Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27.01.2018
Ran by Mara (administrator) on DESKTOP-2SQL7M7 (09-01-2022 17:35:14)
Running from C:\Users\Mara\Desktop
Loaded Profiles: Mara (Available Profiles: Mara)
Platform: Windows 10 Home Version 2009 19043.1415 (X64) Language: Čeština (Česko)
Internet Explorer Version 11 (Default browser: "C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe" --single-argument %1)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
Failed to access process -> Registry
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MsMpEng.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
(TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\NisSrv.exe
(TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(Piriform Software) C:\Program Files (x86)\CCleaner Browser\Update\1.8.1067.0\CCleanerBrowserCrashHandler.exe
(Microsoft Corporation) C:\Windows\System32\SgrmBroker.exe
(Piriform Software) C:\Program Files (x86)\CCleaner Browser\Update\1.8.1067.0\CCleanerBrowserCrashHandler64.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
(Microsoft Corporation) C:\Windows\System32\SecurityHealthSystray.exe
(Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Garmin Ltd. or its subsidiaries) C:\Program Files (x86)\Garmin\Express\express.exe
(The CefSharp Authors) C:\Program Files (x86)\Garmin\Express\CefSharp.BrowserSubprocess.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
(The CefSharp Authors) C:\Program Files (x86)\Garmin\Express\CefSharp.BrowserSubprocess.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCopyAccelerator.exe
(Microsoft Corporation) C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\InputApp\TextInputHost.exe
(Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Piriform Software) C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe
(Piriform Software) C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe
(Piriform Software) C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe
() C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
(Opera Software) C:\Program Files\Opera\opera.exe
(Opera Software) C:\Program Files\Opera\82.0.4227.43\opera_crashreporter.exe
(Opera Software) C:\Program Files\Opera\opera.exe
(Opera Software) C:\Program Files\Opera\opera.exe
(Opera Software) C:\Program Files\Opera\opera.exe
(Opera Software) C:\Program Files\Opera\opera.exe
(Opera Software) C:\Program Files\Opera\opera.exe
(Opera Software) C:\Program Files\Opera\opera.exe
(Opera Software) C:\Program Files\Opera\opera.exe
(Opera Software) C:\Program Files\Opera\opera.exe
() C:\Program Files\WindowsApps\VideoLAN.VLC_3.2.1.0_x64__paz6r1rewnh0a\VLC.Universal.exe
(Opera Software) C:\Program Files\Opera\opera.exe
(Opera Software) C:\Program Files\Opera\opera.exe
(Opera Software) C:\Program Files\Opera\opera.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Opera Software) C:\Program Files\Opera\opera.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\WINDOWS\system32\SecurityHealthSystray.exe [86016 2019-12-07] (Microsoft Corporation)
HKLM-x32\...\Run: [Opera Browser Assistant] => C:\Program Files\Opera\assistant\browser_assistant.exe [4105424 2021-10-14] (Opera Software)
HKU\S-1-5-21-772858087-439378103-3593226653-1001\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Mara\AppData\Roaming\Seznam.cz\szninstall.exe [1069296 2018-03-27] ()
HKU\S-1-5-21-772858087-439378103-3593226653-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Mara\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [109808 2018-03-27] ()
HKU\S-1-5-21-772858087-439378103-3593226653-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [32726088 2021-03-05] (Piriform Software Ltd)
HKU\S-1-5-21-772858087-439378103-3593226653-1001\...\Run: [CCleanerBrowserAutoLaunch_07B15DBA980ABD67C429B3EEA66DB950] => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [2521976 2021-12-15] (Piriform Software)
HKU\S-1-5-21-772858087-439378103-3593226653-1001\...\Run: [008C8440DA6DCB1E2358F56A38F2018EDEBF2926._service_run] => C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe [3427720 2022-01-06] (Microsoft Corporation)
HKU\S-1-5-21-772858087-439378103-3593226653-1001\...\Run: [GarminExpress] => C:\Program Files (x86)\Garmin\Express\express.exe [31184216 2021-11-15] (Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-772858087-439378103-3593226653-1001\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Mara\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe"
HKU\S-1-5-21-772858087-439378103-3593226653-1001\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Mara\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe"
HKU\S-1-5-21-772858087-439378103-3593226653-1001\...\RunOnce: [Uninstall 21.220.1024.0005] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Mara\AppData\Local\Microsoft\OneDrive\21.220.1024.0005"
HKU\S-1-5-21-772858087-439378103-3593226653-1001\...\RunOnce: [FlashPlayerUpdate] => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_465_pepper.exe [1499704 2020-12-08] (Adobe)
HKU\S-1-5-21-772858087-439378103-3593226653-1001\...\MountPoints2: {2ce6701c-25b8-11ea-9a46-0025d32f82ff} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-772858087-439378103-3593226653-1001\...\MountPoints2: {7956173a-300e-11ec-9a7d-0025d32f82ff} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-772858087-439378103-3593226653-1001\...\MountPoints2: {94c6ea77-8cd8-11e7-a590-4061860b4475} - "F:\OnePlus_setup.exe" /s
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter "C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter"
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.15.1
Tcpip\..\Interfaces\{163113ee-5f44-4a63-be4f-f28fe1554749}: [DhcpNameServer] 192.168.15.1
Internet Explorer:
==================
BHO: IEToEdge BHO -> {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} -> C:\Program Files (x86)\Microsoft\Edge\Application\97.0.1072.55\BHO\ie_to_edge_bho_64.dll [2022-01-06] (Microsoft Corporation)
BHO-x32: IEToEdge BHO -> {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} -> C:\Program Files (x86)\Microsoft\Edge\Application\97.0.1072.55\BHO\ie_to_edge_bho.dll [2022-01-06] (Microsoft Corporation)
Edge:
======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
FireFox:
========
FF DefaultProfile: rawzxbc2.default-1570641619220
FF ProfilePath: Profiles/rawzxbc2.default-1570641619220 [not found] <==== ATTENTION
FF ProfilePath: C:\Users\Mara\AppData\Roaming\Mozilla\Firefox\Profiles\rawzxbc2.default-1570641619220 [2021-03-29]
FF Extension: (Seznam doplněk - Esko) - C:\Users\Mara\AppData\Roaming\Mozilla\Firefox\Profiles\rawzxbc2.default-1570641619220\Extensions\sko-extension@firma.seznam.cz.xpi [2018-12-05]
FF Extension: (Seznam doplněk - Email) - C:\Users\Mara\AppData\Roaming\Mozilla\Firefox\Profiles\rawzxbc2.default-1570641619220\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}.xpi [2018-12-05]
FF Extension: (DoH Roll-Out) - C:\Program Files\Mozilla Firefox\browser\features\doh-rollout@mozilla.org.xpi [2020-01-29] [not signed]
FF Extension: (WebCompat Reporter) - C:\Program Files\Mozilla Firefox\browser\features\webcompat-reporter@mozilla.org.xpi [2020-01-29] [not signed]
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2021-09-09] (Adobe Systems Inc.)
FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=3 -> C:\Program Files (x86)\CCleaner Browser\Update\1.8.1067.0\npCCleanerBrowserUpdate3.dll [2020-09-15] (Piriform Software)
FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=9 -> C:\Program Files (x86)\CCleaner Browser\Update\1.8.1067.0\npCCleanerBrowserUpdate3.dll [2020-09-15] (Piriform Software)
Chrome:
=======
CHR Profile: C:\Users\Mara\AppData\Local\Google\Chrome\User Data\Default [2021-12-20]
CHR Extension: (Prezentace) - C:\Users\Mara\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-02-26]
CHR Extension: (Dokumenty) - C:\Users\Mara\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-02-26]
CHR Extension: (Disk Google) - C:\Users\Mara\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-12-09]
CHR Extension: (YouTube) - C:\Users\Mara\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-02-26]
CHR Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\Mara\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2021-12-20]
CHR Extension: (Tabulky) - C:\Users\Mara\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-02-26]
CHR Extension: (Dokumenty Google offline) - C:\Users\Mara\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-12-20]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Mara\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-12-20]
CHR Extension: (Gmail) - C:\Users\Mara\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-12-09]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
Opera:
=======
OPR Extension: (Opera Software) - C:\Users\Mara\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2022-01-09]
OPR Extension: (Opera Software) - C:\Users\Mara\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2021-11-11]
StartMenuInternet: (HKLM) OperaStable - C:\Program Files\Opera\Launcher.exe
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AarSvc; C:\WINDOWS\System32\AarSvc.dll [465408 2021-10-18] (Microsoft Corporation)
S3 AarSvc; C:\WINDOWS\SysWOW64\AarSvc.dll [354816 2021-10-18] (Microsoft Corporation)
S3 AarSvc_7f25e; C:\WINDOWS\system32\svchost.exe [57360 2020-10-13] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 AarSvc_7f25e; C:\WINDOWS\SysWOW64\svchost.exe [47016 2020-10-13] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-08] (Adobe)
S3 autotimesvc; C:\WINDOWS\System32\autotimesvc.dll [114176 2021-01-13] (Microsoft Corporation)
S3 BcastDVRUserService; C:\WINDOWS\System32\BcastDVRUserService.dll [1389056 2021-12-20] (Microsoft Corporation)
S3 BcastDVRUserService_7f25e; C:\WINDOWS\system32\svchost.exe [57360 2020-10-13] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 BcastDVRUserService_7f25e; C:\WINDOWS\SysWOW64\svchost.exe [47016 2020-10-13] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 BluetoothUserService; C:\WINDOWS\System32\Microsoft.Bluetooth.UserService.dll [500736 2021-01-13] (Microsoft Corporation)
S3 BluetoothUserService_7f25e; C:\WINDOWS\system32\svchost.exe [57360 2020-10-13] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 BluetoothUserService_7f25e; C:\WINDOWS\SysWOW64\svchost.exe [47016 2020-10-13] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
R2 BrokerInfrastructure; C:\WINDOWS\System32\psmsrv.dll [247296 2020-12-09] (Microsoft Corporation)
S3 BTAGService; C:\WINDOWS\System32\BTAGService.dll [1023488 2021-01-13] (Microsoft Corporation)
S3 BTAGService; C:\WINDOWS\SysWOW64\BTAGService.dll [733696 2021-01-13] (Microsoft Corporation)
R3 BthAvctpSvc; C:\WINDOWS\System32\BthAvctpSvc.dll [399872 2021-09-21] (Microsoft Corporation)
S3 CaptureService; C:\WINDOWS\System32\CaptureService.dll [130560 2021-02-10] (Microsoft Corporation)
S3 CaptureService_7f25e; C:\WINDOWS\system32\svchost.exe [57360 2020-10-13] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 CaptureService_7f25e; C:\WINDOWS\SysWOW64\svchost.exe [47016 2020-10-13] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 cbdhsvc; C:\WINDOWS\System32\cbdhsvc.dll [1024000 2021-02-10] (Microsoft Corporation)
R3 cbdhsvc_7f25e; C:\WINDOWS\system32\svchost.exe [57360 2020-10-13] (Microsoft Corporation)
R3 cbdhsvc_7f25e; C:\WINDOWS\SysWOW64\svchost.exe [47016 2020-10-13] (Microsoft Corporation)
S2 ccleaner; C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [200928 2020-09-15] (Piriform Software)
S3 CCleanerBrowserElevationService; C:\Program Files (x86)\CCleaner Browser\Application\96.1.13589.113\elevation_service.exe [1721904 2021-12-15] (Piriform Software)
S3 ccleanerm; C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [200928 2020-09-15] (Piriform Software)
S3 ConsentUxUserSvc; C:\WINDOWS\System32\ConsentUxClient.dll [170496 2021-01-13] (Microsoft Corporation)
S3 CredentialEnrollmentManagerUserSvc; C:\WINDOWS\system32\CredentialEnrollmentManager.exe [382696 2021-09-21] (Microsoft Corporation)
S3 CredentialEnrollmentManagerUserSvc_7f25e; C:\WINDOWS\system32\CredentialEnrollmentManager.exe [382696 2021-09-21] (Microsoft Corporation)
S3 DeviceAssociationBrokerSvc; C:\WINDOWS\System32\deviceaccess.dll [240688 2021-01-13] (Microsoft Corporation)
S3 DeviceAssociationBrokerSvc; C:\WINDOWS\SysWOW64\deviceaccess.dll [188536 2021-01-13] (Microsoft Corporation)
S3 DeviceAssociationBrokerSvc_7f25e; C:\WINDOWS\system32\svchost.exe [57360 2020-10-13] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 DeviceAssociationBrokerSvc_7f25e; C:\WINDOWS\SysWOW64\svchost.exe [47016 2020-10-13] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 DevicePickerUserSvc; C:\WINDOWS\System32\Windows.Devices.Picker.dll [482816 2021-04-23] (Microsoft Corporation)
S3 DevicePickerUserSvc; C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll [342016 2021-04-23] (Microsoft Corporation)
R2 DispBrokerDesktopSvc; C:\WINDOWS\System32\DispBroker.Desktop.dll [382464 2021-10-18] (Microsoft Corporation)
R3 DisplayEnhancementService; C:\WINDOWS\system32\Microsoft.Graphics.Display.DisplayEnhancementService.dll [1192448 2021-04-23] (Microsoft Corporation)
S2 edgeupdate; C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [224160 2020-06-10] (Microsoft Corporation)
S3 edgeupdatem; C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [224160 2020-06-10] (Microsoft Corporation)
S3 GoogleChromeElevationService; C:\Program Files (x86)\Google\Chrome\Application\96.0.4664.110\elevation_service.exe [1392984 2021-12-12] (Google LLC)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [192320 2020-09-24] ()
S3 LxpSvc; C:\WINDOWS\System32\LanguageOverlayServer.dll [302080 2021-01-13] (Microsoft Corporation)
R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed]
S3 MicrosoftEdgeElevationService; C:\Program Files (x86)\Microsoft\Edge\Application\97.0.1072.55\elevation_service.exe [1610120 2022-01-06] (Microsoft Corporation)
S3 MixedRealityOpenXRSvc; C:\WINDOWS\System32\MixedRealityRuntime.dll [134768 2021-01-13] (Microsoft Corporation)
S3 MixedRealityOpenXRSvc; C:\WINDOWS\SysWOW64\MixedRealityRuntime.dll [104824 2021-01-13] (Microsoft Corporation)
S3 perceptionsimulation; C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe [106496 2021-01-13] (Microsoft Corporation)
R2 SgrmBroker; C:\WINDOWS\system32\SgrmBroker.exe [329504 2020-10-13] (Microsoft Corporation)
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [382976 2021-05-12] ()
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12986664 2021-12-17] (TeamViewer Germany GmbH)
S3 TroubleshootingSvc; C:\WINDOWS\system32\MitigationClient.dll [487936 2021-08-27] (Microsoft Corporation)
S3 tzautoupdate; C:\WINDOWS\SysWOW64\tzautoupdate.dll [73728 2021-01-13] (Microsoft Corporation)
S3 UdkUserSvc; C:\WINDOWS\System32\windowsudk.shellcommon.dll [2111488 2021-03-10] (Microsoft Corporation)
S4 uhssvc; C:\Program Files\Microsoft Update Health Tools\uhssvc.exe [353104 2021-09-08] (Microsoft Corporation)
R2 UsoSvc; C:\WINDOWS\system32\usosvc.dll [569856 2021-12-20] (Microsoft Corporation)
S3 VacSvc; C:\WINDOWS\System32\vac.dll [382720 2021-02-10] (Microsoft Corporation)
R3 WaaSMedicSvc; C:\WINDOWS\System32\WaaSMedicSvc.dll [430080 2021-11-11] (Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\NisSrv.exe [2876152 2021-12-15] (Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MsMpEng.exe [128360 2021-12-15] (Microsoft Corporation)
S3 wisvc; C:\WINDOWS\SysWOW64\flightsettings.dll [752536 2021-10-18] (Microsoft Corporation)
S3 WManSvc; C:\WINDOWS\system32\Windows.Management.Service.dll [815104 2021-10-18] (Microsoft Corporation)
S3 WpcMonSvc; C:\WINDOWS\System32\WpcDesktopMonSvc.dll [1871360 2021-11-11] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 Acx01000; C:\WINDOWS\System32\drivers\Acx01000.sys [415232 2019-12-07] (Microsoft Corporation)
R1 afunix; C:\WINDOWS\system32\drivers\afunix.sys [41984 2021-08-27] (Microsoft Corporation)
R1 afunix; C:\Windows\SysWOW64\drivers\afunix.sys [29696 2021-08-27] (Microsoft Corporation)
S3 amdgpio2; C:\WINDOWS\System32\drivers\amdgpio2.sys [18432 2019-12-07] (Advanced Micro Devices, Inc)
S3 amdi2c; C:\WINDOWS\System32\drivers\amdi2c.sys [45568 2019-12-07] (Advanced Micro Devices, Inc)
R1 BasicDisplay; C:\WINDOWS\System32\DriverStore\FileRepository\basicdisplay.inf_amd64_65ab9a260dbf7467\BasicDisplay.sys [68608 2021-04-23] (Microsoft Corporation)
R1 BasicRender; C:\WINDOWS\System32\DriverStore\FileRepository\basicrender.inf_amd64_df49c4daa6251397\BasicRender.sys [38912 2021-04-23] (Microsoft Corporation)
R2 bindflt; C:\WINDOWS\system32\drivers\bindflt.sys [148816 2021-10-18] (Microsoft Corporation)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthMini; C:\WINDOWS\System32\drivers\BTHMINI.sys [45568 2021-12-20] (Microsoft Corporation)
R1 CimFS; C:\Windows\System32\Drivers\CimFS.sys [98304 2021-10-18] ()
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2020-09-24] (Huawei Technologies Co., Ltd.)
S3 genericusbfn; C:\WINDOWS\System32\DriverStore\FileRepository\genericusbfn.inf_amd64_53931f0ae21d6d2c\genericusbfn.sys [23040 2019-12-07] (Microsoft Corporation)
S3 hidspi; C:\WINDOWS\System32\drivers\hidspi.sys [66560 2019-12-07] (Microsoft Corporation)
S4 hvcrash; C:\WINDOWS\System32\drivers\hvcrash.sys [35128 2019-12-07] (Microsoft Corporation)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2020-09-24] (Huawei Technologies Co., Ltd.)
S3 iaLPSS2i_GPIO2_CNL; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_CNL.sys [112128 2019-12-07] (Intel Corporation)
S3 iaLPSS2i_GPIO2_GLK; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_GLK.sys [96256 2019-12-07] (Intel Corporation)
S3 iaLPSS2i_I2C_CNL; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_CNL.sys [177152 2019-12-07] (Intel Corporation)
S3 iaLPSS2i_I2C_GLK; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_GLK.sys [177664 2019-12-07] (Intel Corporation)
S0 iaStorAVC; C:\WINDOWS\System32\drivers\iaStorAVC.sys [884752 2019-12-07] (Intel Corporation)
S3 intelpmax; C:\WINDOWS\System32\drivers\intelpmax.sys [30720 2019-12-07] (Microsoft Corporation)
S0 ItSas35i; C:\WINDOWS\System32\drivers\ItSas35i.sys [172344 2019-12-07] (Avago Technologies)
S3 MbbCx; C:\WINDOWS\System32\drivers\MbbCx.sys [391168 2021-08-27] (Microsoft Corporation)
S0 megasas35i; C:\WINDOWS\System32\drivers\megasas35i.sys [105480 2019-12-07] (Avago Technologies)
S3 Microsoft_Bluetooth_AvrcpTransport; C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.AvrcpTransport.sys [65024 2019-12-07] (Microsoft Corporation)
R3 MsQuic; C:\WINDOWS\System32\drivers\msquic.sys [322376 2020-09-25] (Microsoft Corporation)
S3 NDKPing; C:\WINDOWS\System32\drivers\NDKPing.sys [72720 2019-12-07] (Microsoft Corporation)
S0 nvdimm; C:\WINDOWS\System32\drivers\nvdimm.sys [168464 2019-12-07] (Microsoft Corporation)
S3 PktMon; C:\WINDOWS\System32\drivers\PktMon.sys [129848 2021-11-11] (Microsoft Corporation)
S3 portcfg; C:\WINDOWS\System32\drivers\portcfg.sys [27136 2019-12-07] (Microsoft Corporation)
R0 SgrmAgent; C:\WINDOWS\System32\drivers\SgrmAgent.sys [88080 2019-12-07] (Microsoft Corporation)
S0 SmartSAMD; C:\WINDOWS\System32\drivers\SmartSAMD.sys [209720 2019-12-07] (Microsemi Corportation)
S3 spaceparser; C:\WINDOWS\System32\drivers\spaceparser.sys [26624 2019-12-07] (Microsoft Corporation)
R0 Telemetry; C:\WINDOWS\System32\drivers\IntelTA.sys [26608 2020-10-13] (Microsoft Corporation)
S3 UcmUcsiAcpiClient; C:\WINDOWS\System32\drivers\UcmUcsiAcpiClient.sys [36864 2019-12-07] (Microsoft Corporation)
S3 UcmUcsiCx0101; C:\WINDOWS\System32\Drivers\UcmUcsiCx.sys [113152 2020-09-25] (Microsoft Corporation)
S3 UEFI; C:\WINDOWS\System32\DriverStore\FileRepository\uefi.inf_amd64_c1628ffa62c8e54c\UEFI.sys [34104 2019-12-07] (Microsoft Corporation)
S3 UfxChipidea; C:\WINDOWS\System32\DriverStore\FileRepository\ufxchipidea.inf_amd64_1c78775fffab6a0a\UfxChipidea.sys [110608 2019-12-07] (Microsoft Corporation)
R3 umbus; C:\WINDOWS\System32\DriverStore\FileRepository\umbus.inf_amd64_b78a9c5b6fd62c27\umbus.sys [58368 2019-12-07] (Microsoft Corporation)
S3 UrsChipidea; C:\WINDOWS\System32\DriverStore\FileRepository\urschipidea.inf_amd64_78ad1c14e33df968\urschipidea.sys [32056 2019-12-07] (Microsoft Corporation)
S3 UrsSynopsys; C:\WINDOWS\System32\DriverStore\FileRepository\urssynopsys.inf_amd64_057fa37902020500\urssynopsys.sys [29496 2019-12-07] (Microsoft Corporation)
S3 usbaudio2; C:\WINDOWS\System32\drivers\usbaudio2.sys [260608 2019-12-07] (Microsoft Corporation)
S3 VirtualRender; C:\WINDOWS\System32\DriverStore\FileRepository\vrd.inf_amd64_81fbd405ff2470fc\vrd.sys [11264 2019-12-07] (Microsoft Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48536 2021-12-15] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [435432 2021-12-15] (Microsoft Corporation)
S3 WdmCompanionFilter; C:\WINDOWS\System32\drivers\WdmCompanionFilter.sys [23560 2019-12-07] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [86248 2021-12-15] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
NETSVC: TroubleshootingSvc -> C:\Windows\system32\MitigationClient.dll (Microsoft Corporation)
NETSVC: LxpSvc -> C:\Windows\System32\LanguageOverlayServer.dll (Microsoft Corporation)
NETSVC: WManSvc -> C:\Windows\system32\Windows.Management.Service.dll (Microsoft Corporation)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-01-09 17:35 - 2022-01-09 17:37 - 000025876 _____ C:\Users\Mara\Desktop\FRST.txt
2022-01-09 17:34 - 2022-01-09 17:35 - 000000000 ____D C:\FRST
2021-12-22 15:46 - 2021-12-22 15:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin
2021-12-20 19:50 - 2021-12-20 19:50 - 000003584 _____ C:\WINDOWS\System32\Tasks\OneDrive Reporting Task-S-1-5-21-772858087-439378103-3593226653-1001
2021-12-20 19:39 - 2021-12-20 19:39 - 000000000 ____D C:\WINDOWS\SystemTemp
2021-12-20 17:43 - 2021-12-20 17:43 - 013705824 _____ C:\Users\Mara\Desktop\prvni-e-book-kamado-ceramic-2021-small.pdf
2021-12-20 17:43 - 2021-12-20 17:43 - 005110992 _____ C:\Users\Mara\Desktop\_ps_3KamadoJoeII-III-CZnavod.pdf
2021-12-20 17:19 - 2021-12-20 17:19 - 000000000 ___HD C:\$WinREAgent
2021-12-20 14:18 - 2021-12-20 14:18 - 011445760 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2021-12-20 14:18 - 2021-12-20 14:18 - 009487360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2021-12-20 14:18 - 2021-12-20 14:18 - 000989184 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2021-12-20 14:18 - 2021-12-20 14:18 - 000925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSRESM.dll
2021-12-20 14:18 - 2021-12-20 14:18 - 000801608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2021-12-20 14:18 - 2021-12-20 14:18 - 000762368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapi.dll
2021-12-20 14:18 - 2021-12-20 14:18 - 000619520 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSCOMEX.dll
2021-12-20 14:18 - 2021-12-20 14:18 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSCOMPOSE.dll
2021-12-20 14:18 - 2021-12-20 14:18 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2021-12-20 14:18 - 2021-12-20 14:18 - 000415744 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSTIFF.dll
2021-12-20 14:18 - 2021-12-20 14:18 - 000359936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapibase.dll
2021-12-20 14:18 - 2021-12-20 14:18 - 000292352 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSAPI.dll
2021-12-20 14:18 - 2021-12-20 14:18 - 000258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXST30.dll
2021-12-20 14:18 - 2021-12-20 14:18 - 000229376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FXSAPI.dll
2021-12-20 14:18 - 2021-12-20 14:18 - 000104960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FXSXP32.dll
2021-12-20 14:18 - 2021-12-20 14:18 - 000094208 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSCOM.dll
2021-12-20 14:18 - 2021-12-20 14:18 - 000094176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpfve.sys
2021-12-20 14:18 - 2021-12-20 14:18 - 000037376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FXSEXT32.dll
2021-12-20 14:18 - 2021-12-20 14:18 - 000031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinFax.dll
2021-12-20 14:17 - 2021-12-20 14:17 - 024272384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2021-12-20 14:17 - 2021-12-20 14:17 - 019866112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2021-12-20 14:17 - 2021-12-20 14:17 - 018084864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2021-12-20 14:17 - 2021-12-20 14:17 - 008256512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2021-12-20 14:17 - 2021-12-20 14:17 - 007555920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2021-12-20 14:17 - 2021-12-20 14:17 - 007127040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2021-12-20 14:17 - 2021-12-20 14:17 - 006470656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2021-12-20 14:17 - 2021-12-20 14:17 - 005361304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2021-12-20 14:17 - 2021-12-20 14:17 - 004808168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2021-12-20 14:17 - 2021-12-20 14:17 - 004315648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2021-12-20 14:17 - 2021-12-20 14:17 - 003663872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2021-12-20 14:17 - 2021-12-20 14:17 - 003568976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2021-12-20 14:17 - 2021-12-20 14:17 - 002696192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2021-12-20 14:17 - 2021-12-20 14:17 - 002403328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2021-12-20 14:17 - 2021-12-20 14:17 - 001447192 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2021-12-20 14:17 - 2021-12-20 14:17 - 001267976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2021-12-20 14:17 - 2021-12-20 14:17 - 001257472 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2021-12-20 14:17 - 2021-12-20 14:17 - 001161240 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2021-12-20 14:17 - 2021-12-20 14:17 - 001134080 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
2021-12-20 14:17 - 2021-12-20 14:17 - 001092096 _____ (Microsoft Corporation) C:\WINDOWS\system32\HoloSI.PCShell.dll
2021-12-20 14:17 - 2021-12-20 14:17 - 000854016 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicExtensions.dll
2021-12-20 14:17 - 2021-12-20 14:17 - 000678912 _____ (Microsoft Corporation) C:\WINDOWS\system32\quickassist.exe
2021-12-20 14:17 - 2021-12-20 14:17 - 000559816 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMRServer.dll
2021-12-20 14:17 - 2021-12-20 14:17 - 000527360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quickassist.exe
2021-12-20 14:17 - 2021-12-20 14:17 - 000449024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2021-12-20 14:17 - 2021-12-20 14:17 - 000417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2021-12-20 14:17 - 2021-12-20 14:17 - 000389632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2021-12-20 14:17 - 2021-12-20 14:17 - 000374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2021-12-20 14:17 - 2021-12-20 14:17 - 000303616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BioCredProv.dll
2021-12-20 14:17 - 2021-12-20 14:17 - 000240128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_AnalogShell.dll
2021-12-20 14:17 - 2021-12-20 14:17 - 000235520 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdsdwmdr.dll
2021-12-20 14:17 - 2021-12-20 14:17 - 000230912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpd_ci.dll
2021-12-20 14:17 - 2021-12-20 14:17 - 000220672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2021-12-20 14:17 - 2021-12-20 14:17 - 000198144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2021-12-20 14:17 - 2021-12-20 14:17 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll
2021-12-20 14:17 - 2021-12-20 14:17 - 000166912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spacebridge.dll
2021-12-20 14:17 - 2021-12-20 14:17 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdbusenum.dll
2021-12-20 14:17 - 2021-12-20 14:17 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\klist.exe
2021-12-20 14:17 - 2021-12-20 14:17 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2021-12-20 14:17 - 2021-12-20 14:17 - 000071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2021-12-20 14:17 - 2021-12-20 14:17 - 000068608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcWinRT.dll
2021-12-20 14:17 - 2021-12-20 14:17 - 000068608 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcWinRT.dll
2021-12-20 14:17 - 2021-12-20 14:17 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2021-12-20 14:17 - 2021-12-20 14:17 - 000062976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iemigplugin.dll
2021-12-20 14:17 - 2021-12-20 14:17 - 000054784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2021-12-20 14:17 - 2021-12-20 14:17 - 000042808 _____ (Microsoft Corporation) C:\WINDOWS\system32\SysResetErr.exe
2021-12-20 14:17 - 2021-12-20 14:17 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimsg.dll
2021-12-20 14:16 - 2021-12-20 14:16 - 026268672 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2021-12-20 14:16 - 2021-12-20 14:16 - 023452160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2021-12-20 14:16 - 2021-12-20 14:16 - 008893640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2021-12-20 14:16 - 2021-12-20 14:16 - 007776768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2021-12-20 14:16 - 2021-12-20 14:16 - 007677952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2021-12-20 14:16 - 2021-12-20 14:16 - 006013088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2021-12-20 14:16 - 2021-12-20 14:16 - 003343360 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2021-12-20 14:16 - 2021-12-20 14:16 - 002430264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2021-12-20 14:16 - 2021-12-20 14:16 - 001625376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2021-12-20 14:16 - 2021-12-20 14:16 - 001570632 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2021-12-20 14:16 - 2021-12-20 14:16 - 001389056 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2021-12-20 14:16 - 2021-12-20 14:16 - 001314120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-12-20 14:16 - 2021-12-20 14:16 - 001269104 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2021-12-20 14:16 - 2021-12-20 14:16 - 001097216 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2021-12-20 14:16 - 2021-12-20 14:16 - 000950784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2021-12-20 14:16 - 2021-12-20 14:16 - 000910336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2021-12-20 14:16 - 2021-12-20 14:16 - 000909312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2021-12-20 14:16 - 2021-12-20 14:16 - 000901792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2021-12-20 14:16 - 2021-12-20 14:16 - 000893952 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2021-12-20 14:16 - 2021-12-20 14:16 - 000806200 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2021-12-20 14:16 - 2021-12-20 14:16 - 000745400 _____ (Microsoft Corporation) C:\WINDOWS\system32\BioIso.exe
2021-12-20 14:16 - 2021-12-20 14:16 - 000673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcIsoCtnr.dll
2021-12-20 14:16 - 2021-12-20 14:16 - 000567296 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2021-12-20 14:16 - 2021-12-20 14:16 - 000539648 _____ (Microsoft Corporation) C:\WINDOWS\system32\IESettingSync.exe
2021-12-20 14:16 - 2021-12-20 14:16 - 000521096 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2021-12-20 14:16 - 2021-12-20 14:16 - 000331776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2021-12-20 14:16 - 2021-12-20 14:16 - 000308592 _____ (Microsoft Corporation) C:\WINDOWS\system32\computestorage.dll
2021-12-20 14:16 - 2021-12-20 14:16 - 000306448 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll
2021-12-20 14:16 - 2021-12-20 14:16 - 000263168 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2021-12-20 14:16 - 2021-12-20 14:16 - 000262144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scecli.dll
2021-12-20 14:16 - 2021-12-20 14:16 - 000245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2021-12-20 14:16 - 2021-12-20 14:16 - 000240128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pku2u.dll
2021-12-20 14:16 - 2021-12-20 14:16 - 000237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll
2021-12-20 14:16 - 2021-12-20 14:16 - 000229888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.FileExplorer.dll
2021-12-20 14:16 - 2021-12-20 14:16 - 000222024 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2021-12-20 14:16 - 2021-12-20 14:16 - 000195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\feclient.dll
2021-12-20 14:16 - 2021-12-20 14:16 - 000192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngOnline.dll
2021-12-20 14:16 - 2021-12-20 14:16 - 000180736 _____ (Microsoft Corporation) C:\WINDOWS\system32\spacebridge.dll
2021-12-20 14:16 - 2021-12-20 14:16 - 000161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageUsage.dll
2021-12-20 14:16 - 2021-12-20 14:16 - 000159744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasman.dll
2021-12-20 14:16 - 2021-12-20 14:16 - 000141312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2021-12-20 14:16 - 2021-12-20 14:16 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2021-12-20 14:16 - 2021-12-20 14:16 - 000055296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtutils.dll
2021-12-20 14:16 - 2021-12-20 14:16 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimsg.dll
2021-12-20 14:16 - 2021-12-20 14:16 - 000020280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.exe
2021-12-20 14:16 - 2021-12-20 14:16 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d8thk.dll
2021-12-20 14:16 - 2021-12-20 14:16 - 000011979 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-12-20 14:15 - 2021-12-20 14:15 - 014760448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2021-12-20 14:15 - 2021-12-20 14:15 - 006374608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2021-12-20 14:15 - 2021-12-20 14:15 - 004746240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2021-12-20 14:15 - 2021-12-20 14:15 - 004357664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2021-12-20 14:15 - 2021-12-20 14:15 - 003827312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreUAPCommonProxyStub.dll
2021-12-20 14:15 - 2021-12-20 14:15 - 002869248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2021-12-20 14:15 - 2021-12-20 14:15 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2021-12-20 14:15 - 2021-12-20 14:15 - 002610688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2021-12-20 14:15 - 2021-12-20 14:15 - 002542592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2021-12-20 14:15 - 2021-12-20 14:15 - 002320384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2021-12-20 14:15 - 2021-12-20 14:15 - 001843712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2021-12-20 14:15 - 2021-12-20 14:15 - 001695128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2021-12-20 14:15 - 2021-12-20 14:15 - 001633096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2021-12-20 14:15 - 2021-12-20 14:15 - 001452376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2021-12-20 14:15 - 2021-12-20 14:15 - 001125888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2021-12-20 14:15 - 2021-12-20 14:15 - 001066040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll
2021-12-20 14:15 - 2021-12-20 14:15 - 001041920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2021-12-20 14:15 - 2021-12-20 14:15 - 001011512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2021-12-20 14:15 - 2021-12-20 14:15 - 000861480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2021-12-20 14:15 - 2021-12-20 14:15 - 000834048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2021-12-20 14:15 - 2021-12-20 14:15 - 000775992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Services.TargetedContent.dll
2021-12-20 14:15 - 2021-12-20 14:15 - 000716288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2021-12-20 14:15 - 2021-12-20 14:15 - 000712784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2021-12-20 14:15 - 2021-12-20 14:15 - 000687904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2021-12-20 14:15 - 2021-12-20 14:15 - 000640824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicensingWinRT.dll
2021-12-20 14:15 - 2021-12-20 14:15 - 000585216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2021-12-20 14:15 - 2021-12-20 14:15 - 000547480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2021-12-20 14:15 - 2021-12-20 14:15 - 000533512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2021-12-20 14:15 - 2021-12-20 14:15 - 000531968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9on12.dll
2021-12-20 14:15 - 2021-12-20 14:15 - 000516608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ngccredprov.dll
2021-12-20 14:15 - 2021-12-20 14:15 - 000512000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2021-12-20 14:15 - 2021-12-20 14:15 - 000493392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2021-12-20 14:15 - 2021-12-20 14:15 - 000452496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppResolver.dll
2021-12-20 14:15 - 2021-12-20 14:15 - 000420952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2021-12-20 14:15 - 2021-12-20 14:15 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2021-12-20 14:15 - 2021-12-20 14:15 - 000340992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2021-12-20 14:15 - 2021-12-20 14:15 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadauthhelper.dll
2021-12-20 14:15 - 2021-12-20 14:15 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2021-12-20 14:15 - 2021-12-20 14:15 - 000303616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2021-12-20 14:15 - 2021-12-20 14:15 - 000296448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2021-12-20 14:15 - 2021-12-20 14:15 - 000290248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExecModelClient.dll
2021-12-20 14:15 - 2021-12-20 14:15 - 000286720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2021-12-20 14:15 - 2021-12-20 14:15 - 000274432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll
2021-12-20 14:15 - 2021-12-20 14:15 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winsku.dll
2021-12-20 14:15 - 2021-12-20 14:15 - 000229376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe
2021-12-20 14:15 - 2021-12-20 14:15 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2021-12-20 14:15 - 2021-12-20 14:15 - 000211792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2021-12-20 14:15 - 2021-12-20 14:15 - 000197632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallServiceTasks.dll
2021-12-20 14:15 - 2021-12-20 14:15 - 000195704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\weretw.dll
2021-12-20 14:15 - 2021-12-20 14:15 - 000183808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DataExchange.dll
2021-12-20 14:15 - 2021-12-20 14:15 - 000169384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcmnutils.dll
2021-12-20 14:15 - 2021-12-20 14:15 - 000164352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2021-12-20 14:15 - 2021-12-20 14:15 - 000160152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2021-12-20 14:15 - 2021-12-20 14:15 - 000152384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winbrand.dll
2021-12-20 14:15 - 2021-12-20 14:15 - 000129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winbio.dll
2021-12-20 14:15 - 2021-12-20 14:15 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mapistub.dll
2021-12-20 14:15 - 2021-12-20 14:15 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mapi32.dll
2021-12-20 14:15 - 2021-12-20 14:15 - 000114176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssitlb.dll
2021-12-20 14:15 - 2021-12-20 14:15 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2021-12-20 14:15 - 2021-12-20 14:15 - 000092944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2021-12-20 14:15 - 2021-12-20 14:15 - 000086016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntlanman.dll
