Prosba o kontrolu logu - problem s explorer.exe

[stoupa101]

Zdravim,
prosim o kontrolu logu. Posledni dobou se mi zhorsil problem s nabidkou start, ktera vyvrcholila padanim aplikaci StartMenuExperienceHost.exe a explorer.exe. Nejakym uspechem bylo pustenim tohoto prikazu:

Get-AppXPackage | Foreach {Add-AppxPackage -DisableDevelopmentMode -Register "$($_. InstallLocation)\AppXManifest.xml"}

Ale presto se explorer.exe startuje dlouze a nechova se to nejlepe

Logfile of random's system information tool 1.10 (written by random/random)
Run by Stoupa at 2024-03-19 19:01:39
Microsoft Windows 11 Pro
System drive C: has 225 GB (47%) free of 475 GB
Total RAM: 16138 MB (47% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:01:47, on 19.03.2024
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.22621.0001)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\trend micro\Stoupa.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O1 - Hosts: # Copyright (c) 1993-2009 Microsoft Corp.
O2 - BHO: IEToEdge BHO - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\122.0.2365.92\BHO\ie_to_edge_bho.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre-1.8\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre-1.8\bin\jp2ssv.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Stoupa\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [Nextcloud] C:\Program Files\Nextcloud\nextcloud.exe
O4 - HKCU\..\Run: [MicrosoftEdgeAutoLaunch_70804813E0AE944BDC0299D3821A6648] "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start
O4 - HKCU\..\Run: [Docker Desktop] C:\Program Files\Docker\Docker\Docker Desktop.exe -Autostart
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O10 - Unknown file in Winsock LSP: c:\windows\system32\nlansp_c.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AMD Crash Defender Service - Unknown owner - C:\WINDOWS\system32\amdfendrsr.exe (file missing)
O23 - Service: AMD External Events Utility - AMD - C:\WINDOWS\System32\DriverStore\FileRepository\u0371565.inf_amd64_03ccff02bc787376\B369435\atiesrxx.exe
O23 - Service: @oem97.inf,%HidMonitor.SvcDisp%;Alps HID Monitor Service (ApHidMonitorService) - Unknown owner - C:\WINDOWS\system32\DellTPad\HidMonitorSvc.exe (file missing)
O23 - Service: Docker Desktop Service (com.docker.service) - Unknown owner - C:\Program.exe (file missing)
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_d0b39b11619fd0c4\IntelCpHeciSvc.exe
O23 - Service: Intel(R) Content Protection HDCP Service (cplspcon) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_d0b39b11619fd0c4\IntelCpHDCPSvc.exe
O23 - Service: @%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100 (CredentialEnrollmentManagerUserSvc) - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: CredentialEnrollmentManagerUserSvc_3866c - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: Dell Data Vault Service API (DDVCollectorSvcApi) - Dell Technologies Inc. - C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
O23 - Service: Dell Data Vault Collector (DDVDataCollector) - Dell Technologies Inc. - C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
O23 - Service: Dell Data Vault Processor (DDVRulesProcessor) - Dell Technologies Inc. - C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
O23 - Service: Dell SupportAssist Remediation - Dell INC. - C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe
O23 - Service: Dell Client Management Service (DellClientManagementService) - Unknown owner - C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe
O23 - Service: Dell Digital Delivery Service (DellDigitalDelivery) - Dell Products, LP. - C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
O23 - Service: @oem85.inf,%ST_Accel.WMISVCDisplayName%;Dell Free Fall Data Protection WMI Service (DellFFDPWmiService) - Unknown owner - C:\WINDOWS\System32\drivers\DellFFDPWmiService.exe (file missing)
O23 - Service: Dell TechHub (DellTechHub) - Dell - C:\Program Files\Dell\TechHub\Dell.TechHub.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: ESET Forwarder (efwd) - ESET - C:\Program Files\ESET\ESET Security\efwd.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Security\ekrn.exe
O23 - Service: ESET Firewall Helper (ekrnEpfw) - ESET - C:\Program Files\ESET\ESET Security\ekrn.exe
O23 - Service: @oem30.inf,%ServiceDisplayName%;Intel(R) Dynamic Platform and Thermal Framework service (esifsvc) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_c2c5b0e17a28a48f\esif_uf.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: FortiClient VPN Service Scheduler (FA_Scheduler) - Fortinet Inc. - C:\Program Files\Fortinet\FortiClient\scheduler.exe
O23 - Service: @%systemroot%\system32\GameInputSvc.exe,-101 (GameInputSvc) - Unknown owner - C:\WINDOWS\System32\GameInputSvc.exe (file missing)
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) (GoogleChromeElevationService) - Google LLC - C:\Program Files\Google\Chrome\Application\122.0.6261.129\elevation_service.exe
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google LLC - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google LLC - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @oem10.inf,%hostcontrolsvc.SvcDispName%;Credential Vault Host Control Service (hostcontrolsvc) - Unknown owner - C:\WINDOWS\System32\bcmHostControlService.exe (file missing)
O23 - Service: @oem10.inf,%hoststoragesvc.SvcDispName%;Credential Vault Host Storage (hoststoragesvc) - Unknown owner - C:\WINDOWS\System32\bcmHostStorageService.exe (file missing)
O23 - Service: HP Print Scan Doctor Service (HPPrintScanDoctorService) - HP Inc. - C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
O23 - Service: @oem18.inf,%iaStorAfsService.ServiceName%;Intel(R) Optane(TM) Memory Service (iaStorAfsService) - Unknown owner - C:\WINDOWS\System32\iaStorAfsService.exe (file missing)
O23 - Service: Intel(R) Graphics Command Center Service (igccservice) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_141eb88527011137\OneApp.IGCC.WinService.exe
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\cui_dch.inf_amd64_e6d6f5a306002a89\igfxCUIService.exe
O23 - Service: @oem123.inf,%SocketHECIServiceName%;Intel(R) Capability Licensing Service TCP IP Interface (Intel(R) Capability Licensing Service TCP IP Interface) - Intel(R) Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_367008a610747d24\lib\SocketHeciServer.exe
O23 - Service: @oem123.inf,%TPMProvisioningServiceName%;Intel(R) TPM Provisioning Service (Intel(R) TPM Provisioning Service) - Intel(R) Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_367008a610747d24\lib\TPMProvisioningService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\dal.inf_amd64_64d7fcfcde9b9c10\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\lms.inf_amd64_981d034327bfbdcc\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101 (perceptionsimulation) - Unknown owner - C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @oem18.inf,%RstMwService.ServiceName%;Intel(R) Storage Middleware Service (RstMwService) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\iastorac.inf_amd64_9c788f1d162b1224\RstMwService.exe
O23 - Service: Realtek Audio Universal Service (RtkAudioUniversalService) - Realtek Semiconductor - C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_a1020546271138b9\RtkAudUService64.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001 (Sense) - Unknown owner - C:\Program Files (x86)\Windows Defender Advanced Threat Protection\MsSense.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @firewallapi.dll,-50323 (SNMPTrap) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Dell SupportAssist (SupportAssistAgent) - Dell Inc. - c:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
O23 - Service: @oem59.inf,%ThunderboltServiceName.SrvName%;Thunderbolt(TM) Application Launcher (TbtHostControllerService) - Intel Corporation - C:\WINDOWS\ThunderboltService.exe
O23 - Service: @oem91.inf,%TbtP2pShortcutServiceName.SrvName%;Thunderbolt(TM) Peer to Peer Shortcut (TbtP2pShortcutService) - Intel Corporation - C:\WINDOWS\TbtP2pShortcutService.exe
O23 - Service: TeamViewer - TeamViewer Germany GmbH - C:\Program Files\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @oem10.inf,%ushupgradesvc.SvcDispName%;Credential Vault Upgrade Service (ushupgradesvc) - Unknown owner - C:\WINDOWS\System32\bcmUshUpgradeService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: Veeam Agent for Microsoft Windows (VeeamEndpointBackupSvc) - Veeam Software Group GmbH - C:\Program Files\Veeam\Endpoint Backup\Veeam.EndPoint.Service.exe
O23 - Service: @%systemroot%\system32\vmcompute.exe,-100 (vmcompute) - Unknown owner - C:\WINDOWS\system32\vmcompute.exe (file missing)
O23 - Service: @%systemroot%\system32\vmms.exe,-10 (vmms) - Unknown owner - C:\WINDOWS\system32\vmms.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: Waves Audio Services (WavesSysSvc) - Waves Audio Ltd. - C:\WINDOWS\System32\DriverStore\FileRepository\wavesapo8de.inf_amd64_b4d0b189ff2aba03\WavesSysSvc64.exe
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: Intel(R) Management Engine WMI Provider Registration (WMIRegistrationService) - Intel Corporation - C:\WINDOWS\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_f3c201b4c28c14d0\WMIRegistrationService.exe
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 14639 bytes

======Listing Processes======











C:\WINDOWS\system32\lsass.exe
winlogon.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p
"fontdrvhost.exe"
"fontdrvhost.exe"
C:\WINDOWS\system32\svchost.exe -k RPCSS -p
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-429089e7-cdbc-4fbd-8073-8c144d7870aa -SystemEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-6f455d36-d1e6-4b67-bfc2-589e6345b718 -IoCancelEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-74bc5509-2d7a-46da-9ce5-6d86f29671fe -NonStateChangingEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-7f45d3f2-a40e-4629-99a8-e3c644db5d2f -LifetimeId:80003df1-7aaa-48fa-8d3a-99278afd8784 -DeviceGroupId:WudfDefaultDevicePool -HostArg:0
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p -s LSM
"dwm.exe"
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-d9027086-5c34-45db-824f-18d76399e6c1 -SystemEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-3e983b28-40b5-47a8-8f7f-77e035408aa6 -IoCancelEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-e0d7783b-66be-45be-9a61-fb9641e609cf -NonStateChangingEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-b7fd5e4f-0cff-40d2-a6ea-2a83a1e6aab9 -LifetimeId:89f96a66-a5be-4295-b72f-5312f24d6c0f -DeviceGroupId: -HostArg:0
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s HvHost
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -s BTAGService
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s BthAvctpSvc
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s bthserv
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s NcbService
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s TimeBrokerSvc
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork -p
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s Schedule
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s nsi
C:\WINDOWS\system32\svchost.exe -k UserProfileService -p -s ProfSvc
C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_d0b39b11619fd0c4\IntelCpHDCPSvc.exe
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DisplayEnhancementService
C:\WINDOWS\System32\svchost.exe -k netprofm -p -s netprofm
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s hidserv
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s EventSystem
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s UserManager
C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_d0b39b11619fd0c4\IntelCpHeciSvc.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s SENS
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s DispBrokerDesktopSvc
C:\WINDOWS\system32\svchost.exe -k osprivacy -p -s camsvc
C:\WINDOWS\System32\DriverStore\FileRepository\cui_dch.inf_amd64_e6d6f5a306002a89\igfxCUIService.exe
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DeviceAssociationService
"C:\WINDOWS\System32\bcmUshUpgradeService.exe"
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s Winmgmt
C:\WINDOWS\system32\svchost.exe -k NetworkService -p
C:\WINDOWS\system32\svchost.exe -k netsvcs -s CertPropSvc
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation -s SCardSvr
C:\WINDOWS\system32\vmms.exe
dashost.exe {c42ea8ce-aec5-4dd0-ba8018ddac2ca595}
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s NgcCtnrSvc
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s Dhcp

C:\WINDOWS\system32\svchost.exe -k NetSvcs -p -s hns
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DevQueryBroker
C:\WINDOWS\system32\svchost.exe -k appmodel -p -s StateRepository
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s WinHttpAutoProxySvc
C:\WINDOWS\system32\svchost.exe -k NetSvcs -s nvagent
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetworkFirewall -p
dashost.exe {e5809a0b-bbc0-410b-a827619580ee6485}
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s EventLog
C:\WINDOWS\System32\DriverStore\FileRepository\u0371565.inf_amd64_03ccff02bc787376\B369435\atiesrxx.exe
C:\WINDOWS\system32\amdfendrsr.exe
C:\WINDOWS\system32\svchost.exe -k NetworkService -p
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation -p -s SSDPSRV
C:\WINDOWS\System32\svchost.exe -k netsvcs -p -s SharedAccess
sihost.exe
C:\WINDOWS\system32\svchost.exe -k BthAppGroup -p -s BluetoothUserService
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup -s CDPUserSvc
C:\WINDOWS\system32\vmcompute.exe
"C:\WINDOWS\System32\DriverStore\FileRepository\cui_dch.inf_amd64_e6d6f5a306002a89\igfxEM.exe"
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s webthreatdefusersvc
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup -s WpnUserService
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe" /c
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s TokenBroker
"C:\Program Files\ESET\ESET Security\efwd.exe"
atieclxx
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s SysMain
C:\WINDOWS\System32\svchost.exe -k netsvcs -p -s Themes
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s AudioEndpointBuilder
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s FontCache

C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s TextInputManagementService
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p
C:\WINDOWS\system32\AUDIODG.EXE 0x0000000000000600
C:\WINDOWS\System32\svchost.exe -k netsvcs -p -s ShellHWDetection
"C:\Program Files\Fortinet\FortiClient\scheduler.exe"
C:\WINDOWS\System32\spoolsv.exe
"C:\WINDOWS\System32\bcmHostControlService.exe"
"C:\WINDOWS\System32\bcmHostStorageService.exe"
C:\WINDOWS\system32\WLANExt.exe 1846832712768
\??\C:\WINDOWS\system32\conhost.exe 0x4
C:\WINDOWS\System32\svchost.exe -k NetworkService -p -s LanmanWorkstation
C:\WINDOWS\system32\DellTPad\HidMonitorSvc.exe
C:\WINDOWS\System32\drivers\DellFFDPWmiService.exe
C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork -p -s DPS
C:\WINDOWS\System32\svchost.exe -k NetSvcs -p -s iphlpsvc
"C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe"
C:\WINDOWS\System32\svchost.exe -k utcsvc -p
C:\WINDOWS\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_141eb88527011137\OneApp.IGCC.WinService.exe
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s SstpSvc
C:\WINDOWS\System32\DriverStore\FileRepository\iastorac.inf_amd64_9c788f1d162b1224\RstMwService.exe
C:\WINDOWS\System32\DriverStore\FileRepository\dal.inf_amd64_64d7fcfcde9b9c10\jhi_service.exe
C:\WINDOWS\System32\DriverStore\FileRepository\lms.inf_amd64_981d034327bfbdcc\LMS.exe
"C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_a1020546271138b9\RtkAudUService64.exe"
"C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe"
C:\WINDOWS\ThunderboltService.exe
C:\WINDOWS\TbtP2pShortcutService.exe
"C:\WINDOWS\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_c2c5b0e17a28a48f\esif_uf.exe"
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s LanmanServer
C:\WINDOWS\System32\DriverStore\FileRepository\wavesapo8de.inf_amd64_b4d0b189ff2aba03\WavesSysSvc64.exe
C:\WINDOWS\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_f3c201b4c28c14d0\WMIRegistrationService.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s WpnService
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s TrkWks
"C:\Program Files\TeamViewer\TeamViewer_Service.exe"
"C:\Program Files\WSL\wslservice.exe"
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s WdiSystemHost
C:\WINDOWS\System32\svchost.exe -k NetworkService -p -s TapiSrv
"C:\Program Files\Veeam\Endpoint Backup\Veeam.EndPoint.Service.exe"
C:\WINDOWS\System32\svchost.exe -k LocalService -p -s WdiServiceHost
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\wbem\wmiprvse.exe
"ctfmon.exe"
"C:\WINDOWS\system32\DellTPad\Apoint.exe"

C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s Appinfo
FCDBLog.exe -s FC_{73EFB30F-1CAD-4a7a-AE2E-150282B6CE25}_000011
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s lmhosts
C:\WINDOWS\System32\svchost.exe -k LocalService -p -s LicenseManager
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s PcaSvc
"C:\WINDOWS\system32\DellTPad\ApMsgFwd.exe" -s{05FA8492-C047-4207-BE65-780D8591C113}
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s CDPSvc

C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -s RmSvc
"C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_a1020546271138b9\RtkAudUService64.exe" -admin
AggregatorHost.exe
"C:\WINDOWS\system32\DellTPad\ApRemote.exe"
"C:\WINDOWS\system32\DellTPad\HidFind.exe"
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
-s FC_{73EFB30F-1CAD-4a7a-AE2E-150282B6CE25}_000008
FortiSSLVPNdaemon.exe -s FC_{73EFB30F-1CAD-4a7a-AE2E-150282B6CE25}_000019
FortiSettings.exe -s FC_{73EFB30F-1CAD-4a7a-AE2E-150282B6CE25}_000024
FortiVPN.exe -s FC_{73EFB30F-1CAD-4a7a-AE2E-150282B6CE25}_000031
"Apntex.exe"
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files\Microsoft SQL Server\110\LocalDB\Binn\\sqlservr.exe" -c -SMSSQL11E.LOCALDB -sLOCALDB#8A77375B -d"C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Microsoft SQL Server Local DB\Instances\VeeamEndPoint\master.mdf" -l"C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Microsoft SQL Server Local DB\Instances\VeeamEndPoint\mastlog.ldf" -e"C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Microsoft SQL Server Local DB\Instances\VeeamEndPoint\error.log"
"C:\Program Files\TeamViewer\TeamViewer.exe"
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\svchost.exe -k WebThreatDefense -p -s webthreatdefsvc
"C:\Program Files\TeamViewer\tv_w32.exe" --action hooks --log C:\Program Files\TeamViewer\TeamViewer15_Logfile.log
"C:\Program Files\TeamViewer\tv_x64.exe" --action hooks --log C:\Program Files\TeamViewer\TeamViewer15_Logfile.log
"C:\Program Files\TeamViewer\crashpad_handler.exe" --no-rate-limit --database=C:\Users\Stoupa\AppData\Local\TeamViewer\Logs\ErrorReports --metrics-dir=C:\Users\Stoupa\AppData\Local\TeamViewer\Logs\ErrorReports --attachment=C:\Users\Stoupa\AppData\Local\TeamViewer\Logs\ErrorReports\5f536b34-837e-4701-8997-acd5e5bb3d83.run\__sentry-event --attachment=C:\Users\Stoupa\AppData\Local\TeamViewer\Logs\ErrorReports\5f536b34-837e-4701-8997-acd5e5bb3d83.run\__sentry-breadcrumb1 --attachment=C:\Users\Stoupa\AppData\Local\TeamViewer\Logs\ErrorReports\5f536b34-837e-4701-8997-acd5e5bb3d83.run\__sentry-breadcrumb2 --initial-client-data=0xb6c,0xb70,0xb74,0xb48,0xb78,0x7ff7659f0e50,0x7ff7659f0e68,0x7ff7659f0e80
C:\WINDOWS\System32\svchost.exe -k netsvcs -p -s BITS
C:\WINDOWS\System32\svchost.exe -k netsvcs -p -s BDESVC
taskhostw.exe $(Arg0)
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
C:\WINDOWS\system32\svchost.exe -k ClipboardSvcGroup -p -s cbdhsvc
"C:\WINDOWS\System32\Taskmgr.exe" /3
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe"
"C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe"
"C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe"
"C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe"
"C:\Program Files\Dell\TechHub\Dell.TechHub.exe"
C:\WINDOWS\System32\svchost.exe -k smphost

C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s StorSvc
"c:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe"
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s UsoSvc
"C:\\Program Files\\Dell\\DTP\\DiagnosticsSubAgent\\Dell.TechHub.Diagnostics.SubAgent.exe"
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\\Program Files\\Dell\\DTP\\AnalyticsSubAgent\\Dell.TechHub.Analytics.SubAgent.exe"
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files (x86)\Dell\UpdateService\DCF\Dell.DCF.UA.Bradbury.API.SubAgent.exe"
\??\C:\WINDOWS\system32\conhost.exe 0x4

"C:\\Program Files\\Dell\\DTP\\DataManagerSubAgent\\Dell.TechHub.DataManager.SubAgent.exe"
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\\Program Files\\Dell\\DTP\\InstrumentationSubAgent\\Dell.TechHub.Instrumentation.SubAgent.exe"
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe"
"C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe"
"C:\Program Files\Dell\DTP\InstrumentationSubAgent\Dell.TechHub.Instrumentation.UserProcess.exe"
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Stoupa\AppData\Local\Microsoft\Edge\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Stoupa\AppData\Local\Microsoft\Edge\User Data\Crashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=122.0.6261.129 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=122.0.2365.92 --initial-client-data=0x27c,0x280,0x284,0x278,0x28c,0x7ffa543a5fd8,0x7ffa543a5fe4,0x7ffa543a5ff0
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --mojo-platform-channel-handle=2256 --field-trial-handle=2280,i,7673237588293942882,11048827201738697986,262144 --variations-seed-version /prefetch:2
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=cs --service-sandbox-type=none --no-appcompat-clear --mojo-platform-channel-handle=2056 --field-trial-handle=2280,i,7673237588293942882,11048827201738697986,262144 --variations-seed-version /prefetch:3
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=cs --service-sandbox-type=service --no-appcompat-clear --mojo-platform-channel-handle=3344 --field-trial-handle=2280,i,7673237588293942882,11048827201738697986,262144 --variations-seed-version /prefetch:8
C:\WINDOWS\system32\DllHost.exe /Processid:{973D20D7-562D-44B9-B70B-5A0F49CCDF3F}
"C:\WINDOWS\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\SearchHost.exe" -ServerName:CortanaUI.AppXstmwaab17q5s3y22tp6apqz7a45vwv65.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\oobe\UserOOBEBroker.exe -Embedding
C:\WINDOWS\system32\svchost.exe -k UdkSvcGroup -s UdkUserSvc
"C:\WINDOWS\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe" -ServerName:App.AppXywbrabmsek0gm3tkwpr5kwzbs55tkqay.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:App.AppXe9cvj1thv1hmcw0cs98xm3r97tyzy2xs.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:App.AppXfkd8mejksk4ancwf4vtyhmkvtzn1jcbs.mca
C:\WINDOWS\system32\svchost.exe -k print -s PrintNotify
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s AJRouter
"C:\Program Files\WindowsApps\Microsoft.YourPhone_1.24021.105.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe" -ComServer:Background -Embedding
C:\WINDOWS\System32\svchost.exe -k netsvcs -p
"C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_424.1301.270.0_x64__cw5n1h2txyewy\Dashboard\widgetservice.exe" -RegisterProcessAsComServer -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\smartscreen.exe -Embedding
"C:\Windows\System32\SecurityHealthSystray.exe"

