 ----A---- C:\WINDOWS\SYSWOW64\tbauth.dll
2020-04-16 00:14:28 ----A---- C:\WINDOWS\SYSWOW64\taskschd.dll
2020-04-16 00:14:28 ----A---- C:\WINDOWS\SYSWOW64\sppcext.dll
2020-04-16 00:14:28 ----A---- C:\WINDOWS\SYSWOW64\sppc.dll
2020-04-16 00:14:28 ----A---- C:\WINDOWS\SYSWOW64\slcext.dll
2020-04-16 00:14:28 ----A---- C:\WINDOWS\SYSWOW64\slc.dll
2020-04-16 00:14:28 ----A---- C:\WINDOWS\SYSWOW64\ntdll.dll
2020-04-16 00:14:28 ----A---- C:\WINDOWS\SYSWOW64\msctf.dll
2020-04-16 00:14:28 ----A---- C:\WINDOWS\SYSWOW64\dot3msm.dll
2020-04-16 00:14:28 ----A---- C:\WINDOWS\SYSWOW64\dot3api.dll
2020-04-16 00:14:28 ----A---- C:\WINDOWS\SYSWOW64\CloudNotifications.exe
2020-04-16 00:14:28 ----A---- C:\WINDOWS\SYSWOW64\advapi32.dll
2020-04-16 00:14:27 ----A---- C:\WINDOWS\SYSWOW64\FlightSettings.dll
2020-04-16 00:14:27 ----A---- C:\WINDOWS\SYSWOW64\BTAGService.dll
2020-04-16 00:14:22 ----A---- C:\WINDOWS\system32\vbscript.dll
2020-04-16 00:14:22 ----A---- C:\WINDOWS\system32\scecli.dll
2020-04-16 00:14:22 ----A---- C:\WINDOWS\system32\rasmans.dll
2020-04-16 00:14:22 ----A---- C:\WINDOWS\system32\rascustom.dll
2020-04-16 00:14:22 ----A---- C:\WINDOWS\system32\LsaIso.exe
2020-04-16 00:14:22 ----A---- C:\WINDOWS\system32\iumcrypt.dll
2020-04-16 00:14:22 ----A---- C:\WINDOWS\system32\ipnathlp.dll
2020-04-16 00:14:22 ----A---- C:\WINDOWS\system32\icsunattend.exe
2020-04-16 00:14:21 ----A---- C:\WINDOWS\system32\SettingsHandlers_nt.dll
2020-04-16 00:14:20 ----A---- C:\WINDOWS\system32\LanguageComponentsInstaller.dll
2020-04-16 00:14:19 ----A---- C:\WINDOWS\system32\wininet.dll
2020-04-16 00:14:19 ----A---- C:\WINDOWS\system32\t2embed.dll
2020-04-16 00:14:19 ----A---- C:\WINDOWS\system32\GdiPlus.dll
2020-04-16 00:14:19 ----A---- C:\WINDOWS\system32\gdi32full.dll
2020-04-16 00:14:19 ----A---- C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2020-04-16 00:14:18 ----A---- C:\WINDOWS\system32\Windows.Internal.Management.dll
2020-04-16 00:14:18 ----A---- C:\WINDOWS\system32\omadmclient.exe
2020-04-16 00:14:18 ----A---- C:\WINDOWS\system32\enterprisecsps.dll
2020-04-16 00:14:07 ----A---- C:\WINDOWS\system32\wuuhext.dll
2020-04-16 00:14:07 ----A---- C:\WINDOWS\system32\wow64win.dll
2020-04-16 00:14:07 ----A---- C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-04-16 00:14:07 ----A---- C:\WINDOWS\system32\msimg32.dll
2020-04-16 00:14:07 ----A---- C:\WINDOWS\system32\mf3216.dll
2020-04-16 00:14:07 ----A---- C:\WINDOWS\system32\fontsub.dll
2020-04-16 00:14:07 ----A---- C:\WINDOWS\system32\fontdrvhost.exe
2020-04-16 00:14:07 ----A---- C:\WINDOWS\system32\drivers\srv2.sys
2020-04-16 00:14:07 ----A---- C:\WINDOWS\system32\drivers\rdbss.sys
2020-04-16 00:14:07 ----A---- C:\WINDOWS\system32\drivers\mrxsmb.sys
2020-04-16 00:14:06 ----A---- C:\WINDOWS\SYSWOW64\KernelBase.dll
2020-04-16 00:14:06 ----A---- C:\WINDOWS\system32\netlogon.dll
2020-04-16 00:14:06 ----A---- C:\WINDOWS\system32\lpk.dll
2020-04-16 00:14:06 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2020-04-16 00:14:06 ----A---- C:\WINDOWS\system32\drivers\FWPKCLNT.SYS
2020-04-16 00:14:06 ----A---- C:\WINDOWS\system32\dciman32.dll
2020-04-16 00:14:05 ----A---- C:\WINDOWS\system32\smss.exe
2020-04-16 00:14:05 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2020-04-16 00:14:05 ----A---- C:\WINDOWS\system32\KernelBase.dll
2020-04-16 00:14:05 ----A---- C:\WINDOWS\system32\drivers\partmgr.sys
2020-04-16 00:14:04 ----A---- C:\WINDOWS\system32\ntdll.dll
2020-04-16 00:14:04 ----A---- C:\WINDOWS\system32\hal.dll
2020-04-16 00:14:04 ----A---- C:\WINDOWS\system32\drivers\hwpolicy.sys
2020-04-16 00:14:03 ----A---- C:\WINDOWS\system32\wpr.exe
2020-04-16 00:14:03 ----A---- C:\WINDOWS\system32\windowsperformancerecordercontrol.dll
2020-04-16 00:14:03 ----A---- C:\WINDOWS\system32\utcutil.dll
2020-04-16 00:14:03 ----A---- C:\WINDOWS\system32\runexehelper.exe
2020-04-16 00:14:03 ----A---- C:\WINDOWS\system32\pacjsworker.exe
2020-04-16 00:14:03 ----A---- C:\WINDOWS\system32\drivers\http.sys
2020-04-16 00:14:03 ----A---- C:\WINDOWS\system32\diagtrack.dll
2020-04-16 00:14:02 ----A---- C:\WINDOWS\system32\wksprtPS.dll
2020-04-16 00:14:02 ----A---- C:\WINDOWS\system32\winhttp.dll
2020-04-16 00:14:02 ----A---- C:\WINDOWS\system32\TSWorkspace.dll
2020-04-16 00:14:02 ----A---- C:\WINDOWS\system32\samsrv.dll
2020-04-16 00:14:02 ----A---- C:\WINDOWS\system32\samlib.dll
2020-04-16 00:14:02 ----A---- C:\WINDOWS\system32\rpcss.dll
2020-04-16 00:14:02 ----A---- C:\WINDOWS\system32\offlinesam.dll
2020-04-16 00:14:02 ----A---- C:\WINDOWS\system32\logoncli.dll
2020-04-16 00:14:02 ----A---- C:\WINDOWS\system32\DeviceCensus.exe
2020-04-16 00:14:02 ----A---- C:\WINDOWS\system32\dcntel.dll
2020-04-16 00:14:02 ----A---- C:\WINDOWS\system32\aepic.dll
2020-04-16 00:14:01 ----A---- C:\WINDOWS\system32\UpgradeResultsUI.exe
2020-04-16 00:14:01 ----A---- C:\WINDOWS\system32\taskschd.dll
2020-04-16 00:14:01 ----A---- C:\WINDOWS\system32\sxssrv.dll
2020-04-16 00:14:01 ----A---- C:\WINDOWS\system32\sppcommdlg.dll
2020-04-16 00:14:01 ----A---- C:\WINDOWS\system32\sppcext.dll
2020-04-16 00:14:01 ----A---- C:\WINDOWS\system32\sppc.dll
2020-04-16 00:14:01 ----A---- C:\WINDOWS\system32\slcext.dll
2020-04-16 00:14:01 ----A---- C:\WINDOWS\system32\slc.dll
2020-04-16 00:14:01 ----A---- C:\WINDOWS\system32\phoneactivate.exe
2020-04-16 00:14:01 ----A---- C:\WINDOWS\system32\msctf.dll
2020-04-16 00:14:01 ----A---- C:\WINDOWS\system32\LicensingUI.exe
2020-04-16 00:14:01 ----A---- C:\WINDOWS\system32\changepk.exe
2020-04-16 00:14:00 ----A---- C:\WINDOWS\system32\sppsvc.exe
2020-04-16 00:13:59 ----A---- C:\WINDOWS\system32\uDWM.dll
2020-04-16 00:13:59 ----A---- C:\WINDOWS\system32\ntshrui.dll
2020-04-16 00:13:59 ----A---- C:\WINDOWS\system32\dwmcore.dll
2020-04-16 00:13:59 ----A---- C:\WINDOWS\system32\dcomp.dll
2020-04-16 00:13:56 ----A---- C:\WINDOWS\system32\es.dll
2020-04-16 00:13:55 ----A---- C:\WINDOWS\system32\winload.exe
2020-04-16 00:13:55 ----A---- C:\WINDOWS\system32\Win32CompatibilityAppraiserCSP.dll
2020-04-16 00:13:55 ----A---- C:\WINDOWS\system32\generaltel.dll
2020-04-16 00:13:55 ----A---- C:\WINDOWS\system32\devinv.dll
2020-04-16 00:13:55 ----A---- C:\WINDOWS\system32\CompatTelRunner.exe
2020-04-16 00:13:55 ----A---- C:\WINDOWS\system32\acmigration.dll
2020-04-16 00:13:54 ----A---- C:\WINDOWS\system32\win32appinventorycsp.dll
2020-04-16 00:13:54 ----A---- C:\WINDOWS\system32\pcasvc.dll
2020-04-16 00:13:54 ----A---- C:\WINDOWS\system32\pcalua.exe
2020-04-16 00:13:54 ----A---- C:\WINDOWS\system32\pcaevts.dll
2020-04-16 00:13:54 ----A---- C:\WINDOWS\system32\pcadm.dll
2020-04-16 00:13:54 ----A---- C:\WINDOWS\system32\invagent.dll
2020-04-16 00:13:54 ----A---- C:\WINDOWS\system32\appraiser.dll
2020-04-16 00:13:54 ----A---- C:\WINDOWS\system32\aitstatic.exe
2020-04-16 00:13:54 ----A---- C:\WINDOWS\system32\aeinv.dll
2020-04-16 00:13:53 ----A---- C:\WINDOWS\system32\SettingsHandlers_Language.dll
2020-04-16 00:13:46 ----A---- C:\WINDOWS\system32\twinui.pcshell.dll
2020-04-16 00:13:45 ----A---- C:\WINDOWS\system32\usocoreworker.exe
2020-04-16 00:13:45 ----A---- C:\WINDOWS\system32\SHCore.dll
2020-04-16 00:13:45 ----A---- C:\WINDOWS\system32\MusUpdateHandlers.dll
2020-04-16 00:13:45 ----A---- C:\WINDOWS\system32\MusNotifyIcon.exe
2020-04-16 00:13:45 ----A---- C:\WINDOWS\system32\MusNotificationUx.exe
2020-04-16 00:13:45 ----A---- C:\WINDOWS\system32\MusNotification.exe
2020-04-16 00:13:44 ----A---- C:\WINDOWS\system32\win32u.dll
2020-04-16 00:13:44 ----A---- C:\WINDOWS\system32\win32kfull.sys
2020-04-16 00:13:44 ----A---- C:\WINDOWS\system32\win32k.sys
2020-04-16 00:13:44 ----A---- C:\WINDOWS\system32\wevtsvc.dll
2020-04-16 00:13:44 ----A---- C:\WINDOWS\system32\user32.dll
2020-04-16 00:13:44 ----A---- C:\WINDOWS\system32\policymanagerprecheck.dll
2020-04-16 00:13:43 ----A---- C:\WINDOWS\system32\wpncore.dll
2020-04-16 00:13:43 ----A---- C:\WINDOWS\system32\wpnapps.dll
2020-04-16 00:13:43 ----A---- C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2020-04-16 00:13:43 ----A---- C:\WINDOWS\system32\VPNv2CSP.dll
2020-04-16 00:13:43 ----A---- C:\WINDOWS\system32\sbservicetrigger.dll
2020-04-16 00:13:43 ----A---- C:\WINDOWS\system32\ncbservice.dll
2020-04-16 00:13:43 ----A---- C:\WINDOWS\system32\keepaliveprovider.dll
2020-04-16 00:13:43 ----A---- C:\WINDOWS\system32\cmintegrator.dll
2020-04-16 00:13:42 ----A---- C:\WINDOWS\system32\webservices.dll
2020-04-16 00:13:42 ----A---- C:\WINDOWS\system32\WaaSMedicSvc.dll
2020-04-16 00:13:42 ----A---- C:\WINDOWS\system32\WaaSMedicPS.dll
2020-04-16 00:13:42 ----A---- C:\WINDOWS\system32\WaaSMedicCapsule.dll
2020-04-16 00:13:42 ----A---- C:\WINDOWS\system32\WaaSMedicAgent.exe
2020-04-16 00:13:42 ----A---- C:\WINDOWS\system32\kerberos.dll
2020-04-16 00:13:42 ----A---- C:\WINDOWS\system32\KerbClientShared.dll
2020-04-16 00:13:42 ----A---- C:\WINDOWS\system32\InstallServiceTasks.dll
2020-04-16 00:13:42 ----A---- C:\WINDOWS\system32\InstallService.dll
2020-04-16 00:13:42 ----A---- C:\WINDOWS\system32\AppXDeploymentClient.dll
2020-04-16 00:13:41 ----A---- C:\WINDOWS\system32\WindowsCodecs.dll
2020-04-16 00:13:41 ----A---- C:\WINDOWS\system32\MbaeApiPublic.dll
2020-04-16 00:13:41 ----A---- C:\WINDOWS\system32\dosvc.dll
2020-04-16 00:13:41 ----A---- C:\WINDOWS\system32\domgmt.dll
2020-04-16 00:13:33 ----A---- C:\WINDOWS\system32\wups2.dll
2020-04-16 00:13:33 ----A---- C:\WINDOWS\system32\wuaueng.dll
2020-04-16 00:13:33 ----A---- C:\WINDOWS\system32\wuauclt.exe
2020-04-16 00:13:33 ----A---- C:\WINDOWS\system32\win32kbase.sys
2020-04-16 00:13:33 ----A---- C:\WINDOWS\system32\updatepolicy.dll
2020-04-16 00:13:33 ----A---- C:\WINDOWS\system32\UpdateDeploymentProvider.dll
2020-04-16 00:13:32 ----A---- C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2020-04-16 00:13:32 ----A---- C:\WINDOWS\system32\Windows.Devices.Custom.ps.dll
2020-04-16 00:13:32 ----A---- C:\WINDOWS\system32\Windows.Devices.Custom.dll
2020-04-16 00:13:32 ----A---- C:\WINDOWS\system32\drivers\dxgmms2.sys
2020-04-16 00:13:32 ----A---- C:\WINDOWS\system32\drivers\dxgmms1.sys
2020-04-16 00:13:32 ----A---- C:\WINDOWS\system32\drivers\dxgkrnl.sys
2020-04-16 00:13:32 ----A---- C:\WINDOWS\system32\deviceaccess.dll
2020-04-16 00:13:32 ----A---- C:\WINDOWS\system32\cdd.dll
2020-04-16 00:13:31 ----A---- C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2020-04-16 00:13:31 ----A---- C:\WINDOWS\system32\Windows.Devices.Enumeration.dll
2020-04-16 00:13:31 ----A---- C:\WINDOWS\system32\Windows.CloudStore.dll
2020-04-16 00:13:31 ----A---- C:\WINDOWS\system32\TokenBrokerCookies.exe
2020-04-16 00:13:31 ----A---- C:\WINDOWS\system32\TokenBroker.dll
2020-04-16 00:13:31 ----A---- C:\WINDOWS\system32\tbauth.dll
2020-04-16 00:13:31 ----A---- C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2020-04-16 00:13:31 ----A---- C:\WINDOWS\system32\cloudAP.dll
2020-04-16 00:13:31 ----A---- C:\WINDOWS\system32\aadtb.dll
2020-04-16 00:13:30 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.Resources.Common.dll
2020-04-16 00:13:30 ----A---- C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2020-04-16 00:13:30 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-04-16 00:13:29 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll
2020-04-16 00:13:29 ----A---- C:\WINDOWS\system32\kernel32.dll
2020-04-16 00:13:25 ----A---- C:\WINDOWS\system32\WiredNetworkCSP.dll
2020-04-16 00:13:25 ----A---- C:\WINDOWS\system32\dot3svc.dll
2020-04-16 00:13:25 ----A---- C:\WINDOWS\system32\dot3msm.dll
2020-04-16 00:13:25 ----A---- C:\WINDOWS\system32\dot3api.dll
2020-04-16 00:13:24 ----A---- C:\WINDOWS\system32\WpcProxyStubs.dll
2020-04-16 00:13:24 ----A---- C:\WINDOWS\system32\WpcMon.exe
2020-04-16 00:13:24 ----A---- C:\WINDOWS\system32\WpcDesktopMonSvc.dll
2020-04-16 00:13:24 ----A---- C:\WINDOWS\system32\WpcApi.dll
2020-04-16 00:13:24 ----A---- C:\WINDOWS\system32\Wpc.dll
2020-04-16 00:13:24 ----A---- C:\WINDOWS\system32\UtcDecoderHost.exe
2020-04-16 00:13:24 ----A---- C:\WINDOWS\system32\CloudNotifications.exe
2020-04-16 00:13:24 ----A---- C:\WINDOWS\system32\advapi32.dll
2020-04-16 00:13:23 ----A---- C:\WINDOWS\system32\WpcTok.exe
2020-04-16 00:13:23 ----A---- C:\WINDOWS\system32\WpcRefreshTask.dll
2020-04-16 00:13:23 ----A---- C:\WINDOWS\system32\FlightSettings.dll
2020-04-16 00:13:23 ----A---- C:\WINDOWS\system32\drivers\winnat.sys
2020-04-16 00:13:23 ----A---- C:\WINDOWS\system32\drivers\storport.sys
2020-04-16 00:13:22 ----A---- C:\WINDOWS\system32\SpatialAudioLicenseSrv.exe
2020-04-16 00:13:22 ----A---- C:\WINDOWS\system32\audiosrv.dll
2020-04-16 00:13:22 ----A---- C:\WINDOWS\system32\audioresourceregistrar.dll
2020-04-16 00:13:22 ----A---- C:\WINDOWS\system32\AUDIOKSE.dll
2020-04-16 00:13:22 ----A---- C:\WINDOWS\system32\AudioEndpointBuilder.dll
2020-04-16 00:13:22 ----A---- C:\WINDOWS\system32\audiodg.exe
2020-04-16 00:13:21 ----A---- C:\WINDOWS\system32\wwansvc.dll
2020-04-16 00:13:21 ----A---- C:\WINDOWS\system32\wwanprotdim.dll
2020-04-16 00:13:21 ----A---- C:\WINDOWS\system32\Windows.Management.Service.dll
2020-04-16 00:13:21 ----A---- C:\WINDOWS\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
2020-04-16 00:13:21 ----A---- C:\WINDOWS\system32\umpo.dll
2020-04-16 00:13:21 ----A---- C:\WINDOWS\system32\remoteaudioendpoint.dll
2020-04-16 00:13:21 ----A---- C:\WINDOWS\system32\drivers\KNetPwrDepBroker.sys
2020-04-16 00:13:21 ----A---- C:\WINDOWS\system32\BTAGService.dll
2020-04-16 00:13:21 ----A---- C:\WINDOWS\system32\autopilot.dll
2020-04-16 00:13:21 ----A---- C:\WINDOWS\system32\AudioSes.dll
2020-04-16 00:13:21 ----A---- C:\WINDOWS\system32\AudioEng.dll
2020-04-16 00:13:19 ----A---- C:\WINDOWS\system32\tellib.dll
2020-04-16 00:13:11 ----A---- C:\WINDOWS\system32\drivers\storufs.sys
2020-04-16 00:13:11 ----A---- C:\WINDOWS\system32\drivers\sdbus.sys
2020-04-16 00:13:11 ----A---- C:\WINDOWS\system32\drivers\scmbus.sys
2020-04-16 00:13:11 ----A---- C:\WINDOWS\system32\drivers\pci.sys
2020-04-16 00:13:11 ----A---- C:\WINDOWS\system32\drivers\dumpsd.sys
2020-04-16 00:13:10 ----A---- C:\WINDOWS\system32\drivers\volmgr.sys