2021-12-20 14:15 - 2021-12-20 14:15 - 000078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypttpmeksvc.dll
2021-12-20 14:15 - 2021-12-20 14:15 - 000061768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GameInput.dll
2021-12-20 14:15 - 2021-12-20 14:15 - 000059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssprxy.dll
2021-12-20 14:15 - 2021-12-20 14:15 - 000051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnrollCtrl.exe
2021-12-20 14:15 - 2021-12-20 14:15 - 000049664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscntrs.dll
2021-12-20 14:15 - 2021-12-20 14:15 - 000048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enrollmentapi.dll
2021-12-20 14:15 - 2021-12-20 14:15 - 000038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2021-12-20 14:15 - 2021-12-20 14:15 - 000016384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fixmapi.exe
2021-12-20 14:15 - 2021-12-20 14:15 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2021-12-20 14:15 - 2021-12-20 14:15 - 000003584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCertResources.dll
2021-12-20 14:15 - 2021-12-20 14:15 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2021-12-20 14:15 - 2021-12-20 14:15 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
2021-12-20 14:14 - 2021-12-20 14:14 - 007647808 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2021-12-20 14:14 - 2021-12-20 14:14 - 004629312 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2021-12-20 14:14 - 2021-12-20 14:14 - 003945472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2021-12-20 14:14 - 2021-12-20 14:14 - 002989880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2021-12-20 14:14 - 2021-12-20 14:14 - 002920808 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2021-12-20 14:14 - 2021-12-20 14:14 - 002181712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2021-12-20 14:14 - 2021-12-20 14:14 - 002177024 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2021-12-20 14:14 - 2021-12-20 14:14 - 002095616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MdmDiagnostics.dll
2021-12-20 14:14 - 2021-12-20 14:14 - 001877984 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2021-12-20 14:14 - 2021-12-20 14:14 - 001794048 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2021-12-20 14:14 - 2021-12-20 14:14 - 001751440 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2021-12-20 14:14 - 2021-12-20 14:14 - 001483264 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2021-12-20 14:14 - 2021-12-20 14:14 - 001342976 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2021-12-20 14:14 - 2021-12-20 14:14 - 001328952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContentDeliveryManager.Utilities.dll
2021-12-20 14:14 - 2021-12-20 14:14 - 001259520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2021-12-20 14:14 - 2021-12-20 14:14 - 001179464 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2021-12-20 14:14 - 2021-12-20 14:14 - 001129568 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2021-12-20 14:14 - 2021-12-20 14:14 - 001084152 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2021-12-20 14:14 - 2021-12-20 14:14 - 001028608 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2021-12-20 14:14 - 2021-12-20 14:14 - 000967680 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2021-12-20 14:14 - 2021-12-20 14:14 - 000945152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2021-12-20 14:14 - 2021-12-20 14:14 - 000910848 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2021-12-20 14:14 - 2021-12-20 14:14 - 000873472 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2021-12-20 14:14 - 2021-12-20 14:14 - 000841328 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2021-12-20 14:14 - 2021-12-20 14:14 - 000836096 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2021-12-20 14:14 - 2021-12-20 14:14 - 000769544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll
2021-12-20 14:14 - 2021-12-20 14:14 - 000756040 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingWinRT.dll
2021-12-20 14:14 - 2021-12-20 14:14 - 000712192 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2021-12-20 14:14 - 2021-12-20 14:14 - 000703488 _____ (Microsoft Corporation) C:\WINDOWS\system32\configmanager2.dll
2021-12-20 14:14 - 2021-12-20 14:14 - 000648208 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2021-12-20 14:14 - 2021-12-20 14:14 - 000574800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2021-12-20 14:14 - 2021-12-20 14:14 - 000572928 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2021-12-20 14:14 - 2021-12-20 14:14 - 000526848 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2021-12-20 14:14 - 2021-12-20 14:14 - 000502584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2021-12-20 14:14 - 2021-12-20 14:14 - 000475688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sechost.dll
2021-12-20 14:14 - 2021-12-20 14:14 - 000457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockHostingFramework.dll
2021-12-20 14:14 - 2021-12-20 14:14 - 000437760 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2021-12-20 14:14 - 2021-12-20 14:14 - 000419328 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2021-12-20 14:14 - 2021-12-20 14:14 - 000409456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2021-12-20 14:14 - 2021-12-20 14:14 - 000383264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2021-12-20 14:14 - 2021-12-20 14:14 - 000382464 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Fonts.dll
2021-12-20 14:14 - 2021-12-20 14:14 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\scecli.dll
2021-12-20 14:14 - 2021-12-20 14:14 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
2021-12-20 14:14 - 2021-12-20 14:14 - 000304640 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll
2021-12-20 14:14 - 2021-12-20 14:14 - 000301568 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2021-12-20 14:14 - 2021-12-20 14:14 - 000274432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.FileExplorer.dll
2021-12-20 14:14 - 2021-12-20 14:14 - 000264528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2021-12-20 14:14 - 2021-12-20 14:14 - 000259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngctasks.dll
2021-12-20 14:14 - 2021-12-20 14:14 - 000252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\feclient.dll
2021-12-20 14:14 - 2021-12-20 14:14 - 000234984 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcmnutils.dll
2021-12-20 14:14 - 2021-12-20 14:14 - 000229376 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll
2021-12-20 14:14 - 2021-12-20 14:14 - 000214528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\NetAdapterCx.sys
2021-12-20 14:14 - 2021-12-20 14:14 - 000194048 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasman.dll
2021-12-20 14:14 - 2021-12-20 14:14 - 000162168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTWorkQ.dll
2021-12-20 14:14 - 2021-12-20 14:14 - 000152576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2021-12-20 14:14 - 2021-12-20 14:14 - 000133760 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll
2021-12-20 14:14 - 2021-12-20 14:14 - 000126976 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2021-12-20 14:14 - 2021-12-20 14:14 - 000124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2021-12-20 14:14 - 2021-12-20 14:14 - 000109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntlanman.dll
2021-12-20 14:14 - 2021-12-20 14:14 - 000095496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagehlp.dll
2021-12-20 14:14 - 2021-12-20 14:14 - 000094208 _____ (Microsoft Corporation) C:\WINDOWS\system32\efslsaext.dll
2021-12-20 14:14 - 2021-12-20 14:14 - 000085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\efssvc.dll
2021-12-20 14:14 - 2021-12-20 14:14 - 000069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtutils.dll
2021-12-20 14:14 - 2021-12-20 14:14 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2021-12-20 14:14 - 2021-12-20 14:14 - 000048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\sscore.dll
2021-12-20 14:14 - 2021-12-20 14:14 - 000014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2021-12-20 14:14 - 2021-12-20 14:14 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d8thk.dll
2021-12-20 14:14 - 2021-12-20 14:14 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2021-12-20 14:13 - 2021-12-20 14:14 - 000626576 _____ (Microsoft Corporation) C:\WINDOWS\system32\sechost.dll
2021-12-20 14:13 - 2021-12-20 14:13 - 001476944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2021-12-20 14:13 - 2021-12-20 14:13 - 000182608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2021-12-20 14:12 - 2021-12-20 14:13 - 010846568 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2021-12-20 14:12 - 2021-12-20 14:12 - 010344184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2021-12-20 14:12 - 2021-12-20 14:12 - 007984080 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2021-12-20 14:12 - 2021-12-20 14:12 - 006427648 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2021-12-20 14:12 - 2021-12-20 14:12 - 004732416 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2021-12-20 14:12 - 2021-12-20 14:12 - 004009472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2021-12-20 14:12 - 2021-12-20 14:12 - 003917824 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2021-12-20 14:12 - 2021-12-20 14:12 - 003817984 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2021-12-20 14:12 - 2021-12-20 14:12 - 003749888 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2021-12-20 14:12 - 2021-12-20 14:12 - 003580416 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2021-12-20 14:12 - 2021-12-20 14:12 - 003312640 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2021-12-20 14:12 - 2021-12-20 14:12 - 002982400 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2021-12-20 14:12 - 2021-12-20 14:12 - 002891776 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2021-12-20 14:12 - 2021-12-20 14:12 - 002850160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2021-12-20 14:12 - 2021-12-20 14:12 - 002826240 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2021-12-20 14:12 - 2021-12-20 14:12 - 002594632 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2021-12-20 14:12 - 2021-12-20 14:12 - 002586112 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2021-12-20 14:12 - 2021-12-20 14:12 - 002466304 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2021-12-20 14:12 - 2021-12-20 14:12 - 002437632 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2021-12-20 14:12 - 2021-12-20 14:12 - 002250240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2021-12-20 14:12 - 2021-12-20 14:12 - 002004808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2021-12-20 14:12 - 2021-12-20 14:12 - 001979176 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2021-12-20 14:12 - 2021-12-20 14:12 - 001886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2021-12-20 14:12 - 2021-12-20 14:12 - 001829176 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2021-12-20 14:12 - 2021-12-20 14:12 - 001826440 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-12-20 14:12 - 2021-12-20 14:12 - 001777152 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2021-12-20 14:12 - 2021-12-20 14:12 - 001654784 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2021-12-20 14:12 - 2021-12-20 14:12 - 001652736 _____ (Microsoft Corporation) C:\WINDOWS\system32\MoUsoCoreWorker.exe
2021-12-20 14:12 - 2021-12-20 14:12 - 001577784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2021-12-20 14:12 - 2021-12-20 14:12 - 001570304 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConstraintIndex.Search.dll
2021-12-20 14:12 - 2021-12-20 14:12 - 001559328 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2021-12-20 14:12 - 2021-12-20 14:12 - 001440256 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2021-12-20 14:12 - 2021-12-20 14:12 - 001413632 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2021-12-20 14:12 - 2021-12-20 14:12 - 001393480 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-12-20 14:12 - 2021-12-20 14:12 - 001338880 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2021-12-20 14:12 - 2021-12-20 14:12 - 001326592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2021-12-20 14:12 - 2021-12-20 14:12 - 001224648 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2021-12-20 14:12 - 2021-12-20 14:12 - 001197744 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2021-12-20 14:12 - 2021-12-20 14:12 - 001184568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Services.TargetedContent.dll
2021-12-20 14:12 - 2021-12-20 14:12 - 001096192 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2021-12-20 14:12 - 2021-12-20 14:12 - 001040896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2021-12-20 14:12 - 2021-12-20 14:12 - 001015944 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2021-12-20 14:12 - 2021-12-20 14:12 - 000940544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2021-12-20 14:12 - 2021-12-20 14:12 - 000918968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2021-12-20 14:12 - 2021-12-20 14:12 - 000898664 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2021-12-20 14:12 - 2021-12-20 14:12 - 000886784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2021-12-20 14:12 - 2021-12-20 14:12 - 000752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.immersiveshell.serviceprovider.dll
2021-12-20 14:12 - 2021-12-20 14:12 - 000746416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2021-12-20 14:12 - 2021-12-20 14:12 - 000710656 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9on12.dll
2021-12-20 14:12 - 2021-12-20 14:12 - 000703464 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2021-12-20 14:12 - 2021-12-20 14:12 - 000690688 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2021-12-20 14:12 - 2021-12-20 14:12 - 000596992 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2021-12-20 14:12 - 2021-12-20 14:12 - 000582984 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2021-12-20 14:12 - 2021-12-20 14:12 - 000582096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll
2021-12-20 14:12 - 2021-12-20 14:12 - 000569856 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll
2021-12-20 14:12 - 2021-12-20 14:12 - 000524800 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2021-12-20 14:12 - 2021-12-20 14:12 - 000502008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2021-12-20 14:12 - 2021-12-20 14:12 - 000419328 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2021-12-20 14:12 - 2021-12-20 14:12 - 000412984 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2021-12-20 14:12 - 2021-12-20 14:12 - 000402944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2021-12-20 14:12 - 2021-12-20 14:12 - 000390144 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppLockerCSP.dll
2021-12-20 14:12 - 2021-12-20 14:12 - 000382464 _____ (Microsoft Corporation) C:\WINDOWS\system32\BioCredProv.dll
2021-12-20 14:12 - 2021-12-20 14:12 - 000381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2021-12-20 14:12 - 2021-12-20 14:12 - 000364544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2021-12-20 14:12 - 2021-12-20 14:12 - 000350208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll
2021-12-20 14:12 - 2021-12-20 14:12 - 000334336 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsku.dll
2021-12-20 14:12 - 2021-12-20 14:12 - 000295936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2021-12-20 14:12 - 2021-12-20 14:12 - 000272384 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2021-12-20 14:12 - 2021-12-20 14:12 - 000267120 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinREAgent.dll
2021-12-20 14:12 - 2021-12-20 14:12 - 000259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2021-12-20 14:12 - 2021-12-20 14:12 - 000253024 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2021-12-20 14:12 - 2021-12-20 14:12 - 000246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_ManagePhone.dll
2021-12-20 14:12 - 2021-12-20 14:12 - 000245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
2021-12-20 14:12 - 2021-12-20 14:12 - 000241480 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2021-12-20 14:12 - 2021-12-20 14:12 - 000214840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2021-12-20 14:12 - 2021-12-20 14:12 - 000214528 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2021-12-20 14:12 - 2021-12-20 14:12 - 000210944 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2021-12-20 14:12 - 2021-12-20 14:12 - 000205640 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbrand.dll
2021-12-20 14:12 - 2021-12-20 14:12 - 000182376 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2021-12-20 14:12 - 2021-12-20 14:12 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbio.dll
2021-12-20 14:12 - 2021-12-20 14:12 - 000181104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2021-12-20 14:12 - 2021-12-20 14:12 - 000177664 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_ContentDeliveryManager.dll
2021-12-20 14:12 - 2021-12-20 14:12 - 000161280 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSAssessment.dll
2021-12-20 14:12 - 2021-12-20 14:12 - 000156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
2021-12-20 14:12 - 2021-12-20 14:12 - 000145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2021-12-20 14:12 - 2021-12-20 14:12 - 000142336 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2021-12-20 14:12 - 2021-12-20 14:12 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcimage.dll
2021-12-20 14:12 - 2021-12-20 14:12 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\CustomInstallExec.exe
2021-12-20 14:12 - 2021-12-20 14:12 - 000136048 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2021-12-20 14:12 - 2021-12-20 14:12 - 000132736 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2021-12-20 14:12 - 2021-12-20 14:12 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll
2021-12-20 14:12 - 2021-12-20 14:12 - 000124744 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdnet.dll
2021-12-20 14:12 - 2021-12-20 14:12 - 000119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatecsp.dll
2021-12-20 14:12 - 2021-12-20 14:12 - 000107408 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll
2021-12-20 14:12 - 2021-12-20 14:12 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditBufferTestHook.dll
2021-12-20 14:12 - 2021-12-20 14:12 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2021-12-20 14:12 - 2021-12-20 14:12 - 000052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\MdmDiagnosticsTool.exe
2021-12-20 14:12 - 2021-12-20 14:12 - 000047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
2021-12-20 14:12 - 2021-12-20 14:12 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\WordBreakers.dll
2021-12-20 14:12 - 2021-12-20 14:12 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidtel.exe
2021-12-20 14:12 - 2021-12-20 14:12 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\applockerfltr.sys
2021-12-20 14:12 - 2021-12-20 14:12 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2021-12-20 14:11 - 2021-12-20 14:11 - 017544192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2021-12-20 14:11 - 2021-12-20 14:11 - 008021816 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2021-12-20 14:11 - 2021-12-20 14:11 - 006189568 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2021-12-20 14:11 - 2021-12-20 14:11 - 005755896 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2021-12-20 14:11 - 2021-12-20 14:11 - 004971808 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2021-12-20 14:11 - 2021-12-20 14:11 - 003813688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2021-12-20 14:11 - 2021-12-20 14:11 - 003358208 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2021-12-20 14:11 - 2021-12-20 14:11 - 003067904 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2021-12-20 14:11 - 2021-12-20 14:11 - 002107840 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2021-12-20 14:11 - 2021-12-20 14:11 - 001841664 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2021-12-20 14:11 - 2021-12-20 14:11 - 001785144 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2021-12-20 14:11 - 2021-12-20 14:11 - 001559552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2021-12-20 14:11 - 2021-12-20 14:11 - 001427456 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2021-12-20 14:11 - 2021-12-20 14:11 - 001327416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2021-12-20 14:11 - 2021-12-20 14:11 - 001299520 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsreg.dll
2021-12-20 14:11 - 2021-12-20 14:11 - 001273856 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2021-12-20 14:11 - 2021-12-20 14:11 - 001189176 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2021-12-20 14:11 - 2021-12-20 14:11 - 001177088 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2021-12-20 14:11 - 2021-12-20 14:11 - 001153824 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
2021-12-20 14:11 - 2021-12-20 14:11 - 001064448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Signals.dll
2021-12-20 14:11 - 2021-12-20 14:11 - 001013760 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2021-12-20 14:11 - 2021-12-20 14:11 - 000931328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2021-12-20 14:11 - 2021-12-20 14:11 - 000923136 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2021-12-20 14:11 - 2021-12-20 14:11 - 000902984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2021-12-20 14:11 - 2021-12-20 14:11 - 000836096 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2021-12-20 14:11 - 2021-12-20 14:11 - 000823808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\PEAuth.sys
2021-12-20 14:11 - 2021-12-20 14:11 - 000774656 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll
2021-12-20 14:11 - 2021-12-20 14:11 - 000757760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2021-12-20 14:11 - 2021-12-20 14:11 - 000744448 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2021-12-20 14:11 - 2021-12-20 14:11 - 000723824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2021-12-20 14:11 - 2021-12-20 14:11 - 000667648 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2021-12-20 14:11 - 2021-12-20 14:11 - 000598016 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2021-12-20 14:11 - 2021-12-20 14:11 - 000585216 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2021-12-20 14:11 - 2021-12-20 14:11 - 000546816 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2021-12-20 14:11 - 2021-12-20 14:11 - 000490808 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2021-12-20 14:11 - 2021-12-20 14:11 - 000469840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2021-12-20 14:11 - 2021-12-20 14:11 - 000466432 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadauthhelper.dll
2021-12-20 14:11 - 2021-12-20 14:11 - 000456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2021-12-20 14:11 - 2021-12-20 14:11 - 000456040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2021-12-20 14:11 - 2021-12-20 14:11 - 000420472 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2021-12-20 14:11 - 2021-12-20 14:11 - 000384808 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExecModelClient.dll
2021-12-20 14:11 - 2021-12-20 14:11 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2021-12-20 14:11 - 2021-12-20 14:11 - 000330576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbvideo.sys
2021-12-20 14:11 - 2021-12-20 14:11 - 000292352 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2021-12-20 14:11 - 2021-12-20 14:11 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe
2021-12-20 14:11 - 2021-12-20 14:11 - 000267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcrecovery.dll
2021-12-20 14:11 - 2021-12-20 14:11 - 000267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2021-12-20 14:11 - 2021-12-20 14:11 - 000257536 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2021-12-20 14:11 - 2021-12-20 14:11 - 000237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataExchange.dll
2021-12-20 14:11 - 2021-12-20 14:11 - 000195744 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTWorkQ.dll
2021-12-20 14:11 - 2021-12-20 14:11 - 000167424 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapistub.dll
2021-12-20 14:11 - 2021-12-20 14:11 - 000167424 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapi32.dll
2021-12-20 14:11 - 2021-12-20 14:11 - 000162816 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-12-20 14:11 - 2021-12-20 14:11 - 000152064 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpatialAudioLicenseSrv.exe
2021-12-20 14:11 - 2021-12-20 14:11 - 000136888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.ShellCommon.Broker.dll
2021-12-20 14:11 - 2021-12-20 14:11 - 000136192 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
2021-12-20 14:11 - 2021-12-20 14:11 - 000113664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
2021-12-20 14:11 - 2021-12-20 14:11 - 000110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2021-12-20 14:11 - 2021-12-20 14:11 - 000110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypttpmeksvc.dll
2021-12-20 14:11 - 2021-12-20 14:11 - 000090936 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2021-12-20 14:11 - 2021-12-20 14:11 - 000072048 _____ (Microsoft Corporation) C:\WINDOWS\system32\GameInput.dll
2021-12-20 14:11 - 2021-12-20 14:11 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnrollCtrl.exe
2021-12-20 14:11 - 2021-12-20 14:11 - 000056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\audioresourceregistrar.dll
2021-12-20 14:11 - 2021-12-20 14:11 - 000051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xinputhid.sys
2021-12-20 14:11 - 2021-12-20 14:11 - 000047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\devauthe.sys
2021-12-20 14:11 - 2021-12-20 14:11 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthMini.SYS
2021-12-20 14:11 - 2021-12-20 14:11 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.Common.dll
2021-12-20 14:11 - 2021-12-20 14:11 - 000031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\FaxPrinterInstaller.dll
2021-12-20 14:11 - 2021-12-20 14:11 - 000021504 _____ (Microsoft Corporation) C:\WINDOWS\system32\fixmapi.exe
2021-12-20 14:11 - 2021-12-20 14:11 - 000003584 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCertResources.dll
2021-12-20 13:08 - 2021-12-20 13:08 - 000000000 ____D C:\Users\Mara\AppData\LocalLow\Adobe
2021-12-20 13:08 - 2021-12-20 13:08 - 000000000 ____D C:\Users\Mara\AppData\Local\SolidDocuments
2021-12-20 12:29 - 2022-01-08 01:28 - 000004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2021-12-20 12:27 - 2021-12-20 12:27 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2021-12-20 12:27 - 2021-12-20 12:27 - 000002061 _____ C:\Users\Public\Desktop\Adobe Acrobat DC.lnk
2021-12-20 12:22 - 2021-12-20 12:22 - 000000000 ____D C:\Program Files\Adobe
2021-12-20 12:15 - 2021-12-20 12:22 - 000000000 ____D C:\Program Files\Common Files\Adobe
2021-12-20 12:10 - 2021-12-20 12:10 - 001246984 _____ (Adobe Inc) C:\Users\Mara\Downloads\readerdc64_cz_xa_crd_install.exe
2021-12-20 11:58 - 2021-12-20 15:06 - 000000000 ____D C:\ProgramData\Adobe
2021-12-20 11:58 - 2021-12-20 11:58 - 038624400 _____ (Adobe Systems Incorporated) C:\Users\Mara\Downloads\AdbeRdr11000_cs_CZ (1).exe
2021-12-20 11:57 - 2021-12-20 11:57 - 038624400 _____ (Adobe Systems Incorporated) C:\Users\Mara\Downloads\AdbeRdr11000_cs_CZ.exe
2021-12-20 11:46 - 2021-10-14 04:05 - 000391168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2021-12-20 11:46 - 2021-10-14 04:00 - 000495616 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-01-09 17:35 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-01-09 17:04 - 2020-09-15 22:27 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-01-09 16:43 - 2018-02-26 17:09 - 000000000 ____D C:\Program Files (x86)\Google
2022-01-09 10:04 - 2019-10-09 18:42 - 000000000 ____D C:\Program Files\CCleaner
2022-01-08 01:55 - 2020-06-10 23:22 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-01-08 01:55 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-01-08 01:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-01-03 18:04 - 2021-08-26 23:15 - 000001113 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2022-01-03 18:04 - 2020-09-15 23:01 - 000003958 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1517756210
2022-01-03 18:04 - 2018-02-04 15:55 - 000000000 ____D C:\Program Files\Opera
2022-01-01 21:01 - 2019-01-03 14:23 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2021-12-22 15:48 - 2018-02-13 22:15 - 000000000 ____D C:\ProgramData\Garmin
2021-12-22 15:47 - 2019-02-19 22:18 - 000000000 ____D C:\Users\Mara\AppData\Local\Garmin
2021-12-22 15:47 - 2018-02-13 22:14 - 000000000 ____D C:\Program Files (x86)\Garmin
2021-12-22 15:47 - 2018-02-13 22:13 - 000000000 ____D C:\ProgramData\Package Cache
2021-12-22 15:46 - 2020-09-15 23:01 - 000003624 _____ C:\WINDOWS\System32\Tasks\GarminUpdaterTask
2021-12-22 15:45 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-12-20 19:50 - 2020-09-15 23:01 - 000003374 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-772858087-439378103-3593226653-1001
2021-12-20 19:50 - 2020-09-15 22:31 - 000002374 _____ C:\Users\Mara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-12-20 19:48 - 2020-09-15 22:48 - 001693380 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-12-20 19:48 - 2019-12-07 15:41 - 000716764 _____ C:\WINDOWS\system32\perfh005.dat
2021-12-20 19:48 - 2019-12-07 15:41 - 000144942 _____ C:\WINDOWS\system32\perfc005.dat
2021-12-20 19:44 - 2020-09-15 23:01 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-12-20 19:44 - 2020-09-15 22:27 - 000545528 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-12-20 19:43 - 2020-09-15 22:26 - 000008192 ___SH C:\DumpStack.log.tmp
2021-12-20 19:41 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-12-20 19:40 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-12-20 19:40 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-12-20 19:40 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-12-20 19:40 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2021-12-20 19:40 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2021-12-20 19:40 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2021-12-20 19:40 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-12-20 19:40 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\en-GB
2021-12-20 19:39 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-12-20 19:39 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-12-20 19:39 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-12-20 19:04 - 2019-10-09 18:43 - 000000000 ____D C:\Program Files (x86)\CCleaner Browser
2021-12-20 19:04 - 2018-02-26 17:11 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-12-20 19:03 - 2019-10-09 18:46 - 000002387 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner Browser.lnk
2021-12-20 17:51 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-12-20 14:51 - 2019-12-25 19:29 - 000000000 ____D C:\Users\Mara\AppData\Local\Adobe
2021-12-20 13:09 - 2019-02-14 21:34 - 000000000 ____D C:\Users\Mara\AppData\Local\CrashDumps
2021-12-20 13:08 - 2018-02-04 05:33 - 000000000 ____D C:\Users\Mara\AppData\Local\Packages
2021-12-20 13:08 - 2018-02-04 01:17 - 000000000 ____D C:\Users\Mara\AppData\Roaming\Adobe
2021-12-20 11:38 - 2018-02-04 19:58 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-12-20 11:30 - 2018-02-04 19:58 - 137938848 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-12-15 14:47 - 2016-12-06 18:17 - 000024712 _____ C:\Users\Mara\Documents\tahák do birfinku.xlsx
2021-12-15 14:39 - 2018-02-26 17:36 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
C:\WINDOWS\system32\codeintegrity\Bootcat.cache IS MISSING <==== ATTENTION
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27.01.2018
Ran by Mara (09-01-2022 17:39:53)
Running from C:\Users\Mara\Desktop
Windows 10 Home Version 2009 19043.1415 (X64) (2020-09-15 22:03:09)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-772858087-439378103-3593226653-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-772858087-439378103-3593226653-503 - Limited - Disabled)
defaultuser100001 (S-1-5-21-772858087-439378103-3593226653-1017 - Limited - Enabled)
Guest (S-1-5-21-772858087-439378103-3593226653-501 - Limited - Disabled)
Mara (S-1-5-21-772858087-439378103-3593226653-1001 - Administrator - Enabled) => C:\Users\Mara
WDAGUtilityAccount (S-1-5-21-772858087-439378103-3593226653-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat DC (64-bit) (HKLM\...\{AC76BA86-1029-1033-7760-BC15014EA700}) (Version: 21.007.20091 - Adobe)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.465 - Adobe)
ANT Drivers Installer x64 (HKLM\...\{139FF066-A458-4B33-8589-383948FD0CFB}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Audacity 2.3.0 (HKLM-x32\...\Audacity_is1) (Version: 2.3.0 - Audacity Team)
Balíček ovladače systému Windows - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Balíček ovladače systému Windows - libusb-win32 WorldCup Device (02/23/2013 1.2.6.0) (HKLM\...\607E81836F3E58EDC7289F7B7047149AE2C7F301) (Version: 02/23/2013 1.2.6.0 - libusb-win32)
Balíček ovladače systému Windows - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
CCleaner (HKLM\...\CCleaner) (Version: 5.77 - Piriform)
CCleaner Browser (HKLM-x32\...\CCleaner Browser) (Version: 96.1.13589.113 - Autoři prohlížeče CCleaner Browser)
CCleaner Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.8.1067.0 - Piriform Software) Hidden
CzechRep_by_Dave_Luv (HKLM-x32\...\CzechRep_by_Dave_Luv) (Version: - )
Elevated Installer (HKLM-x32\...\{C5D02F28-704C-40E4-A818-C1B5C0E3F4F3}) (Version: 7.10.0.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express (HKLM-x32\...\{198a85d6-0675-4d37-a0f4-17971dbec64b}) (Version: 7.10.0.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{6A8099B2-D410-4BB4-B746-9813020737B9}) (Version: 7.10.0.0 - Garmin Ltd or its subsidiaries) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 96.0.4664.110 - Google LLC)
HiSuite (HKLM-x32\...\Hi Suite) (Version: 11.0.0.360 - Huawei Technologies Co., Ltd.)
Kontrola stavu osobního počítače s Windows (HKLM\...\{88EC8D4A-54AB-4A7F-BDE9-4AD906D9D11F}) (Version: 3.2.2110.14001 - Microsoft Corporation)
LAME v3.98.3 for Audacity (HKLM-x32\...\LAME for Audacity_is1) (Version: - )
LibreOffice 7.1.0.3 (HKLM\...\{FF0BB16C-BD95-497C-BCE6-4B567668AF1B}) (Version: 7.1.0.3 - The Document Foundation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 97.0.1072.55 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.153.55 - )
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-772858087-439378103-3593226653-1001\...\OneDriveSetup.exe) (Version: 21.230.1107.0004 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{29B15818-E79F-4AB0-8938-9410C807AD76}) (Version: 2.84.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.23.27820 (HKLM-x32\...\{45231ab4-69fd-486a-859d-7a59fcd11013}) (Version: 14.23.27820.0 - Microsoft Corporation)
Mobile Partner (HKLM-x32\...\Mobile Partner) (Version: 11.030.01.11.75 - Huawei Technologies Co.,Ltd)
Mozilla Firefox 72.0.2 (x64 cs) (HKLM\...\Mozilla Firefox 72.0.2 (x64 cs)) (Version: 72.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 58.0.1 - Mozilla)
Opera Stable 82.0.4227.43 (HKLM-x32\...\Opera 82.0.4227.43) (Version: 82.0.4227.43 - Opera Software)
Ovládací panel NVIDIA 342.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 342.01 - NVIDIA Corporation) Hidden
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Seznam Software (HKU\S-1-5-21-772858087-439378103-3593226653-1001\...\SeznamInstall) (Version: 2.1.35 - Seznam.cz)
Streaming Audio Recorder V4.2.3 (HKLM-x32\...\{B6D9D06B-4B4D-4B41-B963-C056B627F704}_is1) (Version: 4.2.3 - APOWERSOFT LIMITED)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.25.8 - TeamViewer)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
USB_Burning_Tool (HKLM-x32\...\{0F91E44C-2FAD-4298-8051-40E52C7E1341}_is1) (Version: 1.1.0 - Amlogic, Inc.)
WinRAR 5.70 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (Alexander Roshal)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2016-11-14] (NVIDIA Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (Alexander Roshal)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {008539BF-83F9-4483-9E0A-EEEE6EAC0A08} - System32\Tasks\Microsoft\Windows\Shell\UpdateUserPictureTask
Task: {02DF4097-2F8B-4E04-B902-87A8FF62ED65} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [2021-12-15] (Microsoft Corporation)
Task: {0CBABB27-6DFC-4155-BAE7-AE919B92FEF2} - System32\Tasks\Microsoft\Windows\DirectX\DXGIAdapterCache => C:\WINDOWS\system32\dxgiadaptercache.exe [2021-04-23] (Microsoft Corporation)
Task: {0CEC0B91-4AE9-4E8A-ACB2-3B4C811F442C} - System32\Tasks\Microsoft\Windows\WaaSMedic\PerformRemediation
Task: {105D676A-D551-4274-81E7-97AC52E4FD87} - System32\Tasks\Microsoft\Windows\Speech\HeadsetButtonPress => C:\WINDOWS\system32\speech_onecore\common\SpeechRuntime.exe [2021-10-18] (Microsoft Corporation)
Task: {12DF3F8A-9612-48CA-AE38-2818FA70CA73} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2021-10-18] ()
Task: {142D6705-44E3-4559-A119-860D8300C48D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [2021-12-15] (Microsoft Corporation)
Task: {1A473B56-A576-4757-8515-16CD6AC89F86} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-02-26] (Google Inc.)
Task: {1A7C019E-EFCE-4755-8D49-2EF9360F027A} - System32\Tasks\Microsoft\Windows\WwanSvc\OobeDiscovery
Task: {20B2E292-A48A-4D49-BB64-4BF2B52DB2BC} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2021-03-05] (Piriform Software Ltd)
Task: {304D2127-E6ED-4C82-B9B3-63B3B54A4D66} - System32\Tasks\Microsoft\Windows\Data Integrity Scan\Data Integrity Check And Scan
Task: {33F237E3-CE93-4CD1-B626-D5EAB23BB406} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceWnsFallback
Task: {34ADEFE8-89DB-43BC-8C0B-14BB34D69F6D} - System32\Tasks\Microsoft\Windows\BitLocker\BitLocker Encrypt All Drives
Task: {4262D729-FBC7-4A9C-AD32-B0775B2DA904} - System32\Tasks\CCleaner Browser Heartbeat Task (Logon) => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [2021-12-15] (Piriform Software)
Task: {42F1E560-B23A-46F0-980D-929F956DD363} - System32\Tasks\Microsoft\Windows\Flighting\FeatureConfig\ReconcileFeatures
Task: {4465E31B-09A8-4115-A931-CD729199DBC8} - System32\Tasks\Opera scheduled Autoupdate 1517756210 => C:\Program Files\Opera\launcher.exe [2021-12-21] (Opera Software)
Task: {44AF7ADA-1C0D-43B1-A063-9E7581F7730B} - System32\Tasks\Microsoft\Windows\InstallService\SmartRetry
Task: {4A0DEFDA-A2B8-4736-88E1-A578E00D9704} - System32\Tasks\Microsoft\Windows\Input\PenSyncDataAvailable
Task: {4F2030CE-BA8E-4122-B9A8-29AA5858973E} - System32\Tasks\Microsoft\Windows\Flighting\OneSettings\RefreshCache
Task: {51C41B29-CA87-4228-995F-21D6D5E931AC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-02-26] (Google Inc.)
Task: {55B1C85E-5BEF-4EDB-ADD0-ECEAEF261E7C} - System32\Tasks\Microsoft\Windows\DirectX\DirectXDatabaseUpdater => C:\WINDOWS\system32\directxdatabaseupdater.exe [2021-04-23] (Microsoft Corporation)
Task: {56E89F6F-46EE-4703-85A9-951D71FEEC5D} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
Task: {571A0A5E-B60E-4A25-BEFB-ABB3C6BB6B78} - System32\Tasks\Microsoft\Windows\Workplace Join\Device-Sync
Task: {58CCC4DA-C86D-4E3D-8FAF-A7B24D8F3950} - System32\Tasks\Microsoft\Windows\StateRepository\MaintenanceTasks => %windir%\system32\rundll32.exe %windir%\system32\Windows.StateRepositoryClient.dll,StateRepositoryDoMaintenanceTasks
Task: {596B6224-34F6-4C2A-883D-85356A6D3790} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2021-11-17] (Adobe Inc.)