"C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_a1020546271138b9\RtkAudUService64.exe" -background
"C:\Windows\System32\DriverStore\FileRepository\wavesapo8de.inf_amd64_b4d0b189ff2aba03\WavesSvc64.exe" -Jack
"C:\Program Files\Veeam\Endpoint Backup\Veeam.EndPoint.Tray.exe" -NoControlPanel -CheckNumberOfRunningAgents
"C:\Program Files\ESET\ESET Security\eguiproxy.exe" /hide
"C:\Users\Stoupa\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
"C:\Program Files\Nextcloud\nextcloud.exe"
"C:\Users\Stoupa\AppData\Local\Microsoft\OneDrive\24.040.0225.0003\Microsoft.SharePoint.exe" /silentConfig
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s lfsvc
"C:\Program Files\WindowsApps\MicrosoftTeams_24060.3102.2733.5911_x64__8wekyb3d8bbwe\msteams.exe" ms-teams:system-initiated
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.92\msedgewebview2.exe" --embedded-browser-webview=1 --webview-exe-name=msteams.exe --webview-exe-version=24060.3102.2733.5911 --user-data-dir="C:\Users\Stoupa\AppData\Local\Packages\MicrosoftTeams_8wekyb3d8bbwe\LocalCache\Microsoft\MSTeams\EBWebView" --noerrdialogs --embedded-browser-webview-dpi-awareness=2 --edge-webview-custom-scheme --autoplay-policy=no-user-gesture-required --disable-features=V8Maglev,msFloatyMode,msFloatyShouldHonorIndiaHoldout,msWebOOUI --enable-features=MojoIpcz,msSingleSignOnOSForPrimaryAccountIsShared,msAbydos,msAbydosGestureSupport,msAbydosHandwritingAttr,msWebView2CodeCache,msWebView2EnableDraggableRegions --lang=en-US --accept-lang=en-US --mojo-named-platform-channel-pipe=19808.20460.1539145536849269791 /pfhostedapp:e1300e8137c828b8166f4ae1d93d08413ad0fd62
"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.92\msedgewebview2.exe" --type=crashpad-handler --user-data-dir=C:\Users\Stoupa\AppData\Local\Packages\MicrosoftTeams_8wekyb3d8bbwe\LocalCache\Microsoft\MSTeams\EBWebView /prefetch:4 /pfhostedapp:e1300e8137c828b8166f4ae1d93d08413ad0fd62 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Users\Stoupa\AppData\Local\Packages\MicrosoftTeams_8wekyb3d8bbwe\LocalCache\Microsoft\MSTeams\EBWebView\Crashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=122.0.6261.129 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.92\msedgewebview2.exe" --annotation=plat=Win64 "--annotation=prod=Edge WebView2" --annotation=ver=122.0.2365.92 --initial-client-data=0x18c,0x190,0x194,0x168,0x19c,0x7ffa543a5fd8,0x7ffa543a5fe4,0x7ffa543a5ff0
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s NPSMSvc
C:\Windows\System32\SystemSettingsBroker.exe -Embedding
"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.92\msedgewebview2.exe" --type=gpu-process --noerrdialogs --user-data-dir="C:\Users\Stoupa\AppData\Local\Packages\MicrosoftTeams_8wekyb3d8bbwe\LocalCache\Microsoft\MSTeams\EBWebView" --webview-exe-name=msteams.exe --webview-exe-version=24060.3102.2733.5911 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --edge-webview-custom-scheme --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --mojo-platform-channel-handle=2032 --field-trial-handle=2036,i,16236612298575521429,1539702680542780048,262144 --enable-features=MojoIpcz,msAbydos,msAbydosGestureSupport,msAbydosHandwritingAttr,msSingleSignOnOSForPrimaryAccountIsShared,msWebView2CodeCache,msWebView2EnableDraggableRegions --disable-features=V8Maglev,msFloatyShouldHonorIndiaHoldout,msWebOOUI --variations-seed-version /prefetch:2 /pfhostedapp:e1300e8137c828b8166f4ae1d93d08413ad0fd62
"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.92\msedgewebview2.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --noerrdialogs --user-data-dir="C:\Users\Stoupa\AppData\Local\Packages\MicrosoftTeams_8wekyb3d8bbwe\LocalCache\Microsoft\MSTeams\EBWebView" --webview-exe-name=msteams.exe --webview-exe-version=24060.3102.2733.5911 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --edge-webview-custom-scheme --no-appcompat-clear --mojo-platform-channel-handle=2336 --field-trial-handle=2036,i,16236612298575521429,1539702680542780048,262144 --enable-features=MojoIpcz,msAbydos,msAbydosGestureSupport,msAbydosHandwritingAttr,msSingleSignOnOSForPrimaryAccountIsShared,msWebView2CodeCache,msWebView2EnableDraggableRegions --disable-features=V8Maglev,msFloatyShouldHonorIndiaHoldout,msWebOOUI --variations-seed-version /prefetch:3 /pfhostedapp:e1300e8137c828b8166f4ae1d93d08413ad0fd62
"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.92\msedgewebview2.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --noerrdialogs --user-data-dir="C:\Users\Stoupa\AppData\Local\Packages\MicrosoftTeams_8wekyb3d8bbwe\LocalCache\Microsoft\MSTeams\EBWebView" --webview-exe-name=msteams.exe --webview-exe-version=24060.3102.2733.5911 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --edge-webview-custom-scheme --no-appcompat-clear --mojo-platform-channel-handle=2392 --field-trial-handle=2036,i,16236612298575521429,1539702680542780048,262144 --enable-features=MojoIpcz,msAbydos,msAbydosGestureSupport,msAbydosHandwritingAttr,msSingleSignOnOSForPrimaryAccountIsShared,msWebView2CodeCache,msWebView2EnableDraggableRegions --disable-features=V8Maglev,msFloatyShouldHonorIndiaHoldout,msWebOOUI --variations-seed-version /prefetch:8 /pfhostedapp:e1300e8137c828b8166f4ae1d93d08413ad0fd62
"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.92\msedgewebview2.exe" --type=renderer --noerrdialogs --user-data-dir="C:\Users\Stoupa\AppData\Local\Packages\MicrosoftTeams_8wekyb3d8bbwe\LocalCache\Microsoft\MSTeams\EBWebView" --webview-exe-name=msteams.exe --webview-exe-version=24060.3102.2733.5911 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --edge-webview-custom-scheme --no-appcompat-clear --autoplay-policy=no-user-gesture-required --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --js-flags="--harmony-weak-refs-with-cleanup-some --expose-gc --ms-user-locale=" --time-ticks-at-unix-epoch=-1710870678894868 --launch-time-ticks=282659150 --mojo-platform-channel-handle=3788 --field-trial-handle=2036,i,16236612298575521429,1539702680542780048,262144 --enable-features=MojoIpcz,msAbydos,msAbydosGestureSupport,msAbydosHandwritingAttr,msSingleSignOnOSForPrimaryAccountIsShared,msWebView2CodeCache,msWebView2EnableDraggableRegions --disable-features=V8Maglev,msFloatyShouldHonorIndiaHoldout,msWebOOUI --variations-seed-version /pfhostedapp:e1300e8137c828b8166f4ae1d93d08413ad0fd62 /prefetch:1
C:\WINDOWS\system32\svchost.exe -k DevicesFlow -s DevicesFlowUserSvc
C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding
"C:\Windows\ImmersiveControlPanel\SystemSettings.exe" -ServerName:microsoft.windows.immersivecontrolpanel
"C:\Program Files\Google\Chrome\Application\chrome.exe" --profile-directory="Profile 1"
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Stoupa\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Stoupa\AppData\Local\Google\Chrome\User Data\Crashpad" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=122.0.6261.129 --initial-client-data=0x174,0x178,0x17c,0x150,0x180,0x7ffa3503dc40,0x7ffa3503dc4c,0x7ffa3503dc58
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --mojo-platform-channel-handle=1836 --field-trial-handle=1860,i,3107102141531998619,13443076751329077414,262144 --variations-seed-version=20240318-180126.222000 /prefetch:2
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=cs --service-sandbox-type=none --no-appcompat-clear --mojo-platform-channel-handle=1992 --field-trial-handle=1860,i,3107102141531998619,13443076751329077414,262144 --variations-seed-version=20240318-180126.222000 /prefetch:3
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=cs --service-sandbox-type=service --no-appcompat-clear --mojo-platform-channel-handle=2292 --field-trial-handle=1860,i,3107102141531998619,13443076751329077414,262144 --variations-seed-version=20240318-180126.222000 /prefetch:8
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=cs --service-sandbox-type=service --no-appcompat-clear --mojo-platform-channel-handle=5076 --field-trial-handle=1860,i,3107102141531998619,13443076751329077414,262144 --variations-seed-version=20240318-180126.222000 /prefetch:8
C:\WINDOWS\system32\wbem\WmiApSrv.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=cs --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --time-ticks-at-unix-epoch=-1710870678899572 --launch-time-ticks=353735149 --mojo-platform-channel-handle=4924 --field-trial-handle=1860,i,3107102141531998619,13443076751329077414,262144 --variations-seed-version=20240318-180126.222000 /prefetch:1
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=cs --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --time-ticks-at-unix-epoch=-1710870678899572 --launch-time-ticks=360445097 --mojo-platform-channel-handle=4960 --field-trial-handle=1860,i,3107102141531998619,13443076751329077414,262144 --variations-seed-version=20240318-180126.222000 /prefetch:1
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=cs --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --time-ticks-at-unix-epoch=-1710870678899572 --launch-time-ticks=360667184 --mojo-platform-channel-handle=6448 --field-trial-handle=1860,i,3107102141531998619,13443076751329077414,262144 --variations-seed-version=20240318-180126.222000 /prefetch:1
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=cs --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --time-ticks-at-unix-epoch=-1710870678899572 --launch-time-ticks=369619768 --mojo-platform-channel-handle=6284 --field-trial-handle=1860,i,3107102141531998619,13443076751329077414,262144 --variations-seed-version=20240318-180126.222000 /prefetch:1
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=cs --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --time-ticks-at-unix-epoch=-1710870678899572 --launch-time-ticks=371608851 --mojo-platform-channel-handle=3332 --field-trial-handle=1860,i,3107102141531998619,13443076751329077414,262144 --variations-seed-version=20240318-180126.222000 /prefetch:1
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=cs --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --time-ticks-at-unix-epoch=-1710870678899572 --launch-time-ticks=432566250 --mojo-platform-channel-handle=6168 --field-trial-handle=1860,i,3107102141531998619,13443076751329077414,262144 --variations-seed-version=20240318-180126.222000 /prefetch:1
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=cs --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --time-ticks-at-unix-epoch=-1710870678899572 --launch-time-ticks=434519822 --mojo-platform-channel-handle=7148 --field-trial-handle=1860,i,3107102141531998619,13443076751329077414,262144 --variations-seed-version=20240318-180126.222000 /prefetch:1
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s wuauserv
"C:\WINDOWS\System32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe2_ Global\UsGthrCtrlFltPipeMssGthrPipe2 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=cs --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --time-ticks-at-unix-epoch=-1710870678899572 --launch-time-ticks=521313881 --mojo-platform-channel-handle=3164 --field-trial-handle=1860,i,3107102141531998619,13443076751329077414,262144 --variations-seed-version=20240318-180126.222000 /prefetch:1
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=cs --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --time-ticks-at-unix-epoch=-1710870678899572 --launch-time-ticks=526320827 --mojo-platform-channel-handle=4828 --field-trial-handle=1860,i,3107102141531998619,13443076751329077414,262144 --variations-seed-version=20240318-180126.222000 /prefetch:1
"C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_424.1301.270.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe" -ServerName:Microsoft.Windows.DashboardServer
"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.92\msedgewebview2.exe" --embedded-browser-webview=1 --webview-exe-name=Widgets.exe --webview-exe-version=424.1301.2770.0 --user-data-dir="C:\Users\Stoupa\AppData\Local\Packages\MicrosoftWindows.Client.WebExperience_cw5n1h2txyewy\LocalState\EBWebView" --noerrdialogs --disk-cache-size=52428800 --edge-webview-is-background --enable-features=MojoIpcz,msWebView2TreatAppSuspendAsDeviceSuspend,UseNativeThreadPool,UseBackgroundNativeThreadPool --lang=cs-CZ --accept-lang=cs-CZ --mojo-named-platform-channel-pipe=20372.19620.11531240150524894446 /pfhostedapp:4c109901cf53a57f7ea1820914c83a6a585521d7
"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.92\msedgewebview2.exe" --type=crashpad-handler --user-data-dir=C:\Users\Stoupa\AppData\Local\Packages\MicrosoftWindows.Client.WebExperience_cw5n1h2txyewy\LocalState\EBWebView /prefetch:4 /pfhostedapp:4c109901cf53a57f7ea1820914c83a6a585521d7 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Users\Stoupa\AppData\Local\Packages\MicrosoftWindows.Client.WebExperience_cw5n1h2txyewy\LocalState\EBWebView\Crashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=122.0.6261.129 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.92\msedgewebview2.exe" --annotation=plat=Win64 "--annotation=prod=Edge WebView2" --annotation=ver=122.0.2365.92 --initial-client-data=0x198,0x19c,0x1a0,0x174,0x1a8,0x7ffa543a5fd8,0x7ffa543a5fe4,0x7ffa543a5ff0
"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.92\msedgewebview2.exe" --type=gpu-process --noerrdialogs --user-data-dir="C:\Users\Stoupa\AppData\Local\Packages\MicrosoftWindows.Client.WebExperience_cw5n1h2txyewy\LocalState\EBWebView" --webview-exe-name=Widgets.exe --webview-exe-version=424.1301.2770.0 --embedded-browser-webview=1 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --mojo-platform-channel-handle=2044 --field-trial-handle=1888,i,7469011759813765122,13393566485949737252,262144 --enable-features=MojoIpcz,UseBackgroundNativeThreadPool,UseNativeThreadPool,msWebView2TreatAppSuspendAsDeviceSuspend --variations-seed-version /prefetch:2 /pfhostedapp:4c109901cf53a57f7ea1820914c83a6a585521d7
"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.92\msedgewebview2.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=cs --service-sandbox-type=none --noerrdialogs --user-data-dir="C:\Users\Stoupa\AppData\Local\Packages\MicrosoftWindows.Client.WebExperience_cw5n1h2txyewy\LocalState\EBWebView" --webview-exe-name=Widgets.exe --webview-exe-version=424.1301.2770.0 --embedded-browser-webview=1 --no-appcompat-clear --mojo-platform-channel-handle=1844 --field-trial-handle=1888,i,7469011759813765122,13393566485949737252,262144 --enable-features=MojoIpcz,UseBackgroundNativeThreadPool,UseNativeThreadPool,msWebView2TreatAppSuspendAsDeviceSuspend --variations-seed-version /prefetch:3 /pfhostedapp:4c109901cf53a57f7ea1820914c83a6a585521d7
"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.92\msedgewebview2.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=cs --service-sandbox-type=service --noerrdialogs --user-data-dir="C:\Users\Stoupa\AppData\Local\Packages\MicrosoftWindows.Client.WebExperience_cw5n1h2txyewy\LocalState\EBWebView" --webview-exe-name=Widgets.exe --webview-exe-version=424.1301.2770.0 --embedded-browser-webview=1 --no-appcompat-clear --mojo-platform-channel-handle=2496 --field-trial-handle=1888,i,7469011759813765122,13393566485949737252,262144 --enable-features=MojoIpcz,UseBackgroundNativeThreadPool,UseNativeThreadPool,msWebView2TreatAppSuspendAsDeviceSuspend --variations-seed-version /prefetch:8 /pfhostedapp:4c109901cf53a57f7ea1820914c83a6a585521d7
"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.92\msedgewebview2.exe" --type=renderer --noerrdialogs --user-data-dir="C:\Users\Stoupa\AppData\Local\Packages\MicrosoftWindows.Client.WebExperience_cw5n1h2txyewy\LocalState\EBWebView" --webview-exe-name=Widgets.exe --webview-exe-version=424.1301.2770.0 --embedded-browser-webview=1 --no-appcompat-clear --lang=cs --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --js-flags="--harmony-weak-refs-with-cleanup-some --expose-gc --ms-user-locale=cs_CZ" --time-ticks-at-unix-epoch=-1710870678905189 --launch-time-ticks=529135044 --mojo-platform-channel-handle=3828 --field-trial-handle=1888,i,7469011759813765122,13393566485949737252,262144 --enable-features=MojoIpcz,UseBackgroundNativeThreadPool,UseNativeThreadPool,msWebView2TreatAppSuspendAsDeviceSuspend --variations-seed-version /pfhostedapp:4c109901cf53a57f7ea1820914c83a6a585521d7 /prefetch:1
"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\122.0.2365.92\msedgewebview2.exe" --type=renderer --noerrdialogs --user-data-dir="C:\Users\Stoupa\AppData\Local\Packages\MicrosoftWindows.Client.WebExperience_cw5n1h2txyewy\LocalState\EBWebView" --webview-exe-name=Widgets.exe --webview-exe-version=424.1301.2770.0 --embedded-browser-webview=1 --no-appcompat-clear --lang=cs --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --js-flags="--harmony-weak-refs-with-cleanup-some --expose-gc --ms-user-locale=cs_CZ" --time-ticks-at-unix-epoch=-1710870678905189 --launch-time-ticks=534754119 --mojo-platform-channel-handle=4704 --field-trial-handle=1888,i,7469011759813765122,13393566485949737252,262144 --enable-features=MojoIpcz,UseBackgroundNativeThreadPool,UseNativeThreadPool,msWebView2TreatAppSuspendAsDeviceSuspend --variations-seed-version /pfhostedapp:4c109901cf53a57f7ea1820914c83a6a585521d7 /prefetch:1
"C:\Windows\System32\vmwp.exe" F0334701-E9A7-4CFF-A864-576CC4343B37 0x2e4

C:\WINDOWS\system32\DllHost.exe /Processid:{DFB65C4C-B34F-435D-AFE9-A86218684AA8}
C:\WINDOWS\system32\DllHost.exe /Processid:{17696EAC-9568-4CF5-BB8C-82515AAD6C09}
--mode 2 --vm-id {f0334701-e9a7-4cff-a864-576cc4343b37} --handle 1288
"C:\Program Files\Altap Salamander\salamand.exe"
"C:\Program Files\Altap Salamander\utils\salmon.exe" "Salmon579" "czech.slg"
"C:\RIST\RSITx64.exe"

=========Mozilla firefox=========

ProfilePath - C:\Users\Stoupa\AppData\Roaming\Mozilla\Firefox\Profiles\8tcsnoap.default-release

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.391.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre-1.8\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.391.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre-1.8\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=3.0.18]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=3.0.20]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll


======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}]
IEToEdge BHO - C:\Program Files (x86)\Microsoft\Edge\Application\122.0.2365.92\BHO\ie_to_edge_bho_64.dll [2024-03-14 576040]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}]
IEToEdge BHO - C:\Program Files (x86)\Microsoft\Edge\Application\122.0.2365.92\BHO\ie_to_edge_bho.dll [2024-03-14 454080]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre-1.8\bin\ssv.dll [2023-10-04 628864]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre-1.8\bin\jp2ssv.dll [2023-10-04 288896]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\WINDOWS\system32\SecurityHealthSystray.exe [2023-10-29 266240]
"RtkAudUService"=C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_a1020546271138b9\RtkAudUService64.exe [2021-08-26 1343072]
"WavesSvc"=C:\WINDOWS\System32\DriverStore\FileRepository\wavesapo8de.inf_amd64_b4d0b189ff2aba03\WavesSvc64.exe [2021-02-18 1774584]
"Veeam.EndPoint.Tray.exe"=C:\Program Files\Veeam\Endpoint Backup\Veeam.EndPoint.Tray.exe [2022-02-20 854040]
"egui"=C:\Program Files\ESET\ESET Security\ecmds.exe [2024-01-24 196264]
"KeePass 2 PreLoad"=C:\Program Files\KeePass Password Safe 2\KeePass.exe [2023-10-12 3293072]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"=C:\Users\Stoupa\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2024-03-14 3306416]
"Nextcloud"=C:\Program Files\Nextcloud\nextcloud.exe [2024-03-06 5317328]
"MicrosoftEdgeAutoLaunch_70804813E0AE944BDC0299D3821A6648"=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe [2024-03-14 4060712]
"Docker Desktop"=C:\Program Files\Docker\Docker\Docker Desktop.exe [2024-02-12 2347080]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2023-10-04 748624]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CBDHSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HidSpiCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NgcCtnrSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NgcSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TextInputManagementService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{5099944A-F6B9-4057-A056-8C550228544C}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{53966CB1-4D46-4166-BF23-C522403CD495}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioEndpointBuilder]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioSrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CBDHSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudAddService.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudBus.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HidSpiCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsQuic]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NgcCtnrSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NgcSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TextInputManagementService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\usbaudio.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96C-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{53966CB1-4D46-4166-BF23-C522403CD495}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"EnableFullTrustStartupTasks"=2
"EnableUwpStartupTasks"=2
"SupportFullTrustStartupTasks"=1
"SupportUwpStartupTasks"=1
"DelayedDesktopSwitchTimeout"=0
"SlowLinkDetectEnabled"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"aux"=wdmaud.drv
"midi"=wdmaud.drv
"midimapper"=midimap.dll
"mixer"=wdmaud.drv
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wave"=wdmaud.drv
"wavemapper"=msacm32.drv
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"aux1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave1"=wdmaud.drv
"aux2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave2"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"aux3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave3"=wdmaud.drv
"aux5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave5"=wdmaud.drv
"aux4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave4"=wdmaud.drv
"aux6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave6"=wdmaud.drv
"midi4"=wdmaud.drv
"midi1"=wdmaud.drv
"midi3"=wdmaud.drv
"midi5"=wdmaud.drv
"midi2"=wdmaud.drv
"midi6"=wdmaud.drv

======File associations======

.inf - open -
.inf - install -
.ini - open -
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.txt - open - "C:\Program Files (x86)\PSPad editor\PSPad.exe" "%1"

