prosím o preventivní kontrolu,pc mi hlásí trojan Wacatac a Phonzy
Napsal: 25 kvě 2021 18:35
Logfile of random's system information tool 1.10 (written by random/random)
Run by standa at 2021-05-25 19:16:56
Microsoft Windows 10 Home
System drive C: has 257 GB (53%) free of 487 GB
Total RAM: 8059 MB (22% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:17:07, on 25.05.2021
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.19041.0001)
Boot mode: Normal
Running processes:
C:\Users\standa\AppData\Local\Temp\mexe.com
C:\Users\standa\Downloads\RSIT.exe
C:\Program Files (x86)\trend micro\standa.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus15.msn.com/?pc=ASTE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://asus15.msn.com/?pc=ASTE
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe
O2 - BHO: IEToEdge BHO - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\BHO\ie_to_edge_bho.dll
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O2 - BHO: Evernote extension - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll
O4 - HKCU\..\Run: [OneDrive] "C:\Users\standa\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_6530F5102E69735431FAA248529CFAF0] "C:\Program Files\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5
O4 - HKCU\..\Run: [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-2132360492-723632287-2629535127-1002\..\Run: [OneDrive] "C:\Users\hanah\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background (User 'hanah')
O4 - Global Startup: Avast SecureLine VPN.lnk = C:\Program Files\AVAST Software\SecureLine VPN\Vpn.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\MSOXMLMF.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
O23 - Service: AtherosSvc - Unknown owner - C:\WINDOWS\system32\AdminService.exe (file missing)
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_9f310939ec1eebf9\IntelCpHeciSvc.exe
O23 - Service: Intel(R) Content Protection HDCP Service (cplspcon) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_9f310939ec1eebf9\IntelCpHDCPSvc.exe
O23 - Service: @%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100 (CredentialEnrollmentManagerUserSvc) - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: CredentialEnrollmentManagerUserSvc_22a0f1 - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: CredentialEnrollmentManagerUserSvc_28d9744 - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: Dropbox Update Service (dbupdate) (dbupdate) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: Dropbox Update Service (dbupdatem) (dbupdatem) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @oem24.inf,%ServiceDisplayName%;ESIF Upper Framework Service (esifsvc) - Intel Corporation - C:\WINDOWS\SysWOW64\esif_uf.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) (GoogleChromeElevationService) - Google LLC - C:\Program Files\Google\Chrome\Application\90.0.4430.212\elevation_service.exe
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google LLC - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google LLC - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Print Scan Doctor Service (HPPrintScanDoctorService) - HP Inc. - C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
O23 - Service: ICEsound Service (ICEsoundService) - Unknown owner - C:\WINDOWS\system32\ICEsoundService64.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_9f310939ec1eebf9\igfxCUIService.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Security Assist - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
O23 - Service: Intel(R) Security Assist Helper (isaHelperSvc) - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: WPS Office Update Service (Kingsoft_WPS_UpdateService) - Zhuhai Kingsoft Office Software Co.,Ltd - C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5247\wtoolex\wpsupdatesvr.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Network Service (NvStreamNetworkSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101 (perceptionsimulation) - Unknown owner - C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Avast SecureLine VPN (SecureLine) - AVAST Software - C:\Program Files\Avast Software\SecureLine VPN\VpnSvc.exe
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\WINDOWS\system32\SgrmBroker.exe (file missing)
O23 - Service: @firewallapi.dll,-50323 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 10 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 14251 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\DropboxUpdateTaskMachineCore.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /c
C:\WINDOWS\tasks\DropboxUpdateTaskMachineUA.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\WpsNotifyTask_Administrator.job - C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5247\wtoolex\wpsnotify.exe -from=task
C:\WINDOWS\tasks\WpsUpdateTask_Administrator.job - C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5247\wtoolex\wpsupdate.exe -from=task
=========Mozilla firefox=========
ProfilePath - C:\Users\standa\AppData\Roaming\Mozilla\Firefox\Profiles\z806poz8.default-release
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp]
"Description"=
"Path"=C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}]
IEToEdge BHO - C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\BHO\ie_to_edge_bho.dll [2021-05-20 410008]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-03-04 151872]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{92EF2EAD-A7CE-4424-B0DB-499CF856608E}]
Evernote extension - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2015-09-03 629256]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"=C:\Users\standa\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2021-05-09 1971560]
"GoogleChromeAutoLaunch_6530F5102E69735431FAA248529CFAF0"=C:\Program Files\Google\Chrome\Application\chrome.exe [2021-05-08 2396272]
"CCleaner Smart Cleaning"=C:\Program Files\CCleaner\CCleaner64.exe [2021-05-20 33770112]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Avast SecureLine VPN.lnk - C:\Program Files (x86)\AVAST Software\SecureLine VPN\Vpn.exe
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CBDHSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NgcCtnrSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NgcSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioEndpointBuilder]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioSrv]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CBDHSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudAddService.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudBus.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsQuic]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NgcCtnrSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NgcSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SerCx2.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\usbaudio.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96C-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"EnableFullTrustStartupTasks"=2
"EnableUwpStartupTasks"=2
"SupportFullTrustStartupTasks"=1
"SupportUwpStartupTasks"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"aux"=wdmaud.drv
"midi"=wdmaud.drv
"midimapper"=midimap.dll
"mixer"=wdmaud.drv
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\SysWOW64\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.cvid"=iccvid.dll
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wave"=wdmaud.drv
"wavemapper"=msacm32.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave1"=wdmaud.drv
"aux1"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave2"=wdmaud.drv
"aux2"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave3"=wdmaud.drv
======File associations======
.inf - install -
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2021-05-25 19:16:57 ----D---- C:\Program Files (x86)\trend micro
2021-05-25 19:16:56 ----D---- C:\rsit
2021-05-25 18:51:15 ----D---- C:\ProgramData\MicroWorld
2021-05-13 21:28:06 ----A---- C:\WINDOWS\SysWOW64\quickassist.exe
2021-05-13 21:28:02 ----A---- C:\WINDOWS\SysWOW64\mfps.dll
2021-05-13 21:28:02 ----A---- C:\WINDOWS\SysWOW64\mfh264enc.dll
2021-05-13 21:28:02 ----A---- C:\WINDOWS\SysWOW64\mfcore.dll
2021-05-13 21:28:02 ----A---- C:\WINDOWS\SysWOW64\DolbyDecMFT.dll
2021-05-13 21:27:59 ----A---- C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2021-05-13 21:27:58 ----A---- C:\WINDOWS\SysWOW64\wsp_health.dll
2021-05-13 21:27:58 ----A---- C:\WINDOWS\SysWOW64\wsp_fs.dll
2021-05-13 21:27:58 ----A---- C:\WINDOWS\SysWOW64\Windows.Mirage.dll
2021-05-13 21:27:58 ----A---- C:\WINDOWS\SysWOW64\tsgqec.dll
2021-05-13 21:27:58 ----A---- C:\WINDOWS\SysWOW64\SessEnv.dll
2021-05-13 21:27:58 ----A---- C:\WINDOWS\SysWOW64\remotepg.dll
2021-05-13 21:27:58 ----A---- C:\WINDOWS\SysWOW64\rdvvmtransport.dll
2021-05-13 21:27:58 ----A---- C:\WINDOWS\SysWOW64\nshwfp.dll
2021-05-13 21:27:58 ----A---- C:\WINDOWS\SysWOW64\mstscax.dll
2021-05-13 21:27:58 ----A---- C:\WINDOWS\SysWOW64\msjet40.dll
2021-05-13 21:27:58 ----A---- C:\WINDOWS\SysWOW64\mfsensorgroup.dll
2021-05-13 21:27:58 ----A---- C:\WINDOWS\SysWOW64\iemigplugin.dll
2021-05-13 21:27:58 ----A---- C:\WINDOWS\SysWOW64\CheckNetIsolation.exe
2021-05-13 21:27:58 ----A---- C:\WINDOWS\SysWOW64\fwcfg.dll
2021-05-13 21:27:58 ----A---- C:\WINDOWS\SysWOW64\FrameServerClient.dll
2021-05-13 21:27:58 ----A---- C:\WINDOWS\SysWOW64\authfwcfg.dll
2021-05-13 21:27:57 ----A---- C:\WINDOWS\SysWOW64\jscript9diag.dll
2021-05-13 21:27:57 ----A---- C:\WINDOWS\SysWOW64\jscript9.dll
2021-05-13 21:27:57 ----A---- C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll
2021-05-13 21:27:57 ----A---- C:\WINDOWS\SysWOW64\ieframe.dll
2021-05-13 21:27:56 ----A---- C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2021-05-13 21:27:56 ----A---- C:\WINDOWS\SysWOW64\mshtml.dll
2021-05-13 21:27:56 ----A---- C:\WINDOWS\SysWOW64\EdgeManager.dll
2021-05-13 21:27:55 ----A---- C:\WINDOWS\SysWOW64\storagewmi.dll
2021-05-13 21:27:55 ----A---- C:\WINDOWS\SysWOW64\smphost.dll
2021-05-13 21:27:55 ----A---- C:\WINDOWS\SysWOW64\resutils.dll
2021-05-13 21:27:55 ----A---- C:\WINDOWS\SysWOW64\nshhttp.dll
2021-05-13 21:27:55 ----A---- C:\WINDOWS\SysWOW64\mispace.dll
2021-05-13 21:27:55 ----A---- C:\WINDOWS\SysWOW64\jscript.dll
2021-05-13 21:27:55 ----A---- C:\WINDOWS\SysWOW64\edgehtml.dll
2021-05-13 21:27:55 ----A---- C:\WINDOWS\SysWOW64\clusapi.dll
2021-05-13 21:27:45 ----A---- C:\WINDOWS\SysWOW64\winipsec.dll
2021-05-13 21:27:45 ----A---- C:\WINDOWS\SysWOW64\Windows.UI.CredDialogController.dll
2021-05-13 21:27:45 ----A---- C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2021-05-13 21:27:45 ----A---- C:\WINDOWS\SysWOW64\wimgapi.dll
2021-05-13 21:27:45 ----A---- C:\WINDOWS\SysWOW64\vbscript.dll
2021-05-13 21:27:45 ----A---- C:\WINDOWS\SysWOW64\urlmon.dll
2021-05-13 21:27:45 ----A---- C:\WINDOWS\SysWOW64\shell32.dll
2021-05-13 21:27:45 ----A---- C:\WINDOWS\SysWOW64\rtm.dll
2021-05-13 21:27:45 ----A---- C:\WINDOWS\SysWOW64\rasapi32.dll
2021-05-13 21:27:45 ----A---- C:\WINDOWS\SysWOW64\polstore.dll
2021-05-13 21:27:45 ----A---- C:\WINDOWS\SysWOW64\oleaut32.dll
2021-05-13 21:27:45 ----A---- C:\WINDOWS\SysWOW64\nshipsec.dll
2021-05-13 21:27:45 ----A---- C:\WINDOWS\SysWOW64\msIso.dll
2021-05-13 21:27:45 ----A---- C:\WINDOWS\SysWOW64\mprdim.dll
2021-05-13 21:27:45 ----A---- C:\WINDOWS\SysWOW64\mprddm.dll
2021-05-13 21:27:45 ----A---- C:\WINDOWS\SysWOW64\iprtrmgr.dll
2021-05-13 21:27:45 ----A---- C:\WINDOWS\SysWOW64\iprtprio.dll
2021-05-13 21:27:45 ----A---- C:\WINDOWS\SysWOW64\iertutil.dll
2021-05-13 21:27:45 ----A---- C:\WINDOWS\SysWOW64\httpapi.dll
2021-05-13 21:27:45 ----A---- C:\WINDOWS\SysWOW64\FwRemoteSvr.dll
2021-05-13 21:27:45 ----A---- C:\WINDOWS\SysWOW64\fphc.dll
2021-05-13 21:27:45 ----A---- C:\WINDOWS\SysWOW64\edgeIso.dll
2021-05-13 21:27:45 ----A---- C:\WINDOWS\SysWOW64\drvstore.dll
2021-05-13 21:27:45 ----A---- C:\WINDOWS\SysWOW64\DMAppsRes.dll
2021-05-13 21:27:45 ----A---- C:\WINDOWS\SysWOW64\dabapi.dll
2021-05-13 21:27:44 ----A---- C:\WINDOWS\SysWOW64\WordBreakers.dll
2021-05-13 21:27:44 ----A---- C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2021-05-13 21:27:44 ----A---- C:\WINDOWS\SysWOW64\windows.storage.dll
2021-05-13 21:27:44 ----A---- C:\WINDOWS\SysWOW64\Windows.Internal.Graphics.Display.DisplayColorManagement.dll
2021-05-13 21:27:44 ----A---- C:\WINDOWS\SysWOW64\win32u.dll
2021-05-13 21:27:44 ----A---- C:\WINDOWS\SysWOW64\win32kfull.sys
2021-05-13 21:27:44 ----A---- C:\WINDOWS\SysWOW64\win32k.sys
2021-05-13 21:27:44 ----A---- C:\WINDOWS\SysWOW64\wfapigp.dll
2021-05-13 21:27:44 ----A---- C:\WINDOWS\SysWOW64\uReFS.dll
2021-05-13 21:27:44 ----A---- C:\WINDOWS\SysWOW64\TextInputFramework.dll
2021-05-13 21:27:44 ----A---- C:\WINDOWS\SysWOW64\SndVolSSO.dll
2021-05-13 21:27:44 ----A---- C:\WINDOWS\SysWOW64\SHCore.dll
2021-05-13 21:27:44 ----A---- C:\WINDOWS\SysWOW64\PCShellCommonProxyStub.dll
2021-05-13 21:27:44 ----A---- C:\WINDOWS\SysWOW64\OneCoreUAPCommonProxyStub.dll
2021-05-13 21:27:44 ----A---- C:\WINDOWS\SysWOW64\ngccredprov.dll
2021-05-13 21:27:44 ----A---- C:\WINDOWS\SysWOW64\mskeyprotect.dll
2021-05-13 21:27:44 ----A---- C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
2021-05-13 21:27:44 ----A---- C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll
2021-05-13 21:27:44 ----A---- C:\WINDOWS\SysWOW64\fwbase.dll
2021-05-13 21:27:44 ----A---- C:\WINDOWS\SysWOW64\FirewallAPI.dll
2021-05-13 21:27:44 ----A---- C:\WINDOWS\SysWOW64\EditBufferTestHook.dll
2021-05-13 21:27:44 ----A---- C:\WINDOWS\SysWOW64\daxexec.dll
2021-05-13 21:27:44 ----A---- C:\WINDOWS\SysWOW64\container.dll
2021-05-13 21:27:44 ----A---- C:\WINDOWS\SysWOW64\cldapi.dll
2021-05-13 21:27:44 ----A---- C:\WINDOWS\SysWOW64\certcli.dll
2021-05-13 21:27:44 ----A---- C:\WINDOWS\SysWOW64\AppResolver.dll
2021-05-13 21:27:43 ----A---- C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2021-05-13 21:27:43 ----A---- C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2021-05-13 21:27:43 ----A---- C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Background.SystemEventsBroker.dll
2021-05-13 21:27:43 ----A---- C:\WINDOWS\SysWOW64\UserDeviceRegistration.Ngc.dll
2021-05-13 21:27:43 ----A---- C:\WINDOWS\SysWOW64\UserDeviceRegistration.dll
2021-05-13 21:27:43 ----A---- C:\WINDOWS\SysWOW64\SystemEventsBrokerClient.dll
2021-05-13 21:27:43 ----A---- C:\WINDOWS\SysWOW64\ReAgent.dll
2021-05-13 21:27:43 ----A---- C:\WINDOWS\SysWOW64\GameInput.dll
2021-05-13 21:27:43 ----A---- C:\WINDOWS\SysWOW64\dxgi.dll
2021-05-13 21:27:43 ----A---- C:\WINDOWS\SysWOW64\dsregtask.dll
2021-05-13 21:27:43 ----A---- C:\WINDOWS\SysWOW64\dsreg.dll
2021-05-13 21:27:43 ----A---- C:\WINDOWS\SysWOW64\directmanipulation.dll
2021-05-13 21:27:43 ----A---- C:\WINDOWS\SysWOW64\aadtb.dll
2021-05-13 21:27:43 ----A---- C:\WINDOWS\SysWOW64\aadauthhelper.dll
2021-05-13 21:27:42 ----A---- C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2021-05-13 21:27:42 ----A---- C:\WINDOWS\SysWOW64\Wpc.dll
2021-05-13 21:27:42 ----A---- C:\WINDOWS\SysWOW64\Windows.ApplicationModel.ConversationalAgent.dll
2021-05-13 21:27:42 ----A---- C:\WINDOWS\SysWOW64\twinui.dll
2021-05-13 21:27:42 ----A---- C:\WINDOWS\SysWOW64\taskschd.dll
2021-05-13 21:27:42 ----A---- C:\WINDOWS\SysWOW64\stobject.dll
2021-05-13 21:27:42 ----A---- C:\WINDOWS\SysWOW64\ntdll.dll
2021-05-13 21:27:42 ----A---- C:\WINDOWS\SysWOW64\msctf.dll
2021-05-13 21:27:42 ----A---- C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2021-05-13 21:27:42 ----A---- C:\WINDOWS\SysWOW64\InputSwitch.dll
2021-05-13 21:27:42 ----A---- C:\WINDOWS\SysWOW64\explorer.exe
2021-05-13 21:27:42 ----A---- C:\WINDOWS\SysWOW64\diskpart.exe
2021-05-13 21:27:42 ----A---- C:\WINDOWS\SysWOW64\cmifw.dll
2021-05-13 21:27:42 ----A---- C:\WINDOWS\SysWOW64\agentactivationruntimewindows.dll
2021-05-13 21:27:42 ----A---- C:\WINDOWS\SysWOW64\agentactivationruntime.dll
2021-05-13 21:27:42 ----A---- C:\WINDOWS\SysWOW64\AarSvc.dll
2021-05-13 21:27:37 ----A---- C:\WINDOWS\SysWOW64\KernelBase.dll
2021-05-13 21:27:22 ----A---- C:\WINDOWS\explorer.exe
2021-05-13 21:18:40 ----A---- C:\WINDOWS\SysWOW64\poqexec.exe
======List of files/folders modified in the last 1 month======
2021-05-25 19:17:13 ----D---- C:\ProgramData\Mozilla
2021-05-25 19:17:01 ----D---- C:\WINDOWS\prefetch
2021-05-25 19:16:57 ----RD---- C:\Program Files (x86)
2021-05-25 19:16:09 ----D---- C:\WINDOWS\Temp
2021-05-25 19:16:07 ----RD---- C:\Program Files
2021-05-25 19:13:37 ----D---- C:\FRST
2021-05-25 19:13:31 ----SHD---- C:\System Volume Information
2021-05-25 19:05:58 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2021-05-25 19:03:09 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2021-05-25 18:51:15 ----HD---- C:\ProgramData
2021-05-25 18:17:31 ----D---- C:\ProgramData\NVIDIA
2021-05-25 16:07:10 ----D---- C:\WINDOWS\AppReadiness
2021-05-25 16:06:52 ----RD---- C:\WINDOWS\Microsoft.NET
2021-05-23 14:23:48 ----SHD---- C:\WINDOWS\Installer
2021-05-23 14:18:38 ----D---- C:\WINDOWS\apppatch
2021-05-18 07:54:46 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2021-05-16 09:03:43 ----D---- C:\WINDOWS\WinSxS
2021-05-15 17:15:29 ----D---- C:\WINDOWS\INF
2021-05-14 07:42:27 ----D---- C:\WINDOWS\System32
2021-05-13 22:47:20 ----ASH---- C:\DumpStack.log.tmp
2021-05-13 22:47:19 ----D---- C:\WINDOWS\ServiceState
2021-05-13 22:44:42 ----D---- C:\WINDOWS\SysWOW64\WinMetadata
2021-05-13 22:44:42 ----D---- C:\WINDOWS\SysWOW64\wbem
2021-05-13 22:44:42 ----D---- C:\WINDOWS\SysWOW64\setup
2021-05-13 22:44:42 ----D---- C:\WINDOWS\SysWOW64\oobe
2021-05-13 22:44:42 ----D---- C:\WINDOWS\SysWOW64\migration
2021-05-13 22:44:42 ----D---- C:\WINDOWS\SysWOW64\lt-LT
2021-05-13 22:44:42 ----D---- C:\WINDOWS\SysWOW64\en-US
2021-05-13 22:44:42 ----D---- C:\WINDOWS\SysWOW64\Dism
2021-05-13 22:44:42 ----D---- C:\WINDOWS\SysWOW64\cs-CZ
2021-05-13 22:44:42 ----D---- C:\WINDOWS\SysWOW64
2021-05-13 22:44:42 ----D---- C:\WINDOWS\SystemResources
2021-05-13 22:44:41 ----RD---- C:\WINDOWS\PrintDialog
2021-05-13 22:44:41 ----D---- C:\WINDOWS\Provisioning
2021-05-13 22:44:41 ----D---- C:\WINDOWS\PolicyDefinitions
2021-05-13 22:44:41 ----D---- C:\WINDOWS\en-US
2021-05-13 22:44:41 ----D---- C:\WINDOWS\DiagTrack
2021-05-13 22:44:41 ----D---- C:\WINDOWS\cs-CZ
2021-05-13 22:44:41 ----D---- C:\WINDOWS\bcastdvr
2021-05-13 22:44:41 ----D---- C:\Windows
2021-05-13 21:57:45 ----D---- C:\WINDOWS\LiveKernelReports
2021-05-13 21:30:54 ----D---- C:\WINDOWS\CbsTemp
2021-05-11 20:34:21 ----D---- C:\WINDOWS\debug
2021-04-28 21:57:55 ----D---- C:\ProgramData\Packages
2021-04-28 21:25:07 ----D---- C:\ProgramData\HP
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys []
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\WINDOWS\system32\drivers\iorate.sys []
R1 afunix;afunix; C:\WINDOWS\system32\drivers\afunix.sys [2020-11-06 29696]
R1 ATKWMIACPIIO;ATKWMIACPI Driver; \??\C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2015-05-08 20096]
R1 bam;@%SystemRoot%\system32\drivers\bam.sys,-100; C:\WINDOWS\system32\drivers\bam.sys []
R1 CimFS;CimFS; C:\WINDOWS\SysWOW64\drivers\CimFS.sys []
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys []
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys []
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2015-05-08 18048]
R2 bindflt;@%systemroot%\system32\drivers\bindflt.sys,-100; C:\WINDOWS\system32\drivers\bindflt.sys []
R2 CldFlt;Windows Cloud Files Filter Driver; C:\WINDOWS\system32\drivers\cldflt.sys []
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys []
R3 AiCharger;ASUS Charger Driver; C:\WINDOWS\system32\DRIVERS\AiCharger.sys []
R3 AsusSGDrv;@oem12.inf,%AsusSGDrv.SvcDesc%;ASUS Touch Service; C:\WINDOWS\System32\drivers\AsusSGDrv.sys []
R3 BtFilter;BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys []
R3 BthA2dp;@microsoft_bluetooth_a2dp.inf,%BthA2dp.ServiceDescription%;Microsoft Bluetooth A2dp driver; C:\WINDOWS\System32\drivers\BthA2dp.sys []
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\WINDOWS\System32\drivers\BthEnum.sys []
R3 BthHFAud;@microsoft_bluetooth_hfp.inf,%BTHHFAUD_DISPLAY_NAME%;Microsoft Bluetooth Hands-Free Audio driver; C:\WINDOWS\System32\drivers\BthHfAud.sys []
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys []
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys []
R3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\drivers\BTHport.sys []
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\drivers\BTHUSB.sys []
R3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\WINDOWS\System32\drivers\CAD.sys []
R3 dptf_acpi;dptf_acpi; C:\WINDOWS\System32\drivers\dptf_acpi.sys []
R3 dptf_cpu;dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys []
R3 esif_lf;esif_lf; C:\WINDOWS\system32\DRIVERS\esif_lf.sys []
R3 HIDSwitch;@oem91.inf,%ASSW.DisplayName%;ASUS Wireless Radio Control; C:\WINDOWS\System32\drivers\AsRadioControl.sys []
R3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys []
R3 igfx;igfx; C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_9f310939ec1eebf9\igdkmd64.sys [2019-10-30 20620368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys []
R3 IntcDAud;@oem46.inf,%IntcAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\System32\DriverStore\FileRepository\intcdaud.inf_amd64_0d54ec4feb82b9c1\IntcDAud.sys [2019-10-30 674152]
R3 MEIx64;@oem32.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys []
R3 Microsoft_Bluetooth_AvrcpTransport;@microsoft_bluetooth_avrcptransport.inf,%Microsoft_Bluetooth_AvrcpTransport.ServiceDescription%;Microsoft Bluetooth Avrcp Transport Driver; C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.AvrcpTransport.sys []
R3 MpKsl57630379;MpKsl57630379; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{2BD841C7-C7AE-43B5-A2E9-7E45AE87EC5B}\MpKslDrv.sys [2021-05-25 107744]