Task: {5C80BB4A-79D9-4B8E-90D5-6BC756525E88} - System32\Tasks\Agent Activation Runtime\S-1-5-21-772858087-439378103-3593226653-1001 => C:\WINDOWS\System32\AgentActivationRuntimeStarter.exe [2021-05-12] ()
Task: {5E351EE7-F0D4-4F41-A05C-907EB1A33CE8} - System32\Tasks\Microsoft\Windows\WlanSvc\CDSSync
Task: {63849E17-7401-4F42-877B-EA54B6F4395D} - System32\Tasks\Microsoft\Windows\Application Experience\PcaPatchDbTask => %windir%\system32\rundll32.exe %windir%\system32\PcaSvc.dll,PcaPatchSdbTask
Task: {6F68BAA2-E9E5-440E-AEDA-124A02BF0094} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [2021-11-15] ()
Task: {77F54927-70C4-40B2-A3B8-E9020CAF1798} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2021-03-05] (Piriform)
Task: {7C4733D2-81D6-4CA3-B30C-E00B496B9857} - System32\Tasks\Microsoft\Windows\Input\TouchpadSyncDataAvailable
Task: {8A4D1072-BED3-4D57-AB07-2FCB31DEC6FD} - System32\Tasks\MicrosoftEdgeUpdateTaskMachineUA => C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [2020-06-10] (Microsoft Corporation) <==== ATTENTION
Task: {8F9BEB74-BC17-470F-9EE7-1FDC1816E5F9} - System32\Tasks\Microsoft\Windows\Flighting\FeatureConfig\UsageDataReporting
Task: {9B29B882-A95C-438B-BF91-E7C31B1D82D1} - System32\Tasks\Microsoft\Windows\InstallService\WakeUpAndContinueUpdates
Task: {9DCDC4D2-55EF-4566-B7C5-259C50F8E293} - System32\Tasks\MicrosoftEdgeUpdateTaskMachineCore => C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [2020-06-10] (Microsoft Corporation) <==== ATTENTION
Task: {A08D6A77-C926-4E78-9ED0-09836E2769AE} - System32\Tasks\Microsoft\Windows\InstallService\ScanForUpdates
Task: {A2FADBDF-6855-42F7-BDFC-F0C510EDA9BC} - System32\Tasks\Microsoft\Windows\InstallService\ScanForUpdatesAsUser
Task: {A499FA48-7057-4AC1-9702-44C6FD924058} - System32\Tasks\Microsoft\Windows\LanguageComponentsInstaller\ReconcileLanguageResources
Task: {A60D9ECB-A6F4-4FE1-9BD7-B049487A67E7} - System32\Tasks\Microsoft\Windows\International\Synchronize Language Settings
Task: {C02CA7CD-D1B4-47DB-8461-BBA9A7887C22} - System32\Tasks\CCleanerUpdateTaskMachineUA => C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [2020-09-15] (Piriform Software) <==== ATTENTION
Task: {C9A20F38-F5AE-49CB-9F15-59A1BA08170E} - System32\Tasks\CCleanerUpdateTaskMachineCore => C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [2020-09-15] (Piriform Software) <==== ATTENTION
Task: {CADF1293-5495-426F-8E37-A30F69274AF4} - System32\Tasks\Microsoft\Windows\Input\LocalUserSyncDataAvailable
Task: {CF18D53E-AE52-4593-8D7D-4E3BD4C50F46} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [2021-12-15] (Microsoft Corporation)
Task: {D390A11C-FA30-4A58-93D7-02674983E85E} - System32\Tasks\Microsoft\Windows\Diagnosis\RecommendedTroubleshootingScanner
Task: {DA42085F-11E4-4EE1-A363-1898204812F5} - System32\Tasks\Microsoft\Windows\Input\MouseSyncDataAvailable
Task: {DD7CF393-B034-4F25-A892-AA7E1F196325} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2020-12-08] (Adobe)
Task: {E22321C4-AA84-4FE2-8ACB-F33D36578CE3} - System32\Tasks\Microsoft\Windows\Flighting\FeatureConfig\UsageDataFlushing
Task: {E61A2143-4B04-4D75-8F04-F553BA1297D5} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [2021-12-15] (Microsoft Corporation)
Task: {E784AE66-A001-4C2B-B004-C0A622D51F48} - System32\Tasks\CCleaner Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [2021-12-15] (Piriform Software)
Task: {E8E50937-C10C-4F52-B04D-5093EA11615C} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_465_pepper.exe [2020-12-08] (Adobe)
Task: {EC3EFE4E-A2E4-4C66-975C-CA2EFD0D42CD} - System32\Tasks\Microsoft\Windows\InstallService\WakeUpAndScanForUpdates
Task: {ECE223BF-1F89-44C7-9D38-1F1E70CE807A} - System32\Tasks\Opera scheduled assistant Autoupdate 1587383107 => C:\Program Files\Opera\launcher.exe [2021-12-21] (Opera Software)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CCleaner Browser Heartbeat Task (Hourly).job => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Mara\AppData\Local\Microsoft\Edge\User Data\Default\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory=Default
ShortcutWithArgument: C:\Users\Mara\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Edge.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory=Default
ShortcutWithArgument: C:\Users\Mara\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d249d9ddd424b688\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default
==================== Loaded Modules (Whitelisted) ==============
2020-10-13 11:55 - 2020-10-13 11:55 - 000064552 _____ () C:\WINDOWS\system32\UMPDC.dll
2021-08-27 01:35 - 2021-08-27 01:35 - 000657464 _____ () C:\Windows\System32\windowmanagementapi.dll
2021-10-18 16:20 - 2021-10-18 16:20 - 000706536 _____ () C:\WINDOWS\system32\TextShaping.dll
2018-02-04 00:40 - 2016-11-14 12:15 - 000135224 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2020-09-24 10:56 - 2020-09-24 10:56 - 000192320 _____ () C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
2021-01-13 03:02 - 2021-01-13 03:02 - 000095744 _____ () C:\Windows\System32\VirtualMonitorManager.dll
2020-12-09 12:17 - 2020-12-09 12:17 - 000363520 _____ () C:\Windows\System32\Windows.Internal.UI.Shell.WindowTabManager.dll
2019-12-07 10:08 - 2019-12-07 10:08 - 000499200 _____ () C:\Windows\ShellExperiences\TileControl.dll
2021-08-27 01:35 - 2021-08-27 01:35 - 002158592 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2019-12-07 10:08 - 2019-12-07 10:08 - 000039424 _____ () C:\Windows\System32\usocoreps.dll
2021-09-21 16:16 - 2021-09-21 16:16 - 002260992 _____ () C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-12-20 14:18 - 2021-12-20 14:18 - 000443904 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\Search.Core.dll
2021-08-27 01:38 - 2021-08-27 01:38 - 000622880 _____ () C:\WINDOWS\SYSTEM32\WINBIOPLUGINS\FACEBOOTSTRAPADAPTER.DLL
2021-12-20 19:03 - 2021-12-15 12:00 - 008086224 _____ () C:\Program Files (x86)\CCleaner Browser\Application\96.1.13589.113\libglesv2.dll
2021-12-20 19:03 - 2021-12-15 12:00 - 000441936 _____ () C:\Program Files (x86)\CCleaner Browser\Application\96.1.13589.113\libegl.dll
2020-11-14 12:43 - 2020-11-14 12:43 - 000793416 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe
2022-01-03 18:03 - 2022-01-03 18:03 - 001061072 _____ () C:\Program Files\Opera\82.0.4227.43\opera_elf.dll
2022-01-03 18:03 - 2022-01-03 18:03 - 157512400 _____ () C:\Program Files\Opera\82.0.4227.43\opera_browser.dll
2022-01-03 18:03 - 2022-01-03 18:03 - 008018128 _____ () C:\Program Files\Opera\82.0.4227.43\libglesv2.dll
2022-01-03 18:03 - 2022-01-03 18:03 - 000441040 _____ () C:\Program Files\Opera\82.0.4227.43\libegl.dll
2019-06-06 09:23 - 2019-06-06 09:23 - 000017920 _____ () C:\Program Files\WindowsApps\VideoLAN.VLC_3.2.1.0_x64__paz6r1rewnh0a\VLC.Universal.exe
2019-06-06 09:23 - 2019-06-06 09:23 - 021938688 _____ () C:\Program Files\WindowsApps\VideoLAN.VLC_3.2.1.0_x64__paz6r1rewnh0a\VLC.Universal.dll
2018-02-04 16:24 - 2018-02-04 16:24 - 000948736 _____ () C:\Program Files\WindowsApps\VideoLAN.VLC_3.2.1.0_x64__paz6r1rewnh0a\e_sqlite3.dll
2019-06-06 09:23 - 2019-06-06 09:23 - 000918528 _____ () C:\Program Files\WindowsApps\VideoLAN.VLC_3.2.1.0_x64__paz6r1rewnh0a\libVLCX.UWP.dll
2019-06-06 09:23 - 2019-06-06 09:23 - 000136704 _____ () C:\Program Files\WindowsApps\VideoLAN.VLC_3.2.1.0_x64__paz6r1rewnh0a\plugins\access\libaccess_winrt_plugin.dll
2019-05-31 01:20 - 2019-05-31 01:20 - 000035328 _____ () C:\Program Files\WindowsApps\VideoLAN.VLC_3.2.1.0_x64__paz6r1rewnh0a\plugins\audio_output\libwinstore_plugin.dll
2020-11-27 03:38 - 2020-11-27 03:38 - 001446400 _____ () C:\Program Files (x86)\Garmin\Express\CefSharp.Core.dll
2020-11-18 09:14 - 2020-11-18 09:14 - 117340672 _____ () C:\Program Files (x86)\Garmin\Express\libcef.dll
2017-05-08 09:35 - 2017-05-08 09:35 - 000325632 _____ () C:\Program Files (x86)\Garmin\Express\GpsImgWrapper.dll
2021-11-15 15:50 - 2021-11-15 15:50 - 000073216 _____ () C:\Program Files (x86)\Garmin\Express\FixBootSector.dll
2020-11-27 03:38 - 2020-11-27 03:38 - 000961536 _____ () C:\Program Files (x86)\Garmin\Express\CefSharp.BrowserSubprocess.Core.dll
2020-11-18 07:40 - 2020-11-18 07:40 - 005441536 _____ () C:\Program Files (x86)\Garmin\Express\libglesv2.dll
2020-11-18 07:40 - 2020-11-18 07:40 - 000323072 _____ () C:\Program Files (x86)\Garmin\Express\libegl.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CBDHSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NgcCtnrSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NgcSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318} => ""="Media"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318} => "SafeBootDrivers"="1"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AudioEndpointBuilder => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AudioSrv => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CBDHSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HdAudAddService.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HdAudBus.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MsQuic => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NgcCtnrSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NgcSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\usbaudio.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96C-E325-11CE-BFC1-08002BE10318} => ""="Media"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96C-E325-11CE-BFC1-08002BE10318} => "SafeBootDrivers"="1"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2018-02-04 00:11 - 2018-02-04 00:06 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-772858087-439378103-3593226653-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.15.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
HKLM\...\StartupApproved\Run32: => "Opera Browser Assistant"
HKU\S-1-5-21-772858087-439378103-3593226653-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-772858087-439378103-3593226653-1001\...\StartupApproved\Run: => "cz.seznam.software.autoupdate"
HKU\S-1-5-21-772858087-439378103-3593226653-1001\...\StartupApproved\Run: => "cz.seznam.software.szndesktop"
HKU\S-1-5-21-772858087-439378103-3593226653-1001\...\StartupApproved\Run: => "GarminExpress"
HKU\S-1-5-21-772858087-439378103-3593226653-1001\...\StartupApproved\Run: => "CCleanerBrowserAutoLaunch_07B15DBA980ABD67C429B3EEA66DB950"
HKU\S-1-5-21-772858087-439378103-3593226653-1001\...\StartupApproved\Run: => "008C8440DA6DCB1E2358F56A38F2018EDEBF2926._service_run"
HKU\S-1-5-21-772858087-439378103-3593226653-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [Microsoft-Windows-DeviceManagement-OmaDmClient-TCP-Out] => (Allow) %SystemRoot%\system32\omadmclient.exe
FirewallRules: [Microsoft-Windows-DeviceManagement-deviceenroller-TCP-Out] => (Allow) %SystemRoot%\system32\deviceenroller.exe
FirewallRules: [Microsoft-Windows-DeviceManagement-CertificateInstall-TCP-Out] => (Allow) %SystemRoot%\system32\dmcertinst.exe
FirewallRules: [UDP Query User{97765A53-7C24-4401-9077-E2061D88F5B4}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{9C0DF38F-94B3-4CA4-AF30-168C9182D1EE}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [{CEA0834B-9784-46EA-AED1-2363F6F729D9}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{4DCE0CEF-EC94-4833-9EDA-99B99BA974CC}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{66CE529D-41C3-457B-B8F0-5619B668D5BD}] => (Allow) C:\Program Files (x86)\Apowersoft\Streaming Audio Recorder\Streaming Audio Recorder.exe
FirewallRules: [{99C43F6A-D618-4A13-ADCF-B2CB2EA0F03A}] => (Allow) C:\Program Files (x86)\Apowersoft\Streaming Audio Recorder\Streaming Audio Recorder.exe
FirewallRules: [{6672976D-4D6C-41F8-A3E9-A2F0615D7DC6}] => (Allow) C:\Program Files (x86)\Apowersoft\Streaming Audio Recorder\ApowersoftVideoHelper.dll
FirewallRules: [{D28463BA-5D4B-4A91-B367-FFCF050CE5B2}] => (Allow) C:\Program Files (x86)\Apowersoft\Streaming Audio Recorder\ApowersoftVideoHelper.dll
FirewallRules: [{AF20C67F-995D-4120-8A90-3CDE0AAE44E0}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{53902AEA-760D-4F04-8F0D-85A24EEBC3E5}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{0CCF563E-B10E-418A-BD9D-ABD795954207}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{6B69EEC2-2E0D-4895-B089-FAEBE0C2FB33}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{E40271FD-41F0-4EE3-8D94-BA588253CC02}] => (Allow) C:\Program Files\Opera\82.0.4227.33\opera.exe
FirewallRules: [{8E61F0E6-25F9-4593-9A42-C6C2C85A0941}] => (Allow) C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe
FirewallRules: [{7DD46D4E-687B-4523-A2FA-C2B9DBA2F7DE}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{442651A2-2F65-4802-BAFC-31393B9AC867}] => (Allow) C:\Program Files\Opera\82.0.4227.43\opera.exe
FirewallRules: [{F6C05696-BA27-4246-8087-9AADBD4C05F7}] => (Allow) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
==================== Restore Points =========================
29-12-2021 23:46:25 Naplánovaný kontrolní bod
07-01-2022 23:45:42 Naplánovaný kontrolní bod
==================== Faulty Device Manager Devices =============
Name: Multimediální adaptér
Description: Multimediální adaptér
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Koprocesor
Description: Koprocesor
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (01/09/2022 05:07:43 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program VLC.Universal.exe verze 1.0.0.0 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.
ID procesu: 5cc
Čas spuštění: 01d80572d3899d33
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Program Files\WindowsApps\VideoLAN.VLC_3.2.1.0_x64__paz6r1rewnh0a\VLC.Universal.exe
ID hlášení: e5b026b7-31cd-4d58-8600-e65654c9d89a
Úplný název balíčku s chybou: VideoLAN.VLC_3.2.1.0_x64__paz6r1rewnh0a
ID aplikace relativní podle balíčku s chybou: App
Typ zablokování: Quiesce
Error: (01/08/2022 09:51:43 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na (C:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)
Error: (01/08/2022 09:44:12 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Rezervováno systémem, protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)
Error: (01/01/2022 09:51:56 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na (C:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)
Error: (01/01/2022 09:44:05 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Rezervováno systémem, protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)
Error: (12/25/2021 10:41:26 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na (C:), protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)
Error: (12/25/2021 09:44:03 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Optimalizátor úložiště nemohl dokončit opakovat operaci trim na Rezervováno systémem, protože: Požadovaná operace není podporována hardwarem, který zálohuje svazek. (0x8900002A)
Error: (12/22/2021 03:45:35 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny QueryFullProcessImageNameW došlo k neočekávané chybě. hr= 0x80070006, Neplatný popisovač.
.
Operace:
Spouštění asynchronní operace
Kontext:
Aktuální stav: DoSnapshotSet
Error: (12/22/2021 03:44:38 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny QueryFullProcessImageNameW došlo k neočekávané chybě. hr= 0x80070006, Neplatný popisovač.
.
Operace:
Spouštění asynchronní operace
Kontext:
Aktuální stav: DoSnapshotSet
Error: (12/20/2021 05:41:35 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program DropboxUniversal.exe verze 1.0.0.0 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.
ID procesu: 108
Čas spuštění: 01d7f5c04d461826
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Program Files\WindowsApps\C27EB4BA.DROPBOX_22.4.4.0_x64__xbfy0k16fey96\DropboxUniversal.exe
ID hlášení: edda073d-01f7-472c-8d8c-b6306106b2e7
Úplný název balíčku s chybou: C27EB4BA.DROPBOX_22.4.4.0_x64__xbfy0k16fey96
ID aplikace relativní podle balíčku s chybou: App
Typ zablokování: Cross-thread
System errors:
=============
Error: (01/07/2022 11:44:07 PM) (Source: Schannel) (EventID: 4103) (User: NT AUTHORITY)
Description: Při vytváření přihlašovacích údajů TLS Klient se stala závažná chyba. Stav interní chyby je 10013.
Error: (01/06/2022 11:44:26 PM) (Source: Schannel) (EventID: 4103) (User: NT AUTHORITY)
Description: Při vytváření přihlašovacích údajů TLS Klient se stala závažná chyba. Stav interní chyby je 10013.
Error: (01/01/2022 11:44:13 PM) (Source: Schannel) (EventID: 4103) (User: NT AUTHORITY)
Description: Při vytváření přihlašovacích údajů TLS Klient se stala závažná chyba. Stav interní chyby je 10013.
Error: (12/31/2021 08:04:34 PM) (Source: disk) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Harddisk2\DR2.
Error: (12/22/2021 11:44:14 PM) (Source: Schannel) (EventID: 4103) (User: NT AUTHORITY)
Description: Při vytváření přihlašovacích údajů TLS Klient se stala závažná chyba. Stav interní chyby je 10013.
Error: (12/21/2021 11:44:18 PM) (Source: Schannel) (EventID: 4103) (User: NT AUTHORITY)
Description: Při vytváření přihlašovacích údajů TLS Klient se stala závažná chyba. Stav interní chyby je 10013.
Error: (12/20/2021 11:50:47 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80240017): Aktualizace bezpečnostních informací pro produkt Microsoft Defender Antivirus - KB2267602 (verze 1.355.544.0).
Error: (12/20/2021 07:43:54 PM) (Source: Microsoft-Windows-Directory-Services-SAM) (EventID: 16953) (User: NT AUTHORITY)
Description: Nepodařilo se zavést knihovnu DLL oznámení o heslech "C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter" kvůli chybě 126. Ověřte, zda cesta ke knihovně DLL oznámení definovaná v registru (HKLM\System\CurrentControlSet\Control\Lsa\Notification Packages) odkazuje na správnou absolutní cestu (<jednotka>:\<cesta>\<název_souboru>.<přípona>). Pokud je cesta ke knihovně DLL správná, ověřte, zda jsou ve stejném adresáři umístěny všechny podpůrné soubory a zda má systémový účet přístup pro čtení k cestě knihovny DLL i všem podpůrným souborům. O další podporu můžete požádat poskytovatele knihovny DLL oznámení. Podrobnější informace najdete na adrese http://go.microsoft.com/fwlink/?LinkId=245898.
Error: (12/20/2021 07:43:54 PM) (Source: Microsoft-Windows-Directory-Services-SAM) (EventID: 16953) (User: NT AUTHORITY)
Description: Nepodařilo se zavést knihovnu DLL oznámení o heslech C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter kvůli chybě 126. Ověřte, zda cesta ke knihovně DLL oznámení definovaná v registru (HKLM\System\CurrentControlSet\Control\Lsa\Notification Packages) odkazuje na správnou absolutní cestu (<jednotka>:\<cesta>\<název_souboru>.<přípona>). Pokud je cesta ke knihovně DLL správná, ověřte, zda jsou ve stejném adresáři umístěny všechny podpůrné soubory a zda má systémový účet přístup pro čtení k cestě knihovny DLL i všem podpůrným souborům. O další podporu můžete požádat poskytovatele knihovny DLL oznámení. Podrobnější informace najdete na adrese http://go.microsoft.com/fwlink/?LinkId=245898.
Error: (12/20/2021 05:38:30 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.
CodeIntegrity:
===================================
Date: 2021-03-09 14:51:31.9720000Z
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVG\Antivirus\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2021-03-09 14:51:31.5950000Z
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVG\Antivirus\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2021-03-09 14:51:31.5710000Z
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVG\Antivirus\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2021-03-09 14:51:31.2920000Z
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVG\Antivirus\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2021-03-09 14:51:30.9250000Z
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVG\Antivirus\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2021-03-09 14:51:30.7230000Z
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVG\Antivirus\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2021-03-09 14:51:30.5620000Z
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVG\Antivirus\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2021-03-09 13:51:33.2870000Z
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVG\Antivirus\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2021-03-09 13:51:32.6950000Z
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVG\Antivirus\aswhook.dll that did not meet the Microsoft signing level requirements.
Date: 2021-03-09 13:51:32.4230000Z
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVG\Antivirus\aswhook.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
Processor: Pentium(R) Dual-Core CPU T4400 @ 2.20GHz
Percentage of memory in use: 83%
Total physical RAM: 3839.23 MB
Available physical RAM: 626.61 MB
Total Virtual: 4933.49 MB
Available Virtual: 882.23 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:231.51 GB) (Free:39.34 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.8 GB) (Disk ID: 6697A7D7)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=231.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=845 MB) - (Type=27)
==================== End of Addition.txt ============================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
prosim o preventivku :)
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: prosim o preventivku :)
Logfile of random's system information tool 1.10 (written by random/random)
Run by Mara at 2022-01-09 17:54:33
Microsoft Windows 10 Home
System drive C: has 36 GB (15%) free of 237 GB
Total RAM: 3839 MB (23% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:54:56, on 09.01.2022
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.19041.1202)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\TeamViewer\TeamViewer.exe
C:\Program Files (x86)\Garmin\Express\express.exe
C:\Program Files (x86)\Garmin\Express\CefSharp.BrowserSubprocess.exe
C:\Program Files (x86)\Garmin\Express\CefSharp.BrowserSubprocess.exe
C:\Program Files\trend micro\Mara.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkI ... id=UE13DHP
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: IEToEdge BHO - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\97.0.1072.55\BHO\ie_to_edge_bho.dll
O4 - HKLM\..\Run: [Opera Browser Assistant] C:\Program Files\Opera\assistant\browser_assistant.exe
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Mara\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Mara\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Mara\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [CCleanerBrowserAutoLaunch_07B15DBA980ABD67C429B3EEA66DB950] "C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe" --check-run=src=logon --auto-launch-at-startup --profile-directory="Default"
O4 - HKCU\..\Run: [008C8440DA6DCB1E2358F56A38F2018EDEBF2926._service_run] "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=service /prefetch:8
O4 - HKCU\..\Run: [GarminExpress] "C:\Program Files (x86)\Garmin\Express\express.exe" /minimized
O4 - HKCU\..\RunOnce: [Delete Cached Update Binary] C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Mara\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe"
O4 - HKCU\..\RunOnce: [Delete Cached Standalone Update Binary] C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Mara\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe"
O4 - HKCU\..\RunOnce: [Uninstall 21.220.1024.0005] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Mara\AppData\Local\Microsoft\OneDrive\21.220.1024.0005"
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_465_pepper.exe -update pepperplugin
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Inc. - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Služba CCleaner Browser Update (ccleaner) (ccleaner) - Piriform Software - C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe
O23 - Service: CCleaner Browser Elevation Service (CCleanerBrowserElevationService) (CCleanerBrowserElevationService) - Piriform Software - C:\Program Files (x86)\CCleaner Browser\Application\96.1.13589.113\elevation_service.exe
O23 - Service: Služba CCleaner Browser Update (ccleanerm) (ccleanerm) - Piriform Software - C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe
O23 - Service: @%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100 (CredentialEnrollmentManagerUserSvc) - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: CredentialEnrollmentManagerUserSvc_7f25e - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) (GoogleChromeElevationService) - Google LLC - C:\Program Files (x86)\Google\Chrome\Application\96.0.4664.110\elevation_service.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HuaweiHiSuiteService64.exe - Unknown owner - C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101 (perceptionsimulation) - Unknown owner - C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\WINDOWS\system32\SgrmBroker.exe (file missing)
O23 - Service: @firewallapi.dll,-50323 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer - TeamViewer Germany GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 9861 bytes
======Listing Processes======
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p
"fontdrvhost.exe"
winlogon.exe
C:\WINDOWS\system32\svchost.exe -k RPCSS -p
"fontdrvhost.exe"
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p -s LSM
"dwm.exe"
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s NcbService
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s lmhosts
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s TimeBrokerSvc
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DisplayEnhancementService
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s hidserv
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s EventLog
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s TabletInputService
"C:\WINDOWS\system32\nvvsvc.exe"
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-95748653-bded-458b-addd-8fc8082984ae -SystemEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-09fb2bb1-7304-42e1-b1f8-059d6f9620c0 -IoCancelEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-f28f65a9-f17d-4dfe-b5e1-1256f59a6144 -NonStateChangingEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-260c9350-edad-41a1-b54e-36105f330e66 -LifetimeId:c036da2c-3b52-4a6e-9884-3b4efba12dbe -DeviceGroupId:WpdFsGroup -HostArg:0
C:\WINDOWS\system32\svchost.exe -k appmodel -p -s camsvc
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s ProfSvc
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s EventSystem
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s SysMain
C:\WINDOWS\System32\svchost.exe -k netsvcs -p -s Themes
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s nsi
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s Dhcp
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s SENS
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\WINDOWS\system32\nvvsvc.exe -session -first
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s AudioEndpointBuilder
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s UserManager
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s FontCache
C:\WINDOWS\System32\svchost.exe -k NetworkService -p -s NlaSvc
C:\WINDOWS\system32\svchost.exe -k appmodel -p -s StateRepository
C:\WINDOWS\System32\svchost.exe -k LocalService -p -s netprofm
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s Schedule
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k NetworkService -p -s Dnscache
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p
C:\WINDOWS\System32\svchost.exe -k netsvcs -p -s ShellHWDetection
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetworkFirewall -p
C:\WINDOWS\System32\svchost.exe -k NetworkService -p -s LanmanWorkstation
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork -p
C:\WINDOWS\system32\svchost.exe -k NetworkService -p -s CryptSvc
C:\WINDOWS\System32\svchost.exe -k utcsvc -p
"C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe" -/service
"C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe"
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s WpnService
C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork -p -s DPS
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s Winmgmt
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s SstpSvc
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s TrkWks
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s LanmanServer
"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
C:\WINDOWS\System32\svchost.exe -k NetSvcs -p -s iphlpsvc
C:\WINDOWS\System32\svchost.exe -k LocalService -p -s WdiServiceHost
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DeviceAssociationService
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s lfsvc
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s DispBrokerDesktopSvc
sihost.exe
"C:\Program Files (x86)\TeamViewer\TeamViewer.exe"
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup -s CDPUserSvc
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup -s WpnUserService
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s TokenBroker
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -s RmSvc
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s CDPSvc
"C:\Program Files (x86)\TeamViewer\tv_w32.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\TeamViewer15_Logfile.log
"C:\Program Files (x86)\TeamViewer\tv_x64.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\TeamViewer15_Logfile.log
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s NgcCtnrSvc
"C:\Program Files (x86)\CCleaner Browser\Update\1.8.1067.0\CCleanerBrowserCrashHandler.exe"
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s StorSvc
C:\WINDOWS\system32\svchost.exe -k ClipboardSvcGroup -p -s cbdhsvc
"C:\Program Files (x86)\CCleaner Browser\Update\1.8.1067.0\CCleanerBrowserCrashHandler64.exe"
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s UsoSvc
C:\Windows\System32\RuntimeBroker.exe -Embedding
"ctfmon.exe"
/QuitInfo:000000000000026C;0000000000000270;
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
C:\WINDOWS\System32\svchost.exe -k LocalService -p -s LicenseManager
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
C:\WINDOWS\system32\SettingSyncHost.exe -Embedding
"C:\WINDOWS\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe" -ServerName:CortanaUI.AppX8z9r6jm96hw4bsbneegw0kyxx296wr9t.mca
"C:\Windows\System32\SecurityHealthSystray.exe"
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation -p -s SSDPSRV
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s PcaSvc
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\oobe\UserOOBEBroker.exe -Embedding
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s WdiSystemHost
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s DsSvc
C:\WINDOWS\system32\svchost.exe -k WbioSvcGroup -s WbioSrvc
C:\WINDOWS\System32\svchost.exe -k netsvcs -p
C:\WINDOWS\system32\DllHost.exe /Processid:{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s Appinfo
"C:\Program Files (x86)\Garmin\Express\express.exe"
"C:\Program Files (x86)\Garmin\Express\CefSharp.BrowserSubprocess.exe" --type=gpu-process --field-trial-handle=5004,12009816767371728171,7661743839820475064,131072 --enable-features=CastMediaRouteProvider --no-sandbox --log-file="C:\Program Files (x86)\Garmin\Express\debug.log" --log-severity=disable --lang=en-US --cefsharpexitsub --gpu-preferences=MAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAQAAAAAAAAAAAAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAA= --log-file="C:\Program Files (x86)\Garmin\Express\debug.log" --mojo-platform-channel-handle=5052 /prefetch:2 --host-process-id=6940
"C:\WINDOWS\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe" -ServerName:ShellFeedsUI.AppX88fpyyrd21w8wqe62wzsjh5agex7tf1e.mca
"C:\Program Files (x86)\Garmin\Express\CefSharp.BrowserSubprocess.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=5004,12009816767371728171,7661743839820475064,131072 --enable-features=CastMediaRouteProvider --lang=en-US --service-sandbox-type=network --no-sandbox --log-file="C:\Program Files (x86)\Garmin\Express\debug.log" --log-severity=disable --lang=en-US --cefsharpexitsub --log-file="C:\Program Files (x86)\Garmin\Express\debug.log" --mojo-platform-channel-handle=5136 /prefetch:8 --host-process-id=6940
C:\WINDOWS\system32\DllHost.exe /Processid:{973D20D7-562D-44B9-B70B-5A0F49CCDF3F}
C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s BthAvctpSvc
"C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\WINDOWS\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\InputApp\TextInputHost.exe" -ServerName:InputApp.AppX9jnwykgrccxc8by3hsrsh07r423xzvav.mca
C:\Windows\System32\mousocoreworker.exe -Embedding
"C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe" --heartbeat --hourly
"C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Mara\AppData\Local\CCleaner Browser\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Mara\AppData\Local\CCleaner Browser\User Data\Crashpad" "--metrics-dir=C:\Users\Mara\AppData\Local\CCleaner Browser\User Data" --url=fake_url --annotation=plat=Win64 --annotation=prod=CCleaner --annotation=ver=96.1.13589.113 --initial-client-data=0x120,0x124,0x128,0xf8,0x12c,0x7ffa7eb532c0,0x7ffa7eb532d0,0x7ffa7eb532e0
"C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe" --type=gpu-process --field-trial-handle=1500,7204977115608333959,6502099450066271907,131072 --start-stack-profiler --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAANAAAAEAAAAAAAAAABAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1428 /prefetch:2
"C:\WINDOWS\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe" -ServerName:App.AppXywbrabmsek0gm3tkwpr5kwzbs55tkqay.mca
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s WinHttpAutoProxySvc
"C:\Program Files\Opera\opera.exe" --ran-launcher --started-from-shortcut
"C:\Program Files\Opera\82.0.4227.43\opera_crashreporter.exe" --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Mara\AppData\Roaming\Opera Software\Opera Stable\Crash Reports" "--crash-count-file=C:\Users\Mara\AppData\Roaming\Opera Software\Opera Stable\crash_count.txt" --url=https://crashstats-collector.opera.com/collector/submit --annotation=channel=Stable --annotation=plat=Win64 --annotation=prod=OperaDesktop --annotation=ver=82.0.4227.43 --initial-client-data=0x2cc,0x2d0,0x2d4,0x2a8,0x2d8,0x7ffa5c7934d0,0x7ffa5c7934e0,0x7ffa5c7934f0
"C:\Program Files\Opera\opera.exe" --type=gpu-process --field-trial-handle=1656,8610750961493635271,18006732024000900129,131072 --start-stack-profiler --with-feature:adblock-snippets=on --with-feature:aliexpress-modal=off --with-feature:booking-modal=off --with-feature:bookmarks-trash-cleaner=on --with-feature:continue-on-booking=on --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-5=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:partner-inline-autocompletion=on --with-feature:pinboard-local=on --with-feature:reader-mode=on --with-feature:rollout-dna=on --with-feature:sd-suggestions-external=on --with-feature:startpage-sync-banner-ref=on --with-feature:yandex-zen-leads-for-nonsdusers=off --with-feature:yandex-zen-lift-up=off --with-feature:yandex-zen-news-next=on --with-feature:yat-emoji-addresses=on --with-feature:new-autoupdater-logic=on --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --with-feature:installer-opera-exe-in-root=on --ab_tests=DNA-72006-test:DNA-72006 --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAANAAAAEAAAAAAAAAABAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1732 /prefetch:2
"C:\Program Files\Opera\opera.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1656,8610750961493635271,18006732024000900129,131072 --lang=cs --service-sandbox-type=utility --enable-quic --with-feature:adblock-snippets=on --with-feature:aliexpress-modal=off --with-feature:booking-modal=off --with-feature:bookmarks-trash-cleaner=on --with-feature:continue-on-booking=on --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-5=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:partner-inline-autocompletion=on --with-feature:pinboard-local=on --with-feature:reader-mode=on --with-feature:rollout-dna=on --with-feature:sd-suggestions-external=on --with-feature:startpage-sync-banner-ref=on --with-feature:yandex-zen-leads-for-nonsdusers=off --with-feature:yandex-zen-lift-up=off --with-feature:yandex-zen-news-next=on --with-feature:yat-emoji-addresses=on --with-feature:new-autoupdater-logic=on --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --with-feature:installer-opera-exe-in-root=on --ab_tests=DNA-72006-test:DNA-72006 --mojo-platform-channel-handle=3312 /prefetch:8