2020-04-16 00:13:10 ----A---- C:\WINDOWS\system32\drivers\sfloppy.sys
2020-04-16 00:13:10 ----A---- C:\WINDOWS\system32\drivers\flpydisk.sys
2020-04-15 23:42:50 ----A---- C:\WINDOWS\SYSWOW64\poqexec.exe
2020-04-15 23:42:50 ----A---- C:\WINDOWS\system32\poqexec.exe
======List of files/folders modified in the last 1 month======
2020-05-09 02:49:52 ----D---- C:\WINDOWS\Prefetch
2020-05-09 02:49:43 ----RD---- C:\Program Files
2020-05-09 02:48:13 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2020-05-09 02:42:56 ----D---- C:\WINDOWS\Temp
2020-05-09 02:39:50 ----D---- C:\WINDOWS\system32\drivers
2020-05-09 02:38:57 ----HD---- C:\WINDOWS\ELAMBKUP
2020-05-09 02:38:34 ----D---- C:\ProgramData\Malwarebytes
2020-05-09 02:36:25 ----D---- C:\WINDOWS\system32\catroot2
2020-05-09 02:31:15 ----D---- C:\ProgramData\NVIDIA
2020-05-09 02:29:46 ----D---- C:\Program Files (x86)\Steam
2020-05-09 02:27:42 ----D---- C:\Users\Radek\AppData\Roaming\discord
2020-05-09 02:02:00 ----D---- C:\WINDOWS\system32\sru
2020-05-08 23:47:44 ----HD---- C:\Program Files\WindowsApps
2020-05-08 23:47:40 ----D---- C:\WINDOWS\AppReadiness
2020-05-08 22:51:01 ----D---- C:\WINDOWS\system32\SleepStudy
2020-05-08 18:31:33 ----RD---- C:\WINDOWS\Microsoft.NET
2020-05-08 10:40:32 ----SHD---- C:\System Volume Information
2020-05-07 13:27:45 ----D---- C:\Users\Radek\AppData\Roaming\obs-studio
2020-05-07 12:00:00 ----D---- C:\WINDOWS\system32\LogFiles
2020-05-04 16:15:00 ----D---- C:\WINDOWS\system32\DriverStore
2020-05-04 16:14:59 ----D---- C:\WINDOWS\System32
2020-05-04 16:14:59 ----D---- C:\WINDOWS\INF
2020-05-03 22:16:34 ----D---- C:\WINDOWS\system32\WDI
2020-05-03 22:10:02 ----D---- C:\WINDOWS\SysWOW64
2020-05-03 22:09:00 ----D---- C:\Windows
2020-05-03 21:32:40 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2020-05-03 21:29:49 ----D---- C:\ProgramData\NVIDIA Corporation
2020-05-03 21:29:40 ----D---- C:\WINDOWS\system32\Tasks
2020-05-03 21:29:17 ----D---- C:\Program Files\NVIDIA Corporation
2020-05-03 21:29:17 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2020-05-03 16:42:19 ----D---- C:\ProgramData\VirtualBox
2020-05-02 19:37:57 ----SHDC---- C:\WINDOWS\Installer
2020-05-02 19:35:24 ----D---- C:\Program Files (x86)\Microsoft Office
2020-05-02 04:16:04 ----D---- C:\Users\Radek\AppData\Roaming\qBittorrent
2020-05-01 21:21:49 ----RSD---- C:\WINDOWS\assembly
2020-05-01 21:21:08 ----D---- C:\WINDOWS\Logs
2020-05-01 20:20:31 ----RD---- C:\Program Files (x86)
2020-05-01 07:02:30 ----D---- C:\WINDOWS\system32\drivers\wd
2020-04-26 09:16:31 ----D---- C:\WINDOWS\system32\config
2020-04-18 09:38:08 ----D---- C:\WINDOWS\WinSxS
2020-04-16 21:53:40 ----SH---- C:\Program Files\desktop.ini
2020-04-16 21:53:22 ----D---- C:\Riot Games
2020-04-16 06:44:23 ----D---- C:\WINDOWS\system32\CatRoot
2020-04-16 06:43:10 ----D---- C:\WINDOWS\SYSWOW64\en-US
2020-04-16 06:43:10 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2020-04-16 06:43:05 ----D---- C:\WINDOWS\SystemResources
2020-04-16 06:43:03 ----D---- C:\WINDOWS\system32\wbem
2020-04-16 06:43:03 ----D---- C:\WINDOWS\system32\PerceptionSimulation
2020-04-16 06:43:03 ----D---- C:\WINDOWS\system32\migwiz
2020-04-16 06:43:03 ----D---- C:\WINDOWS\system32\migration
2020-04-16 06:43:03 ----D---- C:\WINDOWS\system32\en-US
2020-04-16 06:43:03 ----D---- C:\WINDOWS\system32\de-DE
2020-04-16 06:43:03 ----D---- C:\WINDOWS\system32\cs-CZ
2020-04-16 06:43:03 ----D---- C:\WINDOWS\system32\Boot
2020-04-16 06:43:02 ----D---- C:\WINDOWS\ShellExperiences
2020-04-16 06:43:02 ----D---- C:\WINDOWS\Provisioning
2020-04-16 06:43:02 ----D---- C:\WINDOWS\PolicyDefinitions
2020-04-16 06:43:02 ----D---- C:\WINDOWS\bcastdvr
2020-04-16 06:43:02 ----D---- C:\WINDOWS\apppatch
2020-04-16 06:43:02 ----D---- C:\Program Files\Windows Defender Advanced Threat Protection
2020-04-16 00:19:54 ----D---- C:\WINDOWS\CbsTemp
2020-04-15 15:28:32 ----D---- C:\WINDOWS\system32\Macromed
2020-04-15 15:28:30 ----D---- C:\WINDOWS\SYSWOW64\Macromed
2020-04-11 23:55:16 ----A---- C:\WINDOWS\SYSWOW64\OpenCL.dll
2020-04-11 23:54:34 ----A---- C:\WINDOWS\SYSWOW64\nvptxJitCompiler.dll
2020-04-11 23:53:24 ----A---- C:\WINDOWS\SYSWOW64\nvEncodeAPI.dll
2020-04-11 23:52:00 ----A---- C:\WINDOWS\system32\nvapi64.dll
2020-04-11 23:51:58 ----A---- C:\WINDOWS\SYSWOW64\nvapi.dll
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2015-11-12 1467912]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\WINDOWS\system32\drivers\iorate.sys [2019-03-19 56632]
R0 MsSecFlt;@%SystemRoot%\System32\Drivers\mssecflt.sys,-1001; C:\WINDOWS\system32\drivers\mssecflt.sys [2020-03-16 254776]
R1 afunix;afunix; C:\WINDOWS\system32\drivers\afunix.sys [2020-03-16 40960]
R1 AsIO;AsIO; C:\WINDOWS\SysWow64\drivers\AsIO.sys [2014-09-09 15232]
R1 bam;@%SystemRoot%\system32\drivers\bam.sys,-100; C:\WINDOWS\system32\drivers\bam.sys [2019-03-19 70456]
R1 ESProtectionDriver;Malwarebytes Anti-Exploit; \??\C:\WINDOWS\system32\drivers\mbae64.sys [2020-05-09 153312]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2019-03-19 59392]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2019-03-19 8704]
R1 ndextlag;@oem44.inf,%ndextlag_Desc%;ExitLag Game Booster; C:\WINDOWS\system32\DRIVERS\ndextlag.sys [2018-04-11 48640]
R2 CldFlt;Windows Cloud Files Filter Driver; C:\WINDOWS\system32\drivers\cldflt.sys [2020-03-16 457216]
R2 CorsairLLAccess3B84E98236B28D4E075D5737DF9F567A1FB76E8A;CorsairLLAccess3B84E98236B28D4E075D5737DF9F567A1FB76E8A; \??\C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\CorsairLLAccess64.sys [2020-02-24 21752]
R2 MBAMChameleon;MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [2020-05-09 214496]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2019-03-19 53760]
R3 bindflt;@%systemroot%\system32\drivers\bindflt.sys,-100; C:\WINDOWS\system32\drivers\bindflt.sys [2020-02-15 117264]
R3 CorsairVBusDriver;@oem27.inf,%dev.SVCDESC%;Corsair Bus; C:\WINDOWS\System32\drivers\CorsairVBusDriver.sys [2019-11-14 45968]
R3 CorsairVHidDriver;@oem20.inf,%dev.SVCDESC%;Corsair virtual device; C:\WINDOWS\System32\drivers\CorsairVHidDriver.sys [2019-11-14 21904]
R3 cpuz149;cpuz149; \??\C:\WINDOWS\temp\cpuz149\cpuz149_x64.sys [2020-05-08 44320]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2016-12-22 5276168]
R3 keyboard;Keyboard Upper Filter Driver; C:\WINDOWS\system32\drivers\keyboard.sys [2019-07-03 18536]
R3 kvnet;@oem49.inf,%kvnet.Service.DispName%;Kerio Virtual Network Adapter; C:\WINDOWS\System32\drivers\kvnet.sys [2018-08-28 48552]
R3 lvrs64;@oem51.inf,%lvrs.SrvDesc%;Logitech RightSound Filter Driver; C:\WINDOWS\system32\DRIVERS\lvrs64.sys [2012-10-26 351520]
R3 LVUVC64;@oem17.inf,%PID_0825_DD%(UVC);Logitech HD Webcam C270(UVC); C:\WINDOWS\system32\DRIVERS\lvuvc64.sys [2012-10-26 4758176]
R3 MBAMFarflt;MBAMFarflt; C:\WINDOWS\system32\DRIVERS\farflt.sys [2020-05-09 195432]
R3 MBAMProtection;MBAMProtection; \??\C:\WINDOWS\system32\DRIVERS\mbam.sys [2020-05-09 73368]
R3 MBAMSwissArmy;MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [2020-05-09 248968]
R3 MBAMWebProtection;MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [2020-05-09 125088]
R3 MEIx64;@oem13.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys [2018-05-06 228992]
R3 mouse;Mouse Upper Filter Driver; C:\WINDOWS\system32\drivers\mouse.sys [2019-07-03 18536]
R3 NVHDA;@oem46.inf,%NVHDA.SvcDesc%;Service for NVIDIA High Definition Audio Driver; C:\WINDOWS\system32\drivers\nvhda64v.sys [2020-03-18 223120]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_9952681a7bb1dfac\nvlddmkm.sys [2020-04-11 23446968]
R3 nvvad_WaveExtensible;@oem33.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\WINDOWS\system32\drivers\nvvad64v.sys [2019-03-19 69840]
R3 nvvhci;@oem56.inf,%ServiceDesc%;NVVHCI Enumerator Service; C:\WINDOWS\System32\drivers\nvvhci.sys [2020-03-11 67456]
R3 rt640x64;@oem9.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver; C:\WINDOWS\System32\drivers\rt640x64.sys [2015-07-15 887552]
R3 RtsUpx;RtsUpx Driver; \??\C:\WINDOWS\system32\drivers\RtsUpx.sys [2018-05-06 30328]
S0 bttflt;@virtdisk.inf,%service_desc%;Microsoft Hyper-V VHDPMEM BTT Filter; C:\WINDOWS\System32\drivers\bttflt.sys [2019-03-19 42808]
S0 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2019-03-19 319528]
S0 iaStorAVC;@iastorav.inf,%iaStorAVC.DeviceDesc%;Intel Chipset SATA RAID Controller; C:\WINDOWS\System32\drivers\iaStorAVC.sys [2019-03-19 885048]
S0 ItSas35i;ItSas35i; C:\WINDOWS\System32\drivers\ItSas35i.sys [2019-03-19 148520]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2019-03-19 124448]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2019-03-19 128528]
S0 MbamElam;MbamElam; C:\WINDOWS\system32\DRIVERS\MbamElam.sys [2020-05-09 20936]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2019-03-19 75280]
S0 megasas35i;megasas35i; C:\WINDOWS\System32\drivers\megasas35i.sys [2019-03-19 94736]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2019-03-19 58896]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2019-03-19 68624]
S0 Ramdisk;Windows RAM Disk Driver; C:\WINDOWS\system32\DRIVERS\ramdisk.sys [2019-03-19 41784]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2019-03-19 20992]
S3 Acx01000;@%SystemRoot%\system32\drivers\Acx01000.sys,-1000; C:\WINDOWS\system32\drivers\Acx01000.sys [2020-03-16 337920]
S3 amdgpio2;@amdgpio2.inf,%GPIO.SvcDesc%;AMD GPIO Client Driver; C:\WINDOWS\System32\drivers\amdgpio2.sys [2019-03-19 18432]
S3 amdi2c;@amdi2c.inf,%amdi2c.SVCDESC%;AMD I2C Controller Service; C:\WINDOWS\System32\drivers\amdi2c.sys [2019-03-19 37888]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2019-11-17 18432]
S3 AppvStrm;@%systemroot%\system32\drivers\AppvStrm.sys,-101; C:\WINDOWS\system32\drivers\AppvStrm.sys [2020-02-15 138040]
S3 AppvVemgr;@%systemroot%\system32\drivers\AppvVemgr.sys,-101; C:\WINDOWS\system32\drivers\AppvVemgr.sys [2020-02-15 174392]
S3 AppvVfs;@%systemroot%\system32\drivers\AppvVfs.sys,-101; C:\WINDOWS\system32\drivers\AppvVfs.sys [2020-02-15 153912]
S3 BlueStacksDrv;BlueStacks Hypervisor; \??\C:\Program Files\BlueStacks\BstkDrv.sys [2019-08-01 313112]
S3 BthA2dp;@microsoft_bluetooth_a2dp.inf,%BthA2dp.ServiceDescription%;Microsoft Bluetooth A2dp driver; C:\WINDOWS\System32\drivers\BthA2dp.sys [2019-11-17 231936]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\WINDOWS\System32\drivers\BthEnum.sys [2020-03-16 114688]
S3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [2019-03-19 97280]
S3 BthMini;@bth.inf,%BTHMINI.SvcDesc%;Bluetooth Radio Driver; C:\WINDOWS\System32\drivers\BTHMINI.sys [2020-03-16 36864]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\WINDOWS\System32\drivers\BTHport.sys [2020-03-16 1428992]
S3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\WINDOWS\System32\drivers\BTHUSB.sys [2020-03-16 99328]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2019-03-19 43008]
S3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\WINDOWS\System32\drivers\CAD.sys [2019-03-19 64312]
S3 CompFilter64;UVCCompositeFilter; C:\WINDOWS\System32\drivers\lvbflt64.sys [2012-10-26 26784]
S3 dot4;@oem25.inf,%Dot4_Name%;MS IEEE-1284.4 Driver; C:\WINDOWS\system32\DRIVERS\Dot4.sys [2012-10-19 151968]
S3 Dot4Print;@oem8.inf,%Dot4Print_Name%;Print Class Driver for IEEE-1284.4; C:\WINDOWS\System32\drivers\Dot4Prt.sys [2012-10-19 27040]
S3 dot4usb;@oem25.inf,%DOT4USB_NAME%;Dot4USB Filter; C:\WINDOWS\system32\DRIVERS\dot4usb.sys [2012-10-19 49056]
S3 dtultrascsibus;DAEMON Tools Ultra Virtual SCSI Bus; C:\WINDOWS\System32\drivers\dtultrascsibus.sys [2019-08-17 42256]
S3 dtultrausbbus;DAEMON Tools Ultra Virtual USB Bus; C:\WINDOWS\System32\drivers\dtultrausbbus.sys [2019-08-17 59344]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\DriverStore\FileRepository\genericusbfn.inf_amd64_b9c53b80e63af230\genericusbfn.sys [2019-11-17 20992]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2019-03-19 53560]
S3 hidspi;@hidspi_km.inf,%hidspi.SVCDESC%;Microsoft SPI HID Miniport Driver; C:\WINDOWS\System32\drivers\hidspi.sys [2019-11-17 64000]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2020-04-16 84280]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver; C:\WINDOWS\System32\Drivers\mshwnclx.sys [2019-03-19 28672]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2019-03-19 1866768]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2019-03-19 36352]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2019-03-19 91136]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2019-03-19 79360]
S3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2019-03-19 93184]
S3 iaLPSS2i_GPIO2_CNL;@iaLPSS2i_GPIO2_CNL.inf,%iaLPSS2i_GPIO2_CNL.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_CNL.sys [2019-03-19 112128]
S3 iaLPSS2i_GPIO2_GLK;@iaLPSS2i_GPIO2_GLK.inf,%iaLPSS2i_GPIO2_GLK.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_GLK.sys [2019-03-19 96256]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2019-03-19 171520]
S3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2019-03-19 175104]
S3 iaLPSS2i_I2C_CNL;@iaLPSS2i_I2C_CNL.inf,%iaLPSS2i_I2C_CNL.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_CNL.sys [2019-03-19 180736]
S3 iaLPSS2i_I2C_GLK;@iaLPSS2i_I2C_GLK.inf,%iaLPSS2i_I2C_GLK.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_GLK.sys [2019-03-19 177664]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2019-03-19 566800]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2019-03-19 46592]
S3 intelpmax;@intelpmax.inf,%SvcDesc%;Intel Power Limit Driver; C:\WINDOWS\System32\drivers\intelpmax.sys [2019-03-19 28672]
S3 IPT;IPT; C:\WINDOWS\System32\drivers\ipt.sys [2019-03-19 54584]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\WINDOWS\System32\drivers\mausbhost.sys [2019-03-19 535864]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\WINDOWS\System32\drivers\mausbip.sys [2019-03-19 62264]
S3 MbbCx;MBB Network Adapter Class Extension; C:\WINDOWS\system32\drivers\MbbCx.sys [2019-11-17 359424]