R3 MpKsld3c22837;MpKsld3c22837; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{00F7EC56-90B7-4A9D-B67B-0F204C207CDF}\MpKslDrv.sys [2021-05-25 107744]
R3 MsQuic;@%SystemRoot%\system32\drivers\msquic.sys,-1; C:\WINDOWS\system32\drivers\msquic.sys []
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvam.inf_amd64_1aae4f19e68d0780\nvlddmkm.sys [2017-12-12 17003280]
R3 nvvad_WaveExtensible;@oem90.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\WINDOWS\system32\drivers\nvvad64v.sys []
R3 Qcamain10x64;@netathr10x.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN 11AC device driver; C:\WINDOWS\System32\drivers\Qcamain10x64.sys []
S0 bttflt;@virtdisk.inf,%service_desc%;Microsoft Hyper-V VHDPMEM BTT Filter; C:\WINDOWS\System32\drivers\bttflt.sys []
S0 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys []
S0 iaStorAVC;@iastorav.inf,%iaStorAVC.DeviceDesc%;Intel Chipset SATA RAID Controller; C:\WINDOWS\System32\drivers\iaStorAVC.sys []
S0 ItSas35i;ItSas35i; C:\WINDOWS\System32\drivers\ItSas35i.sys []
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys []
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys []
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys []
S0 megasas35i;megasas35i; C:\WINDOWS\System32\drivers\megasas35i.sys []
S0 nvdimm;@nvdimm.inf,%nvdimm.SvcDesc%;Microsoft NVDIMM device driver; C:\WINDOWS\System32\drivers\nvdimm.sys []
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys []
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys []
S0 pmem;@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver; C:\WINDOWS\System32\drivers\pmem.sys []
S0 Ramdisk;Windows RAM Disk Driver; C:\WINDOWS\system32\DRIVERS\ramdisk.sys []
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys []
S3 Acx01000;@%SystemRoot%\system32\drivers\Acx01000.sys,-1000; C:\WINDOWS\system32\drivers\Acx01000.sys []
S3 amdgpio2;@amdgpio2.inf,%GPIO.SvcDesc%;AMD GPIO Client Driver; C:\WINDOWS\System32\drivers\amdgpio2.sys []
S3 amdi2c;@amdi2c.inf,%amdi2c.SVCDESC%;AMD I2C Controller Service; C:\WINDOWS\System32\drivers\amdi2c.sys []
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys []
S3 aswVpnRdr;Avast SecureLine VPN Driver; C:\WINDOWS\system32\drivers\aswVpnRdr.sys []
S3 bmfilter;@oem67.inf,%bmfilter.SvcDesc%;Network Connect USB Composite Device Filter Driver; C:\WINDOWS\System32\drivers\qcusbfilter.sys []
S3 bmusbser;@oem42.inf,%BMUSBSER%;Network Connect USB Device for Legacy Serial Communication; C:\WINDOWS\System32\drivers\qcusbser.sys []
S3 BthMini;@bth.inf,%BTHMINI.SvcDesc%;Bluetooth Radio Driver; C:\WINDOWS\System32\drivers\BTHMINI.sys []
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys []
S3 dg_ssudbus;@oem20.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\System32\drivers\ssudbus2.sys []
S3 DSI_SiUSBXp_3_1;DSI_SiUSBXp_3_1; C:\WINDOWS\system32\drivers\DSI_SiUSBXp_3_1.sys []
S3 eu3eusbser;@oem23.inf,%SERVICE_DISPLAY_NAME%;Cinterion EU3-E USB Device for Legacy Serial Communication; C:\WINDOWS\System32\drivers\eu3eusbser.sys []
S3 gameflt;@oem5.inf,%ServiceName%;gameflt; C:\WINDOWS\System32\DriverStore\FileRepository\gameflt.inf_amd64_3af6b7fbc809d4f2\gameflt.sys [2020-11-20 72048]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\DriverStore\FileRepository\genericusbfn.inf_amd64_53931f0ae21d6d2c\genericusbfn.sys [2019-12-07 23040]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys []
S3 hidspi;@hidspi_km.inf,%hidspi.SVCDESC%;Microsoft SPI HID Miniport Driver; C:\WINDOWS\System32\drivers\hidspi.sys []
S3 HPEWSFXBULK;HPEWSFXBULK; C:\WINDOWS\system32\drivers\hpfx64bulk.sys []
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys []
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver; C:\WINDOWS\System32\Drivers\mshwnclx.sys []
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys []
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys []
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys []
S3 iaLPSS2_I2C;@oem40.inf,%iaLPSS2_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2_I2C.sys []
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys []
S3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys []
S3 iaLPSS2i_GPIO2_CNL;@iaLPSS2i_GPIO2_CNL.inf,%iaLPSS2i_GPIO2_CNL.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_CNL.sys []
S3 iaLPSS2i_GPIO2_GLK;@iaLPSS2i_GPIO2_GLK.inf,%iaLPSS2i_GPIO2_GLK.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_GLK.sys []
S3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys []
S3 iaLPSS2i_I2C_CNL;@iaLPSS2i_I2C_CNL.inf,%iaLPSS2i_I2C_CNL.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_CNL.sys []
S3 iaLPSS2i_I2C_GLK;@iaLPSS2i_I2C_GLK.inf,%iaLPSS2i_I2C_GLK.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_GLK.sys []
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys []
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys []
S3 intelpmax;@intelpmax.inf,%SvcDesc%;Intel(R) Dynamic Device Peak Power Manager Driver; C:\WINDOWS\System32\drivers\intelpmax.sys []
S3 IPT;IPT; C:\WINDOWS\System32\drivers\ipt.sys []
S3 iwdbus;@oem1.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys []
S3 KMWDFILTER;HIDServiceDesc; C:\WINDOWS\System32\drivers\KMWDFILTER.sys []
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\WINDOWS\System32\drivers\mausbhost.sys []
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\WINDOWS\System32\drivers\mausbip.sys []
S3 MbbCx;MBB Network Adapter Class Extension; C:\WINDOWS\system32\drivers\MbbCx.sys []
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys []
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys []
S3 NDKPing;NDKPing Driver; C:\WINDOWS\system32\drivers\NDKPing.sys []
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys []
S3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2015-12-09 19576]
S3 NvStUSB;@oem10.inf,%NvStUSB.SvcDesc%;NVIDIA Stereoscopic 3D USB driver; C:\WINDOWS\System32\drivers\nvstusb.sys []
S3 NVSWCFilter;@oem56.inf,%NVSWCFilter.SvcDesc%;NVIDIA SHIELD Wireless Controller Trackpad Service; C:\WINDOWS\System32\drivers\nvswcfilter.sys []
S3 PktMon;Packet Monitor Driver; C:\WINDOWS\system32\drivers\PktMon.sys []
S3 PNPMEM;@memory.inf,%PNPMEM.SvcDesc%;Microsoft Memory Module Driver; C:\WINDOWS\System32\drivers\pnpmem.sys []
S3 portcfg;portcfg; C:\WINDOWS\System32\drivers\portcfg.sys []
S3 qcusbser;@oem2.inf,%QCUSBSER%;Qualcomm USB Device for Legacy Serial Communication; C:\WINDOWS\System32\drivers\qcusbser.sys []
S3 ReFSv1;ReFSv1; C:\WINDOWS\SysWOW64\drivers\ReFSv1.sys []
S4 hvcrash;hvcrash; C:\WINDOWS\System32\drivers\hvcrash.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
R2 CDPUserSvc_22a0f1;Uživatelská služba platformy připojených zařízení_22a0f1; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
R2 CDPUserSvc_28d9744;Uživatelská služba platformy připojených zařízení_28d9744; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
R2 ClickToRunSvc;Microsoft Office Click-to-Run Service; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2021-04-28 8798600]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2020-11-06 47016]
R2 DispBrokerDesktopSvc;@%SystemRoot%\system32\dispbroker.desktop.dll,-101; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; C:\WINDOWS\System32\svchost.exe [2020-11-06 47016]
R2 HPPrintScanDoctorService;HP Print Scan Doctor Service; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [2021-05-12 288360]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2015-10-16 415520]
R2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [2017-12-04 462920]
R2 OneSyncSvc_22a0f1;Hostitel synchronizace_22a0f1; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
R2 OneSyncSvc_28d9744;Hostitel synchronizace_28d9744; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
R3 BTAGService;@%SystemRoot%\system32\BTAGService.dll,-101; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
R3 BthAvctpSvc;@%SystemRoot%\system32\BthAvctpSvc.dll,-101; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
R3 camsvc;@%SystemRoot%\system32\CapabilityAccessManager.dll,-1; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
R3 cbdhsvc_22a0f1;Uživatelská služba schránky_22a0f1; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
R3 cbdhsvc_28d9744;Uživatelská služba schránky_28d9744; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
R3 DisplayEnhancementService;@%SystemRoot%\System32\Microsoft.Graphics.Display.DisplayEnhancementService.dll,-1000; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
R3 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2020-11-06 47016]
R3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2020-11-06 47016]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2019-11-08 46184]
R3 InstallService;@%SystemRoot%\system32\InstallService.dll,-200; C:\WINDOWS\System32\svchost.exe [2020-11-06 47016]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2020-11-06 47016]
R3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2020-11-06 47016]
R3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
R3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
R3 PimIndexMaintenanceSvc_28d9744;Data kontaktů_28d9744; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
S2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe [2015-07-22 123704]
S2 AtherosSvc;AtherosSvc; C:\WINDOWS\system32\AdminService.exe []
S2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2015-04-01 107320]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
S2 cplspcon;Intel(R) Content Protection HDCP Service; C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_9f310939ec1eebf9\IntelCpHDCPSvc.exe [2019-10-30 510008]
S2 dbupdate;Dropbox Update Service (dbupdate); C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2021-02-14 143144]
S2 edgeupdate;Služba Microsoft Edge Update (edgeupdate); C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [2021-02-14 214960]
S2 esifsvc;@oem24.inf,%ServiceDisplayName%;ESIF Upper Framework Service; C:\WINDOWS\SysWOW64\esif_uf.exe [2015-11-09 1392792]
S2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2015-12-09 1156216]
S2 gupdate;Služba Aktualizace Google (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2021-02-14 154440]
S2 ICEsoundService;ICEsound Service; C:\WINDOWS\system32\ICEsoundService64.exe []
S2 igfxCUIService2.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_9f310939ec1eebf9\igfxCUIService.exe [2019-10-30 391736]
S2 isaHelperSvc;Intel(R) Security Assist Helper; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [2015-05-19 7680]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2015-10-16 207648]
S2 Kingsoft_WPS_UpdateService;WPS Office Update Service; C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5247\wtoolex\wpsupdatesvr.exe [2016-04-03 133480]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2020-11-06 47016]
S2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2015-12-09 1872504]
S2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2015-12-09 6477432]
S2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe []
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
S3 AarSvc;@%SystemRoot%\system32\AarSvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
S3 AarSvc_22a0f1;Agent Activation Runtime_22a0f1; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
S3 AarSvc_28d9744;Agent Activation Runtime_28d9744; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
S3 autotimesvc;@%SystemRoot%\System32\autotimesvc.dll,-6; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
S3 BcastDVRUserService;@%SystemRoot%\system32\BcastDVRUserService.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
S3 BcastDVRUserService_22a0f1;Uživatelská služba pro GameDVR a vysílání her_22a0f1; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
S3 BcastDVRUserService_28d9744;Uživatelská služba pro GameDVR a vysílání her_28d9744; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
S3 BluetoothUserService;@%SystemRoot%\system32\Microsoft.Bluetooth.UserService.dll,-101; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
S3 BluetoothUserService_22a0f1;Služba pro podporu uživatelů Bluetooth_22a0f1; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
S3 BluetoothUserService_28d9744;Služba pro podporu uživatelů Bluetooth_28d9744; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
S3 CaptureService;@%SystemRoot%\system32\CaptureService.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
S3 CaptureService_22a0f1;CaptureService_22a0f1; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
S3 CaptureService_28d9744;CaptureService_28d9744; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
S3 cbdhsvc;@%SystemRoot%\system32\cbdhsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
S3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2020-11-06 47016]
S3 ConsentUxUserSvc;@%SystemRoot%\system32\ConsentUxClient.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
S3 ConsentUxUserSvc_22a0f1;ConsentUX_22a0f1; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
S3 ConsentUxUserSvc_28d9744;ConsentUX_28d9744; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_9f310939ec1eebf9\IntelCpHeciSvc.exe [2019-10-30 508984]
S3 CredentialEnrollmentManagerUserSvc;@%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100; C:\WINDOWS\system32\CredentialEnrollmentManager.exe []
S3 CredentialEnrollmentManagerUserSvc_22a0f1;CredentialEnrollmentManagerUserSvc_22a0f1; C:\WINDOWS\system32\CredentialEnrollmentManager.exe []
S3 CredentialEnrollmentManagerUserSvc_28d9744;CredentialEnrollmentManagerUserSvc_28d9744; C:\WINDOWS\system32\CredentialEnrollmentManager.exe []
S3 dbupdatem;Dropbox Update Service (dbupdatem); C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2021-02-14 143144]
S3 DeviceAssociationBrokerSvc;@%SystemRoot%\system32\deviceaccess.dll,-107; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
S3 DeviceAssociationBrokerSvc_22a0f1;DeviceAssociationBroker_22a0f1; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
S3 DeviceAssociationBrokerSvc_28d9744;DeviceAssociationBroker_28d9744; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
S3 DevicePickerUserSvc;@%SystemRoot%\system32\Windows.Devices.Picker.dll,-1006; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
S3 DevicePickerUserSvc_22a0f1;DevicePicker_22a0f1; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
S3 DevicePickerUserSvc_28d9744;DevicePicker_28d9744; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
S3 DevicesFlowUserSvc_22a0f1;Tok zařízení_22a0f1; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
S3 DevicesFlowUserSvc_28d9744;Tok zařízení_28d9744; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe []
S3 diagsvc;@%systemroot%\system32\DiagSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2020-11-06 47016]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
S3 edgeupdatem;Služba Microsoft Edge Update (edgeupdatem); C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [2021-02-14 214960]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\WINDOWS\System32\svchost.exe [2020-11-06 47016]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2020-11-06 47016]
S3 GoogleChromeElevationService;Google Chrome Elevation Service (GoogleChromeElevationService); C:\Program Files\Google\Chrome\Application\90.0.4430.212\elevation_service.exe [2021-05-08 1498216]
S3 GraphicsPerfSvc;@%SystemRoot%\system32\GraphicsPerfSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2020-11-06 47016]
S3 gupdatem;Služba Aktualizace Google (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2021-02-14 154440]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2015-05-22 881152]
S3 Intel(R) Security Assist;Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [2015-05-19 335872]
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; C:\WINDOWS\System32\svchost.exe [2020-11-06 47016]
S3 LxpSvc;@%SystemRoot%\system32\LanguageOverlayServer.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
S3 MessagingService_22a0f1;Služba zasílání zpráv_22a0f1; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
S3 MessagingService_28d9744;Služba zasílání zpráv_28d9744; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
S3 MicrosoftEdgeElevationService;Microsoft Edge Elevation Service (MicrosoftEdgeElevationService); C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\elevation_service.exe [2021-05-20 1567648]
S3 MixedRealityOpenXRSvc;@%SystemRoot%\system32\MixedRealityRuntime.dll,-101; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2021-05-25 242672]
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
S3 NvStreamNetworkSvc;NVIDIA Streamer Network Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [2015-12-09 8185464]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2002-02-01 263496]
S3 perceptionsimulation;@%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101; C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe []
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
S3 PimIndexMaintenanceSvc_22a0f1;Data kontaktů_22a0f1; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
S3 PrintWorkflowUserSvc;@%SystemRoot%\system32\PrintWorkflowService.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
S3 PrintWorkflowUserSvc_22a0f1;PrintWorkflow_22a0f1; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
S3 PrintWorkflowUserSvc_28d9744;PrintWorkflow_28d9744; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
S3 PushToInstall;@%SystemRoot%\system32\pushtoinstall.dll,-200; C:\WINDOWS\System32\svchost.exe [2020-11-06 47016]
-----------------EOF-----------------
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-05-2021
Ran by standa (25-05-2021 19:25:54)
Running from C:\Users\standa\Downloads
Windows 10 Home Version 20H2 19042.985 (X64) (2021-02-14 00:18:07)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2132360492-723632287-2629535127-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2132360492-723632287-2629535127-503 - Limited - Disabled)
Guest (S-1-5-21-2132360492-723632287-2629535127-501 - Limited - Disabled)
hanah (S-1-5-21-2132360492-723632287-2629535127-1002 - Limited - Enabled) => C:\Users\hanah
standa (S-1-5-21-2132360492-723632287-2629535127-1001 - Administrator - Enabled) => C:\Users\standa
WDAGUtilityAccount (S-1-5-21-2132360492-723632287-2629535127-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
ASUS HiPost (HKLM-x32\...\{04768366-F421-4BA5-8423-B84F644B5249}) (Version: 1.0.6 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 4.1.6 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0041 - ASUS)
AudioWizard (HKLM-x32\...\{57E770A2-2BAF-4CAA-BAA3-BD896E2254D3}) (Version: 1.0.0.135 - ICEpower a/s)
Avast SecureLine for Asustek (HKLM\...\{2CD3C92F-EDC5-4B02-9B0A-9C1D37C58EF5}_is1) (Version: 1.0.239.3 - AVAST Software)
Avast SecureLine VPN (HKLM\...\Avast SecureLine) (Version: 5.11.5523.2244 - Avast Software)
CCleaner (HKLM\...\CCleaner) (Version: 5.80 - Piriform)
Dropbox 25 GB (HKLM-x32\...\{0867A88D-764F-366E-9E21-130DA8B472C3}) (Version: 3.1.18.0 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.459.1 - Dropbox, Inc.) Hidden
Evernote v. 5.9.1 (HKLM-x32\...\{5EA1DED0-5285-11E5-8AA1-0050569584E9}) (Version: 5.9.1.8742 - Evernote Corp.)
File Magic (HKLM\...\File Magic_is1) (Version: 1.9.8.19 - Solvusoft Corporation)
Foxit PhantomPDF (HKLM-x32\...\{39263796-F296-43AF-909C-FCF99592BAC4}) (Version: 7.2.52.1209 - Foxit Software Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 90.0.4430.212 - Google LLC)
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.1.10605.221 - Intel Corporation)
Intel(R) Chipset Device Software (HKLM-x32\...\{a2d9fda8-65eb-4c06-81ef-31e0a4daa335}) (Version: 10.1.1.11 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1173 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4364 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1519.7 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 90.0.818.66 - Microsoft Corporation)
Microsoft Office 2016 pro domácnosti - cs-cz (HKLM\...\HomeStudentRetail - cs-cz) (Version: 16.0.13929.20386 - Microsoft Corporation)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 18.151.0729.0013 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2132360492-723632287-2629535127-1001\...\OneDriveSetup.exe) (Version: 21.073.0411.0002 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2132360492-723632287-2629535127-1002\...\OneDriveSetup.exe) (Version: 21.073.0411.0002 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{A0E1B43D-5F4A-46AF-9925-ABA3423325DC}) (Version: 2.77.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
MiVue Manager (HKLM-x32\...\{123BDDDC-D02F-4C6E-A011-9CB265E2483E}) (Version: 1.0.39.1 - Mio Technology Corporation)
Mozilla Firefox 88.0.1 (x64 cs) (HKLM\...\Mozilla Firefox 88.0.1 (x64 cs)) (Version: 88.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 85.0.2 - Mozilla)
NVIDIA GeForce Experience 2.8.1.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.8.1.21 - NVIDIA Corporation)
NVIDIA Graphics Driver 359.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 359.23 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.13929.20386 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.13929.20386 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.13929.20386 - Microsoft Corporation) Hidden
Qualcomm Atheros 11ac Wireless LAN&Bluetooth Installer (HKLM-x32\...\{3241744A-BA36-41F0-B4AA-EF3946D00632}) (Version: 11.0.0.10299 - Qualcomm Atheros)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.2.703.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8564 - Realtek Semiconductor Corp.)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.43835 - TeamViewer)
TotalXMLConverter (HKLM-x32\...\Total XML Converter_is1) (Version: 3.5 - Softplicity, Inc.)