"C:\Program Files\Opera\opera.exe" --type=renderer --extension-process --display-capture-permissions-policy-allowed --with-feature:adblock-snippets=on --with-feature:aliexpress-modal=off --with-feature:booking-modal=off --with-feature:bookmarks-trash-cleaner=on --with-feature:continue-on-booking=on --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-5=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:partner-inline-autocompletion=on --with-feature:pinboard-local=on --with-feature:reader-mode=on --with-feature:rollout-dna=on --with-feature:sd-suggestions-external=on --with-feature:startpage-sync-banner-ref=on --with-feature:yandex-zen-leads-for-nonsdusers=off --with-feature:yandex-zen-lift-up=off --with-feature:yandex-zen-news-next=on --with-feature:yat-emoji-addresses=on --with-feature:new-autoupdater-logic=on --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --with-feature:installer-opera-exe-in-root=on --ab_tests=DNA-72006-test:DNA-72006 --field-trial-handle=1656,8610750961493635271,18006732024000900129,131072 --lang=cs --device-scale-factor=1.25 --num-raster-threads=1 --renderer-client-id=5 --mojo-platform-channel-handle=3576 /prefetch:1
"C:\Program Files\Opera\opera.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1656,8610750961493635271,18006732024000900129,131072 --lang=cs --service-sandbox-type=none --enable-quic --start-stack-profiler --with-feature:adblock-snippets=on --with-feature:aliexpress-modal=off --with-feature:booking-modal=off --with-feature:bookmarks-trash-cleaner=on --with-feature:continue-on-booking=on --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-5=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:partner-inline-autocompletion=on --with-feature:pinboard-local=on --with-feature:reader-mode=on --with-feature:rollout-dna=on --with-feature:sd-suggestions-external=on --with-feature:startpage-sync-banner-ref=on --with-feature:yandex-zen-leads-for-nonsdusers=off --with-feature:yandex-zen-lift-up=off --with-feature:yandex-zen-news-next=on --with-feature:yat-emoji-addresses=on --with-feature:new-autoupdater-logic=on --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --with-feature:installer-opera-exe-in-root=on --ab_tests=DNA-72006-test:DNA-72006 --mojo-platform-channel-handle=3180 /prefetch:8
"C:\Program Files\Opera\opera.exe" --type=renderer --display-capture-permissions-policy-allowed --start-stack-profiler --with-feature:adblock-snippets=on --with-feature:aliexpress-modal=off --with-feature:booking-modal=off --with-feature:bookmarks-trash-cleaner=on --with-feature:continue-on-booking=on --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-5=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:partner-inline-autocompletion=on --with-feature:pinboard-local=on --with-feature:reader-mode=on --with-feature:rollout-dna=on --with-feature:sd-suggestions-external=on --with-feature:startpage-sync-banner-ref=on --with-feature:yandex-zen-leads-for-nonsdusers=off --with-feature:yandex-zen-lift-up=off --with-feature:yandex-zen-news-next=on --with-feature:yat-emoji-addresses=on --with-feature:new-autoupdater-logic=on --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --with-feature:installer-opera-exe-in-root=on --ab_tests=DNA-72006-test:DNA-72006 --field-trial-handle=1656,8610750961493635271,18006732024000900129,131072 --lang=cs --device-scale-factor=1.25 --num-raster-threads=1 --renderer-client-id=12 --mojo-platform-channel-handle=3880 /prefetch:1
"C:\Program Files\Opera\opera.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1656,8610750961493635271,18006732024000900129,131072 --lang=cs --service-sandbox-type=audio --enable-quic --with-feature:adblock-snippets=on --with-feature:aliexpress-modal=off --with-feature:booking-modal=off --with-feature:bookmarks-trash-cleaner=on --with-feature:continue-on-booking=on --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-5=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:partner-inline-autocompletion=on --with-feature:pinboard-local=on --with-feature:reader-mode=on --with-feature:rollout-dna=on --with-feature:sd-suggestions-external=on --with-feature:startpage-sync-banner-ref=on --with-feature:yandex-zen-leads-for-nonsdusers=off --with-feature:yandex-zen-lift-up=off --with-feature:yandex-zen-news-next=on --with-feature:yat-emoji-addresses=on --with-feature:new-autoupdater-logic=on --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --with-feature:installer-opera-exe-in-root=on --ab_tests=DNA-72006-test:DNA-72006 --mojo-platform-channel-handle=4596 /prefetch:8
"C:\Program Files\Opera\opera.exe" --type=renderer --extension-process --display-capture-permissions-policy-allowed --with-feature:adblock-snippets=on --with-feature:aliexpress-modal=off --with-feature:booking-modal=off --with-feature:bookmarks-trash-cleaner=on --with-feature:continue-on-booking=on --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-5=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:partner-inline-autocompletion=on --with-feature:pinboard-local=on --with-feature:reader-mode=on --with-feature:rollout-dna=on --with-feature:sd-suggestions-external=on --with-feature:startpage-sync-banner-ref=on --with-feature:yandex-zen-leads-for-nonsdusers=off --with-feature:yandex-zen-lift-up=off --with-feature:yandex-zen-news-next=on --with-feature:yat-emoji-addresses=on --with-feature:new-autoupdater-logic=on --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --with-feature:installer-opera-exe-in-root=on --ab_tests=DNA-72006-test:DNA-72006 --field-trial-handle=1656,8610750961493635271,18006732024000900129,131072 --lang=cs --device-scale-factor=1.25 --num-raster-threads=1 --renderer-client-id=15 --mojo-platform-channel-handle=4244 /prefetch:1
"C:\Program Files\Opera\opera.exe" --type=renderer --extension-process --display-capture-permissions-policy-allowed --with-feature:adblock-snippets=on --with-feature:aliexpress-modal=off --with-feature:booking-modal=off --with-feature:bookmarks-trash-cleaner=on --with-feature:continue-on-booking=on --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-5=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:partner-inline-autocompletion=on --with-feature:pinboard-local=on --with-feature:reader-mode=on --with-feature:rollout-dna=on --with-feature:sd-suggestions-external=on --with-feature:startpage-sync-banner-ref=on --with-feature:yandex-zen-leads-for-nonsdusers=off --with-feature:yandex-zen-lift-up=off --with-feature:yandex-zen-news-next=on --with-feature:yat-emoji-addresses=on --with-feature:new-autoupdater-logic=on --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --with-feature:installer-opera-exe-in-root=on --ab_tests=DNA-72006-test:DNA-72006 --field-trial-handle=1656,8610750961493635271,18006732024000900129,131072 --lang=cs --device-scale-factor=1.25 --num-raster-threads=1 --renderer-client-id=32 --mojo-platform-channel-handle=4728 /prefetch:1
C:\WINDOWS\system32\AUDIODG.EXE 0x594
"C:\Program Files\WindowsApps\VideoLAN.VLC_3.2.1.0_x64__paz6r1rewnh0a\VLC.Universal.exe" -ServerName:App.AppXk4xcjhbbj8915b2jhrrj4thjz6saph41.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\Opera\opera.exe" --type=renderer --display-capture-permissions-policy-allowed --with-feature:adblock-snippets=on --with-feature:aliexpress-modal=off --with-feature:booking-modal=off --with-feature:bookmarks-trash-cleaner=on --with-feature:continue-on-booking=on --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-5=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:partner-inline-autocompletion=on --with-feature:pinboard-local=on --with-feature:reader-mode=on --with-feature:rollout-dna=on --with-feature:sd-suggestions-external=on --with-feature:startpage-sync-banner-ref=on --with-feature:yandex-zen-leads-for-nonsdusers=off --with-feature:yandex-zen-lift-up=off --with-feature:yandex-zen-news-next=on --with-feature:yat-emoji-addresses=on --with-feature:new-autoupdater-logic=on --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --with-feature:installer-opera-exe-in-root=on --ab_tests=DNA-72006-test:DNA-72006 --field-trial-handle=1656,8610750961493635271,18006732024000900129,131072 --lang=cs --device-scale-factor=1.25 --num-raster-threads=1 --renderer-client-id=44 --mojo-platform-channel-handle=6652 /prefetch:1
"C:\Program Files\Opera\opera.exe" --type=renderer --display-capture-permissions-policy-allowed --with-feature:adblock-snippets=on --with-feature:aliexpress-modal=off --with-feature:booking-modal=off --with-feature:bookmarks-trash-cleaner=on --with-feature:continue-on-booking=on --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-5=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:partner-inline-autocompletion=on --with-feature:pinboard-local=on --with-feature:reader-mode=on --with-feature:rollout-dna=on --with-feature:sd-suggestions-external=on --with-feature:startpage-sync-banner-ref=on --with-feature:yandex-zen-leads-for-nonsdusers=off --with-feature:yandex-zen-lift-up=off --with-feature:yandex-zen-news-next=on --with-feature:yat-emoji-addresses=on --with-feature:new-autoupdater-logic=on --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --with-feature:installer-opera-exe-in-root=on --ab_tests=DNA-72006-test:DNA-72006 --field-trial-handle=1656,8610750961493635271,18006732024000900129,131072 --lang=cs --device-scale-factor=1.25 --num-raster-threads=1 --renderer-client-id=49 --mojo-platform-channel-handle=6520 /prefetch:1
"C:\Program Files\Opera\opera.exe" --type=renderer --display-capture-permissions-policy-allowed --with-feature:adblock-snippets=on --with-feature:aliexpress-modal=off --with-feature:booking-modal=off --with-feature:bookmarks-trash-cleaner=on --with-feature:continue-on-booking=on --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-5=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:partner-inline-autocompletion=on --with-feature:pinboard-local=on --with-feature:reader-mode=on --with-feature:rollout-dna=on --with-feature:sd-suggestions-external=on --with-feature:startpage-sync-banner-ref=on --with-feature:yandex-zen-leads-for-nonsdusers=off --with-feature:yandex-zen-lift-up=off --with-feature:yandex-zen-news-next=on --with-feature:yat-emoji-addresses=on --with-feature:new-autoupdater-logic=on --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --with-feature:installer-opera-exe-in-root=on --ab_tests=DNA-72006-test:DNA-72006 --field-trial-handle=1656,8610750961493635271,18006732024000900129,131072 --lang=cs --device-scale-factor=1.25 --num-raster-threads=1 --renderer-client-id=56 --mojo-platform-channel-handle=5920 /prefetch:1
"C:\Users\Mara\Desktop\FRST64.exe"
"C:\Program Files\Opera\opera.exe" --type=renderer --display-capture-permissions-policy-allowed --with-feature:adblock-snippets=on --with-feature:aliexpress-modal=off --with-feature:booking-modal=off --with-feature:bookmarks-trash-cleaner=on --with-feature:continue-on-booking=on --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-5=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:partner-inline-autocompletion=on --with-feature:pinboard-local=on --with-feature:reader-mode=on --with-feature:rollout-dna=on --with-feature:sd-suggestions-external=on --with-feature:startpage-sync-banner-ref=on --with-feature:yandex-zen-leads-for-nonsdusers=off --with-feature:yandex-zen-lift-up=off --with-feature:yandex-zen-news-next=on --with-feature:yat-emoji-addresses=on --with-feature:new-autoupdater-logic=on --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --with-feature:installer-opera-exe-in-root=on --ab_tests=DNA-72006-test:DNA-72006 --field-trial-handle=1656,8610750961493635271,18006732024000900129,131072 --lang=cs --device-scale-factor=1.25 --num-raster-threads=1 --renderer-client-id=68 --mojo-platform-channel-handle=3056 /prefetch:1
"C:\Program Files\Opera\opera.exe" --type=renderer --display-capture-permissions-policy-allowed --start-stack-profiler --with-feature:adblock-snippets=on --with-feature:aliexpress-modal=off --with-feature:booking-modal=off --with-feature:bookmarks-trash-cleaner=on --with-feature:continue-on-booking=on --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-5=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:partner-inline-autocompletion=on --with-feature:pinboard-local=on --with-feature:reader-mode=on --with-feature:rollout-dna=on --with-feature:sd-suggestions-external=on --with-feature:startpage-sync-banner-ref=on --with-feature:yandex-zen-leads-for-nonsdusers=off --with-feature:yandex-zen-lift-up=off --with-feature:yandex-zen-news-next=on --with-feature:yat-emoji-addresses=on --with-feature:new-autoupdater-logic=on --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --with-feature:installer-opera-exe-in-root=on --ab_tests=DNA-72006-test:DNA-72006 --field-trial-handle=1656,8610750961493635271,18006732024000900129,131072 --lang=cs --device-scale-factor=1.25 --num-raster-threads=1 --renderer-client-id=69 --mojo-platform-channel-handle=7052 /prefetch:1
"C:\Program Files\Opera\opera.exe" --type=renderer --display-capture-permissions-policy-allowed --with-feature:adblock-snippets=on --with-feature:aliexpress-modal=off --with-feature:booking-modal=off --with-feature:bookmarks-trash-cleaner=on --with-feature:continue-on-booking=on --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-5=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:partner-inline-autocompletion=on --with-feature:pinboard-local=on --with-feature:reader-mode=on --with-feature:rollout-dna=on --with-feature:sd-suggestions-external=on --with-feature:startpage-sync-banner-ref=on --with-feature:yandex-zen-leads-for-nonsdusers=off --with-feature:yandex-zen-lift-up=off --with-feature:yandex-zen-news-next=on --with-feature:yat-emoji-addresses=on --with-feature:new-autoupdater-logic=on --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --with-feature:installer-opera-exe-in-root=on --ab_tests=DNA-72006-test:DNA-72006 --field-trial-handle=1656,8610750961493635271,18006732024000900129,131072 --lang=cs --device-scale-factor=1.25 --num-raster-threads=1 --renderer-client-id=70 --mojo-platform-channel-handle=2780 /prefetch:1
"C:\Program Files\Opera\opera.exe" --type=renderer --display-capture-permissions-policy-allowed --start-stack-profiler --with-feature:adblock-snippets=on --with-feature:aliexpress-modal=off --with-feature:booking-modal=off --with-feature:bookmarks-trash-cleaner=on --with-feature:continue-on-booking=on --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-5=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:partner-inline-autocompletion=on --with-feature:pinboard-local=on --with-feature:reader-mode=on --with-feature:rollout-dna=on --with-feature:sd-suggestions-external=on --with-feature:startpage-sync-banner-ref=on --with-feature:yandex-zen-leads-for-nonsdusers=off --with-feature:yandex-zen-lift-up=off --with-feature:yandex-zen-news-next=on --with-feature:yat-emoji-addresses=on --with-feature:new-autoupdater-logic=on --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --with-feature:installer-opera-exe-in-root=on --ab_tests=DNA-72006-test:DNA-72006 --field-trial-handle=1656,8610750961493635271,18006732024000900129,131072 --lang=cs --device-scale-factor=1.25 --num-raster-threads=1 --renderer-client-id=71 --mojo-platform-channel-handle=2920 /prefetch:1
C:\Windows\System32\smartscreen.exe -Embedding
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe71_ Global\UsGthrCtrlFltPipeMssGthrPipe71 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 812 816 824 8192 820 796
"C:\Program Files\Opera\opera.exe" --type=renderer --display-capture-permissions-policy-allowed --with-feature:adblock-snippets=on --with-feature:aliexpress-modal=off --with-feature:booking-modal=off --with-feature:bookmarks-trash-cleaner=on --with-feature:continue-on-booking=on --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-5=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:partner-inline-autocompletion=on --with-feature:pinboard-local=on --with-feature:reader-mode=on --with-feature:rollout-dna=on --with-feature:sd-suggestions-external=on --with-feature:startpage-sync-banner-ref=on --with-feature:yandex-zen-leads-for-nonsdusers=off --with-feature:yandex-zen-lift-up=off --with-feature:yandex-zen-news-next=on --with-feature:yat-emoji-addresses=on --with-feature:new-autoupdater-logic=on --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --with-feature:installer-opera-exe-in-root=on --ab_tests=DNA-72006-test:DNA-72006 --field-trial-handle=1656,8610750961493635271,18006732024000900129,131072 --lang=cs --device-scale-factor=1.25 --num-raster-threads=1 --renderer-client-id=82 --mojo-platform-channel-handle=7788 /prefetch:1
"C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe" --type=heartbeat --hourly
"C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe" --heartbeat --hourly
"C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Mara\AppData\Local\CCleaner Browser\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Mara\AppData\Local\CCleaner Browser\User Data\Crashpad" "--metrics-dir=C:\Users\Mara\AppData\Local\CCleaner Browser\User Data" --url=fake_url --annotation=plat=Win64 --annotation=prod=CCleaner --annotation=ver=96.1.13589.113 --initial-client-data=0x128,0x12c,0x130,0xf8,0x134,0x7ffa7eb532c0,0x7ffa7eb532d0,0x7ffa7eb532e0
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ua /installsource scheduler
"C:\Users\Mara\Downloads\RSITx64(2).exe"
======Scheduled tasks folder======
C:\WINDOWS\tasks\CCleaner Browser Heartbeat Task (Hourly).job - C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe --type=heartbeat --hourly
=========Mozilla firefox=========
ProfilePath - C:\Users\Mara\AppData\Roaming\Mozilla\Firefox\Profiles\rawzxbc2.default-1570641619220
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@update.ccleanerbrowser.com/CCleaner Browser;version=3]
"Description"=CCleaner Browser
"Path"=C:\Program Files (x86)\CCleaner Browser\Update\1.8.1067.0\npCCleanerBrowserUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@update.ccleanerbrowser.com/CCleaner Browser;version=9]
"Description"=CCleaner Browser
"Path"=C:\Program Files (x86)\CCleaner Browser\Update\1.8.1067.0\npCCleanerBrowserUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Acrobat]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}]
IEToEdge BHO - C:\Program Files (x86)\Microsoft\Edge\Application\97.0.1072.55\BHO\ie_to_edge_bho_64.dll [2022-01-06 532368]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}]
IEToEdge BHO - C:\Program Files (x86)\Microsoft\Edge\Application\97.0.1072.55\BHO\ie_to_edge_bho.dll [2022-01-06 421776]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\WINDOWS\system32\SecurityHealthSystray.exe [2019-12-07 86016]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"=C:\Users\Mara\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2021-12-20 2543992]
"cz.seznam.software.autoupdate"=C:\Users\Mara\AppData\Roaming\Seznam.cz\szninstall.exe [2018-03-27 1069296]
"cz.seznam.software.szndesktop"=C:\Users\Mara\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2018-03-27 109808]
"CCleaner Smart Cleaning"=C:\Program Files\CCleaner\CCleaner64.exe [2021-03-05 32726088]
"CCleanerBrowserAutoLaunch_07B15DBA980ABD67C429B3EEA66DB950"=C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [2021-12-15 2521976]
"008C8440DA6DCB1E2358F56A38F2018EDEBF2926._service_run"=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe [2022-01-06 3427720]
"GarminExpress"=C:\Program Files (x86)\Garmin\Express\express.exe [2021-11-15 31184216]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Delete Cached Update Binary"=C:\WINDOWS\system32\cmd.exe [2021-01-13 289792]
"Delete Cached Standalone Update Binary"=C:\WINDOWS\system32\cmd.exe [2021-01-13 289792]
"Uninstall 21.220.1024.0005"=C:\WINDOWS\system32\cmd.exe [2021-01-13 289792]
"FlashPlayerUpdate"=C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_465_pepper.exe [2020-12-08 1499704]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Opera Browser Assistant"=C:\Program Files\Opera\assistant\browser_assistant.exe [2021-10-14 4105424]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter
"C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CBDHSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NgcCtnrSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NgcSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioEndpointBuilder]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioSrv]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CBDHSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudAddService.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudBus.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsQuic]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NgcCtnrSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NgcSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SerCx2.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\usbaudio.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96C-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"EnableFullTrustStartupTasks"=2
"EnableUwpStartupTasks"=2
"SupportFullTrustStartupTasks"=1
"SupportUwpStartupTasks"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"aux"=wdmaud.drv
"midi"=wdmaud.drv
"midimapper"=midimap.dll
"mixer"=wdmaud.drv
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wave"=wdmaud.drv
"wavemapper"=msacm32.drv
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"aux1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
======File associations======
.inf - install -
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2022-01-09 17:34:54 ----D---- C:\FRST
2021-12-20 19:39:48 ----D---- C:\WINDOWS\SystemTemp
2021-12-20 17:19:18 ----HD---- C:\$WinREAgent
2021-12-20 14:18:15 ----A---- C:\WINDOWS\SYSWOW64\FXSAPI.dll
2021-12-20 14:18:15 ----A---- C:\WINDOWS\system32\FXSRESM.dll
2021-12-20 14:18:14 ----A---- C:\WINDOWS\system32\WinFax.dll
2021-12-20 14:18:14 ----A---- C:\WINDOWS\system32\FXSTIFF.dll
2021-12-20 14:18:14 ----A---- C:\WINDOWS\system32\FXST30.dll
2021-12-20 14:18:14 ----A---- C:\WINDOWS\system32\FXSCOMEX.dll
2021-12-20 14:18:14 ----A---- C:\WINDOWS\system32\FXSCOM.dll
2021-12-20 14:18:14 ----A---- C:\WINDOWS\system32\FXSAPI.dll
2021-12-20 14:18:13 ----A---- C:\WINDOWS\SYSWOW64\wmp.dll
2021-12-20 14:18:12 ----A---- C:\WINDOWS\SYSWOW64\FXSXP32.dll
2021-12-20 14:18:12 ----A---- C:\WINDOWS\SYSWOW64\FXSEXT32.dll
2021-12-20 14:18:12 ----A---- C:\WINDOWS\system32\FXSCOMPOSE.dll
2021-12-20 14:18:10 ----A---- C:\WINDOWS\SYSWOW64\fveapibase.dll
2021-12-20 14:18:10 ----A---- C:\WINDOWS\SYSWOW64\fveapi.dll
2021-12-20 14:18:10 ----A---- C:\WINDOWS\system32\wmp.dll
2021-12-20 14:18:10 ----A---- C:\WINDOWS\system32\drivers\fvevol.sys
2021-12-20 14:18:10 ----A---- C:\WINDOWS\system32\drivers\dumpfve.sys
2021-12-20 14:18:09 ----A---- C:\WINDOWS\system32\fveapibase.dll
2021-12-20 14:18:09 ----A---- C:\WINDOWS\system32\fveapi.dll
2021-12-20 14:17:48 ----A---- C:\WINDOWS\SYSWOW64\quickassist.exe
2021-12-20 14:17:48 ----A---- C:\WINDOWS\system32\quickassist.exe
2021-12-20 14:17:37 ----A---- C:\WINDOWS\SYSWOW64\msvproc.dll
2021-12-20 14:17:37 ----A---- C:\WINDOWS\SYSWOW64\MFMediaEngine.dll
2021-12-20 14:17:36 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.dll
2021-12-20 14:17:36 ----A---- C:\WINDOWS\SYSWOW64\mfcore.dll
2021-12-20 14:17:36 ----A---- C:\WINDOWS\system32\DolbyDecMFT.dll
2021-12-20 14:17:35 ----A---- C:\WINDOWS\system32\SettingsHandlers_AnalogShell.dll
2021-12-20 14:17:35 ----A---- C:\WINDOWS\system32\HoloSI.PCShell.dll
2021-12-20 14:17:33 ----A---- C:\WINDOWS\system32\Hydrogen.dll
2021-12-20 14:17:32 ----A---- C:\WINDOWS\system32\wpdbusenum.dll
2021-12-20 14:17:32 ----A---- C:\WINDOWS\system32\wpd_ci.dll
2021-12-20 14:17:32 ----A---- C:\WINDOWS\system32\HolographicExtensions.dll
2021-12-20 14:17:32 ----A---- C:\WINDOWS\system32\DMRServer.dll
2021-12-20 14:17:31 ----A---- C:\WINDOWS\system32\msvproc.dll
2021-12-20 14:17:31 ----A---- C:\WINDOWS\system32\MFMediaEngine.dll
2021-12-20 14:17:30 ----A---- C:\WINDOWS\system32\Windows.Media.dll
2021-12-20 14:17:29 ----A---- C:\WINDOWS\SYSWOW64\AcWinRT.dll
2021-12-20 14:17:29 ----A---- C:\WINDOWS\system32\mfcore.dll
2021-12-20 14:17:28 ----A---- C:\WINDOWS\SYSWOW64\tsgqec.dll
2021-12-20 14:17:28 ----A---- C:\WINDOWS\SYSWOW64\mstscax.dll
2021-12-20 14:17:28 ----A---- C:\WINDOWS\SYSWOW64\AcGenral.dll
2021-12-20 14:17:27 ----A---- C:\WINDOWS\SYSWOW64\offreg.dll
2021-12-20 14:17:27 ----A---- C:\WINDOWS\SYSWOW64\msimsg.dll
2021-12-20 14:17:27 ----A---- C:\WINDOWS\SYSWOW64\msi.dll
2021-12-20 14:17:27 ----A---- C:\WINDOWS\SYSWOW64\iemigplugin.dll
2021-12-20 14:17:26 ----A---- C:\WINDOWS\SYSWOW64\IndexedDbLegacy.dll
2021-12-20 14:17:26 ----A---- C:\WINDOWS\SYSWOW64\ieproxy.dll
2021-12-20 14:17:26 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2021-12-20 14:17:24 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2021-12-20 14:17:22 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2021-12-20 14:17:21 ----A---- C:\WINDOWS\SYSWOW64\werui.dll
2021-12-20 14:17:21 ----A---- C:\WINDOWS\SYSWOW64\spacebridge.dll
2021-12-20 14:17:21 ----A---- C:\WINDOWS\SYSWOW64\DWWIN.EXE
2021-12-20 14:17:21 ----A---- C:\WINDOWS\SYSWOW64\BioCredProv.dll
2021-12-20 14:17:13 ----A---- C:\WINDOWS\system32\RDXTaskFactory.dll
2021-12-20 14:17:13 ----A---- C:\WINDOWS\system32\AcWinRT.dll
2021-12-20 14:17:13 ----A---- C:\WINDOWS\system32\AcGenral.dll
2021-12-20 14:17:12 ----A---- C:\WINDOWS\system32\tsgqec.dll
2021-12-20 14:17:12 ----A---- C:\WINDOWS\system32\termsrv.dll
2021-12-20 14:17:12 ----A---- C:\WINDOWS\system32\rdsdwmdr.dll
2021-12-20 14:17:11 ----A---- C:\WINDOWS\system32\mstscax.dll
2021-12-20 14:17:10 ----A---- C:\WINDOWS\system32\SysResetErr.exe
2021-12-20 14:17:10 ----A---- C:\WINDOWS\system32\offreg.dll
2021-12-20 14:17:10 ----A---- C:\WINDOWS\system32\klist.exe
2021-12-20 14:17:09 ----A---- C:\WINDOWS\system32\reseteng.dll
2021-12-20 14:16:20 ----A---- C:\WINDOWS\system32\ResetEngine.exe
2021-12-20 14:16:19 ----A---- C:\WINDOWS\system32\systemreset.exe
2021-12-20 14:16:19 ----A---- C:\WINDOWS\system32\ResetEngOnline.dll
2021-12-20 14:16:19 ----A---- C:\WINDOWS\system32\ResetEngine.dll
2021-12-20 14:16:18 ----A---- C:\WINDOWS\system32\msimsg.dll
2021-12-20 14:16:18 ----A---- C:\WINDOWS\system32\msi.dll
2021-12-20 14:16:18 ----A---- C:\WINDOWS\system32\IESettingSync.exe
2021-12-20 14:16:18 ----A---- C:\WINDOWS\system32\iemigplugin.dll
2021-12-20 14:16:16 ----A---- C:\WINDOWS\system32\ieframe.dll
2021-12-20 14:16:16 ----A---- C:\WINDOWS\system32\Chakra.dll
2021-12-20 14:16:15 ----A---- C:\WINDOWS\system32\IndexedDbLegacy.dll
2021-12-20 14:16:15 ----A---- C:\WINDOWS\system32\ieproxy.dll
2021-12-20 14:16:13 ----A---- C:\WINDOWS\system32\mshtml.dll
2021-12-20 14:16:10 ----A---- C:\WINDOWS\system32\werui.dll
2021-12-20 14:16:10 ----A---- C:\WINDOWS\system32\edgehtml.dll
2021-12-20 14:16:10 ----A---- C:\WINDOWS\system32\DWWIN.EXE
2021-12-20 14:16:09 ----A---- C:\WINDOWS\system32\wercplsupport.dll
2021-12-20 14:16:09 ----A---- C:\WINDOWS\system32\werconcpl.dll
2021-12-20 14:16:09 ----A---- C:\WINDOWS\system32\StorSvc.dll
2021-12-20 14:16:09 ----A---- C:\WINDOWS\system32\StorageUsage.dll
2021-12-20 14:16:09 ----A---- C:\WINDOWS\system32\spacebridge.dll
2021-12-20 14:16:08 ----A---- C:\WINDOWS\system32\computestorage.dll
2021-12-20 14:16:05 ----A---- C:\WINDOWS\system32\tcbloader.dll
2021-12-20 14:16:05 ----A---- C:\WINDOWS\system32\tcblaunch.exe
2021-12-20 14:16:05 ----A---- C:\WINDOWS\system32\skci.dll
2021-12-20 14:16:04 ----A---- C:\WINDOWS\system32\NgcIsoCtnr.dll
2021-12-20 14:16:04 ----A---- C:\WINDOWS\system32\hvix64.exe
2021-12-20 14:16:04 ----A---- C:\WINDOWS\system32\hvax64.exe
2021-12-20 14:16:04 ----A---- C:\WINDOWS\system32\BioIso.exe
2021-12-20 14:16:03 ----A---- C:\WINDOWS\system32\bcastdvruserservice.dll
2021-12-20 14:16:02 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.FileExplorer.dll
2021-12-20 14:16:02 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2021-12-20 14:16:02 ----A---- C:\WINDOWS\SYSWOW64\scecli.dll
2021-12-20 14:16:02 ----A---- C:\WINDOWS\SYSWOW64\rasman.dll
2021-12-20 14:16:02 ----A---- C:\WINDOWS\SYSWOW64\rasapi32.dll
2021-12-20 14:16:02 ----A---- C:\WINDOWS\SYSWOW64\pku2u.dll
2021-12-20 14:16:01 ----A---- C:\WINDOWS\SYSWOW64\rtutils.dll
2021-12-20 14:16:01 ----A---- C:\WINDOWS\SYSWOW64\AboveLockAppHost.dll
2021-12-20 14:16:00 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Immersive.dll
2021-12-20 14:16:00 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Protection.PlayReady.dll
2021-12-20 14:16:00 ----A---- C:\WINDOWS\SYSWOW64\gdi32full.dll
2021-12-20 14:16:00 ----A---- C:\WINDOWS\SYSWOW64\feclient.dll
2021-12-20 14:16:00 ----A---- C:\WINDOWS\SYSWOW64\d3d9.dll
2021-12-20 14:16:00 ----A---- C:\WINDOWS\SYSWOW64\d3d8thk.dll
2021-12-20 14:15:59 ----A---- C:\WINDOWS\SYSWOW64\policymanager.dll
2021-12-20 14:15:59 ----A---- C:\WINDOWS\SYSWOW64\ntlanman.dll
2021-12-20 14:15:59 ----A---- C:\WINDOWS\SYSWOW64\lpk.dll
2021-12-20 14:15:59 ----A---- C:\WINDOWS\SYSWOW64\fontsub.dll
2021-12-20 14:15:59 ----A---- C:\WINDOWS\SYSWOW64\fontdrvhost.exe
2021-12-20 14:15:59 ----A---- C:\WINDOWS\SYSWOW64\enrollmentapi.dll
2021-12-20 14:15:59 ----A---- C:\WINDOWS\SYSWOW64\dmenrollengine.dll
2021-12-20 14:15:59 ----A---- C:\WINDOWS\SYSWOW64\dmcmnutils.dll
2021-12-20 14:15:58 ----A---- C:\WINDOWS\SYSWOW64\wermgr.exe
2021-12-20 14:15:58 ----A---- C:\WINDOWS\SYSWOW64\WerFaultSecure.exe
2021-12-20 14:15:58 ----A---- C:\WINDOWS\SYSWOW64\WerFault.exe
2021-12-20 14:15:58 ----A---- C:\WINDOWS\SYSWOW64\weretw.dll
2021-12-20 14:15:58 ----A---- C:\WINDOWS\SYSWOW64\werdiagcontroller.dll
2021-12-20 14:15:58 ----A---- C:\WINDOWS\SYSWOW64\wer.dll
2021-12-20 14:15:58 ----A---- C:\WINDOWS\SYSWOW64\ncryptprov.dll
2021-12-20 14:15:58 ----A---- C:\WINDOWS\SYSWOW64\Faultrep.dll
2021-12-20 14:15:58 ----A---- C:\WINDOWS\SYSWOW64\dciman32.dll
2021-12-20 14:15:57 ----A---- C:\WINDOWS\SYSWOW64\tzres.dll
2021-12-20 14:15:57 ----A---- C:\WINDOWS\SYSWOW64\dcomp.dll
2021-12-20 14:15:56 ----A---- C:\WINDOWS\SYSWOW64\winsku.dll
2021-12-20 14:15:56 ----A---- C:\WINDOWS\SYSWOW64\winbrand.dll
2021-12-20 14:15:56 ----A---- C:\WINDOWS\SYSWOW64\AppResolver.dll
2021-12-20 14:15:55 ----A---- C:\WINDOWS\SYSWOW64\winbio.dll
2021-12-20 14:15:55 ----A---- C:\WINDOWS\SYSWOW64\win32kfull.sys
2021-12-20 14:15:55 ----A---- C:\WINDOWS\SYSWOW64\SHCore.dll
2021-12-20 14:15:55 ----A---- C:\WINDOWS\SYSWOW64\mdmregistration.dll
2021-12-20 14:15:55 ----A---- C:\WINDOWS\SYSWOW64\daxexec.dll
2021-12-20 14:15:54 ----A---- C:\WINDOWS\SYSWOW64\win32u.dll
2021-12-20 14:15:54 ----A---- C:\WINDOWS\SYSWOW64\win32k.sys
2021-12-20 14:15:54 ----A---- C:\WINDOWS\SYSWOW64\user32.dll
2021-12-20 14:15:54 ----A---- C:\WINDOWS\SYSWOW64\cryptngc.dll
2021-12-20 14:15:53 ----A---- C:\WINDOWS\SYSWOW64\ngccredprov.dll
2021-12-20 14:15:53 ----A---- C:\WINDOWS\SYSWOW64\CertEnrollCtrl.exe
2021-12-20 14:15:53 ----A---- C:\WINDOWS\SYSWOW64\CertEnroll.dll
2021-12-20 14:15:52 ----A---- C:\WINDOWS\SYSWOW64\wpnapps.dll
2021-12-20 14:15:52 ----A---- C:\WINDOWS\SYSWOW64\Windows.Services.TargetedContent.dll
2021-12-20 14:15:52 ----A---- C:\WINDOWS\SYSWOW64\OneCoreUAPCommonProxyStub.dll
2021-12-20 14:15:52 ----A---- C:\WINDOWS\SYSWOW64\kerberos.dll
2021-12-20 14:15:51 ----A---- C:\WINDOWS\SYSWOW64\windows.storage.dll
2021-12-20 14:15:51 ----A---- C:\WINDOWS\SYSWOW64\InstallServiceTasks.dll
2021-12-20 14:15:51 ----A---- C:\WINDOWS\SYSWOW64\AppxPackaging.dll
2021-12-20 14:15:50 ----A---- C:\WINDOWS\SYSWOW64\tquery.dll
2021-12-20 14:15:50 ----A---- C:\WINDOWS\SYSWOW64\mssrch.dll
2021-12-20 14:15:50 ----A---- C:\WINDOWS\SYSWOW64\InstallService.dll
2021-12-20 14:15:49 ----A---- C:\WINDOWS\SYSWOW64\Search.ProtocolHandler.MAPI2.dll
2021-12-20 14:15:49 ----A---- C:\WINDOWS\SYSWOW64\mssvp.dll
2021-12-20 14:15:49 ----A---- C:\WINDOWS\SYSWOW64\mssprxy.dll
2021-12-20 14:15:49 ----A---- C:\WINDOWS\SYSWOW64\mssph.dll
2021-12-20 14:15:48 ----A---- C:\WINDOWS\SYSWOW64\SearchProtocolHost.exe
2021-12-20 14:15:48 ----A---- C:\WINDOWS\SYSWOW64\SearchIndexer.exe
2021-12-20 14:15:48 ----A---- C:\WINDOWS\SYSWOW64\SearchFilterHost.exe
2021-12-20 14:15:48 ----A---- C:\WINDOWS\SYSWOW64\mssitlb.dll
2021-12-20 14:15:48 ----A---- C:\WINDOWS\SYSWOW64\msscntrs.dll
2021-12-20 14:15:48 ----A---- C:\WINDOWS\SYSWOW64\d3d9on12.dll
2021-12-20 14:15:47 ----A---- C:\WINDOWS\SYSWOW64\CloudExperienceHostCommon.dll
2021-12-20 14:15:46 ----A---- C:\WINDOWS\SYSWOW64\UIAutomationCore.dll
2021-12-20 14:15:46 ----A---- C:\WINDOWS\SYSWOW64\dsreg.dll
2021-12-20 14:15:46 ----A---- C:\WINDOWS\SYSWOW64\crypttpmeksvc.dll
2021-12-20 14:15:45 ----A---- C:\WINDOWS\SYSWOW64\GameInput.dll
2021-12-20 14:15:45 ----A---- C:\WINDOWS\SYSWOW64\ExecModelClient.dll
2021-12-20 14:15:45 ----A---- C:\WINDOWS\SYSWOW64\DataExchange.dll
2021-12-20 14:15:45 ----A---- C:\WINDOWS\SYSWOW64\aadtb.dll
2021-12-20 14:15:45 ----A---- C:\WINDOWS\SYSWOW64\aadauthhelper.dll
2021-12-20 14:15:43 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.dll
2021-12-20 14:15:43 ----A---- C:\WINDOWS\SYSWOW64\mapistub.dll
2021-12-20 14:15:43 ----A---- C:\WINDOWS\SYSWOW64\mapi32.dll
2021-12-20 14:15:43 ----A---- C:\WINDOWS\SYSWOW64\fixmapi.exe
2021-12-20 14:15:42 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2021-12-20 14:15:42 ----A---- C:\WINDOWS\SYSWOW64\msctf.dll
2021-12-20 14:15:42 ----A---- C:\WINDOWS\SYSWOW64\LicensingWinRT.dll
2021-12-20 14:15:41 ----A---- C:\WINDOWS\SYSWOW64\TpmTool.exe
2021-12-20 14:15:41 ----A---- C:\WINDOWS\SYSWOW64\TpmCertResources.dll
2021-12-20 14:15:41 ----A---- C:\WINDOWS\SYSWOW64\explorer.exe
2021-12-20 14:14:49 ----A---- C:\WINDOWS\SYSWOW64\TpmCoreProvisioning.dll
2021-12-20 14:14:48 ----A---- C:\WINDOWS\SYSWOW64\sechost.dll
2021-12-20 14:14:48 ----A---- C:\WINDOWS\SYSWOW64\PCPKsp.dll
2021-12-20 14:14:47 ----A---- C:\WINDOWS\SYSWOW64\RTWorkQ.dll
2021-12-20 14:14:47 ----A---- C:\WINDOWS\SYSWOW64\ContentDeliveryManager.Utilities.dll
2021-12-20 14:14:42 ----A---- C:\WINDOWS\system32\pku2u.dll
2021-12-20 14:14:42 ----A---- C:\WINDOWS\system32\ngctasks.dll
2021-12-20 14:14:40 ----A---- C:\WINDOWS\system32\Windows.UI.FileExplorer.dll
2021-12-20 14:14:40 ----A---- C:\WINDOWS\system32\shell32.dll
2021-12-20 14:14:39 ----A---- C:\WINDOWS\system32\scecli.dll
2021-12-20 14:14:39 ----A---- C:\WINDOWS\system32\rtutils.dll
2021-12-20 14:14:39 ----A---- C:\WINDOWS\system32\rasmans.dll
2021-12-20 14:14:39 ----A---- C:\WINDOWS\system32\rasman.dll
2021-12-20 14:14:39 ----A---- C:\WINDOWS\system32\rasapi32.dll
2021-12-20 14:14:38 ----A---- C:\WINDOWS\system32\SettingsHandlers_nt.dll
2021-12-20 14:14:37 ----A---- C:\WINDOWS\system32\SettingsHandlers_Fonts.dll
2021-12-20 14:14:36 ----A---- C:\WINDOWS\system32\pnidui.dll
2021-12-20 14:14:36 ----A---- C:\WINDOWS\system32\iphlpsvc.dll
2021-12-20 14:14:28 ----A---- C:\WINDOWS\system32\wsqmcons.exe
2021-12-20 14:14:27 ----A---- C:\WINDOWS\system32\sppobjs.dll
2021-12-20 14:14:27 ----A---- C:\WINDOWS\system32\SppExtComObj.Exe
2021-12-20 14:14:27 ----A---- C:\WINDOWS\system32\LicensingWinRT.dll
2021-12-20 14:14:26 ----A---- C:\WINDOWS\system32\sppsvc.exe
2021-12-20 14:14:25 ----A---- C:\WINDOWS\system32\LockHostingFramework.dll
2021-12-20 14:14:25 ----A---- C:\WINDOWS\system32\AboveLockAppHost.dll
2021-12-20 14:14:24 ----A---- C:\WINDOWS\system32\Windows.UI.Immersive.dll
2021-12-20 14:14:23 ----A---- C:\WINDOWS\system32\gpapi.dll
2021-12-20 14:14:22 ----A---- C:\WINDOWS\system32\gpsvc.dll
2021-12-20 14:14:21 ----A---- C:\WINDOWS\system32\gdi32full.dll