S3 Microsoft_Bluetooth_AvrcpTransport;@microsoft_bluetooth_avrcptransport.inf,%Microsoft_Bluetooth_AvrcpTransport.ServiceDescription%;Microsoft Bluetooth Avrcp Transport Driver; C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.AvrcpTransport.sys [2019-03-19 64512]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2019-03-19 1150480]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2019-03-19 153616]
S3 NDKPing;NDKPing Driver; C:\WINDOWS\system32\drivers\NDKPing.sys [2019-03-19 63488]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2019-03-19 187904]
S3 nvdimm;@nvdimm.inf,%nvdimm.SvcDesc%;Microsoft NVDIMM device driver; C:\WINDOWS\System32\drivers\nvdimm.sys [2019-03-19 158520]
S3 NvStreamKms;NVIDIA KMS; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2020-04-01 30336]
S3 NvStUSB;NVIDIA Stereoscopic 3D USB driver; C:\WINDOWS\System32\drivers\nvstusb.sys [2018-03-24 468752]
S3 PktMon;Packet Monitor Driver; C:\WINDOWS\system32\drivers\PktMon.sys [2019-03-19 96056]
S3 pmem;@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver; C:\WINDOWS\System32\drivers\pmem.sys [2019-03-19 127800]
S3 PNPMEM;@memory.inf,%PNPMEM.SvcDesc%;Microsoft Memory Module Driver; C:\WINDOWS\System32\drivers\pnpmem.sys [2019-03-19 17408]
S3 portcfg;portcfg; C:\WINDOWS\System32\drivers\portcfg.sys [2019-03-19 25600]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2019-12-13 986936]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2019-03-19 211456]
S3 rhproxy;@rhproxy.inf,%rhproxy.SVCDESC%;Resource Hub proxy driver; C:\WINDOWS\System32\drivers\rhproxy.sys [2019-03-19 113152]
S4 hvcrash;hvcrash; C:\WINDOWS\System32\drivers\hvcrash.sys [2019-03-19 32568]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2020-02-25 88648]
R2 AdobeUpdateService;AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [2018-06-22 818128]
R2 AGMService;Adobe Genuine Monitor Service; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2020-03-04 3374160]
R2 AGSService;Adobe Genuine Software Integrity Service; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2020-03-04 3103824]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R2 CDPUserSvc_21a593db;Uživatelská služba platformy připojených zařízení_21a593db; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R2 ClickToRunSvc;Služba Microsoft Office Klikni a spusť; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2020-04-28 10610544]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R2 CorsairLLAService;Corsair LLA Service; C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\CueLLAccessService.exe [2020-03-02 403496]
R2 CorsairService;Corsair Service; C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.exe [2020-03-02 55848]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
R2 DispBrokerDesktopSvc;@%SystemRoot%\system32\dispbroker.desktop.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2016-03-16 209184]
R2 KVPNCSvc;Kerio Control VPN Client Service; C:\Program Files (x86)\Kerio\VPN Client\kvpncsvc.exe [2018-08-28 1986920]
R2 LightingService;LightingService; C:\Program Files (x86)\LightingService\1.00.42\LightingService.exe [2018-05-06 1289688]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2016-03-16 416544]
R2 MBAMService;Malwarebytes Service; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [2020-05-09 6933272]
R2 nebula;Logitech Video Camera Service; C:\Program Files\Logitech\Collaboration\Services\Video\ServiceLayer.exe [2018-06-19 4477576]
R2 nordvpn-service;nordvpn-service; C:\Program Files (x86)\NordVPN\nordvpn-service.exe [2019-12-19 222240]
R2 NvContainerLocalSystem;NVIDIA LocalSystem Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2020-03-18 850928]
R2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [2020-04-03 874472]
R2 OneSyncSvc_21a593db;Hostitel synchronizace_21a593db; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R3 BthAvctpSvc;@%SystemRoot%\system32\BthAvctpSvc.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R3 camsvc;@%SystemRoot%\system32\CapabilityAccessManager.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R3 cbdhsvc_21a593db;Uživatelská služba schránky_21a593db; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
R3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R3 DisplayEnhancementService;@%SystemRoot%\System32\Microsoft.Graphics.Display.DisplayEnhancementService.dll,-1000; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
R3 InstallService;@%SystemRoot%\system32\InstallService.dll,-200; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
R3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R3 PimIndexMaintenanceSvc_21a593db;Data kontaktů_21a593db; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S2 asComSvc;ASUS Com Service; C:\Program Files (x86)\ASUS\AXSP\4.00.01\atkexComSvc.exe [2018-01-05 382424]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S2 debugregsvc;@%SystemRoot%\system32\debugregsvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S2 gupdate;Služba Aktualizace Google (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-05-06 153168]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S2 Origin Web Helper Service;Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2020-01-31 3394864]
S3 AarSvc;@%SystemRoot%\system32\AarSvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 AarSvc_21a593db;Agent Activation Runtime_21a593db; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2020-04-15 335416]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 AssignedAccessManagerSvc;@%SystemRoot%\system32\assignedaccessmanagersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 autotimesvc;@%SystemRoot%\System32\autotimesvc.dll,-6; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 BcastDVRUserService;@%SystemRoot%\system32\BcastDVRUserService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 BcastDVRUserService_21a593db;Uživatelská služba pro GameDVR a vysílání her_21a593db; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 BEService;BattlEye Service; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [2019-07-10 8403672]
S3 BluetoothUserService;@%SystemRoot%\system32\Microsoft.Bluetooth.UserService.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 BluetoothUserService_21a593db;Služba pro podporu uživatelů Bluetooth_21a593db; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 BTAGService;@%SystemRoot%\system32\BTAGService.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 CaptureService;@%SystemRoot%\system32\CaptureService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 CaptureService_21a593db;CaptureService_21a593db; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 cbdhsvc;@%SystemRoot%\system32\cbdhsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 ConsentUxUserSvc;@%SystemRoot%\system32\ConsentUxClient.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 ConsentUxUserSvc_21a593db;ConsentUX_21a593db; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 CredentialEnrollmentManagerUserSvc;@%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100; C:\WINDOWS\system32\CredentialEnrollmentManager.exe [2019-03-19 380120]
S3 CredentialEnrollmentManagerUserSvc_21a593db;CredentialEnrollmentManagerUserSvc_21a593db; C:\WINDOWS\system32\CredentialEnrollmentManager.exe [2019-03-19 380120]
S3 DeveloperToolsService;@%SystemRoot%\system32\DeveloperToolsSvc.exe,-100; C:\WINDOWS\System32\DeveloperToolsSvc.exe [2019-03-18 174080]
S3 DeviceAssociationBrokerSvc;@%SystemRoot%\system32\deviceaccess.dll,-107; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 DeviceAssociationBrokerSvc_21a593db;DeviceAssociationBroker_21a593db; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 DevicePickerUserSvc;@%SystemRoot%\system32\Windows.Devices.Picker.dll,-1006; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 DevicePickerUserSvc_21a593db;DevicePicker_21a593db; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 DevicesFlowUserSvc_21a593db;Tok zařízení_21a593db; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2020-03-16 97792]
S3 diagsvc;@%systemroot%\system32\DiagSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 EasyAntiCheat;EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [2019-05-22 803440]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2019-11-17 43704]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S3 GoogleChromeElevationService;Google Chrome Elevation Service; C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.138\elevation_service.exe [2020-05-02 1095664]
S3 GraphicsPerfSvc;@%SystemRoot%\system32\GraphicsPerfSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S3 gupdatem;Služba Aktualizace Google (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-05-06 153168]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2016-02-19 974632]
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S3 LxpSvc;@%SystemRoot%\system32\LanguageOverlayServer.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 MessagingService_21a593db;Služba zasílání zpráv_21a593db; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S3 Origin Client Service;Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2020-01-31 2474800]
S3 ose;Office Source Engine; c:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2002-02-01 215056]
S3 perceptionsimulation;@%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101; C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe [2019-03-19 103424]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 PrintWorkflowUserSvc;@%SystemRoot%\system32\PrintWorkflowService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 PrintWorkflowUserSvc_21a593db;PrintWorkflow_21a593db; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 PushToInstall;@%SystemRoot%\system32\pushtoinstall.dll,-200; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S3 Rockstar Service;Rockstar Game Library Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [2019-12-05 474256]
S4 AppVClient;@%systemroot%\system32\AppVClient.exe,-102; C:\WINDOWS\system32\AppVClient.exe [2020-02-15 828216]
-----------------EOF-----------------
Logfile of random's system information tool 1.10 (written by random/random)
Run by ADMIN at 2020-05-09 02:49:43
Microsoft Windows 10 Pro
System drive C: has 872 GB (46%) free of 1907 GB
Total RAM: 16304 MB (65% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 2:49:52, on 09.05.2020
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.18362.0001)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\LightingService\1.00.42\AsRogAuraGpuDllServer.exe
C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
C:\Program Files (x86)\Steam\steam.exe
C:\Program Files (x86)\Kerio\VPN Client\kvpncgui.exe
C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\iCUE.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Program Files\trend micro\ADMIN.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_241\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_241\bin\jp2ssv.dll
O4 - HKLM\..\Run: [IMSS] "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe" "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe" 60
O4 - HKLM\..\Run: [Adobe Creative Cloud] "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
O4 - HKLM\..\Run: [Kerio Control VPN Client] "C:\Program Files (x86)\Kerio\VPN Client\kvpncgui.exe" /tray
O4 - HKLM\..\Run: [CORSAIR iCUE Software] "C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\iCUE Launcher.exe" --autorun
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AdobeUpdateService - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
O23 - Service: Adobe Genuine Monitor Service (AGMService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
O23 - Service: Adobe Genuine Software Integrity Service (AGSService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: ASUS Com Service (asComSvc) - ASUSTeK Computer Inc. - C:\Program Files (x86)\ASUS\AXSP\4.00.01\atkexComSvc.exe
O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service: Corsair LLA Service (CorsairLLAService) - Corsair Memory, Inc. - C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\CueLLAccessService.exe
O23 - Service: Corsair Service (CorsairService) - Corsair Memory, Inc. - C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.exe
O23 - Service: @%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100 (CredentialEnrollmentManagerUserSvc) - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: CredentialEnrollmentManagerUserSvc_21a593db - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DeveloperToolsSvc.exe,-100 (DeveloperToolsService) - Unknown owner - C:\WINDOWS\System32\DeveloperToolsSvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: EasyAntiCheat - EasyAntiCheat Ltd - C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google LLC - C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.138\elevation_service.exe
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Kerio Control VPN Client Service (KVPNCSvc) - Kerio Technologies Inc. - C:\Program Files (x86)\Kerio\VPN Client\kvpncsvc.exe
O23 - Service: LightingService - ASUSTek Computer Inc. - C:\Program Files (x86)\LightingService\1.00.42\LightingService.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: Logitech Video Camera Service (nebula) - Logitech - C:\Program Files\Logitech\Collaboration\Services\Video\ServiceLayer.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: nordvpn-service - Unknown owner - C:\Program Files (x86)\NordVPN\nordvpn-service.exe
O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: Origin Web Helper Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginWebHelperService.exe
O23 - Service: @%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101 (perceptionsimulation) - Unknown owner - C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe (file missing)
O23 - Service: Rockstar Game Library Service (Rockstar Service) - Rockstar Games - C:\Program Files\Rockstar Games\Launcher\RockstarService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001 (Sense) - Unknown owner - C:\Program Files (x86)\Windows Defender Advanced Threat Protection\MsSense.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\WINDOWS\system32\SgrmBroker.exe (file missing)