VobSub v2.23 (Remove Only) (HKLM-x32\...\VobSub) (Version: - )
Windows Driver Package - ASUS (AsusSGDrv) Mouse (11/11/2015 8.0.0.23) (HKLM\...\FF0137EA2940E916D51DA702B6425126CC7C89BF) (Version: 11/11/2015 8.0.0.23 - ASUS)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 3.1.0 - ASUS)
WinRAR 6.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.00.0 - win.rar GmbH)
WPS Office for ASUS (HKLM-x32\...\Kingsoft Office) (Version: 9.1.0.5247 - Kingsoft Corp.)
Packages:
=========
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_127.1.115.0_x64__v10z8vjag6ke6 [2021-05-12] (HP Inc.)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.5170.0_x64__8wekyb3d8bbwe [2021-05-24] (Microsoft Studios) [MS Ad]
Music Maker Jam -> C:\Program Files\WindowsApps\MAGIX.MusicMakerJam_3.1.1.0_x64__a2t3txkz9j1jw [2021-02-17] (MAGIX)
MyASUS-Service Center -> C:\Program Files\WindowsApps\b9eced6f.myasus_3.3.11.0_x86__qmba6cd70vzyy [2021-02-17] (ASUSTeK COMPUTER INC.) [Startup Task]
TripAdvisor Hotels Flights Restaurants -> C:\Program Files\WindowsApps\TripAdvisorLLC.TripAdvisorHotelsFlightsRestaurants_1.5.10.0_x64__qj0v5chwq8f2g [2021-02-17] (TripAdvisor LLC)
VLC -> C:\Program Files\WindowsApps\VideoLAN.VLC_3.2.1.0_x64__paz6r1rewnh0a [2021-04-23] (VideoLAN)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.2.6.547\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.) [File not signed]
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.2.6.547\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.) [File not signed]
ContextMenuHandlers1: [Foxit_ConvertToPDF] -> {C5269811-4A29-4818-A4BB-111F9FC63A5F} => C:\Program Files (x86)\Foxit PhantomPDF\plugins\ConvertToPDFShellExtension_x64.dll [2015-12-10] (Foxit Software Incorporated -> Foxit Software Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1: [{26D8ED70-189A-48FD-9482-67F08AAC0D31}] -> {26D8ED70-189A-48FD-9482-67F08AAC0D31} => C:\Program Files\CoolUtils\TotalXMLConverter\CoolUtilsContextMenu64.dll [2018-05-20] (Softplicity -> )
ContextMenuHandlers3: [BackupContextMenuExtension] -> {b1b96b20-da1d-4a3c-92c1-7229b32f2326} => C:\Program Files (x86)\Common Files\AWS\2.2.6.547\ASUSWSContextMenu.dll [2015-12-24] (ASUS Cloud Corporation -> ASUS Cloud Corporation)
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_9f310939ec1eebf9\igfxDTCM.dll [2019-10-30] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-12-04] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\standa\Desktop\Osobní - Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory="Default"
ShortcutWithArgument: C:\Users\standa\Desktop\rustonka - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"
ShortcutWithArgument: C:\Users\standa\Desktop\stanislav - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Default"
ShortcutWithArgument: C:\Users\standa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Diagnostika připojení Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=eemlkeanncmjljgehlbplemhmdmalhdc
ShortcutWithArgument: C:\Users\standa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\HP Print pro Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=cjanmonomjogheabiocdamfpknlpdehm
ShortcutWithArgument: C:\Users\standa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Nástroj na obnovení Chromebooku.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=jndclpdbaamdhonoechobihbbiimdgai
ShortcutWithArgument: C:\Users\standa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Videostream for Google Chromecast™.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=cnciopoikihiagdjbjpnocolokfelagl
ShortcutWithArgument: C:\Users\standa\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\stanislav - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Default"
==================== Loaded Modules (Whitelisted) =============
2015-04-22 15:59 - 2015-04-22 15:59 - 001489920 _____ (ASUS Cloud Corporation.) [File not signed] C:\Program Files (x86)\Common Files\AWS\2.2.6.547\ASUSWSShellExt64.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKU\S-1-5-21-2132360492-723632287-2629535127-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus15.msn.com/?pc=ASTE
HKU\S-1-5-21-2132360492-723632287-2629535127-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus15.msn.com/?pc=ASTE
HKU\S-1-5-21-2132360492-723632287-2629535127-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus15.msn.com/?pc=ASTE
HKU\S-1-5-21-2132360492-723632287-2629535127-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus15.msn.com/?pc=ASTE
SearchScopes: HKU\S-1-5-21-2132360492-723632287-2629535127-1001 -> DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2132360492-723632287-2629535127-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-03-04] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2015-09-03] (EVERNOTE CORPORATION -> Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-12] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-05-12] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-12] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-05-12] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-12] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-05-12] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-12] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-05-12] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2015-10-30 09:24 - 2021-02-14 15:20 - 000000753 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
2021-03-01 17:26 - 2021-03-01 17:26 - 000000504 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
192.168.137.205 COM-MID1.mshome.net # 2021 3 1 8 15 26 1 839
192.168.137.1 DESKTOP-J5SRGEL.mshome.net # 2026 2 6 28 15 26 1 839
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-2132360492-723632287-2629535127-1001\Control Panel\Desktop\\Wallpaper ->
HKU\S-1-5-21-2132360492-723632287-2629535127-1002\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{6BB4F30E-63F3-4206-8C2A-112A4E1E12D3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C1F70493-48E9-452A-9138-337D2945C70C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D37B691C-47EE-4E42-AFA7-9091226952E6}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E1D91743-9D5F-47D9-AEA9-CAD241264DAD}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C98EC5B8-7B2B-467F-812F-15F4B305A98C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{52C1A80B-2788-48F1-8C4F-0A12B85F3809}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{68C8A16E-3C53-4D9A-9A86-2E4E8F516703}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{71AAD653-4B5B-4C0D-9867-06BEDFCAAD13}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{55195C66-EDF4-4471-AD5D-ABB7356756CF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{E5EF380D-DEA8-4BB3-8CA6-89D25384A092}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{670C6701-AAA6-4133-BE94-ECE69E360925}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{3AF14C86-2A5C-44E9-B840-7D3CDE1F0494}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer -> TeamViewer GmbH)
FirewallRules: [{AC3102B1-CDDF-4C31-B84D-8ED4A93DF8AE}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer -> TeamViewer GmbH)
FirewallRules: [{CA4A6D16-3F17-434B-8481-6EB96246DC83}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer -> TeamViewer GmbH)
FirewallRules: [{D4DF826F-1DC0-4F91-8CAC-8B9A193AE84D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer -> TeamViewer GmbH)
FirewallRules: [{973CCF2A-D4D8-4D50-9E59-7B087760639A}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{87B0F7BB-F4A7-446F-875C-06E14A0E7221}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{52FE2970-BB8E-40AF-92D9-7466797ED74B}] => (Allow) C:\Program Files (x86)\HP\Diagnostics\PSDR\SoftPaq\Binaries\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [{087F9B5C-2265-422B-817A-252B575826AF}] => (Allow) C:\Program Files (x86)\HP\Diagnostics\PSDR\SoftPaq\Binaries\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [{1F28A119-4FA2-4BB0-92CB-2DFF820CAC89}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
09-05-2021 19:36:41 Naplánovaný kontrolní bod
13-05-2021 21:18:23 Instalační služba modulů systému Windows
13-05-2021 21:20:42 Instalační služba modulů systému Windows
23-05-2021 15:32:50 Naplánovaný kontrolní bod
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (05/25/2021 07:23:50 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program SystemSettings.exe verze 10.0.19041.789 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.
ID procesu: 260
Čas spuštění: 01d751828a7b87c1
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Windows\ImmersiveControlPanel\SystemSettings.exe
ID hlášení: efa701b2-d5e8-462a-9381-3a34d2d63202
Úplný název balíčku s chybou: windows.immersivecontrolpanel_10.0.2.1000_neutral_neutral_cw5n1h2txyewy
ID aplikace relativní podle balíčku s chybou: microsoft.windows.immersivecontrolpanel
Typ zablokování: Navigation
Error: (05/18/2021 07:55:28 AM) (Source: Microsoft Office 16) (EventID: 2001) (User: )
Description: Microsoft Word: Rejected Safe Mode action : Naposledy se nepodařilo spustit Word. Problém byste mohli odstranit pomocí nouzového režimu, některé funkce ale v tomto režimu nemusí být dostupné.
Chcete použít spuštění v nouzovém režimu?.
Rejected Safe Mode action : Microsoft Word.
Error: (05/02/2021 03:25:04 PM) (Source: Firefox Default Browser Agent) (EventID: 12029) (User: )
Description: Event-ID 12029
Error: (05/02/2021 03:25:04 PM) (Source: Firefox Default Browser Agent) (EventID: 0) (User: )
Description: Event-ID 0
Error: (04/18/2021 09:54:18 AM) (Source: Firefox Default Browser Agent) (EventID: 12007) (User: )
Description: Event-ID 12007
Error: (04/18/2021 09:54:18 AM) (Source: Firefox Default Browser Agent) (EventID: 0) (User: )
Description: Event-ID 0
Error: (04/17/2021 09:16:43 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1552) (User: NT AUTHORITY)
Description: Uživatelský podregistr načetl jiný proces (zámek registru). Název procesu: C:\Program Files\AVG\Antivirus\avgToolsSvc.exe, identifikátor PID: 3864, identifikátor PID ProfSvc: 1872.
Error: (04/17/2021 09:11:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: wuauclt.exe, verze: 10.0.19041.867, časové razítko: 0x01b4b287
Název chybujícího modulu: drvsetup.dll_unloaded, verze: 10.0.19041.662, časové razítko: 0x9c748be2
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000000073bb
ID chybujícího procesu: 0x3e60
Čas spuštění chybující aplikace: 0x01d733bd5bf56119
Cesta k chybující aplikaci: C:\WINDOWS\system32\wuauclt.exe
Cesta k chybujícímu modulu: drvsetup.dll
ID zprávy: 7ba20fd6-bc3d-4dc2-a092-a74e9485b9cf
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
System errors:
=============
Error: (05/25/2021 06:17:31 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Security Assist byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (05/25/2021 06:17:31 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba HP Print Scan Doctor Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 5000 milisekund: Restartovat službu.
Error: (05/25/2021 06:17:31 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba NVIDIA Network Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (05/25/2021 06:17:31 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Microsoft Office Click-to-Run Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.
Error: (05/25/2021 06:17:31 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Avast SecureLine VPN byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.
Error: (05/25/2021 06:17:31 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Content Protection HECI Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (05/25/2021 06:17:30 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Presentation Foundation Font Cache 3.0.0.0 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.
Error: (05/25/2021 06:17:30 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Content Protection HDCP Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Windows Defender:
================
Date: 2021-05-25 19:12:35
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Wacatac.B!ml
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\standa\Downloads\FRST64 (1).exe; file:_C:\Users\standa\Downloads\FRST64 (3).exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-J5SRGEL\standa
Název procesu: C:\Windows\explorer.exe
Verze bezpečnostních informací: AV: 1.339.1355.0, AS: 1.339.1355.0, NIS: 0.0.0.0
Verze modulu: AM: 1.1.18100.6, NIS: 0.0.0.0
Date: 2021-05-25 19:12:33
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Wacatac.B!ml
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\standa\Downloads\FRST64 (3).exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-J5SRGEL\standa
Název procesu: C:\Windows\explorer.exe
Verze bezpečnostních informací: AV: 1.339.1355.0, AS: 1.339.1355.0, NIS: 0.0.0.0
Verze modulu: AM: 1.1.18100.6, NIS: 0.0.0.0
Date: 2021-05-25 19:11:21
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Wacatac.B!ml
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\standa\Downloads\FRST64 (1).exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-J5SRGEL\standa
Název procesu: C:\Windows\explorer.exe
Verze bezpečnostních informací: AV: 1.339.1355.0, AS: 1.339.1355.0, NIS: 1.339.1355.0
Verze modulu: AM: 1.1.18100.6, NIS: 1.1.18100.6
Date: 2021-05-25 18:11:12
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {363F1AB6-9BDD-4A96-8D93-44125B3B8961}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2021-05-25 17:49:35
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: PUA:Win32/PiriformBundler
Závažnost: Nízké
Kategorie: Potenciálně nežádoucí software
Cesta: file:_C:\Users\standa\Downloads\ccsetup540.exe; file:_C:\Users\standa\Downloads\ccsetup562.exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Uživatel
Uživatel: DESKTOP-J5SRGEL\standa
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.339.1355.0, AS: 1.339.1355.0, NIS: 1.339.1355.0
Verze modulu: AM: 1.1.18100.6, NIS: 1.1.18100.6
Date: 2021-05-25 16:08:08
Description:
Antivirová ochrana v programu Microsoft Defender narazil na kritickou chybu při provádění akce s malwarem nebo jiným potenciálně nežádoucím softwarem.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Script/Phonzy.A!ml
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\standa\Desktop\zoek.exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Systém
Uživatel: DESKTOP-J5SRGEL\standa
Název procesu: Unknown
Akce: Neznámý
Stav akce: No additional actions required
Kód chyby: 0x80508032
Popis chyby: Došlo k neočekávaným potížím. Nainstalujte všechny dostupné aktualizace a potom opakujte spuštění programu. Informace o instalaci aktualizací naleznete v nápovědě a podpoře.
Verze bezpečnostních informací: AV: 1.339.1355.0, AS: 1.339.1355.0, NIS: 1.339.1355.0
Verze modulu: AM: 1.1.18100.6, NIS: 1.1.18100.6
Date: 2021-05-09 16:00:39
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 1.339.289.0
Předchozí verze bezpečnostních informací: 1.337.639.0
Zdroj aktualizace: Uživatel
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Delta
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 1.1.18100.6
Předchozí verze modulu: 1.1.18100.5
Kód chyby: 0x80070666
Popis chyby: Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.
Date: 2021-05-09 16:00:39
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 1.339.289.0
Předchozí verze bezpečnostních informací: 1.337.639.0
Zdroj aktualizace: Uživatel
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Delta
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 1.1.18100.6
Předchozí verze modulu: 1.1.18100.5
Kód chyby: 0x80070666
Popis chyby: Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.
Date: 2021-05-09 16:00:39
Description:
Program Antivirová ochrana v programu Microsoft Defender zjistil chybu při pokusu o aktualizaci modulu
Nová verze modulu: 1.1.18100.6
Předchozí verze modulu: 1.1.18100.5
Uživatel: NT AUTHORITY\SYSTEM
Kód chyby: 0x80070666
Popis chyby: Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.
Date: 2021-04-27 07:48:29
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.335.1657.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18000.5
Kód chyby: 0x80070643
Popis chyby: Při instalaci došlo k závažné chybě.
CodeIntegrity:
===============
Date: 2021-04-19 15:08:57
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2021-04-19 15:08:21
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Windows signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. X556UR.316 04/16/2019
Motherboard: ASUSTeK COMPUTER INC. X556UR
Processor: Intel(R) Core(TM) i5-6198DU CPU @ 2.30GHz
Percentage of memory in use: 73%
Total physical RAM: 8059.11 MB
Available physical RAM: 2168.71 MB
Total Virtual: 14408.76 MB
Available Virtual: 7670.12 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:475.83 GB) (Free:251.28 GB) NTFS ==>[system with boot components (obtained from drive)]
\\?\Volume{678e74a6-88ec-45f7-a1ce-a04300aeb2c5}\ () (Fixed) (Total:0.83 GB) (Free:0.4 GB) NTFS
\\?\Volume{a52d5a3c-d378-490a-bf3a-46b080250ea5}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: BFCF66A5)
Partition: GPT.
==================== End of Addition.txt =======================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 25-05-2021
Ran by standa (administrator) on DESKTOP-J5SRGEL (ASUSTeK COMPUTER INC. X556UR) (25-05-2021 19:12:50)
Running from C:\Users\standa\Downloads
Loaded Profiles: standa & hanah
Platform: Windows 10 Home Version 20H2 19042.985 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\SecureLine VPN\VpnSvc.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <32>
(HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13426.20920.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\MsMpEng.exe
(Microworld Technologies Inc. -> MicroWorld Technologies Inc.) C:\Users\standa\AppData\Local\Temp\mexe.com
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <3>
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2>
(TeamViewer -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2771576 2015-12-09] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1846016 2015-12-09] (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [File not signed]
HKU\S-1-5-21-2132360492-723632287-2629535127-1001\...\Run: [GoogleChromeAutoLaunch_6530F5102E69735431FAA248529CFAF0] => "C:\Program Files\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5
HKU\S-1-5-21-2132360492-723632287-2629535127-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [33770112 2021-05-20] (Piriform Software Ltd -> Piriform Software Ltd)
HKLM\...\Print\Monitors\HP D811 Status Monitor: C:\Windows\system32\hpinkstsD811LM.dll [393352 2017-04-05] (Hewlett Packard -> HP Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\90.0.4430.212\Installer\chrmstp.exe [2021-05-12] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Avast SecureLine VPN.lnk [2021-05-25]
ShortcutTarget: Avast SecureLine VPN.lnk -> C:\Program Files\AVAST Software\SecureLine VPN\Vpn.exe (Avast Software s.r.o. -> AVAST Software)
BootExecute: autocheck autochk * icarus_rvrt.exe
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {16AD2706-778D-4FC6-A509-C2CF7AB7D655} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [141144 2021-05-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {1785B25A-D5DB-48B8-8986-45F1974EB1B3} - System32\Tasks\IcarusAvastVpnUpgrade => C:\Program Files\AVAST Software\SecureLine\setup\avast_vpn_online_setup.exe -> /silent /ShowVpnGui=0 /RestartUpdaterTaskName=IcarusAvastVpnUpgrade /RestartUpdaterAppExe="C:\Program Files\AVAST Software\SecureLine\setup\avast_vpn_online_setup.exe"
Task: {18F9E70F-7D92-4E68-B9AE-CD0175FDFE61} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [28158080 2021-05-20] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {1A75D05C-251A-447B-AB0C-5C2362AE8079} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-02-14] (Google LLC -> Google LLC)
Task: {26C97CE0-C81D-4DAF-ABB9-C08314117A4E} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor Logon => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [38504 2021-05-12] (HP Inc. -> HP Inc.)
Task: {40AAE5E9-8B5D-4F37-B03B-1FD384E1300A} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [696816 2021-05-25] (Mozilla Corporation -> Mozilla Foundation)
Task: {4734CB73-D8E0-443D-9F78-6893B25D8A40} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [141144 2021-05-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {6AA8F7C2-F8B9-4473-855B-6E15787BD164} - System32\Tasks\Avast Software\Avast SecureLine VPN Bug Report => C:\Program Files\Avast Software\SecureLine VPN\AvBugReport.exe [4866784 2021-05-11] (Avast Software s.r.o. -> AVAST Software) -> --send "dumps|report" --silent --product 11 --programpath "C:\Program Files\Avast Software\SecureLine VPN" --configpath "C:\ProgramData\Avast Software\SecureLine VPN" --path "C:\ProgramData\Avast Software\SecureLine VPN\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --guid 6d670568-9067-4d67-896c-3531811857e2
Task: {752D5DB1-BC71-499C-A6A0-EC6F848A1E5D} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23103392 2021-04-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {758D18B5-4B92-47DD-931A-C26D9208EBF3} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2021-02-14] (Dropbox, Inc -> Dropbox, Inc.)
Task: {79DAA134-8091-47C5-B077-D8C79EA7F9A8} - System32\Tasks\DropboxOEM => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [585000 2016-09-21] (Dropbox, Inc -> )
Task: {7DD9ACBB-BD5D-4C23-AA79-45A855377536} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-05-20] (Piriform Software Ltd -> Piriform)
Task: {94DDE213-114F-41EC-B175-BFF55EB79A73} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [38504 2021-05-12] (HP Inc. -> HP Inc.)