======List of files/folders created in the last 1 month======

2024-03-19 19:01:39 ----D---- C:\rsit
2024-03-19 19:01:39 ----D---- C:\Program Files\trend micro
2024-03-19 19:01:10 ----D---- C:\RIST
2024-03-19 18:56:51 ----A---- C:\WINDOWS\system32\perfh009.dat
2024-03-19 18:56:51 ----A---- C:\WINDOWS\system32\perfh005.dat
2024-03-19 18:56:51 ----A---- C:\WINDOWS\system32\perfc009.dat
2024-03-19 18:56:51 ----A---- C:\WINDOWS\system32\perfc005.dat
2024-03-19 18:55:52 ----HD---- C:\OneDriveTemp
2024-03-19 16:24:38 ----D---- C:\Program Files\Mozilla Firefox
2024-03-19 15:37:29 ----A---- C:\WINDOWS\system32\drivers\bthmodem.sys
2024-03-19 15:37:29 ----A---- C:\WINDOWS\system32\drivers\BthHfEnum.sys
2024-03-19 15:37:29 ----A---- C:\WINDOWS\system32\drivers\BthA2dp.sys
2024-03-14 00:53:20 ----D---- C:\Program Files\WSL
2024-03-13 21:30:40 ----SHD---- C:\Config.Msi
2024-03-13 21:25:27 ----A---- C:\WINDOWS\SYSWOW64\scrptadm.dll
2024-03-13 21:25:27 ----A---- C:\WINDOWS\SYSWOW64\gpprefcl.dll
2024-03-13 21:25:27 ----A---- C:\WINDOWS\SYSWOW64\appmgr.dll
2024-03-13 21:25:27 ----A---- C:\WINDOWS\system32\scrptadm.dll
2024-03-13 21:25:27 ----A---- C:\WINDOWS\system32\msmpeg2vdec.dll
2024-03-13 21:25:27 ----A---- C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2024-03-13 21:25:27 ----A---- C:\WINDOWS\system32\mfcore.dll
2024-03-13 21:25:27 ----A---- C:\WINDOWS\system32\HoloSHExtensions.dll
2024-03-13 21:25:27 ----A---- C:\WINDOWS\system32\appmgr.dll
2024-03-13 21:25:26 ----A---- C:\WINDOWS\system32\gpprefcl.dll
2024-03-13 21:25:26 ----A---- C:\WINDOWS\system32\CustomShellHost.exe
2024-03-13 21:25:26 ----A---- C:\WINDOWS\system32\AppVEntVirtualization.dll
2024-03-13 21:25:26 ----A---- C:\WINDOWS\system32\AppVEntSubsystemController.dll
2024-03-13 21:25:25 ----A---- C:\WINDOWS\system32\vmms.exe
2024-03-13 21:25:25 ----A---- C:\WINDOWS\system32\ActivationVdev.dll
2024-03-13 21:25:24 ----A---- C:\WINDOWS\SYSWOW64\tlscsp.dll
2024-03-13 21:25:24 ----A---- C:\WINDOWS\SYSWOW64\tapisrv.dll
2024-03-13 21:25:24 ----A---- C:\WINDOWS\SYSWOW64\sqlsrv32.dll
2024-03-13 21:25:24 ----A---- C:\WINDOWS\SYSWOW64\offreg.dll
2024-03-13 21:25:24 ----A---- C:\WINDOWS\SYSWOW64\msimsg.dll
2024-03-13 21:25:24 ----A---- C:\WINDOWS\SYSWOW64\msi.dll
2024-03-13 21:25:23 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2024-03-13 21:25:23 ----A---- C:\WINDOWS\SYSWOW64\gpupdate.exe
2024-03-13 21:25:23 ----A---- C:\WINDOWS\SYSWOW64\gpresult.exe
2024-03-13 21:25:23 ----A---- C:\WINDOWS\SYSWOW64\gpedit.dll
2024-03-13 21:25:23 ----A---- C:\WINDOWS\SYSWOW64\dswave.dll
2024-03-13 21:25:23 ----A---- C:\WINDOWS\SYSWOW64\dmusic.dll
2024-03-13 21:25:23 ----A---- C:\WINDOWS\SYSWOW64\dmsynth.dll
2024-03-13 21:25:23 ----A---- C:\WINDOWS\SYSWOW64\dmloader.dll
2024-03-13 21:25:23 ----A---- C:\WINDOWS\system32\nvspinfo.exe
2024-03-13 21:25:23 ----A---- C:\WINDOWS\system32\drivers\vmswitch.sys
2024-03-13 21:25:22 ----A---- C:\WINDOWS\system32\vmwp.exe
2024-03-13 21:25:22 ----A---- C:\WINDOWS\system32\vmchipset.dll
2024-03-13 21:25:22 ----A---- C:\WINDOWS\system32\vmfirmwarehcl.dll
2024-03-13 21:25:22 ----A---- C:\WINDOWS\system32\vmcompute.exe
2024-03-13 21:25:22 ----A---- C:\WINDOWS\system32\vmcompute.dll
2024-03-13 21:25:22 ----A---- C:\WINDOWS\system32\vmbuspiper.dll
2024-03-13 21:25:22 ----A---- C:\WINDOWS\system32\drivers\VmsProxyHNic.sys
2024-03-13 21:25:22 ----A---- C:\WINDOWS\system32\drivers\VmsProxy.sys
2024-03-13 21:25:22 ----A---- C:\WINDOWS\system32\drivers\vmbusr.sys
2024-03-13 21:25:21 ----A---- C:\WINDOWS\system32\tlscsp.dll
2024-03-13 21:25:21 ----A---- C:\WINDOWS\system32\tapisrv.dll
2024-03-13 21:25:21 ----A---- C:\WINDOWS\system32\offreg.dll
2024-03-13 21:25:21 ----A---- C:\WINDOWS\system32\msimsg.dll
2024-03-13 21:25:21 ----A---- C:\WINDOWS\system32\msi.dll
2024-03-13 21:25:20 ----A---- C:\WINDOWS\system32\sqlsrv32.dll
2024-03-13 21:25:20 ----A---- C:\WINDOWS\system32\gpupdate.exe
2024-03-13 21:25:20 ----A---- C:\WINDOWS\system32\gpresult.exe
2024-03-13 21:25:20 ----A---- C:\WINDOWS\system32\gpedit.dll
2024-03-13 21:25:20 ----A---- C:\WINDOWS\system32\dswave.dll
2024-03-13 21:25:20 ----A---- C:\WINDOWS\system32\dmusic.dll
2024-03-13 21:25:20 ----A---- C:\WINDOWS\system32\dmsynth.dll
2024-03-13 21:25:20 ----A---- C:\WINDOWS\system32\dmloader.dll
2024-03-13 21:25:06 ----A---- C:\WINDOWS\system32\WinHvPlatform.dll
2024-03-13 21:25:06 ----A---- C:\WINDOWS\system32\computestorage.dll
2024-03-13 21:25:06 ----A---- C:\WINDOWS\system32\computecore.dll
2024-03-13 21:25:05 ----A---- C:\WINDOWS\system32\tcbloader.dll
2024-03-13 21:25:05 ----A---- C:\WINDOWS\system32\tcblaunch.exe
2024-03-13 21:25:05 ----A---- C:\WINDOWS\system32\kdhvcom.dll
2024-03-13 21:25:05 ----A---- C:\WINDOWS\system32\hvloader.dll
2024-03-13 21:25:05 ----A---- C:\WINDOWS\system32\hvix64.exe
2024-03-13 21:25:05 ----A---- C:\WINDOWS\system32\hvax64.exe
2024-03-13 21:25:04 ----A---- C:\WINDOWS\SYSWOW64\rastls.dll
2024-03-13 21:25:04 ----A---- C:\WINDOWS\SYSWOW64\PkgMgr.exe
2024-03-13 21:25:04 ----A---- C:\WINDOWS\system32\UnifiedConsent.dll
2024-03-13 21:25:04 ----A---- C:\WINDOWS\system32\drivers\Vid.sys
2024-03-13 21:25:03 ----A---- C:\WINDOWS\SYSWOW64\zipfldr.dll
2024-03-13 21:25:03 ----A---- C:\WINDOWS\SYSWOW64\ocsetapi.dll
2024-03-13 21:25:03 ----A---- C:\WINDOWS\SYSWOW64\netlogon.dll
2024-03-13 21:25:02 ----A---- C:\WINDOWS\SYSWOW64\kerberos.dll
2024-03-13 21:25:02 ----A---- C:\WINDOWS\SYSWOW64\daxexec.dll
2024-03-13 21:25:01 ----A---- C:\WINDOWS\SYSWOW64\windowsudk.shellcommon.dll
2024-03-13 21:25:01 ----A---- C:\WINDOWS\SYSWOW64\sppcext.dll
2024-03-13 21:25:01 ----A---- C:\WINDOWS\SYSWOW64\sppc.dll
2024-03-13 21:25:01 ----A---- C:\WINDOWS\SYSWOW64\ServicingCommon.dll
2024-03-13 21:25:01 ----A---- C:\WINDOWS\SYSWOW64\MSAJApi.dll
2024-03-13 21:25:00 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.FileExplorer.dll
2024-03-13 21:25:00 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2024-03-13 21:25:00 ----A---- C:\WINDOWS\SYSWOW64\explorer.exe
2024-03-13 21:24:59 ----A---- C:\WINDOWS\SYSWOW64\sechost.dll
2024-03-13 21:24:59 ----A---- C:\WINDOWS\SYSWOW64\advapi32.dll
2024-03-13 21:24:59 ----A---- C:\WINDOWS\system32\SppExtComObj.Exe
2024-03-13 21:24:59 ----A---- C:\WINDOWS\system32\sppcext.dll
2024-03-13 21:24:59 ----A---- C:\WINDOWS\system32\sppc.dll
2024-03-13 21:24:59 ----A---- C:\WINDOWS\system32\ServicingUAPI.dll
2024-03-13 21:24:59 ----A---- C:\WINDOWS\system32\PkgMgr.exe
2024-03-13 21:24:58 ----A---- C:\WINDOWS\system32\sppsvc.exe
2024-03-13 21:24:57 ----A---- C:\WINDOWS\system32\Windows.UI.FileExplorer.dll
2024-03-13 21:24:57 ----A---- C:\WINDOWS\system32\shell32.dll
2024-03-13 21:24:57 ----A---- C:\WINDOWS\system32\rastls.dll
2024-03-13 21:24:56 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2024-03-13 21:24:55 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2024-03-13 21:24:54 ----A---- C:\WINDOWS\SYSWOW64\KernelBase.dll
2024-03-13 21:24:54 ----A---- C:\WINDOWS\system32\zipfldr.dll
2024-03-13 21:24:54 ----A---- C:\WINDOWS\system32\winresume.exe
2024-03-13 21:24:54 ----A---- C:\WINDOWS\system32\ocsetapi.dll
2024-03-13 21:24:54 ----A---- C:\WINDOWS\system32\netlogon.dll
2024-03-13 21:24:54 ----A---- C:\WINDOWS\system32\drivers\refsv1.sys
2024-03-13 21:24:54 ----A---- C:\WINDOWS\system32\drivers\cldflt.sys
2024-03-13 21:24:53 ----A---- C:\WINDOWS\system32\sechost.dll
2024-03-13 21:24:53 ----A---- C:\WINDOWS\system32\offlinelsa.dll
2024-03-13 21:24:53 ----A---- C:\WINDOWS\system32\microsoft-windows-system-events.dll
2024-03-13 21:24:53 ----A---- C:\WINDOWS\system32\lsasrv.dll
2024-03-13 21:24:53 ----A---- C:\WINDOWS\system32\lsaadt.dll
2024-03-13 21:24:53 ----A---- C:\WINDOWS\system32\drivers\werkernel.sys
2024-03-13 21:24:53 ----A---- C:\WINDOWS\system32\drivers\msquic.sys
2024-03-13 21:24:53 ----A---- C:\WINDOWS\system32\drivers\ksecpkg.sys
2024-03-13 21:24:52 ----A---- C:\WINDOWS\system32\ntfsres.dll
2024-03-13 21:24:51 ----A---- C:\WINDOWS\system32\winload.exe
2024-03-13 21:24:51 ----A---- C:\WINDOWS\system32\UpdateAgent.dll
2024-03-13 21:24:51 ----A---- C:\WINDOWS\system32\ShellAppRuntime.exe
2024-03-13 21:24:51 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2024-03-13 21:24:51 ----A---- C:\WINDOWS\system32\drivers\ntfs.sys
2024-03-13 21:24:51 ----A---- C:\WINDOWS\system32\drivers\Classpnp.sys
2024-03-13 21:24:51 ----A---- C:\WINDOWS\system32\ci.dll
2024-03-13 21:24:50 ----A---- C:\WINDOWS\system32\wcimage.dll
2024-03-13 21:24:50 ----A---- C:\WINDOWS\system32\wc_storage.dll
2024-03-13 21:24:50 ----A---- C:\WINDOWS\system32\drivers\usbuhci.sys
2024-03-13 21:24:50 ----A---- C:\WINDOWS\system32\drivers\usbport.sys
2024-03-13 21:24:50 ----A---- C:\WINDOWS\system32\drivers\usbohci.sys
2024-03-13 21:24:50 ----A---- C:\WINDOWS\system32\drivers\usbhub.sys
2024-03-13 21:24:50 ----A---- C:\WINDOWS\system32\drivers\usbehci.sys
2024-03-13 21:24:50 ----A---- C:\WINDOWS\system32\drivers\usbd.sys
2024-03-13 21:24:50 ----A---- C:\WINDOWS\system32\drivers\cimfs.sys
2024-03-13 21:24:50 ----A---- C:\WINDOWS\system32\drivers\BTHUSB.SYS
2024-03-13 21:24:50 ----A---- C:\WINDOWS\system32\drivers\bthport.sys
2024-03-13 21:24:50 ----A---- C:\WINDOWS\system32\drivers\BthMini.SYS
2024-03-13 21:24:50 ----A---- C:\WINDOWS\system32\drivers\bthenum.sys
2024-03-13 21:24:50 ----A---- C:\WINDOWS\system32\daxexec.dll
2024-03-13 21:24:50 ----A---- C:\WINDOWS\system32\cimfs.dll
2024-03-13 21:24:49 ----A---- C:\WINDOWS\system32\win32kbase.sys
2024-03-13 21:24:49 ----A---- C:\WINDOWS\system32\MSAJApi.dll
2024-03-13 21:24:48 ----A---- C:\WINDOWS\system32\kerberos.dll
2024-03-13 21:24:48 ----A---- C:\WINDOWS\system32\GameInputInbox.dll
2024-03-13 21:24:47 ----A---- C:\WINDOWS\system32\ServicingCommon.dll
2024-03-13 21:24:46 ----A---- C:\WINDOWS\system32\wpx.dll
2024-03-13 21:24:46 ----A---- C:\WINDOWS\system32\hspfw.dll
2024-03-13 21:24:46 ----A---- C:\WINDOWS\system32\advapi32.dll
2024-03-13 21:24:46 ----A---- C:\WINDOWS\explorer.exe
2024-03-13 21:24:45 ----A---- C:\WINDOWS\system32\drivers\uaspstor.sys
2024-03-13 21:24:43 ----A---- C:\WINDOWS\system32\drivers\usbprint.sys
2024-03-13 21:24:42 ----A---- C:\WINDOWS\system32\SenseSubAuth.dll
2024-03-13 21:24:42 ----A---- C:\WINDOWS\system32\bcdedit.exe
2024-03-13 21:24:40 ----A---- C:\WINDOWS\system32\mssecwfpu.dll
2024-03-13 21:24:40 ----A---- C:\WINDOWS\system32\mssecuser.dll
2024-03-13 21:24:40 ----A---- C:\WINDOWS\system32\drivers\mssecwfp.sys
2024-03-13 21:24:40 ----A---- C:\WINDOWS\system32\drivers\mssecflt.sys
2024-03-13 21:24:40 ----A---- C:\WINDOWS\system32\drivers\msseccore.sys
2024-03-13 21:22:28 ----A---- C:\WINDOWS\SYSWOW64\poqexec.exe
2024-03-13 21:22:28 ----A---- C:\WINDOWS\system32\poqexec.exe
2024-03-12 14:00:45 ----D---- C:\Program Files\Nextcloud
2024-03-08 09:02:07 ----D---- C:\Video
2024-03-06 11:01:48 ----D---- C:\Program Files\Mozilla Thunderbird
2024-03-01 00:47:50 ----A---- C:\WINDOWS\SYSWOW64\wmp.dll
2024-03-01 00:47:50 ----A---- C:\WINDOWS\SYSWOW64\psr.exe
2024-03-01 00:47:50 ----A---- C:\WINDOWS\system32\psr.exe
2024-03-01 00:47:49 ----A---- C:\WINDOWS\system32\wmp.dll
2024-03-01 00:47:47 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.dll
2024-03-01 00:47:47 ----A---- C:\WINDOWS\SYSWOW64\msvproc.dll
2024-03-01 00:47:47 ----A---- C:\WINDOWS\SYSWOW64\msmpeg2vdec.dll
2024-03-01 00:47:47 ----A---- C:\WINDOWS\SYSWOW64\MSAudDecMFT.dll
2024-03-01 00:47:47 ----A---- C:\WINDOWS\SYSWOW64\mfsvr.dll
2024-03-01 00:47:47 ----A---- C:\WINDOWS\SYSWOW64\MFMediaEngine.dll
2024-03-01 00:47:46 ----A---- C:\WINDOWS\SYSWOW64\mfps.dll
2024-03-01 00:47:46 ----A---- C:\WINDOWS\SYSWOW64\mfpmp.exe
2024-03-01 00:47:46 ----A---- C:\WINDOWS\SYSWOW64\mfmp4srcsnk.dll
2024-03-01 00:47:46 ----A---- C:\WINDOWS\SYSWOW64\mfcore.dll
2024-03-01 00:47:46 ----A---- C:\WINDOWS\SYSWOW64\mf.dll
2024-03-01 00:47:46 ----A---- C:\WINDOWS\system32\WpdMtpUS.dll
2024-03-01 00:47:46 ----A---- C:\WINDOWS\system32\WpdMtp.dll
2024-03-01 00:47:46 ----A---- C:\WINDOWS\system32\MSAudDecMFT.dll
2024-03-01 00:47:46 ----A---- C:\WINDOWS\system32\mfsvr.dll
2024-03-01 00:47:46 ----A---- C:\WINDOWS\system32\DolbyDecMFT.dll
2024-03-01 00:47:45 ----A---- C:\WINDOWS\system32\Windows.Media.dll
2024-03-01 00:47:45 ----A---- C:\WINDOWS\system32\msvproc.dll
2024-03-01 00:47:45 ----A---- C:\WINDOWS\system32\mfps.dll
2024-03-01 00:47:45 ----A---- C:\WINDOWS\system32\mfmp4srcsnk.dll
2024-03-01 00:47:45 ----A---- C:\WINDOWS\system32\MFMediaEngine.dll
2024-03-01 00:47:44 ----A---- C:\WINDOWS\SYSWOW64\mavinject.exe
2024-03-01 00:47:44 ----A---- C:\WINDOWS\SYSWOW64\AppVTerminator.dll
2024-03-01 00:47:44 ----A---- C:\WINDOWS\SYSWOW64\AppVSentinel.dll
2024-03-01 00:47:44 ----A---- C:\WINDOWS\SYSWOW64\AppVEntSubsystems32.dll
2024-03-01 00:47:44 ----A---- C:\WINDOWS\SYSWOW64\AppVDllSurrogate.exe
2024-03-01 00:47:44 ----A---- C:\WINDOWS\SYSWOW64\AppVClientPS.dll
2024-03-01 00:47:44 ----A---- C:\WINDOWS\system32\mfpmp.exe
2024-03-01 00:47:44 ----A---- C:\WINDOWS\system32\mf.dll
2024-03-01 00:47:41 ----A---- C:\WINDOWS\system32\SettingsHandlers_AssignedAccess.dll
2024-03-01 00:47:41 ----A---- C:\WINDOWS\system32\mavinject.exe
2024-03-01 00:47:41 ----A---- C:\WINDOWS\system32\assignedaccessmanagersvc.dll
2024-03-01 00:47:41 ----A---- C:\WINDOWS\system32\AssignedAccessManager.dll
2024-03-01 00:47:41 ----A---- C:\WINDOWS\system32\AssignedAccessCsp.dll
2024-03-01 00:47:41 ----A---- C:\WINDOWS\system32\AppVSentinel.dll
2024-03-01 00:47:41 ----A---- C:\WINDOWS\system32\AppVDllSurrogate.exe
2024-03-01 00:47:40 ----A---- C:\WINDOWS\system32\vmconnect.exe
2024-03-01 00:47:40 ----A---- C:\WINDOWS\system32\fclip.exe
2024-03-01 00:47:40 ----A---- C:\WINDOWS\system32\AppVTerminator.dll
2024-03-01 00:47:40 ----A---- C:\WINDOWS\system32\AppVEntSubsystems64.dll
2024-03-01 00:47:40 ----A---- C:\WINDOWS\system32\AppVClientPS.dll
2024-03-01 00:47:39 ----A---- C:\WINDOWS\SYSWOW64\Windows.System.Profile.HardwareId.dll
2024-03-01 00:47:39 ----A---- C:\WINDOWS\SYSWOW64\tsgqec.dll
2024-03-01 00:47:39 ----A---- C:\WINDOWS\SYSWOW64\themecpl.dll
2024-03-01 00:47:39 ----A---- C:\WINDOWS\SYSWOW64\mstscax.dll
2024-03-01 00:47:39 ----A---- C:\WINDOWS\SYSWOW64\mstsc.exe
2024-03-01 00:47:39 ----A---- C:\WINDOWS\SYSWOW64\msdt.exe
2024-03-01 00:47:39 ----A---- C:\WINDOWS\SYSWOW64\mfsensorgroup.dll
2024-03-01 00:47:39 ----A---- C:\WINDOWS\SYSWOW64\FrameServerClient.dll
2024-03-01 00:47:39 ----A---- C:\WINDOWS\SYSWOW64\AcGenral.dll
2024-03-01 00:47:38 ----A---- C:\WINDOWS\SYSWOW64\sendmail.dll
2024-03-01 00:47:38 ----A---- C:\WINDOWS\SYSWOW64\jscript9diag.dll
2024-03-01 00:47:38 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2024-03-01 00:47:38 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2024-03-01 00:47:37 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2024-03-01 00:47:36 ----A---- C:\WINDOWS\SYSWOW64\jscript9Legacy.dll
2024-03-01 00:47:36 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2024-03-01 00:47:35 ----A---- C:\WINDOWS\SYSWOW64\wtdccm.dll
2024-03-01 00:47:35 ----A---- C:\WINDOWS\SYSWOW64\sud.dll
2024-03-01 00:47:35 ----A---- C:\WINDOWS\SYSWOW64\storagewmi.dll
2024-03-01 00:47:35 ----A---- C:\WINDOWS\SYSWOW64\mispace.dll
2024-03-01 00:47:35 ----A---- C:\WINDOWS\SYSWOW64\MiracastReceiverExt.dll
2024-03-01 00:47:35 ----A---- C:\WINDOWS\SYSWOW64\hnetmon.dll
2024-03-01 00:47:35 ----A---- C:\WINDOWS\SYSWOW64\fsutil.exe
2024-03-01 00:47:35 ----A---- C:\WINDOWS\SYSWOW64\format.com
2024-03-01 00:47:34 ----A---- C:\WINDOWS\system32\Windows.Internal.PredictionUnit.dll
2024-03-01 00:47:34 ----A---- C:\WINDOWS\system32\RDXTaskFactory.dll
2024-03-01 00:47:34 ----A---- C:\WINDOWS\system32\MemoryDiagnostic.dll
2024-03-01 00:47:34 ----A---- C:\WINDOWS\system32\HostNetSvc.dll
2024-03-01 00:47:34 ----A---- C:\WINDOWS\system32\DiagSvc.dll