O23 - Service: @firewallapi.dll,-50323 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: OpenSSH SSH Server (sshd) - Unknown owner - C:\WINDOWS\System32\OpenSSH\sshd.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: VirtualBox system service (VBoxSDS) - Oracle Corporation - C:\Program Files\Oracle\VirtualBox\VBoxSDS.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: vgc - Riot Games, Inc. - C:\Program Files\Riot Vanguard\vgc.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Wondershare Application Framework Service (WsAppService) - Wondershare - C:\Program Files (x86)\Wondershare\WAF\2.4.3.233\WsAppService.exe
--
End of file - 13000 bytes
======Listing Processes======
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p -s PlugPlay
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p
"fontdrvhost.exe"
C:\WINDOWS\system32\svchost.exe -k RPCSS -p
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p -s LSM
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s NcbService
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s hidserv
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s Schedule
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s ProfSvc
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s TimeBrokerSvc
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s EventLog
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
C:\WINDOWS\system32\svchost.exe -k LocalService -p
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s UserManager
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s SysMain
C:\WINDOWS\System32\svchost.exe -k netsvcs -p -s Themes
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s EventSystem
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s nsi
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s Dhcp
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s SENS
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s AudioEndpointBuilder
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s FontCache
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DevQueryBroker
C:\WINDOWS\System32\svchost.exe -k NetworkService -p -s NlaSvc
C:\WINDOWS\system32\svchost.exe -k NetworkService -p -s Dnscache
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\System32\svchost.exe -k netsvcs -p -s ShellHWDetection
C:\WINDOWS\System32\svchost.exe -k LocalService -p -s netprofm
C:\WINDOWS\system32\svchost.exe -k appmodel -p -s camsvc
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s Winmgmt
C:\WINDOWS\system32\svchost.exe -k appmodel -p -s StateRepository
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork -p
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s WinHttpAutoProxySvc
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetworkFirewall -p
"C:\Program Files (x86)\NordVPN\nordvpn-service.exe"
C:\WINDOWS\System32\svchost.exe -k NetworkService -p -s LanmanWorkstation
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s DispBrokerDesktopSvc
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s IKEEXT
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe"
"C:\Program Files (x86)\Kerio\VPN Client\kvpncsvc.exe"
C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork -p -s DPS
"C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe"
C:\WINDOWS\system32\svchost.exe -k NetworkService -p -s CryptSvc
C:\WINDOWS\System32\svchost.exe -k NetSvcs -p -s iphlpsvc
"C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.exe"
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s SstpSvc
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s TrkWks
"C:\Program Files (x86)\LightingService\1.00.42\LightingService.exe"
"C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\CueLLAccessService.exe"
"C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe"
"C:\Program Files (x86)\Wondershare\WAF\2.4.3.233\WsAppService.exe"
"C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerLocalSystem -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll"
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s WpnService
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\System32\svchost.exe -k utcsvc -p
C:\WINDOWS\System32\svchost.exe -k NetworkService -p -s TapiSrv
C:\WINDOWS\System32\svchost.exe -k LocalService -p -s WdiServiceHost
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s LanmanServer
"C:\Program Files\Logitech\Collaboration\Services\Video\ServiceLayer.exe"
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DeviceAssociationService
"C:\Program Files\Logitech\Collaboration\Services\Video\cropAssistAPI\CropAssistService.exe"
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s TokenBroker
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s TabletInputService
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s CDPSvc
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
C:\WINDOWS\System32\svchost.exe -k LocalService -p -s LicenseManager
C:\WINDOWS\System32\svchost.exe -k netsvcs -p
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s UsoSvc
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s PcaSvc
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s StorSvc
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation -p -s SSDPSRV
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s BthAvctpSvc
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s lfsvc
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s Appinfo
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s DsSvc
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s wuauserv
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation -p -s QWAVE
"C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe" /service
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s WebClient
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -s RmSvc
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DisplayEnhancementService
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s lmhosts
C:\WINDOWS\system32\AUDIODG.EXE 0x67c
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s WdiSystemHost
winlogon.exe
"fontdrvhost.exe"
"dwm.exe"
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -f "C:\ProgramData\NVIDIA\DisplaySessionContainer%d.log" -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\Session" -r -l 3 -p 30000 -c
"C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.CpuIdRemote64.exe" -d
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.DisplayAdapter.exe"
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -f "C:\ProgramData\NVIDIA\NvContainerUser%dSPUser.log" -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\SPUser" -r -l 3 -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll" -c
sihost.exe
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup -s CDPUserSvc
"C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -f "C:\ProgramData\NVIDIA\NvContainerUser%d.log" -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\User" -r -l 3 -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll" -c
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup -s WpnUserService
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
"C:\Program Files (x86)\LightingService\1.00.42\AsRogAuraGpuDllServer.exe"
C:\WINDOWS\Explorer.EXE
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe" index.js
C:\WINDOWS\system32\svchost.exe -k ClipboardSvcGroup -p -s cbdhsvc
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe" -ServerName:App.AppXywbrabmsek0gm3tkwpr5kwzbs55tkqay.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
"ctfmon.exe"
C:\WINDOWS\system32\SettingSyncHost.exe -Embedding
"C:\Windows\System32\SecurityHealthSystray.exe"
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\WINDOWS\System32\Taskmgr.exe" /2
"C:\Program Files\Riot Vanguard\vgtray.exe"
"C:\Program Files (x86)\Steam\steam.exe" -silent
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\Program Files (x86)\Kerio\VPN Client\kvpncgui.exe" /tray
--autorun
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe"
"C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe"
"C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe" --type=gpu-process --field-trial-handle=1992,9029014399159495941,6213807221598910582,131072 --disable-features=VizDisplayCompositor --no-sandbox --log-file="C:\Users\Radek\AppData\Local\NVIDIA Corporation\NVIDIA Share\debug.log" --lang=en-US --gpu-preferences=KAAAAAAAAACAAwAAAQAAAAAAAAAAAGAAAAAAAAEAAAAIAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAFAAAAEAAAAAAAAAAAAAAABgAAABAAAAAAAAAAAQAAAAUAAAAQAAAAAAAAAAEAAAAGAAAA --log-file="C:\Users\Radek\AppData\Local\NVIDIA Corporation\NVIDIA Share\debug.log" --service-request-channel-token=17405464469409196906 --mojo-platform-channel-handle=1996 /prefetch:2
"C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe" --type=renderer --no-sandbox --autoplay-policy=no-user-gesture-required --log-file="C:\Users\Radek\AppData\Local\NVIDIA Corporation\NVIDIA Share\debug.log" --field-trial-handle=1992,9029014399159495941,6213807221598910582,131072 --disable-features=VizDisplayCompositor --service-pipe-token=16676444910751114836 --lang=en-US --log-file="C:\Users\Radek\AppData\Local\NVIDIA Corporation\NVIDIA Share\debug.log" --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --service-request-channel-token=16676444910751114836 --renderer-client-id=3 --mojo-platform-channel-handle=2560 /prefetch:1
"C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.220.4152.0_x64__8wekyb3d8bbwe\GameBar.exe" -ServerName:App.AppXbdkk0yrkwpcgeaem8zk81k8py1eaahny.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.220.4152.0_x64__8wekyb3d8bbwe\GameBarFT.exe" /InvokerPRAID: App
"C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.220.4152.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe" -Embedding
C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
"C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe" -auto -critical
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Radek\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Radek\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Radek\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=81.0.4044.138 --initial-client-data=0xe8,0xec,0xf0,0xc4,0xf4,0x7ffcdf44bd28,0x7ffcdf44bd38,0x7ffcdf44bd48
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=3092 --on-initialized-event-handle=688 --parent-handle=692 /prefetch:6
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1648,17594736494469320080,5947736673091973749,131072 --gpu-preferences=MAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAQAAAAAAAAAAAAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAA= --mojo-platform-channel-handle=1652 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=1648,17594736494469320080,5947736673091973749,131072 --lang=cs --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1840 /prefetch:8
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1648,17594736494469320080,5947736673091973749,131072 --lang=cs --enable-auto-reload --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2848 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1648,17594736494469320080,5947736673091973749,131072 --lang=cs --extension-process --enable-auto-reload --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=4 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3568 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1648,17594736494469320080,5947736673091973749,131072 --lang=cs --extension-process --enable-auto-reload --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3848 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1648,17594736494469320080,5947736673091973749,131072 --lang=cs --extension-process --enable-auto-reload --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4008 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=1648,17594736494469320080,5947736673091973749,131072 --lang=cs --service-sandbox-type=utility --enable-audio-service-sandbox --mojo-platform-channel-handle=4424 --ignored=" --type=renderer " /prefetch:8
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1648,17594736494469320080,5947736673091973749,131072 --disable-databases --lang=cs --extension-process --enable-auto-reload --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6024 /prefetch:1
C:\WINDOWS\system32\DllHost.exe /Processid:{973D20D7-562D-44B9-B70B-5A0F49CCDF3F}
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=1648,17594736494469320080,5947736673091973749,131072 --lang=cs --service-sandbox-type=audio --enable-audio-service-sandbox --mojo-platform-channel-handle=1740 --ignored=" --type=renderer " /prefetch:8
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1648,17594736494469320080,5947736673091973749,131072 --disable-databases --lang=cs --enable-auto-reload --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7144 /prefetch:1
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1648,17594736494469320080,5947736673091973749,131072 --disable-databases --lang=cs --enable-auto-reload --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5440 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1648,17594736494469320080,5947736673091973749,131072 --disable-databases --lang=cs --enable-auto-reload --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2888 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1648,17594736494469320080,5947736673091973749,131072 --disable-databases --lang=cs --enable-auto-reload --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6808 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=1648,17594736494469320080,5947736673091973749,131072 --lang=cs --service-sandbox-type=xr_compositing --enable-audio-service-sandbox --mojo-platform-channel-handle=5376 --ignored=" --type=renderer " /prefetch:8