Task: {9C5E7F86-3C8F-42AE-817C-3EA05C8C14C3} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23103392 2021-04-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {A301180F-7C2C-42E2-93DE-FC04A84B893E} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506368 2018-11-01] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {A62AECC7-00A5-4D56-AAF6-B9848DDDE809} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\MpCmdRun.exe [595288 2021-05-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A88C38A4-2E02-4737-AE3A-909F08B720D0} - System32\Tasks\Avast Software\Avast SecureLine VPN Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-vpn\icarus.exe [5865696 2021-05-20] (Avast Software s.r.o. -> Avast Software)
Task: {AE0DC734-5DC0-4429-9BB2-EDC90D89A2E5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-02-14] (Google LLC -> Google LLC)
Task: {BDDE9473-00A1-462C-B1DE-46B03B970D2B} - System32\Tasks\Avast SecureLine VPN Update => C:\Program Files\Avast Software\SecureLine VPN\VpnUpdate.exe [1197792 2021-05-11] (Avast Software s.r.o. -> AVAST Software)
Task: {C2937FC3-AC63-4FB0-AC92-0B6828D83CE7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\MpCmdRun.exe [595288 2021-05-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {CC4F7D34-0521-40DD-9964-11DA172535E7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\MpCmdRun.exe [595288 2021-05-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D65C6E9D-90CD-4F93-AA2F-F873E77EC7AB} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(1): schtasks.exe -> /Change /TN "\Antivirus Emergency Update" /ENABLE
Task: {D65C6E9D-90CD-4F93-AA2F-F873E77EC7AB} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(2): schtasks.exe -> /Change /TN "\Avast SecureLine VPN Update" /ENABLE
Task: {D65C6E9D-90CD-4F93-AA2F-F873E77EC7AB} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(3): schtasks.exe -> /Change /TN "\CCleaner Update" /ENABLE
Task: {D65C6E9D-90CD-4F93-AA2F-F873E77EC7AB} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(4): schtasks.exe -> /Change /TN "\CCleanerSkipUAC" /ENABLE
Task: {D65C6E9D-90CD-4F93-AA2F-F873E77EC7AB} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(5): schtasks.exe -> /Change /TN "\DropboxOEM" /ENABLE
Task: {D65C6E9D-90CD-4F93-AA2F-F873E77EC7AB} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(6): schtasks.exe -> /Change /TN "\DropboxUpdateTaskMachineCore" /ENABLE
Task: {D65C6E9D-90CD-4F93-AA2F-F873E77EC7AB} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(7): schtasks.exe -> /Change /TN "\DropboxUpdateTaskMachineUA" /ENABLE
Task: {D65C6E9D-90CD-4F93-AA2F-F873E77EC7AB} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(8): schtasks.exe -> /Change /TN "\IcarusAvastVpnUpgrade" /ENABLE
Task: {D65C6E9D-90CD-4F93-AA2F-F873E77EC7AB} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(9): schtasks.exe -> /Change /TN "\MicrosoftEdgeUpdateTaskMachineCore" /ENABLE
Task: {D65C6E9D-90CD-4F93-AA2F-F873E77EC7AB} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(10): schtasks.exe -> /Change /TN "\MicrosoftEdgeUpdateTaskMachineUA" /ENABLE
Task: {D65C6E9D-90CD-4F93-AA2F-F873E77EC7AB} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(11): schtasks.exe -> /Change /TN "\OneDrive Standalone Update Task-S-1-5-21-2132360492-723632287-2629535127-1001" /ENABLE
Task: {D65C6E9D-90CD-4F93-AA2F-F873E77EC7AB} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(12): schtasks.exe -> /Change /TN "\OneDrive Standalone Update Task-S-1-5-21-2132360492-723632287-2629535127-1002" /ENABLE
Task: {D65C6E9D-90CD-4F93-AA2F-F873E77EC7AB} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(13): schtasks.exe -> /Change /TN "\RtHDVBg_ListenToDevice" /ENABLE
Task: {D65C6E9D-90CD-4F93-AA2F-F873E77EC7AB} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(14): schtasks.exe -> /Change /TN "\RTKCPL" /ENABLE
Task: {D65C6E9D-90CD-4F93-AA2F-F873E77EC7AB} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(15): schtasks.exe -> /Change /TN "\AVAST Software\Gaming mode Task Scheduler recovery" /DISABLE
Task: {E9662DD1-EF8D-4BDF-8669-01A41429DD8E} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506368 2018-11-01] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {E9BADE62-406A-4788-AE16-25D9E6EAC127} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\MpCmdRun.exe [595288 2021-05-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F2C6D650-C4BA-4A97-BB46-D84DCD92D1F9} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2021-02-14] (Dropbox, Inc -> Dropbox, Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\WpsNotifyTask_Administrator.job => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5247\wtoolex\wpsnotify.exe
Task: C:\WINDOWS\Tasks\WpsUpdateTask_Administrator.job => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5247\wtoolex\wpsupdate.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{270ea8cf-b547-4abf-8d97-3949c6eda3b9}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{8c31ac88-b000-42e5-89b9-01fa484bb71e}: [DhcpNameServer] 192.168.1.1
Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\standa\AppData\Local\Microsoft\Edge\User Data\Default [2021-05-25]
Edge Profile: C:\Users\standa\AppData\Local\Microsoft\Edge\User Data\Profile 1 [2021-05-25]
FireFox:
========
FF DefaultProfile: 2xjobbz8.default
FF ProfilePath: C:\Users\standa\AppData\Roaming\Mozilla\Firefox\Profiles\2xjobbz8.default [2021-02-14]
FF ProfilePath: C:\Users\standa\AppData\Roaming\Mozilla\Firefox\Profiles\z806poz8.default-release [2021-05-25]
FF NewTab: Mozilla\Firefox\Profiles\z806poz8.default-release -> about:newtab
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-05-12] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-07-10] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-07-10] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-07-10] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-07-10] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-08-24] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-08-24] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-03-04] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\standa\AppData\Local\Google\Chrome\User Data\Default [2021-05-25]
CHR StartupUrls: Default -> "hxxps://www.google.com/"
CHR DefaultSearchURL: Default -> hxxps://search.yahoo.com/search?fr=mcafee_uninternational&type=E210CZ91105G0&p={searchTerms}
CHR DefaultSearchKeyword: Default -> mcafee
CHR Session Restore: Default -> is enabled.
CHR Extension: (HP Print pro Chrome) - C:\Users\standa\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjanmonomjogheabiocdamfpknlpdehm [2021-02-14]
CHR Extension: (Videostream for Google Chromecast™) - C:\Users\standa\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnciopoikihiagdjbjpnocolokfelagl [2021-02-14]
CHR Extension: (Diagnostika připojení Chrome) - C:\Users\standa\AppData\Local\Google\Chrome\User Data\Default\Extensions\eemlkeanncmjljgehlbplemhmdmalhdc [2021-02-14]
CHR Extension: (Nástroj na obnovení Chromebooku) - C:\Users\standa\AppData\Local\Google\Chrome\User Data\Default\Extensions\jndclpdbaamdhonoechobihbbiimdgai [2021-02-14]
CHR Extension: (Google Play) - C:\Users\standa\AppData\Local\Google\Chrome\User Data\Default\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi [2021-02-14]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\standa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-14]
CHR Extension: (Amazon Assistant for Chrome) - C:\Users\standa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam [2021-05-25]
CHR Extension: (Chrome Media Router) - C:\Users\standa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-05-11]
CHR Profile: C:\Users\standa\AppData\Local\Google\Chrome\User Data\Profile 1 [2021-05-11]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\standa\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-14]
CHR Extension: (Chrome Media Router) - C:\Users\standa\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-03-18]
CHR Profile: C:\Users\standa\AppData\Local\Google\Chrome\User Data\System Profile [2021-05-11]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8798600 2021-04-28] (Microsoft Corporation -> Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2021-02-14] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2021-02-14] (Dropbox, Inc -> Dropbox, Inc.)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [288360 2021-05-12] (HP Inc. -> HP Inc.)
S3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [File not signed]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [File not signed]
S2 Kingsoft_WPS_UpdateService; C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5247\wtoolex\wpsupdatesvr.exe [133480 2016-04-03] (Zhuhai Kingsoft Office Software Co.,Ltd -> Zhuhai Kingsoft Office Software Co.,Ltd)
R2 SecureLine; C:\Program Files\Avast Software\SecureLine VPN\VpnSvc.exe [8615648 2021-05-11] (Avast Software s.r.o. -> AVAST Software)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5495056 2015-06-17] (TeamViewer -> TeamViewer GmbH)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\NisSrv.exe [2599328 2021-05-15] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\MsMpEng.exe [128376 2021-05-15] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ASMMAP64; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [18048 2015-05-08] (Microsoft Windows Hardware Compatibility Publisher -> ASUS)
R3 AsusSGDrv; C:\WINDOWS\System32\drivers\AsusSGDrv.sys [141304 2015-12-18] (ASUSTeK Computer Inc. -> ASUS Corporation)
S3 aswVpnRdr; C:\WINDOWS\System32\drivers\aswVpnRdr.sys [59312 2021-02-14] (Avast Software s.r.o. -> Avast Software)
R1 ATKWMIACPIIO; C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [20096 2015-05-08] (Microsoft Windows Hardware Compatibility Publisher -> ASUSTek Computer Inc.)
S3 bmfilter; C:\WINDOWS\System32\drivers\qcusbfilter.sys [55304 2018-02-27] (Microsoft Windows Hardware Compatibility Publisher -> QUALCOMM Incorporated)
S3 bmusbser; C:\WINDOWS\System32\drivers\qcusbser.sys [251400 2018-02-27] (Microsoft Windows Hardware Compatibility Publisher -> QUALCOMM Incorporated)
S3 dg_ssudbus; C:\WINDOWS\System32\drivers\ssudbus2.sys [159600 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 DSI_SiUSBXp_3_1; C:\WINDOWS\system32\drivers\DSI_SiUSBXp_3_1.sys [16384 2007-09-06] (Microsoft Windows Hardware Compatibility Publisher -> Silicon Laboratories)
S3 eu3eusbser; C:\WINDOWS\System32\drivers\eu3eusbser.sys [121984 2016-01-04] (Microsoft Windows Hardware Compatibility Publisher -> )
R3 HIDSwitch; C:\WINDOWS\System32\drivers\AsRadioControl.sys [32696 2020-11-19] (ASUSTek Computer Inc. -> ASUS)
S3 HPEWSFXBULK; C:\WINDOWS\system32\drivers\hpfx64bulk.sys [29280 2018-09-11] (Hewlett-Packard Company -> Hewlett Packard)
S3 KMWDFILTER; C:\WINDOWS\System32\drivers\KMWDFILTER.sys [30208 2009-04-29] (MLK Technologies Limited -> Windows (R) Codename Longhorn DDK provider)
R3 MpKsl57630379; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{2BD841C7-C7AE-43B5-A2E9-7E45AE87EC5B}\MpKslDrv.sys [107744 2021-05-25] (Microsoft Windows -> Microsoft Corporation)
R3 MpKsld3c22837; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{00F7EC56-90B7-4A9D-B67B-0F204C207CDF}\MpKslDrv.sys [107744 2021-05-25] (Microsoft Windows -> Microsoft Corporation)
S3 NVSWCFilter; C:\WINDOWS\System32\drivers\nvswcfilter.sys [28344 2016-05-09] (Nvidia Corporation -> Windows (R) Win 7 DDK provider)
S3 ssudqcfilter; C:\WINDOWS\System32\drivers\ssudqcfilter.sys [64880 2020-11-11] (Samsung Electronics Co., Ltd. -> QUALCOMM Incorporated)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49560 2021-05-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [421112 2021-05-15] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\System32\drivers\usb2ser.sys [151184 2016-07-15] (NGO -> MBB)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [73960 2021-05-15] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-05-25 19:16 - 2021-05-25 19:17 - 000000000 ____D C:\Program Files (x86)\trend micro
2021-05-25 19:16 - 2021-05-25 19:16 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-05-25 19:07 - 2021-05-25 19:07 - 002299904 _____ (Farbar) C:\Users\standa\Downloads\FRST64(2).exe
2021-05-25 19:07 - 2021-05-25 19:07 - 001107968 _____ C:\Users\standa\Downloads\RSIT.exe
2021-05-25 19:06 - 2021-05-25 19:06 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-05-25 19:04 - 2021-05-25 19:05 - 002299904 _____ (Farbar) C:\Users\standa\Downloads\FRST64 (3).exe
2021-05-25 18:57 - 2021-05-25 18:57 - 002299904 _____ (Farbar) C:\Users\standa\Downloads\Nepotvrzeno 374659.crdownload
2021-05-25 18:56 - 2021-05-25 18:56 - 002299904 _____ (Farbar) C:\Users\standa\Downloads\FRST64 (1).exe
2021-05-25 18:51 - 2021-05-25 18:51 - 000001056 _____ C:\Users\standa\Desktop\MWAVSCAN.lnk
2021-05-25 18:51 - 2021-05-25 18:51 - 000000000 ____D C:\ProgramData\MicroWorld
2021-05-25 18:43 - 2021-05-25 18:45 - 254521712 _____ C:\Users\standa\Downloads\mwav (2).exe
2021-05-23 15:13 - 2021-05-23 15:13 - 000504816 _____ C:\Users\standa\Downloads\2200080958 (1).pdf
2021-05-23 14:22 - 2021-05-23 14:22 - 000002519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2021-05-23 14:22 - 2021-05-23 14:22 - 000002513 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk
2021-05-23 14:22 - 2021-05-23 14:22 - 000002490 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk
2021-05-23 14:22 - 2021-05-23 14:22 - 000002485 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk
2021-05-23 14:22 - 2021-05-23 14:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje Microsoft Office 2016
2021-05-17 21:20 - 2021-05-17 21:20 - 000352967 _____ C:\Users\standa\Downloads\Technick-list-kamenny-a-mramorovy-koberec-epoxi(7).pdf
2021-05-13 22:47 - 2021-05-13 22:47 - 000002519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk
2021-05-13 22:47 - 2021-05-13 22:47 - 000002513 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2021-05-13 22:47 - 2021-05-13 22:47 - 000002490 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2021-05-13 22:47 - 2021-05-13 22:47 - 000002485 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2021-05-13 21:28 - 2021-05-13 21:28 - 001687040 _____ C:\WINDOWS\system32\libcrypto.dll
2021-05-13 21:27 - 2021-05-13 21:27 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-05-13 21:27 - 2021-05-13 21:27 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-05-13 21:27 - 2021-05-13 21:27 - 001823816 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-05-13 21:27 - 2021-05-13 21:27 - 001393504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-05-13 21:27 - 2021-05-13 21:27 - 001314120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-05-13 21:27 - 2021-05-13 21:27 - 001163776 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-05-13 21:27 - 2021-05-13 21:27 - 000700928 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2021-05-13 21:27 - 2021-05-13 21:27 - 000165888 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-05-13 21:27 - 2021-05-13 21:27 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2021-05-13 21:27 - 2021-05-13 21:27 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe
2021-05-13 21:27 - 2021-05-13 21:27 - 000011351 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-05-13 21:19 - 2021-05-13 21:19 - 000000000 ____D C:\WINDOWS\system32\Tasks\HP
2021-05-13 21:19 - 2021-05-13 21:19 - 000000000 ____D C:\Program Files\HPPrintScanDoctor
2021-05-11 22:27 - 2021-05-11 22:29 - 000446464 _____ C:\Users\standa\Downloads\Objednana_MERRY_FISHER_695_S2-B2021 upravená verze.xls
2021-05-02 21:43 - 2021-05-02 21:43 - 000000000 ____D C:\Users\hanah\AppData\Roaming\Foxit Software
2021-05-02 17:39 - 2021-05-02 17:39 - 002709926 _____ C:\Users\standa\Downloads\Panasonic_Breadmaker_Croustina_SD-ZP2000_EN_User-Manual (1).pdf
2021-05-02 17:37 - 2021-05-02 17:37 - 002709926 _____ C:\Users\standa\Downloads\Panasonic_Breadmaker_Croustina_SD-ZP2000_EN_User-Manual.pdf
2021-04-28 21:22 - 2021-04-28 21:22 - 016142144 _____ (HP Inc.) C:\Users\standa\Downloads\HPPSdr (3).exe
2021-04-28 21:15 - 2021-04-28 21:15 - 000051240 _____ C:\Users\standa\Downloads\Informace o splatnosti k pojistné smlouvě číslo 8492051828.pdf
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-05-25 19:17 - 2021-02-14 09:52 - 000000000 ____D C:\ProgramData\Mozilla
2021-05-25 19:16 - 2021-02-14 09:52 - 000001007 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-05-25 19:16 - 2017-01-08 14:12 - 000000000 ____D C:\Users\standa\AppData\LocalLow\Mozilla
2021-05-25 19:14 - 2019-04-03 16:42 - 000025211 _____ C:\Users\standa\Downloads\FRST.txt
2021-05-25 19:13 - 2019-04-03 16:41 - 000000000 ____D C:\FRST
2021-05-25 19:05 - 2021-02-14 09:52 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-05-25 19:03 - 2021-02-14 01:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-05-25 18:32 - 2021-02-14 01:40 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-05-25 18:17 - 2021-02-14 15:39 - 000004028 _____ C:\WINDOWS\system32\Tasks\Avast SecureLine VPN Update
2021-05-25 18:17 - 2021-02-14 01:42 - 000000000 ____D C:\ProgramData\NVIDIA
2021-05-25 18:16 - 2021-03-19 19:09 - 000000000 ____D C:\Program Files\CCleaner
2021-05-25 16:07 - 2021-02-14 01:24 - 000000000 ___HD C:\Program Files\WindowsApps
2021-05-25 16:07 - 2021-02-14 01:24 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-05-25 15:51 - 2021-03-19 19:09 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-05-25 15:49 - 2021-02-14 01:24 - 000000000 ____D C:\WINDOWS\system32\NDF
2021-05-23 14:22 - 2016-11-04 03:56 - 000000000 ____D C:\Program Files\Microsoft Office
2021-05-23 14:16 - 2021-02-14 09:26 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-05-23 14:16 - 2021-02-14 09:26 - 000002276 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-05-20 11:50 - 2021-02-14 10:30 - 000081632 _____ (Avast Software) C:\WINDOWS\system32\icarus_rvrt.exe
2021-05-18 08:05 - 2021-02-17 18:16 - 000000000 ____D C:\Users\hanah\AppData\Local\Packages
2021-05-18 07:57 - 2017-01-22 12:37 - 000000000 ___RD C:\Users\hanah\OneDrive
2021-05-18 07:54 - 2021-02-14 01:24 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-05-18 07:54 - 2017-01-22 12:36 - 000000000 __SHD C:\Users\hanah\IntelGraphicsProfiles
2021-05-16 08:54 - 2021-02-14 09:16 - 000000000 ____D C:\Users\standa\AppData\Local\Packages
2021-05-15 22:15 - 2021-02-14 01:41 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-05-15 17:15 - 2021-02-14 01:23 - 000000000 ____D C:\WINDOWS\INF
2021-05-14 07:42 - 2021-02-14 01:26 - 000719496 _____ C:\WINDOWS\system32\perfh005.dat
2021-05-14 07:42 - 2021-02-14 01:26 - 000145622 _____ C:\WINDOWS\system32\perfc005.dat
2021-05-14 07:42 - 2016-04-03 06:19 - 001693140 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-05-13 23:08 - 2021-02-14 09:24 - 000000000 ____D C:\Users\standa\AppData\Local\PlaceholderTileLogoFolder
2021-05-13 22:49 - 2017-01-08 13:28 - 000000000 ___RD C:\Users\standa\OneDrive
2021-05-13 22:48 - 2017-01-08 13:26 - 000000000 __SHD C:\Users\standa\IntelGraphicsProfiles
2021-05-13 22:47 - 2021-02-14 01:24 - 000000000 ____D C:\WINDOWS\ServiceState
2021-05-13 22:47 - 2020-11-06 20:34 - 000008192 ___SH C:\DumpStack.log.tmp
2021-05-13 22:46 - 2021-02-14 01:41 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-05-13 22:46 - 2021-02-14 01:40 - 000436504 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-05-13 22:46 - 2016-04-03 06:35 - 000000948 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2021-05-13 22:46 - 2016-04-03 06:35 - 000000944 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2021-05-13 22:45 - 2021-02-14 01:18 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-05-13 22:44 - 2021-02-14 01:27 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2021-05-13 22:44 - 2021-02-14 01:24 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-05-13 22:44 - 2021-02-14 01:24 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2021-05-13 22:44 - 2021-02-14 01:24 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-05-13 22:44 - 2021-02-14 01:24 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-05-13 22:44 - 2021-02-14 01:24 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2021-05-13 22:44 - 2021-02-14 01:24 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-05-13 22:44 - 2021-02-14 01:24 - 000000000 ____D C:\WINDOWS\SystemResources
2021-05-13 22:44 - 2021-02-14 01:24 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2021-05-13 22:44 - 2021-02-14 01:24 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-05-13 22:44 - 2021-02-14 01:24 - 000000000 ____D C:\WINDOWS\system32\setup
2021-05-13 22:44 - 2021-02-14 01:24 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-05-13 22:44 - 2021-02-14 01:24 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2021-05-13 22:44 - 2021-02-14 01:24 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-05-13 22:44 - 2021-02-14 01:24 - 000000000 ____D C:\WINDOWS\Provisioning
2021-05-13 22:44 - 2021-02-14 01:24 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-05-13 22:44 - 2021-02-14 01:24 - 000000000 ____D C:\WINDOWS\DiagTrack
2021-05-13 22:44 - 2021-02-14 01:24 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-05-13 21:57 - 2021-02-14 01:24 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-05-13 21:30 - 2021-02-14 01:24 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2021-05-13 21:30 - 2021-02-14 01:19 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-05-12 17:00 - 2021-02-14 09:33 - 000002249 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-05-12 17:00 - 2021-02-14 09:33 - 000002208 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-05-11 22:24 - 2021-02-11 16:41 - 000446464 _____ C:\Users\standa\Downloads\Objednana_MERRY_FISHER_695_S2-B2021.xls
2021-05-11 19:08 - 2021-02-14 09:51 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-05-11 19:05 - 2021-02-14 09:51 - 132732536 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-05-10 19:43 - 2021-02-17 18:17 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2132360492-723632287-2629535127-1002
2021-05-10 19:43 - 2021-02-14 01:54 - 000002363 _____ C:\Users\hanah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-05-09 15:59 - 2021-02-14 09:19 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2132360492-723632287-2629535127-1001