2021-12-20 14:14:20 ----A---- C:\WINDOWS\system32\feclient.dll
2021-12-20 14:14:20 ----A---- C:\WINDOWS\system32\efssvc.dll
2021-12-20 14:14:20 ----A---- C:\WINDOWS\system32\efslsaext.dll
2021-12-20 14:14:18 ----A---- C:\WINDOWS\system32\efscore.dll
2021-12-20 14:14:15 ----A---- C:\WINDOWS\system32\d3d9.dll
2021-12-20 14:14:15 ----A---- C:\WINDOWS\system32\d3d8thk.dll
2021-12-20 14:14:14 ----A---- C:\WINDOWS\system32\MdmDiagnostics.dll
2021-12-20 14:14:13 ----A---- C:\WINDOWS\system32\mdmmigrator.dll
2021-12-20 14:14:13 ----A---- C:\WINDOWS\system32\enrollmentapi.dll
2021-12-20 14:14:12 ----A---- C:\WINDOWS\system32\dmenrollengine.dll
2021-12-20 14:14:11 ----A---- C:\WINDOWS\system32\omadmclient.exe
2021-12-20 14:14:11 ----A---- C:\WINDOWS\system32\enterprisecsps.dll
2021-12-20 14:14:11 ----A---- C:\WINDOWS\system32\dmenterprisediagnostics.dll
2021-12-20 14:14:10 ----A---- C:\WINDOWS\system32\policymanager.dll
2021-12-20 14:14:10 ----A---- C:\WINDOWS\system32\dmcsps.dll
2021-12-20 14:14:09 ----A---- C:\WINDOWS\system32\LogonController.dll
2021-12-20 14:14:09 ----A---- C:\WINDOWS\system32\dmcmnutils.dll
2021-12-20 14:14:09 ----A---- C:\WINDOWS\system32\configmanager2.dll
2021-12-20 14:14:08 ----A---- C:\WINDOWS\system32\usermgr.dll
2021-12-20 14:14:07 ----A---- C:\WINDOWS\system32\drivers\mrxsmb20.sys
2021-12-20 14:14:07 ----A---- C:\WINDOWS\system32\drivers\mrxsmb.sys
2021-12-20 14:14:06 ----A---- C:\WINDOWS\system32\winlogon.exe
2021-12-20 14:14:06 ----A---- C:\WINDOWS\system32\ntlanman.dll
2021-12-20 14:14:06 ----A---- C:\WINDOWS\system32\drivers\clfs.sys
2021-12-20 14:14:05 ----A---- C:\WINDOWS\system32\msctf.dll
2021-12-20 14:14:05 ----A---- C:\WINDOWS\system32\fontdrvhost.exe
2021-12-20 14:14:04 ----A---- C:\WINDOWS\system32\lpk.dll
2021-12-20 14:14:04 ----A---- C:\WINDOWS\system32\fontsub.dll
2021-12-20 14:14:04 ----A---- C:\WINDOWS\system32\dciman32.dll
2021-12-20 14:14:03 ----A---- C:\WINDOWS\SYSWOW64\KernelBase.dll
2021-12-20 14:14:03 ----A---- C:\WINDOWS\SYSWOW64\bcryptprimitives.dll
2021-12-20 14:14:02 ----A---- C:\WINDOWS\SYSWOW64\imagehlp.dll
2021-12-20 14:14:02 ----A---- C:\WINDOWS\system32\sscore.dll
2021-12-20 14:14:02 ----A---- C:\WINDOWS\system32\srvsvc.dll
2021-12-20 14:14:02 ----A---- C:\WINDOWS\system32\drivers\FWPKCLNT.SYS
2021-12-20 14:14:01 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2021-12-20 14:14:01 ----A---- C:\WINDOWS\system32\drivers\NetAdapterCx.sys
2021-12-20 14:14:00 ----A---- C:\WINDOWS\system32\KernelBase.dll
2021-12-20 14:14:00 ----A---- C:\WINDOWS\system32\bcryptprimitives.dll
2021-12-20 14:13:59 ----A---- C:\WINDOWS\system32\sechost.dll
2021-12-20 14:13:00 ----A---- C:\WINDOWS\system32\drivers\partmgr.sys
2021-12-20 14:13:00 ----A---- C:\WINDOWS\system32\drivers\ndis.sys
2021-12-20 14:12:59 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2021-12-20 14:12:58 ----A---- C:\WINDOWS\system32\imagehlp.dll
2021-12-20 14:12:58 ----A---- C:\WINDOWS\system32\drivers\ntfs.sys
2021-12-20 14:12:57 ----A---- C:\WINDOWS\system32\wersvc.dll
2021-12-20 14:12:57 ----A---- C:\WINDOWS\system32\wermgr.exe
2021-12-20 14:12:57 ----A---- C:\WINDOWS\system32\WerFaultSecure.exe
2021-12-20 14:12:57 ----A---- C:\WINDOWS\system32\WerFault.exe
2021-12-20 14:12:57 ----A---- C:\WINDOWS\system32\werdiagcontroller.dll
2021-12-20 14:12:57 ----A---- C:\WINDOWS\system32\kdnet.dll
2021-12-20 14:12:57 ----A---- C:\WINDOWS\system32\Faultrep.dll
2021-12-20 14:12:56 ----A---- C:\WINDOWS\system32\weretw.dll
2021-12-20 14:12:56 ----A---- C:\WINDOWS\system32\wer.dll
2021-12-20 14:12:56 ----A---- C:\WINDOWS\system32\offlinelsa.dll
2021-12-20 14:12:56 ----A---- C:\WINDOWS\system32\drivers\ksecpkg.sys
2021-12-20 14:12:55 ----A---- C:\WINDOWS\system32\tzres.dll
2021-12-20 14:12:55 ----A---- C:\WINDOWS\system32\ncryptprov.dll
2021-12-20 14:12:55 ----A---- C:\WINDOWS\system32\lsasrv.dll
2021-12-20 14:12:55 ----A---- C:\WINDOWS\system32\drivers\http.sys
2021-12-20 14:12:55 ----A---- C:\WINDOWS\system32\drivers\cng.sys
2021-12-20 14:12:54 ----A---- C:\WINDOWS\system32\rpcss.dll
2021-12-20 14:12:54 ----A---- C:\WINDOWS\system32\ci.dll
2021-12-20 14:12:53 ----A---- C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2021-12-20 14:12:53 ----A---- C:\WINDOWS\system32\dcomp.dll
2021-12-20 14:12:52 ----A---- C:\WINDOWS\system32\winsku.dll
2021-12-20 14:12:52 ----A---- C:\WINDOWS\system32\winbrand.dll
2021-12-20 14:12:52 ----A---- C:\WINDOWS\system32\dwmcore.dll
2021-12-20 14:12:52 ----A---- C:\WINDOWS\system32\CloudExperienceHost.dll
2021-12-20 14:12:51 ----A---- C:\WINDOWS\system32\winresume.exe
2021-12-20 14:12:50 ----A---- C:\WINDOWS\system32\winload.exe
2021-12-20 14:12:49 ----A---- C:\WINDOWS\system32\srpapi.dll
2021-12-20 14:12:49 ----A---- C:\WINDOWS\system32\drivers\refs.sys
2021-12-20 14:12:49 ----A---- C:\WINDOWS\system32\drivers\applockerfltr.sys
2021-12-20 14:12:49 ----A---- C:\WINDOWS\system32\AppLockerCSP.dll
2021-12-20 14:12:49 ----A---- C:\WINDOWS\system32\appidtel.exe
2021-12-20 14:12:48 ----A---- C:\WINDOWS\system32\SettingsHandlers_ManagePhone.dll
2021-12-20 14:12:48 ----A---- C:\WINDOWS\system32\drivers\appid.sys
2021-12-20 14:12:48 ----A---- C:\WINDOWS\system32\ConstraintIndex.Search.dll
2021-12-20 14:12:47 ----A---- C:\WINDOWS\system32\SettingsHandlers_ContentDeliveryManager.dll
2021-12-20 14:12:47 ----A---- C:\WINDOWS\system32\CustomInstallExec.exe
2021-12-20 14:12:47 ----A---- C:\WINDOWS\system32\ApplyTrustOffline.exe
2021-12-20 14:12:46 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2021-12-20 14:12:46 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2021-12-20 14:12:46 ----A---- C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2021-12-20 14:12:45 ----A---- C:\WINDOWS\system32\WsmSvc.dll
2021-12-20 14:12:45 ----A---- C:\WINDOWS\system32\WinREAgent.dll
2021-12-20 14:12:45 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2021-12-20 14:12:43 ----A---- C:\WINDOWS\system32\twinui.pcshell.dll
2021-12-20 14:12:42 ----A---- C:\WINDOWS\system32\updatecsp.dll
2021-12-20 14:12:42 ----A---- C:\WINDOWS\system32\UpdateAgent.dll
2021-12-20 14:12:42 ----A---- C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2021-12-20 14:12:42 ----A---- C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2021-12-20 14:12:42 ----A---- C:\WINDOWS\system32\AppResolver.dll
2021-12-20 14:12:41 ----A---- C:\WINDOWS\system32\usosvc.dll
2021-12-20 14:12:41 ----A---- C:\WINDOWS\system32\usocoreworker.exe
2021-12-20 14:12:41 ----A---- C:\WINDOWS\system32\MoUsoCoreWorker.exe
2021-12-20 14:12:40 ----A---- C:\WINDOWS\system32\winbio.dll
2021-12-20 14:12:40 ----A---- C:\WINDOWS\system32\wevtsvc.dll
2021-12-20 14:12:40 ----A---- C:\WINDOWS\system32\wbiosrvc.dll
2021-12-20 14:12:40 ----A---- C:\WINDOWS\system32\SHCore.dll
2021-12-20 14:12:40 ----A---- C:\WINDOWS\system32\BioCredProv.dll
2021-12-20 14:12:39 ----A---- C:\WINDOWS\system32\wcimage.dll
2021-12-20 14:12:39 ----A---- C:\WINDOWS\system32\wc_storage.dll
2021-12-20 14:12:39 ----A---- C:\WINDOWS\system32\mdmregistration.dll
2021-12-20 14:12:39 ----A---- C:\WINDOWS\system32\MdmDiagnosticsTool.exe
2021-12-20 14:12:39 ----A---- C:\WINDOWS\system32\daxexec.dll
2021-12-20 14:12:38 ----A---- C:\WINDOWS\system32\windows.immersiveshell.serviceprovider.dll
2021-12-20 14:12:38 ----A---- C:\WINDOWS\system32\win32u.dll
2021-12-20 14:12:38 ----A---- C:\WINDOWS\system32\win32kfull.sys
2021-12-20 14:12:38 ----A---- C:\WINDOWS\system32\win32k.sys
2021-12-20 14:12:37 ----A---- C:\WINDOWS\system32\Windows.Services.TargetedContent.dll
2021-12-20 14:12:36 ----A---- C:\WINDOWS\system32\wpnapps.dll
2021-12-20 14:12:36 ----A---- C:\WINDOWS\system32\kerberos.dll
2021-12-20 14:12:36 ----A---- C:\WINDOWS\system32\AppxPackaging.dll
2021-12-20 14:12:35 ----A---- C:\WINDOWS\system32\windows.storage.dll
2021-12-20 14:12:34 ----A---- C:\WINDOWS\system32\WaaSAssessment.dll
2021-12-20 14:12:34 ----A---- C:\WINDOWS\system32\InstallServiceTasks.dll
2021-12-20 14:12:34 ----A---- C:\WINDOWS\system32\InstallService.dll
2021-12-20 14:12:33 ----A---- C:\WINDOWS\system32\ISM.dll
2021-12-20 14:12:33 ----A---- C:\WINDOWS\system32\InputLocaleManager.dll
2021-12-20 14:12:32 ----A---- C:\WINDOWS\system32\WordBreakers.dll
2021-12-20 14:12:32 ----A---- C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2021-12-20 14:12:32 ----A---- C:\WINDOWS\system32\TextInputFramework.dll
2021-12-20 14:12:32 ----A---- C:\WINDOWS\system32\EditBufferTestHook.dll
2021-12-20 14:12:31 ----A---- C:\WINDOWS\system32\InputService.dll
2021-12-20 14:12:30 ----A---- C:\WINDOWS\system32\tquery.dll
2021-12-20 14:12:29 ----A---- C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2021-12-20 14:12:29 ----A---- C:\WINDOWS\system32\mssvp.dll
2021-12-20 14:12:29 ----A---- C:\WINDOWS\system32\mssrch.dll
2021-12-20 14:12:29 ----A---- C:\WINDOWS\system32\mssprxy.dll
2021-12-20 14:12:29 ----A---- C:\WINDOWS\system32\mssph.dll
2021-12-20 14:12:28 ----A---- C:\WINDOWS\system32\SearchProtocolHost.exe
2021-12-20 14:12:28 ----A---- C:\WINDOWS\system32\SearchIndexer.exe
2021-12-20 14:12:28 ----A---- C:\WINDOWS\system32\SearchFilterHost.exe
2021-12-20 14:12:28 ----A---- C:\WINDOWS\system32\mssitlb.dll
2021-12-20 14:12:28 ----A---- C:\WINDOWS\system32\msscntrs.dll
2021-12-20 14:12:27 ----A---- C:\WINDOWS\system32\win32kbase.sys
2021-12-20 14:12:27 ----A---- C:\WINDOWS\system32\FntCache.dll
2021-12-20 14:12:27 ----A---- C:\WINDOWS\system32\d3d9on12.dll
2021-12-20 14:12:26 ----A---- C:\WINDOWS\system32\EdgeContent.dll
2021-12-20 14:12:26 ----A---- C:\WINDOWS\system32\DWrite.dll
2021-12-20 14:11:37 ----A---- C:\WINDOWS\system32\ngcsvc.dll
2021-12-20 14:11:37 ----A---- C:\WINDOWS\system32\ngcrecovery.dll
2021-12-20 14:11:37 ----A---- C:\WINDOWS\system32\ngcpopkeysrv.dll
2021-12-20 14:11:37 ----A---- C:\WINDOWS\system32\NgcCtnrSvc.dll
2021-12-20 14:11:37 ----A---- C:\WINDOWS\system32\ngccredprov.dll
2021-12-20 14:11:37 ----A---- C:\WINDOWS\system32\cryptngc.dll
2021-12-20 14:11:36 ----A---- C:\WINDOWS\system32\NgcCtnr.dll
2021-12-20 14:11:36 ----A---- C:\WINDOWS\system32\drivers\dxgmms2.sys
2021-12-20 14:11:36 ----A---- C:\WINDOWS\system32\drivers\dxgmms1.sys
2021-12-20 14:11:36 ----A---- C:\WINDOWS\system32\drivers\dxgkrnl.sys
2021-12-20 14:11:36 ----A---- C:\WINDOWS\system32\CertEnrollCtrl.exe
2021-12-20 14:11:36 ----A---- C:\WINDOWS\system32\cdd.dll
2021-12-20 14:11:35 ----A---- C:\WINDOWS\system32\CertEnroll.dll
2021-12-20 14:11:34 ----A---- C:\WINDOWS\system32\UIAutomationCore.dll
2021-12-20 14:11:34 ----A---- C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2021-12-20 14:11:34 ----A---- C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2021-12-20 14:11:34 ----A---- C:\WINDOWS\system32\cloudAP.dll
2021-12-20 14:11:33 ----A---- C:\WINDOWS\system32\GameInput.dll
2021-12-20 14:11:33 ----A---- C:\WINDOWS\system32\crypttpmeksvc.dll
2021-12-20 14:11:33 ----A---- C:\WINDOWS\system32\aadtb.dll
2021-12-20 14:11:32 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.Resources.Common.dll
2021-12-20 14:11:32 ----A---- C:\WINDOWS\system32\ExecModelClient.dll
2021-12-20 14:11:32 ----A---- C:\WINDOWS\system32\aadcloudap.dll
2021-12-20 14:11:32 ----A---- C:\WINDOWS\system32\aadauthhelper.dll
2021-12-20 14:11:30 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll
2021-12-20 14:11:29 ----A---- C:\WINDOWS\system32\mapi32.dll
2021-12-20 14:11:29 ----A---- C:\WINDOWS\system32\fixmapi.exe
2021-12-20 14:11:29 ----A---- C:\WINDOWS\system32\DataExchange.dll
2021-12-20 14:11:28 ----A---- C:\WINDOWS\system32\mapistub.dll
2021-12-20 14:11:27 ----A---- C:\WINDOWS\system32\twinui.dll
2021-12-20 14:11:26 ----A---- C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-12-20 14:11:25 ----A---- C:\WINDOWS\system32\Windows.Internal.ShellCommon.Broker.dll
2021-12-20 14:11:25 ----A---- C:\WINDOWS\system32\StartTileData.dll
2021-12-20 14:11:24 ----A---- C:\WINDOWS\system32\dsreg.dll
2021-12-20 14:11:24 ----A---- C:\WINDOWS\system32\drivers\nwifi.sys
2021-12-20 14:11:24 ----A---- C:\WINDOWS\explorer.exe
2021-12-20 14:11:23 ----A---- C:\WINDOWS\system32\TpmTool.exe
2021-12-20 14:11:23 ----A---- C:\WINDOWS\system32\TpmTasks.dll
2021-12-20 14:11:23 ----A---- C:\WINDOWS\system32\TpmCoreProvisioning.dll
2021-12-20 14:11:23 ----A---- C:\WINDOWS\system32\TpmCertResources.dll
2021-12-20 14:11:22 ----A---- C:\WINDOWS\system32\wpx.dll
2021-12-20 14:11:22 ----A---- C:\WINDOWS\system32\Windows.Internal.Signals.dll
2021-12-20 14:11:22 ----A---- C:\WINDOWS\system32\PCPKsp.dll
2021-12-20 14:11:21 ----A---- C:\WINDOWS\system32\win32spl.dll
2021-12-20 14:11:21 ----A---- C:\WINDOWS\system32\spoolsv.exe
2021-12-20 14:11:21 ----A---- C:\WINDOWS\system32\localspl.dll
2021-12-20 14:11:21 ----A---- C:\WINDOWS\system32\FaxPrinterInstaller.dll
2021-12-20 14:11:21 ----A---- C:\WINDOWS\splwow64.exe
2021-12-20 14:11:20 ----A---- C:\WINDOWS\system32\drivers\PEAuth.sys
2021-12-20 14:11:19 ----A---- C:\WINDOWS\system32\drivers\storport.sys
2021-12-20 14:11:19 ----A---- C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2021-12-20 14:11:18 ----A---- C:\WINDOWS\system32\bcdedit.exe
2021-12-20 14:11:17 ----A---- C:\WINDOWS\system32\audioresourceregistrar.dll
2021-12-20 14:11:17 ----A---- C:\WINDOWS\system32\AUDIOKSE.dll
2021-12-20 14:11:17 ----A---- C:\WINDOWS\system32\audiodg.exe
2021-12-20 14:11:16 ----A---- C:\WINDOWS\system32\SpatialAudioLicenseSrv.exe
2021-12-20 14:11:16 ----A---- C:\WINDOWS\system32\remoteaudioendpoint.dll
2021-12-20 14:11:16 ----A---- C:\WINDOWS\system32\audiosrv.dll
2021-12-20 14:11:16 ----A---- C:\WINDOWS\system32\AudioEng.dll
2021-12-20 14:11:16 ----A---- C:\WINDOWS\system32\AudioEndpointBuilder.dll
2021-12-20 14:11:15 ----A---- C:\WINDOWS\system32\RTWorkQ.dll
2021-12-20 14:11:14 ----A---- C:\WINDOWS\system32\drivers\pci.sys
2021-12-20 14:11:14 ----A---- C:\WINDOWS\system32\drivers\BTHUSB.SYS
2021-12-20 14:11:14 ----A---- C:\WINDOWS\system32\drivers\bthport.sys
2021-12-20 14:11:14 ----A---- C:\WINDOWS\system32\drivers\BthMini.SYS
2021-12-20 14:11:14 ----A---- C:\WINDOWS\system32\drivers\bthenum.sys
2021-12-20 14:11:13 ----A---- C:\WINDOWS\system32\drivers\xinputhid.sys
2021-12-20 14:11:13 ----A---- C:\WINDOWS\system32\drivers\xboxgip.sys
2021-12-20 14:11:13 ----A---- C:\WINDOWS\system32\drivers\usbvideo.sys
2021-12-20 14:11:13 ----A---- C:\WINDOWS\system32\drivers\devauthe.sys
2021-12-20 12:22:10 ----D---- C:\Program Files\Adobe
2021-12-20 12:15:15 ----D---- C:\Program Files\Common Files\Adobe
2021-12-20 11:58:49 ----D---- C:\ProgramData\Adobe
2021-12-20 11:46:52 ----A---- C:\WINDOWS\SYSWOW64\poqexec.exe
2021-12-20 11:46:50 ----A---- C:\WINDOWS\system32\poqexec.exe
======List of files/folders modified in the last 1 month======
2022-01-09 17:54:56 ----D---- C:\Windows
2022-01-09 17:54:47 ----D---- C:\Program Files\trend micro
2022-01-09 17:53:35 ----D---- C:\WINDOWS\Temp
2022-01-09 17:52:09 ----D---- C:\WINDOWS\Prefetch
2022-01-09 17:44:25 ----D---- C:\Program Files (x86)\Google
2022-01-09 17:42:59 ----D---- C:\WINDOWS\INF
2022-01-09 17:35:13 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2022-01-09 17:11:05 ----D---- C:\WINDOWS\system32\sru
2022-01-09 17:04:43 ----D---- C:\WINDOWS\system32\SleepStudy
2022-01-09 10:04:10 ----D---- C:\Program Files\CCleaner
2022-01-08 23:45:21 ----RD---- C:\WINDOWS\Microsoft.NET
2022-01-08 01:55:49 ----D---- C:\WINDOWS\AppReadiness
2022-01-08 01:55:37 ----HD---- C:\Program Files\WindowsApps
2022-01-08 01:28:46 ----SHD---- C:\WINDOWS\Installer
2022-01-08 01:28:45 ----D---- C:\WINDOWS\system32\Tasks
2022-01-07 23:46:40 ----SHD---- C:\System Volume Information
2022-01-03 18:04:01 ----D---- C:\Program Files\Opera
2022-01-01 21:01:57 ----D---- C:\Program Files (x86)\TeamViewer
2021-12-25 23:44:48 ----D---- C:\WINDOWS\system32\config
2021-12-24 23:52:07 ----D---- C:\WINDOWS\WinSxS
2021-12-22 15:55:08 ----D---- C:\WINDOWS\system32\drivers
2021-12-22 15:48:11 ----D---- C:\ProgramData\Garmin
2021-12-22 15:47:22 ----D---- C:\ProgramData\Package Cache
2021-12-22 15:47:06 ----RSD---- C:\WINDOWS\assembly
2021-12-22 15:47:00 ----D---- C:\Program Files (x86)\Garmin
2021-12-20 19:48:36 ----D---- C:\WINDOWS\System32
2021-12-20 19:48:36 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2021-12-20 19:45:06 ----D---- C:\WINDOWS\system32\DriverStore
2021-12-20 19:43:25 ----ASH---- C:\DumpStack.log.tmp
2021-12-20 19:40:08 ----D---- C:\WINDOWS\SYSWOW64\migration
2021-12-20 19:40:08 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2021-12-20 19:40:08 ----D---- C:\WINDOWS\SysWOW64
2021-12-20 19:40:04 ----D---- C:\WINDOWS\SystemResources
2021-12-20 19:40:04 ----D---- C:\WINDOWS\system32\zh-TW
2021-12-20 19:40:04 ----D---- C:\WINDOWS\system32\zh-CN
2021-12-20 19:40:04 ----D---- C:\WINDOWS\system32\uk-UA
2021-12-20 19:40:03 ----D---- C:\WINDOWS\system32\tr-TR
2021-12-20 19:40:03 ----D---- C:\WINDOWS\system32\th-TH
2021-12-20 19:40:03 ----D---- C:\WINDOWS\system32\sv-SE
2021-12-20 19:40:03 ----D---- C:\WINDOWS\system32\sr-Latn-RS
2021-12-20 19:40:03 ----D---- C:\WINDOWS\system32\sl-SI
2021-12-20 19:40:03 ----D---- C:\WINDOWS\system32\sk-SK
2021-12-20 19:40:03 ----D---- C:\WINDOWS\system32\setup
2021-12-20 19:40:03 ----D---- C:\WINDOWS\system32\ru-RU
2021-12-20 19:40:03 ----D---- C:\WINDOWS\system32\ro-RO
2021-12-20 19:40:03 ----D---- C:\WINDOWS\system32\pt-PT
2021-12-20 19:40:03 ----D---- C:\WINDOWS\system32\pt-BR
2021-12-20 19:40:03 ----D---- C:\WINDOWS\system32\pl-PL
2021-12-20 19:40:03 ----D---- C:\WINDOWS\system32\oobe
2021-12-20 19:40:03 ----D---- C:\WINDOWS\system32\nl-NL
2021-12-20 19:40:03 ----D---- C:\WINDOWS\system32\nb-NO
2021-12-20 19:40:03 ----D---- C:\WINDOWS\system32\migration
2021-12-20 19:40:03 ----D---- C:\WINDOWS\system32\lv-LV
2021-12-20 19:40:02 ----D---- C:\WINDOWS\system32\lt-LT
2021-12-20 19:40:02 ----D---- C:\WINDOWS\system32\ko-KR
2021-12-20 19:40:02 ----D---- C:\WINDOWS\system32\ja-jp
2021-12-20 19:40:02 ----D---- C:\WINDOWS\system32\it-IT
2021-12-20 19:40:02 ----D---- C:\WINDOWS\system32\hu-HU
2021-12-20 19:40:02 ----D---- C:\WINDOWS\system32\hr-HR
2021-12-20 19:40:02 ----D---- C:\WINDOWS\system32\he-IL
2021-12-20 19:40:02 ----D---- C:\WINDOWS\system32\fr-FR
2021-12-20 19:40:02 ----D---- C:\WINDOWS\system32\fr-CA
2021-12-20 19:40:02 ----D---- C:\WINDOWS\system32\fi-FI
2021-12-20 19:40:02 ----D---- C:\WINDOWS\system32\et-EE
2021-12-20 19:40:02 ----D---- C:\WINDOWS\system32\es-MX
2021-12-20 19:40:02 ----D---- C:\WINDOWS\system32\es-ES
2021-12-20 19:40:02 ----D---- C:\WINDOWS\system32\en-US
2021-12-20 19:40:02 ----D---- C:\WINDOWS\system32\en-GB
2021-12-20 19:40:02 ----D---- C:\WINDOWS\system32\el-GR
2021-12-20 19:40:01 ----D---- C:\WINDOWS\system32\de-DE
2021-12-20 19:40:01 ----D---- C:\WINDOWS\system32\da-DK
2021-12-20 19:40:01 ----D---- C:\WINDOWS\system32\cs-CZ
2021-12-20 19:40:01 ----D---- C:\WINDOWS\system32\Boot
2021-12-20 19:40:01 ----D---- C:\WINDOWS\system32\bg-BG
2021-12-20 19:40:01 ----D---- C:\WINDOWS\system32\ar-SA
2021-12-20 19:39:51 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2021-12-20 19:39:51 ----D---- C:\WINDOWS\Provisioning
2021-12-20 19:39:51 ----D---- C:\WINDOWS\bcastdvr
2021-12-20 19:39:51 ----D---- C:\WINDOWS\apppatch
2021-12-20 19:39:41 ----D---- C:\WINDOWS\system32\drivers\UMDF
2021-12-20 19:04:00 ----D---- C:\Program Files (x86)\CCleaner Browser
2021-12-20 17:51:25 ----D---- C:\WINDOWS\CbsTemp
2021-12-20 17:38:56 ----RD---- C:\Users
2021-12-20 17:34:46 ----SHD---- C:\$Recycle.Bin
2021-12-20 14:22:51 ----D---- C:\WINDOWS\system32\catroot2
2021-12-20 13:08:38 ----SD---- C:\Users\Mara\AppData\Roaming\Microsoft
2021-12-20 13:08:38 ----D---- C:\Users\Mara\AppData\Roaming\Adobe
2021-12-20 12:27:04 ----D---- C:\Program Files (x86)\Common Files
2021-12-20 12:22:10 ----RD---- C:\Program Files
2021-12-20 12:15:15 ----D---- C:\Program Files\Common Files
2021-12-20 11:58:49 ----HD---- C:\ProgramData
2021-12-20 11:38:50 ----D---- C:\WINDOWS\system32\MRT
2021-12-20 11:30:55 ----AC---- C:\WINDOWS\system32\MRT.exe
2021-12-15 14:39:59 ----D---- C:\WINDOWS\system32\drivers\wd
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\WINDOWS\system32\drivers\iorate.sys [2021-08-27 57168]
R0 SgrmAgent;@%SystemRoot%\System32\Drivers\SgrmAgent.sys,-1001; C:\WINDOWS\system32\drivers\SgrmAgent.sys [2019-12-07 88080]
R1 afunix;afunix; C:\WINDOWS\system32\drivers\afunix.sys [2021-08-27 41984]
R1 bam;@%SystemRoot%\system32\drivers\bam.sys,-100; C:\WINDOWS\system32\drivers\bam.sys [2019-12-07 78136]
R1 CimFS;CimFS; C:\WINDOWS\system32\drivers\CimFS.sys [2021-10-18 98304]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2019-12-07 59392]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2019-12-07 8704]
R2 bindflt;@%systemroot%\system32\drivers\bindflt.sys,-100; C:\WINDOWS\system32\drivers\bindflt.sys [2021-10-18 148816]
R2 CldFlt;Windows Cloud Files Filter Driver; C:\WINDOWS\system32\drivers\cldflt.sys [2021-11-11 496640]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2020-10-13 53248]
R3 KMWDFILTER;HIDServiceDesc; C:\WINDOWS\System32\drivers\KMWDFILTER.sys [2009-04-29 30208]
R3 MsQuic;@%SystemRoot%\system32\drivers\msquic.sys,-1; C:\WINDOWS\system32\drivers\msquic.sys [2020-09-25 322376]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys [2016-12-09 12914360]
R3 RTL8167;@oem27.inf,%rtl8167.Service.DispName%;Realtek 8167 NT Driver; C:\WINDOWS\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
R3 rtl8192se;@net8192se64.inf,%RTL8192se.Service.DispName%;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver; C:\WINDOWS\System32\drivers\rtl8192se.sys [2019-12-07 1222656]
S0 bttflt;@virtdisk.inf,%service_desc%;Microsoft Hyper-V VHDPMEM BTT Filter; C:\WINDOWS\System32\drivers\bttflt.sys [2019-12-07 43832]
S0 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2019-12-07 319800]
S0 iaStorAVC;@iastorav.inf,%iaStorAVC.DeviceDesc%;Intel Chipset SATA RAID Controller; C:\WINDOWS\System32\drivers\iaStorAVC.sys [2019-12-07 884752]
S0 ItSas35i;ItSas35i; C:\WINDOWS\System32\drivers\ItSas35i.sys [2019-12-07 172344]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2019-12-07 124216]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2019-12-07 135992]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2019-12-07 81720]
S0 megasas35i;megasas35i; C:\WINDOWS\System32\drivers\megasas35i.sys [2019-12-07 105480]
S0 nvdimm;@nvdimm.inf,%nvdimm.SvcDesc%;Microsoft NVDIMM device driver; C:\WINDOWS\System32\drivers\nvdimm.sys [2019-12-07 168464]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2019-12-07 58680]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2019-12-07 68408]
S0 pmem;@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver; C:\WINDOWS\System32\drivers\pmem.sys [2019-12-07 138040]
S0 Ramdisk;Windows RAM Disk Driver; C:\WINDOWS\system32\DRIVERS\ramdisk.sys [2019-12-07 42296]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2019-12-07 158736]
S0 SmartSAMD;SmartSAMD; C:\WINDOWS\System32\drivers\SmartSAMD.sys [2019-12-07 209720]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2019-12-07 23040]
S3 Acx01000;@%SystemRoot%\system32\drivers\Acx01000.sys,-1000; C:\WINDOWS\system32\drivers\Acx01000.sys [2019-12-07 415232]
S3 amdgpio2;@amdgpio2.inf,%GPIO.SvcDesc%;AMD GPIO Client Driver; C:\WINDOWS\System32\drivers\amdgpio2.sys [2019-12-07 18432]
S3 amdi2c;@amdi2c.inf,%amdi2c.SVCDESC%;AMD I2C Controller Service; C:\WINDOWS\System32\drivers\amdi2c.sys [2019-12-07 45568]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2021-12-20 18432]
S3 BthA2dp;@microsoft_bluetooth_a2dp.inf,%BthA2dp.ServiceDescription%;Microsoft Bluetooth A2dp driver; C:\WINDOWS\System32\drivers\BthA2dp.sys [2019-12-07 279040]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\WINDOWS\System32\drivers\BthEnum.sys [2021-12-20 113664]
S3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [2020-09-25 106496]
S3 BthMini;@bth.inf,%BTHMINI.SvcDesc%;Bluetooth Radio Driver; C:\WINDOWS\System32\drivers\BTHMINI.sys [2021-12-20 45568]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\WINDOWS\System32\drivers\BTHport.sys [2021-12-20 1559552]
S3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\WINDOWS\System32\drivers\BTHUSB.sys [2021-12-20 110592]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2019-12-07 44032]
S3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\WINDOWS\System32\drivers\CAD.sys [2019-12-07 66576]
S3 ew_usbccgpfilter;@oem25.inf,%busupper.SVCDESC%;HwHandSet_CompositeFilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [2020-09-24 18944]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\DriverStore\FileRepository\genericusbfn.inf_amd64_53931f0ae21d6d2c\genericusbfn.sys [2019-12-07 23040]
S3 grmnusb;grmnusb; C:\WINDOWS\system32\drivers\grmnusb.sys [2012-04-18 19304]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2019-12-07 55824]
S3 hidspi;@hidspi_km.inf,%hidspi.SVCDESC%;Microsoft SPI HID Miniport Driver; C:\WINDOWS\System32\drivers\hidspi.sys [2019-12-07 66560]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2021-09-21 95056]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys [2008-03-17 115328]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver; C:\WINDOWS\System32\Drivers\mshwnclx.sys [2019-12-07 30208]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2019-12-07 1853752]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2019-12-07 36352]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2019-12-07 91136]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2019-12-07 79360]
S3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2019-12-07 93184]
S3 iaLPSS2i_GPIO2_CNL;@iaLPSS2i_GPIO2_CNL.inf,%iaLPSS2i_GPIO2_CNL.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_CNL.sys [2019-12-07 112128]
S3 iaLPSS2i_GPIO2_GLK;@iaLPSS2i_GPIO2_GLK.inf,%iaLPSS2i_GPIO2_GLK.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_GLK.sys [2019-12-07 96256]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2019-12-07 171520]
S3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2019-12-07 175104]
S3 iaLPSS2i_I2C_CNL;@iaLPSS2i_I2C_CNL.inf,%iaLPSS2i_I2C_CNL.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_CNL.sys [2019-12-07 177152]
S3 iaLPSS2i_I2C_GLK;@iaLPSS2i_I2C_GLK.inf,%iaLPSS2i_I2C_GLK.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_GLK.sys [2019-12-07 177664]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2019-12-07 558904]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2020-10-13 47104]
S3 intelpmax;@intelpmax.inf,%SvcDesc%;Intel(R) Dynamic Device Peak Power Manager Driver; C:\WINDOWS\System32\drivers\intelpmax.sys [2019-12-07 30720]
S3 IPT;IPT; C:\WINDOWS\System32\drivers\ipt.sys [2019-12-07 59704]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\WINDOWS\System32\drivers\mausbhost.sys [2019-12-07 537608]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\WINDOWS\System32\drivers\mausbip.sys [2019-12-07 64016]
S3 MbbCx;MBB Network Adapter Class Extension; C:\WINDOWS\system32\drivers\MbbCx.sys [2021-08-27 391168]
S3 Microsoft_Bluetooth_AvrcpTransport;@microsoft_bluetooth_avrcptransport.inf,%Microsoft_Bluetooth_AvrcpTransport.ServiceDescription%;Microsoft Bluetooth Avrcp Transport Driver; C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.AvrcpTransport.sys [2019-12-07 65024]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2019-12-07 1131320]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2019-12-07 146232]
S3 NDKPing;NDKPing Driver; C:\WINDOWS\system32\drivers\NDKPing.sys [2019-12-07 72720]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2021-12-20 214528]
S3 NvStUSB;NVIDIA Stereoscopic 3D USB driver; C:\WINDOWS\System32\drivers\nvstusb.sys [2016-12-09 461424]
S3 PktMon;Packet Monitor Driver; C:\WINDOWS\system32\drivers\PktMon.sys [2021-11-11 129848]
S3 PNPMEM;@memory.inf,%PNPMEM.SvcDesc%;Microsoft Memory Module Driver; C:\WINDOWS\System32\drivers\pnpmem.sys [2019-12-07 17408]
S3 portcfg;portcfg; C:\WINDOWS\System32\drivers\portcfg.sys [2019-12-07 27136]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2019-12-07 990008]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2019-12-07 213504]
S3 rhproxy;@rhproxy.inf,%rhproxy.SVCDESC%;Resource Hub proxy driver; C:\WINDOWS\System32\drivers\rhproxy.sys [2019-12-07 115712]
S3 SDFRd;@SDFRd.inf,%SDFRd.ServiceDesc%;SDF Reflector; C:\WINDOWS\System32\drivers\SDFRd.sys [2019-12-07 35128]
S4 hvcrash;hvcrash; C:\WINDOWS\System32\drivers\hvcrash.sys [2019-12-07 35128]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2021-11-17 169728]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-13 57360]
R2 CDPUserSvc_7f25e;Uživatelská služba platformy připojených zařízení_7f25e; C:\WINDOWS\system32\svchost.exe [2020-10-13 57360]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2020-10-13 57360]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2020-10-13 57360]
R2 DispBrokerDesktopSvc;@%SystemRoot%\system32\dispbroker.desktop.dll,-101; C:\WINDOWS\system32\svchost.exe [2020-10-13 57360]
R2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2020-10-13 57360]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; C:\WINDOWS\System32\svchost.exe [2020-10-13 57360]
R2 edgeupdate;Služba Microsoft Edge Update (edgeupdate); C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [2020-06-10 224160]
R2 HuaweiHiSuiteService64.exe;HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [2020-09-24 192320]
R2 MDM;Machine Debug Manager; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvvsvc.exe [2016-11-14 932728]
R2 OneSyncSvc_7f25e;Hostitel synchronizace_7f25e; C:\WINDOWS\system32\svchost.exe [2020-10-13 57360]
R2 SgrmBroker;@%SystemRoot%\System32\SgrmBroker.exe,-100; C:\WINDOWS\system32\SgrmBroker.exe [2020-10-13 329504]
R3 BthAvctpSvc;@%SystemRoot%\system32\BthAvctpSvc.dll,-101; C:\WINDOWS\system32\svchost.exe [2020-10-13 57360]
R3 camsvc;@%SystemRoot%\system32\CapabilityAccessManager.dll,-1; C:\WINDOWS\system32\svchost.exe [2020-10-13 57360]
R3 cbdhsvc_7f25e;Uživatelská služba schránky_7f25e; C:\WINDOWS\system32\svchost.exe [2020-10-13 57360]
R3 DisplayEnhancementService;@%SystemRoot%\System32\Microsoft.Graphics.Display.DisplayEnhancementService.dll,-1000; C:\WINDOWS\system32\svchost.exe [2020-10-13 57360]
R3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2020-10-13 57360]
R3 InstallService;@%SystemRoot%\system32\InstallService.dll,-200; C:\WINDOWS\System32\svchost.exe [2020-10-13 57360]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2020-10-13 57360]
R3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2020-10-13 57360]
R3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-13 57360]
R3 PimIndexMaintenanceSvc_7f25e;Data kontaktů_7f25e; C:\WINDOWS\system32\svchost.exe [2020-10-13 57360]
R3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\WINDOWS\System32\svchost.exe [2020-10-13 57360]
R3 SecurityHealthService;@%systemroot%\system32\SecurityHealthAgent.dll,-1002; C:\WINDOWS\system32\SecurityHealthService.exe [2021-10-18 986032]
S2 ccleaner;Služba CCleaner Browser Update (ccleaner); C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [2020-09-15 200928]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-13 57360]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-02-26 154440]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2020-10-13 57360]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2020-10-13 57360]
S3 AarSvc;@%SystemRoot%\system32\AarSvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-13 57360]
S3 AarSvc_7f25e;Agent Activation Runtime_7f25e; C:\WINDOWS\system32\svchost.exe [2020-10-13 57360]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2020-12-08 335416]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2020-10-13 57360]
S3 autotimesvc;@%SystemRoot%\System32\autotimesvc.dll,-6; C:\WINDOWS\system32\svchost.exe [2020-10-13 57360]
S3 BcastDVRUserService;@%SystemRoot%\system32\BcastDVRUserService.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-13 57360]
S3 BcastDVRUserService_7f25e;Uživatelská služba pro GameDVR a vysílání her_7f25e; C:\WINDOWS\system32\svchost.exe [2020-10-13 57360]
S3 BluetoothUserService;@%SystemRoot%\system32\Microsoft.Bluetooth.UserService.dll,-101; C:\WINDOWS\system32\svchost.exe [2020-10-13 57360]
S3 BluetoothUserService_7f25e;Služba pro podporu uživatelů Bluetooth_7f25e; C:\WINDOWS\system32\svchost.exe [2020-10-13 57360]
S3 BTAGService;@%SystemRoot%\system32\BTAGService.dll,-101; C:\WINDOWS\system32\svchost.exe [2020-10-13 57360]
S3 CaptureService;@%SystemRoot%\system32\CaptureService.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-13 57360]
S3 CaptureService_7f25e;CaptureService_7f25e; C:\WINDOWS\system32\svchost.exe [2020-10-13 57360]
S3 cbdhsvc;@%SystemRoot%\system32\cbdhsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-13 57360]
S3 CCleanerBrowserElevationService;CCleaner Browser Elevation Service (CCleanerBrowserElevationService); C:\Program Files (x86)\CCleaner Browser\Application\96.1.13589.113\elevation_service.exe [2021-12-15 1721904]
S3 ccleanerm;Služba CCleaner Browser Update (ccleanerm); C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [2020-09-15 200928]
S3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2020-10-13 57360]
S3 ConsentUxUserSvc;@%SystemRoot%\system32\ConsentUxClient.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-13 57360]
S3 ConsentUxUserSvc_7f25e;ConsentUX_7f25e; C:\WINDOWS\system32\svchost.exe [2020-10-13 57360]
S3 CredentialEnrollmentManagerUserSvc;@%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100; C:\WINDOWS\system32\CredentialEnrollmentManager.exe [2021-09-21 382696]
S3 CredentialEnrollmentManagerUserSvc_7f25e;CredentialEnrollmentManagerUserSvc_7f25e; C:\WINDOWS\system32\CredentialEnrollmentManager.exe [2021-09-21 382696]
S3 DeviceAssociationBrokerSvc;@%SystemRoot%\system32\deviceaccess.dll,-107; C:\WINDOWS\system32\svchost.exe [2020-10-13 57360]
S3 DeviceAssociationBrokerSvc_7f25e;DeviceAssociationBroker_7f25e; C:\WINDOWS\system32\svchost.exe [2020-10-13 57360]
S3 DevicePickerUserSvc;@%SystemRoot%\system32\Windows.Devices.Picker.dll,-1006; C:\WINDOWS\system32\svchost.exe [2020-10-13 57360]
S3 DevicePickerUserSvc_7f25e;DevicePicker_7f25e; C:\WINDOWS\system32\svchost.exe [2020-10-13 57360]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; C:\WINDOWS\system32\svchost.exe [2020-10-13 57360]
S3 DevicesFlowUserSvc_7f25e;Tok zařízení_7f25e; C:\WINDOWS\system32\svchost.exe [2020-10-13 57360]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-13 57360]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2021-11-11 94208]
S3 diagsvc;@%systemroot%\system32\DiagSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2020-10-13 57360]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-13 57360]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2020-10-13 57360]
S3 edgeupdatem;Služba Microsoft Edge Update (edgeupdatem); C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [2020-06-10 224160]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\WINDOWS\System32\svchost.exe [2020-10-13 57360]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2020-10-13 57360]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2019-11-08 46184]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2020-10-13 57360]
S3 GoogleChromeElevationService;Google Chrome Elevation Service (GoogleChromeElevationService); C:\Program Files (x86)\Google\Chrome\Application\96.0.4664.110\elevation_service.exe [2021-12-12 1392984]
S3 GraphicsPerfSvc;@%SystemRoot%\system32\GraphicsPerfSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2020-10-13 57360]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-02-26 154440]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-13 57360]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2020-10-13 57360]
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; C:\WINDOWS\System32\svchost.exe [2020-10-13 57360]
S3 LxpSvc;@%SystemRoot%\system32\LanguageOverlayServer.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-13 57360]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-13 57360]
S3 MessagingService_7f25e;Služba zasílání zpráv_7f25e; C:\WINDOWS\system32\svchost.exe [2020-10-13 57360]