2024-03-01 00:47:33 ----A---- C:\WINDOWS\system32\tsgqec.dll
2024-03-01 00:47:33 ----A---- C:\WINDOWS\system32\themecpl.dll
2024-03-01 00:47:33 ----A---- C:\WINDOWS\system32\termsrv.dll
2024-03-01 00:47:33 ----A---- C:\WINDOWS\system32\SettingsHandlers_Troubleshoot.dll
2024-03-01 00:47:33 ----A---- C:\WINDOWS\system32\rdpclip.exe
2024-03-01 00:47:33 ----A---- C:\WINDOWS\system32\pcwutl.dll
2024-03-01 00:47:33 ----A---- C:\WINDOWS\system32\mstscax.dll
2024-03-01 00:47:33 ----A---- C:\WINDOWS\system32\mstsc.exe
2024-03-01 00:47:33 ----A---- C:\WINDOWS\system32\msdt.exe
2024-03-01 00:47:33 ----A---- C:\WINDOWS\system32\AcGenral.dll
2024-03-01 00:47:32 ----A---- C:\WINDOWS\system32\Windows.System.Profile.HardwareId.dll
2024-03-01 00:47:32 ----A---- C:\WINDOWS\system32\sendmail.dll
2024-03-01 00:47:32 ----A---- C:\WINDOWS\system32\rdpcorets.dll
2024-03-01 00:47:32 ----A---- C:\WINDOWS\system32\RdpAvenc.dll
2024-03-01 00:47:32 ----A---- C:\WINDOWS\system32\mfsensorgroup.dll
2024-03-01 00:47:32 ----A---- C:\WINDOWS\system32\FrameServerClient.dll
2024-03-01 00:47:32 ----A---- C:\WINDOWS\system32\FrameServer.dll
2024-03-01 00:47:32 ----A---- C:\WINDOWS\system32\DAFMCP.dll
2024-03-01 00:47:32 ----A---- C:\WINDOWS\system32\DAFIPP.dll
2024-03-01 00:47:31 ----A---- C:\WINDOWS\system32\jscript9diag.dll
2024-03-01 00:47:31 ----A---- C:\WINDOWS\system32\jscript9.dll
2024-03-01 00:47:31 ----A---- C:\WINDOWS\system32\ieframe.dll
2024-03-01 00:47:30 ----A---- C:\WINDOWS\system32\mshtml.dll
2024-03-01 00:47:29 ----A---- C:\WINDOWS\system32\edgehtml.dll
2024-03-01 00:47:28 ----A---- C:\WINDOWS\system32\vbsapi.dll
2024-03-01 00:47:28 ----A---- C:\WINDOWS\system32\UsbSettingsHandlers.dll
2024-03-01 00:47:28 ----A---- C:\WINDOWS\system32\sud.dll
2024-03-01 00:47:28 ----A---- C:\WINDOWS\system32\StorSvc.dll
2024-03-01 00:47:28 ----A---- C:\WINDOWS\system32\mispace.dll
2024-03-01 00:47:28 ----A---- C:\WINDOWS\system32\MiracastReceiverExt.dll
2024-03-01 00:47:28 ----A---- C:\WINDOWS\system32\jscript9Legacy.dll
2024-03-01 00:47:28 ----A---- C:\WINDOWS\system32\hnetmon.dll
2024-03-01 00:47:28 ----A---- C:\WINDOWS\system32\DataExchangeHost.exe
2024-03-01 00:47:28 ----A---- C:\WINDOWS\system32\DAFESCL.dll
2024-03-01 00:47:27 ----A---- C:\WINDOWS\system32\webthreatdefusersvc.dll
2024-03-01 00:47:27 ----A---- C:\WINDOWS\system32\ThreatExperienceManager.dll
2024-03-01 00:47:27 ----A---- C:\WINDOWS\system32\storagewmi.dll
2024-03-01 00:47:27 ----A---- C:\WINDOWS\system32\regsvc.dll
2024-03-01 00:47:27 ----A---- C:\WINDOWS\system32\MDMAppInstaller.exe
2024-03-01 00:47:27 ----A---- C:\WINDOWS\system32\fsutil.exe
2024-03-01 00:47:27 ----A---- C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2024-03-01 00:47:27 ----A---- C:\WINDOWS\system32\edpcsp.dll
2024-03-01 00:47:27 ----A---- C:\WINDOWS\system32\EDPCleanup.exe
2024-03-01 00:47:26 ----A---- C:\WINDOWS\SYSWOW64\SearchFolder.dll
2024-03-01 00:47:26 ----A---- C:\WINDOWS\system32\wtdccm.dll
2024-03-01 00:47:26 ----A---- C:\WINDOWS\system32\webthreatdefsvc.dll
2024-03-01 00:47:26 ----A---- C:\WINDOWS\system32\ThreatResponseEngine.dll
2024-03-01 00:47:26 ----A---- C:\WINDOWS\system32\ThreatIntelligence.dll
2024-03-01 00:47:26 ----A---- C:\WINDOWS\system32\SFAPM.dll
2024-03-01 00:47:26 ----A---- C:\WINDOWS\system32\SettingsHandlers_SharedExperiences_Rome.dll
2024-03-01 00:47:26 ----A---- C:\WINDOWS\system32\RDXService.dll
2024-03-01 00:47:26 ----A---- C:\WINDOWS\system32\Microsoft.Graphics.Display.DisplayEnhancementService.dll
2024-03-01 00:47:26 ----A---- C:\WINDOWS\system32\facecredentialprovider.dll
2024-03-01 00:47:26 ----A---- C:\WINDOWS\system32\dusmtask.exe
2024-03-01 00:47:26 ----A---- C:\WINDOWS\system32\dusmsvc.dll
2024-03-01 00:47:26 ----A---- C:\WINDOWS\system32\drivers\wtd.sys
2024-03-01 00:47:26 ----A---- C:\WINDOWS\system32\bcastdvruserservice.dll
2024-03-01 00:47:25 ----A---- C:\WINDOWS\SYSWOW64\XpsToPwgrConverter.dll
2024-03-01 00:47:25 ----A---- C:\WINDOWS\SYSWOW64\XpsToPclmConverter.dll
2024-03-01 00:47:25 ----A---- C:\WINDOWS\SYSWOW64\wlidcredprov.dll
2024-03-01 00:47:25 ----A---- C:\WINDOWS\SYSWOW64\Windows.Graphics.Printing.Workflow.Native.dll
2024-03-01 00:47:25 ----A---- C:\WINDOWS\SYSWOW64\Windows.Graphics.Printing.Workflow.dll
2024-03-01 00:47:25 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.Sensors.dll
2024-03-01 00:47:25 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.LockScreen.dll
2024-03-01 00:47:25 ----A---- C:\WINDOWS\SYSWOW64\PrintWorkflowService.dll
2024-03-01 00:47:25 ----A---- C:\WINDOWS\SYSWOW64\PrintRenderAPIHost.DLL
2024-03-01 00:47:25 ----A---- C:\WINDOWS\SYSWOW64\Print.Workflow.Source.dll
2024-03-01 00:47:25 ----A---- C:\WINDOWS\SYSWOW64\Print.PrintSupport.Source.dll
2024-03-01 00:47:25 ----A---- C:\WINDOWS\SYSWOW64\olepro32.dll
2024-03-01 00:47:25 ----A---- C:\WINDOWS\SYSWOW64\netshell.dll
2024-03-01 00:47:25 ----A---- C:\WINDOWS\SYSWOW64\MrmIndexer.dll
2024-03-01 00:47:25 ----A---- C:\WINDOWS\SYSWOW64\LockScreenData.dll
2024-03-01 00:47:25 ----A---- C:\WINDOWS\SYSWOW64\LockAppBroker.dll
2024-03-01 00:47:25 ----A---- C:\WINDOWS\SYSWOW64\devmgr.dll
2024-03-01 00:47:25 ----A---- C:\WINDOWS\SYSWOW64\AboveLockAppHost.dll
2024-03-01 00:47:24 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Immersive.dll
2024-03-01 00:47:24 ----A---- C:\WINDOWS\SYSWOW64\Windows.Internal.Management.dll
2024-03-01 00:47:24 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2024-03-01 00:47:24 ----A---- C:\WINDOWS\SYSWOW64\runonce.exe
2024-03-01 00:47:24 ----A---- C:\WINDOWS\SYSWOW64\policymanager.dll
2024-03-01 00:47:24 ----A---- C:\WINDOWS\SYSWOW64\mdmlocalmanagement.dll
2024-03-01 00:47:24 ----A---- C:\WINDOWS\SYSWOW64\enrollmentapi.dll
2024-03-01 00:47:24 ----A---- C:\WINDOWS\SYSWOW64\dmenrollengine.dll
2024-03-01 00:47:24 ----A---- C:\WINDOWS\SYSWOW64\DMAlertListener.ProxyStub.dll
2024-03-01 00:47:24 ----A---- C:\WINDOWS\SYSWOW64\credprovslegacy.dll
2024-03-01 00:47:24 ----A---- C:\WINDOWS\SYSWOW64\credprovs.dll
2024-03-01 00:47:24 ----A---- C:\WINDOWS\SYSWOW64\credprovhost.dll
2024-03-01 00:47:24 ----A---- C:\WINDOWS\SYSWOW64\CredProvDataModel.dll
2024-03-01 00:47:23 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Protection.PlayReady.dll
2024-03-01 00:47:23 ----A---- C:\WINDOWS\SYSWOW64\wdigest.dll
2024-03-01 00:47:23 ----A---- C:\WINDOWS\SYSWOW64\olethk32.dll
2024-03-01 00:47:23 ----A---- C:\WINDOWS\SYSWOW64\olesvr32.dll
2024-03-01 00:47:23 ----A---- C:\WINDOWS\SYSWOW64\oledlg.dll
2024-03-01 00:47:23 ----A---- C:\WINDOWS\SYSWOW64\olecli32.dll
2024-03-01 00:47:23 ----A---- C:\WINDOWS\SYSWOW64\ole32.dll
2024-03-01 00:47:23 ----A---- C:\WINDOWS\SYSWOW64\iprop.dll
2024-03-01 00:47:23 ----A---- C:\WINDOWS\SYSWOW64\dcomp.dll
2024-03-01 00:47:23 ----A---- C:\WINDOWS\SYSWOW64\comsvcs.dll
2024-03-01 00:47:23 ----A---- C:\WINDOWS\SYSWOW64\catsrvut.dll
2024-03-01 00:47:22 ----A---- C:\WINDOWS\SYSWOW64\wldp.dll
2024-03-01 00:47:22 ----A---- C:\WINDOWS\SYSWOW64\WinTypes.dll
2024-03-01 00:47:22 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Cred.dll
2024-03-01 00:47:22 ----A---- C:\WINDOWS\SYSWOW64\wincorlib.dll
2024-03-01 00:47:22 ----A---- C:\WINDOWS\SYSWOW64\Utilman.exe
2024-03-01 00:47:22 ----A---- C:\WINDOWS\SYSWOW64\userinit.exe
2024-03-01 00:47:22 ----A---- C:\WINDOWS\SYSWOW64\uReFS.dll
2024-03-01 00:47:22 ----A---- C:\WINDOWS\SYSWOW64\uireng.dll
2024-03-01 00:47:22 ----A---- C:\WINDOWS\SYSWOW64\Taskmgr.exe
2024-03-01 00:47:22 ----A---- C:\WINDOWS\SYSWOW64\TaskManagerDataLayer.dll
2024-03-01 00:47:22 ----A---- C:\WINDOWS\SYSWOW64\schannel.dll
2024-03-01 00:47:22 ----A---- C:\WINDOWS\SYSWOW64\pcaui.exe
2024-03-01 00:47:22 ----A---- C:\WINDOWS\SYSWOW64\pcaui.dll
2024-03-01 00:47:22 ----A---- C:\WINDOWS\SYSWOW64\msv1_0.dll
2024-03-01 00:47:22 ----A---- C:\WINDOWS\SYSWOW64\Magnify.exe
2024-03-01 00:47:22 ----A---- C:\WINDOWS\SYSWOW64\EaseOfAccessDialog.exe
2024-03-01 00:47:22 ----A---- C:\WINDOWS\SYSWOW64\CredProvHelper.dll
2024-03-01 00:47:22 ----A---- C:\WINDOWS\SYSWOW64\combase.dll
2024-03-01 00:47:22 ----A---- C:\WINDOWS\SYSWOW64\authz.dll
2024-03-01 00:47:22 ----A---- C:\WINDOWS\SYSWOW64\apphelp.dll
2024-03-01 00:47:22 ----A---- C:\WINDOWS\SYSWOW64\aepic.dll
2024-03-01 00:47:22 ----A---- C:\WINDOWS\SYSWOW64\acppage.dll
2024-03-01 00:47:21 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Speech.dll
2024-03-01 00:47:21 ----A---- C:\WINDOWS\SYSWOW64\Windows.Graphics.dll
2024-03-01 00:47:21 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.Lights.dll
2024-03-01 00:47:21 ----A---- C:\WINDOWS\SYSWOW64\virtdisk.dll
2024-03-01 00:47:21 ----A---- C:\WINDOWS\SYSWOW64\user32.dll
2024-03-01 00:47:21 ----A---- C:\WINDOWS\SYSWOW64\tzautoupdate.dll
2024-03-01 00:47:21 ----A---- C:\WINDOWS\SYSWOW64\PCShellCommonProxyStub.dll
2024-03-01 00:47:21 ----A---- C:\WINDOWS\SYSWOW64\NPSMDesktopProvider.dll
2024-03-01 00:47:21 ----A---- C:\WINDOWS\SYSWOW64\ngccredprov.dll
2024-03-01 00:47:21 ----A---- C:\WINDOWS\SYSWOW64\mdmregistration.dll
2024-03-01 00:47:21 ----A---- C:\WINDOWS\SYSWOW64\ifsutil.dll
2024-03-01 00:47:21 ----A---- C:\WINDOWS\SYSWOW64\fmifs.dll
2024-03-01 00:47:21 ----A---- C:\WINDOWS\SYSWOW64\D3D12Core.dll
2024-03-01 00:47:21 ----A---- C:\WINDOWS\SYSWOW64\D3D12.dll
2024-03-01 00:47:21 ----A---- C:\WINDOWS\SYSWOW64\AppResolver.dll
2024-03-01 00:47:20 ----A---- C:\WINDOWS\SYSWOW64\wpnapps.dll
2024-03-01 00:47:20 ----A---- C:\WINDOWS\SYSWOW64\Windows.Storage.Search.dll
2024-03-01 00:47:20 ----A---- C:\WINDOWS\SYSWOW64\Windows.StateRepositoryUpgrade.dll
2024-03-01 00:47:20 ----A---- C:\WINDOWS\SYSWOW64\Windows.StateRepositoryPS.dll
2024-03-01 00:47:20 ----A---- C:\WINDOWS\SYSWOW64\Windows.StateRepositoryCore.dll
2024-03-01 00:47:20 ----A---- C:\WINDOWS\SYSWOW64\Windows.StateRepositoryClient.dll
2024-03-01 00:47:20 ----A---- C:\WINDOWS\SYSWOW64\Windows.StateRepositoryBroker.dll
2024-03-01 00:47:20 ----A---- C:\WINDOWS\SYSWOW64\Windows.StateRepository.dll
2024-03-01 00:47:20 ----A---- C:\WINDOWS\SYSWOW64\Windows.Networking.Connectivity.dll
2024-03-01 00:47:20 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.WiFi.dll
2024-03-01 00:47:20 ----A---- C:\WINDOWS\SYSWOW64\Windows.Devices.Radios.dll
2024-03-01 00:47:20 ----A---- C:\WINDOWS\SYSWOW64\twinapi.appcore.dll
2024-03-01 00:47:20 ----A---- C:\WINDOWS\SYSWOW64\StateRepository.Core.dll
2024-03-01 00:47:20 ----A---- C:\WINDOWS\SYSWOW64\rmclient.dll
2024-03-01 00:47:20 ----A---- C:\WINDOWS\SYSWOW64\propsys.dll
2024-03-01 00:47:20 ----A---- C:\WINDOWS\SYSWOW64\OneCoreUAPCommonProxyStub.dll
2024-03-01 00:47:20 ----A---- C:\WINDOWS\SYSWOW64\MrmDeploy.dll
2024-03-01 00:47:20 ----A---- C:\WINDOWS\SYSWOW64\AppXDeploymentClient.dll
2024-03-01 00:47:19 ----A---- C:\WINDOWS\SYSWOW64\WordBreakers.dll
2024-03-01 00:47:19 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Core.TextInput.dll
2024-03-01 00:47:19 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.Store.dll
2024-03-01 00:47:19 ----A---- C:\WINDOWS\SYSWOW64\tquery.dll
2024-03-01 00:47:19 ----A---- C:\WINDOWS\SYSWOW64\TextInputMethodFormatter.dll
2024-03-01 00:47:19 ----A---- C:\WINDOWS\SYSWOW64\TextInputFramework.dll
2024-03-01 00:47:19 ----A---- C:\WINDOWS\SYSWOW64\SearchIndexer.exe
2024-03-01 00:47:19 ----A---- C:\WINDOWS\SYSWOW64\PhotoMetadataHandler.dll
2024-03-01 00:47:19 ----A---- C:\WINDOWS\SYSWOW64\NPSM.dll
2024-03-01 00:47:19 ----A---- C:\WINDOWS\SYSWOW64\mssrch.dll
2024-03-01 00:47:19 ----A---- C:\WINDOWS\SYSWOW64\mssph.dll
2024-03-01 00:47:19 ----A---- C:\WINDOWS\SYSWOW64\mscms.dll
2024-03-01 00:47:19 ----A---- C:\WINDOWS\SYSWOW64\MrmCoreR.dll
2024-03-01 00:47:19 ----A---- C:\WINDOWS\SYSWOW64\MosStorage.dll
2024-03-01 00:47:19 ----A---- C:\WINDOWS\SYSWOW64\InstallServiceTasks.dll
2024-03-01 00:47:19 ----A---- C:\WINDOWS\SYSWOW64\InstallService.dll
2024-03-01 00:47:19 ----A---- C:\WINDOWS\SYSWOW64\EditBufferTestHook.dll
2024-03-01 00:47:19 ----A---- C:\WINDOWS\SYSWOW64\dxgi.dll
2024-03-01 00:47:19 ----A---- C:\WINDOWS\SYSWOW64\directxdatabasehelper.dll
2024-03-01 00:47:19 ----A---- C:\WINDOWS\SYSWOW64\d3d11.dll
2024-03-01 00:47:18 ----A---- C:\WINDOWS\SYSWOW64\XInputUap.dll
2024-03-01 00:47:18 ----A---- C:\WINDOWS\SYSWOW64\wlidprov.dll
2024-03-01 00:47:18 ----A---- C:\WINDOWS\SYSWOW64\Windows.Services.TargetedContent.dll
2024-03-01 00:47:18 ----A---- C:\WINDOWS\SYSWOW64\Windows.Gaming.Input.dll
2024-03-01 00:47:18 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.dll
2024-03-01 00:47:18 ----A---- C:\WINDOWS\SYSWOW64\webauthn.dll
2024-03-01 00:47:18 ----A---- C:\WINDOWS\SYSWOW64\twinui.appcore.dll
2024-03-01 00:47:18 ----A---- C:\WINDOWS\SYSWOW64\thumbcache.dll
2024-03-01 00:47:18 ----A---- C:\WINDOWS\SYSWOW64\FWPUCLNT.DLL
2024-03-01 00:47:18 ----A---- C:\WINDOWS\SYSWOW64\fidocredprov.dll
2024-03-01 00:47:18 ----A---- C:\WINDOWS\SYSWOW64\ExecModelClient.dll
2024-03-01 00:47:18 ----A---- C:\WINDOWS\SYSWOW64\DWrite.dll
2024-03-01 00:47:18 ----A---- C:\WINDOWS\SYSWOW64\d2d1.dll
2024-03-01 00:47:18 ----A---- C:\WINDOWS\SYSWOW64\coml2.dll
2024-03-01 00:47:18 ----A---- C:\WINDOWS\SYSWOW64\CloudExperienceHostCommon.dll
2024-03-01 00:47:18 ----A---- C:\WINDOWS\SYSWOW64\AppContracts.dll
2024-03-01 00:47:18 ----A---- C:\WINDOWS\SYSWOW64\ActivationManager.dll
2024-03-01 00:47:17 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.dll
2024-03-01 00:47:17 ----A---- C:\WINDOWS\SYSWOW64\cdp.dll
2024-03-01 00:47:16 ----A---- C:\WINDOWS\SYSWOW64\Windows.Internal.UI.Shell.WindowTabManager.dll
2024-03-01 00:47:16 ----A---- C:\WINDOWS\SYSWOW64\uxtheme.dll
2024-03-01 00:47:16 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2024-03-01 00:47:16 ----A---- C:\WINDOWS\SYSWOW64\TSWorkspace.dll
2024-03-01 00:47:16 ----A---- C:\WINDOWS\SYSWOW64\themeui.dll
2024-03-01 00:47:16 ----A---- C:\WINDOWS\SYSWOW64\ShareHost.dll
2024-03-01 00:47:16 ----A---- C:\WINDOWS\SYSWOW64\RADCUI.dll
2024-03-01 00:47:16 ----A---- C:\WINDOWS\SYSWOW64\mapistub.dll
2024-03-01 00:47:16 ----A---- C:\WINDOWS\SYSWOW64\mapi32.dll
2024-03-01 00:47:16 ----A---- C:\WINDOWS\SYSWOW64\LaunchWinApp.exe
2024-03-01 00:47:16 ----A---- C:\WINDOWS\SYSWOW64\kernel32.dll
2024-03-01 00:47:16 ----A---- C:\WINDOWS\SYSWOW64\InputSwitch.dll
2024-03-01 00:47:16 ----A---- C:\WINDOWS\SYSWOW64\fixmapi.exe
2024-03-01 00:47:16 ----A---- C:\WINDOWS\SYSWOW64\dsreg.dll
2024-03-01 00:47:16 ----A---- C:\WINDOWS\SYSWOW64\cdprt.dll
2024-03-01 00:47:16 ----A---- C:\WINDOWS\SYSWOW64\aadtb.dll
2024-03-01 00:47:15 ----A---- C:\WINDOWS\SYSWOW64\SmartcardCredentialProvider.dll
2024-03-01 00:47:15 ----A---- C:\WINDOWS\SYSWOW64\OpenWith.exe
2024-03-01 00:47:15 ----A---- C:\WINDOWS\SYSWOW64\ntshrui.dll
2024-03-01 00:47:15 ----A---- C:\WINDOWS\SYSWOW64\msctfuimanager.dll
2024-03-01 00:47:15 ----A---- C:\WINDOWS\SYSWOW64\msctf.dll
2024-03-01 00:47:14 ----A---- C:\WINDOWS\SYSWOW64\windows.storage.dll
2024-03-01 00:47:14 ----A---- C:\WINDOWS\SYSWOW64\Windows.FileExplorer.Common.dll
2024-03-01 00:47:14 ----A---- C:\WINDOWS\SYSWOW64\UIAutomationCore.dll
2024-03-01 00:47:14 ----A---- C:\WINDOWS\SYSWOW64\ShellCommonCommonProxyStub.dll
2024-03-01 00:47:14 ----A---- C:\WINDOWS\SYSWOW64\NaturalLanguage6.dll
2024-03-01 00:47:14 ----A---- C:\WINDOWS\SYSWOW64\ExplorerFrame.dll
2024-03-01 00:47:14 ----A---- C:\WINDOWS\SYSWOW64\comdlg32.dll
2024-03-01 00:47:13 ----A---- C:\WINDOWS\SYSWOW64\wlanapi.dll
2024-03-01 00:47:13 ----A---- C:\WINDOWS\SYSWOW64\wcnwiz.dll
2024-03-01 00:47:13 ----A---- C:\WINDOWS\SYSWOW64\WcnApi.dll
2024-03-01 00:47:13 ----A---- C:\WINDOWS\SYSWOW64\TpmCoreProvisioning.dll
2024-03-01 00:47:13 ----A---- C:\WINDOWS\SYSWOW64\TpmCertResources.dll
2024-03-01 00:47:13 ----A---- C:\WINDOWS\SYSWOW64\SystemSettings.DataModel.dll
2024-03-01 00:47:13 ----A---- C:\WINDOWS\SYSWOW64\SyncSettings.dll
2024-03-01 00:47:13 ----A---- C:\WINDOWS\SYSWOW64\stobject.dll