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1648,17594736494469320080,5947736673091973749,131072 --disable-databases --lang=cs --enable-auto-reload --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8164 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1648,17594736494469320080,5947736673091973749,131072 --disable-databases --lang=cs --enable-auto-reload --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8180 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe -Embedding
"C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe"
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s seclogon
"C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1648,17594736494469320080,5947736673091973749,131072 --lang=cs --enable-auto-reload --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7100 /prefetch:1
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1648,17594736494469320080,5947736673091973749,131072 --disable-databases --lang=cs --enable-auto-reload --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=100 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8872 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1648,17594736494469320080,5947736673091973749,131072 --disable-databases --lang=cs --enable-auto-reload --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=105 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8252 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1648,17594736494469320080,5947736673091973749,131072 --disable-databases --lang=cs --enable-auto-reload --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=106 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4688 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1648,17594736494469320080,5947736673091973749,131072 --disable-databases --lang=cs --enable-auto-reload --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=107 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8952 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1648,17594736494469320080,5947736673091973749,131072 --disable-databases --lang=cs --enable-auto-reload --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=108 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8452 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1648,17594736494469320080,5947736673091973749,131072 --disable-databases --lang=cs --enable-auto-reload --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=110 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4840 /prefetch:1
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe185_ Global\UsGthrCtrlFltPipeMssGthrPipe185 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 780 784 792 8192 788
"C:\Users\Radek\Downloads\RSITx64.exe"
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2020-01-12 210632]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_241\bin\ssv.dll [2020-03-27 480320]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_241\bin\jp2ssv.dll [2020-03-27 194624]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\WINDOWS\system32\SecurityHealthSystray.exe [2020-02-15 84992]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2016-12-22 8899592]
"AdobeGCInvoker-1.0"=C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2020-03-04 3022416]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2018-04-11 509936]
"Riot Vanguard"=C:\Program Files\Riot Vanguard\vgtray.exe [2020-05-09 352712]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDriveSetup"=C:\Windows\SysWOW64\OneDriveSetup.exe [2019-03-19 28832864]
"Steam"=C:\Program Files (x86)\Steam\steam.exe [2020-05-08 3373344]
"CCleaner Smart Cleaning"=C:\Program Files\CCleaner\CCleaner64.exe [2018-11-06 19476424]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IMSS"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [2016-03-16 136992]
"Adobe Creative Cloud"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2018-06-22 2409944]
"Kerio Control VPN Client"=C:\Program Files (x86)\Kerio\VPN Client\kvpncgui.exe [2018-08-28 2069864]
"CORSAIR iCUE Software"=C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\iCUE Launcher.exe [2020-03-02 405544]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2019-12-11 646160]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages"=msv1_0
SshdPinAuthLsa
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CBDHSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioEndpointBuilder]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioSrv]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CBDHSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudAddService.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudBus.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MBAMService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SerCx2.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\usbaudio.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinQuic]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96C-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"EnableFullTrustStartupTasks"=2
"EnableUwpStartupTasks"=2
"SupportFullTrustStartupTasks"=1
"SupportUwpStartupTasks"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"aux"=wdmaud.drv
"midi"=wdmaud.drv
"midimapper"=midimap.dll
"mixer"=wdmaud.drv
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=lvcod64.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wave"=wdmaud.drv
"wavemapper"=msacm32.drv
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo"=vfwwdm32.dll
"MSVideo8"=VfWWDM32.dll
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.txt - open -
======List of files/folders created in the last 1 month======
2020-05-09 02:49:43 ----D---- C:\rsit
2020-05-09 02:49:43 ----D---- C:\Program Files\trend micro
2020-05-09 02:39:50 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2020-05-09 02:39:40 ----A---- C:\WINDOWS\system32\drivers\mwac.sys
2020-05-09 02:39:40 ----A---- C:\WINDOWS\system32\drivers\farflt.sys
2020-05-09 02:39:04 ----A---- C:\WINDOWS\system32\drivers\MbamChameleon.sys
2020-05-09 02:39:03 ----A---- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2020-05-09 02:38:57 ----A---- C:\WINDOWS\system32\drivers\MbamElam.sys
2020-05-09 02:38:56 ----A---- C:\WINDOWS\system32\drivers\mbae64.sys
2020-05-03 22:00:08 ----D---- C:\WINDOWS\LastGood.Tmp
2020-05-03 21:58:36 ----A---- C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2020-05-03 21:58:36 ----A---- C:\WINDOWS\system32\vulkan-1.dll
2020-05-03 21:58:35 ----A---- C:\WINDOWS\SYSWOW64\vulkaninfo-1-999-0-0-0.exe
2020-05-03 21:58:35 ----A---- C:\WINDOWS\SYSWOW64\vulkaninfo.exe
2020-05-03 21:58:35 ----A---- C:\WINDOWS\SYSWOW64\vulkan-1-999-0-0-0.dll
2020-05-03 21:58:35 ----A---- C:\WINDOWS\SYSWOW64\vulkan-1.dll
2020-05-03 21:58:35 ----A---- C:\WINDOWS\SYSWOW64\nvofapi.dll
2020-05-03 21:58:35 ----A---- C:\WINDOWS\SYSWOW64\NvIFROpenGL.dll
2020-05-03 21:58:35 ----A---- C:\WINDOWS\SYSWOW64\NvIFR.dll
2020-05-03 21:58:35 ----A---- C:\WINDOWS\SYSWOW64\NvFBC.dll
2020-05-03 21:58:35 ----A---- C:\WINDOWS\SYSWOW64\nvfatbinaryLoader.dll
2020-05-03 21:58:35 ----A---- C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2020-05-03 21:58:35 ----A---- C:\WINDOWS\system32\vulkaninfo.exe
2020-05-03 21:58:35 ----A---- C:\WINDOWS\system32\OpenCL.dll
2020-05-03 21:58:35 ----A---- C:\WINDOWS\system32\nvptxJitCompiler.dll
2020-05-03 21:58:35 ----A---- C:\WINDOWS\system32\nvofapi64.dll
2020-05-03 21:58:35 ----A---- C:\WINDOWS\system32\nvmcumd.dll
2020-05-03 21:58:35 ----A---- C:\WINDOWS\system32\NvIFROpenGL.dll
2020-05-03 21:58:35 ----A---- C:\WINDOWS\system32\NvIFR64.dll
2020-05-03 21:58:35 ----A---- C:\WINDOWS\system32\NvFBC64.dll
2020-05-03 21:58:35 ----A---- C:\WINDOWS\system32\nvfatbinaryLoader.dll
2020-05-03 21:58:35 ----A---- C:\WINDOWS\system32\nvEncodeAPI64.dll
2020-05-03 21:58:34 ----A---- C:\WINDOWS\SYSWOW64\nvcuvid.dll
2020-05-03 21:58:34 ----A---- C:\WINDOWS\SYSWOW64\nvcuda.dll
2020-05-03 21:58:34 ----A---- C:\WINDOWS\system32\nvdispgenco6444587.dll
2020-05-03 21:58:34 ----A---- C:\WINDOWS\system32\nvdispco6444587.dll
2020-05-03 21:58:34 ----A---- C:\WINDOWS\system32\nvcuvid.dll
2020-05-03 21:58:34 ----A---- C:\WINDOWS\system32\nvcuda.dll
2020-05-01 20:20:31 ----D---- C:\Program Files (x86)\Far Cry 5
2020-04-29 14:28:23 ----D---- C:\Program Files\Logitech
2020-04-19 22:58:38 ----D---- C:\Users\Radek\AppData\Roaming\Sekiro
2020-04-16 23:13:07 ----A---- C:\WINDOWS\vgkbootstatus.dat
2020-04-16 21:53:41 ----AD---- C:\Program Files\Riot Vanguard
2020-04-16 00:15:10 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.XamlHost.dll
2020-04-16 00:15:10 ----A---- C:\WINDOWS\system32\Windows.UI.XamlHost.dll
2020-04-16 00:15:10 ----A---- C:\WINDOWS\system32\wbadmin.exe
2020-04-16 00:15:07 ----A---- C:\WINDOWS\SYSWOW64\MSFlacDecoder.dll
2020-04-16 00:15:07 ----A---- C:\WINDOWS\SYSWOW64\mfmpeg2srcsnk.dll
2020-04-16 00:15:06 ----A---- C:\WINDOWS\SYSWOW64\mfmp4srcsnk.dll
2020-04-16 00:15:06 ----A---- C:\WINDOWS\SYSWOW64\mfmkvsrcsnk.dll
2020-04-16 00:15:03 ----A---- C:\WINDOWS\system32\HologramCompositor.dll
2020-04-16 00:15:02 ----A---- C:\WINDOWS\system32\Hydrogen.dll
2020-04-16 00:15:01 ----A---- C:\WINDOWS\system32\HologramWorld.dll
2020-04-16 00:15:00 ----A---- C:\WINDOWS\system32\msmpeg2vdec.dll
2020-04-16 00:15:00 ----A---- C:\WINDOWS\system32\MSFlacDecoder.dll
2020-04-16 00:15:00 ----A---- C:\WINDOWS\system32\MSAudDecMFT.dll
2020-04-16 00:15:00 ----A---- C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2020-04-16 00:15:00 ----A---- C:\WINDOWS\system32\mfmp4srcsnk.dll
2020-04-16 00:14:59 ----A---- C:\WINDOWS\SYSWOW64\Microsoft.Uev.Office2013CustomActions.dll
2020-04-16 00:14:59 ----A---- C:\WINDOWS\SYSWOW64\Microsoft.Uev.Office2010CustomActions.dll
2020-04-16 00:14:59 ----A---- C:\WINDOWS\SYSWOW64\Microsoft.Uev.AppAgent.dll
2020-04-16 00:14:59 ----A---- C:\WINDOWS\SYSWOW64\AppVEntSubsystems32.dll
2020-04-16 00:14:59 ----A---- C:\WINDOWS\system32\mfcore.dll
2020-04-16 00:14:58 ----A---- C:\WINDOWS\system32\Microsoft.Uev.Office2013CustomActions.dll
2020-04-16 00:14:58 ----A---- C:\WINDOWS\system32\Microsoft.Uev.Office2010CustomActions.dll
2020-04-16 00:14:58 ----A---- C:\WINDOWS\system32\Microsoft.Uev.AppAgent.dll
2020-04-16 00:14:58 ----A---- C:\WINDOWS\system32\AppVEntSubsystems64.dll
2020-04-16 00:14:58 ----A---- C:\WINDOWS\system32\AppVEntSubsystemController.dll
2020-04-16 00:14:57 ----A---- C:\WINDOWS\SYSWOW64\Windows.Mirage.Internal.dll
2020-04-16 00:14:57 ----A---- C:\WINDOWS\SYSWOW64\tsgqec.dll
2020-04-16 00:14:57 ----A---- C:\WINDOWS\SYSWOW64\mstsc.exe
2020-04-16 00:14:57 ----A---- C:\WINDOWS\SYSWOW64\CPFilters.dll
2020-04-16 00:14:56 ----A---- C:\WINDOWS\SYSWOW64\mstscax.dll
2020-04-16 00:14:56 ----A---- C:\WINDOWS\SYSWOW64\msrd3x40.dll
2020-04-16 00:14:56 ----A---- C:\WINDOWS\SYSWOW64\msltus40.dll
2020-04-16 00:14:56 ----A---- C:\WINDOWS\SYSWOW64\msjet40.dll
2020-04-16 00:14:56 ----A---- C:\WINDOWS\SYSWOW64\msimsg.dll
2020-04-16 00:14:56 ----A---- C:\WINDOWS\SYSWOW64\msi.dll
2020-04-16 00:14:56 ----A---- C:\WINDOWS\SYSWOW64\msexcl40.dll
2020-04-16 00:14:56 ----A---- C:\WINDOWS\SYSWOW64\Chakrathunk.dll
2020-04-16 00:14:56 ----A---- C:\WINDOWS\SYSWOW64\Chakradiag.dll
2020-04-16 00:14:55 ----A---- C:\WINDOWS\SYSWOW64\IndexedDbLegacy.dll
2020-04-16 00:14:55 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2020-04-16 00:14:54 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2020-04-16 00:14:53 ----A---- C:\WINDOWS\SYSWOW64\wsecedit.dll
2020-04-16 00:14:53 ----A---- C:\WINDOWS\SYSWOW64\srumsvc.dll
2020-04-16 00:14:53 ----A---- C:\WINDOWS\SYSWOW64\srumapi.dll
2020-04-16 00:14:53 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2020-04-16 00:14:53 ----A---- C:\WINDOWS\SYSWOW64\iasrad.dll
2020-04-16 00:14:53 ----A---- C:\WINDOWS\SYSWOW64\iaspolcy.dll
2020-04-16 00:14:53 ----A---- C:\WINDOWS\SYSWOW64\iasacct.dll
2020-04-16 00:14:53 ----A---- C:\WINDOWS\SYSWOW64\ias.dll
2020-04-16 00:14:53 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2020-04-16 00:14:51 ----A---- C:\WINDOWS\system32\WorkFolders.exe
2020-04-16 00:14:50 ----A---- C:\WINDOWS\system32\workfolderssvc.dll
2020-04-16 00:14:50 ----A---- C:\WINDOWS\system32\WorkFoldersShell.dll
2020-04-16 00:14:50 ----A---- C:\WINDOWS\system32\WorkfoldersControl.dll
2020-04-16 00:14:50 ----A---- C:\WINDOWS\system32\WinSAT.exe
2020-04-16 00:14:50 ----A---- C:\WINDOWS\system32\tsgqec.dll
2020-04-16 00:14:50 ----A---- C:\WINDOWS\system32\mstsc.exe
2020-04-16 00:14:49 ----A---- C:\WINDOWS\system32\rdpclip.exe
2020-04-16 00:14:49 ----A---- C:\WINDOWS\system32\nltest.exe
2020-04-16 00:14:49 ----A---- C:\WINDOWS\system32\mstscax.dll
2020-04-16 00:14:48 ----A---- C:\WINDOWS\system32\msimsg.dll
2020-04-16 00:14:48 ----A---- C:\WINDOWS\system32\msi.dll
2020-04-16 00:14:48 ----A---- C:\WINDOWS\system32\Chakrathunk.dll
2020-04-16 00:14:48 ----A---- C:\WINDOWS\system32\Chakradiag.dll
2020-04-16 00:14:47 ----A---- C:\WINDOWS\system32\IndexedDbLegacy.dll
2020-04-16 00:14:47 ----A---- C:\WINDOWS\system32\Chakra.dll
2020-04-16 00:14:46 ----A---- C:\WINDOWS\system32\mshtml.dll
2020-04-16 00:14:46 ----A---- C:\WINDOWS\system32\jscript.dll
2020-04-16 00:14:46 ----A---- C:\WINDOWS\system32\iasrad.dll
2020-04-16 00:14:46 ----A---- C:\WINDOWS\system32\iasacct.dll
2020-04-16 00:14:46 ----A---- C:\WINDOWS\system32\ias.dll
2020-04-16 00:14:45 ----A---- C:\WINDOWS\system32\StorSvc.dll
2020-04-16 00:14:45 ----A---- C:\WINDOWS\system32\StorageUsage.dll
2020-04-16 00:14:45 ----A---- C:\WINDOWS\system32\iaspolcy.dll
2020-04-16 00:14:44 ----A---- C:\WINDOWS\system32\wsecedit.dll
2020-04-16 00:14:37 ----A---- C:\WINDOWS\system32\tcbloader.dll
2020-04-16 00:14:37 ----A---- C:\WINDOWS\system32\tcblaunch.exe
2020-04-16 00:14:37 ----A---- C:\WINDOWS\system32\securekernel.exe
2020-04-16 00:14:37 ----A---- C:\WINDOWS\system32\kdhvcom.dll
2020-04-16 00:14:37 ----A---- C:\WINDOWS\system32\hvix64.exe
2020-04-16 00:14:36 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2020-04-16 00:14:36 ----A---- C:\WINDOWS\SYSWOW64\scecli.dll
2020-04-16 00:14:36 ----A---- C:\WINDOWS\SYSWOW64\ntshrui.dll
2020-04-16 00:14:36 ----A---- C:\WINDOWS\system32\srumsvc.dll
2020-04-16 00:14:36 ----A---- C:\WINDOWS\system32\srumapi.dll
2020-04-16 00:14:36 ----A---- C:\WINDOWS\system32\hvloader.dll
2020-04-16 00:14:36 ----A---- C:\WINDOWS\system32\hvax64.exe