2021-05-09 15:59 - 2021-02-14 01:54 - 000002366 _____ C:\Users\standa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-05-05 18:11 - 2021-02-14 02:12 - 000004008 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineUA
2021-05-05 18:11 - 2021-02-14 02:12 - 000003776 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineCore
2021-05-02 21:43 - 2021-02-17 18:21 - 000000000 ____D C:\Users\hanah\AppData\Local\PlaceholderTileLogoFolder
2021-04-28 21:57 - 2021-02-14 09:16 - 000000000 ____D C:\ProgramData\Packages
2021-04-28 21:54 - 2021-04-10 08:02 - 000002378 _____ C:\Users\Public\Desktop\HP Print and Scan Doctor.lnk
2021-04-28 21:25 - 2021-04-10 08:02 - 000000000 ____D C:\ProgramData\HP
2021-04-26 18:56 - 2021-02-14 09:25 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-04-26 18:56 - 2021-02-14 09:25 - 000003460 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
==================== Files in the root of some directories ========
2021-05-25 19:25 - 2021-05-25 19:25 - 000000000 _____ () C:\Users\standa\AppData\Local\{93DF8DF9-272E-489A-A5CF-CC9464B1BB73}
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Run by standa at 2021-05-25 19:16:56
Microsoft Windows 10 Home
System drive C: has 257 GB (53%) free of 487 GB
Total RAM: 8059 MB (22% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:17:07, on 25.05.2021
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.19041.0001)
Boot mode: Normal
Running processes:
C:\Users\standa\AppData\Local\Temp\mexe.com
C:\Users\standa\Downloads\RSIT.exe
C:\Program Files (x86)\trend micro\standa.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus15.msn.com/?pc=ASTE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://asus15.msn.com/?pc=ASTE
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe
O2 - BHO: IEToEdge BHO - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\BHO\ie_to_edge_bho.dll
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O2 - BHO: Evernote extension - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll
O4 - HKCU\..\Run: [OneDrive] "C:\Users\standa\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_6530F5102E69735431FAA248529CFAF0] "C:\Program Files\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5
O4 - HKCU\..\Run: [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-2132360492-723632287-2629535127-1002\..\Run: [OneDrive] "C:\Users\hanah\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background (User 'hanah')
O4 - Global Startup: Avast SecureLine VPN.lnk = C:\Program Files\AVAST Software\SecureLine VPN\Vpn.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\OLIEResource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\MSOXMLMF.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
O23 - Service: AtherosSvc - Unknown owner - C:\WINDOWS\system32\AdminService.exe (file missing)
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUSTek Computer Inc. - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_9f310939ec1eebf9\IntelCpHeciSvc.exe
O23 - Service: Intel(R) Content Protection HDCP Service (cplspcon) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_9f310939ec1eebf9\IntelCpHDCPSvc.exe
O23 - Service: @%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100 (CredentialEnrollmentManagerUserSvc) - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: CredentialEnrollmentManagerUserSvc_22a0f1 - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: CredentialEnrollmentManagerUserSvc_28d9744 - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: Dropbox Update Service (dbupdate) (dbupdate) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: Dropbox Update Service (dbupdatem) (dbupdatem) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @oem24.inf,%ServiceDisplayName%;ESIF Upper Framework Service (esifsvc) - Intel Corporation - C:\WINDOWS\SysWOW64\esif_uf.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) (GoogleChromeElevationService) - Google LLC - C:\Program Files\Google\Chrome\Application\90.0.4430.212\elevation_service.exe
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google LLC - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google LLC - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Print Scan Doctor Service (HPPrintScanDoctorService) - HP Inc. - C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
O23 - Service: ICEsound Service (ICEsoundService) - Unknown owner - C:\WINDOWS\system32\ICEsoundService64.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_9f310939ec1eebf9\igfxCUIService.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Security Assist - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
O23 - Service: Intel(R) Security Assist Helper (isaHelperSvc) - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: WPS Office Update Service (Kingsoft_WPS_UpdateService) - Zhuhai Kingsoft Office Software Co.,Ltd - C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5247\wtoolex\wpsupdatesvr.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Network Service (NvStreamNetworkSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101 (perceptionsimulation) - Unknown owner - C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Avast SecureLine VPN (SecureLine) - AVAST Software - C:\Program Files\Avast Software\SecureLine VPN\VpnSvc.exe
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\WINDOWS\system32\SgrmBroker.exe (file missing)
O23 - Service: @firewallapi.dll,-50323 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 10 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 14251 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\DropboxUpdateTaskMachineCore.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /c
C:\WINDOWS\tasks\DropboxUpdateTaskMachineUA.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\WpsNotifyTask_Administrator.job - C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5247\wtoolex\wpsnotify.exe -from=task
C:\WINDOWS\tasks\WpsUpdateTask_Administrator.job - C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5247\wtoolex\wpsupdate.exe -from=task
=========Mozilla firefox=========
ProfilePath - C:\Users\standa\AppData\Roaming\Mozilla\Firefox\Profiles\z806poz8.default-release
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp]
"Description"=
"Path"=C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}]
IEToEdge BHO - C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\BHO\ie_to_edge_bho.dll [2021-05-20 410008]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-03-04 151872]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{92EF2EAD-A7CE-4424-B0DB-499CF856608E}]
Evernote extension - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2015-09-03 629256]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"=C:\Users\standa\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2021-05-09 1971560]
"GoogleChromeAutoLaunch_6530F5102E69735431FAA248529CFAF0"=C:\Program Files\Google\Chrome\Application\chrome.exe [2021-05-08 2396272]
"CCleaner Smart Cleaning"=C:\Program Files\CCleaner\CCleaner64.exe [2021-05-20 33770112]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Avast SecureLine VPN.lnk - C:\Program Files (x86)\AVAST Software\SecureLine VPN\Vpn.exe
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CBDHSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NgcCtnrSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NgcSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioEndpointBuilder]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioSrv]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CBDHSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudAddService.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudBus.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsQuic]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NgcCtnrSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NgcSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SerCx2.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\usbaudio.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96C-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"EnableFullTrustStartupTasks"=2
"EnableUwpStartupTasks"=2
"SupportFullTrustStartupTasks"=1
"SupportUwpStartupTasks"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"aux"=wdmaud.drv
"midi"=wdmaud.drv
"midimapper"=midimap.dll
"mixer"=wdmaud.drv
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\SysWOW64\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.cvid"=iccvid.dll
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wave"=wdmaud.drv
"wavemapper"=msacm32.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave1"=wdmaud.drv
"aux1"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave2"=wdmaud.drv
"aux2"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave3"=wdmaud.drv
======File associations======
.inf - install -
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2021-05-25 19:16:57 ----D---- C:\Program Files (x86)\trend micro
2021-05-25 19:16:56 ----D---- C:\rsit
2021-05-25 18:51:15 ----D---- C:\ProgramData\MicroWorld
2021-05-13 21:28:06 ----A---- C:\WINDOWS\SysWOW64\quickassist.exe
2021-05-13 21:28:02 ----A---- C:\WINDOWS\SysWOW64\mfps.dll
2021-05-13 21:28:02 ----A---- C:\WINDOWS\SysWOW64\mfh264enc.dll
2021-05-13 21:28:02 ----A---- C:\WINDOWS\SysWOW64\mfcore.dll
2021-05-13 21:28:02 ----A---- C:\WINDOWS\SysWOW64\DolbyDecMFT.dll
2021-05-13 21:27:59 ----A---- C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2021-05-13 21:27:58 ----A---- C:\WINDOWS\SysWOW64\wsp_health.dll
2021-05-13 21:27:58 ----A---- C:\WINDOWS\SysWOW64\wsp_fs.dll
2021-05-13 21:27:58 ----A---- C:\WINDOWS\SysWOW64\Windows.Mirage.dll
2021-05-13 21:27:58 ----A---- C:\WINDOWS\SysWOW64\tsgqec.dll
2021-05-13 21:27:58 ----A---- C:\WINDOWS\SysWOW64\SessEnv.dll
2021-05-13 21:27:58 ----A---- C:\WINDOWS\SysWOW64\remotepg.dll
2021-05-13 21:27:58 ----A---- C:\WINDOWS\SysWOW64\rdvvmtransport.dll
2021-05-13 21:27:58 ----A---- C:\WINDOWS\SysWOW64\nshwfp.dll
2021-05-13 21:27:58 ----A---- C:\WINDOWS\SysWOW64\mstscax.dll
2021-05-13 21:27:58 ----A---- C:\WINDOWS\SysWOW64\msjet40.dll
2021-05-13 21:27:58 ----A---- C:\WINDOWS\SysWOW64\mfsensorgroup.dll
2021-05-13 21:27:58 ----A---- C:\WINDOWS\SysWOW64\iemigplugin.dll
2021-05-13 21:27:58 ----A---- C:\WINDOWS\SysWOW64\CheckNetIsolation.exe
2021-05-13 21:27:58 ----A---- C:\WINDOWS\SysWOW64\fwcfg.dll
2021-05-13 21:27:58 ----A---- C:\WINDOWS\SysWOW64\FrameServerClient.dll
2021-05-13 21:27:58 ----A---- C:\WINDOWS\SysWOW64\authfwcfg.dll
2021-05-13 21:27:57 ----A---- C:\WINDOWS\SysWOW64\jscript9diag.dll
2021-05-13 21:27:57 ----A---- C:\WINDOWS\SysWOW64\jscript9.dll
2021-05-13 21:27:57 ----A---- C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll
2021-05-13 21:27:57 ----A---- C:\WINDOWS\SysWOW64\ieframe.dll
2021-05-13 21:27:56 ----A---- C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2021-05-13 21:27:56 ----A---- C:\WINDOWS\SysWOW64\mshtml.dll
2021-05-13 21:27:56 ----A---- C:\WINDOWS\SysWOW64\EdgeManager.dll
2021-05-13 21:27:55 ----A---- C:\WINDOWS\SysWOW64\storagewmi.dll
2021-05-13 21:27:55 ----A---- C:\WINDOWS\SysWOW64\smphost.dll
2021-05-13 21:27:55 ----A---- C:\WINDOWS\SysWOW64\resutils.dll
2021-05-13 21:27:55 ----A---- C:\WINDOWS\SysWOW64\nshhttp.dll
2021-05-13 21:27:55 ----A---- C:\WINDOWS\SysWOW64\mispace.dll
2021-05-13 21:27:55 ----A---- C:\WINDOWS\SysWOW64\jscript.dll
2021-05-13 21:27:55 ----A---- C:\WINDOWS\SysWOW64\edgehtml.dll
2021-05-13 21:27:55 ----A---- C:\WINDOWS\SysWOW64\clusapi.dll
2021-05-13 21:27:45 ----A---- C:\WINDOWS\SysWOW64\winipsec.dll
2021-05-13 21:27:45 ----A---- C:\WINDOWS\SysWOW64\Windows.UI.CredDialogController.dll
2021-05-13 21:27:45 ----A---- C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2021-05-13 21:27:45 ----A---- C:\WINDOWS\SysWOW64\wimgapi.dll
2021-05-13 21:27:45 ----A---- C:\WINDOWS\SysWOW64\vbscript.dll
2021-05-13 21:27:45 ----A---- C:\WINDOWS\SysWOW64\urlmon.dll
2021-05-13 21:27:45 ----A---- C:\WINDOWS\SysWOW64\shell32.dll
2021-05-13 21:27:45 ----A---- C:\WINDOWS\SysWOW64\rtm.dll
2021-05-13 21:27:45 ----A---- C:\WINDOWS\SysWOW64\rasapi32.dll
2021-05-13 21:27:45 ----A---- C:\WINDOWS\SysWOW64\polstore.dll
2021-05-13 21:27:45 ----A---- C:\WINDOWS\SysWOW64\oleaut32.dll
2021-05-13 21:27:45 ----A---- C:\WINDOWS\SysWOW64\nshipsec.dll
2021-05-13 21:27:45 ----A---- C:\WINDOWS\SysWOW64\msIso.dll
2021-05-13 21:27:45 ----A---- C:\WINDOWS\SysWOW64\mprdim.dll
2021-05-13 21:27:45 ----A---- C:\WINDOWS\SysWOW64\mprddm.dll
2021-05-13 21:27:45 ----A---- C:\WINDOWS\SysWOW64\iprtrmgr.dll
2021-05-13 21:27:45 ----A---- C:\WINDOWS\SysWOW64\iprtprio.dll
2021-05-13 21:27:45 ----A---- C:\WINDOWS\SysWOW64\iertutil.dll
2021-05-13 21:27:45 ----A---- C:\WINDOWS\SysWOW64\httpapi.dll
2021-05-13 21:27:45 ----A---- C:\WINDOWS\SysWOW64\FwRemoteSvr.dll
2021-05-13 21:27:45 ----A---- C:\WINDOWS\SysWOW64\fphc.dll
2021-05-13 21:27:45 ----A---- C:\WINDOWS\SysWOW64\edgeIso.dll
2021-05-13 21:27:45 ----A---- C:\WINDOWS\SysWOW64\drvstore.dll
2021-05-13 21:27:45 ----A---- C:\WINDOWS\SysWOW64\DMAppsRes.dll
2021-05-13 21:27:45 ----A---- C:\WINDOWS\SysWOW64\dabapi.dll
2021-05-13 21:27:44 ----A---- C:\WINDOWS\SysWOW64\WordBreakers.dll
2021-05-13 21:27:44 ----A---- C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2021-05-13 21:27:44 ----A---- C:\WINDOWS\SysWOW64\windows.storage.dll
2021-05-13 21:27:44 ----A---- C:\WINDOWS\SysWOW64\Windows.Internal.Graphics.Display.DisplayColorManagement.dll
2021-05-13 21:27:44 ----A---- C:\WINDOWS\SysWOW64\win32u.dll
2021-05-13 21:27:44 ----A---- C:\WINDOWS\SysWOW64\win32kfull.sys
2021-05-13 21:27:44 ----A---- C:\WINDOWS\SysWOW64\win32k.sys
2021-05-13 21:27:44 ----A---- C:\WINDOWS\SysWOW64\wfapigp.dll
2021-05-13 21:27:44 ----A---- C:\WINDOWS\SysWOW64\uReFS.dll
2021-05-13 21:27:44 ----A---- C:\WINDOWS\SysWOW64\TextInputFramework.dll
2021-05-13 21:27:44 ----A---- C:\WINDOWS\SysWOW64\SndVolSSO.dll
2021-05-13 21:27:44 ----A---- C:\WINDOWS\SysWOW64\SHCore.dll
2021-05-13 21:27:44 ----A---- C:\WINDOWS\SysWOW64\PCShellCommonProxyStub.dll
2021-05-13 21:27:44 ----A---- C:\WINDOWS\SysWOW64\OneCoreUAPCommonProxyStub.dll
2021-05-13 21:27:44 ----A---- C:\WINDOWS\SysWOW64\ngccredprov.dll
2021-05-13 21:27:44 ----A---- C:\WINDOWS\SysWOW64\mskeyprotect.dll
2021-05-13 21:27:44 ----A---- C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
2021-05-13 21:27:44 ----A---- C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll
2021-05-13 21:27:44 ----A---- C:\WINDOWS\SysWOW64\fwbase.dll
2021-05-13 21:27:44 ----A---- C:\WINDOWS\SysWOW64\FirewallAPI.dll
2021-05-13 21:27:44 ----A---- C:\WINDOWS\SysWOW64\EditBufferTestHook.dll
2021-05-13 21:27:44 ----A---- C:\WINDOWS\SysWOW64\daxexec.dll
2021-05-13 21:27:44 ----A---- C:\WINDOWS\SysWOW64\container.dll
2021-05-13 21:27:44 ----A---- C:\WINDOWS\SysWOW64\cldapi.dll
2021-05-13 21:27:44 ----A---- C:\WINDOWS\SysWOW64\certcli.dll
2021-05-13 21:27:44 ----A---- C:\WINDOWS\SysWOW64\AppResolver.dll
2021-05-13 21:27:43 ----A---- C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2021-05-13 21:27:43 ----A---- C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2021-05-13 21:27:43 ----A---- C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Background.SystemEventsBroker.dll
2021-05-13 21:27:43 ----A---- C:\WINDOWS\SysWOW64\UserDeviceRegistration.Ngc.dll
2021-05-13 21:27:43 ----A---- C:\WINDOWS\SysWOW64\UserDeviceRegistration.dll
2021-05-13 21:27:43 ----A---- C:\WINDOWS\SysWOW64\SystemEventsBrokerClient.dll
2021-05-13 21:27:43 ----A---- C:\WINDOWS\SysWOW64\ReAgent.dll
2021-05-13 21:27:43 ----A---- C:\WINDOWS\SysWOW64\GameInput.dll
2021-05-13 21:27:43 ----A---- C:\WINDOWS\SysWOW64\dxgi.dll
2021-05-13 21:27:43 ----A---- C:\WINDOWS\SysWOW64\dsregtask.dll
2021-05-13 21:27:43 ----A---- C:\WINDOWS\SysWOW64\dsreg.dll
2021-05-13 21:27:43 ----A---- C:\WINDOWS\SysWOW64\directmanipulation.dll
2021-05-13 21:27:43 ----A---- C:\WINDOWS\SysWOW64\aadtb.dll
2021-05-13 21:27:43 ----A---- C:\WINDOWS\SysWOW64\aadauthhelper.dll
2021-05-13 21:27:42 ----A---- C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2021-05-13 21:27:42 ----A---- C:\WINDOWS\SysWOW64\Wpc.dll
2021-05-13 21:27:42 ----A---- C:\WINDOWS\SysWOW64\Windows.ApplicationModel.ConversationalAgent.dll
2021-05-13 21:27:42 ----A---- C:\WINDOWS\SysWOW64\twinui.dll
2021-05-13 21:27:42 ----A---- C:\WINDOWS\SysWOW64\taskschd.dll
2021-05-13 21:27:42 ----A---- C:\WINDOWS\SysWOW64\stobject.dll
2021-05-13 21:27:42 ----A---- C:\WINDOWS\SysWOW64\ntdll.dll
2021-05-13 21:27:42 ----A---- C:\WINDOWS\SysWOW64\msctf.dll
2021-05-13 21:27:42 ----A---- C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2021-05-13 21:27:42 ----A---- C:\WINDOWS\SysWOW64\InputSwitch.dll
2021-05-13 21:27:42 ----A---- C:\WINDOWS\SysWOW64\explorer.exe
2021-05-13 21:27:42 ----A---- C:\WINDOWS\SysWOW64\diskpart.exe
2021-05-13 21:27:42 ----A---- C:\WINDOWS\SysWOW64\cmifw.dll
2021-05-13 21:27:42 ----A---- C:\WINDOWS\SysWOW64\agentactivationruntimewindows.dll
2021-05-13 21:27:42 ----A---- C:\WINDOWS\SysWOW64\agentactivationruntime.dll
2021-05-13 21:27:42 ----A---- C:\WINDOWS\SysWOW64\AarSvc.dll
2021-05-13 21:27:37 ----A---- C:\WINDOWS\SysWOW64\KernelBase.dll
2021-05-13 21:27:22 ----A---- C:\WINDOWS\explorer.exe
2021-05-13 21:18:40 ----A---- C:\WINDOWS\SysWOW64\poqexec.exe
======List of files/folders modified in the last 1 month======
2021-05-25 19:17:13 ----D---- C:\ProgramData\Mozilla
2021-05-25 19:17:01 ----D---- C:\WINDOWS\prefetch
2021-05-25 19:16:57 ----RD---- C:\Program Files (x86)
2021-05-25 19:16:09 ----D---- C:\WINDOWS\Temp
2021-05-25 19:16:07 ----RD---- C:\Program Files
2021-05-25 19:13:37 ----D---- C:\FRST
2021-05-25 19:13:31 ----SHD---- C:\System Volume Information
2021-05-25 19:05:58 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2021-05-25 19:03:09 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2021-05-25 18:51:15 ----HD---- C:\ProgramData
2021-05-25 18:17:31 ----D---- C:\ProgramData\NVIDIA
2021-05-25 16:07:10 ----D---- C:\WINDOWS\AppReadiness
2021-05-25 16:06:52 ----RD---- C:\WINDOWS\Microsoft.NET
2021-05-23 14:23:48 ----SHD---- C:\WINDOWS\Installer
2021-05-23 14:18:38 ----D---- C:\WINDOWS\apppatch
2021-05-18 07:54:46 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2021-05-16 09:03:43 ----D---- C:\WINDOWS\WinSxS
2021-05-15 17:15:29 ----D---- C:\WINDOWS\INF
2021-05-14 07:42:27 ----D---- C:\WINDOWS\System32
2021-05-13 22:47:20 ----ASH---- C:\DumpStack.log.tmp
2021-05-13 22:47:19 ----D---- C:\WINDOWS\ServiceState
2021-05-13 22:44:42 ----D---- C:\WINDOWS\SysWOW64\WinMetadata
2021-05-13 22:44:42 ----D---- C:\WINDOWS\SysWOW64\wbem
2021-05-13 22:44:42 ----D---- C:\WINDOWS\SysWOW64\setup
2021-05-13 22:44:42 ----D---- C:\WINDOWS\SysWOW64\oobe
2021-05-13 22:44:42 ----D---- C:\WINDOWS\SysWOW64\migration
2021-05-13 22:44:42 ----D---- C:\WINDOWS\SysWOW64\lt-LT
2021-05-13 22:44:42 ----D---- C:\WINDOWS\SysWOW64\en-US
2021-05-13 22:44:42 ----D---- C:\WINDOWS\SysWOW64\Dism
2021-05-13 22:44:42 ----D---- C:\WINDOWS\SysWOW64\cs-CZ
2021-05-13 22:44:42 ----D---- C:\WINDOWS\SysWOW64
2021-05-13 22:44:42 ----D---- C:\WINDOWS\SystemResources
2021-05-13 22:44:41 ----RD---- C:\WINDOWS\PrintDialog
2021-05-13 22:44:41 ----D---- C:\WINDOWS\Provisioning
2021-05-13 22:44:41 ----D---- C:\WINDOWS\PolicyDefinitions
2021-05-13 22:44:41 ----D---- C:\WINDOWS\en-US
2021-05-13 22:44:41 ----D---- C:\WINDOWS\DiagTrack
2021-05-13 22:44:41 ----D---- C:\WINDOWS\cs-CZ
2021-05-13 22:44:41 ----D---- C:\WINDOWS\bcastdvr
2021-05-13 22:44:41 ----D---- C:\Windows
2021-05-13 21:57:45 ----D---- C:\WINDOWS\LiveKernelReports
2021-05-13 21:30:54 ----D---- C:\WINDOWS\CbsTemp
2021-05-11 20:34:21 ----D---- C:\WINDOWS\debug
2021-04-28 21:57:55 ----D---- C:\ProgramData\Packages
2021-04-28 21:25:07 ----D---- C:\ProgramData\HP
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys []
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\WINDOWS\system32\drivers\iorate.sys []
R1 afunix;afunix; C:\WINDOWS\system32\drivers\afunix.sys [2020-11-06 29696]
R1 ATKWMIACPIIO;ATKWMIACPI Driver; \??\C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2015-05-08 20096]
R1 bam;@%SystemRoot%\system32\drivers\bam.sys,-100; C:\WINDOWS\system32\drivers\bam.sys []
R1 CimFS;CimFS; C:\WINDOWS\SysWOW64\drivers\CimFS.sys []
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys []
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys []
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2015-05-08 18048]
R2 bindflt;@%systemroot%\system32\drivers\bindflt.sys,-100; C:\WINDOWS\system32\drivers\bindflt.sys []
R2 CldFlt;Windows Cloud Files Filter Driver; C:\WINDOWS\system32\drivers\cldflt.sys []
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys []
R3 AiCharger;ASUS Charger Driver; C:\WINDOWS\system32\DRIVERS\AiCharger.sys []
R3 AsusSGDrv;@oem12.inf,%AsusSGDrv.SvcDesc%;ASUS Touch Service; C:\WINDOWS\System32\drivers\AsusSGDrv.sys []
R3 BtFilter;BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys []
R3 BthA2dp;@microsoft_bluetooth_a2dp.inf,%BthA2dp.ServiceDescription%;Microsoft Bluetooth A2dp driver; C:\WINDOWS\System32\drivers\BthA2dp.sys []
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\WINDOWS\System32\drivers\BthEnum.sys []
R3 BthHFAud;@microsoft_bluetooth_hfp.inf,%BTHHFAUD_DISPLAY_NAME%;Microsoft Bluetooth Hands-Free Audio driver; C:\WINDOWS\System32\drivers\BthHfAud.sys []
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys []
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys []
R3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\drivers\BTHport.sys []
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\drivers\BTHUSB.sys []
R3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\WINDOWS\System32\drivers\CAD.sys []
R3 dptf_acpi;dptf_acpi; C:\WINDOWS\System32\drivers\dptf_acpi.sys []
R3 dptf_cpu;dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys []
R3 esif_lf;esif_lf; C:\WINDOWS\system32\DRIVERS\esif_lf.sys []
R3 HIDSwitch;@oem91.inf,%ASSW.DisplayName%;ASUS Wireless Radio Control; C:\WINDOWS\System32\drivers\AsRadioControl.sys []
R3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys []
R3 igfx;igfx; C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_9f310939ec1eebf9\igdkmd64.sys [2019-10-30 20620368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys []
R3 IntcDAud;@oem46.inf,%IntcAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\System32\DriverStore\FileRepository\intcdaud.inf_amd64_0d54ec4feb82b9c1\IntcDAud.sys [2019-10-30 674152]