2024-03-01 00:47:13 ----A---- C:\WINDOWS\SYSWOW64\sspicli.dll
2024-03-01 00:47:13 ----A---- C:\WINDOWS\SYSWOW64\rpcrt4.dll
2024-03-01 00:47:13 ----A---- C:\WINDOWS\SYSWOW64\provcore.dll
2024-03-01 00:47:13 ----A---- C:\WINDOWS\SYSWOW64\ntdll.dll
2024-03-01 00:47:13 ----A---- C:\WINDOWS\SYSWOW64\FlightSettings.dll
2024-03-01 00:47:13 ----A---- C:\WINDOWS\SYSWOW64\ContentDeliveryManager.Utilities.dll
2024-03-01 00:47:13 ----A---- C:\WINDOWS\SYSWOW64\AudioSes.dll
2024-03-01 00:47:12 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Devices.dll
2024-03-01 00:47:12 ----A---- C:\WINDOWS\SYSWOW64\Windows.ApplicationModel.ConversationalAgent.dll
2024-03-01 00:47:12 ----A---- C:\WINDOWS\SYSWOW64\OneCoreCommonProxyStub.dll
2024-03-01 00:47:12 ----A---- C:\WINDOWS\SYSWOW64\fcon.dll
2024-03-01 00:47:12 ----A---- C:\WINDOWS\SYSWOW64\dsound.dll
2024-03-01 00:47:12 ----A---- C:\WINDOWS\SYSWOW64\CompPkgSup.dll
2024-03-01 00:47:12 ----A---- C:\WINDOWS\SYSWOW64\AudioEng.dll
2024-03-01 00:47:12 ----A---- C:\WINDOWS\system32\sppobjs.dll
2024-03-01 00:47:12 ----A---- C:\WINDOWS\system32\comdlg32.dll
2024-03-01 00:47:11 ----A---- C:\WINDOWS\system32\SmartcardCredentialProvider.dll
2024-03-01 00:47:10 ----A---- C:\WINDOWS\system32\XpsToPwgrConverter.dll
2024-03-01 00:47:10 ----A---- C:\WINDOWS\system32\XpsToPclmConverter.dll
2024-03-01 00:47:10 ----A---- C:\WINDOWS\system32\Windows.Graphics.Printing.Workflow.Native.dll
2024-03-01 00:47:10 ----A---- C:\WINDOWS\system32\Windows.Graphics.Printing.Workflow.dll
2024-03-01 00:47:10 ----A---- C:\WINDOWS\system32\Windows.FileExplorer.Common.dll
2024-03-01 00:47:10 ----A---- C:\WINDOWS\system32\Windows.CloudStore.EarlyDownloader.dll
2024-03-01 00:47:10 ----A---- C:\WINDOWS\system32\SearchFolder.dll
2024-03-01 00:47:10 ----A---- C:\WINDOWS\system32\PrintWorkflowService.dll
2024-03-01 00:47:10 ----A---- C:\WINDOWS\system32\PrintRenderAPIHost.DLL
2024-03-01 00:47:10 ----A---- C:\WINDOWS\system32\Print.Workflow.Source.dll
2024-03-01 00:47:10 ----A---- C:\WINDOWS\system32\Print.PrintSupport.Source.dll
2024-03-01 00:47:10 ----A---- C:\WINDOWS\system32\pnputil.exe
2024-03-01 00:47:10 ----A---- C:\WINDOWS\system32\OpenWith.exe
2024-03-01 00:47:10 ----A---- C:\WINDOWS\system32\ntshrui.dll
2024-03-01 00:47:10 ----A---- C:\WINDOWS\system32\IppCommonProxy.dll
2024-03-01 00:47:10 ----A---- C:\WINDOWS\system32\IppCommon.dll
2024-03-01 00:47:10 ----A---- C:\WINDOWS\system32\ExplorerFrame.dll
2024-03-01 00:47:10 ----A---- C:\WINDOWS\system32\drvinst.exe
2024-03-01 00:47:10 ----A---- C:\WINDOWS\system32\devmgr.dll
2024-03-01 00:47:10 ----A---- C:\WINDOWS\system32\APMonUI.dll
2024-03-01 00:47:10 ----A---- C:\WINDOWS\system32\APMon.dll
2024-03-01 00:47:09 ----A---- C:\WINDOWS\system32\SettingsHandlers_nt.dll
2024-03-01 00:47:09 ----A---- C:\WINDOWS\system32\SettingsHandlers_Lighting.dll
2024-03-01 00:47:09 ----A---- C:\WINDOWS\system32\SettingsHandlers_Keyboard.dll
2024-03-01 00:47:09 ----A---- C:\WINDOWS\system32\SettingsHandlers_IME.dll
2024-03-01 00:47:09 ----A---- C:\WINDOWS\system32\SettingsHandlers_HumanPresence.dll
2024-03-01 00:47:09 ----A---- C:\WINDOWS\system32\SettingsHandlers_Gpu.dll
2024-03-01 00:47:09 ----A---- C:\WINDOWS\system32\SettingsHandlers_Camera.dll
2024-03-01 00:47:09 ----A---- C:\WINDOWS\system32\SettingsHandlers_BatteryUsage.dll
2024-03-01 00:47:09 ----A---- C:\WINDOWS\system32\netshell.dll
2024-03-01 00:47:09 ----A---- C:\WINDOWS\system32\netprofmsvc.dll
2024-03-01 00:47:09 ----A---- C:\WINDOWS\system32\ncsi.dll
2024-03-01 00:47:09 ----A---- C:\WINDOWS\system32\AudioHandlers.dll
2024-03-01 00:47:09 ----A---- C:\WINDOWS\system32\AboutSettingsHandlers.dll
2024-03-01 00:47:08 ----A---- C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2024-03-01 00:47:08 ----A---- C:\WINDOWS\system32\SensorRuntimeBroker.exe
2024-03-01 00:47:08 ----A---- C:\WINDOWS\system32\RelPost.exe
2024-03-01 00:47:08 ----A---- C:\WINDOWS\system32\MrmIndexer.dll
2024-03-01 00:47:08 ----A---- C:\WINDOWS\system32\mapistub.dll
2024-03-01 00:47:08 ----A---- C:\WINDOWS\system32\mapi32.dll
2024-03-01 00:47:08 ----A---- C:\WINDOWS\system32\fixmapi.exe
2024-03-01 00:47:08 ----A---- C:\WINDOWS\system32\drivers\ahcache.sys
2024-03-01 00:47:07 ----A---- C:\WINDOWS\system32\wlidcredprov.dll
2024-03-01 00:47:07 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2024-03-01 00:47:07 ----A---- C:\WINDOWS\system32\SecurityHealthUdk.dll
2024-03-01 00:47:07 ----A---- C:\WINDOWS\system32\LockScreenData.dll
2024-03-01 00:47:07 ----A---- C:\WINDOWS\system32\LockController.dll
2024-03-01 00:47:07 ----A---- C:\WINDOWS\system32\LockAppBroker.dll
2024-03-01 00:47:07 ----A---- C:\WINDOWS\system32\LanguageComponentsInstaller.dll
2024-03-01 00:47:07 ----A---- C:\WINDOWS\system32\AboveLockAppHost.dll
2024-03-01 00:47:05 ----A---- C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2024-03-01 00:47:05 ----A---- C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2024-03-01 00:47:05 ----A---- C:\WINDOWS\system32\NetworkIcon.dll
2024-03-01 00:47:05 ----A---- C:\WINDOWS\system32\CustomInstallExec.exe
2024-03-01 00:47:05 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2024-03-01 00:47:05 ----A---- C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2024-03-01 00:47:05 ----A---- C:\WINDOWS\system32\ApplyTrustOffline.exe
2024-03-01 00:47:05 ----A---- C:\WINDOWS\system32\AppInstallerBackgroundUpdate.exe
2024-03-01 00:47:04 ----A---- C:\WINDOWS\system32\Windows.UI.Immersive.dll
2024-03-01 00:47:04 ----A---- C:\WINDOWS\system32\Windows.Internal.Management.dll
2024-03-01 00:47:04 ----A---- C:\WINDOWS\system32\urlmon.dll
2024-03-01 00:47:04 ----A---- C:\WINDOWS\system32\runonce.exe
2024-03-01 00:47:04 ----A---- C:\WINDOWS\system32\omadmprc.exe
2024-03-01 00:47:04 ----A---- C:\WINDOWS\system32\omadmclient.exe
2024-03-01 00:47:04 ----A---- C:\WINDOWS\system32\mdmmigrator.dll
2024-03-01 00:47:04 ----A---- C:\WINDOWS\system32\mdmlocalmanagement.dll
2024-03-01 00:47:04 ----A---- C:\WINDOWS\system32\LocationFramework.dll
2024-03-01 00:47:04 ----A---- C:\WINDOWS\system32\gpsvc.dll
2024-03-01 00:47:04 ----A---- C:\WINDOWS\system32\gpapi.dll
2024-03-01 00:47:04 ----A---- C:\WINDOWS\system32\enrollmentapi.dll
2024-03-01 00:47:04 ----A---- C:\WINDOWS\system32\dmenterprisediagnostics.dll
2024-03-01 00:47:04 ----A---- C:\WINDOWS\system32\dmenrollengine.dll
2024-03-01 00:47:04 ----A---- C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2024-03-01 00:47:03 ----A---- C:\WINDOWS\system32\shutdownux.dll
2024-03-01 00:47:03 ----A---- C:\WINDOWS\system32\policymanager.dll
2024-03-01 00:47:03 ----A---- C:\WINDOWS\system32\lpk.dll
2024-03-01 00:47:03 ----A---- C:\WINDOWS\system32\LogonController.dll
2024-03-01 00:47:03 ----A---- C:\WINDOWS\system32\fontsub.dll
2024-03-01 00:47:03 ----A---- C:\WINDOWS\system32\fontdrvhost.exe
2024-03-01 00:47:03 ----A---- C:\WINDOWS\system32\enterprisecsps.dll
2024-03-01 00:47:03 ----A---- C:\WINDOWS\system32\drivers\crashdmp.sys
2024-03-01 00:47:03 ----A---- C:\WINDOWS\system32\dmwappushsvc.dll
2024-03-01 00:47:03 ----A---- C:\WINDOWS\system32\DMPushRouterCore.dll
2024-03-01 00:47:03 ----A---- C:\WINDOWS\system32\dmcertinst.exe
2024-03-01 00:47:03 ----A---- C:\WINDOWS\system32\DeviceEnroller.exe
2024-03-01 00:47:03 ----A---- C:\WINDOWS\system32\declaredconfiguration.dll
2024-03-01 00:47:03 ----A---- C:\WINDOWS\system32\dcsvc.dll
2024-03-01 00:47:03 ----A---- C:\WINDOWS\system32\dciman32.dll
2024-03-01 00:47:03 ----A---- C:\WINDOWS\system32\credprovslegacy.dll
2024-03-01 00:47:03 ----A---- C:\WINDOWS\system32\credprovs.dll
2024-03-01 00:47:03 ----A---- C:\WINDOWS\system32\credprovhost.dll
2024-03-01 00:47:03 ----A---- C:\WINDOWS\system32\CredProvDataModel.dll
2024-03-01 00:47:03 ----A---- C:\WINDOWS\system32\configmanager2.dll
2024-03-01 00:47:02 ----A---- C:\WINDOWS\system32\wdigest.dll
2024-03-01 00:47:02 ----A---- C:\WINDOWS\system32\uDWM.dll
2024-03-01 00:47:02 ----A---- C:\WINDOWS\system32\oledlg.dll
2024-03-01 00:47:02 ----A---- C:\WINDOWS\system32\ole32.dll
2024-03-01 00:47:02 ----A---- C:\WINDOWS\system32\dwmcore.dll
2024-03-01 00:47:02 ----A---- C:\WINDOWS\system32\dcomp.dll
2024-03-01 00:47:02 ----A---- C:\WINDOWS\system32\comsvcs.dll
2024-03-01 00:47:02 ----A---- C:\WINDOWS\system32\catsrvut.dll
2024-03-01 00:47:01 ----A---- C:\WINDOWS\system32\uReFS.dll
2024-03-01 00:47:01 ----A---- C:\WINDOWS\system32\refsutil.exe
2024-03-01 00:47:01 ----A---- C:\WINDOWS\system32\format.com
2024-03-01 00:47:01 ----A---- C:\WINDOWS\system32\drivers\refs.sys
2024-03-01 00:47:01 ----A---- C:\WINDOWS\system32\cxcredprov.dll
2024-03-01 00:47:01 ----A---- C:\WINDOWS\system32\cflapi.dll
2024-03-01 00:47:01 ----A---- C:\WINDOWS\system32\CaptureService.dll
2024-03-01 00:47:00 ----A---- C:\WINDOWS\system32\Windows.UI.NetworkUXController.dll
2024-03-01 00:47:00 ----A---- C:\WINDOWS\system32\Windows.UI.Logon.dll
2024-03-01 00:47:00 ----A---- C:\WINDOWS\system32\Windows.UI.Cred.dll
2024-03-01 00:47:00 ----A---- C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2024-03-01 00:47:00 ----A---- C:\WINDOWS\system32\uireng.dll
2024-03-01 00:47:00 ----A---- C:\WINDOWS\system32\pcaui.exe
2024-03-01 00:47:00 ----A---- C:\WINDOWS\system32\pcaui.dll
2024-03-01 00:47:00 ----A---- C:\WINDOWS\system32\pcasvc.dll
2024-03-01 00:47:00 ----A---- C:\WINDOWS\system32\pcadm.dll
2024-03-01 00:47:00 ----A---- C:\WINDOWS\system32\nonarpinv.dll
2024-03-01 00:47:00 ----A---- C:\WINDOWS\system32\InventorySvc.dll
2024-03-01 00:47:00 ----A---- C:\WINDOWS\system32\invagent.dll
2024-03-01 00:47:00 ----A---- C:\WINDOWS\system32\generaltel.dll
2024-03-01 00:47:00 ----A---- C:\WINDOWS\system32\devinv.dll
2024-03-01 00:47:00 ----A---- C:\WINDOWS\system32\CredProvHelper.dll
2024-03-01 00:47:00 ----A---- C:\WINDOWS\system32\CompatTelRunner.exe
2024-03-01 00:47:00 ----A---- C:\WINDOWS\system32\appraiser.dll
2024-03-01 00:47:00 ----A---- C:\WINDOWS\system32\apphelp.dll
2024-03-01 00:47:00 ----A---- C:\WINDOWS\system32\aemarebackup.dll
2024-03-01 00:47:00 ----A---- C:\WINDOWS\system32\aeinv.dll
2024-03-01 00:47:00 ----A---- C:\WINDOWS\system32\acppage.dll
2024-03-01 00:47:00 ----A---- C:\WINDOWS\system32\acmigration.dll
2024-03-01 00:46:59 ----A---- C:\WINDOWS\system32\VoiceAccess.exe
2024-03-01 00:46:59 ----A---- C:\WINDOWS\system32\Utilman.exe
2024-03-01 00:46:59 ----A---- C:\WINDOWS\system32\tier2punctuations.dll
2024-03-01 00:46:59 ----A---- C:\WINDOWS\system32\Taskmgr.exe
2024-03-01 00:46:59 ----A---- C:\WINDOWS\system32\TaskManagerDataLayer.dll
2024-03-01 00:46:59 ----A---- C:\WINDOWS\system32\SRH.dll
2024-03-01 00:46:59 ----A---- C:\WINDOWS\system32\Magnify.exe
2024-03-01 00:46:59 ----A---- C:\WINDOWS\system32\EaseOfAccessDialog.exe
2024-03-01 00:46:59 ----A---- C:\WINDOWS\system32\drivers\tcpipreg.sys
2024-03-01 00:46:59 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2024-03-01 00:46:59 ----A---- C:\WINDOWS\system32\drivers\NetAdapterCx.sys
2024-03-01 00:46:59 ----A---- C:\WINDOWS\system32\drivers\FWPKCLNT.SYS
2024-03-01 00:46:58 ----A---- C:\WINDOWS\system32\wldp.dll
2024-03-01 00:46:58 ----A---- C:\WINDOWS\system32\WinTypes.dll
2024-03-01 00:46:58 ----A---- C:\WINDOWS\system32\wincorlib.dll
2024-03-01 00:46:58 ----A---- C:\WINDOWS\system32\userinit.exe
2024-03-01 00:46:58 ----A---- C:\WINDOWS\system32\schannel.dll
2024-03-01 00:46:58 ----A---- C:\WINDOWS\system32\rpcss.dll
2024-03-01 00:46:58 ----A---- C:\WINDOWS\system32\profsvc.dll
2024-03-01 00:46:58 ----A---- C:\WINDOWS\system32\msv1_0.dll
2024-03-01 00:46:58 ----A---- C:\WINDOWS\system32\diagtrack.dll
2024-03-01 00:46:58 ----A---- C:\WINDOWS\system32\dcntel.dll
2024-03-01 00:46:58 ----A---- C:\WINDOWS\system32\combase.dll
2024-03-01 00:46:58 ----A---- C:\WINDOWS\system32\authz.dll
2024-03-01 00:46:57 ----A---- C:\WINDOWS\system32\usermgr.dll
2024-03-01 00:46:57 ----A---- C:\WINDOWS\system32\sspisrv.dll
2024-03-01 00:46:57 ----A---- C:\WINDOWS\system32\sspicli.dll
2024-03-01 00:46:57 ----A---- C:\WINDOWS\system32\rpcrt4.dll
2024-03-01 00:46:57 ----A---- C:\WINDOWS\system32\lsass.exe
2024-03-01 00:46:57 ----A---- C:\WINDOWS\system32\KernelBase.dll
2024-03-01 00:46:57 ----A---- C:\WINDOWS\system32\drivers\netio.sys
2024-03-01 00:46:57 ----A---- C:\WINDOWS\system32\drivers\msrpc.sys
2024-03-01 00:46:57 ----A---- C:\WINDOWS\system32\drivers\ksecdd.sys
2024-03-01 00:46:57 ----A---- C:\WINDOWS\system32\aepic.dll
2024-03-01 00:46:56 ----A---- C:\WINDOWS\system32\ntdll.dll
2024-03-01 00:46:56 ----A---- C:\WINDOWS\system32\kernel32.dll
2024-03-01 00:46:56 ----A---- C:\WINDOWS\system32\drivers\fltMgr.sys
2024-03-01 00:46:55 ----A---- C:\WINDOWS\system32\winlogon.exe
2024-03-01 00:46:54 ----A---- C:\WINDOWS\system32\SettingsHandlers_Pen.dll
2024-03-01 00:46:54 ----A---- C:\WINDOWS\system32\SettingsHandlers_ManagePhone.dll
2024-03-01 00:46:54 ----A---- C:\WINDOWS\system32\SettingsHandlers_Language.dll
2024-03-01 00:46:54 ----A---- C:\WINDOWS\system32\QuietHours.dll
2024-03-01 00:46:54 ----A---- C:\WINDOWS\system32\PasswordEnrollmentManager.dll
2024-03-01 00:46:54 ----A---- C:\WINDOWS\system32\NotificationControllerPS.dll
2024-03-01 00:46:54 ----A---- C:\WINDOWS\system32\NotificationController.dll
2024-03-01 00:46:54 ----A---- C:\WINDOWS\system32\InputCloudStore.dll
2024-03-01 00:46:54 ----A---- C:\WINDOWS\system32\DevicesFlowBroker.dll
2024-03-01 00:46:53 ----A---- C:\WINDOWS\system32\PersonalizationCSP.dll
2024-03-01 00:46:53 ----A---- C:\WINDOWS\system32\desktopimgdownldr.exe
2024-03-01 00:46:52 ----A---- C:\WINDOWS\system32\Windows.Internal.Taskbar.dll
2024-03-01 00:46:52 ----A---- C:\WINDOWS\system32\Windows.Internal.Shell.XamlInputViewHost.dll
2024-03-01 00:46:52 ----A---- C:\WINDOWS\system32\Windows.Internal.Shell.CloudDesktop.TransitionScreen.dll
2024-03-01 00:46:52 ----A---- C:\WINDOWS\system32\Windows.Internal.OpenWithHost.dll
2024-03-01 00:46:52 ----A---- C:\WINDOWS\system32\Windows.Internal.HardwareConfirmator.dll
2024-03-01 00:46:52 ----A---- C:\WINDOWS\system32\virtdisk.dll
2024-03-01 00:46:52 ----A---- C:\WINDOWS\system32\twinui.pcshell.dll
2024-03-01 00:46:52 ----A---- C:\WINDOWS\system32\Taskbar.dll
2024-03-01 00:46:52 ----A---- C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2024-03-01 00:46:52 ----A---- C:\WINDOWS\system32\SettingsHandlers_UserIntent.dll
2024-03-01 00:46:52 ----A---- C:\WINDOWS\system32\SettingsHandlers_User.dll
2024-03-01 00:46:52 ----A---- C:\WINDOWS\system32\SettingsHandlers_PCDisplay.dll
2024-03-01 00:46:52 ----A---- C:\WINDOWS\system32\SettingsHandlers_DesktopTaskbar.dll
2024-03-01 00:46:52 ----A---- C:\WINDOWS\system32\SettingsHandlers_CloudPC.dll
2024-03-01 00:46:52 ----A---- C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2024-03-01 00:46:52 ----A---- C:\WINDOWS\system32\PCShellCommonProxyStub.dll
2024-03-01 00:46:52 ----A---- C:\WINDOWS\system32\CloudDesktopCSP.dll
2024-03-01 00:46:52 ----A---- C:\WINDOWS\system32\AppResolver.dll
2024-03-01 00:46:51 ----A---- C:\WINDOWS\system32\usosvcimpl.dll
2024-03-01 00:46:51 ----A---- C:\WINDOWS\system32\usosvc.dll
2024-03-01 00:46:51 ----A---- C:\WINDOWS\system32\usodocked.dll
2024-03-01 00:46:51 ----A---- C:\WINDOWS\system32\SettingsHandlers_Devices.dll
2024-03-01 00:46:51 ----A---- C:\WINDOWS\system32\SettingsHandlers_Authentication.dll
2024-03-01 00:46:51 ----A---- C:\WINDOWS\system32\NetworkMobileSettings.dll
2024-03-01 00:46:51 ----A---- C:\WINDOWS\system32\MusUpdateHandlers.dll
2024-03-01 00:46:50 ----A---- C:\WINDOWS\system32\WlanMediaManager.dll
2024-03-01 00:46:50 ----A---- C:\WINDOWS\system32\Windows.Media.Speech.dll
2024-03-01 00:46:50 ----A---- C:\WINDOWS\system32\SensorService.dll
2024-03-01 00:46:50 ----A---- C:\WINDOWS\system32\NetworkUXBroker.dll
2024-03-01 00:46:50 ----A---- C:\WINDOWS\system32\fmifs.dll