2020-04-16 00:14:36 ----A---- C:\WINDOWS\system32\drivers\hvservice.sys
2020-04-16 00:14:35 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2020-04-16 00:14:35 ----A---- C:\WINDOWS\SYSWOW64\t2embed.dll
2020-04-16 00:14:35 ----A---- C:\WINDOWS\SYSWOW64\GdiPlus.dll
2020-04-16 00:14:35 ----A---- C:\WINDOWS\SYSWOW64\gdi32full.dll
2020-04-16 00:14:35 ----A---- C:\WINDOWS\SYSWOW64\DMAlertListener.ProxyStub.dll
2020-04-16 00:14:34 ----A---- C:\WINDOWS\SYSWOW64\Windows.Internal.Management.dll
2020-04-16 00:14:34 ----A---- C:\WINDOWS\SYSWOW64\msimg32.dll
2020-04-16 00:14:34 ----A---- C:\WINDOWS\SYSWOW64\mf3216.dll
2020-04-16 00:14:34 ----A---- C:\WINDOWS\SYSWOW64\lpk.dll
2020-04-16 00:14:34 ----A---- C:\WINDOWS\SYSWOW64\fontsub.dll
2020-04-16 00:14:34 ----A---- C:\WINDOWS\SYSWOW64\fontdrvhost.exe
2020-04-16 00:14:34 ----A---- C:\WINDOWS\SYSWOW64\dciman32.dll
2020-04-16 00:14:33 ----A---- C:\WINDOWS\SYSWOW64\winhttp.dll
2020-04-16 00:14:33 ----A---- C:\WINDOWS\SYSWOW64\windowsperformancerecordercontrol.dll
2020-04-16 00:14:33 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Protection.PlayReady.dll
2020-04-16 00:14:33 ----A---- C:\WINDOWS\SYSWOW64\SHCore.dll
2020-04-16 00:14:33 ----A---- C:\WINDOWS\SYSWOW64\netlogon.dll
2020-04-16 00:14:33 ----A---- C:\WINDOWS\SYSWOW64\logoncli.dll
2020-04-16 00:14:33 ----A---- C:\WINDOWS\SYSWOW64\es.dll
2020-04-16 00:14:33 ----A---- C:\WINDOWS\SYSWOW64\dcomp.dll
2020-04-16 00:14:33 ----A---- C:\WINDOWS\SYSWOW64\aepic.dll
2020-04-16 00:14:32 ----A---- C:\WINDOWS\SYSWOW64\Windows.Storage.ApplicationData.dll
2020-04-16 00:14:32 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.Custom.ps.dll
2020-04-16 00:14:32 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.Custom.dll
2020-04-16 00:14:32 ----A---- C:\WINDOWS\SYSWOW64\win32u.dll
2020-04-16 00:14:32 ----A---- C:\WINDOWS\SYSWOW64\win32kfull.sys
2020-04-16 00:14:32 ----A---- C:\WINDOWS\SYSWOW64\win32k.sys
2020-04-16 00:14:32 ----A---- C:\WINDOWS\SYSWOW64\user32.dll
2020-04-16 00:14:32 ----A---- C:\WINDOWS\SYSWOW64\updatepolicy.dll
2020-04-16 00:14:32 ----A---- C:\WINDOWS\SYSWOW64\deviceaccess.dll
2020-04-16 00:14:31 ----A---- C:\WINDOWS\SYSWOW64\wpnapps.dll
2020-04-16 00:14:31 ----A---- C:\WINDOWS\SYSWOW64\Windows.Networking.Vpn.dll
2020-04-16 00:14:31 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.Enumeration.dll
2020-04-16 00:14:31 ----A---- C:\WINDOWS\SYSWOW64\webservices.dll
2020-04-16 00:14:31 ----A---- C:\WINDOWS\SYSWOW64\OneCoreUAPCommonProxyStub.dll
2020-04-16 00:14:31 ----A---- C:\WINDOWS\SYSWOW64\kerberos.dll
2020-04-16 00:14:31 ----A---- C:\WINDOWS\SYSWOW64\KerbClientShared.dll
2020-04-16 00:14:31 ----A---- C:\WINDOWS\SYSWOW64\InstallServiceTasks.dll
2020-04-16 00:14:31 ----A---- C:\WINDOWS\SYSWOW64\cmintegrator.dll
2020-04-16 00:14:31 ----A---- C:\WINDOWS\SYSWOW64\AppXDeploymentClient.dll
2020-04-16 00:14:30 ----A---- C:\WINDOWS\SYSWOW64\WindowsCodecs.dll
2020-04-16 00:14:30 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Input.Inking.dll
2020-04-16 00:14:30 ----A---- C:\WINDOWS\SYSWOW64\MbaeApiPublic.dll
2020-04-16 00:14:30 ----A---- C:\WINDOWS\SYSWOW64\InstallService.dll
2020-04-16 00:14:30 ----A---- C:\WINDOWS\SYSWOW64\aadtb.dll
2020-04-16 00:14:29 ----A---- C:\WINDOWS\SYSWOW64\wksprtPS.dll
2020-04-16 00:14:29 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.dll
2020-04-16 00:14:29 ----A---- C:\WINDOWS\SYSWOW64\TSWorkspace.dll
2020-04-16 00:14:29 ----A---- C:\WINDOWS\SYSWOW64\kernel32.dll
2020-04-16 00:14:28 ----A---- C:\WINDOWS\SYSWOW64\WpcWebFilter.dll
2020-04-16 00:14:28 ----A---- C:\WINDOWS\SYSWOW64\Wpc.dll
2020-04-16 00:14:28 ----A---- C:\WINDOWS\SYSWOW64\Windows.Security.Authentication.Web.Core.dll
2020-04-16 00:14:28 ----A---- C:\WINDOWS\SYSWOW64\TokenBrokerCookies.exe
2020-04-16 00:14:28 ----A---- C:\WINDOWS\SYSWOW64\TokenBroker.dll
2020-04-16 00:14:28 ----A---- C:\WINDOWS\SYSWOW64\tbauth.dll
2020-04-16 00:14:28 ----A---- C:\WINDOWS\SYSWOW64\taskschd.dll
2020-04-16 00:14:28 ----A---- C:\WINDOWS\SYSWOW64\sppcext.dll
2020-04-16 00:14:28 ----A---- C:\WINDOWS\SYSWOW64\sppc.dll
2020-04-16 00:14:28 ----A---- C:\WINDOWS\SYSWOW64\slcext.dll
2020-04-16 00:14:28 ----A---- C:\WINDOWS\SYSWOW64\slc.dll
2020-04-16 00:14:28 ----A---- C:\WINDOWS\SYSWOW64\ntdll.dll
2020-04-16 00:14:28 ----A---- C:\WINDOWS\SYSWOW64\msctf.dll
2020-04-16 00:14:28 ----A---- C:\WINDOWS\SYSWOW64\dot3msm.dll
2020-04-16 00:14:28 ----A---- C:\WINDOWS\SYSWOW64\dot3api.dll
2020-04-16 00:14:28 ----A---- C:\WINDOWS\SYSWOW64\CloudNotifications.exe
2020-04-16 00:14:28 ----A---- C:\WINDOWS\SYSWOW64\advapi32.dll
2020-04-16 00:14:27 ----A---- C:\WINDOWS\SYSWOW64\FlightSettings.dll
2020-04-16 00:14:27 ----A---- C:\WINDOWS\SYSWOW64\BTAGService.dll
2020-04-16 00:14:22 ----A---- C:\WINDOWS\system32\vbscript.dll
2020-04-16 00:14:22 ----A---- C:\WINDOWS\system32\scecli.dll
2020-04-16 00:14:22 ----A---- C:\WINDOWS\system32\rasmans.dll
2020-04-16 00:14:22 ----A---- C:\WINDOWS\system32\rascustom.dll
2020-04-16 00:14:22 ----A---- C:\WINDOWS\system32\LsaIso.exe
2020-04-16 00:14:22 ----A---- C:\WINDOWS\system32\iumcrypt.dll
2020-04-16 00:14:22 ----A---- C:\WINDOWS\system32\ipnathlp.dll
2020-04-16 00:14:22 ----A---- C:\WINDOWS\system32\icsunattend.exe
2020-04-16 00:14:21 ----A---- C:\WINDOWS\system32\SettingsHandlers_nt.dll
2020-04-16 00:14:20 ----A---- C:\WINDOWS\system32\LanguageComponentsInstaller.dll
2020-04-16 00:14:19 ----A---- C:\WINDOWS\system32\wininet.dll
2020-04-16 00:14:19 ----A---- C:\WINDOWS\system32\t2embed.dll
2020-04-16 00:14:19 ----A---- C:\WINDOWS\system32\GdiPlus.dll
2020-04-16 00:14:19 ----A---- C:\WINDOWS\system32\gdi32full.dll
2020-04-16 00:14:19 ----A---- C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2020-04-16 00:14:18 ----A---- C:\WINDOWS\system32\Windows.Internal.Management.dll
2020-04-16 00:14:18 ----A---- C:\WINDOWS\system32\omadmclient.exe
2020-04-16 00:14:18 ----A---- C:\WINDOWS\system32\enterprisecsps.dll
2020-04-16 00:14:07 ----A---- C:\WINDOWS\system32\wuuhext.dll
2020-04-16 00:14:07 ----A---- C:\WINDOWS\system32\wow64win.dll
2020-04-16 00:14:07 ----A---- C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-04-16 00:14:07 ----A---- C:\WINDOWS\system32\msimg32.dll
2020-04-16 00:14:07 ----A---- C:\WINDOWS\system32\mf3216.dll
2020-04-16 00:14:07 ----A---- C:\WINDOWS\system32\fontsub.dll
2020-04-16 00:14:07 ----A---- C:\WINDOWS\system32\fontdrvhost.exe
2020-04-16 00:14:07 ----A---- C:\WINDOWS\system32\drivers\srv2.sys
2020-04-16 00:14:07 ----A---- C:\WINDOWS\system32\drivers\rdbss.sys
2020-04-16 00:14:07 ----A---- C:\WINDOWS\system32\drivers\mrxsmb.sys
2020-04-16 00:14:06 ----A---- C:\WINDOWS\SYSWOW64\KernelBase.dll
2020-04-16 00:14:06 ----A---- C:\WINDOWS\system32\netlogon.dll
2020-04-16 00:14:06 ----A---- C:\WINDOWS\system32\lpk.dll
2020-04-16 00:14:06 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2020-04-16 00:14:06 ----A---- C:\WINDOWS\system32\drivers\FWPKCLNT.SYS
2020-04-16 00:14:06 ----A---- C:\WINDOWS\system32\dciman32.dll
2020-04-16 00:14:05 ----A---- C:\WINDOWS\system32\smss.exe
2020-04-16 00:14:05 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2020-04-16 00:14:05 ----A---- C:\WINDOWS\system32\KernelBase.dll
2020-04-16 00:14:05 ----A---- C:\WINDOWS\system32\drivers\partmgr.sys
2020-04-16 00:14:04 ----A---- C:\WINDOWS\system32\ntdll.dll
2020-04-16 00:14:04 ----A---- C:\WINDOWS\system32\hal.dll
2020-04-16 00:14:04 ----A---- C:\WINDOWS\system32\drivers\hwpolicy.sys
2020-04-16 00:14:03 ----A---- C:\WINDOWS\system32\wpr.exe
2020-04-16 00:14:03 ----A---- C:\WINDOWS\system32\windowsperformancerecordercontrol.dll
2020-04-16 00:14:03 ----A---- C:\WINDOWS\system32\utcutil.dll
2020-04-16 00:14:03 ----A---- C:\WINDOWS\system32\runexehelper.exe
2020-04-16 00:14:03 ----A---- C:\WINDOWS\system32\pacjsworker.exe
2020-04-16 00:14:03 ----A---- C:\WINDOWS\system32\drivers\http.sys
2020-04-16 00:14:03 ----A---- C:\WINDOWS\system32\diagtrack.dll
2020-04-16 00:14:02 ----A---- C:\WINDOWS\system32\wksprtPS.dll
2020-04-16 00:14:02 ----A---- C:\WINDOWS\system32\winhttp.dll
2020-04-16 00:14:02 ----A---- C:\WINDOWS\system32\TSWorkspace.dll
2020-04-16 00:14:02 ----A---- C:\WINDOWS\system32\samsrv.dll
2020-04-16 00:14:02 ----A---- C:\WINDOWS\system32\samlib.dll
2020-04-16 00:14:02 ----A---- C:\WINDOWS\system32\rpcss.dll
2020-04-16 00:14:02 ----A---- C:\WINDOWS\system32\offlinesam.dll
2020-04-16 00:14:02 ----A---- C:\WINDOWS\system32\logoncli.dll
2020-04-16 00:14:02 ----A---- C:\WINDOWS\system32\DeviceCensus.exe
2020-04-16 00:14:02 ----A---- C:\WINDOWS\system32\dcntel.dll
2020-04-16 00:14:02 ----A---- C:\WINDOWS\system32\aepic.dll
2020-04-16 00:14:01 ----A---- C:\WINDOWS\system32\UpgradeResultsUI.exe
2020-04-16 00:14:01 ----A---- C:\WINDOWS\system32\taskschd.dll
2020-04-16 00:14:01 ----A---- C:\WINDOWS\system32\sxssrv.dll
2020-04-16 00:14:01 ----A---- C:\WINDOWS\system32\sppcommdlg.dll
2020-04-16 00:14:01 ----A---- C:\WINDOWS\system32\sppcext.dll
2020-04-16 00:14:01 ----A---- C:\WINDOWS\system32\sppc.dll
2020-04-16 00:14:01 ----A---- C:\WINDOWS\system32\slcext.dll
2020-04-16 00:14:01 ----A---- C:\WINDOWS\system32\slc.dll
2020-04-16 00:14:01 ----A---- C:\WINDOWS\system32\phoneactivate.exe
2020-04-16 00:14:01 ----A---- C:\WINDOWS\system32\msctf.dll
2020-04-16 00:14:01 ----A---- C:\WINDOWS\system32\LicensingUI.exe
2020-04-16 00:14:01 ----A---- C:\WINDOWS\system32\changepk.exe
2020-04-16 00:14:00 ----A---- C:\WINDOWS\system32\sppsvc.exe
2020-04-16 00:13:59 ----A---- C:\WINDOWS\system32\uDWM.dll
2020-04-16 00:13:59 ----A---- C:\WINDOWS\system32\ntshrui.dll
2020-04-16 00:13:59 ----A---- C:\WINDOWS\system32\dwmcore.dll
2020-04-16 00:13:59 ----A---- C:\WINDOWS\system32\dcomp.dll
2020-04-16 00:13:56 ----A---- C:\WINDOWS\system32\es.dll
2020-04-16 00:13:55 ----A---- C:\WINDOWS\system32\winload.exe
2020-04-16 00:13:55 ----A---- C:\WINDOWS\system32\Win32CompatibilityAppraiserCSP.dll
2020-04-16 00:13:55 ----A---- C:\WINDOWS\system32\generaltel.dll
2020-04-16 00:13:55 ----A---- C:\WINDOWS\system32\devinv.dll
2020-04-16 00:13:55 ----A---- C:\WINDOWS\system32\CompatTelRunner.exe
2020-04-16 00:13:55 ----A---- C:\WINDOWS\system32\acmigration.dll
2020-04-16 00:13:54 ----A---- C:\WINDOWS\system32\win32appinventorycsp.dll
2020-04-16 00:13:54 ----A---- C:\WINDOWS\system32\pcasvc.dll
2020-04-16 00:13:54 ----A---- C:\WINDOWS\system32\pcalua.exe
2020-04-16 00:13:54 ----A---- C:\WINDOWS\system32\pcaevts.dll
2020-04-16 00:13:54 ----A---- C:\WINDOWS\system32\pcadm.dll
2020-04-16 00:13:54 ----A---- C:\WINDOWS\system32\invagent.dll
2020-04-16 00:13:54 ----A---- C:\WINDOWS\system32\appraiser.dll
2020-04-16 00:13:54 ----A---- C:\WINDOWS\system32\aitstatic.exe
2020-04-16 00:13:54 ----A---- C:\WINDOWS\system32\aeinv.dll
2020-04-16 00:13:53 ----A---- C:\WINDOWS\system32\SettingsHandlers_Language.dll
2020-04-16 00:13:46 ----A---- C:\WINDOWS\system32\twinui.pcshell.dll
2020-04-16 00:13:45 ----A---- C:\WINDOWS\system32\usocoreworker.exe
2020-04-16 00:13:45 ----A---- C:\WINDOWS\system32\SHCore.dll
2020-04-16 00:13:45 ----A---- C:\WINDOWS\system32\MusUpdateHandlers.dll
2020-04-16 00:13:45 ----A---- C:\WINDOWS\system32\MusNotifyIcon.exe
2020-04-16 00:13:45 ----A---- C:\WINDOWS\system32\MusNotificationUx.exe
2020-04-16 00:13:45 ----A---- C:\WINDOWS\system32\MusNotification.exe
2020-04-16 00:13:44 ----A---- C:\WINDOWS\system32\win32u.dll
2020-04-16 00:13:44 ----A---- C:\WINDOWS\system32\win32kfull.sys
2020-04-16 00:13:44 ----A---- C:\WINDOWS\system32\win32k.sys
2020-04-16 00:13:44 ----A---- C:\WINDOWS\system32\wevtsvc.dll
2020-04-16 00:13:44 ----A---- C:\WINDOWS\system32\user32.dll
2020-04-16 00:13:44 ----A---- C:\WINDOWS\system32\policymanagerprecheck.dll
2020-04-16 00:13:43 ----A---- C:\WINDOWS\system32\wpncore.dll
2020-04-16 00:13:43 ----A---- C:\WINDOWS\system32\wpnapps.dll
2020-04-16 00:13:43 ----A---- C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2020-04-16 00:13:43 ----A---- C:\WINDOWS\system32\VPNv2CSP.dll
2020-04-16 00:13:43 ----A---- C:\WINDOWS\system32\sbservicetrigger.dll
2020-04-16 00:13:43 ----A---- C:\WINDOWS\system32\ncbservice.dll
2020-04-16 00:13:43 ----A---- C:\WINDOWS\system32\keepaliveprovider.dll
2020-04-16 00:13:43 ----A---- C:\WINDOWS\system32\cmintegrator.dll
2020-04-16 00:13:42 ----A---- C:\WINDOWS\system32\webservices.dll
2020-04-16 00:13:42 ----A---- C:\WINDOWS\system32\WaaSMedicSvc.dll
2020-04-16 00:13:42 ----A---- C:\WINDOWS\system32\WaaSMedicPS.dll
2020-04-16 00:13:42 ----A---- C:\WINDOWS\system32\WaaSMedicCapsule.dll
2020-04-16 00:13:42 ----A---- C:\WINDOWS\system32\WaaSMedicAgent.exe
2020-04-16 00:13:42 ----A---- C:\WINDOWS\system32\kerberos.dll
2020-04-16 00:13:42 ----A---- C:\WINDOWS\system32\KerbClientShared.dll
2020-04-16 00:13:42 ----A---- C:\WINDOWS\system32\InstallServiceTasks.dll
2020-04-16 00:13:42 ----A---- C:\WINDOWS\system32\InstallService.dll
2020-04-16 00:13:42 ----A---- C:\WINDOWS\system32\AppXDeploymentClient.dll
2020-04-16 00:13:41 ----A---- C:\WINDOWS\system32\WindowsCodecs.dll
2020-04-16 00:13:41 ----A---- C:\WINDOWS\system32\MbaeApiPublic.dll
2020-04-16 00:13:41 ----A---- C:\WINDOWS\system32\dosvc.dll
2020-04-16 00:13:41 ----A---- C:\WINDOWS\system32\domgmt.dll
2020-04-16 00:13:33 ----A---- C:\WINDOWS\system32\wups2.dll
2020-04-16 00:13:33 ----A---- C:\WINDOWS\system32\wuaueng.dll
2020-04-16 00:13:33 ----A---- C:\WINDOWS\system32\wuauclt.exe
2020-04-16 00:13:33 ----A---- C:\WINDOWS\system32\win32kbase.sys
2020-04-16 00:13:33 ----A---- C:\WINDOWS\system32\updatepolicy.dll
2020-04-16 00:13:33 ----A---- C:\WINDOWS\system32\UpdateDeploymentProvider.dll
2020-04-16 00:13:32 ----A---- C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2020-04-16 00:13:32 ----A---- C:\WINDOWS\system32\Windows.Devices.Custom.ps.dll
2020-04-16 00:13:32 ----A---- C:\WINDOWS\system32\Windows.Devices.Custom.dll
2020-04-16 00:13:32 ----A---- C:\WINDOWS\system32\drivers\dxgmms2.sys
2020-04-16 00:13:32 ----A---- C:\WINDOWS\system32\drivers\dxgmms1.sys
2020-04-16 00:13:32 ----A---- C:\WINDOWS\system32\drivers\dxgkrnl.sys
2020-04-16 00:13:32 ----A---- C:\WINDOWS\system32\deviceaccess.dll