R3 MEIx64;@oem32.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys []
R3 Microsoft_Bluetooth_AvrcpTransport;@microsoft_bluetooth_avrcptransport.inf,%Microsoft_Bluetooth_AvrcpTransport.ServiceDescription%;Microsoft Bluetooth Avrcp Transport Driver; C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.AvrcpTransport.sys []
R3 MpKsl57630379;MpKsl57630379; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{2BD841C7-C7AE-43B5-A2E9-7E45AE87EC5B}\MpKslDrv.sys [2021-05-25 107744]
R3 MpKsld3c22837;MpKsld3c22837; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{00F7EC56-90B7-4A9D-B67B-0F204C207CDF}\MpKslDrv.sys [2021-05-25 107744]
R3 MsQuic;@%SystemRoot%\system32\drivers\msquic.sys,-1; C:\WINDOWS\system32\drivers\msquic.sys []
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvam.inf_amd64_1aae4f19e68d0780\nvlddmkm.sys [2017-12-12 17003280]
R3 nvvad_WaveExtensible;@oem90.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\WINDOWS\system32\drivers\nvvad64v.sys []
R3 Qcamain10x64;@netathr10x.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN 11AC device driver; C:\WINDOWS\System32\drivers\Qcamain10x64.sys []
S0 bttflt;@virtdisk.inf,%service_desc%;Microsoft Hyper-V VHDPMEM BTT Filter; C:\WINDOWS\System32\drivers\bttflt.sys []
S0 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys []
S0 iaStorAVC;@iastorav.inf,%iaStorAVC.DeviceDesc%;Intel Chipset SATA RAID Controller; C:\WINDOWS\System32\drivers\iaStorAVC.sys []
S0 ItSas35i;ItSas35i; C:\WINDOWS\System32\drivers\ItSas35i.sys []
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys []
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys []
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys []
S0 megasas35i;megasas35i; C:\WINDOWS\System32\drivers\megasas35i.sys []
S0 nvdimm;@nvdimm.inf,%nvdimm.SvcDesc%;Microsoft NVDIMM device driver; C:\WINDOWS\System32\drivers\nvdimm.sys []
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys []
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys []
S0 pmem;@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver; C:\WINDOWS\System32\drivers\pmem.sys []
S0 Ramdisk;Windows RAM Disk Driver; C:\WINDOWS\system32\DRIVERS\ramdisk.sys []
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys []
S3 Acx01000;@%SystemRoot%\system32\drivers\Acx01000.sys,-1000; C:\WINDOWS\system32\drivers\Acx01000.sys []
S3 amdgpio2;@amdgpio2.inf,%GPIO.SvcDesc%;AMD GPIO Client Driver; C:\WINDOWS\System32\drivers\amdgpio2.sys []
S3 amdi2c;@amdi2c.inf,%amdi2c.SVCDESC%;AMD I2C Controller Service; C:\WINDOWS\System32\drivers\amdi2c.sys []
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys []
S3 aswVpnRdr;Avast SecureLine VPN Driver; C:\WINDOWS\system32\drivers\aswVpnRdr.sys []
S3 bmfilter;@oem67.inf,%bmfilter.SvcDesc%;Network Connect USB Composite Device Filter Driver; C:\WINDOWS\System32\drivers\qcusbfilter.sys []
S3 bmusbser;@oem42.inf,%BMUSBSER%;Network Connect USB Device for Legacy Serial Communication; C:\WINDOWS\System32\drivers\qcusbser.sys []
S3 BthMini;@bth.inf,%BTHMINI.SvcDesc%;Bluetooth Radio Driver; C:\WINDOWS\System32\drivers\BTHMINI.sys []
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys []
S3 dg_ssudbus;@oem20.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\System32\drivers\ssudbus2.sys []
S3 DSI_SiUSBXp_3_1;DSI_SiUSBXp_3_1; C:\WINDOWS\system32\drivers\DSI_SiUSBXp_3_1.sys []
S3 eu3eusbser;@oem23.inf,%SERVICE_DISPLAY_NAME%;Cinterion EU3-E USB Device for Legacy Serial Communication; C:\WINDOWS\System32\drivers\eu3eusbser.sys []
S3 gameflt;@oem5.inf,%ServiceName%;gameflt; C:\WINDOWS\System32\DriverStore\FileRepository\gameflt.inf_amd64_3af6b7fbc809d4f2\gameflt.sys [2020-11-20 72048]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\DriverStore\FileRepository\genericusbfn.inf_amd64_53931f0ae21d6d2c\genericusbfn.sys [2019-12-07 23040]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys []
S3 hidspi;@hidspi_km.inf,%hidspi.SVCDESC%;Microsoft SPI HID Miniport Driver; C:\WINDOWS\System32\drivers\hidspi.sys []
S3 HPEWSFXBULK;HPEWSFXBULK; C:\WINDOWS\system32\drivers\hpfx64bulk.sys []
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys []
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver; C:\WINDOWS\System32\Drivers\mshwnclx.sys []
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys []
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys []
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys []
S3 iaLPSS2_I2C;@oem40.inf,%iaLPSS2_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2_I2C.sys []
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys []
S3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys []
S3 iaLPSS2i_GPIO2_CNL;@iaLPSS2i_GPIO2_CNL.inf,%iaLPSS2i_GPIO2_CNL.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_CNL.sys []
S3 iaLPSS2i_GPIO2_GLK;@iaLPSS2i_GPIO2_GLK.inf,%iaLPSS2i_GPIO2_GLK.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_GLK.sys []
S3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys []
S3 iaLPSS2i_I2C_CNL;@iaLPSS2i_I2C_CNL.inf,%iaLPSS2i_I2C_CNL.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_CNL.sys []
S3 iaLPSS2i_I2C_GLK;@iaLPSS2i_I2C_GLK.inf,%iaLPSS2i_I2C_GLK.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_GLK.sys []
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys []
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys []
S3 intelpmax;@intelpmax.inf,%SvcDesc%;Intel(R) Dynamic Device Peak Power Manager Driver; C:\WINDOWS\System32\drivers\intelpmax.sys []
S3 IPT;IPT; C:\WINDOWS\System32\drivers\ipt.sys []
S3 iwdbus;@oem1.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys []
S3 KMWDFILTER;HIDServiceDesc; C:\WINDOWS\System32\drivers\KMWDFILTER.sys []
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\WINDOWS\System32\drivers\mausbhost.sys []
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\WINDOWS\System32\drivers\mausbip.sys []
S3 MbbCx;MBB Network Adapter Class Extension; C:\WINDOWS\system32\drivers\MbbCx.sys []
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys []
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys []
S3 NDKPing;NDKPing Driver; C:\WINDOWS\system32\drivers\NDKPing.sys []
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys []
S3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2015-12-09 19576]
S3 NvStUSB;@oem10.inf,%NvStUSB.SvcDesc%;NVIDIA Stereoscopic 3D USB driver; C:\WINDOWS\System32\drivers\nvstusb.sys []
S3 NVSWCFilter;@oem56.inf,%NVSWCFilter.SvcDesc%;NVIDIA SHIELD Wireless Controller Trackpad Service; C:\WINDOWS\System32\drivers\nvswcfilter.sys []
S3 PktMon;Packet Monitor Driver; C:\WINDOWS\system32\drivers\PktMon.sys []
S3 PNPMEM;@memory.inf,%PNPMEM.SvcDesc%;Microsoft Memory Module Driver; C:\WINDOWS\System32\drivers\pnpmem.sys []
S3 portcfg;portcfg; C:\WINDOWS\System32\drivers\portcfg.sys []
S3 qcusbser;@oem2.inf,%QCUSBSER%;Qualcomm USB Device for Legacy Serial Communication; C:\WINDOWS\System32\drivers\qcusbser.sys []
S3 ReFSv1;ReFSv1; C:\WINDOWS\SysWOW64\drivers\ReFSv1.sys []
S4 hvcrash;hvcrash; C:\WINDOWS\System32\drivers\hvcrash.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
R2 CDPUserSvc_22a0f1;Uživatelská služba platformy připojených zařízení_22a0f1; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
R2 CDPUserSvc_28d9744;Uživatelská služba platformy připojených zařízení_28d9744; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
R2 ClickToRunSvc;Microsoft Office Click-to-Run Service; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2021-04-28 8798600]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2020-11-06 47016]
R2 DispBrokerDesktopSvc;@%SystemRoot%\system32\dispbroker.desktop.dll,-101; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; C:\WINDOWS\System32\svchost.exe [2020-11-06 47016]
R2 HPPrintScanDoctorService;HP Print Scan Doctor Service; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [2021-05-12 288360]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2015-10-16 415520]
R2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [2017-12-04 462920]
R2 OneSyncSvc_22a0f1;Hostitel synchronizace_22a0f1; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
R2 OneSyncSvc_28d9744;Hostitel synchronizace_28d9744; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
R3 BTAGService;@%SystemRoot%\system32\BTAGService.dll,-101; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
R3 BthAvctpSvc;@%SystemRoot%\system32\BthAvctpSvc.dll,-101; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
R3 camsvc;@%SystemRoot%\system32\CapabilityAccessManager.dll,-1; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
R3 cbdhsvc_22a0f1;Uživatelská služba schránky_22a0f1; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
R3 cbdhsvc_28d9744;Uživatelská služba schránky_28d9744; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
R3 DisplayEnhancementService;@%SystemRoot%\System32\Microsoft.Graphics.Display.DisplayEnhancementService.dll,-1000; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
R3 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2020-11-06 47016]
R3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2020-11-06 47016]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2019-11-08 46184]
R3 InstallService;@%SystemRoot%\system32\InstallService.dll,-200; C:\WINDOWS\System32\svchost.exe [2020-11-06 47016]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2020-11-06 47016]
R3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2020-11-06 47016]
R3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
R3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
R3 PimIndexMaintenanceSvc_28d9744;Data kontaktů_28d9744; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
S2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe [2015-07-22 123704]
S2 AtherosSvc;AtherosSvc; C:\WINDOWS\system32\AdminService.exe []
S2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2015-04-01 107320]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
S2 cplspcon;Intel(R) Content Protection HDCP Service; C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_9f310939ec1eebf9\IntelCpHDCPSvc.exe [2019-10-30 510008]
S2 dbupdate;Dropbox Update Service (dbupdate); C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2021-02-14 143144]
S2 edgeupdate;Služba Microsoft Edge Update (edgeupdate); C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [2021-02-14 214960]
S2 esifsvc;@oem24.inf,%ServiceDisplayName%;ESIF Upper Framework Service; C:\WINDOWS\SysWOW64\esif_uf.exe [2015-11-09 1392792]
S2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2015-12-09 1156216]
S2 gupdate;Služba Aktualizace Google (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2021-02-14 154440]
S2 ICEsoundService;ICEsound Service; C:\WINDOWS\system32\ICEsoundService64.exe []
S2 igfxCUIService2.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_9f310939ec1eebf9\igfxCUIService.exe [2019-10-30 391736]
S2 isaHelperSvc;Intel(R) Security Assist Helper; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [2015-05-19 7680]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2015-10-16 207648]
S2 Kingsoft_WPS_UpdateService;WPS Office Update Service; C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5247\wtoolex\wpsupdatesvr.exe [2016-04-03 133480]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2020-11-06 47016]
S2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2015-12-09 1872504]
S2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2015-12-09 6477432]
S2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe []
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
S3 AarSvc;@%SystemRoot%\system32\AarSvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
S3 AarSvc_22a0f1;Agent Activation Runtime_22a0f1; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
S3 AarSvc_28d9744;Agent Activation Runtime_28d9744; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
S3 autotimesvc;@%SystemRoot%\System32\autotimesvc.dll,-6; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
S3 BcastDVRUserService;@%SystemRoot%\system32\BcastDVRUserService.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
S3 BcastDVRUserService_22a0f1;Uživatelská služba pro GameDVR a vysílání her_22a0f1; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
S3 BcastDVRUserService_28d9744;Uživatelská služba pro GameDVR a vysílání her_28d9744; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
S3 BluetoothUserService;@%SystemRoot%\system32\Microsoft.Bluetooth.UserService.dll,-101; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
S3 BluetoothUserService_22a0f1;Služba pro podporu uživatelů Bluetooth_22a0f1; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
S3 BluetoothUserService_28d9744;Služba pro podporu uživatelů Bluetooth_28d9744; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
S3 CaptureService;@%SystemRoot%\system32\CaptureService.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
S3 CaptureService_22a0f1;CaptureService_22a0f1; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
S3 CaptureService_28d9744;CaptureService_28d9744; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
S3 cbdhsvc;@%SystemRoot%\system32\cbdhsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
S3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2020-11-06 47016]
S3 ConsentUxUserSvc;@%SystemRoot%\system32\ConsentUxClient.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
S3 ConsentUxUserSvc_22a0f1;ConsentUX_22a0f1; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
S3 ConsentUxUserSvc_28d9744;ConsentUX_28d9744; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_9f310939ec1eebf9\IntelCpHeciSvc.exe [2019-10-30 508984]
S3 CredentialEnrollmentManagerUserSvc;@%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100; C:\WINDOWS\system32\CredentialEnrollmentManager.exe []
S3 CredentialEnrollmentManagerUserSvc_22a0f1;CredentialEnrollmentManagerUserSvc_22a0f1; C:\WINDOWS\system32\CredentialEnrollmentManager.exe []
S3 CredentialEnrollmentManagerUserSvc_28d9744;CredentialEnrollmentManagerUserSvc_28d9744; C:\WINDOWS\system32\CredentialEnrollmentManager.exe []
S3 dbupdatem;Dropbox Update Service (dbupdatem); C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2021-02-14 143144]
S3 DeviceAssociationBrokerSvc;@%SystemRoot%\system32\deviceaccess.dll,-107; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
S3 DeviceAssociationBrokerSvc_22a0f1;DeviceAssociationBroker_22a0f1; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
S3 DeviceAssociationBrokerSvc_28d9744;DeviceAssociationBroker_28d9744; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
S3 DevicePickerUserSvc;@%SystemRoot%\system32\Windows.Devices.Picker.dll,-1006; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
S3 DevicePickerUserSvc_22a0f1;DevicePicker_22a0f1; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
S3 DevicePickerUserSvc_28d9744;DevicePicker_28d9744; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
S3 DevicesFlowUserSvc_22a0f1;Tok zařízení_22a0f1; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
S3 DevicesFlowUserSvc_28d9744;Tok zařízení_28d9744; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe []
S3 diagsvc;@%systemroot%\system32\DiagSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2020-11-06 47016]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
S3 edgeupdatem;Služba Microsoft Edge Update (edgeupdatem); C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [2021-02-14 214960]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\WINDOWS\System32\svchost.exe [2020-11-06 47016]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2020-11-06 47016]
S3 GoogleChromeElevationService;Google Chrome Elevation Service (GoogleChromeElevationService); C:\Program Files\Google\Chrome\Application\90.0.4430.212\elevation_service.exe [2021-05-08 1498216]
S3 GraphicsPerfSvc;@%SystemRoot%\system32\GraphicsPerfSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2020-11-06 47016]
S3 gupdatem;Služba Aktualizace Google (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2021-02-14 154440]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2015-05-22 881152]
S3 Intel(R) Security Assist;Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [2015-05-19 335872]
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; C:\WINDOWS\System32\svchost.exe [2020-11-06 47016]
S3 LxpSvc;@%SystemRoot%\system32\LanguageOverlayServer.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
S3 MessagingService_22a0f1;Služba zasílání zpráv_22a0f1; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
S3 MessagingService_28d9744;Služba zasílání zpráv_28d9744; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
S3 MicrosoftEdgeElevationService;Microsoft Edge Elevation Service (MicrosoftEdgeElevationService); C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\elevation_service.exe [2021-05-20 1567648]
S3 MixedRealityOpenXRSvc;@%SystemRoot%\system32\MixedRealityRuntime.dll,-101; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2021-05-25 242672]
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
S3 NvStreamNetworkSvc;NVIDIA Streamer Network Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [2015-12-09 8185464]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2002-02-01 263496]
S3 perceptionsimulation;@%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101; C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe []
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
S3 PimIndexMaintenanceSvc_22a0f1;Data kontaktů_22a0f1; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
S3 PrintWorkflowUserSvc;@%SystemRoot%\system32\PrintWorkflowService.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
S3 PrintWorkflowUserSvc_22a0f1;PrintWorkflow_22a0f1; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
S3 PrintWorkflowUserSvc_28d9744;PrintWorkflow_28d9744; C:\WINDOWS\system32\svchost.exe [2020-11-06 47016]
S3 PushToInstall;@%SystemRoot%\system32\pushtoinstall.dll,-200; C:\WINDOWS\System32\svchost.exe [2020-11-06 47016]
-----------------EOF-----------------
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-05-2021
Ran by standa (25-05-2021 19:25:54)
Running from C:\Users\standa\Downloads
Windows 10 Home Version 20H2 19042.985 (X64) (2021-02-14 00:18:07)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2132360492-723632287-2629535127-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2132360492-723632287-2629535127-503 - Limited - Disabled)
Guest (S-1-5-21-2132360492-723632287-2629535127-501 - Limited - Disabled)
hanah (S-1-5-21-2132360492-723632287-2629535127-1002 - Limited - Enabled) => C:\Users\hanah
standa (S-1-5-21-2132360492-723632287-2629535127-1001 - Administrator - Enabled) => C:\Users\standa
WDAGUtilityAccount (S-1-5-21-2132360492-723632287-2629535127-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
ASUS HiPost (HKLM-x32\...\{04768366-F421-4BA5-8423-B84F644B5249}) (Version: 1.0.6 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 4.1.6 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0041 - ASUS)
AudioWizard (HKLM-x32\...\{57E770A2-2BAF-4CAA-BAA3-BD896E2254D3}) (Version: 1.0.0.135 - ICEpower a/s)
Avast SecureLine for Asustek (HKLM\...\{2CD3C92F-EDC5-4B02-9B0A-9C1D37C58EF5}_is1) (Version: 1.0.239.3 - AVAST Software)
Avast SecureLine VPN (HKLM\...\Avast SecureLine) (Version: 5.11.5523.2244 - Avast Software)
CCleaner (HKLM\...\CCleaner) (Version: 5.80 - Piriform)
Dropbox 25 GB (HKLM-x32\...\{0867A88D-764F-366E-9E21-130DA8B472C3}) (Version: 3.1.18.0 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.459.1 - Dropbox, Inc.) Hidden
Evernote v. 5.9.1 (HKLM-x32\...\{5EA1DED0-5285-11E5-8AA1-0050569584E9}) (Version: 5.9.1.8742 - Evernote Corp.)
File Magic (HKLM\...\File Magic_is1) (Version: 1.9.8.19 - Solvusoft Corporation)
Foxit PhantomPDF (HKLM-x32\...\{39263796-F296-43AF-909C-FCF99592BAC4}) (Version: 7.2.52.1209 - Foxit Software Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 90.0.4430.212 - Google LLC)
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.1.10605.221 - Intel Corporation)
Intel(R) Chipset Device Software (HKLM-x32\...\{a2d9fda8-65eb-4c06-81ef-31e0a4daa335}) (Version: 10.1.1.11 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1173 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4364 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1519.7 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 90.0.818.66 - Microsoft Corporation)
Microsoft Office 2016 pro domácnosti - cs-cz (HKLM\...\HomeStudentRetail - cs-cz) (Version: 16.0.13929.20386 - Microsoft Corporation)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 18.151.0729.0013 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2132360492-723632287-2629535127-1001\...\OneDriveSetup.exe) (Version: 21.073.0411.0002 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2132360492-723632287-2629535127-1002\...\OneDriveSetup.exe) (Version: 21.073.0411.0002 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{A0E1B43D-5F4A-46AF-9925-ABA3423325DC}) (Version: 2.77.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
MiVue Manager (HKLM-x32\...\{123BDDDC-D02F-4C6E-A011-9CB265E2483E}) (Version: 1.0.39.1 - Mio Technology Corporation)
Mozilla Firefox 88.0.1 (x64 cs) (HKLM\...\Mozilla Firefox 88.0.1 (x64 cs)) (Version: 88.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 85.0.2 - Mozilla)
NVIDIA GeForce Experience 2.8.1.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.8.1.21 - NVIDIA Corporation)
NVIDIA Graphics Driver 359.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 359.23 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.13929.20386 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.13929.20386 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.13929.20386 - Microsoft Corporation) Hidden
Qualcomm Atheros 11ac Wireless LAN&Bluetooth Installer (HKLM-x32\...\{3241744A-BA36-41F0-B4AA-EF3946D00632}) (Version: 11.0.0.10299 - Qualcomm Atheros)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.2.703.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8564 - Realtek Semiconductor Corp.)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.43835 - TeamViewer)
TotalXMLConverter (HKLM-x32\...\Total XML Converter_is1) (Version: 3.5 - Softplicity, Inc.)