2024-03-01 00:46:50 ----A---- C:\WINDOWS\system32\drivers\USBXHCI.SYS
2024-03-01 00:46:50 ----A---- C:\WINDOWS\system32\drivers\USBHUB3.SYS
2024-03-01 00:46:50 ----A---- C:\WINDOWS\system32\drivers\UcmUcsiCx.sys
2024-03-01 00:46:50 ----A---- C:\WINDOWS\system32\drivers\UcmUcsiAcpiClient.sys
2024-03-01 00:46:50 ----A---- C:\WINDOWS\system32\drivers\UcmCx.sys
2024-03-01 00:46:50 ----A---- C:\WINDOWS\system32\drivers\IndirectKmd.sys
2024-03-01 00:46:49 ----A---- C:\WINDOWS\system32\WordBreakers.dll
2024-03-01 00:46:49 ----A---- C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2024-03-01 00:46:49 ----A---- C:\WINDOWS\system32\windows.immersiveshell.serviceprovider.dll
2024-03-01 00:46:49 ----A---- C:\WINDOWS\system32\win32kfull.sys
2024-03-01 00:46:49 ----A---- C:\WINDOWS\system32\user32.dll
2024-03-01 00:46:49 ----A---- C:\WINDOWS\system32\TextInputMethodFormatter.dll
2024-03-01 00:46:49 ----A---- C:\WINDOWS\system32\TextInputFramework.dll
2024-03-01 00:46:49 ----A---- C:\WINDOWS\system32\NPSMDesktopProvider.dll
2024-03-01 00:46:49 ----A---- C:\WINDOWS\system32\NPSM.dll
2024-03-01 00:46:49 ----A---- C:\WINDOWS\system32\MosStorage.dll
2024-03-01 00:46:49 ----A---- C:\WINDOWS\system32\mdmregistration.dll
2024-03-01 00:46:49 ----A---- C:\WINDOWS\system32\InputLocaleManager.dll
2024-03-01 00:46:49 ----A---- C:\WINDOWS\system32\ifsutil.dll
2024-03-01 00:46:49 ----A---- C:\WINDOWS\system32\EditBufferTestHook.dll
2024-03-01 00:46:48 ----A---- C:\WINDOWS\system32\tquery.dll
2024-03-01 00:46:48 ----A---- C:\WINDOWS\system32\SearchIndexer.exe
2024-03-01 00:46:48 ----A---- C:\WINDOWS\system32\PhotoMetadataHandler.dll
2024-03-01 00:46:48 ----A---- C:\WINDOWS\system32\mssrch.dll
2024-03-01 00:46:48 ----A---- C:\WINDOWS\system32\mssph.dll
2024-03-01 00:46:48 ----A---- C:\WINDOWS\system32\mscms.dll
2024-03-01 00:46:48 ----A---- C:\WINDOWS\system32\InputService.dll
2024-03-01 00:46:48 ----A---- C:\WINDOWS\system32\FntCache.dll
2024-03-01 00:46:48 ----A---- C:\WINDOWS\system32\dxgi.dll
2024-03-01 00:46:48 ----A---- C:\WINDOWS\system32\directxdatabasehelper.dll
2024-03-01 00:46:48 ----A---- C:\WINDOWS\system32\d3d11.dll
2024-03-01 00:46:47 ----A---- C:\WINDOWS\system32\Windows.Services.TargetedContent.dll
2024-03-01 00:46:47 ----A---- C:\WINDOWS\system32\webauthn.dll
2024-03-01 00:46:47 ----A---- C:\WINDOWS\system32\IKEEXT.DLL
2024-03-01 00:46:47 ----A---- C:\WINDOWS\system32\FWPUCLNT.DLL
2024-03-01 00:46:47 ----A---- C:\WINDOWS\system32\DWrite.dll
2024-03-01 00:46:47 ----A---- C:\WINDOWS\system32\drivers\wfplwfs.sys
2024-03-01 00:46:47 ----A---- C:\WINDOWS\system32\d2d1.dll
2024-03-01 00:46:47 ----A---- C:\WINDOWS\system32\coml2.dll
2024-03-01 00:46:47 ----A---- C:\WINDOWS\system32\BFE.DLL
2024-03-01 00:46:46 ----A---- C:\WINDOWS\system32\XInputUap.dll
2024-03-01 00:46:46 ----A---- C:\WINDOWS\system32\wlidprov.dll
2024-03-01 00:46:46 ----A---- C:\WINDOWS\system32\Windows.Gaming.Input.dll
2024-03-01 00:46:46 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.dll
2024-03-01 00:46:46 ----A---- C:\WINDOWS\system32\UIAutomationCore.dll
2024-03-01 00:46:46 ----A---- C:\WINDOWS\system32\ISM.dll
2024-03-01 00:46:46 ----A---- C:\WINDOWS\system32\fidocredprov.dll
2024-03-01 00:46:46 ----A---- C:\WINDOWS\system32\EdgeContent.dll
2024-03-01 00:46:46 ----A---- C:\WINDOWS\system32\DafDnsSd.dll
2024-03-01 00:46:46 ----A---- C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2024-03-01 00:46:46 ----A---- C:\WINDOWS\system32\cloudAP.dll
2024-03-01 00:46:46 ----A---- C:\WINDOWS\system32\ActivationManager.dll
2024-03-01 00:46:45 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.Resources.Common.dll
2024-03-01 00:46:45 ----A---- C:\WINDOWS\system32\twinui.appcore.dll
2024-03-01 00:46:45 ----A---- C:\WINDOWS\system32\thumbcache.dll
2024-03-01 00:46:45 ----A---- C:\WINDOWS\system32\PackageStateChangeHandler.dll
2024-03-01 00:46:45 ----A---- C:\WINDOWS\system32\MicrosoftAccountExtension.dll
2024-03-01 00:46:45 ----A---- C:\WINDOWS\system32\ExecModelClient.dll
2024-03-01 00:46:45 ----A---- C:\WINDOWS\system32\AppContracts.dll
2024-03-01 00:46:44 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll
2024-03-01 00:46:44 ----A---- C:\WINDOWS\system32\Windows.CloudStore.dll
2024-03-01 00:46:44 ----A---- C:\WINDOWS\system32\cdp.dll
2024-03-01 00:46:44 ----A---- C:\WINDOWS\system32\AppReadiness.dll
2024-03-01 00:46:43 ----A---- C:\WINDOWS\system32\Windows.Graphics.dll
2024-03-01 00:46:43 ----A---- C:\WINDOWS\system32\Windows.Devices.Lights.dll
2024-03-01 00:46:43 ----A---- C:\WINDOWS\system32\tzautoupdate.dll
2024-03-01 00:46:43 ----A---- C:\WINDOWS\system32\ShareHost.dll
2024-03-01 00:46:43 ----A---- C:\WINDOWS\system32\RuntimeBroker.exe
2024-03-01 00:46:43 ----A---- C:\WINDOWS\system32\ngcsvc.dll
2024-03-01 00:46:43 ----A---- C:\WINDOWS\system32\ngcrecovery.dll
2024-03-01 00:46:43 ----A---- C:\WINDOWS\system32\ngccredprov.dll
2024-03-01 00:46:43 ----A---- C:\WINDOWS\system32\drivers\dxgmms2.sys
2024-03-01 00:46:43 ----A---- C:\WINDOWS\system32\drivers\dxgmms1.sys
2024-03-01 00:46:43 ----A---- C:\WINDOWS\system32\drivers\dxgkrnl.sys
2024-03-01 00:46:43 ----A---- C:\WINDOWS\system32\D3D12Core.dll
2024-03-01 00:46:43 ----A---- C:\WINDOWS\system32\D3D12.dll
2024-03-01 00:46:43 ----A---- C:\WINDOWS\system32\cdprt.dll
2024-03-01 00:46:43 ----A---- C:\WINDOWS\system32\cdd.dll
2024-03-01 00:46:43 ----A---- C:\WINDOWS\system32\CapabilityAccessHandlers.dll
2024-03-01 00:46:42 ----A---- C:\WINDOWS\system32\Windows.Storage.Search.dll
2024-03-01 00:46:42 ----A---- C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2024-03-01 00:46:42 ----A---- C:\WINDOWS\system32\Windows.Devices.WiFi.dll
2024-03-01 00:46:42 ----A---- C:\WINDOWS\system32\Windows.Devices.Radios.dll
2024-03-01 00:46:42 ----A---- C:\WINDOWS\system32\twinapi.appcore.dll
2024-03-01 00:46:42 ----A---- C:\WINDOWS\system32\PsmServiceExtHost.dll
2024-03-01 00:46:42 ----A---- C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2024-03-01 00:46:41 ----A---- C:\WINDOWS\system32\wpncore.dll
2024-03-01 00:46:41 ----A---- C:\WINDOWS\system32\wpnapps.dll
2024-03-01 00:46:41 ----A---- C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll
2024-03-01 00:46:41 ----A---- C:\WINDOWS\system32\Windows.StateRepositoryPS.dll
2024-03-01 00:46:41 ----A---- C:\WINDOWS\system32\Windows.StateRepositoryCore.dll
2024-03-01 00:46:41 ----A---- C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2024-03-01 00:46:41 ----A---- C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2024-03-01 00:46:41 ----A---- C:\WINDOWS\system32\wfapigp.dll
2024-03-01 00:46:41 ----A---- C:\WINDOWS\system32\StateRepository.Core.dll
2024-03-01 00:46:41 ----A---- C:\WINDOWS\system32\rmclient.dll
2024-03-01 00:46:41 ----A---- C:\WINDOWS\system32\MPSSVC.dll
2024-03-01 00:46:41 ----A---- C:\WINDOWS\system32\icfupgd.dll
2024-03-01 00:46:41 ----A---- C:\WINDOWS\system32\fwpolicyiomgr.dll
2024-03-01 00:46:41 ----A---- C:\WINDOWS\system32\fwmdmcsp.dll
2024-03-01 00:46:41 ----A---- C:\WINDOWS\system32\fwbase.dll
2024-03-01 00:46:41 ----A---- C:\WINDOWS\system32\FirewallAPI.dll
2024-03-01 00:46:40 ----A---- C:\WINDOWS\system32\windows.storage.dll
2024-03-01 00:46:40 ----A---- C:\WINDOWS\system32\Windows.StateRepository.dll
2024-03-01 00:46:40 ----A---- C:\WINDOWS\system32\propsys.dll
2024-03-01 00:46:40 ----A---- C:\WINDOWS\system32\MrmDeploy.dll
2024-03-01 00:46:40 ----A---- C:\WINDOWS\system32\MrmCoreR.dll
2024-03-01 00:46:40 ----A---- C:\WINDOWS\system32\AppXDeploymentClient.dll
2024-03-01 00:46:39 ----A---- C:\WINDOWS\system32\windowsudkservices.shellcommon.dll
2024-03-01 00:46:39 ----A---- C:\WINDOWS\system32\windowsudk.shellcommon.dll
2024-03-01 00:46:39 ----A---- C:\WINDOWS\system32\Windows.Internal.UI.Shell.WindowTabManager.dll
2024-03-01 00:46:39 ----A---- C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2024-03-01 00:46:39 ----A---- C:\WINDOWS\system32\SettingsHandlers_Startup.dll
2024-03-01 00:46:39 ----A---- C:\WINDOWS\system32\LaunchWinApp.exe
2024-03-01 00:46:39 ----A---- C:\WINDOWS\system32\InstallServiceTasks.dll
2024-03-01 00:46:39 ----A---- C:\WINDOWS\system32\InstallService.dll
2024-03-01 00:46:39 ----A---- C:\WINDOWS\system32\GameInputSvc.exe
2024-03-01 00:46:39 ----A---- C:\WINDOWS\system32\cdpusersvc.dll
2024-03-01 00:46:39 ----A---- C:\WINDOWS\system32\aadtb.dll
2024-03-01 00:46:38 ----A---- C:\WINDOWS\system32\twinui.dll
2024-03-01 00:46:38 ----A---- C:\WINDOWS\system32\TSWorkspace.dll
2024-03-01 00:46:38 ----A---- C:\WINDOWS\system32\themeui.dll
2024-03-01 00:46:38 ----A---- C:\WINDOWS\system32\TabSvc.dll
2024-03-01 00:46:38 ----A---- C:\WINDOWS\system32\RADCUI.dll
2024-03-01 00:46:38 ----A---- C:\WINDOWS\system32\msctfuimanager.dll
2024-03-01 00:46:38 ----A---- C:\WINDOWS\system32\msctf.dll
2024-03-01 00:46:38 ----A---- C:\WINDOWS\system32\lsm.dll
2024-03-01 00:46:38 ----A---- C:\WINDOWS\system32\InputSwitch.dll
2024-03-01 00:46:38 ----A---- C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2024-03-01 00:46:37 ----A---- C:\WINDOWS\system32\wlanapi.dll
2024-03-01 00:46:37 ----A---- C:\WINDOWS\system32\windows.internal.shellcommon.shareexperience.dll
2024-03-01 00:46:37 ----A---- C:\WINDOWS\system32\Windows.CloudStore.Schema.Shell.dll
2024-03-01 00:46:37 ----A---- C:\WINDOWS\system32\usbmon.dll
2024-03-01 00:46:37 ----A---- C:\WINDOWS\system32\StartTileData.dll
2024-03-01 00:46:37 ----A---- C:\WINDOWS\system32\ShellCommonCommonProxyStub.dll
2024-03-01 00:46:37 ----A---- C:\WINDOWS\system32\readCloudDataSettings.exe
2024-03-01 00:46:37 ----A---- C:\WINDOWS\system32\NaturalLanguage6.dll
2024-03-01 00:46:37 ----A---- C:\WINDOWS\system32\localui.dll
2024-03-01 00:46:37 ----A---- C:\WINDOWS\system32\CredentialEnrollmentManagerForUser.dll
2024-03-01 00:46:37 ----A---- C:\WINDOWS\system32\CredentialEnrollmentManager.exe
2024-03-01 00:46:36 ----A---- C:\WINDOWS\system32\wlansvc.dll
2024-03-01 00:46:36 ----A---- C:\WINDOWS\system32\wifinetworkmanager.dll
2024-03-01 00:46:36 ----A---- C:\WINDOWS\system32\wifidatacapabilityhandler.dll
2024-03-01 00:46:36 ----A---- C:\WINDOWS\system32\wcnwiz.dll
2024-03-01 00:46:36 ----A---- C:\WINDOWS\system32\WcnApi.dll
2024-03-01 00:46:36 ----A---- C:\WINDOWS\system32\wcmsvc.dll
2024-03-01 00:46:36 ----A---- C:\WINDOWS\system32\wcmcsp.dll
2024-03-01 00:46:36 ----A---- C:\WINDOWS\system32\TpmTasks.dll
2024-03-01 00:46:36 ----A---- C:\WINDOWS\system32\TpmCoreProvisioning.dll
2024-03-01 00:46:36 ----A---- C:\WINDOWS\system32\TpmCertResources.dll
2024-03-01 00:46:36 ----A---- C:\WINDOWS\system32\TetheringStation.dll
2024-03-01 00:46:36 ----A---- C:\WINDOWS\system32\stobject.dll
2024-03-01 00:46:36 ----A---- C:\WINDOWS\system32\provcore.dll
2024-03-01 00:46:36 ----A---- C:\WINDOWS\system32\dsreg.dll
2024-03-01 00:46:36 ----A---- C:\WINDOWS\system32\drivers\WdiWiFi.sys
2024-03-01 00:46:36 ----A---- C:\WINDOWS\system32\drivers\nwifi.sys
2024-03-01 00:46:36 ----A---- C:\WINDOWS\system32\cellulardatacapabilityhandler.dll
2024-03-01 00:46:35 ----A---- C:\WINDOWS\system32\Windows.Internal.Signals.dll
2024-03-01 00:46:35 ----A---- C:\WINDOWS\system32\win32spl.dll
2024-03-01 00:46:35 ----A---- C:\WINDOWS\system32\SystemSettingsBroker.exe
2024-03-01 00:46:35 ----A---- C:\WINDOWS\system32\SystemSettings.DataModel.dll
2024-03-01 00:46:35 ----A---- C:\WINDOWS\system32\SyncSettings.dll
2024-03-01 00:46:35 ----A---- C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2024-03-01 00:46:35 ----A---- C:\WINDOWS\system32\SettingsHandlers_Storage.dll
2024-03-01 00:46:35 ----A---- C:\WINDOWS\system32\SettingsHandlers_OneCore_PowerAndSleep.dll
2024-03-01 00:46:35 ----A---- C:\WINDOWS\system32\PrinterCleanupTask.dll
2024-03-01 00:46:35 ----A---- C:\WINDOWS\system32\MDMAgent.exe
2024-03-01 00:46:35 ----A---- C:\WINDOWS\system32\localspl.dll
2024-03-01 00:46:35 ----A---- C:\WINDOWS\system32\LanguageOverlayServer.dll
2024-03-01 00:46:35 ----A---- C:\WINDOWS\system32\FlightSettings.dll
2024-03-01 00:46:35 ----A---- C:\WINDOWS\system32\FaxPrinterInstaller.dll
2024-03-01 00:46:34 ----A---- C:\WINDOWS\system32\RjvMDMConfig.dll
2024-03-01 00:46:33 ----A---- C:\WINDOWS\system32\drivers\vhdmp.sys
2024-03-01 00:46:33 ----A---- C:\WINDOWS\system32\drivers\storport.sys
2024-03-01 00:46:33 ----A---- C:\WINDOWS\system32\drivers\stornvme.sys
2024-03-01 00:46:33 ----A---- C:\WINDOWS\system32\drivers\pci.sys
2024-03-01 00:46:33 ----A---- C:\WINDOWS\system32\drivers\IPMIDrv.sys
2024-03-01 00:46:32 ----A---- C:\WINDOWS\system32\drivers\spaceport.sys
2024-03-01 00:46:32 ----A---- C:\WINDOWS\system32\drivers\spacedump.sys
2024-03-01 00:46:32 ----A---- C:\WINDOWS\system32\drivers\processr.sys
2024-03-01 00:46:32 ----A---- C:\WINDOWS\system32\drivers\monitor.sys
2024-03-01 00:46:32 ----A---- C:\WINDOWS\system32\drivers\intelppm.sys
2024-03-01 00:46:32 ----A---- C:\WINDOWS\system32\drivers\disk.sys
2024-03-01 00:46:32 ----A---- C:\WINDOWS\system32\drivers\amdppm.sys
2024-03-01 00:46:32 ----A---- C:\WINDOWS\system32\drivers\amdk8.sys
2024-03-01 00:46:32 ----A---- C:\WINDOWS\system32\drivers\acpi.sys
2024-03-01 00:46:30 ----A---- C:\WINDOWS\system32\UCPDMgr.exe
2024-03-01 00:46:30 ----A---- C:\WINDOWS\system32\drivers\xboxgip.sys
2024-03-01 00:46:30 ----A---- C:\WINDOWS\system32\drivers\UCPD.sys
2024-03-01 00:46:30 ----A---- C:\WINDOWS\system32\drivers\devauthe.sys
2024-03-01 00:46:30 ----A---- C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2024-03-01 00:46:30 ----A---- C:\WINDOWS\system32\CloudRestoreLauncher.dll
2024-03-01 00:46:30 ----A---- C:\WINDOWS\system32\AudioSes.dll
2024-03-01 00:46:30 ----A---- C:\WINDOWS\system32\AudioEndpointBuilder.dll
2024-03-01 00:46:29 ----A---- C:\WINDOWS\system32\wosc.dll
2024-03-01 00:46:29 ----A---- C:\WINDOWS\system32\Windows.Media.Devices.dll
2024-03-01 00:46:29 ----A---- C:\WINDOWS\system32\Windows.Management.Service.dll
2024-03-01 00:46:29 ----A---- C:\WINDOWS\system32\Windows.Management.ModernDeployment.ConfigProviders.dll
2024-03-01 00:46:29 ----A---- C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2024-03-01 00:46:29 ----A---- C:\WINDOWS\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
2024-03-01 00:46:29 ----A---- C:\WINDOWS\system32\Windows.Internal.System.UserProfile.dll
2024-03-01 00:46:29 ----A---- C:\WINDOWS\system32\TetheringMgr.dll
2024-03-01 00:46:29 ----A---- C:\WINDOWS\system32\TaskFlowDataEngine.dll
2024-03-01 00:46:29 ----A---- C:\WINDOWS\system32\SettingsHandlers_Backup.dll
2024-03-01 00:46:29 ----A---- C:\WINDOWS\system32\OneCoreCommonProxyStub.dll
2024-03-01 00:46:29 ----A---- C:\WINDOWS\system32\Microsoft.Bluetooth.UserService.dll
2024-03-01 00:46:29 ----A---- C:\WINDOWS\system32\Microsoft.Bluetooth.Audio.dll
2024-03-01 00:46:29 ----A---- C:\WINDOWS\system32\lpasvc.dll
2024-03-01 00:46:29 ----A---- C:\WINDOWS\system32\fcon.dll
2024-03-01 00:46:29 ----A---- C:\WINDOWS\system32\energyprov.dll
2024-03-01 00:46:29 ----A---- C:\WINDOWS\system32\eeprov.dll
2024-03-01 00:46:29 ----A---- C:\WINDOWS\system32\dsound.dll
2024-03-01 00:46:29 ----A---- C:\WINDOWS\system32\drivers\MbbCx.sys
2024-03-01 00:46:29 ----A---- C:\WINDOWS\system32\CompPkgSup.dll
2024-03-01 00:46:29 ----A---- C:\WINDOWS\system32\CompPkgSrv.exe
2024-03-01 00:46:29 ----A---- C:\WINDOWS\system32\autopilotdiag.dll
2024-03-01 00:46:29 ----A---- C:\WINDOWS\system32\autopilot.dll
2024-03-01 00:46:29 ----A---- C:\WINDOWS\system32\audiosrv.dll
2024-03-01 00:46:29 ----A---- C:\WINDOWS\system32\AudioEng.dll
2024-03-01 00:46:29 ----A---- C:\WINDOWS\system32\AppListBackupLauncher.dll
2024-03-01 00:46:29 ----A---- C:\WINDOWS\system32\ApplicationTargetedFeatureDatabase.dll
2024-03-01 00:46:14 ----A---- C:\WINDOWS\system32\tellib.dll
2024-03-01 00:46:14 ----A---- C:\WINDOWS\system32\ClipRenew.exe
2024-02-29 13:43:19 ----D---- C:\Users\Stoupa\AppData\Roaming\Zoom