2020-04-16 00:13:32 ----A---- C:\WINDOWS\system32\cdd.dll
2020-04-16 00:13:31 ----A---- C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2020-04-16 00:13:31 ----A---- C:\WINDOWS\system32\Windows.Devices.Enumeration.dll
2020-04-16 00:13:31 ----A---- C:\WINDOWS\system32\Windows.CloudStore.dll
2020-04-16 00:13:31 ----A---- C:\WINDOWS\system32\TokenBrokerCookies.exe
2020-04-16 00:13:31 ----A---- C:\WINDOWS\system32\TokenBroker.dll
2020-04-16 00:13:31 ----A---- C:\WINDOWS\system32\tbauth.dll
2020-04-16 00:13:31 ----A---- C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2020-04-16 00:13:31 ----A---- C:\WINDOWS\system32\cloudAP.dll
2020-04-16 00:13:31 ----A---- C:\WINDOWS\system32\aadtb.dll
2020-04-16 00:13:30 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.Resources.Common.dll
2020-04-16 00:13:30 ----A---- C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2020-04-16 00:13:30 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-04-16 00:13:29 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll
2020-04-16 00:13:29 ----A---- C:\WINDOWS\system32\kernel32.dll
2020-04-16 00:13:25 ----A---- C:\WINDOWS\system32\WiredNetworkCSP.dll
2020-04-16 00:13:25 ----A---- C:\WINDOWS\system32\dot3svc.dll
2020-04-16 00:13:25 ----A---- C:\WINDOWS\system32\dot3msm.dll
2020-04-16 00:13:25 ----A---- C:\WINDOWS\system32\dot3api.dll
2020-04-16 00:13:24 ----A---- C:\WINDOWS\system32\WpcProxyStubs.dll
2020-04-16 00:13:24 ----A---- C:\WINDOWS\system32\WpcMon.exe
2020-04-16 00:13:24 ----A---- C:\WINDOWS\system32\WpcDesktopMonSvc.dll
2020-04-16 00:13:24 ----A---- C:\WINDOWS\system32\WpcApi.dll
2020-04-16 00:13:24 ----A---- C:\WINDOWS\system32\Wpc.dll
2020-04-16 00:13:24 ----A---- C:\WINDOWS\system32\UtcDecoderHost.exe
2020-04-16 00:13:24 ----A---- C:\WINDOWS\system32\CloudNotifications.exe
2020-04-16 00:13:24 ----A---- C:\WINDOWS\system32\advapi32.dll
2020-04-16 00:13:23 ----A---- C:\WINDOWS\system32\WpcTok.exe
2020-04-16 00:13:23 ----A---- C:\WINDOWS\system32\WpcRefreshTask.dll
2020-04-16 00:13:23 ----A---- C:\WINDOWS\system32\FlightSettings.dll
2020-04-16 00:13:23 ----A---- C:\WINDOWS\system32\drivers\winnat.sys
2020-04-16 00:13:23 ----A---- C:\WINDOWS\system32\drivers\storport.sys
2020-04-16 00:13:22 ----A---- C:\WINDOWS\system32\SpatialAudioLicenseSrv.exe
2020-04-16 00:13:22 ----A---- C:\WINDOWS\system32\audiosrv.dll
2020-04-16 00:13:22 ----A---- C:\WINDOWS\system32\audioresourceregistrar.dll
2020-04-16 00:13:22 ----A---- C:\WINDOWS\system32\AUDIOKSE.dll
2020-04-16 00:13:22 ----A---- C:\WINDOWS\system32\AudioEndpointBuilder.dll
2020-04-16 00:13:22 ----A---- C:\WINDOWS\system32\audiodg.exe
2020-04-16 00:13:21 ----A---- C:\WINDOWS\system32\wwansvc.dll
2020-04-16 00:13:21 ----A---- C:\WINDOWS\system32\wwanprotdim.dll
2020-04-16 00:13:21 ----A---- C:\WINDOWS\system32\Windows.Management.Service.dll
2020-04-16 00:13:21 ----A---- C:\WINDOWS\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
2020-04-16 00:13:21 ----A---- C:\WINDOWS\system32\umpo.dll
2020-04-16 00:13:21 ----A---- C:\WINDOWS\system32\remoteaudioendpoint.dll
2020-04-16 00:13:21 ----A---- C:\WINDOWS\system32\drivers\KNetPwrDepBroker.sys
2020-04-16 00:13:21 ----A---- C:\WINDOWS\system32\BTAGService.dll
2020-04-16 00:13:21 ----A---- C:\WINDOWS\system32\autopilot.dll
2020-04-16 00:13:21 ----A---- C:\WINDOWS\system32\AudioSes.dll
2020-04-16 00:13:21 ----A---- C:\WINDOWS\system32\AudioEng.dll
2020-04-16 00:13:19 ----A---- C:\WINDOWS\system32\tellib.dll
2020-04-16 00:13:11 ----A---- C:\WINDOWS\system32\drivers\storufs.sys
2020-04-16 00:13:11 ----A---- C:\WINDOWS\system32\drivers\sdbus.sys
2020-04-16 00:13:11 ----A---- C:\WINDOWS\system32\drivers\scmbus.sys
2020-04-16 00:13:11 ----A---- C:\WINDOWS\system32\drivers\pci.sys
2020-04-16 00:13:11 ----A---- C:\WINDOWS\system32\drivers\dumpsd.sys
2020-04-16 00:13:10 ----A---- C:\WINDOWS\system32\drivers\volmgr.sys
2020-04-16 00:13:10 ----A---- C:\WINDOWS\system32\drivers\sfloppy.sys
2020-04-16 00:13:10 ----A---- C:\WINDOWS\system32\drivers\flpydisk.sys
2020-04-15 23:42:50 ----A---- C:\WINDOWS\SYSWOW64\poqexec.exe
2020-04-15 23:42:50 ----A---- C:\WINDOWS\system32\poqexec.exe
======List of files/folders modified in the last 1 month======
2020-05-09 02:49:52 ----D---- C:\WINDOWS\Prefetch
2020-05-09 02:49:43 ----RD---- C:\Program Files
2020-05-09 02:48:13 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2020-05-09 02:42:56 ----D---- C:\WINDOWS\Temp
2020-05-09 02:39:50 ----D---- C:\WINDOWS\system32\drivers
2020-05-09 02:38:57 ----HD---- C:\WINDOWS\ELAMBKUP
2020-05-09 02:38:34 ----D---- C:\ProgramData\Malwarebytes
2020-05-09 02:36:25 ----D---- C:\WINDOWS\system32\catroot2
2020-05-09 02:31:15 ----D---- C:\ProgramData\NVIDIA
2020-05-09 02:29:46 ----D---- C:\Program Files (x86)\Steam
2020-05-09 02:27:42 ----D---- C:\Users\Radek\AppData\Roaming\discord
2020-05-09 02:02:00 ----D---- C:\WINDOWS\system32\sru
2020-05-08 23:47:44 ----HD---- C:\Program Files\WindowsApps
2020-05-08 23:47:40 ----D---- C:\WINDOWS\AppReadiness
2020-05-08 22:51:01 ----D---- C:\WINDOWS\system32\SleepStudy
2020-05-08 18:31:33 ----RD---- C:\WINDOWS\Microsoft.NET
2020-05-08 10:40:32 ----SHD---- C:\System Volume Information
2020-05-07 13:27:45 ----D---- C:\Users\Radek\AppData\Roaming\obs-studio
2020-05-07 12:00:00 ----D---- C:\WINDOWS\system32\LogFiles
2020-05-04 16:15:00 ----D---- C:\WINDOWS\system32\DriverStore
2020-05-04 16:14:59 ----D---- C:\WINDOWS\System32
2020-05-04 16:14:59 ----D---- C:\WINDOWS\INF
2020-05-03 22:16:34 ----D---- C:\WINDOWS\system32\WDI
2020-05-03 22:10:02 ----D---- C:\WINDOWS\SysWOW64
2020-05-03 22:09:00 ----D---- C:\Windows
2020-05-03 21:32:40 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2020-05-03 21:29:49 ----D---- C:\ProgramData\NVIDIA Corporation
2020-05-03 21:29:40 ----D---- C:\WINDOWS\system32\Tasks
2020-05-03 21:29:17 ----D---- C:\Program Files\NVIDIA Corporation
2020-05-03 21:29:17 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2020-05-03 16:42:19 ----D---- C:\ProgramData\VirtualBox
2020-05-02 19:37:57 ----SHDC---- C:\WINDOWS\Installer
2020-05-02 19:35:24 ----D---- C:\Program Files (x86)\Microsoft Office
2020-05-02 04:16:04 ----D---- C:\Users\Radek\AppData\Roaming\qBittorrent
2020-05-01 21:21:49 ----RSD---- C:\WINDOWS\assembly
2020-05-01 21:21:08 ----D---- C:\WINDOWS\Logs
2020-05-01 20:20:31 ----RD---- C:\Program Files (x86)
2020-05-01 07:02:30 ----D---- C:\WINDOWS\system32\drivers\wd
2020-04-26 09:16:31 ----D---- C:\WINDOWS\system32\config
2020-04-18 09:38:08 ----D---- C:\WINDOWS\WinSxS
2020-04-16 21:53:40 ----SH---- C:\Program Files\desktop.ini
2020-04-16 21:53:22 ----D---- C:\Riot Games
2020-04-16 06:44:23 ----D---- C:\WINDOWS\system32\CatRoot
2020-04-16 06:43:10 ----D---- C:\WINDOWS\SYSWOW64\en-US
2020-04-16 06:43:10 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2020-04-16 06:43:05 ----D---- C:\WINDOWS\SystemResources
2020-04-16 06:43:03 ----D---- C:\WINDOWS\system32\wbem
2020-04-16 06:43:03 ----D---- C:\WINDOWS\system32\PerceptionSimulation
2020-04-16 06:43:03 ----D---- C:\WINDOWS\system32\migwiz
2020-04-16 06:43:03 ----D---- C:\WINDOWS\system32\migration
2020-04-16 06:43:03 ----D---- C:\WINDOWS\system32\en-US
2020-04-16 06:43:03 ----D---- C:\WINDOWS\system32\de-DE
2020-04-16 06:43:03 ----D---- C:\WINDOWS\system32\cs-CZ
2020-04-16 06:43:03 ----D---- C:\WINDOWS\system32\Boot
2020-04-16 06:43:02 ----D---- C:\WINDOWS\ShellExperiences
2020-04-16 06:43:02 ----D---- C:\WINDOWS\Provisioning
2020-04-16 06:43:02 ----D---- C:\WINDOWS\PolicyDefinitions
2020-04-16 06:43:02 ----D---- C:\WINDOWS\bcastdvr
2020-04-16 06:43:02 ----D---- C:\WINDOWS\apppatch
2020-04-16 06:43:02 ----D---- C:\Program Files\Windows Defender Advanced Threat Protection
2020-04-16 00:19:54 ----D---- C:\WINDOWS\CbsTemp
2020-04-15 15:28:32 ----D---- C:\WINDOWS\system32\Macromed
2020-04-15 15:28:30 ----D---- C:\WINDOWS\SYSWOW64\Macromed
2020-04-11 23:55:16 ----A---- C:\WINDOWS\SYSWOW64\OpenCL.dll
2020-04-11 23:54:34 ----A---- C:\WINDOWS\SYSWOW64\nvptxJitCompiler.dll
2020-04-11 23:53:24 ----A---- C:\WINDOWS\SYSWOW64\nvEncodeAPI.dll
2020-04-11 23:52:00 ----A---- C:\WINDOWS\system32\nvapi64.dll
2020-04-11 23:51:58 ----A---- C:\WINDOWS\SYSWOW64\nvapi.dll
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2015-11-12 1467912]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\WINDOWS\system32\drivers\iorate.sys [2019-03-19 56632]
R0 MsSecFlt;@%SystemRoot%\System32\Drivers\mssecflt.sys,-1001; C:\WINDOWS\system32\drivers\mssecflt.sys [2020-03-16 254776]
R1 afunix;afunix; C:\WINDOWS\system32\drivers\afunix.sys [2020-03-16 40960]
R1 AsIO;AsIO; C:\WINDOWS\SysWow64\drivers\AsIO.sys [2014-09-09 15232]
R1 bam;@%SystemRoot%\system32\drivers\bam.sys,-100; C:\WINDOWS\system32\drivers\bam.sys [2019-03-19 70456]
R1 ESProtectionDriver;Malwarebytes Anti-Exploit; \??\C:\WINDOWS\system32\drivers\mbae64.sys [2020-05-09 153312]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2019-03-19 59392]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2019-03-19 8704]
R1 ndextlag;@oem44.inf,%ndextlag_Desc%;ExitLag Game Booster; C:\WINDOWS\system32\DRIVERS\ndextlag.sys [2018-04-11 48640]
R2 CldFlt;Windows Cloud Files Filter Driver; C:\WINDOWS\system32\drivers\cldflt.sys [2020-03-16 457216]
R2 CorsairLLAccess3B84E98236B28D4E075D5737DF9F567A1FB76E8A;CorsairLLAccess3B84E98236B28D4E075D5737DF9F567A1FB76E8A; \??\C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\CorsairLLAccess64.sys [2020-02-24 21752]
R2 MBAMChameleon;MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [2020-05-09 214496]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2019-03-19 53760]
R3 bindflt;@%systemroot%\system32\drivers\bindflt.sys,-100; C:\WINDOWS\system32\drivers\bindflt.sys [2020-02-15 117264]
R3 CorsairVBusDriver;@oem27.inf,%dev.SVCDESC%;Corsair Bus; C:\WINDOWS\System32\drivers\CorsairVBusDriver.sys [2019-11-14 45968]
R3 CorsairVHidDriver;@oem20.inf,%dev.SVCDESC%;Corsair virtual device; C:\WINDOWS\System32\drivers\CorsairVHidDriver.sys [2019-11-14 21904]
R3 cpuz149;cpuz149; \??\C:\WINDOWS\temp\cpuz149\cpuz149_x64.sys [2020-05-08 44320]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2016-12-22 5276168]
R3 keyboard;Keyboard Upper Filter Driver; C:\WINDOWS\system32\drivers\keyboard.sys [2019-07-03 18536]
R3 kvnet;@oem49.inf,%kvnet.Service.DispName%;Kerio Virtual Network Adapter; C:\WINDOWS\System32\drivers\kvnet.sys [2018-08-28 48552]
R3 lvrs64;@oem51.inf,%lvrs.SrvDesc%;Logitech RightSound Filter Driver; C:\WINDOWS\system32\DRIVERS\lvrs64.sys [2012-10-26 351520]
R3 LVUVC64;@oem17.inf,%PID_0825_DD%(UVC);Logitech HD Webcam C270(UVC); C:\WINDOWS\system32\DRIVERS\lvuvc64.sys [2012-10-26 4758176]
R3 MBAMFarflt;MBAMFarflt; C:\WINDOWS\system32\DRIVERS\farflt.sys [2020-05-09 195432]
R3 MBAMProtection;MBAMProtection; \??\C:\WINDOWS\system32\DRIVERS\mbam.sys [2020-05-09 73368]
R3 MBAMSwissArmy;MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [2020-05-09 248968]
R3 MBAMWebProtection;MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [2020-05-09 125088]
R3 MEIx64;@oem13.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys [2018-05-06 228992]
R3 mouse;Mouse Upper Filter Driver; C:\WINDOWS\system32\drivers\mouse.sys [2019-07-03 18536]
R3 NVHDA;@oem46.inf,%NVHDA.SvcDesc%;Service for NVIDIA High Definition Audio Driver; C:\WINDOWS\system32\drivers\nvhda64v.sys [2020-03-18 223120]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_9952681a7bb1dfac\nvlddmkm.sys [2020-04-11 23446968]
R3 nvvad_WaveExtensible;@oem33.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\WINDOWS\system32\drivers\nvvad64v.sys [2019-03-19 69840]
R3 nvvhci;@oem56.inf,%ServiceDesc%;NVVHCI Enumerator Service; C:\WINDOWS\System32\drivers\nvvhci.sys [2020-03-11 67456]
R3 rt640x64;@oem9.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver; C:\WINDOWS\System32\drivers\rt640x64.sys [2015-07-15 887552]
R3 RtsUpx;RtsUpx Driver; \??\C:\WINDOWS\system32\drivers\RtsUpx.sys [2018-05-06 30328]
S0 bttflt;@virtdisk.inf,%service_desc%;Microsoft Hyper-V VHDPMEM BTT Filter; C:\WINDOWS\System32\drivers\bttflt.sys [2019-03-19 42808]
S0 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2019-03-19 319528]
S0 iaStorAVC;@iastorav.inf,%iaStorAVC.DeviceDesc%;Intel Chipset SATA RAID Controller; C:\WINDOWS\System32\drivers\iaStorAVC.sys [2019-03-19 885048]
S0 ItSas35i;ItSas35i; C:\WINDOWS\System32\drivers\ItSas35i.sys [2019-03-19 148520]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2019-03-19 124448]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2019-03-19 128528]
S0 MbamElam;MbamElam; C:\WINDOWS\system32\DRIVERS\MbamElam.sys [2020-05-09 20936]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2019-03-19 75280]
S0 megasas35i;megasas35i; C:\WINDOWS\System32\drivers\megasas35i.sys [2019-03-19 94736]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2019-03-19 58896]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2019-03-19 68624]
S0 Ramdisk;Windows RAM Disk Driver; C:\WINDOWS\system32\DRIVERS\ramdisk.sys [2019-03-19 41784]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2019-03-19 20992]
S3 Acx01000;@%SystemRoot%\system32\drivers\Acx01000.sys,-1000; C:\WINDOWS\system32\drivers\Acx01000.sys [2020-03-16 337920]
S3 amdgpio2;@amdgpio2.inf,%GPIO.SvcDesc%;AMD GPIO Client Driver; C:\WINDOWS\System32\drivers\amdgpio2.sys [2019-03-19 18432]
S3 amdi2c;@amdi2c.inf,%amdi2c.SVCDESC%;AMD I2C Controller Service; C:\WINDOWS\System32\drivers\amdi2c.sys [2019-03-19 37888]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2019-11-17 18432]
S3 AppvStrm;@%systemroot%\system32\drivers\AppvStrm.sys,-101; C:\WINDOWS\system32\drivers\AppvStrm.sys [2020-02-15 138040]
S3 AppvVemgr;@%systemroot%\system32\drivers\AppvVemgr.sys,-101; C:\WINDOWS\system32\drivers\AppvVemgr.sys [2020-02-15 174392]
S3 AppvVfs;@%systemroot%\system32\drivers\AppvVfs.sys,-101; C:\WINDOWS\system32\drivers\AppvVfs.sys [2020-02-15 153912]
S3 BlueStacksDrv;BlueStacks Hypervisor; \??\C:\Program Files\BlueStacks\BstkDrv.sys [2019-08-01 313112]