VobSub v2.23 (Remove Only) (HKLM-x32\...\VobSub) (Version: - )
Windows Driver Package - ASUS (AsusSGDrv) Mouse (11/11/2015 8.0.0.23) (HKLM\...\FF0137EA2940E916D51DA702B6425126CC7C89BF) (Version: 11/11/2015 8.0.0.23 - ASUS)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 3.1.0 - ASUS)
WinRAR 6.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.00.0 - win.rar GmbH)
WPS Office for ASUS (HKLM-x32\...\Kingsoft Office) (Version: 9.1.0.5247 - Kingsoft Corp.)
Packages:
=========
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_127.1.115.0_x64__v10z8vjag6ke6 [2021-05-12] (HP Inc.)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.5170.0_x64__8wekyb3d8bbwe [2021-05-24] (Microsoft Studios) [MS Ad]
Music Maker Jam -> C:\Program Files\WindowsApps\MAGIX.MusicMakerJam_3.1.1.0_x64__a2t3txkz9j1jw [2021-02-17] (MAGIX)
MyASUS-Service Center -> C:\Program Files\WindowsApps\b9eced6f.myasus_3.3.11.0_x86__qmba6cd70vzyy [2021-02-17] (ASUSTeK COMPUTER INC.) [Startup Task]
TripAdvisor Hotels Flights Restaurants -> C:\Program Files\WindowsApps\TripAdvisorLLC.TripAdvisorHotelsFlightsRestaurants_1.5.10.0_x64__qj0v5chwq8f2g [2021-02-17] (TripAdvisor LLC)
VLC -> C:\Program Files\WindowsApps\VideoLAN.VLC_3.2.1.0_x64__paz6r1rewnh0a [2021-04-23] (VideoLAN)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.2.6.547\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.) [File not signed]
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.2.6.547\ASUSWSShellExt64.dll [2015-04-22] (ASUS Cloud Corporation.) [File not signed]
ContextMenuHandlers1: [Foxit_ConvertToPDF] -> {C5269811-4A29-4818-A4BB-111F9FC63A5F} => C:\Program Files (x86)\Foxit PhantomPDF\plugins\ConvertToPDFShellExtension_x64.dll [2015-12-10] (Foxit Software Incorporated -> Foxit Software Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1: [{26D8ED70-189A-48FD-9482-67F08AAC0D31}] -> {26D8ED70-189A-48FD-9482-67F08AAC0D31} => C:\Program Files\CoolUtils\TotalXMLConverter\CoolUtilsContextMenu64.dll [2018-05-20] (Softplicity -> )
ContextMenuHandlers3: [BackupContextMenuExtension] -> {b1b96b20-da1d-4a3c-92c1-7229b32f2326} => C:\Program Files (x86)\Common Files\AWS\2.2.6.547\ASUSWSContextMenu.dll [2015-12-24] (ASUS Cloud Corporation -> ASUS Cloud Corporation)
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_9f310939ec1eebf9\igfxDTCM.dll [2019-10-30] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-12-04] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\standa\Desktop\Osobní - Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory="Default"
ShortcutWithArgument: C:\Users\standa\Desktop\rustonka - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"
ShortcutWithArgument: C:\Users\standa\Desktop\stanislav - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Default"
ShortcutWithArgument: C:\Users\standa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Diagnostika připojení Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=eemlkeanncmjljgehlbplemhmdmalhdc
ShortcutWithArgument: C:\Users\standa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\HP Print pro Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=cjanmonomjogheabiocdamfpknlpdehm
ShortcutWithArgument: C:\Users\standa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Nástroj na obnovení Chromebooku.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=jndclpdbaamdhonoechobihbbiimdgai
ShortcutWithArgument: C:\Users\standa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Videostream for Google Chromecast™.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=cnciopoikihiagdjbjpnocolokfelagl
ShortcutWithArgument: C:\Users\standa\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\stanislav - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Default"
==================== Loaded Modules (Whitelisted) =============
2015-04-22 15:59 - 2015-04-22 15:59 - 001489920 _____ (ASUS Cloud Corporation.) [File not signed] C:\Program Files (x86)\Common Files\AWS\2.2.6.547\ASUSWSShellExt64.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKU\S-1-5-21-2132360492-723632287-2629535127-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus15.msn.com/?pc=ASTE
HKU\S-1-5-21-2132360492-723632287-2629535127-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus15.msn.com/?pc=ASTE
HKU\S-1-5-21-2132360492-723632287-2629535127-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus15.msn.com/?pc=ASTE
HKU\S-1-5-21-2132360492-723632287-2629535127-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus15.msn.com/?pc=ASTE
SearchScopes: HKU\S-1-5-21-2132360492-723632287-2629535127-1001 -> DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2132360492-723632287-2629535127-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-03-04] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2015-09-03] (EVERNOTE CORPORATION -> Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-12] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-05-12] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-12] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-05-12] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-12] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-05-12] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-05-12] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-05-12] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2015-10-30 09:24 - 2021-02-14 15:20 - 000000753 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
2021-03-01 17:26 - 2021-03-01 17:26 - 000000504 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
192.168.137.205 COM-MID1.mshome.net # 2021 3 1 8 15 26 1 839
192.168.137.1 DESKTOP-J5SRGEL.mshome.net # 2026 2 6 28 15 26 1 839
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-2132360492-723632287-2629535127-1001\Control Panel\Desktop\\Wallpaper ->
HKU\S-1-5-21-2132360492-723632287-2629535127-1002\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{6BB4F30E-63F3-4206-8C2A-112A4E1E12D3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C1F70493-48E9-452A-9138-337D2945C70C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D37B691C-47EE-4E42-AFA7-9091226952E6}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E1D91743-9D5F-47D9-AEA9-CAD241264DAD}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C98EC5B8-7B2B-467F-812F-15F4B305A98C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{52C1A80B-2788-48F1-8C4F-0A12B85F3809}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{68C8A16E-3C53-4D9A-9A86-2E4E8F516703}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{71AAD653-4B5B-4C0D-9867-06BEDFCAAD13}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{55195C66-EDF4-4471-AD5D-ABB7356756CF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{E5EF380D-DEA8-4BB3-8CA6-89D25384A092}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{670C6701-AAA6-4133-BE94-ECE69E360925}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{3AF14C86-2A5C-44E9-B840-7D3CDE1F0494}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer -> TeamViewer GmbH)
FirewallRules: [{AC3102B1-CDDF-4C31-B84D-8ED4A93DF8AE}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer -> TeamViewer GmbH)
FirewallRules: [{CA4A6D16-3F17-434B-8481-6EB96246DC83}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer -> TeamViewer GmbH)
FirewallRules: [{D4DF826F-1DC0-4F91-8CAC-8B9A193AE84D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer -> TeamViewer GmbH)
FirewallRules: [{973CCF2A-D4D8-4D50-9E59-7B087760639A}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{87B0F7BB-F4A7-446F-875C-06E14A0E7221}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{52FE2970-BB8E-40AF-92D9-7466797ED74B}] => (Allow) C:\Program Files (x86)\HP\Diagnostics\PSDR\SoftPaq\Binaries\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [{087F9B5C-2265-422B-817A-252B575826AF}] => (Allow) C:\Program Files (x86)\HP\Diagnostics\PSDR\SoftPaq\Binaries\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [{1F28A119-4FA2-4BB0-92CB-2DFF820CAC89}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
09-05-2021 19:36:41 Naplánovaný kontrolní bod
13-05-2021 21:18:23 Instalační služba modulů systému Windows
13-05-2021 21:20:42 Instalační služba modulů systému Windows
23-05-2021 15:32:50 Naplánovaný kontrolní bod
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (05/25/2021 07:23:50 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program SystemSettings.exe verze 10.0.19041.789 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.
ID procesu: 260
Čas spuštění: 01d751828a7b87c1
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Windows\ImmersiveControlPanel\SystemSettings.exe
ID hlášení: efa701b2-d5e8-462a-9381-3a34d2d63202
Úplný název balíčku s chybou: windows.immersivecontrolpanel_10.0.2.1000_neutral_neutral_cw5n1h2txyewy
ID aplikace relativní podle balíčku s chybou: microsoft.windows.immersivecontrolpanel
Typ zablokování: Navigation
Error: (05/18/2021 07:55:28 AM) (Source: Microsoft Office 16) (EventID: 2001) (User: )
Description: Microsoft Word: Rejected Safe Mode action : Naposledy se nepodařilo spustit Word. Problém byste mohli odstranit pomocí nouzového režimu, některé funkce ale v tomto režimu nemusí být dostupné.
Chcete použít spuštění v nouzovém režimu?.
Rejected Safe Mode action : Microsoft Word.
Error: (05/02/2021 03:25:04 PM) (Source: Firefox Default Browser Agent) (EventID: 12029) (User: )
Description: Event-ID 12029
Error: (05/02/2021 03:25:04 PM) (Source: Firefox Default Browser Agent) (EventID: 0) (User: )
Description: Event-ID 0
Error: (04/18/2021 09:54:18 AM) (Source: Firefox Default Browser Agent) (EventID: 12007) (User: )
Description: Event-ID 12007
Error: (04/18/2021 09:54:18 AM) (Source: Firefox Default Browser Agent) (EventID: 0) (User: )
Description: Event-ID 0
Error: (04/17/2021 09:16:43 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1552) (User: NT AUTHORITY)
Description: Uživatelský podregistr načetl jiný proces (zámek registru). Název procesu: C:\Program Files\AVG\Antivirus\avgToolsSvc.exe, identifikátor PID: 3864, identifikátor PID ProfSvc: 1872.
Error: (04/17/2021 09:11:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: wuauclt.exe, verze: 10.0.19041.867, časové razítko: 0x01b4b287
Název chybujícího modulu: drvsetup.dll_unloaded, verze: 10.0.19041.662, časové razítko: 0x9c748be2
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000000073bb
ID chybujícího procesu: 0x3e60
Čas spuštění chybující aplikace: 0x01d733bd5bf56119
Cesta k chybující aplikaci: C:\WINDOWS\system32\wuauclt.exe
Cesta k chybujícímu modulu: drvsetup.dll
ID zprávy: 7ba20fd6-bc3d-4dc2-a092-a74e9485b9cf
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
System errors:
=============
Error: (05/25/2021 06:17:31 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Security Assist byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (05/25/2021 06:17:31 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba HP Print Scan Doctor Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 5000 milisekund: Restartovat službu.
Error: (05/25/2021 06:17:31 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba NVIDIA Network Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (05/25/2021 06:17:31 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Microsoft Office Click-to-Run Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.
Error: (05/25/2021 06:17:31 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Avast SecureLine VPN byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.
Error: (05/25/2021 06:17:31 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Content Protection HECI Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (05/25/2021 06:17:30 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Presentation Foundation Font Cache 3.0.0.0 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.
Error: (05/25/2021 06:17:30 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Content Protection HDCP Service byla neočekávaně ukončena. Tento stav nastal již 1krát.
Windows Defender:
================
Date: 2021-05-25 19:12:35
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Wacatac.B!ml
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\standa\Downloads\FRST64 (1).exe; file:_C:\Users\standa\Downloads\FRST64 (3).exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-J5SRGEL\standa
Název procesu: C:\Windows\explorer.exe
Verze bezpečnostních informací: AV: 1.339.1355.0, AS: 1.339.1355.0, NIS: 0.0.0.0
Verze modulu: AM: 1.1.18100.6, NIS: 0.0.0.0
Date: 2021-05-25 19:12:33
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Wacatac.B!ml
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\standa\Downloads\FRST64 (3).exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-J5SRGEL\standa
Název procesu: C:\Windows\explorer.exe
Verze bezpečnostních informací: AV: 1.339.1355.0, AS: 1.339.1355.0, NIS: 0.0.0.0
Verze modulu: AM: 1.1.18100.6, NIS: 0.0.0.0
Date: 2021-05-25 19:11:21
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Wacatac.B!ml
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\standa\Downloads\FRST64 (1).exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-J5SRGEL\standa
Název procesu: C:\Windows\explorer.exe
Verze bezpečnostních informací: AV: 1.339.1355.0, AS: 1.339.1355.0, NIS: 1.339.1355.0
Verze modulu: AM: 1.1.18100.6, NIS: 1.1.18100.6
Date: 2021-05-25 18:11:12
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {363F1AB6-9BDD-4A96-8D93-44125B3B8961}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2021-05-25 17:49:35
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: PUA:Win32/PiriformBundler
Závažnost: Nízké
Kategorie: Potenciálně nežádoucí software
Cesta: file:_C:\Users\standa\Downloads\ccsetup540.exe; file:_C:\Users\standa\Downloads\ccsetup562.exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Uživatel
Uživatel: DESKTOP-J5SRGEL\standa
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.339.1355.0, AS: 1.339.1355.0, NIS: 1.339.1355.0
Verze modulu: AM: 1.1.18100.6, NIS: 1.1.18100.6
Date: 2021-05-25 16:08:08
Description:
Antivirová ochrana v programu Microsoft Defender narazil na kritickou chybu při provádění akce s malwarem nebo jiným potenciálně nežádoucím softwarem.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Script/Phonzy.A!ml
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\standa\Desktop\zoek.exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Systém
Uživatel: DESKTOP-J5SRGEL\standa
Název procesu: Unknown
Akce: Neznámý
Stav akce: No additional actions required
Kód chyby: 0x80508032
Popis chyby: Došlo k neočekávaným potížím. Nainstalujte všechny dostupné aktualizace a potom opakujte spuštění programu. Informace o instalaci aktualizací naleznete v nápovědě a podpoře.
Verze bezpečnostních informací: AV: 1.339.1355.0, AS: 1.339.1355.0, NIS: 1.339.1355.0
Verze modulu: AM: 1.1.18100.6, NIS: 1.1.18100.6
Date: 2021-05-09 16:00:39
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 1.339.289.0
Předchozí verze bezpečnostních informací: 1.337.639.0
Zdroj aktualizace: Uživatel
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Delta
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 1.1.18100.6
Předchozí verze modulu: 1.1.18100.5
Kód chyby: 0x80070666
Popis chyby: Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.
Date: 2021-05-09 16:00:39
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 1.339.289.0
Předchozí verze bezpečnostních informací: 1.337.639.0
Zdroj aktualizace: Uživatel
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Delta
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 1.1.18100.6
Předchozí verze modulu: 1.1.18100.5
Kód chyby: 0x80070666
Popis chyby: Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.
Date: 2021-05-09 16:00:39
Description:
Program Antivirová ochrana v programu Microsoft Defender zjistil chybu při pokusu o aktualizaci modulu
Nová verze modulu: 1.1.18100.6
Předchozí verze modulu: 1.1.18100.5
Uživatel: NT AUTHORITY\SYSTEM
Kód chyby: 0x80070666
Popis chyby: Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.
Date: 2021-04-27 07:48:29
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.335.1657.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18000.5
Kód chyby: 0x80070643
Popis chyby: Při instalaci došlo k závažné chybě.
CodeIntegrity:
===============
Date: 2021-04-19 15:08:57
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2021-04-19 15:08:21
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Windows signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. X556UR.316 04/16/2019
Motherboard: ASUSTeK COMPUTER INC. X556UR
Processor: Intel(R) Core(TM) i5-6198DU CPU @ 2.30GHz
Percentage of memory in use: 73%
Total physical RAM: 8059.11 MB
Available physical RAM: 2168.71 MB
Total Virtual: 14408.76 MB
Available Virtual: 7670.12 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:475.83 GB) (Free:251.28 GB) NTFS ==>[system with boot components (obtained from drive)]
\\?\Volume{678e74a6-88ec-45f7-a1ce-a04300aeb2c5}\ () (Fixed) (Total:0.83 GB) (Free:0.4 GB) NTFS
\\?\Volume{a52d5a3c-d378-490a-bf3a-46b080250ea5}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: BFCF66A5)
Partition: GPT.
==================== End of Addition.txt =======================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 25-05-2021
Ran by standa (administrator) on DESKTOP-J5SRGEL (ASUSTeK COMPUTER INC. X556UR) (25-05-2021 19:12:50)
Running from C:\Users\standa\Downloads
Loaded Profiles: standa & hanah
Platform: Windows 10 Home Version 20H2 19042.985 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\SecureLine VPN\VpnSvc.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <32>
(HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13426.20920.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\MsMpEng.exe
(Microworld Technologies Inc. -> MicroWorld Technologies Inc.) C:\Users\standa\AppData\Local\Temp\mexe.com
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <3>
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2>
(TeamViewer -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2771576 2015-12-09] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1846016 2015-12-09] (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [File not signed]
HKU\S-1-5-21-2132360492-723632287-2629535127-1001\...\Run: [GoogleChromeAutoLaunch_6530F5102E69735431FAA248529CFAF0] => "C:\Program Files\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5
HKU\S-1-5-21-2132360492-723632287-2629535127-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [33770112 2021-05-20] (Piriform Software Ltd -> Piriform Software Ltd)
HKLM\...\Print\Monitors\HP D811 Status Monitor: C:\Windows\system32\hpinkstsD811LM.dll [393352 2017-04-05] (Hewlett Packard -> HP Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\90.0.4430.212\Installer\chrmstp.exe [2021-05-12] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Avast SecureLine VPN.lnk [2021-05-25]
ShortcutTarget: Avast SecureLine VPN.lnk -> C:\Program Files\AVAST Software\SecureLine VPN\Vpn.exe (Avast Software s.r.o. -> AVAST Software)
BootExecute: autocheck autochk * icarus_rvrt.exe
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {16AD2706-778D-4FC6-A509-C2CF7AB7D655} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [141144 2021-05-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {1785B25A-D5DB-48B8-8986-45F1974EB1B3} - System32\Tasks\IcarusAvastVpnUpgrade => C:\Program Files\AVAST Software\SecureLine\setup\avast_vpn_online_setup.exe -> /silent /ShowVpnGui=0 /RestartUpdaterTaskName=IcarusAvastVpnUpgrade /RestartUpdaterAppExe="C:\Program Files\AVAST Software\SecureLine\setup\avast_vpn_online_setup.exe"
Task: {18F9E70F-7D92-4E68-B9AE-CD0175FDFE61} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [28158080 2021-05-20] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {1A75D05C-251A-447B-AB0C-5C2362AE8079} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-02-14] (Google LLC -> Google LLC)
Task: {26C97CE0-C81D-4DAF-ABB9-C08314117A4E} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor Logon => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [38504 2021-05-12] (HP Inc. -> HP Inc.)
Task: {40AAE5E9-8B5D-4F37-B03B-1FD384E1300A} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [696816 2021-05-25] (Mozilla Corporation -> Mozilla Foundation)
Task: {4734CB73-D8E0-443D-9F78-6893B25D8A40} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [141144 2021-05-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {6AA8F7C2-F8B9-4473-855B-6E15787BD164} - System32\Tasks\Avast Software\Avast SecureLine VPN Bug Report => C:\Program Files\Avast Software\SecureLine VPN\AvBugReport.exe [4866784 2021-05-11] (Avast Software s.r.o. -> AVAST Software) -> --send "dumps|report" --silent --product 11 --programpath "C:\Program Files\Avast Software\SecureLine VPN" --configpath "C:\ProgramData\Avast Software\SecureLine VPN" --path "C:\ProgramData\Avast Software\SecureLine VPN\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --guid 6d670568-9067-4d67-896c-3531811857e2
Task: {752D5DB1-BC71-499C-A6A0-EC6F848A1E5D} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23103392 2021-04-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {758D18B5-4B92-47DD-931A-C26D9208EBF3} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2021-02-14] (Dropbox, Inc -> Dropbox, Inc.)
Task: {79DAA134-8091-47C5-B077-D8C79EA7F9A8} - System32\Tasks\DropboxOEM => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [585000 2016-09-21] (Dropbox, Inc -> )
Task: {7DD9ACBB-BD5D-4C23-AA79-45A855377536} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-05-20] (Piriform Software Ltd -> Piriform)
Task: {94DDE213-114F-41EC-B175-BFF55EB79A73} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [38504 2021-05-12] (HP Inc. -> HP Inc.)