======List of files/folders modified in the last 1 month======

2024-03-19 19:01:41 ----D---- C:\WINDOWS\Temp
2024-03-19 19:01:39 ----RD---- C:\Program Files
2024-03-19 19:01:15 ----D---- C:\tmp
2024-03-19 19:00:37 ----D---- C:\Download
2024-03-19 18:58:21 ----D---- C:\WINDOWS\system32\Recovery
2024-03-19 18:57:00 ----D---- C:\WINDOWS\system32\sru
2024-03-19 18:56:51 ----D---- C:\WINDOWS\System32
2024-03-19 18:56:51 ----D---- C:\WINDOWS\INF
2024-03-19 18:56:51 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2024-03-19 18:55:49 ----D---- C:\Users\Stoupa\AppData\Roaming\Nextcloud
2024-03-19 18:54:58 ----D---- C:\WINDOWS\AppReadiness
2024-03-19 18:54:10 ----D---- C:\WINDOWS\SystemTemp
2024-03-19 18:54:10 ----D---- C:\Program Files (x86)\Google
2024-03-19 18:53:42 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2024-03-19 18:52:31 ----D---- C:\WINDOWS\Prefetch
2024-03-19 18:51:59 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2024-03-19 18:51:54 ----D---- C:\Program Files\TeamViewer
2024-03-19 18:51:51 ----A---- C:\WINDOWS\system32\CVFirmwareUpgradeLog.txt
2024-03-19 18:51:45 ----D---- C:\WINDOWS\ServiceState
2024-03-19 18:51:45 ----D---- C:\Intel
2024-03-19 18:51:39 ----ASH---- C:\DumpStack.log.tmp
2024-03-19 18:51:30 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2024-03-19 18:47:57 ----HD---- C:\Program Files\WindowsApps
2024-03-19 18:42:02 ----RD---- C:\WINDOWS\PrintDialog
2024-03-19 18:37:38 ----D---- C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2024-03-19 17:58:58 ----D---- C:\WINDOWS\system32\Tasks
2024-03-19 17:58:45 ----SHD---- C:\$Recycle.Bin
2024-03-19 17:57:13 ----RD---- C:\Users
2024-03-19 17:56:10 ----D---- C:\ProgramData\Packages
2024-03-19 17:47:54 ----D---- C:\WINDOWS\system32\catroot2
2024-03-19 17:45:34 ----D---- C:\WINDOWS\system32\config
2024-03-19 17:24:30 ----SHD---- C:\System Volume Information
2024-03-19 16:51:22 ----D---- C:\Users\Stoupa\AppData\Roaming\arduino-ide
2024-03-19 16:51:16 ----D---- C:\Users\Stoupa\AppData\Roaming\Arduino IDE
2024-03-19 16:42:36 ----D---- C:\WINDOWS\WinSxS
2024-03-19 16:39:20 ----D---- C:\WINDOWS\CbsTemp
2024-03-19 16:17:42 ----D---- C:\WINDOWS\system32\SleepStudy
2024-03-19 15:37:29 ----D---- C:\WINDOWS\system32\drivers
2024-03-19 15:25:54 ----D---- C:\WINDOWS\system32\DriverStore
2024-03-19 14:58:54 ----D---- C:\Users\Stoupa\AppData\Roaming\FortiClient
2024-03-19 10:06:28 ----D---- C:\Users\Stoupa\AppData\Roaming\Code
2024-03-19 09:47:16 ----D---- C:\WINDOWS\Logs
2024-03-19 09:46:25 ----D---- C:\Users\Stoupa\AppData\Roaming\Docker Desktop
2024-03-18 19:41:32 ----D---- C:\WINDOWS\LiveKernelReports
2024-03-18 16:50:46 ----RD---- C:\WINDOWS\Microsoft.NET
2024-03-18 15:05:01 ----D---- C:\ProgramData\DockerDesktop
2024-03-18 15:04:56 ----D---- C:\Users\Stoupa\AppData\Roaming\Docker
2024-03-18 13:56:43 ----D---- C:\Users\Stoupa\AppData\Roaming\Telegram Desktop
2024-03-14 08:55:46 ----D---- C:\ProgramData\USOPrivate
2024-03-14 03:45:43 ----SD---- C:\WINDOWS\system32\lxss
2024-03-14 03:45:43 ----SD---- C:\WINDOWS\system32\en-US
2024-03-14 03:45:43 ----SD---- C:\WINDOWS\system32\cs-CZ
2024-03-14 03:45:43 ----D---- C:\WINDOWS\SYSWOW64\Dism
2024-03-14 03:45:43 ----D---- C:\WINDOWS\SysWOW64
2024-03-14 03:45:43 ----D---- C:\WINDOWS\SystemResources
2024-03-14 03:45:43 ----D---- C:\WINDOWS\system32\Microsoft-Edge-WebView
2024-03-14 03:45:43 ----D---- C:\WINDOWS\system32\Boot
2024-03-14 03:45:42 ----D---- C:\WINDOWS\servicing
2024-03-14 03:45:42 ----D---- C:\WINDOWS\bcastdvr
2024-03-14 03:45:42 ----D---- C:\Windows
2024-03-14 03:45:42 ----D---- C:\Program Files\Windows Defender Advanced Threat Protection
2024-03-14 03:45:42 ----D---- C:\Program Files\Hyper-V
2024-03-14 00:53:24 ----SHD---- C:\WINDOWS\Installer
2024-03-13 21:30:47 ----D---- C:\ProgramData\Package Cache
2024-03-13 21:30:37 ----D---- C:\Program Files\dotnet
2024-03-13 21:27:37 ----D---- C:\WINDOWS\system32\MRT
2024-03-13 21:27:33 ----AC---- C:\WINDOWS\system32\MRT.exe
2024-03-13 21:25:00 ----A---- C:\WINDOWS\SYSWOW64\PrintConfig.dll
2024-03-12 14:05:42 ----D---- C:\WINDOWS\Minidump
2024-03-12 09:13:18 ----D---- C:\Prenos
2024-03-12 09:11:53 ----D---- C:\WINDOWS\system32\NDF
2024-03-11 20:31:27 ----D---- C:\Users\Stoupa\AppData\Roaming\Postman
2024-03-10 12:22:43 ----D---- C:\WINDOWS\SoftwareDistribution
2024-03-09 03:04:24 ----D---- C:\WINDOWS\apppatch
2024-03-08 09:59:46 ----D---- C:\Users\Stoupa\AppData\Roaming\vlc
2024-03-08 09:59:05 ----D---- C:\Users\Stoupa\AppData\Roaming\obs-studio
2024-03-08 08:59:30 ----D---- C:\Program Files\HPPrintScanDoctor
2024-03-01 01:16:28 ----D---- C:\WINDOWS\system32\CatRoot
2024-03-01 01:16:07 ----SD---- C:\WINDOWS\SYSWOW64\lxss
2024-03-01 01:16:07 ----D---- C:\WINDOWS\SYSWOW64\migration
2024-03-01 01:16:07 ----D---- C:\WINDOWS\SYSWOW64\en-US
2024-03-01 01:16:07 ----D---- C:\WINDOWS\SYSWOW64\cs-CZ
2024-03-01 01:16:06 ----D---- C:\WINDOWS\system32\wbem
2024-03-01 01:16:06 ----D---- C:\WINDOWS\system32\oobe
2024-03-01 01:16:06 ----D---- C:\WINDOWS\system32\migration
2024-03-01 01:16:06 ----D---- C:\WINDOWS\system32\drivers\UMDF
2024-03-01 01:16:06 ----D---- C:\WINDOWS\system32\drivers\en-US
2024-03-01 01:16:06 ----D---- C:\WINDOWS\system32\drivers\cs-CZ
2024-03-01 01:16:06 ----D---- C:\WINDOWS\system32\appraiser
2024-03-01 01:16:05 ----D---- C:\WINDOWS\ShellExperiences
2024-03-01 01:16:05 ----D---- C:\WINDOWS\ShellComponents
2024-03-01 01:16:05 ----D---- C:\WINDOWS\en-US
2024-03-01 01:16:05 ----D---- C:\WINDOWS\cs-CZ

[stoupa101]