S3 BthA2dp;@microsoft_bluetooth_a2dp.inf,%BthA2dp.ServiceDescription%;Microsoft Bluetooth A2dp driver; C:\WINDOWS\System32\drivers\BthA2dp.sys [2019-11-17 231936]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\WINDOWS\System32\drivers\BthEnum.sys [2020-03-16 114688]
S3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [2019-03-19 97280]
S3 BthMini;@bth.inf,%BTHMINI.SvcDesc%;Bluetooth Radio Driver; C:\WINDOWS\System32\drivers\BTHMINI.sys [2020-03-16 36864]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\WINDOWS\System32\drivers\BTHport.sys [2020-03-16 1428992]
S3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\WINDOWS\System32\drivers\BTHUSB.sys [2020-03-16 99328]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2019-03-19 43008]
S3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\WINDOWS\System32\drivers\CAD.sys [2019-03-19 64312]
S3 CompFilter64;UVCCompositeFilter; C:\WINDOWS\System32\drivers\lvbflt64.sys [2012-10-26 26784]
S3 dot4;@oem25.inf,%Dot4_Name%;MS IEEE-1284.4 Driver; C:\WINDOWS\system32\DRIVERS\Dot4.sys [2012-10-19 151968]
S3 Dot4Print;@oem8.inf,%Dot4Print_Name%;Print Class Driver for IEEE-1284.4; C:\WINDOWS\System32\drivers\Dot4Prt.sys [2012-10-19 27040]
S3 dot4usb;@oem25.inf,%DOT4USB_NAME%;Dot4USB Filter; C:\WINDOWS\system32\DRIVERS\dot4usb.sys [2012-10-19 49056]
S3 dtultrascsibus;DAEMON Tools Ultra Virtual SCSI Bus; C:\WINDOWS\System32\drivers\dtultrascsibus.sys [2019-08-17 42256]
S3 dtultrausbbus;DAEMON Tools Ultra Virtual USB Bus; C:\WINDOWS\System32\drivers\dtultrausbbus.sys [2019-08-17 59344]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\DriverStore\FileRepository\genericusbfn.inf_amd64_b9c53b80e63af230\genericusbfn.sys [2019-11-17 20992]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2019-03-19 53560]
S3 hidspi;@hidspi_km.inf,%hidspi.SVCDESC%;Microsoft SPI HID Miniport Driver; C:\WINDOWS\System32\drivers\hidspi.sys [2019-11-17 64000]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2020-04-16 84280]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver; C:\WINDOWS\System32\Drivers\mshwnclx.sys [2019-03-19 28672]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2019-03-19 1866768]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2019-03-19 36352]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2019-03-19 91136]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2019-03-19 79360]
S3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2019-03-19 93184]
S3 iaLPSS2i_GPIO2_CNL;@iaLPSS2i_GPIO2_CNL.inf,%iaLPSS2i_GPIO2_CNL.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_CNL.sys [2019-03-19 112128]
S3 iaLPSS2i_GPIO2_GLK;@iaLPSS2i_GPIO2_GLK.inf,%iaLPSS2i_GPIO2_GLK.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_GLK.sys [2019-03-19 96256]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2019-03-19 171520]
S3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2019-03-19 175104]
S3 iaLPSS2i_I2C_CNL;@iaLPSS2i_I2C_CNL.inf,%iaLPSS2i_I2C_CNL.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_CNL.sys [2019-03-19 180736]
S3 iaLPSS2i_I2C_GLK;@iaLPSS2i_I2C_GLK.inf,%iaLPSS2i_I2C_GLK.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_GLK.sys [2019-03-19 177664]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2019-03-19 566800]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2019-03-19 46592]
S3 intelpmax;@intelpmax.inf,%SvcDesc%;Intel Power Limit Driver; C:\WINDOWS\System32\drivers\intelpmax.sys [2019-03-19 28672]
S3 IPT;IPT; C:\WINDOWS\System32\drivers\ipt.sys [2019-03-19 54584]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\WINDOWS\System32\drivers\mausbhost.sys [2019-03-19 535864]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\WINDOWS\System32\drivers\mausbip.sys [2019-03-19 62264]
S3 MbbCx;MBB Network Adapter Class Extension; C:\WINDOWS\system32\drivers\MbbCx.sys [2019-11-17 359424]
S3 Microsoft_Bluetooth_AvrcpTransport;@microsoft_bluetooth_avrcptransport.inf,%Microsoft_Bluetooth_AvrcpTransport.ServiceDescription%;Microsoft Bluetooth Avrcp Transport Driver; C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.AvrcpTransport.sys [2019-03-19 64512]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2019-03-19 1150480]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2019-03-19 153616]
S3 NDKPing;NDKPing Driver; C:\WINDOWS\system32\drivers\NDKPing.sys [2019-03-19 63488]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2019-03-19 187904]
S3 nvdimm;@nvdimm.inf,%nvdimm.SvcDesc%;Microsoft NVDIMM device driver; C:\WINDOWS\System32\drivers\nvdimm.sys [2019-03-19 158520]
S3 NvStreamKms;NVIDIA KMS; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2020-04-01 30336]
S3 NvStUSB;NVIDIA Stereoscopic 3D USB driver; C:\WINDOWS\System32\drivers\nvstusb.sys [2018-03-24 468752]
S3 PktMon;Packet Monitor Driver; C:\WINDOWS\system32\drivers\PktMon.sys [2019-03-19 96056]
S3 pmem;@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver; C:\WINDOWS\System32\drivers\pmem.sys [2019-03-19 127800]
S3 PNPMEM;@memory.inf,%PNPMEM.SvcDesc%;Microsoft Memory Module Driver; C:\WINDOWS\System32\drivers\pnpmem.sys [2019-03-19 17408]
S3 portcfg;portcfg; C:\WINDOWS\System32\drivers\portcfg.sys [2019-03-19 25600]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2019-12-13 986936]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2019-03-19 211456]
S3 rhproxy;@rhproxy.inf,%rhproxy.SVCDESC%;Resource Hub proxy driver; C:\WINDOWS\System32\drivers\rhproxy.sys [2019-03-19 113152]
S4 hvcrash;hvcrash; C:\WINDOWS\System32\drivers\hvcrash.sys [2019-03-19 32568]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2020-02-25 88648]
R2 AdobeUpdateService;AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [2018-06-22 818128]
R2 AGMService;Adobe Genuine Monitor Service; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2020-03-04 3374160]
R2 AGSService;Adobe Genuine Software Integrity Service; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2020-03-04 3103824]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R2 CDPUserSvc_21a593db;Uživatelská služba platformy připojených zařízení_21a593db; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R2 ClickToRunSvc;Služba Microsoft Office Klikni a spusť; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2020-04-28 10610544]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R2 CorsairLLAService;Corsair LLA Service; C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\CueLLAccessService.exe [2020-03-02 403496]
R2 CorsairService;Corsair Service; C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.exe [2020-03-02 55848]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
R2 DispBrokerDesktopSvc;@%SystemRoot%\system32\dispbroker.desktop.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2016-03-16 209184]
R2 KVPNCSvc;Kerio Control VPN Client Service; C:\Program Files (x86)\Kerio\VPN Client\kvpncsvc.exe [2018-08-28 1986920]
R2 LightingService;LightingService; C:\Program Files (x86)\LightingService\1.00.42\LightingService.exe [2018-05-06 1289688]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2016-03-16 416544]
R2 MBAMService;Malwarebytes Service; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [2020-05-09 6933272]
R2 nebula;Logitech Video Camera Service; C:\Program Files\Logitech\Collaboration\Services\Video\ServiceLayer.exe [2018-06-19 4477576]
R2 nordvpn-service;nordvpn-service; C:\Program Files (x86)\NordVPN\nordvpn-service.exe [2019-12-19 222240]
R2 NvContainerLocalSystem;NVIDIA LocalSystem Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2020-03-18 850928]
R2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [2020-04-03 874472]
R2 OneSyncSvc_21a593db;Hostitel synchronizace_21a593db; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R3 BthAvctpSvc;@%SystemRoot%\system32\BthAvctpSvc.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R3 camsvc;@%SystemRoot%\system32\CapabilityAccessManager.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R3 cbdhsvc_21a593db;Uživatelská služba schránky_21a593db; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
R3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R3 DisplayEnhancementService;@%SystemRoot%\System32\Microsoft.Graphics.Display.DisplayEnhancementService.dll,-1000; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
R3 InstallService;@%SystemRoot%\system32\InstallService.dll,-200; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
R3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R3 PimIndexMaintenanceSvc_21a593db;Data kontaktů_21a593db; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
R3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S2 asComSvc;ASUS Com Service; C:\Program Files (x86)\ASUS\AXSP\4.00.01\atkexComSvc.exe [2018-01-05 382424]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S2 debugregsvc;@%SystemRoot%\system32\debugregsvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S2 gupdate;Služba Aktualizace Google (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-05-06 153168]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S2 Origin Web Helper Service;Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2020-01-31 3394864]
S3 AarSvc;@%SystemRoot%\system32\AarSvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 AarSvc_21a593db;Agent Activation Runtime_21a593db; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2020-04-15 335416]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 AssignedAccessManagerSvc;@%SystemRoot%\system32\assignedaccessmanagersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 autotimesvc;@%SystemRoot%\System32\autotimesvc.dll,-6; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 BcastDVRUserService;@%SystemRoot%\system32\BcastDVRUserService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 BcastDVRUserService_21a593db;Uživatelská služba pro GameDVR a vysílání her_21a593db; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 BEService;BattlEye Service; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [2019-07-10 8403672]
S3 BluetoothUserService;@%SystemRoot%\system32\Microsoft.Bluetooth.UserService.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 BluetoothUserService_21a593db;Služba pro podporu uživatelů Bluetooth_21a593db; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 BTAGService;@%SystemRoot%\system32\BTAGService.dll,-101; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 CaptureService;@%SystemRoot%\system32\CaptureService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 CaptureService_21a593db;CaptureService_21a593db; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 cbdhsvc;@%SystemRoot%\system32\cbdhsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 ConsentUxUserSvc;@%SystemRoot%\system32\ConsentUxClient.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 ConsentUxUserSvc_21a593db;ConsentUX_21a593db; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 CredentialEnrollmentManagerUserSvc;@%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100; C:\WINDOWS\system32\CredentialEnrollmentManager.exe [2019-03-19 380120]
S3 CredentialEnrollmentManagerUserSvc_21a593db;CredentialEnrollmentManagerUserSvc_21a593db; C:\WINDOWS\system32\CredentialEnrollmentManager.exe [2019-03-19 380120]
S3 DeveloperToolsService;@%SystemRoot%\system32\DeveloperToolsSvc.exe,-100; C:\WINDOWS\System32\DeveloperToolsSvc.exe [2019-03-18 174080]
S3 DeviceAssociationBrokerSvc;@%SystemRoot%\system32\deviceaccess.dll,-107; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 DeviceAssociationBrokerSvc_21a593db;DeviceAssociationBroker_21a593db; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 DevicePickerUserSvc;@%SystemRoot%\system32\Windows.Devices.Picker.dll,-1006; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 DevicePickerUserSvc_21a593db;DevicePicker_21a593db; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 DevicesFlowUserSvc_21a593db;Tok zařízení_21a593db; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2020-03-16 97792]
S3 diagsvc;@%systemroot%\system32\DiagSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 EasyAntiCheat;EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [2019-05-22 803440]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2019-11-17 43704]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S3 GoogleChromeElevationService;Google Chrome Elevation Service; C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.138\elevation_service.exe [2020-05-02 1095664]
S3 GraphicsPerfSvc;@%SystemRoot%\system32\GraphicsPerfSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S3 gupdatem;Služba Aktualizace Google (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-05-06 153168]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2016-02-19 974632]
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S3 LxpSvc;@%SystemRoot%\system32\LanguageOverlayServer.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 MessagingService_21a593db;Služba zasílání zpráv_21a593db; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S3 Origin Client Service;Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2020-01-31 2474800]
S3 ose;Office Source Engine; c:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2002-02-01 215056]
S3 perceptionsimulation;@%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101; C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe [2019-03-19 103424]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 PrintWorkflowUserSvc;@%SystemRoot%\system32\PrintWorkflowService.dll,-100; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 PrintWorkflowUserSvc_21a593db;PrintWorkflow_21a593db; C:\WINDOWS\system32\svchost.exe [2019-03-19 53744]
S3 PushToInstall;@%SystemRoot%\system32\pushtoinstall.dll,-200; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2019-03-19 53744]
S3 Rockstar Service;Rockstar Game Library Service; C:\Program Files\Rockstar Games\Launcher\RockstarService.exe [2019-12-05 474256]
S4 AppVClient;@%systemroot%\system32\AppVClient.exe,-102; C:\WINDOWS\system32\AppVClient.exe [2020-02-15 828216]
-----------------EOF-----------------
Tema nam trochu zapadla, kedze si tu aj sam odpovedal