S3 MicrosoftEdgeElevationService;Microsoft Edge Elevation Service (MicrosoftEdgeElevationService); C:\Program Files (x86)\Microsoft\Edge\Application\97.0.1072.55\elevation_service.exe [2022-01-06 1610120]
S3 MixedRealityOpenXRSvc;@%SystemRoot%\system32\MixedRealityRuntime.dll,-101; C:\WINDOWS\system32\svchost.exe [2020-10-13 57360]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2020-01-29 244936]
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-13 57360]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2020-10-13 57360]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 perceptionsimulation;@%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101; C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe [2021-01-13 106496]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2020-10-13 57360]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2020-10-13 57360]
S3 PrintWorkflowUserSvc;@%SystemRoot%\system32\PrintWorkflowService.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-13 57360]
S3 PrintWorkflowUserSvc_7f25e;PrintWorkflow_7f25e; C:\WINDOWS\system32\svchost.exe [2020-10-13 57360]
S3 PushToInstall;@%SystemRoot%\system32\pushtoinstall.dll,-200; C:\WINDOWS\System32\svchost.exe [2020-10-13 57360]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2020-10-13 57360]
S3 SEMgrSvc;@%SystemRoot%\System32\SEMgrSvc.dll,-1001; C:\WINDOWS\system32\svchost.exe [2020-10-13 57360]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2021-01-13 1265152]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2020-10-13 57360]
S3 SharedRealitySvc;@%SystemRoot%\system32\SharedRealitySvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-13 57360]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2020-10-13 57360]
S4 shpamsvc;@%SystemRoot%\System32\Windows.SharedPC.AccountManager.dll,-100; C:\WINDOWS\System32\svchost.exe [2020-10-13 57360]
-----------------EOF-----------------
Run by Mara at 2022-01-09 17:54:33
Microsoft Windows 10 Home
System drive C: has 36 GB (15%) free of 237 GB
Total RAM: 3839 MB (23% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:54:56, on 09.01.2022
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.19041.1202)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\TeamViewer\TeamViewer.exe
C:\Program Files (x86)\Garmin\Express\express.exe
C:\Program Files (x86)\Garmin\Express\CefSharp.BrowserSubprocess.exe
C:\Program Files (x86)\Garmin\Express\CefSharp.BrowserSubprocess.exe
C:\Program Files\trend micro\Mara.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkI ... id=UE13DHP
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: IEToEdge BHO - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\97.0.1072.55\BHO\ie_to_edge_bho.dll
O4 - HKLM\..\Run: [Opera Browser Assistant] C:\Program Files\Opera\assistant\browser_assistant.exe
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Mara\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Mara\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Mara\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [CCleanerBrowserAutoLaunch_07B15DBA980ABD67C429B3EEA66DB950] "C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe" --check-run=src=logon --auto-launch-at-startup --profile-directory="Default"
O4 - HKCU\..\Run: [008C8440DA6DCB1E2358F56A38F2018EDEBF2926._service_run] "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=service /prefetch:8
O4 - HKCU\..\Run: [GarminExpress] "C:\Program Files (x86)\Garmin\Express\express.exe" /minimized
O4 - HKCU\..\RunOnce: [Delete Cached Update Binary] C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Mara\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe"
O4 - HKCU\..\RunOnce: [Delete Cached Standalone Update Binary] C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Mara\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe"
O4 - HKCU\..\RunOnce: [Uninstall 21.220.1024.0005] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Mara\AppData\Local\Microsoft\OneDrive\21.220.1024.0005"
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_465_pepper.exe -update pepperplugin
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Inc. - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Služba CCleaner Browser Update (ccleaner) (ccleaner) - Piriform Software - C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe
O23 - Service: CCleaner Browser Elevation Service (CCleanerBrowserElevationService) (CCleanerBrowserElevationService) - Piriform Software - C:\Program Files (x86)\CCleaner Browser\Application\96.1.13589.113\elevation_service.exe
O23 - Service: Služba CCleaner Browser Update (ccleanerm) (ccleanerm) - Piriform Software - C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe
O23 - Service: @%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100 (CredentialEnrollmentManagerUserSvc) - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: CredentialEnrollmentManagerUserSvc_7f25e - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) (GoogleChromeElevationService) - Google LLC - C:\Program Files (x86)\Google\Chrome\Application\96.0.4664.110\elevation_service.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HuaweiHiSuiteService64.exe - Unknown owner - C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101 (perceptionsimulation) - Unknown owner - C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\WINDOWS\system32\SgrmBroker.exe (file missing)
O23 - Service: @firewallapi.dll,-50323 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer - TeamViewer Germany GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 9861 bytes
======Listing Processes======
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p
"fontdrvhost.exe"
winlogon.exe
C:\WINDOWS\system32\svchost.exe -k RPCSS -p
"fontdrvhost.exe"
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p -s LSM
"dwm.exe"
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s NcbService
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s lmhosts
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s TimeBrokerSvc
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DisplayEnhancementService
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s hidserv
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s EventLog
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s TabletInputService
"C:\WINDOWS\system32\nvvsvc.exe"
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-95748653-bded-458b-addd-8fc8082984ae -SystemEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-09fb2bb1-7304-42e1-b1f8-059d6f9620c0 -IoCancelEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-f28f65a9-f17d-4dfe-b5e1-1256f59a6144 -NonStateChangingEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-260c9350-edad-41a1-b54e-36105f330e66 -LifetimeId:c036da2c-3b52-4a6e-9884-3b4efba12dbe -DeviceGroupId:WpdFsGroup -HostArg:0
C:\WINDOWS\system32\svchost.exe -k appmodel -p -s camsvc
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s ProfSvc
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s EventSystem
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s SysMain
C:\WINDOWS\System32\svchost.exe -k netsvcs -p -s Themes
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s nsi
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s Dhcp
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s SENS
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\WINDOWS\system32\nvvsvc.exe -session -first
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s AudioEndpointBuilder
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s UserManager
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s FontCache
C:\WINDOWS\System32\svchost.exe -k NetworkService -p -s NlaSvc
C:\WINDOWS\system32\svchost.exe -k appmodel -p -s StateRepository
C:\WINDOWS\System32\svchost.exe -k LocalService -p -s netprofm
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s Schedule
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k NetworkService -p -s Dnscache
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p
C:\WINDOWS\System32\svchost.exe -k netsvcs -p -s ShellHWDetection
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetworkFirewall -p
C:\WINDOWS\System32\svchost.exe -k NetworkService -p -s LanmanWorkstation
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork -p
C:\WINDOWS\system32\svchost.exe -k NetworkService -p -s CryptSvc
C:\WINDOWS\System32\svchost.exe -k utcsvc -p
"C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe" -/service
"C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe"
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s WpnService
C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork -p -s DPS
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s Winmgmt
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s SstpSvc
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s TrkWks
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s LanmanServer
"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
C:\WINDOWS\System32\svchost.exe -k NetSvcs -p -s iphlpsvc
C:\WINDOWS\System32\svchost.exe -k LocalService -p -s WdiServiceHost
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DeviceAssociationService
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s lfsvc
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s DispBrokerDesktopSvc
sihost.exe
"C:\Program Files (x86)\TeamViewer\TeamViewer.exe"
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup -s CDPUserSvc
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup -s WpnUserService
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s TokenBroker
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -s RmSvc
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s CDPSvc
"C:\Program Files (x86)\TeamViewer\tv_w32.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\TeamViewer15_Logfile.log
"C:\Program Files (x86)\TeamViewer\tv_x64.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\TeamViewer15_Logfile.log
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s NgcCtnrSvc
"C:\Program Files (x86)\CCleaner Browser\Update\1.8.1067.0\CCleanerBrowserCrashHandler.exe"
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s StorSvc
C:\WINDOWS\system32\svchost.exe -k ClipboardSvcGroup -p -s cbdhsvc
"C:\Program Files (x86)\CCleaner Browser\Update\1.8.1067.0\CCleanerBrowserCrashHandler64.exe"
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s UsoSvc
C:\Windows\System32\RuntimeBroker.exe -Embedding
"ctfmon.exe"
/QuitInfo:000000000000026C;0000000000000270;
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
C:\WINDOWS\System32\svchost.exe -k LocalService -p -s LicenseManager
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
C:\WINDOWS\system32\SettingSyncHost.exe -Embedding
"C:\WINDOWS\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe" -ServerName:CortanaUI.AppX8z9r6jm96hw4bsbneegw0kyxx296wr9t.mca
"C:\Windows\System32\SecurityHealthSystray.exe"
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation -p -s SSDPSRV
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s PcaSvc
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\oobe\UserOOBEBroker.exe -Embedding
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s WdiSystemHost
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s DsSvc
C:\WINDOWS\system32\svchost.exe -k WbioSvcGroup -s WbioSrvc
C:\WINDOWS\System32\svchost.exe -k netsvcs -p
C:\WINDOWS\system32\DllHost.exe /Processid:{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s Appinfo
"C:\Program Files (x86)\Garmin\Express\express.exe"
"C:\Program Files (x86)\Garmin\Express\CefSharp.BrowserSubprocess.exe" --type=gpu-process --field-trial-handle=5004,12009816767371728171,7661743839820475064,131072 --enable-features=CastMediaRouteProvider --no-sandbox --log-file="C:\Program Files (x86)\Garmin\Express\debug.log" --log-severity=disable --lang=en-US --cefsharpexitsub --gpu-preferences=MAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAQAAAAAAAAAAAAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAA= --log-file="C:\Program Files (x86)\Garmin\Express\debug.log" --mojo-platform-channel-handle=5052 /prefetch:2 --host-process-id=6940
"C:\WINDOWS\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe" -ServerName:ShellFeedsUI.AppX88fpyyrd21w8wqe62wzsjh5agex7tf1e.mca
"C:\Program Files (x86)\Garmin\Express\CefSharp.BrowserSubprocess.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=5004,12009816767371728171,7661743839820475064,131072 --enable-features=CastMediaRouteProvider --lang=en-US --service-sandbox-type=network --no-sandbox --log-file="C:\Program Files (x86)\Garmin\Express\debug.log" --log-severity=disable --lang=en-US --cefsharpexitsub --log-file="C:\Program Files (x86)\Garmin\Express\debug.log" --mojo-platform-channel-handle=5136 /prefetch:8 --host-process-id=6940
C:\WINDOWS\system32\DllHost.exe /Processid:{973D20D7-562D-44B9-B70B-5A0F49CCDF3F}
C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s BthAvctpSvc
"C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\WINDOWS\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\InputApp\TextInputHost.exe" -ServerName:InputApp.AppX9jnwykgrccxc8by3hsrsh07r423xzvav.mca
C:\Windows\System32\mousocoreworker.exe -Embedding
"C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe" --heartbeat --hourly
"C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Mara\AppData\Local\CCleaner Browser\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Mara\AppData\Local\CCleaner Browser\User Data\Crashpad" "--metrics-dir=C:\Users\Mara\AppData\Local\CCleaner Browser\User Data" --url=fake_url --annotation=plat=Win64 --annotation=prod=CCleaner --annotation=ver=96.1.13589.113 --initial-client-data=0x120,0x124,0x128,0xf8,0x12c,0x7ffa7eb532c0,0x7ffa7eb532d0,0x7ffa7eb532e0
"C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe" --type=gpu-process --field-trial-handle=1500,7204977115608333959,6502099450066271907,131072 --start-stack-profiler --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAANAAAAEAAAAAAAAAABAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1428 /prefetch:2
"C:\WINDOWS\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe" -ServerName:App.AppXywbrabmsek0gm3tkwpr5kwzbs55tkqay.mca
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s WinHttpAutoProxySvc
"C:\Program Files\Opera\opera.exe" --ran-launcher --started-from-shortcut
"C:\Program Files\Opera\82.0.4227.43\opera_crashreporter.exe" --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Mara\AppData\Roaming\Opera Software\Opera Stable\Crash Reports" "--crash-count-file=C:\Users\Mara\AppData\Roaming\Opera Software\Opera Stable\crash_count.txt" --url=https://crashstats-collector.opera.com/collector/submit --annotation=channel=Stable --annotation=plat=Win64 --annotation=prod=OperaDesktop --annotation=ver=82.0.4227.43 --initial-client-data=0x2cc,0x2d0,0x2d4,0x2a8,0x2d8,0x7ffa5c7934d0,0x7ffa5c7934e0,0x7ffa5c7934f0
"C:\Program Files\Opera\opera.exe" --type=gpu-process --field-trial-handle=1656,8610750961493635271,18006732024000900129,131072 --start-stack-profiler --with-feature:adblock-snippets=on --with-feature:aliexpress-modal=off --with-feature:booking-modal=off --with-feature:bookmarks-trash-cleaner=on --with-feature:continue-on-booking=on --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-5=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:partner-inline-autocompletion=on --with-feature:pinboard-local=on --with-feature:reader-mode=on --with-feature:rollout-dna=on --with-feature:sd-suggestions-external=on --with-feature:startpage-sync-banner-ref=on --with-feature:yandex-zen-leads-for-nonsdusers=off --with-feature:yandex-zen-lift-up=off --with-feature:yandex-zen-news-next=on --with-feature:yat-emoji-addresses=on --with-feature:new-autoupdater-logic=on --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --with-feature:installer-opera-exe-in-root=on --ab_tests=DNA-72006-test:DNA-72006 --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAANAAAAEAAAAAAAAAABAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1732 /prefetch:2
"C:\Program Files\Opera\opera.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1656,8610750961493635271,18006732024000900129,131072 --lang=cs --service-sandbox-type=utility --enable-quic --with-feature:adblock-snippets=on --with-feature:aliexpress-modal=off --with-feature:booking-modal=off --with-feature:bookmarks-trash-cleaner=on --with-feature:continue-on-booking=on --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-5=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:partner-inline-autocompletion=on --with-feature:pinboard-local=on --with-feature:reader-mode=on --with-feature:rollout-dna=on --with-feature:sd-suggestions-external=on --with-feature:startpage-sync-banner-ref=on --with-feature:yandex-zen-leads-for-nonsdusers=off --with-feature:yandex-zen-lift-up=off --with-feature:yandex-zen-news-next=on --with-feature:yat-emoji-addresses=on --with-feature:new-autoupdater-logic=on --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --with-feature:installer-opera-exe-in-root=on --ab_tests=DNA-72006-test:DNA-72006 --mojo-platform-channel-handle=3312 /prefetch:8
"C:\Program Files\Opera\opera.exe" --type=renderer --extension-process --display-capture-permissions-policy-allowed --with-feature:adblock-snippets=on --with-feature:aliexpress-modal=off --with-feature:booking-modal=off --with-feature:bookmarks-trash-cleaner=on --with-feature:continue-on-booking=on --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-5=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:partner-inline-autocompletion=on --with-feature:pinboard-local=on --with-feature:reader-mode=on --with-feature:rollout-dna=on --with-feature:sd-suggestions-external=on --with-feature:startpage-sync-banner-ref=on --with-feature:yandex-zen-leads-for-nonsdusers=off --with-feature:yandex-zen-lift-up=off --with-feature:yandex-zen-news-next=on --with-feature:yat-emoji-addresses=on --with-feature:new-autoupdater-logic=on --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --with-feature:installer-opera-exe-in-root=on --ab_tests=DNA-72006-test:DNA-72006 --field-trial-handle=1656,8610750961493635271,18006732024000900129,131072 --lang=cs --device-scale-factor=1.25 --num-raster-threads=1 --renderer-client-id=5 --mojo-platform-channel-handle=3576 /prefetch:1
"C:\Program Files\Opera\opera.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1656,8610750961493635271,18006732024000900129,131072 --lang=cs --service-sandbox-type=none --enable-quic --start-stack-profiler --with-feature:adblock-snippets=on --with-feature:aliexpress-modal=off --with-feature:booking-modal=off --with-feature:bookmarks-trash-cleaner=on --with-feature:continue-on-booking=on --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-5=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:partner-inline-autocompletion=on --with-feature:pinboard-local=on --with-feature:reader-mode=on --with-feature:rollout-dna=on --with-feature:sd-suggestions-external=on --with-feature:startpage-sync-banner-ref=on --with-feature:yandex-zen-leads-for-nonsdusers=off --with-feature:yandex-zen-lift-up=off --with-feature:yandex-zen-news-next=on --with-feature:yat-emoji-addresses=on --with-feature:new-autoupdater-logic=on --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --with-feature:installer-opera-exe-in-root=on --ab_tests=DNA-72006-test:DNA-72006 --mojo-platform-channel-handle=3180 /prefetch:8
"C:\Program Files\Opera\opera.exe" --type=renderer --display-capture-permissions-policy-allowed --start-stack-profiler --with-feature:adblock-snippets=on --with-feature:aliexpress-modal=off --with-feature:booking-modal=off --with-feature:bookmarks-trash-cleaner=on --with-feature:continue-on-booking=on --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-5=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:partner-inline-autocompletion=on --with-feature:pinboard-local=on --with-feature:reader-mode=on --with-feature:rollout-dna=on --with-feature:sd-suggestions-external=on --with-feature:startpage-sync-banner-ref=on --with-feature:yandex-zen-leads-for-nonsdusers=off --with-feature:yandex-zen-lift-up=off --with-feature:yandex-zen-news-next=on --with-feature:yat-emoji-addresses=on --with-feature:new-autoupdater-logic=on --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --with-feature:installer-opera-exe-in-root=on --ab_tests=DNA-72006-test:DNA-72006 --field-trial-handle=1656,8610750961493635271,18006732024000900129,131072 --lang=cs --device-scale-factor=1.25 --num-raster-threads=1 --renderer-client-id=12 --mojo-platform-channel-handle=3880 /prefetch:1
"C:\Program Files\Opera\opera.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1656,8610750961493635271,18006732024000900129,131072 --lang=cs --service-sandbox-type=audio --enable-quic --with-feature:adblock-snippets=on --with-feature:aliexpress-modal=off --with-feature:booking-modal=off --with-feature:bookmarks-trash-cleaner=on --with-feature:continue-on-booking=on --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-5=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:partner-inline-autocompletion=on --with-feature:pinboard-local=on --with-feature:reader-mode=on --with-feature:rollout-dna=on --with-feature:sd-suggestions-external=on --with-feature:startpage-sync-banner-ref=on --with-feature:yandex-zen-leads-for-nonsdusers=off --with-feature:yandex-zen-lift-up=off --with-feature:yandex-zen-news-next=on --with-feature:yat-emoji-addresses=on --with-feature:new-autoupdater-logic=on --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --with-feature:installer-opera-exe-in-root=on --ab_tests=DNA-72006-test:DNA-72006 --mojo-platform-channel-handle=4596 /prefetch:8
"C:\Program Files\Opera\opera.exe" --type=renderer --extension-process --display-capture-permissions-policy-allowed --with-feature:adblock-snippets=on --with-feature:aliexpress-modal=off --with-feature:booking-modal=off --with-feature:bookmarks-trash-cleaner=on --with-feature:continue-on-booking=on --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-5=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:partner-inline-autocompletion=on --with-feature:pinboard-local=on --with-feature:reader-mode=on --with-feature:rollout-dna=on --with-feature:sd-suggestions-external=on --with-feature:startpage-sync-banner-ref=on --with-feature:yandex-zen-leads-for-nonsdusers=off --with-feature:yandex-zen-lift-up=off --with-feature:yandex-zen-news-next=on --with-feature:yat-emoji-addresses=on --with-feature:new-autoupdater-logic=on --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --with-feature:installer-opera-exe-in-root=on --ab_tests=DNA-72006-test:DNA-72006 --field-trial-handle=1656,8610750961493635271,18006732024000900129,131072 --lang=cs --device-scale-factor=1.25 --num-raster-threads=1 --renderer-client-id=15 --mojo-platform-channel-handle=4244 /prefetch:1
"C:\Program Files\Opera\opera.exe" --type=renderer --extension-process --display-capture-permissions-policy-allowed --with-feature:adblock-snippets=on --with-feature:aliexpress-modal=off --with-feature:booking-modal=off --with-feature:bookmarks-trash-cleaner=on --with-feature:continue-on-booking=on --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-5=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:partner-inline-autocompletion=on --with-feature:pinboard-local=on --with-feature:reader-mode=on --with-feature:rollout-dna=on --with-feature:sd-suggestions-external=on --with-feature:startpage-sync-banner-ref=on --with-feature:yandex-zen-leads-for-nonsdusers=off --with-feature:yandex-zen-lift-up=off --with-feature:yandex-zen-news-next=on --with-feature:yat-emoji-addresses=on --with-feature:new-autoupdater-logic=on --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --with-feature:installer-opera-exe-in-root=on --ab_tests=DNA-72006-test:DNA-72006 --field-trial-handle=1656,8610750961493635271,18006732024000900129,131072 --lang=cs --device-scale-factor=1.25 --num-raster-threads=1 --renderer-client-id=32 --mojo-platform-channel-handle=4728 /prefetch:1
C:\WINDOWS\system32\AUDIODG.EXE 0x594
"C:\Program Files\WindowsApps\VideoLAN.VLC_3.2.1.0_x64__paz6r1rewnh0a\VLC.Universal.exe" -ServerName:App.AppXk4xcjhbbj8915b2jhrrj4thjz6saph41.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\Opera\opera.exe" --type=renderer --display-capture-permissions-policy-allowed --with-feature:adblock-snippets=on --with-feature:aliexpress-modal=off --with-feature:booking-modal=off --with-feature:bookmarks-trash-cleaner=on --with-feature:continue-on-booking=on --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-5=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:partner-inline-autocompletion=on --with-feature:pinboard-local=on --with-feature:reader-mode=on --with-feature:rollout-dna=on --with-feature:sd-suggestions-external=on --with-feature:startpage-sync-banner-ref=on --with-feature:yandex-zen-leads-for-nonsdusers=off --with-feature:yandex-zen-lift-up=off --with-feature:yandex-zen-news-next=on --with-feature:yat-emoji-addresses=on --with-feature:new-autoupdater-logic=on --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --with-feature:installer-opera-exe-in-root=on --ab_tests=DNA-72006-test:DNA-72006 --field-trial-handle=1656,8610750961493635271,18006732024000900129,131072 --lang=cs --device-scale-factor=1.25 --num-raster-threads=1 --renderer-client-id=44 --mojo-platform-channel-handle=6652 /prefetch:1
"C:\Program Files\Opera\opera.exe" --type=renderer --display-capture-permissions-policy-allowed --with-feature:adblock-snippets=on --with-feature:aliexpress-modal=off --with-feature:booking-modal=off --with-feature:bookmarks-trash-cleaner=on --with-feature:continue-on-booking=on --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-5=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:partner-inline-autocompletion=on --with-feature:pinboard-local=on --with-feature:reader-mode=on --with-feature:rollout-dna=on --with-feature:sd-suggestions-external=on --with-feature:startpage-sync-banner-ref=on --with-feature:yandex-zen-leads-for-nonsdusers=off --with-feature:yandex-zen-lift-up=off --with-feature:yandex-zen-news-next=on --with-feature:yat-emoji-addresses=on --with-feature:new-autoupdater-logic=on --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --with-feature:installer-opera-exe-in-root=on --ab_tests=DNA-72006-test:DNA-72006 --field-trial-handle=1656,8610750961493635271,18006732024000900129,131072 --lang=cs --device-scale-factor=1.25 --num-raster-threads=1 --renderer-client-id=49 --mojo-platform-channel-handle=6520 /prefetch:1
"C:\Program Files\Opera\opera.exe" --type=renderer --display-capture-permissions-policy-allowed --with-feature:adblock-snippets=on --with-feature:aliexpress-modal=off --with-feature:booking-modal=off --with-feature:bookmarks-trash-cleaner=on --with-feature:continue-on-booking=on --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-5=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:partner-inline-autocompletion=on --with-feature:pinboard-local=on --with-feature:reader-mode=on --with-feature:rollout-dna=on --with-feature:sd-suggestions-external=on --with-feature:startpage-sync-banner-ref=on --with-feature:yandex-zen-leads-for-nonsdusers=off --with-feature:yandex-zen-lift-up=off --with-feature:yandex-zen-news-next=on --with-feature:yat-emoji-addresses=on --with-feature:new-autoupdater-logic=on --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --with-feature:installer-opera-exe-in-root=on --ab_tests=DNA-72006-test:DNA-72006 --field-trial-handle=1656,8610750961493635271,18006732024000900129,131072 --lang=cs --device-scale-factor=1.25 --num-raster-threads=1 --renderer-client-id=56 --mojo-platform-channel-handle=5920 /prefetch:1
"C:\Users\Mara\Desktop\FRST64.exe"
"C:\Program Files\Opera\opera.exe" --type=renderer --display-capture-permissions-policy-allowed --with-feature:adblock-snippets=on --with-feature:aliexpress-modal=off --with-feature:booking-modal=off --with-feature:bookmarks-trash-cleaner=on --with-feature:continue-on-booking=on --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-5=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:partner-inline-autocompletion=on --with-feature:pinboard-local=on --with-feature:reader-mode=on --with-feature:rollout-dna=on --with-feature:sd-suggestions-external=on --with-feature:startpage-sync-banner-ref=on --with-feature:yandex-zen-leads-for-nonsdusers=off --with-feature:yandex-zen-lift-up=off --with-feature:yandex-zen-news-next=on --with-feature:yat-emoji-addresses=on --with-feature:new-autoupdater-logic=on --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --with-feature:installer-opera-exe-in-root=on --ab_tests=DNA-72006-test:DNA-72006 --field-trial-handle=1656,8610750961493635271,18006732024000900129,131072 --lang=cs --device-scale-factor=1.25 --num-raster-threads=1 --renderer-client-id=68 --mojo-platform-channel-handle=3056 /prefetch:1
"C:\Program Files\Opera\opera.exe" --type=renderer --display-capture-permissions-policy-allowed --start-stack-profiler --with-feature:adblock-snippets=on --with-feature:aliexpress-modal=off --with-feature:booking-modal=off --with-feature:bookmarks-trash-cleaner=on --with-feature:continue-on-booking=on --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-5=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:partner-inline-autocompletion=on --with-feature:pinboard-local=on --with-feature:reader-mode=on --with-feature:rollout-dna=on --with-feature:sd-suggestions-external=on --with-feature:startpage-sync-banner-ref=on --with-feature:yandex-zen-leads-for-nonsdusers=off --with-feature:yandex-zen-lift-up=off --with-feature:yandex-zen-news-next=on --with-feature:yat-emoji-addresses=on --with-feature:new-autoupdater-logic=on --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --with-feature:installer-opera-exe-in-root=on --ab_tests=DNA-72006-test:DNA-72006 --field-trial-handle=1656,8610750961493635271,18006732024000900129,131072 --lang=cs --device-scale-factor=1.25 --num-raster-threads=1 --renderer-client-id=69 --mojo-platform-channel-handle=7052 /prefetch:1
"C:\Program Files\Opera\opera.exe" --type=renderer --display-capture-permissions-policy-allowed --with-feature:adblock-snippets=on --with-feature:aliexpress-modal=off --with-feature:booking-modal=off --with-feature:bookmarks-trash-cleaner=on --with-feature:continue-on-booking=on --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-5=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:partner-inline-autocompletion=on --with-feature:pinboard-local=on --with-feature:reader-mode=on --with-feature:rollout-dna=on --with-feature:sd-suggestions-external=on --with-feature:startpage-sync-banner-ref=on --with-feature:yandex-zen-leads-for-nonsdusers=off --with-feature:yandex-zen-lift-up=off --with-feature:yandex-zen-news-next=on --with-feature:yat-emoji-addresses=on --with-feature:new-autoupdater-logic=on --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --with-feature:installer-opera-exe-in-root=on --ab_tests=DNA-72006-test:DNA-72006 --field-trial-handle=1656,8610750961493635271,18006732024000900129,131072 --lang=cs --device-scale-factor=1.25 --num-raster-threads=1 --renderer-client-id=70 --mojo-platform-channel-handle=2780 /prefetch:1
"C:\Program Files\Opera\opera.exe" --type=renderer --display-capture-permissions-policy-allowed --start-stack-profiler --with-feature:adblock-snippets=on --with-feature:aliexpress-modal=off --with-feature:booking-modal=off --with-feature:bookmarks-trash-cleaner=on --with-feature:continue-on-booking=on --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-5=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:partner-inline-autocompletion=on --with-feature:pinboard-local=on --with-feature:reader-mode=on --with-feature:rollout-dna=on --with-feature:sd-suggestions-external=on --with-feature:startpage-sync-banner-ref=on --with-feature:yandex-zen-leads-for-nonsdusers=off --with-feature:yandex-zen-lift-up=off --with-feature:yandex-zen-news-next=on --with-feature:yat-emoji-addresses=on --with-feature:new-autoupdater-logic=on --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --with-feature:installer-opera-exe-in-root=on --ab_tests=DNA-72006-test:DNA-72006 --field-trial-handle=1656,8610750961493635271,18006732024000900129,131072 --lang=cs --device-scale-factor=1.25 --num-raster-threads=1 --renderer-client-id=71 --mojo-platform-channel-handle=2920 /prefetch:1
C:\Windows\System32\smartscreen.exe -Embedding
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe71_ Global\UsGthrCtrlFltPipeMssGthrPipe71 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 812 816 824 8192 820 796
"C:\Program Files\Opera\opera.exe" --type=renderer --display-capture-permissions-policy-allowed --with-feature:adblock-snippets=on --with-feature:aliexpress-modal=off --with-feature:booking-modal=off --with-feature:bookmarks-trash-cleaner=on --with-feature:continue-on-booking=on --with-feature:continue-shopping=on --with-feature:continue-shopping-2=on --with-feature:continue-shopping-5=on --with-feature:feature-remote-disable-updates-testing-flag=off --with-feature:feature-remote-updates-testing-flag=on --with-feature:partner-inline-autocompletion=on --with-feature:pinboard-local=on --with-feature:reader-mode=on --with-feature:rollout-dna=on --with-feature:sd-suggestions-external=on --with-feature:startpage-sync-banner-ref=on --with-feature:yandex-zen-leads-for-nonsdusers=off --with-feature:yandex-zen-lift-up=off --with-feature:yandex-zen-news-next=on --with-feature:yat-emoji-addresses=on --with-feature:new-autoupdater-logic=on --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --with-feature:installer-opera-exe-in-root=on --ab_tests=DNA-72006-test:DNA-72006 --field-trial-handle=1656,8610750961493635271,18006732024000900129,131072 --lang=cs --device-scale-factor=1.25 --num-raster-threads=1 --renderer-client-id=82 --mojo-platform-channel-handle=7788 /prefetch:1
"C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe" --type=heartbeat --hourly
"C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe" --heartbeat --hourly
"C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Mara\AppData\Local\CCleaner Browser\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Mara\AppData\Local\CCleaner Browser\User Data\Crashpad" "--metrics-dir=C:\Users\Mara\AppData\Local\CCleaner Browser\User Data" --url=fake_url --annotation=plat=Win64 --annotation=prod=CCleaner --annotation=ver=96.1.13589.113 --initial-client-data=0x128,0x12c,0x130,0xf8,0x134,0x7ffa7eb532c0,0x7ffa7eb532d0,0x7ffa7eb532e0
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /ua /installsource scheduler
"C:\Users\Mara\Downloads\RSITx64(2).exe"
======Scheduled tasks folder======
C:\WINDOWS\tasks\CCleaner Browser Heartbeat Task (Hourly).job - C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe --type=heartbeat --hourly
=========Mozilla firefox=========
ProfilePath - C:\Users\Mara\AppData\Roaming\Mozilla\Firefox\Profiles\rawzxbc2.default-1570641619220
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@update.ccleanerbrowser.com/CCleaner Browser;version=3]
"Description"=CCleaner Browser
"Path"=C:\Program Files (x86)\CCleaner Browser\Update\1.8.1067.0\npCCleanerBrowserUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@update.ccleanerbrowser.com/CCleaner Browser;version=9]
"Description"=CCleaner Browser
"Path"=C:\Program Files (x86)\CCleaner Browser\Update\1.8.1067.0\npCCleanerBrowserUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Acrobat]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}]
IEToEdge BHO - C:\Program Files (x86)\Microsoft\Edge\Application\97.0.1072.55\BHO\ie_to_edge_bho_64.dll [2022-01-06 532368]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}]
IEToEdge BHO - C:\Program Files (x86)\Microsoft\Edge\Application\97.0.1072.55\BHO\ie_to_edge_bho.dll [2022-01-06 421776]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\WINDOWS\system32\SecurityHealthSystray.exe [2019-12-07 86016]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"=C:\Users\Mara\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2021-12-20 2543992]