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 amdkmpfd;@oem45.inf,%AMDKMPFD_svcdesc%;AMD PCI Root Bus Lower Filter; C:\WINDOWS\System32\drivers\amdkmpfd.sys [2021-09-09 116064]
R0 fse;Flow steering engine; C:\WINDOWS\system32\drivers\fse.sys [2023-10-29 218592]
R0 iaStorAC;@oem18.inf,%iaStorAC.ServiceName%;Intel(R) Chipset SATA/PCIe RST Premium Controller; C:\WINDOWS\System32\drivers\iaStorAC.sys [2021-02-09 1347464]
R0 IntelPMT;@intelpmt.inf,%IntelPMT.SVCDESC%;Intel(R) Platform Monitoring Technology Service; C:\WINDOWS\System32\drivers\IntelPMT.sys [2023-10-29 91784]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\WINDOWS\system32\drivers\iorate.sys [2022-05-07 87392]
R0 lxss;@%SystemRoot%\system32\drivers\lxss.sys,-100; C:\WINDOWS\system32\drivers\lxss.sys [2022-05-07 50536]
R0 MsSecCore;@%SystemRoot%\System32\Drivers\msseccore.sys,-1001; C:\WINDOWS\system32\drivers\msseccore.sys [2024-03-13 71136]
R1 afunix;afunix; C:\WINDOWS\system32\drivers\afunix.sys [2022-05-07 81920]
R1 bam;@%SystemRoot%\system32\drivers\bam.sys,-100; C:\WINDOWS\system32\drivers\bam.sys [2022-05-07 116056]
R1 CimFS;CimFS; C:\WINDOWS\system32\drivers\CimFS.sys [2024-03-13 177632]
R1 eamonm;eamonm; C:\WINDOWS\system32\DRIVERS\eamonm.sys [2023-12-10 215616]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2023-12-10 254344]
R1 epfw;@oem128.inf,%ServiceName%;epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [2023-12-10 81824]
R1 epfwwfp;epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [2023-12-10 124168]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2022-05-07 90112]
R1 FortiFilter;@oem90.inf,%FtNdisLwfService_Desc%;FortiClient NDIS 6.3 Packet Filter Service; C:\WINDOWS\system32\DRIVERS\FortiFilter.sys [2023-06-11 35400]
R1 hvsocketcontrol;hvsocketcontrol; C:\WINDOWS\system32\drivers\hvsocketcontrol.sys [2023-10-29 66928]
R2 bfs;@%systemroot%\system32\drivers\bfs.sys,-100; C:\WINDOWS\system32\drivers\bfs.sys [2023-10-29 91520]
R2 bindflt;@%systemroot%\system32\drivers\bindflt.sys,-100; C:\WINDOWS\system32\drivers\bindflt.sys [2023-10-29 173544]
R2 CldFlt;Windows Cloud Files Filter Driver; C:\WINDOWS\system32\drivers\cldflt.sys [2024-03-13 569344]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2023-10-29 90112]
R2 MQAC;@mqutil.dll,-6101; C:\WINDOWS\system32\drivers\mqac.sys [2024-02-14 212992]
R3 amdfendr;@oem111.inf,%AMDFENDR_svcdesc%;AMD Crash Defender Driver; C:\WINDOWS\system32\DRIVERS\amdfendr.sys [2021-07-12 128912]
R3 amdwddmg;amdwddmg; C:\WINDOWS\System32\DriverStore\FileRepository\u0371565.inf_amd64_03ccff02bc787376\B369435\amdkmdag.sys [2021-09-09 83117896]
R3 ApHidfiltrService;@oem97.inf,%HidFilter.SvcDesc%;Alps I2C HID Device Filter Driver; C:\WINDOWS\System32\drivers\ApHidfiltrSW.sys [2019-06-18 360848]
R3 AtiHDAudioService;@oem76.inf,%ATIHdAudioDriver.SvcDesc%;AMD Function Driver for HD Audio Service; C:\WINDOWS\system32\drivers\AtihdWT6.sys [2020-06-09 107936]
R3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\WINDOWS\System32\drivers\BthEnum.sys [2024-03-13 143360]
R3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [2023-10-29 143360]
R3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2023-10-29 159744]
R3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\System32\drivers\BTHport.sys [2024-03-13 2101248]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\drivers\BTHUSB.sys [2024-03-13 139264]
R3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2022-05-07 90112]
R3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\WINDOWS\System32\drivers\CAD.sys [2022-05-07 99672]
R3 cvusbdrv;@oem10.inf,%cvusbdrv.SvcDesc%;Dell ControlVault; C:\WINDOWS\System32\Drivers\cvusbdrv.sys [2023-07-05 67304]
R3 dcdbas;@oem57.inf,%dcdbas.SVCDESC%;System Management Driver; C:\WINDOWS\System32\drivers\dcdbas64.sys [2021-07-08 48464]
R3 DellInstrumentation;@oem28.inf,%DellInstrumentation.SVCDESC%;DellInstrumentation Service; C:\WINDOWS\System32\drivers\DellInstrumentation.sys [2023-08-29 46640]
R3 dptf_acpi;dptf_acpi; C:\WINDOWS\System32\DriverStore\FileRepository\dptf_acpi.inf_amd64_3e57360bec7af08c\dptf_acpi.sys [2022-04-15 82088]
R3 dptf_cpu;dptf_cpu; C:\WINDOWS\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_c2c5b0e17a28a48f\dptf_cpu.sys [2022-04-15 77992]
R3 e1dexpress;@oem7.inf,%e1dExpress.Service.DispName%;Intel(R) PRO/1000 PCI Express Network Connection Driver D; C:\WINDOWS\System32\DriverStore\FileRepository\e1d68x64.inf_amd64_77f27cab0778c241\e1d68x64.sys [2020-11-25 609544]
R3 esif_lf;esif_lf; C:\WINDOWS\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_c2c5b0e17a28a48f\esif_lf.sys [2022-04-15 427176]
R3 ft_vnic;@oem82.inf,%FTNT.Service.DispName%;Fortinet Virtual Miniport (NDIS 6.30); C:\WINDOWS\System32\drivers\ftvnic.sys [2023-06-11 70368]
R3 HidEventFilter;@oem71.inf,%HidEventFilter%;Intel(R) HID Event Filter; C:\WINDOWS\System32\DriverStore\FileRepository\hideventfilter.inf_amd64_1ed78f101bc29129\HidEventFilter.sys [2020-08-24 84104]
R3 hvservice;@hvservice.inf,%hvservice.SvcDesc%;Microsoft Hypervisor Service Driver; C:\WINDOWS\System32\drivers\hvservice.sys [2023-10-29 91624]
R3 iaLPSS2_GPIO2_CNL;@oem95.inf,%iaLPSS2_GPIO2_CNL.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_gpio2_cnl.inf_amd64_d920c2a844f26eba\iaLPSS2_GPIO2_CNL.sys [2020-05-14 128776]
R3 iaLPSS2_I2C_CNL;@oem84.inf,%iaLPSS2_I2C_CNL.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_i2c_cnl.inf_amd64_666eecf21665eb26\iaLPSS2_I2C_CNL.sys [2020-05-14 196360]
R3 ibtusb;@oem129.inf,%ibtusb.SVCDESC_IBT%;Intel(R) Wireless Bluetooth(R); C:\WINDOWS\System32\DriverStore\FileRepository\ibtusb.inf_amd64_c46ef1b5635c7b36\ibtusb.sys [2023-08-03 1544256]
R3 igfx;igfx; C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_d0b39b11619fd0c4\igdkmd64.sys [2022-02-18 40030272]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2021-08-26 6510656]
R3 IntcDAud;@oem51.inf,%IntcAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\System32\DriverStore\FileRepository\intcdaud.inf_amd64_658abcf72ee536fa\IntcDAud.sys [2022-02-01 343200]
R3 MEIx64;@oem121.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\DriverStore\FileRepository\heci.inf_amd64_f44b025d83c4bf24\x64\TeeDriverW10x64.sys [2023-09-14 321128]
R3 MsQuic;@%SystemRoot%\system32\drivers\msquic.sys,-200; C:\WINDOWS\system32\drivers\msquic.sys [2024-03-13 420224]
R3 Netwtw10;___ Ovladač adaptéru Intel(R) Wireless pro systém Windows 10 64 Bit; C:\WINDOWS\System32\drivers\Netwtw10.sys [2023-08-15 5182784]
R3 nhi;@oem8.inf,%TbtBusDrv_SVCDESC%;Thunderbolt(TM) Controller; C:\WINDOWS\System32\drivers\TbtBusDrv.sys [2023-08-08 3237720]
R3 P9Rdr;@%SystemRoot%\System32\drivers\p9rdr.sys,-100; C:\WINDOWS\System32\drivers\p9rdr.sys [2024-01-10 148856]
S0 AppleSSD;@AppleSSD.inf,%DevDesc1%;Apple Solid State Drive Device; C:\WINDOWS\System32\drivers\AppleSSD.sys [2022-05-07 113496]
S0 bttflt;@virtdisk.inf,%service_desc%;Microsoft Hyper-V VHDPMEM BTT Filter; C:\WINDOWS\System32\drivers\bttflt.sys [2022-05-07 79184]
S0 ebdrv0;@netevbd0a.inf,%vbd_srv_desc%;QLogic Legacy Ethernet Adapter VBD; C:\WINDOWS\System32\drivers\evbd0a.sys [2022-05-07 3424104]
S0 eelam;eelam; C:\WINDOWS\system32\DRIVERS\eelam.sys [2022-08-23 16336]
S0 GenPass;@genpass.inf,%GenPass.SVCDESC%;Microsoft GenPass Driver; C:\WINDOWS\System32\DriverStore\FileRepository\genpass.inf_amd64_bef88a423225ecdc\genpass.sys [2022-05-07 62800]
S0 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2022-05-07 320880]
S0 iaStorAVC;@iastorav.inf,%iaStorAVC.DeviceDesc%;Intel Chipset SATA RAID Controller; C:\WINDOWS\System32\drivers\iaStorAVC.sys [2022-05-07 885584]
S0 ItSas35i;ItSas35i; C:\WINDOWS\System32\drivers\ItSas35i.sys [2022-05-07 187224]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2022-05-07 125280]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2022-05-07 138600]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2022-05-07 81752]
S0 megasas35i;megasas35i; C:\WINDOWS\System32\drivers\megasas35i.sys [2022-05-07 101224]
S0 mpi3drvi;mpi3drvi; C:\WINDOWS\System32\drivers\mpi3drvi.sys [2022-05-07 90472]
S0 nvdimm;@nvdimm.inf,%nvdimm.SvcDesc%;Microsoft NVDIMM device driver; C:\WINDOWS\System32\drivers\nvdimm.sys [2022-05-07 206160]
S0 nvmedisk;@nvmedisk.inf,%nvmedisk.SvcDesc%;Microsoft NVMe disk driver; C:\WINDOWS\System32\drivers\nvmedisk.sys [2022-05-07 91496]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2022-05-07 59752]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2022-05-07 69464]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2023-10-29 57344]
S3 Acx01000;@%SystemRoot%\system32\drivers\Acx01000.sys,-1000; C:\WINDOWS\system32\drivers\Acx01000.sys [2023-10-29 733184]
S3 amdgpio2;@amdgpio2.inf,%GPIO.SvcDesc%;AMD GPIO Client Driver; C:\WINDOWS\System32\drivers\amdgpio2.sys [2022-05-07 18432]
S3 amdi2c;@amdi2c.inf,%amdi2c.SVCDESC%;AMD I2C Controller Service; C:\WINDOWS\System32\drivers\amdi2c.sys [2022-05-07 45568]
S3 AppleLowerFilter;@oem67.inf,%AppleLowerFilterDisplayName%;Apple Lower Filter Driver; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [2020-10-09 35976]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2024-02-14 49152]
S3 AppvStrm;@%systemroot%\system32\drivers\AppvStrm.sys,-101; C:\WINDOWS\system32\drivers\AppvStrm.sys [2023-10-29 173440]
S3 AppvVemgr;@%systemroot%\system32\drivers\AppvVemgr.sys,-101; C:\WINDOWS\system32\drivers\AppvVemgr.sys [2023-10-29 206304]
S3 AppvVfs;@%systemroot%\system32\drivers\AppvVfs.sys,-101; C:\WINDOWS\system32\drivers\AppvVfs.sys [2023-10-29 189928]
S3 bcmnfcusb;NFC USB Bus Driver; C:\WINDOWS\System32\drivers\bcmnfcusb.sys [2019-06-18 49504]
S3 BthA2dp;@microsoft_bluetooth_a2dp.inf,%BthA2dp.ServiceDescription%;Microsoft Bluetooth A2dp driver; C:\WINDOWS\System32\drivers\BthA2dp.sys [2023-12-14 544768]
S3 BthMini;@bth.inf,%BTHMINI.SvcDesc%;Bluetooth Radio Driver; C:\WINDOWS\System32\drivers\BTHMINI.sys [2024-03-13 86016]
S3 ExecutionContext;@%SystemRoot%\System32\Drivers\ExecutionContext.sys,-101; C:\WINDOWS\System32\Drivers\ExecutionContext.sys [2023-10-29 75136]
S3 Fortips;Fortips; C:\WINDOWS\system32\drivers\fortips.sys [2023-06-11 165048]
S3 FortiTransCtrl;FortiTransCtrl; C:\WINDOWS\system32\drivers\FortiTransCtrl.sys [2023-06-11 96432]
S3 ftsvnic;@oem87.inf,%VER_ADAPTER_STR%;Fortinet SSL VPN Virtual Ethernet Adapter; C:\WINDOWS\System32\drivers\ftsvnic.sys [2023-06-11 75888]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\DriverStore\FileRepository\genericusbfn.inf_amd64_cea150c98a1ca844\genericusbfn.sys [2022-05-07 61440]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2022-05-07 91472]
S3 hidspi;@hidspi_km.inf,%hidspi.SVCDESC%;Microsoft SPI HID Miniport Driver; C:\WINDOWS\System32\drivers\hidspi.sys [2023-10-29 139264]
S3 HidSpiCx;HidSpi KMDF Class Extension; C:\WINDOWS\system32\drivers\HidSpiCx.sys [2023-10-29 126976]
S3 hnswfpdriver;@%SystemRoot%\System32\drivers\hnswfpdriver.sys,-5000; C:\WINDOWS\System32\drivers\hnswfpdriver.sys [2022-05-07 58704]
S3 Hsp;@hsp.inf,%Hsp.SVCDESC%;Microsoft Pluton Service; C:\WINDOWS\System32\drivers\Hsp.sys [2022-05-07 124264]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver; C:\WINDOWS\System32\Drivers\mshwnclx.sys [2022-05-07 61440]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2022-05-07 1854832]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2022-05-07 36352]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2022-05-07 91136]
S3 iaLPSS2_GPIO2;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2_GPIO2.sys [2018-10-16 131744]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2022-05-07 79360]
S3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2022-05-07 93184]
S3 iaLPSS2i_GPIO2_CNL;@iaLPSS2i_GPIO2_CNL.inf,%iaLPSS2i_GPIO2_CNL.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_CNL.sys [2022-05-07 112128]
S3 iaLPSS2i_GPIO2_GLK;@iaLPSS2i_GPIO2_GLK.inf,%iaLPSS2i_GPIO2_GLK.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_GLK.sys [2022-05-07 96256]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2022-05-07 171520]
S3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2022-05-07 175104]
S3 iaLPSS2i_I2C_CNL;@iaLPSS2i_I2C_CNL.inf,%iaLPSS2i_I2C_CNL.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_CNL.sys [2022-05-07 177152]
S3 iaLPSS2i_I2C_GLK;@iaLPSS2i_I2C_GLK.inf,%iaLPSS2i_I2C_GLK.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_GLK.sys [2022-05-07 177664]
S3 iaStorAfs;@oem18.inf,%iaStorAfs.ServiceName%;iaStorAfs; C:\WINDOWS\System32\drivers\iaStorAfs.sys [2021-02-09 73072]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2022-05-07 559976]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2024-03-01 86016]
S3 intelpmax;@intelpmax.inf,%SvcDesc%;Intel(R) Dynamic Device Peak Power Manager Driver; C:\WINDOWS\System32\drivers\intelpmax.sys [2022-05-07 65536]
S3 IPT;IPT; C:\WINDOWS\System32\drivers\ipt.sys [2024-01-10 99808]
S3 l2bridge;@%SystemRoot%\System32\drivers\l2bridge.sys,-5000; C:\WINDOWS\System32\drivers\l2bridge.sys [2023-10-29 87520]
S3 lunparser;@%systemroot%\system32\drivers\lunparser.sys,-10010; C:\WINDOWS\system32\drivers\lunparser.sys [2022-05-07 71024]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\WINDOWS\System32\drivers\mausbhost.sys [2022-05-07 566632]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\WINDOWS\System32\drivers\mausbip.sys [2022-05-07 99664]
S3 MbbCx;MBB Network Adapter Class Extension; C:\WINDOWS\system32\drivers\MbbCx.sys [2024-03-01 454656]
S3 Microsoft_Bluetooth_AvrcpTransport;@microsoft_bluetooth_avrcptransport.inf,%Microsoft_Bluetooth_AvrcpTransport.ServiceDescription%;Microsoft Bluetooth Avrcp Transport Driver; C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.AvrcpTransport.sys [2023-10-29 98304]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2022-05-07 1132392]
S3 MsSecFlt;@%SystemRoot%\System32\Drivers\mssecflt.sys,-1001; C:\WINDOWS\system32\drivers\mssecflt.sys [2024-03-13 411104]
S3 MsSecWfp;@%SystemRoot%\System32\Drivers\mssecwfp.sys,-1001; C:\WINDOWS\system32\drivers\mssecwfp.sys [2024-03-13 71032]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2022-05-07 147304]
S3 NDKPerf;NDKPerf Driver; C:\WINDOWS\system32\drivers\NDKPerf.sys [2022-05-07 83288]
S3 NDKPing;NDKPing Driver; C:\WINDOWS\system32\drivers\NDKPing.sys [2022-05-07 107872]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2024-03-01 394720]
S3 passthruparser;@%systemroot%\system32\drivers\passthruparser.sys,-10010; C:\WINDOWS\system32\drivers\passthruparser.sys [2022-05-07 75104]
S3 pcip;@wpcip.inf,%pcip.SVCDESC%;PCI Proxy driver; C:\WINDOWS\System32\drivers\pcip.sys [2022-05-07 111976]
S4 hvcrash;hvcrash; C:\WINDOWS\System32\drivers\hvcrash.sys [2022-05-07 75112]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD Crash Defender Service;AMD Crash Defender Service; C:\WINDOWS\system32\amdfendrsr.exe [2021-07-12 534944]
R2 AMD External Events Utility;AMD External Events Utility; C:\WINDOWS\System32\DriverStore\FileRepository\u0371565.inf_amd64_03ccff02bc787376\B369435\atiesrxx.exe [2021-09-09 536888]
R2 ApHidMonitorService;@oem97.inf,%HidMonitor.SvcDisp%;Alps HID Monitor Service; C:\WINDOWS\system32\DellTPad\HidMonitorSvc.exe [2019-06-18 863632]
R2 cbdhsvc_3866c;cbdhsvc_3866c; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
R2 CDPUserSvc_3866c;CDPUserSvc_3866c; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
R2 cplspcon;Intel(R) Content Protection HDCP Service; C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_d0b39b11619fd0c4\IntelCpHDCPSvc.exe [2022-02-18 346184]
R2 DDVCollectorSvcApi;Dell Data Vault Service API; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [2023-07-06 458960]
R2 DDVDataCollector;Dell Data Vault Collector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [2023-07-06 161488]
R2 DDVRulesProcessor;Dell Data Vault Processor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [2023-07-06 484560]
R2 Dell SupportAssist Remediation;Dell SupportAssist Remediation; C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe [2023-12-13 22224]
R2 DellClientManagementService;Dell Client Management Service; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [2023-10-26 49880]
R2 DellDigitalDelivery;Dell Digital Delivery Service; C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe [2020-02-11 216104]
R2 DellFFDPWmiService;@oem85.inf,%ST_Accel.WMISVCDisplayName%;Dell Free Fall Data Protection WMI Service; C:\WINDOWS\System32\drivers\DellFFDPWmiService.exe [2020-02-17 32528]
R2 DellTechHub;Dell TechHub; C:\Program Files\Dell\TechHub\Dell.TechHub.exe [2022-12-09 156064]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2022-05-07 79920]
R2 DispBrokerDesktopSvc;@%SystemRoot%\system32\dispbroker.desktop.dll,-101; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
R2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2022-05-07 79920]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; C:\WINDOWS\System32\svchost.exe [2022-05-07 79920]
R2 efwd;ESET Forwarder; C:\Program Files\ESET\ESET Security\efwd.exe [2024-01-24 2539384]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Security\ekrn.exe [2024-01-24 3890064]
R2 esifsvc;@oem30.inf,%ServiceDisplayName%;Intel(R) Dynamic Platform and Thermal Framework service; C:\WINDOWS\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_c2c5b0e17a28a48f\esif_uf.exe [2022-04-15 2284200]
R2 FA_Scheduler;FortiClient VPN Service Scheduler; C:\Program Files\Fortinet\FortiClient\scheduler.exe [2023-06-11 454232]
R2 hostcontrolsvc;@oem10.inf,%hostcontrolsvc.SvcDispName%;Credential Vault Host Control Service; C:\WINDOWS\System32\bcmHostControlService.exe [2023-07-05 830696]
R2 hoststoragesvc;@oem10.inf,%hoststoragesvc.SvcDispName%;Credential Vault Host Storage; C:\WINDOWS\System32\bcmHostStorageService.exe [2023-07-05 167144]
R2 HPPrintScanDoctorService;HP Print Scan Doctor Service; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [2024-03-08 234968]
R2 igccservice;Intel(R) Graphics Command Center Service; C:\WINDOWS\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_141eb88527011137\OneApp.IGCC.WinService.exe [2022-02-18 89160]
R2 igfxCUIService2.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\System32\DriverStore\FileRepository\cui_dch.inf_amd64_e6d6f5a306002a89\igfxCUIService.exe [2022-02-18 401480]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\WINDOWS\System32\DriverStore\FileRepository\dal.inf_amd64_64d7fcfcde9b9c10\jhi_service.exe [2023-01-24 630408]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\WINDOWS\System32\DriverStore\FileRepository\lms.inf_amd64_981d034327bfbdcc\LMS.exe [2023-01-04 4590080]
R2 OneSyncSvc_3866c;OneSyncSvc_3866c; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
R3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
R3 BluetoothUserService_3866c;BluetoothUserService_3866c; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
R3 BTAGService;@%SystemRoot%\system32\BTAGService.dll,-101; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
R3 BthAvctpSvc;@%SystemRoot%\system32\BthAvctpSvc.dll,-101; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
R3 camsvc;@%SystemRoot%\system32\CapabilityAccessManager.dll,-1; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
R3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2022-05-07 79920]
R3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_d0b39b11619fd0c4\IntelCpHeciSvc.exe [2022-02-18 522312]
R3 DevicesFlowUserSvc_3866c;DevicesFlowUserSvc_3866c; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
R3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
R3 DisplayEnhancementService;@%SystemRoot%\System32\Microsoft.Graphics.Display.DisplayEnhancementService.dll,-1000; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
R3 ekrnEpfw;ESET Firewall Helper; C:\Program Files\ESET\ESET Security\ekrn.exe [2024-01-24 3890064]
R3 hns;@%systemroot%\system32\HostNetSvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
R3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
R3 InstallService;@%SystemRoot%\system32\InstallService.dll,-200; C:\WINDOWS\System32\svchost.exe [2022-05-07 79920]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2022-05-07 79920]
R3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
R3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
R3 NPSMSvc_3866c;NPSMSvc_3866c; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
R3 nvagent;@%systemroot%\system32\NvAgent.dll,-100; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
S2 cbdhsvc;@%SystemRoot%\system32\cbdhsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
S2 edgeupdate;Microsoft Edge Update Service (edgeupdate); C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [2021-08-05 214952]
S2 gupdate;Služba Aktualizace Google (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2022-04-29 168632]
S2 Intel(R) TPM Provisioning Service;@oem123.inf,%TPMProvisioningServiceName%;Intel(R) TPM Provisioning Service; C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_367008a610747d24\lib\TPMProvisioningService.exe [2022-12-20 769528]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2022-05-07 79920]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
S3 AarSvc;@%SystemRoot%\system32\AarSvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
S3 AarSvc_3866c;AarSvc_3866c; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
S3 AssignedAccessManagerSvc;@%SystemRoot%\system32\assignedaccessmanagersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
S3 autotimesvc;@%SystemRoot%\System32\autotimesvc.dll,-6; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
S3 BcastDVRUserService;@%SystemRoot%\system32\BcastDVRUserService.dll,-100; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
S3 BcastDVRUserService_3866c;BcastDVRUserService_3866c; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
S3 BluetoothUserService;@%SystemRoot%\system32\Microsoft.Bluetooth.UserService.dll,-101; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
S3 CaptureService;@%SystemRoot%\system32\CaptureService.dll,-100; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
S3 CaptureService_3866c;CaptureService_3866c; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
S3 CloudBackupRestoreSvc;@%SystemRoot%\system32\CloudRestoreLauncher.dll,-100; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
S3 CloudBackupRestoreSvc_3866c;CloudBackupRestoreSvc_3866c; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
S3 cloudidsvc;@%SystemRoot%\system32\cloudidsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
S3 com.docker.service;Docker Desktop Service; C:\Program Files\Docker\Docker\com.docker.service [2024-02-12 20072]
S3 ConsentUxUserSvc;@%SystemRoot%\system32\ConsentUxClient.dll,-100; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
S3 ConsentUxUserSvc_3866c;ConsentUxUserSvc_3866c; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
S3 CredentialEnrollmentManagerUserSvc;@%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100; C:\WINDOWS\system32\CredentialEnrollmentManager.exe [2024-03-01 422896]
S3 CredentialEnrollmentManagerUserSvc_3866c;CredentialEnrollmentManagerUserSvc_3866c; C:\WINDOWS\system32\CredentialEnrollmentManager.exe [2024-03-01 422896]
S3 dcsvc;@%systemroot%\system32\dcsvc.dll,-101; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
S3 DeviceAssociationBrokerSvc;@%SystemRoot%\system32\deviceaccess.dll,-107; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
S3 DeviceAssociationBrokerSvc_3866c;DeviceAssociationBrokerSvc_3866c; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
S3 DevicePickerUserSvc;@%SystemRoot%\system32\Windows.Devices.Picker.dll,-1006; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
S3 DevicePickerUserSvc_3866c;DevicePickerUserSvc_3866c; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2024-01-10 114688]
S3 diagsvc;@%systemroot%\system32\DiagSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2022-05-07 79920]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2022-05-07 79920]
S3 edgeupdatem;Microsoft Edge Update Service (edgeupdatem); C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [2021-08-05 214952]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\WINDOWS\System32\svchost.exe [2022-05-07 79920]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2022-05-07 79920]
S3 FrameServerMonitor;@%systemroot%\system32\FrameServerMonitor.dll,-100; C:\WINDOWS\System32\svchost.exe [2022-05-07 79920]
S3 GameInputSvc;@%systemroot%\system32\GameInputSvc.exe,-101; C:\WINDOWS\System32\GameInputSvc.exe [2024-03-01 75376]
S3 GoogleChromeElevationService;Google Chrome Elevation Service (GoogleChromeElevationService); C:\Program Files\Google\Chrome\Application\122.0.6261.129\elevation_service.exe [2024-03-12 1677600]
S3 GraphicsPerfSvc;@%SystemRoot%\system32\GraphicsPerfSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2022-05-07 79920]
S3 gupdatem;Služba Aktualizace Google (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2022-04-29 168632]
S3 HgClientService;@%SystemRoot%\System32\hgclientservice.dll,-100; C:\WINDOWS\System32\svchost.exe [2022-05-07 79920]
S3 iaStorAfsService;@oem18.inf,%iaStorAfsService.ServiceName%;Intel(R) Optane(TM) Memory Service; C:\WINDOWS\System32\iaStorAfsService.exe [2021-02-09 2927496]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
S3 Intel(R) Capability Licensing Service TCP IP Interface;@oem123.inf,%SocketHECIServiceName%;Intel(R) Capability Licensing Service TCP IP Interface; C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_367008a610747d24\lib\SocketHeciServer.exe [2022-12-20 803320]
S3 InventorySvc;@%SystemRoot%\system32\inventorysvc.dll,-501; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; C:\WINDOWS\System32\svchost.exe [2022-05-07 79920]
S3 LxpSvc;@%SystemRoot%\system32\LanguageOverlayServer.dll,-100; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
S3 LxssManager;@%systemroot%\system32\lxss\LxssManager.dll,-100; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
S3 McpManagementService;@%SystemRoot%\system32\McpManagementService.dll,-100; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
S3 MessagingService_3866c;MessagingService_3866c; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
S3 MicrosoftEdgeElevationService;Microsoft Edge Elevation Service (MicrosoftEdgeElevationService); C:\Program Files (x86)\Microsoft\Edge\Application\122.0.2365.92\elevation_service.exe [2024-03-14 1738176]
S3 MixedRealityOpenXRSvc;@%SystemRoot%\system32\MixedRealityRuntime.dll,-101; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2024-03-19 239520]
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2022-05-07 79920]
S3 NPSMSvc;@%SystemRoot%\system32\npsm.dll,-100; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
S3 P9RdrService;@%systemroot%\system32\p9rdrservice.dll,-102; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
S3 P9RdrService_3866c;P9RdrService_3866c; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
S3 PenService;@%SystemRoot%\system32\PenService.dll,-100; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
S3 PenService_3866c;PenService_3866c; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
S3 perceptionsimulation;@%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101; C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe [2023-10-29 241664]
S4 AppVClient;@%systemroot%\system32\AppVClient.exe,-102; C:\WINDOWS\system32\AppVClient.exe [2023-10-29 771584]
S4 DialogBlockingService;@%SystemRoot%\system32\DialogBlockingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2022-05-07 79920]
S4 HfcDisableService;@oem18.inf,%HfcDisableService.ServiceName%;Intel(R) RST HFC Disable Service; C:\WINDOWS\System32\DriverStore\FileRepository\iastorac.inf_amd64_9c788f1d162b1224\HfcDisableService.exe [2021-02-09 1916808]

-----------------EOF-----------------

[Rudy]

Zdravím!
Dejte logy FRST+Addition: https://forum.viry.cz/viewtopic.php?f=13&t=154679 . RSIT není plně kompatibilní se souč. 64b systémy. Děkuji.

[stoupa101]

Kratce po spusteni se program zavre, teplomer dojede zhruba do 5% a jedine co mi zapise do FRST.txt je:
(Whitelist vse zaskrtle, Optional scan jen Addition.txt)

EDIT: zkousel sem vyskrtnout vsechny volby a vysledek stejny.


Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 19.03.2024
Ran by Stoupa (administrator) on OCELOT (Dell Inc. Precision 7740) (19-03-2024 20:01:26)
Running from C:\FRST\FRST64.exe
Loaded Profiles: Stoupa
Platform: Microsoft Windows 11 Pro Version 23H2 22631.3296 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

========================================================

[Rudy]

Měl by fungovat v defaultu tak, jak ho stáhnete. Pokud nefunguje, zkuste nejdříve spustít. ADWCleaner:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

[stoupa101]

# -------------------------------
# Malwarebytes AdwCleaner 8.4.2.0
# -------------------------------
# Build: 03-04-2024
# Database: 2024-03-04.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 03-19-2024
# Duration: 00:00:06
# OS: Windows 11 (Build 22631.3296)
# Scanned: 32094
# Detected: 17


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

Preinstalled.DellCommand|Update Folder C:\Program Files\DELL\COMMANDUPDATE
Preinstalled.DellDigitalDelivery Folder C:\Program Files (x86)\DELL DIGITAL DELIVERY
Preinstalled.DellSupportAssistAgent Folder C:\Program Files\DELL\SAREMEDIATION\AGENT
Preinstalled.DellSupportAssistAgent Folder C:\Program Files\DELL\SAREMEDIATION\AUDIT
Preinstalled.DellSupportAssistAgent Folder C:\Program Files\DELL\SAREMEDIATION\PLUGIN
Preinstalled.DellSupportAssistAgent Folder C:\Program Files\DELL\SUPPORTASSISTAGENT
Preinstalled.DellSupportAssistAgent Folder C:\ProgramData\DELL\SAREMEDIATION\AUDIT
Preinstalled.DellSupportAssistAgent Folder C:\ProgramData\DELL\SAREMEDIATION\PLUGIN
Preinstalled.DellSupportAssistAgent Folder C:\ProgramData\DELL\SUPPORTASSIST
Preinstalled.DellSupportAssistAgent Folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DELL\SUPPORTASSIST
Preinstalled.DellSupportAssistAgent Folder C:\ProgramData\SUPPORTASSIST\CLIENT\TECHNICIANTOOLKIT
Preinstalled.DellSupportAssistAgent Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E7D4B03F-CB86-4D2C-815D-94AFB72AF7EE}

[Rudy]

Tohle je OK a já si začínám myslet, že je problém v samotném systému. Do příkazového řádku napište:

sfc /scannow

a odentrujte. Proběhne sken a případná oprava systémových souborů.

[stoupa101]

je to trosku vetsi

[Rudy]

OK, něco bylo opraveno. Zkuste znovu logy RSIT a Addition, bude-li možno je provést.

[stoupa101]

FRST jede uplne stejne cca 5% teplomer a konec v textaku jen hlavicka

[Rudy]

Tak je asi problém někde v systému, který neodstraní ani opravný sken, nebo jde o HW záležitost. Zkusíme tedy kontrolu pomocí AVPtools: http://www.viry.cz/forum/viewtopic.php?f=29&t=58179 . Utilitu stáhněte, spusťte , nechte pracovat a po skončení akce smažte vše, co najde. Uvidíme, jak se bude chovat. Tento sken je možné v případě potřeby spustit i v nouz. režimu.

[stoupa101]

Nic nenasel, poue se nemohl dostat do nekterych zamcenych souboru.
FRST - stejny vysledek

[Rudy]

OK. Pokud je to možné, proveďte obnovu systému k datu, kdy korketně fungoval. Pokud to nepůjde, bude třeba rpovést návrat do tov. nastavení se zachováním vašich souborů.

[stoupa101]

Tomuto kroku jsem chtel zabranit, ale vypada to jako jedine mozne reseni. Budu ho muset nechat na pozdejsi dobu, jelikoz nastaveni WSL, virtualizace, klicu a VPN pred dobou kvuli praci nebylo jednoduche (vse v tu dobu behalo dobre) a nedokazu urcit kdy se to zacalo zhorsovat, jen se to "zhroutilo" za poslednich 14 dni pomerne rychle. Poprosil bych jestli se muze toto vlakno nechat odlozene, nez nastane vhodna doba na pokroceni se zjistenim problemu. Rad bych zjistil pricinu.

Dekuji za spolupraci

[Rudy]

Určitě mohu. Při obnově systému k určitému dat přijdete jen o sw, který byl instalován mezi oním datem a současností. Při návratu k tov. nastavení jsou pak 3 možnosti: se zachováním vlastních souborů (přijdete jen o dodatečně instalovaný sw), bez něho a totální reinstal. Nemáte zač a zatím se mějte!