Task: {9C5E7F86-3C8F-42AE-817C-3EA05C8C14C3} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23103392 2021-04-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {A301180F-7C2C-42E2-93DE-FC04A84B893E} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506368 2018-11-01] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {A62AECC7-00A5-4D56-AAF6-B9848DDDE809} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\MpCmdRun.exe [595288 2021-05-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A88C38A4-2E02-4737-AE3A-909F08B720D0} - System32\Tasks\Avast Software\Avast SecureLine VPN Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-vpn\icarus.exe [5865696 2021-05-20] (Avast Software s.r.o. -> Avast Software)
Task: {AE0DC734-5DC0-4429-9BB2-EDC90D89A2E5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-02-14] (Google LLC -> Google LLC)
Task: {BDDE9473-00A1-462C-B1DE-46B03B970D2B} - System32\Tasks\Avast SecureLine VPN Update => C:\Program Files\Avast Software\SecureLine VPN\VpnUpdate.exe [1197792 2021-05-11] (Avast Software s.r.o. -> AVAST Software)
Task: {C2937FC3-AC63-4FB0-AC92-0B6828D83CE7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\MpCmdRun.exe [595288 2021-05-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {CC4F7D34-0521-40DD-9964-11DA172535E7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\MpCmdRun.exe [595288 2021-05-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D65C6E9D-90CD-4F93-AA2F-F873E77EC7AB} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(1): schtasks.exe -> /Change /TN "\Antivirus Emergency Update" /ENABLE
Task: {D65C6E9D-90CD-4F93-AA2F-F873E77EC7AB} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(2): schtasks.exe -> /Change /TN "\Avast SecureLine VPN Update" /ENABLE
Task: {D65C6E9D-90CD-4F93-AA2F-F873E77EC7AB} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(3): schtasks.exe -> /Change /TN "\CCleaner Update" /ENABLE
Task: {D65C6E9D-90CD-4F93-AA2F-F873E77EC7AB} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(4): schtasks.exe -> /Change /TN "\CCleanerSkipUAC" /ENABLE
Task: {D65C6E9D-90CD-4F93-AA2F-F873E77EC7AB} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(5): schtasks.exe -> /Change /TN "\DropboxOEM" /ENABLE
Task: {D65C6E9D-90CD-4F93-AA2F-F873E77EC7AB} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(6): schtasks.exe -> /Change /TN "\DropboxUpdateTaskMachineCore" /ENABLE
Task: {D65C6E9D-90CD-4F93-AA2F-F873E77EC7AB} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(7): schtasks.exe -> /Change /TN "\DropboxUpdateTaskMachineUA" /ENABLE
Task: {D65C6E9D-90CD-4F93-AA2F-F873E77EC7AB} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(8): schtasks.exe -> /Change /TN "\IcarusAvastVpnUpgrade" /ENABLE
Task: {D65C6E9D-90CD-4F93-AA2F-F873E77EC7AB} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(9): schtasks.exe -> /Change /TN "\MicrosoftEdgeUpdateTaskMachineCore" /ENABLE
Task: {D65C6E9D-90CD-4F93-AA2F-F873E77EC7AB} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(10): schtasks.exe -> /Change /TN "\MicrosoftEdgeUpdateTaskMachineUA" /ENABLE
Task: {D65C6E9D-90CD-4F93-AA2F-F873E77EC7AB} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(11): schtasks.exe -> /Change /TN "\OneDrive Standalone Update Task-S-1-5-21-2132360492-723632287-2629535127-1001" /ENABLE
Task: {D65C6E9D-90CD-4F93-AA2F-F873E77EC7AB} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(12): schtasks.exe -> /Change /TN "\OneDrive Standalone Update Task-S-1-5-21-2132360492-723632287-2629535127-1002" /ENABLE
Task: {D65C6E9D-90CD-4F93-AA2F-F873E77EC7AB} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(13): schtasks.exe -> /Change /TN "\RtHDVBg_ListenToDevice" /ENABLE
Task: {D65C6E9D-90CD-4F93-AA2F-F873E77EC7AB} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(14): schtasks.exe -> /Change /TN "\RTKCPL" /ENABLE
Task: {D65C6E9D-90CD-4F93-AA2F-F873E77EC7AB} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(15): schtasks.exe -> /Change /TN "\AVAST Software\Gaming mode Task Scheduler recovery" /DISABLE
Task: {E9662DD1-EF8D-4BDF-8669-01A41429DD8E} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506368 2018-11-01] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {E9BADE62-406A-4788-AE16-25D9E6EAC127} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\MpCmdRun.exe [595288 2021-05-15] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F2C6D650-C4BA-4A97-BB46-D84DCD92D1F9} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2021-02-14] (Dropbox, Inc -> Dropbox, Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\WpsNotifyTask_Administrator.job => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5247\wtoolex\wpsnotify.exe
Task: C:\WINDOWS\Tasks\WpsUpdateTask_Administrator.job => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5247\wtoolex\wpsupdate.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{270ea8cf-b547-4abf-8d97-3949c6eda3b9}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{8c31ac88-b000-42e5-89b9-01fa484bb71e}: [DhcpNameServer] 192.168.1.1
Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\standa\AppData\Local\Microsoft\Edge\User Data\Default [2021-05-25]
Edge Profile: C:\Users\standa\AppData\Local\Microsoft\Edge\User Data\Profile 1 [2021-05-25]
FireFox:
========
FF DefaultProfile: 2xjobbz8.default
FF ProfilePath: C:\Users\standa\AppData\Roaming\Mozilla\Firefox\Profiles\2xjobbz8.default [2021-02-14]
FF ProfilePath: C:\Users\standa\AppData\Roaming\Mozilla\Firefox\Profiles\z806poz8.default-release [2021-05-25]
FF NewTab: Mozilla\Firefox\Profiles\z806poz8.default-release -> about:newtab
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-05-12] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-07-10] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-07-10] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-07-10] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-07-10] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-08-24] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-08-24] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-03-04] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\standa\AppData\Local\Google\Chrome\User Data\Default [2021-05-25]
CHR StartupUrls: Default -> "hxxps://www.google.com/"
CHR DefaultSearchURL: Default -> hxxps://search.yahoo.com/search?fr=mcafee_uninternational&type=E210CZ91105G0&p={searchTerms}
CHR DefaultSearchKeyword: Default -> mcafee
CHR Session Restore: Default -> is enabled.
CHR Extension: (HP Print pro Chrome) - C:\Users\standa\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjanmonomjogheabiocdamfpknlpdehm [2021-02-14]
CHR Extension: (Videostream for Google Chromecast™) - C:\Users\standa\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnciopoikihiagdjbjpnocolokfelagl [2021-02-14]
CHR Extension: (Diagnostika připojení Chrome) - C:\Users\standa\AppData\Local\Google\Chrome\User Data\Default\Extensions\eemlkeanncmjljgehlbplemhmdmalhdc [2021-02-14]
CHR Extension: (Nástroj na obnovení Chromebooku) - C:\Users\standa\AppData\Local\Google\Chrome\User Data\Default\Extensions\jndclpdbaamdhonoechobihbbiimdgai [2021-02-14]
CHR Extension: (Google Play) - C:\Users\standa\AppData\Local\Google\Chrome\User Data\Default\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi [2021-02-14]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\standa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-14]
CHR Extension: (Amazon Assistant for Chrome) - C:\Users\standa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam [2021-05-25]
CHR Extension: (Chrome Media Router) - C:\Users\standa\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-05-11]
CHR Profile: C:\Users\standa\AppData\Local\Google\Chrome\User Data\Profile 1 [2021-05-11]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\standa\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-14]
CHR Extension: (Chrome Media Router) - C:\Users\standa\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-03-18]
CHR Profile: C:\Users\standa\AppData\Local\Google\Chrome\User Data\System Profile [2021-05-11]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8798600 2021-04-28] (Microsoft Corporation -> Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2021-02-14] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2021-02-14] (Dropbox, Inc -> Dropbox, Inc.)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [288360 2021-05-12] (HP Inc. -> HP Inc.)
S3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [File not signed]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [File not signed]
S2 Kingsoft_WPS_UpdateService; C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5247\wtoolex\wpsupdatesvr.exe [133480 2016-04-03] (Zhuhai Kingsoft Office Software Co.,Ltd -> Zhuhai Kingsoft Office Software Co.,Ltd)
R2 SecureLine; C:\Program Files\Avast Software\SecureLine VPN\VpnSvc.exe [8615648 2021-05-11] (Avast Software s.r.o. -> AVAST Software)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5495056 2015-06-17] (TeamViewer -> TeamViewer GmbH)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\NisSrv.exe [2599328 2021-05-15] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\MsMpEng.exe [128376 2021-05-15] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ASMMAP64; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [18048 2015-05-08] (Microsoft Windows Hardware Compatibility Publisher -> ASUS)
R3 AsusSGDrv; C:\WINDOWS\System32\drivers\AsusSGDrv.sys [141304 2015-12-18] (ASUSTeK Computer Inc. -> ASUS Corporation)
S3 aswVpnRdr; C:\WINDOWS\System32\drivers\aswVpnRdr.sys [59312 2021-02-14] (Avast Software s.r.o. -> Avast Software)
R1 ATKWMIACPIIO; C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [20096 2015-05-08] (Microsoft Windows Hardware Compatibility Publisher -> ASUSTek Computer Inc.)
S3 bmfilter; C:\WINDOWS\System32\drivers\qcusbfilter.sys [55304 2018-02-27] (Microsoft Windows Hardware Compatibility Publisher -> QUALCOMM Incorporated)
S3 bmusbser; C:\WINDOWS\System32\drivers\qcusbser.sys [251400 2018-02-27] (Microsoft Windows Hardware Compatibility Publisher -> QUALCOMM Incorporated)
S3 dg_ssudbus; C:\WINDOWS\System32\drivers\ssudbus2.sys [159600 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 DSI_SiUSBXp_3_1; C:\WINDOWS\system32\drivers\DSI_SiUSBXp_3_1.sys [16384 2007-09-06] (Microsoft Windows Hardware Compatibility Publisher -> Silicon Laboratories)
S3 eu3eusbser; C:\WINDOWS\System32\drivers\eu3eusbser.sys [121984 2016-01-04] (Microsoft Windows Hardware Compatibility Publisher -> )
R3 HIDSwitch; C:\WINDOWS\System32\drivers\AsRadioControl.sys [32696 2020-11-19] (ASUSTek Computer Inc. -> ASUS)
S3 HPEWSFXBULK; C:\WINDOWS\system32\drivers\hpfx64bulk.sys [29280 2018-09-11] (Hewlett-Packard Company -> Hewlett Packard)
S3 KMWDFILTER; C:\WINDOWS\System32\drivers\KMWDFILTER.sys [30208 2009-04-29] (MLK Technologies Limited -> Windows (R) Codename Longhorn DDK provider)
R3 MpKsl57630379; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{2BD841C7-C7AE-43B5-A2E9-7E45AE87EC5B}\MpKslDrv.sys [107744 2021-05-25] (Microsoft Windows -> Microsoft Corporation)
R3 MpKsld3c22837; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{00F7EC56-90B7-4A9D-B67B-0F204C207CDF}\MpKslDrv.sys [107744 2021-05-25] (Microsoft Windows -> Microsoft Corporation)
S3 NVSWCFilter; C:\WINDOWS\System32\drivers\nvswcfilter.sys [28344 2016-05-09] (Nvidia Corporation -> Windows (R) Win 7 DDK provider)
S3 ssudqcfilter; C:\WINDOWS\System32\drivers\ssudqcfilter.sys [64880 2020-11-11] (Samsung Electronics Co., Ltd. -> QUALCOMM Incorporated)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49560 2021-05-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [421112 2021-05-15] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\System32\drivers\usb2ser.sys [151184 2016-07-15] (NGO -> MBB)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [73960 2021-05-15] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-05-25 19:16 - 2021-05-25 19:17 - 000000000 ____D C:\Program Files (x86)\trend micro
2021-05-25 19:16 - 2021-05-25 19:16 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-05-25 19:07 - 2021-05-25 19:07 - 002299904 _____ (Farbar) C:\Users\standa\Downloads\FRST64(2).exe
2021-05-25 19:07 - 2021-05-25 19:07 - 001107968 _____ C:\Users\standa\Downloads\RSIT.exe
2021-05-25 19:06 - 2021-05-25 19:06 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-05-25 19:04 - 2021-05-25 19:05 - 002299904 _____ (Farbar) C:\Users\standa\Downloads\FRST64 (3).exe
2021-05-25 18:57 - 2021-05-25 18:57 - 002299904 _____ (Farbar) C:\Users\standa\Downloads\Nepotvrzeno 374659.crdownload
2021-05-25 18:56 - 2021-05-25 18:56 - 002299904 _____ (Farbar) C:\Users\standa\Downloads\FRST64 (1).exe
2021-05-25 18:51 - 2021-05-25 18:51 - 000001056 _____ C:\Users\standa\Desktop\MWAVSCAN.lnk
2021-05-25 18:51 - 2021-05-25 18:51 - 000000000 ____D C:\ProgramData\MicroWorld
2021-05-25 18:43 - 2021-05-25 18:45 - 254521712 _____ C:\Users\standa\Downloads\mwav (2).exe
2021-05-23 15:13 - 2021-05-23 15:13 - 000504816 _____ C:\Users\standa\Downloads\2200080958 (1).pdf
2021-05-23 14:22 - 2021-05-23 14:22 - 000002519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2021-05-23 14:22 - 2021-05-23 14:22 - 000002513 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk
2021-05-23 14:22 - 2021-05-23 14:22 - 000002490 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk
2021-05-23 14:22 - 2021-05-23 14:22 - 000002485 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk
2021-05-23 14:22 - 2021-05-23 14:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje Microsoft Office 2016
2021-05-17 21:20 - 2021-05-17 21:20 - 000352967 _____ C:\Users\standa\Downloads\Technick-list-kamenny-a-mramorovy-koberec-epoxi(7).pdf
2021-05-13 22:47 - 2021-05-13 22:47 - 000002519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk
2021-05-13 22:47 - 2021-05-13 22:47 - 000002513 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2021-05-13 22:47 - 2021-05-13 22:47 - 000002490 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2021-05-13 22:47 - 2021-05-13 22:47 - 000002485 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2021-05-13 21:28 - 2021-05-13 21:28 - 001687040 _____ C:\WINDOWS\system32\libcrypto.dll
2021-05-13 21:27 - 2021-05-13 21:27 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-05-13 21:27 - 2021-05-13 21:27 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-05-13 21:27 - 2021-05-13 21:27 - 001823816 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-05-13 21:27 - 2021-05-13 21:27 - 001393504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-05-13 21:27 - 2021-05-13 21:27 - 001314120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-05-13 21:27 - 2021-05-13 21:27 - 001163776 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-05-13 21:27 - 2021-05-13 21:27 - 000700928 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2021-05-13 21:27 - 2021-05-13 21:27 - 000165888 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-05-13 21:27 - 2021-05-13 21:27 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2021-05-13 21:27 - 2021-05-13 21:27 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe
2021-05-13 21:27 - 2021-05-13 21:27 - 000011351 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-05-13 21:19 - 2021-05-13 21:19 - 000000000 ____D C:\WINDOWS\system32\Tasks\HP
2021-05-13 21:19 - 2021-05-13 21:19 - 000000000 ____D C:\Program Files\HPPrintScanDoctor
2021-05-11 22:27 - 2021-05-11 22:29 - 000446464 _____ C:\Users\standa\Downloads\Objednana_MERRY_FISHER_695_S2-B2021 upravená verze.xls
2021-05-02 21:43 - 2021-05-02 21:43 - 000000000 ____D C:\Users\hanah\AppData\Roaming\Foxit Software
2021-05-02 17:39 - 2021-05-02 17:39 - 002709926 _____ C:\Users\standa\Downloads\Panasonic_Breadmaker_Croustina_SD-ZP2000_EN_User-Manual (1).pdf
2021-05-02 17:37 - 2021-05-02 17:37 - 002709926 _____ C:\Users\standa\Downloads\Panasonic_Breadmaker_Croustina_SD-ZP2000_EN_User-Manual.pdf
2021-04-28 21:22 - 2021-04-28 21:22 - 016142144 _____ (HP Inc.) C:\Users\standa\Downloads\HPPSdr (3).exe
2021-04-28 21:15 - 2021-04-28 21:15 - 000051240 _____ C:\Users\standa\Downloads\Informace o splatnosti k pojistné smlouvě číslo 8492051828.pdf
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-05-25 19:17 - 2021-02-14 09:52 - 000000000 ____D C:\ProgramData\Mozilla
2021-05-25 19:16 - 2021-02-14 09:52 - 000001007 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-05-25 19:16 - 2017-01-08 14:12 - 000000000 ____D C:\Users\standa\AppData\LocalLow\Mozilla
2021-05-25 19:14 - 2019-04-03 16:42 - 000025211 _____ C:\Users\standa\Downloads\FRST.txt
2021-05-25 19:13 - 2019-04-03 16:41 - 000000000 ____D C:\FRST
2021-05-25 19:05 - 2021-02-14 09:52 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-05-25 19:03 - 2021-02-14 01:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-05-25 18:32 - 2021-02-14 01:40 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-05-25 18:17 - 2021-02-14 15:39 - 000004028 _____ C:\WINDOWS\system32\Tasks\Avast SecureLine VPN Update
2021-05-25 18:17 - 2021-02-14 01:42 - 000000000 ____D C:\ProgramData\NVIDIA
2021-05-25 18:16 - 2021-03-19 19:09 - 000000000 ____D C:\Program Files\CCleaner
2021-05-25 16:07 - 2021-02-14 01:24 - 000000000 ___HD C:\Program Files\WindowsApps
2021-05-25 16:07 - 2021-02-14 01:24 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-05-25 15:51 - 2021-03-19 19:09 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-05-25 15:49 - 2021-02-14 01:24 - 000000000 ____D C:\WINDOWS\system32\NDF
2021-05-23 14:22 - 2016-11-04 03:56 - 000000000 ____D C:\Program Files\Microsoft Office
2021-05-23 14:16 - 2021-02-14 09:26 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-05-23 14:16 - 2021-02-14 09:26 - 000002276 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-05-20 11:50 - 2021-02-14 10:30 - 000081632 _____ (Avast Software) C:\WINDOWS\system32\icarus_rvrt.exe
2021-05-18 08:05 - 2021-02-17 18:16 - 000000000 ____D C:\Users\hanah\AppData\Local\Packages
2021-05-18 07:57 - 2017-01-22 12:37 - 000000000 ___RD C:\Users\hanah\OneDrive
2021-05-18 07:54 - 2021-02-14 01:24 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-05-18 07:54 - 2017-01-22 12:36 - 000000000 __SHD C:\Users\hanah\IntelGraphicsProfiles
2021-05-16 08:54 - 2021-02-14 09:16 - 000000000 ____D C:\Users\standa\AppData\Local\Packages
2021-05-15 22:15 - 2021-02-14 01:41 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-05-15 17:15 - 2021-02-14 01:23 - 000000000 ____D C:\WINDOWS\INF
2021-05-14 07:42 - 2021-02-14 01:26 - 000719496 _____ C:\WINDOWS\system32\perfh005.dat
2021-05-14 07:42 - 2021-02-14 01:26 - 000145622 _____ C:\WINDOWS\system32\perfc005.dat
2021-05-14 07:42 - 2016-04-03 06:19 - 001693140 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-05-13 23:08 - 2021-02-14 09:24 - 000000000 ____D C:\Users\standa\AppData\Local\PlaceholderTileLogoFolder
2021-05-13 22:49 - 2017-01-08 13:28 - 000000000 ___RD C:\Users\standa\OneDrive
2021-05-13 22:48 - 2017-01-08 13:26 - 000000000 __SHD C:\Users\standa\IntelGraphicsProfiles
2021-05-13 22:47 - 2021-02-14 01:24 - 000000000 ____D C:\WINDOWS\ServiceState
2021-05-13 22:47 - 2020-11-06 20:34 - 000008192 ___SH C:\DumpStack.log.tmp
2021-05-13 22:46 - 2021-02-14 01:41 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-05-13 22:46 - 2021-02-14 01:40 - 000436504 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-05-13 22:46 - 2016-04-03 06:35 - 000000948 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2021-05-13 22:46 - 2016-04-03 06:35 - 000000944 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2021-05-13 22:45 - 2021-02-14 01:18 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-05-13 22:44 - 2021-02-14 01:27 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2021-05-13 22:44 - 2021-02-14 01:24 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-05-13 22:44 - 2021-02-14 01:24 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2021-05-13 22:44 - 2021-02-14 01:24 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-05-13 22:44 - 2021-02-14 01:24 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-05-13 22:44 - 2021-02-14 01:24 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2021-05-13 22:44 - 2021-02-14 01:24 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-05-13 22:44 - 2021-02-14 01:24 - 000000000 ____D C:\WINDOWS\SystemResources
2021-05-13 22:44 - 2021-02-14 01:24 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2021-05-13 22:44 - 2021-02-14 01:24 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-05-13 22:44 - 2021-02-14 01:24 - 000000000 ____D C:\WINDOWS\system32\setup
2021-05-13 22:44 - 2021-02-14 01:24 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-05-13 22:44 - 2021-02-14 01:24 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2021-05-13 22:44 - 2021-02-14 01:24 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-05-13 22:44 - 2021-02-14 01:24 - 000000000 ____D C:\WINDOWS\Provisioning
2021-05-13 22:44 - 2021-02-14 01:24 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-05-13 22:44 - 2021-02-14 01:24 - 000000000 ____D C:\WINDOWS\DiagTrack
2021-05-13 22:44 - 2021-02-14 01:24 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-05-13 21:57 - 2021-02-14 01:24 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-05-13 21:30 - 2021-02-14 01:24 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2021-05-13 21:30 - 2021-02-14 01:19 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-05-12 17:00 - 2021-02-14 09:33 - 000002249 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-05-12 17:00 - 2021-02-14 09:33 - 000002208 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-05-11 22:24 - 2021-02-11 16:41 - 000446464 _____ C:\Users\standa\Downloads\Objednana_MERRY_FISHER_695_S2-B2021.xls
2021-05-11 19:08 - 2021-02-14 09:51 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-05-11 19:05 - 2021-02-14 09:51 - 132732536 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-05-10 19:43 - 2021-02-17 18:17 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2132360492-723632287-2629535127-1002
2021-05-10 19:43 - 2021-02-14 01:54 - 000002363 _____ C:\Users\hanah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-05-09 15:59 - 2021-02-14 09:19 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2132360492-723632287-2629535127-1001
2021-05-09 15:59 - 2021-02-14 01:54 - 000002366 _____ C:\Users\standa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-05-05 18:11 - 2021-02-14 02:12 - 000004008 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineUA
2021-05-05 18:11 - 2021-02-14 02:12 - 000003776 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineCore
2021-05-02 21:43 - 2021-02-17 18:21 - 000000000 ____D C:\Users\hanah\AppData\Local\PlaceholderTileLogoFolder
2021-04-28 21:57 - 2021-02-14 09:16 - 000000000 ____D C:\ProgramData\Packages
2021-04-28 21:54 - 2021-04-10 08:02 - 000002378 _____ C:\Users\Public\Desktop\HP Print and Scan Doctor.lnk
2021-04-28 21:25 - 2021-04-10 08:02 - 000000000 ____D C:\ProgramData\HP
2021-04-26 18:56 - 2021-02-14 09:25 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-04-26 18:56 - 2021-02-14 09:25 - 000003460 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
==================== Files in the root of some directories ========
2021-05-25 19:25 - 2021-05-25 19:25 - 000000000 _____ () C:\Users\standa\AppData\Local\{93DF8DF9-272E-489A-A5CF-CC9464B1BB73}
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
nic mi to už nehlásí v ochraně díky moc za pomoc