"cz.seznam.software.autoupdate"=C:\Users\Mara\AppData\Roaming\Seznam.cz\szninstall.exe [2018-03-27 1069296]
"cz.seznam.software.szndesktop"=C:\Users\Mara\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2018-03-27 109808]
"CCleaner Smart Cleaning"=C:\Program Files\CCleaner\CCleaner64.exe [2021-03-05 32726088]
"CCleanerBrowserAutoLaunch_07B15DBA980ABD67C429B3EEA66DB950"=C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [2021-12-15 2521976]
"008C8440DA6DCB1E2358F56A38F2018EDEBF2926._service_run"=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe [2022-01-06 3427720]
"GarminExpress"=C:\Program Files (x86)\Garmin\Express\express.exe [2021-11-15 31184216]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Delete Cached Update Binary"=C:\WINDOWS\system32\cmd.exe [2021-01-13 289792]
"Delete Cached Standalone Update Binary"=C:\WINDOWS\system32\cmd.exe [2021-01-13 289792]
"Uninstall 21.220.1024.0005"=C:\WINDOWS\system32\cmd.exe [2021-01-13 289792]
"FlashPlayerUpdate"=C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_465_pepper.exe [2020-12-08 1499704]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Opera Browser Assistant"=C:\Program Files\Opera\assistant\browser_assistant.exe [2021-10-14 4105424]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter
"C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CBDHSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NgcCtnrSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NgcSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioEndpointBuilder]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioSrv]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CBDHSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudAddService.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudBus.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsQuic]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NgcCtnrSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NgcSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SerCx2.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\usbaudio.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96C-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"EnableFullTrustStartupTasks"=2
"EnableUwpStartupTasks"=2
"SupportFullTrustStartupTasks"=1
"SupportUwpStartupTasks"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"aux"=wdmaud.drv
"midi"=wdmaud.drv
"midimapper"=midimap.dll
"mixer"=wdmaud.drv
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wave"=wdmaud.drv
"wavemapper"=msacm32.drv
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"aux1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
======File associations======
.inf - install -
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2022-01-09 17:34:54 ----D---- C:\FRST
2021-12-20 19:39:48 ----D---- C:\WINDOWS\SystemTemp
2021-12-20 17:19:18 ----HD---- C:\$WinREAgent
2021-12-20 14:18:15 ----A---- C:\WINDOWS\SYSWOW64\FXSAPI.dll
2021-12-20 14:18:15 ----A---- C:\WINDOWS\system32\FXSRESM.dll
2021-12-20 14:18:14 ----A---- C:\WINDOWS\system32\WinFax.dll
2021-12-20 14:18:14 ----A---- C:\WINDOWS\system32\FXSTIFF.dll
2021-12-20 14:18:14 ----A---- C:\WINDOWS\system32\FXST30.dll
2021-12-20 14:18:14 ----A---- C:\WINDOWS\system32\FXSCOMEX.dll
2021-12-20 14:18:14 ----A---- C:\WINDOWS\system32\FXSCOM.dll
2021-12-20 14:18:14 ----A---- C:\WINDOWS\system32\FXSAPI.dll
2021-12-20 14:18:13 ----A---- C:\WINDOWS\SYSWOW64\wmp.dll
2021-12-20 14:18:12 ----A---- C:\WINDOWS\SYSWOW64\FXSXP32.dll
2021-12-20 14:18:12 ----A---- C:\WINDOWS\SYSWOW64\FXSEXT32.dll
2021-12-20 14:18:12 ----A---- C:\WINDOWS\system32\FXSCOMPOSE.dll
2021-12-20 14:18:10 ----A---- C:\WINDOWS\SYSWOW64\fveapibase.dll
2021-12-20 14:18:10 ----A---- C:\WINDOWS\SYSWOW64\fveapi.dll
2021-12-20 14:18:10 ----A---- C:\WINDOWS\system32\wmp.dll
2021-12-20 14:18:10 ----A---- C:\WINDOWS\system32\drivers\fvevol.sys
2021-12-20 14:18:10 ----A---- C:\WINDOWS\system32\drivers\dumpfve.sys
2021-12-20 14:18:09 ----A---- C:\WINDOWS\system32\fveapibase.dll
2021-12-20 14:18:09 ----A---- C:\WINDOWS\system32\fveapi.dll
2021-12-20 14:17:48 ----A---- C:\WINDOWS\SYSWOW64\quickassist.exe
2021-12-20 14:17:48 ----A---- C:\WINDOWS\system32\quickassist.exe
2021-12-20 14:17:37 ----A---- C:\WINDOWS\SYSWOW64\msvproc.dll
2021-12-20 14:17:37 ----A---- C:\WINDOWS\SYSWOW64\MFMediaEngine.dll
2021-12-20 14:17:36 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.dll
2021-12-20 14:17:36 ----A---- C:\WINDOWS\SYSWOW64\mfcore.dll
2021-12-20 14:17:36 ----A---- C:\WINDOWS\system32\DolbyDecMFT.dll
2021-12-20 14:17:35 ----A---- C:\WINDOWS\system32\SettingsHandlers_AnalogShell.dll
2021-12-20 14:17:35 ----A---- C:\WINDOWS\system32\HoloSI.PCShell.dll
2021-12-20 14:17:33 ----A---- C:\WINDOWS\system32\Hydrogen.dll
2021-12-20 14:17:32 ----A---- C:\WINDOWS\system32\wpdbusenum.dll
2021-12-20 14:17:32 ----A---- C:\WINDOWS\system32\wpd_ci.dll
2021-12-20 14:17:32 ----A---- C:\WINDOWS\system32\HolographicExtensions.dll
2021-12-20 14:17:32 ----A---- C:\WINDOWS\system32\DMRServer.dll
2021-12-20 14:17:31 ----A---- C:\WINDOWS\system32\msvproc.dll
2021-12-20 14:17:31 ----A---- C:\WINDOWS\system32\MFMediaEngine.dll
2021-12-20 14:17:30 ----A---- C:\WINDOWS\system32\Windows.Media.dll
2021-12-20 14:17:29 ----A---- C:\WINDOWS\SYSWOW64\AcWinRT.dll
2021-12-20 14:17:29 ----A---- C:\WINDOWS\system32\mfcore.dll
2021-12-20 14:17:28 ----A---- C:\WINDOWS\SYSWOW64\tsgqec.dll
2021-12-20 14:17:28 ----A---- C:\WINDOWS\SYSWOW64\mstscax.dll
2021-12-20 14:17:28 ----A---- C:\WINDOWS\SYSWOW64\AcGenral.dll
2021-12-20 14:17:27 ----A---- C:\WINDOWS\SYSWOW64\offreg.dll
2021-12-20 14:17:27 ----A---- C:\WINDOWS\SYSWOW64\msimsg.dll
2021-12-20 14:17:27 ----A---- C:\WINDOWS\SYSWOW64\msi.dll
2021-12-20 14:17:27 ----A---- C:\WINDOWS\SYSWOW64\iemigplugin.dll
2021-12-20 14:17:26 ----A---- C:\WINDOWS\SYSWOW64\IndexedDbLegacy.dll
2021-12-20 14:17:26 ----A---- C:\WINDOWS\SYSWOW64\ieproxy.dll
2021-12-20 14:17:26 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2021-12-20 14:17:24 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2021-12-20 14:17:22 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2021-12-20 14:17:21 ----A---- C:\WINDOWS\SYSWOW64\werui.dll
2021-12-20 14:17:21 ----A---- C:\WINDOWS\SYSWOW64\spacebridge.dll
2021-12-20 14:17:21 ----A---- C:\WINDOWS\SYSWOW64\DWWIN.EXE
2021-12-20 14:17:21 ----A---- C:\WINDOWS\SYSWOW64\BioCredProv.dll
2021-12-20 14:17:13 ----A---- C:\WINDOWS\system32\RDXTaskFactory.dll
2021-12-20 14:17:13 ----A---- C:\WINDOWS\system32\AcWinRT.dll
2021-12-20 14:17:13 ----A---- C:\WINDOWS\system32\AcGenral.dll
2021-12-20 14:17:12 ----A---- C:\WINDOWS\system32\tsgqec.dll
2021-12-20 14:17:12 ----A---- C:\WINDOWS\system32\termsrv.dll
2021-12-20 14:17:12 ----A---- C:\WINDOWS\system32\rdsdwmdr.dll
2021-12-20 14:17:11 ----A---- C:\WINDOWS\system32\mstscax.dll
2021-12-20 14:17:10 ----A---- C:\WINDOWS\system32\SysResetErr.exe
2021-12-20 14:17:10 ----A---- C:\WINDOWS\system32\offreg.dll
2021-12-20 14:17:10 ----A---- C:\WINDOWS\system32\klist.exe
2021-12-20 14:17:09 ----A---- C:\WINDOWS\system32\reseteng.dll
2021-12-20 14:16:20 ----A---- C:\WINDOWS\system32\ResetEngine.exe
2021-12-20 14:16:19 ----A---- C:\WINDOWS\system32\systemreset.exe
2021-12-20 14:16:19 ----A---- C:\WINDOWS\system32\ResetEngOnline.dll
2021-12-20 14:16:19 ----A---- C:\WINDOWS\system32\ResetEngine.dll
2021-12-20 14:16:18 ----A---- C:\WINDOWS\system32\msimsg.dll
2021-12-20 14:16:18 ----A---- C:\WINDOWS\system32\msi.dll
2021-12-20 14:16:18 ----A---- C:\WINDOWS\system32\IESettingSync.exe
2021-12-20 14:16:18 ----A---- C:\WINDOWS\system32\iemigplugin.dll
2021-12-20 14:16:16 ----A---- C:\WINDOWS\system32\ieframe.dll
2021-12-20 14:16:16 ----A---- C:\WINDOWS\system32\Chakra.dll
2021-12-20 14:16:15 ----A---- C:\WINDOWS\system32\IndexedDbLegacy.dll
2021-12-20 14:16:15 ----A---- C:\WINDOWS\system32\ieproxy.dll
2021-12-20 14:16:13 ----A---- C:\WINDOWS\system32\mshtml.dll
2021-12-20 14:16:10 ----A---- C:\WINDOWS\system32\werui.dll
2021-12-20 14:16:10 ----A---- C:\WINDOWS\system32\edgehtml.dll
2021-12-20 14:16:10 ----A---- C:\WINDOWS\system32\DWWIN.EXE
2021-12-20 14:16:09 ----A---- C:\WINDOWS\system32\wercplsupport.dll
2021-12-20 14:16:09 ----A---- C:\WINDOWS\system32\werconcpl.dll
2021-12-20 14:16:09 ----A---- C:\WINDOWS\system32\StorSvc.dll
2021-12-20 14:16:09 ----A---- C:\WINDOWS\system32\StorageUsage.dll
2021-12-20 14:16:09 ----A---- C:\WINDOWS\system32\spacebridge.dll
2021-12-20 14:16:08 ----A---- C:\WINDOWS\system32\computestorage.dll
2021-12-20 14:16:05 ----A---- C:\WINDOWS\system32\tcbloader.dll
2021-12-20 14:16:05 ----A---- C:\WINDOWS\system32\tcblaunch.exe
2021-12-20 14:16:05 ----A---- C:\WINDOWS\system32\skci.dll
2021-12-20 14:16:04 ----A---- C:\WINDOWS\system32\NgcIsoCtnr.dll
2021-12-20 14:16:04 ----A---- C:\WINDOWS\system32\hvix64.exe
2021-12-20 14:16:04 ----A---- C:\WINDOWS\system32\hvax64.exe
2021-12-20 14:16:04 ----A---- C:\WINDOWS\system32\BioIso.exe
2021-12-20 14:16:03 ----A---- C:\WINDOWS\system32\bcastdvruserservice.dll
2021-12-20 14:16:02 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.FileExplorer.dll
2021-12-20 14:16:02 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2021-12-20 14:16:02 ----A---- C:\WINDOWS\SYSWOW64\scecli.dll
2021-12-20 14:16:02 ----A---- C:\WINDOWS\SYSWOW64\rasman.dll
2021-12-20 14:16:02 ----A---- C:\WINDOWS\SYSWOW64\rasapi32.dll
2021-12-20 14:16:02 ----A---- C:\WINDOWS\SYSWOW64\pku2u.dll
2021-12-20 14:16:01 ----A---- C:\WINDOWS\SYSWOW64\rtutils.dll
2021-12-20 14:16:01 ----A---- C:\WINDOWS\SYSWOW64\AboveLockAppHost.dll
2021-12-20 14:16:00 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Immersive.dll
2021-12-20 14:16:00 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Protection.PlayReady.dll
2021-12-20 14:16:00 ----A---- C:\WINDOWS\SYSWOW64\gdi32full.dll
2021-12-20 14:16:00 ----A---- C:\WINDOWS\SYSWOW64\feclient.dll
2021-12-20 14:16:00 ----A---- C:\WINDOWS\SYSWOW64\d3d9.dll
2021-12-20 14:16:00 ----A---- C:\WINDOWS\SYSWOW64\d3d8thk.dll
2021-12-20 14:15:59 ----A---- C:\WINDOWS\SYSWOW64\policymanager.dll
2021-12-20 14:15:59 ----A---- C:\WINDOWS\SYSWOW64\ntlanman.dll
2021-12-20 14:15:59 ----A---- C:\WINDOWS\SYSWOW64\lpk.dll
2021-12-20 14:15:59 ----A---- C:\WINDOWS\SYSWOW64\fontsub.dll
2021-12-20 14:15:59 ----A---- C:\WINDOWS\SYSWOW64\fontdrvhost.exe
2021-12-20 14:15:59 ----A---- C:\WINDOWS\SYSWOW64\enrollmentapi.dll
2021-12-20 14:15:59 ----A---- C:\WINDOWS\SYSWOW64\dmenrollengine.dll
2021-12-20 14:15:59 ----A---- C:\WINDOWS\SYSWOW64\dmcmnutils.dll
2021-12-20 14:15:58 ----A---- C:\WINDOWS\SYSWOW64\wermgr.exe
2021-12-20 14:15:58 ----A---- C:\WINDOWS\SYSWOW64\WerFaultSecure.exe
2021-12-20 14:15:58 ----A---- C:\WINDOWS\SYSWOW64\WerFault.exe
2021-12-20 14:15:58 ----A---- C:\WINDOWS\SYSWOW64\weretw.dll
2021-12-20 14:15:58 ----A---- C:\WINDOWS\SYSWOW64\werdiagcontroller.dll
2021-12-20 14:15:58 ----A---- C:\WINDOWS\SYSWOW64\wer.dll
2021-12-20 14:15:58 ----A---- C:\WINDOWS\SYSWOW64\ncryptprov.dll
2021-12-20 14:15:58 ----A---- C:\WINDOWS\SYSWOW64\Faultrep.dll
2021-12-20 14:15:58 ----A---- C:\WINDOWS\SYSWOW64\dciman32.dll
2021-12-20 14:15:57 ----A---- C:\WINDOWS\SYSWOW64\tzres.dll
2021-12-20 14:15:57 ----A---- C:\WINDOWS\SYSWOW64\dcomp.dll
2021-12-20 14:15:56 ----A---- C:\WINDOWS\SYSWOW64\winsku.dll
2021-12-20 14:15:56 ----A---- C:\WINDOWS\SYSWOW64\winbrand.dll
2021-12-20 14:15:56 ----A---- C:\WINDOWS\SYSWOW64\AppResolver.dll
2021-12-20 14:15:55 ----A---- C:\WINDOWS\SYSWOW64\winbio.dll
2021-12-20 14:15:55 ----A---- C:\WINDOWS\SYSWOW64\win32kfull.sys
2021-12-20 14:15:55 ----A---- C:\WINDOWS\SYSWOW64\SHCore.dll
2021-12-20 14:15:55 ----A---- C:\WINDOWS\SYSWOW64\mdmregistration.dll
2021-12-20 14:15:55 ----A---- C:\WINDOWS\SYSWOW64\daxexec.dll
2021-12-20 14:15:54 ----A---- C:\WINDOWS\SYSWOW64\win32u.dll
2021-12-20 14:15:54 ----A---- C:\WINDOWS\SYSWOW64\win32k.sys
2021-12-20 14:15:54 ----A---- C:\WINDOWS\SYSWOW64\user32.dll
2021-12-20 14:15:54 ----A---- C:\WINDOWS\SYSWOW64\cryptngc.dll
2021-12-20 14:15:53 ----A---- C:\WINDOWS\SYSWOW64\ngccredprov.dll
2021-12-20 14:15:53 ----A---- C:\WINDOWS\SYSWOW64\CertEnrollCtrl.exe
2021-12-20 14:15:53 ----A---- C:\WINDOWS\SYSWOW64\CertEnroll.dll
2021-12-20 14:15:52 ----A---- C:\WINDOWS\SYSWOW64\wpnapps.dll
2021-12-20 14:15:52 ----A---- C:\WINDOWS\SYSWOW64\Windows.Services.TargetedContent.dll
2021-12-20 14:15:52 ----A---- C:\WINDOWS\SYSWOW64\OneCoreUAPCommonProxyStub.dll
2021-12-20 14:15:52 ----A---- C:\WINDOWS\SYSWOW64\kerberos.dll
2021-12-20 14:15:51 ----A---- C:\WINDOWS\SYSWOW64\windows.storage.dll
2021-12-20 14:15:51 ----A---- C:\WINDOWS\SYSWOW64\InstallServiceTasks.dll
2021-12-20 14:15:51 ----A---- C:\WINDOWS\SYSWOW64\AppxPackaging.dll
2021-12-20 14:15:50 ----A---- C:\WINDOWS\SYSWOW64\tquery.dll
2021-12-20 14:15:50 ----A---- C:\WINDOWS\SYSWOW64\mssrch.dll
2021-12-20 14:15:50 ----A---- C:\WINDOWS\SYSWOW64\InstallService.dll
2021-12-20 14:15:49 ----A---- C:\WINDOWS\SYSWOW64\Search.ProtocolHandler.MAPI2.dll
2021-12-20 14:15:49 ----A---- C:\WINDOWS\SYSWOW64\mssvp.dll
2021-12-20 14:15:49 ----A---- C:\WINDOWS\SYSWOW64\mssprxy.dll
2021-12-20 14:15:49 ----A---- C:\WINDOWS\SYSWOW64\mssph.dll
2021-12-20 14:15:48 ----A---- C:\WINDOWS\SYSWOW64\SearchProtocolHost.exe
2021-12-20 14:15:48 ----A---- C:\WINDOWS\SYSWOW64\SearchIndexer.exe
2021-12-20 14:15:48 ----A---- C:\WINDOWS\SYSWOW64\SearchFilterHost.exe
2021-12-20 14:15:48 ----A---- C:\WINDOWS\SYSWOW64\mssitlb.dll
2021-12-20 14:15:48 ----A---- C:\WINDOWS\SYSWOW64\msscntrs.dll
2021-12-20 14:15:48 ----A---- C:\WINDOWS\SYSWOW64\d3d9on12.dll
2021-12-20 14:15:47 ----A---- C:\WINDOWS\SYSWOW64\CloudExperienceHostCommon.dll
2021-12-20 14:15:46 ----A---- C:\WINDOWS\SYSWOW64\UIAutomationCore.dll
2021-12-20 14:15:46 ----A---- C:\WINDOWS\SYSWOW64\dsreg.dll
2021-12-20 14:15:46 ----A---- C:\WINDOWS\SYSWOW64\crypttpmeksvc.dll
2021-12-20 14:15:45 ----A---- C:\WINDOWS\SYSWOW64\GameInput.dll
2021-12-20 14:15:45 ----A---- C:\WINDOWS\SYSWOW64\ExecModelClient.dll
2021-12-20 14:15:45 ----A---- C:\WINDOWS\SYSWOW64\DataExchange.dll
2021-12-20 14:15:45 ----A---- C:\WINDOWS\SYSWOW64\aadtb.dll
2021-12-20 14:15:45 ----A---- C:\WINDOWS\SYSWOW64\aadauthhelper.dll
2021-12-20 14:15:43 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.dll
2021-12-20 14:15:43 ----A---- C:\WINDOWS\SYSWOW64\mapistub.dll
2021-12-20 14:15:43 ----A---- C:\WINDOWS\SYSWOW64\mapi32.dll
2021-12-20 14:15:43 ----A---- C:\WINDOWS\SYSWOW64\fixmapi.exe
2021-12-20 14:15:42 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2021-12-20 14:15:42 ----A---- C:\WINDOWS\SYSWOW64\msctf.dll
2021-12-20 14:15:42 ----A---- C:\WINDOWS\SYSWOW64\LicensingWinRT.dll
2021-12-20 14:15:41 ----A---- C:\WINDOWS\SYSWOW64\TpmTool.exe
2021-12-20 14:15:41 ----A---- C:\WINDOWS\SYSWOW64\TpmCertResources.dll
2021-12-20 14:15:41 ----A---- C:\WINDOWS\SYSWOW64\explorer.exe
2021-12-20 14:14:49 ----A---- C:\WINDOWS\SYSWOW64\TpmCoreProvisioning.dll
2021-12-20 14:14:48 ----A---- C:\WINDOWS\SYSWOW64\sechost.dll
2021-12-20 14:14:48 ----A---- C:\WINDOWS\SYSWOW64\PCPKsp.dll
2021-12-20 14:14:47 ----A---- C:\WINDOWS\SYSWOW64\RTWorkQ.dll
2021-12-20 14:14:47 ----A---- C:\WINDOWS\SYSWOW64\ContentDeliveryManager.Utilities.dll
2021-12-20 14:14:42 ----A---- C:\WINDOWS\system32\pku2u.dll
2021-12-20 14:14:42 ----A---- C:\WINDOWS\system32\ngctasks.dll
2021-12-20 14:14:40 ----A---- C:\WINDOWS\system32\Windows.UI.FileExplorer.dll
2021-12-20 14:14:40 ----A---- C:\WINDOWS\system32\shell32.dll
2021-12-20 14:14:39 ----A---- C:\WINDOWS\system32\scecli.dll
2021-12-20 14:14:39 ----A---- C:\WINDOWS\system32\rtutils.dll
2021-12-20 14:14:39 ----A---- C:\WINDOWS\system32\rasmans.dll
2021-12-20 14:14:39 ----A---- C:\WINDOWS\system32\rasman.dll
2021-12-20 14:14:39 ----A---- C:\WINDOWS\system32\rasapi32.dll
2021-12-20 14:14:38 ----A---- C:\WINDOWS\system32\SettingsHandlers_nt.dll
2021-12-20 14:14:37 ----A---- C:\WINDOWS\system32\SettingsHandlers_Fonts.dll
2021-12-20 14:14:36 ----A---- C:\WINDOWS\system32\pnidui.dll
2021-12-20 14:14:36 ----A---- C:\WINDOWS\system32\iphlpsvc.dll
2021-12-20 14:14:28 ----A---- C:\WINDOWS\system32\wsqmcons.exe
2021-12-20 14:14:27 ----A---- C:\WINDOWS\system32\sppobjs.dll
2021-12-20 14:14:27 ----A---- C:\WINDOWS\system32\SppExtComObj.Exe
2021-12-20 14:14:27 ----A---- C:\WINDOWS\system32\LicensingWinRT.dll
2021-12-20 14:14:26 ----A---- C:\WINDOWS\system32\sppsvc.exe
2021-12-20 14:14:25 ----A---- C:\WINDOWS\system32\LockHostingFramework.dll
2021-12-20 14:14:25 ----A---- C:\WINDOWS\system32\AboveLockAppHost.dll
2021-12-20 14:14:24 ----A---- C:\WINDOWS\system32\Windows.UI.Immersive.dll
2021-12-20 14:14:23 ----A---- C:\WINDOWS\system32\gpapi.dll
2021-12-20 14:14:22 ----A---- C:\WINDOWS\system32\gpsvc.dll
2021-12-20 14:14:21 ----A---- C:\WINDOWS\system32\gdi32full.dll
2021-12-20 14:14:20 ----A---- C:\WINDOWS\system32\feclient.dll
2021-12-20 14:14:20 ----A---- C:\WINDOWS\system32\efssvc.dll
2021-12-20 14:14:20 ----A---- C:\WINDOWS\system32\efslsaext.dll
2021-12-20 14:14:18 ----A---- C:\WINDOWS\system32\efscore.dll
2021-12-20 14:14:15 ----A---- C:\WINDOWS\system32\d3d9.dll
2021-12-20 14:14:15 ----A---- C:\WINDOWS\system32\d3d8thk.dll
2021-12-20 14:14:14 ----A---- C:\WINDOWS\system32\MdmDiagnostics.dll
2021-12-20 14:14:13 ----A---- C:\WINDOWS\system32\mdmmigrator.dll
2021-12-20 14:14:13 ----A---- C:\WINDOWS\system32\enrollmentapi.dll
2021-12-20 14:14:12 ----A---- C:\WINDOWS\system32\dmenrollengine.dll
2021-12-20 14:14:11 ----A---- C:\WINDOWS\system32\omadmclient.exe
2021-12-20 14:14:11 ----A---- C:\WINDOWS\system32\enterprisecsps.dll
2021-12-20 14:14:11 ----A---- C:\WINDOWS\system32\dmenterprisediagnostics.dll
2021-12-20 14:14:10 ----A---- C:\WINDOWS\system32\policymanager.dll
2021-12-20 14:14:10 ----A---- C:\WINDOWS\system32\dmcsps.dll
2021-12-20 14:14:09 ----A---- C:\WINDOWS\system32\LogonController.dll
2021-12-20 14:14:09 ----A---- C:\WINDOWS\system32\dmcmnutils.dll
2021-12-20 14:14:09 ----A---- C:\WINDOWS\system32\configmanager2.dll
2021-12-20 14:14:08 ----A---- C:\WINDOWS\system32\usermgr.dll
2021-12-20 14:14:07 ----A---- C:\WINDOWS\system32\drivers\mrxsmb20.sys
2021-12-20 14:14:07 ----A---- C:\WINDOWS\system32\drivers\mrxsmb.sys
2021-12-20 14:14:06 ----A---- C:\WINDOWS\system32\winlogon.exe
2021-12-20 14:14:06 ----A---- C:\WINDOWS\system32\ntlanman.dll
2021-12-20 14:14:06 ----A---- C:\WINDOWS\system32\drivers\clfs.sys
2021-12-20 14:14:05 ----A---- C:\WINDOWS\system32\msctf.dll
2021-12-20 14:14:05 ----A---- C:\WINDOWS\system32\fontdrvhost.exe
2021-12-20 14:14:04 ----A---- C:\WINDOWS\system32\lpk.dll
2021-12-20 14:14:04 ----A---- C:\WINDOWS\system32\fontsub.dll
2021-12-20 14:14:04 ----A---- C:\WINDOWS\system32\dciman32.dll
2021-12-20 14:14:03 ----A---- C:\WINDOWS\SYSWOW64\KernelBase.dll
2021-12-20 14:14:03 ----A---- C:\WINDOWS\SYSWOW64\bcryptprimitives.dll
2021-12-20 14:14:02 ----A---- C:\WINDOWS\SYSWOW64\imagehlp.dll
2021-12-20 14:14:02 ----A---- C:\WINDOWS\system32\sscore.dll
2021-12-20 14:14:02 ----A---- C:\WINDOWS\system32\srvsvc.dll
2021-12-20 14:14:02 ----A---- C:\WINDOWS\system32\drivers\FWPKCLNT.SYS
2021-12-20 14:14:01 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2021-12-20 14:14:01 ----A---- C:\WINDOWS\system32\drivers\NetAdapterCx.sys
2021-12-20 14:14:00 ----A---- C:\WINDOWS\system32\KernelBase.dll
2021-12-20 14:14:00 ----A---- C:\WINDOWS\system32\bcryptprimitives.dll
2021-12-20 14:13:59 ----A---- C:\WINDOWS\system32\sechost.dll
2021-12-20 14:13:00 ----A---- C:\WINDOWS\system32\drivers\partmgr.sys
2021-12-20 14:13:00 ----A---- C:\WINDOWS\system32\drivers\ndis.sys
2021-12-20 14:12:59 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2021-12-20 14:12:58 ----A---- C:\WINDOWS\system32\imagehlp.dll
2021-12-20 14:12:58 ----A---- C:\WINDOWS\system32\drivers\ntfs.sys
2021-12-20 14:12:57 ----A---- C:\WINDOWS\system32\wersvc.dll
2021-12-20 14:12:57 ----A---- C:\WINDOWS\system32\wermgr.exe
2021-12-20 14:12:57 ----A---- C:\WINDOWS\system32\WerFaultSecure.exe
2021-12-20 14:12:57 ----A---- C:\WINDOWS\system32\WerFault.exe
2021-12-20 14:12:57 ----A---- C:\WINDOWS\system32\werdiagcontroller.dll
2021-12-20 14:12:57 ----A---- C:\WINDOWS\system32\kdnet.dll
2021-12-20 14:12:57 ----A---- C:\WINDOWS\system32\Faultrep.dll
2021-12-20 14:12:56 ----A---- C:\WINDOWS\system32\weretw.dll
2021-12-20 14:12:56 ----A---- C:\WINDOWS\system32\wer.dll
2021-12-20 14:12:56 ----A---- C:\WINDOWS\system32\offlinelsa.dll
2021-12-20 14:12:56 ----A---- C:\WINDOWS\system32\drivers\ksecpkg.sys
2021-12-20 14:12:55 ----A---- C:\WINDOWS\system32\tzres.dll
2021-12-20 14:12:55 ----A---- C:\WINDOWS\system32\ncryptprov.dll
2021-12-20 14:12:55 ----A---- C:\WINDOWS\system32\lsasrv.dll
2021-12-20 14:12:55 ----A---- C:\WINDOWS\system32\drivers\http.sys
2021-12-20 14:12:55 ----A---- C:\WINDOWS\system32\drivers\cng.sys
2021-12-20 14:12:54 ----A---- C:\WINDOWS\system32\rpcss.dll
2021-12-20 14:12:54 ----A---- C:\WINDOWS\system32\ci.dll
2021-12-20 14:12:53 ----A---- C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2021-12-20 14:12:53 ----A---- C:\WINDOWS\system32\dcomp.dll
2021-12-20 14:12:52 ----A---- C:\WINDOWS\system32\winsku.dll
2021-12-20 14:12:52 ----A---- C:\WINDOWS\system32\winbrand.dll
2021-12-20 14:12:52 ----A---- C:\WINDOWS\system32\dwmcore.dll
2021-12-20 14:12:52 ----A---- C:\WINDOWS\system32\CloudExperienceHost.dll
2021-12-20 14:12:51 ----A---- C:\WINDOWS\system32\winresume.exe
2021-12-20 14:12:50 ----A---- C:\WINDOWS\system32\winload.exe
2021-12-20 14:12:49 ----A---- C:\WINDOWS\system32\srpapi.dll
2021-12-20 14:12:49 ----A---- C:\WINDOWS\system32\drivers\refs.sys
2021-12-20 14:12:49 ----A---- C:\WINDOWS\system32\drivers\applockerfltr.sys
2021-12-20 14:12:49 ----A---- C:\WINDOWS\system32\AppLockerCSP.dll
2021-12-20 14:12:49 ----A---- C:\WINDOWS\system32\appidtel.exe
2021-12-20 14:12:48 ----A---- C:\WINDOWS\system32\SettingsHandlers_ManagePhone.dll
2021-12-20 14:12:48 ----A---- C:\WINDOWS\system32\drivers\appid.sys
2021-12-20 14:12:48 ----A---- C:\WINDOWS\system32\ConstraintIndex.Search.dll
2021-12-20 14:12:47 ----A---- C:\WINDOWS\system32\SettingsHandlers_ContentDeliveryManager.dll
2021-12-20 14:12:47 ----A---- C:\WINDOWS\system32\CustomInstallExec.exe
2021-12-20 14:12:47 ----A---- C:\WINDOWS\system32\ApplyTrustOffline.exe
2021-12-20 14:12:46 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2021-12-20 14:12:46 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2021-12-20 14:12:46 ----A---- C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2021-12-20 14:12:45 ----A---- C:\WINDOWS\system32\WsmSvc.dll
2021-12-20 14:12:45 ----A---- C:\WINDOWS\system32\WinREAgent.dll
2021-12-20 14:12:45 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2021-12-20 14:12:43 ----A---- C:\WINDOWS\system32\twinui.pcshell.dll
2021-12-20 14:12:42 ----A---- C:\WINDOWS\system32\updatecsp.dll
2021-12-20 14:12:42 ----A---- C:\WINDOWS\system32\UpdateAgent.dll
2021-12-20 14:12:42 ----A---- C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2021-12-20 14:12:42 ----A---- C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2021-12-20 14:12:42 ----A---- C:\WINDOWS\system32\AppResolver.dll
2021-12-20 14:12:41 ----A---- C:\WINDOWS\system32\usosvc.dll
2021-12-20 14:12:41 ----A---- C:\WINDOWS\system32\usocoreworker.exe
2021-12-20 14:12:41 ----A---- C:\WINDOWS\system32\MoUsoCoreWorker.exe
2021-12-20 14:12:40 ----A---- C:\WINDOWS\system32\winbio.dll
2021-12-20 14:12:40 ----A---- C:\WINDOWS\system32\wevtsvc.dll
2021-12-20 14:12:40 ----A---- C:\WINDOWS\system32\wbiosrvc.dll
2021-12-20 14:12:40 ----A---- C:\WINDOWS\system32\SHCore.dll
2021-12-20 14:12:40 ----A---- C:\WINDOWS\system32\BioCredProv.dll
2021-12-20 14:12:39 ----A---- C:\WINDOWS\system32\wcimage.dll
2021-12-20 14:12:39 ----A---- C:\WINDOWS\system32\wc_storage.dll
2021-12-20 14:12:39 ----A---- C:\WINDOWS\system32\mdmregistration.dll
2021-12-20 14:12:39 ----A---- C:\WINDOWS\system32\MdmDiagnosticsTool.exe
2021-12-20 14:12:39 ----A---- C:\WINDOWS\system32\daxexec.dll
2021-12-20 14:12:38 ----A---- C:\WINDOWS\system32\windows.immersiveshell.serviceprovider.dll
2021-12-20 14:12:38 ----A---- C:\WINDOWS\system32\win32u.dll
2021-12-20 14:12:38 ----A---- C:\WINDOWS\system32\win32kfull.sys
2021-12-20 14:12:38 ----A---- C:\WINDOWS\system32\win32k.sys
2021-12-20 14:12:37 ----A---- C:\WINDOWS\system32\Windows.Services.TargetedContent.dll
2021-12-20 14:12:36 ----A---- C:\WINDOWS\system32\wpnapps.dll
2021-12-20 14:12:36 ----A---- C:\WINDOWS\system32\kerberos.dll
2021-12-20 14:12:36 ----A---- C:\WINDOWS\system32\AppxPackaging.dll
2021-12-20 14:12:35 ----A---- C:\WINDOWS\system32\windows.storage.dll
2021-12-20 14:12:34 ----A---- C:\WINDOWS\system32\WaaSAssessment.dll
2021-12-20 14:12:34 ----A---- C:\WINDOWS\system32\InstallServiceTasks.dll
2021-12-20 14:12:34 ----A---- C:\WINDOWS\system32\InstallService.dll
2021-12-20 14:12:33 ----A---- C:\WINDOWS\system32\ISM.dll
2021-12-20 14:12:33 ----A---- C:\WINDOWS\system32\InputLocaleManager.dll
2021-12-20 14:12:32 ----A---- C:\WINDOWS\system32\WordBreakers.dll
2021-12-20 14:12:32 ----A---- C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2021-12-20 14:12:32 ----A---- C:\WINDOWS\system32\TextInputFramework.dll
2021-12-20 14:12:32 ----A---- C:\WINDOWS\system32\EditBufferTestHook.dll
2021-12-20 14:12:31 ----A---- C:\WINDOWS\system32\InputService.dll
2021-12-20 14:12:30 ----A---- C:\WINDOWS\system32\tquery.dll
2021-12-20 14:12:29 ----A---- C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2021-12-20 14:12:29 ----A---- C:\WINDOWS\system32\mssvp.dll
2021-12-20 14:12:29 ----A---- C:\WINDOWS\system32\mssrch.dll
2021-12-20 14:12:29 ----A---- C:\WINDOWS\system32\mssprxy.dll
2021-12-20 14:12:29 ----A---- C:\WINDOWS\system32\mssph.dll
2021-12-20 14:12:28 ----A---- C:\WINDOWS\system32\SearchProtocolHost.exe
2021-12-20 14:12:28 ----A---- C:\WINDOWS\system32\SearchIndexer.exe
2021-12-20 14:12:28 ----A---- C:\WINDOWS\system32\SearchFilterHost.exe
2021-12-20 14:12:28 ----A---- C:\WINDOWS\system32\mssitlb.dll
2021-12-20 14:12:28 ----A---- C:\WINDOWS\system32\msscntrs.dll
2021-12-20 14:12:27 ----A---- C:\WINDOWS\system32\win32kbase.sys
2021-12-20 14:12:27 ----A---- C:\WINDOWS\system32\FntCache.dll
2021-12-20 14:12:27 ----A---- C:\WINDOWS\system32\d3d9on12.dll
2021-12-20 14:12:26 ----A---- C:\WINDOWS\system32\EdgeContent.dll
2021-12-20 14:12:26 ----A---- C:\WINDOWS\system32\DWrite.dll
2021-12-20 14:11:37 ----A---- C:\WINDOWS\system32\ngcsvc.dll
2021-12-20 14:11:37 ----A---- C:\WINDOWS\system32\ngcrecovery.dll
2021-12-20 14:11:37 ----A---- C:\WINDOWS\system32\ngcpopkeysrv.dll
2021-12-20 14:11:37 ----A---- C:\WINDOWS\system32\NgcCtnrSvc.dll
2021-12-20 14:11:37 ----A---- C:\WINDOWS\system32\ngccredprov.dll
2021-12-20 14:11:37 ----A---- C:\WINDOWS\system32\cryptngc.dll
2021-12-20 14:11:36 ----A---- C:\WINDOWS\system32\NgcCtnr.dll
2021-12-20 14:11:36 ----A---- C:\WINDOWS\system32\drivers\dxgmms2.sys
2021-12-20 14:11:36 ----A---- C:\WINDOWS\system32\drivers\dxgmms1.sys
2021-12-20 14:11:36 ----A---- C:\WINDOWS\system32\drivers\dxgkrnl.sys
2021-12-20 14:11:36 ----A---- C:\WINDOWS\system32\CertEnrollCtrl.exe
2021-12-20 14:11:36 ----A---- C:\WINDOWS\system32\cdd.dll
2021-12-20 14:11:35 ----A---- C:\WINDOWS\system32\CertEnroll.dll
2021-12-20 14:11:34 ----A---- C:\WINDOWS\system32\UIAutomationCore.dll
2021-12-20 14:11:34 ----A---- C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2021-12-20 14:11:34 ----A---- C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2021-12-20 14:11:34 ----A---- C:\WINDOWS\system32\cloudAP.dll
2021-12-20 14:11:33 ----A---- C:\WINDOWS\system32\GameInput.dll
2021-12-20 14:11:33 ----A---- C:\WINDOWS\system32\crypttpmeksvc.dll
2021-12-20 14:11:33 ----A---- C:\WINDOWS\system32\aadtb.dll
2021-12-20 14:11:32 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.Resources.Common.dll
2021-12-20 14:11:32 ----A---- C:\WINDOWS\system32\ExecModelClient.dll
2021-12-20 14:11:32 ----A---- C:\WINDOWS\system32\aadcloudap.dll
2021-12-20 14:11:32 ----A---- C:\WINDOWS\system32\aadauthhelper.dll
2021-12-20 14:11:30 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll
2021-12-20 14:11:29 ----A---- C:\WINDOWS\system32\mapi32.dll
2021-12-20 14:11:29 ----A---- C:\WINDOWS\system32\fixmapi.exe
2021-12-20 14:11:29 ----A---- C:\WINDOWS\system32\DataExchange.dll
2021-12-20 14:11:28 ----A---- C:\WINDOWS\system32\mapistub.dll
2021-12-20 14:11:27 ----A---- C:\WINDOWS\system32\twinui.dll
2021-12-20 14:11:26 ----A---- C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-12-20 14:11:25 ----A---- C:\WINDOWS\system32\Windows.Internal.ShellCommon.Broker.dll
2021-12-20 14:11:25 ----A---- C:\WINDOWS\system32\StartTileData.dll
2021-12-20 14:11:24 ----A---- C:\WINDOWS\system32\dsreg.dll
2021-12-20 14:11:24 ----A---- C:\WINDOWS\system32\drivers\nwifi.sys
2021-12-20 14:11:24 ----A---- C:\WINDOWS\explorer.exe
2021-12-20 14:11:23 ----A---- C:\WINDOWS\system32\TpmTool.exe
2021-12-20 14:11:23 ----A---- C:\WINDOWS\system32\TpmTasks.dll
2021-12-20 14:11:23 ----A---- C:\WINDOWS\system32\TpmCoreProvisioning.dll
2021-12-20 14:11:23 ----A---- C:\WINDOWS\system32\TpmCertResources.dll
2021-12-20 14:11:22 ----A---- C:\WINDOWS\system32\wpx.dll
2021-12-20 14:11:22 ----A---- C:\WINDOWS\system32\Windows.Internal.Signals.dll
2021-12-20 14:11:22 ----A---- C:\WINDOWS\system32\PCPKsp.dll
2021-12-20 14:11:21 ----A---- C:\WINDOWS\system32\win32spl.dll
2021-12-20 14:11:21 ----A---- C:\WINDOWS\system32\spoolsv.exe
2021-12-20 14:11:21 ----A---- C:\WINDOWS\system32\localspl.dll
2021-12-20 14:11:21 ----A---- C:\WINDOWS\system32\FaxPrinterInstaller.dll
2021-12-20 14:11:21 ----A---- C:\WINDOWS\splwow64.exe
2021-12-20 14:11:20 ----A---- C:\WINDOWS\system32\drivers\PEAuth.sys
2021-12-20 14:11:19 ----A---- C:\WINDOWS\system32\drivers\storport.sys
2021-12-20 14:11:19 ----A---- C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2021-12-20 14:11:18 ----A---- C:\WINDOWS\system32\bcdedit.exe
2021-12-20 14:11:17 ----A---- C:\WINDOWS\system32\audioresourceregistrar.dll
2021-12-20 14:11:17 ----A---- C:\WINDOWS\system32\AUDIOKSE.dll
2021-12-20 14:11:17 ----A---- C:\WINDOWS\system32\audiodg.exe
2021-12-20 14:11:16 ----A---- C:\WINDOWS\system32\SpatialAudioLicenseSrv.exe
2021-12-20 14:11:16 ----A---- C:\WINDOWS\system32\remoteaudioendpoint.dll
2021-12-20 14:11:16 ----A---- C:\WINDOWS\system32\audiosrv.dll
2021-12-20 14:11:16 ----A---- C:\WINDOWS\system32\AudioEng.dll
2021-12-20 14:11:16 ----A---- C:\WINDOWS\system32\AudioEndpointBuilder.dll
2021-12-20 14:11:15 ----A---- C:\WINDOWS\system32\RTWorkQ.dll
2021-12-20 14:11:14 ----A---- C:\WINDOWS\system32\drivers\pci.sys
2021-12-20 14:11:14 ----A---- C:\WINDOWS\system32\drivers\BTHUSB.SYS
2021-12-20 14:11:14 ----A---- C:\WINDOWS\system32\drivers\bthport.sys
2021-12-20 14:11:14 ----A---- C:\WINDOWS\system32\drivers\BthMini.SYS
2021-12-20 14:11:14 ----A---- C:\WINDOWS\system32\drivers\bthenum.sys
2021-12-20 14:11:13 ----A---- C:\WINDOWS\system32\drivers\xinputhid.sys
2021-12-20 14:11:13 ----A---- C:\WINDOWS\system32\drivers\xboxgip.sys
2021-12-20 14:11:13 ----A---- C:\WINDOWS\system32\drivers\usbvideo.sys
2021-12-20 14:11:13 ----A---- C:\WINDOWS\system32\drivers\devauthe.sys
2021-12-20 12:22:10 ----D---- C:\Program Files\Adobe
2021-12-20 12:15:15 ----D---- C:\Program Files\Common Files\Adobe
2021-12-20 11:58:49 ----D---- C:\ProgramData\Adobe
2021-12-20 11:46:52 ----A---- C:\WINDOWS\SYSWOW64\poqexec.exe
2021-12-20 11:46:50 ----A---- C:\WINDOWS\system32\poqexec.exe
======List of files/folders modified in the last 1 month======
2022-01-09 17:54:56 ----D---- C:\Windows
2022-01-09 17:54:47 ----D---- C:\Program Files\trend micro
2022-01-09 17:53:35 ----D---- C:\WINDOWS\Temp
2022-01-09 17:52:09 ----D---- C:\WINDOWS\Prefetch
2022-01-09 17:44:25 ----D---- C:\Program Files (x86)\Google
2022-01-09 17:42:59 ----D---- C:\WINDOWS\INF
2022-01-09 17:35:13 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2022-01-09 17:11:05 ----D---- C:\WINDOWS\system32\sru
2022-01-09 17:04:43 ----D---- C:\WINDOWS\system32\SleepStudy
2022-01-09 10:04:10 ----D---- C:\Program Files\CCleaner
2022-01-08 23:45:21 ----RD---- C:\WINDOWS\Microsoft.NET
2022-01-08 01:55:49 ----D---- C:\WINDOWS\AppReadiness
2022-01-08 01:55:37 ----HD---- C:\Program Files\WindowsApps
2022-01-08 01:28:46 ----SHD---- C:\WINDOWS\Installer
2022-01-08 01:28:45 ----D---- C:\WINDOWS\system32\Tasks
2022-01-07 23:46:40 ----SHD---- C:\System Volume Information
2022-01-03 18:04:01 ----D---- C:\Program Files\Opera
2022-01-01 21:01:57 ----D---- C:\Program Files (x86)\TeamViewer
2021-12-25 23:44:48 ----D---- C:\WINDOWS\system32\config
2021-12-24 23:52:07 ----D---- C:\WINDOWS\WinSxS
2021-12-22 15:55:08 ----D---- C:\WINDOWS\system32\drivers
2021-12-22 15:48:11 ----D---- C:\ProgramData\Garmin
2021-12-22 15:47:22 ----D---- C:\ProgramData\Package Cache
2021-12-22 15:47:06 ----RSD---- C:\WINDOWS\assembly
2021-12-22 15:47:00 ----D---- C:\Program Files (x86)\Garmin
2021-12-20 19:48:36 ----D---- C:\WINDOWS\System32
2021-12-20 19:48:36 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2021-12-20 19:45:06 ----D---- C:\WINDOWS\system32\DriverStore
2021-12-20 19:43:25 ----ASH---- C:\DumpStack.log.tmp
2021-12-20 19:40:08 ----D---- C:\WINDOWS\SYSWOW64\migration
2021-12-20 19:40:08 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2021-12-20 19:40:08 ----D---- C:\WINDOWS\SysWOW64
2021-12-20 19:40:04 ----D---- C:\WINDOWS\SystemResources
2021-12-20 19:40:04 ----D---- C:\WINDOWS\system32\zh-TW
2021-12-20 19:40:04 ----D---- C:\WINDOWS\system32\zh-CN
2021-12-20 19:40:04 ----D---- C:\WINDOWS\system32\uk-UA
2021-12-20 19:40:03 ----D---- C:\WINDOWS\system32\tr-TR
2021-12-20 19:40:03 ----D---- C:\WINDOWS\system32\th-TH
2021-12-20 19:40:03 ----D---- C:\WINDOWS\system32\sv-SE
2021-12-20 19:40:03 ----D---- C:\WINDOWS\system32\sr-Latn-RS
2021-12-20 19:40:03 ----D---- C:\WINDOWS\system32\sl-SI
2021-12-20 19:40:03 ----D---- C:\WINDOWS\system32\sk-SK
2021-12-20 19:40:03 ----D---- C:\WINDOWS\system32\setup
2021-12-20 19:40:03 ----D---- C:\WINDOWS\system32\ru-RU
2021-12-20 19:40:03 ----D---- C:\WINDOWS\system32\ro-RO
2021-12-20 19:40:03 ----D---- C:\WINDOWS\system32\pt-PT
2021-12-20 19:40:03 ----D---- C:\WINDOWS\system32\pt-BR
2021-12-20 19:40:03 ----D---- C:\WINDOWS\system32\pl-PL
2021-12-20 19:40:03 ----D---- C:\WINDOWS\system32\oobe
2021-12-20 19:40:03 ----D---- C:\WINDOWS\system32\nl-NL
2021-12-20 19:40:03 ----D---- C:\WINDOWS\system32\nb-NO
2021-12-20 19:40:03 ----D---- C:\WINDOWS\system32\migration
2021-12-20 19:40:03 ----D---- C:\WINDOWS\system32\lv-LV
2021-12-20 19:40:02 ----D---- C:\WINDOWS\system32\lt-LT
2021-12-20 19:40:02 ----D---- C:\WINDOWS\system32\ko-KR
2021-12-20 19:40:02 ----D---- C:\WINDOWS\system32\ja-jp
2021-12-20 19:40:02 ----D---- C:\WINDOWS\system32\it-IT
2021-12-20 19:40:02 ----D---- C:\WINDOWS\system32\hu-HU
2021-12-20 19:40:02 ----D---- C:\WINDOWS\system32\hr-HR
2021-12-20 19:40:02 ----D---- C:\WINDOWS\system32\he-IL
2021-12-20 19:40:02 ----D---- C:\WINDOWS\system32\fr-FR
2021-12-20 19:40:02 ----D---- C:\WINDOWS\system32\fr-CA
2021-12-20 19:40:02 ----D---- C:\WINDOWS\system32\fi-FI
2021-12-20 19:40:02 ----D---- C:\WINDOWS\system32\et-EE
2021-12-20 19:40:02 ----D---- C:\WINDOWS\system32\es-MX
2021-12-20 19:40:02 ----D---- C:\WINDOWS\system32\es-ES
2021-12-20 19:40:02 ----D---- C:\WINDOWS\system32\en-US
2021-12-20 19:40:02 ----D---- C:\WINDOWS\system32\en-GB
2021-12-20 19:40:02 ----D---- C:\WINDOWS\system32\el-GR
2021-12-20 19:40:01 ----D---- C:\WINDOWS\system32\de-DE
2021-12-20 19:40:01 ----D---- C:\WINDOWS\system32\da-DK
2021-12-20 19:40:01 ----D---- C:\WINDOWS\system32\cs-CZ
2021-12-20 19:40:01 ----D---- C:\WINDOWS\system32\Boot
2021-12-20 19:40:01 ----D---- C:\WINDOWS\system32\bg-BG
2021-12-20 19:40:01 ----D---- C:\WINDOWS\system32\ar-SA
2021-12-20 19:39:51 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2021-12-20 19:39:51 ----D---- C:\WINDOWS\Provisioning
2021-12-20 19:39:51 ----D---- C:\WINDOWS\bcastdvr
2021-12-20 19:39:51 ----D---- C:\WINDOWS\apppatch
2021-12-20 19:39:41 ----D---- C:\WINDOWS\system32\drivers\UMDF
2021-12-20 19:04:00 ----D---- C:\Program Files (x86)\CCleaner Browser
2021-12-20 17:51:25 ----D---- C:\WINDOWS\CbsTemp
2021-12-20 17:38:56 ----RD---- C:\Users
2021-12-20 17:34:46 ----SHD---- C:\$Recycle.Bin
2021-12-20 14:22:51 ----D---- C:\WINDOWS\system32\catroot2
2021-12-20 13:08:38 ----SD---- C:\Users\Mara\AppData\Roaming\Microsoft
2021-12-20 13:08:38 ----D---- C:\Users\Mara\AppData\Roaming\Adobe
2021-12-20 12:27:04 ----D---- C:\Program Files (x86)\Common Files
2021-12-20 12:22:10 ----RD---- C:\Program Files
2021-12-20 12:15:15 ----D---- C:\Program Files\Common Files
2021-12-20 11:58:49 ----HD---- C:\ProgramData
2021-12-20 11:38:50 ----D---- C:\WINDOWS\system32\MRT
2021-12-20 11:30:55 ----AC---- C:\WINDOWS\system32\MRT.exe
2021-12-15 14:39:59 ----D---- C:\WINDOWS\system32\drivers\wd
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\WINDOWS\system32\drivers\iorate.sys [2021-08-27 57168]
R0 SgrmAgent;@%SystemRoot%\System32\Drivers\SgrmAgent.sys,-1001; C:\WINDOWS\system32\drivers\SgrmAgent.sys [2019-12-07 88080]
R1 afunix;afunix; C:\WINDOWS\system32\drivers\afunix.sys [2021-08-27 41984]
R1 bam;@%SystemRoot%\system32\drivers\bam.sys,-100; C:\WINDOWS\system32\drivers\bam.sys [2019-12-07 78136]
R1 CimFS;CimFS; C:\WINDOWS\system32\drivers\CimFS.sys [2021-10-18 98304]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2019-12-07 59392]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2019-12-07 8704]
R2 bindflt;@%systemroot%\system32\drivers\bindflt.sys,-100; C:\WINDOWS\system32\drivers\bindflt.sys [2021-10-18 148816]
R2 CldFlt;Windows Cloud Files Filter Driver; C:\WINDOWS\system32\drivers\cldflt.sys [2021-11-11 496640]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2020-10-13 53248]
R3 KMWDFILTER;HIDServiceDesc; C:\WINDOWS\System32\drivers\KMWDFILTER.sys [2009-04-29 30208]
R3 MsQuic;@%SystemRoot%\system32\drivers\msquic.sys,-1; C:\WINDOWS\system32\drivers\msquic.sys [2020-09-25 322376]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys [2016-12-09 12914360]
R3 RTL8167;@oem27.inf,%rtl8167.Service.DispName%;Realtek 8167 NT Driver; C:\WINDOWS\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
R3 rtl8192se;@net8192se64.inf,%RTL8192se.Service.DispName%;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver; C:\WINDOWS\System32\drivers\rtl8192se.sys [2019-12-07 1222656]
S0 bttflt;@virtdisk.inf,%service_desc%;Microsoft Hyper-V VHDPMEM BTT Filter; C:\WINDOWS\System32\drivers\bttflt.sys [2019-12-07 43832]
S0 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2019-12-07 319800]
S0 iaStorAVC;@iastorav.inf,%iaStorAVC.DeviceDesc%;Intel Chipset SATA RAID Controller; C:\WINDOWS\System32\drivers\iaStorAVC.sys [2019-12-07 884752]
S0 ItSas35i;ItSas35i; C:\WINDOWS\System32\drivers\ItSas35i.sys [2019-12-07 172344]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2019-12-07 124216]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2019-12-07 135992]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2019-12-07 81720]
S0 megasas35i;megasas35i; C:\WINDOWS\System32\drivers\megasas35i.sys [2019-12-07 105480]
S0 nvdimm;@nvdimm.inf,%nvdimm.SvcDesc%;Microsoft NVDIMM device driver; C:\WINDOWS\System32\drivers\nvdimm.sys [2019-12-07 168464]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2019-12-07 58680]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2019-12-07 68408]
S0 pmem;@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver; C:\WINDOWS\System32\drivers\pmem.sys [2019-12-07 138040]
S0 Ramdisk;Windows RAM Disk Driver; C:\WINDOWS\system32\DRIVERS\ramdisk.sys [2019-12-07 42296]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2019-12-07 158736]
S0 SmartSAMD;SmartSAMD; C:\WINDOWS\System32\drivers\SmartSAMD.sys [2019-12-07 209720]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2019-12-07 23040]
S3 Acx01000;@%SystemRoot%\system32\drivers\Acx01000.sys,-1000; C:\WINDOWS\system32\drivers\Acx01000.sys [2019-12-07 415232]
S3 amdgpio2;@amdgpio2.inf,%GPIO.SvcDesc%;AMD GPIO Client Driver; C:\WINDOWS\System32\drivers\amdgpio2.sys [2019-12-07 18432]
S3 amdi2c;@amdi2c.inf,%amdi2c.SVCDESC%;AMD I2C Controller Service; C:\WINDOWS\System32\drivers\amdi2c.sys [2019-12-07 45568]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2021-12-20 18432]
S3 BthA2dp;@microsoft_bluetooth_a2dp.inf,%BthA2dp.ServiceDescription%;Microsoft Bluetooth A2dp driver; C:\WINDOWS\System32\drivers\BthA2dp.sys [2019-12-07 279040]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\WINDOWS\System32\drivers\BthEnum.sys [2021-12-20 113664]
S3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [2020-09-25 106496]
S3 BthMini;@bth.inf,%BTHMINI.SvcDesc%;Bluetooth Radio Driver; C:\WINDOWS\System32\drivers\BTHMINI.sys [2021-12-20 45568]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\WINDOWS\System32\drivers\BTHport.sys [2021-12-20 1559552]
S3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\WINDOWS\System32\drivers\BTHUSB.sys [2021-12-20 110592]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2019-12-07 44032]
S3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\WINDOWS\System32\drivers\CAD.sys [2019-12-07 66576]
S3 ew_usbccgpfilter;@oem25.inf,%busupper.SVCDESC%;HwHandSet_CompositeFilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [2020-09-24 18944]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\DriverStore\FileRepository\genericusbfn.inf_amd64_53931f0ae21d6d2c\genericusbfn.sys [2019-12-07 23040]
S3 grmnusb;grmnusb; C:\WINDOWS\system32\drivers\grmnusb.sys [2012-04-18 19304]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2019-12-07 55824]
S3 hidspi;@hidspi_km.inf,%hidspi.SVCDESC%;Microsoft SPI HID Miniport Driver; C:\WINDOWS\System32\drivers\hidspi.sys [2019-12-07 66560]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2021-09-21 95056]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys [2008-03-17 115328]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver; C:\WINDOWS\System32\Drivers\mshwnclx.sys [2019-12-07 30208]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2019-12-07 1853752]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2019-12-07 36352]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2019-12-07 91136]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2019-12-07 79360]
S3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2019-12-07 93184]
S3 iaLPSS2i_GPIO2_CNL;@iaLPSS2i_GPIO2_CNL.inf,%iaLPSS2i_GPIO2_CNL.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_CNL.sys [2019-12-07 112128]
S3 iaLPSS2i_GPIO2_GLK;@iaLPSS2i_GPIO2_GLK.inf,%iaLPSS2i_GPIO2_GLK.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_GLK.sys [2019-12-07 96256]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2019-12-07 171520]
S3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2019-12-07 175104]
S3 iaLPSS2i_I2C_CNL;@iaLPSS2i_I2C_CNL.inf,%iaLPSS2i_I2C_CNL.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_CNL.sys [2019-12-07 177152]
S3 iaLPSS2i_I2C_GLK;@iaLPSS2i_I2C_GLK.inf,%iaLPSS2i_I2C_GLK.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_GLK.sys [2019-12-07 177664]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2019-12-07 558904]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2020-10-13 47104]
S3 intelpmax;@intelpmax.inf,%SvcDesc%;Intel(R) Dynamic Device Peak Power Manager Driver; C:\WINDOWS\System32\drivers\intelpmax.sys [2019-12-07 30720]
S3 IPT;IPT; C:\WINDOWS\System32\drivers\ipt.sys [2019-12-07 59704]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\WINDOWS\System32\drivers\mausbhost.sys [2019-12-07 537608]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\WINDOWS\System32\drivers\mausbip.sys [2019-12-07 64016]
S3 MbbCx;MBB Network Adapter Class Extension; C:\WINDOWS\system32\drivers\MbbCx.sys [2021-08-27 391168]
S3 Microsoft_Bluetooth_AvrcpTransport;@microsoft_bluetooth_avrcptransport.inf,%Microsoft_Bluetooth_AvrcpTransport.ServiceDescription%;Microsoft Bluetooth Avrcp Transport Driver; C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.AvrcpTransport.sys [2019-12-07 65024]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2019-12-07 1131320]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2019-12-07 146232]
S3 NDKPing;NDKPing Driver; C:\WINDOWS\system32\drivers\NDKPing.sys [2019-12-07 72720]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2021-12-20 214528]
S3 NvStUSB;NVIDIA Stereoscopic 3D USB driver; C:\WINDOWS\System32\drivers\nvstusb.sys [2016-12-09 461424]
S3 PktMon;Packet Monitor Driver; C:\WINDOWS\system32\drivers\PktMon.sys [2021-11-11 129848]
S3 PNPMEM;@memory.inf,%PNPMEM.SvcDesc%;Microsoft Memory Module Driver; C:\WINDOWS\System32\drivers\pnpmem.sys [2019-12-07 17408]
S3 portcfg;portcfg; C:\WINDOWS\System32\drivers\portcfg.sys [2019-12-07 27136]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2019-12-07 990008]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2019-12-07 213504]
S3 rhproxy;@rhproxy.inf,%rhproxy.SVCDESC%;Resource Hub proxy driver; C:\WINDOWS\System32\drivers\rhproxy.sys [2019-12-07 115712]
S3 SDFRd;@SDFRd.inf,%SDFRd.ServiceDesc%;SDF Reflector; C:\WINDOWS\System32\drivers\SDFRd.sys [2019-12-07 35128]
S4 hvcrash;hvcrash; C:\WINDOWS\System32\drivers\hvcrash.sys [2019-12-07 35128]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2021-11-17 169728]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-13 57360]
R2 CDPUserSvc_7f25e;Uživatelská služba platformy připojených zařízení_7f25e; C:\WINDOWS\system32\svchost.exe [2020-10-13 57360]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2020-10-13 57360]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2020-10-13 57360]
R2 DispBrokerDesktopSvc;@%SystemRoot%\system32\dispbroker.desktop.dll,-101; C:\WINDOWS\system32\svchost.exe [2020-10-13 57360]
R2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2020-10-13 57360]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; C:\WINDOWS\System32\svchost.exe [2020-10-13 57360]
R2 edgeupdate;Služba Microsoft Edge Update (edgeupdate); C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [2020-06-10 224160]
R2 HuaweiHiSuiteService64.exe;HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [2020-09-24 192320]
R2 MDM;Machine Debug Manager; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvvsvc.exe [2016-11-14 932728]
R2 OneSyncSvc_7f25e;Hostitel synchronizace_7f25e; C:\WINDOWS\system32\svchost.exe [2020-10-13 57360]
R2 SgrmBroker;@%SystemRoot%\System32\SgrmBroker.exe,-100; C:\WINDOWS\system32\SgrmBroker.exe [2020-10-13 329504]
R3 BthAvctpSvc;@%SystemRoot%\system32\BthAvctpSvc.dll,-101; C:\WINDOWS\system32\svchost.exe [2020-10-13 57360]
R3 camsvc;@%SystemRoot%\system32\CapabilityAccessManager.dll,-1; C:\WINDOWS\system32\svchost.exe [2020-10-13 57360]
R3 cbdhsvc_7f25e;Uživatelská služba schránky_7f25e; C:\WINDOWS\system32\svchost.exe [2020-10-13 57360]
R3 DisplayEnhancementService;@%SystemRoot%\System32\Microsoft.Graphics.Display.DisplayEnhancementService.dll,-1000; C:\WINDOWS\system32\svchost.exe [2020-10-13 57360]
R3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2020-10-13 57360]
R3 InstallService;@%SystemRoot%\system32\InstallService.dll,-200; C:\WINDOWS\System32\svchost.exe [2020-10-13 57360]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2020-10-13 57360]
R3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2020-10-13 57360]
R3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-13 57360]
R3 PimIndexMaintenanceSvc_7f25e;Data kontaktů_7f25e; C:\WINDOWS\system32\svchost.exe [2020-10-13 57360]
R3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\WINDOWS\System32\svchost.exe [2020-10-13 57360]
R3 SecurityHealthService;@%systemroot%\system32\SecurityHealthAgent.dll,-1002; C:\WINDOWS\system32\SecurityHealthService.exe [2021-10-18 986032]
S2 ccleaner;Služba CCleaner Browser Update (ccleaner); C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [2020-09-15 200928]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-13 57360]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-02-26 154440]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2020-10-13 57360]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2020-10-13 57360]
S3 AarSvc;@%SystemRoot%\system32\AarSvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-13 57360]
S3 AarSvc_7f25e;Agent Activation Runtime_7f25e; C:\WINDOWS\system32\svchost.exe [2020-10-13 57360]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2020-12-08 335416]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2020-10-13 57360]
S3 autotimesvc;@%SystemRoot%\System32\autotimesvc.dll,-6; C:\WINDOWS\system32\svchost.exe [2020-10-13 57360]
S3 BcastDVRUserService;@%SystemRoot%\system32\BcastDVRUserService.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-13 57360]
S3 BcastDVRUserService_7f25e;Uživatelská služba pro GameDVR a vysílání her_7f25e; C:\WINDOWS\system32\svchost.exe [2020-10-13 57360]
S3 BluetoothUserService;@%SystemRoot%\system32\Microsoft.Bluetooth.UserService.dll,-101; C:\WINDOWS\system32\svchost.exe [2020-10-13 57360]
S3 BluetoothUserService_7f25e;Služba pro podporu uživatelů Bluetooth_7f25e; C:\WINDOWS\system32\svchost.exe [2020-10-13 57360]
S3 BTAGService;@%SystemRoot%\system32\BTAGService.dll,-101; C:\WINDOWS\system32\svchost.exe [2020-10-13 57360]
S3 CaptureService;@%SystemRoot%\system32\CaptureService.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-13 57360]
S3 CaptureService_7f25e;CaptureService_7f25e; C:\WINDOWS\system32\svchost.exe [2020-10-13 57360]
S3 cbdhsvc;@%SystemRoot%\system32\cbdhsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-13 57360]
S3 CCleanerBrowserElevationService;CCleaner Browser Elevation Service (CCleanerBrowserElevationService); C:\Program Files (x86)\CCleaner Browser\Application\96.1.13589.113\elevation_service.exe [2021-12-15 1721904]
S3 ccleanerm;Služba CCleaner Browser Update (ccleanerm); C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [2020-09-15 200928]
S3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2020-10-13 57360]
S3 ConsentUxUserSvc;@%SystemRoot%\system32\ConsentUxClient.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-13 57360]
S3 ConsentUxUserSvc_7f25e;ConsentUX_7f25e; C:\WINDOWS\system32\svchost.exe [2020-10-13 57360]
S3 CredentialEnrollmentManagerUserSvc;@%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100; C:\WINDOWS\system32\CredentialEnrollmentManager.exe [2021-09-21 382696]
S3 CredentialEnrollmentManagerUserSvc_7f25e;CredentialEnrollmentManagerUserSvc_7f25e; C:\WINDOWS\system32\CredentialEnrollmentManager.exe [2021-09-21 382696]
S3 DeviceAssociationBrokerSvc;@%SystemRoot%\system32\deviceaccess.dll,-107; C:\WINDOWS\system32\svchost.exe [2020-10-13 57360]
S3 DeviceAssociationBrokerSvc_7f25e;DeviceAssociationBroker_7f25e; C:\WINDOWS\system32\svchost.exe [2020-10-13 57360]
S3 DevicePickerUserSvc;@%SystemRoot%\system32\Windows.Devices.Picker.dll,-1006; C:\WINDOWS\system32\svchost.exe [2020-10-13 57360]
S3 DevicePickerUserSvc_7f25e;DevicePicker_7f25e; C:\WINDOWS\system32\svchost.exe [2020-10-13 57360]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; C:\WINDOWS\system32\svchost.exe [2020-10-13 57360]
S3 DevicesFlowUserSvc_7f25e;Tok zařízení_7f25e; C:\WINDOWS\system32\svchost.exe [2020-10-13 57360]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-13 57360]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2021-11-11 94208]
S3 diagsvc;@%systemroot%\system32\DiagSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2020-10-13 57360]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-13 57360]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2020-10-13 57360]
S3 edgeupdatem;Služba Microsoft Edge Update (edgeupdatem); C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [2020-06-10 224160]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\WINDOWS\System32\svchost.exe [2020-10-13 57360]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2020-10-13 57360]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2019-11-08 46184]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2020-10-13 57360]
S3 GoogleChromeElevationService;Google Chrome Elevation Service (GoogleChromeElevationService); C:\Program Files (x86)\Google\Chrome\Application\96.0.4664.110\elevation_service.exe [2021-12-12 1392984]
S3 GraphicsPerfSvc;@%SystemRoot%\system32\GraphicsPerfSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2020-10-13 57360]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-02-26 154440]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-13 57360]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2020-10-13 57360]
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; C:\WINDOWS\System32\svchost.exe [2020-10-13 57360]
S3 LxpSvc;@%SystemRoot%\system32\LanguageOverlayServer.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-13 57360]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-13 57360]
S3 MessagingService_7f25e;Služba zasílání zpráv_7f25e; C:\WINDOWS\system32\svchost.exe [2020-10-13 57360]
S3 MicrosoftEdgeElevationService;Microsoft Edge Elevation Service (MicrosoftEdgeElevationService); C:\Program Files (x86)\Microsoft\Edge\Application\97.0.1072.55\elevation_service.exe [2022-01-06 1610120]
S3 MixedRealityOpenXRSvc;@%SystemRoot%\system32\MixedRealityRuntime.dll,-101; C:\WINDOWS\system32\svchost.exe [2020-10-13 57360]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2020-01-29 244936]
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-13 57360]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2020-10-13 57360]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 perceptionsimulation;@%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101; C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe [2021-01-13 106496]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2020-10-13 57360]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2020-10-13 57360]
S3 PrintWorkflowUserSvc;@%SystemRoot%\system32\PrintWorkflowService.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-13 57360]
S3 PrintWorkflowUserSvc_7f25e;PrintWorkflow_7f25e; C:\WINDOWS\system32\svchost.exe [2020-10-13 57360]
S3 PushToInstall;@%SystemRoot%\system32\pushtoinstall.dll,-200; C:\WINDOWS\System32\svchost.exe [2020-10-13 57360]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2020-10-13 57360]
S3 SEMgrSvc;@%SystemRoot%\System32\SEMgrSvc.dll,-1001; C:\WINDOWS\system32\svchost.exe [2020-10-13 57360]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2021-01-13 1265152]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2020-10-13 57360]
S3 SharedRealitySvc;@%SystemRoot%\system32\SharedRealitySvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2020-10-13 57360]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2020-10-13 57360]
S4 shpamsvc;@%SystemRoot%\System32\Windows.SharedPC.AccountManager.dll,-100; C:\WINDOWS\System32\svchost.exe [2020-10-13 57360]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119400
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: prosim o preventivku :)
Zdravím!
Pro win10 je log RSIT zbytečný, není s desítkami plně kompatibilní. Otevřte poznámkový blok a zkopírujte do něj:
Pro win10 je log RSIT zbytečný, není s desítkami plně kompatibilní. Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
CloseProcesses:
HKU\S-1-5-21-772858087-439378103-3593226653-1001\...\MountPoints2: {2ce6701c-25b8-11ea-9a46-0025d32f82ff} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-772858087-439378103-3593226653-1001\...\MountPoints2: {7956173a-300e-11ec-9a7d-0025d32f82ff} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-772858087-439378103-3593226653-1001\...\MountPoints2: {94c6ea77-8cd8-11e7-a590-4061860b4475} - "F:\OnePlus_setup.exe" /s
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
FF ProfilePath: Profiles/rawzxbc2.default-1570641619220 [not found] <==== ATTENTION
S3 AarSvc_7f25e; C:\WINDOWS\system32\svchost.exe [57360 2020-10-13] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 AarSvc_7f25e; C:\WINDOWS\SysWOW64\svchost.exe [47016 2020-10-13] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 BcastDVRUserService_7f25e; C:\WINDOWS\system32\svchost.exe [57360 2020-10-13] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 BcastDVRUserService_7f25e; C:\WINDOWS\SysWOW64\svchost.exe [47016 2020-10-13] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 BcastDVRUserService_7f25e; C:\WINDOWS\system32\svchost.exe [57360 2020-10-13] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 BcastDVRUserService_7f25e; C:\WINDOWS\SysWOW64\svchost.exe [47016 2020-10-13] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 BluetoothUserService_7f25e; C:\WINDOWS\system32\svchost.exe [57360 2020-10-13] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 BluetoothUserService_7f25e; C:\WINDOWS\SysWOW64\svchost.exe [47016 2020-10-13] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 CaptureService_7f25e; C:\WINDOWS\system32\svchost.exe [57360 2020-10-13] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 CaptureService_7f25e; C:\WINDOWS\SysWOW64\svchost.exe [47016 2020-10-13] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 DeviceAssociationBrokerSvc_7f25e; C:\WINDOWS\system32\svchost.exe [57360 2020-10-13] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 DeviceAssociationBrokerSvc_7f25e; C:\WINDOWS\SysWOW64\svchost.exe [47016 2020-10-13] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
Task: {1A473B56-A576-4757-8515-16CD6AC89F86} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-02-26] (Google Inc.)
Task: {51C41B29-CA87-4228-995F-21D6D5E931AC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-02-26] (Google Inc.)
Task: {8A4D1072-BED3-4D57-AB07-2FCB31DEC6FD} - System32\Tasks\MicrosoftEdgeUpdateTaskMachineUA => C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [2020-06-10] (Microsoft Corporation) <==== ATTENTION
Task: {9DCDC4D2-55EF-4566-B7C5-259C50F8E293} - System32\Tasks\MicrosoftEdgeUpdateTaskMachineCore => C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [2020-06-10] (Microsoft Corporation) <==== ATTENTION
EmptyTemp:
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: prosim o preventivku :)
Fix result of Farbar Recovery Scan Tool (x64) Version: 27.01.2018
Ran by Mara (10-01-2022 13:04:04) Run:1
Running from C:\Users\Mara\Desktop
Loaded Profiles: Mara (Available Profiles: Mara)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
HKU\S-1-5-21-772858087-439378103-3593226653-1001\...\MountPoints2: {2ce6701c-25b8-11ea-9a46-0025d32f82ff} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-772858087-439378103-3593226653-1001\...\MountPoints2: {7956173a-300e-11ec-9a7d-0025d32f82ff} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-772858087-439378103-3593226653-1001\...\MountPoints2: {94c6ea77-8cd8-11e7-a590-4061860b4475} - "F:\OnePlus_setup.exe" /s
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
FF ProfilePath: Profiles/rawzxbc2.default-1570641619220 [not found] <==== ATTENTION
S3 AarSvc_7f25e; C:\WINDOWS\system32\svchost.exe [57360 2020-10-13] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 AarSvc_7f25e; C:\WINDOWS\SysWOW64\svchost.exe [47016 2020-10-13] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 BcastDVRUserService_7f25e; C:\WINDOWS\system32\svchost.exe [57360 2020-10-13] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 BcastDVRUserService_7f25e; C:\WINDOWS\SysWOW64\svchost.exe [47016 2020-10-13] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 BcastDVRUserService_7f25e; C:\WINDOWS\system32\svchost.exe [57360 2020-10-13] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 BcastDVRUserService_7f25e; C:\WINDOWS\SysWOW64\svchost.exe [47016 2020-10-13] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 BluetoothUserService_7f25e; C:\WINDOWS\system32\svchost.exe [57360 2020-10-13] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 BluetoothUserService_7f25e; C:\WINDOWS\SysWOW64\svchost.exe [47016 2020-10-13] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 CaptureService_7f25e; C:\WINDOWS\system32\svchost.exe [57360 2020-10-13] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 CaptureService_7f25e; C:\WINDOWS\SysWOW64\svchost.exe [47016 2020-10-13] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 DeviceAssociationBrokerSvc_7f25e; C:\WINDOWS\system32\svchost.exe [57360 2020-10-13] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 DeviceAssociationBrokerSvc_7f25e; C:\WINDOWS\SysWOW64\svchost.exe [47016 2020-10-13] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
Task: {1A473B56-A576-4757-8515-16CD6AC89F86} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-02-26] (Google Inc.)
Task: {51C41B29-CA87-4228-995F-21D6D5E931AC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-02-26] (Google Inc.)
Task: {8A4D1072-BED3-4D57-AB07-2FCB31DEC6FD} - System32\Tasks\MicrosoftEdgeUpdateTaskMachineUA => C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [2020-06-10] (Microsoft Corporation) <==== ATTENTION
Task: {9DCDC4D2-55EF-4566-B7C5-259C50F8E293} - System32\Tasks\MicrosoftEdgeUpdateTaskMachineCore => C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [2020-06-10] (Microsoft Corporation) <==== ATTENTION
EmptyTemp:
End
*****************
Processes closed successfully.
"HKU\S-1-5-21-772858087-439378103-3593226653-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2ce6701c-25b8-11ea-9a46-0025d32f82ff}" => removed successfully
HKLM\Software\Classes\CLSID\{2ce6701c-25b8-11ea-9a46-0025d32f82ff} => key not found
"HKU\S-1-5-21-772858087-439378103-3593226653-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7956173a-300e-11ec-9a7d-0025d32f82ff}" => removed successfully
HKLM\Software\Classes\CLSID\{7956173a-300e-11ec-9a7d-0025d32f82ff} => key not found
"HKU\S-1-5-21-772858087-439378103-3593226653-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{94c6ea77-8cd8-11e7-a590-4061860b4475}" => removed successfully
HKLM\Software\Classes\CLSID\{94c6ea77-8cd8-11e7-a590-4061860b4475} => key not found
"HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08" => removed successfully
"HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\BookReader_B171F20233094AC88D05A8EF7B9763E8" => removed successfully
"HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\LearningTools_7706F933-971C-41D1-9899-8A026EB5D824" => removed successfully
"HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368" => removed successfully
"HKLM\System\CurrentControlSet\Services\AarSvc_7f25e" => removed successfully
AarSvc_7f25e => service removed successfully
AarSvc_7f25e => service not found.
"HKLM\System\CurrentControlSet\Services\BcastDVRUserService_7f25e" => removed successfully
BcastDVRUserService_7f25e => service removed successfully
BcastDVRUserService_7f25e => service not found.
BcastDVRUserService_7f25e => service not found.
BcastDVRUserService_7f25e => service not found.
"HKLM\System\CurrentControlSet\Services\BluetoothUserService_7f25e" => removed successfully
BluetoothUserService_7f25e => service removed successfully
BluetoothUserService_7f25e => service not found.
"HKLM\System\CurrentControlSet\Services\CaptureService_7f25e" => removed successfully
CaptureService_7f25e => service removed successfully
CaptureService_7f25e => service not found.
"HKLM\System\CurrentControlSet\Services\DeviceAssociationBrokerSvc_7f25e" => removed successfully
DeviceAssociationBrokerSvc_7f25e => service removed successfully
DeviceAssociationBrokerSvc_7f25e => service not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{1A473B56-A576-4757-8515-16CD6AC89F86} => could not remove key. ErrorCode1: 0x00000002
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1A473B56-A576-4757-8515-16CD6AC89F86}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{51C41B29-CA87-4228-995F-21D6D5E931AC}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{51C41B29-CA87-4228-995F-21D6D5E931AC}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8A4D1072-BED3-4D57-AB07-2FCB31DEC6FD}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8A4D1072-BED3-4D57-AB07-2FCB31DEC6FD}" => removed successfully
C:\WINDOWS\System32\Tasks\MicrosoftEdgeUpdateTaskMachineUA => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\MicrosoftEdgeUpdateTaskMachineUA" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{9DCDC4D2-55EF-4566-B7C5-259C50F8E293}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9DCDC4D2-55EF-4566-B7C5-259C50F8E293}" => removed successfully
C:\WINDOWS\System32\Tasks\MicrosoftEdgeUpdateTaskMachineCore => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\MicrosoftEdgeUpdateTaskMachineCore" => removed successfully
=========== EmptyTemp: ==========
BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 82340337 B
Java, Flash, Steam htmlcache => 291 B
Windows/system/drivers => 13608868 B
Edge => 35354 B
Chrome => 132951247 B
Firefox => 7273269 B
Opera => 115905428 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
LocalService => 0 B
NetworkService => 285575442 B
NetworkService => 0 B
Mara => 2689470 B
RecycleBin => 40762 B
EmptyTemp: => 620.8 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 13:08:43 ====
Ran by Mara (10-01-2022 13:04:04) Run:1
Running from C:\Users\Mara\Desktop
Loaded Profiles: Mara (Available Profiles: Mara)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
HKU\S-1-5-21-772858087-439378103-3593226653-1001\...\MountPoints2: {2ce6701c-25b8-11ea-9a46-0025d32f82ff} - "D:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-772858087-439378103-3593226653-1001\...\MountPoints2: {7956173a-300e-11ec-9a7d-0025d32f82ff} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-772858087-439378103-3593226653-1001\...\MountPoints2: {94c6ea77-8cd8-11e7-a590-4061860b4475} - "F:\OnePlus_setup.exe" /s
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
FF ProfilePath: Profiles/rawzxbc2.default-1570641619220 [not found] <==== ATTENTION
S3 AarSvc_7f25e; C:\WINDOWS\system32\svchost.exe [57360 2020-10-13] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 AarSvc_7f25e; C:\WINDOWS\SysWOW64\svchost.exe [47016 2020-10-13] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 BcastDVRUserService_7f25e; C:\WINDOWS\system32\svchost.exe [57360 2020-10-13] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 BcastDVRUserService_7f25e; C:\WINDOWS\SysWOW64\svchost.exe [47016 2020-10-13] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 BcastDVRUserService_7f25e; C:\WINDOWS\system32\svchost.exe [57360 2020-10-13] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 BcastDVRUserService_7f25e; C:\WINDOWS\SysWOW64\svchost.exe [47016 2020-10-13] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 BluetoothUserService_7f25e; C:\WINDOWS\system32\svchost.exe [57360 2020-10-13] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 BluetoothUserService_7f25e; C:\WINDOWS\SysWOW64\svchost.exe [47016 2020-10-13] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 CaptureService_7f25e; C:\WINDOWS\system32\svchost.exe [57360 2020-10-13] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 CaptureService_7f25e; C:\WINDOWS\SysWOW64\svchost.exe [47016 2020-10-13] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 DeviceAssociationBrokerSvc_7f25e; C:\WINDOWS\system32\svchost.exe [57360 2020-10-13] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 DeviceAssociationBrokerSvc_7f25e; C:\WINDOWS\SysWOW64\svchost.exe [47016 2020-10-13] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
Task: {1A473B56-A576-4757-8515-16CD6AC89F86} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-02-26] (Google Inc.)
Task: {51C41B29-CA87-4228-995F-21D6D5E931AC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-02-26] (Google Inc.)
Task: {8A4D1072-BED3-4D57-AB07-2FCB31DEC6FD} - System32\Tasks\MicrosoftEdgeUpdateTaskMachineUA => C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [2020-06-10] (Microsoft Corporation) <==== ATTENTION
Task: {9DCDC4D2-55EF-4566-B7C5-259C50F8E293} - System32\Tasks\MicrosoftEdgeUpdateTaskMachineCore => C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [2020-06-10] (Microsoft Corporation) <==== ATTENTION
EmptyTemp:
End
*****************
Processes closed successfully.
"HKU\S-1-5-21-772858087-439378103-3593226653-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2ce6701c-25b8-11ea-9a46-0025d32f82ff}" => removed successfully
HKLM\Software\Classes\CLSID\{2ce6701c-25b8-11ea-9a46-0025d32f82ff} => key not found
"HKU\S-1-5-21-772858087-439378103-3593226653-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7956173a-300e-11ec-9a7d-0025d32f82ff}" => removed successfully
HKLM\Software\Classes\CLSID\{7956173a-300e-11ec-9a7d-0025d32f82ff} => key not found
"HKU\S-1-5-21-772858087-439378103-3593226653-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{94c6ea77-8cd8-11e7-a590-4061860b4475}" => removed successfully
HKLM\Software\Classes\CLSID\{94c6ea77-8cd8-11e7-a590-4061860b4475} => key not found
"HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08" => removed successfully
"HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\BookReader_B171F20233094AC88D05A8EF7B9763E8" => removed successfully
"HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\LearningTools_7706F933-971C-41D1-9899-8A026EB5D824" => removed successfully
"HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368" => removed successfully
"HKLM\System\CurrentControlSet\Services\AarSvc_7f25e" => removed successfully
AarSvc_7f25e => service removed successfully
AarSvc_7f25e => service not found.
"HKLM\System\CurrentControlSet\Services\BcastDVRUserService_7f25e" => removed successfully
BcastDVRUserService_7f25e => service removed successfully
BcastDVRUserService_7f25e => service not found.
BcastDVRUserService_7f25e => service not found.
BcastDVRUserService_7f25e => service not found.
"HKLM\System\CurrentControlSet\Services\BluetoothUserService_7f25e" => removed successfully
BluetoothUserService_7f25e => service removed successfully
BluetoothUserService_7f25e => service not found.
"HKLM\System\CurrentControlSet\Services\CaptureService_7f25e" => removed successfully
CaptureService_7f25e => service removed successfully
CaptureService_7f25e => service not found.
"HKLM\System\CurrentControlSet\Services\DeviceAssociationBrokerSvc_7f25e" => removed successfully
DeviceAssociationBrokerSvc_7f25e => service removed successfully
DeviceAssociationBrokerSvc_7f25e => service not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{1A473B56-A576-4757-8515-16CD6AC89F86} => could not remove key. ErrorCode1: 0x00000002
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1A473B56-A576-4757-8515-16CD6AC89F86}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{51C41B29-CA87-4228-995F-21D6D5E931AC}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{51C41B29-CA87-4228-995F-21D6D5E931AC}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8A4D1072-BED3-4D57-AB07-2FCB31DEC6FD}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8A4D1072-BED3-4D57-AB07-2FCB31DEC6FD}" => removed successfully
C:\WINDOWS\System32\Tasks\MicrosoftEdgeUpdateTaskMachineUA => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\MicrosoftEdgeUpdateTaskMachineUA" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{9DCDC4D2-55EF-4566-B7C5-259C50F8E293}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9DCDC4D2-55EF-4566-B7C5-259C50F8E293}" => removed successfully
C:\WINDOWS\System32\Tasks\MicrosoftEdgeUpdateTaskMachineCore => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\MicrosoftEdgeUpdateTaskMachineCore" => removed successfully
=========== EmptyTemp: ==========
BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 82340337 B
Java, Flash, Steam htmlcache => 291 B
Windows/system/drivers => 13608868 B
Edge => 35354 B
Chrome => 132951247 B
Firefox => 7273269 B
Opera => 115905428 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
LocalService => 0 B
NetworkService => 285575442 B
NetworkService => 0 B
Mara => 2689470 B
RecycleBin => 40762 B
EmptyTemp: => 620.8 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 13:08:43 ====
-
Rudy
- Site Admin
- Příspěvky: 119400
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: prosim o preventivku :)
Smazáno. Log je již OK.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: prosim o preventivku :)
Super děkuji 
-
Rudy
- Site Admin
- Příspěvky: 119400
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: prosim o preventivku :)
Rádo se stalo! 
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?